Epistemological Relativism

This may not be anything particularly new and may be obvious to most people, but to me, it was new so I’m going to share it. Ideas are historical. There it is. It is that simple. The explanation and implications are the complex and challenging part. Really though, ideas are formed, altered, or superseded by newer ones within a historical context. This context has social, religious and economic forces that act upon these ideas. Intuitively we know this. We know that we are members of a temporal dimension where events happen in a particular order and have a series of causes. This is important because many presume that ideas, particularly the ideas that they are fond of, always were. This just isn’t the case. Yes, I’m sorry to break the news to you. They presume that, because *they* like them, that most people must like them. Maybe it is because these ideas stood some test of time and reflection. This doesn’t mean that all old ideas are terrible and only new ideas are worth anything of value. It is important to reflect on the notion that ideas were built around societal pressures. These pressures could have been responsible for the debunking of myths of the origins of the universe (Thales), creating political systems to protect people (Hobbes) and a host of other topics. Many of the ideas that we have were born from times which are far removed from us with motivations that no longer apply to us and yet their seeming utility forces us to adopt them as if they always were “proper” and “correct”. I’m painting with a broad brush with regards to ideas since they can be moral values, religious beliefs or natural observations, but I think this initial realization may challenge us to approach ideas we are confronted with care and caution. Unfortunately, this requires some “heavy lifting”.

Thoughts

I’ve been dabbling for a while now with scapy. A quick cursory examination and you can tell that this tool has a lot of flexibility and power. It takes a bit of time to learn the method of packet building and the arguments to the various methods. In one of my first experiments with the tool I thought I’d attempt to detect systems running the nifty, if not completely insecure, tool known as ICMP Shell. This tool gives you access to a remote shell and communication to and from this system is over ICMP. The default behavior is to send and receive ICMP echo-reply messages (icmp type 0) with the id set to 60165. Using the provided ish client all this is handled for you once you give it the IP address of the listening system. Since we aren’t using the client the first order of business is to craft a packet that looks similar to the one generated by the client.

Here’s a walkthrough of the packet construction. But, before I begin, I used the ‘pre’ tags and because of that the lines do not wrap properly. In fact, it looks quite bad.

Welcome to Scapy (1.0.4.24beta) >>> ip = IP(dst="172.20.62.0/24", len=59)

All I need for a valid IP packet is the destination IP address and, because I’m using padding, a correct total packet length. There may be a way to automate this but I haven’t figured it out yet. You may be wondering why I have not specified any other options and this is because scapy picks sane defaults. To see which defaults it has chosen for this packet use ls(ip).

>>> icmp = ICMP(type="echo-reply",id=60165)

It is the same story here as well. I only need to provide the appropriate icmp type/code and also, because ICMP shell is expecting it, an ICMP identifier.

>>> id = str('x69x64x0a')

>>> payload = str('x00' * 20) + str('x02') + str('x00' * 7) + id >>> padding=Padding(payload)

The ICMP shell client pads the ICMP message with some data and if I do not duplicate the appropriate positions of this data it will be rejected by the ICMP shell server. Using a bit of python to save typing I’ve created the necessary padding.

>>> packet=ip/icmp/padding

Since we’ve already created placeholders for the various parts we only need to glue them together to create a valid IP packet. Typing the name of the variable outputs the constructed object. Of course, we could have saved some typing and done something like this:

>>>packet=IP(dst="172.20.62.0/24", len=59)/ICMP(type="echo-reply", id=60165)/padding

And that would have done the same thing assuming we defined padding appropriately. After this we're ready to inject these packets on the wire. When we're ready we type:

>>>send(packet)

There are many other methods we can use to send packets, control timeout, retries and other behaviors. This particular method sends packets at layer three without keeping track of responses. We are, at first, going to use TCPdump to track our responses. Below is what a standard ICMP Shell negotiation looks like.

$ sudo tcpdump -nexXs 1500 -i eth0 icmp tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 1500 bytes 16:49:18.665206 00:11:25:47:72:b6 > 00:0b:cd:b8:7f:07, ethertype IPv4 (0x0800), length 73: 172.20.62.20 > 172.20.62.40: ICMP echo reply, id 60165, seq 0, length 39 0x0000: 4500 003b 0000 4000 4001 665d ac14 3e14 E..;..@.@.f]..>. 0x0010: ac14 3e28 0000 9f95 eb05 0000 0000 0000 ..>(............ 0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0030: 0200 0000 0000 0000 6964 0a ........id. 16:49:18.669660 00:0b:cd:b8:7f:07 > 00:11:25:47:72:b6, ethertype IPv4 (0x0800), length 109: 172.20.62.40 > 172.20.62.20: ICMP echo reply, id 60165, seq 11264, length 75 0x0000: 4500 005f 0000 4000 4001 6639 ac14 3e28 E.._..@.@.f9..>( 0x0010: ac14 3e14 0000 32bd eb05 2c00 0000 0000 ..>...2...,..... 0x0020: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0x0030: 0000 0000 0000 0000 7569 643d 3028 726f ........uid=0(ro 0x0040: 6f74 2920 6769 643d 3028 726f 6f74 2920 ot).gid=0(root). 0x0050: 6772 6f75 7073 3d30 2872 6f6f 7429 0a groups=0(root).

And here is what the scapy injected packed looks like.

16:50:35.649054 00:11:25:47:72:b6 > 00:0b:cd:b8:7f:07, ethertype IPv4 (0×0800), length 73: 172.20.62.20 > 172.20.62.40: ICMP echo reply, id 60165, seq 0, length 39
0×0000: 4500 003b 0001 0000 4001 a65c ac14 3e14 E..;….@….>.
0×0010: ac14 3e28 0000 14fa eb05 0000 0000 0000 ..>(…………
0×0020: 0000 0000 0000 0000 0000 0000 0000 0000 …………….
0×0030: 0200 0000 0000 0000 6964 0a ……..id.The result, again in TCPdump is

16:50:35.656251 00:0b:cd:b8:7f:07 > 00:11:25:47:72:b6, ethertype IPv4 (0×0800), length 109: 172.20.62.40 > 172.20.62.20: ICMP echo reply, id 60165, seq 11520, length 75
0×0000: 4500 005f 0000 4000 4001 6639 ac14 3e28 E.._..@.@.f9..>(
0×0010: ac14 3e14 0000 31bd eb05 2d00 0000 0000 ..>…1…-…..
0×0020: 0000 0000 0000 0000 0000 0000 0000 0000 …………….
0×0030: 0000 0000 0000 0000 7569 643d 3028 726f ……..uid=0(ro
0×0040: 6f74 2920 6769 643d 3028 726f 6f74 2920 ot).gid=0(root).
0×0050: 6772 6f75 7073 3d30 2872 6f6f 7429 0a groups=0(root).
Looks like we found a valid system that has ICMP Shell running on it. Hats off to scapy.

But, isn’t TCPdump a bit slow. Can’t we use scapy to filter through packets and show us only those that meet our criteria? Of course! Scapy has a sniff method that takes quite a few arguments. I have the minimum to get the job done.

>>> sniff(filter="icmp", prn=lambda x: x.sprintf("Found IShell: %IP.dst% > %IP.src% -- %Raw.load%"),lfilter=lambda x: str(x[Raw]).find("uid") != -1)

We want only icmp packets, we want to print some output and finally with the lfilter we’re telling the system to only deliver packets to the prn method that meet the criteria. In this case we’re looking for ‘uid’ in the payload of the ICMP packet. If uid is found we print out the source, destination and the payload for verification. I found out the long way the the lambda expressions only take simple statements. At first I tried to pack everything into the prn argument, but that failed miserably. Eventually I stumbled upon the lfilter and the realization of the statement requirement. Once you get past this I think it is smooth sailing.
There it is. Some basic features of scapy that, hopefully, demonstrate scapy’s flexibility and utility.

Code, Security

We recently started art technique with my daughter and son. Using the text Drawing with Children we are attempting to develop “realistic” approach to drawing. The text uses a method of recognizing basic shapes as building blocks to drawing all objects. As I read the text and went through the first chapter with the kids over a couple of sessions I reflected back on how I drew as a teenager. I didn’t receive training, but I think intuitively recognized these relationships and common shapes. Here’s a sample, for those that are interested, of what I used to draw over 10 years ago.

I think the sketches are self-explanatory. Needless to say I was a volleyball and Spawn fan at the time.

General, Homeschool

As part of the next series I conducted an informal (non-scientific?) survey. The survey asked people to explain in their own words what scientific proof means. I received a variety of answers. Here are a few.
1. A scientific process that outputs the expected results

2. A Fact; Something that has been proven before

3. Evidence for a claim that follows the ‘laws’ of science

4. Irrefutable evidence

5. Documented, test-driven and proven

From these sketches it can be observed that to some scientific proof is concerned with the process by which we validate hypothesis and to others this proof is the data or fact itself. The disagreement, I think, demonstrates that there is some degree of confusion about what scientific proof means.

In part one I mentioned one possible misuse that is coupled with an inaccurate understanding of scientific proof. Another outcome of defining scientific proof as irrefutable, facts and proven is the propensity for treating knowledge obtained within the context of scientific methods to be the only valid form of knowledge. This positivist criteria for knowledge fails, of course, to be able to demonstrate scientifically the truthfulness of the claim itself. The positivist idea is itself a metaphysical theory of knowledge. This shift away from other types of knowledge has given rise to all sorts of interesting conversations. Religious discourse is particularly interesting. It can be heard within the isles of my workplace that people don’t mind religious discussion as long as people don’t make claims as to which one is right or wrong. Since this type of discussion is about objects that don’t meet the positivist notion of knowledge it, claim some, cannot be discussed in the context of objective reality. In other words, these discussions aren’t about what’s out there, but only people discussing their opinions. Is there a way out of the mess or is all non-scientific “knowledge” mere opinion?

General

I guess some religious groups (to remain nameless to protect the guilty) are a bit disturbed by a recently elected congressman’s desire to be sworn in using the Koran (yeah, I know it’s the anglicized name) instead of the Christian bible. A question offered by one subgroup that frames one argument “What book will America base it’s values on, the Bible or the Koran?” An argument by Dennis Prager states that “He should not be allowed to do so — not because of any American hostility to the Koran, but because the act undermines American civilization”. I can understand why some people may have a negative view of the congressman’s disregard for a very old tradition, but this is not what the two quotes above are getting at. They attempt to argue that Judeo-Christian values are the only way towards reasonable ethical behavior. Without a country anchored in these values, in their view, a trend of moral degeneration follows and ultimately the demise of America. What they fail to acknowledge is that they belong to the same group that argues for a natural law or an objective moral standard that is intuitive to most people and civilizations across time. What’s more, they also argue that these moral standards are found in most religious texts. So, I guess I’m a bit confused by they’re assertions and prognostications. On one hand the Koran moral standards are so different that we cannot have an observant Muslim (if he is observant and not pulling a stunt) attempt to live by them and on the other a basic set of moral standards are common to all mankind. Which one is it?

Of course, my wife quickly observed that it would be silly for the congressman to be sworn in using a bible of a religious he does not follow. Do these religious groups simply want an outward demonstration? This sounds like everyone wants to live in the Matrix. Is it that these groups don’t want to acknowledge that most of the people that place their hand on that bible do not believe and have no intentions of following it? Is it really the end of civilization because a man wants, for once, to be honest about what he believes? Again, if it is an issue of tradition, I understand the position, but with words like “undermining civilization” and “which values” it doesn’t seem that is the case.

We also fail to realize the historical nature of the tradition itself. The congressman is being chastized for not doing what so many other have done before him including Jews, Christians, Muslims and Agnostics. But, in the beginning, isn’t this what Washington himself was saying by this act? Wasn’t he making a decision for himself? Was he *really* making a statement about Judeo-Christian ethics and foundations or was it about his personal beliefs? I think we know the answer and yet we pretend that Washington’s personal actions have some sort of prescriptive character to them. I understand the tradition, but these groups need to be clear on what precisely they are arguing.

General, Thoughts

Yesterday my wife asked me for a child-friendly definition of war at the request of my oldest daughter. I explained that there was no way to translate the wars of mankind into child-friendly language. The loss of life or forceful taking of life found in war cannot be couched in anything except what it is. Intuitively a child knows that in most cases (if not all from their point of view) that the taking of human life is somehow wrong. At best, I think, we attempt to explain our own formulations, contrived or otherwise, of just war theory. We explain to children that as human beings we have a responsibility to protect ourselves (others who cannot) when we are confronted by those that would try to take from us our lives. In general, this is somewhat sound if we assume for the moment we all have a common set of values and a common set of responses for the violations of these values. I know, it may be a stretch and in practice we find that it is. It is more difficult when we approach the bounds of this simple justification as is the case of the current war. How do you explain to a child the notion of preemption? Preemptive action is not a strictly defensive response. This is almost like (and my analogy and logic may be way off) walking up to the bully at school and knocking his block off because he has done it to others and may do it to you. When my daughter wonders out loud how the family’s manage during Christmas it causes me, at least, to reflect a bit longer. I appreciate the freedom that we have and I understand the price that was and is being paid to preserve it. However, I hope that when we go off to war we look at it through the eyes of a child. Sometimes their purity can be a source of clarity.

General, Thoughts

I’ve been pondering the idea of scientific proof. This post is due mostly because of an interesting discussion I had at work, but scientific proof, knowledge and method has been something I’ve been researching off and on for the past few months. Scientific proof, when in the heads of non-scientists, seems to mean something that most scientists would not entirely agree with.

When we are confronted with a requirement to offer scientific proof of a particular assertion this typically means we must provide some form of evidence (observation, prediction and experiments) that establishes with certitude our view of nature. Here is where, I think, we fall off the tracks. Certitude, unfortunately, is not what a scientist seeks to establish. He seeks to provide a possible and, through experimentation *and* interpretation, probable explanation for the objects in the natural world. Rarely, if ever, do scientists make the bold statements that they possess certainty with respect to their views about nature.

We as non-scientists, toss this back and forth between one another when we are confronted with ideas in nature that we find unappealing. What’s worse is when we attempt to require scientific proof for non-material objects or concepts. Most times we use this as kind of a “Ha! If you can’t demonstrate your ideas scientifically they must be rejected.” I must admit, it works quite well. But when we naively toss out this requirement we fail to realize that within the scientific reasoning process tools such as logic, deduction, induction and interpretation are a common staple. These are the very tools that allow us to reason about all sorts of metaphysical objects. For some reason, we silently (ignorantly or implicictly) allow these tools to be used by the scientist, but do not allow them to be used to establish the possibility of metaphysical truths. This may have something to do with the concept of certainty being so tightly coupled with the idea of scientific proof.

We cannot realistically make use of logic to reason about the natural world and at the same time restrict this class of reasoning when speaking about other objects. Science makes use of premises that lead to conclusions that must be true if the premises are true. So, we either have to reconsider what we mean by scientific proof or allow for the possibility that this reasoning process is available to non-scientists to derive non-certain, but possible and probable knowledge about the world. To this end, this is more or less an introduction to what will, hopefully, be my take on scientific epistemology. I think it is important to understand what scientific knowledge is, how this knowledge is obtained and how it relates to reality.

General, Thoughts