Friday, June 22, 2007

That darned right-winged media

This is causing all kinds of swirl in the right-wing punditry circles.  It's nothing that we didn't already suspect but the imbalance is staggering, especially when the majority of Americans support positions which are not in line with the majority of the right wing punditocracy.  Read the linked summary to see just how imbalanced it is (e.g. 91% conservative vs 9% progressive programming)

Think Progress » REPORT: The Right Wing Domination Of Talk Radio And How To End It
The Center for American Progress and Free Press today released the first-of-its-kind statistical analysis of the political make-up of talk radio in the United States. It confirms that talk radio, one of the most widely used media formats in America, is dominated almost exclusively by conservatives.

The new report — entitled “The Structural Imbalance of Political Talk Radio” — raises serious questions about whether the companies licensed to broadcast over the public radio airwaves are serving the listening needs of all Americans.
And Ed Schultz (one of my favorite talk radio show hosts) provides some hard facts that are hard to deny that provide rationale for the criticism:

Think Progress » Ed Schultz: ‘How Many Markets Do I Have To Beat Hannity In Before I Get 200 Or 300 Stations?’
Schultz — the host of the most popular progressive radio show in the country — debunked the right-wing myth that conservatives dominate simply because they are winning in a “free market.” Schultz explained that the market is being controlled by a few ownership groups that are forcing conservative talk shows into local markets:

Appeals court affirmed ruling: Stored Communications Act violates 4th Amendment

More good news in restoring constitutional governance to this country.

SANS Institute - SANS NewsBites
A US federal appeals court upheld a lower court ruling that said law
enforcement agents need warrants to seize web-based email. The Sixth
Circuit Court of Appeals said webmail users have a "reasonable
expectation of privacy" regarding the content of messages stored on a
remote host. The original 2006 ruling, unsuccessfully appealed by the
US government, said the Stored Communications Act (SCA) violates the
Fourth Amendment. The SCA had been used for 20 years to access stored
email without a warrant.

Tony Snow: wanker of the week

He actually said this:

Think Progress » Snow On Stem Cell Veto: ‘This Is The President Putting Science Before Ideology’
"...critics quite often who make those complaints are, whether deliberately or not, misstating the nature of the president’s commitment to stem cell research and paying little or no heed or giving no credit to the president’s unique and unprecedented role in supporting stem cell research."
And he even completely lied about previous statements he made.  Do they not know this sh*t is taped?  And why doesn't the mainstream media call them on this crap?

Crooks and Liars » The Daily Show catches Tony Snow Lying
“No, that is something — we have never said that.”

Tuesday, June 12, 2007

Mr. Wizard RIP

Wow.  I loved his show when I was younger.  Sorry to see him go.  Hopefully Bill Nye the Science Guy is filling his shoes sufficiently.

Boing Boing: Mr. Wizard (1917-2007)

Monday, June 11, 2007

There is some justice left in the US

And some damning language about the Administration's position and tactics.  Of course Gonzo provided the legal opinions to back up the bankrupt positions of the administration in these regards.  For shame on all of them.

Crooks and Liars » Court Overrules Bush's 'Enemy Combatant' Policy
The Bush administration cannot legally detain an immigrant it believes is an al-Qaida sleeper agent without charging him, a divided federal appeals court ruled Monday.
Think Progress » BREAKING: Bush Administration Loses Major Terror Detention Case
“To sanction such presidential authority to order the military to seize and indefinitely detain civilians, even if the President calls them ‘enemy combatants,’ would have disastrous consequences for the constitution — and the country,” the court panel said.

Let the Impeachment begin

The "they" is the Democrats.  We know we can't count on the Republican wankers to do the right thing, only what's right for their base.  But can we count on the Democrats?  So far, it doesn't look good.

I'd be down for an independent ticket for 2008, so long as it doesn't put another Republican in the white house like Nader helped with last time.  However, it is looking like the Dems have a good set of candidates to choose from thus far.  But who of them can _lead_?  We'll see.

Daily Kos: Gonzo No Confidence Vote Fails
If they are serious in having no confidence in Gonzales (and who couldn't be, outside of Bush?) then it's time to begin the process for the next step: impeachment.

GOP throwing off the stupidity curve

The majority of the 68% of Republicans who believe the genesis story (higher than the 53% of all Americans) literally must include that 36% of Americans who also still stand behind the president... 

And these beliefs have a special protection under the law because???

Crooks and Liars » Evolution confusion a partisan problem
The problem isn’t just that Americans in general are confused, but rather that the GOP is throwing off the curve.

Proving you are a computer

There have been some sites where I've suffered the same fate.  Do they want me to match case?  What the heck does the captcha say?

From the NYTimes article a great quote:
“You can make a captcha absolutely undefeatable by computers, but at some point, you are turning this from a human reading test into an intelligence test and an acuity test,” said Michael Barrett, the chief information security officer at PayPal, a division of eBay. “We are clearly at the point where captchas have hit diminishing returns.”
Talking Points Memo: by Joshua Micah Marshall June 11, 2007 10:54 PM
Of late, I've had several captcha fill-ins I was asked to type in where I actually had a difficult time figuring out what the letters were. And I'm human. Really.
To make matters worse, researchers (university ones, not independent hackers) are devising ever-clever ways of beating the tools.

It all depends on your threat model just how obscure you need your captchas to counter the threat but beware captcha's days are likely numbered.

Saturday, June 9, 2007

7 senators vote AGAINST Habeas Corpus

Senator Brownback (US Presidential Candidate) and 6 other Republican Senators voted against the Restoration of Habeas Corpus act.  Un-freaking-believable.

Crooks and Liars » Jonathan Turley Slams Bush, Republicans On Habeas Corpus

Great photo of Paris Hilton

I hate to add to the excessive frenzy over Paris going to jail, but there are some choice photos of her hysterical.  And the fact that she is heading back to jail is a good thing for equal justice in the eyes of the law.

The Sydney Morning Herald: national, world, business, entertainment, sport and technology news from Australia's leading newspaper.
Hilton's release for an undisclosed medical condition - and the decision to allow her to serve the time at her luxurious home - caused outrage among civil rights leaders and many Americans, who argued it could be interpreted as affording the socialite favours not available to other, less famous, inmates.

Scientists store data in live neurons

This is a remarkable development.  We are learning more and more about the brain all the time...  I can't wait to get my Matrix-like Jiu-Jitsu and Kung Fu chips so that I can be an Ultimate Fighting champion.

Data stored in live neurons - tech - 08 June 2007 - New Scientist Tech
Information has been stored in live neurons for the first time, bringing closer the creation of "cyborg" computer chips that combine electronic circuits with human cells.

8 Trax shows in July

Some good friends of mine have a for-fun cover band they call the 8 Trax.  They are playing two shows July 13 and 14 at Jimmy Jack's.  They are big 60s/70s music fans so prepare for Freebird, lots of Zeppelin, AC/DC, and more.  It's always a fun time and looking at the location, there should be some fun people-watching as well.

Meebo: Web 2.0 IM Client

Meebo is one of the most beautiful web applications I have ever seen.  I can't wait to see what other kinds of rich web interfaces come to everyday applications after seeing what they have been able to do with this IM client.

I have a colleague who has abandoned proprietary IM clients and uses meebo instead.

House joins Senate in approving Stem Cell Research Expansion

This is a good sign.  Although Bush is likely to veto this even though a majority of the US public does not agree with his position.

Everything that I have heard about regarding Stem Cell Research says that it is a long shot, but has so much potential benefit that, like SETI, is worth investing resources in studying.  Regardless of the benefits, the government should not be putting restrictions on what kind of basic research scientists can engage in. - The Official Richard Dawkins Website
The House gave final Congressional approval on Thursday to legislation aimed at easing restrictions on federal financing of embryonic stem cell research, but Democratic leaders in both chambers conceded they were short of the votes needed to override a veto threatened by President Bush.

On a vote of 247 to 176, the House overwhelmingly passed the bill, with more than three dozen Republicans joining a Democratic-led effort to authorize federal support for research using stem cells from spare embryos that fertility clinics would otherwise discard. The Senate approved the legislation in April.

"Science is a gift of God to all of us and science has taken us to a place that is biblical in its power to cure," said Speaker Nancy Pelosi, Democrat of California, arguing for the bill's passage. "And that is the embryonic stem cell research."

New Book and Blog: Rule the Web

Both sound pretty cool.  I'll add to my RSS reader and look out for any new and unique sites.

Rule the Web
Welcome! My name is Mark Frauenfelder, and this is my new blog about a book I wrote called Rule the Web: How To Do Anything and Everything on the Internet -- Better, Faster, Easier. It's be a guide to cool ways to use the Internet to make your life better. It’s not a comprehensive list of every website out there — instead, it shows you how to enhance different areas of your life — your creativity, work, education, travel, health, leisure, and so on.

Sam Harris on the Feasibility and Superiority of Secular Morality

I think it is one of the weakest arguments that Religious people make when they claim that people need religion as a necessary condition to have a moral compass.  Especially when you actually read the crap that passes off as "moral guidance" in the bible.

The worst outcome of the religious-based morality is that they do not follow a system that intends to minimize suffering and increase love.  There are such divisive aspects of religious-based morality that result in the exact opposite (e.g. "God Hates Fags", anti-birth-control policies that result in teen pregnancy that ruins lives, etc.).  And then there are the passive fundamentalists who believe that all they need to do is believe in Jesus as their personal saviour and they will go to heaven without having to account for _anything_ moral in this life.  These folks offer up some of the most vile, divisive policies such as the late Jerry Falwell did during his life.

This is my favorite section of the article that nicely summarizes some very damning criticism of the bible as a moral compass: - The Official Richard Dawkins Website
If a book like the Bible were the only reliable blueprint for human decency that we had, it would be impossible (both practically and logically) to criticize it in moral terms. But it is extraordinarily easy to criticize the morality one finds in the Bible, as most of it is simply odious and incompatible with a civil society.

The notion that the Bible is a perfect guide to morality is really quite amazing, given the contents of the book. Human sacrifice, genocide, slaveholding, and misogyny are consistently celebrated. Of course, God's counsel to parents is refreshingly straightforward: whenever children get out of line, we should beat them with a rod (Proverbs 13:24, 20:30, and 23:13–14). If they are shameless enough to talk back to us, we should kill them (Exodus 21:15, Leviticus 20:9, Deuteronomy 21:18–21, Mark 7:9–13, and Matthew 15:4–7). We must also stone people to death for heresy, adultery, homosexuality, working on the Sabbath, worshiping graven images, practicing sorcery, and a wide variety of other imaginary crimes.

Most Christians imagine that Jesus did away with all this barbarism and
delivered a doctrine of pure love and toleration. He didn't.

Sunday, June 3, 2007

Should you buy the "Forever stamp"?

It may seem enticing to buy the "Forever stamps" that will always be accepted no matter if the cost of 1st class postage jumps to $1.00.  But, if you actually look at the trends in a) postage increases and b) 1st class mail decline it is not a good economic argument.

Imagine today in 2007 you bought 100 "Forever stamps" for $0.42 each ($42.00 in stamps).  Due to inflation of 3%, those stamps would be worth $75.86 in 2027 dollars.  However, given that stamps increase a max of 10 cents per decade, those stamps would likely only _really_ be worth $62.00 (~$16 less than you could buy stamps for in 2027 dollars).

Furthermore, if you just invested the $42.00 at 5% interest (there are many great online savings offers to choose from now that will pay that with a liquid account), that $42.00 would have grown to $111.44 in 2027, an increase of almost three times your initial principal.  You could buy the $62.00 worth of stamps in 2027 and still have about $60 in your pocket.

So, save your money ;-)

Rising cost of U.S. Postage Stamps
Every decade since the 1970s has seen around eight to ten cents increase in the cost of a stamp.

Exploiting Security Procedures

I need to post a photo of the sign in my building that actually tells you that the locked stairwell doors will be unlocked if the fire alarm is tripped.  Hmm, so to break in all I have to do is...

Schneier on Security: Attackers Exploiting Security Procedures

TJX sued by banks for not disclosing security breach

TJX sat for months knowing full well they had been breached but didn't notify anyone.  The downstream impacts for issuers alone are potentially huge.  What do you do knowing that you have a list of customers whose cards you know were breached?  Do you replace them all as a precaution?  Who pays for that cost?  Or do you monitor and hope for the best?  Who pays for the cost of the added monitoring?

Schneier on Security: Lawsuit for Not Disclosing a Security Breach
The TJX breach was worse than first thought.
The company initially believed that attackers had access to its network
between May 2006 and January 2007. However, TJX recently admitted that
thieves were inside the network several other times, beginning in July
2005. In last month's SEC filing, the company said the stolen data
covers transactions dating back even further, to December 2002. The
Federal Trade Commission (FTC) is investigating the breach.

TEMPEST in a Laptop

TEMPEST risks extended from CRTs to LCDs.  This is really cool stuff.

New Scientist Technology Blog: Seeing through walls
A radio antenna and radio receiver - equipment totalling less than £1000 - is all you need. Kuhn managed to grab the image to the left through two intermediate offices and three plasterboard walls.

How to use google to find breach disclosures

Adam Shostack provides some useful information on companies who have publicly disclosed data breaches and how to find more later on.  Gotta love the Internet.

Emergent Chaos: Breaches in SEC Reports
this Google search against the edgar-online site
works well:

("disclosure of personal information"|"security breach") ("10-K"|"10K"|"10-Q"|"10Q")

I missed Toorcon Seattle

'Twas May 11-13th.  I need to keep up on my security blogs and news more...  I'll be looking for it next year though.

Speaking of Seattle security groups, I need to find out what's up with SeaSec.  Seems to have gone stagnant.  I've emailed and not gotten responses.  I organize a periodic get together of security folks from my company; perhaps I should expand it to outside entities?  It serves much the same purpose, although more laser-focused for my employer.

ToorCon Seattle (Beta)
We just wanted to thank everyone for coming and participating this year. It is definitely one of the best and most fun events that we've thrown

Anecdotal list of phishing-impacted institutions

I get at least 400 spam emails every day.  Until I get my new filter setup better trained, I've had to manually review my spam folder more than I've had to with my older system.  It is illuminating seeing many of the patterns that show up, but in the past month, these are the most frequently seen institutions:
  • BB&T (Branch Banking & Trust Company)
  • PayPal
  • National City bank
  • Regions Bank
  • Aegis Capital Group
I'm also getting tons of spam referring to the recipient as Rickie Peters.  Who the hell is this and why would this be a good tactic for the spammers.  That isn't me, BTW.

Security experts are people and people are bad at evaluating risk

This is another great essay from Bruce in Wired magazine about how people miscalculate risks.  This subject really fascinates me, which is at the heart of many superstitions and beliefs that people can't seem to shake, even though they use their iPods and HDTVs and seem to believe in science as a way to knowledge of the world.
Schneier on Security: Rare Risk and Overreactions
Novelty plus dread equals overreaction.
And, on a related note, Ian Grigg discusses how us security people are just as bad at calculating risks and dealing with relative risks -- in general.  There comes a time in your security career when you have to realize that the goal is never to _eliminate_ risk.  A good security person knows how to evaluate risks (read:  threat model) and to come up with viable solutions to move forward and _reduce risk to a manageable level_.  This is especially true in the business world.  Being in business is risky and comes about by people at all levels taking risks.  Security risks are just one class of risks that a company needs to weigh as part of the economic equation.  If you can get to the level of a solution provider, you will find it more rewarding than trying to play adversarial whack-a-mole with business people and every little potential risk that comes up.  Vulnerabilities != risk, necessarily.  Repeat that until it sinks in.

Although I don't believe the answer involves trying to come up with crazy ways to "quantify" risk.  That has been a holy grail and likely will continue to be.  The more I read about quantum mechanics though, the more I'm seeing a potential for a probabilistic model for security.  However, the lack of quality data about incidents to base statistics on still leaves such a huge margin of error that getting any model to be more precise than the typical Low - Medium - High - Critical scale is a stretch.

Financial Cryptography: The Myth of the Superuser, and other frauds by the security community
...experts in the field of computer crime and computer security are seemingly uninterested in probabilities. Computer experts rarely assess a risk of online harm as anything but, “significant,” and they almost never compare different categories of harm for relative risk.

Free the spectrum, therefore free the network

This is a great point.  The wireless carriers get rich by using the public airwaves; why should they be able to do what AT&T and other companies did and block access to their network?  The Internet is a great success story in how much innovation in such a short period of time can come about from open access to myriad devices.  I also see wireless LANs as a success story as well with innovation with unlicensed spectrum, that may reveal how in the digital age, keeping the public from using their spectrum is not necessarily even technically required any longer and may be harming development of newer applications.  But the lawyers, such as those at AT&T Wireless where I used to work, who fought to control the spectrum and make it illegal for the public to use (since the mobile network lacked actual network security at the time), didn't think of such repercussions. 

Boing Boing: How the right to attach can keep spectrum free

From the article:
...any winner of the auction respect a rule that gives consumers the right to attach any safe device (meaning it does no harm) to the wireless network that uses that spectrum. It’s called the Cellular Carterfone rule, after a 1968 decision by the FCC in a case brought by a company called Carter Electronics that wanted to attach a shortwave radio to AT&T’s network. That decision resulted in the creation of the standard phone jack.

Bad Religion Linkfest

A series of links that all came up about religion recently that evince the darker side of religion.

BBC NEWS | Programmes | Panorama | Row over Scientology video:  BBC's Panorama:  Scientology and Me
Scientology has tried, unsuccessfully, to block this documentary showing the innards of its religion/cult.  I found out recently that this playbook for silencing critics was written by founder L. Ron Hubbard.  Nice.
"Fair Game" was introduced by Hubbard, and incites Scientologists to use criminal behavior, deception and exploitation of the legal system to resist "Suppressive Persons", i.e. people or groups that "actively seeks to suppress or damage Scientology or a Scientologist by Suppressive Acts". He defined it "Fair Game" as: ENEMY — SP Order. Fair game. May be deprived of property or injured by any means by any Scientologist without any discipline of the Scientologist. May be tricked, sued or lied to or destroyed.
And, sickening (literally) attempts to block a breakthrough vaccine that can stem suffering and disease for so many.
US conservatives block cancer vaccine for girls - 14 May 2007 - New Scientist
Plans to vaccinate young girls against the sexually-transmitted virus that causes cervical cancer have been blocked in several US states by conservative groups, who say that doing so would encourage promiscuity.

Advocates of the vaccine point out that the jabs work against human papillomavirus (HPV) - which causes virtually all cases of cervical cancer - and are safe.

The latest data from a large clinical trial of Merck's cervical cancer vaccine, Gardasil, found it offered 100% protection against cervical, vulval and vaginal diseases, caused by HPV (types 6, 11, 16 and 18) and 98% protection against advanced pre-cancers caused by HPV types 16 and 18 (New England Journal of Medicine: vol 356, p1915).
And you thought veteran's healthcare couldn't get worse than rat and cockroach - infested facilities? 
Crooks and Liars » How About A Little Dose of Fundamentalism To Make The Medicine Go Down?
Navy veteran David Miller said that when he checked into the Veterans
Affairs Medical Center in Iowa City, he didn't realize he would get a
hard sell for Christian fundamentalism along with treatment for his
kidney stones.
In Indiana, a fight over 'In God We Trust' license plates - Los Angeles Times
Short version:  Indiana exempts the plates with this slogan from extra charges applied to similar sloganized plates.  State-sponsorship of a religious belief system?

YouTube - Bill Maher interviews Christoper Hitchens
Mr. Hitchens is in the class of "abrasive atheists" but he is always entertaining and this interview is a true gem. 

Senator Brownback tries to backpedal from his freedom of speech moment at the first Republican debate where he joined two other Republicans in professing to not believe in evolution.  Of course, his position is a tired one that many evolution-deniers take in that they create a straw man argument about what "evolutionists" believe.  It is not part of the theory that "there is no divine causality".  Perhaps it was Darwin's title "The Origin of Species" that throws believers off.  He wasn't saying that there emphatically was not a divine origin of life. 
What I Think About Evolution - New York Times
The most passionate advocates of evolutionary theory offer a vision of man as a kind of historical accident. That being the case, many believers — myself included — reject arguments for evolution that dismiss the possibility of divine causality.
Georgia was already on my list of states I'd never want to live in, let alone educate my kids in.
Ga. judge: Keep Potter books in school | - Houston Chronicle
The adventures of boy wizard Harry Potter can stay in Gwinnett County school libraries, despite a mother's objections, a judge ruled Tuesday. Laura Mallory, who argued the popular fiction series is an attempt to indoctrinate children in witchcraft, said she still wants the best-selling books removed and may take her case to federal court.
A report by Media Matters reveals how extremist religious figures in America are often spoken of as if they speak for a majority of Americans.
Media Matters - Left Behind: The Skewed Representation of Religion in Major News Media
this study documents, coverage of religion not only overrepresents some voices and underrepresents others, it does so in a way that is consistently advantageous to conservatives.
This is what I find more disturbing, however, and the O'Reilly's of the world perpetuate this distortion:
Religion is often depicted in the news media as a politically divisive force, with two sides roughly paralleling the broader political divide: On one side are cultural conservatives who ground their political values in religious beliefs; and on the other side are secular liberals, who have opted out of debates that center on religion-based values. The truth, however is far different: close to 90 percent of Americans today self-identify as religious, while only 22 percent belong to traditionalist sects.
Ahh, the war on reason and science continues. - Science museum serves those with no use for science
To the embarrassment of thoughtful believers, the Creation Museum has been built for people who were born yesterday, or more or less yesterday, because they don't believe in the great geologic periods that spoilsport science insists upon.
Well, if he can use scripture to justify bigotry against gays, how about scripture to justify slavery or beating your wife or many other vile things in that book.
Romney cites Scripture in defending opposition to gay marriage -
Romney, seeking to become the first Mormon president, also tries to allay any concerns about his religion.

DHS hires more people with head in clouds

This is rich.  Just what the DHS needs, more people not grounded in reality.

Schneier on Security: DHS Uses Actual Science-Fiction Writers to Help Develop Movie-Plot Threats

Which is all the more rich since DHS is not focused on terrorism.  More and more I'm with Ron Paul when he said that the DHS should be abolished.

Google Street View: You have no privacy

This new feature is a little eerie to me.  You can clearly read license plate numbers on cars, see people dining at street cafes.  The photo on this link even shows a woman showing a little too much on the thong-side.

Boing Boing: Google Street View: would it be more/less evil if it were CIA or NSA?
Would we feel differently about street-level image mapping if it were done by a government agency? The FBI? CIA? NSA? DHS? Not implying that it should be, and this isn't "backlash." Just asking aloud.

Here is how they are gathering these images. A company drives up and down the streets with a camera that takes images in all directions. Cool stuff, but like I said, eerie.

Google Street View technology

Democrats giving in emboldens our enemies and endangers our troops

That's right spineless Democrats.  By giving Bush the extra funding supplemental for the Iraq war, you've sent a message to our enemies that we're not leaving any time soon, which is likely to make us and the troops _less safe_.  Why can't you people get the message out that extending the war "emboldens our enemies" to counter the falsehood that it's the timetables that do this?  Sheesh.  And you wonder why they can barely win even in an environment like this.

Iraq Veterans Demand White House Recant Endorsement of Endless War in Iraq - AMERICAblog: A great nation deserves the truth
Iraq Veterans Demand White House Recant Endorsement of Endless War in Iraq says 'The bulls-eye on the back of our troops just got a whole lot bigger, and the president is to blame'