The Terrible Tinkerer

Two things have been on my radar recently… first, Mr. Jalopy’s ‘Owner’s/Maker’s Bill of Rights’, which is discussed in a Wired News article here (,70735-0.html).
Unrelatedly, I’ve been thinking about the direction that a lot of technology seems to be taking. I feel like, five or ten years ago, a decent desktop computer was chunky enough for pretty much any thing you’d want to do. Now, by contrast, a game console or a DVR has a lot more under the hood than an average computer, unless you’ve built your computer specifically for gaming or video capture. I feel like this is a trend– towards powerful, specialized technology.

To repeat something a lot of other people have been saying, this technology is only worthwhile inasmuch as you can take it apart and rejigger it, or hold on to it and use it for spare parts a few years down the road. Though this seems obvious, I don’t see any way that the Owner’s Manifesto or something like it will ever come to be widely implemented.

Somewhere along the line, PC components became standardized and interchangeable; hopefully the same thing will happen with gaming consoles and DVRs. (Not if the DMCA has anything to do with it, I bet) There’s got to be some way to help the process along…

Also, mad props to asp for making Oldblivion (, which has made me and my antiquated computer very happy this last little while. We need more things like this and Mount & Blade (


Scientific-Atlanta Explorer 8300

I was interested in fucking around with/voiding the warranty on my new Scientific-Atlanta Explorer 8300– I’d be most interested in figuring out a way to mod the UI, which is pretty profoundly shitty. I checked out the stuff Scientific-Atlanta has on its website, but that was rather unhelpful (it’s mainly about deployment and distribution).

what we have dreamed of, sleeping and waking

“For too long typographic style and its accompanying attention to detail have been overlooked by website designers, particularly in body copy. In years gone by this could have been put down to the technology, but now the web has caught up.”

Finally someone is working on adapting Bringhurst to the web. It’s just getting started, but it looks like it’s for real. Check it out here (

the h-word

I just got back from Notacon in Cleveland this weekend, and it has me thinking about the word ‘hacker’ quite a bit. (I’d like to claim the title for myself, but I don’t really think that I have the technical acumen– though I try)

I’ve been reading the third edition of O’Reilly’s ‘Practical Unix & Internet Security’, and I was pissed off by how glibly they dismiss the term hacker. Their gloss: “Today the confusion over the term hacker has largely been resolved. While some computer professionals continue to call themselves hackers, most don’t. In the mind of the public, the word hacker has been firmly defined as a person exceptionally talented with computers who often misuses that skill. Use of the term by members of the news media, law enforcement, and the entertainment industry has only served to reinforce this definition.” (Introduction to Chapter 1)

This is far too glib, and far too dismissive, I think. Despite the common, non-technical use of the word, hacker is a useful term, and meaningfully describes a set of people (especially the group of people who describe themselves as hackers).

On the other hand, the definition in the Jargon File and elsewhere (within the culture) is overly rosy. (At some level, I think the definition in the Jargon File is more prescriptive than descriptive– it doesn’t accurately capture the grammar of the word. This may be intentional, or it may just be that the sense of the word has evolved). This definition is just too general, as well.

Coming up with an accurate definition of the h-word isn’t easy. But I think you can describe what makes the hacker community different, and special.

Hacker culture is, above all, inclusive, bounded by angsty high school kids on one side, and white hat infosec professionals on the other. As a very general characterization, I think most hackers tend to be libertarian idealists (if that isn’t redundant) or anarchists in their twenties or thirties.

I think it’s fair to say that hackers define themselves to some extent by contrast with the great mass of IT professionals. One type of IT professionals is money-minded, bordering on venal, and I think it’s fair to say that most of these people work for big business maintaining SQL Server or some other shitty software. (I suspect that much of the anti-hacker antipathy comes from this quarter) Furthermore, there are many principled coders working in industry; here we run up against the distinction between open source people and hackers.

Most venal IT people do it because they figured out that they can make money doing it; hackers and open source people do it out of love. I think the difference between the open source segment and hackers is one of priorities: open source people worked on projects on their own time in college, but many of their projects languish once they hit the world of work. Open source people are at pains (and good enough) to cherry pick work that they approve of at a moral level. Hackers, by contrast, work to pay the bills while they work on their own projects.

These distinctions also have ramifications for OS choice. Hackers are (almost exclusively) Linux people, as are many open source folk. Venal IT people are frequently dismissive of Linux (fuckers), though this may change with IBM and big business’ embrace of Linux. My impression is that open source people respect OS X and use it, whereas hackers are less inclined to use it. This may also be a function of money.

Hackers are frequently interested in (or at least conversant in) security, and problems of security have important ramifications for the hacker ethos. Hackers run up against many of the problems encountered by scrupulous serious-minded people in other technical fields, but security has ethical ramifications that hackers, by and large, choose to ignore.

A contrast is furnished by Eric Meyer’s talk at Notacon. The proper implementation of CSS and responsible security implementation have run up against institutional and commercial barriers. Meyer talked about how impartial public shaming proved to be a fairly effective way of getting companies to do a better job of implementing CSS. At some level, this is what 2600 and others attempt to do, but they ignore the ethical problems of such an approach.

Hackers have a unique problem. It seems irresponsible not to tell companies about their security holes, but direct reporting of problems is seldom practicable. Nobody wants to hear that the security set-up they rolled (or worse, paid for) is complete bullshit, for one, and implementation runs up against problems of organizational hierarchy, even if the tech people would like to fix their problems.

On the other hand, it seems irresponsible for 2600 to swing wide the door to security exploits by publishing sensitive information. Such public shaming could provide the impetus for a company to set its house in order, but implementation takes time and energy. The 2600/hacker way of doing things is either irresponsible or naive.

At the same time, though, industry has been seriously derelict in selling companies snake oil ’security solutions’, and not educating the public more about security.

The problem is made even more vexing by the success of the internet, I think. It was different when the internet was a glorified research experiment, and not a driving force of commerce. Exposing flaws in an academic setting is completely different than threatening someone’s livelihood.

It would be different if enforcement and legislation were able to keep pace with technical innovation, or be somewhat more forward-thinking. (This might improve if less energy was expended on RIAA/MPAA bullshit) As it is now, the laws that get made are really shitty (anyone remember the DMCA?) and the people who get busted are either immature or undeserving of prosecution. Maybe this will change in the future, but it will be a long time coming. This all leaves hackers in something of a quandary.

Whatever the solution, acting naive isn’t helping anything. Hopefully the culture will evolve and become less simplistic as people in the culture get older– hopefully without losing the inclusiveness towards angsty high school kids.