What superpower do you get when you become a parent?
Insty has been banging the drum lately on how young men are increasingly avoiding College. You can't really blame them as it's a pretty hostile environment for men, and saddles most graduates with ruinous amounts of student debt.
But if you're bright, motivated, and hard working, there's a path to a six figure salary that will literally cost you only a few thousand dollars - plus a lot of self study time spent. First, let's talk about the target and the opportunity. The Bureau of Labor Statistics just published a study that highlights the fastest growing job fields through 2030:
That highlighted line? Internet Security. The good news? Nobody cares where you went to school for your security degree, or even that you have a security degree. What they care about are industry certifications. You get the cert, you're in like flint.
Now there's a lot involved with getting the cert, 'natch. I posted about this repeatedly over the years. This is a good starting point, and from there you can click through to here which has a fairly detailed set of things to do, and here which is similar but different to the Borepatch Method.
In a nutshell, you can get a Cisco CCNA Exam Prep book for small money, read on your own in your evenings and spare time, take mock tests to make sure that you understand the material, and then take the real cert class for something like $1500. This will qualify you for an entry level IT job, probably around $50k/year. You continue with the next level higher certification, doing exactly the same as above. When you get that you'll qualify for a higher paying job.
You'll get to the point where you're getting certified on ASA Firewall or the like, and then you're an Information Security Analysts. With the cert, you apply for one of those BLS jobs.
They key, you have to spend a lot of your own time on this in self-study. That's a pain, but you save all that dough you'd be spending on the Dirty Commies at the University. Plus you don't have to put up with all the "Be less White and Male" nonsense that they'd make you take (and pay for).
I got an email recently from a reader who had read some of those old posts of mine (thanks, C.H.!). He had found himself in a frustrating job and took this path. How he's working in a Security Operations Center and pretty happy at where he got himself.
It's been a while since I'd posted this sort of thing, but this seems like a good time to remind our younger Gentlemen Readers (or our Old Fart readers who have sons or nephews) that there is an alternative to the College Mill.
Biden orders HHS to cut of shipments of covid medicine to southern states. But it's all good with socialized medicine, amirite?
This may seem like an innocuous statement, but this all actually encapsulates the Climate Bullshit perfectly. First, the government's statement:
The National Oceanic and Atmospheric Administration (NOAA) confirmed in a new report that the average temperature during this summer for the contiguous U.S. was hotter than the Dust Bowl in the 1930s.
The meteorological summer between June 1 to Sept. 1 averaged 74F for the U.S., or 2.6 degrees warmer than the long-term average. NOAA said, "this technically exceeds the record heat of the 1936 Dust Bowl Summer, but the difference is extremely small (less than 0.01 of a degree F)."
Remember the Dust Bowl? John Steinbeck and Henry Fonda sort of made it memorable:
1936 is the year of record heat in the United States. There's a reason that the midwest dried up and blew away that summer:
You want to see a real heat wave? Look at July 1936. Eleven States set high temperature records that stand to this day. That Wikipedia page is a little shifty on this, trying to hide the decline in record temperatures. You'll see an asterisk next to South Dakota, which the Wiki page says means Also on earlier date or dates in that state. So what was that earlier date for South Dakota? July 1936.
Oh, and three more States set high temperature records the next month, August 1936. That makes 14 out of the 50 States suffered record high temperatures in the summer of 1936. That's almost 30% of the States.
NOAA (the Fed.Gov's weather bureau) said that this summer was hotter than that. Oooooh kaaaaay. So riddle me this, WeatherMan: how many States set temperature records this summer? One. Washington State set a record high on June 29.
So how does NOAA get off saying that 2021 was hotter than 1936? Data adjustments:
The data have two components: the raw measurements themselves, and a set of adjustments.
Adjustments are made for a bunch of reasons: time of observation adjustments (you didn't take a reading at exactly the same time each day), environmental changes, weather station site relocations, urbanization, etc.
An interesting question is how much of the 20th century's temperature change is due to adjustments? As it turns out, the answer is all of it.
This chart shows the before-adjustment and after-adjustment temperatures for the 20th century, super imposed. All of the warming is due to adjustments, rather than raw data. Almost all of the adjustments are for readings after 1970.
A group of five vulnerabilities in the B. Braun Infusomat Space Large Volume Pump could allow an attacker to modify system configurations in standby mode and deliver an unexpected dose of medication to patients without any need for authentication, according to a new report from McAfee Enterprise Advanced Threat Research.
I've been posting about the security problems in medical devices for going on a decade now. It's interesting to see major security research players start to issue advisories about these. Hopefully the FDA expedites these sort of security updates.
In a DEF CON talk officially released on Saturday (many of this year's talks were pre-recorded and available to stream before their scheduled time) Dan Petro and Allan Cecil, both of Bishop Fox, outline systemic problems with hardware random number generators. That creates systemic problems for the devices that obtain random numbers directly from hardware random number generators.
"One of our top-line takeaways is that this process of talking to hardware RNG [random number generators] directly is just untenable. It's far too complicated on so many levels, to the point where it should really be considered like writing cryptographic code, where it is just too unsafe to do on your own," Petro told SC Media.
You might wonder what the heck a random number generator is and why you need a good one. Basically, all of the encryption in use today depends on cypher computations starting with as close to truly random numbers as possible. If the "random number" used are not really random - or worse, if they are predictable - than a Bad Guy could decrypt your communications, masquerade as you (well, as your TV), and do all the bad things to you that encryption is supposed to prevent. Home computers (and cell phones) don't have this problem because they invest in good random number generation circuitry. IoT devices are so inexpensive that this isn't done. Probably having unpatched high risk security vulnerabilities in these devices is worse, but this is just another reason why there isn't much security at all in these pieces of junk.
Firefox is still around? Who knew? They blew any credibility on user privacy when they ditched Brendan Eich to include RIAA tracking features.
Microsoft has announced that the Edge Vulnerability Research team is experimenting with a new feature dubbed "Super Duper Secure Mode" and designed to bring security improvements without significant performance losses.
When enabled, the new Microsoft Edge Super Duper Secure Mode will remove Just-In-Time Compilation (JIT) from the V8 processing pipeline, reducing the attack surface threat actors can use to hack into Edge users' systems.
"This reduction of attack surface has potential to significantly improve user security; it would remove roughly half of the V8 bugs that must be fixed," explained Johnathan Norman, Microsoft Edge Vulnerability Research Lead.
That's a neat piece of security work. And I love "Super Duper Secure Mode". It reminds me of Tesla's "Ludicrous Mode" which is shamelessly stolen from Spaceballs.
Google has started emailing users of very old Android devices to tell them it's time to say goodbye.
Starting September 27, devices running Android 2.3.7 and lower will no longer be able to log in to Google services, effectively killing a big portion of the on-rails Android experience. As Google puts it in an official community post, "If you sign in to your device after September 27, you may get username or password errors when you try to use Google products and services like Gmail, YouTube, and Maps."
Android is one of the most cloud-based operating systems ever. Especially in older versions, many included apps and services were tied to your Google login, and if that stops working, a large chunk of your phone is bricked. While Android can update many core components without shipping a full system update today, Android 2.3.7 Gingerbread, released around 10 years ago, was not so modular.
This is actually a Good Thing. Android has a lot of security holes and there are no updates coming for these 10 year old systems. If you got 10 years out of your phone, it's really in your best (security) interest to update.
In the "Federal Cybersecurity: America's Data Still At Risk" report, the US Senate Committee on Homeland Security and Governmental Affairs graded the departments of State, Transportation, Education, and the Social Security Administration a "D" for cybersecurity. The departments of Housing and Urban Development, Agriculture, and Health and Human Services each received a "C." The highest grade for cybersecurity, a "B," went to the Department of Homeland Security (DHS). Among the major issues, several agencies, including the State Department, did not deactivate former employees' accounts, allowing access for extended periods of time after the workers left government service.
Maybe the Cloud will help. These Agencies can't buy cloud services that are not security approved (FedRAMP). Most of these issues are covered under that certification.
OldNFO posted a great video showing just how easy it is for someone to get your info. The video is a live demo from Defcon, so you know it's good.
Yeah, he posted this a while back - I've been pretty busy. And the video itself is from a few years ago, so it's not like you're any later.
And yes, I need to post more security stuff.
I've posted repeatedly about America as Fall-Of-The-Roman-Empire/Republic before. It's looked pretty bleak for a while, not being able to figure out how the Next Big American Thing will come into being. It's looked like that process will be really blood soaked.
But maybe not. I've also posted before about Curtis Yarvin, who blogged under the nom de blog Mencious Moldbug. It was ten years ago that I wrote about him in an uberpost titled The Fifth American Republic. It has perhaps the best opening paragraph I've ever written:
Barack Obama is a communist. That's a low schoolyard insult, even though it's true, but it doesn't matter. You see, Mitt Romney is also a commie. No, this isn't yet another Mitt Romney rant. All of our political establishment are commies, and have been for a long time.
Glen Filthie found a Tucker Carlson interview with Yarvin. It's quite something - Tucker is a much better interviewer than I had known (I don't watch much - or any - political TV) and Tucker allows Yarvin great big huge uninterrupted blocks of time to explain his philosophy of how America is ruled by an oligarchy, why the oligarchy is decentralized, how the US Government has evolved over time (with a shout out to his original post that I blogged about ten years back), how the periodic evolutions come to be needed as the system slowly degrades, and how this explains why we lost in Afghanistan.
He ends with a discussion of the end of the Roman Republic and how that could plausibly happen here without the rivers of blood. This is a very long and very thoughtful interview that left me feeling much better about this Republic's chances than I have in a long, long time.
Go watch this. I cannot recommend this too highly. You might want to read my old uberpost as an introduction first, because it will set the stage for much of what Yarvin describes. Yarvin is a first rate intellect and you will end up smarter when you're done.
This post by Adam Piggott is simply unimprovable. RTWT, but this is a taste:
And really, they’re just profiting off modern man’s shallow desire to live just one more day no matter what the cost. That’s why they’re trying to jab 12 year olds with this toxic crap so the old fucks can live just one more day, it’s all I’ve got, hey, did you see my boat and my Porsche and the ski lodge?
Everything they have told you is a lie. Don’t take their pills, don’t take their jabs, don’t follow their dietary recommendations, don’t do their exercise routines, don’t take 0.7 glasses of wine per day while you have your 1.2 kids, don’t listen to their music recommendations, or their reading material, or watch their evil films, don’t do any of it. Don’t be a boring shitless bastard that does just what he’s told and then has the sheer stupidity to try and lecture those of us who haven’t fallen for the crap and are trying with some very small success to wake you all the fuck up.
There's the food of all sorts that we had before. There's also the food I started stockpiling in January and February of 2020 when I thought this was going to break out and it was hardly being reported. Every time I went to the dojo I would stop in the grocery and bring home a couple of bags of assorted things. I ended up with plastic tubs full of enough food to last us for maybe 3 months.
As the real effects of the virus became more clear and the supply system, while stressed, did not collapse, I started a sort of first in/first out routine and let the pantry dwindle back toward the one month hurricane storage. Not everything got used and a few things had to be discarded. The dry goods like rice and pasta don't last unless they are purchased sealed in nitrogen. Cooking oil has a life span of a few months. Canned goods, for the most part, will go for a year.
The medicine cabinet is worse. Somehow years disappear. I looked at a blister pack of Benadryl recently that had use by date in the fall of 2014. It is not the oldest thing in there.
I need to check the first aid kit in my pack.
Hat tip to XKCD
Big Country has a must-read post up. Go read it now, then come back for my thoughts. In it he lays out evidence that there is a three way power struggle going on between the Intelligence Community, the Pentagon, and the White House. Peter adds some thoughts as well.
It reminds me of the last few years of Tsarist Russia: a war that was going poorly, indecisive leadership at the top that had no real idea what the citizens of the realm actually thought, and a fabulously corrupt and incompetent set of ministers who were more interested in looting the treasury than, you know, running their ministry.
And as to that last item, take a look at Joe Biden's cabinet (courtesy of J.Kb at Miguel's place). It's deja vu all over again. The last thing on any of these folk's mind is good governance.
And so, to BCE's post at the top. The Biden Administration sure as shootin' ain't where the smart money is going to bet. And so, on to the second of the three he calls out, the Dot Mil. There are huge problems in our military, the biggest I've seen since the Vietnam days. In a very disturbing way, the pathology is very similar: the senior officers give commands to a sullen and hostile enlisted force. Back in the dark days of the '70s we had flag officers like Zumwalt (Navy) and Creech (TAC) who were able to reinstil discipline. It sure doesn't look like the Perfumed Princes of the Pentagon are up to Zumwalt's (or Creech's) level.
And so I don't think that the smart money will bet on the Dot Mil, either.
So the Last Org Standing likely will be the Intel Community. Heck, they already successfully overthrew a previous President, and guaranteed they have dirt on most of the players in Washington (Generals Petraeus and Flynn could not be reached for comment).
There really are only two questions. First, how long will this take to play out? The longer it goes on, the more damage the Republic takes (both externally and internally). I can't say I'm optimistic that this will get sorted out soon.
Second, the Intel Community will want to rule from the shadows. They are not Front Men - the acronym of one of the Three Letter Agencies was said to be "Never Say Anything". Quite frankly, Joe Biden and Kamala Harris are the perfect empty suits for the Intel Community to stand up as "leaders" of the Republic - as they did last November. The folks at Langley must be steaming mad that Biden isn't staying in his lane. How this will play out is unknown, but unlikely to be pleasant for Joe, "Doctor" Jill, or Kamala.
Czar Nicholas came to a bad end in a basement in Yekaterinburg, along with his entire family. Will our Checkists go this route to let the rest of Washington know they need to stay in their lanes, or will there still be more subtlety? The nation wonders.
I was walking into work today and came around a corner to find a homeless person standing on the curb. I shifted my direction to maintain a safe distance and the guy turned and spoke.
"Hey, ya' know what my father always used to say to me? He'd say, "If you want peace, prepare for war."
I nodded and kept moving.
Igitur qui desiderat pacem, praeparet bellum
--Publius Flavius Vegetius Renatus