« April 2006 | Main | June 2006 »

May 31, 2006

A New Constitution, Part 2

This is part 2 of the series; part 1 is here.

Ideally, a constitution is based on a few guiding principles. For example, the US constitution considers "life, liberty and the pursuit of happiness" as a basic human right, which in turn guides many other aspects of the constitution such as the amendment guaranteeing freedom of speech.

So when I was designing my own constitution, I had to define its guiding principles. To do this, I spent some time reflecting on my life and what has made me happy.

In general, the happiest times have been when I've lived according to my values.

For example, I have always enjoyed composing music, writing software, reading books and learning new things. When I moved to Texas back in 1983, there was a 2-year period where I did all of these things consistently, and I was extremely happy. Conversely, some of the least happy times in my life were when I neglected these activities.

Of course, living according to your values is more than just doing things you enjoy; it's also about the way you relate to people you like, people you don't like, and people you have never met. For example, I derive great enjoyment from supporting charities whose values I support, and spending time with people whose values are similar to my own. Conversely, I am very tolerant of people with different values from me, and while I don't particularly enjoy their company, I don't attempt to prevent them from living according to their values.

Last but not least, I'm happiest living in places that encourage freethinkers and are tolerant of a variety of values; hence my recent relocation to the fantastic city of San Francisco.

So after recognizing the common thread that connects my sources of happiness, I chose the following guiding principle for my constitution:

The right for each person to live according to their own values.

To be sure, it has a lot of similarities with the guiding principle of the US constitution, but if you take it to its logical conclusion, you end with something that's very different.

In the next part of this series, I'll discuss conflict resolution.

Constitution_2

May 31, 2006 at 11:20 PM | | Comments (2) | TrackBack (0)

May 28, 2006

Rails Sessions/Remember Me

One feature I needed for my education product is a "remember me" option so that frequent users don't have to sign in every time they visit the site.

The simplest implementation of this feature uses persistent cookies. By default, a Rails session uses a non-persistent cookie to pass the session id between a browser and a server, which means that the session ends when the browser is closed. However, if a persistent cookie with an expiry time of, say, 30 days is used instead, a user can re-establish a session even when their browser is closed and reopened several days later.

Before implementing this approach, I searched the web for related code samples. To my surprise, I could not find any examples that used persistent cookies to implement "remember me". Instead, I either found approaches that set *all* sessions to be persistent or approaches that required additional long-term state on the server. Neither suited my purpose, so I started to work on an implementation from scratch.

After about 6 hours of work that involved reading through the source of CGI, CGI::Session, ActionController::CgiRequest and ActionController::CgiResponse, as well as utilizing an HTTP sniffer to see cookies passing between a browser and a server, I finally got it working. And now I know why there are no examples on the web for a straightforward "remember me" implementation; because there is a bug in the Ruby 1.8 CGI::Session implementation that prevents such a thing from being coded.

Before I describe my implementation, I'll outline the way that Rails sessions currently work.

By default, session management is enabled for all actions, which means that the first HTTP request from a particular client causes an associated session to be established. One non-intuitive consequence is that when a user goes to the "sign in" page in order to sign in, their session has already been established.

CgiRequest::session does most of the work associated with establishing a session, including calling CGI::Session.new(). If the session is a new one, CGI::Session.new() allocates it a new session id, otherwise it reuses the existing session id. Then - and this is a bug IMHO - it always adds a Set-Cookie header to pass the session id back to the client. In other words, if a client sends 20 HTTP requests to a server in a single session, its receives 20 Set-Cookie headers from the server instead of just 1.

By default, CGI::Session.new() adds a Set-Cookie with no expiry time to the CgiResponse output cookies, and the only way to override this default is globally using session_options[:session_expires] = <time>. Since I wanted to override the default expiry time on a per-user basis, I looked for a way to access the CgiResponse output cookies so that I could modify their expiry time after CGI::Session had added them.

Unfortunately, there is no API for doing this. Indeed, there is no API for even adding output cookes to a CgiResponse, and CGI::Session adds them by using instance_eval to directly manipulate its instance variables. This violates basic software engineering principles and I was surprised to see this kind of code in the Ruby source code base.

At this point, I tried adding a persistent cookie with the same session id when the user signed on with the "remember me" option in the hope that the browser would give precedence to the persistent version. Here's the code that does this:

if remember_me
  cookie = CGI::Cookie::new("name" => '_session_id', 
"value" => session.session_id, "path" => '/',
"expires" => (Time.now + 30.days))
  response.headers["cookie"] << cookie
end

The result of this code combined with the behavior of CGI::Session is that two cookies were sent back when the user signed in with the "remember me" option; one non-persistent (sent by the CGI::Session code) and one persistent (sent by my code).

At this point, IE 6 seemed to assume that the persistent session cookie outweighed the non-persistent session cookie, and things worked fine. Firefox, on the other hand, seemed to give precedence to the non-persistent cookie and so persistent sessions still didn't work.

To fix this issue I needed to change the behavior of CGI::Session so that it only sent an output cookie when a session is first initiated. With this modification in place, only my persistent cookie is sent which overrides the original non-persistent cookie without ambiguity.

Here's a snippet from a new version of CGI::Session.new() that shows this conditional logic:

if @new_session // only write output cookie for a new session
  request.instance_eval do
    @output_cookies =  [Cookie::new(...)]
  end
end

The net result of fixing CGI::Session.new() and sending a persistent session cookie during sign-in is that "remember-me" sign in works fine with both IE and FIrefox. Ultimately, it took just 6 lines of code to accomplish this feature, but 6 hours of hard work to track down which lines had to be written.

Let me know if you'd like me to post any more details of how to implement "remember me".

Slippers_14

May 28, 2006 at 07:20 PM | | Comments (12) | TrackBack (0)

May 12, 2006

Learning Science can be a LOT of fun

Brainiac is one of the best science education shows I've ever seen. It's a British TV series that's light-hearted, full of humor, scientifically accurate, and emphasizes real-world experiments over pure theory. For example, this episode demonstrates reactions between alkaline metals and water by dumping cesium into a bathtub and watching it explode. Kids love this kind of stuff because its entertaining and educational at the same time.

Brainiac

May 12, 2006 at 11:57 PM | | Comments (0) | TrackBack (0)

May 09, 2006

Playing God

I've read several articles recently about people who believe that scientists should not "play God" when it comes to genetic engineering. This seems to include the act of creating new kinds of life that don't currently exist on Earth, which in turn raises some interesting philosophical questions.

For example, let's say that scientists come up with a way to artificially boost an immune system using a new kind of genetically engineered cell. A person with such an immune system would be a new kind of life form in the sense that they'd contain genes in their DNA that were designed by other humans. Would they still be considered human? If so, what is the criteria for determining what genetic modifications keep you human and which do not?

Similarly, let's say that a way to boost intelligence by 50% is invented that works by adding a new region to the brain. Would people with this enhancement still be considered human?

Any one particular enhancement in isolation might seem like a minor improvement, but when you add up the combined effect of hundreds of enhancements, the end result would be to humans as humans are to apes.

I think the debate about scientists "playing God" is interesting but ultimately academic, because history shows that most people are very eager to improve their competitiveness through the application of technology. The popularity of plastic surgery is just one example of this.

If parents are willing to spend large amounts of time and money to give their children a competitive edge, how many do you think wouldn't want their children to be born 50% smarter than everyone else? And even if some countries outlaw such enhancements, you can bet that other countries would allow them since it would give their country a competitive edge. Would it be possible to enforce a world-wide ban on such practices? I doubt it, especially since humanity will at the same time be colonizing nearby planets which will make tracking and enforcement increasingly difficult.

Although a small subset of the population will shun the benefits of radical genetic breakthroughs, my hunch is that the bulk of the population will embrace them and hence accelerate our evolution toward a new, post-human life form.

Dna_2

May 09, 2006 at 12:12 AM | | Comments (2) | TrackBack (1)

May 08, 2006

Indoor Rock Climbing Idea

I've been doing a fair amount of indoor rock climbing recently, and have often admired the grace and skill of the advanced climbers in my club. Unfortunately, I find it hard to remember the particular techniques that they use to make it look so easy.

I think it would be great if a video could be displayed onto the wall that you're about to climb that showed how an experienced climber did the same climb. You could replay the video as many times as you wanted in order to understand the various moves and grips that an expert would use in that particular context.

Technically, you'd have to figure out a way to:

  • Allow a club to make videos of climbers tackling each individual climb. This could be done using a simple digital camera with a zoom to track the climber.
  • Allow a club to project video onto the individual climbs. Rather than having one projector per climb, a few projectors could be strategically positioned with the ability to swivel them to orient at a particular climb. The projector would use a camera to ensure that the position of the colored rocks in the video is properly aligned with the same rocks on the actual wall so that the expert climber is superimposed exactly onto the climbing wall.

I think that seeing an expert perform a task that you're about to do is very useful, and this video capability would quickly help me improve my climbing ability. I bet the projection technology could be used in a bunch of other areas as well.

Climbing

May 08, 2006 at 11:20 PM | | Comments (1) | TrackBack (0)

May 03, 2006

Rails/Lighttpd/FastCGI/Windows

I've decided it's about time to move from the default Rails WEBrick web server to something a bit more production-ready. A bulk of the Rails community seems to lean towards the Lighttpd web server combined with FastCGI, so I figured that installing this combination of software for my Windows XP laptop would take a few hours.

Wrong. Four hours after starting the process, I have very little to show for my efforts.

Locating and installing LIghttpd itself was simple. The trouble is with FastCGI. The main FastCGI web site doesn't seem to provide a binary download for FastCGI, which seems odd. The only thing I could find is a source download, which means that I need to find a way to compile it under Windows. But I can't find instructions anywhere on how to do this, so right now I'm stuck.

If anyone has any advice on how to get Lighttpd and FastCGI running under Windows, please let me know. I'm willing to pay consulting fees to someone who can get me up-and-running.

Slippers_13

May 03, 2006 at 12:57 AM | | Comments (10) | TrackBack (0)

May 02, 2006

Education and Democracy

This CNN article lists some interesting statistics regarding the state of geography knowledge within the USA. For example, only about half the 18-24 year olds polled could locate India, Iraq or Saudi Arabia on a world map. Closer to home, half the respondents could not even locate the state of New York on a map of America.

These troubling statistics brings up bigger issues, such as the effect of education on democracy. For example, are uninformed votes harmful to the long-term success of a country?

Worldmap_1

May 02, 2006 at 12:50 PM | | Comments (1) | TrackBack (0)

Search

Destiny

  • Destiny is my science fiction movie about the future of humanity. It's an epic, similar in breadth and scope to 2001: A Space Odyssey.

    To see the 18 minute video, click on the graphic below.

    Destiny17small

Recent Comments

Photo Albums

People

Archives

More...