Chad Perrin: SOB

12 September 2006

stalking the wild hacker

Filed under: Cognition,Geek — apotheon @ 09:05

There’s a lot of half-baked and three-quarters-baked information out there about how to recognize a “great hacker”.

Eric S. Raymond, self-proclaimed anthropologist/historian of the hacker culture, pretty much uses the term “hacker” as such a term of honor that it is roughly synonymous with “great hacker” as used by anyone else. He has probably gone further in attempting to carefully codify the requirements of being a hacker in this sense than anyone else, at least among the dozen or so more prominent attempts out there. I have allowed myself, to some extent, to get caught up in some of his mania for the issue, and found myself absurdly reticent to allow myself to carry that title despite having it handed to me by people who surely fit the ESR definition better than I do.

Paul Graham comments eloquently on identifying great hackers — and, more specifically, on the difficulties inherent in identifying them accurately. His discussion of “great hackers” gives an interesting view of less singular hackers via induction and deduction.

By contrast, references to day coders and similar indictments of zombified corporate-cog programmers provide a handy counterexample when trying to pin down the identification of that elusive beast, the real hacker. Ultimately, however, it seems that the only really effective way to recognize such a specimen is to be one of those people who “know it when they see it”, and hang out with a test subject enough to get a feel for it. Conversation often helps in the process.

Tangentially, there is the question of self-identification. How do you know if you qualify? For some it’s relatively easy. Paul Graham certainly qualifies, as does anyone he identifies as a “great hacker”, I’m sure. Paul Graham’s business partner Robert Tappan Morris qualifies at least as certainly (perhaps moreso), as does his father Robert Morris, the cryptographer, I think. For the rest of us, it might be a little more difficult.

Tangentially, I’ve noticed something about intelligence, and the perception of one’s own intelligence: everybody thinks they’re above average. In fact, statistical studies have shown just that (no link at present, sorry). The truly intelligent in my experience (yes, including myself — IQ tests, years of reinforcement in the form of people telling me I’m “frighteningly intelligent” and the like, and other indicators that are difficult to ignore) tend to view themselves as above average as well, for a strict definition of average (if a notable percentage greater than 50 is stupider than you, you’re above average). They do not, however, often think of themselves as really brilliant. So far, nothing differs from the average individual.

Things change when one examines how they think of the intelligence of the rest of humanity, however. They (we) look around at the rest of the world and wonder how all those people out there can be so damned stupid. It’s not very politically correct, but it’s the truth about how really intelligent people tend to view the world and, from their subjective perspective, it’s accurate. Really intelligent people tend to view themselves as normal, but above average because of the dismaying frequency of subnormal intelligence in the world. This is usually not an explicit thought, but an implicit feeling that doesn’t get articulated, and still seems to be fairly universal amongst those intelligent enough that I’m sure they’re within a certain class of rare intelligence — call it the 98th percentile.

. . . and there’s the key. When 98 percent of the population is not as smart as you are, the rest of the world looks pretty dumb sometimes. So what about hackers?

Perhaps there’s a parallel there. After all, hackers tend to be at least near that 98th percentile intelligence as well. Add to that the notion that they have rare passion for their craft, talent, and a shared cultural leaning whether they’ve actually participated in the extant cultural community or not, and you’ve got the makings of an even stronger “I’m not better, I’m just not as bad as everyone else!” self image.

That may well be the most recognizable characteristic of the breed that is sufficiently universal to be useful as a means of identification, if it is as common as I suspect.

By that measure, I’m a pseudohacker: I probably don’t have the skills (I still tend to regard the majority of professional coders as having greater practical skill than me) to really qualify, but I sure as hell have the interest and the theoretical acumen (most coders are idiots about their craft and, worse yet, don’t recognize it as a craft at all). Give me time: I’m learning.

false positives: the devil’s onion ring

Filed under: Geek,Metalog — apotheon @ 06:01

When you’re talking about lines of communication, such as email, blogging comments, and your telephone, you’re talking about a medium that is open to abuse. To make a means of communication immune to abuse is to make it useless as a means of communication. This doesn’t mean you cannot reduce the incidence of abuse through clever tricks, careful use, and whatever jumping-through of hoops may come to mind. It just means that the vulnerability still exists. The key is not to believe we can eliminate abuse of a means of communication entirely, but to minimize it so that the abuse is manageable.

You may not have caught the full implications of something I said in that last paragraph. I explained that truly eliminating all vulnerability to abuse communication also eliminates the ability to communicate. That’s a key point for anyone working on solutions for the abuse problem, whether the abuse problem in question is email spam, spambacks, or telemarketer calls during dinner. The first mandate for solving a communications abuse problem is to avoid interfering with communication itself. In the case of systems like spam filtering, this means that one should avoid false positives first and foremost.

Perhaps you recall (if you’ve been reading SOB for a little while) a previous entry in which I lamented the fact that Blogger effectively prevents some people from commenting legitimately. This problem arises because of a failure of the anti-spambot measures it uses. I’ve run across another weblog that has the same problem, in a way that manifests slightly differently. Specifically, the Nutrun weblog gives this response when I try to comment:

Invalid security code. Press your browsers back button and try again.

Every. Freakin’. Time.

This time, it’s a WordPress weblog that’s broken — and it is for the reasons illustrated here that I don’t use those character-recognition measures here. I don’t want to run the risk of preventing people from commenting due to technical issues.

All original content Copyright Chad Perrin: Distributed under the terms of the Open Works License