Agents of Shield and Engame

So the sixth season of Agents of Shield has been underway for a few episodes now. You might have expected the season to take place in the aftermath of the Thanos snap but it seems like that is not the case. This would seem to cause trouble for the timeline with respect to how Shield fits in with the overall MCU timeline given references in the finale of the fifth season. I’m not so sure, however.

Endgame established conclusively the notion of a multiverse in the MCU canon. It also established the notion of branching timelines which is also something that Shield suggested as well, and looks like they have explicitly established it now based on events moving forward. That means that Shield can actually still be in the same continuity as that established by Endgame yet not be in the same timeline.

Endgame established a timeline where Thanos never gathered the infinity stones on account of him leaving that timeline to the future depicted in Endgame where he subsequently died which would seem to preclude him going back where (when) he came from. That means there is a whole timeline where the infinity stones were never collected from their previous locations. It also means that many of Thanos’s ravages never happened which would have some massive knock on effects in the timeline leaving the present basically unrecognizable from the perspective of most of the main characters of the MCU movies. However, those events would likely have had minimal impact on anyone not directly involved in them. For instance, the events of Guardians 1 would not have had any impact on Earth. Even so, references in various episodes of Shield indicate that it cannot exist in a timeline where Thanos did not follow his infinity stone collection quest to its conclusion.

That leaves us with an apparent conundrum. On screen evidence indicates that Shield shares a timeline up to some point near the conclusion of Infinity War. Barring some sort of reveal later on in Shield, that would suggest we need another explanation than Shield being in the “non-Thanos” timeline. I can think of two explanations. One is more compelling than the other in my opinion. I’ll save that for second.

Suppose Shield season 6 really is in the post-snap MCU? But wait! Where is all the fallout? Why was there no mention of it? How come none of the main cast were dusted? Well, considering the main cast all did the time travel thing, they may not actually count as part of “all life” or might otherwise be immune. We don’t know what the consequences of that time travel macguffin actually are. Or maybe one of the weird phenomena that occurred in the Lighthouse had some impact. After all, there is a *lot* of stuff there. Also, since randomness is lumpy, it’s actually not impossible that nobody in the Lighthouse was dusted. And, as far as not seeing the consequences of the snap, well, we don’t see a lot of the world outside the Lighthouse in the few episodes we’ve seen so far. We also didn’t see a lot of it in Endgame so we don’t know what else may have happened in the five year time jump in Endgame that left things the way there were. And, while you would expect some mention of it, they have been rather busy so far. Still, this is a major stretch and doesn’t seem all that compelling so unless Word of God says otherwise, I’m going to assume this isn’t the case.

The other, and more compelling, option is that some sort of butterfly effect thing lead to their timeline having a slight difference in the final battle(s) of Endgame. There were several points where the battle could have gone in the heroes’ favour. Starlord could have not hesitated. Thor could have taken a head shot. That sort of thing. If any one of those things happened, the resulting timeline would have been identical up to the points referenced in the finale of Shield season 5. At that point, things could diverge. This feels like the most satisfying explanation to me so barring some sort of reveal later on, this is what I’m going with in my head canon.

Incidentally, one such reveal that is possible comes to my mind: It may be that the references in Shield season 5 were to some other events that we haven’t seen. It’s entirely possible that much less time has passed on Shield than we think over the past several seasons and that we’re still somewhat pre-snap in the timeline. I kind of hope they don’t use this trick, but it’s not entirely unlikely. I hope they don’t go this way because it still leaves problems for the other Marvel shows. But if the Marvel TV shows are all in a universe where Thanos was defeated conventionally by heroes not screwing up during the final battle(s), then it makes things less complicated and we can just get on with having a multiverse.

Anyway, as I said, my head canon is going with “alternate universe where the Avengers and allies didn’t completely fuck up the final battle(s) in Infinity War” until such time as an alternative explanation is provided. Regardless, though, what we’ve seen so far on Shield season 6 is not really irreconcilable with the MCU movies. There are options. (Actually, the current story arc on Shield could lead to any number of those options.)

I will finish by saying that given that the current season of Shield was in production before Endgame was released, I expect the producers didn’t actually know how things would proceed after the snap so it’s not surprising there are apparent contradictions. Since there is apparently going to be a seventh season, it will almost certainly be addressed then if not before.

Niantic Are a Bunch of Morons

So I play Pokémon Go. It’s something to do when I’m out and about on foot. I’ve recently got to the point where I actually care a bit about the relative strengths of my pokémon. To that end, I’ve started using the naming feature to include some details. However, due to the crazy short length limit for names, I have to abbreviate some of the longer pokémon names to fit the extra information in. Continue reading “Niantic Are a Bunch of Morons”

Walmart Dumbassery

So I was at Walmart today to purchase a couple of things. I encountered some truly dizzying dumbassery in not one, but two places. For reference, this was at the Sage Hill Walmart in Calgary.

First, I was buying cat litter. So I get to the cat liter section and what do I see? Well, take a boo at this:

Not carefully the top of the Slide box. Yup, that’s right. They’ve shoved it onto a shelf whose frontage space is shorter than the box is tall. I wonder what putz thought that was a good idea. To add insult to injury, the next shelf down does have enough space and in the position below, they have one of the smaller sized boxes (like the ones to the right of the Slide box in the picture).  Basically, whoever was setting up the shelves is <bleep> stupid.

But remember I said there were two cases? Well, take a look at this one (click on the image for full size so you can actually see the details):

Pay particular attention to the sale tags which read “2 for $3”. You’ll note they list the regular price as $1.67 and also proudly proclaim “Save 34¢ each”. This must be some kind of new math which I have not previously encountered. By my calculation, “2 for $3” means $1.50 each. Compared to the regular price, that is a 17¢ saving on each, or a total saving of 34¢. So, to the geniuses at Walmart, which is it: do I get 2 for $3 or do I save 34¢ each? It can be one or the other. Not both.

In the second case, I wasn’t actually buying the product so I didn’t bother trying to argue with them about it. I also didn’t have time to spend an hour arguing with bored store representatives to get them to understand why it was a problem.

The first problem is actually less problematic than the second one since in the first case, you know that they got the boxes in so there must be a way to get them out. And they had the correct price tags in place. The second one, however, probably has legal implications given that they are advertising two different sale prices for the same item. I wonder how often that particular error pops up (listing the total saving as though it is for each item).

Anyway, the moral of this story is that you should pay attention to price signs in stores. There’s a good chance I could have got that “2 for $3” item for the actual price of “2 for $2.66” which is what it would have to be to save 34¢ on each of the pair.

The other moral is for people who are stocking shelves and people who decide what the shelf layout should be. Make sure you put items on shelves where they can be properly accessed. There’s nothing more annoying that wanting to buy an item and having to solve a puzzle in order to get it off the shelf. That means the shelf needs to have front clearance to easily remove the item from the shelf, including any rotation that would typically occur and space for the customer’s hands. That means you can’t put a six pack of soda bottles on a shelf that has just a couple of millimetres clearance, either, but even that is better than the nonsense depicted above with the cat litter.

Welp, that’s all for now, folks.

 

Latest WordPress Security Debacle

Probably nobody is really aware of the recently discovered security flaw in the WordPress core. (See https://wordpress.org/news/2017/10/wordpress-4-8-3-security-release/ for the official word on the matter.) This flaw affects the wpdb object’s prepare() method and allows for potential SQL injection attacks. Of course, that raises an important question: why are we still getting these types of vulnerabilities in projects like WordPress? Well, I have an opinion on that. Obviously.

Anyway, you can see the technical details of the vulnerability over here. That link goes into more detail than you ever wanted on how the vulnerability works, why it’s a problem, and why it’s due to a fundamental flaw in the API design.

I don’t have anyting of substance to add to that analysis. However, I do want to say the following:

  • This is not due to WordPress’s use of PHP. Using another language but implementing things in any substantially similar way would have exactly the same problems.
  • This type of problem is not restricted to WordPress. Other high profile projects have been hit with similar API and/or implementation flaws.
  • Proper implementation which does proper input validation can help but will not fix fundamental API design flaws.
  • Incompetent or ignorant coders will find ways to implement security problems no matter how good your API is. However, that’s no excuse to just throw your hands up and say, “What’s the point?”.
  • Even where backwards compatibility is important, it is still possible to implement and deploy a new saner API and then deprecate the old problematic one. Every project with dodgy APIs like the one in this instance should be doing the same thing.
  • Rolling your own database abstraction layer is a dumb idea. Especially if the language environment you are using provides one that is reasonably good.

That’s about all I have to say on this matter at this time. I do encourage you to read the detail link above and understand it. It will give you some good insight on how not to design APIs with an eye toward database APIs.

The Train Crash Dilemma

You have, no doubt, at least heard of the train crash dilemma. Put simply, it goes something like this: A train is approaching a two-way switch. On the currently selected track, there is a group of five people who will be hit if nothing changes. On the other track, there is a single person who will be safe if nothing changes. You are in a position to be able to change the switch direction. Would you act (change the switch) or do nothing (leave the switch alone)? Continue reading “The Train Crash Dilemma”

SourceCop Redux

Quite some time back, I mentioned SourceCop in a diatribe on source obfuscation. Today someone apparently representing SourceCop wrote a comment on that post which reads very much like a commercial for their product. I did not approve the comment because my blog is not a sales platform and also because it was quite long. I have, however, chosen to reproduce most of it here and address the points it makes. You may want to read the previous article for context. Continue reading “SourceCop Redux”

The “St. Ives” Riddle

I’m sure almost everyone has heard the “St. Ives” riddle in one form or another. It goes as follows:

As I was going to St. Ives,
I met a man with seven wives,
Each wife had seven sacks,
Each sack had seven cats,
Each cat had seven kits:
Kits, cats, sacks, and wives,
How many were there going to St. Ives?

There are a few variations to the above. This discussion is based on the above text as written so any criticism bringing in other versions or what have you is not relevant.

There are a few different answers for it. The general consensus seems to be that the correct answer is one. My assertion is that the general consensus is wrong. My reasoning generally parallels the reasoning that leads to the conclusion that one is the correct answer but the final conclusion differs.

First, the narrator is going to St. Ives. Normally, if you meet someone on the road, it’s because they are going in a different direction or are not going anywhere at all. (It seems that “meet” had a much tighter definition in the time when the riddle was first framed so this is actually reasonable.) In either of those cases, the only mentioned person or thing going to St. Ives would be the narrator. Thus, the answer is one, correct? After all, we know the narrator is going to St. Ives. Except that doesn’t fit. The rhyme specifically calls out “kits, cats, sacks, and wives” in the question. Note that it does not include the man or the narrator! That means that neither the narrator nor the man with the wives can be included in the answer.

The other assumptions I made to arrive at the above are:

  • The narrator is not a wife. That is a reasonable assumption but there is no actual evidence to support it. If the narrator happens to be a wife, that allows you to justify an answer of one. However, bringing in unstated information is generally not considered valid for a riddle since that would allow any random answers to be justified.
  • The second to last line is not there for mere decoration or to fill out the rhyme. That is a reasonable assumption since doing anything other than considering the entire text is cherry picking and that can be used to defend all manner of answers.

You could argue that everyone is going to St. Ives depending how you interpret “met”. Considering the age of this particular riddle, it’s reasonable to assume that “met” refers to oncoming traffic. If, however, we apply a looser modern interpretation of “met”, perhaps the narrator caught up with the man’s party, which is not unreasonable if he is travelling with seven wives. That would mean everyone is going to St. Ives. In that case, you would have to do the calculation and arrive at 2800 (the total number of kits, cats, sacks, and wives). Again, one suggested answer for this circumstance is 2801 but that’s not defensible at all, even if you do interpret things to include the narrator and the man. In that case, the answer would be 2802. However, as noted above, the question specifically enumerates the kits, cats, sacks, and wives so the man and the narrator should not be included. That means only 2800.

I should note at this point that there is a variation where the narrator only meets the seven wives and there is no mention of the man. In that case, if you count everyone and everything, then 2801 would be valid. However, as long as the man is mentioned, 2801 cannot be defended.

Civilization V – Venice

With the impending Civilization VI release, I thought it would be amusing to do a few posts about Civilization V, particularly because it looks like I won’t be able to purchase Civilization VI when it is released because all signs point to there being no Linux port. In fact, rumour has it there won’t ever be one and the reported reasons for that are complete BS. But that’s beside the point.

Just recently, I decided to finally play a game as Venice. I set it up as the one city challenge since, why not. Venice is only allowed to found one city anyway. The only difference for Venice in the one city challenge is that it is not possible to control additional cities (puppets). Continue reading “Civilization V – Venice”

cphulkd sucks

One of the unfortunate things about my day job is that I have to manage a server running cPanel. Some folks insist on cPanel because it has all these fancy gewgaws, features, widgets, and the like. However, once you start trying to manage a server running cPanel for more than a few trivial web sites, you start to discover just how terribly engineered it is, and it has absolutely no excuse for that. One particular feature I recently tripped over hard is cphulkd, which is cPanel’s answer to brute force detection. Continue reading “cphulkd sucks”

The PHP Encryptor Scam

At $dayjob, I recently encountered a WordPress installation that was created by some overseas developers on behalf of our client. Let’s call the client Fred. So Fred asks me to make a duplicate of his site on a subdomain so he can have some development work done without messing up the live site. That’s perfectly reasonable and ordinarily poses no problems. You just duplicate the WordPress files and database, update the configuration file, maybe fix a hard coded URL or two, and Bob’s your uncle. Alas, this time it was not that simple. Continue reading “The PHP Encryptor Scam”