Thursday, March 31, 2016

Tuesday, March 29, 2016

Made of win

Trust me, watch this.



Young miss Jordan was 8 years old when she performed this on Norske Talenter (what looks to be the Norwegian version of American Idol).  Wow.

(via)

Grumpy

That would be me.


Bah.

Monday, March 28, 2016

Your moment of Zen


Southport, N.C.  A lovely little town, although the property values are approaching the absurd.

Snowden helped, rather than hurt

Says former aide to Colin Powell:
The leaks from NSA whistleblower Edward Snowden about US worldwide surveillance have helped rather than harmed America, and the leaks haven't endangered lives. 
Lawrence "Larry" Wilkerson, the former chief of staff to Secretary of State Colin Powell in the last Bush administration, said that he believed Snowden's assertions that he leaked out of concern for the US breaking both domestic and international law. 
"I think Snowden has done a service. I wouldn't have had the courage, and maybe not even the intellectual capacity, to do it the way he did it," he told Salon magazine.
Snowden told the truth and is on the run.  General Clapper perjured himself to Congress and has yet to be prosecuted.


Badass of the year

Russian Special Forces officer surrounded by ISIS calls in airstrike on himself.

Hat tip: Chris Lynch.

Sunday, March 27, 2016

Jesus Christ Has Risen Today

Yes, I know I posted this on Easter before,  If you're lucky to go to a church with a superior choir and organist, this as a recessional will make the hair stand on end and let you know precisely what Easter is about.



If you're lucky.  The Lord is risen indeed.

Saturday, March 26, 2016

Wounded, Not Broken

But there is suffering in life, and there are defeats. No one can avoid them. But it's better to lose some of the battles in the struggles for your dreams than to be defeated without ever knowing what you're fighting for
--Paulo Coelho .
It's said that the longest journey that a man will ever take is the eighteen inches between his head and his heart.  Some don't survive that trip. Those left behind pick up the pieces as best they can, but things are never fully complete.  Pieces are lost.  We see the picture, and the gap, all at the same time.  Forever incomplete.


This road has a fork, a choice of two paths.  One leads to the dead end, the washed out bridge, the sudden crash that leaves you broken.  The other leads on, to whichever rendezvous with destiny is in our stars. This is the hard path. It is a path that we will travel scarred and wounded.

We are wounded because we loved that which is lost to us. We get up and continue the journey because we love that which remains.

The Deity has given us free will.  We always stand at that fork in the road, and He steps back to let us choose.  He forgives us when we turn away, looking at that hard road, after all, his Son did, too.
Father, if you are willing, take this cup from me ...

The story of the Cross is not the story of Jesus alone. When the suffering on Good Friday happened, there were others that took their own hard path and stayed. Mary his mother, Mary of Magdala, and John the Beloved. They stood and gave witness. They accepted the suffering when they could do nothing more, and as that most horrible slow death by torture happened, they grieved because they loved.

And the story of the Resurrection is not the story of Jesus alone. The first witnesses are Mary his mother, Mary of Magdala, and Joanna, women coming to the tomb in their grief with spices to properly anoint the body. They find the tomb empty.

Why do you look for the living among the dead?
 

It was unbelievable. A man returned from crucifixion. Resurrected. It is still unbelievable. Do we dare believe?

So, this Easter, I am wounded, not broken. We have all been given the gift of life and life is for the living. The story of Jesus is story of a life lived with courage and joy. It is not just Good Friday and the Cross. Life is new births, laughter, moments of joy, a lover's kiss. Life is resurrection. Life calls me to bind my wounds and live on with that same courage. To remember what was with nostalgia and to look forward to what is yet to come with hope.

This Easter day, may the Spirit fill you to overflowing, even to that part of you which may never again be whole.

He is risen. 

Alleluia.
Our Lord has written the promise of resurrection, not in books alone, but in every leaf in springtime.
--Martin Luther

**Cowritten by Borepatch and ASM826

Seen at the Harley dealer

The riding class is using the new 500 cc model (I think this is the one built in India). It doesn't sound like any Harley I've ever heard, but neither does the V-Rod. Sounds like a Honda, in fact.




All tricked out for newbie riders who might drop it. The folks at this class were doing OK, though.

But this was my lucky day for shopping ...


Common Core math

It's awesome.


Friday, March 25, 2016

Seen at a church


Awesome.

Free trade considered harmful?

98% of Economists agree that free trade is beneficial for both countries in an exchange, and should be part of your healthy breakfast.  Eat more.  More, more, more.

The problem is Bastiat's "seen and unseen" problem.  It's easy to measure trade volumes, so that's what we do.  That's what the Economists look at, which is why they all tell us it's good for us.  They're right in that assessment, as far as it goes - what they see is beneficial.

But what about what they don't see?  Andy Grove dies this week, and the ex-Intel CEO had some very strong feelings about important things that are hard to measure.  The unseen:
The lesson Grove had learned at Intel was that success was all about scale. As soon as a country loses its high-tech manufacturing base, it forgets how to do many things, and loses its ability to scale in a new marketplace. The spoils go to those who retain a competitive manufacturing base. 
TVs were a good example, Grove wrote. Princeton economist Alan Blinder had written that the absence of TV production in the USA, as TVs became a low cost "commodity," was a good thing. 
"I disagree. Not only did we lose an untold number of jobs, we broke the chain of experience that is so important in technological evolution. As happened with batteries, abandoning today's 'commodity' manufacturing can lock you out of tomorrow's emerging industry."
Smart developing nations have long ignored Ricardo's "Comparative Advantage" argument, for precisely this reason.  Alas for our corrupt political class.  They've sold our future to Wall Street for a mess of campaign contributions.

Rest in peace, Andy Grove.

Is it time to end the War On Drugs?

Experts say no.


Well, they're experts, right?

(via)

Thursday, March 24, 2016

Jim Hall - Good Friday Blues

More like jazz than blues, but perhaps that leads to the introspection fitting the occasion.


Hackers take over city water purification system

Change the settings on how the water is treated:
A group of hackers, previously involved in various hacktivism campaigns, have accidentally made their way into an ICS/SCADA system installed at a water treatment facility and have altered crucial settings that controlled the amount of chemicals used to treat tap water.
This strange hacking incident is described in Verizon's 2016 Data Breach Digest (page 38, Scenario 8), a collection of case studies that the company's RISK team was brought in to investigate.
The victim of the hack is a company that Verizon identified under the generic name of Kemuri Water Company (KWC). As the RISK team explains, the company noticed that, for a couple of weeks, its water treatment center was behaving erratically, with chemical values being modified out of the blue.
Suspecting something was wrong - and something that its IT staff wasn't able to spot - the company brought in Verizon's RISK team to investigate.
KWC was exposing its internal network to the Internet
Good idea, Scooter.  Stalin would have had you shot.

The fall of Rome and a lesson for our times

From Victor Davis Hanson:
And I’ll conclude with a spoiler from his finish because I think it’s so profound. Describing the fall of Rome to a band of thugs after a much smaller Roman Republic had defeated much larger and more dangerous threats:
“Fast forward to the 5th century AD, is this the Roman Republic, 1/4 of Italy? No. It now encompasses 70 million people, from Mesopotamia in the East to the Atlantic ocean in the West, to above Hadrian’s Wall in the North to the Sahara Desert in the South, one million square miles. And they’re attacked, not by a formidable power, the inheritor of classical military science like Hannibal, but a thug like Atilla with some Huns and Visigoths and Vandals. By any measure, the threat was nothing compared to the threat that Romans faced when it was much, much smaller. But why in the world could they not defend themselves….?
The answer is…in 216 BC a Roman knew what it was to be a Roman. And they were under no illusions that they had to be perfect to be good. All they believed was they had an illustrious tradition that was better than alternative and could be better even more…In 450 AD I don’t think the average person who lived under the Roman Empire…knew what it was to be a Roman citizen, he did not believe that it was any better than the alternative. And when that happens in history, history is cruel, it gives nobody a pass. If you cease to believe that your country’s exceptional and has a noble tradition, and it is good without without being perfect, and it’s better than the alternative – If you cease to believe that! – there’s no reason for you to continue, and history says you won’t. And you don’t.”
Can we learn and change course? Or are we doomed to travel that road once more?
It's a long but excellent talk at the link, full of insight.

I-95: the Spring Break highway

Literally:
MELBOURNE, Fla. - A crash involving two tractor-trailers hauling beer and chips overturned on Interstate 95 in Brevard County, spilling the snacks all over the roadway and blocking lanes for hours on Wednesday morning.
The crash was reported at milemarker 187 in Pineda Causeway just after 3:30 a.m.
Florida Highway Patrol said the tractor-trailer carrying Busch beer was driving southbound on I-95 when the driver attempted to move into center lane and swerved to avoid another vehicle.
Chips, Beer truck crash 2
The front of the Busch beer truck then struck the Frito-Lay truck, prompting the Frito-Lay truck to overturn and spill beer and chips onto the roadway, according to FHP.
No mention as to whether a salsa truck was in the area.

Hat tip: Rick, via email.

Wednesday, March 23, 2016

Yikes!


Best money that guy ever spent.

Let's play the Intellectual Consistency game!

Heh:

Double heh:

More here.  Of course, we all have our own inconsistencies.  Mr. Emerson's excellent advice is what I like to fall back on.

(via)

Your Apple everything is vulnerable

Patches for Macs, iPhones, tablets, TVs, the whole shebang:
Updated Apple has today emitted security updates for pretty much everything it makes, and you should install them as soon as you can because it's all bad news. 
iPhones, iPads and iPods should grab iOS 9.3, Macs should fetch OS X 10.11.4 or Security Update 2016-002 for non-El Capitan Macs, Apple Watches should get watchOS 2.2, and Apple TVs should install tvOS 9.2. Your hardware should eventually offer the updates to you automatically, or you can follow these instructions to get going right away.
The details are pretty boring to anyone who isn't a security geek like me, but these are pretty serious.  Let's get patching.

UPDATE 25 March 2016 09:27: If you have an iPad, DO NOT update it with this patch.  It seems that the patch has been bricking iPads left and right.  Apple says it's working on a fix.

Tuesday, March 22, 2016

The day after St. Patrick's Day

Maybe painting lines on the road is not such a good idea ...


The Trump Insurgency

Interesting:
What's most surprising to many pundits and analysts is that Trump has done this without presenting all of the detail plans, voluminous position papers, etc. that we've come to expect over the last couple of decades.

He has simply refused to play by those rules, and he's not paid a price for it.

Trump is able to pull this off because he's not running a political campaign.  Instead, he's running an insurgency

Not only that, it's a very specific type of insurgency.    ...

This means he is playing by very different rules than his competitors.  Let me walk you through an example of what I mean by that. 
RTWT, which is pretty darn interesting.

Monday, March 21, 2016

Which side goes on the left?

Dang it.


A digital Berlin Wall

18 months ago when the secure email service Lavabit shut down rather than give up its encryption keys to The Man, I wrote about how this is a long term disaster to the US Intelligence services:
The NSA has shot itself in the foot.  Not only have many people in the security community refused to cooperate with them anymore, some very smart folks have chosen to actively try to make NSA's life more difficult.

Me, I don't expect that NSA can possibly reform itself, and likely it will double down on its counter productive domestic snooping.  That will keep pouring gasoline on this fire, leading to even less cooperation and even more active monkey wrenching.
And now to current news: Apple's software engineers don't want to work with the FBI:
Apple's refusal to build a crippled iOS that will help the FBI unlock a killer's iPhone goes far beyond the executive suite. Some of Cupertino's own engineers are refusing to work on the operating system in case they are forced to aid the US government. 
Register sources familiar with the matter told us that, since the start of the iGiant legal showdown with the Feds in early February, Apple developers have been reluctant to work on certain iOS projects and engineering assignments for fear of being summoned by the FBI and forced to break their own product under legal duress. 
The opposition to the FBI's demand runs so deep that some Apple engineers have even threatened to walk away from the company: The New York Times cited "current and former" employees who said members of Apple's engineering teams are prepared to quit if they are ordered to weaken iOS's security mechanisms.
It is hard to overstate just how deeply people in the security industry feel this.  There's a real pride in being the Good Guys, in fighting the Good Fight, in making the World a Better Place.  The FBI is insisting that they violate that.

Things are getting quite interesting here.  Apple is in a real jam - if their very best security developers simply refuse to break the iPhone's security (which is exactly what is being asked), then if Apple cooperates they will be forced to rely on the second (or third) string engineers.  The chances that some horrible security bug gets inadvertently added to the code goes way, way up.  If the bug is bad enough, Apple could lose market share.

Given that the FBI can get everything they need from either the telephone companies (emails, chat messages, the iCloud backup, call records) or the NSA (who everyone thinks can break the phone anyway), Apple deserves to lose market share if they don't fight this all the way to the Supreme Court.

One thing to watch for: if Apple is serious, expect them to announce that they are considering relocating the company to a different country.  They have a ton of cash in overseas banks anyway (because of the idiotic corporate tax rates), so this seemingly wouldn't be difficult.

At that point about all the FBI could do is erect a digital Berlin Wall to keep people from leaving.

Crony got to crony

How bad is the Trans Pacific Partnership - the monster trade deal negotiated in secret?  You could imagine, but you'd under estimate it:
Part of the trouble with the TPP is the remarkable lack of balance within the intellectual property chapter. For example, early drafts of the agreement that featured provisions emphasizing balance and the public domain were opposed by the U.S. and ultimately removed. The lack of balance is also evident in how new rights are treated as mandatory requirements, but user-focused provisions are typically just optional.
Of course.  Users haven't dropped boatloads of cash into the pockets of politicians.  Copyright owners have.
... extension of criminal penalties for rights management information violations,
Because it's too costly to sue people who infringe, and so instead they should be jailed.  Because campaign contributions, or something.
 Criminalization of trade secret law runs counter the established approach in most TPP countries and is the direct result of U.S. Chamber of Commerce lobbying efforts.
Because campaign contributions.

This is precisely what you would expect to come out of a smoke filled room.  To look at this is to entirely understand the Trump phenomenon.

Sunday, March 20, 2016

Happy Spring

With its obligatory theme song.


Ralph Vaughan Williams: - The Lark Ascending

Today is World Sparrow Day.  Really.  It's to raise awareness of the house sparrow.

Really.

It seems that this awareness raising is needed, because there doesn't seem to be any classical music glorifying the sparrow.  Larks, sure:



Poor sparrow.  Do what you can to help.

Sunday, Puppy Sunday

Wolfgang keeps a watchful eye out.


Saturday, March 19, 2016

Luke Bryan - Rain Is A Good Thing

It's spring at Castle Borepatch.  Sadly, rather than 75° and motorcycles, it's a cold rain.  Oh bother.

But this is a sign of things to come, and there's a Country music song to remind us of that.  It hit #1 in 2009.



Rain Is A Good Thing (Songwriters: Luke Bryan,  Dallas Davidson)
My daddy spent his life lookin' up at the sky
He'd cuss, kick the dust, sayin' son it's way too dry
It clouds up in the city, the weather man complains
But where I come from, rain is a good thing

Rain makes corn, corn makes whiskey
Whiskey makes my baby feel a little frisky
Back roads are boggin' up, my buddies pile up in my truck
We hunt our honeys down, we take 'em into town
Start washin' all our worries down the drain
Rain is a good thing

Ain't nothin' like a kiss out back in the barn
Wringin' out our soakin' clothes, ridin' out a thunderstorm
When tin roof gets to talkin'; that's the best love we made
Yea where I come from, rain is a good thing

Farmer Johnson does a little dance
Creeks on the rise, roll up your pants
Country girls, they wanna cuddle
Kids out playin' in a big mud puddle

Rain makes corn, corn makes whiskey
Whiskey makes my baby feel a little frisky
Back roads are boggin' up, my buddies pile up in my truck
We hunt our honeys down, we take 'em into town
Start washin' all our worries down the drain
Rain is a good thing 
Rain is a good thing, rain is a good thing, rain is a good thing

Friday, March 18, 2016

80% of life is this


Why security is hard, redux

Le sigh:
The [Home Depot] was accused of having ignored warnings from its security staff that its anti-virus software had not been updated for over seven years, and it was discovered that ineffective password security had allowed hackers to plant information-stealing malware on sales terminals.
From the agreement in the class action suit against the company.  They'll pay around $20M, almost half of which will go to the lawyers.

Damn, I picked the wrong field.

Why security is hard

It's done by people:
In documents published earlier today, hundreds of pages of previously sealed material related to the Feds' battle with Lavabit were made available. It was immediately noticeable that there were huge swathes of redactions, most of them covering the email address and details of the individual the agents were specifically looking for and why.

It has long been rumored or assumed, though never officially confirmed, that it was Snowden's account that was under scrutiny, particularly given the timing of the case: the documents were filed against Lavabit soon after Snowden said he was the source of the NSA PRISM leaks.

But no one has ever been willing to confirm it, and the huge redactions in the documents made it clear that the FBI was determined to keep up the pretense.

Except...

They missed a single reference. One of the first things we did on downloading the 560‑pages [PDF] was run a search on the word "Snowden" and lo and behold – on page 79, while noting that the entire record was under seal, up pops the email address "Ed_Snowden@lavabit.com."
I'm actually not laughing at the screw up, and you shouldn't, either.  This shows how security goes wrong for people who know better.  Consider:

The FBI is strongly motivated to keep as much of their investigation under wraps.  They're out to get Snowden, one way or another.

They have the expertise to do the job.  Hundreds of references were properly redacted.

Their reputation has been damaged by this - many people's first (and likely last) impression of them will be "screwups".  This is yet another motivation to spend the time to do it right.

And they didn't.  Even with all this motivation and capability, they didn't.  And quite frankly, this sort of thing is inevitable, which is why secrets leak even in wartime.  OPSEC is hard because it has to be 100%, and perfection is only to be found in the next world, not this one.

And so I find myself somewhat sympathetic to the hapless G-Man who did this.  I'm not sympathetic to this, though:
In the case, federal investigators insisted on being given the private keys and source code to the Lavabit encryption engine so that they could access and read all emails without the individuals in question being aware of their actions.

Lavabit founder Ladar Levison fought and lost the order, was found in contempt, and told to pay a fine of $5,000 per day until he handed over the private keys. Two days later he did so and then promptly and publicly shut the entire service down.

Levison later claimed that the Feds changed tactic after that and ordered other email providers to both hand over their keys and keep services running so they were able to snoop on people's communications.
It was a good run for the Republic, but the Praetorians will brook no defiance.

A German Shepherd lession in Survival, Evasion, Resistance and Escape

Keep the faith, Luna:
Fishermen like to tell stories, but Nick Haworth will have a whopper of a tale.


The California man’s beloved dog, Luna, has returned more than a month after she fell overboard in the Pacific Ocean and was presumed drowned.
But fate was on her side, as was her will to live.
She was presumed lost at sea. Until Tuesday morning, that is, when staff arriving for work at the island’s Naval Auxiliary Landing Field spotted something unusual – a dog sitting by the side of the road. Domestic animals aren’t allowed on the island for environmental reasons.

It was Luna.

“She was just sitting there wagging her tail,” DeMunnik said. The staff called to Luna, and she came right over.
Wolfgang says, "Ooh rah!".  And well done to the swabbies.  RTWT, which is the best thing you'll have read all week.  Or we can't be friends anymore.

Thursday, March 17, 2016

Heh


I used to watch a couple of his cooking shows, and thought he had some good recipes.  But his personality was a little (*ahem*) rich and I knew a number of people who just couldn't get past that.

Antivirus for your car

OK, that title isn't actually correct, but hey - it got you reading this, right?  Long time readers remember that one of my pet peeves is computerized cars.  As I often rant, security wasn't an after thought - it wasn't thought of at all.

Well, that may be changing:
IBM is developing a security stack for connected cars as part of a wider strategy to secure vehicles against a growing range of hacking attacks.

Some describe modern cars as computers on wheels but for Martin Borrett, CTO IBM Security Europe the range of communication options (Bluetooth, 3G) and range of embedded computing technologies is turning vehicles into “small data centre on wheels”.
That's an interesting way to look at it - actually a technologically mature way to look at it.  After all, while networked computers are brand spanking new in cars, we've been dealing with security for networked computers since the 1980s.
Designing a secure vehicle needs to happen alongside creating a trusted supply chain, hardening a vehicle and creating a trusted maintenance ecosystem.
Hells yeah.  It's refreshing to hear someone talking like this.

Multiple integrated levels of protection are needed. IBM's vehicle security stack features secure identities, secure data storage, secure access, secure communication, intrusion detection and protection, security intelligence and security of operations and execution.
A cynic would say that IBM has these security technologies, so "of course a connected car needs them.  That skates by the fact that the system and ecosystems of the connected car/truck do need the same sort of protections that networked computers need.  IBM has pretty decent technology and system here, and they cover a lot of bases.  One of their selling points historically has been that they can integrate  lot of different things into a solution, and this would be pretty important to a car manufacturer, I'd think.

Disclosure: I know some of the folks at IBM's security division, because I used to work with them in one of my startup days.  They're pretty smart, and IBM is pretty serious about this field.
A recent presentation by Borrett on the security of connected cars, delivered at the mobile and cloud conference InterConnect 2016 in Las Vegas last month, can be found here. The talk was entitled Code is my co-pilot: Security & privacy in connected vehicles.
Cute.

Will this be a panacea?  Of course not.  Would I want one of these if I had a "connected car"?  Hells yeah.

Irony, sweet irony

The Linux operating system has been dominant for servers for years and years because it's fast, stable, secure, and free.  It formed the core of the Android operating system and so it's all over the place now - fast, stable, secure, and free are winners in the mass market as well.  The fact that you could keep around old server hardware that was too under powered to run the latest Microsoft server software, and the old nag would still be useful meant even more savings.

But it was always a niche OS for desktops, pretty much only used by nerds like me (confession: I've used a Linux desktop since 1994, and the 0.99 kernel).  The issue hasn't been with the Internet "killer apps" - email and web browsing.  These work great.  It's not even that the office apps (OpenOffice and the newer/better LibreOffice) don't work.  Microsoft keeps changing the data format of the data files in their Office suite to keep out the competition, but the Linux apps provide 95% of the functions.

But Linux has something like 1% of the desktop market.  It seems that fast, stable, secure, and free just isn't enough when there's one killer app that has really not been supported well: gaming.

Linux has always been pretty bad here.  It's been a chicken-and-the-egg problem: the graphics board companies haven't invested in Linux device drivers because the market was too small, and hard core gamers wouldn't install Linux because they couldn't use their uber graphics hardware (for that extra frisson of excitement during the post-explosion splatter).  Game over, dude.

Except nasso fast:
Making the rounds on the Internet today is a rumor that NVIDIA Corp is allegedly working on their own Linux distribution.

Generating interest on Reddit and elsewhere is that NVIDIA is supposedly developing their own Linux distribution / operating system. This Linux OS would supposedly be suited for gamers.

The premise isn't really different from Valve's OS and the only "proof" is an alleged screen capture of an installer screen for this operating system supposedly going by the "NLINUX" codename at NVIDIA.
Sure, this is a rumor, but SteamOS is built on Linux, and Steam is pretty quickly becoming the gaming platform of choice.  nVidia is ging to have to support Linux drivers anyway, and so this is actually plausible.

Sure, if we're doing chicken metaphors we should remember not to count this until it hatches.  But the irony of Linux coming to the desktop to support Power Gamers is pretty rich.

Sunshine and kittens

Been a bit resigned over the political silly season, and so here's cute kitten stuff to lighten the mood.  Wait, what?
Many political pundits wrote off Donald Trump's presidential ambitions after he killed rival Jeb Bush's pet kitten on live television Saturday.

But a new poll released today shows that the eccentric billionaire now leads the GOP field by an even greater margin than before.
Dang it.

Wednesday, March 16, 2016

I'm not sure I trust that Donald Trump fellow

He has a particular way of talking that avoids the issue.



I guess I better get used to it - if the Establishment doesn't have him assassinated, he's going to be the next President.

Retro duneon gaming

The Embedded Theologian finds a site with dozens (hundreds) of first person dungeon games from the 80's.  I lost a lot of time on Bard's Tale, back in the day.

I don't think that this will appear on menus soon

No thanks, I think I'll just have a burger:
With a name like assfish, you're probably used to being the butt of jokes, not a top news item.
After seeing a number of stories pop up about a funky little fish newly displayed at the Royal BC Museum in Victoria, British Columbia, Canada, Weird Animal Question of the Week decided to take the author’s prerogative to ask “What in the world is a bony-eared assfish?”
Well, then.

(via)

Major web sites serving up malware via ads

Big sites, probably you visit some:
Top-flight US online publishers are serving up adverts that attempt to install ransomware and other malware on victims' PCs.

Websites visited by millions of people daily – msn.com, nytimes.com, aol.com, nfl.com, theweathernetwork.com, thehill.com, zerohedge.com and more – are accidentally pushing out booby-trapped adverts via ad networks, warn infosec researchers.
These are served up via flash, which gives you some options to protect yourself:
Patching regularly, uninstalling Silverlight or setting plugins such as Flash to click-to-play, will defend against attacks from dodgy banner adverts.
All good advice.  Windows Update should be set to automatic*, Silverlight is not needed anywhere that I've seen and can be uninstalled, and using Flashblock or setting your browser to click-to-play are all excellent suggestions.

* Careful about the Windows 10 upgrade pester offer.  Read the popup carefully - the opt out is way at the end.  Tricksey hobbitses ....

Cthulhu 2016

OK, here's a candidate I might be able to get behind.


The web site is an absolute hoot - it has that "real candidate" smell to it - you know, the one that comes in a can with the K Street Lobbyist.  And there's a platform that I can whole heartedly endorse:
There is no special interest or issue too small for Cthulhu to fix. If puppies are being abused, Cthulhu will ensure puppy abusers will meet their end. If vegans are protesting your rendered meat product, vegans will become rendered meat product.
Mmmmm, vegans!

And like another front running candidate, he had a Reality Show, too:



Tuesday, March 15, 2016

The Art Of Noise - Paranoimia

The '80s was a great decade for music.


Well that's your problem right there


Former counter-terrorism chief: Apple is right to resist the FBI

You might agree with this; I couldn't possibly comment:
A former counter-terrorism chief has laid into the Feds over its ongoing Apple iPhone battle – saying FBI director Jim Comey is exaggerating the need for access and that if agents really wanted into the phone, they would just send it to the NSA.

Richard Clarke was national security advisor and head of counter-terrorism to presidents Clinton and Bush. Speaking to National Public Radio (NPR) on Monday, he was blunt about what he feels is the FBI's goal.

"[The FBI] is not as interested in solving the problem as they are in getting a legal precedent," Clarke said. "Every expert I know believes the NSA could crack this phone. They want the precedent that government could compel a device manufacturer to let the government in."
Tagged with "Government power grab" because, well, you know.

Donald Trump: trolling the left, Alinsky style?

Hmmmm:
By choosing to hold a rally at UIC, Trump knew that he could get his enemy to demonstrate who they are and what tactics they prefer. It does not make him responsible for what they chose to do. And what he ultimately chose to do was prevent violence, not promote it.

Trump was pushing a negative so hard it became a positive and allowed him to ridicule his opposition. BLM, OWS and SJWs are being turned into the Bull Connor of the 21st century by their own actions. Trump is just giving them the opportunity to reveal themselves. Then he makes them live by their own rules. On Hardball:

MATTHEWS: When you set up rally in Chicago where it’s mostly Hispanic and blacks, you knew there would be a lot of people that have the time to come out and protest your situation. It was no surprise here, was there in what happened? Given the venue of your event, TRUMP: It shouldn’t matter. You’re the first one to say it. It shouldn’t matter whether it was whoever lives in the city. It shouldn’t make a difference. Whether it’s white, black, Hispanic, it shouldn’t matter.
MATTHEWS: They don’t like what you’re saying. They don’t like what you’re saying.
TRUMP: We shouldn’t be restricted from having rally here because of ethnic make up or anything like that. I’m somebody that feels strongly it shouldn’t make any difference. You usually feel that too. I’m surprised you’re bringing this up because it shouldn’t matter,
Do you believe those were spontaneous responses?
Like I said, hmmm.  Trump has been a master of communicating on an emotional level with voters (for better or worse).  The Establishment has been oscillating between the egghead cerebral and the hysterical name calling.

This could be battlefield preparation in action.  I guess we'll see.


I have no idea whether the coming Trump Administration will be good for the Republic or not, but it's starting to look inevitable.  Still, there's a craftsmanship to his campaign that is not just impressive, but sometimes fun to watch.  Epic troll is epic.

Monday, March 14, 2016

So would the establishment assassinate Donald Trump?

I find that idea hard to believe, although they sure seem to hate his guts.  However, after the riot shutting down his Chicago rally, we will have to see how things develop.  Things have a way of getting out of hand when you think of the mob.



That said, so I think that many in the establishment would be sorry if this came to pass?  No.

The question is, during an election where the establishment is held in contempt by many of the voters, how would the country react?

Saturday, March 12, 2016

R.I.P. Keith Emerson

A fanfare for a most uncommon man to sing the to thy rest.


Friday, March 11, 2016

Adobe Flash vulnerability being exploited in the wild - update now

So everyone get patching:
Adobe has urged users to patch their Windows, OS X and Linux editions of Flash Player to address 23 security vulnerabilities, including one that is actively being targeted in the wild. 
The March update includes a number of fixes for vulnerabilities that could, if exploited, allow an attacker to remotely execute code on a targeted system simply by loading a malformed Flash file. In other words, visiting a booby-trapped webpage, or viewing a Flash ad, could inject malware into your computer. 
One of those flaws, CVE-2016-1010, is being used for what Adobe calls "limited, targeted attacks." 
Users running Flash Player 20.0.0.306 and earlier for Windows, OS X and Linux should look to update the software. 
Flash Player for Linux 11.2.202.569 and earlier and Adobe AIR Desktop Runtime and AIR SDK 20.0.0.260 as well as AIR for Android 20.0.0.233 and earlier should also be updated if possible. You can check your installed version here
Users who have activated the "Allow Adobe to install updates" option on Flash Player for Windows and OS X should receive the update automatically. Google's Chrome browser installs Flash updates automatically, too.
Flash, of course, is what makes video work on Youtube and other places.  It's pretty much everywhere and so is a favorite target of the Bad Guys.

Follow the link above and it will tell you if you are vulnerable and will give you a button to update.

Thursday, March 10, 2016

I feel a great disturbance in the, err, Force


As if a million nerds all cried out in pain and were suddenly silent.  Err, or something.

Microsoft loves Linux

This seems a bit early for April Fool's Day, and seems legit:
Put down your coffee gently. Microsoft has today released a homegrown open-source operating system, based on Debian GNU/Linux, that runs on network switches. 
The software is dubbed SONiC, aka Software for Open Networking in the Cloud. It's a toolkit of code and kernel patches to bend switch hardware to your will, so you can dictate how it works and what it can do, rather than relying on proprietary firmware from a traditional networking vendor.
[blink] [blink]



Back in the day, we used to laugh at jokes about "MS Linux".  The world is getting weird.

Adios, Most Interesting Man In The World

Stepping down after 10 years.  It seems that he will be replaced.

Hat tip: Chris Lynch.

Wednesday, March 9, 2016

The most trusted name in network news


Offered without comment, because what could you possibly add?

How the European Union screws poor people, version XCIII

It's what they do:
There’s a couple of interesting discussions on the Steam forums about Valve removing the “EU2” pricing tier. Depending on where you lived in Europe, games used to be a different price: EU1 and EU2. Which seems fair enough: the people in richer countries have more disposable income to spend on luxuries like games, and the price those markets can bear is likely to be higher.
But that has come to an end. Understandably, the people who used to benefit from the lower EU2 prices are a bit annoyed. The price of the game in question here (The Talos Principle; highly recommended, by the way) has doubled for them.
Now. Three guesses at who’s to blame.
Moneybags Gabe Newell and his Evil Valve Corporation? Oh, come on, we’re talking about Europe here. Who do you expect?
In its latest plenary session, the European Parliament (EP) adopted the resolution “Towards a Digital Single Market Act” (see press release). The resolution of 19 January 2016 forms the response to the Commission Digital Single Market Strategy (DSM) as announced in last May and pursued ever since.
Good thing they have all those really Smart® technocrats running everything over there.  If left to the chaos of the marketplace, poor people might not have to pay so much.

Tuesday, March 8, 2016

Bill Withers - Ain't No Sunshine

The Queen Of The World has been traveling - this is the fifth week out of the last six that she's been gone.  Damnitall, we've only been married for three months.



Sure, she's worth the wait (duh!), but this house just ain't no home anytime she's been away.

Truth in advertising


Hack the 18 wheeler

You can put the hammer down, from the safety and comfort of your own living room:
Security researcher Jose Carlos Norte says trucks, buses, and vans using Telematics Gateway Unit are exposed on security-search engine Shodan allowing hackers to alter routes and probe speed and location. 
The Barcelona-based eyeOS chief technology officer says thousands of vehicles are exposed over Shodan and can be accessed without any authentication. 
We've seen Shodan here before.  It's bad juju when your device shows up there.
Attackers can download a manual to learn how to navigate the devices and access various functions. 
Teh [sic] devices are used to manage fleets, and send drivers new shipping routes from base. Geo-fencing can also be established to prevent trucks from wandering off course or being stolen. 
"It is possible to monitor and control trucks, public bus or delivery vans from the internet, obtaining their speed, position, and a lot other parameters," Norte says
"You can even control some parameters of the vehicle or hack into the CAN bus of the vehicle remotely.
Connecting the 'Net to the CAN bus (which controls the car/truck/bus telemetry and controls) is Double Plus Ungood security.  Stalin would have had them shot, but it looks like there's a rush to do this - remote immobilization is one "feature" that companies seem to be offering without having really thought about what happens when Joe Bloggs on the 'Net does this to a truck in rush hour.

While IANAL, this seems to fall into the category of "attractive nuisance".

Cats and Dogs, living together

Back in the late 90s, Linux began being seen as a threat at Microsoft.  The "Halloween Documents" were internal Microsoft memos outlining a strategy to compete with the then new upstart OS.  The folks in Redmond saw Open Source as a serious threat.

Seemingly, that's changed.  Microsoft has announced a version of SQL Server for Linux.

[blink] [blink]

I'm pretty sure that this is one of the signs of the Apocalypse ...

Sunday, March 6, 2016

Five years of blogging

Guffaw in Arizona has been doing it.  Congratulations!

Saturday, March 5, 2016

Wah!

It's 15° warmer in Atlanta than here in Maryland.  And it's sunny, not cloudy and threatening to drizzle.  Bah.

Friday, March 4, 2016

Good collection of mystery books


12 years of blogging

Congratulations to Chris Lynch at A Large Regular, blogging for a dozen years.  Wow.  I think I started reading him in 2006 or 2007, and regularly steal his stuff.

Five years

Dad died on this day 5 years ago.  Sure would like to have thode chats gain.

Thursday, March 3, 2016

Shaddup, Romney

Really.  Like the guy who lost a "can't lose" election has an opinion worth listening to.

Just.  Shut.  Up.

Quote of the Day - the Death Of The Republic edition

Seen at Counting Cats In Zanzibar:
In this sense, the old Marxist Tony Benn had it about right when he raised the matter of the democratic deficit in the [European Union] during the European Parliamentary Elections Bill of the 5 questions that should be asked of anyone who sought to wield power.
  • What power do you have?
  • Where did you get it?
  • In whose interests do you exercise it?
  • To whom are you accountable?
  • How can we get rid of you?
Anyone who cannot answer the last of those questions does not live in a democratic system.
The fact of the matter is that despite the appearance of democracy in the form of the European Parliament, power within the EU does not reside with anyone who was directly elected by the people and consequently the people cannot “Throw the bums out”
The Trumpening is a result of the increasing frustration felt in America at the failure of "throw the bums out".  Landslide election victories for the nominally "small government" party in 2010, 2012 (except for the defeat of the sad sack big government presidential nominee), and 2014 have led to a big fat nothing.  Obamacare is still here.  Huge fiscal deficits are still here.  An out of control, politicized bureaucracy still is coming after Middle America.  Nothing has changed.

But the only constant is change.  It may be good, it may be bad, it may be neutral.  But it's different.


Donald Trump and "What's the Matter With Kansas"

I introduced Thomas Frank before:
Thomas Frank wrote the famously clueless book, What's The Matter With Kansas, mewing doe-eyed* about why the voters of Kansas kept voting for Republicans when it was "clearly in their economic interest" to vote for Democrats.  He didn't understand that the people of Kansas knew what he didn't, which is that this is nonsense on stilts.  The Democrats are terrible to the working class, speaking in economic terms.
In reality, the Republican Party hasn't been so hot for the working class' economic interests lately, either.  I'm pretty surprised that you really don't hear much about this when the Talking Heads and Usual Suspects blather on about how horrible Trump is and how it's incomprehensible how those stupid proles keep supporting him when he says the trumpism du jour.

It's actually entirely understandable.  Trump is running a strongly populist campaign, the strongest I've seen in my lifetime.  The working class have felt shut out and put down by the establishment - both parties - for a long, long time.  Trump is tapping into that.

The establishment (both parties) has free trade on the brain.  They push it in increasingly secretive agreements (The Trans Pacific Partnership is the most glaring example of this).  The Guy On The Street wonders when he'll see the benefits of these agreements; after all, the factory closed down four years ago and he's been in and out of part time jobs ever since.  The Talking Heads spout a lot of economic theory about rising tide floating boats, but he sees his kids wearing clothes from Goodwill.

Trump talks to this guy, who sees Trump's policies as being in his own economic interest.  If fewer illegal aliens (trigger alert!) come into this country - or if some of the ones already here go back home  (trigger alert!) - then Joe Everyman might think that he could land some construction work.

In fact, Joe Everyman is entirely rational when he thinks this.  It's really quite astonishing that the Talking Heads simply don't get this.  But it's worse (for the establishment): so far this has all been about economic interest.  What about Joe Everyman's interest?  Economists like to say that everything is about economics, but c'mon.  Joe quite frankly finds himself on the wrong end of social pressure, where political correctness is used as a club against Joe and his friends by calculating political interest groups.  Because he's white, he's racist; because he's male, he's sexist; because he didn't go to an Ivy League school, he's an ignoramus.  Everything about him is wrong, wrong, wrong, and he needs to change, to get right with Society RIGHT DAMN NOW.

And along comes Donald Trump with his anti-PC hammer, blowing away nonsensical establishment PC groupthink time and time again.

How could Joe possibly not think that The Donald was the guy for him?  And Joe is entirely rational in thinking that a vote for Trump is a vote for his own interest.  If Trump follows through on even a little of what he says, Joe absolutely will be better off.

The whole thing is the simplest calculation anyone could make.  And so of course it has the Talking Heads flummoxed.

I don't know whether Trump will make a good President or not, but we're sure fixin' to find out.

Wednesday, March 2, 2016

Layers of editors and fact checkers


Damned racist Australians.

What causes NSA to lose sleep at night?

It's not whether Apple will unlock an iPhone:
Admiral Michael Rogers, head of the NSA and the US Cyber Command, has told delegates during his keynote address at RSA 2016 the three things that keep him awake at night. 
His first fear is an online attack against US critical infrastructure, which he said was a matter of when it will happen, not if. Citing the recent Ukrainian power grid hack as an example, Rogers said that the target was an obvious one and security systems in the US national critical infrastructure were not strong enough.
While #3 on his list is pretty obvious, his second insomnia-inducing worry is pretty darn interesting.  RTWT.

But he closes with a plea that I think will fall on deaf ears:
The NSA can't handle all of this itself, he said, and pleaded with the assembled security experts to bring their skills to the government in partnerships.
I've been quite critical about how NSA's behavior over the last 15 years has alienated a large portion of the security industry practitioners.  I haven't seen anything over the last year or two to cause me to change that - and the whole FBiPhone incident is causing even more collateral damage.

NSA has a lot of smart people, and the ones who are trying to fight the Bad Guys are fighting the Good Fight.  But they have a huge branding problem to overcome.  Adm. Rogers isn't addressing that.