Thursday, October 18, 2018

They Will Not Grow Old

Director Peter Jackson has created a documentary using original WWI film footage. It has been edit using new technology to colorize it and voices and sounds have been added. It premiered in England and is scheduled to be aired on the BBC. It seems likely that it will be available worldwide at some point.

It brings the war to life. Here's the trailer.

Killed by Socialized healthcare

Forbes actually publishes a story about the slow-motion collapse that is the UK's National Health Service.  Here's the key graf:
The United Kingdom's National Health Service, which celebrated its 70th anniversary on July 5, is imploding. 
Vacancies for doctor and nurse positions have reached all-time highs. Patients are facing interminable waits for care as a result. This August, a record number of Britons languished more than 12 hours in emergency rooms. In July, the share of cancer patients who waited more than two months to receive treatment soared. 
Yet enthusiasm for government-run, single-payer health care continues to build in the United States. The latest Reuters/Ipsos poll shows that 70 percent of Americans now support Medicare for All. Virtually all the major candidates for the Democratic nomination for president in 2020 have come out in favor of banning private insurance coverage and implementing a single-payer system instead.
I have a whole post category for Killed By Socialized Medicine which goes way, way back.  And this sums the wretched NHS up, for the dim bulbs on these shores who want to replicate it here:



Actually, this really does sum up the situation.  The issue isn't healthcare, the issue is control.  Statist pricks want life and death control over the population, the better to keep them in line.

Wednesday, October 17, 2018

Big Chief Sitting Bull****

The Internet Meme factory has been in overdrive on Senator Warren.  Here are some of my favorites.






Here's another reason not to bring an Alexa type device into your hoe

UPDATE: That should be "home", not "hoe".  I'm leaving the title unchanged because it's kind of funny, especially with the comments. /UPDATE

As if you needed another reason, but this one is a doozy:
In a paper to be presented today at the ACM Symposium on User Interface Software and Technology (UIST) in Berlin, Germany, computer scientists Gierad Laput, Karan Ahuja, Mayank Goel, and Chris Harrison describe a real-time, activity recognition system capable of interpreting collected sound. 
In other words, a software that uses devices' always-on builtin microphones to sense what exactly's going on in the background.
So now Alexa won't just know what you're saying, it will know what you're doing.  And they'll use that information for - what?  Of course, all the Fanbois who get these damned things have carefully gone over the license agreement before clicking "Accept", amirite?

Damn.  Doesn't anyone remember Homer's story about the Trojan Horse?  It was considered a classic when I was young.

Apology

Stolen from everywhere:

Elizabeth Warren's DNA results have led me to conclude that we all owe her 0.001953125 percent of an apology.


Tuesday, October 16, 2018

Now *that's* scary




UN Scientists: give us $48 Trillion or the planet gets it

The latest out of the UN IPCC is that they need $2.4T a year for 20 years in order to keep the temperature from rising by more than 1.5° C.
The IPCC’s modelled pathways show that $2.4 trillion must be invested in new clean energy every year from 2015 through 2035, which, Bloomberg notes, is an almost sevenfold increase from the $333.5 billion invested in renewable energy in 2017. That is an aggregate investment of $48 trillion. The interest bill alone (at say 5%pa) would be $200 billion per month – more than the whole world currently spends on childhood education and environmental protection combined. 
The report (C2.7) says that “the literature on total mitigation costs of 1.5°C mitigation pathways is limited and was not assessed in this report”. Others have calculated massive additional expenditure on energy efficiency, electricity transmission and storage, CCS and other carbon dioxide removal (CDR). But even these estimates do not attempt to put a price upon the “unprecedented changes in all aspects of society” called for by the IPCC.
The "literature is limited" is pretty funny, with the astronomical sums demanded.  So how does the science hold up on this?  Judy Curry has a long and detailed analysis, but this is the key bit:
IMO, even with erroneous attribution of extreme weather/climate events and projections using climate models that are running too hot and not fit for purpose of projecting 21st century climate change, the IPCC still has not made a strong case for this massive investment to prevent 1.5C warming.
The "Science is Settled" even when it's based on computer models "running too hot and not fit for purpose".  But turn over your money and freedom right now or we'll call you a climate denier or something.  Yawn.

Monday, October 15, 2018

Well, at least they're giving us a choice




People are turning to search engines other than Google

People are smart:
Google has long been eyed with suspicion, and incidents such as covering up potential data leaks does nothing to help. Privacy and security have increased in importance for the average internet user, and this has seen people moving away from Google and investigating the alternatives.
One beneficiary of this shunning of Google is DuckDuckGo. The privacy-focused search engine has enjoyed a 50 percent surge in usage over the last year, and it can now boast a new record of 30 million daily searches.
I use Duckduckgo almost exclusively, since they are very clear that they do not track me.

Remembering the Cost


During World War II, one in three airmen survived the air battle over Europe.

The casualties suffered by the Eighth Air Force were about half of the U.S. Army Air Force's casualties (47,483 out of 115,332), including more than 26,000 dead.

Sunday, October 14, 2018

B-17 and B-24 engine startup and taxi

What was interesting was the B-17 looked kind of clumsy on the taxiway, while the B-24 seemed to steer in a precise way.  Up in the air, the roles were reversed, with the B-17 turning from an ugly duckling into a swan, while the B-24 looked like a goony bird.



The camera video couldn't remotely keep up with the speed of the propellers, and so they look like they're spinning backwards here.

Alexander von Zemlinsky - Die Seejungfrau (The Mermaid)

If ever there was a person who was entitled to name-drop in classical music, it was Alexander von Zemlinsky.  Born in Vienna in the later days of the Austro-Hungarian empire, he ended up fleeing the Nazis and settling in America.  But he seems to have known just about everyone who was anyone in classical music.

He studied composition under Anton Bruckner.  Brahms came to his concerts and was so impressed that he pulled strings with his publisher to get Zemlinsky's music printed.  He was in an orchestra with Arnold Schoenberg, who ended up his brother-in-law.  Gustav Mahler conducted the premier of one of his operas.  He wanted to marry Alma Schindler, who ended up marrying Mahler (amonng others) and who was immortalized by Tom Lehrer.

This piece is titled after Hans Christian Andersen's tale of the little mermaid.  It was thought that the music was lost soon after its 1905 debut, but it was discovered in 1984 and is one of Zemlinsky's most often performed works.

Saturday, October 13, 2018

Lyle Lovett - If I Had A Boat

West Virginia Senator Joe Manchin is in a fight for reelection.  Polls show the race tied against a somewhat flawed opponent.  This story will not help Joe's chances:
Manchin bought a 65-foot yacht, which he named "Almost Heaven", in October 2013 for $700,000. Manchin later transferred ownership of the yacht to Country Roads Marine LLC—a West Virginia-based LLC—that Manchin and his wife incorporated and are listed as members and officers, recordsshow. Manchin docks the boat on the Potomac River in Southeast D.C. and resides in it while he is in the city.
However, since 2013, Manchin has failed to report ownership of Country Roads Marine LLC, which FACT says is a "serious violation of Senate Ethics Rules," given they require senators to list "outside compensation, holdings, transactions, liabilities, positions held and gifts received" on their financial disclosure reports.
That's a lot of money.  I wonder how he saved that much on a Senator's salary?  I'm guessing that a lot of folks in West Virginia are wondering that too - which would be why he tried to hush this up.

Oh, well, if he loses he can always take the boat out on the sea.  Take us away, Lyle!



If I Had A Boat (Songwriter: Lyle Lovett)
If I had a boat
I'd go out on the ocean
And if I had a pony
I'd ride him on my boat
And we could all together
Go out on the ocean
Me upon my pony on my boat

If I were Roy Rogers
I'd sure enough be single
I couldn't bring myself to marrying old Dale
It'd just be me and trigger
We'd go riding through them movies
Then we'd buy a boat and on the sea we'd sail

And if I had a boat
I'd go out on the ocean
And if I had a pony
I'd ride him on my boat
And we could all together
Go out on the ocean
Me upon my pony on my boat

The mystery masked man was smart
He got himself a Tonto
'Cause Tonto did the dirty work for free
But Tonto he was smarter
And one day said kemo sabe
Kiss my ass I bought a boat
I'm going out to sea

And if I had a boat
I'd go out on the ocean
And if I had a pony
I'd ride him on my boat
And we could all together
Go out on the ocean
Me upon my pony on my boat

And if I were like lightning
I wouldn't need no sneakers
I'd come and go wherever I would please
And I'd scare 'em by the shade tree
And I'd scare 'em by the light pole
But I would not scare my pony on my boat out on the sea

And if I had a boat
I'd go out on the ocean
And if I had a pony
I'd ride him on my boat
And we could all together
Go out on the ocean
Me upon my pony on my boat

Friday, October 12, 2018

B-24 Takeoff from Frederick Airport

The B-24 "Witchcraft" is the only fully restored and flying B-24 Liberator in the world.  It visited Frederick airport as part of the Wings of Freedom Tour.  Here it is taking off.



It's a bit like a flying boxcar, not as elegant as the B-17.  But it's a LOT roomier on the inside.

B-17 takeoff at Frederick Airport

The B-17 is a surprisingly elegant aircraft, when seen both sitting still and when in motion.  The B-24 is list a boxcar, but the Flying Fortress is graceful.


Seen at the Frederick, MD airport today.  More later.

UPDATE 12 October 2018 16:56: Changed to Youtube embed for video.

Thursday, October 11, 2018

Why are there so many douchebags on Twitter and Gab?

I'm never on Twitter but I have been spending some time on Gab.ai, and twice in the last week have found myself in arguments with people who seem to have the education level of a fruit fly.  Last night was someone telling me that fascists aren't socialists and that libertarians are fascists.

I don't know if it is the 300 character limit of the posts that makes people into idiots (or attracts them), but it's a big turnoff.  While I am often too wordy, at least I show my work in my posts here.  The commenters here are unfailingly polite and intelligent.  I can't figure out why the Twitter/Gab is so widely infested with douchebags.

At least Gab has a "Mute" button which blocks someone you aren't interested in reading.  I think I will get a lot quicker on the trigger there in the future.

Wednesday, October 10, 2018

Proper Prior Planning

Prevents Poor Performance.


Good luck to the Florida Panhandle

The Weather Channel crew evacuated because of Hurricane Michael.



I hope this one isn't as bad as it looks, but it looks pretty bad.

Old Warbirds Tour

For those of you in the Washington DC metro area, the Wings Of Freedom Tour is landing today at Frederick (MD) airport:
In the ground tour are a B-17, B-24 and P-51. The Wings of Freedom Tour visits 110 cities a year all over the country. The B-17 is one of only nine in flying condition in the United States. The B-24J is the sole remaining example of its type flying in the world. The P-51 Mustang was awarded the a grand champion award for restoration. Flight experiences are normally scheduled before and after the ground tour times. Continues through Oct. 12

I plan of taking some time off and heading up there to drool all over these things.  For those of you in the area, they are here through Friday although the walk through tours end at noon on Friday (they end at 4:00 today and tomorrow).  Those of you with more cash burning a hole in your pocket than I have can take a ride.  $400 for the B-25, $450 for the B-17 or B-24 and $2200 (!) in the Mustang (the TF-51 two seat trainer version).

Shoot me an email if you plan on coming Friday morning and we can meet up.

Hat tip: The Queen Of The World, who finds awesome stuff.

Tuesday, October 9, 2018

Happy Thanksgiving, eh?

To our readers in Canada, have a great Thanksgiving holiday.  Down here they're still harvesting corn near Castle Borepatch, so it's a bit early for a harvest festival.  Still, we shall hoist a Molson's your way and start planning on breaking out the back bacon and long underwear.

Just how bad are the climate temperature databases?

We are told by Scientists® that the Science® is Settled.  Meanwhile, I've been complaining for almost ten years about the poor quality of the temperature databases that are used to reach that conclusion.  Now the first ever, systematic audit of the most important of the climate databases has been done (as a PhD thesis).  The results are worse than even I expected:
  • The Hadley data is one of the most cited, most important databases for climate modeling, and thus for policies involving billions of dollars.
  • McLean found freakishly improbable data, and systematic adjustment errors , large gaps where there is no data, location errors, Fahrenheit temperatures reported as Celsius, and spelling errors.
  • Almost no quality control checks have been done: outliers that are obvious mistakes have not been corrected – one town in Columbia spent three months in 1978 at an average daily temperature of over 80 degrees C.  One town in Romania stepped out from summer in 1953 straight into a month of Spring at minus 46°C. These are supposedly “average” temperatures for a full month at a time. St Kitts, a Caribbean island, was recorded at 0°C for a whole month, and twice!
  • Temperatures for the entire Southern Hemisphere in 1850 and for the next three years are calculated from just one site in Indonesia and some random ships.
I love how the average temperature of St. Kitts was freezing - so it must have been below freezing for half of the day.  And the highest recorded temperature in history was 58°C (Death Valley, July 10, 1913) - the 80°C (176°F) would have killed everyone in the town.

But shut up and pay up.  Because reasons.

Remember, this is the most prestigious temperature data set used today.  The IPCC relies on it for their regular reports.  Oh, and this is from the group that hid the decline:



I think that this is my first post (from 2009) criticizing the temperature data sets.  Interestingly, it touches on what Dr. Muller discusses in the video, and it was from 3 months before the ClimateGate revelations broke.

Monday, October 8, 2018

An American Hero

Lt. Col Tom Parsons, U.S.Army, Ret., died suddenly at home last night.



Here's the short outline. He was raised in a  Catholic orphanage. Joined the Army out of high school. Made the Inchon landing as a Pfc. Went all the way to the Yalu River and was part of the retrograde movement after the Chinese attacked. After Korea, he went to college, got an engineering degree, and was commissioned. He did two combat tours in Vietnam, the second with a Special Forces team attached to a South Vietnamese unit. Eventually promoted to Lt. Colonel, he retired out of the 82nd Airborne in the 1970s.

He started a second life, moved to an old farmhouse with a barn, became a high school ROTC instructor. At his church he founded a Boy Scout Troop. Troop 826. I met Tom there. We had been in Cub Scouts first, of course, and when I walked into the first meeting of the year in the fall of 1991, I was in a uniform. He told me later he knew he had someone he could work with that first night.

We built a better Troop together, had some amazing young men come through the program, camped every month. I was his Assistant Scoutmaster for a decade, hence my screen name and email address. When he had a heart attack I became the Scoutmaster for a couple of years, and then the other assistants took turns, and slowly as my boys finished or quit, I moved on.

Sometime in all those meetings, all those camp outs, he and I became friends, then trusted companions. It is unusual to meet someone in your 40s that is a mentor, a friend, that changes you, helps you redefine yourself. Tom was that for me. We stayed in touch after we finished Scouting. I last saw him a few weeks ago.

But I remember as he was in his 70s, vibrant and full of life. Ready to hit a trail with a pack, singing some off-key song from years ago, carrying his gear, and probably the tent of some young Scout that was struggling.

Pick out a trail, Tom. I'll be along soon enough and we can hike into some warm fall afternoon on strong legs and see what's over the next hill.

In my dreams, I'm going back to Gilwell,
To the joys and happiness I found,
On those grand weekends,
With my dear old friends,
And see the training grounds.

--From the musical play, "We Live Forever" by Ralph Reader



Sgt. York took the machine gun nest 100 years ago

It's quite a story.  And I agree 100% on this:
Some people may ask why we don't have heroes like this in today's military. The answer is that we do still have such men but the media today just doesn't celebrate them like they used to.
I hadn't known that he had tried to re-enlist in World War II.  Overweight and out of shape at 54 years old, the Army didn't take him in the combat units but they did commission him as a Major in the Signal Corps and he did speaking tours throughout the war.  So we should call him "Major York" - except he was commissioned as a Colonel in the Tennessee National Guard so it's really "Colonel York".

I also hadn't known that he used his earnings from the Gary Cooper 1941 film about him to found a Bible School.

His was a much more interesting story than I had imagined, and it's too bad it took so long for me to learn it.

Obama program spent $90M to create jobs for 55 Afghan women

Smartest President ever, or something:
The U.S. government has blown almost $90 million on a doomed project to help Afghan women enter the workforce with a big chunk of the money going to a Clinton-aligned “development” company that reaped big bucks from Uncle Sam while Hillary Clinton was secretary of state. The cash flows through the famously corrupt U.S. Agency of International Development (USAID), which is charged with providing global economic, development and humanitarian assistance. In this case USAID allocated $216 million to supposedly help tens of thousands of Afghan women get jobs and gain promotions over five years. Known as “Promoting Gender Equity in National Priority Programs,” the endeavor was launched in 2014 and tens of millions of dollars later it’s proven to be a major failure. 
Someone must be pocketing the cash because the costly program has helped between zero and 60 women. This isn’t a joke, though it sounds like a bad one. All the dirty details are laid out in a scathing federal audit released this month by the Special Inspector General for Afghanistan Reconstruction (SIGAR). Investigators found that around 55 women got “new or better” jobs in three years and they can’t even fully credit the U.S.-backed program for the women’s prosperities.
But hey, at least the Clintons got some coin so it's all good, amirite Lefties?

Hat tip: The Queen Of The World.

Recommended Reading for Columbus Day

This is a Columbus Day post I wrote in 2008, but which seems evergreen.  You can get Dr. Landes' book on Amazon, no doubt at a deep discount (it was published in the 1990s).

Obligatory Imperialist Post

Because it's Columbus Power-Mad Dead White Dude Day.  Insty posted about Admiral of the Ocean Sea (great book) which gives you a great Columbus overview, but entirely misses the Power-Mad Dead White Dude thing.

As a public service, here's something that you should read if you really want to make a liberal's head explode like the fembots in Austin Powers. Or understand why the world's economy is the way it is.  The Wealth and Poverty of Nations, by David Landes. The title is intentionally taken from Adam Smith, but Landes focuses less on describing economics per se, and more on the constraints that a society puts on their economy.

It traces the history of economic development over the last 1000 years, and asks some very politically incorrect questions:
  • Why did China, the world's richest and most powerful country in 1000 AD not only lose her lead, but lose it so badly that it was dismembered by the European (and later resurgent Japanese) powers?
  • Why did India, fabulously wealthy and populous, not conquor the west, rather than vice-versa?
  • Why did England, an undeveloped backwater as late as 1500 AD, ultimately lead the Industrial Revolution and become the world's most powerful country?
  • What explains the vast differences in economic development between the USA and Canada, and other New World countries? After all, in 1700, Mexico's GDP per capita was $450, not far short of the colonies' $490 (1985 dollars). In 1989, Mexico's GDP per capita was $3,500, vs. $18,300 for the USA.
No, it wasn't "western imperialism" by dead white dudes. Landes' politically incorrect thesis is that society counts, and some societies foster faster economic growth than others. He uses many, many examples.

The quote for this [2008] election season, if we're smart enough to listen, is about the post-Cold War economies:
Among the heaviest losers in this period of record-breaking economic growth and technological advance were the countries of the Communist Socialist bloc: the Soviet Union at the bottom of the barrel, Romania and North Korea almost as bad, and a range of satellite victims and emulators struggling to rise above the mess. Best off were probably Czechoslovkia and Hungary, with East Germany (the DDR) and Poland trailing behind. The striking feature of these command economies was the contradiction between system and pretensions on the one hand, performance on the other. The logic was impeccable: experts would plan, zealots would compete in zeal, technology would tame nature, labor would make free, the benefits would accrue to all. From each according to their ability; to each according to his deserts; and eventually, to each according to his needs.

The dream appealed to the victims and critics of capitalism, admittedly a most imperfect system - but as it turned out, far better than the alternatives. Hence the Marxist economies long enjoyed a willful credulous favor among radicals, liberals, and progressives in the advanced industrial nations;
You'll hate this if you think that economics a la John Kerry and Barack Obama is the shizzle flippity floppity floop.

Contradiction between pretension and performance: nice phrase, that. For an example, see Patrick, Deval. For extra credit, compare and contrast Obama, Barack.

Dang, I think I must have just got my Hate Speech on, right there.

Sunday, October 7, 2018

The Pharaoh Rameses the Great had a passport

Who knew?


This goes back to the 1970s, when a French museum wanted to run a CAT scan on the mummy.  Egypt, recalling decades of looting by European powers seemed to think that issuing a passport to the mummy might make it easier to get him back:
It was his poor condition that prompted Egyptian authorities to seek help preserving him in the mid-1970s. They found their experts in France and reluctantly decided to transport the 3,000-year-old mummy to Paris.
ramses ii head
In order to leave the country, however, even a three-millennia-old king has to follow the rules. Egypt required anyone leaving the country, living or dead, to have the proper papers. Ramses II was issued a passport. Seemingly the first mummy to receive one, Ramses had his occupation listed as “King (deceased).” The government didn’t want him to get a passport for publicity, but believed it would afford them legal protections to ensure his safe return. Countless artifacts and mummies have been plundered and stolen from Egypt, and museums in Europe didn’t always respect Egyptian claims.
Like I said, who knew?

Sarah McLachlan - Prayer of St. Francis

St. Francis, painted shortly after his death
Today's music is unusual for Sunday, as it's not classical.  But stick with me because there's quite an interesting story to tell.

This past week saw the feast day of St. Francis of Assisi.  The Franciscans were early adopters of harmony in their sacred music, most notably the Office (or Historia) of St. Francis which dates to the 1230s AD and which is still sun by the Franciscans today.

Well, the Historia was composed by Julian of Speyer, a Fransciscan who was almost certainly know to the Saint himself.  Julian was from the German city of Speyer - alert readers will recognize a recent post here about the world's oldest bottle of wine which was discovered in a Roman grave in Speyer.

And so by coincidence I posted about wine from Speyer on the eve of the feast of St. Francis, whose music was composed by a guy from where the wine came from.

Alas, I can't find any of Julian's music online.  Instead, here is an unusual (for this blog) but hauntingly beautiful song about St. Francis.  Enjoy!

Friday, October 5, 2018

Things You Don't Think About

All the .22 ammo I have shot over the years and I never thought about the complexity of the process of making it. Here's a 10 minute tour of the CCI manufacturing .22 Long Rifle. Impressive attention to detail.

LOLOLOL

Seen on reddit/r/The_Donald:


I'm so old that I remember when it was the lefties joking about the stuffy folks on the right.  The Times they are a'changin' ...

Harvard study: Wind power is much worse for the environment than previously thought

I'm shocked to hear that environmentalist's pie-in-the-sky "renewable" energy claims don't hold up:
In 2013 research, Keith described how each wind turbine creates a “wind shadow” behind it where air has been slowed down by the turbine’s blades. Today’s commercial-scale wind farms carefully space turbines to reduce the impact of these wind shadows, but given the expectation that wind farms will continue to expand as demand for wind-derived electricity increases, interactions and associated climatic impacts cannot be avoided.
What was missing from this previous research, however, were observations to support the modeling. Then, a few months ago, the U.S. Geological Survey released the locations of 57,636 wind turbines around the U.S. Using this data set, in combination with several other U.S. government databases, Keith and postdoctoral fellow Lee Miller were able to quantify the power density of 411 wind farms and 1,150 solar photovoltaic plants operating in the U.S. during 2016.
“For wind, we found that the average power density — meaning the rate of energy generation divided by the encompassing area of the wind plant — was up to 100 times lower than estimates by some leading energy experts,” said Miller, who is the first author of both papers. “Most of these estimates failed to consider the turbine-atmosphere interaction. For an isolated wind turbine, interactions are not important at all, but once the wind farms are more than five to 10 kilometers deep, these interactions have a major impact on the power density.”
What this means is that you need a LOT more land to produce power with windmills than people have been planning for.  And since the health impact of wind farms is well documented, this means that you need LOTS of empty land.

Or you can just say "Screw the Deplorables in Fly-Over Country".  Whatever works for you.

Amazon and Apple almost certainly did NOT get hacked servers

There is a sensational Bloomberg article claiming that Chinese intelligence agents added chips to motherboards in servers used by Amazon and Apple.  I won't link to it because this smelled to me like bogus security PR stories that are unfortunately a plague in the industry.  Basically, a showboating security company gets a PR agency to hype a story beyond all recognition, and whatever kernel of truth was there gets drowned in a tidal wave of ZOMG!!!!!eleventy!!

Yawn.

But there's a very interesting writeup at Errata Security about what the real scoop likely is (spoiler alert: fraud in the manufacturing process replacing quality chips with less expensive knock-offs to skim some profits).  Basically, it's why you ask your mechanic for the used parts he changed in your car (and look at the ones he replaced them with) if you aren't sure about his reputation.

But this is the key part, to me at least:
The story is based on anonymous sources, and not even good anonymous sources. An example is this attribution:
a person briefed on evidence gathered during the probe says
That means somebody not even involved, but somebody who heard a rumor. It also doesn't the person even had sufficient expertise to understand what they were being briefed about.
The whole article is interesting, but is important for how it demolishes the breathless ZOMG!!!!!eleventy!! in the Bloomberg article.  Quite frankly, that's why I'm not linking to Bloomberg, because it's security clickbait.

The problem on someone getting to the hardware and doing dirty deeds dirt cheap is a real one - I've personally heard DoD folks discussing this for 15 years or more.  But this sure doesn't seem like that's what's happening.  Rather, it's just some big mouth media whores helping "journalists" pimp some clickbait.

UPDATE 8 October 2018 09:42: The Department of Homeland Security backs the denials from Apple and Amazon.

The greatest rivalry in Baseball

Chris Lynch points out that tonight is the first Red Sox vs. Yankees playoff game since the epic series in 2004.

For those what aren't baseball fans, in the October 2004 series the Red Sox had lost the first three games of the series against the Yankees and were down by a run in the 9th inning and looked like they were finished - but then they rallied to win in the 12th.  They went on to squeak out wins in the next three games, most colorfully in Game 6 with pitcher Kurt Schilling giving a solid performance even with a hurt Achilles tendon.  Pitching through the pain, this is the famous "Bloody Sock" game:


The Sox went on to win game 7, becoming the only team in history to come back from an 0-3 deficit. St. Lewis didn't stand a chance against the fired up Sox and were swept in four games in the World Series.  It was the first World Series that the Red Sox had won in 86 years.

So expect a great series - While the Sox won a franchise record 108 games this season, the Yankees won 100.  Remember, there is more drama in a single baseball post season than in all the Superbowls in history added together.

This will be fun, as The Queen Of The World is becoming a bit of a Sox fan, and this will be the first Sox-Yankees post season match up that we've watched together.

GO SAWKS!

Thursday, October 4, 2018

Tab clearing

Lots of good stuff that is worth your attention:

Epic rant is epic.  Aesop brings it.  Long - almost Borepatchian in length - but is a must read.

The "Opiod Epidemic" explained.  The stupid War On Drugs is killing more Americans than the Nazis did in that war.  And since it enriches police departments and gives idiot Congresscritters tons of chances to mug for the cameras, we'll never get a sane policy.

Funeral of 92 year old Bletchley Park codebreaker.  She married an American and lived out her life in Nebraska, keeping her part in the "Ultra Secret" Enigma decoding project secret.  Good on the UK for giving her Military Honors at her funeral.  (Hat tip: Chris Lynch)

Home Owner's Association doesn't like man's Sherman Tank.  Man tells them "Come and tow it, bitches!"  'Murica!

Hiking the Appalachian Trail in 5 minutes


Green Tunnel from Kevin Gallagher on Vimeo.

ASM826 has hiked quite a good portion of this.

Hat tip: Chris Lynch.

Wednesday, October 3, 2018

And he had a bottle of Mad Dog to wash it down, 'natch


Seen on Gab.ai.  All the cool kids hang out there.

Actually, I think he *is*a Democrat




Man, that sure is a lucky escape!

The world's oldest wine

It dates from the Roman Empire:
The Speyer wine bottle (or "Römerwein") is a sealed vessel, presumed to contain liquid wine, and so named because it was unearthed from a Roman tomb found near Speyer, Germany. It is considered the world's oldest known bottle of wine.
It's still full of liquid:


You can see the high quality of the glass bottle.  Roman glass was highly prized by other civilizations and was widely exported as a luxury good.  Roman glass is found regularly in China.

But it's cool to see the actual liquid wine from ca. 325 AD.

Tuesday, October 2, 2018

Maybe we are living the the future after all

It's the 21st century, and we have space probes going to asteroids:


And flying cars go on sale next month:



Hat tip: A Large Regular.



Sometimes the future is stupid, but sometimes it can be very futurish indeed.

MS-DOS Source Code now in Github

OK, this is extra geeky, but Microsoft has release the original source code for MS-DOS 1.25 and 2.0. You can find it in Github:
After original author Tim Paterson found the source for MS-DOS 1.25 (along with a six-inch stack of assembly print-outs), Microsoft handed the code for 1.25 and 2.0 to the Computer History Museum back in 2014. 
Turner has now uploaded the code to GitHub to make it easier to find, although he'd really like it if you didn't suggest modifications to the hand-crafted assembly. 
The v1.25 code is utterly fascinating and consists of only seven assembly source files. The binaries will fit into 12 kilobytes of memory and gave users a full-screen text-based command shell in which to manipulate disks or fire up applications.
Kids, if you want to know what a kilobyte is, go ask your parents.  It's kind of like a Terabyte byt way, way more compact.

Monday, October 1, 2018

Redneck Silo Removal

Something fun from America. Removing a silo with rifle fire.


The Cold Civil War comes to Linux

Unless you're a Linux Nerd like me, you don't run Linux at home on your computer.  But you almost certainly do run it on devices in your house - Android is based on Linux, and your home router/firewall almost certainly runs it.  More importantly, the Internet runs on Linux - the bulk of the servers you talk to and services you rely on are hosted on Linux.

And so the culture wars coming to Linux is a big deal.  The news from a couple weeks ago was that Linux Torvalds (father of Linux and the guy who has guided its development for 20+ years) broke down and imposed a Code Of Conduct for the kernel development group.

In the past, the key question was whether a developer's code was good or not; now with the CoC other issues - the developers race, sex, or gender identification, or his/her hurt feelings - will take precedence.  At the extreme, this could break the Internet, or at least mire it in suckage as bad code (protected from replacement by the CoC and concerns over "diversity" developers' hurt feelings) make things work poorly.

This isn't just an academic concern: we have seen codes of conduct repeatedly abused by activists (a good background of this sort of thing is here), and so there's a lot to worry about here.  Well, the linux kernel hackers are pushing back, saying that if they are disciplined under the code of conduct that they will revoke the right to use their code in the kernel:
An open letter posted to the Linux Kernel Mailing List explains:
Date Thu, 20 Sep 2018 09:28:14 +0000
From unconditionedwitness@redchan ...
Subject Re: A Plea to Unfuck our Codes of Conduct

Regarding those who are ejected from the Linux Kernel Community after 
this CoC:

Contributors can, at any time, rescind the license grant regarding their 
property via written notice to those whom they are rescinding the grant 
from (regarding their property (code)) .
This is a really interesting pushback, and if you are a tech nerd you should click through to read the whole thing.  I don't know that we've hit peak Social Justice, but there are signs all over the place that people are sick of the agenda pushing into every nook and cranny of peoples' lives.

The principles of the Left




Dr. Ford's GoFundMe pages are now approaching a million dollars.

Saturday, September 29, 2018

Seen while out


It has an Infinite Improbability Drive.  Bungied to the roof, so there's clearly not much thrust.


It looks like this may be the official car of the Senate Democrats ...


Friday, September 28, 2018

LOL

This is simply top shelf mockery, on so many levels.




Well played, Internet.  I'm so old that I remember when all the fun mockery was directed at conservatives, not coming from them.

Update on North Carolina being the Massachusetts of Dixie

Remember the woman who saved people's pets during hurricane Florence?  Remember how the NC authorities shut her down and arrested her because she didn't have a permit?  Well, they backed off and dismissed all charges:
A local district attorney's office has dropped charges against a North Carolina woman who was arrested after she took in dozens of pets during Hurricane Florence. Tammie Hedges, founder of Crazy's Claws N Paws animal rescue, was accused of running an illegal veterinary operation before authorities confiscated the animals. Prosecutors decided to toss out the charges on Tuesday. 
Hedges sheltered 10 dogs and 17 cats in a warehouse that she was in the process of converting into a shelter, according to CBS affiliate WNCN-TV. She had been charged with 12 counts of misdemeanor "practice/attempt veterinary medicine without a license." Wayne County District Attorney Matthew Delbridge said in a statement that he was dismissing the charges to "minimize further distraction from my core mission of protecting the public from violent crime."
Gee, ya think?  Betcha got more than a few angry calls and letters on this, didn't ya, Scooter?
However, he noted, "A passion for and the love of animals is laudable but does not excuse unnecessarily putting their health at risk when other, safer resources are available." He said the building failed to meet standards for an animal shelter and that "this defendant... has previously been censured for the unauthorized practice of veterinary medicine."
Damn.  WTF is wrong with these Statist Pricks in North Carolina.  Oops, I think I let the cat out of the bag in the post title.

Hopefully the good citizens of Wayne County will vote this sumbitch out at the earliest opportunity.

Thoughts on l'affaire Kavanaugh

Napoleon Bonaparte's rise to power is one of the most interesting stories in modern history.  He was lucky, always managing to be in the right place at the right time.  That, combined with his prodigious military skill led him to the head of the French revolutionary government.  One of the lucky breaks he caught was that he was seen by the other European powers as reining in the excesses of the revolutionary terror that had consumed the French Republic.  Basically, while he was a military rival, he was seen as someone they could do business with.

That changed in March 1804, when he sent French Dragoons across the Rhine into sovereign German territory to kidnap Louis Antoine, Duke of Enghien.   The Duke was a prominent French royalist and the heir to the house of Condé, in line to the throne of France. Brought to Paris and tried on trumped up charges of conspiracy, he was executed. A European aristocracy who had breathed a sigh of relief that Napoleon had leashed the French Revolutionary Terror instantly became implacably opposed to his rule. While he was able to conquer for a while, he was unable to hold his gains in the face of their continuing resistance. As Talleyrand is said to have explained, It was worse than a crime; it was a blunder.

The Democrats committed a crime in how they approached the Kavanaugh nomination, but worse for them, they committed a blunder.  This whole thing was a sordid farce - multiple accusers have recanted, one laughably claimed that she went to ten parties where gang rapes occurred but never reported anything to the police, and the primary accuser - who testified before the Senate yesterday - has scored a cool half million dollar payday for her efforts.


That's just sad.


Now the farce looks to be backfiring on them.  Even squishy RINOs like Lindsey Graham are fighting mad at the Democrats, and there looks to be not only a solid GOP voting bloc for confirmation but they look like they'll be joined by some Red State Democrats.  Polls are notoriously unreliable in this Age of Trump, but the reaction by conservatives on social media has been incandescent anger and each of the Senators will have their own internal polling guiding their vote.  It's only 6 weeks to election day and we're now inside the notoriously short attention span of the American voter.  And this was the high visibility political crisis that the Democrats wanted to showcase?

It was worse than a crime; it was a blunder.

Thursday, September 27, 2018

Let's talk about FDR's Supreme Court nominees

Today looks to be a day of High Political Theater, with Democrats taking to the fainting couch because of the lack of moral fitness (or something) in one of Trump's SCOTUS nominees.  So let's talk about moral fitness in SCOTUS nominees.  This post was triggered by this tweet:

Twitter cuts off the key part of the picture, so here it it:


Sal refers, of course, to Associate Justice Hugo Black.  Black was a Senator when he was nominated, and the rules of the time extended the courtesy of confirmation without a vote when the nominee was a sitting Senator.  Instead, the Judiciary Committee held hearings on his appointment, with a particular focus on his membership in the Ku Klux Klan.  He was confirmed anyway, but the KKK connection was hushed up by the heavily Democratic Senate.

Black went on to make history (of sorts) on the Court, writing the majority decision on Korematsu v. United States which found it perfectly constitutional to round up hundreds of thousands of American citizens and imprison them without trial in concentration camps.  Sort of what you'd expect from a President who was America's most notorious fascist leader.*

But Brett Kavanaugh is a stain on the Court's honor, or something.

* See the first footnote at the bottom of the post.  Or you could get a longer bill of indictment for FDR here.

Wednesday, September 26, 2018

Smart Phone voting apps are a terrible idea

West Virginia is going to allow electronic voting via the VOATZ SmartPhone App.  This isn't just a horrible idea, it's more horrible than you can possibly imagine.  It is broken on so many different levels that it's hard to summarize, so let me start with XKCD's cartoon from last month:


Wear gloves about sums it up.  Rubber gloves, which you burn when you're done.  Interestingly, Robert Graham (a bona fide security expert) wrote that this is unfair, although if you read all the way to the end of his post you'll see that it pretty much is fair:
It's like fail-systems in industrial systems, where we are less concerned about whether the normal systems have an error, but much more concerned about whether the fail-safe system works. It's like how famously Otis is not the inventor of elevators, but the inventor of elevator brakes that will safely stop the car from plummeting to your death if the cable snaps.

What's lacking in election machines therefore is not good or bad software engineering, but the failure of anybody to create fail-safes in the design, fail-safes that will work regardless of how the software works.
I'd suggest that there is a gross lack of security design standards in software engineering (especially compared with physical engineering).  I've written about this for ten years and none of this has really changed:
So what's the system of the online mobile bank? We need to understand this to understand the risks of the different system components to get a good understanding of the overall risk.

There's the web site itself (logo blurred out here to protect the guilty). My experience is that you'll find the best security in the Defense Department. Very close behind that is security at the major banks. I have made some snide comments in the past about online banking, but the problem isn't that they don't have cutting-edge technology, or skilled operations personnel, or processes and procedures that are backed by executive management. Someone's in charge of the system - you can ask the question who's the online security guy  and get an answer. While there will always be the occasional security vulnerability in the web portal, the risk here is low.

There's the Internet, that sits between you and the web site. Security is lousy here, but the encryption used to scramble your data while it flies over Al Gore's Intarwebz is so good that the risk here is basically non-existent.

There's your phone, and your phone's browser. Technology is moving very, very fast here, which means that security is an after thought. You have many different vendors - one makes the phone, a different one makes the software, and a third one that sets everything up. For me, it's some company in China who makes the phone, and Apple who makes the software (OS X and Safari), and AT&T who sets things up.

So when it comes to your phone, you are the "online security guy".  You need to configure the phone securely and make sure that things are working correctly. Not your bank - after all, it's your phone, not theirs.

So what's the risk of the overall banking system? Negligible risk in the banking web site and Internet transport, but indeterminate risk in your phone.

In an engineering sense, "indeterminate" is a Bad Thing, because you can't estimate costs and risks. It's more than just Ted has a bad feeling going on here, there are serious issues that you need to know before you know if the overall online mobile banking system has unacceptable risk
Now, at this point I need to say that I wrote this about online banking.  In my experience, Banks have very, very good security, and a very, very good understanding of risk and how to manage it.  That means that this is the absolute best theoretical case for online voting, and for the VOATZ app in particular.  Let's break down the three risk areas above by what we know about VOATZ.

The risk of data transiting the Internet is no different.  Yes, it's possible that the VOATZ app has screwed this up, but this is a pretty low risk.  iOS apps, for example, get encryption services from the iOS operating system, so unless you think that Apple has screwed up the crypto, this is likely not bad.

The risk of the back end servers is real.  Banks are good at this, so what do we know about how VOATZ measures up?  What we know does not inspire confidence:
UK-based computer security bod Kevin Beaumont outlined on Monday a list of red flags that he spotted. 
We're told the Voatz website needs patching: it is powered by an out-of-date version of the Apache web server on a box with an out-of-date SSH service and PHP installation. It also apparently exposes NTP, POP3, PHP3, and a 2009-era edition of Plesk to the internet. The site's database, hosted on Azure, has a remote administration panel exposed on port 8080 with no HTTPS protection, according to Beaumont. 
This does not inspire confidence that Voatz can keep miscreants out of its servers, and prevent them from potentially meddling with election results.
All these exposed services suggest a default installation of the web server without any follow up to lock it down.  In short, it is indicative that the VOATZ server farm is administered by incompetents, which shouldn't give the good citizens of the Mountain State warm fuzzies.

Worst is the security of the VOATZ app itself.  There are huge flashing red lights from what we know here:
Very little information is publicly available about the technical architecture behind the Voatz app. The company says it has done a security audit with three third-party security firms, but the results of that audit are not public. Sawhney says the audit contains proprietary and security information that can’t leak to the public. He invited any security researchers who want to see the audit to come to Boston and view it in Voatz’s secure room after signing an NDA.

This lack of transparency worries people who’ve been studying voting security for a long time. “In over a decade, multiple studies by the top experts in the field have concluded that internet voting cannot be made secure with current technology. VOATZ claims to have done something that is not doable with current technology, but WON'T TELL US HOW,” writes Stanford computer scientist and Verified Voting founder David Dill in an email to WIRED. 
Voatz shared one white paper with WIRED, but it lacks the kind of information experts might expect—details on the system architecture, threat tests, how the system responds to specific attacks, verification from third parties. “In my opinion, anybody purporting to have securely and robustly applied blockchain technology to voting should have prepared a detailed analysis of how their system would respond to a long list of known threats that voting systems must respond to, and should have made their analysis public,” Carnegie Mellon computer scientist David Eckhardt wrote in an email. 
Ideally, experts say, Voatz would have held a public testing period of its app before deploying it in a live election. Back in 2010, for example, Washington, DC, was developing an open-source system for online voting and invited the public to try to hack the system in a mock trial. Researchers from the University of Michigan were able to compromise the election server in 48 hours and change all the vote tallies, according to their report afterward. They also found evidence of foreign operatives already in the DC election server. This kind of testing is now considered best practice for any online voting implementation, according to Eckhardt. Voatz’s trials have been in real primaries.
If at this point you're catching a whiff of snake oil, you're not the only one.  And back to the XKCD: They say they've fixed it with something called "Blockchain".

So if you were one of the Bad Guys, what attack vectors might you investigate?  Here off the top of my head are what you might consider:

  • Look for App vulnerabilities that would allow using fake/forged biometrics.  Even if the blockchain is secure, if you can feed bogus data into the front end you can potentially cast votes for someone.
  • Look for App vulnerabilities that change the user's vote after it is cast but before it is entered into the blockchain.
  • Look for server-side vulnerabilities that let you block the service (Denial Of Service).  This would disrupt or prevent an election from being completed.
  • Look for server-side vulnerabilities that would cause absurd vote tallies to be reported.  This would reduce confidence in the electoral system ("Denial of Service via Resource Poisoning").
But the mother lode of hacks is where you take over the server and cause small changes to the tallies in a way that throws the election the way you want.  This is not just a theoretical problem:
Nowhere was this more clear than when Georgia cybersecurity expert Logan Lamb accessed at least 15 counties’ election management databases from the central tabulator via the state Center for Election Systems’ public website, the order continued. The white hat hacker notified CES he was able to obtain private elector information and DRE passwords used by polling place supervisors, but the state took no action between August 2016 and February 2017.
The judge in this case was rather tart in her ruling on this case.

NONE of these risks seem to have been addressed by VOATZ - no doubt because the entire company has perhaps a dozen employees and is running off of venture capital funding.  Remember, this is just a quick list of attack vectors off the top of my head.  This looks like it's an exceptionally target rich environment and so the list will certainly be much longer.

But back to Robert Graham's objection to the XKCD cartoon: what's important are not vulnerabilities, but failsafes.  If you have paper ballots then you have a decent failsafe.  That's not what you have here, and handwaving while muttering "blockchain" doesn't change that.

Online voting is a persistently bad idea, one that is only liked by people who are completely ignorant of the security issues, and yet one that seemingly will not go away.  If you are suspicious that Stalin's dictum of it's not who cast the vote that matters, what's important is who counts the vote is in play here, you're not the only one.

Burn it with fire.  Or bury it in the desert.  Wear gloves.