Advertisement and no-WFH

Recently publicized a promotional video featuring ppl like Mark Zuckerberg of Facebook and Bill Gates of Micro$oft saying American schools should teach programming more.


I don’t like it.


I don’t think programming is for everyone and that more programming is for social good or scientific advancement. It lowers cost of labor for all those people in the Advertisement, but it isn’t as good as it sounds.


As a person who completed a CS degree, I feel that computer language can be made much better so that there won’t be a “computer programming”


The day that I tried to teach my dad to program a for-loop in C and he turned around and teased me about forgetting the closed form expression for arithmetic series was the first time that I thought about how stupid this stuff I do is. It was the expression on my dad’s face… I remember it vividly… For it was then that I realize that I did not comprehend the sheer vulgarity of

for(int x=0;x<100;++x);

so primitive, so stupid.

The next time is when I read about Map-Reduce–sooo freaking cool. I think tomorrow I will find another way to think, another way to say, and another way to program.


I want to make a better programming language. a better computer. That would be better than community colleges teaching Fortran IMHO


Oh, and p.s.

I think Yahoo!’s new no-policy is nice. I think is real progress for protection of civil liberty in America. Technology companies insists on ownership and monitoring of its employees while working, and admittedly justified to do so. Therefore when Marissa Mayers decided to cancel all WFH, she made a call that will end monitoring of employees’ home networks–because if you don’t work from home, the company will have no cause to instrument any kind of monitoring of your home network.

I think this is a really forward thinking technology leader who care about her employees. I am buying myself some Yahoo! stocks in support of this bold move.

The Ethical Hiearchy III

Recall, from last time, this illustration of the Ethics Hierarchy overlaying capability sets in the space of all transitive actions:

gold versus silver 1

I should simplify terminology. The set labeled “Things I want” are “my desires”, “things Jesus wants me to do” is the Jesus way, “Things Confucius wants me to do” the Confucian way, “Things I can do” are “my strengths” and “Things can be done to me” are “my weaknesses”.


I should also like to begin referring to what I have been calling the Ethics Hierarchy as the Moral Hierarchy. My own postings exhibit cultural bias. I include more from eastern culture than western culture. Some comments I have received indicate that there are others out there who have looked at culture/art/literature comparisons with the opposite bias. The fact of matter is, this Moral Hierarchy itself does not imply absolute superiority of any kind. Relatively speaking, one is larger, contains more transitive actions, than the other, but bigger is not necessarily better. In fact, it is one of my hopes to understand how they are different. Reasonably speaking, I should not expect to find that one is superior to the other–quite the opposite, I feel that exhaustive investigation of this subject will reveal to us more about the way the world, humans, and our society are than about the rights and wrongs within their contexts. Because morals have cultural biases and ethics is the philosophical study of morals, I may switch back to Ethics Hierarchy when I wish to emphasize that I am trying to be objective.


Therefore, to continue, let us be fair, what is drawn are idealized sets and intersections. The Jesus way is actually one of many allowed sets of actions that has an inner-bound restriction of being bigger than the my desires. Under this prescription alone, one can do everything in the universe and still not violate the Golden rule. The Confucius set, similarly is one of many possible sets fully contained in my wants set. The Silver rule has a maximum outer bound, one can only do things within my wants. Under silver rule, one cannot do everything in the world.


Some extreme examples might be, for instance, a person that goes around slaughtering each person with a knife is allowed under one interpretation of the Jesus way, as long as he also does everything that he wants for that person. This can be quite arbitrary, say, the perpetrator wants to be fed carrot cake, then he feed everyone carrot cake and then knifes them. What’s worse is if the person is masochist, then he is forced to act as sadomasochist. If he wants to be fed carrot cake and knifed, then Jesus way requires that he _must_ both feed everyone carrot cake and knife them.


On the other extreme, suppose one tries to follow Taoist suggestion to do nothing, it easily fall within Confucian way without regard to the size of my desires. While the only way for a person to do only nothing under the Jesus way is for him to want nothing. This is impossible because follower of the ways of Jesus at least want to enter heaven, so trivially Jesus way is never empty and prevents follower from doing nothing.


It’s interesting to think of the possibilities. Let’s look at just the Confucian way. Set D is outside of my strengths, and it is outside of my weaknesses, however, because I desire it, it is within the Confucian way. Set A are things I desire, within my strength to do and outside of my weakness to receive. These are the things that I can only give and will never receive in kind. On the opposite end, set C are within my desires and weaknesses but not within my strengths. O is the set of my opportunities–these are the things I want but am not yet capable of receiving. Set B is a sweet spot. Here, not only are we within the ways of both Confucius and Jesus, we also desire to do so. This is a region to maximize, if we had the choice to do so.


gold versus silver 3


It should be pointed out that zone B contains only actions that we can reciprocate when receiving and receive reciprocation when giving–in kind–in other words, an eye for an eye, a tooth for a tooth zone.


Zone U in this graph points out an area of the an-eye-for-an-eye-a-tooth-for-a-tooth zone that is outside of my own desire and therefore not recommended by either Confucius, but is allowable by the Jesus way.


Let’s backtrack and admire the an-eye-for-an-eye-a-tooth-for-a-tooth zone T in its full glory


gold versus silver 2


Wow! It does exists!

With Higher Knowledge Come Higher Responsibility

The other day, at work, (and by now you know I work for a Japanese Automotive Electronics company), we talked about autonomous cars for consumes. Since everyone is either technology freak or car freak the discussion was pretty intense.


I explained to every one the ethical issue surrounding autonomous cars that may be not be completely resolved or resolvable by technology.


The matter is this: an autonomous car will with absolute certainty be faced with a situation where it has to choose between two actions each will be killing a different person. Suppose two person suddenly dash in front of the car to the left and to the right, and suppose that the car is moving too fast to stop. it can veer to avoid one person with certainty. But which will it choose?


Another scenario: the car can brake very hard and avoid killing a pedestrian, but in the process it will have killed the passenger because the car is mechanically able to endure much higher de-acceleration than its occupants.


The legal problem also, if I configure the car, or if some car company configure the car to always protect its owner (rational), that I the owner, the designer, the manufacturer is then liable to be sued for killing people?


“But your honor, the car swerved!! I had nothing to do with it”


Okay, so the people who want autonomous cars (myself partially included), will say that with better equipment, high-speed video/audio recording and black-boxes, there might be far fewer arguments about who was responsible for accidents. But there are some things in our current law that are absolute. If a car hits a person inside the cross walk, the car is always responsible. If the car is rear-ended the car in arrear will be responsible. What will happen to these absolute laws that are in many circumstances unreasonable but serve to protect the safety of the population?


And finally, even if, and I believe it will, autonomous vehicles reduce death to 1% or less of today’s vehicle related death rate, that 1% where two person dash in front of the car, and the car has to choose, what then? Why is this so hard?


One of the big problems is informed decision is hard. The car, given today’s technology, machine learning technology for object detection, vision algorithms, radar, laser range scanner, eeg/ekg, EMR technologies can pretty reliably detect with plenty of time to choose which one to save, that there are two person dashing infront of the car one to the left, one to the right, velocity, estimated trajectory, mass, the certainty of these estimate and the margins of error (where else could each person likely be by the time we collide, etc.)

The reason human get away with killing in this situation is that we do not have the speed and ability. It is beyond our control–until we programmed a computer to do it, and then we are suddenly faced with choice that we never had to make before: kill left, kill right or maim both? or risk killing both? or kill myself to completely avoid  their injury?

Hmm, let’s see, What would Confucius allow? What would Jesus insist? Well, I don’t want to be killed, so don’t kill other people. I would want other people to save me so I would want to brake an save both crazy people. Hmm, I guess it really depends on the person’s desire. One would say a more moral person may not wish for another moral entity to suffer in exchange for his own sake, as well to exchange another’s life for his own. But by and large most people would ask the car to save himself no matter which place he is in.

The moral problem arise in that we are not in any of those three situations. We are in the autonomous car’s designer’s shoes. We are in Asimov’s shoes. What should we write as the laws of autonomous vehicles? When we know that at some point, the car will know almost certainly that it must kill/damage/disrupt someone/thing, and knows exactly which wire to send electric signal down to to choose which person. What should we tell the car to do?

Because soon the car will be looking at that scenario in slow-mo… with 10ms to decide and then 250ms seconds to turn the steering wheel left or right and apply brakes.

So, as you can see, the mere knowledge of morality and capability to choose encumber us with the responsibility of behaving morally. Because I know it’s wrong, I must not do wrong. Another person may think that the root of this evil is the fact that I know of this moral dilemma and that I have gained the speed to travel fast or gained the speed to determine people’s fate.

I wonder if the are right that those things are works of devil and that the absolute best moral thing to do is just to stay away from them? I should consider this carefully. What if I find that it is wrong for me to live? or wrong for me to blog about morality? What if it is found that internet is not moral? or god forbid that it is immoral to have stereo audio in cars? Because I already of the ability to terminate any one of them–at least for myself.





I can accept an argument that placing one’s self into a situation where there is no moral choice is immoral. The autonomous car makers will insist that car drive carefully so that it will never be faced with 2 people in said situation. But somehow, science, technology–human inquiry–may find a way to inform us that that is just delusional, that it is provably impossible to avoid crazy human. 😉 back to square-one I suppose.



Chinese Hackers

A carefully choreographed expose by a US security company Mandiant on Chinese military unit 61398 hacking critical US infrastructure hit the news recently

will refrain from writing about how clean the screen capture of remote login sessions of alleged Chines intruders experiment on US computers. I mean, without inflammatory audio, you’d think you were watching a prepared screen-cast of some installation instructions of some software. too clean, too easy to be fake.

I will refrain from writing about how it is unbelievable that the US, inventor and creator of all this technology. All those smart people recruited by Microsoft with money$$$, all those smart people who invented and wrote unixes, the super smart people who work on these best cryptographic algorithms, all those insanely sharp folks who do core networking infrastructure, who have Ph.D.’s and patents and all the fame and much money of the world, all those smart friends of mine who are so insanely intelligent and agile in thinking and comprehensive in technical knowledge–all those people, things, designs which is property of the USA fail to beat “military intelligence” of Chinese origin.

I just cannot believe this. Is there a punch line to this?[[[UPDATE: actually, there is. the punch line was a news drop two days later admitting that they only caught the low-end of Chinese hacking that there are more advanced hackers. Undoubtedly this is a call for blood of Chinese Americans. It is a call for racism and unsupervised pervasive monitoring of all people of Chinese origin. I am of Chinese origin and I know racism when I see it. As a Chinese American I feel threatened. I feel insecure. I feel that there eyes watching me every moment of my life with all neurons firing thinking of all the bad intents I have for America or my company or the economy or “critical infrastructures”]]]

Seriously. if this was real, it would have been from pride of design and ownership. I am sure all those people involved in the design and implementation of compromised systems also had this feeling of invincible American computer technology. For god sakes! it was invented here, designed here, and for the most part implemented on the USA proper.

I just cannot believe this story.

At best, given my current knowledge and believes, this story is a thorough fabrication. And it is not as hard as faking moon landing. I can probably do it, and if I can’t the coworkers who has actually done a remote desktop on MS window server can surely arrange for this to happen. (okay, okay, I didn’t actually go and download the md5 section of the report, perhaps it gives evidence that the session were really from China, I don’t see how tho.)

I will also refrain from writing about the lack of properly trained security professionals in the US. There some professional training in computer security, for example by the SCPD(, certainly one can obtain a PhD in computer security from the likes of CMU or MIT or Berkley.  I think a better story would have been: Those companies/critical infrastructure not guarded by trained professionals were compromised, but those that were guarded by trained experts were safe. If it was fake–and I think it was–Generating a large unknown enemy creates uncertainty that may crash the stock market or ruin the economy where as spreading positive message about serious organized effort promotes solidarity and confidence.

I will also refrain from writing about the main motivation for creating such stories: If China, a military state is doing all this shit to America then we need give more power to the US military to respond, to defend–it is a call for increase in defense budget. It is a call for even more powerful version of the de facto at-will monitoring policy–to mandatory monitoring policy.

I will also refrain from mentioning illegality of entrapment. given the amount of monitoring and manipulation of network that occur at my work place where I am there in person, and you know what I’m talking about, you will surely be giggling at this story about remote intrusion–it is impossible unless somebody not only opened/installed/designed the security holes and then leaked it to the Chinese.

crap! crap! this is total crap!

Also, wtf is up with China? Why not respond, in addition to “We don’t hack” with “And we will investigate this certain unit 61398” ? The civilian government(who is trying to strength Sino-US relationship and building the “Made In China” brand) should have the curiosity about this fact if it was happening autonomously. Would it not be better for it to discover a corrupt unit of the military and punish them? The Chinese loves reform and publication of corruption, it would make story that the US will have to respond to.

Alas, I am not the screen writer for the world of international hackery show.

Oh, hehehe, if the Chinese police show up at that building, surround it with choppers and tanks only to find a bunch of teenager subcontractors clicking on google ads. hahahahha and it gets caught on cell phone video and is leaked to youtube.. that would be a real hoot! hahahah the irony.

The problem with Transitivity II–Unfixing Trivalency

Looking at my old blog entries, I think there is a problem with our earlier attempt at addressing tri-transitivity and higher order valences. The problem actually points to a larger issue. Let us try an extended example of trivalency

I am giving you a slave named Tom.

Subject: I

Object: you

Object being done with: A slave named Tom

Thinking of ethical issues: My giving a slave may be considered wrong and you allowing a slave to be given to you my be considered immoral. But ultimately, that Tom is a slave is perhaps something not ethical in and of himself. What about

I am giving you a slave named Tom to keep you alive from being quadriplegic and demented.

This seem to make me a good person and give you just cause to require full time service of a devoted person. Is this act allowable? I would if I followed Jesus’s way, and I could if I followed Confucian way.

What about the veil of innocence, how come it isn’t compatible here? at first glance, it seems that it should, what if you were Tom and you were being given. You would then choose not to give tom as slave right? But in Bi-transitive Action Space, let’s call it BTAS for short, we have no way of evaluating that, you are either subject or object, there is no third position.

The reasoning here, therefore, must extend analysis of Tri-Transitive Action Space, TTAS, and other higher valencies, HTAS’s,  to analyze the TAS itself for inclusion and usage of ethical entities that are considered of same importance as the subject and objects of TAS analysis.

* Giving a person as slave is unethical.

* Using a person as a slave is unethical.

* Being used as a slave is unethical.

The first two come from a traditional ethical systems. One cannot use another ethical entity in a subjugated manor, and one should not force an ethical entity into such a position. But what about the third, that seems a little stranger, allowing oneself to be enslaved is an unethical act. Certainly an ethical entity may be able to enslave another and should do that instead of being enslaved. Alas, these problems are indeed at the heart of concerns driving these current carpal tunnel stiffened hands into worse states than they are in already. At least, our action space needs to give us the ability to consider the third ethical entity.

Let us be more specific about BTAS as well, it is really very easy to include HTAS inside BTAS. So we need a class of TAS that include exclusively Bi-transitive verbs where the verb themselves do not use or influence any other entities affecting ethical value. This class of actions we shall refer to as Full-Bi-Transitive Action Space, or FBTAS(ef-bee-taz) for short. And similarly FTTAS for tri-transitive verbs with clearly distinguishable subject, object, and third thing which the action uses and affects evaluations of ethical nature.

I fear soon we will run out of letters and theory synonyms as we look into this matter deeply. I am driven to think of another way to think about this issue… Naming a new space for different situations is too troublesome and impractical.

IG and the Quantification of Privacy

A while back, I talked about computing IG–information gain–by clandestine methods via an otherwise secret(personal) email. I will point to some other prior blogs entries about what can we reasonably consider private and some reasons why I think it’s bad (Because it removes competition….

The basic challenge is this: If your competitor can spy on what you do (unilaterally) then they will never be motivated to innovate. Their key strength will be their ability to hack your secrets and they will work hard on that, but not on how to build a better product or cure a disease or solve a new problem. If you can both spy on each other with perfect information then there is no need to innovate, just calculate the equilibrium and aim for that. If you can disinform your opponent then all your effort will go into disinformation instead of innovation. Basically it is much easier to do something sneaky and cheat than to do the right thing and innovate. This is why the government, a non-competing body whose interest is to make sure everyone compete (at least in America government this is the case), should provide for information security.


I realize in retrospect that IG may not make sense to most people based on the formulation I laid out. Let’s review. IG is the change in entropy from a state without additional knowledge to a state with knowledge

IG = H(secret) – H(secret | private email)

This measurement seem to be of a quite abstract concept of entropy–a unitless measurement. Why would I think this useful for any reason other than that it is called “Information Gain?” Well truth be told, what I had in mind was more of the IG from machine learning literature: Class purity after conditioning on some private information. It is actually used more as a measurement of correctness of predicting discrete output than abstract change in entropy of distribution after conditioning. I will refer reader to these excellent introductory books regarding “classification” algorithms.

… Some days passes and the books will hopefully have arrived on your desks…

So the example is if my secret is the probability that I will have Chinese food tonight. Let’s throw in several more classes, say Italian, Mexican cover 99.9% of all possibilities. This probability may be internal to me. Or it may be an externalizable model like I will toss a three-sided die and figure out what I will eat tonight.

Actually, this system forces us to think of a new class. I will call this new class the innovation class. It covers all cases where something new might happen, such as tonight when I went off on a tangent and forgot to eat dinner completely. Or I might be abducted by Aliens for demanding privacy, Japanese paramilitary for blogging, or God for thinking all these awful things. The fact is, I do not know what will happen, but what I do know is that things I don’t know will happen. So the class is called IC, Innovation Class–now we have a 4 sided die: Chinese, Mexican, Italian, IC; Let’s write naively that the probability for each class is:

Chinese Mexican Italian IC
33% 33% 33% 1%

The formula for the entropy of these classes is written as:

-H(Dinner)= p(Chinese) * log(p(Chinese)) + p(Mexican) * log(p(Mexican)) + p(Italian) * log(p(Italian)) + p(IC)*log(p(IC))

the above evaluates to almost the maximum possible entropy in three-class situation: H(Dinner)= 1.6499060116098556

that’s it. that’s the formula for calculating entropy that we will use repeatedly. Now, suppose that you have read my email to my wife saying “oh man, look at this great deal on groupon, 50% off on Indian food right near our home” What is the right thing to think about the distribution of my dinner?


Indian food is not Chinese or Mexican or Italian, but we have thought of that and put in IC to account for it.

Chinese Mexican Italian IC
10% 10% 10% 70%

-H(Dinner|private email to wife) = p(Chinese|private email to wife) * log(p(Chinese|private email to wife)) + p(Mexican|private email to wife) * log(p(Mexican|private email to wife)) + p(Italian|private email to wife) * log(p(Italian|private email to wife)) + p(IC|private email to wife)*log(p(IC|private email to wife))

gives us the conditional entropy of probability of dinner after reading my private email. This entropy H(Dinner|private email to wife)=0.09596342477405478

IG(Dinner; private email to wife) = H(Dinner) – H(Dinner|private email to wife) = 1.6499060116098556-0.09596342477405478=1.5539425868358008. This corresponds to an IGR of 1619.31%, that is, 15X more information after you saw the email than before.


Great! so now we know how much information is gained by reading that one private email of mine. This number, I think quantifies my loss of privacy.


Btw, this innocent example contain some hand waving. H(Dinner) for example is something that we may or may not know. Most people have trouble writing down a distribution for dinner choices. also, P(Dinner|private email to wife) here written as a table contain assumed values. What if after reading my private email you feel that P(IC)=85%? Who is to say what the reality of this probability is? This is why I felt that this model will not make to main stream legal system because the link between private email and the actual secret itself is not so obvious. You might use naive Bayes as the definitive of reality (refer to chapter in books or wiki), logistic regression, decision trees, or you might use something else… You may even use a distributions system like SVM or god forbid rule based systems…

If you understand this computation above, then it will be easy for you to understand the continuous version. Let dinner be a continuous variable, we can still write the same expression

IG(Dinner; private email to wife) = H(Dinner) – H(Dinner|private email to wife)

and it would have the same meaning. How far are we from the truth. This idea, btw, is indeed partially inspired by the name Information Gain, which also goes by Kullback-Leibler divergence when computed over distributions. The above formation exactly with the exception that “private email to wife” is a distribution, say, perhaps, my emails are generated randomly.

KL( Dinner|private email || Dinner )

But KL divergence does point us to some other interesting characterizations. Divergence–distance without some properties of distance. Namely that it is not a metric distance:

* Nonnegative dl(x,y)>=0:  yes

* Indiscernability: dl(x,y)=0 iff x==y: yes

* Symmetric dl(x,y)==dl(y,x): NO

* Triangle inequality dl(x,y)+dl(y,z) >= dl(x,z): NO

This has some serious implications regarding this formulation of privacy. Somethings that we naturally think should make sense do not.

Let’s say I have two emails, e1 and e2, and let’s say dinner is still the subject of intense TLA investigation:

KL(d;e1) + KL(d;e2) != KL(d;e1,e2)

All private information must be considered together, because considering them separately would yield inconsistent measurement of privacy loss

Let’s say there’re two secrets, d1 is my dinner choose and d2 is my wife’s dinner choose

KL(d1;e1,e2) + KL(d2;e1,e2) != KL(d1,d2; e1,e2)

All secrets must be computed together, because computing IG separately and adding is not equal to the total information gain.

Let’s say we have an intermediate decision called Mode of Transportation (mt), and it is a secret just like my dinner choice.

KL(mt;e1,e2) + KL(d ; mt) != KL(d; e1,e 2)

The intermediate secret can be calculated, but again, it must be calculated carefully and not by additive increase of IG.

Bummer, but fascinating!! But we we must make some choice about how to proceed. Knowledge about the nature of information (and especially electronic information), I believe, informs us about how we make choice in our privacy laws:


  • Should the whole data be analyzed all at once?
  • or should we only allow each individual’s data be processed all at once?
  • or should we only allow daily data of everyone to be processed together?
  • or should we only allow daily data  of each individual to be processed separately?

Each of these choice (and many other) impact the private information loss due to clandestine activities.