Monday, July 08, 2024

The Oversubscribed American Child

Kids in the Bay Area are oversubscribed, both in summer holidays and on evenings and weekends of school-days. During the school year, children spend time in after-school activities, coming home shortly after 5pm, when the parents are done with their work. Sorry, I misspoke. Children don't even come home themselves, they are driven back by parents.

In the evenings, kids are busy with soccer, football, basketball, piano, chess, martial arts. Sometimes all of the above. The parents are shuttling the kid back and forth to these events, and are themselves unavailable for any social commitments of their own. As a result, the parents social life is restricted to meeting the parents of other kids at all these events.

All these activities are enriching. When you were a child, you did not have access to a tennis court, and your child loves tennis. There is no harm in this one activity. Then again, your child also has an interest in singing, dance, basketball, and swimming. Which activity can we deny them, possibly closing the door to a life-long joy?

Near the swimming pool, you see parents coaxing, encouraging, threatening, cheering as the kid swims laps. The 10 year old is getting ready for the swim team. This happens thrice a week, after school, or before school. There are swim meets, there are practices, and the parent tugs along for the ride.

Sure, the kids have friends, but how deep can a friendship be when you are only available on specific time slots, a few times a week. The swim kids are the kids' friends. Your child needs to make the swim team, to retain their social life.

No longer a tiger mom, there is now a tiger child. In fact, tigers all around: the parents are themselves ambitious, chasing a promotion at work, and a soccer victory for the child, sometimes from the same soccer field. Where do you draw a line between the ambition and desires of the child and that of the parent?

A family just moved in and their kid would play on a few occasions with other children in the neighborhood. A few weeks later, the school year starts. In the evening, this kid was invited to join in a game. Alas, the kid is busy, and is only available from 4:30-5:30pm. On Fridays. That was the only time in the entire week that this kid is free to be a child. My full-time job keeps me busy, and yet, I have more free time.

Ah, but you are independent, and think for yourself. Your kids are free-range. Tell me, how free-range can your children be, when all other children are at camp? During summer vacations, your children are bored stiff at home; as everyone around them is busy all day, unavailable, away at soccer camp, swimming camp, then music camp, week after week for the whole summer? You child begs you to enroll them in the same camp as their friend, that is the only time they can both be together. Parents mail out schedules to see if kids' friends can enroll in similar camps over the summer. Stay free-range and your child has nobody to play with. Enroll your child in some camp, and at least they'll have some social life. And all that enrichment.

Soon, there are no children to be seen. Can you can tell if school is in session from walking around your neighborhood? Does anything change from May to July?

Everyone knows the suburbs are criminally empty. Distances are vast, and every friend is twenty minutes away on foot. The library, the ice-cream shop, ... everything is far. Your child cannot cross that six-lane arterial road by themselves! No bike lanes, and anyway they'll get hit by an SUV that cannot see them. Soon enough, they have to be driven. There are some lucky cities and some fortunate locations, but the vast majority is not navigable by 12-year olds.

"When I grew up", ... starts every critique. This is the usual refrain because parents have access to just two childhoods: their own, and their kids. All conclusions are drawn from these two data-points, until a grandparent comes by to cast a tie-breaking third. Was your generation different from this? What about the grandparents?

I have no doubt that this will lead to many world-class artists, musicians, and athletes. The next Michael Phelps is swimming near you, as their parent yells from shore. But this small amount of Great comes at the cost of a lot of Good. That one Olympic winner will cost us a generation of lost childhoods. Thousands of children will grow up to be detached from others: lonely, anxious, uncomfortable in their skin. Cellphones, social media, TV, gaming will get blamed. Why are kids so lonely these days? Because they don't have friends, and have never learned to cultivate real life friendships. They were ferried around in the backs of SUVs, in comfortable car seats, from the chess club to the soccer meet, and then to ballet. Everything was regimented, sanitized, clinical.

The real world is messy. Being an adult requires comfort with this mess. True friendships grow over time, born in experimentation, nurtured by shared experiences and bad collective judgement. You make a friend when you help the kid with a sprained ankle. When you disagree and fight over how you were treated. You realize you have a true friend when he helps you jump the fence and lies about it. You don't need 'play dates', you need play. You grow to be an adult through the risk-free life of a child, discovering the contours of the world.

Sunday, June 23, 2024

Encrypted, private github repositories

 Github allows unlimited private repositories.  Sometimes, though, you need additional privacy.  I store many of my passwords and other sensitive information inside plain text files, and would like to version them with git and then upload them to github.  Even with private repositories, these text files are available to github employees, stored in cleartext in backups, available to law enforcement, etc. I'd like these files to be stored with encryption at Github, to ensure that only I have access to these files.  While I could do this with my own git instance, I like the availability, backups and worldwide reach of github, and I want to avoid maintaining one more thing.

This tutorial shows you how to have encrypted repositories at Github. In an encrypted repository, the contents of the repository at Github are encrypted with GnuPG. On all machines outside your own, these files are encrypted and secure. Nobody, not even employees at Github can examine the contents of the files. Without your gpg secret key, the entire repository at github is opaque to people.

The repositories can be private or public. For an encrypted repository, there is little difference between a public and a private repository, as the contents are not visible without your secret gpg key.  The benefits to having a private repository is that nobody can tell the repository exists, and you have an additional hurdle of an ssh key to download the repository. The benefit of a public repository is that you can have many contributors, and you can git clone the repository from anywhere, as far as you have the gpg secret key to decrypt the contents.


For this mini-tutorial, you should already have git working with ssh keys.  If you don't, follow these instructions. This tutorial is for Linux.


1. Packages: On Linux, install the relevant packages:

apt install git-remote-gcrypt gnupg


2. Github repository: Create a private repository in github. I created an example public repository here though you might want to create a private repository.

export PROJECT=username/reponame.git

3. Create gpg keys: if you don't already have one using

gpg --full-generate-key

Remember the passphrase used here.  If you lose/forget this passphrase, you will not be able to decrypt this repository, ever.  The keyring is usually stored in .gnupg/pubring.kbx 


List the keys, and write down the key-id:

gpg --list-keys

export KEY_ID=<what you got above>

For example, my KEY_ID is BAB59DAD24A79C69D4D3E5451482830DA6C99CAA.

4. Configure git: Go over to your existing git repository (or initialize one, and then add files to it)

Specify this ID as the one that you will encrypt with:

git config --global user.signingkey $KEY_ID

And as the participant allowed to contribute to this project

git config remote.origin.gcrypt-participants $KEY_ID


5. Remote: Add the upstream remote like this:

git remote add origin gcrypt::git@github.com:$PROJECT

git push origin master


That should prompt you for your gpg password you entered when creating your key.  Now, you have a git repository that is hosted at github, and the contents are encrypted.  This is an example of what you should see.  At this point, the repository could be private or public, since nobody can read the contents unless they have your GPG key.


6. Clone: To clone this repository on another machine, remember to add gcrypt:: before the git@github.com, and the new machine should have both the ssh keys (to clone a private repository) and the gnupg keys (to decrypt the contents of the repository)

git clone gcrypt::git@github.com:$PROJECT

For example, I do:

git clone gcrypt::git@github.com:youngelf/example-encrypted-repository.git

Done right, it should request the gpg password for the private key, and show you this output from gpg

gpg: Good signature from "Your name <email@example.com>"


7. git pull, git add, git push

At this point, this is a normal git repository, you can use git commands.  I find it more convenient to use the git clone'd directory, as it sets the configuration for branch.master.merge and branch.master.remote correctly.