Something went wrong. Wait a mo­ment and try again.

We come from the fu­tureWe come from the fu­ture

How Fighter Jets Lock On (and How the Targets Know)

The pri­mary tech­nol­ogy that a mil­i­tary air­craft uses to lock and track an en­emy air­craft is its on­board radar. Aircraft radars typ­i­cally have two modes: search and track. In search mode, the radar sweeps a ra­dio beam across the sky in a zig-zag pat­tern. When the ra­dio beam is re­flected by a tar­get air­craft, an in­di­ca­tion is shown on the radar dis­play. In search mode, no sin­gle air­craft is be­ing tracked, but the pi­lot can usu­ally tell gen­er­ally what a par­tic­u­lar radar re­turn is do­ing be­cause with each suc­ces­sive sweep, the radar re­turn moves slightly. This is an ex­am­ple of the fire con­trol radar dis­play for an F-16 Fighting Falcon when the radar is in a search mode:Each white brick is a radar re­turn. Because the radar is only scan­ning, not track­ing, no other in­for­ma­tion is avail­able about the radar tar­gets. (There is one ex­cep­tion: The Doppler shift of the radar re­turn can be mea­sured, to es­ti­mate how fast the air­craft trav­el­ing to­wards or away from you, much like the pitch of an on­com­ing train’s whis­tle can tell you how fast it’s com­ing at you. This is dis­played as the small white trend line orig­i­nat­ing from each brick.)Note that the cur­sors are over the bot­tom-most brick (closest to our air­craft). The pi­lot is ready to lock up this tar­get. This will put the radar into a track mode. In track mode, the radar fo­cuses its en­ergy on a par­tic­u­lar tar­get. Because the radar is ac­tu­ally track­ing a tar­get, and not just dis­play­ing bricks when it gets a re­flec­tion back, it can tell the pi­lot a lot more about the tar­get. This is what the F-16′s fire con­trol radar dis­play looks like when a tar­get is locked:G/​O Media may get a com­mis­sion15% off Your First OrderGet it for $11 at Hum Nutrition Along the top we have a lot of in­for­ma­tion about what our radar tar­get is do­ing:Its as­pect an­gle (angle be­tween its nose po­si­tion and our nose po­si­tion) is 160° to the left,and our clo­sure rate is 828 knots. With this in­for­ma­tion, the pi­lot gets a much bet­ter idea of what the air­craft is do­ing, but at the ex­pense of in­for­ma­tion about other air­craft in the area.Note that in the above pic­ture, the bot­tom-most (closest) tar­get is locked (circle around it), the two tar­gets fur­ther away are tracked (yellow squares), and there are two radar re­turns even fur­ther away (white bricks). This is demon­strat­ing an ad­vanced fea­ture of mod­ern radars, sit­u­a­tional aware­ness modes. A radar in SAM com­bines both track­ing and scan­ning to al­low a pi­lot to track one or a small num­ber of “interesting” tar­gets while not los­ing the big pic­ture of what other tar­gets are do­ing. In this mode, the radar beam sweeps the sky, while briefly and reg­u­larly paus­ing its scan to check up on a locked tar­get.Note that all of this comes with trade­offs. In the end, a radar is only as pow­er­ful as it is, and you can put a lot of radar en­ergy on one tar­get, or spread it out weakly through­out the sky, or some com­pro­mise in be­tween. In the above photo you can see two ver­ti­cal bars span­ning the height of the dis­play — these are the az­imuth scan lim­its. It’s the air­craft’s way of telling you, “OK, I can both track this tar­get, and scan for other tar­gets, but in re­turn, I’m only go­ing to scan a 40° wide cone in front of the air­craft, in­stead of the usual 60°. Radar, like life, is full of trade­offs.An im­por­tant thing to note is that a radar lock is not al­ways re­quired to launch weapons at a tar­get. For guns kills, if the air­craft has a radar lock on a tar­get, it can ac­cu­rately gauge range to the tar­get, and pro­vide the pi­lot with the ap­pro­pri­ate cor­rec­tions for lead and grav­ity drop, to get an ac­cu­rate guns kill. Without the radar, the pi­lot sim­ply has to rely on his or her own judge­ment.As an ex­am­ple of that, let’s take a look at the F-16′s HUD (heads-up dis­play) when in the process of em­ploy­ing guns at a radar-locked tar­get:It be­comes in­cred­i­bly sim­ple; that small cir­cle la­beled “bullets at tar­get range” is called the “death dot” by F-16 pi­lots. Basically, it rep­re­sents where the can­non rounds would land if you fired right now, and the rounds trav­eled the dis­tance be­tween you and the locked tar­get. In other words, if you want a solid guns kill, sim­ply fly the death dot onto the air­plane. Super sim­ple.But what if there’s no radar lock? Well now the HUD looks like this:No death dot — but you still have the fun­nel. The fun­nel rep­re­sents the path the can­non rounds would travel out in front of you if you fired right now. The width of the fun­nel is equal to the ap­par­ent width of a pre­de­ter­mined wingspan at that par­tic­u­lar range. So, if you did­n’t have a lock on your tar­get, but you knew it had a wingspan of 35 feet, you could dial in 35 feet, then fly the fun­nel un­til the width ex­actly lined up with the width of the en­emy air­craft’s wings, then squeeze the trig­ger.And what about mis­siles? Again, a radar lock is not re­quired. For heat-seek­ing mis­siles, a radar lock is only used to train the seeker head onto the tar­get. Without a radar lock, the seeker head scans the sky look­ing for “bright” (hot) ob­jects, and when it finds one, it plays a dis­tinc­tive whin­ing tone to the pi­lot. The pi­lot does not need radar in this case, he just needs to ma­neu­ver his air­craft un­til he has “good tone,” and then fire the mis­sile. The radar only makes this process faster.Now, radar-guided mis­siles come in two va­ri­eties: pas­sive and ac­tive. Passive radar mis­siles do re­quire a radar lock, be­cause these mis­siles use the air­craft’s re­flected radar en­ergy to track the tar­get.Ac­tive radar mis­siles how­ever have their own on­board radar, which locks and tracks a tar­get. But this radar is on a one-way trip, so it’s con­sid­er­ably less ex­pen­sive (and less pow­er­ful) than the air­craft’s radar. So, these mis­siles nor­mally get some guid­ance help from the launch­ing air­craft un­til they fly close enough to the tar­get where they can turn on their own radar and “go ac­tive.” (This al­lows the launch­ing air­craft to turn away and de­fend it­self.) It is pos­si­ble to fire an ac­tive radar mis­sile with no radar lock (so-called “maddog”); in this case, the mis­sile will fly un­til it’s nearly out of fuel, and then it will turn on its radar and pur­sue the first tar­get it sees. This is not a rec­om­mended strat­egy if there are friendly air­craft in close prox­im­ity to the en­emy.As to the last part of your ques­tion — yes, an air­craft can tell if a radar is paint­ing it or locked onto it. Radar is just ra­dio waves, and just as your FM ra­dio con­verts ra­dio waves into sound, so can an air­craft an­a­lyze in­com­ing ra­dio sig­nals to fig­ure out who’s do­ing what. This is called an RWR, or radar warn­ing re­ceiver, and has both a video and au­dio com­po­nent. This is a typ­i­cal RWR dis­play:Al­though an air­craft’s radar can only scan out in front of the air­craft, an air­craft­can lis­ten for in­com­ing radar sig­nals in any di­rec­tion, so the scope is 360°. A dig­i­tal sig­nal proces­sor looks for rec­og­niz­able ra­dio “chirps” that cor­re­spond to known radars, and dis­plays their az­imuth on the scope. A chirp is a dis­tinc­tive wave­form that a ra­dio uses. See, if two ra­dios use the same wave­form si­mul­ta­ne­ously, they’ll con­fuse each other, be­cause each ra­dio won’t know which radar re­turns are from its own trans­mit­ter. To pre­vent this, dif­fer­ent ra­dios tend to use dis­tinct wave­forms. This can also be used by the tar­get air­craft to iden­tify the type of radar be­ing used, and there­fore pos­si­bly, the type of air­craft.In this dis­play, the RWR has de­tected an F-15 (15 with a hat on it in­di­cat­ing air­craft) at the 7-o’clock po­si­tion. The strength of the radar is plot­ted as dis­tance from the cen­ter — the closer to the cen­ter, the stronger the de­tected radar sig­nal, and there­fore pos­si­bly the closer the trans­mit­ting air­craft.De­tected at the 12- to 1-o’clock po­si­tion are two sur­face-to-air mis­sile (SAM) sites, an SA-5 “Gammon” and an SA-6 “Gainful”. These are Russian SAM launch­ing radars and rep­re­sent a se­ri­ous threat. The RWR com­puter has de­ter­mined the SA-6 to be the high­est pri­or­ity threat in the area, and thus has en­closed it with a di­a­mond.RWR also has an au­dio com­po­nent. Each time a new radar sig­nal is de­tected, it is con­verted into an au­dio wave and played for the pi­lot. Because dif­fer­ent radars “sound” dif­fer­ent, pi­lots learn to rec­og­nize dif­fer­ent air­borne or sur­face threats by their dis­tinc­tive tones. The sound is also an im­por­tant cue to tell the pi­lot what the radar is do­ing: If the sound plays once, or in­ter­mit­tently, it means the radar is only paint­ing our air­craft (in search mode). If a sound plays con­tin­u­ously, the radar has locked onto our air­craft and is in track mode, and thus the pi­lot’s im­me­di­ate at­ten­tion is de­manded. In some cases, the RWR can tell if the radar is in launch mode (sending radar data to a pas­sive radar-guided mis­sile), or if the radar is that of an ac­tive radar-guided mis­sile. In ei­ther of these cases, a dis­tinc­tive mis­sile launch tone is played and the pi­lot is ad­vised to im­me­di­ately act to counter the threat. Note that the RWR has no way of know­ing if a heat-seek­ing mis­sile is on its way to our air­craft.Aside from radar, there are other tech­nolo­gies that are used to lock on to en­emy air­craft and ground tar­gets. A tar­get­ing pod is a very pow­er­ful cam­era mounted on an ar­tic­u­lat­ing swivel that al­lows it to look in nearly every di­rec­tion. This cam­era is con­nected to im­age proces­sor that is able to tell apart ve­hi­cles and build­ings from sur­round­ing ter­rain, and track mov­ing tar­gets. This is the SNIPER XR tar­get­ing pod:And this is what the pi­lot sees when he op­er­ates it:The pod is able to track ve­hi­cles day and night, us­ing vi­sual or in­fra-red cam­eras. Heat-seeking mis­siles ob­vi­ously use this same tech­nol­ogy to home in on air­craft, and elec­tro-op­ti­cal mis­siles use this tech­nol­ogy to track ground tar­gets.Lastly, there are laser-guided mis­siles as well. These “beam rid­ers” fol­low a laser beam em­a­nat­ing from the air­craft to the tar­get. Many ground ve­hi­cles use laser rangefind­ers as well, and some air­craft in­clude a laser warn­ing sys­tem (LWS) that works sim­i­larly to an RWR, but dis­plays in­com­ing laser sig­nals in­stead.How does a fighter jet lock onto and keep track of an en­emy air­craft?orig­i­nally ap­peared on Quora. You can fol­low Quora on Twitter, Facebook, and Google+.This an­swer has been lightly edited for gram­mar and clar­ity.

This ar­ti­cle was pub­lished on­line on March 10, 2021.

The United States had long been a hold­out among Western democ­ra­cies, uniquely and per­haps even sus­pi­ciously de­vout. From 1937 to 1998, church mem­ber­ship re­mained rel­a­tively con­stant, hov­er­ing at about 70 per­cent. Then some­thing hap­pened. Over the past two decades, that num­ber has dropped to less than 50 per­cent, the sharpest recorded de­cline in American his­tory. Meanwhile, the “nones”—atheists, ag­nos­tics, and those claim­ing no re­li­gion—have grown rapidly and to­day rep­re­sent a quar­ter of the pop­u­la­tion.

But if sec­u­lar­ists hoped that de­clin­ing re­li­gios­ity would make for more ra­tio­nal pol­i­tics, drained of faith’s in­flam­ing pas­sions, they are likely dis­ap­pointed. As Christianity’s hold, in par­tic­u­lar, has weak­ened, ide­o­log­i­cal in­ten­sity and frag­men­ta­tion have risen. American faith, it turns out, is as fer­vent as ever; it’s just that what was once re­li­gious be­lief has now been chan­neled into po­lit­i­cal be­lief. Political de­bates over what America is sup­posed to mean have taken on the char­ac­ter of the­o­log­i­cal dis­pu­ta­tions. This is what re­li­gion with­out re­li­gion looks like.

Not so long ago, I could com­fort American au­di­ences with a con­trast: Whereas in the Middle East, pol­i­tics is war by other means—and some­times is lit­eral war—pol­i­tics in America was less ex­is­ten­tially fraught. During the Arab Spring, in coun­tries like Egypt and Tunisia, de­bates weren’t about health care or taxes—they were, with some­times fright­en­ing in­ten­sity, about foun­da­tional ques­tions: What does it mean to be a na­tion? What is the pur­pose of the state? What is the role of re­li­gion in pub­lic life? American pol­i­tics in the Obama years had its mo­ments of fer­ment—the Tea Party and tan suits—but was still rel­a­tively bor­ing.

We did­n’t re­al­ize how lucky we were. Since the end of the Obama era, de­bates over what it means to be American have be­come suf­fused with a fer­vor that would be unimag­in­able in de­bates over, say, Belgian-ness or the “meaning” of Sweden. It’s rare to hear some­one ac­cused of be­ing un-Swedish or un-British—but un-Amer­i­can is a com­mon slur, slung by both left and right against the other. Being called un-Amer­i­can is like be­ing called “un-Christian” or “un-Islamic,” a charge akin to heresy.

From the October 2018 is­sue: The Constitution is threat­ened by trib­al­ism

This is be­cause America it­self is “almost a re­li­gion,” as the Catholic philoso­pher Michael Novak once put it, par­tic­u­larly for im­mi­grants who come to their new iden­tity with the zeal of the con­verted. The American civic re­li­gion has its own found­ing myth, its prophets and pro­ces­sions, as well as its scrip­ture—the Declaration of Independence, the Constitution, and The Federalist Papers. In his fa­mous “I Have a Dream” speech, Martin Luther King Jr. wished that “one day this na­tion will rise up and live out the true mean­ing of its creed.” The very idea that a na­tion might have a creed—a word as­so­ci­ated pri­mar­ily with re­li­gion—il­lus­trates the unique­ness of American iden­tity as well as its predica­ment.

The no­tion that all deeply felt con­vic­tion is sub­li­mated re­li­gion is not new. Abraham Kuyper, a the­olo­gian who served as the prime min­is­ter of the Netherlands at the dawn of the 20th cen­tury, when the na­tion was in the early throes of sec­u­lar­iza­tion, ar­gued that all strongly held ide­olo­gies were ef­fec­tively faith-based, and that no hu­man be­ing could sur­vive long with­out some ul­ti­mate loy­alty. If that loy­alty did­n’t de­rive from tra­di­tional re­li­gion, it would find ex­pres­sion through sec­u­lar com­mit­ments, such as na­tion­al­ism, so­cial­ism, or lib­er­al­ism. The po­lit­i­cal the­o­rist Samuel Goldman calls this “the law of the con­ser­va­tion of re­li­gion”: In any given so­ci­ety, there is a rel­a­tively con­stant and fi­nite sup­ply of re­li­gious con­vic­tion. What varies is how and where it is ex­pressed.

No longer ex­plic­itly rooted in white, Protestant dom­i­nance, un­der­stand­ings of the American creed have be­come richer and more di­verse—but also more frac­tious. As the creed frag­ments, each side seeks to ex­ert ex­clu­sivist claims over the other. Conservatives be­lieve that they are faith­ful to the American idea and that lib­er­als are be­tray­ing it—but lib­er­als be­lieve, with equal cer­ti­tude, that they are faith­ful to the American idea and that con­ser­v­a­tives are be­tray­ing it. Without the com­mon ground pro­duced by a shared ex­ter­nal en­emy, as America had dur­ing the Cold War and briefly af­ter the September 11 at­tacks, mu­tual an­tipa­thy grows, and each side be­comes less in­tel­li­gi­ble to the other. Too of­ten, the most bit­ter di­vides are those within fam­i­lies.

No won­der the newly as­cen­dant American ide­olo­gies, hav­ing to fill the vac­uum where re­li­gion once was, are so di­vi­sive. They are meant to be di­vi­sive. On the left, the “woke” take re­li­gious no­tions such as orig­i­nal sin, atone­ment, rit­ual, and ex­com­mu­ni­ca­tion and re­pur­pose them for sec­u­lar ends. Adherents of wokeism see them­selves as chal­leng­ing the long-dom­i­nant nar­ra­tive that em­pha­sized the ex­cep­tion­al­ism of the na­tion’s found­ing. Whereas re­li­gion sees the promised land as be­ing above, in God’s king­dom, the utopian left sees it as be­ing ahead, in the re­al­iza­tion of a just so­ci­ety here on Earth. After Supreme Court Justice Ruth Bader Ginsburg died in September, droves of mourn­ers gath­ered out­side the Supreme Court—some kneel­ing, some hold­ing can­dles—as though they were at the Western Wall.

On the right, ad­her­ents of a Trump-centric ethno-na­tion­al­ism still drape them­selves in some of the trap­pings of or­ga­nized re­li­gion, but the re­sult is a move­ment that of­ten looks like a tent re­vival stripped of Christian wit­ness. Donald Trump’s bois­ter­ous ral­lies were more fo­cused on blood and soil than on the son of God. Trump him­self played both sav­ior and mar­tyr, and it is easy to mar­vel at the hold that a man so im­per­fect can have on his sol­diers. Many on the right find so­lace in con­spir­acy cults, such as QAnon, that tell a re­li­gious story of earthly cor­rup­tion re­deemed by a god­like force.

From the June 2020 is­sue: Adrienne LaFrance on the prophe­cies of Q

Though the United States was­n’t founded as a Christian na­tion, Christianity was al­ways in­ter­twined with America’s self-de­f­i­n­i­tion. Without it, Americans—conservatives and lib­er­als alike—no longer have a com­mon cul­ture upon which to fall back.

Unfortunately, the var­i­ous strains of wokeism on the left and Trumpism on the right can­not truly fill the spir­i­tual void—what the jour­nal­ist Murtaza Hussain calls America’s “God-shaped hole.” Religion, in part, is about dis­tanc­ing your­self from the tem­po­ral world, with all its im­per­fec­tion. At its best, re­li­gion con­fers re­lief by with­hold­ing fi­nal judg­ments un­til an­other time—per­haps un­til eter­nity. The new sec­u­lar re­li­gions un­leash dis­sat­is­fac­tion not to­ward the pos­si­bil­i­ties of di­vine grace or jus­tice but to­ward one’s fel­low cit­i­zens, who be­come em­bod­i­ments of sin—“de­plorables” or “enemies of the state.”

This is the dan­ger in trans­form­ing mun­dane po­lit­i­cal de­bates into meta­phys­i­cal ques­tions. Political ques­tions are not meta­phys­i­cal; they are of this world and this world alone. “Some days are for deal­ing with your in­sur­ance doc­u­ments or fight­ing in the mud with your po­lit­i­cal op­po­nents,” the po­lit­i­cal philoso­pher Samuel Kimbriel re­cently told me, “but there are also days for solem­nity, or fast­ing, or wor­ship, or feast­ing—things that re­mind us that the world is big­ger than it­self.”

Absent some new re­li­gious awak­en­ing, what are we left with? One al­ter­na­tive to American in­ten­sity would be a world-weary European res­ig­na­tion. Violence has a way of tam­ing pas­sions, at least as long as it re­mains in ac­tive mem­ory. In Europe, the ter­rors of the Second World War are not far away. But Americans must go back to the Civil War for vi­o­lence of com­pa­ra­ble scale—and for most Americans, the vi­o­lence of the Civil War bol­sters, rather than un­der­mines, the na­tional myth of per­pet­ual progress. The war was re­demp­tive—it led to a place of promise, a place where slav­ery could be abol­ished and the na­tion made whole again. This, at least, is the nar­ra­tive that makes the myth pos­si­ble to sus­tain.

For bet­ter and worse, the United States re­ally is nearly one of a kind. France may be the only coun­try other than the United States that be­lieves it­self to be based on a uni­fy­ing ide­ol­ogy that is both unique and uni­ver­sal—and avowedly sec­u­lar. The French con­cept of laïc­ité re­quires re­li­gious con­ser­v­a­tives to priv­i­lege be­ing French over their re­li­gious com­mit­ments when the two are at odds. With the rise of the far right and per­sis­tent ten­sions re­gard­ing Islam’s pres­ence in pub­lic life, the mean­ing of laïc­ité has be­come more con­tro­ver­sial. But most French peo­ple still hold firm to their coun­try’s found­ing ide­ol­ogy: More than 80 per­cent fa­vor ban­ning re­li­gious dis­plays in pub­lic, ac­cord­ing to one re­cent poll.

In democ­ra­cies with­out a pro­nounced ide­o­log­i­cal bent, which is most of them, na­tion­hood must in­stead rely on a shared sense of be­ing a dis­tinct peo­ple, forged over cen­turies. It can be hard for out­siders and im­mi­grants to em­brace a na­tional iden­tity steeped in eth­nic­ity and his­tory when it was never theirs.

Take post­war Germany. Germanness is con­sid­ered a mere fact—an ac­ci­dent of birth rather than an as­pi­ra­tion. And be­cause shame over the Holocaust is con­sid­ered a na­tional virtue, the coun­try has at once a strong na­tional iden­tity and a weak one. There is pride in not be­ing proud. So what would it mean for, say, Muslim im­mi­grants to love a German lan­guage and cul­ture tied to a his­tory that is not theirs—and in­deed a his­tory that many Germans them­selves hope to leave be­hind?

An American who moves to Germany, lives there for years, and learns the lan­guage re­mains an American—an “expat.” If America is a civil re­li­gion, it would make sense that it stays with you, un­less you re­nounce it. As Jeff Gedmin, the for­mer head of the Aspen Institute in Berlin, de­scribed it to me: “You can eat strudel, speak flu­ent German, adapt to lo­cal cul­ture, but many will still say of you Er hat einen deutschen Pass—‘He has a German pass­port.’ No one starts call­ing you German.” Many na­tive-born Americans may live abroad for stretches, but few em­i­grate per­ma­nently. Immigrants to America tend to be­come American; em­i­grants to other coun­tries from America tend to stay American.

The last time I came back to the United States af­ter be­ing abroad, the cus­toms of­fi­cer at Dulles air­port, in Virginia, glanced at my pass­port, looked at me, and said, “Welcome home.” For my cus­toms of­fi­cer, it went with­out say­ing that the United States was my home.

In In the Light of What We Know, a novel by the British Bangladeshi au­thor Zia Haider Rahman, the pro­tag­o­nist, an enig­matic and trou­bled British cit­i­zen named Zafar, is en­vi­ous of the nar­ra­tor, who is American. “If an im­mi­gra­tion of­fi­cer at Heathrow had ever said ‘Welcome home’ to me,” Zafar says, “I would have given my life for England, for my coun­try, there and then. I could kill for an England like that.” The nar­ra­tor re­flects later that this was “a bit­ter plea”:

When Americans have ex­pressed dis­gust with their coun­try, they have tended to frame it as ful­fill­ment of a pa­tri­otic duty rather than its nega­tion. As James Baldwin, the rare American who did leave for good, put it: “I love America more than any other coun­try in the world, and, ex­actly for this rea­son, I in­sist on the right to crit­i­cize her per­pet­u­ally.” Americans who dis­like America seem to dis­like leav­ing it even more (witness all those lib­er­als not leav­ing the coun­try every time a Republican wins the pres­i­dency, de­spite their promises to do so). And Americans who do leave still find a way, like Baldwin, to love it. This is the good news of America’s creedal na­ture, and may pro­vide at least some hope for the fu­ture. But is love enough?

Conflicting nar­ra­tives are more likely to co­ex­ist un­easily than to re­solve them­selves; the threat of dis­in­te­gra­tion will al­ways lurk nearby.

On January 6, the threat be­came all too real when in­sur­rec­tionary vi­o­lence came to the Capitol. What was once in the realm of “dreampolitik” now had phys­i­cal force. What can “unity” pos­si­bly mean af­ter that?

Can re­li­gios­ity be ef­fec­tively chan­neled into po­lit­i­cal be­lief with­out the struc­tures of ac­tual re­li­gion to tem­per and post­pone judg­ment? There is lit­tle sign, so far, that it can. If mat­ters of good and evil are not to be re­solved by an om­ni­scient God in the fu­ture, then Americans will judge and ren­der pun­ish­ment now. We are a na­tion of be­liev­ers. If only Americans could be­gin be­liev­ing in pol­i­tics less fer­vently, re­al­iz­ing in­stead that life is else­where. But this would come at a cost—be­cause to be­lieve in pol­i­tics also means be­liev­ing we can, and prob­a­bly should, be bet­ter.

In History Has Begun, the au­thor, Bruno Maçães—Portugal’s for­mer Europe min­is­ter—mar­vels that “perhaps alone among all con­tem­po­rary civ­i­liza­tions, America re­gards re­al­ity as an en­emy to be de­feated.” This can ob­vi­ously be a bad thing (consider our in­ef­fec­tual fight against the coro­n­avirus), but it can also be an en­gine of re­ju­ve­na­tion and cre­ativ­ity; it may not al­ways be a good idea to ac­cept the world as it is. Fantasy, like be­lief, is some­thing that hu­mans de­sire and need. A dis­tinc­tive American in­no­va­tion is to in­sist on be­liev­ing even as our fan­tasies and dreams drift fur­ther out of reach.

This may mean that the United States will re­main unique, torn be­tween this world and the al­ter­na­tive worlds that sec­u­lar and re­li­gious Americans alike seem to long for. If America is a creed, then as long as enough cit­i­zens say they be­lieve, the civic faith can sur­vive. Like all other faiths, America’s will con­tinue to frag­ment and di­vide. Still, the American creed re­mains worth be­liev­ing in, and that may be enough. If it is­n’t, then the only hope might be to get down on our knees and pray.

In 2019, fac­ing down ex­ten­sive in­ves­ti­ga­tions by The Wall Street Journal and The New York Times that showed Apple’s App Store clearly and con­sis­tently rank­ing its own apps ahead of com­peti­tors, Apple claimed it had done noth­ing wrong — a se­cret al­go­rithm con­tain­ing 42 dif­fer­ent vari­ables was work­ing as in­tended, top ex­ec­u­tives told the Times, in­sist­ing that Apple does­n’t man­u­ally al­ter search re­sults.

Why do I bring this up? An in­trigu­ing email chain has sur­faced dur­ing the Epic v. Apple trial where it sure looks like Apple did the ex­act op­po­site — seem­ingly ad­mit­ting it man­u­ally boosted the rank­ing of its own Files app ahead of the com­pe­ti­tion for 11 en­tire months.

“We are re­mov­ing the man­ual boost and the search re­sults should be more rel­e­vant now,” wrote Apple app search lead Debankur Naskar, af­ter the com­pany was con­fronted by Epic Games CEO Tim Sweeney over Apple’s Files app show­ing up first when search­ing for Dropbox. “Dropbox was­n’t even vis­i­ble on the first page [of search re­sults],” Sweeney wrote. You can read the whole email chain em­bed­ded a lit­tle ways be­low.

As you’ll see, Naskar sug­gested that Files had been in­ten­tion­ally boosted for that ex­act search re­sult dur­ing the “last WWDC.” That would have been WWDC 2017, nearly a year ear­lier, when the Files apps first de­buted.

The email chain ac­tu­ally re­flects fairly well on Apple over­all. Apple’s Matt Fischer (VP of the App Store) clearly ob­jects to the idea at first. “[W]ho green lit putting the Files app above Dropbox in or­ganic search re­sults? I did­n’t know we did that, and I don’t think we should,” he says. But he does end the con­ver­sa­tion with “In the fu­ture, I want any sim­i­lar re­quests to come to me for re­view/​ap­proval,” sug­gest­ing that he’s not en­tirely rul­ing out man­ual over­rides.

But Apple tells The Verge that what we think we’re see­ing in these emails is­n’t quite ac­cu­rate. While Apple did­n’t chal­lenge the idea that Files was un­fairly ranked over Dropbox, the com­pany says the re­al­ity was a sim­ple mis­take: the Files app had a Dropbox in­te­gra­tion, so Apple put “Dropbox” into the ap­p’s meta­data, and it was au­to­mat­i­cally ranked higher for “Dropbox” searches as a re­sult.

I’m slightly skep­ti­cal of that ex­pla­na­tion — par­tially be­cause it does­n’t line up with what Naskar sug­gests in the email, par­tially be­cause Apple also told me it im­me­di­ately fixed the er­ror (despite it ap­par­ently con­tin­u­ing to ex­ist for 11 months, hardly im­me­di­ate), and par­tially be­cause the com­pany re­peat­edly ig­nored my ques­tions about whether this has ever hap­pened with other apps be­fore.

The most Apple would tell me is that it did­n’t man­u­ally boost Files over com­peti­tors, and that “we do not ad­van­tage our apps over those of any de­vel­oper or com­peti­tor” as a gen­eral rule.

But hon­estly, it may not mat­ter whether Apple man­u­ally boosted its own apps or not. What mat­ters is the re­sult: for 11 months, Apple’s new Files app owned ex­act searches for its com­peti­tor Dropbox, a com­pany Steve Jobs re­port­edly swore he would kill off, and it took the CEO of a promi­nent Apple part­ner email­ing the com­pany be­fore Apple did some­thing about it. And based on The Wall Street Journal’s in­ves­ti­ga­tion, Apple may not have done much: the Files app still ranked #1 in the App Store for cloud stor­age in June 2018, a month af­ter this email chain was re­solved, ac­cord­ing to an in­fo­graphic that ac­com­pa­nied the WSJ story.

Besides, the dis­tinc­tion be­tween a “manual” boost and any other kind of boost may be purely aca­d­e­mic. Algorithms are writ­ten by peo­ple, af­ter all. If Apple can build a 42-factor al­go­rithm that gives its own apps fa­vor­able re­sults, why would it need to over­ride that al­go­rithm and risk its emails get­ting caught up in a law­suit years from now?

It could just tweak that al­go­rithm at will — which is ex­actly what it did to re­solve the WSJ and NYT’s scrutiny two years ago. It only took a sin­gle en­gi­neer to change the al­go­rithm in July 2019, ac­cord­ing to the Times, and Apple’s own apps im­me­di­ately fell in App Store rank­ings. But that time, ex­ec­u­tives said the pre­vi­ous for­mula was­n’t a mis­take. Apple sim­ply wanted to make it look less like its own apps were get­ting spe­cial treat­ment. So it “improved” the al­go­rithm to achieve the new re­sult it wanted.

We cre­ated the App Store to be a safe and trusted place for cus­tomers to dis­cover and down­load apps, and a great busi­ness op­por­tu­nity for all de­vel­op­ers. App Store Search has only one goal — to get cus­tomers what they are look­ing for. We do that in a way that is fair to all de­vel­op­ers and we do not ad­van­tage our apps over those of any de­vel­oper or com­peti­tor. Today, de­vel­op­ers have many op­tions for dis­trib­ut­ing their apps and that’s why we work hard to make it easy, fair and a great op­por­tu­nity for them to de­velop apps for our cus­tomers around the world.

The System Is DownHow To Win At Risk By Using Systems ThinkingSystems Thinking gives you an ad­van­tage in al­most every area of life - even the game of Risk. Systems think­ing is a way of view­ing com­pli­cated net­works in re­al­ity in terms of the re­la­tion­ships be­tween the parts and the whole. It is about think­ing holis­ti­cally about such re­la­tion­ships so as to (1) truly un­der­stand how they work and (2) change them for the bet­ter. The best strate­gies in life (and in games) come from sys­tems think­ing. This is the case be­cause things are far more com­pli­cated than they seem at first glance and it takes care­ful at­ten­tion to come to know them. Systems think­ing of­fers names and cat­e­gories for un­der­stand­ing the com­plex­ity of re­al­ity—and you can’t re­ally know any­thing with­out first giv­ing it a name. Before we ap­ply the power of sys­tems think­ing to the game of Risk, let’s take a crash course in sys­tems think­ing first. Note: I’m as­sum­ing you know the rules of the game of Risk, but if not, read the rules of Risk here.The Simplest Example of a System: A BathtubYou might not think of a bath­tub as a sys­tem, but it is. You fill the tub to the de­sired level and tem­per­a­ture, con­stantly ad­just­ing the faucet in re­sponse to the feed­back you are get­ting from the tem­per­a­ture of the wa­ter and the cur­rent amount of wa­ter in the tub. Then, when your goal is met, you take your bath and then let the wa­ter out—a com­plete sys­tem. Granted, a bath­tub is a very sim­ple sys­tem, but it serves as an in­tro­duc­tion to the dis­ci­pline of sys­tems think­ing. If you want to go deeper, read Donella Meadow’s Thinking in Systems. It is bril­liant. Let’s dig into the bath­tub ex­am­ple a bit more and use it to ex­am­ine the dis­crete parts of a sys­tem.Every System Is Made of These PartsStocks: Stocks are the col­lec­tion of re­sources or in­puts into a sys­tem. In a bath­tub, the stock is the amount of wa­ter in the tub.Flows: Flows are move­ments be­tween stocks. A bath­tub has two flows, the faucet let­ting wa­ter into the drain let­ting wa­ter out of the tub. The amount of wa­ter in the stock of the tub is the re­sult of the in­ter­ac­tion be­tween the in-flow (the faucet) and the out-flow (the drain).Re­in­forc­ing Feedback: Change in sys­tems hap­pen in loops, not lines. These loops take the form of feed­back forces that in­ter­act with the stocks and flows. Reinforcing feed­back, also known as “growth force,” hap­pens when the stocks in a sys­tem are in­creas­ing. In the bath­tub ex­am­ple, the growth force is the wa­ter com­ing out of the faucet, in­creas­ing the stock of wa­ter in the tub. Limiting Factor: Systems col­lapse if the growth force is al­lowed to run unchecked. At a cer­tain point, the sys­tem hits a lim­it­ing fac­tor. In the bath­tub ex­am­ple, the lim­it­ing fac­tor is the de­sired level of wa­ter in the tub. You can al­ways spot the lim­it­ing fac­tors in a sys­tem by look­ing at the (1) car­ry­ing ca­pac­i­ties of the stocks or (2) the goals of the play­ers in the sys­tem. Balancing Feedback: Balancing feed­back, or “balance force,” kicks as the sys­tem ap­proaches one of its lim­it­ing fac­tors. In a bath­tub, as the amount of wa­ter in the tub ap­proaches the de­sired wa­ter level, the per­son fill­ing the tub reaches out and turns the faucet off. Suddenly, the sys­tem is bal­anced. Anywhere there is a goal, for ex­am­ple, the de­sired wa­ter level in a bath, you’ll find forces at work that are try­ing to achieve that goal by bal­anc­ing the sys­tem.Equi­lib­rium: When a sys­tem is bal­anced, it reaches equi­lib­rium. There are two types of equi­lib­rium: sta­tic and dy­namic. In the tub ex­am­ple, if the faucet is off and the drain is plugged, sta­tic equi­lib­rium has been reached since no flows (in-flow or out-flow) is com­ing off the stock. Dynamic equi­lib­rium is reached when the to­tal flows into and out of a stock con­tinue, but are equal, as would be the case if the wa­ter in a tub was fill­ing at the same rate it was drain­ing. Leverage: Systems are hard to change be­cause bal­anc­ing feed­back does such a good job of re­turn­ing the sys­tem to equi­lib­rium. Leverage refers to the forces that are ap­plied to a sys­tem in an at­tempt to change it, but, as you will see be­low, not all levers are cre­ated equal, nor equally ef­fec­tive. In fact, pulling on some levers only makes the sleep­ing drag­ons of bal­anc­ing feed­back wake up and lock down the sys­tem. However, savvy sys­tems thinkers are able to find the lever­age points in a sys­tem that can change it so dra­mat­i­cally that a new bal­ance is reached—per­haps tipped in your fa­vor.But what does all this have to do with Winning At Risk?A lot, as it turns out. The magic starts to hap­pen when you do two things:Map the parts of Risk onto the parts of a sys­tem.An­a­lyze the sys­tem of Risk to find the best strat­egy ac­cord­ing to the rules of sys­tems think­ing. Here we go.Step One: Map the Parts of Risk onto the Parts of a SystemStocks: In the game of Risk, your stocks are the num­ber of armies in your coun­tries, the num­ber of coun­tries un­der your com­mand, and the num­ber of con­ti­nents you con­trol.Flows: The in-flow in the game of Risk are the num­ber of new armies you get each turn. The out-flow is the num­ber of armies you lose in bat­tle each round.Re­in­forc­ing Feedback: There is a strong growth force at play in the game of Risk since the num­ber of ex­tra armies you get is tied to the num­ber of coun­tries and con­ti­nents you con­trol. So the stronger your armies be­come, the faster they be­come stronger. If left unchecked, this would quickly be­come an ex­po­nen­tially re­in­forc­ing loop that would re­sult in the strongest player quickly tak­ing over the game. Balancing Feedback: But, un­like re­al­ity, a good game would never let that hap­pen. If you push the sys­tem in the wrong way, the sys­tem al­ways pushes back. In Risk, the wrong way to push the sys­tem is to try to ride the re­in­forc­ing feed­back all the way to vic­tory, get­ting more and more con­ti­nents un­til you win. However, re­in­forc­ing feed­back al­ways trig­gers bal­anc­ing feed­back to kick in and keep the strong player in check. In fact, the stronger any sin­gle player gets, the stronger the bal­anc­ing feed­back ar­rayed against them be­comes. In Risk, the main bal­anc­ing feed­back is the op­po­si­tion the strongest player en­coun­ters from all the other play­ers. That is why it is such a ter­ri­ble idea to grab a con­ti­nent too early; it awak­ens the bal­anc­ing feed­back be­fore you are too strong to re­pel it. (Taking Australia is an ex­cep­tion to this. For some rea­son, every­one ex­pects Australia to get taken in the first two turns and thus the bal­anc­ing feed­back of the other play­er’s fear is­n’t awak­ened. This ex­cep­tion is prob­a­bly ex­plained by the fact that you only get two bonus armies from keep­ing Australia. The small num­ber lulls play­ers into feel­ing that it is safe to al­low the player who con­trols Australia to keep con­trol of it.)Lim­it­ing Factor: Because the bal­anc­ing feed­back is awak­ened by the per­ceived ad­van­tage any one player has (or is about to have) over the other play­ers, the clear­est lim­it­ing fac­tor is al­most al­ways tak­ing a con­ti­nent. Remember, the lim­it­ing fac­tors are trig­gers that the sys­tem deems dan­ger­ous enough to de­ploy bal­anc­ing forces against. Because of this, tak­ing a con­ti­nent can be a bad strat­egy even though it promises to in­crease the flow of armies into your stocks. If the other play­ers unite to op­pose you, the re­sult will be a di­min­ish­ment of your stock of armies.Equi­lib­rium: In Risk, equi­lib­rium sets a cap on how strong any one player is al­lowed to be­come. If you want to win, you have to wait un­til the equi­lib­rium has risen high enough to al­low you to have large enough armies for quick, dev­as­tat­ing strikes. The more un­ex­pected those strikes are, the more suc­cess­ful they will be. People only tend to de­fend against their im­me­di­ate neigh­bors, so they will not be wor­ry­ing about your coun­try with 30 armies be­cause it is all the way across the board, when the re­al­ity is that (depending on what stage the game is in) a coun­try with 30 armies can usu­ally find a path to go wher­ever it wants, leav­ing a trail of death in its wake. Now that we have mapped the parts, lets try to fig­ure out what to do with them.In Risk, “the game of global dom­i­na­tion,” the goal is pretty clear: take over the world. Determining the goal of a sys­tem won’t al­ways be this easy, but this time it’s a gimme. Let’s press on.Step Three: Start with the Goal and Strategize Backward.Starting with the goal of global dom­i­na­tion, let’s walk back­ward and see if we can find our way into a vi­able strat­egy that will let us reach the goal. I’ll write it as a log­i­cal chain of If/then state­ments.If the goal is global dom­i­na­tion, then you need to make sure you have greater strength in armies than any other player.If you need to have more armies than any other player, then you should do every­thing you can to (1) in­crease the rate at which you gain armies and (2) avoid los­ing the armies you re­ceive.[We’ll cover the best way to in­crease the rate at which you gain armies be­low, so let’s fo­cus on the sec­ond one here.] If you need to avoid los­ing the armies you re­ceive, then you need to avoid bat­tles, specif­i­cally, you need to re­duce the num­ber of times you roll the dice as much as pos­si­ble. And there it is, one half of the win­ning strat­egy: Roll the dice as lit­tle as pos­si­ble. You can’t lose armies that never fight.But how do you ac­com­plish this? Just do these things:Con­sol­i­date most of your armies on a hand­ful of ad­ja­cent coun­tries that are strong enough that no one wants to at­tack them. Keep the num­ber of armies in the rest of your coun­tries low. This makes you con­tinue to look weak, re­duces the num­ber of armies you might lose if an­other player takes that coun­try from you, and makes your op­po­nents di­vide their forces if they want to move into one of your weak coun­tries. Initiate as few at­tacks as pos­si­ble. When you do ini­ti­ate an at­tack, make sure you have an over­whelm­ing ad­van­tage. Better yet, don’t at­tack at all. Remember, you are try­ing to avoid hav­ing to roll the di­ceIf you have to at­tack, do so only from a place of great ad­van­tage. Nothing wastes more armies than long, drawn-out bat­tles be­tween coun­tries with many armies on them. If you only en­gage in short bat­tles when­ever pos­si­ble, you will roll the dice fewer times.Let your en­e­mies break up each oth­er’s con­ti­nents, not you. If you can get peo­ple to fight among them­selves by not be­ing the one to en­force the bal­anc­ing feed­back (i.e. at­tack some­one to break up their con­trol of a con­ti­nent), some­one else will have to do it. Just wait. Don’t be the global po­lice, let your op­po­nents do the dirty work. Take only one coun­try per turn. Again, let your en­e­mies kill one an­oth­er’s armies as they squab­ble for ter­ri­tory. They are do­ing your work for you. Your job is to grow stronger, not to win bat­tles. Growing stronger slowly lets you keep a strong core of armies in a clus­ter of key coun­tries with­out arous­ing the other play­er’s worry. “But,” you might be ask­ing, “If I only take one coun­try per turn, how will I ever win the game?” Keep read­ing.Step Four: Find Leverage that will Avoid Awakening Balancing FeedbackThere are three ways to get more armies in the game of Risk:Of these three, con­trol­ling con­ti­nents is the surest way to awaken bal­anc­ing forces in the game that will op­pose you on your path to global dom­i­na­tion. That means if you can grow the size of your armies with­out tak­ing a con­ti­nent, you gain lever­age that can change the whole game. The first two are “safe.” Most of the time, only tak­ing con­ti­nents way awak­ens the drag­ons of bal­anc­ing feed­back.To get this lever­age, you have to do two things:Find a way to grow in strength by tak­ing lots of coun­tries (but not tak­ing a whole con­ti­nent). There is only one area of the board that will let you do this, luck­ily, it is also the part of the board that no one wants: Asia. Even though you get seven bonus armies for con­trol­ling Asia, most play­ers don’t pur­sue it be­cause it is so hard to hold. That means that it can only be suc­cess­fully con­trolled in the fi­nal stages of the game. Thus, in the early stages, it can be your play­ground. There are enough coun­tries in Asia to al­low your in-flow of armies to con­tinue to rise as the game pro­gresses with­out trig­ger­ing bal­anc­ing feed­back.Make sure you get lots of cards for bonus armies. The best way to do this is just to take one coun­try every turn. This will al­low you to keep get­ting cards with­out spread­ing your forces too thin. When you get enough cards to get bonus armies, you can (if the tim­ing is right), move on to Step Five.Step Five: Increase Your Stock of Armies Until You Can Make a Fast, Devastating AttackTo re­view, the strat­egy up to this point con­sists of (1) wait­ing, (2) not spread­ing your­self too thin, (3) tak­ing one coun­try per turn (4) con­sol­i­dat­ing your armies on a few, very strong coun­tries, and (5) en­abling your op­po­nents to tar­get one an­other. This strat­egy is a slow burn in the early parts of the game, but there comes a time when you need to go on the warpath. If you suc­ceed in lay­ing low and not get­ting in too many bat­tles, you should be able to build up a good num­ber of armies in at least one coun­try (especially with card bonuses). If you play this strat­egy well, you might end up with even three or four times the num­ber of armies in the av­er­age coun­try on the board (in fact, this should be a goal). When you reach that level, you have some de­ci­sions to make. Should you go on the of­fen­sive. Is it time to take over an en­tire con­ti­nent in one fell swoop? Maybe. Is it time to com­pletely an­ni­hi­late one of your op­po­nents from the board, tak­ing their un­spent cards in the process? Perhaps. Is it time to split your force in half, us­ing one half as a beach­head to hold ter­ri­tory in an­other part of the board? Possibly. It is up to you and will de­pend on the cur­rent sit­u­a­tion on the game board.The im­por­tant thing is to make a choice that will set you up well in the fu­ture, but not too well. Even af­ter you make this big move, you are go­ing to want to con­tinue to avoid be­com­ing the ob­ject of bal­anc­ing feed­back, which means the mis­sion is still to strengthen your own po­si­tion with­out be­ing per­ceived as the top player. Sometimes this will mean not tak­ing a whole con­ti­nent. In this case, us­ing your big of­fen­sive push to just weaken key op­po­nents can be a good strat­egy. You’re go­ing to have to use your judg­ment.The key thing to re­mem­ber here is that when you reach this stage in the strat­egy, the strat­egy is­n’t over. Just go back to step one and keep it go­ing. Rinse, con­quer, re­peat.Step Six: Don’t Forget All This Other StuffPlay the Players Too: The other play­ers are part of the sys­tem of the game too. If you are go­ing to have a hope of win­ning, you have to beat the oth­ers at play­ing the “player-level” of the game. The strat­egy of avoid­ing tak­ing con­ti­nents will serve you well in the player-level of the game be­cause it sets you on a course of wait­ing at the back of the pack and draft­ing off of your op­po­nen­t’s poor choices. The play­ers at the bot­tom are al­ways on the same team, or, at least, that is the men­tal­ity you should en­cour­age every chance you get.Lose Fewer Armies Than Your Opponents: This may sound self-ex­plana­tory, but there are two ways to have more armies than your op­po­nents: to gain them faster (in-flow) or to lose them more slowly (out-flow). Most peo­ple pour all their at­ten­tion into get­ting more in-flow than every­one else (more re­in­force­ments per turn), but there is a com­pet­i­tive ad­van­tage to be found if you ded­i­cate your­self in­stead to get­ting more armies than your op­po­nents by not los­ing the ones you get. If you fol­low the rest of this strat­egy, the ef­fects of your con­ser­v­a­tive play should be com­pounded as you al­low and en­cour­age your op­po­nents to hack away at each other and leave you alone. Find the lim­it­ing fac­tors. Limiting fac­tors will show them­selves as the sys­tem be­gins to try to main­tain equi­lib­rium, but you have to learn how to rec­og­nize them when they do. Some of those lim­it­ing fac­tors will orig­i­nate on the player-level of the game. When you hear peo­ple say things like, “If some­one does­n’t take that coun­try away from Sam, he is go­ing to run away with this game” it means Sam has hit a lim­it­ing fac­tor on the so­cial level of the game. Fan those sparks into flames. This is bal­anc­ing feed­back wait­ing to be trig­gered. Helping other play­ers be­come the ob­ject of bal­anc­ing feed­back is a big part of this strat­egy.Use the Threat of Your Strength to Control the Game. As you get stronger, specif­i­cally, as you have one coun­try with a large num­ber of armies on it, you can be­gin to ex­ert an in­flu­ence on the so­cial level of the game. The other play­ers will be­gin to won­der what you are go­ing to do with all that strength once you go on the warpath. Use that ques­tion in their minds to bend events in your fa­vor. Make an al­liance. Leak your plans to key al­lies. Work to­gether with them to be a part of the bal­anc­ing feed­back di­rected against the top player(s).Know What Stage You’re In. Risk has stages. Things that are pos­si­ble in the early stages are not pos­si­ble in later ones, and vice versa. To suc­ceed, you have to read the stage of the sys­tem and make your moves ac­cord­ingly. Early stages will largely be about jock­ey­ing for po­si­tion on the map, stak­ing out ter­ri­tory, claim­ing a con­ti­nent, and en­coun­ter­ing light re­sis­tance from the other play­ers. The mid­dle stage will be about con­sol­i­dat­ing your first con­ti­nent (unless you are us­ing this bril­liant strat­egy) and fend­ing off the har­ry­ing at­tacks by peo­ple who don’t want you to con­trol that con­ti­nent. By the late stage of the game, a few play­ers may have been elim­i­nated, each player is en­trenched in a cor­ner of the board, and they are try­ing to build enough strength to take out their fel­low play­ers one by one. Watch Out For The Death Spiral: The Death Spiral is an­other kind of re­in­forc­ing feed­back at play in the mid­dle and late stages of the game. This hap­pens when one player be­comes too weak to fend off the other play­ers and the stronger play­ers try to com­pletely elim­i­nate them from the game, thus tak­ing their un­used cards and get­ting a huge bonus for them­selves. Don’t let this hap­pen to you! If it does, re­vert to the player-level of the game and try to awaken the bal­anc­ing feed­back in­her­ent in the pity of your fel­low play­ers. Also, if you are in dan­ger of be­com­ing the vic­tim of the Death Spiral, don’t hoard cards—use them as soon as you can so you don’t tempt your op­po­nents to come and take them. Lastly, if you are one of the strong play­ers, you can use the Death Spiral to your ad­van­tage by keep­ing weak en­emy-con­trolled coun­tries near your strong coun­tries. If one of your fel­low play­ers is about to be knocked out of the game, just make sure their last coun­try is within your range of at­tack, then grab it and the bonus cards that come with it. TopNewCommunityWhat is The System Is Down?About

A boat­man waits for the fog to lift on the Thames, London. November 1931. Photo by Topical Press/GettyHow to think clearlyBy learn­ing to ques­tion and clar­ify your thoughts, you’ll im­prove your self-knowl­edge and be­come a bet­ter com­mu­ni­ca­torA boat­man waits for the fog to lift on the Thames, London. November 1931. Photo by Topical Press/Gettyis an au­thor and tech philoso­pher, with a spe­cial in­ter­est in crit­i­cal think­ing. His most re­cent book is How to Think (2021). He lives in Kent, UK. Need to know­Think it through­Need to know­Some­times, when I’m grap­pling with a tricky topic, I pre­tend that I need to ex­plain it to a child. For ex­am­ple, here is my at­tempt at ex­plain­ing the pur­pose of this Guide to a no­tional nine-year-old:

I want to help peo­ple work out what they re­ally think and mean, and then to share the re­sults with other peo­ple. This is sur­pris­ingly hard. It’s easy to talk about what you want and like. But it can be re­ally dif­fi­cult to work out why you want or like par­tic­u­lar things — and why other peo­ple should pay at­ten­tion. I’m go­ing to set out a three-part process that can help with this.

As the par­ent of two young chil­dren, I of­ten get to skip the pre­tend­ing part of this ex­er­cise. But I’d rec­om­mend giv­ing it a try, no mat­ter what your do­mes­tic sit­u­a­tion. It can be both chal­leng­ing and pow­er­ful to talk some­one else through an idea, step by step, in terms that take as lit­tle as pos­si­ble for granted. Often, it’s only when I try to ex­plain some­thing in this way that I dis­cover that I don’t fully un­der­stand it my­self.

As it hap­pens, there’s a sub­red­dit de­voted to pre­cisely this prin­ci­ple. It’s called ‘Explain Like I’m Five’, and fea­tures tens of thou­sands of at­tempts at ex­plain­ing com­plex ideas as sim­ply as pos­si­ble. Question: how can ar­chae­ol­o­gists trans­late an­cient scrip­tures or lan­guages? Answer: ‘It’s ba­si­cally a gi­ant jig­saw puz­zle.’ Q: how do con­fer­enc­ing pro­grammes such as Zoom han­dle so many dif­fer­ent screens? A: ‘Everyone has one con­nec­tion to Zoom’s cen­tral servers.’ Q: if carbs are sugar, why can’t we just eat sugar? A: ‘It would be a bit like re­plac­ing the fire­wood in your fire pit with a tub of gaso­line …’ And so on.

I en­joy brows­ing ‘Explain Like I’m Five’ partly be­cause it is­n’t in­ter­ested in per­fec­tion. Instead, it’s packed with com­ments, de­bates and works-in-progress; with points and coun­ter­points, gags and squibs. Much like the busi­ness of ex­plain­ing some­thing to an ac­tual five-year-old, it’s full of dis­trac­tions and dead ends. But it’s also re­lent­lessly com­mit­ted to dis­pelling er­rors and un­ex­am­ined as­sump­tions; and in priv­i­leg­ing hon­est ques­tions and con­fes­sions of un­cer­tainty over any per­for­mance of ex­per­tise.

All of this em­pha­sises a fun­da­men­tal point about clar­i­fy­ing your think­ing. It asks you to ad­mit your thoughts are un­clear to be­gin with — and thus, that cer­tain el­e­ments within them need to be rethought, or placed upon more se­cure foun­da­tions. It’s as if you’re shed­ding lay­ers of pre­con­cep­tion, mis­con­cep­tion and false con­scious­ness. And the ul­ti­mate prize is­n’t be­ing right, grat­i­fy­ing though this might be. It’s be­ing un­der­stood.

Why should any­one care about any of this? Without wish­ing to be grandiose, I’d ar­gue that seek­ing clar­ity is both hu­mane and life-en­hanc­ing. To ide­alise, it en­tails the mu­tual and re­spect­ful pur­suit of knowl­edge. To be more prag­matic, it can help us know our­selves a lit­tle bet­ter, dis­pel prej­u­dices and mis­ap­pre­hen­sions — and com­mu­ni­cate more richly and per­sua­sively amid the 21st cen­tu­ry’s tu­mult.

Aspiring to­wards clar­ity is also in­ex­orably it­er­a­tive. Whenever you set out to clar­ify your think­ing, you’re not aim­ing to ar­tic­u­late an ul­ti­mate truth. Rather, you’re aim­ing at a process, the re­sult of which will al­ways be an act of com­mu­ni­ca­tion, com­plete with all the im­per­fec­tions and con­tin­gen­cies this im­plies.

In this Guide, I want to help you think about what this process looks like for you. As promised, I’ll do this in three stages (preceded by a pause). The first stage en­tails re­flect­ing on why you be­lieve some­thing to be true or im­por­tant. The sec­ond en­tails teas­ing out the as­sump­tions this rea­son­ing re­lies upon. The third en­tails ac­knowl­edg­ing what you do and don’t know, where you’re uncertain­ — and what it might mean to re­dress these things.Need to know­Think it through­Think it through

To start with, let’s take a mo­ment. Draw a breath. Slow your­self down. What’s go­ing on? What are you think­ing and feel­ing? What most de­serves your at­ten­tion? There’s a great line in Robert Poynton’s book Do Pause (2019) that speaks to the sig­nif­i­cance of tak­ing stock in this way:

In a pause you can ques­tion ex­ist­ing ways of act­ing, have new ideas or sim­ply ap­pre­ci­ate the life you are liv­ing. Without ever stop­ping to ob­serve your­self, how can you ex­plore what else you might do or who you might be­come?

Inviting peo­ple to pause is among the eas­i­est ad­vice in the world to give, and the hard­est to take. Yet it’s foun­da­tional to clar­i­fy­ing your think­ing, be­cause this is where it all be­gins: with a mo­ment of self-re­flec­tion. Without pauses, there can be no sec­ond thoughts and no self-in­ter­ro­ga­tions. There is no process un­til you take the time to em­bark upon it.

You might think that this point is too ob­vi­ous to be worth mak­ing. Yet, in my ex­pe­ri­ence, it’s where most of us fall down. We all carry around count­less un­clear, con­fused, con­tra­dic­tory thoughts and feel­ings. And pre­cisely be­cause we have nei­ther the time nor the tools to sort them out, they mostly stay this way.

Once you’ve paused, a com­mon psy­chother­a­peu­tic ex­er­cise can help you take a first step to­wards clearer think­ing. It’s about ob­serv­ing your­self as neu­trally as pos­si­ble. You make your­self com­fort­able, re­lax, then try to no­tice the flow of your thoughts and feel­ings in a non­judg­men­tal way: the flick­ers of anx­i­ety, an­tic­i­pa­tion, re­gret; the mem­o­ries and ideas bub­bling into con­scious­ness.

These are the raw ma­te­ri­als that any process of clar­i­fi­ca­tion must work with. The more care­fully you’re able to at­tend to them, the more likely you are to tease out their com­plex­i­ties and con­tra­dic­tions. And the less likely you are to mis­tak­enly as­sume that what­ever seems ob­vi­ous to you will nec­es­sar­ily seem ob­vi­ous, or com­pelling, to some­one else.

What are you claim­ing, and why?

When I per­form the above ex­er­cise, I no­tice one thing that’s on my mind is a nag­ging ques­tion around what I eat. Should I be­come a veg­e­tar­ian, or a ve­gan, for eth­i­cal and en­vi­ron­men­tal rea­sons? And if not, why not?

In phi­los­o­phy, what’s known as stan­dard form is of­ten used to set out the es­sen­tials of a line of thought as clearly as pos­si­ble. Expressing your think­ing in stan­dard form means writ­ing out a num­bered list of state­ments fol­lowed by a con­clu­sion. If you’ve done it prop­erly, the num­bered state­ments should pre­sent a line of rea­son­ing that jus­ti­fies your fi­nal con­clu­sion. For ex­am­ple, here’s a first at­tempt at or­gan­is­ing my thoughts around diet: Both eat­ing meat and us­ing an­i­mal prod­ucts are as­so­ci­ated with vast amounts of un­nec­es­sary an­i­mal suf­fer­ing. They also use more en­ergy and re­sources than most plant-based al­ter­na­tives. It’s per­fectly pos­si­ble to have a healthy diet and live a full life with­out eat­ing meat or us­ing most an­i­mal prod­ucts. So far as pos­si­ble, I should try to pre­vent un­nec­es­sary an­i­mal suf­fer­ing, ex­ces­sive en­ergy us­age and the over­con­sump­tion of re­sources.If I be­lieve all of the above to be true, I should thus adopt a veg­e­tar­ian or a ve­gan diet.

You might have seen ex­am­ples of this ap­proach be­fore, or used it in your own work. You might also have en­coun­tered a great deal of dis­cus­sion around log­i­cal forms, rea­son­able and un­rea­son­able jus­ti­fi­ca­tions, and so on. What I find most use­ful about stan­dard form, how­ever, is not so much its promise of log­i­cal rigour as its in­sis­tence that I break down my think­ing into in­di­vid­ual steps, and then ask two ques­tions of each one:

Why should a rea­son­able per­son ac­cept this par­tic­u­lar claim? What fol­lows from this claim, once it’s been ac­cepted?

When it comes to clar­i­fy­ing my thoughts and feel­ings, the power of such an ap­proach is that any­thing rel­e­vant can po­ten­tially be in­te­grated into its ac­count­ing — but only if I’m able to make this rel­e­vance ex­plicit. Here’s how a few fur­ther thoughts might fit into my ex­am­ple: Both eat­ing meat and us­ing an­i­mal prod­ucts are as­so­ci­ated with vast amounts of un­nec­es­sary an­i­mal suf­fer­ing. They also use more en­ergy and re­sources than most plant-based al­ter­na­tives. It’s per­fectly pos­si­ble to have a healthy diet and live a full life with­out eat­ing meat or us­ing most an­i­mal prod­ucts. So far as pos­si­ble, I should try to pre­vent un­nec­es­sary an­i­mal suf­fer­ing, ex­ces­sive en­ergy us­age and the over­con­sump­tion of re­sources. If I be­lieve all of the above to be true, I should thus adopt a veg­e­tar­ian or a ve­gan diet. However, I’m not cur­rently a veg­e­tar­ian or a ve­gan. This sug­gests that ei­ther: I don’t be­lieve the above rea­sons to be true, or to be the whole story; or that I do, yet some­how still don’t find them com­pelling.If I want to clar­ify my think­ing around this is­sue, I need to in­ves­ti­gate the di­vide be­tween my ap­par­ent be­liefs and my ac­tions.

How might you ap­ply such an ap­proach your­self? As you’ll have no­ticed, the thoughts I’ve just added bring fur­ther com­plex­i­ties and qual­i­fi­ca­tions into fo­cus. They take what was once a rel­a­tively straight­for­ward con­clu­sion and turn it into some­thing more com­plex — and re­veal­ing.

Paradoxically enough, this is a vi­tal com­po­nent of clar­i­fy­ing your think­ing: strip­ping away over­sim­pli­fi­ca­tions, no mat­ter how com­pelling or ap­peal­ing, and re­plac­ing them with an hon­est ac­knowl­edg­ment of cir­cum­stances. The logic of my ini­tial ar­gu­ment might have seemed ad­mirably clear; but this clar­ity does­n’t cor­re­spond as closely as I might wish to re­al­ity.

Honest self-ex­am­i­na­tion and it­er­a­tion are vi­tal, here. Even now, read­ing back my own words, I’m not sure I’ve man­aged to de­scribe my state of mind ac­cu­rately — or the is­sues at stake. Is it re­ally true that there’s no eth­i­cal way of eat­ing meat or of us­ing an­i­mal prod­ucts? Are there shades of mean­ing I’ve ne­glected in an ef­fort to es­tab­lish clear cat­e­gories of right and wrong? Or am I sim­ply fail­ing to act on my be­liefs be­cause of a com­bi­na­tion of in­er­tia and self-in­dul­gence?

These are just a few of the ques­tions my sce­nario begs. And be­hind them is a fun­da­men­tal point: that it’s only by re­peat­edly ques­tion­ing both the why and the what of our claims, and the claims they in turn rely on, that we can hope to strip away the lay­ers of habit, con­fu­sion and self-jus­ti­fi­ca­tion that all too of­ten typ­ify every­day thoughts.

What have you taken for granted?

Upon what ba­sis can I jus­tify any claims? Some will rely on ex­ter­nal ev­i­dence; some on per­sonal pref­er­ences and ex­pe­ri­ences; some on a com­bi­na­tion of these fac­tors. But all of them will at some point in­voke cer­tain as­sump­tions that I’m pre­pared to ac­cept as fun­da­men­tal. And it’s in un­earthing and analysing these as­sump­tions that the most im­por­tant clar­i­fi­ca­tions await.

Assumptions are those things we take for granted: what­ever we don’t ex­plic­itly spell out, but that our think­ing re­lies upon. Assumptions are also ex­tremely im­por­tant. Indeed, it’s the ex­is­tence of shared as­sump­tions that makes com­mu­ni­ca­tion (and much else) pos­si­ble. As I write these words, I’m as­sum­ing they mean ap­prox­i­mately the same thing to you as they do to me. It would be in­cred­i­bly tire­some if I tried to ex­plain every word in a sen­tence. It would also, in the end, be fu­tile. I’d still have to ex­plain my words via other words, my ideas via other ideas, and so on. Without some shared as­sump­tions, there would be no way of build­ing ei­ther com­mon un­der­stand­ings or mean­ing­ful dis­agree­ments.

While com­mon un­der­stand­ing and mean­ing­ful dis­agree­ment might sound like op­po­sites, they’re ac­tu­ally two sides of the same coin. No mat­ter how self-ev­i­dent they might seem to us, the as­sump­tions that our ideas rest upon might need spelling out to oth­ers. Some peo­ple could, for ex­am­ple, view an­i­mal suf­fer­ing as a non-is­sue, on the grounds that hu­man ex­pe­ri­ence is all that counts when it comes to ethics. Some could be­lieve that no fur­ther jus­ti­fi­ca­tion of ve­g­an­ism is re­quired be­yond the self-ev­i­dent evil of in­flict­ing un­nec­es­sary suf­fer­ing on our fel­low crea­tures. And some (among whom I ten­ta­tively count my­self) might be­lieve that most forms of in­dus­trial farm­ing and fish­ing are ab­hor­rent, but that there are some cir­cum­stances un­der which an­i­mal prod­ucts can be eth­i­cally and sus­tain­ably sourced.

Our as­sump­tions, in other words, aren’t just un­ex­am­ined ideas. They’re also the roots of iden­tity and al­le­giance; the stuff of our per­sonal and shared his­to­ries; of our com­mu­ni­ties and our moral­ity. They are the sources of much of the great­est good and deep­est harm we do to one an­other. That which we take as ‘given’ is noth­ing less than the bedrock of what we be­lieve the world to be.

What fol­low from this? When it comes to clar­i­fy­ing your think­ing, it means that you need to be very clear about the dif­fer­ence be­tween what fol­lows from your as­sump­tions and the sta­tus of those as­sump­tions. To take things step by step:

Any line of thought must be­gin with cer­tain as­sump­tions: those things that you both ex­plic­itly and im­plic­itly ac­cept as given. No mat­ter how deep you dig, you’ll never be able to find a wholly clear, self-ev­i­dent and un­con­tro­ver­sial claim. A care­ful process of analy­sis can show where your as­sump­tions lead: what rea­son­ably fol­lows from them, if you as­sume that they’re true or ac­cu­rate. But dif­fer­ent lines of rea­son­ing based on dif­fer­ent sets of as­sump­tions are likely to take you in very dif­fer­ent di­rec­tions. One of the most use­ful things you can thus do is to spell out both your own and other peo­ple’s key as­sump­tions, then to com­pare what fol­lows from each. If you’re suf­fi­ciently open-minded, this can help you iden­tify as­sump­tions you hold in com­mon with oth­ers, chal­lenge faulty ones on both sides, and re­spect­fully en­gage with al­ter­na­tive per­spec­tives from your own.

Working out the im­pli­ca­tions of your as­sump­tions is, in other words, far from the same thing as be­ing de­fin­i­tively cor­rect; and grasp­ing the dif­fer­ence be­tween these lies at the heart of hon­estly and per­sua­sively ar­tic­u­lat­ing your views.

Embrace di­a­logue — and know your lim­its

What do you make of my at­tempts to clar­ify my think­ing about meat-eat­ing, thus far? Hopefully, even if you dis­agree with every sin­gle word I’ve writ­ten, you’re more likely to un­der­stand where I’m com­ing from than if I just blurted out: ‘I think that maybe I ought to stop eat­ing meat.’ I cer­tainly feel more con­fi­dent about what’s go­ing on in my head. And this sug­gests that, if we ever end up dis­cussing these things in per­son, we’re more likely to be able to de­bate our dif­fer­ences con­struc­tively. We’ll per­haps be able to work out where we do and don’t dis­agree — and why — rather than falling back upon blan­ket as­ser­tions or as­per­sions. In the end, we might even ar­rive at a new, clearer un­der­stand­ing to­gether.

This, I’d sug­gest, is the most pre­cious thing about clearly pre­sent­ing the think­ing be­hind any point of view: not that it proves your right­ness or right­eous­ness, but that it vol­un­teers your will­ing­ness to par­tic­i­pate in a rea­soned ex­change of ideas. At least in prin­ci­ple, it sug­gests that you’re pre­pared to:

Justify your po­si­tion via ev­i­dence and rea­soned analy­sis. Listen to, and learn from, per­spec­tives other than your own. Accept that, in the face of suf­fi­ciently com­pelling ar­gu­ments or ev­i­dence, it might be rea­son­able to change your mind.

This ap­proach is un­der­pinned by what’s known as the prin­ci­ple of char­ity: a phrase that can sound strange in the con­text of dis­agree­ments, but that em­bod­ies one of our old­est and most prac­ti­cal guides to con­struc­tive de­bate. It ex­ists in var­i­ous for­mu­la­tions, all rooted in the same idea:

So far as pos­si­ble, you should try to ex­tract the max­i­mum truth­ful and rea­son­able con­tent from what oth­ers say, es­pe­cially if they dis­agree with you.

Importantly, the prin­ci­ple of char­ity ex­tends not only to what some­one is say­ing, but also to your as­sump­tions around why they are say­ing it:

Unless you have de­ci­sive ev­i­dence to the con­trary, you should start off by as­sum­ing that some­one else’s po­si­tion is rea­son­able and sin­cerely held, rather than that they’re ma­li­cious, ig­no­rant or mis­taken.

Why? In both cases, the an­swer is­n’t be­cause this is a nice thing to do, but be­cause it’s only by be­gin­ning with char­i­ta­ble as­sump­tions that you can get to grips with the un­der­pin­nings of some­one else’s per­spec­tive — and en­sure that any judg­ment you even­tu­ally pass is based on a care­ful, fair-minded as­sess­ment.

All of which brings us back to the most im­por­tant point of all: that clar­i­fy­ing your think­ing means be­ing as hon­est as pos­si­ble about what you don’t know, and then putting a frank en­gage­ment with these lim­i­ta­tions at the heart of your ac­count.

Indeed, per­haps the most im­por­tant tool in any at­tempt at clear think­ing is the ca­pac­ity to test (and to keep on test­ing and re­fin­ing) your ideas as if they be­longed to some­one else: as acts of rea­soned per­sua­sion that must stand, or fall, on their own terms.Need to know­Think it through Clarifying your think­ing is a process: one that’s nec­es­sar­ily in­cre­men­tal, it­er­a­tive and im­per­fect. There’s no such thing as a per­fectly clear state­ment. Clarification comes from set­ting out your think­ing, step by step, in as straight­for­ward and ex­plicit a man­ner as pos­si­ble — and then step­ping back, re­vis­it­ing the re­sult, and seek­ing to re­dress its lim­i­ta­tions. First of all: pause. It’s only by slow­ing down and at­tend­ing care­fully to your own thoughts that you can hope to em­bark upon a process of clar­i­fi­ca­tion. What’s on your mind? Once you’ve worked out what de­serves your at­ten­tion, try to spell out why you be­lieve it to be true or im­por­tant. This en­tails re­con­struct­ing your rea­son­ing sys­tem­at­i­cally. Set it out in num­bered se­quence, be­ing sure to ask of each claim: why should a rea­son­able per­son ac­cept this; and what does (and does­n’t) fol­low once it’s been ac­cepted. Don’t be se­duced by over­sim­pli­fi­ca­tions or too tidy a for­mu­la­tion of com­plex is­sues. It’s im­por­tant to be as clear as pos­si­ble about the ten­sions, am­biva­lences and am­bi­gu­i­ties you’re grap­pling with. Addressing com­plex ideas lu­cidly is­n’t the same as pre­tend­ing they’re sim­ple. Be ex­plicit about the rel­e­vant as­sump­tions your rea­son­ing re­lies on. These will in­vari­ably in­clude some claims you be­lieve to be fun­da­men­tal. Be aware that two per­fectly rea­son­able lines of ar­gu­ment based upon dif­fer­ent fun­da­men­tal as­sump­tions could lead to very dif­fer­ent con­clu­sions. Engage char­i­ta­bly and rig­or­ously with per­spec­tives other than your own, and don’t as­sume dis­hon­esty or bad faith in oth­ers with­out good rea­son. To ide­alise, a con­struc­tive ex­change of views is one in which you first en­sure you’ve stated some­one else’s po­si­tion in a man­ner they agree is fair — and only set about ad­dress­ing your dif­fer­ences once you’ve done this.Need to know­Think it through­What does it mean to make the kind of process I’ve out­lined above ha­bit­ual — and what might it mean, for you, to ap­ply it ef­fec­tively in dif­fer­ent ar­eas of your life?

This is the point at which your per­sonal pref­er­ences come into play. For me, the props and rou­tines of clear think­ing in­clude (in no par­tic­u­lar or­der) strong cups of cof­fee, di­rec­tion­less neigh­bour­hood strolls, a desk sur­rounded by heaped books and scrap pa­per, and as much serendip­i­tous read­ing as I can squeeze in be­tween school runs.

For you, the twin realms of the pos­si­ble and the de­sir­able might look very dif­fer­ent. But the same prin­ci­ple ap­plies. We both need to take a close in­ter­est in the times, places, habits and con­texts that bring out the best in us — and that give us per­mis­sion to con­tem­plate, then try to ex­plain, what’s re­ally go­ing on when it comes to the ques­tions that mat­ter most.

Another way of putting this is that willpower is over­rated. Among all the pot­ted in­sights I’ve drawn from so­cial sci­ence, this is per­haps the hand­i­est and most hum­bling. Unless you seek out con­texts, rou­tines and en­vi­ron­ments that sup­port your best self, you’ll strug­gle to be that self at any but the very best of times.

Aim to in­ter­ro­gate and au­dit your habits in the light of this in­sight. Find ways of think­ing and work­ing that work for you. Be as ruth­less as pos­si­ble about iden­ti­fy­ing the ones that don’t work, and why; and how far you can min­imise the toll they take. Try to take a lively and sys­tem­atic in­ter­est in your own blind spots and lim­i­ta­tions. Be hon­est about what you do and don’t know, where you’re un­cer­tain; and what kind of con­ver­sa­tions, in­ves­ti­ga­tions, pre­dic­tions and dis­cov­er­ies might re­duce this un­cer­tainty.

Above all, don’t for­get to ask for help when you need it — and to of­fer it when­ever you can. When it comes to clar­ity and com­mu­ni­ca­tion alike, this is per­haps the sim­plest and most im­por­tant thing any of us can do: keep talk­ing to one an­other, and try to truly lis­ten to what’s be­ing said in re­sponse.Need to know­Think it throughThe Critical Thinking course from the University of Auckland is avail­able, for free, on­line, and cov­ers every­thing from ev­i­dence and rea­son­ing to law and moral­ity.

The Philosophy Bites pod­cast of­fers an ex­ten­sive archive of bite-sized in­ter­views with world-lead­ing thinkers, and is hard to beat for in­sights into big ideas.

Mary Midgley’s book What Is Philosophy For? (2018) ac­ces­si­bly ex­plores what it means to think clearly about the ques­tions that mat­ter most.

Oliver Burkeman’s weekly col­umn ‘This Column Will Change Your Life’ ran in The Guardian from 2006 un­til 2020, and is a wise, witty trea­sure trove full of prac­ti­cal, hu­mane ad­vice about think­ing and work­ing well — and cut­ting your­self some slack along the way.

My own book How to Think (July 2021) ad­dresses clear think­ing in the con­text of every­day ex­pe­ri­ence, with an em­pha­sis on habits and prac­ti­cal skills.Don’t be­lieve every­thing you hear, read and watch. To punc­ture re­ceived ideas about cul­ture, start think­ing like Jacques DerridaWonder and the sub­limeAwe might seem an un­ob­tain­able lux­ury to many but, with the right ap­proach, you can en­joy it daily — no moun­tain re­quired­Plato and Aristotle can help you re­sist con­ven­tional worldly suc­cess, di­rect your en­ergy and find your own high­est call­ing­In­trigu­ing ar­ti­cles, prac­ti­cal know-how and im­mer­sive films, straight to your in­box.

Please join the Simons Foundation and our gen­er­ous mem­ber or­ga­ni­za­tions

in sup­port­ing arXiv dur­ing our giv­ing cam­paign September 23-27. 100% of your con­tri­bu­tion will fund im­prove­ments and new ini­tia­tives to ben­e­fit arX­iv’s global sci­en­tific com­mu­nity.

DONATE

[secure site, no need to cre­ate ac­count]

A while back there was a thread on one of our com­pany mail­ing lists about

SSH quot­ing, and I posted a long an­swer to it. Since then a few peo­ple have asked me ques­tions that caused me to reach for it, so I thought it might be help­ful if I were to anonymize the orig­i­nal ques­tion and post my an­swer here.

The ques­tion was why a se­quence of com­mands in­volv­ing ssh and fid­dly quot­ing pro­duced the out­put they did. The first ex­am­ple was this:

Oh hi, my du­bi­ous life choices have been such that this is my spe­cial­ist sub­ject!

This is be­cause SSH com­mand-line pars­ing is not quite what you ex­pect.

First, re­call that your lo­cal shell will ap­ply its usual pars­ing, and the ac­tual OS-level ex­e­cu­tion of ssh will be like this:

Now, the SSH wire pro­to­col only takes a sin­gle string as the com­mand, with the ex­pec­ta­tion that it should be passed to a shell by the re­mote end. The OpenSSH client deals with this by tak­ing all its ar­gu­ments af­ter things like op­tions and the tar­get, which in this case are:

It then joins them with a sin­gle space:

This is passed as a string to the server, which then passes that en­tire string to a shell for eval­u­a­tion, so as if you’d typed this di­rectly on the server:

The shell then parses this as two com­mands:

The di­rec­tory change thus hap­pens in a sub­shell (actually it does­n’t quite even do that, be­cause bash -lc cd /tmp in fact ends up just call­ing cd

be­cause of the way bash -c parses mul­ti­ple ar­gu­ments), and then that sub­shell ex­its, then pwd is called in the outer shell which still has the orig­i­nal work­ing di­rec­tory.

The sec­ond ex­am­ple was this:

Following the logic above, this ends up as if you’d run this on the server:

The third ex­am­ple was this:

And this is as if you’d run:

Now, I would­n’t have im­ple­mented the SSH client this way, be­cause I agree that it’s con­fus­ing. But /usr/bin/ssh is used as a trans­port for other things so much that chang­ing its be­hav­iour now would be enor­mously dis­rup­tive, so it’s prob­a­bly im­pos­si­ble to fix. (I have oc­ca­sion­ally ag­i­tated on openssh-unix-dev@ for at least doc­u­ment­ing this bet­ter, but haven’t made much head­way yet; I need to get round to prepar­ing a doc­u­men­ta­tion patch.) Once you know about it you can use the proper quot­ing, though. In this case that would sim­ply be:

Or if you do need to specif­i­cally in­voke bash -l there for some rea­son (I’m as­sum­ing that the orig­i­nal ex­am­ple was re­duced from some­thing more com­pli­cated), then you can min­imise your con­fu­sion by pass­ing the whole thing as a sin­gle string in the form you want the re­mote sh -c to see, in a way that en­sures that the quotes are pre­served and sent to the server rather than be­ing re­moved by your lo­cal shell:

Taildrop was the main new fea­ture we launched in Tailscale v1.8. People seem to like it.

This is so cool. Point to point drag & drop files (phone to desk­top, iPhone to Android, Windows to Linux…) with Wireguard se­cu­rity. Reason # 376 why you should be track­ing @Tailscale. https://​t.co/​Tu0TxtdlTF

— Kenn White (@kennwhite) May 28, 2021

Taildrop works for large files, it goes point to point rather than through the cloud, it’s se­cured us­ing your ex­ist­ing iden­tity provider, and best of all, it does­n’t need any blue­tooth.

I just shared a 3GB file from a Macbook to an iPhone us­ing @Tailscale to test if it was able to han­dle big files well and it is!

No more try­ing to dis­cover Airdrop de­vices or deal­ing with bro­ken Bluetooth to send me­dia around!

— Felipe O. Carvalho (@_Felipe) May 30, 2021

ohh­hhh!!! Being able to eas­ily share files be­tween de­vices over an en­crypted socket is amaz­ing to have! https://​t.co/​piB­Dpmk6w5

— yosh (@yoshuawuyts) May 25, 2021

And it leads some users to in­fer world dom­i­na­tion plans even though we are, in ac­tu­al­ity, just very nice peo­ple, any­body would say so:

You guys are gonna take over the world. Seriously. This is so cool.

— Tyler Stillwater (@TylerStillwater) May 19, 2021

Seriously though, Taildrop is a thing that lets you trans­fer files be­tween your own de­vices, over your point-to-point Tailscale+WireGuard mesh net­work, across var­i­ous dif­fer­ent OS plat­forms. It never stores your files in the cloud or sends them to us. They’re end-to-end en­crypted with keys that we never see. And it costs us, ef­fec­tively, noth­ing to run, be­cause it’s your band­width (mostly LAN band­width), not ours. We just bust some NATs and ne­go­ti­ate the ses­sion. Which is why we can give Taildrop away to every­body, for un­lim­ited use, with no file size lim­its, as part of the Tailscale free plan. It’s also open source…

…although there’s so lit­tle code that it’s hard to spot. That’s the topic of this post.

When we wrote How Tailscale Works and How NAT Traversal Works, we had a not-so-sub­tle goal of ex­plain­ing that, in fact, mak­ing those things work is pretty hard. We’ve spent thou­sands of per­son-hours on it, and maybe you should just use Tailscale in­stead. You know how this story goes.

But Taildrop is dif­fer­ent. It’s just an unau­then­ti­cated file trans­fer layer on top of Tailscale. It can be unau­then­ti­cated be­cause Tailscale is al­ready au­then­ti­cated, and con­trols who can ac­cess each port, and for those who are al­lowed, it se­curely tells you who’s con­nect­ing right now. Taildrop can it­self be un­en­crypted be­cause Tailscale is al­ready end-to-end en­crypted (an ar­chi­tec­ture called Zero Trust Networking).

I tried to write an ar­ti­cle called How Taildrop Works but it was just the fol­low­ing di­a­gram, and they would­n’t let me pub­lish it. I had to put a fancy font in the ti­tle to dis­tract you from how bor­ing the rest of the di­a­gram is.

Can you im­ple­ment an iOS or Windows shar­ing pane? Can you de­liver an HTTP PUT re­quest?[1] Then great, you’ve built Taildrop.

As an “Internet in­sider” joke, we wanted to re­lease Taildrop on the 50th an­niver­sary of FTP (April 16, 2021), but sadly, our re­lease date slipped just a bit too far. Still, FTP is a big in­spi­ra­tion for us:

Along with tel­net (the pre­cur­sor to ssh), FTP was one of the first two ap­pli­ca­tion pro­to­cols used on the Internet.

Transferring big files from one com­puter to an­other is one of the fun­da­men­tal things we all want to do, and which, per­versely, some­how is nowa­days harder to do than it was with FTP decades ago.

Taildrop is fewer lines of code than the ftp com­mand, more se­cure than FTP, and eas­ier to use than FTP, even though it was eas­ier to in­vent than FTP.

In short, to me, Taildrop is a sign that maybe, just maybe, the Internet is fi­nally once again evolv­ing in the right di­rec­tion. For the first time in longer than I can re­mem­ber, we can write an app that just trans­fers some data, and not worry about host­ing costs, or pri­vacy is­sues, or lo­gins or pass­words or ac­count re­cov­ery or DNS or open ports or fire­walls or ex­pired TLS cer­tifi­cates. We made a server that ac­cepts PUT re­quests, and a GUI that gen­er­ates PUT re­quests, and we shipped it.

But Avery, you may be ask­ing your­self, if it was so easy, why did it take 7 weeks to de­velop and launch? I’m sure, you say to your­self, I’m sure I can make a one-page HTTP server in less than 7 weeks. And, you con­tinue, I’m guess­ing you did­n’t spend the whole 7 weeks work­ing on this beau­ti­ful Windows GUI:

I wrote our Windows Taildrop GUI. I re­serve the right to make fun of it.

Indeed, you are cor­rect. The Windows GUI took maybe a cou­ple of days (and de­serves more than a cou­ple of days). The HTTP PUT re­spon­der took a few hours at most. So where did the time go?

In truth, we did­n’t set out just to build an­other FTP. We wanted to demon­strate, to our­selves, how to build an­other FTP. And we wanted to make it easy for the next peo­ple, who won’t be us, to build the next app the easy way.

Behind the scenes of that HTTP PUT re­quest, there’s some ma­chin­ery we needed to add:

The new Tailscale “localapi” lets lo­cal apps query the lo­cal tailscale in­stance over HTTP. For ex­am­ple, it can get a list of peer de­vices that might be Taildrop tar­gets, or which ser­vices are run­ning on those peers.

The new “whois”[2] ser­vice lets you find out the user iden­tity of a se­cure TCP or UDP ses­sion es­tab­lished over the Tailscale net­work. (Taildrop cur­rently re­stricts file trans­fers to only be al­lowed from de­vices that you your­self own, even on a multi-user net­work. That lets us safely de­lay a bunch of pri­vacy and se­cu­rity ques­tions for now, such as what to do when some­one sends you an, er, un­wanted photo. We’ll have to do more work when we al­low in­ter-user trans­fers later.)

The new “peerapi” lets Tailscale nodes send mes­sages to each other, over the en­crypted Tailscale link. The first use­ful peer­api end­point is Taildrop, and there’s a thingy for in­spect­ing gor­ou­tine sta­tus. It’ll soon be ex­panded to in­clude at least a few ex­tra di­ag­nos­tic fea­tures.

Some ag­gra­va­tion also arose around what to do with the files once we got them to their des­ti­na­tion, es­pe­cially on mo­bile plat­forms. (As of this writ­ing, the Android client for Taildrop is­n’t done yet, but it’s com­ing soon.) iOS gave us some pain, since the Tailscale back­end is­n’t al­lowed to write to user-vis­i­ble file stor­age such as the Files app. Instead, we have to de­liver a no­ti­fi­ca­tion, which when clicked, can open the fron­tend GUI, which can move the files into their fi­nal lo­ca­tion.

We’re not sure yet ex­actly where we’ll take the peer­api; maybe it’ll be use­ful mainly for fea­tures pro­vided di­rectly in­side Tailscale, like Taildrop. After all, every other port you lis­ten on is also reach­able over the p2p net­work once es­tab­lished, so if you’re writ­ing your own app, you can just use an­other port, like a retro 1990s Unix pro­gram­mer in­vent­ing rlogin. We’ll see.

What we did­n’t do: cloud edi­tion

It’s in­struc­tive to think about what you might have had to do if you were in­stead try­ing to trans­fer files be­tween your de­vices with­out all that nice in­fra­struc­ture.

First of all, you’d have to de­cide whether to (a) beam every­thing to the cloud and back, or (b) es­tab­lish a p2p link be­tween two de­vices and send the files di­rectly.

Okay, that’s a trick ques­tion; al­most no­body ever chooses op­tion (b) any­more. It’s just too hard. If you could es­tab­lish a se­cure di­rect link be­tween de­vices, you could just use FTP, and we al­ready know those days are gone.

So fine, let’s use the cloud. How will our pro­to­col work?

The ser­vice will store in-tran­sit file con­tents in, say, S3.

Ah, but which S3 re­gion? Better do a whole bunch of re­gions to be safe. Don’t want to be trans­fer­ring files halfway around the world for no rea­son. That means we need a load bal­ancer. Don’t worry, AWS can sell us one for a mostly rea­son­able price.

Our server is go­ing to need a DNS name and an HTTPS cert. Let’s use LetsEncrypt, I guess. Which LetsEncrypt client to use? Meh, any of them will do. This is easy, any Senior SWE with a few years of ex­pe­ri­ence can do LetsEncrypt in their sleep.

Great! Now we can go build a client that up­loads files to the cloud.

But wait, who is al­lowed to up­load files? Time to add an iden­tity sys­tem. Maybe Sign-in with Google? Well, not every­one uses Google. Perhaps pull in an ex­ist­ing user ac­count man­age­ment li­brary. 2FA? Account re­cov­ery emails? I’m sure there’s an npm for this. Done.

To which re­gion do we up­load the files? Well, the clos­est one, of course! We’ll set up our load bal­ancer to con­nect users to the clos­est in­stance. Do we need edge com­put­ing for this? I don’t know, but edge com­put­ing sounds amaz­ing, let’s add some. I heard fly.io is good.

How long do we keep the files af­ter up­load­ing, if the re­cip­i­ent does­n’t re­trieve them? I don’t know. Pick some­thing. A week. Too long and we waste money on stor­age costs; too short and we get weird er­rors when peo­ple down­load too slowly. Don’t worry, they can retry.

How do we no­tify the re­cip­i­ent that there is a file wait­ing for them to down­load? Oh, I know this one! Push no­ti­fi­ca­tions! Well, on mo­bile we can use push no­ti­fi­ca­tions. On desk­top, we’ll need to use HTTP long polls. Honestly I don’t know how to do HTTP long polls, it seems like a good way to pull out all my hair. How about we just poll pe­ri­od­i­cally in­stead. Say, every 5 sec­onds.

Okay, up­load­ing works, polling is im­ple­mented, and… wait, how do we con­nect the up­load stream with the right down­load poller? I guess we need a data­base to keep track of up­loaded files. And some­thing to clear stuff out of the data­base and delete the S3 file af­ter a suc­cess­ful down­load. Is that a mes­sage queue? Yes, yes, I think it is. No prob­lem, AWS will sell me a mes­sage queue and it’s go­ing to be awe­some, with lit­er­ally dozens of trans­ac­tions per sec­ond per thread, like a 1960s IBM main­frame. Wait, no, 1960s main­frames could do way more trans­ac­tions than that. Where was I? Anyway, dozens of trans­ac­tions per sec­ond is plenty.

After all that, down­load­ing is pretty easy. It au­then­ti­cates through the same iden­tity sys­tem, polls pe­ri­od­i­cally, and when a file is ready to down­load, gen­er­ates an au­then­ti­cated S3 redi­rect so that it can se­curely…

…um, let me lock down those S3 bucket per­mis­sions real quick…

…AHEM so it can se­curely re­trieve the file and no­body else can.

Oh. Wait. I for­got about en­cryp­tion! We can’t just store peo­ple’s files, un­en­crypted, in S3, can we? A se­cu­rity breach would be a dis­as­ter, it would give the at­tacker ac­cess to all the in-flight files in the world. Let’s read about S3 en­cryp­tion-at-rest fea­tures. Sweet, it has those! Let’s turn them on. But come to think of it, why is en­cryp­tion-at-rest just a flag? Doesn’t that mean I could still eas­ily send the files to the wrong per­son?

…Yes. If I want end-to-end en­cryp­tion, I have to roll my own. So the up­loader needs to en­crypt the file with, uh, the down­load­er’s pub­lic key, and…

…oh no. Where can I get the down­load­er’s pub­lic key? Let’s go back. Okay, the down­loader up­loads their pub­lic key to the server in ad­vance, be­fore we trans­fer any­thing. Now the up­load client, when it wants to up­load a file, first asks for a list of pub­lic keys of the avail­able down­load­ers. Then the user picks one, it en­crypts the file and up­loads it, and the down­loader we chose will have the right key to de­crypt.

Look. Do not even talk to me about key ro­ta­tion. I am not in the mood.

Success! And with that sim­ple ef­fort, and maybe some ter­raform or some­thing, and some con­tin­u­ous in­te­gra­tion, you have built your­self an ap­prox­i­mate clone of Firefox Send, the now-can­celled pro­ject that, in ad­di­tion to be­ing ex­pen­sive to run, turns out to have been a mag­net for bot­nets and abuse be­cause of some fur­ther de­sign prob­lems not ex­plored above.

If this is what it takes to trans­fer a file nowa­days, no won­der every ser­vice that does it needs to charge money, or put ar­bi­trary lim­its on file sizes, or show you ads, or worse.

You know what, on sec­ond thought, all this was a ter­ri­ble idea, maybe we should have tried the p2p method af­ter all. How NAT Traversal Works> Okay, no, not that.

And this is why Tailscale is dif­fer­ent.

[1] Security side note: it turns out HTTP PUT re­quests can­not be ini­ti­ated by a web browser with­out us­ing CORS. This pre­vents XSRF at­tacks on Taildrop. Otherwise we would have needed to add a ses­sion cookie or some­thing.

[2] To pay proper homage to the Old Ones, this per­haps should have been called identd in­stead. The Internet’s whois ser­vice is a dif­fer­ent (kind of mis­named) thing en­tirely. And no­body knows what identd is any­more. Oh well.