Sunday, August 30, 2015

We played hookey yesterday

Rather than working on the house, we took the motorcycle out.   Roswell to Jasper on the back  roads is about as pretty as it gets, and I need to get more miles under the wheels.

There's a western wear store on Rt 5 just as you come into Jasper - it's a proper western wear store, as half of it sells livestock feed.  And they had this, which cracked me up:





Not what  you'd expect to find in Massachusetts, but par for the course in the north Georgia hills.


Then on to Rocco's bar where there were a dozen bikes parked out front and a Blues band playing B. B. King inside.  They were crazy good - it seems like local boys who like to get paid to have fun.

And yes, it was we that rode.  Co-blogger ASM826 was wrong when he said there are no women who want to meet men on the Internet.  Her kids call her the "Queen of the World" because she told them when they were little that all the fireworks on July 4 were because of her birthday.  Yes, she has as strange a sense of humor as I do, but we both seem to roll with each other's foibles.  And she likes to ride with me.

Pretty good excuse to play hookey if you ask me.  Sure beats painting the living room.

Saturday, August 29, 2015

Bad idea


Roy Orbison - Uptown

America is a melting pot, and so is our music.  Country came from a mixing of many styles, including Gospel, Appalachian hill music, and western "Cowboy" music.  This morphed into Honky-Tonk, which became (with a smattering of Blues) the kernel of Rock 'n Roll.  The early days of Rock saw a lot of crossover artists - part Country, part Rock.

Roy Orbison was one of those artists.  This was one of his first songs that hit the Billboard charts.  It was influenced by the work he did with the "Nashville Sound" of Patsy Cline, but still has clear Honky Tonk roots.  I can imagine what this would have sounded like with Hank Senior singing it.


Friday, August 28, 2015

Charlie Daniels sends a love letter to Congress

Specifically, he'd love them all to resign:
I wish you bunch of sold-out, jaded, burned-out hacks would just go home and let some people who still have some vision and whose consciences haven't been seared past the point of reminding them when they're wrong take over and start to claw this nation back on to the path of sanity,

Your ratings are in the single digits, your morals are in the gutter, your minds are on self-preservation and somewhere along the way you traded your honor for political expediency.

You've violated your oaths, you've betrayed your country you've feathered your nests and you've sat on your hands while an imperial president has rubbed your noses in the dirt time after time.

You're no longer men, you're puppets, you're caricatures, jokes, a gaggle of fading prostitutes for sale to anybody who can do you a political favor.
Don't hide your feelings, Charlie - tell us what you really think.

Congratulations to Tam

Ten years of free bloggy ice cream.  That's like eleventy zillion years in Internet time.

Thanks for all the great posts, Tam!

What's the only thing powerful enough to stop the Surveillance State?

Bureaucracy:
OAKLAND, Calif.—Weeks after Ars published a feature on the scope of license plate reader use, the Oakland Police Department unilaterally and quietly decided to impose a data retention limit of six months.

...

According to Sgt. Dave Burke, who is in charge of the city’s LPR system, this change was not in response to Ars’ article, but rather was made primarily because the LPR computer—a Windows XP computer with an 80GB hard drive—was full and apparently "kept crashing."

"We had no money in the budget to buy an additional server," he told Ars.
They collected almost 5 Million license plate scans, and only stopped because the procurement bureaucracy has essentially infinite impedence.
"We don't just buy stuff from Amazon as you suggested," Burke added. "You have to go to a source, i.e., HP or any reputable source where the city has a contract. And there's a purchase order that has to be submitted, and there has to be money in the budget. Whatever we put on the system, has to be certified. You don't just put anything. I think in the beginning of the program, a desktop was appropriate, but now you start increasing the volume of the camera and vehicles, you have to change, otherwise you're going to drown in the amount of data that's being stored."
The irony of this is pretty shadenfreudalistic.

Thursday, August 27, 2015

Quote Of The Day: ISIS edition

This is impossible to excerpt, but exposes the complete bankruptcy of our miserable pseudo-intellectual ruling class.

As TJIC once said on his late, lamented blog, this post is simply unimprovable.

Wednesday, August 26, 2015

Laptop computer deal alert

I just got a new laptop: Lenovo B50 laptop for $199:


I'm posting from it now (well, queueing the post last night. Work with me).  Loading Linux on it today.

UPDATE 26 August 2015 09:26: The price has gone up a little since yesterday.

Tuesday, August 25, 2015

Donald Trump: Ha, Ha, only serious

Computer programming culture (called "hacker" culture in the days before the term got co-opted by Black Hats; these were the original guys who figured out how to code supercomputers, the computers that landed Our Guys on the Moon, and who created the Internet) had a bunch of puns and plays on words.  This isn't surprising when you consider that most of these hackers were exceptionally bright and thought in ways very different from the mainstream.

You can find a huge collection of these in the Jargon File (highly recommended reading, but you are warned that you will lose hours reading through this).  Looking at the Donald Trump phenomenon, one of these sayings came to mind:


ha ha only serious
[from SF fandom, orig. as mutation of HHOK, ‘Ha Ha Only Kidding’] A phrase (often seen abbreviated as HHOS) that aptly captures the flavor of much hacker discourse. Applied especially to parodies, absurdities, and ironic jokes that are both intended and perceived to contain a possibly disquieting amount of truth, or truths that are constructed on in-joke and self-parody. This lexicon contains many examples of ha-ha-only-serious in both form and content. Indeed, the entirety of hacker culture is often perceived as ha-ha-only-serious by hackers themselves; to take it either too lightly or too seriously marks a person as an outsider, a wannabee, or in larval stage. For further enlightenment on this subject, consult any Zen master. See also hacker humor, and koan.
I think that Trump entered the campaign in a ha-ha-only-serious way: an ironic joke with a hard core of disquieting truth.  He was the only one on the stage who would say what the Political Class refused to say but what a large part of the Republic believed in their heart of hearts - but were not permitted to say in "polite society" because shut up, hater.

And every time he opens his mouth and emits what the Political Class deems to be a "gaffe", his poll numbers go up.  I don't think that anyone understands this, including Trump.  However, half of having luck is getting yourself in a position where you can be lucky, and my opinion is that Trump is almost certainly too opportunistic to let an opportunity like this pass.

I'm not the only one who seems to think this way.  Heartiste (WARNING!!! Site is extremely non politically correct and many people - including perhaps all of my Lady Readers - are very likely to be offended by other posts there.  This post is entirely safe except for Democrats) posts an email tip that he received from someone claiming insider knowledge about Trumps campaign:
I just got told by a friend that Trump hired the former lawfirm of the RNC.
Why does this matter?
Word on the street in Chattanooga (where Trump has and retains many high end connections) is that Trump went into the campaign with two intentions.
One was to ‘shake things up’.

The second was to raise his profile with Chinese investors for fund raising for a new casino.


He really didn’t intend to get big numbers in the US and didn’t intend to actually ‘go for the goal.’ Which was why he came in with no primary ground game. He didn’t intend to even get 5%.


With the recent success the question was ‘what now?’ Go for closing the deal or back out? Some of his more inflammatory comments were tests to see if he could flame out. And his poll numbers just rise.


If he has retained a political lawfirm it can only be to create a ground game.
There's a lot more about how this is very, very different from the way that the GOP Establishment runs campaigns.  If true, it may be game changing - it would certainly be very difficult for the Political Class to combat this.  Heartiste comments:
I don’t doubt Trump entered this race thinking he couldn’t win, and that his initial motivation was partly narcissistic (in fact all politicians are narcissists to a degree), partly self-aggrandizement. But then he saw that he could win, and that he had tapped a deep well of dissatisfaction among people by simply speaking his mind the way he likes to speak (i.e., not like a weeping p***y).
The level of dissatisfaction with the Political Class in this country is at epidemic proportions.  The Political Class has assumed that if they offer the populace no real choice, that they can continue with their binge of crony capitalism and keep getting away with their lies.  And now someone has tapped into that dissatisfaction in a way that they may not be able to thwart.

Is this a good thing?  Beats me - he seems a bit Caesarish for my taste.  But the screams of the Political Class (including the media, but I repeat myself) are deafening.  Remember, it's the kicked dog that yelps, and I have precisely zero sympathy for any of them.

The Dinosaurs sniff a change on the breeze and roar their defiance.

Sunday, August 23, 2015

That's some impressive Detective work, Chief

Oops:
Firefighters who responded to a hotel blaze stumbled upon a blood-spattered hotel room littered with bottles of alcohol and even a piece of a scalp.

Police Chief J.R. Blyth, who was called in to investigate, described the discovery at the George Washington Hotel in Pittsburgh as 'the most grisly murder scene in his 35 years in law enforcement'.

Detectives had spent eight hours of overtime on the investigation before Chief Blyth realised the blood wasn’t real and that the murder scene was in fact the leftover set of a horror movie filmed two years ago with Corey Haim.
I guess that the Pittsburgh PD don't have many officers who are fans of B-grade horror flicks.

True dat


I get a wave when I'm on the motorcycle (from other bikers).  I get a wave when I'm in the Jeep (from other Wrangler drivers).  It's kind of cool.

Quote of the Day: Terrorists on Trains

Word:
One thing seems perfectly clear, though. We’ve been instructed for years that our patriotic duty is to fear and hate these invariably incompetent people, to live in terror lest they attack us, and to accept that it’s in our sheeplike interest to give up a little convenience – in the form of all our liberty and privacy – so that our beloved government may provide us the security of a well-run prison. But every time one of these would-be tragedies actually happens – as opposed to being something feds set up some kid to do – but becomes a feel-good story instead, it’s because somebody who hasn’t been spying on you or shooting your dog sees what’s going down, puts on his big-boy pants, and thumps the bad guy soundly his own unauthorized self.
There's more, including a hilarious picture.  RTWT.

Friday, August 21, 2015

This is SO wrong ...

But I'm doing it anyway.


Hat tip: Rick, via email.

How to reduce School shootings

Seen at a school in Arkansas:


Remember that Jeep computer hack?

Surprise!  It's not just Jeep:
Now, according to a report in Wired, that a host of similar systems used by other car manufacturers are vulnerable to similar attacks:
Over the last week, Kamkar has analyzed the iOS apps of BMW’s Remote, Mercedes-Benz mbrace, Chrysler Uconnect, and the alarm system Viper’s Smartstart, and found that all of those internet-connected vehicle services are vulnerable to the attack he used to hack GM’s OnStar RemoteLink app.

"If you’re using any of these four apps, I can automatically get all of your log-in information and then indefinitely authenticate as you," says Kamkar. "These apps give me different levels of control of your car. But they all give me some amount of control."
And $100 says it's not just Jeep, BMW, and Mercedes ...

Thursday, August 20, 2015

On this day in 1938

Lou Gehrig his his 23rd career grand slam.  That record was to stand for 75 years until it was broken by Alex Rodriguez.  There is no record as to whether Gehrig also used performance enhancing drugs.  And since we're talking about A-Rod, here is a musical homage to his career:


About that Ashley Madison "Cheating" website hack

It appears that the data that is being leaked is for real.  Not that you'd do that, of course.

It also seems that there was no verification done on email addressed used in site signup.  This means that anyone could create an account for, say, jeb.bush@state.fl.us and it would be in the database that was just released.  There's an interesting attack that security guys call "Information Poisoning", where the attack is intended to create distrust in a community or data set.  If you can inject enough distrust, then you can render the resource worthless.

Given the recent OPM hack, I'm starting to wonder if this is the wave of the future - injection of embarrassing data into sites like this and then a subsequent hack to expose said data.  Certainly the capability exists to do this sort of thing.

Ah, working from home

I must say that I love my commute, and since everything here uses videoconferencing over the Internet, I love the (mostly) not traveling.  Err, until the Internet goes down.

Like it did yesterday.  In the middle of a big presentation to the Air Force.  Of course, I was the presenter.  Fortunately, the Help Desk at AT&T was completely helpful:


The heart is just exactly the right touch for people all p***ed off about the network going down.  Way to go, Brittany. 

Old fart

As I clean up and sort through the lower reaches of Camp Borepatch, I find long lost wonders.  One was some Kodak slide carousels.  A couple were slides taken by my late Father-in-Law; the ex will be wanting these, no doubt.  One was slides taken by me no doubt on a vacation around 1990 or so - I posted some of these here, and these are very likely of the same vintage.

But one was slides.  As in, Presentation Slides.  On Network Security.  Circa 1994-1995.

[blink] [blink]

I'm trying to remember when I had these made and for which venue, but two decades are somewhat thwarting  my memory.

To add to the feeling of "old fartness", it seems that the crazy hipsters use the term "slidemanship" for something out of Mario Kart.  Back In The Day it was the process of establishing dominance over your audience by first establishing dominance over your projectionist.  Somewhere I have a hilarious writeup about that, which involves backwards slides, slides that are two pieces of film stuck together with wax that slide apart and de-focus when the heat of the lamp melts it, obscure references in Cyrillic typefonts ("Russian?  No, no - Bulgarian, old chap!").

Mario Cart, indeed.  Get offa my lawn, punks. 


Wednesday, August 19, 2015

Invalid encryption key


Good thing there are some others to try ...

Quotes of the Day: Climate Science is broken

Shot:
“The time for debate has ended”
— Marcia McNutt (editor-in-Chief of Science, next President of the NAS) in “The beyond-two-degree inferno“, editorial in Science, 3 July 2015.

I agree with McNutt: the public policy debate has ended. Climate science as an institution is broken, the larger science community applauds its dysfunctionality, and a critical mass of the US public has lost confidence in it. As a result, the US will take no substantial steps to prepare for possible future climate change, not even preparing for the inevitable re-occurrence of past extreme weather.
Chaser:
It is a sad state of affairs for climate science that this book [Mark Steyn's new book on Michael Mann of "Hockey Stick" fame - Borepatch] had to be written (it was brought on by Michael Mann’s lawsuit – without the lawsuit, Steyn obviously wouldn’t have bothered).   At a time when the U.S. and the world’s nations are trying to put together an agreement to tackle climate change (for better or for worse), Steyn’s book reminds everyone of Climategate, why the public doesn’t trust climate scientists and aren’t buying their ‘consensus.
Both are worth reading in their entirety.

Voting machines: a security nightmare

The Silicon Graybeard points out the least secure voting machines in America:
H/T to Yahoo! Tech for the story.  As usual, the problem is government.  In particular, after the "Hanging Chad" election in 2000, the congress passed the Help America Vote Act of 2002. Among other things, the Act banned punched-card and mechanical-lever voting machines.  This led to the inevitable gold rush to suck up that gubmint money by producing voting machines.  And just as the War on Some Drugs money has always been spent so wisely; like the Quadro Tracker, the $1000 empty box with a 'diving rod' on it, so was spent the Help America Vote money.
 It was so bad that Virginia has banned their use because the security is so wretched:
Switching to Epstein's summary for a moment:

If an election was held using the AVS WinVote, and it wasn’t hacked, it was only because no one tried. The vulnerabilities were so severe, and so trivial to exploit, that anyone with even a modicum of training could have succeeded. They didn’t need to be in the polling place – within a few hundred feet (e.g., in the parking lot) is easy, and within a half mile with a rudimentary antenna built using a Pringles can. Further, there are no logs or other records that would indicate if such a thing ever happened, so if an election was hacked any time in the past, we will never know.
How bad was it?  How about the shiny key to lock the machine?  Epstein reports “All the keys are the same for every Winvote that’s ever been made, because that way it’s easier,”
• Winvote’s machine runs a version of Windows XP that hasn’t had patches installed since 2004 — four years before AVS deservedly went out of business.
• Its wireless network is “safeguarded” with insecure WEP encryption — and the password is abcde. (and that was unchangeable)
• The Windows admin password is (no, I’m not making this up) admin. (and that seemed unchangeable as well)
RTWT for the whole horrifying thing.

Tuesday, August 18, 2015

75 years after "The Hardest Day"

August 1940 saw the German Luftwaffe try to establish air superiority over Great Britain.  Hitler's planned invasion of that island was running out of time - the English Channel gets notoriously stormy in the autumn, and mid-August was getting perilously close to autumn.  But Hermann Goering assured the Fuhrer that he had the Royal Air Force on the ropes.  One more big push would break RAF Fighter Command.

August 18 was that big push.

But it didn't go that way.  Hundreds of RAF Fighters rose to savage the German bombers.  While this "Hardest Day" was just about exactly a draw in terms of losses, it showed that the RAF was most definitely not on the ropes.  While the Battle of Britain would go on for weeks, Hitler's mind was already shifting to the Eastern Front.  In Churchill's immortal words, never had so many owed so much to so few, those who flew sortie after sortie on that Hardest Day.



Three Quarters of a Century later, those Few are few indeed.  Per Ardua ad Astra, indeed.

Um, yeah

Want me to keep holding your beer?

Donald Trump: American Caesar

Shot:
If you’re keeping score, in the past month Trump has bitch-slapped the entire Republican Party, redefined our expectations of politics, focused the national discussion on immigration, proposed the only new idea for handling ISIS, and taken functional control of FOX News. And I don’t think he put much effort into it. Imagine what he could do if he gave up golf.

As far as I can tell, Trump’s “crazy talk” is always in the correct direction for a skilled persuader. When Trump sets an “anchor” in your mind, it is never random. And it seems to work every time.

Now that Trump owns FOX, and I see how well his anchor trick works with the public, I’m going to predict he will be our next president. I think he will move to the center on social issues (already happening) and win against Clinton in a tight election.

I also saw some Internet chatter about the idea of picking Mark Cuban as Vice Presidential running mate. If that happens, Republicans win. And I think they like to win. There is no way Trump picks some desiccated Governor from an important state as his running mate. I think Cuban is a realistic possibility.
Chaser:
Trump is a complicated subject... because its insane... but the situation is so nutty that he starts to make sense... which tells you how insane the situation is...

Americans are furious. Both sides of the political spectrum.

Republicans are pissed.

Democrats are pissed.

No one trusts anyone.

Both side's politicians are full of shit.

There is a general consensus that the elites are fucking over the people at large.

The republicans tried to purge their own party with the "tea party" and similar things.

Democrats only see this form their perspective but they don't realize that a fair amount of the animus was directed at the establishment republicans which is why the establishment doesn't like the tea party.

The democrats tried to purge their own party with stuff like code pink, occupy wall street, and now black lives matter.

And all of this is failing. The Establishment of both parties is very good at stonewalling this stuff. Black Lives Matter shows up to a Bernie speech and basically takes it over.

They try the same thing at a Hillary speech and they don't even get in the front door.

Think about that.

And that's basically what has been going on. So what is Donald Trump?

In my view, he's a purgative. A drug you take to induce vomiting. You accidentally eat poison... it has to get out. So you take a purgative... and you vomit.
The Tea Party failed, because it was subverted by the Establishment.  I was a fan of "Vote Them All Out", but that failed because the Establishment funded the primary races to keep reformers out.

The Slashdot commenter puts his finger on the dynamic that Trump has tapped into.  Everyone hates the government and the politicians.  Everyone.  Up until now it's been irrelevant, since the Establishment has not allowed any alternative.

But Trump doesn't need them, and doesn't want them.

Julius Caesar was a master of New Media, back in the Roman Republic days.  His Gallic War was widely distributed in Rome (by Caesar's allies) and became wildly popular.  Caesar looked different from the corrupt Senate establishment.  People were sick of the Status Quo.

Caesar didn't need the Senate, because he had the public.  When it was a choice of the Senatus or the Populusque Romanus, the Status Quo collapsed.  Whether that was a Good Thing or a Bad Thing has been the subject of debate for two millennia.

Adams again:
If you’re keeping score, in the past month Trump has bitch-slapped the entire Republican Party, redefined our expectations of politics, focused the national discussion on immigration, proposed the only new idea for handling ISIS, and taken functional control of FOX News. And I don’t think he put much effort into it.
My estimation of Trump has gone way, way up.  This is new, and significant, and I'm not sure if any of the other candidates have any idea how to deal with him other than hoping that he gets bored and leaves, or makes a set of gaffes that will cause him to implode.  That's not looking like where the smart money is betting.

Would a Trump Presidency be a Good Thing or a Bad Thing?  There's a pretty good chance that we're fixin' to find out.  But Trump is focused on what the market wants, and what the political market wants right now is a change from the Status Quo.  And quite frankly, there are quite a few Agencies where "You're Fired" would not only be effective in correcting the path the Republic is on, but would be wildly popular with the Populusque Americanus.

Saturday, August 15, 2015

40 years of the Rocky Horror Picture Show

Peter noticed the anniversary, which I'd totally missed:
It's become the longest-running movie in history: literally, it's always been playing in a cinema somewhere in the world since that date. No other film in entertainment history can make that claim over so long a period. In fact, RHPS has been called 'the most iconic cult movie of all time'.
I think I first went to see it in the late '70s, with 2cents.  It was an eye-opener: not so much the movie (which was funny-in-a-schlocky-way) but the audience participation part.  There were accepted catch phrases that the audience would holler at the screen: "Where's your neck?" (at the narrator).  "Ass****!" at the male lead (Barry Bostwick; I could never watch his later performance as George Washington without hearing that whispering in the back of my head).  You would fling props at the screen: rice at the wedding scene, toast at the banquet when Dr. Frank N. Furter (played by Tim Curry; I couldn't get that image out of my mind when I saw him in his later role in Hunt For Red October).

A couple years later, 2cents and I were at another screening.  There were a group of guys in the row in front of us, and one of them was clearly at the movie for the first time - they were explaining all the audience participation parts to him.  At the banquet scene, things played out sort of like this:
His friends, to him:  The toast - where's the toast?

Him: I don't have it.  I ate it.

2cents (and me), pointing at him: Ass****!
Good times, good times.

If you were a RHPS fan, click through to Peter's post, which will be a waltz down memory lane.

Alan Jackson - Chattahoochee

Vickery Creek, flowing towards the Chattahoochee.  Photo copyright Borepatch

I can walk from Camp Borepatch to the Chattahoochee river.  There are very nice trails through National Forrest parkland (the picture here is from this parkland), there's a lively riverside activity scene on the river.  In all the years I've lived here, I'd never gone tubing on the 'Hooch.  So we went last weekend.

Remember, it's August, so it's hotter than a hoochie coochie.  You bet there's a country music song about that.

Alan Jackson was one of the stars that blazed brightly in the 1990s, with 35 Billboard #1 country hits.  This was one, which won CMA song of the year in 1993.  As a Georgia boy, he was familiar with the 'Hooch.  Asked about the song, he said:
It's a song about having fun, growing up. and coming of age in a small town - which really applies to anyone across the country, not just by the Chattahoochee. We never thought it would be as big as it's become."



Chattahoochee (Songwriters: Alan Jackson, Jim McBride)
Way down yonder on the Chattahoochee
It gets hotter than a hoochie coochie
We laid rubber on the Georgie asphalt
We got a little crazy but we never got caught

Down by the river on a friday night
A pyramid of cans in the pale moonlight
Talking 'bout cars and dreaming 'bout women
Never had a plan just a livin' for the minute
Yeah way down yonder on the Chattahoochee
Never knew how much that muddy water meant to me
But I learned how to swim and I learned how I was
A lot about livin' and a litttle 'bout love

Well we fogged up the windows in my old chevy
I was willing but she wasn't ready
So a settled for a burger and a grape snowcone
Dropped her off early but I didn't go home

Down by the river on a friday night
A pyramid of cans in the pale moonlight
Talking 'bout cars and dreaming 'bout women
Never had a plan just a livin' for the minute
Yeah way down yonder on the Chattahoochee
Never knew how much that muddy water meant to me
But I learned how to swim and I learned how I was
A lot about livin' and a little 'bout love

Way down yonder on the Chattahoochee
It gets hotter than a hoochie coochie
We laid rubber on the Georgie asphalt
We got a little crazy but we never got caught

Well we fogged up the windows in my old chevy
I was willing but she wasn't ready
So a settled for a burger and a grape snowcone
Dropped her off early but I didn't go home

Down by the river on a friday night
A pyramid of cans in the pale moonlight
Talking 'bout cars and dreaming 'bout women
Never had a plan just a livin' for the minute
Yeah way down yonder on the Chattahoochee
Never knew how much that muddy water meant to me
But I learned how to swim and I learned how I was
A lot about livin' and a little 'bout love

Thursday, August 13, 2015

Grumble

I seem to be burning through vacation days getting Camp Borepatch fixed up to sell.  Everything takes longer, i guess.

Not more expensive - that seems to be tracking nicely.  Well, closely ...

Ah well - mustn't grumble.  I smell coffee.  Yay, coffee!

Wednesday, August 12, 2015

A metaphor on Megyn Kelly's approach to Donald Trump


Chrysler gets sued for lousy security

Three weeks back we saw that late model Jeep Cherokee autos could be hacked remotely.  The shoe that we've been waiting to drop, has dropped:
LAST MONTH’S JEEP hacking scandal has already been followed by a 1.4 million vehicle recall and a well-timed Senate bill. Now Chrysler faces that other inevitable punishment: a potentially massive lawsuit.
On Tuesday three Jeep Cherokee owners filed a complaint against both Fiat Chrysler Automobiles and Harman International, the maker of the Uconnect dashboard computer in millions of Chrysler vehicles. A security flaw in that cellular-connected computer served as the entry point for security researchers Chris Valasek and Charlie Miller when they showed WIRED last month that they could wirelessly hack into a 2014 Jeep over the internet to hijack its steering, brakes and transmission. Now the small group of plaintiffs is hoping to invite anyone with those vulnerable Uconnect systems in their car or truck to join them in their litigation. If their complaint is certified by a court as a class action, the broad spectrum of affected Chrysler vehicles means it could snowball into a case with more than a million potential plaintiffs.
What damages are assessed when it's no longer possible to have confidence in the security and integrity of your car?  What are the damages if you always wonder if you're about to die when you start it up?

U.S. Government wins coveted "My Little Pwnie" award for best hack of the year

H4x0Rz R m4g1C
 And by "coveted", I mean "really, really wish this hadn't happened":
Black Hat 2015 For the past nine years Black Hat has staged its Pwnie Awards, devoted to recognizing the best and worst aspects of computer security, and this year's winner of the least welcome award is the US government's Office of Personnel Management.

The OPM won in the "Most EPIC Fail" category after hackers, possibly from the Chinese government, ransacked the agency's servers to steal confidential information on up to 21.5 million past and present government employees.

"The OPM let you and everyone else down. So much so, that the USA government might actually be pulling covert agents out of foreign countries. USA #1," noted the panel of judges.

The hack caused the resignation of the OPM's head and a frantic effort by other government departments to get themselves protected. No one from the OPM was present to pick up their pony-shaped award.
Let's just let that run over the tongue, shall we?  No one from the OPM was present to pick up their pony-shaped award.

Lulz.

Epic, epic fail, and recognized as such.

Tuesday, August 11, 2015

Ah, the joys of getting the kids to clean up so I can sell the house

Going pretty well.


Yeah.  Going really well.

Lies the gun banners tell

Refuted by facts CrimeThink™
There are a bunch more.  Go and bookmark this one.

(via)

Keynesian Economics, explained

A parable:
Krugman and Bernanke are walking down the street and see a pile of dog s***. Bernanke says “I’ll give you twenty thousand dollars to eat that pile of s***.” Krugman does it, gets paid, and they keep walking. After a while they see another pile of s*** on the road. Seeing an opportunity for revenge, Krugman says “Tell you what, I’ll give YOU twenty grand to eat that pile of s***.”
Click through for the hilarious ending.  And it's 100% true, which makes it even better.

Monday, August 10, 2015

Why yes, I am getting more exercise lately


Samsung and HTC phone users: do NOT enable the fingerprint option

The phone doesn't protect your fingerprint data:
Four FireEye researchers have found a way to steal fingerprints from Android phones packing biometric sensors such as the Samsung Galaxy S5 and the HTC One Max.
Oh, Come on I hear you say.  This is a Security feature, I hear you say.  Just how bad can it be?
The team found a forehead-slapping flaw in HTC One Max in which fingerprints are stored as an image file (dbgraw.bmp) in a open "world readable" folder.

"Any unprivileged processes or apps can steal user’s fingerprints by reading this file," the team says, adding that the images can be made into clear prints by adding some padding.
Well there's your problem, right there ...


$5 gets you $10 that it's not just Samsung and HTC.  My advice is to turn off the damn fingerprint recognition and browse through the file system, deleting any .BMP files that look like biometrics.  And maybe run the phone through an industrial shredder ...

Saturday, August 8, 2015

I went shooting on my birthday

I realized that I hadn't been shooting yet not just this year, but all of last year, either (!).  I've been making Baby Vulcan cry.

And so off I went.  Noise was made.  Holes were punched in paper.  I was both pleased at my marksmanship and disgusted at my marksmanship.  All in all, a normal range trip.

Somehow, I find that strangely reassuring.

Friday, August 7, 2015

New web browser privacy add-on

Privacy Badger is an add-on for the Firefox and Chrome browsers that will thwart a lot of online tracking that marketroids do:
EFF is excited to announce that today we are releasing version 1.0 of Privacy Badger for Chrome and Firefox.  Privacy Badger is a browser extension that automatically blocks hidden trackers that would otherwise spy on your browsing habits as you surf the Web.

...

As you browse the Web, Privacy Badger looks at any third party domains that are loaded on a given site and determines whether or not they appear to be tracking you (e.g. by setting cookies that could be used for tracking, or fingerprinting your browser). If the same third party domain appears to be tracking you on three or more different websites, Privacy Badger will conclude that the third party domain is a tracker and block future connections to it.

For certain websites, if Privacy Badger were to block an embedded domain entirely it would break the site's core functionality. For example, if Privacy Badger were to block 'licensebuttons.net,' Creative Commons buttons would no longer load. In these cases Privacy Badger blocks the domain from setting or receiving any cookies or 'referer' headers, but allows the embedded content to load.
Pretty neat.  I like the Electronic Frontier Foundation guys.  Recommended.

A birthday grumble.

It's my birthday.  Yay. /sarcasm


Damn.  Need a bigger cake.

My present is to work on fixing up Camp Borepatch to sell it.  Yay. /sarcasm
The older I grow, the more I distrust the familiar doctrine that age brings wisdom.
- H. L. Mencken

Friday Motor Madness - BMW Z1

This is the first of a new series of posts, highlighting oddball, unusual, and cool cars.  In this post, we go back to the future with the first car in BMW's Z line of roadsters.  It had so many unusual features that it led to the Z moniker itself, for Zukunft - "future".

Picture via Topspeed.com
Introduced at the 1987 Frankfurt Motor Show, the Z1's retractable doors and removable thermoplastic body panels made it the sensation of the show.  BMW quickly received 5,000 orders before manufacturing even began.

Picture via Topspeed.com
The panels contributed nothing to the car's structural integrity, and were explicitly designed to be removable and swappable.  BMW encouraged customers to purchase a second set of panels in a different color, letting them change their car themselves.  BMW's claim that the swap would only take 40 minutes was considered to be rather a joke (if you weren't a Bavarian mechanic).

Alas, only 8,000 were built.  The Z1 used a stock 2.5L engine (from the 325 series) and the 9 second 0-60 made this somewhat less than the ultimate driving machine.  Only built between 1989 and 1991, they are quite rare and prices are correspondingly high.  While this isn't by any means a performance car, it's terribly quirky - it's as close as BMW ever came to the Jeep Wrangler's removable doors.  In Europe it's legal to drive with the doors retracted (it seems that it's not legal to do this here in the USA).

If you're interested in this unique motor, I recommend you click through to the excellent article at Topspeed.com.

Thursday, August 6, 2015

More on shooting down drones

I am not a lawyer, but some lawyers (well, law professors) are looking at this and think that it may be justified:
Robots can pose-or can appear to pose-a threat to life, property, and privacy. May a landowner legally shoot down a trespassing drone? Can she hold a trespassing autonomous car as security against damage done or further torts? Is the fear that a drone may be operated by a paparazzo or a peeping Tom sufficient grounds to disable or interfere with it? How hard may you shove if the office robot rolls over your foot? This paper addresses all those issues and one more: what rules and standards we could put into place to make the resolution of those questions easier and fairer to all concerned.

The default common-law legal rules governing each of these perceived threats are somewhat different, although reasonableness always plays an important role in defining legal rights and options. In certain cases - drone overflights, autonomous cars, national, state, and even local regulation - may trump the common law. Because it is in most cases obvious that humans can use force to protect themselves against actual physical attack, the paper concentrates on the more interesting cases of (1) robot (and especially drone) trespass and (2) responses to perceived threats other than physical attack by robots notably the risk that the robot (or drone) may be spying - perceptions which may not always be justified, but which sometimes may nonetheless be considered reasonable in law.

We argue that the scope of permissible self-help in defending one's privacy should be quite broad. There is exigency in that resort to legally administered remedies would be impracticable; and worse, the harm caused by a drone that escapes with intrusive recordings can be substantial and hard to remedy after the fact. Further, it is common for new technology to be seen as risky and dangerous, and until proven otherwise drones are no exception. At least initially, violent self-help will seem, and often may be, reasonable even when the privacy threat is not great - or even extant
And it's not just the profs saying this.  Homeland Security says it, too:
The US Department of Homeland Security issued an intelligence assessment to law enforcement agencies Friday warning that recreational drones "could be used by adversaries" to attack the United States.

...

The report added that drones "could be used by adversaries to leverage UAS as part of an attack" and that an "emerging adversary use of Unmanned Aircraft Systems present detection and disruption challenges."
Best to shoot it, just to be sure.  And remember to double tap.

Wednesday, August 5, 2015

New email attack in progress

OldNFO emails with breaking news:
I want to bring your attention to a potentially dangerous phishing email that contains a malicious link.  If you received any email from any of these email addresses: 


And the Subject Line is:  "Your USAA Account Computer/Device Preferences Notification." 

DO NOT OPEN the email.  DELETE THE EMAIL IMMEDIATELY.  Then DELETE the email from your Deleted Items folder.  The email contains a malicious link that can attack email and other Information Technology systems.
I have been getting email saying that I have a voice mail message.  I don't use the app that the email claims to represent.  If you get emails from what look like companies you don't use, they are almost certainly attacks.  If you get "security" emails from companies that you do financial business with, they are almost certainly attacks.

HAHAHAHAHAHA!

[gasp] [gasp] [gasp]

HAHAHAHAHAHA!

But this time, we'll vote ourselves out of this mess.  There will be the Leader on the White Horse to save us!  A Leader funded by the same Oligarchy, no matter which party [*cough* *cough* BUSH] [*cough* *cough* CLINTON] that Leader represents.

But relax, Citizen.  All is well.  The circus is amusing and the bread is free.  And the chocolate ration has been increased from 3 ounces to 2½ ounces ...

Tuesday, August 4, 2015

A parable on Obamacare


Here endeth the lesson.

More on Windows 10 and privacy

As a follow up to yesterday's post, here is an excellent, detailed walk through of what you should think about turning off when you install or upgrade to Windows 10.

Also, you will want to go to Microsoft's opt-out web page to get rid of targeted ads.

What will Obama's climate policy do to your electricity rates?

Quadruple them.  How do we know?  Because he said he wants the USA to get 28% of its electricity from renewables (vs. the current 4%)*.  There are multiple countries in Europe who get 30% of their electricity from renewables.  Guess what their electricity costs (and no fair peeking at the title of this blog post).

* The plan seems to exclude hydro power, which provides some more of our electricity.

Monday, August 3, 2015

Windows 10 doesn't have spyware

It is spyware:
I really want to upgrade to Windows 10, but have begun seeing stories come out about the new Terms and how they affect your privacy. It looks like the default Windows 10 system puts copies of your data out on the "cloud", gives your passwords out, and targets advertising to you. The main reason I am looking to upgrade is that Bitlocker is not available on Windows 7 Pro, but is on Windows 10 Pro, and Microsoft no longer offers Anytime Upgrades to Windows 7 Ultimate. However, I don't want to give away my privacy for security. The other option is to wait until October to see what the Windows 10 Enterprise version offers, but it may not be available through retail. Are the privacy minded Slashdot readers not going with Windows 10?
It's a pretty reasonable thread at Slashdot - meaning nobody accuses Bill Gates of putting puppies in a blender.  But the default Windows 10 privacy settings are really, really bad.  Basically they're Google snooping on everything that you do, except that they make you pay for the privilege of using their OS.

This is a good article on all the things you need to do to turn this off.  It's unclear whether the monthly Windows Update security fixes will reset the privacy settings to the defaults; Windows 10 users will want to check this each month.  It's less unclear whether Microsoft will share your usage habits with NSA - of course they will.

Or you can just switch away from Windows.  Microsoft is clearly looking for other ways to milk its customer base, and this snoop-o-matic presumably is only the first of many initiatives from Redmond.  Here's a balanced video from a couple years back discussing the pros and cons of switching to Linux from Windows.  Me, I made the jump a long, long time ago and have never looked back.



No built-in spyware on Linux, and you don't have to keep checking to see if some security fix just stealth changed your settings.  If you surf the web, read email and RSS feeds, and do Office app work, Linux will be fine for you.  If you game, why don't you have a Playstation?

Sunday, August 2, 2015

Seikilos epitaph - Music from Ancient Greece

The Death of Paulus Aemilius at Cannae by John Trumbull, 1773
Two great battles were fought on this this day in the ancient world.  In 338 B.C. Philip of Macedon crushed the Greek city states at Chaeronea, setting the stage for his son the Great Alexander to embark against the Persian himself.  A century later in 216 B.C. Hannibal won perhaps the greatest victory of all time, utterly destroying  the Consuls Lucius Aemilius Pallus and Gaius Terentius Varro - and their eight legions - at Cannae in the southern part of the Italian peninsula.

What both of these locations had in common was that they were Greek, and would have recognized this music.  The Seikilos epitaph is an inscription from a tombstone outside the ancient Greek city of Ephesus.  While it may be the oldest musical inscription for which we have both the musical score and the lyrics, this is not entirely clear.

What is clear is that this musical style would have been familiar to both Philip of Macedon and many of the combatants at Cannae.  The lyrics are an epitaph from a man named Seikilos to his wife Euterpe.  They translate roughly as:
While you live, shine
Don't suffer anything at all;
Life exists only a short while
And time demands its toll.
Good words to live by, infused with the still robust stoic philosophy so prevalent in the ancient Greek world.


Saturday, August 1, 2015

Thoughts on getting the house ready to sell

I'm getting Camp Borepatch ready to sell - the boys are getting their own swinging bachelor pad and Wolfgang and I would be rattling around in a big ol' empty place.  Plus, the market is roaring here in the ATL, and for once in my life I want to see what it's like to sell a house in an an up market.

And so I'm going through room-by-room clearing out junk and setting things up so that the house will show well.  I've discovered some interesting things:
  • I have boxes that I've never unpacked since moving here from Mordor on the Charles Massachussets.  "Boxes", as in plural.
  • I've discovered that the empty downstairs room that has the freezer and a fridge for the kids will make a dandy shop.  The table saw and other implements of destruction have decamped there.
  • I'm filling a Bagster with junk.  Bagsters are the shiznit.  I may get another before I'm done.
  • Crews (plumbing, landscaping, etc) are OK when you're (ahem) of a certain age.
  • I kind of think that I'm doing what's called "decorating".  I wasn't allowed to do that in the past ...
All in all, things are proceeding.  It's a bit odd to think that I will soon end up in the same situation where I was at FOB Borepatch - on my own, away from the family, only permanently this time.  It's very odd that I'm looking forward to this.