Free at last!
This has been a long time coming, but I am soo proud to be American right now!
(Why? For not, this time, electing a President of whom it could fairly be said, “Although he was not dumber than an ox, he was not any smarter.”)
Many Linux distributions (and other software environments too) use package managers to facilitate the installation, upgrading and uninstallation of software packages
as needed. At least, that’s the idea.
Are package managers necessary? Well, no. One way of managing software is simply to install individual software programs/libraries as needed, and allow each item to handle its own updating or uninstallation (or even just leave that to the user to do manually). That’s pretty much how Windows handles things. It works OK if it isn’t crucial that your programs aren’t able to communicate with each other beyond basic, operating system level mechanisms like cut-and-paste. If your programs depend on each other, however, you’d be in trouble if you removed a piece of software that another piece depended on, or installed a piece without installing its dependencies, etc.
Linux distributions usually have many pieces of software that are inter-dependent. A package manager can keep track of those dependencies and can, for instance, inform a user about to uninstall a piece of software of which other packages will be affected by this. That’s important, because otherwise the user might accidentally disable something crucial.
Package managers can also make upgrading software, to take onboard the latest security patches, trivial, requiring only one or two commands in order to automatically upgrade all the packages on an entire system for which upgrades are available.
I haven’t investigated the historical origins of package management, so I can’t claim to know the original reason why package managers came to exist. But I can state from experience that package managers, when they work well, make life easier than it would otherwise be for system administrators running Linux systems with interdependent packages.
Package managers facilitate stability. Given the foregoing, this should come as no surprise. Yet in the context of many Linux distributions, stability means something more specific than the colloquial “reliable, consistent” sort of meaning that the term normally implies. Stability, in the context of these distributions, means “unchanging, except with regard to security”. One such distribution is Debian.
Through the magic of package managers, Debian maintainers maintain multiple packages of each original software item they want to make available to users. The reason for the multiple packages is normally to achieve stability. The stability is achieved by packaging a version of the original software that has been tested sufficiently to warrant confidence in its security: it is not known to compromise systems on which it runs (except in cases where it may do so by explicit design). This “stable” package is then offered to users for, typcially, many years, and is not altered in any way except if a security flaw is discovered in it. Only if a security is found will the package be modified: to patch the flaw.
Meanwhile, the maintainer will keep an eye on new versions of the original software. When the maintainer thinks a new version is worth packaging, she may package it as an “unstable” package to begin with, and then subsequently a “testing” package. If, as the release of a new version of Debian is approaching, the “testing” package meets sufficient criteria indicating its suitability for being regarded as “stable”, then it, too, is marked as “stable” for that new release of Debian, and is thereafter treated as described above.
As such, Debian may have multiple packages for the same piece of software: “stable” packages for current and old versions of Debian, and “unstable” and/or “testing” packages. Usually, each of these packages will be based upon a different version of the original software. In a hypothetical case, the “stable” package for the current Debian stable release might contain version 3.1 of the original software (perhaps with security patches, as described above); the previous Debian stable release might have packaged version 1.0 of the original software. The current “testing” version of Debian might package version 3.9 of the original software, and the “unstable” version of Debian might package version 4.2 of the original software.
Sometimes, stability lets you down.
My perception is that the greatest problems with the system of “stability” practised by Debian and other Linux communities arise when the upstream developer has not maintained the documentation for earlier versions of the software he has written. This leads to a disconnect between users reliant on package managemers and interested in dependability, and developers interested in making software that is faster, more fully featured, or otherwise different from the earlier versions of their software.
Here is my scenario. I have a server running Ubuntu 8.04 LTS: a “stable”, recent release of a Debian-based Linux distribution. I wish to install a security-related program called “psad” (short for “Port Scan Attack Detector) on that server. However, the stable package of psad for Ubuntu 8.04 turns out to house version 2.1 of psad. That wouldn’t bother me, except that… I can’t set it up!
The reason I’m having difficulty setting it up is that the documentation on installing psad refer not to version 2.1 but to version 2.1.4, which requires setting up differently to 2.1. The developer’s recommendation is that I upgrade to a more recent version, but two questions arise:
The how question has several possible answers. I could forego package management altogether for psad and install version 2.1.4 straight from the source code. But that would entail the problems outlined above: the problems package management solves. Alternatively, I could perhaps configure my server to attempt to use an “ubstable” or “testing” Ubuntu psad package in place of the stable one for 8.04.
But why? Why should I have to do this, if the “stable” package is good enough that it was chosen for “stable” release?
This is where the disconnect I alluded to above becomes apparent. Developers may not always explicitly deprecate their old code, but they nearly always do deprecate it anyway. The response of Michael Rash, the psad developer, was characteristic of this.
Yet as far as users of stable distributions are concerned, that same sofware - the oldish versions of the program - has not been deprecated: it’s still in the latest “stable” repositories.
There’s a contradiction here.
Unfortunately, it’s an unresolved contradiction, as far as I can tell. I encountered it previously with rkhunter, also a piece of security software I wanted to install onto a software running a “stable” version of Linux. In that case, it was even worse: the upstream developer had explicitly deprecated the version that was in the current (read: un-deprecated) “stable” package, and was entirely unwilling to support it.
Despite these problems, I’m still very grateful to - and have a lot of respect for - the developers and maintainers of the software I use (including the software I’ve mentioned above). Michael Rash’s software is innovative and free (in both senses of the word), and he was certainly under no formal obligation to reply to my queries. Furthermore, I have learned a good deal from reading his book. Equally, rkhunter *can* be a useful tool even if you aren’t using the very latest version of it, and the maintainers who answered my queries also did so voluntarily and courteously.
Yet the problem remains: when developers deprecate software that maintainers have not deprecated, users are left in the lurch with software they can’t use, can’t get much support for, or can’t find documetation for.
In some ways, I’m still very much a newcomer to the free software world. It’s only in the last 2-3 years that I’ve really begun feeding back to the communities whose tools I use, and I have not become a developer or maintainer myself. As such, I’m not yet in a position to implement change to, say, Debian’s release policy.
Yet, I do have some ideas for solving the problem I’ve outlined in this piece:
One of my colleagues from the library has a bike that is significantly more awesome than mine (though less portable).
I’m not a dad, but if I were, I’d want to do the school run with this thing:
Apparently, the kids love it too 
For some time, I’ve been relying upon SendMeRss to deliver RSS feeds to my inbox. It worked well, and I was happy.
A few days ago, it stopped working with no warning. The website through which I managed my subscriptions is down.
A quick web search reveals that the service’s owners severed ties with the service’s maintainer in June.
I think the federated, feed-based Web may well lead to regular users spending a certain amount of their time recovering from the entire failure of services they had come to depend on - just as I will be doing in this case.
That said, given that SendMeRss had been bought by NBC Universal, and given that I own a copy of Yanqui U.X.O., I shouldn’t have trusted the service even the little bit that I did.
The more I use Vim keybindings, the more I like them. I’d like to use them in more applications. At the moment, I’m using Google Chrome especially often. Does anyone know if there is a plugin - or settings tweak - to give Vi or Vim keybindings to Chrome, the way there is for Firefox?
Andrew “Magnus” Granath (or is it Magnus “Andrew” Granath?), my old history teacher and one of the few staff who earned my respect* at my old secondary school, has published a book about the practical ramifications of British society’s pursuit of happiness. It has received very positive reviews and looks entertaining and informative. Here’s a suitably provocative quote:
In 1776, Thomas Jefferson, the author of the American Declaration of Independence, told us that all of mankind have an inalienable right to the pursuit of happiness…
On the whole, it is probably most useful to look upon Jefferson as a shameless, opportunistic scoundrel rather than an elevated liberal intellectual.
Despite this minor, but rather awkward, diversion it is undeniable that Jefferson was chief among those who, in the second half of the eighteenth century, watered the tree of liberty and infected Western Europe and the Americas with the idea that we all have an inalienable right to fulfilment in our lives.
So many interesting books to read, so little time to read them in. I hope those gerontologists are right.
*Several of the other members of staff earned my lasting contempt. Notable incidents included: the Head of Biology telling his pupils to think less; a physics teacher punishing a girl for wearing tinsel in her hair on the last day of school before the Christmas holidays, because it was “not in school colours”; an English teacher who told me that a poem I wrote wasn’t a poem because it didn’t rhyme; a maths teacher who refused to accept that any perpendicular to a globe is parallel to an infinite number of tangents to the same globe…
My attempt to write as though I were headlines editor for The Sun notwithstanding, I have had an interesting evening.
I saw Ben Goldacre give a talk at the Babbage Lecture Theatre. By following his column on and off for years, and more recently his blog, I’ve come to respect him a good deal. Moreover, several discerning friends of mine saw him at the RI and recommended him highly, so I did not want to miss him.
The Babbage was packed. There were folks sitting on the stairs because all the seats were taken. Goldacre was introduced to the audience by David Spiegelhalter, who commented that the last talk he’d been to at the Babbage hadn’t been so well attended, and that the speaker on that occasion had been the Archbishop of Canterbury. Perhaps that puts Goldacre in the same class as The Beatles, at least locally.
In my notes, which follow, I have striven to condense Goldacre’s talk into a concise enough form for me to type it into my PDA. Here’s the inevitable disclaimer: I have paraphrased Goldacre, and I though I have tried not to misrepresent his views, it is possible that I might have erred. Please bear that in mind: these are my raw notes, not a word-for-word transcript of Ben’s talk.
- Coverage.
– Wacky stories. Commisioned via mailing lists. Goldacre volunteered once, but then declined. E.g. “Jessica Alba has the perfect wiggle”; “All men will have big willies” (this especially silly, but received wide coverage); “Formula for the most depressing day of the year” (this one sponsored by Sky Travel); many other ‘formulas’. Newspaper editors wrestle with their science writers over this. PR companies strongarm the editors; editors strongarm the journos. But sometimes its direct: each time a product gets mentioned in a national paper, the sponsor sends the commisionee a cheque - even if the coverage was negative about the original story (e.g. If Ben covers it)!
–Miracle cures & sinister hidden scares. Short hist. Of medicine: rubbish b4 1930s. Great progress from ’30s to ’70s: lots of new drugs that worked, ICUs, CPR, inside-body scanners, artificial lungs, etc. All these ‘miracle cures’ developed during this period. But also during this period, many hidden dangers discovered too: tobacco’s carcinogenic effects, for instance. Since then, rate of revolutionary change has slowed. But media still stuck in 30s-70s mindset: miracles on one hand & hidden dangers on other. Also obsessed w/commodification of health. Yet when genuine studies cover this sort of thing, media doesn’t report, because the stories haven’t been pushed on them. In fact, it turns out one of the biggest “miracles” in modern medicine is the placebo effect, but because this doesn’t fit the media’s template of miracle substances, etc, it doesn’t get covered. Another problem is that science is covered as a series of breakthroughs rather than a long, slow process. This means that newspapers more likely to report ‘maverick’ science stories, which are more likely to be wrong.
–Risk data. Papers always use Relative Risk Increases - “you’re now a third less likely to get cancer”. A third less than what?
–Made up figures. “Cannabis is now 25 times stronger” (Independent 2007). Nonsense: we have measurements, and the claim doesn’t fit the data. This is really about people inventing data to underpin an agenda, such as an anti-drug agenda. Another example: MRSA “growing on the doorknob of the department of health.” Reported by Sun as “The UK’s top MRSA expert” - actually had no microbiology training, and couldn’t provide his samples. Turned out to be making the ‘experiments’ in his Garden shed. Yet Evening Standard, who had reported the story, nonetheless defended the story.
–How it is covered. E.g.: generalists not specialists chosen to write pieces; ‘authority figures’ preferred over evidence. Science as gossip rather than evidence-based assertions. But media’s choices of authority figures often dubious (e.g. Gillian McKeith, PhD - or to give her her full title, Gillian McKeith). What’s wrong with, say, authority figures in nutrition? (1) They portray food as the ultimate arbiter of health (it isn’t: the Multiple Risk Factor Intervention Project demonstrates this). (Incidentally, I’m going to offer t-shirts that say, “I think you’ll find it’s a bit more complicated than that.” & run competitions where people take pictures of themselves wearing them next to people wearing t-shirts with other political slogans. Hm, have I been talking for a long time? (Audience: yes.) Should I stop? (A: no.) Right then, so that’s the introduction finished! (A: laughter & applause.) (2) Extrapolating from lab or observational results to clinical ones. E.g. Patrick Holford: “AZT, the first prescribable anti-HIV drug, is potentially harmful, and proving less effective than Vitamin C.” This fails my AIDS test: say something silly about AIDS, and you’re an idiot. Turns out this was based not on a randomised clinical trial, but rather on a small test-tube trial.
—MMR/autism hoax. The big one. (Shows photo of Andrew Wakefield w/Dixie Chick.) Notice: Andrew Wakefield is at an opulent party in this photo. He’s privileged. Incidentally, given I support the Dixie Chicks’ anti-war, liberal stance, I’m disappointed they backed the hoax. Whenever liberal politics approach science, they tend to make conspiracy theories instead of informed critiques. Back to Wakefield. He made £500k consulting against MMR, & this disappointing ad hominem issue is why the story has been dropped from the media. But the truth is the money probably didn’t affect much. Newspapers should have investigated story better & that should have been the end of it. In fact, Leo Blair (Tony & Cherie Blair’s son) was a bigger factor in the story than Wakefield: Blairs wouldn’t divulge whether or not they had given him the vaccine, claiming it was a privacy issue (despite Cherie having described the shag that produced Leo, in her autobiography!). Leo Blair issue covered by generalists. Much unpublished (i.e. not peer-reviewed) research was quoted by papers, despite the fact that two accredited research papers were published on the same topic at the same time. These research papers comprehensively refuted the MMR-autism link.
There’s no sign this sort of thing is going to stop any time soon, which means I’ll never be out of a job!
Q&A
Q: What practical steps can you take to improve coverage of sci. In media?
A: Write to them or work for them. Ensure your press releases are clear & accurate; don’t use Relative Risk Indicators - use Natural Frequency Indicators. Blog about these issues. Make sure your homepage gives a concise account of what you research is - an intelligent 9-yr old should be able to follow it.
Q: How often do you get sued?
A: Only once so far, by a European vitamin salesman who took out ads in S.Africa advertising his tablets as a better cure for AIDS than anti-retrovirals. Other people have issued legal threats, e.g. Patrick Holford. But they haven’t been able to back them up.
Q: Are professers for the public understanding of science good value? Should we have more of them?
A: Well, some are, but they aren’t always. There’s a need for good communication about science, and professional scientists - and professional communications generalists - often aren’t sufficient. But I’d prefer to see scientists encouraged to spend a part of their time on promoting public understanding of their work, and supported in actually doing this effectively and not just in stupid childish ways, as all too often happens.
After the lecture, people queued up to speak to Goldacre and have him sign copies of his book. I don’t have a copy of his book, but I asked him to sign a piece of paper instead, which I could paste into the book when I got a copy, and posed to him a question along these lines: “In your professional opinion, would it be better to disabuse my mother, who uses homoeopathic remedies and Patrick Holford nutritional supplements, of her conviction that they are efficacious, or would it be better to let her reap the benefits of the placebo effect?” He replied that I should give her a copy of his book.
I pointed out that this suggested he had plumped for the first option. His response was that “There’s some evidence that the placebo effect survives even if you know that’s all it is.”
I reflected upon this on the way home. It sounds like the best of both worlds, doesn’t it? To know something doesn’t have any mechanism for helping you, but to take it anyway and to know that it might help you regardless. That’s having your cake and eating it.
Of course, giving her a copy of the book would also mean another sale for Goldacre. Following, like a good sceptic, Cicero’s question Cui bono?, it seemed worth investigating Goldacre’s last assertion to me a little further than simply taking it on trust. A quick web search revealed that Goldacre’s blog gets some of the highest results for searches about these topics. This post of his gives an example of the research he mentioned. But that example is from 1965, and it’s only one study, and it had a small sample size (15 patients). I’d want more evidence before I’d be entirely convinced that the placebo effect survives the knowledge that the medicament in fact possesses no specific medicinal qualities. Consequently, I am looking for more evidence. If I get it, I will buy Goldacre’s book for my mother. If not, well, I might buy it anyway, because it promises to be entertaining, and because it fits well with what I might as well call my creed, even though it’s a line from a Rage Against The Machine song:
If ignorance is bliss,
Then knock the smile off my face.
“What,” I sometimes ask myself, “Is the most concise demonstration of what science is and what it is about?”
I haven’t found a better answer to this than a demonstration given by Osborne Reynolds in his 1902 Rede Lecture, On an inversion of ideas as to the structure of the Universe, of the phenomenon known as Reynolds’ dilatancy. The demonstration is described in a recent work on soil and geotechnics (Schofield, 2005: 32-3) thus:
Reynolds … demonstrated dilation with two rubber balloons, each full of coloured water that his audience saw standing in a tube above each balloon. One balloon contained only water. The other contained a dense aggregate of small solid grains with water in the voids. He squeezed each balloon in turn. The audience saw water rise in the tube from the water-filled balloon but, when he squeezed the balloon that held the grains, they saw with surprise that, although he squeezed the balloon, the water moved down the tube…
Maybe this video will explain it better. Watch the segment beginning at 0:53.
Yep, you squeeze the balloon, and water goes in.
I’m not going to explain here how that happens. But the point is, it defies expectation. Even with simple apparatus that everyone’s familiar with: a balloon, some water, a pipe, some sand and some string, it’s possible to show that our preconceptions even about such familiar items can be dramatically wrong, and that there’s far more to nature than those preconceptions suggest.
Science is about investigating what that “more” is, and it’s about doing so in a way that acknowledges that nature has the final word.
This leads me rather neatly on to my next post, which will be about someone who writes about “bad science”: stuff that masquerades as science.
References
Is there a difference between a scientific experiment and a scientific demonstration? I’d say there is, and that it lies in the degree of certainty the practitioner has about the outcome. If the practitioner is confident she knows what the outcome of the activity will be, then she is performing a demonstration. Even if it fails to do as she predicted, it was still a demonstration.
If, on the other hand, she performs an activity having made a prediction about its outcome that she doesn’t feel entirely confident about, then she is performing an experiment.
But what about the grey area between the two extremes of complete confidence in the outcome and no claim of certainty about the outcome? I’m not yet sure how I’d classify that, but I think it’s probably reasonable to say that with any degree of confidence in the outcome, on the part of the practitioner, the activity should be classed as a demonstration.
Hmm, I haven’t made up my mind about any of this.
I don’t like funerals. I’m stoic about many things, but not death.
Several relatives of mine died last year. During one sorrowful period, I lost four relatives in as many weeks. A number of public figures I admired passed away too, around the same time.
The tally’s been lower so far this year - one relative to illness, and a friend to suicide - but every time someone I care about goes away, I never quite get used to it.
I’ve spent a lot of happy, noisy, delicious Christmases with my cousin Richard Kuper and his phenomenal family. When I learned that his wife, Irene, was being treated in hospital, I trusted she’d still be around for a good while yet. She’d had a chronic illness that she didn’t let get in her way, and I expected that with the benefit of the treatment she was going to have, there’d be fewer problems for her to deal with, and she’d be more energetic than ever.
It didn’t work out that way. The imaginary world of the future parted from the stark reality of the present, like two roads diverging in a yellow wood.
I wasn’t the only one who was shocked at her death. There were too many people at her funeral - held, appropriately, at the Golders Green crematorium, a place used to conscientious rebels - to fit into the chapel. It all happened too suddenly. I couldn’t believe that was her in the reed coffin (like a moses basket, I thought, as if to remind us of her youthfulness): it was too small for her huge personality. I didn’t even have a chance to visit her in hospital. There were still things I wanted to learn from her. There was an old lady her children were looking forward to seeing her become: still self-confident, motivated and defiant, but taking some time for herself for a change.
I’ve heard it said, “If you want God to laugh, tell him your plans.”
Frank’s song for Lexy dredged this all up in my mind again. One family friend has just had a mastectomy for breast cancer. A dear cousin of mine is struggling with a brain tumour on the other side of the world. I have other friends and relatives who are elderly or in poor health, whom I want to spend more time with; to know better than I do.
I like solving problems. What keeps me going is the conviction that many difficulties I perceive in the world are solvable or preventable, and that I can help ameliorate them. But some problems may be intractable. Is preventing the death of a loved one something which, like achieving flight, our species will eventually master? Some gerontologists think so.
But this doesn’t solve my problem: I still can’t talk to Irene again.
I don’t dance often, but when I do, I’ll try to follow Lexy’s advice, and dance for Irene too. But when I think about the things Irene was interested in, which I do often, I’ll do my best to think for her too: to ask myself what her take on things would have been. This, this stepping into other people’s minds, is how I always try to memorialise the people in my life I have lost, and the more I do it, the more I’ll learn from them that I couldn’t learn from them directly.
At least, that’s my plan.
–
Donations in Irene’s memory should go to the British Shalom-Salaam Trust.
Dancing the conceptual kerfuffle shuffle…
Graphic design by
Tina.