Developer.
133 stories
·
55 followers

“This business is like bird spotting”

1 Comment

One of my favorite quotes about startups/VC, from legendary VC Mike Moritz of Sequoia:

I rarely think about big themes. This business is like bird spotting. I don’t try to pick out the flock. Each one is different and I try to find an interestingly complected bird in a flock rather than try to make an observation about an entire flock. For that reason, while other firms may avoid companies because they perceive a certain investment sector as being overplayed or already mature, Sequoia is careful not to redline neighborhoods.

In traditional business thinking, generalizations about “flocks” i.e. markets/categories/sectors can be very useful. But when your job is to identify exceptions, generalizations can be dangerous.

Read the whole story
rafeco
15 days ago
reply
From the annals of mixed metaphors.
Share this story
Delete

Zero Knowledge Proofs: An illustrated primer

2 Shares
One of the best things about modern cryptography is the beautiful terminology. You could start any number of punk bands (or Tumblrs) named after cryptography terms like 'hard-core predicate', 'trapdoor function',  ' or 'impossible differential cryptanalysis'. And of course, I haven't even mentioned the one term that surpasses all of these. That term is 'zero knowledge'.
'trapdoor function


In fact, the term of 'zero knowledge' is so appealing that it leads to problems. People misuse it, assuming that zero knowledge must be synonymous with 'really, really secure'. Hence it gets tacked onto all kinds of stuff -- like encryption systems and anonymity networks -- that really have nothing to do with true zero knowledge protocols.

This all serves to underscore a point: zero-knowledge proofs are one of the most powerful tools cryptographers have ever devised. But unfortunately they're also relatively poorly understood. In this series of posts I'm going try to give a (mostly) non-mathematical description of what ZK proofs are, and what makes them so special. In this post and the next I'll talk about some of the ZK protocols we actually use.

Origins of Zero Knowledge

The notion of 'zero knowledge' was first proposed in the 1980s by MIT researchers Shafi Goldwasser, Silvio Micali and Charles Rackoff. These researchers were working on problems related to interactive proof systems, theoretical systems where a first party (called a 'Prover') exchanges messages with a second party ('Verifier') to convince the Verifier that some mathematical statement is true.*

Prior to Goldwasser et al., most work in this area focused the soundness of the proof system. That is, it considered the case where a malicious Prover attempts to 'trick' a Verifier into believing a false statement. What Goldwasser, Micali and Rackoff did was to turn this problem on its head. Instead of worrying only about the Prover, they asked: what happens if you don't trust the Verifier? 

The specific concern they raised was information leakage. Concretely, they asked, how much extra information is the Verifier going to learn during the course of this proof, beyond the mere fact that the statement is true?

It's important to note that this is not simply of theoretical interest. There are real, practical applications where this kind of thing matters.

Here's one: imagine that a real-world client wishes to log into a web server using a password. The standard 'real world' approach to this problem involves storing a hashed version of the password on the server. The login can thus be viewed as a sort of 'proof' that a given password hash is the output of a hash function on some password -- and more to the point, that the client actually knows the password.

Most real systems implement this 'proof' in the absolute worst possible way. The client simply transmits the original password to the server, which re-computes the password hash and compares it to the stored value. The problem here is obvious: at the conclusion of the protocol, the server has learned my cleartext password.Modern password hygiene therefore involves a good deal of praying that servers aren't compromised.

What Goldwasser, Micali and Rackoff proposed was a new hope for conducting such proofs. If fully realized, zero knowledge proofs would allow us to prove statements like the one above, while provably revealing no information beyond the single bit of information corresponding to 'this statement is true'.

A 'real world' example

So far this discussion has been pretty abstract. To make things a bit more concrete, let's go ahead and give a 'real' example of a (slightly insane) zero knowledge protocol.

For the purposes of this example, I'd like you to imagine that I'm a telecom magnate in the process of deploying a new cellular communications network. My network structure is represented by the graph below. Each vertex in this graph represents a cellular radio tower, and the connecting lines (edges) indicate locations where two cells overlap, meaning that their transmissions are likely to interfere with each other.

This overlap is problematic, since it means that signals from adjacent towers are likely to scramble reception. Fortunately my network design allows me to configure each tower to one of three different frequency bands to avoid such interference.

Thus the challenge in deploying my network is to assign frequency bands to the towers such that no two overlapping cells share the same frequencies. If we use colors to represent the frequency bands, we can quickly work out one solution to the problem:


Of course, many of you will notice that what I'm describing here is simply an instance of the famous theory problem called the graph three-coloringproblem. You might also know that what makes this problem interesting is that, for some graphs, it can be quite hard to find a solution, or even to determine if a solution exists.In fact, graph three-coloring -- specifically, the decision problem of whether a given graph supports a solution with three colors -- is known to be in the complexity class NP-complete.

It goes without saying that the toy example above is easy to solve by hand. But what if it wasn't? For example, imagine that my cellular network was very large and complex, so much so that the computing power at my disposal was not sufficient to find a solution. In this instance, it would be desirable to outsource the problem to someone else who has plenty of computing power. For example, I might hire my friends at Google to solve it for me on spec.

But this leads to a problem.

Suppose that Google devotes a large percentage of their computing infrastructure to searching for a valid coloring for my graph. I'm certainly not going to pay them until I know that they really have such a coloring. At the same time, Google isn't going to give me a copy of their solution until I've paid up. We'll wind up at an impasse.

In real life there's probably a common-sense answer to this dilemma, one that involves lawyers and escrow accounts. But this is not a blog about real life, it's a blog about cryptography. And if you've ever read a crypto paper, you'll understand that the right way to solve this problem is to dream up an absolutely crazy technical solution.

A crazy technical solution (with hats!)

The engineers at Google consult with Silvio Micali at MIT, who in consultation with his colleagues Oded Goldreich and Avi Wigderson, comes up with the following clever protocol -- one so elegant that it doesn't even require any computers. All it requires is a large warehouse, lots of crayons, and plenty of paper. Oh yes, and a whole bunch of hats.**

Here's how it works.

First I will enter the warehouse, cover the floor with paper, and draw a blank representation of my cell network graph. Then I'll exit the warehouse. Google can now enter enter, shuffle a collection of three crayons to pick a random assignment of the three agreed-upon crayon colors(red/blue/purple, as in the example above), and color in the graph in with their solution. Note that it doesn't matter which specific crayons they use, only that the coloring is valid.

Before leaving the warehouse, Google covers up each of the vertices with a hat. When I come back in, this is what I'll see:


Obviously

Now obviouy notice that
this approach protects Google's secret coloring perfectly. But it doesn't help me at all. For all I know, Google might have filled in the graph with a random, invalid solution. They might not even have colored the graph at all.

To address my valid concerns, Google now gives me an opportunity to 'challenge' their solution to the graph coloring.I'm allowed to pick -- at random -- a single 'edge' of this graph (that is, one line between two adjacent hats). Google will then remove the two corresponding hats, revealing a small portion of their solution:

Notice that there are two outcomes to my experiment:
  1. If the two revealed vertices are the same color (or aren't colored in at all!) then I definitely know that Google is lying to me. Clearly I'm not going to pay Google a cent.
  2. If the two revealed vertices are different colors, then Google might not be lying to me.
Hopefully the first proposition is obvious. The second one requires a bit more consideration. The problem is that even after our experiment, Google could still be lying to me -- after all, I only looked under two of the hats. If there are E different edges in the graph, then Google could fill in an invalid solution and still get away with it most of the time. Specifically, after one test they could succeed in cheating me with probability up to (E-1)/E (which for a 1,000 edge graph works out to 99.9% of the time).

Fortunately Google has an answer to this. We'll just run the protocol again!

We put down fresh paper with a new, blank copy of the graph. Google now picks a new (random) shuffle of the three crayons. Next they fill in the graph with a valid solution, but using the new random ordering of the three colors.

The hats go back on. I come back in and repeat the challenge process, picking a new random edge. Once again the logic above applies. Only this time if all goes well, I should now be slightly more confident that Google is telling me the truth. That's because in order to cheat me, Google would have had to get lucky twice in a row. That can happen -- but it happens with relatively lower probability. The chance that Google fools me twice in a row is now (E-1)/E * (E-1)/(or about 99.8% probability for our 1,000 edge example above).

Fortunately we don't have to stop at two challenges. In fact, we can keep trying this over and over again until I'm confident that Google is probably telling me the truth.

But don't take my word for it. Thanks to some neat Javascript, you can go try it yourself.

Note that I'll never be perfectly certain that Google is being honest -- there's always going to be a tiny probability that they're cheating me. But after a large number of iterations (E^2, as it happens) I can eventually raise my confidence to the point where Google can only cheat me with negligibleprobability -- low enough that for all practical purposesit's not worth worrying about. And then I'll be able to safely hand Google my money.

What you need to believe is that Google is also protected. Even if I try to learn something about their solution by keeping notes between protocol runs, it shouldn't matter. I'm foiled by Google's decision to randomize their color choices between each iteration. The limited information I obtain does me no good, and there's no way for me to linkthe data I learn between interactions.

What makes it 'zero knowledge'?

I've claimed to you that this protocol leaks no information about Google's solution. But don't let me get away with this! The first rule of modern cryptography is never to trust people who claim such things without proof.

Goldwasser, Micali and Rackoff proposed three following properties that every zero-knowledge protocol must satisfy. Stated informally, they are:
  1. Completeness. If Google is telling the truth, then they will eventually convince me (at least with high probability).
  2. Soundness. Google can onlyconvince me if they're actually telling the truth. 
  3. Zero-knowledgeness. (Yes it's really called this.)I don't learn anything elseabout Google's solution.
We've already discussed the argument for completeness. The protocol will eventually convince me (with a negligible error probability), provided we run it enough times. Soundness is also pretty easy to show here. If Google ever tries to cheat me, I will detect their treachery with overwhelming probability.

The hard part here is the 'zero knowledgeness' property. To do this, we need to conduct a very strange thought experiment.

A thought experiment (with time machines)

First, let's start with a crazy hypothetical. Imagine that Google's engineers aren't quite as capable as people make them out to be. They work on this problem for weeks and weeks, but they never manage to come up with a solution. With twelve hours to go until showtime, the Googlers get desperate. They decide to trick me into thinking they have a coloring for the graph, even though they don't.

Their idea is to sneak into the GoogleX workshop and borrow Google's prototype time machine. Initially the plan is to travel backwards a few years and use the extra working time to take another crack at solving the problem. Unfortunately it turns out that, like most Google prototypes, the time machine has some limitations. Most critically: it's only capable of going backwards in time four and a half minutes.

So using the time machine to manufacture more working time is out. But still, it turns out that even this very limited technology can still be used to trick me.
I don't really know what's going on here
but it seemed apropos.

The plan is diabolically simple. Since Google doesn't actually know a valid coloring for the graph, they'll simply color the paper with a bunch of random colors, then put the hats on. If by sheer luck, I challenge them on a pair of vertices that happen to be different colors, everyone will heave a sigh of relief and we'll continue with the protocol. So far so good.

Inevitably, though, I'm going to pull off a pair of hats and discover two vertices of the same color. In the normal protocol, Google would now be totally busted. And this is where the time machine comes in. Whenever Google finds themselves in this awkward situation, they simply fix it. That is, a designated Googler pulls a switch, 'rewinds' time about four minutes, and the Google team recolors the graph with a completely new random solution. Now they let time roll forward and try again.

In effect, the time machine allows Google to 'repair' any accidents that happen during their bogus protocol execution, which makes the experience look totally legitimate to me. Since bad challenge results will occur only 1/3 of the time, the expected runtime of the protocol (from Google's perspective) is only moderately greater than the time it takes to run the honest protocol. From my perspective I don't even know that the extra time machine trips are happening.

This last point is the most important. In fact, from my perspective, being unaware that the time machine is in the picture, the resulting interaction is exactly the same as the real thing. It's statistically identical. And yet it's worth pointing out again that in the time machine version, Google has absolutely no information about how to color the graph.

What the hell is the point of this?

What we've just shown is an example of a simulation. Note that in a world where time runs only forward and nobody can trick me with a time machine, the hat-based protocol is correct and sound, meaning that after E^2 rounds I should be convinced (with all but negligible probability) that the graph really is colorable and that Google is putting valid inputs into the protocol.

What we've just shown is that if time doesn't run only forward -- specifically, if Google can 'rewind' my view of time -- then they can fake a valid protocol run even if they have no information at all about the actual graph coloring.

From my perspective, what's the difference between the two protocol transcripts? When we consider the statistical distribution of the two, there's no difference at all. Both convey exactly the same amount of useful information.

Believe it or not, this proves something very important.

Specifically, assume that I (the Verifier) have some strategy that 'extracts' useful information about Google's coloring after observing an execution of the honest protocol. Then my strategy should work equally well in the case where I'm being fooled with a time machine. The protocol runs are, from my perspective, statistically identical. I physically cannot tell the difference.

Thus if the amount of information I can extract is identical in the 'real experiment' and the 'time machine experiment', yet the amount of information Google puts into the 'time machine' experiment is exactly zero -- then this implies that even in the real world the protocol must not leak any useful information.

Thus it remains only to show that computer scientists have time machines. We do! (It's a well-kept secret.)

Getting rid of the hats (and time machines)

Of course we don't actually want to run a protocol with hats. And even Google (probably?) doesn't have a literal time machine.

To tie things together, we first need to bring our protocol into the digital world. This requires that we construct the digital equivalent of a 'hat': something that both hides a digital value, while simultaneously 'binding' (or 'committing') the maker to it, so she can't change her mind after the fact.

Fortunately we have a perfect tool for this application. It's called a digital commitment scheme. A commitment scheme allows one party to 'commit' to a given message while keeping it secret, and then later 'open' the resulting commitment to reveal what's inside. They can be built out of various ingredients, including (strong) cryptographic hash functions.******

Given a commitment scheme, we now have all the ingredients we need to run the zero knowledge protocol electronically. The Prover first encodes its vertex colorings as a set of digital messages (for example, the numbers 0, 1, 2), then generates digital commitments to each one. These commitments get sent over to the Verifier. When the Verifier challenges on an edge, the Prover simply reveals the opening values for the commitments corresponding to the two vertices.

So we've managed to eliminate the hats. But how do we prove that this protocol is zero knowledge?

Fortunately now that we're in the digital world, we no longer need a real time machine to prove things about this protocol. A key trick is to specify in our setting that the protocol is not going to be run between two people, but rather between two different computer programs (or, to be more formal, probabilistic Turing machines.)

What we can now prove is the following theorem: if you could ever come up with a computer program (for the Verifier) that extracts useful information after participating in a run of the protocol, then it would be possible to use a 'time machine' on that program in order to make it extract the same amount of useful information from a 'fake' run of the protocol where the Prover doesn't put in any information to begin with.

And since we're now talking about computer programs, it should be obvious that rewinding time isn't such an extraordinary feat at all. In fact, we rewind computer programs all the time. For example, consider using virtual machine software with a snapshot capability.

Example of rewinding through VM snapshots. An initial VM is played forward, rewound to an
initial snapshot, then execution is forked to a new path. 
Even if you don't have fancy virtual machine software, any computer program can be 'rewound' to an earlier state, simply by starting the program over again from the beginning and feeding it exactly the same inputs. Provided that the inputs -- including all random numbers -- are fixed, the program will always follow the same execution path. Thus you can rewind a program just by running it from the start and 'forking' its execution when it reaches some desired point.

Ultimately what we get is the following theorem. If there exists any Verifier computer program that successfully extracts information by interactively running this protocol with some Prover, then we can simply use the rewinding trick on that program to commit to a random solution, then 'trick' the Verifier by rewinding its execution whenever we can't answer its challenge correctly. The same logic holds as we gave above: if such a Verifier succeeds in extracting information after running the real protocol, then it should be able to extract the same amount of informationfrom the simulated, rewinding-based protocol. But since there's no information going into the simulated protocol, there's no information to extract. Thus the information the Verifier can extract must always be zero.

Ok, so what does this all mean?

So let's recap. We know that the protocol is complete and sound, based on our analysis above. The soundness argument holds in any situation where we know that nobody is fiddling with time -- that is, the Verifier is running normally and nobody is rewinding its execution.

At the same time, the protocol is also zero knowledge. To prove this, we showed that any Verifier program that succeeds in extracting information must also be able to extract information from a protocol run where rewinding is used and no information is available in the first place.Which leads to an obvious contradiction, and tells us that the protocol can't leak information in either situation.

There's an important benefit to all this. Since it's trivial for anyone to 'fake' a protocol transcript, even after Google proves to me that they have a solution, I can't re-play a recording of the protocol transcript to prove anything to anyone else (say, a judge). That's because the judge would have no guarantee that the video was recorded honestly, and that I didn't simply editin the same way Google might have done using the time machine. This means that protocol transcripts themselves contain no information. The protocol is only meaningful if I myself participated, and I can be sure that it happened in real time.

Proofs for all of NP!

If you've made it this far, I'm pretty sure you're ready for the big news. Which is that 3-coloring cellphone networks isn't all that interesting of a problem -- at least, not in and of itself.

The really interesting thing about the 3-coloring problem is that it's in the class NP-complete. To put this informally, the wonderful thing about such problems is that any other problem in the class NP can be translated into an instance of that problem.

In a single stroke, this result -- due to Goldwasser, Micali and Wigderson -- proves that 'efficient' ZK proofs exists for a vast class of useful statements, many of which are way more interesting than assigning frequencies to cellular networks. You simply find a statement (in NP) that you wish to prove, such as our hash function example from above, then translate it into an instance of the 3-coloring problem. At that point you simply run the digital version of the hat protocol.

In summary, and next time

Of course, actually running this protocol for interesting statements would be an insanely silly thing for anyone to do, since the cost of doing so would include the total size of the original statement and witness, plus the reduction cost to convert it into a graph, plus the E^2protocol rounds you'd have to conduct in order to convince someone that the proof is valid. Theoretically this is 'efficient', since the total cost of the proof would be polynomial in the input size, but in practice it would be anything but.

So what we've shown so far is that such proofs are possible. It remains for us to actually find proofs that are practical enough for real-world use.

In the next post I'll talk about some of those -- specifically, the efficientproofs that we use for various useful statements. I'll give some examples (from real applications) where these things have been used. Also at reader request: I'll also talk about why I dislike SRP so much.

Notes:

* Formally, the goal of an interactive proof is to convince the Verifier that a particular string belongs to some language. Typically the Prover is very powerful (unbounded), but the Verifier is limited in computation.

** This example is based on the original solution of Goldwasser, Micali and Rackoff, and the teaching example using hats is based on an explanation by Silvio Micali. I take credit only for the silly mistakes.

*** Yes, I swear to god that we use this term.


****** A simple example of a commitment can be built using a hash function. To commit to the value "x" simply generate some (suitably long) string of random numbers, which we'll call 'salt', and output the commitment C = Hash(salt || x). To open the commitment, you simply reveal 'x' and 'salt'. Anyone can check that the original commitment is valid by recomputing the hash. This is secure under some (moderately strong) assumptions about the function itself.
Read the whole story
Share this story
Delete

The Best Hidden Features of VLC

2 Comments and 3 Shares

The Best Hidden Features of VLC

VLC is easily one of our favorite media players (and yours too). However, it's not just a one-trick pony. Under the surface, there's a wide range of features that you might not have known it could do.

Download YouTube Videos

The Best Hidden Features of VLC

We've discussed plenty of ways to download YouTube videos before. However, you have one option already installed on your computer. VLC lets you play and download YouTube videos right from its desktop interface. Here's how:

  1. Find a video on YouTube—like this one—and copy the URL from the address bar.
  2. In VLC, head to Media > Open Network Stream.
  3. Paste the YouTube link in the box and click Play.
  4. Under Tools, click Codec Information.
  5. In the box that says Location, right-click the block of text and click Select All. Copy this text to your clipboard.
  6. Go back to your browser and paste the link in the address bar. This will open the source file directly on YouTube's servers.
  7. Right-click the video as it plays and select Save Video As.

You can also record clips from YouTube videos as they're streaming in VLC by pressing the red Record button in the player itself. This isn't as direct of a rip, but it's handy if you need to grab a particular clip out of a long video.

Record Your Desktop

The Best Hidden Features of VLC

Desktop recording software ranges from poor quality and free to incredibly powerful and expensive. VLC manages to strike a balance between both. In our tests, it wasn't powerful enough to, say, screen record a movie. However, for showing someone a problem you're having on a computer or providing quick instructions on how to perform a task, it's more than enough.

  1. Under Media, click "Open Capture Device."
  2. Click the "Capture Mode" dropdown and select "Desktop."
  3. Modify the frame rate. 15 f/s will probably be good enough for desktop recording, though 30 may be required for more fast-paced movement.
  4. Click the dropdown arrow next to "Play" and select "Convert."
  5. In the "Profile" dropdown, choose MP4.
    1. At this step, you can click the tool icon to modify the settings of this profile. Here you can modify things like resolution or bitrate. We'll use the default settings for now, but you can come back here later if you need to tweak the final product.
  6. In the Destination box, choose a location to place the finished file.
  7. Click Start.

Once you click Start, VLC will stream a feed of your desktop into itself behind the scenes. Let it run while you record your workspace. When you're done, you can click the stop buton in the player controls to end recording.

Convert Video Files

The Best Hidden Features of VLC

VLC also has a pretty decent video converter built in. If you have a file that needs to be in a different format to upload or play somewhere, you may not need to download an entirely different application just to convert it. Here's how to convert between one file and another:

  1. Under Media, click "Convert/Save."
  2. Add the file you want to convert in the File Selection section.
  3. Click "Convert/Save."
  4. In the Settings section, choose the type of file you want to convert the file into under Profile.
  5. Give the file a name and location under Destination.
  6. Click Start.

The converted video file will be deposited in the target location. VLC certainly isn't a replacement for a more robust application like Handbrake. However, for simple jobs, it's probably the only video converter most people have on their machines.

Record Your Webcam

The Best Hidden Features of VLC

Your webcam may or may not have come with software to take pictures and record videos. However, chances are VLC has some advantages over both. Not only can you choose several different types of formats to record to, you can also tweak a number of fine grain settings if needed. This is helpful for making YouTube videos or recording video messages to send to friends or relatives. Here's how to record video from your webcam:

  1. Under Media, click Open Capture Device.
  2. In the "Capture mode" drop down, select DirectShow.
  3. For "Video device name" choose your webcam.
  4. For "Audio device name" choose your microphone.
  5. Click "Advanced options."
    1. If you want to use the software that came with your device to control input settings, choose "Device properties."
    2. Otherwise, enter a value for "Video input frame rate." 30 is a good rule of thumb for smooth video, though you can use less if you're not concerned about quality.
    3. Click Okay.

At this point, you have two options. You can click Play to play live video through VLC and record segments as needed by pressing the red Record button. Alternatively, you can choose "Convert/Save" from the dropdown and select where you would like the recorded file to go. Both methods have their advantages. The former allows you to preview your video and take clips in short bursts. However, this method requires headphones, as it can create a feedback loop. It also may cause a more sluggish recording on slower computers.

Using the Convert/Save method avoids the feedback problem but it also doesn't provide you much information on what you're looking at or when you're done recording. You can stop the recording by pressing Stop in the player, but there's no indicator that you are still recording at the time.

Subscribe to Podcasts

The Best Hidden Features of VLC

You might not think of VLC as a podcast manager, but if you use it regularly, it's actually pretty handy. To add a podcast, you'll need the RSS feed of the show. As an example, we'll use Lifehacker alum Adam Dachis' Supercharged podcast here. The RSS link will probably look something like this:

http://feeds.5by5.tv/supercharged

Once you've found the RSS feed for the podcast you want to keep up with, follow these steps:

  1. In VLC's sidebar, scroll down until you see Podcasts.
  2. Hover your mouse over Podcasts and click the plus sign on the right.
  3. Paste the RSS feed URL of the show you want to add.
  4. Click OK.

Now, your podcast of choice will appear in the Podcasts sidebar section. Click on the name of a show and you'll see a list of available episodes. Double click on any one of them to start streaming.

Read the whole story
rafeco
43 days ago
reply
Did not know VLC had all these features.
aaronwe
46 days ago
reply
Handy. I had no idea VLC could be a screencap app.
Sioux City, Iowa
Share this story
Delete

How To Make A Pumpkin Look Like Somebody

1 Comment

(No Artistic Talent Required!)

It’s Halloween! This holiday is second only to Christmas in terms of the amount spent per year on decorations (in the USA, anyway). But for some of us, there is more to it than cheap, mass-produced rubber spiders, talking skeletons, and so on. It’s yet another excuse to be creative, in a geeky way.

So let’s carve pumpkins! When I was a wee lad, my brother and I took black markers and made an outline of what we wanted on our pumpkins, then dear old dad would cut them with a sharp knife (which we, of course, weren’t allowed to play with). Think triangular eyes, a simple nose, and a snaggletoothed mouth. Now that I am older, I find this is way too efficient, and much more time can be frittered away with this exercise…

Basic Carving Outline

(Apologies in advance for saying so many things you already know… or just skip this section.)

  1. Get pumpkins. You can grow them, get them at the store, or visit the kitschy farm down the road. Look for ones you can easily spread your hand across, they are the right size for single page (8 ½ x 11) paper patterns.
  2. Get a paper pattern. They come in books, but more sophisticated ones can be found online (carvingpumpkins.com is a favorite of mine), and printed out (laser printouts are preferred, as they are nearly impervious to pumpkin juice).
  3. Tape the pattern to the pumpkin (This means you don’t actually need artistic talent. Just trace it!). This is easier if you have cut some notches in the paper so it bends around the pumpkin. I say use lots of tape. Cover every bit of the paper with tape. That way, if it gets pumpkin juice on it, it won’t fall apart.
  4. Cut the top off. Angle it, so the top doesn’t fall in. (If you cut it straight up and down, this will happen quickly as the pumpkin ages.) Alternatively, some experts prefer cutting the bottom out of the pumpkin instead of the top. This may make the pumpkin last longer, especially if it is out in the weather. But then you may need a chimney. Either way, I leave a notch so the original orientation of the lid can be quickly reestablished.
  5. Scrape the guts out. Scrape the part where the pattern is applied extra hard, if you are going with a three-level pattern (explained next), so the light shines through nicely. Keep some seeds to bake and eat, if you are into that (I am not).
  6. Cut the pattern. Unless you are being really fancy, this can be done in three levels:
    • Skin left on. This is of course the darkest.
    • Skin peeled off. Much more light shines though.
    • Cut all the way through. This is the lightest.

There are many tools for the job. For cutting through, knives really can’t get a high level of detail compared to the special-purpose pumpkin saws they sell these days. (Cut as perpendicular to the surface of the pumpkin as possible so the piece is easily extracted. If the piece doesn’t pop out easily, cut it into bits.)

For scraping the skin, I haven’t found anything better than a pocket knife. Just cut the edge around the area (this makes nice clean lines), then if the area is small/thin pick it out with the knife point, or if it is large, cut it into pieces to pick out. (Cutting up and down the grain of the pumpkin is easiest, if it is convenient given the shape of the area to scrape.) They also sell tools with little loops on the ends as part of store-bought kits, but I prefer to live dangerously and use my trusty knife.

The order in which the areas are cut out has a profound effect on how hard it is to execute the design without breaking anything. This is hard to pin down in words, but as you don’t want to paint yourself into a corner, you also don’t want to be cutting/scraping anything that has very little structural support. Starting with the smallest details is never a bad idea.

  1. Take the pattern and tape off.
  2. Cut air holes in the back if the pattern doesn’t involve many areas that are cut through.
  3. Put a candle in, light it. Pumpkins are >90% water, so putting them on your cement steps with real fiery candles in doesn’t sound that dangerous.
  4. Take pictures of your handiwork! (See the last section.)

Additional Steps

  • Invite some friends over, and have your sister-in-law with the Johnson and Wales degree make the snacks.
  • Add beer and/or wine, to taste.
  • There are also tailor-made power saws (reciprocating, not circular) available, and these are quite helpful for designs with lots of long cuts. Some people also use power tools to scrape the skin, such as a Dremel tool. This works, but I advise against combining this with #1, or #2 in particular.

How To Make Your Own Patterns

Making your own patterns is a great way to get geek technology involved in what otherwise would be a nice, earthy-crunchy hobby. This is not that hard, but you will impress people who don’t think of these things.

Get a picture using a digital camera, Google image search, or whatever. This could be easy, or not. But you won’t know for sure until later steps. Here’s what I used this year:

Crop the picture. Convert it to black and white. (I used to use PhotoShop when I had an employer that could justify the expense of having a legit copy. Now I use the GIMP.) If you look closely at the hair, you can see that I touched it up a little, in preparation for the next step…

Convert the image to three levels. I use black for skin, gray for scraped, and white for cut through. This gives an impression of the final result, but generally uses more precious toner than doing it the other way ’round. This year I just adjusted the color curve in GIMP, but I am sure I have used other means in the past.

This should result in a 3-level image:

There are a few things to note here. Obviously it is tricky to pick the levels to get something that is true to the original image. However, you also have to be aware that gravity will claim anything that is completely surrounded by a cut-out (white area). You can (in order of preference) either just erase these (in the image above they are tiny), keep fussing with the levels until there aren’t any, add supports to them, or go back to step 1 (pick a new image).

Cut the pumpkin. It may look like complete crap in the daylight:

Fear not! in the dark, things look better than you’d think, given the number of mistakes you may or may not have made in the cutting process:

Get addicted, and do more pumpkins next year. Here are a few samples from our parties. (See if you can spot the shameless plugs for our company.)

Taking Good Pictures

So even if your pumpkin doesn’t look that good, you may be able to salvage it by creative use of your digital camera.

  • Use full manual mode. That way you can adjust the picture by trial and error, and keep the most appealing one.
  • Unless you can hold still for 15 seconds, a tripod is a must.
  • Stop the camera down. (This may not apply to your camera, but the one I got for a mere $150, 6 long years ago works best stopped down, as it blurs less. I realize that this is counter-intuitive since there isn’t a lot of need for depth of field, and the light is low. But that’s what I do.)
  • Same goes for film speed. Use the slowest one, as you get the least noise in the dark areas. Even though this is counter-intuitive in low light settings.
  • Then adjust the exposure time to make it look good. Take a few. Use 2 seconds, 4, 6, 8, 10, 15, and then keep whatever looks best. Usually, it takes a lot of work to get a digital photo to look almost as good as real life, but with pumpkins, it is pretty easy to make things look even better than reality, just pick the right exposure.
  • The first photo shows approximately what the pumpkin looks like in real life (you will have to trust me on this). The second shows the exposure I liked the best, which soaked for a bit longer.

Acknowledgments

I’d like to thank my wife for starting this tradition, and cleaning the house before every party. And all our friends, for their contributions to our growing gallery.

Read the whole story
rafeco
43 days ago
reply
Not what I expected to see on an engineering blog in the HP family.
Share this story
Delete

Why Pennsylvanians should vote for Tom Wolf

1 Comment

Though I was born and raised in Pennsylvania, I haven't lived there for years. So why should anybody in the state listen to me about who to vote for as their governor? Because, this time, I can personally attest to the character of the best man for the job.

Tom Wolf is an outstanding candidate. Since I'm someone who cares about education and job creation and women's health and opportunity for workers and criminal justice reform, workers, it's easy to see that Tom's platform aligns with my political positions. But I want to offer an insight into talk about something deeper.

My parents came from the most humble roots. Take my dad — born while India was still under British rule, he grew up with no running water or electricity, with only a grade school that could barely keep up with his voracious mind. And all of this undergirded by unreliable nutrition due to erratic farm crops destabilized by colonial policies that resulted in one of the worst and deadliest famines in human history.

Yet despite all this adversity, my father persevered, coming to the United States, getting his PhD, and with my mother, becoming a leader in both their community and their careers while providing their community and industry while providing two kids with nearly boundless opportunity.

Tom Wolf in Orissa

What does this classic American story have to do with Tom Wolf? Well, in that poor, fragile region where my parents dad grew up, one of the first interactions that many in the area ever had with a westerner was with Tom Wolf, who chose to serve in the area as a Peace Corps volunteer. volunteer.

Tom's work focused on stabilizing and growing agriculture in western Orissa, the Indian state my family is from. Here is a man who was born with all the privilege and opportunity that America could afford a man, and who chose to serve those who had the least.

This is what leadership is, enabling people to live their best lives on their own terms by working alongside them with respect.My parents succeeded because they

Now, my father succeeded because he worked hard, and they were was already on the path to an amazing life when Tom's work began. But countless others had their prospects permanently improved because someone who had everything was sincerely interested in helping those who didn't have nearly as much.

Leaders must be curious

Tom Wolf And Tom had an honest respect and intellectual curiosity for the culture that he was engaging. As is the custom, my parents' wedding in India involved almost the entire population of their respective hometowns, with multiple days of celebrations and events. The only American, the only white guy, the only person of such privilege who was curious and committed sincere enough to be present at such an event was Tom Wolf.

From that bond of witnessing their marriage to decades later, in my youth in Pennsylvania, Tom Wolf and my parents stayed true friends. As my mother's career succeeded she still made time to host legendarily delicious and decadent multi-course dinners of Indian cuisine at home, and I can remember a number of times when Tom Wolf would show up and dig into the food with the gusto of a native.

Now, it's been decades since I've seen Tom Wolf. I was just a kid when we interacted, so I can't say that I know the man today, man, or that he'd even remember me. But I know how fondly my parents speak of a friend who knew them in their lives before they came to America, a friend who cheered them on as they cheered him on, over years decades as they all went on to become accomplished community members and entrepreneurs in Pennsylvania, and loving parents at home.

Around elections, everybody trots out clichés like "character matters", but what do these phrases really mean? I think they must be a way of asking, "What did this person do with their time on the Earth back when the cameras weren't looking? How did a person use their privileges and good fortune to serve others?" In short, what is the sincere nature of a person who wants us to give them power?

These are the ways to measure a leader. Many people can say the right things about a slate of political positions, and mean it. But if we're going to give someone the power and the great privilege of serving as a leader, then we should expect that they've proven their character.

Tom Wolf has proven his character. He earned the respect of my parents a world away, nearly half a century ago, by honestly and sincerely engaging with people he'd never known, and simply being of service. That's what leadership is, and that's why as someone who was born and raised in Pennsylvania, who still counts many friends in the state, I ask all of you to elect Tom Wolf today.

Read the whole story
rafeco
46 days ago
reply
This is an endorsement.
Share this story
Delete

Coworkers Should Be Like Neighbors, Not Like Family

1 Comment

All companies want engaged employees. After all, people who are engaged put in effort that goes above and beyond the minimum that’s required to complete a task. They are less likely to look for another job. And they project positive energy, which improves the mood of other employees and customers.

One way to increase engagement is to foster a “neighbor” relationship.

Research on types of relationships suggests that we can break the world up into several kinds of relationships. I refer to the three that are particularly important in the context of business as strangers, family, and neighbors.

Strangers are people with whom we do not have a close connection; if we need their help, we pay them to provide it. Families are people with whom we have a close bond and for whom we do whatever is needed, often expecting nothing in return. In between strangers and family are neighbors — people with whom we have a reasonably close relationship, who offer us help, and expect help in return.

It’s not good to have a workplace that consists primarily of strangers, because every interaction becomes a fee-for-service transaction and strangers are not motivated to go above and beyond the specific tasks presented to help the organization fulfill its goals. Moreover, the social environment in a workplace full of strangers does not energize employees to want to come to work.

Likewise, it’s dangerous for most organizations to function as a family, because not all employees will pull their own weight. It’s an inefficient and demoralizing way to work.

But with our neighbors, we try to balance what we do for them and what we get from them over time. We construct covenants in which everyone shares a common vision and agrees to do what they can to work toward these common interests.

In a healthy workplace, neighbor-employees work hard, secure in the knowledge that the organization is looking out for them. The organization succeeds because its employees put in a reasonable amount of extra time and effort for each other.

There are several ways to promote a neighborhood in the workplace. At the core of each of these techniques is a demonstration that the organization has a broader vested interest in its employees. This reassurance is particularly important for publicly traded companies that are normally focused on improving earnings each quarter.

One way to support neighborhoods is training. Many companies provide extensive training opportunities for their employees, which give them a chance to develop both work-related and personal skills. This demonstrates that the organization is interested in the employees’ long-term best interests. Any investment in those training opportunities pales in comparison to the cost of replacing people who leave the company.

A second way to promote a neighborhood is to provide regular opportunities for employees to engage directly with higher-ups. Being a part of the neighborhood requires a feeling that the organization knows who you are and cares not just about people in general, about you in particular. Without some points of contact to the upper management of the company, a business unit might become a neighborhood, but that neighborhood may feel disconnected from the rest of the organization.

A third component of the neighborhood is that it needs to have a shared purpose. Residential neighbors are bound together by the desire to create a community that benefits the people who live there. Similarly, companies need a shared vision that transcends the individuals. For example, at the University of Texas (where I work), I have worked with our operational staff to help the various units (like construction, emergency services, and power) to reconnect with the mission of the university in order to make those units feel like a more central part of the neighborhood.

Finally, it’s important for all managers to look for signs that an organization is slipping from a neighborhood to a group of strangers. The biggest signal that a neighborhood is eroding is when employees start finding reasons not to support broader initiatives within the organization because of the narrower job that they have been assigned. They may give excuses for focusing on their particular job instead of what the larger organization needs. When this happens managers need to return to the above approaches, demonstrating that the organization cares about them and remind them of their connection to the broader mission.

Although it does require effort and resources to maintain a neighborhood, the investment is quickly repaid.

Read the whole story
rafeco
48 days ago
reply
I like the neighbor metaphor better than the family metaphor for sure.
Share this story
Delete
Next Page of Stories