Zdeněk Miler
1921-2011

Jesus’ Game

A question I’ve often thought about is why is it that people that don’t believe in God are often not dramatically evil or immoral. I’ll take a look at one of the famous parts of the New Testament, Jesus’ Sermon on the Mountain. Many smart people have written much about it. However, some aspects of it are still very hard to understand and even harder to implement in your own life.

The passage I would like to discuss is Mathew 6, 38-48:

“You have heard that it was said, ‘An eye for an eye and a tooth for a tooth.’

But I say to you, Do not resist one who is evil. But if any one strikes you on the right cheek, turn to him the other also; and if any one would sue you and take your coat, let him have your cloak as well; and if any one forces you to go one mile, go with him two miles. Give to him who begs from you, and do not refuse him who would borrow from you.

“You have heard that it was said, ‘You shall love your neighbor and hate your enemy.’

But I say to you, Love your enemies and pray for those who persecute you, so that you may be sons of your Father who is in heaven; for he makes his sun rise on the evil and on the good, and sends rain on the just and on the unjust. For if you love those who love you, what reward have you? Do not even the tax collectors do the same? And if you salute only your brethren, what more are you doing than others? Do not even the Gentiles do the same?

You, therefore, must be perfect, as your heavenly Father is perfect.

Before I get to the text itself allow me to take a bit of an excursion to another famous and well discussed problem: the Prisoner’s Dilemma. This is one of the fundamental problems of Game Theory. Here is Wikipedia’s take:

Two suspects are arrested by the police. The police have insufficient evidence for a conviction, and, having separated the prisoners, visit each of them to offer the same deal. If one testifies for the prosecution against the other (defects) and the other remains silent (cooperates), the defector goes free and the silent accomplice receives the full 10-year sentence. If both remain silent, both prisoners are sentenced to only six months in jail for a minor charge. If each betrays the other, each receives a five-year sentence. Each prisoner must choose to betray the other or to remain silent. Each one is assured that the other would not know about the betrayal before the end of the investigation. How should the prisoners act?

Imagine you were one of these suspects. I presume you would be facing a tough moral decision. Ten years spent in prison is a big chunk of your life, and you can’t be sure how your accomplice will react?

It is well established that the rational¹ thing to do in a Prisoner’s Dilemma situation is to defect. In fact it is a strictly dominant strategy. For some time, this result turned out to be quite a wrench in the wheels of theories on why and how people cooperate with each other. It seems inconsistent with the notion that people are (mostly²) rational beings.

Take a moment to consider how you feel about the fact that human cooperation is irrational - that in fact, by helping others you are making your own life worse. Not exactly cool, is it?

Thankfully, Keneth Binmore comes to our rescue:

A whole generation of scholars swallowed the line that the Prisoner’s Dilemma embodies the essence of human cooperation… Rational players don’t cooperate in the Prisoner’s Dilemma because the conditions necessary for rational cooperation are absent³.

Doesn’t look that bad for the human race after all. But it answers the question I’ve started this essay with: Why don’t atheists sin a lot more? Why do we know pretty decent people who don’t believe in God? Why aren’t even satanists epically evil? If you are absolutely convinced that there is nothing greater than us, there seems to be no reason to adhere to basic morality, is there?

In a lot of situations behaving morally is rational. Or in other words, being good to others is in fact good for us (in a very materialistic sense). Jesus refers to this when he says: “For if you love those who love you, what reward have you? Do not even the tax collectors⁴ do the same?”

What I’m trying to get at with this digression into Game Theory is that Jesus tries to tell us that as Christians we need not be always rational - or specifically, not always rational in game-theoretic terms.

If you look at how this would turn out in the Prisoner’s dilemma then yes, at first you would get the sucker’s payoff. But now imagine a world where most people would try their best to turn the other cheek and when in a prisoner’s dilemma you would know that the other person will cooperate with say a 60% probability. Then defecting loses its strict dominance and you would be more likely to choose the option that maximizes social welfare, that is an option that’s better for every player taken together. Hence I believe that not only does choosing this “irrational” lifestyle make sense morally but also it in fact may affect other people’s lives and actually contribute to make the world a better place.

Also:

My thanks to Joachim Veselý for proofreading this essay.

1. What exactly constitutes rational behavior is of course debatable; in Game Theory it generally means to maximize one’s payoff.

2. Whether or not you consider humans as rational depends on which psychological theory you subscribe to and what notions of rationality you hold, but I would argue that humans are more or less rational in decisions that matter.

3. Imagine that in the prisoner’s situation if they both cooperate then they will be set free for lack of evidence and if only one defects he will get minor jail-time, then cooperation is the dominant strategy. Binmore argues that this type of situation is far more common in real life then Prisoner’s Dilemmas and this fact is why we cooperate in most situations.

4. Tax collectors were considered the scumbags of Jesus’ time.

Popular passwords in 2010

A long story short: I got my hands on a data-dump of 184 550 hacked usernames and passwords from Gawker. With a bit of data-analysis magick I did a bit of research.

20 most popular passwords

Now the first entry is rather shocking: the most used password is also the most obvious password possible. A full 1% (and 0.11% of the full DB; see bellow) used this password! What didn’t exactly fit on the list was that another 111 people used ‘Password’ and 129 people used the slightly better ‘passw0rd’.

“lifehack” and “gizmodo” are both names of the sites these passwords were retrieved from. Not very secure. ‘qwerty’ and ‘abc123’ are also extremely obvious passwords. 15 of the remaining passwords are single words contained in any dictionary.

Password Strength

Next I marked the passwords with these simple rules:

• +1 point for each of: uppercase characters, lowercase characters, numerals, punctuation
• +1 point for passwords longer then 7 letters
• 0 points if they were part of the username

The following table shows the distribution of these strengths.

Now a score of 1 is very bad - it is the default unless you use the same password as your name. However a staggering amount of people use these very unsafe passwords.

A new year’s (a bit early, but well) promise should be a bit more online safety for all of us.

A few notes

1. The dataset is available here and the details of how it was obtained are here.

2. The full db contained ~1.5M records out of which the attackers obtained ~1.2M (presumably randomly). They proceeded to crack the week encryption algorithm of ~200K accounts. This I do not assume was completely random. Out of this I got a total number of 184 550 records.

3. The site apparently stored only the first 8 characters (sic!) of the password. This suggests caution with passwords of length 8 because these were possibly truncated. I set those shorter then 8 characters in an italicized font. However apart from “lifehack” which would be probably “lifehacker” all other passwords in the top 20 seem as complete words or phrases. As an aside a strong password is generally considered to be at least 16 characters long.

4. I would like to perform more research into password sharing with this dataset but I don’t have the time for that right now. I’d be interested if someone will investigate.

Designing a departures board with CSS3

Warning: Technical article ahead. Beware.

As I’ve written before, CSS3 is very good for designing things. Today we’re going to use it to do some fun pixel pushing. Behold our inspiration.

This article contains features and examples that do no work properly in the dashboard. Please follow to the version on my site.

Markup

Simple. Use any thing you like. We will be using a div called .board.

The basics

We’ll start with designing for Webkit for now. First the basic shape and color.

.board {
    padding:  5px 10px;
    display: inline-block;
    background: rgb(30, 30, 30);
    -webkit-border-radius: 3px;
    text-transform: uppercase;
    color: white;
}

yields:

Shadows

Now let’s make the dark shadow effects from the top and sides of the box. For this we’ll use multiple inset box shadow declarations:

-webkit-box-shadow:  
  inset 2px 0px 4px rgba(0,0,0,0.9), 
  inset -2px 0px 4px rgba(0,0,0,0.9);

Gives:

Spinner

These sort’s of displays use a spinner and thin boards to display different strings. When you go to a train station or airport (that still use this magnificently old tech) you can see the dividing line between the two halves. We’ll recreate that here.

How? Using a pseudo element with thin boarders.

.board:before {
    border-top: 1px solid rgba(0,0,0,0.4);
    /* this line will be barely visible, but that's how we want it */
    border-bottom: 1px solid rgba(255,255,255,0.08);
    height: 0px;
    position: relative;
    /* you might need to ajust these positions to your layout */
    width: 110%;
    left: -9px;
    top: 11px;
    content: " "; /* we have to set this, otherwise it won't be visible */
    display: block;
}

This is how it looks:

Border

To make the spinner look realistic we have to also pay attention to the bottom border. It has to have a 3D effect an look plastic enough. We’d also like to see the board bellow it. So we modify our shadows definition and add a border.

border-bottom: 1px solid rgba(0,0,0,0.7);
-webkit-box-shadow: 
  inset 0 -1px 0 rgba(50,50,50,0.7), 
  inset 0 -2px 0 rgba(0,0,0,0.7), 
  inset 2px 0px 4px rgba(0,0,0,0.9), 
  inset -2px 0px 4px rgba(0,0,0,0.9);

Lighting

Light’s and shadows are a crucial part of any visualization. So as a finishing touch we add a few light effects (with a subtle gradient and a few more shadows):

-webkit-box-shadow: 
  inset 0 -1px 0 rgba(50,50,50,0.7), 
  inset 0 -2px 0 rgba(0,0,0,0.7), 
  inset 2px 0px 4px rgba(0,0,0,0.9), 
  inset -2px 0px 4px rgba(0,0,0,0.9), 
  /* This one is new and adds a light edge on the bottom*/
  0 1px 0px rgba(255,255,255,0.2); 
background: -webkit-gradient(linear, center top, center bottom, 
  color-stop(0.0, rgba(0,0,0, 1)), 
  color-stop(0.05, rgba(30,30,30, 1)),  
  color-stop(1.0, rgba(50, 50, 60, 1)));

Which yields:

Conclusion

As you can see, CSS3 enables us to do with a few lines of code some incredible pixel-pushing. So here’s the complete code with syntax for other browsers and fallbacks for graceful degradation:

Let me know if you’d like more articles like this.

Edit: For an animated version see this project by Paul Cuthbertson.

Ethics on the net

The internet is an interesting place. It’s also a very new place and as such forces us to pass moral judgments on our actions and on actions of others in situations that don’t necessarily have equivalents in the real world.

Let me give you a few examples:

• torrents, p2p, file-sharing, intelectual property and piracy: an incredibly complex issue with many shades of grey. There are types of piracy that are undeniably wrong and types that are undeniably right. The whole issue is complicated by the huge complexity of the whole media economy, no credible numbers or statistics and a dependency on obsolete law with very little correlation with any natural ethics.

• (grey-hat) hacking: the act of showing the easiness of compromising someone’s system (especially army or energetics’ systems) goes a long way of making these systems more secure. Another fact is that most people have no idea how much they rely on systems that are spoofed extremely easily (like email - you knew that it takes like a minute to send a fake email from your address, right?). On the other hand the law is clear on this - a breach of another’s system is clearly illegal in most legislations. Obviously walking the line of morality can be difficult in this area.

• privacy: The internet is turning out to be a valuable tool in sharing information. Yet there are many individuals that seek to control the internet and use this information for commercial purposes, or worse, for purposes of oppression of your freedom. What are the ethical borders for sites on privacy for their users? How should we treat the net - everything we post should be considered public?

• responsibility for your word, netiquette: the net grants a certain type of anonymity that doesn’t enforce people to be responsible for what they say in the same way as in the real world (that is through shame and law). My view is that the general and most noticeable abuse of this reality (eg. youtube comments) does not enrich us in any way - but is probably the price we pay for having a medium where free speech can be more free than ever before.

It is very important to think critically about our actions online and how it impacts the world around us. Thanks to amazing technologies the world is becoming an ever more holistic system were every action we take can influence the whole - that in turn makes ethics incredibly important in this environment. It is also crucial to try to see more angles about issues before deciding whether they are right or wrong.

UX considerations of using Flash

There has been a lot of discusion around the web surrounding the use of Flash on websites. The discusion was geared mainly about the availability of Flash on some platforms and it’s general slowness on others.

That is not my point today.

What I do want to talk about is the value of Flash to the most regular user - the one who can run it reasonably fast and has it installed on his computer.

I’ll start with the benefits. Less work for the developer in bringing rich capabilities to inferior browsers. If you still use Internet Explorer I think you probably wish Flash was used a lot more. Especially today when developers are getting these dangerous ideas about things like graceful degradation and “your experience is only as good as is your browser”. Also if the developer can spend less time optimizing and testing on every browser he will have more time to polish other aspects of the app. Next I’ll mention the obvious: there are things that cannot be done without a plugin - you might as well use flash for them (full screen video and progress with uploading being the most prominent examples at time of writing).

Now the negatives: although Flash is improving in this area, I argue that it has small and hard to spot usability issues. These can be often circumvented with using a combination of html and Flash (but thus loosing some of the benefits). First imagine a login form in Flash. Now if you try to use 1Password or any other password manager to store and remember that password for you you will be disappointed. They can’t detect the form to be a login form. Neither does the browser’s native password manager kick in. This forces you to set a password that is easy to remember and thus making it much less safe.

Also, almost shamefully so, somehow Flash does not support undo when editing text. Again this is not a huge problem in most cases (since Flash is usually not used as a text-editing environment) but it is another dent in the UX facade that can irk your user.

However for me the most irking thing about a lot of Flash apps is scrolling. I’m using a MacBook and I’ve grown so used to the comforting double finger scroll that I almost forget how to use a scrollbar. That is until I use a Flash app. Somehow Flash scroll views don’t seem to support mouse wheels out of the box. This issue is somehow overridable but rarely does this happen.

There are other issues that I might have missed; the point is however when deciding what technology to use don’t forget to consider these smaller however important points, especially when designing software that people will need to use on a frequent basis (if you’re doing a casual game then Flash is quite probably perfect for you).