Monday, October 30, 2006

Good info on Compact Fluorescent lamps

Plus recommendations on where to, and where not to, use them, based on the best use of the technology for the money without excessive wear on the lamps.

What C.F. Lamps to Use Where

More Constitution Shredding by Bush Administration

Boing Boing: Bush legalizes martial law -- what Constitution?

Foxtrot comic on electronic voting machines: "scary"

Welcome to goComics Web Site featuring FoxTrot - Online Comics, Editorial Cartoons, Email Comics, Political Cartoons

10-29-2006 sunday comic in case the link breaks in the future.

Congressman Oops results in legal and civil liberties violation of student

Something tells me that the government has too much power...

Boing Boing: Congressman on Boarding Pass Generator guy: Uh... oops?
Last Friday, Rep. Edward Markey (D-MA) called for the arrest of Christopher Soghoian, and the takedown of his "Boarding Pass Generator" website which illustrated an airline security hole documented on the web for several years. Hours after the congressman's statement, Soghoian says FBI agents visited his home, then returned a second time after he'd left -- in the middle of the night -- with a search warrant signed at 2AM, and seized Soghoian's computer(s) and other belongings.

Now, several days too late, Markey issues another pronouncement which backtracks on his earlier statement. It's 250 words, but they boil down to one: "oops."

Speed traps suck

Oh, you should boycott Newhalem, WA for the same reason.  I'll blog about that story someday.

saablog :: Stupid Utah. Stupid rental cars. - The rest of the story

Global Warming Report: Pay now or pay lots more later

Financial and ecological consequences by delaying the inevitable though.

Think Progress » GLOBAL WARMING REPORT: Right-Wing Fiction vs. Economic Reality

More sad news in the war on science and reason

Think Progress » Senior Bush Appointee Rejected Scientists’ Recommendations In Favor Of Industry Positions

Julie MacDonald, Deputy Assistant Secretary for Fish and Wildlife and Parks, has consistently "rejected staff scientists' recommendations to protect imperiled animals and plants under the Endangered Species Act." A civil engineer with no training in biology, she has overruled and disparaged the findings of her staff, instead relying on the recommendations of political and industry groups.

Some Media outlets "forgetting" McCain's reversals

Especially heinous I think is the recent legislation McCain helped to broker that suspended habeus corpus for "enemy combatants", and allows torture, among other dreadful things.  I used to like McCain, but now he's pimped himself out for too many political purposes I think. 

Media Matters - Despite McCain's many hedges, Borger asserted that "[n]o one would accuse McCain of equivocating on anything"
In her latest column, posted online on October 29 and that will appear in the November 6 edition of U.S. News & World Report, U.S. News contributing editor and CBS News national political correspondent Gloria Borger asserted that "[n]o one would accuse [Sen. John] McCain [R-AZ] of equivocating on anything." Writing about the prospect of Sen. Barack Obama's (D-IL) running for president in 2008, Borger contrasted him with McCain, asserting that Obama's "penchant for wishy-washy is well documented." Yet as Media Matters for America has repeatedly noted, despite an abundance of well-documented backtracks, flip-flops, and inconsistencies, the media continue to describe McCain with words such as "honest" and "authentic" and generally regard him as an unwavering purveyor of "straight talk."

'Lucy' Tour coincides with "Creation Museum"

Oh brother.  "allegedly 3.2-million" years old.

Biblical creationist blasts tour of 'Lucy' at Pandagon

Monday, October 23, 2006

The "ticking timebomb" argument is BS

Once Upon a Time...: Lies in the Service of Evil

I have written about the utterly fictitious "ticking bomb" scenario on several occasions. Because I do not want to engage in this exercise ever again, I have assembled here the major relevant arguments, so that they will all be in one place.

An excellent debunking of the "ticking timebomb" argument. Sorry Jack Bauer.

Wednesday, October 18, 2006

Windows Vista: SD^3 begets Popup-your-way-to-security?

Usable Security: Blog Archive: Security in Windows Vista: to 2002 and Beyond!

Popup-your-way-to-security in vista. If this is the logical conclusion of having something secure-by-default (one of the SDs in SD^3), we may be in real trouble.

Thursday, October 12, 2006

VirusTotal: Free site to check malware and AV solution efficacy

Aviv Raff On .NET - VML Exploit vs. AV/IPS/IDS signatures

Article showing how VirusTotal revealed how easy it can be to create "variants" that go undetected by most Anti Virus products. The VirustTotal website could be a valuable resource.

Wednesday, October 11, 2006

Crooks and Liars: Olbermann Exclusive: Dissecting new Book: Tempting Faith

When President Bush touched on Iraq at his news conference this morning, he may have been revealing more than he knew.

[video] BUSH: The stakes couldn't be any higher, as I said earlier, in the world in which we live. There are extreme elements that use religion to achieve objectives.

He was talking about religious extremists in Iraq. But an hour later, Mr. Bush posed with officials from the Southern Baptist Convention.

Tuesday, October 10, 2006

no-fly list

Schneier on Security: No-Fly List

What a piece of crap!

New Google Code Search

Google code search (

Find all sorts of interesting things in source code out there, or web sites running interesting code. There's a great list to get you started "Google Code Hacking".

Monday, October 9, 2006

Microsoft Bug Reporting Process Makes me CACL

The story of how Microsoft has ended up with so many unconnected and uncoordinated versions of command-line tools to manage setting and displaying ACL (Access Control List) entries is funny enough, but wait until you hear about my experience trying to report a bug in the tool. First, on the sordid history that has lead to three versions of the same tool, instead of one version that actually works correctly and handles all situations. There was first cacls.exe, which shipped with windows AFAIK. That was missing some key features so in all their wisdom, Microsoft released xcacls.exe in a resource kit that made up for the shortcomings in cacls.

So, I found a small bug in Microsoft's

I called Microsoft to find out how I could report the bug in XCACLS.vbs and after voice jail and being put through the regular support cruft they said that the only way to report bugs is by US Mail! They don't have any email address or way to report them via their support line. I told them to forget it. I'd just post something on my blog so that someone having the same problem can find it via google (and that then maybe Microsoft might google it someday so they can fix the problem).

ING Direct's Anti-Phishing Measure Backfires?

Another funny observation I had was about ING's anti-phishing security
mechanisms and usability. They make you use an annoying, long numeric ID
as your login ID (you can't change it to an easily-rememberable one) which
you can't likely remember so you have to write it down or use Password
Safe to recall it. By making account IDs a secret, they are hoping to buy
additional security from the obscurity.

However, they recently added a feature on the site (likely because of the
usability problems with people not knowing or remembering their login ID)
where you can enter some static identifying information (SSN, zip code,
birthdate) and they will then pre-populate your customer login ID. I use
this often because although you have to type in more information, the
usability is better because it is faster to do this than to look up what
my login ID is. But, they have now created a great target for phishers
that can undo all the benefits of the hidden login ID and the additional
measures on the site because this feature is not protected with their
RSA/Cyota eStamp as their login dialog is.

YouTube: Hours of entertainment

YouTube - White & Nerdy

This is hilarious.

And for other Halo fans (and lovers of the original skit from Monty Python) is this mashup:

YouTube - Monty Python Halo

Net Neutrality Issue for Dummies

Network Neutrality Threatened In Norway

A very clear description of the Net Neutrality issue and how the claims made by those against it are baseless.

TBogg - "...a somewhat popular blogger"

Friday, October 6, 2006

Incompetence to breed more incompetence in Bush Administration

Think Progress: Bush Asserts Constitutional Right To Hire Incompetent People At FEMA

More news media lameness: Abuse of the Question Mark

Crooks and Liars: Jon Stewart’s Hilarious Look at the Use of the Question Mark

Note to news media: Report the FACTS on the NEWS and lose the question mark.

Security and Privacy "Certifications" often mean the opposite

Certifications and Site Trustworthiness

An excellent paper summarizing many of the problems with certifiers such as TRUSTe as well as showing that sites that get these certifications to prove their trustworthiness are actually more likely to NOT be trustworthy!

I know companies who are simply concerned about wanting customers to _think_ that their site was secure that they worked on getting a certification instead of investing in actually _making_ their site secure. No corrective action was taken to align technology or processes to the spirit or letter of the "certification". The same crummy procedures and mindsets that existed before the certification were there after the certification.

I have actually helped fill out the TRUST-e questionnaire the difficulty in answering their survey questions with 100% knowledge of everything that goes on in a company even though it tends to certify the site.

Tuesday, October 3, 2006

Right-Wing Pundit Wankers: More Good Use of Free Speech

scootmandubious: GOP's Revealing Response To Foley Scandal

Step right up! Join your fellow Right-wingers and go on record as a child predator apologist! Downplay the crime of statutory rape! Justify the coverup as necessary for political reasons!