Archive for the ‘science’ Category

The Iron Law of Confirmation Bias   2 comments

Ben Goldacre posts over on Bad Science about the distressing tendency of people to reject that which does not confirm their already-held beliefs.

Their views on each issue were added together to produce one bumper score on the extent to which they thought science could be informative on all of these questions, and the results were truly frightening. People whose pre-existing stereotypes about homosexuality had been challenged by the scientific evidence presented to them were more inclined to believe that science had nothing to offer, on any question, not just on homosexuality, when compared with people whose views on homosexuality had been reinforced.

When presented with unwelcome scientific evidence, it seems, in a desperate bid to retain some consistency in their world view, people would rather conclude that science in general is broken. This is an interesting finding. But I’m not sure it makes me very happy.

This is in and of itself not a terribly astonishing finding (depressing though it may be).  There is a very large body of evidence to show that people are resoundingly poor at objectively measuring evidence using a consistent standard.

Simply put, if a study has a conclusion with which you agree, you tend to ignore the limitations of the study and place more trust in the conclusion.  If a study with the same exact design has a conclusion with which you disagree, you have a tendency to focus on the limitations of the study and place less trust in the conclusion.

Even if the methodology is precisely the same.  Depressing, isn’t it?

Unfortunately, this tendency is not minimized by intelligence quotient.  Smart people, as I’ve said before elsewhere on this blog, are not guaranteed to be wise.  As I observed over the weekend to the pater familias, people who have invested huge quantities of time and training in a field (and thus have a justifiable belief in their own expertise in that field) unfortunately have a tendency to assume that competence possesses fantastic osmotic capabilities.

Which is fascinating, as they’d jump straight to how much work they had to complete to gain basic competency in their own field as a justification for their position for their beliefs in their field… but the expertise acquired by someone else through their own study of some other field is trumped by… well, I’m not really sure.  The “obvious truth”, I suppose.

People who are mathematical mavens assume that they understand economics better than they actually do.  People who are biologists assume that they understand psychology better than they actually do.  Successful politicians assume that they can understand engineering, everybody assumes they understand everybody’s theology, and so on.

You see this a lot when you start arguing about the philosophy of science.  Scientists, as a class, make fun of other fields in order of their likelihood to line up with postivist standards of measure.  Mathematicians famously make fun of scientists (and the philosophers make fun of the mathematicians).  I’ve thrown this XKCD comic up before, it’s a classic which illustrates the situation fairly well:

Sadly, as you move away from mathematics towards physics, you move away from an axiomatic system to constructive empiricism.  You lose truth, but you gain facts, something I’ve mentioned before.  The problem, of course, is that your facts are based upon your ability to observe, which is largely contingent upon the accuracy of your measurements.  The farther away from physics you go, the more uncertainty you get in your measurements, and the more qualifications you need to put upon your observations (which has the distressing tendency to produce the, “Social scientists aren’t *real* scientists” attitude among the hard science crowd).

This follows, of course, when you have a biologist who has a particular ideological stance, but some whippersnapper sociologist comes along and challenges that ideological stance.  The biologist, of course, depends upon science for their livelihood, so they can hardly disclaim science.  They can cheerfully disclaim sociology.

The point?

You know, I’m really not sure I’m going to bother to say.  If you’re reading this, and you agree with me, you’re already going to know what the point is.

And if you don’t, you’re going to disagree with the point, right?

Posted July 7, 2010 by padraic2112 in philosophy, rants, science, Uncategorized

Just Don’t Forget the Middle Part   Leave a comment

“Pay them enough to take money off the table” (also remember that “taking money off the table” means something entirely different to a 26 year-old bachelor and a 32 year-old father of two, and that your pay increase method needs to account for that, or it ain’t gonna work).

That reminder aside, an awesome video.  Check out this for more.

Tip o’ the blogger hat to I can’t believe it’s not a democracy!

Posted June 2, 2010 by padraic2112 in economics, management, science

Okay, That’s Sort of Cool   1 comment

NASA Goddard has a flickr stream, and this photo is actually a picture of the Earth.  It’s grainy and small, so why so cool?  Because it was taken from the surface of Mars.

Posted April 28, 2010 by padraic2112 in astronomy, science, Uncategorized

In Which I Disagree With Steven Hawking   12 comments

The good doctor is in the news, with a quote apparently taken from his new Discovery show:

He suggests that aliens might simply raid Earth for its resources and then move on: “We only have to look at ourselves to see how intelligent life might develop into something we wouldn’t want to meet. I imagine they might exist in massive ships, having used up all the resources from their home planet. Such advanced aliens would perhaps become nomads, looking to conquer and colonise whatever planets they can reach.”

Of course, several bloggers the world round have weighed in with various positions.

Let’s look at this from a resource management view.  Any alien race which has the need to raid to sustain its resource consumption would probably be better off gathering supplies from celestial bodies other than our own little ball of dirt.

The first reason for this is that our ball of dirt actually isn’t so little.  Any resource that you want to gather from the Earth’s surface and schlep up into some sort of mothership in orbit requires you to break the gravity well of the Earth.  This is not cheap, at least, not using any sort of engine that requires reaction mass.

You need hydrocarbons?  Get them from Titan, which has much less of a gravity well than Earth’s and oceans of hydrocarbons.  The asteroid field has lots of nice loose chunks of industrial metals and would be far easier to mine than the Earth’s crust for anybody that has the capability of interstellar travel (it’s very nearly easier for us, and we don’t even have interstellar travel).  Earth trumps all the local system bodies for liquid water supplies, that’s certainly true, but Triton and Charon both have water ice on them, they’re farther away from the gravity well of the Sun.  This makes them easier to get to from outside the solar system (and away from, assuming your nomadic reavers are actually nomadic).

You have to get the supplies up onto the ship, and that takes some sort of energy, presumably.  Even the heavy elements like thorium and uranium are present elsewhere in the solar system.

On the other hand, if your technology is advanced enough for interstellar travel, you might not care about reaction mass… but if you don’t care about reaction mass, you probably don’t need to raid planetary bodies for supplies.  Whatever your technology looks like, you’re capable of violating a few of our understood laws of physics.

It’s likely that anybody that might want to drop by for a visit has to be some distance away… where “some distance” == “really, really far”.  There’s only so many candidates for likely life-supporting environments within 50 light years of our little ball of iron (and of course, it goes without saying that if your lifeform isn’t sufficiently like ours, you probably don’t regard liquid water as a necessary resource).

I dunno, Professor, I’m thinking that the likelihood of roving bands of aliens is pretty far-fetched, logistically speaking.

Posted April 26, 2010 by padraic2112 in astronomy, science, Uncategorized

Information is Beautiful   2 comments

‘Nuff Said.  Check out the whole site.

Posted April 6, 2010 by padraic2112 in math, science, web sites

Shorter Answer, Ivan   1 comment

I just read Ivan Ristić’s slides for his talk on “How to Render SSL Useless“, found via Luke O’Conner’s blog.  Thanks, Luke!

(spoiler: Here’s the shorter answer: if you use SSL/TLS, you’re probably not using it for the right reasons and you’re probably not getting the level of security you think you’re getting, because you’re probably doing it wrong.)

Ivan’s points boil down to this: SSL/TLS, by itself, is secure.  It’s all these implementation details that render it insecure in practice.  Ivan then offers eleven areas where SSL is “broken” in practice.

Here’s my issue with the slides: some of them don’t detail problems with SSL at all, and the other half are built into the design of SSL itself.

Let’s go through the slides by point.

Ivan’s first contention is that self-signed certificates are bad.  Ivan argues that they’re insecure, they teach users to ignore warnings, and that it’s cheaper to get a “real” certificate than to use a self-signed one anyway.

Well, a self-signed certificate is certainly differently secure than one signed by a root CA, but as to whether or not it’s less secure or insecure, that’s a completely different question (trusted authorities and exploitation scenarios deserve their own post, so I’ll leave it at this for now — edited to add — thank you, Ed Felten, now I don’t need to write this up).  The second contention is just silly, users don’t need to be trained to ignore warnings, they do it already.  The last is at best incomplete.  It requires a certain level of skill to deploy a service that relies upon a self-signed certificate, so saying “you have to maintain it” should be considered as part of the cost is mostly pointless.  You have to maintain any certificate, whether you sign it yourself or pay Verisign to sign it for you.  If I have to pay Bob the Apache Wizard to maintain my site and Bob knows how to generate a self-signed cert, it’s going to be cheaper for me to have Bob sign the cert than it will be for me to pay Verisign to do it, because Bob is going to get his salary (or his packaged SLA payment) either way.

Ivan’s second contention is that private certificate authorities are bad.  The logic follows mostly along the lines of the previous point… it’s better for you to pay someone else to do this for you than it is for you to do it yourself.  Now, he has something of a point here.  Building a CA isn’t the same as self-signing a certificate, it takes a higher degree of knowledge to build the thing properly.  I would imagine that there are a number of CAs out there that are unnecessary and they could be easily covered under one of the existing root CAs.  However, there are any number of completely legitimate reasons for running your own CA, and in any event I don’t think one-off CAs represent a big threat to the overall infosec domain.

Oh, and against both previous points: for-profit root CAs have issued insecure certs before, why should we trust them?

Points 3, 4, 8, 9, and 10 are all basically the same point: if your site needs to be encrypted some of the time in transmission, it really needs to be encrypted all of the time, period.  This is a good point (really should be a single point with examples, though), and I’m more or less with Ivan on this one, although I understand why it isn’t always the case.

Point 7 is that SSL sometimes isn’t used at all when it should be.  Not sure why this belongs on the list, that’s not a problem with SSL implementation, per se.  And I personally haven’t seen an unencrypted site that handles sensitive data in a long while, so I don’t know how germane it is anymore.

Point 11, and to a lesser extent 5, aren’t so much problems with SSL as they are problems with the couplings between SSL & DNS, pushed through the lens of user expectations.  DNS has had its own problems.

Finally, point #6 (using an EV certificate, as opposed to a normal SSL certificate) illustrates the problem I have with computer security engineering professionals.

Now, I haven’t seen the talk and I haven’t read any of Ivan’s blogging (I should, and I’m adding it to my blogroll now), so I can’t say that this is fair, but just reading the slides, here’s how I interpret the underlying context of this talk:

“SSL is totally secure, if you are using it in the totally most secure way and no other way, because we designed it to be totally secure if you use it in the totally most secure way.  Oh, but we also made it so that you could use it in all of these other ways, but DON’T DO THAT because you ruin our perfect design by using it in the non-perfect way!”

There’s a reason why I switched my research focus from infosec to disaster/crisis management, and this is it.  Information systems security designers have a tendency to draw a box in their head, and design a system that is secure inside that box.  If you use the tools they provide within the boundaries of that box, you’re golden, and if you don’t, you’re probably screwed.  But that’s not on them because they can only design out to the edges of the box.

The problems with this approach are that most systems don’t fit inside that box, the box itself often sits on top of a completely insecure table, and often the box itself has lots of little holes in it that are punched into it for various reasons.

Ignore those reasons!  Don’t use that functionality!  It’s bad!  But it’s necessary, that’s why we put it in there!  But you’re probably not doing it right, and it’s not necessary for you, so just pay someone else to do it!

If setting up your own CA is bad, then why is it good to have multiple root CAs?  Shouldn’t there be just one?  (no)

If EV certificates are the best, why do CAs offer regular certs?  (because)

If using incomplete certs is a problem, then why is it possible to generate an incomplete cert in the first place?  (because not all certs are certifying the same thing)

Heck, if self-signed certs are bad, then why do you have the ability to generate them in the first place?  (because in most practical cases, you’re looking for session security, not authoritative identification).

Posted February 16, 2010 by padraic2112 in information science, security, software, tech, web sites

Another Big Numbers Post   3 comments

Found at Live Granades.

Posted January 19, 2010 by padraic2112 in astronomy, science

Swing, and a Miss   1 comment

I read Karl Denniger’s blog.  He has fascinating observations on the economic woes of the nation.  Even when I don’t agree with him, I usually find what he has to say interesting.

Not so much this time around.  Karl wrote two posts about this story in the news:

Hundreds of private e-mail messages and documents hacked from a computer server at a British university are causing a stir among global warming skeptics, who say they show that climate scientists conspired to overstate the case for a human influence on climate change.

The e-mail messages, attributed to prominent American and British climate researchers, include discussions of scientific data and whether it should be released, exchanges about how best to combat the arguments of skeptics, and casual comments — in some cases derisive — about specific people known for their skeptical views. Drafts of scientific papers and a photo collage that portrays climate skeptics on an ice floe were also among the hacked data, some of which dates back 13 years.

Karl offers a couple of observations here and here:

Science is the process by which we take a question and:

  • Form a hypothesis.
  • Design an experiment to test that hypothesis.
  • Perform the experiment and collect the data thus generated.
  • Analyze the resulting data.
  • Form a conclusion from the data thus collected.

That’s “The Scientific Method.”

Not quite, Mr. D.  That’s one method of exploring questions scientifically, yes.  But many questions can’t be explored by experimentation, and it’s certainly not the only method of scientific inquiry.

Uncertainties in measurement are additive – that is, if I measure two rulers and each is reported as “12 inches +/- 0.1 inch” then the total length of the two rulers is 24 inches +/- 0.2 inch – because it is possible that both errors were on the same side.

Yes and no.  In your particular case, yes.  However, when you’re talking about extremely complex behaviors, your measurements are not necessarily combined this way.  For example, phenomena A may have an error in measurement, and phenomena B may have an error in measurement, but it may actually be the case that those errors are not independent.  I could be measuring PSI and temperature in a pressure cooker.  My thermometer may have an error margin, and my pressure indicator may have an error margin.  But if they are both incorrect in different directions, a composite measurement would reveal this.

To the extent that method is corrupted on purpose one does not have science.  To the extent that it is corrupted out of necessity (e.g. missing data that one requires, and thus one “guesses”) this is accepted provided one discloses one’s guess and how it was derived – that is, provided there is no material concealment.

In the “Big Science World” the check and balance on concealment – and outright fraud – is peer review and post-publication duplication.  To be able to duplicate the results claimed, however, the algorithms, code, methods and data sets must be made publicly available so that anyone who desires to do so can validate the claimed experimental results.

In the spirit of science, I will note that I fully expect others to try to validate (or dispute) my observations below.  As such you can find the original archive at Wikileaks should you decide you would like to do so, and I encourage all other independent investigation.

The first point is correct, but needs clarification.  With regards to a particular scientific field, you’re talking about an incredibly large body of literature.  Every scientific field is in a dynamic state, but generally speaking there is a collection of assumptions that each field currently regards as acceptable assumptions.  For example, in physics, it is currently regarded as acceptable to assume that gravity is a constant.  Since we don’t know the mechanism by which gravity operates, this *is*, in fact, an assumption.  No physicist, however, would take the time to put in any sort of disclaimer about this assumption in their publication; it’s assumed that gravity is a constant, because we have no reason to expect otherwise.

The second point is correct… and I personally as yet have had no trouble whatsoever acquiring access to anybody’s data when I’ve asked them for it.  Data sets are typically not included in journal publishing, due to space limitations (yes, in this day and age, this is stupid and data sets should at least be accessible in electronic copies of journals… but this is a reflection of a hundred years of traditional science publishing, not conspiracy).  Most climatologists have their data linked from their own websites, or blogs, or the data is a public data set and already in the public domain in any event.

In short, I see nothing in that data set that implies that the messages have been tampered with, but there is also no reasonable way to prove their provenance as the necessary information to do so (routing and message-id information) is missing.  A well-place FOI request should resolve that problem, if anyone is particularly interested in doing so.

The data sets included in the archive are also interesting.  Again, a reasonably-detailed look through them shows nothing implying that they have been tampered with, and they include data and computer code (source program code) from a wide variety of time periods.  It appears authentic.

On the contrary, Karl, this is bad framing, as you yourself note earlier in your own post.  This is a demonstrably pitifully incomplete selection of data gathered over a period of 13 years.  Emails are missing.  Off-email conversations are not referenced, and so on.  If I gave someone access to every document I’ve created and my email store since 1996, I have no doubt whatsoever that you’d be able to construct a 60MB zip file containing enough emails, blog posts, snippets of papers I’ve written, and dump that up at the Department of Homeland Security and net me a visit from some counterterrorism division.  I write about security and information systems; this would be a trivial exercise.

I have long argued that the major problem with so-called “published papers” on global warming is that it is rare to see find measurement uncertainties reported in the alleged findings, and competing studies have cited wildly different values for the same thing (e.g. atmospheric CO2 emitted by man per year.)

I believe we can now deduce why those uncertainties are missing – they are not being carried through the computational process as is required for any scientific calculation and this omission is in fact intentional.

That’s not a major problem (and usually isn’t the case).

Karl, you really must not read a lot of scientific papers.  Limitation sections are a requirement.  Have you really read a large chunk of the climate science of the last 3 decades?

Measurement uncertainties usually are cited, of course… and when they aren’t, it’s usually because those measurement uncertainties are known among the particular science community.  An aside for the non-scientists among the readership: most academic journal articles are not written for the layman to understand (side note: this is one reason why science reporting is usually so bad… science reporters are generally *not* well versed enough to accurately report on what they’re reading).  They are written with the assumption that the persons reading the articles are fairly well versed in the field in question.  If you think about it, this is not only normal it’s absolutely necessary.  Academic journals have to assume that the person reading the article is familiar with: (a) basic undergraduate science (b) basic undergraduate mathematics (c) advanced graduate level science in the particular field (d) whatever advanced mathematics are necessary tools for examining that particular field.  You’re talking about 6 or so years of academic study assumed as known.

In some sense, yes, the omission is intentional.  This is not indicative of nefariousness.

Without hard proof of whatever answer is propounded to that question we as the people of this planet must insist on a full stop for all purported “climate amelioration” efforts, as there is every possibility that the entirety of this so-called science in fact proves exactly nothing, except that the so-called “researchers” have added much CO2 to the atmosphere producing the electricity required to power their computers!

Extraordinary claims require extraordinary proof, and from the released set of data that proof is, quite simply, not present and accounted for.

Yes, Karl, extraordinary claims do require extraordinary proof.  So let us reframe the issue at hand.

Climate science journals have been publishing papers supporting global climate change papers for over 30 years now.  I have not seen a single academic paper that has been published since 1980 that refutes the global warming hypothesis (compare this to the earlier “global cooling” hypothesis that some climate change denialists point at, which was not well supported by any body of literature and never regarded as a mainstream theory).  Minor disclaimer, this is my cursory reading of the literature, I’m not a climatologist myself… but I have looked at both the general body of literature and I’ve tried to follow the “skeptic” crowd’s trail of evidence and found nothing, so it is (at the very least) a decent investigation by someone who doesn’t qualify as a rank amateur or layman.

Global warming theories are grounded in basic thermodynamics (physics) and the properties of greenhouse gasses (chemistry).  Impacts have been seen in species diversity (biology), ice cores and rock strata (geology), and marine lifecycles (marine biology and oceanography).  No credible falsification evidence has been presented in any journal, be it any of the major climate journals, the more general Science or Nature, or any other peer reviewed publication in any of the other fields listed here.

There are two possibilites here (edited to add: there are actually three*).  Either the global climate change (and its proposed human root causes) are very close to highly probably true, or there is a massive, cross-national, cross-cultural, pervasive conspiracy… in not one but possibly dozens of scientific fields… to cover up the truth.

Knowing what I do of conspiracies in general, the second possibility would be laughable to consider just on the sheer numbers involved.  However, even supposing that you could in fact keep such a conspiracy under wraps, I don’t understand what the actual motiviation would be for such a conspiracy; why would a geologist or an oceanographer care about publishing refuting the global warming hypothesis?  They’re not climatologists, they’re not going to lose their shot at tenure for challenging another field (in fact, given what I know of university politics, they’d be more likely to get tenure by challenging a basic hypothesis of another field).

This clearly counts as a very, very extraordinary claim.

And what evidence exists to bolster this claim?  An illegally acquired, demonstrably incomplete, cherry picked selection of contextually limited data from a single climate center representing a subpopulation of climate scientists obtained by an individual or group whose motives are unknown, containing… ah, what looks like a very few emails that could be interpreted as malicious by someone who already assumed that global warming was a completely fabricated theory, or could also be interpreted as the diplomatically uncautious phrasing of perfectly normal behavior among reasonable scientists.

I don’t think that qualifies as extraordinary evidence.

* (edited to add): the third possibility is complex.  It is possible that global climate change hypothesis is based upon a causal theory that has been reinforced entirely by correlative evidence in other fields, but the principle causes are independent and not in fact tied to the global climate theory.  This is possible, but as time goes on it becomes increasingly unlikely.  People who support AGW tend to claim that this has already reached the point where the lack of falsification results in other fields shows that those other fields support the causal hypothesis.  People who challenge AGW tend to claim that each one of these instances of lack of falsification have independent explanations.  It is possible that the second group is correct, but I as yet have not seen a substantive analysis supporting this view.  That doesn’t mean it’s not possible to construct such an analysis.

Posted November 22, 2009 by padraic2112 in science

SciBloggers vs. Freakonomics Dudes: Round One… Ready… FIGHT!   Leave a comment

In case you haven’t heard about Superfreakonomics, it’s due out soon, and there’s a chapter in there where the authors attack the global warming theory on a number of points.

It turns out that they do a very bad job of this, and to top that off they… ah, are a bit loose with their citations.

Now, one of the dead giveaways that someone doesn’t know what they’re talking about is when they actually attribute findings or quotations to people that actively refuted the findings or never, in fact said what they’re claimed to have said…

Posted October 27, 2009 by padraic2112 in science

Okay, So I Bent The Truth   4 comments

This post was supposed to be a follow-up to “How To Hire a Sysadmin”, but I’ve been a little busy studying for a midterm and delving into the capabilities of Alfresco, so I haven’t had a chance to write that post up yet.

In the meantime, this came across my radar from the ISWORLD mailing list and I needed to plunk it somewhere where I wouldn’t forget about it (del.icio.us all too often turning into a pit): Open Knowledge Creation: Improving the Peer Review and Adoption Process.  FTA:

The practice of peer review and acceptance has been in place for many years, predating the Internet, and has recognized shortcomings. The Internet has proven to be a disruptive technology and a means for innovation in many areas of science and society. In this paper we offer an organizing framework aimed at redesigning the peer review and adoption process, referred to as open knowledge creation. The framework proposed utilizes the Internet, Google’s Knol and Groups technology. The open knowledge creation framework consists of four stages: creation, review/revision, evaluation/adoption and publication and is intended to offer journals an alternative for the communication of research that more fully exploits the Internet.

Deserves a thorough read-through and analysis.  Drive-by science bloggers from other fields: what’s your take?

Posted October 26, 2009 by padraic2112 in information science, science