Lawrence has the details. You can turn the damn stuff off. And oh by the way, they're getting sued over it.
Wednesday, November 19, 2025
Tuesday, November 18, 2025
Road Trip V - Fort Abrahm Lincoln
Sometimes we would find ourselves in a place so captivating we would decide to spend all our time in the park. We talked to the ranger in the museum and later with a docent and author that was giving the tours at the Commanding Officer's quarters. Rode our bikes around and in the late afternoon as the sun was fading, hiked up to the overlook.
This is the view looking down from the blockhouses toward the Missouri River. The building you can see are the barracks and the Commanding Officer's quarters.
That is one of the four blockhouses used on the perimeter of the enclosure on the hilltop. The blockhouses are open and I have climbed one to stand looking out of the firing ports.
Fort Abraham Lincoln was a U.S. Army fort built on the banks of the Missouri River in 1873 along the construction route of the Northern Pacific Railroad. It was built on what had been Mandan tribal land until a smallpox outbreak killed about 95% of the settlement in 1837. The 150 survivors had abandoned the area and settled in with another nearby tribe.
There were no battles fought at the fort. The cavalry garrisoned here did participate in putting down a Sioux uprising in the summer of 1876. The commanding officer of the fort was Lt. Col. George Armstrong Custer and this is where he and the 600 men under his command rode out from.
The need for the fort was gone in less than twenty years and the Army abandoned it in 1891. Local civilians stripped the fort for it's lumber, nails, and hardware, leaving only the foundations and memories.
In 1907, Pr. Theodore Roosevelt signed the land over to North Dakota for use as a park. In the 1930s, the Civilian Conservation Corps had a unit assigned to the area. They built an administration building, offices, garages, roads, and the service buildings. They also worked from the foundations and surviving documents to rebuild the fort.
None of the original buildings had survived. Everything in the park is a CCC reproduction. The layout of the fort, all the buildings, can been seen on a walk, with interpretive signs. Two barracks have been restored and set up to look as they did in 1875. The blockhouses and support buildings were rebuilt as well. The C.O.'s quarters was rebuilt later, in 1989 as part of the North Dakota Centennial.
In addition to the structures in the fort, the CCC worked with a local Mandan woman who served as a historical resource to build a section of a Mandan village consisting of five full size lodgehouses. It is maintained and used to display artifacts and interpretive displays about the Mandan.
The CCC administration building is now the park museum. This isn't mine, but it's a slideshow of pictures of the museum and the Mandan village set to music.
Sunday, November 16, 2025
Road Trip IV - The Civilian Conservation Corps
I expect some comments about the things that Pr. Roosevelt got wrong, but I have a real appreciation for one thing he and his Administration got right. The Civilian Conservation Corps.
Established in 1933, it was a government program run by the Army that accepted young men 17-25 and put them to work. The CCC built Skyline Drive, Big Bend National Park, over 700 state parks, over 3,400 firetowers, fought wildfires, worked at flood relief, and a long list of projects. At it's largest, in 1935, there were 500,000 men involved, overall 3 million served. Most of them starting wearing a different uniform in 1942 and the program was shut down.
We ran into the legacy of the CCC everywhere. The style of the work they did is iconic. Driving into a park, you might only need to see one building to know the CCC had been involved and we saw it over and over.
I'll bet most of them were a lot skinnier than the buff statue Ms. ASM has taken a shine to. The statue and plaque are a monument to the CCC at Fort Abraham Lincoln State Park in North Dakota. We'll visit the park in my next post.
Saturday, November 15, 2025
Notes from Old America : Arlo Guthrie - City of New Orleans
This song is an anthem from Old America. I listened to this as a teenager, and you (Old Farts) know how old I am. This is from a time when politics was not Uber Alles, and when Americans could have civil conversations even if they were in opposite parties.
ASM836 has been posting about how he went on a road trip and found that Old America is sill here. This song sings to that, even if Arlo was a Commie Bastard - and son of a Commie Bastard - but he endorsed Ron Paul (!). Because back then we were always America First, even back in the 1970s. I think that this proves my point, that we shouldn't hate Americans because they are in the other political party.
Arlo Guthrie, City Of New Orleans (Songwriter: Steve Goodman):
City Of New Orleans (Songwriter: Steve Goodman)
Riding on the City of New Orleans
Illinois Central, Monday morning rail;
There are fifteen cars and fifteen restless riders,
Three conductors, twenty five sacks of mail.
They're all out on a southbound odyssey
The train rolls out of Kankakee
Rolling past the houses, farms and fields,
Passing trains that have no names
Freight yards full of old black men,
And the graveyards of the rusted automobiles.
Singing, "Good morning, America, how are you?
Say, don't you know me? I'm your native son.
I'm the train they call the City of New Orleans.
And I'll be gone five hundred miles when day is done."
I was dealing cards with the old men in the club car,
It's a penny a point, there ain't no-one keeping score.
Won't you pass the paper bag that holds that bottle,
You can feel the wheels a-rumbling through the floor.
And the sons of Pullman porters and the sons of engineers
Ride their fathers' magic carpet made of steam;
Mothers with their babes asleep, rocking to the gentle beat,
The rhythm of the rails is all they dream.
Singing, "Good morning, America, how are you?
Say, don't you know me? I'm your native son.
I'm the train they call the City of New Orleans.
And I'll be gone five hundred miles when day is done."
Nighttime on the City of New Orleans,
Changing cars in Memphis, Tennessee.
It's halfway home, and we'll be there by morning,
Through the Mississippi darkness rolling down to the sea.
But all the towns and people seem to fade into a bad dream,
The old steel rail it ain't heard the news,
The conductor sings his song again, it's, "Passengers will please refrain..."
This train's got the disappearing railroad blues.
Singing, "Good night, America, how are you?
Say, don't you know me? I'm your native son.
I'm the train they call the City of New Orleans.
And I'll be gone five hundred miles when day is done."
Singing, "Good night, America, how are you?
Say, don't you know me? I'm your native son.
I'm the train they call the City of New Orleans.
And I'll be gone a long, long time when the day is done."
As with all great songs about America, this is bitter sweet. This was once the artery that pumped blood between America's different regions. Now - in the 1970s - it was dying as a passenger system.
But people remembered what it was. Here's the Highwaymen who did this almost as well as Arlo. Waylon makes this almost what it was. Sure, Willie carries this, but watch Waylon.
America is not gone. Art tells us what it was, and is, and can be.
That's what ASM826 is telling us. America is here. Just look around.
Thursday, November 13, 2025
Road Trip III - Welcome To Plainsmen Country
It might the Cougars, the Owls, the Warriors, or any other of a thousand team names. When you get to the outskirts of a town with a high school, there will be a sign, a statue, or a billboard with the team mascot welcoming you. When you walk into the gas station or the grocery store, there will be pictures of the team. High school football matters to these towns. There's history and bragging rights on the line.
In Oakley Kansas, it was the Plainsmen.
There's even a variant in the small towns in Texas. They play six man football. There's just not enough kids in the school to field an eleven man team. Here's today's look at America.
Wednesday, November 12, 2025
Who is up for a Southwest Florida Blogshoot in January or February?
It's been some time since we had a blogshoot here. Please leave a comment to this post if you'd consider attending one in the greater Tampa area in January or February. My co-blogger and Brother-From-Another-Mother ASM826 has said he will come , so all the Cool Kids will be there.
Please include date preference.
Monday, November 10, 2025
Road Trip II -- Scott City, Kansas
This story starts with water. A reliable year round stream that over millennia cut a canyon in western Kansas. The water attracted game of all sorts and the combination attracted people. The canyon is the site of the northernmost Pueblo settlement ever discovered. Later it was home to the Apache and the last battle between native tribes and the U.S. Army in Kansas was fought here. By the 1880s, Herbert Steele and his wife had homesteaded the area.
The Steeles donated the first part of the land for use as a park in 1928. A dam was built the following year creating the lake that exists today. Historic Lake Scott State Park was developed over the following decades. There is the battle site, the sandstone home of the Steeles, the Pueblo ruins, swimming, fishing, hiking and mountain bike trails, and a visitor center.
In the visitor center we learned that there was a museum in the nearby town of Scott City. Since we needed groceries and a laundromat, we went to town. Scott City has a population of about 4,000. Like so many of the cities across the west, it is a railroad town. It's just big enough to still have some businesses and it seemed to be thriving.
We did our laundry and went to the El Quartelejo Museum. There's an artist's gallery, rooms dedicated to the eras in local history, and something else. As you enter, there's a large room filled with tables, a full kitchen, one table with a jigsaw puzzle to work on, a social space. On a weekday afternoon there were a dozen, mostly older, people sitting in small groups engaged in conversation. We were the outliers, tourists in the off season.
We toured the exhibits, but as we came back out we were engaged by a couple of ladies, The usual questions, where you from, where you going, where you staying? We asked about the town, who they were, and they told us in turn. Then they asked if we had eaten lunch and they told us this story.
There's a local place, called Mom and Pop's Burger Stop. (That link is Facebook, but it's what they are using for a website.) Several months before, they had a kitchen fire, destroyed the inside of the building. They rebuilt. But they didn't rebuild alone. People from the community did fundraisers to help the staff with expenses. People volunteered time and skills to clean, hang sheet rock, paint. The reopening had been a couple of days before and we should go eat there.
But I recommend the people even more. The back room is occasionally used by a local organization called Scott City Feathers and Lead for hunter safety classes. There are watch parties for the local high school football games. (Go Beavers!) They donate proceeds to do everything from help with food needs to paying funeral expenses. The people we met that day were just doing what seemed to be right. A community, alive and well.
Scott City. A little place on the far western side of Kansas.
Being raised in the very rural parts of Kansas led me to believe that everything was simple, everything made sense and that anything was possible.
--Chely Wright
A view into Old America and thoughts on Veteran's Day
It is the Soldier, not the minister
Who has given us freedom of religion.
It is the Soldier, not the reporter
Who has given us freedom of the press.
It is the Soldier, not the poet
Who has given us freedom of speech.
It is the Soldier, not the campus organizer
Who has given us freedom to protest.
It is the Soldier, not the lawyer
Who has given us the right to a fair trial.
It is the Soldier, not the politician
Who has given us the right to vote.
It is the Soldier who salutes the flag,
Who serves beneath the flag,
And whose coffin is draped by the flag,
Who gives the protester the right he abuses to burn the flag.
― Father Dennis O'Brien, USMC
Today is Veteran's Day in the United States, a day where we recognize what veterans have done for this nation, and for the world. In other countries it's a day of sadness, reflecting on the loss of those young men and women who served in Flander's Fields and other places. Here, we we reflect on this on Memorial Day in May - originally called Decoration Day after the War Between The States, and chosen in May because there were flowers in bloom everywhere, suitable for decorating the graves of the loved and lost.
But today we recognize the accomplishments of veterans, living and dead. This video popped up in my video feed, and while at times sounding a bit propogandistic, it seems to me to be (as the Mythbusters used to say), plausible.
How Americans introduced WWII German POWs to Thanksgiving dinner.
I say plausible because while I haven't verified any of the claims in the video, I've posted before about LTC Gail Halvorsen:
He was a kid who liked to fly, joining the Civil Air Patrol in 1942 and then the brand new US Air Force when he was old enough to sign up. He missed World War II because of his age but found himself in the left hand seat of a C-54 in Germany, 1948. That's when Stalin cut Berlin off from the Free World and the Berlin Airlift started.
[Then] Lt. Halvorsen was at Tempelhof Airport one day when he saw some kids standing on the other side of a chain link fence. They told him not to worry if the weather was bad and he couldn't bring in food. You see, they said, they could live on very little food but if they lost their freedom they thought they would never get it back. Smart kids.
Halvorsen wanted to do something for them and told them that he'd drop some gum from his plane. They'd know it was him because he'd wiggle his wings. He and his co-pilot pooled their candy rations for the next day's flight. Because it was heavy, they made little parachutes out of handkerchiefs.
...
They called him the "Candy Bomber" and when the word got to the Press it became a sensation back in the States. School children and candy manufacturers donated candy for the children of Berlin. In just a few months Lt. Halvorsen couldn't keep up with all the candy and handkerchief parachutes that were arriving in the mail. Pretty much everyone in his unit was now a Rosienbomber (as the German kids called them - "Raisin Bomber". Halvorsen himself was known as "Uncle Wiggly Wings" because of his signal that he was about to drop sweets.
Operation "Little Vittles" dropped 23 tons of candy in a quarter million handkerchief parachute loads. Halvorsen was awarded the Großes Bundesverdienstkreuz, Germany's highest award.
Like I said, plausible. American veterans came from the pool of American citizians, and pretty much returned to that pool of Americaness. One of the seldom considered accomplishments of the Greatest Generation was not just that they won the war, but that they won the peace afterwords. At least with Western Europe, although post-1992 it seems like Eastern Europe as well.
They did it because they were Americans. Yes, they could afford to be generous to the defeated, but they did it more or less unconsciously because that was who they were. In my mind, this was the greatest hour of American veterans, and the Americans who stood behind them.
And so while this is a day of sadness overseas, let me be the first to wish you a happy Veteran's Day. Thanks to all who served, including Grandpa, Dad, Uncle Dick, nephew Daniel, The Queen Of The World's son, our Son-In-Law (just retiring from the Navy), and last but by no means least our very own ASM826. The citizens - of whom you were once part and to which you returned - are proud indeed that of the members of its own Armed Forces.
England's hidden WWII beach pillbox
Things looked bleak for Great Britain in 1940. France had fallen and even with the "Miracle of Dunkirk" the British Army didn't really have the hardware to fight the Nazi war machine. All that stood between them and Hitler was the Royal Navy and the Royal Air Force, but everyone expected an invasion at any time.
And so a whole bunch of pillboxes were built on likely landing beaches. The problem, of course, is that a pillbox looks like, well, a pillbox, and the Luftwaffe would target them as a matter of course.
And so the Brits built a disguised one.
It looked like an old ruined cottage but was newly built from reinforced concrete with gun ports instead of windows. Pretty cool. And what's also cool is that it's Grade II listed as a historic building.
Sunday, November 9, 2025
Bohuslav Martinů - Thunderbolt P-47
Via a wikiwander, I ran across this fabulously strange classical music tip o' the hat to the Republic P-47 Thunderbolt. No joke.
Bohuslav Martinů was a Czech composer who like many others fled to the United States to escape the Nazis. While there, he wrote this in tribute to what was America's finest fighter-bomber and the role it played to free his people.
Saturday, November 8, 2025
Road Trip I - First, A Little Background
The map in the last post shows all but two of our camping stops. I made that with Mapquest and they have a limit of 26 (A-Z) stops on any planning map. So there's a couple of stops in the long straight stretches that I took out so I could show the main loop.
Two of the stops are to visit family, although we did stay in a campground at one of them.
This is the second long trip we have made. Two years ago we made a trip of similar distance and time. That was on different roads with different destinations. The planning for this trip was deliberately structured to take us to new locations. For example, this trip went to the Michigan UP and out across the northern states. The previous trip included Utah, Arizona, New Mexico, and Texas. Some of the upcoming posts will likely be from the first trip as well.
Our route was roughly planned and the parks were picked months in advance. We went out in August, when parks are busy, and had to make our reservations through Labor Day at a minimum. Later in the trip we were in more remote areas, with parks mostly empty, and we were free to roam. We carried a paper atlas in addition to having the internet. Looking at the larger map of a state gives a perspective that a set of directions in a phone or GPS lacks. We went out to see something of America, to not try to rush anywhere, and to explore as deeply as possible the places we happened to choose.
Wherever you go, however long you stay on the road, you only see a minuscule fraction of the country. For every road you take, there are hundreds you do not. For every town you stop in, there are thousands you drive past. For every park you choose to camp in, there are dozens you didn't visit. If you pick a trail to hike or ride, the rest of the park remains unexplored. When you are in a town, if you pick an old diner for lunch, you didn't visit every other restaurant you might have chosen.
We ate out rarely, it was scarcely any harder to cook in the campsites than it is at home. The camper has a microwave/convection oven, a two burner stove, a small fridge and a sink. In addition, I have a Coleman stove to cook outside with and there are always grills available.
America has an amazing state park system. Every park we visited was a gem.
My next post is going to start in the middle of the trip, in the middle of the country. It was while we were exploring the nearby town on our first trip that I began paying attention to how much of America is still out there. It's going to start with a little place called "Mom and Pop's Burger Stop".
Friday, November 7, 2025
As We Remember It
We have just returned from a two month, seven thousand mile, road trip across America.
We traveled on two lane roads as much as possible, avoiding interstates, and made a point of stopping and exploring small towns and cities along with the parks we were camping in. Our transportation was a mid-size pickup pulling an eighteen foot mini RV.
We stayed in state parks almost every place we stopped. Our routine was to travel no more than three hundred miles at a time and to stay at least two nights at every park. This gave us time to stop when something seemed interesting and a full day to unhook the camper and go exploring the local area.
We went looking and what we found was that America is still there.
This is the first in a series of posts on our adventure.
For any American who had the great and priceless privilege of being raised in a small town there always remains with him nostalgic memories... And the older he grows the more he senses what he owed to the simple honesty and neighborliness, the integrity that he saw all around him in those days.
Dwight D. Eisenhower
Wednesday, November 5, 2025
Skynet has arrived
Nation-state goons and cybercrime rings are experimenting with Gemini to develop a "Thinking Robot" malware module that can rewrite its own code to avoid detection, and build an AI agent that tracks enemies' behavior, according to Google Threat Intelligence Group.
In its most recent AI Threat Tracker, published Wednesday, the Chocolate Factory says it observed a shift in adversarial behavior over the past year.
Attackers are no longer just using Gemini for productivity gains - things like translating and tailoring phishing lures, looking up information about surveillance targets, using AI for tech support, and writing some software scripts. They are also trialing AI-enabled malware in their operations, we're told.
It seems that the Bad Guys are using all the old malware tricks (obfuscation, hidden files, etc) plus some new ones (sending commands via LLM prompts, i.e. the malware queries (prompts) other LLMs to get commands.
The security model for AI/LLM is hopelessly broken, and the design is defective. I mean heck - the designers didn't consider two decade old attack techniques. I don't know if it's correct to label this broken as designed but it's not far off. This is software engineering malpractice.
I can't wait to see what happens with this and one of Elon's humanoid robots ...
Monday, November 3, 2025
Wednesday, October 29, 2025
I would have throught that German IT Security teams would be more competent than this
Germany's infosec office (BSI) is sounding the alarm after finding that 92 percent of the nation's Exchange boxes are still running out-of-support software, a fortnight after Microsoft axed versions 2016 and 2019.
While the end of Windows 10 updates occupied most of the headlines, Microsoft's support for Exchange and a bunch of other 2016 and 2019-branded products ended on October 14, as scheduled a year earlier.
Alternate title: 90% of German firms fail their SOC 2 audit. Look, this isn't landing a man on the moon, and you had a whole year. You just couldn't be bothered.
Was ist los?
Tuesday, October 28, 2025
AI Browsers considered unsafe
OK, that post title is more than a bit inflammatory, but who on earth would want to use something like this?
Several new AI browsers, including OpenAI's Atlas, offer the ability to take actions on the user's behalf, such as opening web pages or even shopping. But these added capabilities create new attack vectors, particularly prompt injection.
Prompt injection occurs when something causes text that the user didn't write to become commands for an AI bot. Direct prompt injection happens when unwanted text gets entered at the point of prompt input, while indirect injection happens when content, such as a web page or PDF that the bot has been asked to summarize, contains hidden commands that AI then follows as if the user had entered them.
This is unbelievably bad. How bad? This bad:
Last week, researchers at Brave browser published a report detailing indirect prompt injection vulns they found in the Comet and Fellou browsers. For Comet, the testers added instructions as unreadable text inside an image on a web page, and for Fellou they simply wrote the instructions into the text of a web page.
When the browsers were asked to summarize these pages – something a user might do – they followed the instructions by opening Gmail, grabbing the subject line of the user's most recent email message, and then appending that data as the query string of another URL to a website that the researchers controlled. If the website were run by crims, they'd be able to collect user data with it.
Surely they must be exaggerating, I hear you say. Nope - the author of the post at El Reg recreated the exploit his very own self, simply by creating a web page with the commands hidden in it. FYI, that's 1996 technology right there.
Now look, I may be an old crabby security geezer (no comments, Glen Filthie!) but the problem of sanitizing user input is a really old one. So old that it was old when XKCD did it's classic "Bobby Tables" cartoon:
There have been over 3000 XKCD cartoons; that one was number 327. Yeah, that long ago.
My opinion about anything regarding AI is that the hype is so fierce that the people developing the applications don't really focus much on security, because security is hard and it would slow down the release cadence. And so exploits that wouldn't have surprised anyone back in 2010 keep popping up.
Le sigh. Once again, security isn't an afterthought, it wasn't thought of at all. My recommendation is not to touch these turkeys with a 100' pole.
Thursday, October 23, 2025
AI LLM poisoning attacks are trivially easy
Poisoning AI models might be way easier than previously thought if an Anthropic study is anything to go on.
Researchers at the US AI firm, working with the UK AI Security Institute, Alan Turing Institute, and other academic institutions, said today that it takes only 250 specially crafted documents to force a generative AI model to spit out gibberish when presented with a certain trigger phrase.
For those unfamiliar with AI poisoning, it's an attack that relies on introducing malicious information into AI training datasets that convinces them to return, say, faulty code snippets or exfiltrate sensitive data.
The common assumption about poisoning attacks, Anthropic noted, was that an attacker had to control a certain percentage of model training data in order to make a poisoning attack successful, but their trials show that's not the case in the slightest - at least for one particular kind of attack.
...
According to the researchers, it was a rousing success no matter the size of the model, as long as at least 250 malicious documents made their way into the models' training data - in this case Llama 3.1, GPT 3.5-Turbo, and open-source Pythia models.
Security companies using AI to generate security code need to pay close attention to this. Probably everybody else, too.
UPDATE 23 OCTOBER 2025 13:08: More here. It looks like solutions may prove elusive.
Wednesday, October 22, 2025
Earth has some solar system stalkers
Well, they're sure acting like stalkers:
You might recall that in late 2024, Earth gained a temporary mini-moon, an asteroid that partially orbited our planet for about two months. Now astronomers have discovered another temporary companion to Earth, but this time it’s a quasi-moon. The Pan-STARRS observatory on Haleakala in Hawaii first spotted the quasi-moon, named 2025 PN7, on August 29, 2025. Older data revealed that 2025 PN7 has been in this particular orbit for about 60 years and will stay in this orbit for about another 60 years before the tug of the sun once again releases it from its quasi-moon status.
Huh.
Saturday, October 18, 2025
Dad Joke CCCLXIIII
Tuna sends in another:
I went to a haunted Bed & Breakfast in France, but checked out early- the place was giving me the crepes.
Mmmm, Ghost crepes!
Tuesday, October 14, 2025
Underwater archaeology recovers WWII airman's body
This is from a few years back but is a cool story. Rest in Peace, Lieutenant.
Saturday, October 11, 2025
Recommended Reading: Empire of the Summer Moon
Essentially they were ferocious and highly mobile guerillas who thought nothing of raiding a thousand miles (from Kansas into Mexico), often - maybe usually - riding at night by the light of the moon.
To this day a summertime full moon is often referred to (at least in Texas) as a "Comanche Moon). In fact, that was the title of a miniseries set in the old west not so very long ago.
The book does a great job describing the rise of the Comanche from obscure beginning to their domination of the central Great Plains. They were the best horsemen in North America and the masters of the hit-and-run. They put so much pressure on settled tribes (not to mention Spanish colonists) that they essentially stopped Spanish advancement north of the Rio Grande. The book makes the case that the Mexican government invited the Americans into Texas to act as a buffer between Mexico and the Comanches. The Texas border with them was bloody and settlement was slow.
The end of the Civil War and the introduction of repeating firearms (and light horse artillery), combined with the slaughter of the bison herds was a problem that the Comanches could never solve. Even so, Kit Carson admitted that their chief Quanah Parker (son of a kidnapped Texas girl who went native in the tribe) almost wiped out his entire command. The second half of the book is Quanah's story, from the greatest war chief of the Plains to the Reservation, and ultimately to his unlikely friendship with Teddy Roosevelt.
Highly, highly recommended.
The book left out what I think is perhaps the most unlikely Comanche story, that of David Pendleton Okenhater. Born as O-kun-ha-tuh (Making Medicine) in the 1840s, he was in the thick of the Comanche wars of the 1860s - he was with Quanah at the Second Battle of Adobe Walls. In prison at Ft. Marion in Florida in the 1870s he ended up as First Sergeant of the prisoners (really!) and was noticed by Capt. Pratt for the art he was creating (really!). Pratt encouraged his art career and one of his pieces came into the collection of Mrs. Alice Key Pendleton, wife of a Senator from Ohio (really!). The Pendletons paid for Okenhater to be sent to live at St. Paul's Episcopal Church in New York. He took their name out of respect and gratitude.
He was baptized there in 1878 and ordained a deacon in 1881. As a Deacon he was sent essentially as a missionary back to the Cheyenne. He lived out his life as a Deacon and a Cheyenne Chief until his death in 1931. That was a long way from a taker of scalps. A long way.
In 1985, the Episcopal Church declared David Pendleton Okenhater a saint. His feast day is September 1. That's quite some Medicine for O-Kun-Ha-Tuh to make.
Thursday, October 9, 2025
Predictions for AI security
This is interesting even if it follows what we've seen for all security technologies since, well, forever:
Basically whoever can see the most about the target, and can hold that picture in their mind the best, will be best at finding the vulnerabilities the fastest and taking advantage of them. Or, as the defender, applying patches or mitigations the fastest.
And if you’re on the inside you know what the applications do. You know what’s important and what isn’t. And you can use all that internal knowledge to fix things—hopefully before the baddies take advantage.
summary and prediction
- Attackers will have the advantage for 3-5 years. For less-advanced defender teams, this will take much longer.
- After that point, AI/SPQA will have the additional internal context to give Defenders the advantage.
So basically it will be a shooting gallery for now with sanity restored later. I'm somewhat optimistic of AI as a back-end tool (i.e. no user input) to run a set of interesting but more or less canned queries. User input sanitization issues basically disappear at that point.
(via)
Wednesday, October 8, 2025
Remember about all that Voice mail spam?
I posted about it a while back. Lawrence has been following this and has an update linking it to China:
Well, as suspected, it was China’s.
This was in fact my first thought: Smells like a State Actor.
Having thought about it, I suspect it is linked to the PRC, but "outsourced" to US-based Bad Guys. This seems a business (selling infrastructure to send out floods of voice mail spam). It looks like the guys who ran this also let people swat folks they didn't like. In fact, this is how they got caught because one of the victims was a Congressman.
And so a lack of Opsec led to compromise of the whole system. Cry me a river.
And Lawrence has a great suggestion:
If theses SIM farms are active, there should be ways for telecomms to algorithmically search for mobile call hotspots where too many calls issue from too small an area. Let’s hope they’re doing that and working with various U.S. three letter agencies to shut them down right now.
Endorsed.
Tuesday, October 7, 2025
Dad Joke CCCLXIII
The guy who invented the Ferris Wheel never met the man who invented the Merry-go-round. They ran in different circles.
Monday, October 6, 2025
I'm back
The Queen Of The World and I are back from our Son-In-Law's retirement from the US Navy.
25 years, ending as a Senior Chief. He would have made Master Chief but would have had to have another sea duty, and Abby finally put her foot down. I don't know that I blame her.
I must say based on the other Senior and Master Chiefs I met there that these senior NCOs are absolutely the backbone of the fleet.
Bravo Zulu, Steve!
Wednesday, October 1, 2025
G'mar tov
The Day of Atonement is a day for reflection. This is good for all of us, Tribe or not.
To our Jewish readers, Shanna tovah.
Tuesday, September 30, 2025
Dad Joke CCCLXII
Tuna sends in another one. It looks like he's doing all my blogging now:
I was rejected for a job at the sunscreen factory. They said to just reapply every 4 hours.
Monday, September 29, 2025
Attacking AI via prompt manipulation
This is actually pretty clever:
The attack involves hiding prompt instructions in a pdf file—white text on a white background—that tell the LLM to collect confidential data and then send it to the attackers.
...
The fundamental problem is that the LLM can’t differentiate between authorized commands and untrusted data. So when it encounters that malicious pdf, it just executes the embedded commands. And since it has (1) access to private data, and (2) the ability to communicate externally, it can fulfill the attacker’s requests. I’ll repeat myself:
This kind of thing should make everybody stop and really think before deploying any AI agents. We simply don’t know to defend against these attacks. We have zero agentic AI systems that are secure against these attacks. Any AI that is working in an adversarial environment—and by this I mean that it may encounter untrusted training data or input—is vulnerable to prompt injection. It’s an existential problem that, near as I can tell, most people developing these technologies are just pretending isn’t there.
Essentially, this means that AI is simply not fit for purpose. And clearly, it's not even a little bit "intelligent", security-wise.
Thursday, September 25, 2025
Where all your phone spam comes from
Lawrence points to an interesting "datacenter":
This seems like a story that should have gotten a lot more attention than it has. “Secret Service Dismantles Weaponized SIM Farms Designed To ‘Shut Down’ NYC Cell Networks.”Hours before President Donald Trump’s address to the United Nations General Assembly, the U.S. Secret Service announced that it had dismantled a massive, decentralized SIM farm network, just 35 miles from New York City, hidden inside five abandoned apartment buildings. The telecommunications stealth weapon was capable of paralyzing regional cell networks through denial-of-service attacks.
My first instinct was that this was a State Actor prepping some sort of cyber attack. Now I think it's a Phone Spam datacenter:
SIM farms allow “bulk messaging at a speed and volume that would be impossible for an individual user,” one telecoms industry source, who asked not to be named due to the sensitivity of the Secret Service’s investigation, told WIRED. “The technology behind these farms makes them highly flexible—SIMs can be rotated to bypass detection systems, traffic can be geographically masked, and accounts can be made to look like they’re coming from genuine users.”
Bastards. 95% of all the calls I get are along the lines of "You have been pre-approved ...". I don't even answer a call where I don't recognize the number anymore.
Wednesday, September 24, 2025
Dad Joke CCCLXI
Tuna sends in another one:
My card got declined at the Sweater Store. They had to run my cardigan.
No word yet from Glen Filthie ...
Tuesday, September 23, 2025
Clouds In Space!
Well, this is the 21st Century after all:
Axiom Space and Spacebilt have announced plans to add optically interconnected Orbital Data Center (ODC) infrastructure to the International Space Station (ISS).
The company plans to launch two Axiom Orbital Data Center (AxODC) Nodes by the end of 2025, with at least three running by the end of 2027. It all sounds very exciting until you consider that Axiom Data Center Unit One (AxDCU-1), which eventually launched to the ISS in August, was a prototype that was roughly the size of a shoebox.
AxDCU-1 is more of a demonstrator to show that the concept works – think of an edge device on-orbit that can host hybrid cloud and applications, as well as cloud-native workloads. The AxODC Nodes are altogether more serious beasts. In addition to being interconnected, the hardware will be supported by an Optical Communication Terminal (OCT), allowing service to be provided to any spacecraft or satellite equipped with compatible OCTs.
So Cloud Computing for spacecraft. It will be interesting to see where this goes, and how they handle the power demands of an orbiting data center.
Monday, September 22, 2025
Saturday, September 20, 2025
In Memoriam Charlie Kirk
Charlie Kirk gets laid to rest today. He was a man of faith who always reached out to the greater crowd. I like to think that he would think that this song speaks to how he lived his life.
Rest in peace.
Thursday, September 18, 2025
Apple or Android for security?
Glen Filthie left a comment asking what I like for vendors providing good phone security. I replied:
I think that Apple is much more serious about their customer's privacy than Google is. Apple has repeatedly told governments to get bent when they demand encryption backdoors; Google seemingly couldn't care less.And here's an example of how Apple's update model is superior:
Also, I think that Apple's update model is superior (it certainly was just a few years ago; I don't get the sense that this is a big area of concern to Google).
Your mileage may vary, void where prohibited, do not remove tag under penalty of law.
Samsung has fixed a critical flaw that affects its Android devices - but not before attackers found and exploited the bug, which could allow remote code execution on affected devices.
The vulnerability, tracked as CVE-2025-21043, affects Android OS versions 13, 14, 15, and 16. It's due to an out-of-bounds write vulnerability in libimagecodec.quram.so, a parsing library used to process image formats on Samsung devices, which remote attackers can abuse to execute malicious code.
"Samsung was notified that an exploit for this issue has existed in the wild," the electronics giant noted in its September security update.
Note that you get this patch from Samsung, not Google. Samsung is the phone handset manufacturer, and has customized the (Google supplied) Android OS so they rolled the patch. Now customizing the OS isn't bad per se, but it's fair to ask who has a better security group: Apple or Samsung. Same question for Motorola and all the Android phone vendors.
So I like my chances better with Apple, at least for security. And notice that this is only looking at the patching cadence. Apple has a history of standing up to governments who ask for encryption backdoors (by my count this is the US.gov, the UK.gov, and the EU.gov). Each time, Apple told them not just "no" but "Hell, no".
Once again, your mileage may vary, void where prohibited, do not remove tag under penalty of law. But Glen did ask.
Wednesday, September 17, 2025
Hey, remember that Apple iOS fix last month?
It looks like the Bad Guys are attacking older devices as well:
Apple backported a fix to older iPhones and iPads for a serious bug it patched last month – but only after it may have been exploited in what the company calls "extremely sophisticated" attacks.
The latest security update, pushed on Monday, fixes an out-of-bounds write issue tracked as CVE-2025-43300 in the ImageIO framework, which Apple uses to allow applications to read and write image file formats. It's available for iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation, and the iThings maker on August 20 patched the same CVE in its newer devices.
Well done to Apple for this. iPhone 8 was released a long time ago, but they're still supporting it with security fixes. Bravo.
Tagged with my Apple Sucks tag because this time they absolutely do not.
Tuesday, September 16, 2025
Seen in the neighborhood
All I've ever seen before in this neighborhood are the usual run-of-the-mill printed campaign signs, and only during election season.
Something is different.
Saturday, September 13, 2025
A message to commenter "DTWND" (and people who think like him
I recently posted The Lamps Are Going Out All Over America. For the two of you (likely including DTWND), the reference was to the beginning of World War I, when the politicians realized that the New World that they had created was basically everyone standing is a room filled with gasoline waving lit matches around. We know how that turned out.
My post was not inflammatory; it was sad. Nonetheless, reader DTWND left the following comment:
Those of you on the right are really, REALY [sic] hoping that something in the shooter’s background will tie him to the leftist, liberal side of politics. Meanwhile, you’ll continue to deny and obfuscate the truth that this was one of your own. Just like the group that planned to kidnap Michigan’s governor Whitmer; the guy that shot and killed the two Minnesota legislators: the folks that marched in Charlottesville: the shootings at the LGBTQ nightclub in Orlando: the ‘peaceful demonstators’ [sic] at the Capitol on January 6th; etc.Here is the pertinent part of my original post, and my replied to Mr. DTWND:
I find it telling that all the former presidents, Democrats and Republican, issued messages of condolence, condemnation of the event, and calls to end political violence, while the current president condemned the violence but also expressed the point that those of the left persuasion need to under scrutiny and should not be trusted.
As Mr Kirk had stated, “Prove me wrong.”
Who would have figured 24 years ago that society would be destroyed from within?
[Memes deleted]
If you don't know the people who don't understand that sentence, then they are the ones who you need to not know.
Not particularly well said, but perfectly understandable. And so you clearly failed on multiple levels:
- It sure as shootin' looks like the shooter was a leftist freak. The 72 hour rule applies here, which you either ignored, didn't know, or skated past because you were angry.
- It "wasn't one of our own", it was exactly what you'd expect from a rabid Left baying for the blood of conservatives. See #1, above. Nicely done, getting two own goals from the same ball, though.
- The group that was going to kidnap Governor Crazy Eyes was led by a FBI asset. Sorry you're so behind on this, but not really surprised.
- The rest is IQ-90 level Leftist boilerplate. Ashley Babbit would reply but could not be reached for comment, as she was shot in the back by a Capitor Hill police officer on January 6. Some of us are aware on the rules for the use of Deadly Force; you clearly are not, but thought this was a winning argument for "conservative violence". Dumbass.
- Former Presidents call for the end of political violence? Gosh, why might this be hard to believe?
- Most significantly, you (a) did not reply to the content of my original post and (b) chose to try to insult me and hijack my site for your absurd political dogma.
Fine, then - let it be so. DTWND, go away and don't come back. We don't need your thoughts polluting this site. You're banned. Go hang out with your leftie assassins.
Subscribe to:
Comments (Atom)