Democracy is the most vile form of government

Almost everyone – Democrats, Republicans and (l)libertarians alike - get the Constitution wrong.  The right and left selectively pick the pieces and parts of the Constitution that they like (which is increasingly small) to bully the other side and rationalize every other policy prescription.  Libertarians typically point to the Constitution and say “but the Constitution says…”, but for much the same reason – they are trying to rationalize their prior beliefs.

Most mention of the Constitution amounts to little more than an appeal to authority in the hopes that it will quench argument, but it rarely acknowledges why the Constitution is important and for what reason it was such an important innovation.  It is an implicit acknowledgement that people cannot be trusted with power – neither dictator, king or mob.

Unfortunately, the document turned out to be the parchment barrier that Madison feared it would become.  The ultimate goal is to limit the ability of anyone – individual or mob – to exert power over any other.  Simply waving the Constitution around and saying “see, it says you can’t do that” is powerless without explaining why it is important to limit power.

Democracy is glorified without a true understanding what democracy really is – mob rule.  Just because a majority want something (or more accurately – a majority of the tiny minority that actually votes) is not justification for an action if it inhibits the freedom of others.  Mobs are too easily swayed and are too ill informed to be making decisions that affect the lives of everyone else

Period.

Technorati Tags: politics,libertarian

MediaWiki & Active Directory Authentication

I had a heck of a time getting MediaWiki to properly authenticate against Active Directory so I thought I would document my configuration in hopes that someone can gain from my trauma.

I was finally able to get authentication working with MediaWiki version 1.14 with the LDAP Authentication extension (version 1.2a) and the LDAPAutoAuthentication extension.

There are many ways to configure the extensions depending on what you want to do. I was looking to accomplish several things:

1. Automatically authenticate the logged in user using integrated authentication.
2. Automatically populate the users name and email address with information out of the directory.
3. Populate wiki groups based on Active Directory group membership.
4. Only use the login id for the wiki username and not the DOMAIN\username that you typically see.
   

In order to simply get auto authentication to work you need to add code similar to below to LocalSettings.php.

//
//LDAP Authentication Configuration
//
require_once( "$IP/extensions/LdapAuthentication.php" );
require_once( "$IP/extensions/LdapAutoAuthentication.php" );
//the domain name is any arbitrary name that you will use as a variable
$wgLDAPDomainNames = array("my_domain");
//define the fully qualified name of your AD domain
$wgLDAPServerNames = array("my_domain"=>"mydomain.com");
//there are other, probably more secure ways to do this, but I know this works.
$wgLDAPEncryptionType = array("my_domain"=>"clear");
//this is the short name of your domain, not the arbitrary variable mentioned below
$wgLDAPAutoAuthDomain = "my_domain";
//this is how you get the wiki user to be username as opposed to DOMAIN\username
list($dom,$userid)=split('[\]',$_SERVER['REMOTE_USER']);
$wgLDAPAutoAuthUsername = $userid;
$wgLDAPBaseDNs = array("my_domain"=>"DC=mydomain,dc=com");
$wgLDAPSearchAttributes = array("my_domain" => "sAMAccountName");
$wgMinimalPasswordLength = 1;
AutoAuthSetup();

Those changes will get your users into the wiki without being prompted for user name and password.

If you would like to pull their name and email address from the directory add the following code into LocalSettings.php right before 'AutoAuthSetup();'

//this is where you define the credentials necessary to read information from AD
//you only need this if you want to pull the name, email address and groups from AD
$wgLDAPProxyAgent = array('my_domain' => 'CN=ldapbinduser,OU=Users,DC=mydomain,DC=com');
$wgLDAPProxyAgentPassword = array('my_domain' => 'theldappassword');
$wgLDAPPreferences = array("my_domain"=>array( "email"=>"mail","realname"=>"cn","nickname"=>"givenName"));

Finally, if you want to pull group assignments you will need to setup custom Wiki groups - add the following code somewhere before you start building the LDAP authentication.

//Custom Wiki Groups
$wgGroupPermissions['AD Group #1']['read'] = true;
$wgGroupPermissions['AD Group #2']['read'] = true;
$wgGroupPermissions['AD Group #3']['read'] = true;

Note that the wiki group names and the AD group names need to be identical. You can read all about the rights that can be assigned and additional configuration parameters for wiki groups here.

Once you have defined your groups you can have the login process automatically add users to those groups based on their AD group memberships. Just add the following code right before 'AutoAuthSetup();' (and after the code that was defined above).

//Group Configuration
$wgLDAPGroupUseFullDN = array( "my_domain"=>true );
$wgLDAPGroupObjectclass = array( "my_domain"=>"group" );
$wgLDAPGroupAttribute = array( "my_domain"=>"member" );
$wgLDAPGroupSearchNestedGroups = array( "my_domain"=>false );
$wgLDAPGroupNameAttribute = array( "my_domain"=>"cn" );
$wgLDAPUseLDAPGroups = array( "my_domain"=>true );
$wgLDAPGroupNameAttribute = array( "my_domain"=>"cn" );

I do not believe that this will remove users from groups once they have been added, but I haven't tested that yet.

The only weird thing that I have experienced is that, for some users, the first time they hit the wiki it tells them that they must log in first. If they refresh they are able to get right in. I assume that it is just a lag between creating the account and allowing login. I have a small set of users so it hasn't caused a problem.

Hopefully this is helpful and will save you the time that I spent with trial and error getting this all to work correctly. One final tip - you can add '$wgLDAPDebug = 3;' to LocalSettings.php to get debug information about what is going on with LDAP authentication if you run into any issues.

Technorati Tags: mediawiki development authentication geek

The Limiting Nature of Philosophy

Scientific discover, by its very nature, is a creative process. Those who wish to discover how things work must first imagine how they might work and test that imaging. As such, humanity places limits on scientific discovery to those things that the individuals involved can imagine. In this way prevailing philosophies can have a profound impact on scientific discovery.

It would be easy to dismiss the limiting nature of philosophy as a phenomenon of past centuries, but one can look at the modern age and at well respected scientists to see the effects. Einstein was a remarkable physicist, his general theory of relativity was a huge step forward. Without his contribution in this area “physicists would eventually have discovered general relativistic effects … but probably not until late in the 20^th century” (Scientific American, p.48). Yet even Einstein was captive to his own philosophies.

After his work on relativity Einstein began work on quantum theory, his work included contributions that eventually resulted in laser technology. But the science eventually led in a direction that he could not accept. Quantum physics relied on statistical probabilities to explain what was happening with sub-atomic particles and Einstein’s personal philosophy insisted that nature worked in a deterministic way – that there must be causal explanations of what was occurring. Einstein “famously declared that God does not play dice” (p. 185) revealing his close-mindedness to the idea that the smallest of particles behaved in a random way.

Fortunately, not everyone shared this particular philosophical view and quantum theory has continued to evolve with the recognition that photons and other sub-atomic particles can actually be in multiple places at the same time. How much physics was hampered by Einstein’s philosophic views is difficult to know, but it is not absurd to assume that, had Einstein been able to accept this reality, he may have been able to make further groundbreaking discoveries in quantum physics. Perhaps it would have even led him to discover the unified theory that had otherwise escaped him.

While human philosophy must always place barriers on what is possible to imagine, it does not necessarily have to be counterproductive. If a philosophy insists that something must be true then it can drive one to explain that truth. Einstein, again, is illustrative of this effect.

The relativity principle was suggested by Galileo stating that “all physical laws are the same regardless of your state of motion, as long as the velocity at which you cruise along does not change” (Scientific American, p. 47). With the discovery of electromagnetic forces this principle appeared to fall apart as experimentalists could never find the relativity effect when measuring light.

The lack of a relativistic effect in electromagnetism bothered Einstein. The conflict between Einstein’s own philosophy and conventional wisdom of the time pushed him to look for another solution.

This drive to validate personal philosophy ultimately led to the special theory of relativity, one of the most profound discoveries of the 20^th century. The implications of the theory are very counter-intuitive for most people – the speed of light is constant but length and time vary at high speeds – that it isn’t unreasonable to assume that only the drive to validate this philosophy made such a discovery possible.

As these example shows, philosophy has a limiting effect on the creative process regardless of the intelligence and nature of the creator. However, the limitation of philosophy can have positive and negative effects.

Technorati Tags: school

Just In Case a Translation Was Necessary

What he said:

Obama on Thursday offered business leaders his view that the crisis is "not as bad as we think."

What he meant:

We have been telling you that this is the worst crisis since the Depression, but now that you have given us what we want we can now tell you the truth.

What is even worse is that he is using the admission that they were tragically wrong to propose even more fundamental changes to the economy.

Technorati Tags: economics,politics