Tuesday, April 30, 2013

April 2013 - the snowiest month ever

Well, if you live in Rapid City or Boulder:
Record cold and snow has been reported in dozens of cities, with the worst of the chill in the Rockies, upper Midwest and northern Plains. Several baseball games have been snowed out in both Denver and Minneapolis.
Cities such as Rapid City, S.D.; Duluth, Minn.; and Boulder, Colo., have all endured their snowiest month ever recorded. (In all three locations, weather records go back more than 100 years.) In fact, more than 1,100 snowfall records and 3,400 cold records have been set across the nation so far in April, according to the National Climatic Data Center.
The forecast for May Day?  More of the same:
Accumulating snow is forecast overnight Tuesday night and Wednesday in Denver and in Minneapolis-St.Paul by Wednesday night and Thursday, said AccuWeather meteorologist Mark Paquette.
The misery is wide spread:
Other chilly April 2013 records, according to AccuWeather and the Weather Channel:
•Both Bismarck, N.D., and Pierre, S.D., had their snowiest Aprils on record.
•International Falls, Minn., recorded a low of just 4 degrees April 20. In records dating to 1897, it had never been this cold before this late in April.
•Baton Rouge: The low temperature bottomed out at 39 degrees on the morning of April 20. This was the lowest temperature ever recorded this far into the spring season.
•Sheridan, Wyo.: Had a bone-chilling low of -1 degree on the morning of April 23.
•Amarillo, Texas: The low temperature dropped to 21 degrees on April 24. This is the coldest Amarillo has been this late in the season in records dating to 1892.
•Fargo, N.D.: The first 50-degree or higher temperature reading of the year occurred April 26. Previously, since 1881, Fargo had never had to wait past April 17 to get at least one 50-degree day.
What I find encouraging is that you don't hear the usual drivel about how this is a sign of Global Warming.  It seems that even the Press is abandoning that sinking ship.  Sure, there will always be some dead-enders who bitterly cling to their ZOMG THERMAGEDDON!!!11!! religion, but they're increasingly isolated.  And so, to the mockery:


Damn kids

Back on my zebra crossing again ...


Secret Lives of Programmers

They say that techies are boring.  You just aren't there on the all-nighter Death March ...


This is geeky inside baseball, but oh so very good geeky inside baseball.

Monday, April 29, 2013

Hack the Gun

I'm no firearms expert (by any reasonable measure), which is why I leave most of the gun geekery to those that know better.  But there's a new gun about to be introduced where my (computer security) expertise is on target.  Fingerprint technology to control who can fire a gun:
Miller is hoping he can begin production on his version of a smart gun within the next two months. His company has been working on it for 10 years, and has relied solely on private investments to date. The company hopes to get additional funding to create an updated prototype that would be available to gun manufacturers, and for retail in the form of a retrofit kit, within the next year.

Columbus, Ga.-based SGTi's technology uses relatively simple fingerprint recognition through an infrared reader. The biometrics reader enables three other physical mechanisms that control the trigger, the firing pin and the gun hammer.

Miller declined to detail how they work, saying it would expose his company's intellectual property.
Oh hells no.

The analysis to go though is concerning "failure modes" - when (not if) the fingerprint reader fails, how specifically does it fail?.  The simplest analysis is whether it fails open or fails closed:
Fail Open: the gun is fully functional even without the fingerprint reader working.  The owner can still shoot it, but so can anyone else.  IOW, you got no steenkin' security.

Fail Closed: the gun is disabled when the fingerprint reader is not working.  Joe Shmoe can't use it, but the owner can't, either.
If I had to have one of these, I'd prefer the fail open variant.  For example, if the battery died, you could still use it to protect yourself in an emergency.  The downside is that if Sumd00d steals your heater, all he has to do is remove the battery.  But it's still better than being in a jam and having an expensive paperweight because it failed close.

More subtle failure modes are false positive and false negative:
False Positive: the fingerprint system incorrectly identifies a legitimate user as a non-legitimate user, and refuses to fire.

False Negative: the fingerprint system incorrectly identifies a non-legitimate user as a legitimate one, and allows the gun to fire.
Again, were I forced to choose, I'd rather have something heavy on false negative.  If I were in a jam and needed to protect myself, I'd hate to find that I had an expensive paperweight because it miscalculated ZOMG ur a Bad Guy!!!eleventy!

Of course, life isn't as simple as all this, and so the actual failure modes will be an interesting mix of fail open + fail closed + false positive + false negative.  Complexity is not generally considered A Good Thing in security, and this won't be a happy situation.

And now comes the fun bit - the smart Bad Guys will start to figure out how to make this system fail in "interesting" ways.  In other words, they'll hack the gun.  I quite frankly have no confidence in the manufacturer to have a solid security story because they refuse to explain how their security story works:
Miller declined to detail how they work, saying it would expose his company's intellectual property.
Yeah, I'll just bet it would.  But I'm sure that nobody there would ever name their child Robert');DROP TABLE Students;--


We keep seeing this sort of thing - people getting enamored of a technology without having the slightest idea how the overall system will work (or more importantly, not work).  Now maybe I'm being unfair, and maybe Safe Gun Technology, Inc. has a super studly computer security architect who has drunk deeply from the cup of Security Wisdom.  Sure.  Yeah, that'll do.

Note to Safe Gun Technologies, Inc.  Is gun.  Is not safe.  Even if your technology sort of works, is subtly not safe.

I will leave you with one of Eric Raymond's masterful programming Zen Koans, which illustrates this perfectly:
There was a novice who learned much at the Master's feet, but felt something to be missing. After meditating on his doubts for some time, he found the courage to approach Master Foo about his problem.

Master Foo,” he asked “why do Unix users not employ antivirus programs? And defragmentors? And malware cleaners?

Master Foo smiled, and said “When your house is well constructed, there is no need to add pillars to keep the roof in place.

The novice replied “Would it not be better to use these things anyway, just to be certain?

Master Foo reached for a nearby ball of string, and began wrapping it around the novice's feet.

What are you doing?” the novice asked in surprise.

Master Foo replied simply: “Tying your shoes.

Upon hearing this, the novice was enlightened.
Hey, maybe there is an antivirus client for Safe Gun Technologies fingerprint reader.  That would be sweet.

It's not austerity, it's fauxterity

Nothing's actually been cut, almost anywhere, but the can is still being kicked down the road:
So don't worry, and spend, spend, spend (on credit of course), not because someone made and excel error, but because it's not like there is any hope of any of these trillions and trillions in current and future obligations will ever be honored and/or funded.
[emphasis in the original]

21 years

"Why does anyone need an 'Assault Weapon'?"

Source: Los Angeles Times
 21 years ago today, Los Angeles erupted in riots that left 51 dead and almost 4000 wounded.  The police were simply overwhelmed, and gave up control of large parts of the city to the rioters.  Koreatown in particular was the target of the mob.  The citizens of Koreatown spontaneously formed a militia to defend their stores and their lives:

One dead, three injured by rioters
"Assault Weapons" saved the citizens of Koreatown:
On the second day of the riots, the police had abandoned much of Koreatown.  Jay Rhee, a storeowner in the area, stated to The Los Angeles Times, “we have lost faith in the police.”

With the cops nowhere to be found, hundreds of people marauded through the streets towards Koreatown.  The neighborhood suffered 45 percent of all the property damage and five fatalities of storeowners during the riots.  Having had enough of waiting for police, Korean storeowners assembled into militias to protect themselves, their families, and businesses.

According to the Los Angeles Times, “From the rooftops of their supermarkets, a group of Koreans armed with shotguns and automatic weapons peered onto the smoky streets…Koreans have turned their pastel-colored mini-malls into fortresses against looters tide.”





But remember, the police would never disarm the citizens before they abandon a city or leave you unarmed at the mercy of armed and dangerous criminals.

Sunday, April 28, 2013

What I did with my afternoon

I found myself teaching #1 Son computer security this rainy afternoon.  A bit unexpected, that.  It came from a conversation we had when I got back from my last business trip.  I don't much like traveling anymore - not only do I remember when traveling was a lot more glamorous that the TSA makes it these days, but I've spent far too much time away from the home and family.  #1 Son, however, is a bit enamored of the whole bit of business travel.

And so we talked about how you land yourself a consulting gig.  Basically, it boils down to whether you have mad skillz that are in demand; if you do, then the money is good as long as you don't mind being on the road.  And I mentioned that people are having trouble getting Internet Security guys.  His ears pricked up.

And so I found myself going through the CyberPatriot learning materials, which are a pretty good place to start.  Add in some hands on with VMWare images, a little metasploit and wireshark, and you have the core of what someone would need to know.  Next drill down may be Cisco CNE or Microsoft certification.

What's interesting is that he's all of a sudden gotten the idea (a year and a half into College) that having skills that are in demand would be A Good Thing for him personally.  What's also interesting is to have him listening attentively as I taught him the basics.  I guess his Old Man learned kind of a lot in the last five years ...

I must confess that I'm not a fan of Mr. Lincoln

Foseti has a long and thought provoking review of a new book on Mr. Lincoln:
The book is really about why the Civil War was fought. There are basically three competing theories: 1) ending slavery; 2) preserving the Union; and 3) ending federalism. The third is, of course the Southern position, and it’s Masters’.

Every other civilized country ended slavery without resorting to civil war, let alone one that ended with the death of roughly 2.5% of the country’s population (something like 7.5 million deaths in today’s population).
I've been saying something like this for a while, although that item #3 is new and thought provoking.  Masters raises some issues that are well known:
For in six weeks he was to inaugurate a war without the American people having anything to say about it. He was to call for and send troops into the South, and thus stir that psychology of hate and fear from which a people cannot extricate themselves, though knowing and saying that the war was started by usurpation. Did he mean that he would bow to the American people when the law was laid down by their courts, through which alone the law be interpreted as the Constitutional voice of the people? No, he did not mean that; because when Taney decided that Lincoln had no power to suspend the writ of habeas corpus, Lincoln flouted and trampled the decision of the court. . . .
He also introduces ideas - connects dots, really - that I hadn't.  In retrospect it seems obvious, which is a little humbling:
The War between the States demonstrated that salvation is not of the Jews, but of the Greeks. The World War added to this proof; for Wilson did many things that Lincoln did, and with Lincoln as authority for doing them. Perhaps it will happen again that a few men, deciding what is a cause of war, and what is necessary to its successful prosecution, may, as Lincoln and Wilson did, seal the lips of discussion and shackle the press; but no less the ideal of a just state, which has founded itself in reason and in free speech, will remain.
Foseti sums up the book will soon make an appearance here in Camp Borepatch:
I think Masters explanation for why the war was fought is better than most. As I said, we must judge wars based on their outcomes, not based on propaganda. By that metric, the slaves weren’t free and the resulting “union” was absurd. The South was no more united with the North than occupied France was united with the Third Reich. If you kill enough people, you get a union of some kind. To Masters’ point, there certainly was no union on the legal terms that prevailed prior to the fighting. In both cases, it’s impossible for the resulting outcome to justify the loss of life and the level of destruction.
The quotes that Foseti leads off with are particularly interesting.  I was struck by the absence of Lord Acton (who corresponded with Robert E. Lee after the war).  Everyone is familiar with Acton's famous dictum:
Power corrupts.  Absolute power corrupts absolutely.
Fewer are familiar with the next sentence:
Great men are almost always evil men.
The hagiography of President's Day is that Lincoln was a Great Man.  I'm quite inclined to agree, at least on Acton's terms.

Johann Sebastian Bach - Fantasia et Imitatio

When you think "Bach" and "Organ", you typically think Toccata and Fugue (well, I do, anyway).  That's a shame, since Bach was organist to the Duke in Weimar.  Indeed, his reputation was originally established as one of the greatest organists in Europe.  Now we just say "Ah, Bach!"*.



* Extra credit to readers who recognize that reference.

Saturday, April 27, 2013

A litmus test for "smart" progressives

SWPL, educated progressives like to claim that they're smarter than your average bear.  What makes them insufferable is the way they look down their noses at other people who deviate from Progressive Received Wisdom™.  Exhibit A for the prosecution: evolution.

Progressives love to snicker at people who reject evolution.  After all (say the progressives), isn't the scientific evidence overwhelming?  And still these people cling to their old ways.

Irony seems not to be part of the Progressive Received Wisdom™.  Self reflection also seems to be lacking from their canon.  If you, like me are heartily sick of their smarmy faux superiority, Aretae has given you a pocket take down which will turn the tables, forcing the progressives to follow the hard scientific logic of evolution to a place where their Progressive Received Wisdom™ will spontaneously combust:
  • In mammals, the costs of bearing young are distributed disproportionately among the sexes.
  • In mammals, correct game theory play for reproduction between men and women are different.

    ...

    In mammals, if the brains of males and females were identical in interests or capabilities, it would be a failure of evolution to function.

    ...
  • With 25 year generations, the out-of-Africa diaspora of the human race occurred around 4000 generations ago.  There has been a lot of time for different subpopulations (races) to optimize differently.
  • Given that evolution works on the brain, the brains of different human subpopulations should be optimized differently as well.  Finding out how is the question, not whether.
All of this is pure scientific logic, leading inexorably to what progressives will consider to be some very Double Plus Ungood conclusions.  At which point you can just smile and ask "What?  Don't you believe in evolution?  Or does it violate the commandments of your progressive scriptures."

Err, only if you are as nasty as I am.  And don't care if you don't get invited back to the Right cocktail parties.  RTWT, which is simply awesome.  Foseti says the same thing, differently, although he's not as nasty and snarky as I.  Neither of these will ever be taught in the schools.

George Jones - He Stopped Loving Her Today

Nobody figured George Jones would have made it to 81.  He was an anachronism in today's not-really-quite-country Nashville of rock/pop: born in a log cabin, finding solace in a bottle of booze rather than a bottle of pills, Jones and wife #3 Tammy Wynette simply owned Country music in the 1970s.  That was where the legend really came from:
The George Jones-Tammy Wynette Show became the big-ticket package tour of the early 1970s, but it was their increasingly stormy home life that began to grab the headlines. At the time or through book and movie accounts later, the entire world became aware of Wynette's attempts to keep Jones off the bottle and Jones countering with that famous trip aboard his riding mower to the liquor store closest to their mansion in south Nashville.
Because like his Dad back in Beaumont, George was a hard drinking man with a temper to match.  Like his Dad, nothing good came from that.  Wynette left him, his finances collapsed as the drink turned him into "no-show Jones" and by 1980 he was looking like just another washed up honkey tonk rummie.

But that's when he recorded this, probably his biggest hit.  With the help of his fourth wife, Nancy, who got him sober (and kept him sober).  His air time waned as country music began its shift towards the current Rascal Flatts/Taylor Swift bubble gum pop, assigning him and the other great old war horses like Johnny Cash and Merle Haggard to the Sunday morning "classics" ghetto.

This song seems a fitting epitaph to the man who blazed so brightly with his country music partner.  Honest music from a man who was what he was.  Perhaps that's too old fashioned for today's Nashville.  Too bad about that. R.I.P. George Jones.  Thanks for all the great music.



He Stopped Loving Her Today (Songwriters: R. V. Braddock, C. Putman, Jr.)
He said I'll love you 'til I die
She told him you'll forget in time
As the years went slowly by
She still preyed upon his mind

He kept her picture on his wall
Went half crazy now and then
He still loved her through it all
Hoping she'd come back again

Kept some letters by his bed
Dated 1962
He had underlined in red
Every single I love you

I went to see him just today
Oh but I didn't see no tears
All dressed up to go away
First time I'd seen him smile in years

He stopped loving her today
They placed a wreath upon his door
And soon they'll carry him away
He stopped loving her today

(Spoken)
You know she came to see him one last time
Oh and we all wondered if she would
And it kept running through my mind
This time he's over her for good

He stopped loving her today
They placed a wreath upon his door
And soon they'll carry him away
He stopped loving her today
UPDATE 27 April 2013 11:10: Reason has a fine tribute that's well worth your while.  And I hadn't known that Supreme Court Justice Clarence Thomas was a fan who corresponded with Jones.

Friday, April 26, 2013

War on terror news

Not all of it is bad.  The Canadian "al Qaeda inspired" plot to derail a Via Rair passenger train was foiled because of a tip from the Canadian Muslim community:
Tip from Muslim community ‘helped foil’ al-Qaeda plot. Canadian lawyer Hussein Hamdani told CTV News Channel that a tip from the Muslim community helped investigators foil the alleged al-Qaeda plot. “This goes to show the partnership between the Muslim community in Canada and the RCMP and all the police services,” said Hamdani. It might not be well known but collaboration between Muslims and government agencies —like the RCMP, CSIS, Canadian Border Services Agency and the Department of Justice— is quite common, according to Hamdani.
We hear a lot of complaints about moderate muslims not speaking out to condemn terror.  This sort of quiet response may be much more valuable.  Hard to tell how much of this is going on, because the people who know aren't (and shouldn't) say.

Quote of the Day: Legal prison rape editon

It's Popehat, which means it's on-target:
Every day young adults are arrested for possession of minor amounts of pot, sent to jail, and gang raped. On my best days I'll say that this doesn't happen because the politicians writing anti-drug laws are in favor of anal rape, or because beat cops are in favor of anal rape, or because wardens are in favor of anal rape or because prison staff are in favor of anal rape. They're all just normal human beings doing their jobs…as part of a huge and grotesque machine that arrests people for possessing leaves of a plant and puts them in rape factories.
J'accuse, baby.
Arguing that we shouldn't be outraged at government because "it's just us" is one of the worst lies we tell ourselves.

Frankenstein's monster was stitched together out of people like us. Nazi Germany was stitched together out of people like us. Mao's PRC was stitched together out of people like us.

And though it's not as bad, the US government is still pretty nasty, and it too is stitched together out of people like us.

There are a lot of reasons you're going to say I'm wrong. Most of them are covered here, but I'm interested in hearing any others.
 "It's just us" = "It's your fault".  Me, I don't think so.

Thursday, April 25, 2013

Slow Blues

James Cotton virtuoso harp action.


There goes another Garand

Got another crown today.  Some day they'll all be ceramic and I can maybe get me an M1 ...

Whoo hoo!

Kevin has another uber post up, and it's a real humdinger.  You know what to do.*

* Err, the two of you who haven't already read it ...

Wednesday, April 24, 2013

Where crummy science comes from

It's about the career imperative for scientists to publish or perish:
There is a quota of papers required of all academics. These works may be good or bad, right or wrong, useful or harmful, penetrating or indifference, but regardless they must be written. Academics must write even when they don’t wish to, when they have nothing to say, when it would have been better had they remained quiet.


It is this absurd requirement which produces bad works of the second kind. (It has many other harmful effects, notably boosting the egos of the academics, but we can examine these another day.)

Example? How about “Vividness of the Future Self Predicts Delinquency”? A peer-reviewed work in Psychological Science by Jean-Louis van Gelder and others. Van Gelder opens the paper with these words:
The tendency to live in the here and now, and the failure to think through the delayed consequences of behavior, is one of the strongest individual-level correlates of delinquency.
This is our X, which everybody whose powers of reason are not stunted—as they are in, say, infants and those who have received overdoses of NPR—already knew. There was no reason in the world, save saving van Gelder’s job, that we had to be told this again, as if it were new or in doubt.
But it's published and so Science!  And please remember that it is Dr. van Gelder, and so there.

Travel

Yesterday started at 0700 and ended at 2200, so I'm kind of out of blogging.  But Isegoria has Jerry Miculek speed shooting the M1 Garand.

Tuesday, April 23, 2013

Bleg: iPhone mapping apps that don't suck

I almost missed my meeting this morning because the iPhone sent me to Alabama from Houston.  Can't do this anymore.

Does anyone have a recommendation for a GPS mapping app for the iPhone?  It has to do directions and ideally read them audibly so you don't have to get a ticket for texting while driving when it was actually trying to see the blue dot on the dumb screen.  Which is sending you to Chicago via Juarez.

Tagged under "Apple Sucks" because it does.

The Ice Cream Machine is late

Travel. In the worst hotel I've been in since maybe ever. Welcome to Houston (actually no fault of Houston; I just couldn't bring myself to book a $300/night room at the Hilton.

So posting will be delayed. In the meantime, go read this and think on how we have some serious things in common with the lefties. Srsly.

http://kontradictions.wordpress.com/2013/04/20/dear-democratic-gun-control-lobby-how-to-get-better/

Now go invite a leftie shooting. You know that they'll like it. Duh. And you'll help mobilize help the next time the Democrats try the gun grabbing thing. Make sure you play up the ACLU's objections.

Delay. You're ambassadors. Right?






- Posted using BlogPress from my iPhone

Monday, April 22, 2013

Musings

I wonder how many times I've walked up or down a Jetway.

The BBQ in Charlotte's airport is too sweet. They need a Carolina sauce option. The fried pickle was OK, though.

The Travel Desk seems to be quite good at routing me via Timbuktu, so long as it saves them $100. Another reason to enjoy your trip, right after the food and the TSA.


- Posted using BlogPress from my iPhone

On the road again

Headed out again. Seems I'm turning into Old NFO or Uncle Jay.

Fortunately, the nice people from the TSA are here to remind me that flying stinks.

Ah well. The TV tells me that Reese Witherspoon got busted for drunk and disorderly in Atlanta last night. Seems she had the right to remain silent but lacked the capacity.


- Posted using BlogPress from my iPhone

Is it already National Punch A Hippy Day?

Earth Day?  I like my version better.  Here's your Earth Day:


Sure must be green in North Korea. /sarcasm

Stealing first base

This is about the oddest thing I've seen in baseball:
On a 2-2 pitch to Ryan Braun in the eighth inning of the Brewers' 5-4 win over the Cubs, Segura stole second. On the next pitch, Braun walked. So far, pretty standard stuff. But not for long.

Three pitches after that, Segura broke for third. But his first mistake was that he forgot to wait until pitcher Shawn Camp actually delivered the ball.

Camp whirled and got Segura hung up between second and third. That led Braun to follow Baseball 101 protocol and roar into second base. Which was proper and cool -- until Segura scrambled back to the bag to join him.

The Cubs started tagging everyone in the vicinity, and the rules say it was Braun who was out. But that was news to Segura, who thought he was the one who was out. So he started trotting toward the dugout.

Along the way, though, he got the memo that he wasn't out after all. So he pulled back into first base. And first-base coach Garth Iorg wouldn't let him leave.

Not until two pitches later, anyway -- when Segura burst toward second again and, in Take 2, was thrown out.

So there you have it -- a man who stole second and was caught stealing second in the same inning.
[blink] [blink]

It seems that this is legal in baseball.



There's an even odder play, but it was long, long before my time:
The other was the legendary Germany Schaefer of the Tigers. In a famous game on Sept. 4, 1908, the Tigers had runners on first and third, with Schaefer on first. Their this-trick-never-fails strategy was to have Schaefer break for second, draw a throw and allow the runner to score from third.

So off he went. No throw. Undaunted, he took off back to first. Still no throw. You know what happened next? He broke for second again. Still no throw. So he stole the same base twice. In one at-bat.
This is why I love baseball.  You keep running across goofy stuff.

Sunday, April 21, 2013

Seen at Camp Borepatch


Picture taken through the screened window of the porch.  Here's a close up shot:


It's a bird house modeled after Marietta's Big Chicken restaurant.  The Marietta historic district visitor's center has them for sale.  We'll see if something takes up residence.

Quote of the Day - Second Amendment edition

Elusive Wapati shoots, and scores:
Many on the right cite resistance to tyranny as the primary object of the Second Amendment, and while that may be true, that is not the primary use of the Amendment in my considered opinion. Instead, the Amendment reserves for the people the ability and the responsibility to protect themselves, and in doing so, forestalls the security vacuum (that typically results in heavier government policing) from occurring in the first place.

Interesting that this private security firm provides better security at half the cost. Another benefit for the people--specifically their civil rights--is that this private security firm, like any private party, will be held accountable for their actions in ways that police officers, as public officials, have not been and are not likely to be anytime soon.
Of course this is all considered to be Double Plus Ungood by all Right Thinking People®, because it reduces the dependence of the people on the Government.  That's why they "don't encourage self-help" because then reduces the incidence of crisis, and never let a crisis go to waste, right?

Synaulia - Music from Ancient Rome

Today is the 2766th anniversary of the founding of Rome on April 21, 753 B.C.  The Romans were great synthesizers, learning from many cultures and taking what seemed useful, turning it to their own purposes.

Music is a bit of a mystery because there are no musical scores from those times.  While the Greeks had a way of representing tone and duration, the Romans do not seem to have adopted it.

Because of this, the sound of reconstructed Roman music is somewhat conjectural.  We know that the earliest Roman music was adopted from their neighbors the Etruscans.  Later Greek influences would play a major role, and then others from provinces of their far flung empire.

The best evidence for sound is from the musical instruments of the day, many of which survived either in form or in historical description.  The Lute/harp, the horn (cornu), drums and other forms of percussion - these have been recreated by scholars who are essentially musical anthropologists.  Synaulia is perhaps the oldest of these groups, from the Dutch National Museum of Antiquities at Leiden.  Their music has been included in films like Gladiator, and so has branched out from its original founding mission of education to include a certain amount of commercial success.



The sounds are authentic, what a composer like Emperor Nero would have known.  The score - melody and rhythm - are modern creations.  Conjecture.  It is, alas, the best that can be done, at least until such time as an actual score from the period is discovered.  If indeed any even exist.

Quote of the Day

Here's why the gun control bill lost in the Senate:
You say "Gun control."  I hear, "We want you to defend yourself against a man who is a foot taller and a hundred pounds heavier with your bare hands."
You say "Common sense regulations."  I hear, "We don't like these cosmetic features, like an adjustable stock or a foregrip, that make it easier for a woman to use."
You say, "If it saves just one life."  I hear "Except yours, you stupid bitch. We'd rather you get raped and murdered while waiting for the police to arrive."
You say, "Think about the children."  I hear "But not yours. We won't let you defend them, and if we find out you have a gun in the same house as a child, we'll take them both away."
You say, "Compromise."  I say, "Fuck you, you mewling cowards. I will not embrace victimhood. I will not willingly disarm. If you demand I give up my life just to make you feel better, you are selfish on a level that is beyond comprehension."
The banners don't have logic on their side, they don't have honesty on their side, and they don't even have passion on their side.  Not like this.  RTWT, which is epic.  Erin doesn't care what the gun banners think, and you shouldn't either.


Brava, Erin.

Sierra Oscar Bravo

I was going to do a Saturday Redneck, but James Zachary has it covered.

The SOB is a US Citizen, so no Guantanamo for him.  Damn it.

Friday, April 19, 2013

In praise of cops

I am sometimes harsh on the police, when some of them go overboard and violate the rights of American citizens.

That said, the Boston Police Department looks like they have officers who took fire from the SOB who blew up the Boston Marathon, in order to take him alive.  I expect that the intelligence that will be gleaned from the capture will be valuable indeed.

And the fact that the Police Officers were willing to take a bullet to get this intel is pretty much the definition of "hero".  Bravo Zulu, Boston PD.

The soul of a nation

It's on display here.


Territory is but the body of a nation.  The people who inhabit its hills and valleys are its soul, its spirit, its life.
- James Garfield

I seem to have under-estimated the global appeal of the Tea Party

Huh.  Seems that the Tea Party's appeal extends to Chechen jihadis.  I hadn't realized that the Tea Party conspiracy was so, well, global.

UPDATE 19 April 2013 12:53: This is me, rolling my eyes:
According to NPR Counterterrorism Correspondent Dina Temple Raston, who spoke with officials about the Boston attacks, “April is a big month for antigovernment and right-wing individuals.”  What makes this such a good month for attacking innocent Americans?  Apparently, April 20th is the anniversary of the Columbine shootings and it is Hitler’s birthday.
Click through for the recording so you can listen to the stupidity in its full glory.

Just remember, these people are entirely convinced that they're ever so much more clever than drooling morons like your and me.

Pondering

So what would have happened if Mitt Romney had won the election?  What's the likelihood that he would have stood up to John McCain, Toomey, and the squishy Republicans on universal background checks?

Me, I think that we'd have a new gun control law on the books today.

Hey Democratic Senators! Obama and Biden say the gun control votes aren't over!

Want a bunch more votes in the run up to next year's elections?


How many Democrat Senators do you think want POTUS and VPOTUS to just STFU?  10?  Or is it 20?

Thursday, April 18, 2013

It's always a good flight when you're going home

Hey, lookee:




That right there is a subway going to the gates. Dulles airport is now no longer the stupidest airport in the country.

The TSA is still the stupidest agency in the government, though. The guy ahead of me had his mini Swiss Army knife swiped by a TSA goon too dumb to realize that it's 2" blade is now OK.

- Posted using BlogPress from my iPhone

Most Android phones are unpatched and unpatchable

It's so bad that the ACLU is complaining:
Yesterday, we filed a complaint with the Federal Trade Commission (FTC) asking the agency to investigate the major wireless carriers for failing to warn their customers about unpatched security flaws in the software running on their phones. These companies—AT&T, Verizon, Sprint and T-Mobile—have sold millions of smartphones to consumers running versions of Google’s Android operating system. Unfortunately, the vast majority of these phones never receive critical software security updates, exposing consumers and their private data to significant cybersecurity-related risks.

In a 16-page complaint filed with the FTC, we argue that the major wireless carriers have engaged in “unfair and deceptive business practices” by failing to warn their customers about known, unpatched security flaws in the mobile devices sold by the companies.
Android itself gets patched, but the handset vendors (Samsung, HTC, etc) and carriers aren't making them available to subscribers.  Apple has a much better model for the iPhone.

Getting old

Every single word is true.


Why support for gun control is fading away

Eric Raymond has an interesting post that starts with an analogy that most will find familiar and ends with an explanation for why the "middle ground" is less influential in the gun control debate:
Here’s a thought experiment for you. Imagine yourself in an alternate United States where the First Amendment is not as a matter of settled law considered to bar Federal and State governments from almost all interference in free speech. This is less unlikely than it might sound; the modern, rather absolutist interpretation of free-speech liberties did not take form until the early 20th century.

In this alternate America, there are many and bitter arguments about the extent of free-speech rights. The ground of dispute is to what extent the instruments of political and cultural speech (printing presses, radios, telephones, copying machines, computers) should be regulated by government so that use of these instruments does not promote violence, assist criminal enterprises, and disrupt public order.

The weight of history and culture is largely on the pro-free-speech side – the Constitution does say “Congress shall make no law … prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press”. And until the late 1960s there is little actual attempt to control speech instruments.

Then, in 1968, after a series of horrific crimes and assassinations inspired by inflammatory anti-establishment political propaganda, some politicians, prominent celebrities, and public intellectuals launch a “speech control” movement.
Here's his ending:
The members of these organizations know that many people advocating “reasonable restrictions” and advocating “common-sense regulation” are not actually seeking total bans and confiscation. They’re honest dupes, believing ridiculous collective-rights theories because that’s what all the eminent people who gave Prettyisland’s book glowing reviews told them was true. They honestly believe that anyone who doesn’t support “common-sense regulation” is a dangerous, out-of-touch radical.

Free-speech advocates also know that some people speaking the same moderate-sounding language – including most of the leadership of the speech-control movement – are lying, and are using the people in the first group as cat’s paws for an agenda that can only honestly be described as the totalitarian suppression of free speech.

Increasingly, the difference between these groups becomes irrelevant. What has happened is that four decades of strategic deception by the leadership of the speech-control movement has destroyed the credibility of the honest middle. Free-speech activists, unable to read minds, have to assume defensively that everyone using the moderate-middle language of “common-sense regulation” is lying to hide a creeping totalitarian agenda.
Given that the honest middle doesn't know very much about the subject, and given that their motivation is to appear "non-partisan", they increasingly find that rather than being perceived as peacemakers, they are scorned by both sides.  If you want to be a peacemaker, this is bound to be a turn off.

So not put yourself in the position of one of these people, with the Democrats and the MSM (redundancy alert) whipping up a hysterical frenzy over gun control, full of for the children and have you no shame.  Is that going to win you over?  Given that you don't have particularly strong feelings on the matter, you're likely to shrug your shoulders and tune all the gun control ravings out.

Essentially the dial it up to eleven!!!1! strategy of the hard left has alienated the honest middle that used to side with them.  The pro-gun side, of course, is highly motivated and turns out to vote.  Thus, yesterday's disaster for the Democratic Party.

The saying goes that you should assume that any organization is being run by a cabal of its most bitter enemies.  The Democrats are making a run at wrestling the name "Stupid Party" back from the Republicans.

Wednesday, April 17, 2013

Live by Class War, die by Class War

Borepatch, March 30, 2013:
... the Democrats are finding that they're driving the electorate into the arms of their opponents.  Remember, an election looms next year.  Memories are short, but not that short.

Some people are worried that a bland vanilla [gun control] bill will make it to the Senate floor and then a swarm of extremist amendments will be rammed through via legislative sleight of hand.  This won't happen, for many reasons:

  1. The Red state and blue state Democrats don't want to vote on anything here because it's radioactive.  No matter the sleight of hand, at the end of the day you have to vote.
  2. The more extreme the amendment, the more radioactive it will be.  Dianne Feinstein doesn't care, but Joe Manchin sure does.  Harry Reid, for all his faults, knows how to count votes.
  3. The House won't pass it, no matter what the Senate does.  John Boehner has done a masterful job trapping the blue and purple state Democrats: by saying that they'd take up any bill the Senate passed, he gave the green light to the most radical wing of the Democrat Party to push their unwilling middle strongly towards the left.
I believe that the Senate will vote gun control down, in a massive defeat to Obama personally and the radical wing of the Democratic party.  But the damage has been done.
The Democrats' Annus Horribilus is fair begun.  The economy is fading (again), the Obamacare mandates and costs are getting ready to bite, and the President has not only shown himself to be incapable of getting his agenda passed but has also shown that he has no loyalty to fellow Democrats in Red or Purple districts. 

More importantly, those fellow Democrats have show that they have no loyalty to him, and are unwilling to die on the hill of his radical agenda.  As next year's election approaches, they will increasingly throw him under the bus. As Joe Biden would put it, that's a Big F***ing Deal.

Pretty fun to see full scale Class Warfare break out among Democrats.

Bad idea

Hilarious bad idea.  Kind of what you'd expect from a site called ExplodingWhale.com.

You're welcome.  And this is pretty funny, the TV show "COPS" in the Star Wars galaxy.


Happy birthday, Ford Mustang

If this isn't the greatest car ever built, I'm not sure what is.

Image via Wikipedia
49 years old today.  Maybe I need to get me one of these old beauties for next year's half century mark.

God's Laughter

We used to live in the Washington D.C. suburbs, and now I somewhat unexpectedly find myself back on business.  As it turns out, Mom is also out here, visiting my older brother and his family.  I had a lovely time with them and their kids' Middle School homework chaos last night, well worth the hellacious drive from Herndon VA to Ellicott City MD at rush hour (yes, I love my family that much).

But on the drive home, I thought of the many years we lived here, Back In The Day.  And so I took a drive down Memory Lane (Rte 29), past the first place we ever owned.  It was a walk back through time, to a simpler day, with simpler problems.

I remember our "new house" and how the (15 year old) air conditioner went out.  Man, it was hot, back in the summer of 1990.  I remember how my Electrical Engineering degree had taught me how to read the information plate off of an electrical motor.  I remember going to an electric supply store and getting an equivalent blower, and installing it.  I remember the satisfaction when the cold air came on.

I remember putting up a steel garden shed at the top of the hill.  Dang, it was hot, that summer of 1992.   I mixed and poured a concrete slab and put up the shed more or less by myself.  I still remember how the steel roof was hot screwing the pieces together.

I remember the walks I took my German Shepherd Jack on, up to the softball fields.  Dang, it was hot on those summer mornings, but he needed the exercise and so off we went.  The shade kept us both alive, and he was pretty good at using that shade to hunt around for softballs.  I remember when he finally died, and how I dug a grave for a 110 lb German Shepherd in July.  Dang, that Maryland sun was hot, but a proper grave was his due.

I remember pushing #1 Son's Little Tykes car up the hill in the back so that he could ride back down it, laughing and laughing on the way.  I remember raking leaves into a pile that he ran and jumped into.  I remember the blizzard of January 1996 where 2 feet of snow paralyzed the area.  I remember shoveling the driveway all the ay to the unploughed street.  I remember making a snow fort with tunnels that #1 Son could crawl through.  #2 Son was 2 weeks old then.

I remember leaving for a new job posting, one that would take us to London.  I remember saying goodbye to my old dog Jack at his grave in the back yard.  I don't expect I'll forget that.

All this came back to me last night, as I drove back down Memory Lane.  All that and more.  Kierkegaard famously said that life can only be understood backwards; but it must be lived forwards.  That has the full measure of Scandinavian pessimism on display, but I can't really argue the point.  I stopped at the house - I think that I only went back because of Jack - and thought back on all the hopes, all the dreams, all the plans that we had back then.

I'm pretty sure that I heard God laugh.  I don't think that He was laughing at me, but if I wasn't laughing is it proper to say that He was laughing with me?  Maybe that is Him poking at me to get a clue, that He is waiting for me to wise up.  I hope that the Lord is patient indeed.
God creates out of nothing. Wonderful you say. Yes, to be sure, but He does what is still more wonderful: He makes saints out of sinners.
Søren Kierkegaard
If I listen, I think that He is laughing with me.  If I listen.

Tuesday, April 16, 2013

Boy, that was fun

The meetup last night was a blast: tanks and code breaking, shooting and geeking, it was a meeting of minds.  The next time I see him, I shall thank Mr. Gore for his most excellent Information Superhighway that allows us to find other people who shapre our interests.

Many thanks to the folks who turned out, some going a couple hours out of their way.  And yes, I need to get the stinkin' Garand.  And come back up next month for a blogshoot.

The world is filled with soft targets

It was ever so, and will always remain so.  Whoever was behind yesterday's attack in Boston reminds us of this unavoidable fact.

This is a fact that makes a lot of people uncomfortable, just like a shooting at a school makes a lot of people uncomfortable.  There's a desire for order and predictability, an escape from chaos, that drives many towards erecting great stone rings, or pyramids, or enacting gun control laws, or the USA PATRIOT Act.

But when all that activity dies down, when "something" is accomplished (no matter what the something might be) the cold fact remains.  The world is filled with soft targets.  It ever was so, and ever will be.

Say a prayer for the dead and wounded, hug your kids, and know that the world remains chaotic and evil sometimes walks among us.  You can be ready to react to that or not.

The final toast

The first blood that the USA drew after Pearl Harbor was the Doolittle raid.  It had been a bad five months, with the Imperial Japanese forces going from victory to victory.  The raid was a huge morale booster, and the 62 men who survived the raid and the rest of the war were heroes, sought after and feted across the Republic.  There was a movie about it.



In 1959, the city of Tucson presented the survivors with 80 silver goblets (one for each man in the raid) and a bottle of 1896 Hennessy VS cognac.  The survivors have met each year since, but have never opened the bottle.  Instead, they've been saving it for a final toast.

Today, they meet for the last time.  Time has done what war could not, and only four of the fliers remain.  This is their final reunion.  The bottle will be opened, and a toast made by those present to those accounted for.

Fair flying and God Speed, Doolittle Raiders.

Hat tip: friend Ralph in email, whose step Dad fought in the Pacific Theater.

Monday, April 15, 2013

Can I just say ...

... that the iPhone GPS directions blow chunks?  They managed to triple my travel time and land me on the toll road.

Good grief, this is about enough to get me to replace the damn thing with Android.

Heh



135 Million views on Youtube, and I only just now find it.

Tab clearing

Ever wonder what happens to all the recycling you so dutifully do?  Most of it gets dumped.

Gasoline sales are not down to 1970s levels.  They are down 10% from the peak 10 years ago.

What does the greatest living scientist think about Global Warming?  Choice quote: “I just think they don’t understand the climate. Their computer models are full of fudge factors.”

Is al-Qaeda finished?

The best blog name ever?

What is the real plot of Cinderella?  Perhaps that's better asked what's the RealPolitik plot?

There's been a 10x increase in the number of euthanasias performed in Belgium in the last decade.  I have to confess that I feel torn here.  On the one hand, my belief is that you have the absolute right to suicide (generally a bad idea, but the right exists).  On the other hand, it's unclear what this right means to, say, and Alzheimer's.  If you bump gramps off with a pillow over his face, you're a felon.  If the National Health Service does it, you inherit.  Unsavory.


How the Internet works, blog division

I laughed and laughed.  The comments are priceless.  And yes, that's exactly how blogging works.

Sunday, April 14, 2013

Nah, can't do it

The Renaissance Faire has a "Pet Friendly" weekend coming up, and Wolfgang is a friendly pet.  That got me thinking: I wonder if there are costumes people dress their pets in for that sort of thing.  And boy, howdy:






But then I thought better of it.  On second thought, let's not go to Camelot.  It is a silly place.


NOVA Blog Meetup

Time: Monday, 15 April 2013 at 6:30 PM.

Where: Jimmy's Tavern, 697 Spring St., Herndon VA

Please leave a comment confirming that you'll be there.  I'll call and make a reservation because it looks like there might be a crowd.

Musings on Renaissance Festivals

There are lots of people who dress up (including #2 Son).  Most of the really good costumes are worn by people who work there, but not all.  You even see entire families in costume.

There are more corsets per acre here than probably any other place on earth.  Kilts are well represented as well. 

Chocolate covered bacon was a bit of a disappointment.  That rather took me by surprise.

I expect that JayG would be fun to go to a Ren Faire with.  I might even break down and get a kilt if he wore his.  I'd need to work out for a couple months before going though - the kilted men seemed to fall into two categories - fit and good looking, and out of shape and not good looking.

Not all of the best looking costumed people seem to work there. 

There's a lot of overpriced junk for sale.  There's what look to be pretty high quality swords and knives if you look.  They're not at all cheap.

The shows are almost universally very funny.  A lot of the vendors are as funny.

Yesterday was opening day, and was packed.  It took 2 hours (!!!) to get out of the parking lot.

William Byrd - Consort Songs

Image via Wikipedia
Yesterday (and today) was the Renaissance Faire, an excuse for people to dress up in odd costumes and eat turkey legs while watching jousting.  It's pretty goofy, but a lot of fun if your imagination runs that way.

It's tissue-thin "story line" is that it "recreates" early 16th Century renaissance society - without the yucky plague and beheadings of the real thing.  But if we're going to let our imaginations run that way, it behooves us to listen to some actual renaissance music.

William Boyd was one of the most famous English composers of the mid-sixteenth century.  He was born too late for Harry of the many wives but was prolific and influential during the reign of Good Queen Bess.  He developed Consort Music, where "consort" refers not to the many wives of the Monarch but rather a grouping of chamber instruments.  He also wrote considerable church music.

You see, he was not just making a living from selling music to as many as would commission it, but he was a Roman Catholic in an England where that was uncomfortable and even dangerous.  But he avoided the most subversive sort of agitators, and his reputation was such that he died an old and wealthy man.

This is the real music of the middle renaissance.  You're unlikely to find it at your local Ren Faire.  Pity, that.


Saturday, April 13, 2013

How the Internet works


Actually, that's exactly how the Internet works ...

Armed and dangerous

#2 Son suits up.



- Posted using BlogPress from my iPhone

Lazy blogger

I overslept, and was busy last evening.  Life is cutting into my blogging time.  Besides, Weer'd is doing Saturday Redneck this morning: bluegrass Don't Fear The Reaper.  Sweet.

Friday, April 12, 2013

Spring

Offered without comment.





- Posted using BlogPress from my iPhone

A reading of the text of S.649

The HuffPo has the PDF.

It's 49 pages and surprisingly hard to parse.  I actually don't think that this is to flummox people, but rather because there is a huge amount of cross-referencing with existing US Code, and amendments of older statutes.  For example, one of the "findings" seems to amend the HIPAA health privacy act to say that releasing patient health data to the NCIS background check system is not a violation.  My understanding of the law proposed here is pretty tenuous, and you should absolutely take this with an enormous grain of salt.

Surprise #1: I don't see anything about doctors being able to send your name to the NCIS as "armed and dangerous" as it were.  It's possible that I missed this because it's buried in 49 pages of opaque text, but I just plain didn't see it in the text.  Commenters who read the text, please keep me honest.

Non-Surprise #1: There's a lot of confusion over who is exempt from background checks.  For example, the folks at The Corner shoot and miss:
The Toomey-Manchin compromise language is finally public. Here’s the relevant part:
It shall be unlawful for any person other than a licensed dealer, licensed manufacturer, or licensed importer to complete the transfer of a firearm to any other person who is not licensed under this chapter, if such transfer occurs-
“(A) at a gun show or event, on the curtilage thereof; or
“(B) pursuant to an advertisement, posting, display or other listing on the Internet or in a publication by the transferor of his intent to transfer, or the transferee of his intent to acquire, the firearm.
Basically, there would need to be a background check for any sale that began with any type of published advertisement. If you heard through the grapevine that someone wanted a gun, you could sell it to him without a background check; if you saw his ad in a newspaper, you couldn’t.
I think that this is plainly wrong;  There's considerable effort in the text devoted to exempting family members - there's listing after listing of definitions, including First Cousins (and spouses), step-parents and step-children, siblings, uncles and aunts, etc.  The idea that you'd find out that your Uncle was selling his Winchester by reading the local fish wrap but it's OK because he's your Uncle just doesn't make sense. This section has a lot of confusion in the statute as written.

There's $400M allocated to provide grants to the States to improve their reporting systems.  This seems pretty harmless.  There's a stupid Blue Ribbon Commission established to study mass shootings.  No doubt many fine lunches and dinners will be enjoyed before the report is presented to Congress and the President.

There's more here (for example, transporting across state lines), but I'll need to reread it to figure things out.

Repost: Government Data Mining FAIL

I do this infrequently, but this topic is so apropos to the previous post that I thought it worth reposting in its entirety.  I'd point out the unbelievable prescience shown in the dawn of this blog (only 100 days old at the time - still had that New Blog smell!), but it's really kind of obvious, isn't it?

--------------------------------------------------------------

Anti-terrorist data mining doesn't work

One of the biggest problems in Internet Security is getting the "False Positive" rate down to a manageable level. A False Positive is an event where your security device reports an attack, where there's no actual attack happening. It's the Boy Who Cried Wolf problem, and if it's too high, people turn the security off.

Apple had a hilarious ad that spoofed Vista's UAC security a while back. The security is so good that the whole system is unusable:



Surprise! Seems that identifying terrorists by mining a bunch of databases isn't any better:
A report scheduled to be released on Tuesday by the National Research Council, which has been years in the making, concludes that automated identification of terrorists through data mining or any other mechanism 'is neither feasible as an objective nor desirable as a goal of technology development efforts.' Inevitable false positives will result in 'ordinary, law-abiding citizens and businesses' being incorrectly flagged as suspects. The whopping 352-page report, called 'Protecting Individual Privacy in the Struggle Against Terrorists,' amounts to [be] at least a partial repudiation of the Defense Department's controversial data-mining program called Total Information Awareness, which was limited by Congress in 2003.
The problem is not so much one of technology, as it is of cost. Suppose you could create system where the data mining results gave you only one chance in a million at false positive. In other words, for every person identified as a potential terrorist, you were 99.9999% likely to be correct. This is almost certainly 3 or 4 orders of magnitude overly optimistic (the actual chances are likely no better than 1 in a thousand, and may well be much less), but let's ignore that.

There are roughly 700 Million air passengers in the US each year. One chance in a million means the system would report 700 likely terrorists (remember, this thought experiment assumes a ridiculously low false positive rate). The question, now, is what do you do with these 700 people?

Right now, we don't do anything, other than not let them fly. If they're Senator Kennedy, they make a fuss at budget time, and someone takes them off the list; otherwise, we don't do anything. So all this fuss, and nothing really happens? How come?

Cost. If we really thought these folks were actually terrorists, we'd investigate them. A reasonable investigation involves a lot of effort - wire taps (first, get a warrant), stakeouts, careful collection of a case by Law Enforcement, prosecution. Probably a million dollars between police, lawyers, courts, etc - probably a lot more, if there's a trial. For each of the 700. We're looking at a billion dollars, and this assumes a ridiculously low false positive rate.

There are on the order of a hundred thousand people in TSA's no-fly or watch databases. Not 700. If you investigated them all, you're talking a hundred billion bucks. So they turn the system off.

And that's actually the right answer. The data's lousy, joining lousy data with more lousy data makes the results lousier, and it's too expensive to make it work. How lousy is the data? Sky Marshals are on the No-Fly list. No, really. 5 year olds, too.

So the Fed.Gov sweeps it under the rug, thanks everyone involved for all their hard work, and pushes the "off" button.

As expected, the Slashdot comments are all over this:
I'd take their "no fly" list and identify every single person on it who was a legitimate threat and either have them under 24 hour surveillance or arrested.
The mere concept of a list of names of people who are too "dangerous" to let fly ... but not dangerous enough to track ... that just [censored - ed] stupid.
At least everyone's looking busy. The analogies to gun control pretty much write themselves.

The Senator Kennedy rationale to oppose the new Background Check law

The law is said* to include a provision allowing doctors to add the names of people they think are dangerously mentally ill directly to the list of Prohibited Persons used by the NCIS.  A brief consideration of Senator Ted Kennedy will show this to be a bad idea.

Consider: it seems to be exceptionally difficult to identify the people who become murderously insane, even when under a Psychiatrist's care.  Any decision about who is too dangerous or not dangerous enough will be made not based on a rigorously scientific basis, but on "hunches" or "feelings" or other qualitative analysis.  In short, it will miss a ton of people who should go onto the list (False Negative result) and will misdiagnose as dangerously insane a ton of people who really aren't (False Positive result).

For those late to the security geekery party, this is a layman's explanation of False Positive results:



Consider: Senator Ted Kennedy once found himself on the TSA no-fly list. Hilarity ensued.  It seems that the quality of the Fed.Gov "security" databases leave a lot to be desired.

Consider:
Todd Brown is the proud dad of an adorable little girl. A little girl that he found out, is on the TSA's list of potential terrorists.

It seems that if you're willing to do a fair amount of leg work, this sort of silliness actually gets cleared up. So well done to Mr. Brown, and I guess to the TSA for making the skies safe for cuteness.

Mr. Brown makes a good point, that there's nothing to tell you that you're on the list, and need to grovel your way through the TSA's unhelpful web site to find the required form. You could plausibly claim that this is a security feature - if the special someone on the list actually were a terrorist, you wouldn't want to let them know.

Which ignores the issue that it's idiotic to have someone so dangerous that they shouldn't be allowed to fly, but not dangerous enough to arrest. That's a discussion for another day. Today, the issue is false positives, the erroneous report that someone or something matches a particular categorization, when they actually don't.

This is why you get a second opinion when your doctor tells you that you have a serious disease. Any diagnosis will be less than 100% accurate, and you don't want to go on an expensive and invasive regime if you're one of the 2% that don't actually have the disease.

An anonymous commenter left this, over in Brown's comments:
They efficiently shifted the cost of false positives to you.
Bingo.
So riddle me this, Mr. Gun Control Man: Suppose Sumd00d goes to Shrink #1 who thinks he's dangerously insane and wants to put him on the list.  And then Sumd00d goes to Shrink #2 for a second opinion (that will be allowed under your nifty Obamacare thingie, right?) who decides that he isn't.  Which Doc had the False Positive diagnosis?  How does that play out under your new Gun Control proposal? If he's a U.S. Senator, it will get fixed, for the rest of us, what happens?

I keep saying it: adding crummy data to databases makes the databases crummier.  But well done shifting the cost of fixing the false positives from the Government to the innocent citizen.  Here's an idea: make Doctors who report false positive results to this database subject to medical malpractice lawsuits.  That'll drive down the cost of health care, right?

* So far I've been too busy/lazy to read the text of the legislation.

Thursday, April 11, 2013

Who wants to meet for dinner Monday, 15 April near Herndon Virginia?

I have a trip to Herndon, and fly in Monday afternoon.  Anyone in the area up to meet for dinner?

So can you really hijack a plane using your Android smartphone?

A bunch of you are pinging me on the presentation at the Amsterdam Hack In The Box conference on Airplane hacking:
An extremely well attended talk by Hugo Teso, a security consultant at n.runs AG in Germany, about the completely realistic scenario of plane hijacking via a simple Android app has galvanized the crowd attending the Hack In The Box Conference in Amsterdam today.

...
Here are some of the functions Teso showed to the HITBSecConf Amsterdam audience:
  • Please go here: A way of interacting with the plane where the user can dynamically tap locations on the map and change the plane's course.
  • Define area: Set detailed filters related to the airplane, for example activate something when a plane is in the area of X kilometers or when it starts flying on a predefined altitude.
  • Visit ground: Crash the airplane.
  • Kiss off: Remove itself from the system.
  • Be punckish: A theatric way of alerting the pilots that something is seriously wrong - lights start flashing and alarms start buzzing.
Color me skeptical.  I say that because I've personally dealt with n.runs before.  They're an interesting bunch, combining serious security/hacking skill with a flamboyant (perhaps over the top) showmanship streak.  This leads to very enjoyable presentations with lots of LULZ from the audience, but you have to read the fine print.

For example, they will talk about all the crazy stupid stuff they found in the design - they have several slides on this in the presentation (slides 10 and 12, for example).  Everyone guffaws.  What they don't say, however, is whether this can actually be exploited.

And this is the key to a lot of my skepticism - in my experience, n.runs hasn't been able to exploit most of the vulnerabilities they talk about.  That said, some of what they find is exploitable, and is very clever indeed.

So what does all this mean?  I'm not at all sure that I believe their most spectacular claims (cf. "Crash the airplane" above).  As a matter of fact, I don't believe it.  Nor do I believe that they can change the airplane's course.  I do believe that they can spoof messages sent to the pilot's message console (cf. "Be punkish" above).

Security researchers pay a lot of attention to reputation.  Some confuse reputation with notoriety in the Press.  n.runs falls into that second category.  I recommend a very large grain of salt for these claims, based on my experience with them in the past.  Your mileage man vary, void where prohibited, do not remove tag under penalty of law.