Every four years, we look to the next guy and tell ourselves that he is going to do what he says he’ll do. This guy will change things. And every four years we are disappointed. We call him a crook, a liar. He leaves office, and the next guy walks in, giving us the same hopes and disappointment. On and on it goes. We conclude all politicians are corrupt, sociopathic people who lie for votes. I suspect we look at this the wrong way.
Think back to student government in junior high. Each year a kid would run for class president on a political platform of promises like “I will double the length of lunch period!”, or “Students should be able to give teachers detention!”. But, the kids know he can’t do these things. Even if elected, the administrators and the teachers, who hold the real power, will restrain him. So the student body decides to elect the reasonable kid with the speech about student solidarity and how much our district is better than the others. She promises a better homecoming. The kids don’t expect change because that is in the hands of the powerful adults; children are smart like that. Maybe we should lower the voting age.
What I am getting at is this. We should not be surprised when a president or congress doesn’t change anything. They are restrained by the “administrators and teachers” of the world, whoever they are. Plenty of those with power lurk behind the stage of national politics. Us citizens should peek backstage.
You should follow me on twitter: @lbitsofinsanity
Many ancient cultures recognize that harnessing fire marked the beginning of progress. In Greek mythology, Prometheus stole fire from the gods and gave it to the humans, along with writing, agriculture, and mathematics — the cornerstones of Greek civilization that, through the onward thrust of history, brought our modern technological marvels. This angered Zeus. He decided to punish Prometheus by chaining him to a rock where an eagle would devour his liver. Unfortunately for Prometheus, he was immortal, so his liver grew back and he had to endure the torture repeatedly.
Next, Zeus punished the humans by sending them Pandora and her infamous box. She opened the box out of curiosity, unleashing war, suffering, chaos, and evil upon the world. The message of the myth is clear: fire gave us both civilization and suffering. The city of Dresden burned down in an inferno in WWII. At least 100,000 miners died harvesting coal used to feed the fire that burned in the bellies of the locomotives during the industrial revolution. And, in Auschwitz alone, the Nazi’s burned hundreds of thousands of Jews; who knows how many they burned in the whole Holocaust.
The Greek myth of fire reminds us that there are two sides to human progress: technological progress and social progress. It is foolish to rely on technological innovation alone to improve our lives; powerful technology in the hands of an immature society is, like a child running around with scissors, at its worst destructive and at its best nerve-wracking. Society needs to deliberately mature at the same rate as it develops technologically. The amount of kindness we show one another should be proportional to the number of transistors we can fit on a circuit board.
I recognize that technology has brought us many great things. I also believe anything that makes our lives easier is worthwhile. Right now I am typing an essay that people around the world can read. By clicking a link on my blog, a reader in India requests an article that is fired through a series of wires to eventually rest on her computer — an exchange that happens in the span of milliseconds. I am always amazed how the Internet can help people: Khan Academy provides free, high quality educational videos, and Wikipedia organizes everything there is to know in a quick, easy to search, interface. These are Good Things.
But, it is too easy to ignore actual humans when you talk about the amazing feats of technology. Does the kid who can’t get clean water care how fast packets can get transmitted across a few wires? Does the single parent who is working 80 hours a week to support a family care about Khan Academy when there is hardly enough time to kiss the children goodnight, let alone get an education for a higher paying job? There are people that live life mostly untouched by the latest technology.
It seems many of us have forgotten the Promethean trade-off. The United States is a nation born out of the flames of the industrial revolution. Here, we worship technology and innovation, we idolize the Edisons and ignore the Debs. We throw money at the corporations whose employees work long hours in bad conditions in the name of economic efficiency because they give us affordable new toys and advanced technology. At the same time we ignore the kinder businesses that are killed off, overrun by the very same powerhouse corporations. We justify this by saying the weaker companies couldn’t compete in the marketplace. Consumers aren’t willing to pay for the overhead of a labor union and corporations aren’t willing to cut into their profit margin to pay their employees more. So, workers are stuck in the middle of the careless battle between supply and demand.
I feel like many people in power are like Frank Hoenikker from Cat’s Cradle: fascinated by technical possibilities, but weighed down by humanitarian concerns. They think you need to get the hell out of the way of progress, or else progress has the right to trample over you. The NSA is a model specimen. They built their massive PRISM and XKeyscore infrastructure in secret. They claim they wanted it hidden from US enemies, which I’m sure is partly true. But, I have a suspicion that they were most afraid of the public backlash against a blatant infringement of human rights, afraid of the national debate that will soon determine the fate of these programs. They didn’t want their own citizens getting in the way — a humanitarian concern. Sorry, NSA, for weighing you down.
At this rate, I fear we will become a technologically advanced society that doesn’t give a damn about those who live in it. I fear in a millennium we will have bionic limbs, but they will be affordable only by the wealthy, widening the gap between the haves and have nots. I fear we will have intergalactic travel, but it will be used for trade that mimics the international imperialism of the early 1900’s — a greedy struggle for profit and territory, culminating in a war financed by the deaths of millions. I fear we will have interactive movies, maybe even the Feelies of a Brave New World, but we will rather watch them than fight for our rights. Technological advancement is pointless if the social system on which it rests remains unchanged; otherwise, we are just running with scissors.
Maybe we need to get back to working towards a Great Society. Maybe strike a New Deal. When someone asks me what I would like to see in a hundred years, I avoid saying flying cars or space travel. Rather, I say I would like to see a world where people are kinder to one another, where we live in a more egalitarian society, where we have more time to spend with friends, family, our community, and ourselves. A better life for everyone should be our goal. Perhaps flying cars and space travel are necessary to get there; although, I highly doubt it. But right now we need to realize that technology alone isn’t going to save us. We need to save ourselves.
You should follow me on twitter: @lbitsofinsanity
Setting Jetty up to use SSL turns out to be easier than I thought. In fact, at least in Debian it is done for you already. If you go to the etc folder, you’ll see a keystore file and a jetty-ssl.xml file. Both of these are set with sensible default values. To enable SSL when you run jetty, use
java -jar start.jar etc/jetty.xml etc/jetty-ssl.xml
You can now go to https://localhost:8443 and see your webapp using SSL (make sure you use https at the beginning instead of http. This is a common mistake). In your browser you will be warned that this is not a signed certificate, and you will have to add a security exception. This is expected when your project is in development; be sure to get a signed certificate if you are plan on deploying!
So you’re done!…if you just want to use the defaults. Instead suppose we wanted to create our own keystore. Continue on, dear reader!
First you need to generate a keystore file that contains the private/public RSA key pair you will use for SSL communications. You can do this using a convenient command named keytool that is bundled with whatever JDK you are using.
Be very careful if you are using a debian distribution, as the keytool in your PATH may not produce keystores of the right format! I had a blast trying to figure out what was causing the exception “invalid keystore format”. You should ensure that the keytool you are using comes from the *JDK*.
/usr/bin/keytool <– THIS MAY BE WHAT YOU WANT, BUT…
/usr/lib/jvm/java-6-openjdk-amd64/bin/keytool <– USE THIS TO BE SAFE
/usr/lib/jvm/java-6-openjdk-amd64/jre/bin/keytool <– OR THIS
When you are developing, and not yet deployed, you should generate an unsigned keystore certificate. You can do this as follows:
keytool -genkey -keyalg RSA -alias yourAliasHere -keystore keystoreName
You will be asked to create a password for the keystore, and a password for the key. Remember these! You will need them to configure Jetty properly.
This will create a keystore in your working directory with the name keystoreName that you can then use for general SSL communications. But, remember, we wanted to set this up on Jetty.
Go to your Jetty folder. It is typically located at /usr/share/jetty if you are on a Debian based distribution. You should see something like the following:
contexts javadoc lib resources start.jar
etc jre1.5 logs start-daemon.jar webapps
What’s important is the etc folder, where you will find jetty-ssl.xml — the configuration file for SSL. In the field called “keystore” you should put the path to your keystore. I ended up putting the keystore in Jetty’s etc folder like the default setting, so I didn’t need to change this.
Now, remember the passwords you created when you ran keytool? Of course you do. The keystore password goes in the “password” field and the key password goes in the “keyPassword” field. Which is which, you ask? The first password you created was the keystore password, and the second was the key password.
You should remove the trustPassword fields. Set the port field to anything you want, but make sure that (1) it is different from your http port and (2) you have permissions to use that port.
Then, as above, you can visit your page using SSL with https://localhost:sslport, where of course you replace sslport with whatever port number you set in the configuration file. Enjoy your SSLed Jetty…but remember: this is not okay for a deployed webapp!
Quick tip. Many people suggest adding “setxkb -option ‘ctrl:nocaps'” to your startup programs to swap your control and caps-lock key. But this depends on whatever desktop environment you currently use. If you switch your desktop environment, you must add that line all over again.
Instead, open up /etc/default/keyboard in your favorite text editor. Replace the line XKBOPTIONS=” to XKBOPTIONS=”ctrl:nocaps”. Now, whenever you start up Debian, the switch will be done for you, regardless of desktop environment.