I was asked about Batman – here is what I have

The background is that someone asked me, “Who are all those Robin’s?” and can you recommend some titles.  I wrote the following and thought it is a good cheat for a blog entry.

Bruce Wayne is dead (sorta). He died in Batman R.I.P and Final Crisis (both available in trade) about a year ago. He will be coming back in a mini-series starting next month.

There have been four Robins.
Dick Grayson – he grew up and became Nightwing and led the Teen Titans/Titans. He has recently taken over the Batman mantle and is fighting crime in Gotham and is a member of the JLA.

Jason Todd – He was killed by the Joker. Batman kept his costume on display in the batcave to show respect and to caution against endangering minors. Todd came back to life as a complicated side effect of Infinite Crisis. He is a bit mad and is now the villain the Red Hood.

Tim Drake – Proved himself capable by discovering Batman’s identity when he was young. Currently calling himself Red Robin and trying to find a way to bring Bruce Wayne back – he doesn’t believe he is really dead.

Damian Wayne – Son of Bruce and Talia ah’Ghul (Talia is the daughter of Ras al’Ghul). He was born and raised without Batman’s knowledge. Talia recently brought Damian to Bruce. Damion is acting as the current Robin to Grayson’s Batman.

In an interesting turn – Damian as Robin is the hard-bitten focused one and Grayson as Batman is the optimistic carefree type.

In order: Todd comes back in Infinite Crisis, Bruce finds out about Damian in Batman comics, Batman dies in R.I.P and Final Crisis,  new status quo with new Batman, Robin and Red Robin following the Battle for the Cowl.

The Dark Knight Returns and Dark Knight Strikes Again is a different continuity. The Robin there – Carrie Kelly  has never been a Robin in the main timeline.

Other major players in Batman – Batwoman, Oracle, Huntress, Batgirl, Azrael, Commissioner Gordon.

Other than Tommy Elliot and Red Hood most of the Batman villains are mostly the same. Riddler is now a private detective and Penguin runs a legitimate nightclub. Then plan to kill Batman was done by a group called the Black Glove and headed by a Dr. Hurt.

OK – I’m not a huge Batman reader, so some of this is sight unseen. I’ll star the stuff I’ve read and like.

The titles are mostly of the collected storylines.

Current:

• *Batman and Robin (flagship title)
• *Batwoman (in Detective Comics)
• Red Robin
• All-star Batman and Robin (different continuity)

(There should be at least one collection out for each of these titles)

Foundational:

• *The Dark Knight Returns
• *Batman: Year One
• *Arkham Asylum
• *The Killing Joke

(Almost all of current Batman builds from these.)

Other Foundations:

• *The Long Halloween
• Son of the Demon

Recent:

• Heart of Hush
• *R.I.P
• The Black Glove
• Hush
• *Whatever Happened to the Caped Crusader
• *Broken City

In the last 10 years:

• Officer Down
• No Man’s Land (4 volumes)
• Fugitive
• Murderer
• Dark Knight Strikes Again (Sequel to the Dark Knight Returns)

Batman’s Family:

• *Catwoman:The Dark End of the Street and Crooked Little Town
• *Catwoman: Selina’s Big Score
• *Gotham Central: In the Line of Duty
• Birds of Prey: Of Like Minds

Any comic store should carry these trades. I didn’t go for anything too rare. I’d recommend Wizard’s. Alternatively, I hear Happy Harbour is also good.

Event Comics

You know what I like?  Event comics.  But real comic fans shouldn’t like event comics; a real fan should recognize them for cheap marketing ploys that emphasize flash over story, continuity, character and good taste.

An event being defined here as a cross-over, double-sized issue, or spin off one-shot or mini-series or maxi-series.  There are other marketing ploys – cover variants, bonus swag, change of creators, renumbering, etc, but for my purposes I’m not calling them events.

So popular wisdom often states that folks get burnt out by events.  And that customers have a fixed pool of money to spend on comics so while an event might elevate the event comics it comes at the expense of other comics – often by the same publisher.

But it seems that they do indeed sell comics.  So while they may go in and out of style, we can be assured that sooner or later they will always come back into style.

Anyways, I like them.  Some of my favorite comics as a child were some of the cross-overs I read – mostly JSA/JLA/All-Star Squadron Crisis issues.  Although they pale in scope to many of the events which followed.

Good Events vs. Bad Events

Here I think are some ways to distinguish a good event from a bad-one.

1) The event should matter.  I talked about the illusion of change before.  In events, some change to the status quo should arise.  This is something the main publisher are mostly doing pretty well these days.  But there are drawbacks – the JLA series has been doing ‘adapting to the new status quo’ issues for the past two years.  It seems to have not actually told any stories.

2) It shouldn’t go on too long.  In the past five years there have been several 52 issue weekly events and several 7 or 8 issue monthly events (with a hoard of tie-ins and delays).  Some of the best have been the reverse – four issue series like Anhilation that were quickly done.  It is tough to maintain a fever pitch of interest for a whole year.

3) Tie-Ins should make sense.  The ‘red sky’ issue is a trope from one of the original big cross-overs.  It refers to titles that indicated that they were part of the event, but which actually only showed by by having a scene where the cast noticed the sky was red.

4) The event should arise from something going on in the core series of the event.  The reverse is the event just takes over the title for the duration of the event, pausing ongoing plots, which are then resumed when the event is over.  It can be especially hard for tie-ins to have this make sense.  Last year the great fables cross-over interrupted the normal Fables title to resolve the big plots of the Jack of Fables title.  These plots basically just derailed Fables for 3 months.  Grr.

5) There should be time between events.  If my first suggestion is followed let’s have time to explore the changes resulting from the event.

6) Key aspects of the event should happen in the event.  This might be clear from examples – Batman didn’t actually die in Batman R.I.P – not until next month in Final Crisis.  Captain America didn’t die in Civil War instead he died a month later in a denouement issue in Cap’s own title.

7) Using death to underline that the event is important sucks.  Supergirl and Flash bought it in Crisis on Infinite Earths.  Nearly every cross-over since has had to compare to that.  And most often the death seems like a stunt instead of a valid consequence of the story.   As an editor I’m not sure how I’d guide a writer, but as a reader I know when it annoys me.  Unfortunately both Johns and Bendis have this in their back pocket as normal tools.

In the last few years many of my suggestions are being followed.  Other than #2 and #7.

Shared World

One of the neatest aspects of an event it that it gives the opportunity to explore shared world in the big publishers comics universe.  An opportunity for characters that normally exist within their own continuities to interact with the other characters.

It can be tricky to setup, but seeing a double page spread of all the heroes and all the villains facing off against one another can be awesome.  Lump in the throat stuff – if you can get worked up by comics.  Or having Superman or Thor show up as the cavalry in the nick of time?  It has been done before, but if it doesn’t happen every month it can still work.

Also a status quo change can have a line wide effect.  That can be really invigorating.  Even though at some point we know that such a ubiquitous change will need to be reversed.

The end

I like what I like.  I’m a liker, but a well run event often highlights some of the strengths that can only be done in the comic book worlds that exist in publishers shared worlds and serialized stories.  And it would be nice if marketing never impacted story, but this is reality and sometimes that will happen.  When it does, it can be done well and it can end up being a win-win for both the publisher and the readers.

Post new Comic Day Recap

Um – only 1 comic.

Stumptown #3 – It was pretty awesome.  Best of my week natch!  I’ll actually be doing a full review sometime somewhere.

Identity Management

So my field in IT is Identity and Access Management (IAM).  Go away if you don’t want to learn what that is.

I came buy this interest though high level network protocols, operating systems and cryptography.

OK – so one of the main challenges in IT is dealing with access control.  You are custodian of some resource (like a program) or data and you need to control who has access to it.  If it was a physical resource you could put it in a secure location under lock and key, but even that is often more compkicated than it sounds.

For networked programs, you are advertising the location of your resource onto the network (which might be public or private).  So it comes down to about four or five concepts:

1. Authentication
2. Identity Proofing
3. Authorization
4. Other benefits/complications
5. Data Security/Transmission Security

Authentication

How do you prove to the resource that you are the person allowed access?  Basically you provide a credential (like a used id) and proof that the credential is yours.  That generally is one of three things:

1. Something you have – like your debit card, or a key card or a smart card.
2. Something you know – like a password, pass phrase or answers to security questions.
3. Something you are – A fingerprint, signature, retinal scan, etc.

Within each category some ways (factors) to authenticate a credential are weak and some are stronger.  The overarching wisdom is that to achieve strong authentication you need multiple factors from different categories.

Authentication protocols are really neat.  There are lots of hidden gotchas.  Is the resource you are talking to actually the resource you intend?  Is there someone in the middle listening or modifying your authentication?  Once authenticated how long is it good for?  Once authenticated can someone hijack your session?  And about a dozen other considerations.

And then you get into encryption.  How to keep the whole authentication transaction secure?  And with asymmetric keys the key exchange itself can be you credentials exchange.

About 12 years ago I read this introduction to the Kerberos Authentication protocol.  I still like it. http://web.mit.edu/Kerberos/dialogue.html  Kerberos is a common authentication protocol now used within Windows Operating systems.

Identity Proofing

It may not be obvious, but successfully authenticating does nothing to prove that you are who you say you are.  At best it says that you are the same person to whom I issued the credential.  Consider getting a gmail account.  To sign in you need your e-mail address and a password.  But that address can be anything – when you signed up for gmail you might have chosen Queen.Victoria@gmail.com as your address.  It doesn’t mean that you are Queen Victoria.  And gmail doesn’t care – it only cares that it is the same person using that credential every time.  There is no identity proofing.

Consider an application that provides access to your medical records.  Now we need some identity proofing.  Generally identity proofing happens only once – before the credential is issued.  Authentication happens every time you access the application.

Another big difference is that authentication is all about distrust.  Identity Proofing relies on trust.  Here are some major methods of identity proofing:

1. Presenting another trusted credential – like a driver’s license or passport.  In this case, you are trusting whoever issued that credential to have done good identity proofing.
2. A trusted witness – A 3rd party who is trusted by both the register and the registrar vouches for the identity.
3. An oath is sworn or a contract signed – The person swears (or affirms) their identity.  Trust here in the consequence to a fraudulent oath being sufficient to prevent such fraud.

Neat.  Obviously any identity proofing scheme is only as good as what it trusts.  And sooner or later a chain of trust has to dead end somewhere.

Authentication

So you’ve obtained a credential and authenticated with it.  What should you be allowed access to?  For instance consider our medical records application.  You should be able to see your own medical records.  Your doctor should be able to see all their patients records and occasionally other doctors patients for whom they are providing consultation.

Now managing access control for every credential is very hard.  So generally some guidelines are used to allow this management.  In general, you give each credential the minimum access necessary.  Second you group like credentials together and manage access based on the group rather than the individual.

The current grouping mechanism in vogue is role based.  So instead of making a group of everyone who needs access to a certain printer you are making a group of everyone who is a marketing manager.  In theory this means that future management is easier.  Adding a new person, having them acquire a new role or leave an old one as easy operations.  But it means the setup and design can be quite complex.

Also you can split authorization into coarse grained – which is often built into the authentication protocol – and distinguishes which resources a credential can access.  And fine grained, which is normally part of the application, which controls which features of an application are accessible.

Other Benefits and Complications

The devil is in the details.  For instance, does the group that does identity proofing need to be the same as the one doing authentication to be the same as the one doing authorization to be the same as the one running the resource?  Of course not.

And that can be flipped a dozen ways.  What about having credentials supplied by two different trusted partners allow access to your application?  Federation might be the answering to your needs.

Auditing and compliance – we need to track everything.  When is a credential used?  To access what?  When did registration occur, or enrollment?  Are there any changes to the credential?  And reporting – who out of all the issued credentials actually has access to your resource.

Oddly, once you’ve collected all the information necessary for identity proofing, authentication and authorization, that data itself might be useful for other reasons.  If you’ve setup role-based authorization your groups likely map to the actual organizational structure of your business.  At the very least you should have a workable phone book/e-mail directory.  But with some imagination that directory can be used for many other purposes.  Take Windows. It leverages the directory made from its credentials for e-mail routing, patch distribution, and desktop lockdown.

Data Security and Transmission Security

Strictly speaking it isn’t part of IAM, but it would be a shame if you secure your access management if your systems can be bypassed and the resources and data read or modified  regardless.  Right?

The same cryptographic systems sitting at the root of your authentication systems can also be used for encryption of your resources and data when it is being transmitted or sitting on the hard drive.  You can try and ensure that your access control systems need to be used to get at the data.

The End

I’ve only brushed the surface.  If y’all want more information I’d consider googling some of these things:

Kerberos, SAML, Radius, PEAP, RSA, PKI, 802.1x, privacy, identity theft, OpenID, Identity Cards, NIST 800-63, FIPS 140-2

Never done this before

Mirror

Your nemesis waits
It watches you, peering back
Mocking your flaws
Eyes flashing

Do not grasp its hand if offered
It will be cold
Cold and the nails long and sharp

If
Released you should rejoice
For now you will face adversity
Traditionally it wears a crown of deer
But to you it might appear as weakness

And gone disappeared
No longer in the mirror but
Out in the world
Achieving success as
Clouds gather

The winds rise
And time passes
It will return

Its face is lined, weathered
Its mouth is still cruel
Teeth bright
Bright and sharp

Snaps and curses
Saps your will
Freezes your marrow
Seconds slow

If?  Not courage
Acceptance?
Submission
Warmth and inevitability

Who stares back now
Hating and trapped
Watching
Waiting
Nemesis

Schedule based Personal Inertia

Is it just me?  I think it is.  Likely some deep seated neurosis.

Inertia is the physical property of an object to remain in motion or to stay at rest unless acted upon by an external force.  I have the same issue with my schedule.

I’m a schedule person.  I make a task list everyday or I just pick up on yesterday’s tasks list.  I’m pretty awesome at diligence and moving through the list.  But I have a number of drawbacks -

• Changing the list?  Nuh-uh.  I hate changing the list.  Under my own initiative it likely isn’t going to happen.
• Doing something not on the list?  That isn’t in my path.
• Starting in the absence of the list? I dunno.  Let me get back to you.
• Removing a recurring item from the list?  These get embedded deeper and deeper the more often they occur.

Now an external force can make changes.  If something needs to happen and it requires change, that can apply and force that changes the inertia.

Normally this doesn’t cause an issue, but it can have some surprising results.

The “We are not a chore that should be on a list!” retort.  See chore or pleasure it needs to get on the list or it won’t happen.  This includes things like visiting my parents.  But don’t let them know it.  No one likes to know they are on the same schedule as chores and it is very hard to explain how not everything on the list is a chore.

The “Hey, you wanna go out tonight?” request.  That isn’t on the list.  And it isn’t a force directly on the list – no urgency.  Instead it is like a friendly light a mile off the highway.  I’ll need to change my own momentum to get there.  And this is despite knowing that the offer, if accepted, will be better than anything currently on the list and maybe the best time I’ll have this week. Offers phrased as requirements can bypass this.

The “But it’s comic book day” excuse.  A deep sense of unease of a normal part of the list is skipped.

Anyway – does that happen to anyone else?

Serialized Storytelling

One of the aspects to comics I enjoy the most is their use of serialized storytelling.  This is not unique to the comic book medium, but the way it is handled is interesting.

Serialized storytelling is telling a story in installments.  Contrast it with a typical movie or novel that contains a complete story.  Each comic generally contains only a fragment.  Contrast it with a sitcom which may be serialized, but which generally doesn’t carry plot and character elements forward between installments.

Serialized storytelling happens in many mediums.  Epic fantasy series, tv miniseries, movie franchises and more are common.  In the past there used to be radio serials and serialized novels (Dickens did this).  Comics distinguish themselves from other mediums in two ways.  First, they engage in a long form serial.  Often the comic has no planned end point and will continue as long as interest in the series and characters is maintained.  Second, the series is not tied to particular creators.  If an artist, writer, inker, colorist or letterer should leave the series they will be replaced by another.

Obviously this storytelling style is not used in all comics.  It is most common at the big two publishers – Marvel and DC.  At other companies long form serials exist, but are often tied to particular creators (E.g Hellboy, Spawn) or have an eventual end point to reach (e.g. most Vertigo titles and manga).  Other publisher do short form serials (We3), original graphic novels (Blankets), or use a sitcom type storytelling (Archie).

What are the advantages of this type of storytelling?  For the publisher it is obvious, they maintain a successful franchise.  And lately that franchise can be a source of licensing and other media adaptations.  For the consumer, there are a number of benefits as well.  Often it is possible to grow up with the characters in the stories.  There are suspense techniques such as the cliffhanger that are most effective in serialized stories.  It can provide a sense of continuity and consistency which many might find comfortable.  In fact, getting a monthly dose of story can be habit forming.  The contrast between different creators working on the same property is exciting.  Finally, the accumulated history of a long running serial is itself a source of interest and future story ideas.

This storytelling type does place several constraints on the story though.

Endings – there are no true endings in a long form serial.  So the satisfaction of finishing a story may never be reached. Normally comics deal with this in a variety of ways.  While the A plot may continue across many issues, often each has one or two B plots that are told within each installment.  Another option is to provide a single character POV arc in each installment – the plot may not finish but some resolution is found for the POV character.  A third option is to resolve parts of an A plot.  In most complex comics all three approaches and others are followed to give each installment a sense of completeness.

Change and the illusion of change – One of the hallmarks of a good story in most forms is that the characters are profoundly changed by the end of the story.  In a long form serial this might be difficult because either there is no end or the character change would cause the characters to no longer be suitable for the continuance of the story.  This is often bypassed through what is called the illusion of change.  True change might only occur to minor characters or characters specific to a certain A plot.  Major characters might change, but certain key attributes are left the same.  Aging is not generally acknowledged and in fact stories that deal with details associated with signs of aging – like graduations, marriage or having children – are only rarely done.  And often the changes are reversed the next time creators change on the property.

Unknown continuity – One of the most common tropes in character based dramas is unresolved issues from the past.  This can be tricky in a long form serial because the past in often very well accounted for and issues were resolved as they were raised.  When this is ignored it is called retroactive continuity (or a retcon).  Retcons take two normal forms.  In the first there is an assumption of an untold relationship or event from the character’s past.  This often happens when a new character is introduced – the existing characters might already know them from some unspecified point in their past.  The other example is when something that did happen is changed ala Bobby Ewing in Dallas trope.

These constraints can be met in a variety of ways.  While explicitly acknowledging that they are being handled rarely results in good stories, often the most powerful stories occur when these constraints are an inspiration to the stories.  An egregious example is the mystical annulling of Spider-man’s wedding.  A lackluster example is Morrison’s insistence in current Batman that everything that has happened to Batman and all the styles in which they were told are equally true and valid.  My favorite is using the discrepancies in Daredevil’s character and past portrayals by Miller in Born Again to allow for a mental breakdown and rebuilding.

Paired with another interesting aspect of comic storytelling – the shared world – serial stories can be truly unique.  I’ll talk about shared worlds some other time.

For fan of comic books, the serialized story is often one of the aspects that is most attractive.  However, that aspect is not commonly acknowledged in most reviews.  It provides opportunities and drawbacks for the creators.  It results in stories that are not often found any where else.

First Week

Hey – I just wanted to thank everyone who has read the blog in the past week.  And especially those who commented.  Someone mentioned to me today that the comments are often more edifying than the posts.  i responded that I get better on the 2nd attempt.  But in truth many of the comments have been more informative, funnier and thought provoking than my orriginals.  Neat.

My biggest critic asked me what the point is?  Was I raised without enough acknowledgment and praise as a child that I need a podium now?  I dunno.  Maybe I just haven’t been to Toastmaster’s lately or I’m missing the opportunity for debate.  Or I might be vain.

Let me know if there are any changes to the blog you’d like to see or any topics you’d like covered.

I only hit on one of the essays I was originally planing to do in the first week.  That is a good sign – I should have material for next week at least!

Juliet, Naked

So I finished the latest Nick Hornby book after the guys left on Friday.  I quite enjoyed it.

Nick Hornby writes books about petty, selfish, obsessive men that seem stuck in a perpetual childhood.  And they are generally funny.  If you’ve never read any of his books, you might have seen a couple of them adapted into the movies About a Boy and High Fidelity.

Juliet, Naked flips it around and tells the story of two typical Hornby men from the POV of a woman.  Annie is living common-law with Duncan for the past 15 years.  Duncan is obsessed with the work and mythology of an American artist named Tucker Crowe especially his final work before retiring and disappearing Juliet.

When a new version of Juliet is released based on early demos and called Juliet, Naked a tipping point in Annie and Duncan’s relationship is reached.  I don’t want to spoil the story, but Tucker Crowe himself is introduced as a 3rd main character.

I have a problem with the novel.  It seems as though someone went to Hornby and said, “Great books.  Interesting culture and well written men.  Very funny.  But your women are underwritten.”  Hornby’s response is to make the primary POV in Juliet, Naked a women.  Unfortunately it only seems to highlight the underling issue.  Tucker and Duncan sparkle with life and their eccentricities.  Annie just seems weighted down by the world around her.

That being the case it is still a funny book.  Hornby investigates small English seaside towns, nostalgia, internet fandom and the normalcy of life after being a semi-famous rock star.  It moves between its various interests and weaves them into a non-standard relationship drama’ish thing.

An example of the humour:  Annie is trying to organize an exhibit for her museum of the summer of 1964.  To all accounts it was a great summer with some notable features like a successful fair, a summer concert and a large shark displayed on the boardwalk.  But the only pictures and artifacts Annie can find are grotesque shots of the shark with a diseased hole in its side while children with ice cream pose beside it.

The underlying question of the novel being, “Was it ever as good as my memories make it out to be?”

I’d recommend Juliet, Naked to any Hornby fans.  To others, I’d say start somewhere else – A Long Way Down might be my favorite.

Amusing anecdote

The guys thought this was amusing last night.  It had been late and we had been drinking though.

If y’all don’t know I’m a thinker – not a doer.  I have to mightily squash this urge at work, but tt leaks out at home.  I can put off anything.

So at the ed of February I get a notice that my handicap placard needs renewal.  I put it off for three reasons.  First I had just been to see the Dr. the week prior and I avoid my Dr.  Second, I wanted to devote myself to the job hunt.  To be able to say I’d put in a full days works searching everyday.  Third, I knew the vehicle registration would be coming in a couple weeks.  Note – those were really just excuses… skip ahead.

First week of April, I’ve got the vehicle registration form and a bunch of other errands to run.  I fill out the placard registration form.  In a closer examination it turns out that I don’t need to visit the Dr. at all.  Provided I have a permanent disability and it is a renewal, I only need my side of the form filled out.

Off to the registry.  Vehicle registry goes great.  Hitch – apparently when I first got the placard four years ago, the Dr. didn’t say I had a permanent disability.  I had one that could potentially get better with time.  So I need to get the form filled out after all.

I delay a week.  My reason this time is that I get a photo radar ticket in the mail the next day.  I pay it right away, but until they clear my file I can’t get any work done at the registry.  Time passes.

I should note I’m still using the Disabled stalls during this whole period.  I feel great guilt.

Tuesday, I drop the form off at the Docs.  Thursday they call and tell me it is ready.  Friday I stop by and pick it up.  My Dr. is way down by Century Park.  I almost ask if there is a nearby registry, but I don’t.

I drive all the way back to the west end – 25 minutes – maybe a bit more.  I go to the registry across from the Mayfield Inn.  The only disabled parking is right in front of Diva’s Exotic Ultra Lounge (where despite rumours to the contrary, I do not work).  Every time I go to the registry, a nice polite person holds to door to the peelers open for me.  I say “No thanks” and wave my placard and form by way of explanation.  “Registry bound.”

Hitch – the Dr. missed a section on the form.  The section describing the impacts of my disability.  The form is not valid in an incomplete state.  I think of the 25 minute drive back to the Dr.  Grr.  I stand leaning on my walker trying to convey by my stance, “Maybe it causes me some mobility issues?”  No dice.

But, the registry lady is very helpful.  They’d be happy to fax the form to my Dr. If I’d like to wait – the Doc can fill out the form and send it back and we can finish it up.  It is not like I have a job so that sounds fine to me.

Quick phone call later – My Dr. has gone home for the day.  I’m starting to believe that she has it out for me.  Someone’s ass might need kicking – But not the Docs.  She is actually very nice and she is taller then me.

Nice registry person provides two options.  I can take the form to my Dr., get the section filled out, bring it back, and get my placard.  Nuts – last time that process took my a week and a half.  OR, or they can keep the form, fax it to the Dr. on Monday, get it back and call me to come in.

It is a tough decision.  I leave the form and head home.  On the way back to my car, a polite stranger open the door to the peelers for me.  More tempting this time – but I’ve got a blog to manage so I come straight home.

The sage will continue on Monday.  Hopefully there will be an anti-climax.