RottenBrains

… brains …

Archive for the ‘Rants and Rambling’ Category

Apple’s iMessage encryption trips up feds’ surveillance | Politics and Law – CNET News

Thursday, April 4th, 2013

The DEA has figured out that getting a wiretap order for an iPhone, executed at the phone company, doesn’t get them iMessage content. It’s pretty obvious the various TLAs engaged in law enforcement will use this as a concrete example to push the “Going Dark” initiative to get CALEA reinterpreted (or legislated) to cover various internet based communication services. And designing a service to use end-to-end protection will be right out.

iMessage is a special case here, since it inserts itself into the normal text message user interface. It’s the phone’s preferred way to send messages, and from the user’s (and law enforcement’s) perspective, it’s a native feature of the phone rather than an app.

I’m worried this will bring up yet another concern–even if they get what they want with CALEA, they are going to discover that they have execute multiple, maybe even many, wire tap orders to track a single subject. How long until we require each ISP to be able to MiTM attach every TLS connection? Or another clipper chip initiative?

Apple’s iMessage encryption trips up feds’ surveillance | Politics and Law – CNET News

(Via MacRumors.)

Will we ever do anything like this again?

Sunday, April 17th, 2011

Political Fallout

Saturday, March 12th, 2011

It’s started. We knew it would.

Japan current nuclear plant problem is real. I don’t want to take anything away from that.

But the anti-nuclear rhetoric is already starting. This big scary nuke plants must be a danger to us all. And I freely admit, there are dangers involved. The only rational response I can think of, is a quote from Wikipedia:

Comparing the historical safety record of civilian nuclear energy with other forms of electrical generation, Ball, Roberts, and Simpson, the IAEA, and the Paul Scherrer Institute found in separate studies that during the period from 1970 to 1992, there were just 39 on-the-job deaths of nuclear power plant workers worldwide, while during the same time period, there were 6,400 on-the-job deaths of coal power plant workers, 1,200 on-the-job deaths of natural gas power plant workers and members of the general public caused by natural gas power plants, and 4,000 deaths of members of the general public caused by hydroelectric power plants.In particular, coal power plants are estimated to kill 24,000 Americans per year, due to lung disease as well as causing 40,000 heart attacks per year in the United States. According to Scientific American, the average coal power plant emits more than 100 times as much radiation per year than a comparatively sized nuclear power plant in the form of toxic coal waste known as fly ash.

Now, don’t think for a minute that I believe nuclear plants are a good idea. No centralized, high-capital approach to energy is a good idea. But since we seem to be limited to centralized, high-capital approaches, nuclear power is about the best option we’ve got.

Here’s to hoping Japan can solve this problem with the least possible damage to life and property. And to hoping we can learn the lessons needed to make this sort of thing safer in the future. But any discussion about the risks of nuclear power must consider the relative risks of just about every other energy source we currently have.

Argentina criminals ‘evade capture by dressing up as sheep’

Wednesday, April 14th, 2010

Several of you have heard my recurring rant on stock photography on news sites. Take a look at the photo in this article. Be sure to read the caption. Those are the best sheep costumes I have ever seen!

Argentina criminals ‘evade capture by dressing up as sheep’

(Via Boing Boing.)

Fail!

Tuesday, January 12th, 2010

This is one of the more perplexing things that has happened to me while booking a hotel room. And developers wonder why people just click through bizarre-looking security warnings…

Fail!

Fail!

Texas May have Banned Marriage

Thursday, November 19th, 2009

Texas passed an amendment in 2005 with the intent of banning gay-marriage. But they may have banned more than they intended.

The amendment contains the text:

This state or a political subdivision of this state may not create or recognize any legal status identical or similar to marriage.

Logically, it seems like “marriage” is a member of the set of legal statuses “identical or similar to marriage”. Of course, there’s no telling how a judge would interpret the idea of something being “identical or similar” to itself.

Hit & Run > The Whole Foods Plan for Health Care Reform – Reason Magazine

Wednesday, August 12th, 2009

Reason’s Matt Welch points out what I consider the single biggest bang-for-the-buck health-care reform opportunity in his blog on Whole Foods CEO John Makey’s proposal:

“As someone who h-a-t-e-s the health care system, I’ve never understood why de-linking insurance from employment isn’t a central part of every serious crack at reform, given that a preponderance of analysts on all sides of the debate agree that the post-war linkage of health benefits to the workplace is one of the system’s Original Sins.”

Hit & Run > The Whole Foods Plan for Health Care Reform – Reason Magazine

Database Schema Abuse

Saturday, May 10th, 2008

I recently received shipping notice for an in-warranty replacement of a UPS for my house. Check out the tracking number:

Order summary:

Line Quantity Product Description Carrier Tracking # Shipped Date
4 1 BR1300LCD APC BACK-UPS RS 1300VA LCD 120V FedEx 7.69766E+14 5/7/2008

Yes, Freud, sometimes digits really are just digits.

Un Elefante

Tuesday, June 19th, 2007

In anticipation of an upcoming trip to Costa Rica, I dusted off my online membership for RosettaStone Spanish I. As usual when this happens, I have to start over at the beginning. This time I noticed something that I had not noticed before.

One of the very basic noun constructs is “Un Elefante“. So, how often have you run across un elefante in a Spanish speaking country?

Stepping our way to the panopticon…

Wednesday, June 13th, 2007

OK, I admit that I can no longer count the times I’ve been waiting for a green light, see the opposing traffic slow and stop, have my light turn green and then see a car whizz past me through the light that just turned red. It’s stupid and dangerous (not to mention definitely a moving violation).

Some cities have begun using automated Red Light Cameras. Some of them have notable misconfigurations enhancing the ideas that it is merely all about revenue rather than safety. There are other devices besides only red-light monitors, and I just have to wonder if there are better ways.

(more…)

Oh, they’ve done it now.

Tuesday, May 8th, 2007

I wonder if Disney will consider Hamas’ use of Mickey Mouse as an act of war? They should know better than to mess with the mouse! Now we’re going to have to save the world for democracycontent-owners.

This really isn’t funny [snicker]. No, really.

[giggle]

[okay, the strike-through font humor doesn’t translate to RSS…]

End of Internet Radio?

Monday, March 5th, 2007

The US Copyright Royalty board has approved a per-performance royalty regime for internet streaming. Per-performance means they pay royalties for every _listener_ for each song they play, retroactive to 2006. This puts a far greater burden on internet streaming radio than on conventional radio. In many (most?) cases, the new royalty requirements are greater than the revenue of the stations.

I am a big fan of Radio Paradise. I’ve listened to them for years, and contributed several times. They have posted an essay on the subject.

Of course, there is an easy fix for this. Move offshore. And laugh while our copyright regime completely collapses under its own greed and idiocy.

It’s hard to imagine that _no_ one at SoundExchange and the RIAA gets this.

“It just works” – yeah right

Friday, January 12th, 2007

Sometimes I just don’t get the apple(computer) universe.

I loved my PPC laptop – almost anything I tried that was anywhere close to a mainstream use just worked. I could wave my hands at the machine and mutter vaguely and the result I wanted just happened.

I waited for awhile after the Intel macs came out so they could work out the “first run” bugs. I got a very nice Intel laptop just before the new year. It compiles things much faster, and for the most part runs the apps I need to run more effectively, BUT:

This thing is _far_ less stable than my PPC version and I find myself losing 10s of minutes a day (sometimes up to 6 of those) to getting it to do what I want to do.

– The wireless card and driver quality is _far_ below what I’d become used to. Connection management intrudes on my life daily now.

– It randomly (usually after being up for a day or more) refuses to sleep. I’d gotten so used to this “just working” that I got out of the habit of looking. My new laptop’s already had a really hot ride in my bag.

– I use a bonjour connection to a printer in the office. On the PPC version this was really stable. On this box, 1 time out of 3 that I try to print, it doesn’t “Just work”. (The most frustrating version of failure involves it deciding to use a different driver than it did last time – resulting in pages of “that’s not my printer language” showing up on the printer.

I’m watching my friends and coworkers (many of whom have new intel macbooks or macbook pros) going through similar pain, and I am alarmed at how quickly the “wave the chicken at windows” behaviors are becoming ingrained. The nice thing about OS/X (up to now) is that you didn’t have to have chickens – you could look at logs and figure out what was going wrong and _FIX_ it in the very rare situation when things didn’t “just work”. Those same logs are very silent on the above problems.

I’ve been moving my family and my lifestyle machines (I have a mac pro now too, and I _really_ like it when I’m not trying to print to freeBSD CUPS ipp queues). I am beginning to dread the probability of a new stream of family support issues that I can’t address without giving hours over to it. In particular, my boasts of the last couple of years about how living on a mac really lowers your frustration-with-the-machine pain are ringing hollow in their ears.

Apple – you are letting me down.

How did this happen?

FedEx: Incompetence, Stupidity, or Insanity?

Friday, August 25th, 2006

I recently ordered an item from a company here in the Dallas area — Carrollton, to be precise. It’s just under 14 miles from their warehouse to my front door. On the 22nd, they gave me notice that the package had been made available to FedEx for delivery.

Past deliveries from this company have taken one day. I seem to recall them being UPS as well, but that might not be completely accurate.

This time around, though, it would appear that FedEx has collectively gotten into some powerful nose candy. After three days of no package, I decided to check with FedEx’s online tracking system:

This Is Your FexEx on Drugs.

Here’s where I need your help. Pull out a map of the US or a Globe. Now, starting from Carrollton Texas, draw a line to Dallas, Texas. On your map, how close does this line come to San Diego? When I run through this excercise, my answer is “about 1,300 miles.” Did you get something similar? The reason I ask is: that’s about 100 times further away than the box started in the first place. That’s a very counterintuitive direction to take my package.

FedEx claims that their ground service may take up to seven days — however, I always figured this was a statement of “we’ll get it there as soon as practical, which might be as long as seven days,” not “your package is entitled to a seven day tour of the United States, and we would be remiss were we to not grant it this vacation.”

On the plus side, it might have taken some nice vacation pictures for me. We’ll just have to wait — another four days — and see.

Wright Amendment: An End in Sight

Sunday, June 18th, 2006

After decades of the Wright Amendment crippling Love Field in Dallas, it appears that an end may finally be in sight. Senator Kay Bailey Hutchinson’s plea for the involved parties to come up with a local solution instead of dragging the fight into the US Senate seems to have finally yielded fruit: last Thursday (June 15th), American Airlines, Southwest Airlines, Dallas, Fort Worth, and the DFW Airport signed an agreement that represents a truce among the parties. Admittedly, this is just the first step in what will be a very long process (it needs to be okayed by Dallas and Fort Worth as well as the DFW Airport board, and then needs to pass through US Congress before December), but it is rather promising.

The good news is that, if everything goes well, the Wright Amendment is going away.

The bad news is that Southwest will still largely suffer under the same restrictions for another 8 years. Apparently, American Airlines, being unused to any sensible competition in the Dallas area, needs that long to plan a strategy that allows them to compete with an airline that can afford to charge about half as much.

Examining the finer details of the agreement: Southwest is immediately allowed to ticket connecting flights to non-Wright amendment states. In other words, you can now fly from DAL to SJC on a single ticket and check your luggage all the way through; but you’ll have to stop in an allowed destination (like El Paso) on the way.

Also, the City of Dallas will be forced, at taxpayers’ expense, to demolish 12 of the 32 gates at Love Field. Of the remaining 20 gates, Southwest will be allowed to use only 16. And if Southwest chooses to fly out of any airport other than Love in the DFW area, they lose those gates as well.

The important thing here is that American Airlines’ insistent and unattractive plea for the federal government to continue to save it from honest competition has failed. Within 8 years, there is significant promise that the cost of flights from Dallas will drop from 48% above the national average to something more in line with it. And really, that’s good news for everyone — at least, everyone who hasn’t been profiting from ridiculous, government-protected price gouging for the past 30 years.

Identity is futile

Friday, March 17th, 2006

I received a thoughtful letter from a large accounting firm informing me that they had been counting the acquired beans of a former employer of mine and that my personal data (name, home address and SSN), which had been lying around on one of their employee’s laptops minding its own business, had been liberated by a kind soul who had released it from its imprisonment, namely the trunk of the employee’s locked car.

Graciously, the accounting firm and former employer had partnered with the holy trinity of credit agencies to provide me, free of charge, a service that would let me know exactly when the triumvirate started libeling me and my credit rating. All I needed to do was provide my personal information and the super-secret promotional code on an easy-to-complete web form.

After I had provided my becoming-less-personal-by-the-minute data and the code, I hit the Submit button. A terse message appeared, stating that my humble request for an account could not be processed and that I should email their customer support group (whose domain name didn’t match the website with which I had been interacting). I did so. A coldly automated reply (from yet another domain), which labeled my supplication as spam, said that I would be helped in the order in which my email was received.

I contacted my former employer’s amazing efficient HR department. Together, a cheerful HR rep and I embarked on a journey of exploration through divers call centers that supposedly supported these credit bureaus. The first support person, who wished to be known only as “Joel”, insisted that I provide my full name, mother’s maiden name, SSN, phone number, and email address just so he could do a database lookup. He was able to locate my information in “another department’s database” but could not grant me access to it since he worked in “a different department”. He provided another 1-800 number to which he could _not_ transfer us and told us to call them directly. At that number, “Jay” was better at verifying my personal data without demanding that I give all of it to him first. However, he was also unable to help and gave us yet another 1-800 number that we had to call directly. After I provided “Eileen” with my “personal” data, she was less helpful, insisting that I must have created an account, but it wasn’t in the database yet, and that I should try again in two hours. The HR rep said that she would escalate the situation internally and with the accounting firm and call me back.

An hour later, the HR rep had managed to find a rare beast – an expert who was local to this continent and was willing to provide his full name and direct phone number. Huzzah! Mayhap he could clear whatever database/web glitch had foiled my previous attempts to initiate this valuable fraud protection service. I would be able to complete the account creation process! Hope glimmered.

And then faded. He wanted to “walk through the web form” with me and speculated that I had given myself the “wrong” username, since they had 4 million users, you know, and I probably picked a username that already existed. Or perhaps I had filled out some other field incorrectly. That was probably it. I couldn’t possibly know my own address, mother’s maiden name, or SSN. And if I did, surely I must have mistyped it. And their databases, with their complete and accurate dossiers on me, would know and reject my pathetic attempts to authenticate myself.

Wearied, I asked them just to snail mail any appropriate forms. I would interact with their broken web forms and databases no more.

Six hours later, Customer Care responded to my original electronic entreaty with yet another 1-800 number.

At least six more people on the planet (three of whom were using call center pseudonyms) have my personal information, and I have not yet enabled this wonderful fraud monitoring system to “protect” myself from inappropriate appropriation of my data.

I love you, man!

Thursday, September 22nd, 2005

I am drunk off my ass, so I must post something.

On the other hand, I have very little to say.

So I’m gonna tell you about fats.

In fact, I’m going to tell you how I lost 20 pounds without even really trying. I would think it’s just a fluke, except that when I saw Jonathan in Paris, he had lost 30 pounds by doing almost exactly the same thing.

There are two fundamental principles: (1) Saturated fats are bad, and (2) refined carbohydrates are bad.

Let’s examine this for a second.

Staurated fats have a proven impact on blood syrum levels of cholesterol, which we all know is bad for you. I’m really not sure if this has anything to do with the weight loss, but my own personal cholestersol level is far more within spec than it was before. I’d love to add rigorous exercise to my regiment to suppliment this, but my current schedule doesn’t really allow this.

Here’s what I suspect is the more important part, though: I’ve stopped eating refined grains. No more white bread. No more white rice. No more refined sugar. And the coolest part is that I’m not hungry between meals anymore. Ass far as my research has led me to beleive, one of the key problems is that the consumption of refined carbs — grains or sugars — leads to a spike in blood sugar levels. WOO HOO!!! However, your body responds by releasing huge amounts of insulin. This takes the sugars out of your blood stream, and then hangs around, removes all the ATP from you system, and makes you continue to feel hungry. So, you eat again — even though you’ve had well more than enough calories for the day. The end result? You consume craploads more calories than you need, and you’re on a blood sugar roller-coaster that makes you crabby near meal-times.

There’s no magic bullet here. The basic axiom that you need to expend more calories than you consume still applies. However, by making yourself not as hungry all the time, eating less becomes a far more tractible problem.

I leave you with a very nic recipe that I constructed with the aid of a CIA textbook and some guidance from a professional chef friend of mine: I’ts a risotto-like dish made from steel-cut oats. And it’s very simple.

1 cup steel cut (“Irish”) oats
4 cups vegetable or chicken bouliion
1 medium onion, finely minced
1/4 cup olive oil
1/4 cup dry white wine (e.g. dry sherry)

In a medium sauce pan, heat the oil over medium. Add the onion and saute until translucent. Add the oats and stir until the oats begin to brown. Add 1/3rd of the boulion. Simmer until the liquid is mostly gone. Add another 1/3rd of the boulion, and do the same. Add the final 1/3rd of the boulion. Finally, when the last batch of boulion is reduced, add the wine and simmer down to a pasty texture. Adjust salt if necessary.

You can use this as a base for any sort of risotto-like dishes. Some good additions include fresh tomatoes, organo, basil, thyme, lemon juice, or anything similar that strikes your fancy.

Bon apetit, and enjoy the fiber. You’ll feel much beter.

Next time around, I’ll give you a more serious treatment of why polyunsaturated fats and monounsaturated fats are pretty much good for you, and why you shouldn’t try to limit yourself to low-fat options as much as low-saturated-fat options. In the meanwhile, add ground flaxseed to everything you cook, and stop buying white flour. You really can use whole wheat soft white flour anywhere white flower works, with the possible minor exception of angel food cakes. But we’ll explore that later.

In the meantime, I’m still quite drunk and must get some sleep. Hug someone for me, and be nice to your pets. Eat well. Be happy. And, for the love of God, spend some time outside this weekend (unless you’re being battered by a hurricaine). Come by and see our new office if you haven’t already. I’d love to meet up for lunch sometime next week.

And don’t worry. I’ve had over two liters of water. I’ll feel fine in the morning.

Wikelution

Monday, September 12th, 2005

So – wikipedia has, arguably, been above critical mass for accruing real, useful, content for some time.

You can still stumble across such wonders as this (from http://en.wikipedia.org/wiki/Hummingbirds) as
of the time of this post (check the history of the page if it’s gone):

The Bee Hummingbird (Mellisuga helenae) is, at 1.8 grams, the smallest bird in the world. A typical North American hummingbird, the Ruby-throated Hummingbird (Archilochus colubris) weighs approximately 3 grams and has a length of 7.6 cm (3 in).


This is a kind of bird that runs around and hums to people in love. They are native to South America and Zimbabwe. These birds lay eggs in chinese soup.

It’s not clear to me that the resource pool (amount of work) from people who want wikipedia to be a serious
resource is currently, or will be, larger than pool that wants to make lame.

Accidental Social Engineering

Monday, August 22nd, 2005

I just had a rather startling experience.

I’ll spare you the long backhistory about why I decided to recently gather copies of all my medical information together (short story: I’m unimpressed with every doctor I can find in the area, and find myself having to double-guess them a lot — I’ve even pointed out rather dangerous interactions between drugs prescribed to me by the same doctor at the same time).

The information that I was having a hard time finding was from the doctor I had when I first moved to Dallas. The problem was that I couldn’t remember his name or really any other information about him. I knew his office was on a particular street, but couldn’t narrow it down to less than about a 15-mile segment. Recently, when I found myself in a position to drive approximately that distance, I decided to take that particular street to see if I could pick out any familiar landmarks. It certainly wasn’t the best route to take, but it was better than driving the street without getting anywhere useful. I finally spotted something that looked familiar, and pulled into a parking lot. After poking around quite a bit, I found an office with a name that looked familiar.

I walked in and spoke to the receptionist. I mentioned that I was a patient there “around 1994 to 1997,” and asked if it was possible to get a copy of my medical records. She took my name and a phone number (I gave her my cell phone number) and promised to get back to me.

Several days later, I got a call back letting me know that I could come pick up a copy of my information. I did so, in person. Without ever presenting any identifying information. I was able to parlay a knowledge of (1) my name, and (2) the doctor I went to in a very rough period of time into three years of medical records.

Now, there’s nothing particularly sensitive in my personal medical records — but that’s neither here nor there. There are supposed to be stifling restrictions around what information is released to whom, to the point that I was a little worried that I might not be able to get them to release my own information to me.

And here’s the zinger: the documents handed over to me include my social security number, along with mailing addresses and phone numbers for my previous two residences. It includes my driver’s license number and date of birth. My current home address is a simple matter of public record.

I just stole my own identity. And even if someone could somehow trace the breach to that particular doctor’s office, all they could provide is a description of me (keeping in mind that the long hair could just be a wig) and a phone number (keeping in mind that it might trace back to a stolen cell phone or a prepaid VoIP account).

The lessons here should be obvious, but I can’t seem to figure out practical ways to apply them. Stop seeing doctors? Tempting, but not practical. Plus, this information was nine years old. Bottom line: you can’t trust anyone to safeguard your information, and you’ve almost certainly let the cat out of the bag one way or another. I guess the take-home here is: always assume that enough information to impersonate you has been carved into every public bathroom stall in America, and maintain a commensurate level of vigilance.

Comparative Religion and Footwear

Friday, June 3rd, 2005

Watch where you step. Or not.

I am profoundly disturbed by the fact that I initially followed both links within seconds of each other. I suspect that, rather than differences of faith and ideology, it is really little things like this that inspire people of different religions and cultures to war upon each other.


Skysa App Bar