Bourbon and Rum

Stolen from And Some It's Just As Well. 

My favorites are all here (in order of personal preference):

1. W. L. Weller Special Reserve.   I posted about their less expensive Private Reserve here.  It looks like they don't make it anymore which is a pity - it was a price/performance leader.
2. Four Roses.  Good enough to sip neat but not so expensive you wouldn't make an Old Fashioned with it.
3. Basil Hayden.  When they say it maxes the "Delicate" axis they're not kidding.  This is a Bourbon for people who don't like Bourbon.
4. Maker's Mark.  My go-to for an Old Fashioned. The Queen Of The World got me a smoker to make a smoked Old Fashioned.  It's a lot of fun but enough of a production that I usually only do this for guests.

And my favorite rums (sorry, no fancy chart):

1. Zafra 21 year old. Panamanian.
2. Kirk & Sweeny Gran Reserva.  A blend of rums aged between 3 and 18 years.  Dominican Republic.
3. Siesta Key Coffee Rum.  Siesta Key, Florida.  Very unusual, very strong flavor.  Outstanding over ice.  And (for me, at least), it's drinking the Local.
4. Siesta Key Spiced Rum.  Unlike the Captain Morgan's "let's just dump some vanilla in the rum" approach, Siesta Key uses actual, you know, spices in theirs. If you think you don't like spiced rum, this is the one for you.  Drink over ice with no mixer.
5. Bacardi silver.  If you're going to dump something in Coke then this is the one.  Repeatable, reliable smoothness.  Only for mixing.

Note that rums #1 and #2 will cost you every bit as much as the good Bourbons. 

Dad Joke CCCLI

Tuna sends this in (you're doing all my blogging for me, buddy!):

What did the psychiatrist say to the man wearing nothing but saran wrap?

Clearly I can see you’re nuts.

 

So much for Reason Magazine

They have said for years that they are libertarian.  That's not true.  By their works shall ye know them, and all that.

Rather, they're Washington Establishment, Libertarian Department.  Everything is not pro-liberty, it's anti-Trump, all the time.  (Speculation Alert) Probably their big donors insist on this, and you can't jeopardize the gravy train.

Case in point: Trump's biggest libertarian action to date (which dwarfs the DOGE spending cuts) is his executive order requiring each Agency to post all the regulations they have promulgated which have criminal penalties, and requiring the Agencies to rescind all that do not have a Mens Rea requirement. Seemingly there are hundreds of thousands of these, and not even the Agencies themselves know exactly how many.  Thus, the need for the executive order.

Mens Rea is the legal term that defines knowledge that you are about to commit a crime - regulations with criminal penalties where you don't even have to know that it's a crime are basically the definition of tyranny.

You'd think that libertarians would be cheering this executive order from the rooftops. 

[crickets]

I can only find one article on the subject which, despite its reluctance to do so gives credit where it is due.  They even say this sort of regulation turns the rule of law into a cruel joke.  So where's the celebration of a huge win for freedom?  Where's the victory lap for self-proclaimed champions of "Free Minds and Free Markets"?

To ask the questions are to answer them.  Donald Trump obviously provides the Wrong Sort of freedom.  [rolls eyes]

Tagged Statist Pricks, Hypocrites R Us, and Filthy Lucre because, well, you know.

HYPOCRITE, n. One who, professing virtues that he does not respect, secures the advantage of seeming to be what he despises. 

- Ambrose Bierce, The Devil's Dictionary

Memorial Day

 

This weekend isn't about cookouts

I was flying to Dad's memorial service back in 2011.  This was the view out of my airplane window:

 I'll reproduce here what I liveblogged from my phone:

My flight to Detroit just touched down.  The flight attendants came on  the PA asking everyone to remain seated when we reach the gate, so some  soldiers returning back to Afghanistan.

Everyone clapped.  Everyone.

Then the Captain came on.  He said we were taking a fallen soldier home.  You could have heard a pin drop.

God Speed, whoever you are.  I can't imagine any thanks can possibly fill the void your family feels.

We're  at the gate, and the plane is clapping for the soldiers again.  Out the  window, you can see the cars lined up on the tarmac for our fallen  hero.  Everyone' crowded around the windows.

It feels like you're in church - that you're in the presence of something holy.

 

That weekend Dad was much on my mind that weekend, but this wasn't an old man coming home to lie with his brothers, it was someone in the flush of youth.  Someone who didn't get the chance to bury his father; on the contrary, someone whose father met him on the tarmac on his last flight.

Maybe Donald Trump is doing something to end the endless wars we've been in these two decades or more.  At least we've brought the fallen home.

This weekend I don't think that the fallen would begrudge you your time with family and friends.  But remember them.

The futility of security patches

OK, the post title is intentionally inflammatory, but here's a pointer to a very heterodox view on the subject:

Patch Tuesday has rolled around again, but if you don't rush to implement the feast of fixes it delivered, your security won't be any worse off in the short term – and may improve in the future.

That's the opinion of Craig Lawson, a Research Vice President at analyst Gartner, who on Wednesday told the firm's Infrastructure, Operations & Cloud Strategies Conference: "Nobody has ever out-patched threat actors at scale."

Now for some important background.  Gartner Group is probably the premier IT market research organization.  All the big companies subscribe to their work.  Gartner prides themselves on bucking the tide of conventional wisdom (not too often, of course) - this is a great example of this.  They also pride themselves on having quotable quotes that will get picked up in the media - this is also a great, classic Gartner quotable quote.

Nobody has ever out-patched threat actors at scale.

Well, yeah.  The point of joining vulnerability data with threat exposure data is one we talked about 25 years ago.  The concept is a good one, but the devil is (as always) in the details.  Quite frankly, a CISO (Chief Information Security Officer) who tells his security team to back off patching - and whose company then gets hacked - won't likely be CISO after the next Board meeting.  Just sayin'.

But this is pure Gartner Group. Interesting idea, well stated, enticingly attractive for those who see themselves as Six Sigma.  I encourage you all to click through and read it.  Just keep in mind that this idea has been a non-starter for a quarter century.  Nothing has changed here.

But Gartner Security conferences are a lot of fun, and many fine lunches and dinners are enjoyed.

 

Ouch

I broke my foot (and maybe cracked a rib).

 

 Off to the orthopedic doc.

Baseball and the steriod boys

Gerry leave a comment to ASM826's post about Pete Rose and Shoeless Joe Jackson becoming eligible for the Hall Of Fame:

So when will the Steroid boyz be allowed in?

Good question.  It brought to mind A-Rod, and a comment from Chris Lynch back in the day:

Every time A-Rod comes up to bat in Fenway, they should play Huey Lewis and the News "I want a new drug" ...

Well, okay then.  I dunno when he's be eligible, but if they induct him, this should be their bumper music.

Pete Rose, "Shoeless" Joe Jackson and others now eligible for Hall of Fame

 The sports news this week is Pete Rose and "Shoeless" Joe Jackson being reinstated by Major League Baseball making them both eligible for the Hall of Fame.

My first thought was, "What are the odds on that?"

A message to the blog Common Cents

You know, this one here

Dude, you've been coming around here for a long time asking to get added to the blog roll. And when I do add you, you don't seem to notice: not four months after that first link you're back in the comments asking to get blogrolled even though you were already there.

This has been your unique approach to blogging for 15 years.  Weird.

Actually, it's gotten worse.  You've left two links in two days about something entirely unrelated to my posts, pointing to a post on your site. That's comment spam.  I see that you have ads on your site, so I guess that's why.  It doesn't seem that you added me to your blogroll, so reciprocal blog back scratching doesn't seem to be your thing.

Commen Sense, you are not welcome here, because you don't have any manners.  All your comments will be deleted in the future because you are trying to hijack my site.  Not cool.

Made up climate data - Update

Last November I posted about a revelation that the UK weather bureau (the Meteorologic Office) had 113 weather stations in Britain that were reporting daily temperature data, but which actually didn't exist at all:

I've posted many times about how the temperature data is modified after its initial collection, but this takes the cake.  One third of UK weather stations simply do not exist

 A full third of the database is imaginary.  Except not so fast, said the "experts".  Those 113 weather stations don't exist, but the data is based on nearby, well-sited (i.e. high quality) different stations.

Hmmmm.  So can we get a list of those stations?  Well, not really:

Last year the UK Met Office was shown to be inventing long-term temperature data at 103 non-existent weather stations. It was claimed in a later risible ‘fact check’ that the data were estimated from nearby well-correlated neighbouring stations. Citizen super sleuth Ray Sanders issued a number of Freedom of Information (FOI) requests to learn the identity of these correlating sites but has been told that the information is not held by the Met Office. So the invented figures for the non-existent sites are supposedly provided by stations that the Met Office claims it cannot identify and are presumably not recorded in its copious computer storage and archive.  [Bold by me - Borepatch]

I think we've heard something like this before.

Err, the dog ate their homework?  Man, and you wonder why people don't trust climate scientists?  And remember - most people don't know a tenth of the shenanigans that climate scientists are up to, and they still don't trust them.  Quite frankly, the are 100% correct not to trust them.

As I posted last November, this post is tagged "Junk Science" and "Climate Bullshit" because, well, you know.

So long, i486. Thanks for all the fish

Linux will remove i486 support:

More than 36 years after the release of the 486 and 18 years after Intel stopped making them, leaders of the Linux kernel believe the project can improve itself by leaving i486 support behind. Ingo Molnar, quoting Linus Torvalds regarding "zero real reason for anybody to waste one second" on 486 support, submitted a patch series to the 6.15 kernel that updates its minimum support features. Those requirements now include TSC (Time Stamp Counter) and CX8 (i.e., "fixed" CMPXCH8B, its own whole thing), features that the 486 lacks (as do some early non-Pentium 586 processors).

It's not the first time Torvalds has suggested dropping support for 32-bit processors and relieving kernel developers from implementing archaic emulation and work-around solutions. "We got rid of i386 support back in 2012. Maybe it's time to get rid of i486 support in 2022," Torvalds wrote in October 2022. Failing major changes to the 6.15 kernel, which will likely arrive late this month, i486 support will be dropped.

The fact that this is news is actually the news.  Microsoft dropped 486 support when the released Windows XP (!) in 2001, basically a quarter century ago.  Linux has the all time record for backwards compatibility.

Full disclosure: I don't believe that I ever had a computer wit a 486 processor - I'm pretty sure I jumped straight from 386 to Pentium.  That said, I bought a used computer to turn into a Linux firewall back around 2000, and that ran until The Queen Of The World and I opened up Castle Borepatch in 2016.

Fare thee well, 486.  You've earned a rest after 36 years.

 

Albertexit?

The political story of the West in the 21st Century has been one of devolution of power.  Several EU referenda were soundly voted down (e.g. Netherlands and France) although the Powers That Be made the publics there vote again and again until the "got it right".  Brexit was a shock to the elites, as was the election (and re-election) of Donald Trump.  

All of these are statements of majorities rejecting the Conventional Wisdom of centralized power controlled by credentialed "expert" elites (scare quotes used intentionally).

Now it's Canada's turn.  Alberta is making serious noises about leaving Canada and joining the USA.  Here is a forceful statement from Alberta's Premier laying out the causes of their unhappiness with Ottawa, and quite frankly making numerous demands of the central government.

When in the Course of human events, it becomes necessary for one people to dissolve the political bands which have connected them with another, and to assume among the powers of the earth, the separate and equal station to which the Laws of Nature and of Nature's God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the separation. 

That's what this speech is.  And it includes an "or else" after the demands, that next year will see an Alberta referendum.

This seems like it's pretty big news.

Microsoft to end passwords for Windows

Well, Windows for consumers, at least:

The software giant announced the move Thursday, May 1, traditionally known as "World Password Day," with a declaration it had joined forces with the Fast Identity Online (FIDO) Alliance to re-name the pseudo-holiday "World Passkey Day."

Redmond’s not just playing with words as the Windows giant has also decided that all new Microsoft accounts will use passkeys by default. Passkeys, which involve the use of biometric identification like a fingerprint or face scan, PIN, and the like, will be the de facto new way to set up an account, and existing Microsoft users are being encouraged to visit their account settings page to delete their passwords and start using passkeys.

(Think of passkeys as a replacement of passwords.)

I'm of two minds here.  On the upside, passwords are generally an infinitely renewable source of insecurity.  This has been known  for decades:

On the downside, there is one negative that can simply never be fixed: you cannot change your biometrics if this somehow gets compromised.  You cannot revoke a fingerprint and issue a new one.

My take: hold off on this one.  Certainly Microsoft's commercial customers will never go here - password rotation is specifically required by essentially all industry security mandates (ISO 27000, SOC2, etc).

Color me unconvinced.  I'm not sure exactly what motivated Microsoft to do this.

Dan Fogelberg - Run for the Roses

Toby Keith raised thoroughbreds.  His dream was to have one in the Kentucky Derby. Sadly he died before seeing his horse run in today's Derby.

Run like the wind, Render Judgement.