What even is Tumblr?

I’ve never been able to understand Tumblr. And I don’t mean the community norms and stuff: I mean the platform. It’s blogging with all the useful bits taken out, like usable navigation, and comments, etc. It’s basically a shit version of WordPress.

And one thing I think many people don’t realise is how much the design of the platform influences the way the community works. Software developers can sometimes have a frightening amount of power. The only way to comment on Tumblr is, so far as I understand it, to copy the entire thing to your own blog, and add a comment. So comments also equal signal boost. And then if someone wants to reply to your reply, they copy the entire thing to their blog and add a comment. So the discussion spreads out into endless tendrils across many blogs, instead of being contained in one place, in the comments on the initial blog.

This has a very strong effect on the kinds of arguments that happen, and how they can be inflamed or calmed down. Software design for this kind of interaction is actually really really tricky.

The difference between Reddit, Quora, and Stack Exchange is partially down to their moderation policies, but largely derives from their very different user interfaces. YouTube comments are a mess because they’re messily built: the more contentious ones rise to the top. It’s the platform as much as the people.

And I, as a programmer — web developer — myself, see Tumblr as an inevitable dumpster fire. It follows inevitably from the software structure. (But the main reason I avoid it is that it’s an unnavigable mess, of course.)

I was surprised to hear that it is no longer permissible to climb Uluru

From October 2018, it will no longer permissible to climb Uluru. I was quite surprised to hear this, as it had been my understanding that it was already illegal. Apparently that was a request from the Anangu people, the traditional owners of the land. Now it will actually be enforced. (This decision was made by the board of the local national park, not by central government.)

As a side-note, “traditional owners” is an interesting term. I think I first heard the concept expressed this way a few weeks ago, watching an address by President Michel D. Higgins to the University of Melbourne, where he was awarded an honorary degree. Allan Myers, the Chancellor of the University, opened events with an acknowledgement of “the traditional custodians of the land on which we meet”.

Charlotte Brontë, feminist

The Brontë sisters, Charlotte, Emily, and Anne, originally published under gender-ambiguous pseudonyms, as Currer, Ellis, and Acton Bell. Ellis Bell’s Wuthering Heights was republished under Emily Brontë’s real name shortly after her death. At the beginning, Charlotte Brontë wrote a biographical note on Emily and Anne, now both dead. It included this note on their choice of pseudonyms:

Averse to personal publicity, we veiled our own names under those of Currer, Ellis, and Acton Bell; the ambiguous choice being dictated by a sort of conscientious scruple at assuming Christian names positively masculine, while we did not like to declare ourselves women, because — without at that time suspecting that our mode of writing and thinking was not what is called “feminine” — we had a vague impression that authoresses are liable to be looked on with prejudice; we had noticed how critics sometimes use for their chastisement the weapon of personality and, for their reward, a flattery which is not true praise.

The biographical note is followed by an editor’s preface, also by Charlotte Brontë. Talking about the qualities of constancy and tenderness in the characters of the novel, she wrote,

Some people will think these qualities do not shine so well incarnate in a man as they would do in a woman, but Ellis Bell could never be brought to comprehend this notion: nothing moved her more than any insinuation that the faithfulness and clemency, the long-suffering and loving kindness which are esteemed virtues in the daughters of Eve, become foibles in the sons of Adam. She held that mercy and forgiveness are the divinest attributes of the Great Being who made both man and woman, and that what clothes the Godhead in glory, can disgrace no form of feeble humanity.

Continue reading

Experts and Expertese

I have a great deal of respect for experts. Actual, real, honest-to-goodness experts. The people who have written theses. The people who put massive amounts of work into coming up with original ideas, then do their very best to poke holes in them before publishing them. The people who will graciously admit defeat when they’re proven to be wrong, and will carry on working, carry on developing new ideas. I have a great deal of respect for the scientific method and for scientists themselves. And I know it doesn’t always work like that, but it does often enough.

And what really annoys me, what really gets me going, is seeing that respect misappropriated by “psychic healers” and similar bullshit artists. Those people dream up ideas which sound good, but are disdainful of the tools humanity has painstakingly developed over centuries for checking whether ideas are true. In fact, in many cases, they seem to not even care whether or not their ideas are true. It is dispiriting to see such people given respect that is not their due.

The utter contempt these scam artists have for the real experts, the people who put their life’s work into working out how the world really works, is the rudeness.

And besides all that, there’s the issue of how dangerous these people can be. Should I mention vaccines?

This entire blog post is under the license CC BY-SA 3.0. Feel free to repost elsewhere, as long as you link back.

Why did Thorongil warn Ecthelion against the White Wizard?

I’m rereading The Lord of the Rings. Appendix A, “Annals of the Kings and Rulers”, tells us that Aragorn son of Arathorn spent part of his youth in Minas Tirith under the assumed name “Thorongil” serving under Ecthelion, Steward of Gondor.

Thorongil often warned Ecthelion not to put trust in Saruman the White in Isengard, but to welcome rather Gandalf the Grey.

Appendix B, “The Tale of Years”, tells us,

2957-80 Aragorn undertakes his great journeys and errantries. As Thorongil he serves in disguise both Thengel of Rohan and Ecthelion II of Gondor.
10th July 3018 Gandalf imprisoned in Orthanc.
18th September 3018 Gandalf escapes from Orthanc in the early hours.
25th October 3018 Council of Elrond.

Saruman’s treachery was not clear to anyone before the dispute with Gandalf in July 3018. And Aragorn did not learn of it till he and Gandalf met again in Rivendell in October. So why was Aragorn already suspicious of Saruman roughly 40 years earlier?

I asked this question a while ago on Science Fiction & Fantasy Stack Exchange. I got a few good answers. Here’s the one I selected as the best, from Peter Turner:

Not sure where this is in the annals, but it says in the Tolkien Companion by J.E.A Tyler

Saruman made his first deliberate move in this direction (toward imposing his will, which was forbidden of the Istari) in the year 2759 Third Age, when he appeared at the Coronation of King Frealaf of Rohan, successor of the mighty Helm Hammerhand. The Wizard brough with him rich presents, and declared himself the friend of Rohan and gondor, and a little later was able to persuade Steward Beren of Gondor to grant him the Keys of Orthanc, the mighty Tower which, together with its fortress of Isengard, commanded the strategic Gap of Rohan. All thought this was a welcome move.

All, that is, except a weary ranger who would see everything given up by Gondor as a challenge to its power.

And it further says that

all the time the Wizard was secretly searching the Tower of Orthanc for a long-lost treasure of the Dunedain … the Palantír of Orthanc.

Then in 2851 the White Council met to think of ways to stop Sauron from coming back

Saruman, hoping that the Ring would expose its location if Sauron were left unharassed, deliberately overruled a strong recommendation (from Gandalf) … that Dol Guldur be attacked.

By his actions, Gandalf may have suspected that Saruman was up to something, although I don’t think Gandalf even knew of the ring.

So, either through his own understanding of the Palantír through the lore of his people or through his association with Gandalf, Aragorn was more naturally suspicious than Gandalf and I think it makes sense that he’d know something was amiss well before anyone else had reason to suspect.

You can read Peter’s answer and all the others at SF&F SE. This entire blog post, both my own writing and the section I quoted from Peter, is under the license CC BY-SA 3.0. Feel free to repost elsewhere.

Life: bits to be sorted out

The first feminist blog I read with any regularity was Shapely Prose, which I think was a fat acceptance blog which gradually developed into a more general feminist blog, while retaining a focus on HAES. So, for me, learning about feminism and learning about HAES have sort of been bound up together.

I have unhealthy eating habits and unhealthy sleeping habits: the two are bound together, as in “Good grief I’ve been on the computer for how many hours? And now I’m getting a headache from tiredness and I’ll have to skip dinner again.” Then I get up late and skip breakfast. It’s fairly often that I don’t eat from one lunch to the next. Then I eat out in a café because (a) I didn’t have time to make a packed lunch, and (b) I really need a full meal at lunchtime, because I’m not eating at other times. And eating out all the time means that (a) I’m spending far more money on food than I can really afford, and (b) I’m eating too much meat: I try to reduce my meat intake (mainly for environmental reasons; partly for health reasons), and on the rare occasions when I cook for myself I usually cook vegetarian, but when I eat out the meat dishes tempt me. And eating out in the evenings means either posh expensive places or fast food, and vegetarian fast food is rarely appealing to me.

So, I do have unhealthy eating habits I need to get on top of, mainly, probably, by getting better at scheduling my time. Get off the computer in time to cook something, and then get to bed at a reasonable hour and get out of bed at a reasonable hour. This would be good for me.

I’m not entirely sure how to go about this, mind you. Or about the extent to which it interacts with HAES. I’m reasonably happy with my overall body shape.

This post started as a comment on Ana Mardoll’s Ramblings, but as I wrote it it gradually became more and more off topic, so I’m posting it here instead.

Am I small-minded?

This thought occurred to me just last night:

There are some opinions I understand and agree with. They are based on arguments and presuppositions which make sense to me, and which seem to me reasonable and well supported.

There are some opinions I disagree with. The arguments in their favour seem to me lacking in some way, perhaps by being based on presuppositions which I do not share, or perhaps due to a failure in logical reasoning from those presuppositions.

There are some opinions I disagree with completely. The arguments in their favour are non-existent, or are based on presuppositions so completely alien to my mind that I simply cannot make sense of them, or follow a chain of logical reasoning which I cannot grasp.

It occurred to me last night that the middle set, the arguments which seem lacking, but not fundamentally unreasonable or utterly incomprehensible, is a quite likely to be a reasonably good proxy for how open-minded we are. (Compare Aristotle’s dictum that it is the mark of an educated mind to be able to entertain an idea without accepting it. What I’m saying is not quite the same thing, but it is a related concept.) It also occurred to me that, for me, the middle set of ideas is, actually, rather small. I find it quite hard to get my head around conservative politics; I find it very difficult to understand or communicate with people who are uninterested in scientific evidence for or against the types of medicine they advocate; and I often find religious concepts difficult to grasp (which last is especially odd, given that I was raised religious).

So, how worried should I be about that?

License: CC BY-SA 3.0. Feel free to repost elsewhere.

Tentative thoughts on Payment Gateways

If you’re selling stuff online, you need a “payment gateway”. That’s something that sits between your website and the bank, so that you can accept money over the Internet. PayPal is the biggest and best known of these. As far as I can tell, different payment gateways work in three different ways. (There may be more, but these are the three I’m aware of. I’m also including one other way of taking money, which is a gateway for payments, but isn’t a “payment gateway” according to the standard definition.) I don’t know of any standard terminology to distinguish these methods, so I’ve invented my own.

So, here’s my breakdown of five types of checkout. (Yes, five.)

1. Orders only

There are, I said, four types of payment gateway (or, three plus a bonus fourth), but five types of checkout. That’s because it’s possible to have something like an online shop where no money actually changes hands. I’ve built a site like this. It displays products, and has nice little “add to cart” buttons, so you can build up an order. You can then review your order and submit it. Then you get an order ID. The owner of the site will then contact you separately to arrange payment and delivery. This method works fine for the site in question (which is for a trade-only wholesale merchant in the fashion business).

This sort of checkout process is by far the easiest to build, as there is no need to interact with* any other system. It’s entirely self-contained.

2. Internal checkout

I call this one “internal” because all the work goes on behind the scenes. You have a form on your website into which the user enters their credit card details. (Watch this: you’re receiving credit card information, so now you’re under a legal obligation to deal with it carefully.) But we don’t store this information, instead, our webserver submits that credit card data to the payment gateway. The response from the gateway indicates whether or not the transaction was successful. (Submitting the information and receiving the response can be a single operation. The exact workflow will depend on the payment gateway concerned. The only one I’m familiar with, Realex Payments, receives the credit card information as a POST request in XML format, and returns the response (also in XML format) immediately.)

Remember, talking to the payment gateway is all happening behind the scenes. The customer has no idea how it works, or which payment gateway you’re using. They enter their credit card details into your website, press submit, and get a response of “payment made” or “declined” or whatever from your site. They have no need or reason to know or care which payment gateway you’re using.

An advantage of the internal checkout method is that you are entirely in control of the user experience. The customer never leaves your site; never sees any logos or branding other than yours. And if you think the checkout process is clunky and difficult to use, you can change it.

Realex Payments, based in Dublin, is one of the largest such operators in the European market. PayPal also supplies this type of payment gateway, but only in the UK, the USA, and Canada.

3. External checkout

For the external checkout, the customer is sent away to an external site to complete the payment process (hence, as you may have guessed, the name). So when the customer has added a few items to their cart, they can click on a button labelled “Pay with X”, proceed to that other site, and pay there. There are a few advantages to this. For a start, customers may be more likely to trust a big site like PayPal or Google with their credit card data. Also, they may already have an account there, and so be able to pay without having to type out their credit card information at all. And, from your perspective, you’re free from having to worry about credit card security: you never see any credit card information at all.

Another thing about the external checkout is that you aren’t limited to just the one of them. There’s nothing to stop you giving the customer options: you can put “Pay with PayPal” and a “Check out with Google Checkout” buttons on the same page, and give the customer a choice. (You can also give the customer the choice of using the internal checkout, of course.)

The bad thing about the external checkout is that they’re a lot trickier to code. The workflow is far more complex. For a start, you have to send the customer away to another site, but with information. There’s no point just sending them away to PayPal. They have to go to PayPal with the information that they’ve come from you, and they’re buying such-and-such which costs so-and-so. The way to do that is to build a form on your site which contains all the necessary information in hidden fields, then use javascript (with a fall back to an image submit button) to send them away to the payment gateway (this is a POST request). (That’s how I did it for PayPal, anyway (and PayPal is the only such external checkout I’ve so far built).)

A while later, the customer will probably arrive back on your site with a similar POST request containing information that they’ve paid. This is all well and good, but how do you know it hasn’t been faked? Also, what if they never do come back to your site? What if they go to PayPal, pay, and then continue on their merry way without visiting your site again? Well, we don’t rely on that.

In our initial submission to PayPal, we send full data about all the products being purchased: ID, title, price, tax, shipping costs, and suchlike, but we also send them a URL and a unique tracking code. When the payment is made, PayPal posts all this data back to that URL (we call it the listener URL, because it sits and listens for PayPal to call it). That’s when we know the payment has gone through. Oh, wait, no we don’t. That could have been faked too. Remember, we aren’t contacting PayPal directly. We haven’t posted any information to PayPal’s servers. We’ve given information (including the unique tracking code and our listener URL) to the customer, and asked them to send it to PayPal. They could be tricking us. The “payment made” response to our listener URL could be a fake too.

So this is the point where we do contact PayPal directly. As soon as we receive the “payment made” call to our listener URL, we send all the information back to PayPal, basically asking “Hey, did this actually come from you?”. PayPal responds immediately, either confirming or denying the call. If PayPal confirms it, we mark the payment as made.

Hang on a second. Someone ordered on our site several thousand euros worth of goods. We created an order, gave it a unique tracking code, and sent them off to PayPal. Then we got word from PayPal that a payment had been made for an order with that tracking code. But the payment was only three euro. What now? And that’s why our listener doesn’t actually mark a payment as made as soon as PayPal confirms it. Instead, it reads all the data from the PayPal response, which includes full details of every item bought, its cost, and all related handling and shipping charges. We then verify that this all matches up with the order we have on record for that unique tracking code. And only then do we mark the payment as made. And we store the order with the PayPal transaction ID (this ID is generated by PayPal, and is unrelated to the code we generated and have used to track the order so far).

When the customer returns to our site, they do so with a POST request from PayPal which includes the transaction ID. This request cannot have been faked, because a faker would have no way of knowing that transaction ID, which was generated by PayPal. So we can be happy that the person landing on our site now is the person who just made the purchase, and we can show a receipt. Everything is hunky-dory.

Except … wait for it. Sometimes, PayPal will return a customer to us before sending the order confirmation to our listener URL. So if a customer lands on our site with a transaction ID we don’t recognize, we can’t simply assume it’s an error. It might be an order which hasn’t come through yet. So we show the page and wait on it a while for an order to come through, checking occasionally (using Ajax) whether an order with that transaction ID has been processed. If it has, we redirect the customer to the receipt for that order. Failing that, we eventually give up.

Just to be slightly more awkward, in PayPal’s sandbox (test environment), there’s no way to force delay the call to the listener URL so you can test this workflow. You just have to code and hope it works. Read that sentence again: Sometimes, PayPal will return a customer to us before sending the order confirmation to our listener URL. Sometimes. There’s no way to force that situation so you can test it.

Also, in case you thought that was too easy, PayPal provides a bunch of other services. It can supply shops which are managed entirely by PayPal: you log into PayPal and create your products and set their prices, and PayPal will give you little HTML snippets to put into your site. And so you can have a shop with no server-side coding on your part at all. This is all very well, but PayPal puts all the documentation for these two completely different situations together into one massive, badly written, repetitive PDF document, and expects you to read it. PayPal’s documentation is easily the worst I’ve ever seen anywhere. It is eye-bleedingly awful. (Realex Payments, by contrast, has very well-written documents. They are to the point, self-contained, and clear.)

The only external checkout I’ve built worked with PayPal. Google Checkout is another provider in this area, and Realex Payments also provide an external checkout service. And, so, no doubt, do many others. As I said earlier, there’s nothing stopping you giving your customer the choice of all these and more.

4. Redirect checkout

The “redirect checkout” is basically an external checkout which pretends to be an internal checkout. The customer enters their credit card details into a form on our site, but the form submits to an external site, which then redirects straight back. The customer, unless they are paying close attention to their browser, does not even realize that they’ve left the site they were on. From a coding perspective, this is essentially the same as an external checkout, but from a user’s perspective, it’s the same as an internal one.

I’ve never actually built a site which used a redirect checkout, and couldn’t name a provider. I’m not making it up, though. It’s something I’m sure I’ve read about somewhere.

5. Telephone payments

Bonus method!

This is the one which doesn’t actually count as a “payment gateway”. The official definition of “payment gateway” is all about credit cards and suchlike, and this method does not require credit cards.

If every product on your site is the same price, and you’re fairly confident that most people will be buying only one product at a time (we’ve done this, for a site which accepted classified advertising), you can accept payment by premium telephone number. First, get a phone number which charges people a fixed price per call, rather than by the second. Then, set up your checkout to create a unique random four-digit number for each order. Then, set up Asterisk to answer the phone, accept input of the four-digit code, and send a signal to to site that the order has been paid.

I did work on a site like this, but I had nothing to do with the Asterisk end of things. It’s a clever program for answering phones and managing phone menu options and phone trees.

* I did not say interface with. You can comment below to thank me for this, if you like.

Thoughts: Reading the Internet

My Blogs:

  1. My h2g2 journal, where I occasionally post about things I’m doing, or about books I’m reading. My oldest blog.
  2. TRiG’s links, subtitled “Reading the Internet”, where I just post links to stuff I found interesting, or videos. This is the most frequently updated blog.
  3. This one, ostensibly my main blog, actually rarely updated. It hosts the longer stuff.

I’ve been putting up stuff on my links blog to start posting once a day from the second of January on. This means that if I die tomorrow, my blog will continue posting for a while (not a very long while, because I’m lazy, and haven’t prepared as many pre-posts as I should). I’m not superstitious, but I am sometimes a bit morbid. I think thoughts like that.

I sit beside the fire and think
of all that I have seen,
of meadow-flowers and butterflies
in summers that have been;

Of yellow leaves and gossamer
in autumns that there were.
with morning mist and silver sun
and wind upon my hair.

I sit beside the fire and think
of how the world will be
when winter comes without a spring
that I shall ever see.

For still there are so many things
that I have never seen:
in every wood in every spring
there is a different green.

I sit beside the fire and think
of people long ago,
and people who will see a world
that I shall never know.

But all the while I sit and think
of times there were before,
I listen for returning feet
and voices at the door.


The aged Bilbo Baggins in The Lord of the Rings.

Perhaps I’m in an odd frame of mind, but I’m actually feeling fairly cheerful.