Friday, August 27, 2010


Yesterday pretty clearly was a muddled-thought-process sort of day, with a lot of comments on various posts suggesting to me that I was not clear. Not sure that this will be more clear, but here goes.

Regarding the UK and Condition White, ASM826 correctly points out the virtues of consulting Snopes. This particular email does indeed look like a hoax. However, I don't believe that it makes any difference in what's happening in The Place Where Great Britain Used To Be, where a risk-adverse but ever-expanding government bureaucracy is forcing paralysis:
Coast Guards lifesavers must fill out forms before rescuing ships in distress.

Thugs mug disarmed businessman in front of wife and kids.

UK fire service lets family burn to death, and Police stop neighbors from rescuing them.

Man jailed for 5 years for having a rifle with no firing pin

Army veteran faces five years for handing in gun some punk threw away in a park.

Britain abolishes trial by jury.

Man convicted for keeping Swiss Army Knife in car to cut up fruit.
I could go on, but this is just from a quick skim of my archives. The gist is that the UK.Gov penalizes initiative on the part of its citizens, and actively works to ensure that only criminals have weapons (the criminals, of course, ignore the UK.Gov). The result is an increasingly passive population, one that is forced to live in Condition White because there is no alternative. The stories about the Fire Service and the Coast Guards are particularly instructive here.

And so I stand by my assertion: a passive society will not take care of its weakest members. That's a crying shame, but not, seemingly, something that bothers the rulers of the UK. Nice "Social Model" there, Scooters.

Regarding Vote Democrat, I seem to have kicked the hornet's nest here. My point was not to keep Democrats in power; rather, it was to jar the Big Party Bosses in the Stupid Party (or more specifically, the lower level aspiring Bosses, who really need to look up defenestration in the dictionary) to get them to stop acting like a Ruling Party.

I've had a number of comments here in the past to the effect of we won't vote ourselves out of this mess. Maybe. But consequences are consequences, and we do in fact have some control over at least some of them. Right now the Stupid Party leadership is licking its chops, looking at possibly historic gains in the election. They do not appear to think that the actually have to do anything to get those - for example, stop acting like Gov.Party The Lesser. They seem to think that they can keep up the feed-at-the-trough behavior of the last few years. They think that putting up candidates who are blatant liars (John McCain and Mitt Romney are only two examples). They think that they can back the Machine, and thwart the will of the People.

Well, fooey on that. If you want to vote for that, go ahead. Not me. All that will change is a couple of points of the marginal tax increases we'll see, and the additional new Fed.Gov headcount.

I believe that the best outcome of this election will be for the Republicans to (barely) take back the house and be surprised at how few Senate seats they pick up. This will be what any reformers still there need to take on the Old Boys - while it would be a gain, a disappointing gain will still be a defeat. But we need to do our job, and let the bastards know that you have to do more than just sucking less.

Your mileage may vary, void where prohibited, do not remove tag under penalty of law.

Regarding What Do You Get When You Cross A Car With A Computer, this is an interesting attack scenario which is much more dependent on the attacker's motivation and funding (I expect I'll put up a post on this later).

However, the design of in-car networks is wretched from a security perspective. Most damning is the fact that there is only one network. A much better architecture would include this:
Critical Component Network: "drive by wire" systems, engine/throttle/break remote controls, requires expensive diagnostic tools to access. Absolutely no WiFi for this, under the first principle of Network Security (an Air Gap solves a multitude of security sins). If you absolutely have to have WiFi, then any WiFi device (say, tire pressure sensors) must be Read-Only. No remote control or code injection via WiFi.

Consumer Electronics Network: Where you attach your phone, iPod, etc. This one can be wireless.
This way, you have a system that is much more difficult to fiddle with. But that's not what we've got. So the question is not will someone fiddle with it, but when will the fiddle with it, and how bad will it be?

1 comment:

Stan said...

Thanks for the clarification Borepatch, though you know I just enjoy shaking your goat to see where it

We can always agree to disagree with no lingering hard feelings, even if they happen to be 18% gay feelings after