"Troubleshooting hydraulics is like debugging software and networking protocols." --elkement
30 Postings shown.
I have now been playing on the pentesting platform hackthebox for more than a year. I have been in IT security / infosec for a very long time,
but I was very late to the offensive party. It still amazes me why that is. Some random thoughts!
I was not really aware of the exact terminology regarding blue and red teams etc. The Public Key Infrastructures I have built are maintained
by the 'networking' or 'server' or 'Active Directory' teams, so I had always considered 'security' to be one aspect of the work the architects
and network administrators have to do. Maybe I do not even count as 'infosec' - I am just the administrator of all things certificate-related.
I often sided rather with the people who had to maintain the 'security infrastructures' on a daily basis, rather than with consultants
(internal or external ones) who tell those administrators how to secure the infrastructure. People keeping infrastructure a the bottom layers of
the network afloat are hardly noticed - until something breaks. I had my share of WHO IS RESPONSIBLE THAT THIS WAS NOT WORKING FOR [a time
span very very small compared to the time the system was running well despite lots of changes].
In the book Advanced
Penetration Testing a seasoned expert states:
All that is needed for an attacker to gain entry to the most secure environments is for one person to have one lapse in judgment
one time. I keep driving this point home because it really is the point. As a penetration tester, I have the easy job. An attacker is always
at an advantage. I would hate to have the responsibility of keeping a network safe from attack; I'd never sleep.
I think as a security consultant - red or blue, consultant as opposed to sysadmin / 'devops' - it is hard to fully acknowledge all the
conflicting requirements and constraints you have to meet when you need to keep things running. I suspect I also helped implementing dumb and
insecure things at times, because they were the best trade-off at that time.
Often I found myself pondering on 'opposites', as red versus blue, consulting versus doing, projects versus operations. Should I lecture and
comment rather and implement and do? Is commenting and consulting just fence-sitting without skin in the game? I finally decided for more
involvement in keeping things running. Actually, I once became a consultant because I feel so terribly responsible for systems and infrastructures
also as an external consultant (usually without a long-term formal contract) who is touching that infrastructure once every few months. But
every time I was officially responsible for systems it was hardly bearable and moved me nearly over the edge into burnout - I better erect
that 'external consulting barrier' to keep me somewhat detached.
I also don' t want to say that offensive roles are 'easier' - far from this! I do not have real-live experience with pentesting, but I imagine
it as consulting on steroids: Travelling a lot, chaotic deadlines, all the non-glorious aspects of consulting in general, politics,... Exactly
the aspects that made me abandon the nomadic consulting life-style, by the way.
Following infosec experts on Twitter I notice that there is an old debate popping up from time to time: Should 'infosec' be an entry level role,
so should you e.g. go straight into security after college, or should you have an experience in other IT and software roles before - as a
programmer, system architect, or network administrator? Given my own path I should be in the latter camp, I guess. But on the other hand, again
given my own path, I can imagine that you can absolutely become a security expert with dedication and without having spent grueling years, say,
fixing clients' my-Outlook-does-not-work issues.
I changed my careers a few times, but I can as well present these transitions as a gradual, logical evolution. I had been a newcomer often,
and I people were asking me: How long have you been doing this? It was meant as a compliment, and I avoided to reply with the truth, like:
a few months only. When clients considered me a 'PKI guru' I often said that I firmly believe that a student with enough dedication can
become that exact type of guru in a year, too.
My blog was originally called Theory and Practice of Trying to Combine Just Anything. I had things like 'Physics and IT' in mind, or 'I had
also considered to study philosophy and want to be some sort of renaissance person'. Maybe this is how I have approached security, too: I wanted
/ want to combine all kinds of experiences. It has been my choice, my path, not necessarily the expression of some career advice that would apply
to anybody. Playing at hackthebox always shows me how much I do not know - about IT technologies and pentesting methods and tools. Only very
rarely, I can contribute something original, based on something I really know something about - like in the case of my
PKI / smartcard hack.
I feel very much that I am dilettante - in a positive sense of what the word actually means.
More than a decade ago this site started as a place of playful experimenting
with links - with content and structure. I hand-crafted and later semi-automated
some features that anticipated their modern counterparts, like
I have experimented with the true social media since 2012 - a party to
which I was rather late, given my previously early adoption of 'online writing'.
One of the things I learned again and again is that the tool you use and its
convenience do not really matter, at least not to me. I don't mind cumbersome
hand-crafting. It can even be a good filter to help with resisting the urge to
tweet shallow, not time-less stuff.
I am going to revive that tradition for a while!
2019-06-10: Last week I finally published my write on
unintended way to hack the box Sizzle von hackthebox - by hacking the PKI
and issuing myself a hardware token for the Administrator! I am overwhelmed by
positive responses - the security community is awesome! I might publish
something a bit similar in 'weirdness' for another Windows box.
2019-05-25: Reached a milestone in my clandestine web re-development
and content review project this week: Reviewed all blog postings, finally
found the right way to keep co-existing web databases and ad-hoc Excel
databases during a migration phase, ready to consolidate images. My plan is
to merge all sites gradually, without any deadline. Raking my virtual Zen
2019-05-14: Just completed my writeup of the unattended way to own my
favorite box on hackthebox.eu! Now I cannot wait until it is going to expire
:-) First time I used a piece of hardware to own a machine -
perhaps an image in the article will look as if this was influencer
marketing for ... SafeNet ;-)
2019-05-12: I have a blog and a personal website that
become more and more similar - again. I think I know what I have to do ...
2019-05-11: I am really excited about an unintended way I found to root a
Windows box on hackthebox.eu. I was finally able to combine what I learned
in the last year as a dabbling hobbyist pentester with my knowledge about
some of obscurer corners of Windows systems, especially that little
security-related server role I dedicated nearly two decades to :-)
2019-04-21: This website / these websites will undergo a transition - I will go full dinosaur. I
am questioning everything I took for granted, about 'how websites
should look like'.
2019-03-31: Every time I re-read Landau / Lifshitz' Course of Theoretical Physics I
discover new details. I am enjoying every word of their concise and elegant
explanations - and their ultra compact and typical physicist-style usage of
algebra and analysis.
2019-03-23: This website will not change much for a while - but elkement works on
stuff in the background. I am going to move all this here over to a static
website generator. One I code myself from scratch, for the fun of it.
2019-03-16: The best website on the internet has a grey background and
blue hyperlinks - the ultimate command line tool reference ss64.com.
See an example
2019-03-13: Every time I read the wizard book, I discover something new!
http://sarabander.github.io/sicp/html/index.xhtml I feel like I should
have read it much earlier in life, but in the other hand, I would not have
had so many light bulb moments - related to what I did 'wrong', or in an
inelegant and non-optimized way.
2019-03-13: The moment I hand-craft my pseudo-tweets, 1999-style,
something feels finally right again!
Long ago, these pseudo-tweets started with:
2002-12-16: The domain e-stangl.at was delegated in the glorious era of
THE GREAT dotcom HYPE, thus contains e-: .
The non-hyperlink part - the part
above the underscore - reflects the golden light of the evening sun or is
being shaken by an amber sandstorm.
I have had a section called Philosophy on my very first website, and I have maintained a page called Principles or Our Approach ever since. It sounds as if those principles had been decreed at one point in time. As if aliens from outer space had dictated them.
However, I could simply say this: Since decades I play with technology, science, engineering, IT and everything in between. I worked in different industries. Each of them had good and bad aspects - regarding the actual subject matter and re the way of working. My main goal and hidden agenda was to every evolve but keep the good and interesting aspects of each of them. I could spin a story about how everything fits into a grand and big picture, and it is not even wrong.
But it's a good exercise to look at everything as disjointed pieces. At some point in your life that stories should speak for themselves. I am running my own business now for a long time; I don't have to explain and justify how everything fits together - as if it was part of a great plan.
In no particular order, and without aiming at completeness...
Like the Cobol mavericks at the turn the last millennium, I support legacy Windows Public Key Infrastructures. I have migrated them over and over and over. I don't pretend I know all the latest buzz words but it seems I can catch up quickly and connect the dots.
I am herding all the software tools related to sizing heat pump systems, related numerical simulations, and data analysis - the so-called Data Kraken. I could call myself a software developer - I use languages from VBA to C++, and I use pointers and recursion now and then. But I don't mind if somebody insists this on this being 'just scripting'.
I have been doing down-to-earth IT system administration for one small business - my second ever customer, loyal since more than two decades.
I get Ask-me-anything questions related to How Stuff Works and If That Stuff is Secure or If That Stuff Can Work at All. For some of that advice people even want to pay.
If you ask what real physics I actually use, I'd say Heat Conduction. Accidentally (?) it was one my specialties at the university, a long time ago.
I work mainly remote. It's more efficient, it's cheaper for clients, I don't have to travel, everybody is more focused. I don't do political projects (anymore).
I enjoy to find the pragmatic middle ground. I don't take as gospel: Software design patterns, methodologies, engineering standards, compliance guidelines, best practices, 'what everybody says', 'what everybody does just to be on the safe side'.
Taking stock of what I had done so far, I found that two things were part of all my endeavors: Teaching/training and software development. I have also been a student in parallel, most of the time. After I gave an academic lecture about PKI for a few years, I ditched formal teaching, and having completed another master's degree I also stopped collecting degrees and certificates.
Since a while I am catching up on computer science basics in self-study mode, and this year I have discovered the joys of pen-testing.
... on a pentesting platform. that became my main 'social network'!
It feels like the natural progression from my
walking down the stack: In the last year I re-lived my history of a physicist in IT or an IT security specialist trained as a physicist. I investigated the security of embedded systems and sniffed network traffic - mostly related to monitoring and control of physical devices for 'generating' or storing energy.
I wanted to fill in gaps of knowledge, I turned to classic introductions to computer science, and I caught up on C/C++ and Python. But trying to hack systems is still another kind of skill: I had been a 'defender' for many years, explaining to others how to secure their systems, but I lacked the skills of an attacker.
After I had dabbled in forensics of unknown files and in using automated testing tools with modest success, I decided I want to learn this craft thoroughly. Or was it? Maybe I just want to play and see how far I can get. It was a surprise that I was actually able to hack the entry challenge for that pentesting platform. Fast-forward: I had hacked more than 80% of the active boxes.
My experiences there are both very humbling and very gratifying. Sometimes I struggle with even getting an exploit tool to run as I lack some basic knowledge of compile switches. But sometimes I discover I can leverage some things I didn't even realize consciously or ancient things buried deep in my memory. Who knew that ASP and VBScript would ever be useful again? And my preferences of Python and C++ (for non-destructive purposes) feels eerie now - I could not have picked the languages for my exploit tools better! My adventures with learning SQL Server a few years ago also come in handy, and what I considered my most unprofessional hacks turned out to be most useful: Stringing together 'applications' from scripts and compiles code in different languages, burying one into the other, not being afraid of loads of different quotes embracing each other. As a side effect, I am also more daring when it comes to my non-malicious code now: I have no problems any more to state publicly that I write an application in C# that adds VBA macros to Excel and executes them!
My immersion in this addictive platform also told me something about my learning preferences ... again. I had known it but it was not that explicit: I want to learn from solving problems. That was my intuitive answer once, when colleague had asked how I make myself familiar with new technologies, a freshly released operating system at that time. I replied that I try to solve one specific problem on that new system (involving X.509 certificates then) - and then expand my knowledge from there. I have pontificated about my love of reading textbooks and immersing myself in abstract theory, and this is not a contradiction: Hadn't I ploughed through the later chapters of Structure and Interpretation of Computer Programs - the ingenious explanation how compilers and assembly works - I might not enjoy my attempts to create buffer overflows that much. Which is a topic I need much much more reading and playing with, by the way.
I know am saying the same things again and again and again - here, on my blog, and on social media. It seems my websites have run their course for the time being - I am not actively trying to search for new content to create, and I feel like writing articles that flow naturally, rather than writing semi-scholarly papers with code and data. So I am leaving this article here, on the site that nobody reads, as a hidden away note maybe.
Recently I've changed my story at some social profiles again - to this:
Specializing in: Control systems, software development for measurement data analysis, IT security,
troubleshooting and reverse engineering systems with physical (hydraulic) and software (control) components.
I am running a small engineering consultancy together with my husband. We are both physicists, and we focus on designing,
programming, and troubleshooting control systems for heating / solar systems, especially heat pump systems with a combination
of uncommon heat sources and custom control. For more than 10 years I have implemented, reviewed, and
troubleshooted public key infrastructures, and I still do this for some long-term clients.
In contrast to this blog, this site here is more of an extended profile /
About Me page. It is my hand-crafted whoami machine.
I think about my exploration of layers of software. tl;dr: I am gradually
moving down / back to the lower levels of software, the ones closer to hardware,
electronics, control, field bus systems etc.
I've started out learning about micro-controllers in electronics class as a physics student. Then I programmed sensors and actuators
for measuring the low-temperature electrical properties of superconductors as a
staff scientist at the university (in Turbo Pascal). Yet I jumped up to the top of the software
stack and switched to Microsoft scripting languages: VBA, VBScript, ASP when I
went 'from research to IT'. Even the first version of my numerical simulation
for our heat pump system was an Excel spreadsheet, then a VBA application using
It seems I needed to trade 'IT' again officially for 'renewable energies' to
be motivated to move down the stack again. When I was a non-traditional
'post-graduate' student in in energy engineering I was
always been the 'Excel programmer' in group projects. Buth then I went down rabbit holes:
Learning SQL Server and Transact-SQL for analyzing our measurement data.
Re-writing the simulation software, now based on Visual Basic .NET, for the
first time using a true object-oriented design. To get ready for this, I had
re-written this website from scratch in .NET before. My so-called Data Kraken
uses a combination of Powershell and SQL scripts today.
I finally learned to utilize all my processors in my simulation, and I fixed lots of
performance issues. I read Joel on Software cover to cover to re-live the period
I 'was in IT' and to catch up on fundamentals. He pointed me to Structure and
Interpretation of Computer Programs which I consider the single best ever
lecture / course I've ever 'attended'. It is both so deep and philosophical, and
at the same time so useful: My simulations became faster by a large factor.
And all the time, I did reverse engineering and debugging. I think I have
done this ever since, but always at the level I understood software at the
time. Of all the tasks I had as an IT Security / Public Key Infrastructure
consultant, troubleshooting weird issues with X.509 certificates was maybe the
best one: Digging deep into network traces, reading up on RFCs. Every time I was
theoretically only a user of software and services, I ended up debugging in
detail - like using Wireshark to track down a weird compatibility issue between
my e-mail client and a mail server, when just trying to sign my invocies via a
digital signature solution using SMTP.
finally learned C and C++, and I read about Assembly and the art of reverse
engineering and malware analysis - to really appreciate the final chapters of
SICP, about the self-referential wonders of compilers and interpreters.
Trying to visualize the stack and what happens to the registers, I picked up
a very old book - the one I used decades ago in my electronics class - and I
jumped into the chapter about micro-controllers. And then it hit me: Those
fundamentals, they have not changed much. Yes, different processors have
different instruction sets and you might have 8bit, 16bit, or 32bit. But the
explanation about the stack, and how to return from a function - this has always
been an eternal truth since that electronics book and SICP had been released.
All falls into place: Understanding C is really the pre-requisite for
understanding field bus communications, and that is what control units use.
Debugging skills are essential when dealing with abandoned engineering software
from the stone age.
So I finally found the most logical connection between physics and IT, the
place to be as a physicist in IT or in engineering or whatever.
Onword to Python!
New rules (Yes, Google - I know,
I've already done this for my blog, and now
you will penalize me for duplicate content as the rules are exactly the same.
Not the poem of course!)
- Search for your site on Google: site:elkement.subversiv.at/en
- Pick the first search result in the language of your site
- Pick a chain of words, a contiguous snippet from this Google search result. This becomes the title of your poem.
- Label X: Copy your chosen snippet and search again, now for this phrase.
- Pick the first snippet from the new search results, choose a phrase. This is the next line of the poem; re-arrangement, editing or skipping search results is not allowed.
- Goto X.
not funny though
it often just looked unfocused
while others procrastinate
silently cursing yourself
Much energy is wasted in talking
It can be measured
to answer the following questions
Need an extra hand?
meaning, pronunciation and more
the class of ostensive definitions
words will not be understood
Word of the Day
A rapid scramble down the shattered ridge
All too soon we were on the top
And with you went my dream
I know where I was going
a 1945 romance film
A complete list
clear it to fix issues
There are a number of problems
There is or There are
what to do when it's not so clear cut
Distinctly and sharply defined
A line that represents
Tough and Tricky questions
So you think you're pretty clever?
move forward or backward to get to the perfect spot
the best way
world of dreams
extremely powerful queries
they're a lot more trouble
work you have to do for something
questioning why we don't hold different cards
which basically translates to
which basically means
we're going to take
I often say that my work is basically, most of the time, actually: Reverse
engineering, finding out how stuff works, deciphering blackboxes. I refer to
both software and physical systems - hydraulics - and to anything in between,
control units and their logic.
Even when I was a supposed technical experts for certain (software) products
what I actually did was to reverse engineer the product in question - the
weekend before I demonstrated my consulting capabilities, allegedly backed up by
thorough training and long-term exposure.
So I think it is worth to ponder a bit on what it means to reverse
Good-enough approach (80-20-style). I had enjoyed reverse
engineering because it was different to my former life as an academic scientist.
You do not need a complete theory and unassailable arguments to explain to your
knowledgable peers about what goes on exactly in the blackbox. You just need to
know enough to track down and solve the problem a real human being actually
has. That human being might as well be yourself.
I remember the first times I solved computer problems of small business
owners - based on hardly any experience and know-how, by my current standards.
However, after years of exposure you might as well write an in-depth paper, but
you are not forced to present your know-how in this way. You primary mode of
operations is to solve problems, not to gain recognition.
Depth and breadth. It may be fashionable to say that reverse
engineering certainly requires to think outside the box, and the 80-20 statement
seems to imply that you don't need to bother to learn any 'theory' before
embarking on a debugging venture. But if you want to become really good at
troubleshooting, you better also learn the fundamentals and find a niche(s) you
want to specialize in.
You focus on your specialties where you have both deep know-how and hands-on
experience, and you add out-of-the box ideas related to other subjects. You
stumble upon an interesting aspect and decide to learn more in depth about it. I
had specialized in public key infrastructure and digital certificates, and later
on heat pump systems and thermodynamics. However, when troubleshooting I might
also need to learn something on-the-fly about a special CAN bus networking
protocol or about heat pumps without electrical compressors.
Social engineering and no false pride. I like to work on
issues that I can solve - without the need to 'escalate an issue' to some
support organization in the background. However, I try to keep Geek Honor in
check: You do not need to re-invent anything from scratch, and you do not need
to disassemble a system in case you find the human beings who built it or at
least the documentation created by them.
Social engineering can be part of reverse engineering (both terms meant in a
benign way): I had
social engineered my way into an organization that kept insider information
like manuals or passwords, and I believe learning from your peers is an
excellent way to increase your knowledge. The challenge with learning from the
community is stay at eye level with your true'peers'. I had my share of
encounters with suckers of know-how who only want to take but had nothing to
give in return.
Against the green-field. For me, reverse engineering is
strongly tied to a culture or re-use and repair, as opposed to a culture of buy
and build from scratch. If you want to
be creative with what is available, you need to decode the things you
already have (... and after a few years of operations you might debug your own
creations, no matter how excessive your documentation was.) Knowing what your
gadgets do - your software, your heating system, your appliances - puts you in
Challenge the experts. This is closely related to the
culture of re-use: If a so-called expert, certified and radiating authority
tells you flat-out that this will definitely not work (often because
the expert is also a supplier of new stuff he wants to sell) then you can only
rely on your reverse engineering skills to prove him work.
That is perhaps the most important aspect - in our era of a growing number of
interfaces with external services, clouds etc. and where you use shiny and
well-sealed blackboxes that ought not to be reverse engineered at legal
I did not have ambitions 2017. It should have been a year of taking stock -
and it was, in a good way.
time-travelled and re-lived some history of software engineering, and
finally learned basics of computer science. This was philosophical delight,
but also useful and necessary: I was able to boost the performance of my
simulations (above a level of what was, maybe, embarrassingly slow).
- I tinkered a lot with
numerical simulations of our heat pump system. Main thing I learned: The
more modern the building, the more you'd need to simulate humans' behavior,
rather than physics or control logic.
- Reverse engineering and troubleshooting is what finally connects all the
fields of science and engineering I love: Troubleshooting, ferreting out
hidden causes and effects in hydraulics feel the same as
sniffing and debugging software and networking protocols.
- Theoretical physics reading: I returned to classical thermodynamics and
statistical mechanics; I find it fascinating and beautiful in its own
right, even if only at the pre-1960s level. I took stock of my
writing on heat transport - and I am happy I can actually really use
physics on a daily basis, in down-to-earth engineering projects.
- I was thinking about automation, standardization, and big social media
platforms. I struggled with this blog post about the
future of small business for a long time, but optimism won. I might
frame this even more positively today: There is a place for artisanal
service delivery despite or because of Everything Being Offered As A Service
by Omniscient Data Krakens.
- My blog turned 5 in spring, and I allowed myself to
return to a more philosophical blogging style (briefly). Otherwise, I
finally and subconsciously made the elkement.blog my main resources of
technical content - or at least content related to my professional domain,
and content edited for clarity and entertainment. Whereas on
elkement.subversiv.at I let my stream of consciousness flow. It seems that
the pattern that finally emerges is: elkement.blog = elkement's tech /
science magazine and platform for personal research news, with an ever
growing focus on fields I have training in and daily practical exposure to.
elkement.subversiv.at gravitates against the same focus, but I allow myself
to focus on my personal perspective only. So here you find 'what I am doing
with [insert: heat pumps, security,...]', over there you find the useful
content as such.
- Tomato harvest was great. I tried to grow late varieties - like Ox Heart
- directly outside, and it worked.
- Dinosaur Kale tastes good. And it is able to recover from a at attack of
a bug that targets kale (and radishes' seed capsules). Don't try to keep
seeds of radishes in the land of canola.
This website is an old-school non-interactive site. My blog technically
isn't, but looks like one now, for the lack of visible comments. However,
messages have reached over covert 1:1 channels, so I do now that there is a
small but sincerely interested group of readers. I thank you all for reading my
Many years ago, The Web – which has its own category on my website here –
was an experimental playground for me. You might have guessed so, just
checking out the URL of this post.
Technologies and protocols once used for displaying static websites have
been repurposed, and HTTP(s) became the so-called Universal Firewall Bypass
protocol. We synchronize files with Dropbox or offline-cache or mailboxes.
Applications like Teamviewer or the signals from our Things (as in Internet
Of Things) poke controlled holes into our firewalls so that they are
somewhat accessible from the outside.
I have written about all of that at length elsewhere – about the
insecurity of the Internet of Things and about
Data Krakens dominating small businesses. I have had mixed feelings
about the evolution of The Web. But there is one absolutely positive
outcome: That HTTP(s) (mis-)use connection magic enables me to work in a way
I would have never envisaged 25 years ago – at the time when my most
important ‘files’ were still contained in physical folders.
I am able to work nearly remote-only, not only in IT projects. About 10
years ago I was a consultant in information security. We worked from ‘home
office’, too, although company culture often dictated that there had to be
meetings in real life. Today, I still support some long-term IT security
clients, but mainly via remote and/or asynchronous channels. When we started
our experimental heat pump side-business several years ago, my standard joke
was: Someday we will work in heat pump projects the way we work in IT
projects. And the joke became true – it actually became the default way of
working, even for clients that are within geographical reach, like a 50-70km
This list on our website explains the steps / stages of such a project –
but it’s hard to convey the spirit of a remote project properly. It sounds
way too serious. On our German blog we feature
verbatim hilarious quotes of a client / ice storage heat pump system
self-builder – translation could never do it justice.
Working remotely seems to be about technology: We need to have the tools
we have today to communicate, exchange information, to monitor and manage
systems over the internet. But it is more about culture. In IT, such tools
have already been available for a long time, yet some corporations insisted
on ‘face showing rituals’. Notably, during the economic crisis of 2008/2009
many companies worked hard to keep travel costs low and resorted to working
remotely – and later never reverted to face showing mode.
Successful remote communication is based on the skill of asynchronous
communications, e.g. on processing more than the first three lines of an
e-mail, but replying thoughtfully in nested threads. My anecdotal evidence
tells me that our typical heat pump clients have that skill – tech-savvy
geeks whose day jobs are usually tech- / IT- / engineering-related .
You need to keep politics out. As soon as that infamous ‘non-verbal
clues’ become important, remote channels might be too narrow. However, I
wonder if politics can ever be tamed properly even with heavy face showing.
My pragmatic solution is to focus on simple ‘structures of command’ – work
with one single accountable client who is in charge for his/her project and
has skin in the game. Only if you need to intermediate between ‘team
members’ and listen to ‘different sides’ you get into troubles. I have my
share of experiences – like: Clandestine meetings in which project member X
told me they considered to revolut against project manager Y – depending on
my honest opinion of Y.
Many hands-on engineering tasks are gradually being supported by remote
IT tools. I am not a first adopter of such technology – like augmented
reality glasses for engineers in power plants. My icon is an angry dinosaur
for a reason. But even I say, half-jokingly, that someday people might 3D
print our heat exchanger tubes and PVC supporting constructions, instead of
working with our traditional design documents and plans.
So at the end of 2017, I embrace The Web again and my outlook is
positive. It’s like returning to the old days – when
The Cluetrain Manifesto told us that The Internet will kill TV-like ads and
foster communications between human beings – also in business. That may
sound irrational, given the ominous power of online tracking, all for the
sake of advertizing. But anyway: The positive spirit of
remote working pioneers, like Automattic (wordpress.com) is what defines
The Web for me!
I will try to explore my relationship with IT / software / computers / computer science / software engineering or whatever the best term is to describe it. I am in a mode of looking back with content, and making small changes, learning a bit more.
As often, thinking in 'opposites' comes most natural to me:
Self-study versus formal education. The IT and software industry is young and - I believe - had originally been populated by people without a formal training in computer science as this did not yet exist as an academic discipline. The community was open to outsiders with no formal training or unrelated experience. As a former colleague with a psychology background put it: In the old times, anybody who knew how to hold a computer mouse correctly, was suddenly considered an expert.
I absorbed the hacker ethics of demonstrating your skills rather than showing off papers, and I am grateful about the surprisingly easy start I had in the late 1990s. I just put up a sign in a sense, saying Will Do Computers, and people put trust in me.
I am not 'against' formal education though. Today I enjoy catching up on computer science basics by reading classics like Structure and Interpretation of Computer Programs.
Breaking versus building things. I have been accountable for 'systems' for a long time, and I have built stuff that lasted for longer than I expected. Sometimes I feel like a COBOL programmer in the year of 2000.
But I believe what interested me most is always to find out how stuff works - which also involves breaking things. Debugging. Reverse Engineering. Troubleshooting. All this had always been useful when building things, especially when building on top of or interfacing with existing things - often semi-abandoned blackboxes. This reverse engineering mentality is what provided the connection between physics and IT for me in the first place.
It was neither the mathematical underpinnings of physics and computer science, or my alleged training in programming - I had one class Programming for physicists, using FORTRAN. It was the way an experimental physicist watches and debugs a system 'of nature', like: the growth of thin films in a vacuum chamber, from a plasma cloud generated by evaporating a ceramic target bombarded with laser pulses. Which parameter to change to find out what is the root cause or what triggers a system to change its state? How to minimize the steps to trace out the parameter space most efficiently?
Good-enough approach versus perfectionism. 80/20 or maybe 99/1. You never know or need to know anything. I remember the first time I troubleshooted a client's computer problem. I solved it. Despite knowing any details of what was going on. I am sort of embarrassed by my ignorance and proud at the same time when I look back.
In moment like this I felt the contrast between the hands-on / good-enough approach and the perfectionism I applied in my pervious (academic) life. I remember the endless cycles of refinement of academic papers. Prefixing a sentence with Tentatively, we assume,... just to be sure and not too pretentious though I was working in a narrow niche as a specialist.
But then - as a computer consultant - I simply focused on solving a client's problem in a pragmatic way. I had to think on my feet, and find the most efficient way to rule out potential root causes - using whatever approach worked best: Digging deep into a system, clever googling, or asking a colleague in the community (The latter is only an option if you are able to give back someday).
Top-down, bottom-up, or starting somewhere in the middle. I was not a typical computer nerd as a student. I had no computer in high school except a programmable calculator - where you could see one line of a BASIC program at a time. I remember I had fun with implementating of the Simplex algorithm on that device.
However, I was rather a user of systems, until I inherited (parts of) an experimental setup for measuring electrical properties of samples cooled down by liquid nitrogen and helium. I had to append the existing patchwork of software by learning Turbo Pascal on the job.
Later, I moved to the top level of the ladder of abstraction by using *shock, horror* Visual Basic for Applications, ASP, and VBScript. In am only moving down to lower levels now, finally learning C++, getting closer to assembler and thus touching the interface between hardware and software. Which is perhaps where a one should be, as a physicist.
Green-field or renovation (refactoring). I hardly ever had the chance to or wanted to develop something really from scratch. Constraints and tough limiting requirements come with an allure of their own. This applies to anything - from software to building and construction.
So I enjoy systems' archaeology, including things I have originally created myself, but not touched in a while. Again the love for debugging complements the desire to build something.
From a professionals' point of view, this is a great and useful urge to have: Usually not many people enjoy fiddling with the old stuff, painstakingly researching and migrating it. It's the opposite of having a chance to implement the last shiny tool you learned about in school or in your inhouse presentation (if you work for a software vendor).
In awe of the philosophy of fundamentals versus mundane implementation. I blogged about it recently: Joel Spolsky recommended, tongue-in-cheek, to mention that
Structure and Interpretation of Computer Programs brought you to tears - when applying for a job as a software developer.
But indeed: I have hardly attended a class or read a textbook that was at the same time so profoundly and philosophically compelling but also so useful for any programming job I was involved in right now.
Perhaps half of older internet writing reflects my craving for theses philosophical depths versus the hard truth of pragmatism that is required in a real job. At the university I had been offered to work on a project for optimizing something about fluid dynamics related to the manufacturing of plastic window frames. The Horror, after I had read Gödel, Escher, Bach and wanted to decode the universe and solve the most critical problems of humanity via science and technology.
I smile at that now, with hindsight. I found, in a very unspectacular way, that you get passionate about what you are good at and what you know in depth, not the other way round. I was able to possibly reconnect with some of my loftier aspirations, like I could say I Work In Renewable Energy. However, truth is that I simply enjoy the engineering and debugging challenge, and every mundane piece of code refverberates fundamental truths as the ones described in Gödel, Escher, Bach or Structure and Interpretation.
I have been blogging 'seriously' about physics since 2012. My motivation has
a blend of jotting down notes on interesting things I've just found, conveying my decades-old fascination with some phenomena, trying my hands at
popular science writing, and reporting on my own research.
Today I am asking myself - did I learn anything from that on a meta level? To
read myself, I am re-arranging the list of my physics posts and sort them by
topic and sub-topic. The list says it all, I think.
I wanted to write about quantum mechanics, but it seems I was always most
intrigued by classical mechanics, statistical mechanics, and thermodynamics. The
latter has become my true home in physics - which has come as a surprise to
myself. Yes, thermodynamics is my specialization, but years ago I rather figured
that this is my job, and I rather want to follow the latest news on quantum
information and particle theory in my spare time. It turned out that I am more
interested in history of physics and in the evolution of concepts that are now
My recurring meta-topic is that classical mechanics / thermo can be as
interesting, 'geeky' if you wish, mathematically 'weird', and surprising as
fields that seem to be more popular.
This list may remain a static snapshot. I am editing the chronological list
of my physics posts
here on the blog. This list might lseem to lack some of my more applied /
engineering postings, re our heat pump system and data.
These are here.
(Voice from the future: Soon there will no separate 'blog' and 'website' anymore - all is being united and merged...
Thermodynamics and Statistical Mechanics
Concepts and foundations
Random Thoughts on Temperature and Intuition in Thermodynamics
Time evolution of systems in phase space:
On the Relation of Jurassic Park and Alien Jelly Flowing through Hyperspace.
Phase-space in depth:
Hyper-Jelly – Again. Why We Need Hyperspace – Even in Politics.
efficiency, irreversibility, proof by contradiction, paradoxes:
Re-Visiting Carnot’s Theorem.
Mathematics used in statistical
Spheres in a Space with Trillions of Dimensions.
Heat pump basics
Brief explanation, absolute temperature:
Why Do Heat Pumps Pump Energy so Easily?
Coefficient of Performance of
a heat pump:
An Efficiency Greater Than 1?
Cross-check of numbers for a large
heat pump system:
Pumped Heat from the Tunnel
COP versus Performance Factor:
How to Evaluate a Heat Pump’s Performance?
Heat Pump System Data: Three Seasons 2012 – 2015.
Heat conduction, diffusivity, latent heat:
Storage Challenge: High Score!
Heat conduction, heat equation:
Temperature Waves and Geothermal Energy.
Heat diffusion length:
Rowboats, Laser Pulses, and Heat Energy (Boring Title: Dimensional Analysis).
Simple version, daily energy balances:
More Ice? Exploring Spacetime of Climate and Weather.
Heat transport, energy balances. Simulations versus simple energy accounting:
Ice Storage Hierarchy of Needs.
Detailed version: Heat
exchangers, heat equation, 1-minute time slots:
Simulating Peak Ice.
Thermodynamics and energy basics, dimensional analysis
kW and kWh.
No, You Cannot ‘Power Your Home’ by One Hour of Cycling Daily.
Phase transitions, ideal gas law (pressure sensor)
Mr. Bubble Was Confused. A Cliffhanger.
kWp, power, energy, energy flow:
On Photovoltaic Generators and Scattering Cross Sections.
History and inventions
Einstein’s Refrigerator and other inventions:
Einstein and His Patents
Centennial light bulb,
111 Years: A Shining Example of Sustainable Product Development?
Checking 19th century papers:
Peter von Rittinger’s Steam Pump (AKA: The First Heat Pump).
Phase transitions of water, Mpemba effect:
A Sublime Transition.
By an Austrian start-up – pressure gradient created
by centrifugal forces:
And Now for Something Completely Different: Rotation Heat Pump!
(I realize that some of my articles in the
category would also qualify for this sub-category History. For example: I
wrote a - less detailed -
post on Rittinger's steam pump before. But part of the fun with these list
is that you have to take those hard decisions of tagging ...)
Classical Mechanics and Fluid Dynamics
Equations of motion and Lagrangian formalism
Principle of Least Action.
Sniffing the Path (On the Fascination of Classical Mechanics)
Equation of motion, intuition in physics:
Are We All Newtonians?
Motion of a falling slinky spring:
The Falling Slinky and Einstein’s Elevator.
Least Action, again – extended version:
Space Balls, Baywatch and the Geekiness of Classical Mechanics.
From Newton’s Law to Navier-Stokes Equations:
Non-Linear Art. (Should Actually Be: Random Thoughts on Fluid Dynamics).
Estimates related to the physics of scything:
Grim Reaper Does a Back-of-the-Envelope Calculation.
Back-of-the-envelope cross-checks, hydro power:
All Kinds of Turbines.
Torque, forces, precession, nutation.
The Spinning Gyroscope and Intuition in Physics.
way to explain how the gyroscope works:
Intuition and the Magic of the Gyroscope
The Twisted Garden Hose and the Myth of the Toilet Flush:
Coriolis force (2).
Lest We Forget the Pioneer: Ottokar Tumlirz and His Early Demo of the
Physics and geometry
My first (later corrected) proposal of a solution:
Physics / Math Puzzle: Where Is the Center of Mass?
Correcting my earlier proposal:
Revisiting the Enigma of the Intersecting Lines and That Pesky Triangle.
Newton’s geometrical proof of Kepler’s laws:
Mastering Geometry is a Lost Art.
Quantum Mechanics and Quantum Field Theory
Interpretations of quantum mechanics:
Is It Determinism if We Can Calculate Probabilities Exactly?
Quantum Mechanics versus QFT:
Quantum Field Theory or: It’s More Than a Marble Turned into a Wiggly Line.
And Now for Something Completely Different: Quantum Fields!
Summary on QM:
May the Force Field Be with You: Primer on Quantum Mechanics and Why We
Need Quantum Field Theory
Quantization – starting from statistical
On the Relation of Jurassic Park and Alien Jelly Flowing through Hyperspace.
Path integrals and symmetries:
Learning Physics, Metaphors, and Quantum Fields.
Student Friendly Quantum Field Theory.
Electromagnetism and special relativity
Unification of Two Phenomena Well Known.
lose energy when accelerating:
Why Fat Particles Radiate Less.
An alternative way of
How to Introduce Special Relativity (Historical Detour).
Learning General Relativity.
Using physics-like methods in economics and sociology
Networking theory, instabilities:
Theory and Practice of Trying to Combine Physics with Anything
E-Mails and communications:
Using Social Media in Bursts. Is. Just. Normal.
‘Philosophical’: Learning physics, culture
On trying to explain physics without math:
Real Physicists Do Not Read Popular Science Books
Trouble with Physics by Lee Smoli:.
I neither Met Newton nor Einstein
On learning physics.
Stupid Questions and So-Called Intuition.
Wertheim’s Physics on the Fringe
Physics Paradoxers and Outsiders.
Physics as Therapy (1)
In Praise of Textbooks with Tons of Formulas (or: The Joy of
Physics as Therapy (2)
Ploughing Through Theoretical Physics Textbooks Is Therapeutic.
This website shall finally reconnect with its roots – radices.
With the dawn of the new millennium a self-proclaimed Subversive Element has registered a bunch of domains. It was especially fond of radices.net and subversiv.at. Today, all these sites have been re-united and redirected to elkement.subversiv.at. But the site does not deliver on its promising name – I feel it became way too 'professional' recently. Historical content has been filed mostly under Physics (radices) and Art (subversiv). The category life displays some of the matter-antimatter collisions of these two worlds. Which also explains the category of the current article.
The Subversive Site was a Red Padded Cell, with Font Color = White, a so-called creative playground. The Element was aware that 'everybody' could read this but it did not care. The Merger of the sites was inevitable in the end, after a final detour of professionalization – when radices.net suddenly also hosted pages with IT Security links.
I have been a blogger, and I observed the evolution of other blogs: My anecdotal evidence shows that blogs live for about 1-2 years. If they are bound to survive they have to escape the matrix and to overturn their creators. A personal blog or website needs a 'Big' Idea. OK, not really big, but at least a-all-encompassing and abstract enough so that all the authors different threads and lines of thoughts can be silently tied together using this idea's magic glue.
My elkement.blog is relentlessly edited (Voice from the future: Soon there will be no distincion anymore between 'this website here' and 'the blog over there'. It was a more philosophical site once, but I aim at following our punktwissen principles now. Articles should be concise, provide value, and perhaps also entertainment. There should be s logical connection between posts and my curated lists should help readers to find something 'useful'.
On the contrary, this site has more or less the same article over and over again – perhaps in disguise and interlaced with technical notes. It is all about my personal keeping the essence of Physics alive and useful for me. Since radices was originally a German-only science and philosophy site, the English version might not reflect this – but in the early articles on elkemental Force (at that time: Theory and Practice of Trying to Combine Just Anything) I recaptured these ideas.
So I do finally accept this – let elkement.subversiv.at have its way. This is elkement's personal site, and its primary topic is How To Learn About Physics And Why This Might Be Useful Or Even Edifying In Very Different Ways.
- Learning physics means to start somewhere in the middle. That's why a first Introductions to Physics lecture is always hard (if the lecturer has some modest mathematical aspirations). You need to look at the same phenomena from different angles, and only after a while – and some work – everything will fall into place. This process and journey of learning is rewarding in itself.
- The more related to mathematical foundations (of physics) a question is, the less googleable the answer is. You can find anecdotes, and examples, science sound-bites for entertainment. Of course you find awesome lecture notes to learn the fundamentals from Feynman Lectures to Landau-Lifshitz – but you need to 'learn' them. In contrary to the mantra of You Just Need to Know Where to Find Something (like: Google for error messages) I believe that really knowing about fundamentals without googling helps a lot with problem solving: You can walk through how a system should work, just using the resources in your head.
- Mathematics purges the brain, and this does not only help with
mathematical problem solving. So I believe that the hackneyed
problem-solving skills of science graduates are real (albeit it is difficult
to assess the self-selecting nature of STEM degrees for people with natural
'analytical' skills). But the caveat it: Years of corporate work, powerpoint
slides, office politics, distractions, pressure to deliver ad hoc can erode
these skills. I have long-term tested different methods to keep physics
knowledge alive and usable - and
learned now that science might even provide some evidence, in a sense.
- I have been in 'cyber security' for a while and I have written lots of gloomy articles about our new smart world of automation and where everything (including heating systems) is turned into cloud-based services. Thoughts on all of this is still work in progress, I am working on internal consistency and unambiguity. I came into the world of IT as an experimental physicist, I was applying my training of troubleshooting complex 'analog systems' to digital systems. Despite the myth of crystal-clear 0s and 1s it was often better to treat them as blackboxes. I lacked the typical computer nerd's / enthusiast's background and started late – playing with Microsoft systems and Office VBA and the like.
In spite of this Treat-as-a-Blackbox approach I like to understand as much as possible about a system. Yes, I know you cannot understand, yet build, a power plant, from knowing how to solve Maxwell's Equations (yet understand or solve issues in cyber security related to such power plants). Nevertheless, if I have the choice to understand something at all, I'd pick Maxwell's Equations.
Since years I am using an (angry) dinosaur as my web and blog logo. The dinosaur is from another era, and sometimes it cannot deal with 'modern' concepts of our 'smart', 'networked' world. But perhaps, it was part of this world for a while in order to overcompensate.
Now the dinosaur is getting more and more confident that its typical dinosaur activities might be more productive and positive than it thought before.
On science and technology
- I believe there is often a simpler, a more low-tech solution to a problem technology is thrown on.
- I sometimes call myself a geek but I don't understand this 'geek' movement of cheering science and technology - without any desire to learn any of the details.
- I prefer to work on seemingly mundane problems that somebody really wants me to solve right now.
- This explains why I discarded inquiries to participate in and profit from governmentally funded research projects.
- Yet, I often find a universe of intriguing puzzles when mulling upon a 'simple' problem.
- Learning about theoretical physics has a mind purging effect: It helps, no matter if I ever need the math directly.
On business and life
- If a business relationship does not work without a written contract, it does also not work well with one.
- Don't follow any advice by strategists and experts, especially if their primary role is to act as consultants and not as doers.
- If somebody has an opinion on something, I judge them on Skin in the Game, hands-on experience, and education - in that order. I keep this in mind when voicing my own opinions.
- I don't pay for leads - I endorse other for free, and I am endorsed for free. Not necessarily on a 1:1 basis.
On the internet
- The greatest internet-powered innovation in the workplace I have encountered is to work remotely.
- I am grateful that I started writing online before there were Likes and Comments. The point of writing online is to hold yourself accountable because others could read this on principle, not because you need feedback.
- The internet sharing paradox: The more information you share for free, the more requests for free information you get. Learning to say No is a key skill.
- No matter how eclectic you think your combination of specialties is - you will find people on the internet featuring the same combination. Just better. It's humbling and this is a good thing.
Sometimes I wonder why I had created a Tech category separate from an IT category. The two of them are interrelated closely as
my recent Wordpress blog post on my so-called Data Kraken had demonstrated.
I call myself the Theoretical Department of our engineering consultancy because I am mainly in charge of software development, simulations, and data analysis – related to measurement data for our heat pump system (and those of our clients).
But there is one big difference between what I call 'IT-only projects' (like my PKI-related services) or engineering projects that also involve software: 'IT' is my tag for providing software-related consulting or software engineering related to somebody else's IT system – a system whose requirements are defined by somebody else. My engineering software is built according to my own requirements. My 'Tech' projects, IT-centered as they may seem, are not primarily about IT: They are about systems using, storing, and transferring energy. IT is just a tool I use to get the job done.
All things I had ever done as an IT professional turn out to be useful, and I am learning something new nearly every day – when thinking about 'energy'. Heating systems today are part of what is called Internet of Things – so IT security is also an important aspect to consider. In 2015 I used this website to finally transition to .NET (… finally, from ASP ?), and as a spin-off I also re-developed the numerical simulations for our heat pump system in .NET – representing every component as on object. 2014 I migrated our initially only Excel-based data analysis to SQL Server, and I have improved my 'Data Kraken framework' since then, adding visualization by automated Excel plots etc.
I still work for some select 'IT-only' clients - and it seems my 'IT articles' here just constitute a series of updates about the exact extent to which I still do PKI. If the occasional data analysis question comes up, any SQL, Excel, or .NET skills might come in handy in my IT projects - like querying a certification authority's database, or using a semi-automated Excel sheet to create a Certificate Policy Statement, following the RFC. But I don't advertise myself as a SQL etc. expert; I rather think I returned to where I came from, many years ago:
When I worked as an IT consultant, I had been asked over and over: How does a physicist end up in IT? There are very different reasons: The obvious one is that as a physicist you might have picked some programming experience. I had indeed contributed to the (mess of patchy 'local-community-developed') software for automating the measurement of electrical resistance of superconducting thin films many years ago, but this was not the main reason. I was an experimental physicist so I can't claim that my work was immensely mathematical or computational (and my job as 'implemented applied cryptography' via Public Key Infrastructures was not either). The main analogy is that IT systems of sufficient complexity are as unpredictable as an experimental setup governed by lots of parameters, some of which you have not identified yet – as was the manufacturing of thin films by laser ablation. I was simply patient, perseverant, and good at troubleshooting by navigating a hyperspace of options what might have gone wrong.
This might be either boring or frustrating for non-geeks. But I believe the grunt work of maintaining and fixing software is rewarding if this is an auxiliary task, done to support the 'actual' system of interest. Mine are heat pump systems, power meters, photovoltaic generators and the like. I want to understand and optimize them and so I am willing to learn new programming languages and spend hours on troubleshooting bugs with software vendors' updates. Just as back then I learn the bare minimum of Turbo Pascal to develop software for low temperature measurements.
In 2017 I am going to focus on maintaining (and bug fixing ?) Data Kraken und ich will work on making usage and 'visualization' of the numerical simulation more and more similar to Data Kraken.
Currently, Data Kraken has the following main features:
- Documentation of the sensors and log files for different loggers (Heat pump / UVR16x2, smart meter, PV…) in an Access database - a small proto-kraken per installed system.
- Documentation of changes to sensors and log files, such as: Shuffled columns in files, modified naming conventions for files, new or replaced sensors. For example, the formerly manual reading off of the surface level of water in the water/ice tank has been replaced with an automated measurement in 2016. So the input value for calculating ice volume moved to a column in a different log file, and was measured in different time intervals.
- A Powershell script grabs all log files from their source locations, and changes date formats, decimal commas and line breaks. (I found this to be more performant than manipulating every line later after the import to SQL Server).
- The Powershell script then creates an updated set of SQL scripts – one set of scripts and one SQL database for each installation / each client. For example, the CREATE TABLE or ALTER TABLE commands are created based on the Access documentation of measured values and their change log.
- SQL scripts create or add SQL Server database fields, import only the files containing data points not imported yet, and import their data to a staging table. Each SQL database can thus always be re-created from scratch – from CSV log files and the meta documentation (Access).
- Error values are modified or deleted from the staging table, as defined before in the Access database (and such in a SQL script): For example vendor-defined error values for not connected sensors (as 9999) are set to NULL or whole rows of values are deleted if the system was e.g. subject to maintenance according to other system's documentation.
- Finally, the most important script is run: The one that does the actual calculation of e.g. average brine temperature, energy harvested by PV panels or the solar / air collector by day, or daily performance factors of the heat pump. The script needs several levels of SQL views – all of which are re-created by the script.
- Microsoft Excel is used as a front-end to show values from tables with calculation results. One Excel-formula only simple table allows for browsing through values, and picking daily, monthly, yearly, or seasonal numbers.
- Excel plots are automated with respect to the fields (columns) and to start and end date. Existing plots can be copied (also from other workbook), then documented in a table. The documentation table can then be modified and is used as input. Color and line widths are still tweaked manually.
Weird as this setup sounds, it allowed me to develop and change the solution just in the right way – installation by installation, e.g. by testing the changes to log files after the control unit's firmware for one specific installation first.
(I have just published a similar, but conciser article on my Wordpress blog. As usual, I try to provide useful information over there, where I just follow my stream of consciousness here.)
I have written about all things physics for a long time - mainly on my blog, since 2012 – but I have never been quite satisfied with the result: Too boring for experts, not exciting and popular science-y enough for the 'educated public'. I think the reason was my hidden agenda, an agenda not even obvious to myself.
I wrote about phenomena and subfields I had just immersed myself and (re-)learned about, either because this was very remote from what kind of physics I use on a daily basis, or just because I was concerned with some aspect of it but wanted to complement that with 'more theory' for the fun of it.
In spite of that, I tried to keep a style that somewhat resembles your typical 'science communications', but that was most likely to no avail. Re-reading my old blog posting I don't read so much about 'the physics' as about my own learning process. Or I remember what I actually wanted to write about, but did not – in order to violate the pop-sci agenda - so the result was something in between a learner's notes and sketches of ideas for popular presentations. For example, I (re-)learned Quantum Field Theory after all the news about the Higgs particle and LHC. Both my experimental and theoretical background was in condensed matter physics, so it really took me a while to map what I learned about so-called Second Quantization and many body systems (described in a non-relativistic way) onto your typical QFT introduction that started with Noether's Theorem and Lorentz transformations. Now in order to drive that point home (in a blog posting), to explain what was so interesting for me, I would have had to introduce all those concepts to a lay audience which I considered futile. Or I was just too lazy to learn more LaTex or too hesitant to use equations at all. I noticed, I got on all sorts of tangents when I tried to run a series on QFT – I did exactly what I did not like myself about popular texts on theoretical physics: Pontificate on more or less palpable metaphors about fields and waves, but not being able to really explain anything above a certain threshold of abstractness.
I gave up on my series before I could 'explain' what interested me most: How forces translate into the exchange of virtual particles and how I actually knew about the 'Higgs field giving particles mass' without knowing any more: I had learned about Andersen's mechanism in solid state physics, and Ginzburg-Landau theory of superconductivity. Perhaps that would have been a great example of symmetry breaking and that infamous sombrero hat potential typically used in pop-sci articles about the Higgs field?
I absolutely know that this may sound totally opaque – which is the reason why I only write about it here, on my website in that forgotten corner of the web, rather than trying to turn this into a blog post. Here, I follow my stream of consciousness and don't bother anybody on social media with it. There, I try to be somewhat entertaining and useful.
But even here, I try to write about something that somebody somewhere might be able to relate to, and here 'the internet' comes to rescue: For better or for worse, no matter how seemingly unique, special, and eclectic your hobbies and professional specializations, are – there is somebody somewhere on the net who indulges in the same combination of stuff. So, yes: It seems there is a growing community of hobbyist physics enthusiasts who feel the same and who 'practice' physics in the same way: Professionals with a STEM background who seriously learn about physics in their spare time, like R;&D managers writing textbooks about undergraduate physics or introductions about Quantum Field Theory. Like the IT server admin or the management consulting who write blog posts about what they have (re-)learned in their sparse spare time. Like the retired IT specialists who returns to what they originally studied – physics. Like me, who has an education mainly in applied condensed matter physics and who works as a consulting engineer and IT consultant.
From a down-to-earth perspective, this hobby can be worthwhile and useful: I noticed that it sharpens the mind, even if I don't use that physics and math directly on a daily basis. It's this effect that is makes the hackneyed saying about the 'analytical skills' of physics majors true. However, there is a caveat: Yes, physicists may be good at any corporate job, but I think not to lose you 'analytical edge' you need to practice the skills that originally shaped your mind. I don't know about research in psychology, so this is just my personal anecdotal experience. Living the corporate, inbox- and interrupt-driven work-style and having your mind scattered and distracted my social media does not help. There was a time in my life when I got up at 4:00 AM every day to re-learn physics, starting with Feynman's Physics Lectures. Surprisingly, that investment was well spent. I felt, my IT security concepts become crisper, more concise, and better – and it took me less time to compile them; So the ROI was great.
What triggered this article is my prime example of useful mathematical: While I had some background in QFT there was one subfield in physics I had missed completely: the theory called 'most beautiful', even by sober authors Landau and Lifshitz – the theory of General Relativity (GR). I had specialized in solid state physics, lasers, optics, and high-temperature superconductors, and GR was not a mandatory subject.
But I wanted at least to understand a bit about current research and those issues with not being able to unify quantum (field) theory and relativity. And I can relate to poor consumers of my feeble attempts at pop-sci physics: When I read popular physics books, I enjoy them as long as I have some math background - although I feel sometimes flowery metaphors make it more difficult to recognize something you actually know in terms of math. But when you would have to use new mathematical concepts you cannot understand the metaphors at all. Digression: So it baffles me when people like articles about Black Hole, the universe, and curved spaces but complain about not perfectly comprehensible explanations of more mundane physics and engineering. I believe the reason is that you 'need not' understand worm-holes etc.; so can just relax and scroll through the story, much like watching an illogical science-fiction movie. But mechanical engineering and simple thermodynamics feels like you 'should know it' and 'try a bit harder to understand it', and so it brings back memories of school and tests.
But as I said, there might be small community of people who genuinely want to learn, despite – or because of!! – the so-called hard aspects: Going through mathematical derivations again and again, and banging your head against the wall, until suddenly you understand. Which is a reward in itself, a feeling that's hard to share, and could and should not be shared anyway – in an act of subversive protest against our culture of craving for attention and 'likes'.
So for this community I'd like to share the resources I have picked for learning General Relativity: A set of free resources, each one complete and much more than just 'lecture notes'. Each of them also represents a different philosophy and pedagogical style, and I believe physics is learned best by using such a diverse set of resources.
One can debate endlessly, if and how to introduce the mathematical foundations used in some subfield in theoretical physics. As a physics major, you learn analysis and linear algebra before tackling its applications in physics and/or some mathematical tools are introduced as you go (Hello, Delta function!). I think it does not make such a difference in relation to the first courses in theoretical physics, e.g. learning about vector analysis before or in parallel to solving Maxwell's equations.
I feel it is more difficult the more advanced the math and the physics get, as you have to keep a lot of seemingly abstract concepts in mind, before you finally are presented with what 'you actually use that'. But maybe it is just me: Different presentations of GR seem 'more different to me' than different presentations of special relativity and electromagnetism.
In GR you can insist on presenting a purely mathematical and rigorous introduction of mathematical foundations first – your goal being to erase all false allusions and misguided 'intuitive' mental connections. Thinking about vectors in a 3D 'engineering math' way might harm your learning about GR just as too creative science writing might put false metaphors in your mind.
On the other hand, you could start from our flat space (our flat spacetime) and try to add new concepts bit by bit, for example trying to point out what curvature in 4D spacetime means for curvature in the associated 3D space, and what we might be able to measure.
Some authors use a mixed approach: They starting with a motivational chapter on experiments, photons in an elevator, and co-ordinate transformations in special relativity … and then they leave all that for a while to introduce differential geometry axiomatically … until they are back to apply this something tangible … until more mathematical concepts are again needed.
Sean Carroll does the latter in his
Lecture Notes on General Relativity, that are actually much more than notes. He also published a brief
No-Nonsense Introduction to GR that serves as a high-level overview, and he manages to keep to his signature conversational tone that makes his writings to enjoyable. Perhaps – if this was the only literature used – the mixed presentation plus digressions into special topics and current questions in physics would be a bit confusing.
But I was still searching for video lectures to complement any written text. A few years ago, I have not found any comprehensive self-contained course, but in 2015 this series of lectures was published, recordings from an event called the
Heraeus Winter School on Gravity and Light 2015 –
marking the 100th anniversary of Einstein's publication of GR. A nostalgic factoid I found most intriguing: The central lecture of the course by Frederic P. Schuller was given in the very lecture hall at my Alma Mater (Johannes Kepler University of Linz in Austria – JKU) that I received my education in Theoretical Physics, by Heisenberg's last graduate student Wilhelm Macke.
sheets and video recordings of tutorial sessions can be found on the conference
Schuller focuses on the math first, and this was really enlightening and helpful after I used other resources based on mixed intuitive physics and math. The Youtube channel of the event also has recordings of Tutorial sessions, and I found some versions of brief lecture notes. I think this is a must – and unfortunately often overlooked or downplayed in the world of free 'MOOCs'- In order to learn math really, you need to do problems and you absolutely have to walk through every single step of every derivation. It is tempting to just skip the boring proof in a text (that you thought you understood), and it is even more deceptive to watch science videos and believe you understood something. So thanks a lot to my former university to make this course available to the public.
But I was still curious if you can do without manifolds and stuff – without cheating – and I think I found the master of the genre. And again it is a signal from the past (my past): I had looked things up in Landau/Lifshitz Course of Theoretical Physics when I worked at the university. But as the 10 volumes were quite expensive I never bothered to purchase them later. Recently I jumped with glee: Due to whatever quirk in copyright law, the Internet Archive made 9 of 10 volumes available, and I downloaded them all. Browsing through table of contents I noticed that GR was actually explained in
volume 2, The Classical Theory of Fields. I am totally smitten by their style, too: Elegant, terse, detached. Much like Dirac's Principles of Quantum Mechanics. And I don't agree with those who say that the explanations are too terse: Landau and Lifshitz try to stay to tangible physics, and they use math in an ingenious way, mathematicians might call it sloppy (like: 'dividing' by differentials to yield a derivative). For that reason, one should consult other resources as well, but I think LL's GR is self-contained.
These books and videos will keep with busy for a while. I also try to interlace it with a bit of QFT again, e.g. by reading Dirac's version of it. My goal for next year is to complete first courses on GR, recapitulate what bit of QFT I learned in 2013/14, and then tackle an actual former specialty again: Re-learning about theories of superconductivity, with an emphasis about how these methods are also used in particle physics.
It might be dangerous thing to announce such grand plans on the web. But next year might be a busy one business-wise, and need to braze myself accordingly.
Time to poetry-size articles on this website again! As usual, I google for
this site - using site:elkement.subversiv.at/en - and take one
continuous, unedited snippet from each of the linked pages. Search results must
be processed in the order Google shows them, and they must not be re-arranged
the Existence of the Matrix AKA Corporate World
I had literally been asked
Who will take care of my dear website in 200 years?
run off to the restrooms at a party
As all stressed managers and other pilgrims on the Camino de Santiago
Algorithms loom large
look more like a placeholder
I am trying to learn the terminology
Off-the-wall geek humor versus existential philosophical questions
But I was penalized for all this.
Don't think about it too long!
While I gravitated against quantum theory
what I had had in mind but never did
not igniting my entrepreneurial spirits yet
back-to-the-roots stuff will be migrated
I want to challenge my own ideas
in a pang of cheeky self-assurance
a grown-up physicist's biggest ethical dilemma
what I never wanted to know
one more telltale sign of the Siren Server (© Jaron Lanier) resisting subversion by poetry
Global corporations have their brand names tested for potentially unwanted connotations
Especially if they are appealing to your vanity
The proof by contradiction
Our village has changed its zip code
to enter a more detached state of mind
You can turn into your own cliché
I'll pontificate about anything nonetheless.
So after all - it was all worth it.
Each phrase becomes a line in this 'poem'
it is no good rationalizing too much
a small-talk question, innocent and harmless.
Physics or Engineering?
I suck at keeping to my own agenda
Do we need a new attempt?
books trigger some random thougths of mine
you don't know how the story will unfold
(This has been written when our blogs have still been separate websites hosted elsewhere.)
I start a radical experiment: Opening
my blog's editor, and typing what I think right now - however, planning to never publish it to WordPress.
Contrary to what seems to motivate many freshly minted bloggers, and netizens inhabiting social web worlds in general, feedback and interaction had not been my primary goal. The appeal of writing 'in public' is that on principle somebody could read what you wrote, that the internet never forgets, and that you have to hold yourself accountable to what you wrote. Have to endure reading what you wrote when you were a different being.
The joy of my early web projects was also their subversive, semi-secret, and pseudonymous nature. Online spaces were wild places, blank sheets of paper, laid before me to hone my ideas.
There is another motivation for writing online, and this is as unrelated as possible from the philosophical approach: I enjoy crafting technical arguments, documentation of technical projects, 'science writing' because I want to force myself to turn my thinking into a consistent linear thread. I want to challenge my own ideas, find the loop holes in my own arguments. I know that my blog articles may be either boring or opaque or both unless the reader has explicitly searched for content like that. But actually the latter audience is who I am perhaps writing for: I have found so much useful tech / science stuff online, for free and in sublime quality, for my professional work, my own education, my pleasure of reading - and I do not want to remain on the receiving end of this communication only.
My second motivation is tied to a minimum level of 'feedback' - page views by fellow geeks - only seems to work for my articles written on
our German blog: We only blog about two times a month now, but despite the smaller theoretical audience of German speaking readers the other blog has much more views, and views are still increasing. My English blog has fallen in oblivion again after I blog only twice a month and/or after I focussed more and more on energy, heat pumps, and down-to-earth engineering and physics of everyday life.
These are my personal recent top articles in the Physics / History of Science category so far:
As for Engineering / providing how-to's and explanations for DIYers
, I like those:
And this is where Physics and Engineering meet, in a way I truly enjoy:
When I blogged about quantum theory, basic and un-original as my articles might have been, my blog was 'viral' in comparison to that.
But ironically, a silent blog brings me closer to my other goal: Using the silent online space to write just for me, holding myself as accountable as possible though. Last year I had overhauled this / these website(s) here, and it turned more into a blog. Now I finally know what the purpose of having effectively two blog(-like) sites are:
Here, I give myself permission for introspection and self-centered updates. I don't share subversiv.at links anywhere on social media. If somebody wants to reads this, he or she really has to be determined and go to the 20th page of Google search results. There is no interaction. Of course this is also a consequence of my minimal web programming, but feedback can be blessing and curse. You (or maybe only: I) tend to write more about what 'people have liked before', or at least you feel a little bit guilty if you expose your loyal readers to something unusual - which turns each new post into a challenge, one you'd like to dodge sometimes. My writing self is quite 'authentic' here, in modern parlance.
But I don't want to appear fake on my real blog, the one that has much more content that this page, much more carefully crafted, and I don't want my blog to die. My solution has been - since a few months, I am only post-rationalizing now - to stay away from the autobiographical, from opinions, from philosophical, from big ideas ... and to focus on hard things. The stuff I do really know. I think The Internet would be a better place, if people would only post or comment if they 1) had through education on the subject, 2) practical experience with it, and 3) skin in the game - being personally exposed to risks and consequences arising from putting their opinions into practice. (In reverse order.)
So on my blog I just try to be useful (hopefully) to some tech and science enthusiasts, and perhaps a bit entertaining. If I will ever find a more useful 'spin' to what I have written here now, I might actually turn it into a blog article, like: What I learned from having two different websites. Why I stay away from opinion on the web. What I learned from tech / science blogging.
But for now this posting here will just remain some open-ended collection, snippets of my stream of consciousness, and I am copying these lines to a new 'post' at this silent website here and deleting the draft for a blog post.
Since 2012 I have published PKI status updates here, trying to answer the question 'Do you still do PKI?' (or IT). I have re-edited them often, and my responses were erratic - I was in a Schrödinger-cat-like superposition state of different professional identities.
Now and then I still get these questions. Can I answer it finally? I am still in a superposition state - I don't expect the wave-function to break down any time soon. I enjoy this state! But my answer to IT-related requests is most often no.
So yes, I am still 'working with IT' and 'with IT security' professionally. Not necessarily 'in IT'.
I am supporting a few long-term clients with their Windows PKI deployments and related X.509 certificate issues (after having done that for more than 10 years exclusively). Those clients that aren't scared off by my other activities, and clients I had always worked with informally and cordially.
But I don't have any strong ties with specific PKI software vendors anymore, and I don't know about latest bugs and issues. So I don't present myself as a Windows PKI consultant to prospects, and I decline especially requests by IT security partner companies who are looking for a consultant to pitch or staff their projects. I am also not interested in replying to Request for Proposals for PKI or identity management and 'offering a solution', competing with other consultants and especially with other companies that have full time stuff doing business development (I hardly did this in my PKI-only time). I am not developing software anymore that might turn into an 'enterprise solution'.
Today I am working 'with IT' more than 'in IT' in the sense that I returned where I came from, as an applied physicist who was initially drawn into IT, armed only with experience in programming software for controlling experimental setups and analyzing my data: I call myself the 'theoretical department' of our small engineering consultancy - I am developing software for handling Big Monitoring Data. I am also tinkering with measurement technology, like connecting a Raspberry Pi to a heat pump's internal CAN bus.
Security is important of course: I have fun with awkward certificates on embedded devices, I sniff and reverse engineer protocols, and I could say I am working with the things in the Internet of Things. But I am not doing large-scale device PKIs or advising the IT departments of major engineering companies: My clients are geeky home owners, and we (the two of us) are planning and implementing our special heat pump system for them. An important part of such projects is monitoring and control.
So every time I feel that somebody is searching for 'a PKI consultant' I am the wrong person. But if somebody stumbles upon my CV or hears my story at full length - and absolutely wants to hire me just because of the combination of this - I might say yes.
But it is no good rationalizing too much: Finally it is a matter of gut feeling; I am spoilt or damaged by our engineering business. Our heat pump clients typically find our blog first - which has been mistaken for a private fun blog by friends. Prospects are either 'deflected' by the blog (and we never hear from them), or they contact us because of the blog's weird style. Having the same sense of humor is the single best pre-requisite for a great collaboration.
So whenever I get any other project request, not mediated by a weird website, I try to apply the same reasoning. Years ago I a colleague I had not met before greeted me in the formal kick-off meeting, in front of all others, with: You are the Subversive Element, aren't you? (Alluding to my Alter Ego on subversiv.at). That's about the spirit I am looking for.
Once upon a time this category was intended to comprise what I had learned about philosophy. I had even aspired to study philosophy. Then came the dawn of the web and of unconventional philosophers of web culture.
I had also followed common wisdom, and my first FrontPage-generated business website had a section called Philosophy.
What's left of that, or what has been my conclusion?
I believe - in a pang of cheeky self-assurance - that I ought to have my own philosophy. Experience, business and otherwise, should be good for something. My philosophy does not focus on the grand questions of life. I might have had an argument with my former self, the idealistic student of science who aspired to change the world as a physicist, a profession I pictured as a cross-over of hands-on MacGyver theorist-philosopher-mathematician, ad-hoc-inventing smart tools whole mulling upon deep insights on universe and everything.
The unexciting truth is that my personal philosophy is explained best by summing up the different roles I have ever seen myself to take on, no matter what my job title was. None of them was about making profound changes to the world or being any sort of thought leader.
1) The Reverse Engineer
I have been told that I dismantled (tech) stuff already at a time I have no conscious memory of. I wanted to know how things worked, and I found a way to get there. Some of these activities morphed into a career later, the obvious one having been IT Security - the stereotype field for lone maverick nerdswho reverse engineer stuff. Even as a white hat hacker and so-called security consultant you have to indulge in the relentless black hacker's mindset - or you become a security bureaucrat, ticking off checklists and following rules. (Which dies not mean you should not know the rules).
But I could as well have turned into a tax advisor or lawyer, given my pleasure in finding out how such systems work.
I disagree with Keep To Your Core Skills, and I have often used 'wasted my precious time' by 'not delegating'. I hope or believe - delusionally - that 'actually' everybody has this pleasure of finding things out ((c) Richard Feynman). I am wary of marketing (tech) stuff to allegedly dumb or stressed out end-users who don't want to understand anything about underlying technology. Perhaps I am talking to less than 10% of people, but after all this is about my personal credo.
2) The Mediator
One of my first ever fantasies as a child that came close to something like a career was being kind of a negotiator or diplomat. I am not kidding: I dreamt about settling peace treaties between Mickey Mouse and his sinister opponents in his cartoon world.
This has impacted any of my jobs, but it finally surfaced expicitly when a client booked me 'for another mediation', which was in fact the follow-up of a very technical meeting.
I had considered yet another training or degree, in coaching, psychology, or the like. However, I am glad that I never left technology for good (see 1). There is a paradox: People want such 'tech project psychology' services. However, they will not buy it if labelled as such yet happily use them if they come as a hidden by-product of technical consulting.
3) The Communicator
Maybe principles 1) and 2) can only co-exist if you bridge them with a lot of talking. During most of my career 'teaching', 'training', or 'lecturing' had been part of my official duties or a side-project done in moon-lighting fachion. I stopped teaching when I became a moonlightung student again. I have also realized that I am not cut out for
over well managed, structured, quality-assured educational systems. I suck at keeping to my own agenda, and I beg for being carried away by hard off-script questions.
I was not the best class-room teacher, but I think I was good at informal, jam-session-style train-the-experts sessions.
Projects I remember most fondly were those where clients were not only interested in The Tech Guy Who Will Fix Everything but also in my pontifiating on fundamentals, even if that was not required to get the job done. But as I said above (1) - I believe it's always worth it.
4) The Organizer and Automator
When I was a child, I was not called upon to tidy up my room: Not only was I self-motivation to clean it - Mr.Monk-style - but I rather re-organized my cabinets quite frequently. It was Feng Shui of Decluttering meeting obsession with structure, and it has not changed to this day.
I have extended these principles to the virtual world as soon as I had 'data'. Writing a tool, script, program to automate something is second nature. Some sort of software development has always been part of my jobs - just as teaching was, but I found out only recently that I like data analysis and programming much more.
Proficiency with interpreting and manipulating data, and with using or fixing software is part of our culture and should be trained and valued just as other basic technologies and skills. And of course I believe that we, each of us, really needs them! But perhaps it is just my bad luck or my high standards... Every time I just to use and application or service as a normal end-user I end up with low-level troubleshooting.
I am aware of the picture of the obsessed nerd that I have painted here. I don't underestimate subtleties and human nature though. But nowadays soft skills are so often praised to the skies and people with 'big ideas', rather than nitpicking detailed persons, so as Subversive Element the contrarian stance comes natural to me. Even the most empathic coach who tells burnt out IT guys not ot overdo perferctiomism will be very happy if a neuro-surgeon or airplane engineer are totally obsessed with flawless technology.
I renamed my blog elkement.blog last November:
Theory and Practice of Trying to Combine Just Anything
The original tagline was
Physics versus engineering
off-the-wall geek humor versus existential questions
IT versus the real thing
corporate world's strangeness versus small business entrepreneur's microcosmos, knowledge worker's connectedness
versus striving for independence.
until it became
I mean it
and finally turned into
Research Notes on Energy, Software, Life, the Universe, and Everything
This means that my blog elkement.blog has found its purpose, and I am able to distinguish blogging better from publishing to this website elkement.subversiv.at. My actual research and 'science writing' is featured on my blog. Over there I am using wordpress.com features I have no desire for developing them myself for - and this website will remain my 100% home-grown self-developed pseudo-blog with a very limited feature set and no interactivity. The blog has LaTex support and allows me to present galleries of technical figures and diagrams.
These recent blog articles showcase what elkemental Force has been and is covering now (the end of a journey that started already two years ago - when heat pumps and thermodynamics replaced quantum physics):
Rowboats, Laser Pulses, and Heat Energy (Boring Title: Dimensional Analysis)
How Does It Work? (The Heat Pump System, That Is)
Half a Year of Solar Power and Smart Metering
My personal website, on the other hand, should be just this: A more self-indulgent site that provides status updates, meta-information and About-Me-style summaries. Because of that I will keep not sharing articles here to any social network.
And so yes: The hands-on engineering, physics, math and data analysis will be done over there on the blog. But there really are personal meta-thoughts on physics - so I don't have to change categories here.
(Theoretical) Physics and Me
Over the Christmas holidays I have been nearly offline from social media. I used the internet as I believe it was intended for me: To learn about something in depth and not necessarily sharing my insights or my 'progress'. I indulged in theoretical physics lectures just for the joys of it. I can rationalize: Yes, a bit of mathy gymnastics also serves me well when I deal with more mundane physics as a professional - such as toying with the heat transport equation.
But the real reason is unrelated to work:
Theoretical physics and mathematical modelling of a small part of a complex world gives me the pleasure - and/or the illusion - of being able to understand and solve, well, something. Whenever I had been very stressed out in the past, close to burn-out, I got up even earlier - as 4:00 AM sometimes - to plow through
Feynman's Physics Lectures or my favorite
German volumes of theoretical physics by my late professor, W. Macke.
Not only did it help me to focus onto abstract details of a logical clear universe and to enter a more detached state of mind, but amazingly it also made me work more efficiently and focused later - on whatever technical challenge I had to solve. In those days, I was mainly concerned with Public Key Infrastructure, networking security, and applied cryptography.
With hindsight - and hopefully not too much hindsight bias - I feel that a rigorous training in a mathy subject boosts your results in any endeavor that needs an analytical approach. Perhaps only your physics training makes your realize that you need a more analytical approach at all, in addition to soft skills, practice, and familiarity with culture in certain industry sectors. I am thinking about project management, for example.
I believe that in any 'STEM' job, e.g. in IT, it is soothing to re-learn fundamentals often. One should know more than seems necessary about 'theory', before or in addition to knowing how to google, where to look up things, or whom of your tech buddies to call. Success in technical troubleshooting always gave me most contentment when I was doing it in my head mainly - like walking through a networking protocol the way it was designed, comparing that to messing reality, and uttering an educated guess about the root cause of an issue which was finally correct.
Whenever I had been blogging about a field of physics not related to my work - like quantum field theory - it was these mental connections I had in mind. I was trying to convey the joys of physics, but my main focus was different from most science writers' ones, so I think my writing was not engaging enough for the interested lay audience and sometimes oblique owing to too much references to math (whereas it was very basic for experts, of course).
My science writing is often a covert and feeble attempt to encourage others to tackle the real thing, that is the fundamentals and the math, and then to feel the same effects. I have seen that more books seem to have been released recently that try to bridge this gap between classical science writing (following the mantra of: Every formula will half readers) and text books.
I want to be part of that movement.
The most existing things, in no particular order:
Infrastructure updates - 'real'
Infrastructure updates - 'virtual'
- We migrated three bank accounts, and
I learned what I never wanted to know about different ways to setup debit orders.
favorite: an anonymous form on the vendor's website. Security = knowing your
- Our village has changed its zip code. I learned what I never
wanted to know about how organizations store addresses. Goodie: Opening
'support tickets' turned interactions with big platforms into something
Work and Life
Global corporations have their brand names tested for potentially unwanted connotations
in different cultures and languages. Now I understand why.
One minimum requirement is perhaps: Being able to get it across on the phone.
...That's my surname, in German it's pronounced like [Add phonetic cryptic signs here].
But never mind, I will spell it out...
That's Latin and means Roots. It is a bit similar to radicles. Well, I realize
now it differs just by a single letter... that may be unfortunate, sorry!
All our domains have their issues, also in German. This is the only one that
causes no troubles in German. But in English you need to stress:
It's the German translation of Subversive, just remove E at the end!
Wow - that works well in English! You just have to mention the dash!
It's just a non-sensical acronym, I'll spell it out... Yes, name really is a top-level domain!
Now we enter the realm of business - and we have obviously tested the domain with utmost diligence:
That's an artificial German word, Punkt actually meaning Point or Dot.
Hadn't I mentioned that it might have been less confusing in English than it is
in German. But I'll spell it out for you...
To make it more confusing in English, we could create better sub-domains and e-mail addresses -
to convey the spirit of the German confusion:
I wonder if the
US Department of Transportation has similar issues.
Same rules as for search term poetry or spam poetry:
- Search your own site or profile on Google, using: site:elkement.subversiv.at/en/.
- Open each page in the order Google dictates.
- Pick one phrase from this (your own) post or article. Don't think about it too long! Editing is not permitted.
- Each phrase becomes a line in this 'poem'. Re-ordering or re-considering
previous lines is not allowed.
reconnected with my roots
just reassembling weird
since the turn of the millenium I have been experimenting
Alas, I stick with
contains the expected meta-musings
a world taken right out of a gothic movie
We are now going to challenge this, and we will ask Google
I'll pontificate about anything nonetheless
This is done deliberately
I can hardly see a problem at all
pathetic attempts of
It turned to a second 'branch' of
a Perpetuum Mobile
Off-the-wall geek humor versus existential philosophical questions
You be the judge on lightness and darkness.
We are flabbergasted
Instead of a 'Bio'
may not be happy with that
I rather pick and add what I stumbled upon
as sort of a mental exercise
allusions to the mystical without knowing about
glorious era of THE GREAT dotcom HYPE
my post adolescent postmodern gloomy stanzas
knowledge to the essential information
somewhen in 2003
a combination of my eternal laziness and
lack of motivation
I got involved in some serious discussions
No human being on this planet registered the historical event.
my inner clock
spontaneous outburst of my creativity
the structure is
always work in progress
in contrast to standard mantras of modern
'information and knowledge worker society'
We are using the Babylonian system of numbers
Or could we be subversive all the time?
... and first post published to the new site, live and public now :-)
For a short time, the old sites are still available in parallel to the new site.
Looking back, I mainly struggled with:
My flat-file database - accessing content and all meta information stored in text files, using
standards SQL queries.
Redirect strategy: Existing loads of redirects, temporary ones, permanent 301 ones, nice URLs
without physical files...
Migration of the actual content, uniting what was separated in different sources - asp files,
RSS feed, CSV file databases
See also my
latest blog post. Which also contains the expected meta-musings on The Web.
Lest we not forget - these were the old sites:
In the past weeks since the last update I've added the following features:
XML sitemap including English and German posts - URLs and last changed date.
Make yearly archive URLs 'hackable', thus using just /[lang]/[yyyy] as archive URL.
Population of meta tags, using also open graph tags.
Adding 'breadcrumb' / 'where am I' information by highlighting the item just
clicked in the menu and side bars: Current category, current post, current
Assign an optional image to a post via related
attributes: Image source, image size or
full image tage (for embedding Wikimedia images plus copyright information).
If an image should be displayed, but no source is given, add a standard image.
Display the image automatically on the bottom of the post and use it in the
open graph image tag, to be used as a preview image. Calculate height and size from the
image's physical size and intended width.
Create thumbnails of these images, to be shown
in the list of posts in the category pages.
Store all global configuration settings such as tagline in a config file that uses the same
[name:] [value] parsing logic as content files.
Migrate all existing posts on the sites e-stangl.at, radices.net, and subversiv.at, and keep
track of where the content came from. (One former .asp page contained one or more
Use one default.aspx for all applications, differences depend on the app name. Example:
Don't show post archive for the business page, but show latest posts from Wordpress blog feed instead.
Clean old content: Replace relative references (../) by absolute ones, replace CSS classes in tags. Move meta
infos from content to new file attributes.
Web Server Settings and DNS
Tested the IIS URL rewrite module with a key map, to be created from Excel documentation.
In case of issues with rewriting: Fall back to redirecting in a main ASP file.
Configure new host names and subdomains in DNS as primary URLs of the new applications. Add new host names for testing
to reflect the already existing redirects plus the migration redirects plus the future standard redirects.
Modify the existing main default.asp, global.asa, and main asp script creating all pages to work with the new redirects
(some duplicate code in asp and .net could not be avoided)
Host name determines application name:
One main host name for each (of the 3-4) application. I will use a subdomain of subversiv.at as my new primary host.
Check if the application has been migrated, as per config parameters.
If not the existing redirect logic and existing asp code kicks in - which
sends the user to a subfolder depending on host name. This is for historical reasons as I had only one virtual web host
in the old times, so e.g. e-stangl.at/ redirected to e-stangl.at/e/
If the app was migrated, redirect all attempts to use a 'secondary' host to the new one. So e.g. accessing e-stangl.at
will be recognized as calling the elkement app and redirect to my new primary name.
Configuring the application as 'migrated' does not yet redirect any attempt to access one of the old articles.
I will have to turn on my rewrite map or code for that.
- Complete all features for all applications before taking 'elkement'
Feed parser for punktwissen,
'image database' for z-village (using small posts with images effectively as entries in a table of images),
add an option to show the large version of the image inline.
- Maybe: Ordering of posts in category by changed date, not by created date.
- Limit number of posts on main page and on tag's pages, number = global parameter.
- Replace internal relative URLs to pages in the same virtual directory by absolute ones.
- Maybe: Replace parent path (../) URLs in old code, to turn Parent Path in the ASP config off
as soon as possible.
- Migrate all content from side panes, header, and footer. Add images used before to new posts,
re-use descriptions from old image database (TXT).
- Take elkement live and test redirects and preview images (social networks).
- If OK: Take the other apps live.
- Fix bugs
- Turn on redirects for old ASP pages.
- Watch results in web master tools.
- Inform Google about new URLs (Web Master Tools)
I've built the underlying 'flat-file database' (Details in
this post), and my not yet public site has these features now:
- Menu bar from pages.
- Show all postings on home page
- Recent posts and archive in left bar.
- Tag cloud in right bar, tags created by grouping all posts' meta data.
- 'Tag page': Show all posts tagged with a specific tag.
- Indicate category of current posting by highlighting category in the
- Highlight currently clicked article in archive.
- Menu page contains custom text plus automatically created list of all
postings in this category.
- Automatic creation of RSS feed.
- CSS stylesheet and responsive design.
- 'Nice' URLs - ASP.NET Routing.
Currently I am painstakingly migrating snippets of content to new
counterparts / articles / text files.
For testing I am using a layout similar to my Wordpress.com's blog design
I am finally doing it:
Having run three differerent websites on a hopelessly outdated 'platform'
(ASP) for nearly 15 years, I set out to:
- Develop a new .NET site from scratch.
- Merge all three sites - subversiv.at, radices.net, e-stangl.at - into
This will take a while. I am really longing for programming for fun. I don't
migrate to WordPress deliberately - I have two wordpress.com blogs and like them
a lot, but I want this place I design from scratch just for the joy of it.
All existing subversive / Elke's / back-to-the-roots stuff will be migrated
to the new site, and I try to go as gentle as possible on the old asp URLs
However, this means I will most likely not pull off to publish new content to
the old versions of these sites while I am working on the new one in the
I will report on the progress on the main page of the old sites, and I will
keep up my usual blogging over at
elkement.blog. (Voice from
the future - 2019: Also this site / domain is going to be merged with the
The Elkement is a Netizen and living in many places. Its most innovative poetry has actually
seen the light of the virtual day elsewhere.
Shamelessly plagiarizing ourselves, we cross-post the whole list of Poems from the Virtual Scrapyard Below.
But we add bonus material and - again! - invent a new genre (first seen @
subversiv.at): From each of the historical poems, one line is picked to be
inserted in a new poem (So this is Poetry From Poetry). Rules: One poem needs to
be processed after the other, in chronological order, and you must not go back
to older poems and change the picked line. So you don't know how the story will
unfold. As real life as it can get in experimental poetry!
Poem from Poems
One line taken from each of the poems / articles on poems listed below, starting with the oldest.
Note that some blog postings are meta-postings on poetry; so not every line was
poetry in the 'original'.
just received a blank piece of paper in the mail
I ain’t saying your information isn’t solid,
A Digression – There is no digressification, is it?
dare to do more research!
and things should be back to normal
make sure there are no hidden phrases
poems standing on the
shoulders of others
to flush the toilet
everything has already been told
40 below summer fire at
you might want to put that on your blacklist.
You must not edit the original lines in any way
If you are
inside the horizontal scenery
These are actually enormous ideas
irrevocable, eternal – insert you favorite legal phrases
un-ambiguity and preserveness
alien themed control panels
abilities in narrating an event
travel in past by falling
engineering and art meets
let us determine what you think
i need to
dark side of me is even more interesting
gloomy and cynical
That was a difficult period and I couldn’t maintain my sanity
It doesn’t matter if you forget the lyrics
adventure that is
Exploding the Phone
What should become a manifesto
sealed by the tokens of 20th
To be continued...
The list of seed poems
Travelling Like Spam Poetry. How spam poetry actually started - doing it in
real-live instead of writing it.
What the Internet Asks of Me. A cross-over between Search Term Poetry and
trying to seriously learn from the searchers’ questions.
Virtual Book Spine Poetry (Edition 2014 + 2015/6). Merging two posts: 1) the
2014 edition of my yearly book reviews, a tradition I started last year, and 2)
my next experimental poem, in a new experimental genre.
Google Translational Poetry – Austrian Christmas Edition. Poem already
created from Google results – transformed once more by running them through 10
languages in Google Translate. Bonus: Literary critique and a connection to a
Wikimedia image related to Christmas and to Austria.
Imaginative Poetry. Inspired by the Second Name of Collected Space. Flarf
taken to the next level: Inspired by images created also by a flarf-y method.
And printed on real paper – for the first time.
Poetry of Anything. Now I Know This Is Called Flarf! I learned two things:
1) I am very late to the poetry-from-the-internet-scrapyard party, but 2) that
stuff is serious art. I am also trying something new – poems unrelated to my
websites but fuelled by Google only.
The Destiny of the Universe. My darkest spam poem so far, not for the faint
of heart. I owe to the spammer trying to sell games involving the killing of
Crowdsourcing Poetry (Again). Search terms from the second quarter, blended
with terms from Google Webmaster Tools and some enigmatic – and typically
Austrian – images.
Search Term Poetry – Spring Edition. Very condensed search terms, mixed with
some pathetic images taken by an ancient smart phone.
[2014-01-10] I am determined to subvert Google’s efforts to hide this
precious raw material for Search Term Poetry:
Search Term Poetry Sans Google.
[2013-12-06] Celebrating one year of so-called poetry with a
stream-of-consciousness-style Spam Poem:
Poetry from the Virtual Scrapyard Anniversary: I Subconsciously Think about This
Breaking News on Search Term Poetry (Good, Bad, Ugly). A post by an
accomplished author featuring one of my search term poems has been Freshly
Pressed, but Google has started encrypting search terms. The end of Search Term
The Science of Search Term Poetry, using mostly physics-related search terms
from the third quarter.
Quarterly Search Term Poetry Results (Overdue!) based on search terms
submitted in the second quarter. For the first time comments left on the
previous post have been included.
Welcome to the Real World! – warm-up after a time-out from social media with
an haiku-style short Search Term Poem.
What? A Spooky Spam Poem of Danger, Fear, Hope, and Lifeless Faces:
combining Spam Poetry and images for the first time. (Warning: This poem is not
for the faint of heart.)
Decoding Myself: Searching for Hidden Clues in My Blog Posts’ Titles –
founding a new variety of the genre (again) by creating poetry from headers of
posts of mine.
Existential Spam Poem: The Soul of This Bag takes the concept of dialogue
one step further: We hear a disciple appealing to his or her cult leader.
Remarks Written by Brain-Dead Visitors is a surprisingly apt
self-referential comment, promoted to the title of this post and the spam poem
(sub-)titled searching for sanskrit tattoos. This poem was the first
showing off dialogues containing fortune-cookie-like pearls of bizarre wisdom.
[2013-04-26] My debut as a literary critic and spam poetry expert – a
review on the (alleged) first book of Spam Poetry:
Surprise Potatoes in the Soldiers’ Vegetable Soup!
Impolite and Humiliating Spam and Why We Really Need Tags for Spam Comments More
than Time Machines, a poem made from nasty spam only.
Spam Poets Write Weird Things was a Search Term Poem. For the first time the
title of a blog post was borrowed from a search term. Since search terms on
WordPress Stats started to repeat themselves I have also added terms from Google
Webmaster Tools. On the other hand I introduced length ordering of search
I Need More Trivial Content which was: A Spam Poem created from snippets of
a blog post of mine that had been pasted into a spam comment in its entirety.
On the Hierarchy of Needs and Needless Things – not really poetry, just two
search terms. But the post itself could be called art from the scrapyard.
My Zen-ny Search Terms: Where Engineering Meets Art Meets Physics Meets Geekdom.
(And Rodents, Sometimes.) and providing the concise How-to-guide readers
have asked for.
Turning Flattering Chatty Spam into Postmodern Art.
[2013-02-01] An attempt to transcend the genre:
The Art of Error Messages.
[2013-01-24] What a let-down:
Standing on the Shoulders of Giants and Not Recognizing It.
Spam Poems and Search Terms Poems: Preliminary Results. I have started a
movement – this is an account of its history.
Taking Crowdsourcing of Art to the Next Level? by including spam comments in
my poems, in addition to search terms.
[2012-12-31] The end of the year and some some life events are celebrated in
a search term poem:
2012: The Year We Make Contact.
[2012-12-12] The very first search term poem saw the light of the
Crowdsourcing of Art: Poetry from Search Terms.
I had been a PKI consultant since 2002, mainly working with European
enterprise customers on designing and implementing their PKIs run inhouse. Now I
am supporting some long-term existing clients with their PKI / X.509 issues but
I don't take on new clients.
As a former Microsoft employee I have focused mainly on the Microsoft PKI,
versions Windows 2000 / 2003 / 2008 / R2 / 2012 R2 - but I also had some
exposure to various other PKI-enabled applications and devices. The fun part of
PKI projects is in debugging weird issues that exotic or allegedly
'industry-grade' applications have with validating certificate paths, using keys
Here is the often requested
one A4 page summary, and here you can see that those PKI services are part
of an ... uhm...
combination of IT services.
- I try to keep track of links, books, papers etc. I found useful and add
them to this list. This is not intended to
be the perfectly structured, 'educational' collection. I rather pick and add
what I stumbled upon while working on PKI issues or discussing with other
- I started logging PKI issues here. The idea
is to described them most concisely, in TXT format.
- Struck by vanity I made the collection of
my modest own contributions a page in its own right. I am also trying to
keep track of my postings to security forums
in order to use those as my knowledge base.
I am originally a physicist (completed PhD in 1995), worked in R&D and
switched to IT security. In 2013 I have completed another master's degree called
Sustainable Energy Systems and did a master thesis on smart metering and
profile). Now I am consulting engineer working with heat pumps that use a
special heat source. Yes, I know - it is weirder to combine that with PKI.
The security of the smart grid and internet of things [add more buzz words
here] provide options to re-use my security know-how in the context of my new
field. Such heat pumps may use control units connected to 'the internet' and all
kinds of certificate-/PKI-enabled stuff might be involved here.
For five years I have given a yearly lecture in a master's degree program,
then called Advanced Security Engineering at FH Joanneum. Here is the
last version of the slides.
This is an image I called PKIs in the real world in
We feel the fresh air of a new category: A new major tag that has infected most of our
online content: It is called Work, Life, and Balance.
So it has to be added here of all websites, of course! Do we need a manifesto?
We don't want only a solar collector for research and self-sufficiency - we want 100% self-sufficiency re tomatoes!
We don't only want to
hack play with our inverter's web interface - we want to have enough time to watch our
PV panels harvesting energy!