In the past, I haven’t given much thought to the problem of Internet censorship - lame attempts like the Chinese firewall and Germany’s censorship lists were always easily defeatable by anyone with a server outside their jurisdiction (or even a 37 second YouTube video, in the latter case). Apparently, the current Iranian censorship seems to be more serious in that they actually responded to this by (at least partially) blocking SSH traffic. This, now, annoys me. I need SSH to read my mail (and have unfetterd access to whatever parts of the public internets I want).

How does one get past this crap? My best guess would be that the usual HTTPS dodge still works - blocking HTTPS to “world” is going to break so many legitimate applications that you might as well just shut down your entire Internets, so “SSL to port 443″ is a pretty safe bet as a carrier protocol. Two issues arise:

1. If you have just a single IP address, wasting your port 443 for a rarely-needed redirect is a bit of a pity
2. The censors might discover that you’re not actually running HTTPS on this port and block it as well.

A simple solution relies on the lucky accident that the initial step of the SSH protocol calls for the client to wait for a server message, while the initial step of the HTTP protocol is for the server to wait for a client message. Thus, it’s rather trivial to write a simple redirector that initially sits there like an HTTPS server. When it receives a request (or anything, really), it forwards to the HTTP server. If this phase times out, it forwards to the SSH server, which will immediately send its server prompt. This means that it is totally transparent to HTTPS traffic and just slightly annoying (well, depending on your delay) on connect for SSH sessions. A proof of concept is here.

Of course, that still leaves the censors with the options of

1. Detecting it by waiting for the session timeout.
2. Figuring out what goes on from traffic flow.

Now, number 1 is not much of a technical problem, but I’d still think it hard to find a couple of hidden SSH servers amongst the millions of actual HTTPS out there. Bonus points for doing this on something where the legitimate HTTPS is also popular enough to cause problems when blocked. Number 2 is a threat for me, but it’s less bad if you just want to tunnel your web surfing through it, since it will arguably show quite similar traffic flow behaviour to the actual (direct) HTTPS.

(Inspired by this AskMetafilter thread)

Surely, this is a major breakthrough for the G1’s mass market appeal!

On the weekend, I finally found a sadly non-permanent local source for my beloved bubble tea. The nice woman selling it pointed me to a web site, which is a bit short of content at the moment. She also talked of a newsletter and a possible brick-and-mortar location in the works. I sure hope this works out!

So, Austria is about to cancel its membership in CERN (Google your own article, I’m not about to link to any Austrian news outfit). Fits neatly with the Austrian Way of handling the Zwentendorf affair - pay for expensive construction of something hugely complex, then opt out when it’s about to be turned on and actually generate benefits. Of course, Austrian researchers will continue to work at CERN (you can’t just throw out people who built an experiment that’s about to be turned on, anyway), but career building at CERN has probably just become a lot more difficult. As someone who’s just writing a thesis in HEP, I’m slightly annoyed, but I presume it’s worse for people who poured lots of time and energy into doctorates and research work.

Update: sos.teilchen.at has a petition.
Update^2: Heh. Who would have thought that a measly 32000 signatories to an online petition and statements by 16 nobelists plus a lot of behind-the-scenes maneuvering would actually suffice to stop this?

(Have to wait until August 4, sadly…)

The Wolfram Blog, Hybrid Logos and a Fortunate Mistake:

The idea struck me as I was toweling off after a swim: what would happen if I crossed the Mercedes-Benz and Grignani logos from my February 2009 blog post, Exploring Logo Designs with Mathematica? Hybrid vigor is a well-known phenomenon responsible for increased yields in corn, and metaphorically, for the economic and cultural flourishing of civilizations that engage in foreign trade. Would the progeny of Benz and Grignani show similar effects?

A ray of light from the world of high-level programming, shining into the joyless den of C programming that I spent most of this week wallowing in.

I just tried to run anything.el on the ancient Emacs that comes with CERN Scientific Linux 4, and needed to bend it a little. In the process of looking for an online copy of with-selected-window, I found the delightfully absurd Antinews info page:

Appendix A Emacs 21 Antinews

For those users who live backwards in time, here is information about
downgrading to Emacs version 21.4.  We hope you will enjoy the greater
simplicity that results from the absence of many Emacs 22.1 features.

A.1 Old Lisp Features in Emacs 21

[…]

   * Many programming shortcuts have been deleted, to provide you with
     the enjoyment of "rolling your own."  The macros `while-no-input',
     `with-local-quit', and `with-selected-window', along with
     `dynamic-completion-table' and `lazy-completion-table' no longer
     exist.  Also, there are no built-in progress reporters; with
     Emacs, you can take progress for granted.

The most amazing thing about it is that it’s actually super-useful when backporting elisp code that wants to run on a current Emacs…

Another vignette from the jump-through-hoops-to-make-us-take-your-money circus: I wanted to read Arthur C. Clarke’s Superiority. My first search result was unhelpful - reviews, obituaries and quotes. But behold, on refinement, I stumbled on a link to Sony’s eBook store. USD 1.99? An eminently reasonable price! I get a legal copy, content creators (or rather, heirs of content creators) and publishers get paid, everyone is happy! Except for…

Want this eBook?Our eBook Library Software is required to purchase and download eBooks. Download it here.

Meh. Again. For a six page short story. Even opening a PDF feels like overkill on that format. Well sorry, I just had to add the quote that initially triggered my search to the Google terms and find the inevitable free fulltext PDF of dubious legality linked above.

An innocent link on Penny Arcade hooked me on Dwarf Fortress. You shouldn’t even consider trying it if you don’t have massive amounts of time to waste and are in any way curious about the intricacies of dwarven life. If you can spare the time, the rewards are amazing - ASCII graphics, a hugely complex dwarven economy and social system, deadly trap systems and cruel and unusual punishment await!

(Life will never be the same after you’ve spent a couple of hours constructing an elaborate system of channels and floodgates to create a remotely triggered drowning chamber for a goblin that wandered into one of your cage traps, only to realize that the swamps you tapped to provide the water will only raise the water level to 5 or 6 out of 7 and thus not drown the goblin….)

Heise: Stadt Wien begräbt Glasfaserpläne:

Glasfaseranschlüsse für jeden Wiener Haushalt wollte die Gemeinde Wien ohne Subventionen realisieren. Vor drei Jahren hätte ein Pilotprojekt mit 50.000 Haushalten starten sollen, im Endausbau sollten alle 960.000 Haushalte und zirka 70.000 kleine und mittlere Unternehmen (KMU) mit 1 Gbit/s symmetrischer Bandbreite angebunden werden. Damit sollte Wien wieder zur Breitband-Hauptstadt der Welt werden. Aber daraus wird so schnell nichts werden, denn die Stadt hat die Firma Cablerunner Austria verkauft, die die Glasfasern im Kanalnetz der Stadt hätte verlegen sollen. Seit kurzem gehört Cablerunner zu 76 Prozent der Telekom Austria (TA). Die alternativen Provider sind empört und fürchten um ihre Investitionen.

2004 hatte die Stadt Wien den CableRunner vorgestellt: Eine Eigenentwicklung, die selbst in Rohren von nur 25 Zentimeter Durchmesser jene Kabel verlegen kann, in die dann Glasfasern eingeschossen werden. Der Providerband ISPA warnte damals “vor der Gefahr, mit Geldern der Stadt eine neue Monopol-Infrastruktur zu errichten.” Die Stadt etablierte eine eigene CableRunner Austria GmbH und erklärte es zum Ziel, alle am Wiener Kanalnetz angeschlossenen Grundstücke – das sind 99 Prozent – mit Glasfaser zu versorgen. CableRunner Austria erhielt die exklusiven Wegerechte im Kanalnetz.

Adorable. This has been brewing for some time, apparently. We’ll have to see whether this sails past BWB, but even the attempt is despicable enough. I’d love to hear an explanation of why it’s a great idea to create a municipally sponsored entity and basically give away an exclusive right-of-way to create a fiber network so that you can then sell it off to the largest owner of installed copper (and installed fiber). Let me guess - that is why we have a specially created private intermediate owner, who can take the blame in exchange for probably substantial profit.

Incidentally, this explains why nothing has ever been heard of Blizznet expanding its deployment over the last couple of years - I hope they now resume some kind of growth, though of course their standard deployment model means that they’ll probably never manage to hook up the house I live in due to its rather high density of broadband-agnostic older households I share it with…