Monday, January 30, 2012

Let's do biofuels right

kw: observations, biofuels, alternative energy

If you can't read the text in the image, click for a larger version.
This illustration from the November, 2011 issue of Discover deserves a wider audience. It is part of an article showing that it makes great sense to develop biofuel production using algae rather than "large plants" such as corn.

At present, algae can produce 5,000 gallons of biofuel per acre, ten times as much as making ethanol from corn. And we should not be turning food into gasoline anyway! There is little doubt that in the next decade or so the efficiency of algae can be improved, and also that effective methods for large-scale cultivation of the best algal species will be developed.

Sunday, January 29, 2012

Cybercriminal to the rescue?

kw: book reviews, nonfiction, memoirs, autobiographies, computers, cybercriminals

I used to live in a working-class neighborhood, and soon found out that my next door neighbor's children were all criminals. The parents were good and hard-working people, but their kids had all gone astray. One of their sons in particular was clearly a psychopath. He thought nothing of anyone's property, only of what might benefit him. He was also, you might say, the master of the short cut. This was evident in the way he got from place to place. If he was going to the street corner, once he left the door to the house, he went in an absolutely straight line, right across the front yards of about six homes. He was a very small-time criminal, really. Nothing so blatant as robbery, for example; his stock in trade was the sob story intended to elicit a "loan" that would never be repaid, and a little sneak thievery.

Many computer system hackers are primarily trespassers. They don't profit from their exploits, at least not in any monetary way. They do it for fun, or for bragging rights. Others are out for the cash, and modern "identity thieves" (to call fraud by another name) hone their computer skills purely for the money in it. As it happens, the most skilled hackers and crackers fall into the trespasser category; not being distracted by the money, they focus on developing their skills and building up their library of code used for compromising computer systems.

Kevin Mitnick is of this latter sort. In his most recent book, Ghost in the Wires: My Adventures as the World's Most Wanted Hacker, written with William L. Simon, Mitnick claims frequently that he never obtained money by hacking. He was in it for the thrill of going where he wasn't supposed to go. Breaking into a computer system is quite a bit safer than physically breaking into, say, an office building or bank or military base. However, he did do a little B+E when it was the only way to get information he needed.

This is a case of a man's hobby becoming quite an expensive proposition. Mitnick took low-paying jobs to get access to computer systems, which he would compromise in ways that helped him get access to other systems over the telephone network. All this was in the days before the wideband Internet connections that so many of us have. Early days, he was limited to phone modems that ran at 300 to 1200 bits per second, and later at speeds to 9,600 bps. Connections from computer to computer were sometimes trunk lines that ran at 1,560,000 bps (called T1), and access to such a level of communication was a precious resource.

He started out "phone phreaking", primarily social engineering (deceiving phone company employees), to get levels of access that would permit him to use long distance at no charge. Later he was able to get free cell phone service, at a time the typical charge was a dollar per minute. Now, right there it is clear that, while he may not have had cash pass through his hands, he defrauded the telephone companies out of thousands of dollars by cheating to get free services. So his "no money" claim is rather hollow. In fact, his heavy use of cell phones in the dollar-per-minute days almost got him caught when fellow employees wondered how he could afford to call so much on a $28,000 salary.

After entertaining the reader with a racy history of his growth as a phone phreaker, and his eventual ability to pretty much take over the operations of at least one telephone company, he turns to the efforts of law enforcement to stop him. He was first jailed at the age of seventeen, but avoided spending time at "Juvie". Instead he had a supervised release program, which ran a few years, under which he was supposed to avoid computer use. He just used other people's computers. From this point, he soon became a fugitive, living under several assumed names.

Part of the reason he did not get into deeper trouble when he was young was that there were few laws prohibiting what he was doing. Once the Federal and State legislatures took care of that little detail, the FBI got involved. He was on the run from the FBI for several years. Once he was finally caught (if I recall right, he was by then 31), he spent nearly five years in various lockups. Most of that time was occupied with various arraignments and legal maneuverings. Once he was finally offered a plea deal he was willing to take, he was sentenced to little more than time served.

It has been said of this book that it reads like a Raymond Chandler thriller. I reckon so; it was designed that way by the co-author. It is, at least, easy to read, a page-turner. It opens a window on an unusual mind. We find a person compelled to find a way around restrictions, a person without conscience; if he refrained from profiting monetarily, it was mainly because he lacks the gene for love of money. Money isn't the only thing a thief can steal. By committing theft of services, stealing source code files so he could better break into systems, and taunting system administrators, he stole peace of mind, he caused large sums to be spent tracking him down, and he cut into the income of a few large companies just as effectively as if he'd robbed the pay clerks at gunpoint.

So what is he doing these days? Still hacking, but with permission. He has become a security consultant! On the theory that "it takes a thief to catch a thief" (the theme of a briefly popular TV show some forty years ago), he is paid handsome sums to commit "white hat" hacking. If he is still one of the best—which boils down to, if he is keeping his skills up to date—then if a system is made "Mitnick proof", it is probably pretty secure.

The biggest lesson of the book is that the weakest link in computer security is the human element. People are too trusting. Mitnick's "career" was based on harvesting low-hanging fruit. A couple of phone calls would often garner him access to a supposedly bullet-proof system. There is still a lot of low-hanging fruit out there! You just gotta hope that none of it can be found at your bank or broker's office.

Periodically at work, some of us get strange e-mails, usually directing us to do something very slightly shady; these are "Phishing" e-mails. It has been publicized that there is a place we are supposed to forward suspicious e-mails. Those who do so are praised; those who follow the Phishing directions are reprimanded. It is one facet of a white-hat-hacking program my company has, to see how much low-hanging "social engineering" fruit there is. The answer is distressingly large. Even where paranoia is justified, not all are sufficiently paranoid. This keeps Mitnick, and security consultants in general, and in business.

Friday, January 27, 2012

A step toward green

kw: solar energy, analysis

The Antelope Valley in southern California gets a lot of sunshine year-round. A company called eSolar and the city of Lancaster, plus the State, teamed up to take advantage of some of it. The resulting Sierra SunTower can produce 5MW of energy by heating two "sun towers" with sunlight focused by 24,000 large mirrors.

The array is impressive, as seen here in a Google Earth image. The entire site was originally 20 acres (8 hectares), of which the mirrors (heliostats) and their supports fill 14.4 acres (5.8 hectares). Two cleaned-off fields to the east indicate the company's intention to increase capacity by 50%.

The facility is presently used mainly to provide peaking power, and that mainly during air conditioning season, to about 4,000 homes. 5 million watts / 4,000 = 1,250W per home, about one-third of that required to run a central air conditioning system. When it is not needed for that, it is used for various experimental purposes. It is the only CSP (concentrating solar power) facility in North America.

The system is a hopeful introduction to what is needed to go for green energy in a big way. Peak solar input to the heliostat fields in June comes to about 32.5MW. Thus the areal efficiency is 15.4%, about the same as a ground-covering array of solar cells. In December, insolation drops to less than 19MW, and I presume that the system output also drops into the 3MW range.

How much ground would we have to cover to provide all the electricity needs for Lancaster city, provided that effective storage could take care of nighttime needs? City population is presently 157,000, so there are about 50,000 homes. I'll assume that half of these are single-family and half are apartments or condos, which require about 2/3 the energy of a detached home.

Assuming effective storage, the energy needed for a detached home is 2.7kW on a long-term basis during midsummer, and a little less during midwinter. Let's simplify matters by sizing the system for 3kW per single-family home and 2kW per condo or apartment. That comes to 250MW for all of Lancaster. A total of fifty SunTower facilities.

This shows a full section (36 square miles or 93 square km), which includes about 2/3 the city of Lancaster, and shows the SunTower facility just left of top center. It is not too intrusive just by itself, but what if we scattered fifty of these within the area of this image? Also, I couldn't find out what the construction cost of the facility was, but I suspect fifty of them would be a few billions of dollars.

Ongoing maintenance is a significant burden also. I read that the mirrors need cleaning after any windstorm that kicks up significant amounts of dust. Antelope Valley is short of water to begin with. How much water would be needed to clean 300-400 acres (120-160 hectares) of glass, once? That is just one element.

This is not to put down the effort. It is instead a clear-eyed look at the whole picture, so we don't go into such efforts with blinders on. We need to consider all aspects of a project like this, and put it in the perspective of the area it is meant to serve. 50x20 = 1,000 acres (400 Ha), or about 4.3% of the area shown in the image. That's what you need for a total solar solution, whether it is CSP or photovoltaic.

I am really a fan of solar energy. Solar cells also need cleaning, just as often as mirrors. I have invested in wind energy in the past, and at least windmills don't need frequent cleaning, but the "supply" is quite mercurial. CSP and solar cell technologies are at least beyond break-even, while wind is not, just yet. We need to put all these together with further innovation to survive the exhaustion of our fossil fuels, which is certain to happen during this century.

Wednesday, January 25, 2012

A state of disarray

kw: politics, speeches, president

I am not so quick on my feet. After the president's State of the Union address last evening, I had to sleep on it. Starting an hour ago, I had a look at a few articles and videos about it. I still do not know what to think about most of it.

It was, of course, a campaign speech. There are but forty weeks to go until November 6, and how this gestational period will work out is anybody's guess. Perhaps this is why, while he defended his health care legislation, he didn't spend more than a few seconds on it.

He appealed instead to the middle class, whatever is left of it. To hear him tell it, the country consists of "hard working folks" making minimum wage and "millionaires", now defined as those who earn $1 million yearly, rather than those whose net worth exceeds $1 million. This latter figure describes quite a number of "middle class" folks who have been diligent to build up their 401(k) or IRA, and have a few hundred thousand dollars in home equity built up.

So, targeting the newly-defined millionaires, the President proposed that those earning $1 million or more pay no less than 30% of their gross income in taxes. So many have pointed to Mitt Romney's 15% tax rate last year as "unfair". I don't see how; he paid around $3 million in taxes. He earned several hundred times as much as I did, but he paid almost twice as much of a percent in taxes (my 2010 taxes were 8% of my gross income). My colleagues at work pay between 7% and 9% of their gross income in taxes, and our "admin assistants" (secretaries) pay between nothing and 4%.

Sure, I am in the 28% or 33% tax bracket, but that is only on the last few dollars I make. Half of my income isn't taxed at all, because of deductions like home mortgage and charity, and my pre-tax contributions to a 401(k). Those who make millions can't shield as much of their gross income as I can, so they get taxed more already.

Something the President will never say out loud: The "one percent" at the top of the income ladder already pay 40% of the total income taxes. If we took all their money, it still would not meet the need. So even though I am a Republican, I bridle at the fact that nearly half of working Americans pay no income tax at all, and a few percent of them are paid a kind of welfare called the "earned income tax credit." Call it negative taxation. With the Federal Government typically spending around 22% of the GDP, total taxes, mainly corporate and individual income taxes, have to total this amount to avoid deficits.

Of course, it is also not being mentioned that with the massive bailouts initiated by President Bush and continued by President Obama, the Federal government has been spending more than 100% of GDP in some years. That's how we went from a $1 Trillion national debt to a $14 Trillion national debt in just a few years.

OK, another subject. The President talked about "clean energy". He hesitates to say that we have to use a bunch of dirty energy to create the infrastructure for clean energy. A poster child for clean energy used to be the Sierra SunTower in Lancaster, California. It isn't mentioned much lately, because it is so seldom being operated. It turns out to be too expensive to run full time, so it is only operated for peak times, which are rare in the rather moderate climate of the high desert. And it turns out that the mirrors need frequent cleaning, which takes a lot of water, something in short supply there. I wonder what army of window cleaners they have, to clean more than 26,000 mirrors! Each is the size of a large picture window.

I have mixed feelings about another subject, the use of a "peace dividend" from the end of the Iraq war to engage in "nation building right here at home." Nation building is as much about political challenges as technical ones. The kind of nation building I'd like to see is to pass an amendment that requires every citizen to obey the same laws, abolishing the special retirement plan that exempts Congress from Social Security, and repealing all laws that they themselves are exempt from.

I was kind of hoping for the President to have a Clinton-like laundry list of things he'd like to accomplish. Then I could have something to cheer on. He is a likeable guy and I hate to put him down. But he seems to be paving the way for a big put-down of his own, by being a divisive President rather than a unifier.

Tuesday, January 24, 2012

Cyber construction

kw: observations, computers, computer security

I've been reading a book about computer hacking, the criminal kind. I find it remarkable just how easy it is. Most of the exploits we've read about have, as their underlying secret, a bit of social engineering. Someone got talked into revealing a password. In any operating system, there are a great many vulnerabilities, but it is typically easier to deceive someone to get access. Our human monitors need our support, because they are both the strongest and the weakest link.

There are problems in general with writing computer software. Computer code is remarkably fragile. A programmer (or programming team) has to think of literally everything that the program may be faced with, and write specific code to respond appropriately. A saying has been going around for years: "If we built houses the way we write computer programs, the first woodpecker that came along would destroy civilization."

I realized why this is so: the materials of construction do not have innate properties that help a program builder achieve his or her objective. If you build a house using stone or brick, the characteristics of the materials automatically assure a basically secure structure. You don't have to worry about (most) people blasting their way in through the wall, you just have to worry about making the doors and windows secure. Think of the three little pigs. The only weak point in the brick house was the chimney, and it was small enough to be defensible.

People have been learning how to build with stone, brick, wood and other materials for thousands of years. It was largely a matter of learning which material has what properties. Computer code has no intrinsic properties that can help you. We have been building software for only about seventy years (except for Ada Lovelace, who wrote software in the 1840s). We have no "stones", so we have to invent them. Software libraries provide building blocks that make programming easier, but there is still a problem. Most of those "building blocks" are still made of "jello". We haven't truly thought of everything yet.

This is because computer code is inherently bosonic, rather than fermionic. A digression into particle physics is needed:
  • Bosons obey Bose-Einstein physics and, in particular, can pass through one another; many can occupy the same space simultaneously.
  • Fermions obey Fermi-Dirac physics and, in particular, cannot pass through one another, but bounce off one another; two fermions cannot occupy the same location.
Light is made of bosons called photons. Matter is made of fermions such as protons, neutrons and electrons.

In cyberspace, everything is bosonic unless you specifically write fermionic properties for it. An environment such as Second Life has to be very carefully written, with a good "Physics package" to ensure that you don't walk through a wall. Otherwise, walking through walls is the norm. Buildings would not need doors. Our best security software is an attempt to produce a solid door. Sadly, even the best "firewall" software is a bit softer than the average piece of Balsa wood. If you can't prevent a break-in, you at least have to make the firewall "noisy" so it lets you know when it was broken through.

At my company, a double-layered firewall scheme is used, with plenty of very "noisy" alarms to log entry attempts (or entries), but the key to keeping our environment secure is a large contingent of people who spend all day, every day monitoring the noisemakers and snooping on the incoming traffic. Intrusions still occur, but it's a crack team; not much gets by them, and never for very long.

Thus, people are still the key to good security. Imagine if the front door to your house was made of rice paper (like the internal walls of Japanese houses). You'd need a hired team of bodyguards to keep strangers out. People are fermionic; things bounce off and stuff can't pass through unnoticed.

Until our software libraries include truly bullet-proof code, we'll continue to need human monitoring of everything. That's why you need to have strong passwords (ten or more characters, MiXed CasE and with numb3r5, at the very least), but you also need to monitor your accounts and keep good relations with the folks at the other end who are tasked to also monitor things. A skilled social engineer may get past a company monitor, but if those monitors know you are watching, they are less likely to give in to the blandishments of a fast-talking impersonator.

Jesus said, "When a strong man, fully armed, guards his own house, his possessions are safe, But when someone stronger attacks and overpowers him, he takes away the armor in which the man trusted and divides up his plunder." A hint: hackers are clever, but not strong. Guard your own stuff.

Monday, January 23, 2012

Perpetual peril

kw: book reviews, nonfiction, memoirs, allergies

My first memory of my youngest cousin is of a toddler in a show suit, crying because of a bad coughing fit. Asthma. I soon learned she was living on Rice Krispies and goat milk. When we ate pizza she couldn't eat in the same room, because airborne flour dust might bring on an attack. This was in the days before the EpiPen. Her parents bought Benadryl by the quart jar. She had desensitizing shots three times a week for decades, and was able to eat her first half-slice of wheat bread at the age of twenty. That same year, she had her tubes tied, telling us all later, "I wouldn't wish my genes on another generation."

Sandra Beasley, author of Don't Kill the Birthday Girl: Tales From an Allergic Life, has a more hopeful take on her future. She does hope to have children, and in late chapters of the book, ruminates on the precautions she might have to take if the baby can tolerate foods that she can't abide, when a kiss by her infant might kill her.

Throughout the book, we learn that for the severely allergic, paranoia is a way of life. She and those like her literally walk a minefield all the time. Just how closely can you interview the waiter or the cook before ordering a meal, and hoping that the knife used to cut your vegetables was washed after being used to cut a forbidden tomato? The severely allergic, using their bodies as probes of their environment, learn to detect the slightest tingle after having a tiny taste of something new. The devil of it is, a new allergic manifestation only erupts after that first taste, once your body has had a day or two to process all the new proteins and decide it doesn't "like" one of them. You are fine until that second taste. Day in and day out, you are your own experimental animal, your own "taster" for whom every cup may bear deadly poison.

Now imagine being a spouse or lover of such a person. Are you callous enough to sneak a square of chocolate just before greeting your inamorata with a kiss, knowing that a trip to the ER is likely to follow? Are you willing to keep a peculiar kind of Kosher household, for which nothing that is risky for the other can be allowed in the door? Not only so, when you are out and have a bite at the corner café, are you as careful as you need to be? It does no good for an allergic person to marry a similarly afflicted person; they are very unlikely to have precisely the same sensitivities, so they need to exclude everything that might endanger either one of them.

In the face of all this, Ms Beasley writes with amazing good humor. It would certainly be tempting to grow up with a pretty sour attitude, but she has not. She is attacking the problem head-on. One chapter recounts her attendance at a clinicians' conference sponsored by AAAAI (American Academy of Allergy, Asthma, and Immunology). Amid reporters interviewing doctors and looking for any evidence of a "cure" for allergy, she was trying to learn what she could about any new understanding of these syndromes. So far, less is known than anyone would like, and the recent "worms can cure it" hypothesis is also wanting; it helps some folks, but far too few.

Over time, she has built up a network of others who know allergies from the inside. The allergic need such support networks. She also keeps close tabs on the latest from FAAN and FAI (those are the Food Allergy and Anaphylaxis Network and the Food Allergy Initiative). That, and constant vigilance, plus a supply of Benadryl and a fresh EpiPen, are what it takes to live in a minefield.

Saturday, January 21, 2012

Opposite Hemispheres

kw: geography, photographs, earth

It has been said that Earth is a water planet. If your first view of the planet was from the perspective on the left, that would be quite justified. This screen capture from Google Earth is centered above 17°S, 150°W, to the southwest of Tahiti. The other image is centered above the antipode, 17°N, 30°E, in central Sudan. Here, "Earth" is more fitting. A view a little more to the East would show an even higher proportion of land to water surface.

These virtual views are from a simulated altitude of about 10,000 miles, or 16,000 km, roughly halfway to geosynchronous orbit. From much farther away, you'd be able to see most of North America in the "water" view, and most of South America and Antarctica in the "land" view.

Interestingly, the name for our planetary home in every language I know of is related to or derived from the word for dirt ("earth" is the much older word in English, though), even in languages of Polynesia and other island societies. The ground you stand on is your principal frame of reference! If we ever decipher dolphin languages, I suspect they will call their environment by a word derived from "water".

Friday, January 20, 2012

Dem dry bones gettin dryer

kw: book reviews, nonfiction, climate change, deserts

This view of the southern Arizona Sonoran Desert is not as bleak as it might be; there is actually a little green vegetation visible. This image, from the Desert Biomes page at Marietta College, must have been taken in June or earlier, when it is possible to wander about in the Sonora without getting heat stroke by noontime. By August the green is gone, as the plants await the winter rains.

Some years the rains never arrive. When average rainfall is less than a foot (30 cm) per year, it doesn't take much variability to really dry things out. Variability is the name of the game in arid landscapes. William deBuys investigates that variability, and in particular where the range of variation is expected to go in future decades with a warming climate, in A Great Aridness: Climate Change and the Future of the American Southwest. Whether you believe "global warming" is caused by people and their CO2 or not, it is clear that the global climate is warming. This warming is adding more energy to the atmosphere. How does this added energy manifest itself?

Thank George Hadley, colleague and rival of Edmond Halley (as in Halley's Comet), who nearly 300 years ago figured out that tropical heat powers atmospheric circulation in a band centered on the Equator. Warm, wet air rises (and rains copiously), spreads south- and northward, cools (and rains some more), then descends at around 30°N and S latitudes. This is now named for him, the Hadley Cells and Hadley Circulation. The descended air returns to the tropics, picks up a westerly trend from the Coriolis effect, and powers the trade winds. But what happens when cool, semi-dry air descends on those latitudes at the northern and southern limits of the Hadley Cells? It warms and its relative humidity drops dramatically. The result? The Sahara, Mojave, Sonora, Chihuahua, and Atacama Deserts, among others. The descending air makes it hard for moist air masses to relieve desert aridity. More energy in the atmosphere will mean larger Hadley Cells and drier deserts.

Author deBuys's book focuses on North America's great southwestern deserts: The Mojave, Sonoran and Chihuahuan Deserts of Arizona, New Mexico, Nevada and northern Mexico. The consensus of analysis related to a warming climate warns that these areas will get even drier as this century progresses, while the humid areas of the American east and northeast get wetter. The southwestern dryness will be the worst in Arizona. When you get away from over-irrigated Phoenix, Arizona is right about dead center in every concept of "desertness", with just under 10 inches (25 cm) of rainfall, very little vegetation, and year-round warmth that gets positively scorching in mid- to late summer.

A large part of the book centers on Arizona as the major element of the Colorado River watershed. By the time I left the Los Angeles area for the third time, in 1978, the tap water was getting pretty bad, being rather salty remnants of the Colorado River, picked out of one of the reservoirs (Lake Mead or Lake Powell), after having traveled 300 miles or so (~500 km) through the Grand Canyon, evaporating all the while, then evaporating even more while sitting in the reservoir. All that evaporating concentrates trace salts into a rather unpalatable excuse for something to put in your pipes. My most recent visit confirms that it continues to get worse. Angelenos are a huge market for bottled water from anywhere else.

What is happening to the Colorado River? This chart tells part of the tale.
This is Figure 2 from David Meko et al, "Medieval drought in the upper Colorado River Basin," Geophysical Research Letters 34, (2007), and downloadable here. The caption reads:
Time series plot of 25-year running mean of reconstructed flows. Flows are plotted as percentage of the 1906–2004 mean of observed natural flows (18.53 billion cubic meters, or 15.03 million acre-ft). Confidence interval derived from 0.10 and 0.90 probability points of ensemble of 1000 noise-added reconstructions. Horizontal dashed line is lowest 25-year running mean of observed flows (1953–1977).
The key datum here is the bold line at the right end of the chart, the observed flow of the Colorado River. It starts up quite high in 1906, drops quite low in the 1950s to '70s, rebounds to a lesser high in the 1990s, then begins to drop through 2004. It has been dropping ever since. Water policy for parceling out the river's water was set 100 years ago, based on measurements taken during the three wettest years, which led the policy makers to set a baseline flow as 17.5 maf (maf = million acre-feet) per year. Except for a couple of years in the 1990s, the river's flow has seldom exceeded 15 maf yearly. During the periods of original filling of Lake Mead and Lake Powell, not all the water was being used yet, so the lakes filled. They have been emptying for more than a decade, however. They are about half gone.

What will result from a more energetic climate? For one thing, the Hadley Cell will get a little larger, moving the northern limits of the southwestern desert northward a couple of degrees (~100 mi or 160 km). We are already seeing massive tree die-off in northern Arizona and New Mexico and southern Colorado. The trees are succumbing to a one-two punch: conditions called "drought" because they are drier than in the past have stressed the trees. Stressed trees are more susceptible to attack from boring insects. Too many insects leads to girdling of a tree, which then dies. Millions of trees have died. Millions more are expected to die.

A poignant note is found in a late chapter that tells of Mount Graham, one of several "sky islands". This isolated cluster of peaks is a good place to put telescopes. It is also the host to an isolated biome, and the only known home of an endangered species of small red squirrel. The whole species numbers about 300 individuals. Recent fires have reduced the squirrel's habitat by half (they also threatened a couple of the telescopes). A warming climate is making it harder for the animal's winter larder to stay fresh enough to last until springtime. Further warming may extinct the Mt. Graham red squirrel, making moot the years of litigation that preceded telescope construction. Not a happy outcome.

What does the author suggest? Time and time again he warns that the recent "drought" conditions are the new normal, and going forward, the cycle will include much deeper droughts, such as that reported by Meko and his co-authors. A larger, more energetic Hadley Cell will make the Sonoran Desert and her sister deserts possibly as dry as parts of the Atacama, where several years can pass with no rain at all. With this in mind, the ongoing rush of people into these regions is simply insupportable. Early in the book he suggests that cities like Tucson may find it necessary to forbid the installation of new water meters. "Y'wanna build the house, go ahead, but you'll have to truck in your water. No new meters." But late in the book he reports on one California town that banned installation of new meters. The market in existing meter permits took off, to the point that one sold for $300,000. Would you pay half or more the cost of your new home for its water rights? Somebody did just that!

I have been warning for a few years that, where the Twentieth Century was characterized by wars about territory, and later about energy, the Twenty-First will be the century of water wars. The political and regulatory situation in the American southwest, on a collision course with the drying out of the watersheds, could well lead to a new civil war in this country. Yes, I mean a shooting war: guns, bombs, and laser-guided cruise missiles and all.

It doesn't matter to what cause you ascribe the warming climate. Read this book to learn what is likely to ensue. And retire to someplace wetter than Arizona. I love the desert, particularly in winter. I like the feel of warm, dry air. But I also need to drink, and to bathe occasionally. I'll stay here in the humid northeast, thank you.

Thursday, January 19, 2012

Do the 99 percent pay more taxes than Mitt Romney?

kw: taxes, politicians

It is all over the news: Mitt Romney pays 15% of his income in income taxes. Commentators everywhere are complaining that many people who make less income are paying 28%-35% tax rates. Really???

Let's see. I am firmly in the 99% who make less than $200,000 yearly. Of my total gross income, I paid 8% in Federal income tax. Now, some of my income is in the 28% bracket, but I have a mortgage deduction, I tithe to my church, and I have a tuition credit for a son in graduate school, plus I am putting tax-deferred income into a 401(k). All this means that my taxable income is about half of the gross.

It was also reported not long ago, not nearly with so much fanfare, that 47% of the U.S. population pays no Federal income tax at all, and it wasn't even mentioned that a few million people take the "Earned Income Tax Credit", which gives them a "refund" when they have had nothing withheld. It is a kind of welfare payment without the name.

So let's see, 99-47 leaves 52% of the American public making between $20,000 and $200,000, and thus paying income taxes. Let's look at a couple scenarios, courtesy of the HR Block 2011 Tax Estimator.
  1. A 25-year-old married couple with no children eking it out on $20,000, with no deductible expenses. Their total tax for the year is $100.
  2. A 25-year-old single person who earns $48,000 and has $120 in interest income (a saver!), who also gives $1,200 to charity. The total tax bill is $5,780 (ouch), or 12% of gross income. Single people have the highest rates.
  3. Let's take the same person, now married, five years later, with three kids. No advancement, so the income and giving are the same, but now the tax bill is only $408, less than one percent.
  4. A middle-aged couple earning $100,000 with $1,000 of interest income and $5,000 of long-term capital gains (they got lucky in the market). They pay $10,000 in mortgage interest, and almost tithe, giving $10,000 to their church. Total income $106,000. Total tax $12,000, or 11.3%.
  5. Finally, a couple approaching the "1% level", who have combined earned income of %140,000, $1,000 of interest income, and $20,000 in long-term capital gains. They give less, $5,000, but have a McMansion that has mortgage interest of $30,000. Total income 161,000. Total tax $19,100 or 11.9%.
There you have it. Reasonable scenarios that show how the 15% Mitt Romney paid is by no means "unfair". In fact, he is paying more than most.

There is a second issue. That 15% is a second tax; to make the investments from which he is earning capital gains, he had to first earn money and pay taxes on it (perhaps at 15%, perhaps at 28 or 35%). Then when his investment earns money, he pays tax on the new earnings. If you make an investment that loses money, you don't get 15% back from the government for your losses, though you can use losses to offset gains, but if you have a net loss for the year, you are just out the money.

Let's pick some real issues to heckle the candidates with. This one is a phony issue.

Wednesday, January 18, 2012

Running out

kw: inflation, retirement, finance, analysis

My wife and I are at such an age that we think about retirement a lot. Can we afford to retire yet? Will our IRA's and other funds last long enough? Will there be anything left for our heirs?

We have reached one milestone I had set for myself: The sum of my company pension and the Social Security for the two of us will match our expected needs when my next birthday arrives. That's a good place to be, because it means that at least for a few years we won't need to touch the tax-deferred funds. How soon will we need them?

Inflation has been about 2.5% on average for a few years, but it has ranged between 1% and 4% in various months just in the past two years. Longer term it is more stable, averaged over a year at a time. While I hope it stays at 2.5% or less, it is wiser to plan for at least some periods of higher inflation rates, such as one caused by a real hit to energy prices (such as war with Iran).

Here are two measures that help my planning, without revealing specifics. Firstly, the doubling period. When prices double, the buying power of money has been cut in half. Secondly, we have a joint life expectancy of about thirty more years, so the 30th power of one minus the inflation rate (e.g., 0.975 for 2.5% inflation) yields the amount of buying power left in your fixed income. Of course, Social Security presently has COLA adjustments, but there is no guarantee that these will continue. These two measures produce this table:
Rate, 30y, Dbl
2.5% 0.468 28y
3.0% 0.401 23½y
3.5% 0.343 20y
4.0% 0.294 17½y
While it would be nice if the inflation-based doubling rate really lasted 28 years, I think it wisest to plan for 20 years or less.

Tuesday, January 17, 2012

A standing O at a debate?

kw: politics, debates

I like Juan Williams, but he was at his smarmy worst last evening, trying to trip up Newt Gingrich. To his leading question, whether the Speaker's suggestions about working might constitute an insult to the poor and the blacks, Gingrich simply said, "No, I don't." The next question was booed, and Newt's answer received a standing ovation. Williams was down for the count, rhetorically speaking, though he didn't seem to notice.

Give him time to figure it out; he'll get the point. As the author of Muzzled, he ought to know better. The public is tired of people dancing around troubling issues. They want straight talk, and that want was amply satisfied by the Speaker.

By the way, all the candidates did well, even very well, but if you are looking for a clear winner, go with the "applause meter" and award it to Newt.

Monday, January 16, 2012

Casinos everywhere

kw: gambling, gaming

In the local paper yesterday, I read an article about plans to build new casinos near here and in surrounding States. It seems Philadelphia will soon surpass Atlantic City as the #2 gambling destination in the country. But one after another the States are passing laws allowing gaming and casino construction, and the trend bids fair to fill the country with casinos. I suppose some folks' goal is to have everywhere in the country within a half hour's drive of a casino.

This trend will eventually be self-defeating. Everywhere, the same arguments are being issued in favor of casino construction, and the primary one is tourist dollars. But if people don't need to travel to gamble, most will choose to keep it local. The tourist dollars will dry up, and the local dollars will usually not make up the difference, because all the calculations are based on there being a small number of casinos compared to the demand. Once there is such an overabundance of supply, casinos will begin to fail.

Notwithstanding the fact that gambling is stupid, it is certainly very popular. The twenty-two states that permit gaming reported total revenues near $35 billion in 2011 (see here for more details). If twice as many gaming venues are opened, how likely is it that revenues will double? What is the total market for gaming likely to be if everyone can gamble locally?

Who knows, maybe we'll one day spend as much for gaming as we do for medicine (about $2.5 trillion); I can just hear gaming proponents salivating over that! Not likely, though. The market for entertainment is finite, and totals just over $100 billion for movies plus cable TV (90% of that is cable: see this summary). With those out of the way, gaming exceeds everything else. I don't see this as a good time to invest in the stock of casino operators!

Friday, January 13, 2012

Overconcentrated

kw: technology

I have read a number of articles recently on phones as the new electronic wallet, that will soon replace everything except maybe the large-screen TV (watching Avatar on a 3.6-inch screen is less than impressive). One title was "The End of Cash?", in which people said (on cue), "Oh, my life is on this little phone".

A few million phones are stolen in the U.S. yearly. A wise thief will attempt to snatch the phone either without your knowledge, or when you are far from help, so the race against time (the thief trying to crack your phone and get to your data before you call, on someone else's phone, to suspend service) is in his favor. And until you get a new phone and configure it, you're like an old-time traveler who has lost his Traveler's Checks and is 100 miles from the nearest embassy or AmEx office.

Meantime, paranoid that I am, I am quite happy with my flip phone from the days before smart phones. It makes phone calls, and it can do text. Period. If it gets stolen, the SIM card will contain nothing but a bunch of phone numbers. No apps that link to my banker and stock broker; no access to my retirement plan, or even my medical records. I don't mind the "delays" inherent in doing my banking and such in the same way I have since the 1960s. The only use I have for "online banking" is to make sure I have enough balance before writing a big check, like for a major auto repair. Some "conveniences" come with risks I am not willing to take.

Thursday, January 12, 2012

Planets probably outnumber stars

kw: analysis, extrasolar planets

Microlensing has paid off. This technique is a most powerful method for finding planets of every size about a target star. An international team has reported recent results of several years of searching. This BBC News report summarizes very well the report and many of the implications. One is the bold statement that every star that is not part of a multiple star system is certain to harbor at least one planet. This may be coupled with the discovery by other methods (transits and gravitational perturbations) that at least some multiple star systems also harbor planets. About half the stars are part of multiple systems, so this implies that the minimum number of planets in our Galaxy is greater than half the number of stars in the Galaxy.

The Galaxy is composed of at least 200 billion stars. If, then, there are 100 billion or more planets in the Galaxy, how many of these are similar to Earth? In size, at least, the report cited above claims this number is about 10 billion. This is a very conservative estimate, and I think it it likely that there are many more than this. I base my reasoning on the principle of mediocrity: Our solar system is most likely to be close to average. Can that be quantified?

Let's make a few rough estimates, based on what we know:
  1. Our Solar System has 8 planets.
  2. It contains at least three bodies, including Earth, that are expected to have large amounts of liquid water over great spans of time: Earth, Mars (for its first 2 billion years), and Europa (under a thick ice layer).
  3. There is one Earth, with life and even (somewhat) intelligent life.
I'll use a Poisson Distribution as a model of the likely distribution of the number of planets, and of possible Earths, around other stars. The process is simple: Find the range of mean values that have at least a 50% chance that there are 8 planets per star. Then use those Poisson distributions to glean some measure of the likely range of planetary numbers.

Firstly, we find that if the mean value of a Poisson distribution is 5, the normalized distribution's height at 8 is 0.37, while if the mean is 6, the height at 8 is 0.64, so we'll use 6 as a lower bound. Secondly, if the mean is 12, the height at 8 is 0.57, and if the mean is 13, the height is 0.42, so we'll use 12 as an upper bound. That means that the most likely number of planets, for stars somewhat similar to the Sun, is between 6 and 12, and a further analysis indicates that most such stars will have a number of planets between the "sideboard" values of 3 and 17.

By a star "somewhat similar to the Sun" I mean a star of spectral type F, G or K that is not a member of a multiple star system. That is about 10% of all stars. The "sideboards" above indicate that there are at least 3 planets each, which multiplies out to 60 billion planets in the Galaxy about such stars, with a more likely number of 150-180 billion planets, and the potential for trillion or so.

Among these, how many might have liquid water for at least a couple of billion years? Repeating the process using 3, we get a range of mean values between 2 and 6, with "sideboards" of 1 and 8. Thus there are at least 20 billion planets holding liquid water, and more likely about 60 billion.

Finally, how many sister Earths? When your sample is 1, it is better to use an aggregation technique, and say, suppose that among ten stars, we were to find five sisters to Earth, what could we conclude? A similar analysis shows that a random group of ten stars might have a mean value in the range 4-8, with "sideboards" of 1-11. This works out to a per-star range of 0.4-0.8 with "sideboards" of 0.1-1.1. These seem reasonable. Thus, I conclude sister Earths number at least 8 billion, with 10+ billion even more likely.

Then why, above, did I state that I think there are many more than 10 billion? There are two sources of more Earths. One is the warmer half of the M stars, M0-M5, which outnumber all the F, G and K stars two-to-one. The other is large satellites of super-Jupiters that may be a little outside the habitable zone of the parent star, but who add heat to the satellite by tidal flexing. This is much more speculative, but is not likely to be zero, so it is more probable that there are millions or a few billions of these also (In the Sci-Fi film Avatar the "planet" Pandora is a giant satellite of a super-Jupiter, though you only see this in an early sequence).

I am encouraged that my very rough "mediocrity" estimates are in the same range as that of the scientists who have given this much more thought than I have. The next breakthrough to await is the ability to get a spectrum from an exoplanet. An atmosphere with water and oxygen will fairly shout "LIFE!" to the Universe.

Wednesday, January 11, 2012

A boon to day traders

kw: investing

I stumbled across this chart in Yahoo Finance some months ago. It expands the "compare to" function to include up to five stocks and indices. To generate this particular chart, for the current day and time, click here. Click on the chart to see a full size version.

These stocks are a portion of a portfolio I follow, of dividend-paying stocks. I had used the stock screener to find stocks with high dividends, then the history function to find out which of those has had stable dividends for the past decade or more. Then a tool like this allows me to pick a momentary low spot, which boosts the effective dividend yield.

I am not a day trader, but I do try to time my entry into an equity. Almost any stock will vary by 5% over a few weeks' time. Suppose I am interested in one that is very stable, and is currently yielding 5%; not only that, it has very seldom reduced its dividend despite large variations in the overall market. This makes it a good income stock. If the day the screener program showed its yield as 5.1% it was selling at $25, and has a very steady $0.32 per quarter, I'll watch it for a few days. A downturn in the market could drag it down to $22, at which point I might purchase it. The dividend isn't likely to change, but now the effective yield is 5.8%. And the company's underlying value is the same, so it'll be back at $25 before long, and may grow substantially from there.

Whether it does or not, every 100 shares purchased gains nearly 6 shares a year in reinvested dividends. Give it ten years, and I'll have 176 shares where I had 100. If the stock has also risen, that's an added bonus when I am ready to sell. By the way, I only trade stocks inside my IRA, so I don't pay ongoing taxes. The tax bill will be high enough when I take money out of the IRA anyway!

Tuesday, January 10, 2012

Outliving myself

kw: longevity

If you have one clock, you know what time it is. If you have two or more, you are never sure. Prompted by a visit to the Social Security office, I ran their Life Expectancy Calculator, which uses only age and gender. It stated that, for my age cohort, I could expect to live to age 83.6, and when I am seventy, that will be pushed out to age 85.3. Fair enough. Then I got a wild hair…

I went to the Wharton How Long Will I Live page. The entry form has about forty questions. Their results are in the form of quartiles (they have a "Your Life Expectancy" value, but it is always very nearly the same as the median):
  • First Quartile: 79.0
  • Median: 86.9
  • Third Quartile: 94.0
A third site of interest is the Living to 100 Life Expectancy Calculator. This site spreads a larger number of questions over several pages. It produced three items:
  1. A calculated longevity, 90 in my case, with the note "You could live to 99."
  2. A couple of pages of suggestions and how much each can impact life span. For example, I might add a year to my life by taking an aspirin a day (I currently take none).
  3. Personalized recommendations by the doctor who runs the site, Dr. Perls. This came to about eight pages.
Finally, I went to one more web site, which turned out to be quite interesting: Peter Russell's Virtual Age Calculator. This has about twenty items, each a drag-bar. As you drag the bar, you see your virtual age and your expected longevity change. This makes it more tempting to cheat than usual! The upshot for me was that my virtual age is 48.6 (Funny, I don't look a day under 50), and my expected life span is 95.4. That sounds a bit optimistic. The biggest single factor is that my father is 89 and his grandparents lived into their late 80s and 90s. I suspect if I backed off a few years on that drag-bar (my mother lived only 81 years), the figures would change accordingly.

None of these asked the single most significant question that affects my life: Have you had or do you have cancer? I had colorectal cancer eleven years ago, lost 40 pounds during the period when I could not eat at all, and had half my colon removed. I suspect somebody somewhere has tables that would modify these four predictions, probably in the direction of about a decade downward!

So, what'll it be: 84, 87, 90 or 95? I won't expect more than another twenty years (85 total), but I'm basing my retirement planning on the 95 figure, just so I won't go broke. And I plan to get more of the fun stuff accomplished prior to age 75; it makes for fewer regrets. P.S. I suppose your local amateur shrink will tell you I'm in my third mid-life crisis, and I'd agree!

Monday, January 09, 2012

Screech owl or barn owl, take your pick

kw: book reviews, nonfiction, birds, natural history, photography

This barn owl was photographed in Surrey, England by Peter Trimming; the photo is available in Wikimedia Commons.

I have seen only one owl in the wild, and it wasn't a barn owl, AKA screech owl. I have heard them, and they make quite unearthly shrieks, not at all like the gentle "Hoo" sound of other owls. Therefore, I took great pleasure in reading and viewing Barn Owl by David Chandler, with its many pictures taken by Nigel Blake.

The book is a small volume (127 pages, including index), though the pages are largeish (18.5x24.5 cm), and half the space is photos, which places it in a genre I call "small coffee-table". It is thus a quick read, but very informative. Each chapter covers a different phase of owl life or natural history.

The most significant thing I didn't know before was that over half the area that harbors barn owls, there is a single species, Tyto alba (shown above in its whitest phase). This species is the only one in North America and most of Europe, but more than a dozen other species populate areas throughout the rest of the world. Some species are locally called grass owls for their habit of nesting on the ground in tall grass. T. alba nests in cavities, usually rather high off the ground, 2-3 meters or higher. Nooks in barns and other outbuildings are thus ideal, thus leading to the common name.

All owls are predators, and barn owls are perhaps the most efficient. A pair with growing young might take 30-100 small mammals daily! That's a lot of field mice, voles, and shrews (and some rats) that would overrun us if not for owls. One owl can hunt down about ten times as many mice as the hungriest house cat.

Barn owls cough up bone-and-hair-laden pellets, as many other owls do, which makes it rather simple to determine their eating habits. Interestingly, it has been said that, if the owl's hunting range is marshy, it may take a lot of frogs, and a pellet of frog remains looks more like a golf ball than like the cigar-shaped pellet formed of small mammal remains.

Quick as the read was, it was a great pleasure to read this book, and an even greater pleasure just looking through the pictures. It appears to be pitched to ages from late middle school through high school.

Sunday, January 08, 2012

Countdown to New Hampshire

kw: observations, politics, debates

I watched the televised debate from New Hampshire last evening, among the Republican candidates. There are now six contenders, Michelle Bachmann having bowed out of the race: John Huntsman, Ron Paul, Mitt Romney, Rick Santorum, Newt Gingrich and Rick Perry. Although Romney, Santorum and Paul are the "front runners", in my view nobody is really out of the running yet.

I would not say there was a clear winner last evening. This was much closer to a real debate than the prior ones, with plenty of back-and-forth among men who had both good and bad things to say about one another. I would say, though, that these candidates are primarily laying the groundwork for most of them (perhaps all) to support whomever is nominated. At least three of them stated that any one of the six would do a better job as President than Barack Obama has been doing.

It is still early days. My own State's primary is not until April 24, by which time 34 States and Territories will have held their primaries or caucuses. Even at that point, I suspect there will be some fluidity and uncertainty about the eventual nominee.

Some have said or written that it might be best to replace this six-month mess with a single primary election date, to be shortly followed by the nominating conventions. I disagree. The present process may be a grueling multiple marathon, but it gives voters a much greater opportunity to get to know the candidates, most of whom visit nearly every State. Our remarkable democratic process probably engages more people than any other known. A single-day primary would force much greater reliance on media advertising, a detriment. There is too much already.

I initially favored Ms Bachmann, but now that she is out, I am still confident that the Republicans will nominate someone who can beat the incumbent, because I am pretty sure any of the remaining six can make a better case for becoming our President, than Mr. Obama can for remaining in his failed Presidency.

Friday, January 06, 2012

The silenced majority

kw: book reviews, nonfiction, politics, free speech, polemics

As polemical writing goes, Muzzled: The Assault on Honest Debate by Juan Williams is rather mild. This is not because he lacks passion, but because he is a gentleman, a very rare breed in modern political discourse. Mild and gentlemanly he may be, but here are a few things he has to say:
"…what happened to me … was an assault on journalism and honest debate. Ne need to protect a free-flowing, respectful national conversation in our country. Today, such honest debate about the issues becomes collateral damage in an undeclared war by those who make accusations of racism and bigotry whenever their political positions are challenged." (p27)

"Political correctness has grown so thick that, like an untended garden, it is now less about the flowers than it is about the weeds. Too much of American politics has become an exercise in institutional madness, hampering our nation's ability to solve urgent problems." (p91)

"…these professional rude boys (and girls) [political commentators and talk show hosts at both ends of the spectrum] thrive on arousing people's passions. They make money by making our problems even worse. The more bitter the divide over an issue, the more intractable the problem, the brighter they shine." (p213)
As most folks know, just over a year ago (October 2010) he was fired by NPR for stating that he felt uncomfortable boarding an airplane if there were people in Muslim clothing on the same plane. I suspect elements of this book had been percolating around in his mind for a long time, but it took a blatant collision with Political Correctness to push him to actually write it.

Ah, good old PC, the source of such neologisms as "mentally challenged", "person of color" and "man-caused disaster". It makes us pretzelize our language until we're like an octopus playing Twister®. In modern political discourse, offending someone is the greatest sin, more heinous than embezzlement or adultery, more to be despised than sloth or gluttony.

Mr. Williams happens to be a liberal. I happen to be a conservative. There is nothing in his book that rankles me. He is honest, forthright, and quite correct in his assessment that the noisy fringes of the political spectrum have taken over all the platforms of debate. I remember the first televised debate, the one between Nixon and Kennedy. It was an actual debate. Even the Reagan-Mondale debate was a genuine exchange of views with few ad hominem moments. But since the League of Women Voters was kicked out of the debate business in favor of news anchors, the so-called debates have been a joke. I watched a portion of one of last year's debates, then went off and read a book.

If I have a criticism of the book, it would be that it is longer than it needs to be, or perhaps much, much too short. In a series of well-researched chapters, the author exposes the breakdown of communications related to the past decade's wars, to taxation and entitlements and military spending, to health care legislation and immigration and abortion—a laundry list of the hot button issues of our time. The trouble is, on one hand, two or three examples would be enough, while on the other, there are no "warm" button issues, no issues at all that can be fairly debated in this political climate. A book five times as long could have been filled with examples of issues, that just their mention is likely to get you called names, intimidated and shouted down.

Nobody is willing to admit the slightest possibility that their tiniest opinion might not be 100% correct. This is why I find genuine Christian faith so salutary. To be a true Christian requires that, at least once in your life, you admit you were wrong, ask for forgiveness, and pray for divine guidance and correction. To walk a Christian walk requires frequent repentance. Now, the churches are as full of bigoted fools as the rest of society, but those who are actually serious about their faith are capable of admitting fault, of learning better, of growing and becoming ever more loving and caring and respectful in a way that is simply not possible to a person who has never said, "I repent."

In a joking way, sometimes someone will say, "Oh, I made a mistake once. I thought I was wrong about something but it turned out I was right." For far too many people, that isn't a joke but a way of life. They cannot imagine that their political opposite number might have a valid point about anything. They forget Churchill's maxim, "Even a fool is right once in a while."

I find it refreshing that the author has no call to legislative action, no demand for "something to be done" by the powers that be. The powers that be are the problem, actually. All are too timid to say what they mean, mean what they say, and demand to be treated with the respect they afford others by doing so. He instead trusts the American people to take his points to heart and learn to talk things over without rancor. There is one area in which Mr. Williams does make a suggestion; he is in favor of defunding NPR. He may be the first liberal journalist to take this conservative position. He makes a very good case for this in a portion of his last chapter; it boils down to this, that firstly, no other news organization needs a subsidy to survive, and secondly, for the government to subsidize any news organization is actually a hindrance to free speech and a free press.

He talks about how people who recognize him tend to say three things: they appreciate his work, they don't quite agree with everything he says, and finally tell him their name. I don't expect ever to run into him, but if I do, he'll get my name first, a big hug (or handshake) for writing this book, and, "I don't care if we agree or disagree, if we can keep from being disagreeable about it."

Thursday, January 05, 2012

Is twelve bytes enough?

kw: computers, hacking, passwords

Following up on an earlier post: There are two things a cybercriminal needs to obtain to begin cracking a bunch of passwords from their encrypted record (hashes). Firstly, the file of the hashes themselves, and secondly, knowledge of the hashing algorithm. DES is quite popular, but is by no means the only one in use. The best feature of a good hashing algorithm is that it does not reveal the length of the original password. Heaven help you if your online bank uses a weak hash or doesn't hash at all!

So, having somehow stolen a file of passwords, the cracker proceeds by trying character strings in some logical sequence, producing the hash, and seeing if it matches any of the hashes in the file. This matching step can be very fast, but I suspect it takes a while if you have a million hashes to check.

The record speed of a special-purpose cracking machine is just under 1011 tests per second, when attacking a single hash. Obviously, it is much more efficient to sort the file of hashes using the hash as a key, then use a binary search to check a generated hash. A million hashes can be checked with only ten lookups. Not knowing how long those ten lookups might take, though, I'll continue the analysis by considering a hacker who is determined to get me, and has only one hash to test each iteration, at that 1011/sec rate. What do I need to do to hold off the attack for at least a year? Simply put, since a year has 3.156x107 seconds, I need a password long enough and complex enough to be a member of a universe with at least 3.156x1018 members. To push that out by a factor of a thousand, you need 3.156x1021 members.

Let us assume the perpetrator uses a logical series of steps, based on human nature. Shorter passwords are still most common; lower-case letters only and UPPER-case letters only are very common; adding a numeric digit, or a few, is getting more popular; MiXeD-case is somewhat rarer; mixed case plus digits is very rare, and the addition of special characters is done only if someone forces you to do it, or you are very, very paranoid. Someone having a super-cracker machine won't bother with a dictionary hack, but will just use all combinations.

Here is what it takes, for now, and for ten years from now when a cracking box might be 1,000 times as fast:
  • UPPER- or lower-case only. N = 26L. For L = 13, N = 2.48x1018, not quite enough, so go with 14 letters, where N = 6.45x1019, for now. For later, you need 16 letters
  • Either case plus some digits. N = 36L. For L = 12, N = 4.74x1018, OK for now. For later, L = 14.
  • MixEd-cASe letters. N = 52L. For L = 11, N = 7.52x1018, good for now. For later, L = 13.
  • Now add digits. N = 62L. You still need L=11 for now, because 6210 = 8.39x1017. For later, 12 is enough.
  • Finally, if the full ASCII set is allowed, N = 95L. For L = 10, N = 5.99x1019, more than good enough for now. For later, 11 characters is sufficient.
Of course, as one progresses down this list, it gets harder to remember the password unless you are quite clever creating it. If fourteenletter or FOURTEENLETTER is as hard to crack as M#nE3pa$5w, though, which one is the better choice? And for the future, dEEPsnowINspring, at 16 letters of mixed case, is from a universe of 2.86x1027; probably good for the rest of your life.

Wednesday, January 04, 2012

Chill is like vegetables

kw: observations, weather, temperature

I don't like it, but it is better to have it. Cold weather. As I've gotten older, I have found I have less tolerance for the cold. But I am glad to live somewhere that has a real winter, nearly every year. Over all, it is healthier.

Firstly, it stimulates me and my immune system. I find that I am more susceptible to colds in warm weather. Now that I am in my mid-sixties, I've probably had most of the cold viruses out there, both rhinovirus and adenovirus varieties, so I am immune to them. Yet I still catch a new cold every few years, and it seems to occur in the Spring or Fall.

Secondly, it eliminates pests. The worst years for mosquitoes are after mild winters. The overwintering adults can only hide under the bark or in leaf litter, so a deep enough chill will kill more of them. Any overwintering larvae (of certain varieties only) need pretty deep water to hide in, and if it freezes over wholly, they cannot breathe. The privet rust mites that plague my hedge plants hide under bark or leaf litter also. It can take a week of below 20°F weather to kill them. But I'll still spray with oil in May even if we get a hard few weeks.

Finally, the best fruit trees, apples, pears and cherries, bear better fruit after a long, hard winter, as long as the roots in the ground don't freeze. A deep-rooted apple tree can even do well after a North Dakota winter. The trick is to keep it alive for ten years until the roots get at least six feet deep! That takes a heavy layer of mulch, renewed every Spring and Fall. At this latitude, however, hardly any mulch is needed. We had a cold, snowy winter a year ago, and this year I had a very good harvest of excellent apples.

As much as I may grumble about cold weather, it is like having your vegetables, or getting exercise—better for me and better for my yard and garden.

Tuesday, January 03, 2012

A day here, a day there - pretty soon it adds up

kw: calendars, analysis

In the wake of the holidays, I was thinking about the origin of "Twelve Days of Christmas." It got me to thinking about the changes to the calendar that led to the 12 days, and the manipulations of the year that led to that. In the Science Q&A section of eNotes.com I find the following, posted by fact-finder:
The longest year on record was 46 B.C., when Julius Caesar (100-44 B.C.) introduced his Julian calendar. In order to make up for the difference between the calendar date and the season (determined by the position of the Earth in its yearly journey around the sun), Caesar inserted 2 extra months and added 23 extra days to February. Thus, 46 B.C. was 455 days long.

The shortest year on record was 1582, when Pope Gregory XIII (1502-1585) introduced his calendar, the Gregorian calendar. He decreed that October 5 would be October 15, eliminating 10 days, to make up for the accumulated error in the Julian calendar.

The world only gradually changed over to the Gregorian calendar. Catholic Europe adopted it by the year 1584. Many Protestant continental countries did so between 1699 and 1700; England imposed it on its colonies in 1752 and Sweden adopted it in 1753. Many non-European countries adopted it in the nineteenth century, with China doing so in 1912, Turkey in 1917, and Russia in 1918.

Sources: Famighetti, Robert, ed. The World Almanac and Book of Facts 1995, p. 288; Trefil, James. 1001 Things Everyone Should Know About Science, p. 138.

Based on the entire Gregorian correction, the year 1600 was a leap year, while 1700, 1800 and 1900 were not. In the late 1700s, there were some in England who went along with the calendar change and some who did not. The former practiced Christmas Day on December 25, according to the Gregorian Calendar. Those who stuck with the Julian calendar used their December 25, which fell on January 5. Over time, neighbors accommodated neighbors, and many began to celebrate the whole twelve days as the Christmas Season. Sometime thereafter, the familiar song was written (or perhaps it accumulated).

Since that time, the loss of two leap days in 1800 and 1900, followed by 2000 having a leap day, has shifted "Old Christmas Day" to January 7. It would be humorous to coin a new song of the fourteen days of Christmas!

All this takes care of making the average calendar year work out to a length of 365.2425 days, by mixing 365- and 366-day years. Since 1582, all the years have been of one of these two lengths. But there is more. The actual Tropical Year has a length of 365.2422 days (in 2000: 365.242189). This difference of 0.000311 days yearly means an extra leap year needs to be skipped about every 3,215 years. 3215+1582=4797. That is long enough that the gradual change in the length of the tropical year must be taken into account; the date we need to skip a leap year will be a year or two later, like in about the year 4799 or maybe 4800. 4800 has a nice ring to it. Let's use that.

Monday, January 02, 2012

Running a day behind

kw: holidays

This is January second, but it feels more like the real New Year's Day to me. I return to work tomorrow after just over a week off. Yesterday, being a Sunday, was a busy day. Of course, church activities take up half the day, until 1:00 or 2:00 PM. Our son was home for the weekend, and he and some of the other college kids decided to go skating. After they had left (they went right from the meeting place), on the way home, my wife suggested we go there also.

Neither one of us has skated in more than ten years. It soon became evident that our workouts at the YMCA hadn't kept us in "skating shape". My wife hugged the wall and its handrail for most of the hour we were there, though a couple of the college girls were nice enough to entice her further out on the ice a time or two. I skated slowly and a bit tentatively. The only time I bent over and tried to put on some speed, I soon felt quite unstable, and skidded myself back to a more sedate pace!

After the skating, the kids came over for a little while. We had some pumpkin pie left over. Then they left, our son returned to his college digs, and we wrapped things up and turned in early.

Today was a much more quiet day. I made breakfast quite late. We cooked up the rest of a ham we'd been using up slowly, had some of that in sandwiches for lunch, and froze the rest. I napped a while. Read a while. Now I'm blogging. We'll probably have leftovers for dinner in another hour or two. For now, I'm going to go watch the News.