Saturday, September 30, 2023

Signal to leave UK rather than backdoor their crypto

Well done:

Onstage at TechCrunch Disrupt 2023, Meredith Whittaker, the president of the Signal Foundation, which maintains the nonprofit Signal messaging app, reaffirmed that Signal would leave the U.K. if the country’s recently passed Online Safety Bill forced Signal to build “backdoors” into its end-to-end encryption.

“We would leave the U.K. or any jurisdiction if it came down to the choice between backdooring our encryption and betraying the people who count on us for privacy, or leaving,” Whittaker said. “And that’s never not true.”

The Online Safety Bill, which was passed into law in September, includes a clause — clause 122 — that, depending on how it’s interpreted, could allow the U.K.’s communications regulator, Ofcom, to break the encryption of apps and services under the guise of making sure illegal material such as child sexual exploitation and abuse content is removed.

"Child sexual exploitation".  Oooooh kaaaaay.  No doubt the UK.Gov is very concerned indeed at getting access to Prince Andrew's communications with Jeffery Epstein.  Or something.

(via)

 

Wednesday, September 27, 2023

Dad Joke CCLXXXXIII

If your car only works every other day, it might be the alternator.

Tuesday, September 26, 2023

The oldest woden structure built by humans is almost half a million years old

That's longer than Homo Sapiens Sapiens has been around:

The well-preserved remains of a wooden structure that is no less than 476,000 years old, pre-dating the appearance of Homo sapiens by 100,000, have been discovered at Kalambo Falls in Zambia. Two logs were found in an interlocking position, joined by an intentionally cut notch. Early hominins whittled, shaped and stacked timbers into an unidentified structure that may have been a shelter, a raised track, a fishing platform or something else entirely.

That's really, really old.  And it's wood, not stone.

Monday, September 25, 2023

Dad Joke CCLXXXXII

What do you call an apologywritten in dots and dashes?

A remorse code.

Sunday, September 24, 2023

This is why there's a shortage of Clorox bleach

They got hacked:

Shoppers are seeing shortages of some familiar household products, from cleaners like Clorox and Tilex to Burt's Bees balms and Glad trash bags, as The Clorox Company tries to recover from a cyberattack it disclosed in August.

The company reported on Monday that, because of the damage the cyberattack caused to its internal systems, it is processing orders at a slower-than-normal rate, in some cases bypassing its automated systems and handling orders manually.

We have constructed the infrastructure of the 21st century out of moonbeams and cotton candy.

 

Friday, September 22, 2023

Big security news

Via Dwight, Cisco buys security vendor Splunk for $28B:

Cisco is making its most expensive acquisition ever – by far - with an announcement it's buying data crunching software firm Splunk for $157 per share, or approximately $28 billion (£22.8b).

...

Per Cisco, the deal will bring Splunk's analytics capabilities to Cisco to create a new model of cybersecurity that prioritizes threat prediction and prevention over threat detection and response.

This is really big news.  I have no insight into what "threat prediction" is or how it would work other than to echo Yogi Berra - prediction is hard, especially about the future.

 

Monday, September 18, 2023

Huh. So they didn't do this?

Chrome browser to notify you when an extension is removed from the Chrome store:

Google is testing a new feature in the Chrome browser that will warn users when an installed extension has been removed from the Chrome Web Store, usually indicative of it being malware.

An unending supply of unwanted browser extensions is published on the Chrome Web Store and promoted through popup and redirect ads.

These extensions are made by scam companies and threat actors who use them to inject advertisements, track your search history, redirect you to affiliate pages, or in more severe cases, steal your Gmail emails and Facebook accounts.

The problem is that these extensions are churned out quickly, with the developers releasing new ones just as Google removes old ones from the Chrome Web Store.

Unfortunately, if you installed one of these extensions, they will still be installed in your browser, even after Google detects them as malware and removes them from the store.

Kudos to Google on this but it's a little surprising that this wasn't in from day one.  And the fact that they did this makes you wonder just how big a problem this is.  My take is "big".

And as to extensions, remember Borepatch's First Law of Security from back in 2008: "Free Download" is Interwebz-speak for "open your mouth and close your eyes."

Sunday, September 17, 2023

Dad Joke CCLXXXXI

What kind of tree fits in your hand?

A Palm Tree.

Tuesday, September 12, 2023

Data privacy in cars is basically non-existent

This is not surprising, but a systematic analysis from the Mozilla Foundation shows that no car company takes data privacy seriously - and Tesla tops the list of shame by having serious shortfalls in each of the five key privacy areas.  Most of the other big names (Ford, Mercedes, BMW, the GM stable) have issues on four.

Here are some highlights:

Some not-so-fun facts about these rankings:

  • Tesla is only the second product we have ever reviewed to receive all of our privacy “dings.” (The first was an AI chatbot we reviewed earlier this year.) What set them apart was earning the “untrustworthy AI” ding. The brand’s AI-powered autopilot was reportedly involved in 17 deaths and 736 crashes and is currently the subject of multiple government investigations.
  • Nissan earned its second-to-last spot for collecting some of the creepiest categories of data we have ever seen. It’s worth reading the review in full, but you should know it includes your “sexual activity.” Not to be out done, Kia also mentions they can collect information about your “sex life” in their privacy policy. Oh, and six car companies say they can collect your “genetic information” or “genetic characteristics.” Yes, reading car privacy policies is a scary endeavor.
  • None of the car brands use language that meets Mozilla’s privacy standard about sharing information with the government or law enforcement, but Hyundai goes above and beyond. In their privacy policy, it says they will comply with “lawful requests, whether formal or informal.” That’s a serious red flag.
  • All of the car brands on this list except for Tesla, Renault, and Dacia signed on to a list of Consumer Protection Principles from the US automotive industry group ALLIANCE FOR AUTOMOTIVE INNOVATION, INC. The list includes great privacy-preserving principles such as “data minimization,” “transparency,” and “choice.” But the number of car brands that follow these principles? Zero. It’s interesting if only because it means the car companies do clearly know what they should be doing to respect your privacy even though they absolutely don’t do it.

So what do you do when choosing a new ride?  Some ideas come to mind ...


(via)

Monday, September 11, 2023

Dad Joke CCLXXXX

I got an email about reading maps backwards but it was just spam.

Saturday, September 9, 2023

Jimmy Buffett - Stars Fell On Alabama

It was 1833, and the "Night that the stars fell".  The Leonid meteor shower is an annual event each August.  The 1833 shower in Alabama was no wind and no clouds and so the show was exceptional.  Guy Lombardo recorded the first version of the 1934 jazz classic.  Jimmy did a version (as did literally a hundred others).  I do like Jimmy's version, from an Alabama native.


The Stars Fell On Alabama (music: Frank Perkins; Lyrics: Mitchell Parish):

We lived our little drama
We kissed in a field of white
And stars fell on Alabama last night
I can't forget the glamour
Your eyes held a tender light
And stars fell on Alabama last night

I never planned in my imagination
A situation so heavenly
A fairy land where no one else could enter
And in the center just you and me, dear
My heart beat like a hammer
My arms wound around you tight
And stars fell on Alabama last night

I never planned in my imagination
A situation so heavenly
A fairy land where no one else could enter
In the center just you and me, dear
My heart beat like a hammer
My arms wound around you tight
And stars fell on Alabama last night

What a great song. I remember when the Stars fell on Maine in 1979 or so.  But August nights there are frequently cloud free and windless too.  As are February nights when you can see the Northern Lights.

But not a lot of great songs from Maine if you discount Rudy Vallee.  On a very not-Rudy-Vallee vein, here's the great English singer Vera Lynn ("The White Cliffs Of Dover) sounding like, well, she's not from Alabama but might be from Michigan or somewhere like that.  Her biography is worth reading, if you're a regular here.

Friday, September 8, 2023

Dad Joke CCLXXXIIII

What should you do if you get attacked by a group of clowns? 

Go for the juggler.

Tuesday, September 5, 2023

Jimmy Buffett - Who Gets to Live Like This

This is from his last album (#30!) which came out 3 years ago.  It (the album) debuted at #2 on the Billboard 200, making this his twelfth top 10 album.  The Queen Of The World loves the simple gratitude and humility that he expresses in the lyrics; I like that as well as how he uses steel drums in what would be his last of his trademark Caribbean-themed fun songs.


Who Gets To Live Like This (Songwriters: Jimmy Buffett, Mac McAnally, Lukas Nelson):

There are waves outside my window
There are airplanes in the sky
There are ships on the horizon
And a beach always nearby
Fish tacos on the table, no surfer can resist
How did I get this lucky?
Tell me who gets to live like this?
I left my inhibitions
Receding with the tide
Talking with the turtles
Lying side by side
Seeking wiser counsel on a girl I can't resist
Pass the seaweed salad
Tell me who gets to live like this?
Singin' for money, playin' for fun
How did I wind up in this band on the run?
Wake it up, make it up, shake it up, take it up
There's more ways than one
Jack of all trades, master of none
With fortune or without it
For paydays or for free
More latitudes than attitudes
More everyone and less me
Just knowing what is possible
Is the ring you don't want to miss
I'm happy to inform you
That we get to live like this
That we all get to live this
Live like this
Get to live like this
Get to live like this
Get to live like this
Get to live like this
Get to live like this

This isn't philosophy.  This isn't Deep Thinking.  But somehow I think that Marcus Aurelius looks down from Heaven and smiles.  While tapping his toes.

China.Gov hacking US.Gov

Yeah, shocking, isn't it?  A while back I posted about the security woes of the security vendor Barracuda. Their security devices got hacked, which exposed their customers to the Bad Guys.

It turns out that the Bad Guys were the China.gov types, and the customers were the US.gov types:

Nearly a third of organizations compromised by Chinese cyberspies via a critical bug in some Barracuda Email Security Gateways were government units, according to Mandiant.

And, the Google-owned team warned, it's not over yet: "Mandiant assesses that, at the time of writing, a limited number of previously impacted victims remain at risk due to this campaign."

By that, Mandiant means Beijing's spies not only broke into a relatively small number of organizations, via the vulnerability CVE-2023-2868 in Barracuda's products, they may still have access into those networks even after their victims took action to secure devices, by using earlier planted backdoors. Mandiant continues to recommend people dump and replace their at-risk Barracuda equipment.

It's an on-going mess, and quite frankly it's a mess that the NSA has been doing for decades to other governments.  I expect that like an iceberg, what we see is only 10% of what's happening out there.

Monday, September 4, 2023

Jimmy Buffett - God's Own Drunk

The Queen Of The World says that while Margaritaville put Buffet on the map, this 1974 follow-on sealed the deal. Buffett got sued by the guy who wrote this, replacing this song with a different one, The Lawyer And The Asshole


The Top Five gladiators (and Roman gatorade)

This is just fun.  And yes, Commodus is on the list but it's way more interesting than you think.

Sunday, September 3, 2023

Jimmy Buffett - The Pascagoula Run

The Queen Of The World was a real Parrot Head.  She has given me a list of some of Buffett's less well known songs that she thinks are significant.  I'll be posting one of these a day for the next few days.

First up is Pascagoula Run because that's where he was born.


Pascagoula Run (Songwriters: Jimmy Buffett, Ray R Oliver)

Billy rolled in to my drive-in
Red convertable sixty-five
Headed home to Mississippi, he'd been around the world
That black sheep uncle of mine
His ship had come in, he was looking to sin
Feeling his old song
When he rolled thru the car with a real hard drive, he said:
"Here's where ya come along!"

It's time to see the world
It's time to kiss a girl
It's time to cross the wild meridian
Grab your bag and take a chance
Time to learn a Cajun dance
Kids you're gonna see the morning sun
On the Pascagoula run
Were on the Pascagoula run
Friday night at the Stateline bar
Where the waterfront people dwell
I better watch my step if the floor caves in
I'll go right straight to hell
Hey There were pinball machines and cajun queens
Men with knives and scars
Well we rolled 'cross the floor to the real hard core
And said, "Here's where it gets bizarre"
Chorus:
It's time to see the world
It's time to kiss a girl
It's time to cross the wild meridian
Grab your bag and take a chance
Time to learn a Cajun dance
Kids you're gonna see the morning sun
On the Pascagoula run
Were on Pascagoula run
Well lets run
What do the ladies say, what do the ladies say
What do the ladies say, what do the ladies say
What do the ladies say, what do the ladies say
What do the ladies say, what do the ladies say
Bring that young man over here
We're going to buy that boy a beer
And that ain't all were gunna do
Bring your crazy uncle too
It's time to see the world
It's time to kiss a girl
It's time to cross the wild meridian
Grab your bag and take a chance
Time to learn a Cajun dance
Kids you're gonna see the morning sun
On the Pascagoula run
Were on the Pascagoula run
Have fun on the Pascagoula run
Take a ride on the Pascagoula run

Saturday, September 2, 2023

The amazing history of Betty Crocker

This is way more interesting than you might think.  For example, she got married.  Kind of.

Oh, and there's a recipe here for pineapple upside down cake which looks spectacular.

Jimmy Buffett - Hey Good Lookin'

Rest In Peace, Jimmy. Thanks for all the great music.

Friday, September 1, 2023

Dad Joke CCLXXXIII

When is the Moon the heaviest?

When it's full.