Time flies like an arrow…

I have a white ceramic flowerpot in my kitchen, fitted-out with a wooden T-bar that converts it into a “knock-bin” for coffee grounds and other organic, compostable waste. It was filled with a few days’ worth of waste – the tag ends of some lettuce, a bit of banana skin (etc) when I noticed a couple of Drosophila orbiting the bowl.

An old punchline flew through my mind:

time flies like an arrow; fruit flies like a banana.

…and the thought struck me:

has anyone every fully tested this hypothesis?


if so, what does a “time fly” look like?

Careful consideration of this matter led me to infer that a timefly is some sort of bluebottle – a robust insect, capable of time travel.

The reason that it has a blue arse as it travels away from you would be a form of Doppler effect, familiar to astronomers anywhere. Of course, astronomers everywhere will immediately point out that anything receding from you should be redshifted and not blueshifted as we observe.

It could be that, like quasars, the timefly emits gamma-rays which are redshifted into the blue – belying some form of nuclear power source – but I prefer the more elegant, alternative theory that we see their redshift as blueshift because they are traveling backwards in time.

Moreover: they are blue/redshifted because they are traveling at enormous velocity, but note well: they are traveling with enormous velocity, very very slowly.

This makes perfect sense if the time-space continuum is fractal in nature, because although we are bound by short distances, timeflies (being 4d-aware) may have to travel enormous distances – even parsecs – merely in order to move an inch or two. Consider the following famous fractal puzzle:


To move from bottom-left to top-right via either of the obvious routes in any of figures 1, 2 and 3 requires traversing the same distance, even though it appears that Fig 3’s route must be shortest as it closely approximates a hypotenuse.

Timeflies evidently suffer this challenge to an extreme – even to their detriment, having to traverse several billion kilometers in order to move an inch.

That’s enough to make anyone’s arse appear red. Or blue.

The next test, of course, is to poll the various archery clubs around the UK seeking archers who suffer from apparent infestation of bluebottles.

This should fill some otherwise idle weekends in the autumn, when I shall also of course be testing the ballistic properties of bananas, using high-speed photography.

Crypticide II: Passwords: there are too few of them.

Simply put: the problem with reusable passwords as a form of authentication is that there are too few of them.

This goes for all sorts of passwords in the modern day, not just Unix passwords; I find the latter particularly egregios for reasons that I will explain another time, but for the moment let’s speak about simple, short passwords.

The maths are easy: for example, if you have a 4-digit PIN code protecting an ATM card, there are 10,000 combinations, from 0000 through 9999; because there are ten digits and four fields to fill, the maths work out:

10 ^ 4 = 10,000 (“ten to the power of four”)

Following this, we can determine precisely the number of passwords that exist for any given authentication system.

The traditional Unix password algorithm accepts up to eight characters of 7-bit ASCII keyboard input; those characters which exceed 7 bits are stripped to fit. From the fact that passwords of eight characters or less, we have the following math, where there are n possible characters available to the typist:

1 + (the empty password)
n^1 + (all 1 character passwords)
n^2 + (all 2 character passwords)
n^3 + (…yadda…)
n^4 + (…yadda…)
n^5 + (…)
n^6 + (…)
n^7 + (…)
n^8 (…up to and including all 8 character passwords)

So: all we need do now is determine a value for n; this is debatable, but the basic count is easy:

26 uppercase letters: A-Z
26 lowercase letters: a-z
10 digits: 0-9
32 ASCII punctuation: !”#$%&'()*+,-./:;<=>?@[\]^_`{|}~

Making a basic total of 95 typeable characters; a long time ago I had a long discussion on USENET with the likes of Steve Bellovin and some others (alas apparently not archived on Google) regarding whether it was wise to include the likes of TAB and other control characters in the possible “typeable” password set.

The discussion was varied – and to be honest, politely inconclusive; TAB can be used to swap between input fields in GUI environments, Ctrl-A moves to the start-of-line in some likewise, Ctrl-H may or may not be interpreted as Backspace in raw line disciplines.

In short it’s a mess, so let’s stick to n = 95 and ignore internationalisation issues for the moment.


1+95^1+95^2+95^3+95^4+95^5+95^6+95^7+95^8 = 6,704,780,954,517,121

There are about 6.7 quadrillion “typeable” Unix passwords.

That’s not very many.

Really. Honestly. I mean it.

I’ll explain why, next thursday.

Bottle-Cap Tripod

Neat photo hardware hack; harder to do in metric Britain where you can’t easily source 1/4″ 20tpi Whitworth bolts anymore (unless you know a good ironmonger) but good, nonetheless. [www.jakeludington.com]


My friends Jim and Catrin are engaged! [found.pale.org]

“My, it was only a mere 16 years ago that he and I were getting drunk under tables, hacking computers and behaving like utter students…”

Developers == Metal, Security == Psychedelia?

Andrew mentions this Register-Article which he deftly summarises:

UK “accelerated learning” company recently did a survey of the contents of MP3 players owned by various types of IT professionals and found relationships between career niches and musical tastes. Microsoft weenies, apparently, are into shiny mainstream pop like Britney Spears and Dido, penguinheads are into “electro” like The Orb and Kraftwerk (and, I imagine, a lot of industrial/EBM bands the researchers haven’t heard of), developers are into metal (Megadeth, Iron Maiden and Slipknot), and the coolsie chat types who listen to The Smiths and Suede tend to congregate around database administration careers for some reason. Project managers are into Queen and the Rolling Stones, security wonks are into ’60s psychedelia (maybe it’s the beards or someting?), whereas, for the management, it’s all classical music. Nope, no stereotypes here.

I can agree with the tastes of the security folk, or at least those older than myself, particularly the American ones; me, I’ve never really appreciated any of Dead/Doors/Hendrix (which El Reg cites as favourites of Security Hackerdom) – but then most of the uber-security folk I work with are rather older than me.

thought for the day

one of these days, maryam abacha (sic) really is going to get an e-mail account; at which point nobody is going to believe her…


So I was in Slough yesterday, getting the motorbike’s 4000mi service, when these two beautiful Indian women walked into the shop, wearing full makeup, salwar kameez dresses and flowing scarves, strappy sandals, lots of gold jewelery and peals of bangles.

One then picked-up a broom, the other a mop, they systematically cleaned the floor of the motorcycle showroom, and walked-off elegantly, chatting with each other.

Perhaps I shouldn’t find this so surreal-seeming, but I do; even the mere idea of doing cleaning in such fine garb, astounds me.