Monday, July 31, 2006

Diebold: A Danger to America

The Open Voting Foundation

“This may be the worst security flaw we have seen in touch screen voting machines,” says Open Voting Foundation president, Alan Dechert. Upon examining the inner workings of one of the most popular paperless touch screen voting machines used in public elections in the United States, it has been determined that with the flip of a single switch inside, the machine can behave in a completely different manner compared to the tested and certified version.

Makes you wonder how secure those ATMs made by Diebold are (USBank uses them I know).

RFID no good for vehicle security

Wired 14.08: Pinch My Ride

Alternate attack vectors mean that RFID is often not the part of the security system that gets broken (not unlike strong crypto). All of the supporting systems around it are easily broken.

Wednesday, July 26, 2006

MySpace infects YourPC

Schneier on Security: Hacked MySpace Server Infects a Million Computers with Malware

Malicious banner ad exploits unpatched IE hole (there are many and more all the time). You have switched to Firefox, Opera, Konqueror or anything other than IE, right?

SeaSec security forum

SeaSec security forum

Just found out about an informal security group that meets in Seattle. I've often seen a need for interaction with security professionals between Agora and ISSA monthly meetings (and I'm on the ISSA Puget Sound board). Where organizations don't meet needs, they often spring up on their own. Once my dance lessons are over at Century Ballroom, I'll be able to attend these on Wednesdays.


Agora and ISSA are too formal. This is just a chance to hang out with local security professionals and get to know each other.

Sunday, July 23, 2006

Anti-science Inhofe: "Gore is full of crap"

Think Progress: Sen. Inhofe: ‘Gore Is Full of Crap,’ ‘All Recent Science…Confirms This Thing Is A Hoax’


Excellent posts on the stem-cell veto


Atheist Ethicist: The Stem Cell Veto

Independent Online Edition: Stephen Hawking to EU on Stem Cell Research

"Europe should not follow the reactionary lead of President Bush, who recently vetoed a bill passed by Congress and supported by a majority of the American people that would have allowed federal funding for stem cell research," he said in a statement to The Independent. "Stem cell research is the key to developing cures for degenerative conditions like Parkinson's and motor neurone disease from which I and many others suffer," he said.

And more idiot liars in the White House repeating the same non-reality-based crap:

Bolten Defends Rove’s False Claims on Stem Cells: Karl ‘Knows A Lot of Stuff’

Thursday, July 20, 2006

Bush*it Stem-cell veto

Scott Rosenberg's Links & Comment

Here is why Bush's position is a joke: Thousands and thousands of embryos are destroyed every year in fertility clinics. They are created in petri dishes as part of fertility treatments like IVF; then they are discarded.

Exactly. It's half-assed ridiculous pandering to anti-science, life-regardless-of-the-quality-of-life religious zealots.

Yet another way evangelical schools are destroying America

" href="">2 + 2 = Jesus rode a dinosaur

This made me wonder if the bible mentions anything about dinosaurs. If it doesn't, does that mean they never existed (for those inclined to believe that everything about the world can be derived from the bible)?

Sunday, July 9, 2006

Keycode: coupons and discount codes from all kinds of companies

KeyCode Coupons, Coupon Codes, Online Coupons, Discounts, Online Deals

US Election System Still Frought with Systemic Problems The road to reform in election corrections has been slow going

That messy 2000 election was supposed to be the jolt America needed. After chronic flaws in the country's voting process became painfully public, an ambitious reform effort was supposed to make hanging chads and butterfly ballots relics of election nightmares gone by.

But nearly six years later, it hasn't turned out that way. In the state of Washington, the 2004 governor's election took more than six months to resolve--again before a court. And some liberal activists still believe that vote tampering and dirty tricks handed Ohio to the GOP, enabling President Bush to win re-election. Now, heading into the midterm congressional elections, despite the expenditure of billions of dollars, a litany of problems remains.

Also, several good links via SANS NewsBites Vol. 8 Num. 53:

--Study Finds Popular eVoting Machines Susceptible to Fraud
(27 June 2006)
A Brennan Center for Justice study of electronic voting machines concluded that the three most widely used voting machines are vulnerable to fraud, but there are measures that can be taken in all three cases to boost their integrity. Roughly 80 percent of American voters are expected to use electronic voting machines in elections this November.
Representative Rush Holt (D-N.J.) has introduced a bill that would require all voting machines to provide a verifiable paper audit trail.
[Editor's Note (Schultz): The fact that a verifiable paper trail is being proposed is in and of itself an extremely positive step forward as far as fairness in electronic voting goes.
(Pescatore): I think we are past the point where any rational person believes that most current voting machines are safe enough. The first generation of ATM machines weren't secure enough either - the real issue is making sure the current problems are bounded and managed, and that the next generation of voting machines make big leaps forward.
(HONAN): The Irish Commission on Electronic Voting recently published their report highlighting serious concerns with the software used in the electronic voting machines purchased by the Irish Government.]

Genographic project

and to participate go here -- they send you a DNA swab kit that you
mail back to them.

Link mania

Gas prices in your area

This Site Rocks - FUNNY Videos & Pictures

Seed Magazine: on policy and social implications of science (1837095) Pick the best photoshop image of 2005 used in a previous contest

Gone in 20 Minutes: using laptops to steal cars | Leftlane News - Car News For Enthusiasts Backdoors for locksmiths in electronic lock systems being used by car thieves. Who would have guessed that could happen?

Why SSL alone will not solve the phishing problem

SSL-authenticated login pages certainly doesn't _solve_ the phishing problem since phishing is partly psychological/sociological and makes use of technology as a means of improving the odds of the hacking the human psyche. So, a purely technological fix is unlikely to, prima facia, address the root issues.

But, the SSL change can help in a couple of key ways:

  1. Rather than give customers 0 tools to protect themselves, we can give them at least the best tool out there so far for authenticating our site and therefore make an informed decision.

  2. . Rather than continuing to train users to "trust page contents" (i.e. the lock image and our feeble assurances in the "Why this is secure" page), we can retrain them to use reliable measures that are not as subject to spoofing.

That is not to say that SSL does not have its problems:

  1. Who made the trust decision to put the 50-100 CA certs in the browser? Why should the user trust those introducers? How do we know that those issuers won't screw up (like Equifax/GeoTrust did recently by issuing a domain-verified cert automatically that was very similar to a real bank:

  2. The UI is horrible for security. The lock is too small, it is too easy for the "simon says" problem to bite you since you don't notice when it isn't there. Some changes, such as changing the browser toolbar color based on the encryption will help, but Firefox and IE7 use different color schemes for the same semantics...

  3. There are usability issues with the UI. Everybody (even me) turns off the warning dialogs about submitting unencrypted form posts. That kind of annoy-user-into-submission security fails the psychological acceptability test and it doesn't work anyhow because you should generally protect the user where it counts, not warn and hope they do the right thing.

  4. The phishing problem is one of Identity Continuity. It's not important that an SSL certificate matches the domain, since that does not help during the initial introduction to a site. What you really should be protecting the users from is when a known relationship in the digital sense has a discontinuity. That signals a phishing attack. The analogy is SSH known_hosts. On the initial introduction, you choose to trust the server since the likelihood that you are being MITM attacked is infinitesimal. But, if you are MITM attacked, SSH will scream loudly and not let you connect. That is what the browsers should do, although clean up the UI a bit for the unwashed masses. The MITM issue is one of a discontinuity. So, SSL in the current sense solves the wrong problem because the browsers have no means of managing site continuity information. They should. Some schemes, such as trustbar and petnames, allow friendly site logos or names to help users detect continuity problems, but their UIs are too easy to ignore if there is a problem. The user should actually be stopped from proceeding.

And so on. That's just off the top of my head.

Cartoon: The revised, revised story about NSA wiretapping

WorkingForChange-This Modern World: The revised revised story

God is angry, but not at Pat Robertson

The Seattle Times: Nation & World: God is warning of big storms, Robertson says

This must be true because Robertson obviously is Higher-powered (as reported by my colleauge Pete):

I don't know about you, but I almost missed this. Pat Robertson's amazing age-defying protein shakes have helped him to leg press 2,000 pounds!

If that doesn't sound impressive to you, note that it tops the all-time Florida State University leg press record by 665 lbs, set by a guy whose eye capillaries burst during the effort.

NSA's math problem Security News Blog

legal or not, this sort of spying program probably isn't worth infringing our civil liberties for — because it's very unlikely that the type of information one can glean from it will help us win the war on terrorism.

Interesting mathematical analysis of how effective the NSA domestic call-tracking spy program could possibly be.

In-Accu-Weather forecast

Hat tip to my friend Kris who discovered this. I captured it for posterity:


AJAX security basics

AJAX security is no different than normal web application security, except that it can add lots of complexity to a site and make black-box auditing much more difficult.

-----Original Message-----
From: Andrew van der Stock [mailto:[email protected]]
Sent: Tuesday, June 20, 2006 4:43 AM
To: Webappsec ((((E-mail))))
Subject: Fwd: SF new article announcement: Ajax security basics

This was posted to yesterday.

Their article is eerily similar to my Ajax presentation from February
(particularly if you've seen me give the presentation), and even more
similar to the draft Ajax chapter I wrote shortly after for the OWASP
Guide (now posted to our Wiki -
Ajax_and_Other_%22Rich%22_Interface_Technologies). Hmmmm. As the saying
goes, this is the best form of flattery. I suppose.

If you haven't had a chance to read up on Ajax security, their article
is a start... as is my presentation (
page_id=329) and the draft chapter in the OWASP Guide 3.0 current.


Begin forwarded message:

> > Ajax security basics
> > By Jaswinder S. Hayre, and Jayasankar Kelath
> > 2006-06-19
> >
> > The purpose of this article is to introduce some of the security
> > implications with modern Ajax web technologies. Though Ajax
> > applications can be more difficult to test, security professionals
> > already have most of relevant approaches and tools needed.
> >
> >

PHP Security: Top 5 from OWASP

OWASP is pleased to announce the immediate availability of the OWASP PHP
Top 5. The OWASP Top 5 is an education piece which provides up to date
advice to PHP developers, hosters, and other PHP users. The PHP Top 5 is
produced by the OWASP PHP Project.

The PHP Top 5 is based upon attack frequency in 2005 as reported to
Bugtraq. This information is a valuable insight into the most
devastating attacks against the world's most popular web application

In 2005, OWASP collaborated with SANS to research and write a completely
new PHP section for their successful SANS Top 20 2005. The OWASP PHP Top
5 is the full unabridged text, updated to reflect recent XSS attacks and
SQL injection vectors.



Another article on musicians being screwed out of profits even with digital distribution schemes

Business 2.0 - Magazine Article - The MP3 Economy

"The going rate for downloading songs from online music services like Apple's (AAPL) iTunes Music Store, MusicNet, Pressplay, and Rhapsody is about $1 a pop. Yet the economics of recorded music sales haven't changed much since the vinyl era -- despite the fact that digital files cost very little to produce and distribute. So how much of your buck makes its way back to the artists? Not much, though it's clearly a better deal than they get from piracy. "

Getting god out of government

Several articles on the topic of the government pushing religion.

Drum-beating about the 9th circuit decision about "Under God" in the pledge:


Public prayer fanatics borrow page from enemy's script

The Bush administration has been dealt a setback in its campaign to
allow prayer in our public schools. The full 9th Circuit U.S. Court
of Appeals has voted 15-9 to back the 2-1 vote by its earlier panel
finding the Pledge of Allegiance unconstitutional because of the
words ''under God.''

How did your senator vote on the pledge legislation (" S. Res. 71 As Amended; A resolution expressing the support for the Pledge of Allegiance.")?
U.S. Senate: Legislation & Records Home > Votes > Roll Call Vote

The Sacramento Bee -- -- Diana Griego Erwin: Pledge debate recalls another tradition, another controversy The best quote is, "the Constitution wasn't written to uphold majority opinion." It was written to protect the minority from the tyranny of the majority.

The 9th Circuit seems to agree. Our Constitution protects the freedom of us all, Jew, Christian, atheist, Muslim, Buddhist or agnostic to pray or keep silent, worship or not, believe or disbelieve. Standing outside the classroom door to avoid participating is exclusionary, especially for children.

At my school in the 1960s, one student couldn't pledge allegiance to the flag because her family was Jehovah's Witness. Being children, we thought she was weird. She even seemed less American. She was just a little girl.

And finally, an article debunking the religious nut talking point that we are a "Christian nation". The Nation | Article | Our Godless Constitution | Brooke Allen

Washington Supreme Court will decide if police need warrant for GPS 'tracking

Court will decide if police need warrant for GPS 'tracking'

But what if the same secret technology, called global positioning satellite tracking, could track anyone at any time?

The Washington Supreme Court will decide soon whether police agencies throughout the state may use the device freely -- without a warrant. The Jackson case is the first in the state dealing with the issue.

Update: The court unanimously decided that a warrant is required:

OLYMPIA, WA - The American Civil Liberties Union of Washington today hailed a unanimous, first-in-the-nation ruling by the Washington Supreme Court that police must obtain a warrant in order to track an individual's movements with Global Positioning Systems (GPS). The ruling agrees with arguments the ACLU submitted in a friend-of-the-court brief in the case.

"The ACLU applauds the court's ruling in this landmark case. Tracking a person's movements by GPS is highly intrusive. It is the equivalent of placing an invisible police officer in the back seat of a person's car," said ACLU of Washington Privacy Project Director Doug Klunder, who wrote the ACLU's brief.

Airline <strike>security</strike>

A Dangerous Loophole in Airport Security - If Slate could discover it, the terrorists will too. By Andy Bowers

More security window-dressing... More reason that ID checks and the watch list are BS security.

The Phantom "Cyber" terrorism?

[IP] Govt Comp.News - Assessing "cyberterror" - couldn't find any!

>I've been working on the issue of how to build secure public networks
>for about 7 years. I started out as a military analyst and I wanted to
>put the cyber terror/cyber war issue in a larger strategic context.
>About a year ago, I started looking for examples of cyber-terrorism,
>where hackers had shut down critical infrastuctures. I was surprised to
>discover that I couldn't find any, so I began to look more closely at
>the hypothetical scenarios involving cyber war. Most of them turned out
>to be implausible from a military or national security perspective.
>Hence the report.

Michael Dell calls BS on companies using threat of war as a scapegoat

Marketplace 4-Mar-2003, interview with Michael Dell

It's the current fashion for companies to blame the threat of war in Iraq for business being bad. But one company that's not using the war to explain its performance is Dell Computer. Marketplace host David Brancaccio talks with founder Michael Dell about how a company can succeed even in times of economic insecurity.

Michael talks about companies who are blaming poor results on the Iraq situation, etc. He says "Sadaam ate my homework" is not a good excuse. There will always be uncertainty in world events. Companies need to learn to succeed when times are good, but also when times are bad. Very sage advice indeed.

Faked research Results on the Rise?

Wired News: Faked Research Results on Rise?

Chris Pascal, director of the federal Office of Research Integrity, said its 28 staffers and $7 million annual budget haven't kept pace with the allegations. The result: Only 23 cases were closed last year. Of those, eight individuals were found guilty of research misconduct. In the past 15 years, the office has confirmed about 185 cases of scientific misconduct.

A great recommended read is False Prophets: Fraud and Error in Science and Medicine which reviews several recorded cases of research fraud.

The Security of Checks and balances

Schneier on Security: The Security of Checks and Balances

Very apropos read a couple of years later.

Same-sex marriage is an issue of civil rights and discrimination

Marriage Rights

Summary of benefits of marriage that same sex couples are being denied.

The typical talking point of the gay bigots is that "marriage" is a "sacred institution". But those assholes are guilty of equivocating (i.e. a logical fallacy, not to mention dishonesty). There are two completely separate concepts involved: Religious definition of marriage (which is not at all within the domain of government and is in no way changed by what the state decides to allow or not) and the Legal/Stata/Contractual definition of marriage, which is entirely secular and pragmatic.

Security Career Guide at ISC^2: sponsored by Microsoft

[infowarrior] - Microsoft sponsors security career guide
Richard Forno
Fri, 08 Jul 2005 22:39:04 -0700

Microsoft sponsors security career guide

A nonprofit organization with help from Microsoft has created a "career
guide" to spark interest for the information security profession among high
school and college students.

The guide was distributed last month to more than 3,500 school counselors,
administrators and educators at education conferences and has been made
available online, the International Information Systems Security
Certification Consortium, or (ISC)2, said this week.

Microsoft sponsored the 35-page guide, which is titled "Decoding the
Information Security Profession." The booklet offers a description of
information security, typical jobs, titles, industries and organizations,
professional requirements, certification options, typical salaries, career
outlook, and a listing of schools, education facilities, certification
companies and other resources and associations.

The guide can be found at:

Judge prevents divorce due to pregnancy

Seattle Post-Intelligencer: Judge won't let woman divorce while she's pregnant

In comments submitted to Bastine, Hughes said: "If this court vacates my divorce and requires me to stay married to a man I have no desire ever to have a relationship with and who has brought significant physical harm to me over the years, I would be emotionally devastated. If the court vacates my divorce and stays it until the birth of my child, it will prevent me from marrying the father of my child prior to her birth."

That link is no longer accessible, but The Stranger had an article which is accessible: A Difficult Pregnancy

Just sick. But the issue may not necessariily be one of an "activist judge" but Spokane law:

Spokane County has a policy against children being born "in limbo." A child's paternity must be determined before a divorce can be granted. While one state law allows women to divorce at will, there is another law that prohibits the courts from leaving a child without a source of financial support.

However, there is other information claiming that the judge was really trying to prevent the child from being born "in limbo" or out of wedlock. So who knows.

802.11n wireless not living up to promises yet - 802.11n wireless gear falls short in testing

Early adopters are likely to suffer the same problems that plagued 802.11g when it first emerged.

PKI considered harmful

PKI considered harmful

Next time someone at your company says "we can't do encryption until we get a PKI", refer to this essay and collection of references.

I'll need to put together a related one to address the "we can't do ecnryption until we get a "key management" solution".

SSH Filesystem

SSH Filesystem

This is a filesystem client based on the SSH File Transfer Protocol. Since most SSH servers already support this protocol it is very easy to set up: i.e. on the server side there's nothing to do. On the client side mounting the filesystem is as easy as logging into the server with ssh.

Something to investigate...

More Firefox plugin goodness

foXpose/Tabnail plugins Two thumbnail-related plugins. One creates a single index page with thumbnails of all of your open tabs that you can use to navigate with. The other creates tiny thumbnails of the open pages in the tabs themselves. Both require firefox 1.5 or higher. It may be time to try the release candidate...

Also, since my previous post, I found several other useful and promising plugins:

Wizz RSS Newsreader
Dictionary Tooltip
IE Tab Buggy, but can be convenient to change rendering engine on Windows.

Security and Web Development:

Leet Key
Show IP
Tamper Data
Web Developer
Live HTTP Headers

Download Embedded
DownloadThemAll! I now use this instead of FlashGot.

Darwin award: Club accidentally burned down by brazen owner

Ananova - Safety test burns club to ground

A strip club owner burned his club to the ground while trying to prove it was fire-proof to health and safety inspectors.

Worst Tech Moments of 2005; Predictions for 2006

Wired News: Worst Tech Moments 2005

Not sure I entirely agree with all of these. Looks like Bush will make the 2006 list several more times given the additional illegal spying uncovered so far. A summary of the list:

  • TiVo boxes betray their owners

  • Commerce Department blocks .xxx domain

  • PayPal blocks Katrina aid

  • Space shuttle Discovery

  • Bush corrupts the NSA

Here are some items that I predict for the 2006 list:

I'm sure there are many others. These were off the top of my head.

Bush's Economic Policy Failure

Think Progress: President Bush’s Job Record Since August 2003: Nothing To Brag About

What Judd says. Even on the economy Bush can't claim any victory.

I believe it was Randi Rhodes who suggested that Bush should have been asked on Larry King something about how he was the first president to push for tax cuts during a "time of war". How's that working for ya?

Adam Corolla hangs up on Coultergeist

Jesus' General: Insulting Mr. Coulter

This is hilarious. Adam Corolla is a god.

And I particularly love the graphic of the Psycho Sally stabbing doll to represent Coultergeist.

Asinine terrorist-detection at Western Union

Western Union blocks Arab cash deliveries - Yahoo! News

DUBAI, United Arab Emirates - Money transfer agencies have delayed or blocked thousands of cash deliveries on suspicion of terrorist connections simply because senders or recipients have names like Mohammed or Ahmed, company officials said.

In one example, an Indian driver here said Western Union prevented him from sending $120 to a friend at home last month because the recipient's name was Mohammed.

Hard to believe it could be possible, but this is more stupid than the TSA's Secure Flight program (also a miserable failure).

Birth Canal Drive



We need more creativity like this in the world.

Stephen Hawking News

Stephen Hawking asked a great question: Yahoo! Answers - How can the human race survive the next hundred years?

He also made the news recently after a speech in China where he mentioned that he liked Chinese women The Daily Show had lots of fun with that, especially the longing look he appears to be giving the woman standing next to him.

Work to Live; Don't Live to Work

Joe Robinson: "Vacation Advocate"

The title is my mantra. Coincidentally, I just saw The Devil Wears Prada which is about this very topic. The lesson there is to be true to yourself and do not forsake the things in life (career goals, family goals, relationships, etc.) that you really believe are important to you without making that the result of a conscious choice to do so. A corollary would be Habit 3: Put First Things First - Principles of Personal Management (i.e. "Schedule your priorities") from the 7 Habits of HIghly Effective People.

It is definitely a fact that the only reason that American workers are more "productive" than other countries is because we work more hours. If we worked the same as the rest of the world, our productivity would fall by comparison. That means that we are less efficient. Joe argues that this is ironically because we don't value leisure time as much as the rest of the world.

A simple litmus test to evaluate whether your current behaviours align with your life goals or what you would want to have accomplished by the end of your life is to check each activity with:

"I wish I would have ________ more in my life"

Would you have said, "work longer hours"? Would you have said, "spent time with family/spouse/kids"? May help you be true to your inner desires. It's kind of like how it's hard to know if you ended up in the right place at the end of your journey if you didn't know where you were heading to begin with.

Sprint Wireless security SNAFU

cryocone: Identity leak with Sprint wireless

Someone in their infinite wisdom at Sprint set up an IVR that you can call (intended for internal care reps for identity verification) and get anyone's CPNI/PII by simply keying in their sprint wireless phone number.

Really convenient for Sprint employees and the public -- and really stupid on all counts.

AT&T Usurps Customer Records

Time to switch your phone company. AT&T rewrote its privacy policy to basically say that your data is theirs and they will do what they please. Some legal manoevering to allow them to continue to sell those records to the NSA to spy on you. All Cingular customers should now be wary since AT&T will own them once the acquisition is complete.

But I guess, what do you expect when we live in a country that doesn't explicitly grant privacy protections like the EU and where privacy is routinely tromped on by companies and the government for their own ends? And when the US public has been trained that this is okay?

The most disturbing revelation was one on June 30, 2006 when it was revealed that the NSA allegedly Sought U.S. Call Records 7 Months Before 9/11 This is a perfect example of the danger of unchecked governmental power and unrestrained trust in governement to not abuse power given them or taken (as in the Bush Administration).

Saturday, July 8, 2006

McCain sells out to the Religious Right

Daily Kos: McCain Embraces Falwell In All His Wingnut Glory

I thought that McCain was one of the good guys but when he can't even be true to his own assertion that Falwell is one of the "agents of intolerance", what kind of integrity does he really have? Disappointing. I'm glad that John Stewart pushed him about this on The Daily Show. The "real" news media certainly did not point this out.

Tuesday, July 4, 2006

Coulter the Plagiarist

'NY Post' Cites Evidence That Ann Coulter Plagiarized Parts of Book, Columns

Well, she has god on her side though so she must have gotten an okay.

It's not news that she offers misleading references in her books either. I believe that Al Franken called her out on several items from her previous books in Lies and the Lying Liars Who Tell Them

New study shows American dislike of atheists

The Carpetbagger Report: Blog Archive: The last taboo

I do not equate "not professing a particular affirmative belief" with "professing a non-affirmative belief" in god nor do I care enough to claim myself an "atheist" but I don't think that the religious segment of this country makes any distinction between the various kinds of non-theists so it does not matter. They don't care what you believe unless it isn't what they believe. [I consider myself part of the general "non-theist" category and most aligned with Humanism]

The general distaste of atheists is not very surprising given the amount of so-called "christian" religions that make belief in Jesus a prerequisite for avoiding eternal damnation (not doing good deeds or anything--just simply being coerced into believing in Jesus is all you need).

This reminds me of the exchange in Carl Sagan's excellent book Contact where Jodi Foster's character, who was a scientist and a nontheist, was demonized by the religious segment as not being able to represent this country's values. All the more troubling when nontheists often have less contradictory and more consistent and humanistic values than the religious stalwarts. Just because those values are not rooted in a belief in the supernatural they are cast aside as having less worth.

People still make brash generalizations about people through superficial categorizations rather than fully try to understand others. Not much different from any other prejudice. Ignorance reigns supreme.