And the Leonid Brezhnev Memorial Award goes to ...

So UK Prime Minister Keir "Two Tier" Starmer has decreed that people saying hateful things will be jailed because their speech is actually violence, and he's making room for them in His Magesty's prisons be releasing violent criminals because their violence is actually speech, you guys.

Some big shot police constable has even said he was going to go all 1775-Bunker Hill on Americans for their speech, which is totally violence.  Ooooh kaaay,

All this totalitarianism reminds me of a joke from the Soviet Union, back in the day.  It was said about Leonid Brezhnev (and likely others).  I've somewhat rewritten it for modern times.  See if you can tell the difference.

So this guy goes to Red Square Hyde Park Speaker's Corner and yells "Leonid Brezhnev Keir Starmer is a senile fascist old fool!"  Of course, the police swarm him and drag him off to Ye Olde Gaol.  He is sentenced to ten years and ten days in durance vile - ten days for slander and ten years for revealing State Secrets.

Maybe I gave away my edits right there ...

And so the Leonid Brezhnev Memorial Award for Totalitarianism goes to Brit PM Keir Starmer, for fascism above and beyond the call of duty.  Well done you dirty commie bastard.

Time to patch your Windows computer

Microsoft has released a fix for a severe vulnerability in this month's Windows Update.  The problem here is that a Bad Guy sending a specially crafted IPv6 packet can run code on your computer.  Basically it's a spammer's/hacker's dream, and now there is demonstration code in the wild to do this.

If you run Windows 10 or 11, this is probably bad news for you.  Here's what you need to do:

1. Check to see if you are reachable using IPv6.  If you only have IPv4, then you don't need to worry.
2. If the site in the link above can reach you with IPv6, you need to run Windows Update.  Go to the Start Menu and type "Windows Update" in the search bar which will take you right to the update program.
   

I must say that I was surprised about my IPv6 connectivity.  But this is a really nasty bug, so get patching.

FBI security measures laughably weak

The FBI Inspector General has issued a scathing report about the Bureau's lackadaisical  attitude towards protecting sensitive data:

The FBI has made serious slip-ups in how it processes and destroys electronic storage media seized as part of investigations, according to an audit by the Department of Justice Office of the Inspector General.

Drives containing national security data, Foreign Intelligence Surveillance Act information and documents classified as Secret were routinely unlabeled, opening the potential for it to be either lost or stolen, the report [PDF] addressed to FBI Director Christopher Wray states.

...

The OIG report notes that it found boxes of hard drives and removable storage sitting open and unattended for "days or even weeks" because they were only sealed once the boxes were full. This potentially allows any of the 395 staff and contractors with access to the facility to have a rummage around.

There is a photo of the storage facility at the link, and it can only be described as horrifying.

I guess they are too busy spying on regime enemies to, you know, take security very seriously.

Well, that doesn't sound like much of a "Cybersecurity Lab"

Cybersecurity Lab didn't use antivirus:

Dr. Emmanouil "Manos" Antonakakis runs a Georgia Tech cybersecurity lab and has attracted millions of dollars in the last few years from the US government for Department of Defense research projects like "Rhamnousia: Attributing Cyber Actors Through Tensor Decomposition and Novel Data Acquisition."

The government yesterday sued Georgia Tech in federal court, singling out Antonakakis and claiming that neither he nor Georgia Tech followed basic (and required) security protocols for years, knew they were not in compliance with such protocols, and then submitted invoices for their DoD projects anyway.

It seems that Dr. Antonakakis wasn't much impressed with antivirus products.  Fair enough - it's a perpetual game of locking the barn door after the horse got out.

But the contract said that the lab would follow particular standards (in this case, NIST 800-171) which mandates antivirus, and the lab issued compliance statements with the invoices they submitted.  This case seems pretty cut and dried.

And not at all impressive for Georgia Tech Cybersecurity Lab.

 

Dad Joke CCCXXXVII

Tuna sends in a good one.  What do you call a stolen Tesla?  And Edison.

Calvin Jackson and George Stoll - Concerto For Index Finger featuring Gracie Allen

The Queen Of The World and I like watching the old TV shows ('50s, '60s, and '70s).  One of these is The George Burns Show, the star of which really is Gracie Allen who would steal the show pretty much every time.  Well, TQOTW discovered this gem from the last film appearance by Gracie, the 1944 film Two Girls And A Sailor.  It had an all star cast but Gracie stole the show with this hilarious number.

Say goodnight, Gracie.

So it's Price Controls now, eh?

So Kamala doesn't know much about history, it seems.  Or economics.

Dad Joke CCCXXXVI

To the guy who invented zero: thanks for nothing, pal.

Disney+ Terms of Service does not give blanket immunity

Sanity breaks out at Disney:

Disney said it is abandoning its motion to compel arbitration in a case filed by a man who alleges his wife died from anaphylaxis after a restaurant at a Disney complex failed to honor requests for allergen-free food.

Disney's motion to compel arbitration controversially cited the Disney+ streaming service's subscriber agreement, which includes a binding arbitration clause. The plaintiff's lawyer called the argument "absurd."

Disney confirmed this week that it will withdraw the motion, which it filed on May 31.

Good.  It was a stupid argument anyway.  Man, they generated a lot of ill will with that bone-headed move, though.

 

 

CMP Update

CMP is selling a limited number of M1917 Enfield rifles.  Now, I love my Enfield, but I don't love having to stock both .303 Brit and .30-06 ammo.  The nice thing about the M1917 is that it has the silky smooth Enfield action but is chambered in good old American .30-06 which you can find pretty much anywhere.

Both Field Grade and Service Grade are available, starting at $1000.

Huh

We voted at the primaries today.  Had to show photo ID.  I wonder if this is just a GOP Primary thing, or if it's the MOST RACIST THING EVER

The buzz from Black Hat this year

Every year in the heat of the Las Vegas desert is the Black Hat Briefings, the premier computer security conference.  There's always interesting news from the briefings (and from the much less buttoned down conference, DEFCON, which runs immediately afterwards).

So what's the buzz from Black Hat this year?  It seems that Palo Alto Networks had Booth Bunnies at their display booth:

[blink] [blink]

Now I did my share of manning the booths (yes, I was a Booth Bunny, thank you for asking) back in the '90s and the '00s.  But even in the '90s we were considerably more buttoned down than this, and for good marketing reasons.  Sure, some of the attendees might like the scenery, but some will not - and some of them will very much not like the scenery.  This has been known to be bad conference marketing juju for literally decades.

Of course, the Palo Alto Networks' Chief Marketing Officer had to go full frontal groveling* in his apology:

PAN's chief marketing officer Unnikrishnan KP, or Unni as he's often called, issued his apology earlier this week calling it "tone deaf."

"Last week at Black Hat in Las Vegas, an unfortunate decision was made at a Palo Alto Networks event to have hostesses wear branded lampshades on their heads," he said. "It was tone-deaf, in poor taste, and not aligned with our company values or brand campaign. 

"I take full responsibility for this misjudgment and have addressed it with my team and am taking steps to prevent such misguided actions in the future.

"Please accept my heartfelt apologies for this regrettable incident."

Nikesh Arora, PAN's chairman and CEO, doubled down on the apologies on Tuesday, echoing the points made by Unni, adding that what happened was "unacceptable."

I expect the headcount at Palo Alto Networks' marketing department has gotten a spin.  We apologize again for the fault in the subtitles. Those responsible for sacking the people who have just been sacked have been sacked.

* See what I did there?  I crack myself up.

Is this the most Florida thing that has happened this year?

If not, it's close:

More than $1 million worth of cocaine washed up on a beach in the Florida Keys after Hurricane Debby battered the Gulf Coast’s Big Bend Monday morning, officials said.

Debby, which made landfall as a Category 1 hurricane early in the morning, carried more than two dozen 70-pound packages of cocaine ashore as winds topped 80 miles per hour, the US Border Patrol said.

“Hurricane Debby blew 25 packages of cocaine (70 lbs.) onto a beach in the Florida Keys,” US Border Patrol acting chief patrol agent Samuel Briggs II said in a social media post.

 Well all right then.  I love Florida, but it has some goofy branding.

Now this seems like an interesting opportunity

So some self-important English Plod said he was going to criminally charge and extradite US citizens for exercising their first amendment rights on US soil.  Interesting.

Quite frankly, this seems like a golden opportunity for political candidates here to get a "gimmie" issue.  Sticking up for the first amendment seems like a layup.  And if as I suspect the Democrats are institutionally incapable of sticking up for free speech, then this is a gold plated opportunity to paint them as the party of censorship - not to mention being weak on foreign policy.

Like I said, this issue looks like it's 100% upside.

Dad Joke CCCXXXV

I got hooked on auctions after only going once ... going twice ...

If you use 1Password on Mac, you need to get patching

Le sigh:

Password manager 1Password is warning that all Mac users running versions before 8.10.36 are vulnerable to a bug that allows attackers to steal vault items.

...

Think you might be vulnerable? No mitigations were provided by 1Password, so patching up to version 8.10.36 is your only shot at securing those credentials.

Password Managers are great security tools because they make it easy to have very strong passwords (basically, random gobledy gook) for your online accounts.  They remember these passwords so that you don't have to.

But they're not magic, they're software.  That means that even they can get security bugs.  If you use 1Paddword on Mac, make sure you upgrade it to 8.10.36 which fixes this.

 

Wow, that was a lot of rain

Yeah I know - hurricane season in Florida.  Ian kind of blew past us a couple years ago and while it did have hurricane force winds here the rain went by pretty quickly.  Debbie was the opposite - only 40 MPH gusts or so, but two solid days of soaking.  They even had to do an emergency release of water from the Lake Manatee dam.

So yeah, it's pretty wet.

 

CMP Update - Krag-Jorgensen Rifles

Spendy, but pretty sweet.

I mean, who ever said "Civilize them with an AR"?  But expect to spend $1200+.

Crowdstrike threatens Delta Airlines

Wow:

CrowdStrike says it is "highly disappointed" and rejects the claims made by Delta and its lawyers that the vendor exhibited gross negligence in the events that led to the global IT outage a little over two weeks ago.

That's according to a letter, seen by The Reg and sent to David Boies, partner at the law firm Delta hired to investigate the airline's legal options after it struggled more than most to bring its systems back online, leading to a sprawling list of flight cancellations.

The Falcon vendor reiterated its apology to Delta and the wider customer base. It then went on to remind Boies, known for his work as special counsel during the 1990s US antitrust trial against Microsoft, that it had been proactive in reaching out to Delta, offering support to the airline "within hours" of the incident unfolding.

...

CrowdStrike's lawyer, Michael B. Carlinsky, then poked the bear further. He said that among other things, in this hypothetical trial Delta would also need to explain why it took so much longer than competitors to recover from the same issue, why it refused the free on-site help CrowdStrike offered – the support that led to faster recovery times than Delta's, and the operational resiliency of its IT infrastructure.

This is hands down the biggest screw up - ever - by any security vendor.  I guess that a screw up this big is a potential extinction-level event for Crowdstrike but this sure doesn't sound like it will calm down their customer base.  OK, so they offered some help when they took down Delta, and Delta didn't jump on this.  That sounds like it's 1% on Delta and 99% on Crowdstrike.

But that's not what's going on here - it's explicitly telling a customer that they will drag them through the mud if the customer sues them for their monumental screw up.

Holy moley.

The weather for today

Wet.  With continued wet throughout the day.  It's Florida in hurricane season, right?

And to answer Graybeard's question, yes we are within the white cone:

So yeah, it's raining.  But it's not so bad.  Consider:

• It was supposed to start hammering down rain from midnight last night.  I kept waking up because there wasn't noise of rain on the roof.
• While it looks like it will rain most of the rest of the day, it looks like the worst is already over.  It's more than a drizzle, but there's not a lot of wind.
• Back when Wolfgang was still alive, there were times that he didn't want to go out because it was raining so hard.  This isn't one of those rain storms.
  

So we're fine.  My generator started up first pull a couple weeks back (you do run it every month, don't you?) so we weren't worried about all the TV  ZOMGwe'reallgoingtodie!!!11!!

I mean, it's Florida in hurricane season, right?

Anyway, it looks like Graybeard is going to have a more interesting week than I will:

The other is that back in May, I got a reminder from "the system" that I'm due for a routine colonoscopy. The appointment, made well in advance, is for Tuesday. Those of you who have been through this know that the worst part of it is the night before, which is Monday night. With luck, the storm will stay on that track and be centered somewhere near the Georgia/South Carolina border. With bad luck, I'll be having to be working outside while the storm is clearing out - or stalled too close for comfort. Bad luck could mean not being able to put the tower back up for days.

The last time I went through this, I found that some car seat belts would prevent "liftoff" off the toilet seat and the troublesome, messy aspects of uncontrolled flight around the bathroom. The hardware is still bolted to the floor in the bathroom, I just need to remove a nut, put down the belt, and tighten the nut back down. One on each side of the toilet. It's a five minute job but can save hours of cleaning.

I wonder if this is something that NASA and Boeing can use to try to fix the Starliner thruster problem ...

UPDATE 4 AUGUST 2024 14:48: A day like this is perfect to just not go anywhere and watch old movies.  For example, the 1944 Arsenic and Old Lace starring Cary Grant*.  We hadn't seen this in forever, and both of us laughed out loud all the way through it.  Makes you wonder why they can't make films like that anymore.

Arsenic wasn't nominated for any Oscars that year, which seems odd until you think about the other films that were nominated - Double Indemnity and Gaslight to name only two.  Ingrid Bergman (deservedly) won Best Actress that year for Gaslight; interestingly, Cary Grant was nominated for Best Actor but for a different film that year, losing to Bing Crosby in Going My Way.  Just a casual year of films all of which were better than anything produced in the last decade. [/rant]

Oh, and a quick note to all the Florida newbies: it's summer, we get storms here.  Don't panic.  This isn't a snowstorm up north where nobody can drive for a week until the roads get plowed.  It doesn't do you any good to buy out the milk and frozen goods if the hurricane takes out everyone's power for a week.  Don't go to the grocery store for your panic buying, get a darn generator.

To those of you considering moving here from up north, don't.  It's too perilous.

And gas for it.**

* And also Edward Everitt Horton, best know (to old farts like us) as the narrator of Fractured Fairy Tales on Bullwinkle.

** Dual fuel is even better, with propane tanks.

Dad Joke CCCXXXIV

What do you get when you mix alcohol and literature?

Tequila Mockingbird.

"Climate Change" is a manufactured crisis

I've said repeatedly that the temperature data is a mess.  Long time readers will remember how the Surface Stations project documented poorly sited weather stations (like ones in the middle of baking parking lot asphalt), where 89% of the weather stations did not meet the Government's acceptable siting requirements.  They all read too hot, sometimes by as much as 2 degrees.

Long term readers may remember how NOAA (the US Government's weather bureau) established a "Climate Reference Network" of only well-sited weather stations.  The Reference Network shows that the poorly-sited stations overstate warming by at least half a degree.  Remember, we are told that temperature increased by 0.6 degrees over the course of the entire 20th Century.  Take away that half a degree and you have no warming at all over 100 years.

Yeah, that's quite a crisis.

But never let a crisis go to waste, even if you have to manufacture one.  What have governments been doing to get more warming?  Well, the UK.Gov is installing brand new weather stations, 80% of which not only are not acceptably sited, but are in Class 4 or 5 - the worst of the worst: 

Over eight in 10 of the 113 temperature measuring stations opened in the last 30 years by the U.K. Met Office have been deliberately or carelessly sited in junk Class 4 and 5 locations where unnatural heating errors of 2°C and 5°C respectively are possible. This shock revelation, obtained by a recent Freedom of Information request, must cast serious doubt on the ability of the Met Office to provide a true measurement of the U.K. air temperature, a statistic that is the bedrock of support for Net Zero. Over time, increasing urban encroachment has corrupted almost the entire network of 384 stations with 77.9% of the stations rated Class 4 and 5, but it beggars belief that new stations are being sited in such locations.

Remember, these aren't 80 year old stations that used to be in a pasture and are now in a parking lot.  These are brand spanking new ones.  Sitting in parking lots.

Tagged Climate Bullshit because, well, you know.