Jan 112009
 

I just saw the documentary “I.O.U.S.A.” on CNN. Or, to be precise, I saw the last half hour of it, and then I went to the I.O.U.S.A Web site and viewed the “bite-sized” 30-minute version.

It’s alarming. I am not an American, and our country has so far maintained a modest budget surplus (this year, it may yet turn into a deficit, but perhaps not, as the days of the present government may be numbered) but I am still gravely concerned: a collapse of the U.S. economy or, more precisely, that of the U.S. dollar would make the Great Depression seem like child’s play in comparison.

No wonder many are expecting a near miracle from the incoming Obama administration. That is because it’s abundantly clear that “business as usual” means certain disaster. But what can Obama do? He may be exceptionally talented, but even so, miracles may be beyond his reach.

 Posted by at 10:47 pm
Jan 102009
 

I am test driving Windows 7. Some rough edges (it’s a beta, after all) but I already like it more than I liked Vista. If only Microsoft saw the light and dropped Activation, I might even consider recommending it. One of these days, software companies will realize that penalizing legitimate users is not the right way to fight piracy, but that day has not come yet…

 Posted by at 3:28 am
Jan 082009
 

Watch out, you are being cheated.

Chances are you receive many offers like I do, from credit card companies offering incredibly low interest rates, no fine print, no questions asked, often not even a transaction fee. It makes sense to put these offers to good use, does it not? Or perhaps there is a subtle catch?

Indeed. And subtle it is, not very easy to explain. Let me try to use an example with numbers.

Suppose you have a VISA card and you spend $1,000 on it every month, but you’re like I am, and pay it off at the end of every month. So you don’t even care that the interest rate is high, say, 18.5%, since you never pay any interest (much to the regret of your friendly neighborhood credit card company.) But then comes this hard-to-ignore offer: you can pay off another debt at the low-low interest rate of just 2.99%!

So you do that, pay off a $10,000 debt using your VISA card, figuring that you’d do like before, and pay your $1,000 plus any accrued interest in order to keep your card in good standing. Meanwhile, you ignore the small print that says, in part, that “if you have low rate offers, which apply to a portion of your overall cash advance balance, then your payments are applied to these low rate offer balances first”. Yet this text is critical.

For here is what happens. At the end of your first month, you’ll be owing $11,024.58 to the credit card company: $10,000 was the loan amount, $1,000 is your monthly expenses, and $24.58 is the “low low rate” interest on the $10,000. So you send the credit card company a check for $1,024.58.

The next month, you find that you owe the company $11,036.37. Of this,$22.12 was interest on your low interest loan amount of $9,000 (!), while the rest is your present month’s spending of $1,000 along with high-rate interest at $14.25 on last month’s spending of $1,000. In subsequent months, things get worse: every time you send $1,000 to your credit card company, instead of being applied against your current month’s expenses, it is used to reduce the low-interest debt. In the sixth month, you’d be paying them $1,085.22: $1,000 is what you usually pay, last month’s spending that is, $11.94 is the interest on your preferred loan (now only $4,855.50), while $73.29 is interest on your accumulated high-interest balance of $5,144.50!

Whoa! On average, you will have paid interest at the rate of 6.66%, which is well over twice the advertised rate!

If your monthly spending is higher, things get even worse: at $1,500 a month, your effective interest rate will have increased to 8.53%. Not a very good deal, is it.

The only way to take advantage of a special offer of this kind is with a credit card on which you have no unpaid balance and which you are not using for any other purpose until the loan is repaid. Otherwise, you’ll be paying through your nose.

Here’s a little calculation with Microsoft Excel that demonstrates the six-month payment schedule:

Preferred rate: 2.99%    
Regular rate: 18.50%    
Loan amount: $10,000.00    
Monthly spending: $1,000.00    
         
Low-interest
balance
Interest High-interest
balance
Interest Monthly
payment
$10,000.00 $24.58 $1,000.00 $0.00 -$1,024.58
$9,000.00 $22.12 $2,000.00 $14.25 -$1,036.37
$7,985.75 $19.63 $3,014.25 $28.69 -$1,048.32
$6,957.06 $17.10 $4,042.94 $43.35 -$1,060.45
$5,913.71 $14.54 $5,086.29 $58.21 -$1,072.75
$4,855.50 $11.94 $6,144.50 $73.29 -$1,085.22
    Effective rate:
6.66%
 Posted by at 7:51 pm
Jan 072009
 

Here’s an article worthy of a bookmark:

http://peltiertech.com/Excel/Charts/XYAreaChart2.html

It offers a way to produce a chart in Microsoft Excel much like this one:

Filled XY area chart

Filled XY area chart

This chart is from something I’m working on, an attempt to test gravitational theories against galaxy survey data.

The link above also comes with a warning: the discussed technique doesn’t work with Excel 2007, due to a (presumably unintentional) change in Excel’s handling of certain complex charts. A pity, but it is also a good example why I am trying to maintain my immunity against chronic upgrade-itis. Two decades ago upgrades were important because they fixed severe bugs and offered serious usability improvements. But today? Why on Earth would I want to upgrade to Office 2007 when Office 2003 does everything I need and more, just so that I can re-learn its user interface? Or make Microsoft richer?

 Posted by at 3:51 pm
Jan 062009
 
The Piano Tuner

The Piano Tuner

Years ago I went to a bookstore at Zurich’s international airport and picked up a book to read on the flight, Daniel Mason‘s The Piano Tuner. I began reading then, but I kind of drifted away, never finishing it, putting it aside after I got back home, I never even got halfway. The book was sitting, forgotten, on top of an ever growing pile next to my bed.

Until last week, that is, when I picked it up again. I had to start from the beginning, as I didn’t remember much, just the uniqueness of the story and its atmosphere. This time around, it didn’t take long to get to the last page… despite the 19th century feel and pace, it turned out to be a page-turner after all.

And an unlikely story it is, set in Victorian England, telling the tale of a shy, self-absorbed London piano tuner who gets the most unusual commission of his lifetime: a request by Her Majesty’s War Office to travel to the remotest parts of Burma in order to tune and repair an Erard grand piano.

As it turns out, I’m not the only one who was mesmerized by Mason’s story. Now I hear that a movie is in the works. Not bad for the first novel of a medical student!

 Posted by at 1:36 pm
Jan 042009
 

How many times have we heard statements like this? Most recently, I heard it just moments ago, as an Israeli spokesperson stressed that Israel’s fight is not with the Palestinian people. But, I submit to you, when you kill hundreds of said people, your words are irrelevant: the facts are that your fight is with the people, the Palestinian people in this particular case, as it is the Palestinian people (in particular, innocent Palestinian people who have nothing to do with the Hamas idiots who keep firing rockets into Israel) who’re doing most of the dying.

 Posted by at 3:24 am
Jan 032009
 

I just read this term, “paparazzi physics”, in Scientific American. Recently, several papers were published on the PAMELA result referencing not a published paper, not even an unpublished draft on arxiv.org, but photographs of a set of slides that were shown during a conference presentation. An appropriate description! But, I think “paparazzi physics” can be used also in a broader sense, describing an alarming trend in the physics community to jump on new results long before they’re corroborated, in order to prove or disprove a theory, conventional or otherwise.

 Posted by at 9:16 pm
Jan 022009
 

As a contributor to Maxima, I occasionally receive requests from students to fill out surveys. I got one today, and after completing it, felt obliged to add the following comment, which really applies to most such surveys that I’ve seen:

You seem to be concentrating on things like prestige, reputation, stuff like that that I have no interest in and certainly play no role in my decision to work on an open source project. Simply put, the projects I work on I work on because of what they DO, not because they are open source or not. It’s not a self-serving activity… I no more think of it as “programming” as I think, say, of repairing my computer as “screwdrivering”. Programming (or using a screwdriver) is not the goal, but the means to reach a goal.

I work on Maxima because I need it for my research, because its tensor algebra packages were broken and I was able to repair and maintain them, because I need the result, because by participating I can help ensure that the package remains reliable and useful… what others think of me is irrelevant. I left your last question (ranking roles by prestige) unanswered for this reason… you might as well have asked me to rank them by color.

 Posted by at 5:00 pm
Jan 012009
 

A full nine years after the Y2K bug was to end civilization as we know it, it appears that Microsoft has yet to discover leap years. It seems that many of their Zune music players died a premature death yesterday (though they’re expected to come back to life today) because they were not prepared to deal with years that are 366 days in length.

Not only is this a remarkable case of sloppy programming and quality control, it also highlights why devices with digital rights management are such a bad idea. They’re designed not to serve you, the person who owns the devices and pays for the content played on it, but to serve third party content providers who view you as the enemy. And you actually pay good money for such garbage?

This is why I have yet to purchase an iPod, Zune, or indeed, any other device or software that is designed to police my non-existent file sharing habits.

 Posted by at 3:23 pm
Jan 012009
 

I am starting the new year by reading about a substantial piece of cryptographic work, a successful attack against a widely used cryptographic method for validating secure Web sites, MD5.

That nothing lasts forever is not surprising, and it was always known that cryptographic methods, however strong, may one day be broken as more powerful computers and more clever algorithms become available. What I find astonishing, however, is that even though this particular vulnerability of MD5 has been known theoretically for years, several of the best known Certification Authorities continued to use this broken method to certify secure Web sites. This is hugely irresponsible, and should a real attack actually occur, I’d not be surprised if many lawsuits followed.

The theory behind this attack is complicated, and the hardware is substantial (200 Playstations used as a supercomputing cluster were required to carry out the attack.) One basic reason why the attack was possible in the first place has to do with the “birthday paradox”: it is much easier to construct a fake certificate that has the same signature as a valid certificate than it is to recover the original cryptographic key used to sign the valid certificate.

This has to do with the probability that two persons at a party have the same birthday. For a greater than 50% chance that another person at a party has your birthday, the party has to be huge, with more than 252 guests. However, the probability that at a given party, you find at least two people who share the same birthday (but not necessarily yours) is greater than 50% even for a fairly small party of just over 22 guests.

This apparent paradox is not hard to understand. When you meet another person at a party, the probability that he has the same birthday as you is 1/365 (I’m ignoring leap years here.) The probability that he does NOT have the same birthday as you, then, is 364/365. The probability that two individuals both do NOT have the same birthday as you is the square of this number, (364/365)2. The probability that none of three separate invididuals has the same birthday as you is the cube, (364/365)3. And so on, but you need to go all the way to 253 before this results drops below 0.5, i.e., that the probability that at least one of the people you meet DOES have the same birthday as you becomes greater than 50%.

However, when we relax the condition and no longer require a guest to have the same birthday as you, only that there’s a pair of guests who happen to share their birthday, we need to think in terms of pairs. When there are n guests, they can form n(n – 1)/2 pairs. For 23 guests, the number of pairs they can form is already 253, and therefore, the probability that at least one of these pairs has a shared birthday becomes greater than 50%.

On the cryptographic front, what this basically means is that even as breaking a cryptographic key requires 2k operations, a much smaller number, only 2k/2 is needed to create a rogue cryptographic signature, for instance. It was this fact, combined with other weaknesses of the MD5 algorithm, that allowed these researchers to create a rogue Certification Authority certificate, with which they can go on and create rogue secure certificates for any Web site.

 Posted by at 2:30 pm
Jan 012009
 

This is a sad picture:

It's raining Columbia

It's raining Columbia

Yesterday, NASA released its final report about the Columbia accident, complete with gruesome but necessary details about how seven astronauts died.

 Posted by at 12:58 am