Bicoastal Disorder (DSM-V Definition)

And now, for a brief comedic interlude. I’ve been sitting on this DSM-V-parody definition of bicoastal disorder for a while. My own definition arose from a couple of quick moves and trips between New York and San Francisco. However, it appears the idea’s been around the Internet for years; see this reference to a Wired writer using the phrase in 2000. To the best of my knowledge nobody’s tried to formalize this into a DSM disorder before. Recommendations of additional criteria welcome; actual inclusion of this definition into the DSM NOT recommended.

Diagnostic definition for Bicoastal Disorder:

A. In most weeks during the past year, four (or more) of the following symptoms were present during the first week after moving, begin to remit within a few days after the onset of travel, and were absent in the weeks before displacement:

(1) Disorientation; impaired ability to identify compass directions from where one stands; impaired ability to negotiate city streets despite intact motor function

Google Maps: walking directions from New York City to San Francisco.

Google Maps: walking directions from New York City to San Francisco.

(2) Failure to properly identify one’s current geographic location (example: “But here in New York, we — dammit, I’m in San Francisco…”)

(3) Repetitive, seemingly driven, and apparently purposeless motor behavior upon exiting a transit system (grabbing for transit card when not needed to exit; bumping into turnstile after failing to swipe card)

(4) Maladaptive use or disuse of automobiles as a means of getting from point A to point B (i.e. trying to drive in Manhattan; insisting on walking to a destination in Los Angeles; driving to get to a location one block away)
Continue Reading »

Educators’ Toolbox for Security Trainers

I’ve been attending trainings on using Tor, encryption, and other security/privacy tools lately, as OpenITP is exploring what we can do to help along these lines. From an educator’s standpoint, a lot of good work is being done already; trainings have a lot of hands-on components, are very responsive to student questions, and use good metaphors. But there’s always room for improvement. I wanted to share a few ways of thinking about training, from the toolbox I gained as a student at Teachers College, in hopes of starting a discussion about best practices in teaching digital security. Three tools for thinking about teaching come to mind: mental models, fragile knowledge, and “a time for telling.”

Mental Models: Find out what your learners know (or think they know)

So as I mentioned in my post about Tor and the recent Harvard bomb scare: In education, we talk about students’ “mental models,” meaning their understanding (however faulty it is) of how something works. In computing education, this encompasses quite a bit — models of a computer’s current state, of what computer language looks like, of the shape of a network, etc.

Mental models are important to reckon with. Learners are not blank slates. What they already know matters a lot to how they build new knowledge. A big challenge with mental models is that learners may come in to a lesson with a pre-existing mental model of the domain, and that model may be incomplete or incorrect. Learners may then build faulty mental models onto these bad foundations.1

Continue Reading »

Tor Holes: Learning how to teach Tor from the Harvard bomb threat

In education, we talk about the “mental models” students have of the subjects they are learning: the understanding they have of a system. In computing eduaction, this encompasses quite a bit — models of how a computer works, of its current state, of what computer language looks like, of the shape of a network, etc.

As it happens, the bomb threat sent in to Harvard recently presents us with an opportunity to think about one user’s mental model in comparison to the actual threat model — encompassing the school network, the people and agencies able to access its traffic logs, and the tools used by the person sending in the bomb threat.

From what we think we know about the story so far, the guy sending the threat took precautions which he thought would protect him. He used Guerilla Mail, a service which provides disposable one-time email addresses. And he used Tor, which disguises where the sender’s message is coming from.

Unfortunately for the guy sending the threat (and fortunately for the rest of us who aren’t fond either of bombs or of students who make unreasonable attempts to escape from final exams), the choices he made made him vulnerable to the one known attack against someone trying to hide using Tor: a timing attack. If you have 1) a record of who’s using Tor and when on your campus, 2) the information that a message got to your machine through Tor, 3) and the time stamp on the message sent, it becomes not too hard to tell from the timing which user sent that message. Most of the time Tor users are somewhat protected by the fact that the place they’re using the Internet from (the local Internet cafe, their own Internet service provider) and the place they’re sending a message to (I dunno, someone else’s Gmail account) are not under the control of the same people. When you put both together in the hands of the same Internet service provider, it gets much easier to figure out that the person with stuff going into Tor at time X is the same person whose stuff comes out of Tor a short time later.
Continue Reading »

Notes on Linux: Harry Potter and the System of Privilege

This is hopefully the last in a series of posts about my experiences diving deeper into Linux, the first ones being about Mac being too pretty, Linux being too buggy, and the learning curve being too steep.

As I was going around a few weeks back hyperbolically screaming that open source software was a tool of the patriarchy — I’d just hit the days when I was utterly dependent on co-workers to get my machine working — I heard the following back from an old friend who was, at one point, one of the most fervent open-source evangelists I knew:

Open source is triply a tool of the patriarchy because it multiplies the privilege of having assloads of time to screw around as a teenager.

tux_potter

image courtesy marzou2.centerblog.net. not actually representative of my friend, but you knew the Internet was bound to provide this image, mm?

This guy is not some hippie n00b who spends all his time on lost political causes. He works for one of the top five tech companies, contributes vital code to open projects, helms a massive distributed team of programmers, both thinks about and works on the big picture of networking. He sometimes describes himself as the Harry Potter of programming, as both his mom and dad were talented, highly visible wizards of programming. He was basically born with a silver chip in his mouth, or something.

This was a casual conversation, so both of us were painting in big, crude strokes. But I know what he was saying, and it bears unpacking:

We should, all of us, try to be conscious of the conditions in which we learned things. Many of us who got deep into computers did do it while we were teenagers and college students, and had tremendous amounts of access and time on our hands. Among the resources we had that we may have taken for granted:

Continue Reading »

Notes on Linux: The Learning Curve and the Command Line

This is the third in a series of posts documenting my first month or so using Linux. The first one was on Macs as “shiny jewelry;” the second was on the difficulty of relying on Linux as your day-to-day work operating system (it doesn’t work).

So, OK, maybe I’m not being totally fair by saying Linux doesn’t work. Given time and resources, maybe it can work pretty smoothly. But there is a trade-off: being in a Linux environment clearly requires dedicated staff support on a regular basis, timelines with a lot more leeway for potential technical failures, an ethos of giving staff time to learn, etc.

Regarding learning, in particular, there’s another misconception by open source enthusiasts that I feel like I keep running into:

All the information you need to teach yourself to run Linux is up online. Yes. I suppose it is. But there are a number of problems with this assumption.

Do you remember learning to work from the command line? Image courtesy CPC-Emu

Do you remember learning to work from the command line? Image courtesy CPC-Emu

The first is sort of a question about how much a person should have to rely on a large body of material outside of the machine itself to learn about that machine. The thing about a mature, fully-featured graphical interface is that the bulk of of the information you need to teach yourself to run it is within the interface itself. Its affordances — the tools it provides to let you do things — are immediately visible, or can be found with minimal digging. The cursor suggests you can point at things to work with them; the various mouse buttons suggest different ways of pointing. “Play” and “next page” and “continue” buttons point right or are to the right, suggesting “go on to the the next thing” to anyone used to reading a language written right-to-left. Discrete icons, whether on a graphical desktop or a tablet, make it clear there are multiple actions the machine can perform.

Continue Reading »