Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - Code Refugee

Pages: [1] 2 3
Loco Stories / Humor / voracious carnivorous australian sea lice
« on: August 07, 2017, 05:01:24 AM »
A guy in Australia had his feet bloodied by what doctors think is something called sea lice.

Loco Stories / Humor / fascinating 1893 novel
« on: July 14, 2017, 03:57:08 AM »
"Baron Trump's Marvellous Underground Journey" by Ingersoll Lockwood, published 1893:

In 1896, Ingersoll Lockwood, whose day job was an Attorney in New York, published a book predicting the future:

"1900; or, The Last President"

It talks about the US under attack by Antifa after the election of a controversial president.

Discussions - Public / Current and Recent SyFi Shows Worth Watching
« on: July 02, 2017, 05:26:33 AM »
Only related to TV as a theme, the latest episode of Dark Matter introduces a bad guy thug character named "Gorn".

Since we are a tight knit religious community based around the communochaotic teachings of Kek, I thought I would share with my fellow community members a secret ritual device I created that has served me well in many different scenarios.

Many times when processing user data it would be very convenient for the user to be able to enter their own formulaic expressions and evaluate those down to a real number, just like a spreadsheet does.

But a danger is that malignant users are clever at constructing input that escapes the pen, roots the server, and exerts its own control. Thus they must be sanitized and sandboxed, a tedious and error prone process.

Thus here is a simple expression evaluation that can handle arbitrary user input without allowing escalation of privileges or access to system functions.

Code: [Select]
def calculator(expression, **context):
    context.update({"__builtins__": {}})
    return float(eval(expression, context))

This is remarkably short code for all that it does. In Python, eval() evaluates python code given as a string. As we know, this is a very dangerous practice when the string comes from outside our control! Normally eval() inherits the symbol table from the point it is called, which includes lots of dangerous things like access to system functions. Fortunately eval() has an optional second argument that overrides that symbol table. Unfortunately if eval() is given a symbol table without the built in functions, it adds them in itself. Fortunately, if you specify the built in functions reference to be nothing, then it short-circuits that and no surrounding context, not even built-in global functions, are pulled in.

In addition to short-circuiting the built-ins, it's also nice to be able to easily supply specific symbols that are useful for a particular expression. We do this through the use of Python's keyword-argument (kwarg) facility for functions, which allows functions to have arbitrary numbers of named arguments.

Here's a couple examples of use.

Code: [Select]
>> print calculator("2+3.01/97")

>> c1 = 101.2
>> c2 = 0.3
>> print calculator("2*a+34.1*b", a=c1, b=c2)

This makes it easy to allow people to specify arithmetic expressions in fields that normally handle plain numbers. And to handle to a certain extent named constants or variables, but only the ones that are explicitly specified by the program.

Note that eval() will fail if the users gives an invalid expression, so one may wish to handle thrown exceptions from the calling function, or do this:

Code: [Select]
def calculator(expression, **context):
      context.update({"__builtins__": {}})
      return float(eval(expression, context))

Shadilay my brothers!

Discussions - Public / camera experiments
« on: April 24, 2017, 01:53:35 PM »
A long time ago I had a really fantastic pro camera. I learned that for the low light and night time photography I favored I should use Fuji 400 and Fuji 800. I got a great tripod and a several exquisite lenses.

Well what can I say. The age of film is over. And I haven't felt like buying any of the costly high tech cameras. I also hate cell cameras since I don't have dials where I can adjust aperture setting, shutter speed, and iso rating of the film.

This year I got a small ARM board, installed Linux and a bunch of camera sensor and image processing libraries, along with a fairly decent CCD sensor I got from some random dude in China. Assembled my own camera and took charge. I have little pots that I programmed to set in real time each of the parameters I like, and I have a tiny LCD screen on the thing that gives real time previews.

I am absolutely positive this is not as good as the latest Canon pro cameras.

But I have way more control than an iPhone.

I'm not unhappy. I feel like I am in control again.


Presented with simple code challenges, an evaluation of Indian CS graduates seeking employment found:

* Less than 40% of India CS graduates can write any code whatsoever that compiles at all, much less runs or is correct.
* 4.77% of India CS graduates were able to write simple code that was actually correct.
* 1.4% of India CS graduates were able to write simple code that was both correct and reasonably efficient.

I'm pretty stoked about these specific numbers because when that old 1% rock star meme comes up for years I have been using these exact numbers that I pulled out of my ass to say that the top 1% are the guys that are sort of OK, and only 5% are competent to write working code at all, the bottom 95% are literally useless. In my case though I don't tie it to ethnicity. American university grads that are in the job market are just as stupid and incompetent. Most of them are asian though, but whether white or asian doesn't matter, 19 out of 20 job candidates can't do anything at all. I think it's been said that it's sort of self selecting recycled failure as the losers are more likely to be out of work. Yeah probably so but still I don't think the raw numbers are good either.

We work at places that are in business so we have survivor bias. We look around and we work with people who are at least minimally competent. They may be terrible but they can eventually get something to work. Out there in the general populace of developers though most people have literally negative productivity in that they can not produce anything that works, but they take up other people's time.

One thing I am sure of. Those of us that survived because we're actually competent are massively underpaid, no matter how much we are paid. Guys that can't do anything are all over the place pulling in 6 figures. If you can actually do anything aren't you worth more? I say yes. Problem is companies still are incapable of recognizing or evaluating actual skills and competence.

Loco Stories / Humor / Global Hide and Seek
« on: April 14, 2017, 10:52:47 AM »
You may recall that last month Shia LaBeouf essentially challenged 4chan to play capture the flag with him, with the entire United  States as the playground. 4chan handily won the game in only a day by analyzing sunrise time, star patterns and flight contrails shown in the blue sky behind the flag to find his flag at a remote farm in rural Tennessee and swap it with a Pepe tee shirt.

LaBeouf then decided to expand the challenge globally and went into hiding somewhere in the world, unspecified, with no sky shown. Global Hide and Seek: The Ultimate Challenge!

Their only clue was images of LaBeouf in front of a nondescript looking wood paneled wall... like one would find in a cabin somewhere. No sky to be seen, no stars or sunrise or flight contrails as clues. Impossible? Of course not! The species of wood, the cold weather clothing, and the hours they are active used narrows it to a part of the world...

4chan rapidly figured out he was in the Arctic... he was in Finland... he was on the Sweden/Finland border, then...

There's around 3000 rental cabins in Lapland, we just need to match wood patterns, easy enough. the specific cabin he was in.

These autists finding someone in a cabin within a day...

Remember the massive cost of the hide and seek game we played with bin Laden? I think it cost over a trillion dollars to find him, and hundreds of thousands of people died.

4chan did the exact same thing at zero cost and no casualties, just all for the lolz.

Discussions - Public / the impossibly hopeless task of anonymous polls
« on: April 09, 2017, 10:18:38 AM »
A little while back I was asked to implement something to do polling. Among polls of interest are polling employees, polling customers and polling the general public.

The general problem to avoid is people voting more than once and gaming the poll.

We know this is a big problem since the media is constantly having polls with responses that turn out to be bogus, such as who are you going to vote for in the next election, even when they do random phone screening. However, I think random phone screening is pretty solid if you do a big enough sample, the problem was with their "adjustments" to the raw data in order to push their agenda. Let's assume that's not a problem here, we're going with the raw counts and now skewing. Also not concerned with whether the sample is a valid cross section in this case.

When big companies get their polls games we laugh at them. The general public says Clinton has a 99% chance of winning. The general public wants the boat to be named Boaty McBoatface. The general public says their new chip flavor should be an ode to Hitler. Well obviously none of these things were the actual opinions of the general public. The polls were either rigged or culture jammed. What idiots the poll workers and tech guys are. Obviously they used dumb tech noobs. Surely if they implemented simple safeguards none of that would have happened. However, whether they are noobs or not, the problem they are up against is a lot more of a challenge than most people suggest with solutions such as "just require user accounts", "just collect a cell phone number", "just use captchas", etc. and so forth.

Now the case of polling employees reliably is not a hard problem. We know who those employees are and they can be assigned a voting token that allows them to vote once, anonymously. If you have an employee email account on the system I can see that and that you're current, and there's not a bunch of fake accounts or such since accounts are handed out, and not grabbed by random anonymous people. Works probably the same as online election engines in some countries I imagine. Sure maybe their spouse or friend voted, but that's Ok, the problem is with multiple votes, and non-existent people voting, both which are the same problem.

Polling customers is similar to polling employees and is handled in a similar way. So no problems there, other than that of trust - some people don't trust that the system is anonymous and their opinions won't be tracked back to them, so they don't vote. Also people who think they don't care about an issue are less likely to vote. Their not caring can be a useful data point but it's OK to just assume that from their non-vote that they accept the results in advance.

The problem of polling the general public is very different from either of these.

Now a phone poll is maybe a bit more reliable. 4chan can't game it. Maybe you call the same person twice on their two cell phones, but that's not them gaming the system and isn't really going to affect results much.

But anything involving user created and selected accounts open to the general public can be gamed and subverted by a motivated opponent. And that opponent doesn't even need financial incentive. 4chan in particular will spend infinite hours gaming a system to make sure the new Doritos flavor is called "Hitler Did Nothing Wrong". These guys are far more motivated to game systems and have the ability to do so than the most motivated state actors pushing an agenda for actual personal gain. 4chan's motivation of getting "lolz" is much stronger than any other force.

Anything involving cookies and ip addresses can be gamed as well.

The only thing that works at all is weaponized tracking. By this I mean methods of dodgy legality such as persistent zombie cookies that take advantage of security defects in Flash and in browsers, browser fingerprinting, and using toolkits of dubious origin that are able to break the veil of Tor secrecy. And these methods work and you get more valid survey results if used, and you'll definitely find that any survey that becomes notable is massively gamed.

To be clear, I am not asking for any advice at all and don't want any. This is just sharing info, like a public lecture. I feel I've been all up and down studying and experimenting with this for some time. The issue isn't I need advice, the issue is that I understand the fundamental problem and I have an insight to share with you: it's impossible to have a valid anonymous public vote unless you resort to underhanded back door NSA style tracking methods.

Discussions - Public / H1B Predator destroys Uber
« on: February 27, 2017, 07:46:48 PM »
So this guy Amit Singhal was born in India. Came to the US for school, ended up staying on one of those sorts of visas. OK, not H1B, but it's like H1B. He works at Google from 2000 to 2016 where becomes a fellow of Google and the ACM. However, at Google he sexually harasses employees there and is dismissed because of it.

He then is hired as engineering VP at Uber, but he lies to them about why he left Google. At Uber he continues his predator ways, creating lots of problems for them. And he is eventually fired after the company loses value due to employees and former employees talking about Uber's nightmare of misogyny and sexual harassment from executives...

This all appears to be as a result of the investigation by former USAG Eric Holder into Susan Fowler's complaints about Uber. (

However, Susan says she left Uber in December 2016 after a year of harassment.

Amit Singhal started working at Uber in January 2017, after Susan left.

Looks like Holder found a fall guy.

What's the name of the real executive that harassed Fowler? Cos that guy isn't being fired.

Loco Stories / Humor / Tinder for Orangutans
« on: February 01, 2017, 06:26:49 AM »
So there's a repository of available breeding males on the international orangutan zoo breeding network. It includes videos of the males. Females often don't like the males they get so now they show the videos to the females and try to gauge their reactions. Problem though is the tablets are completely destroyed by the orangutans within seconds. So the zoo is now saying they need an "orangutan proof tablet" so that orangutans can browse "tinder for orangutans".

Now there's a product opportunity of sorts. But honestly, how many of these things could you sell? This combines two common scenarios. One, someone wants someone else (you maybe) to create a tech design that is incredibly obscure and will take a lot of research to produce. (For one thing you'll need to acquire orangutans and wild animal licenses just to do the product testing.) Two, the client is a non-profit organization that surely is going to argue that you should simply donate the product to them.

Discussions - Public / how to make a fortune from startups
« on: January 31, 2017, 06:48:55 AM »
Neat article about a Canadian college student who has been very successful by looking at the best funded Kickstarter products for relatively simple projects, and then cloning their product using Chinese factories, beating them to market, and wiping out their market by saturating it. Then moving on to the next one, already underway.

It's interesting because as we know most of these Kickstarter "idea guys" have absolutely no idea about manufacturing or product fulfillment and flop around like a beached squid for months and years as they miss their deadlines, and finally go under with all the cash long gone on boxes filled with several revisions of broken prototypes with slight errors.

This guy actually grabs their designs, gets them manufactured and shipped, and sells them for a lower price.

Why shouldn't he get all the dough.

Ideas are worth nothing. Execution is worth everything.

In a lot of cases he doesn't even have to do the design. Chinese factories already have most kickstarters cloned within days of their being announced. This guy usually just has to find them (example), order product samples, pick the best one, and place an order. All the Chinese really need is someone to market and brand their cheap clones and speak english to customers and this student is that guy.

You can talk to economists that are 60-years-old and they'll tell you, "Oh, yeah, if you open up a business you should aim to be profitable within 18 months." None of that is relevant anymore. You can be profitable within four days.

Now there's a real money quote.

Discussions - Public / LED lighting: the first year
« on: December 28, 2016, 06:00:42 PM »
This year I replaced most of the bulbs in my house with LED lightbulbs. As old ones failed, I swapped in new LEDs.

I had gotten one-off LEDs as experiments in previous years occasionally, but the light quality and flickering was poor, plus other issues.

This year I had gotten some Phillips at Home Depot and the color was good and no flickering, so I figured the tech was OK now.

I also got some other brands.

Altogether I replaced 24 incandescent and CFL bulbs with LEDs. This required the purchase of about 36 LED bulbs due to some being unsuitable or failing.

I found the following:

One set of direct-from-China bulbs were unusable. They had a clear cylindrical cover and exposed LEDs. They buzzed, had a weird color, and got super hot. Put them on a Watt-O-Meter and they were pulling over 100W, even though they were 60W replacements claiming to draw 10W.

I installed very costly solid state LED dimmer switches ($30/switch) and put "dimmable" LEDs in three rooms. Non-dimmables don't work with these switches. Dimmables work, but  anything less than full brightness, they buzz and flicker and go in and out. This was true for several brands of dimmable LEDs. You can't hear the buzz if the air conditioning or central heating is going, but when it's quiet it's very distracting. The random changes in light intensity and flickering are more of a problem than the noise.

Within six months, 3/4 of the bulbs have failed. Some failures are going dark, but more common is erratic flickering, going bright and dim randomly in a distracting manner, to the point that the bulb has to be tossed.

Overall, I have spent VASTLY more on these bulbs than I have saved in electricity.

The Phillips and GE brands were OK. The store, oddball, and other brand stuff 100% of those had problems.

Overall, I am dissatisfied. We used to make light bulbs in the US. NONE of the LED brands are made in the US, they are pretty much all Chinese, perhaps due to rare earth elements. But CONGRESS passed a law making domestic (incandescent) light bulbs ILLEGAL. Congress is a jobs killer.

The ones that haven't failed I am hoping will last a while. However, given that these things claim to have 15-25-50 yr lifespans, I think this is bogus. Also I want to note that the typical "15 yr" bulb has a "warranty" of 3 years, AND you have to pay shipping TO and FROM the factory to get a replacement, which will cost more than a new bulb. So the warranty is useless.

Overall this seems to be a giant scam and rip off.

Discussions - Public / Voting is complete in Columbus, Ohio
« on: October 17, 2016, 06:22:44 PM »
Good news Gorn, you already voted for Hillary.

Small problem, the photo of the ballot box has a very poor photoshop job of "ballot box" pasted onto the photo.

Bah, original of the photo was found - taken in England in 2015.

"Never mind."

(CR backs out in shame at his own gullibility.)

Discussions - Public / Is Math Racist?
« on: September 09, 2016, 02:10:18 PM »
Math IS racist!

"Math is racist: How data is driving inequality"

 :) :) :D :D ;D :o :-\ >:( :-\ :'( :blank: :)

Pages: [1] 2 3