Sunday, December 21, 2014

Why the Police shoot guys with knives

Seen on Facebook

Like a lot of people I think that in the past 20 years or so the Police have become overly aggressive in how they deal with the general population but then you see something like this and you realize that sometimes (not always but sometimes) there is a valid reason.    The write up under this picture mentions the 21 foot rule - here is a video with some pretty vivid demonstrations (a clarification though 21 feet is the minimum safe distance in which an officer can probably react, not the maximum distance at which the won't be able too).

Saturday, December 20, 2014

The real Sony hackers? Google. Plus the greatest societal scourge ever! Ever!! - What I am reading 12/20/2014

Ars Technica - Hollywood v. Goliath: Inside the aggressive studio effort to bring Google to heel -
Hood's investigation got revved up after at least a year of intense lobbying by the Motion Picture Association of America (MPAA). E-mails that hackers acquired from Sony Pictures executives and then dumped publicly now show the inner workings of how that lobbying advanced—and just how extensive it was. Attorneys at Sony were on a short list of top Hollywood lawyers frequently updated about the MPAA's "Attorney General Project," along with those at Disney, Warner Brothers, 21st Century Fox, NBC Universal, and Paramount.
The e-mails show a staggering level of access to, and influence over, elected officials.
So here's my theory - Google wants to expose the collusion between the MPAA, the RIAA, and the various Attorney Generals, but no one is listening so they hatch a devious scheme:  Hack Sony using "The Interview" as an excuse.  Plant Evidence to make it seem like the Norks did it an everyone will buy it because we all know North Korea is tun by a bunch of psychotic idiots.  Release the info, sites like Ars Technica will pick it up and run with it and Google gets what they want.  As a bonus they can get back at Hollywood for the horrible reviews "The Intership" got by releasing Annie for public ridicule. 

Endgadget - Google lawsuit forces MPAA-backed attorney general to retreat -
Now that Google is suing, Hood made a statement via the New York Times, calling for a "time out" and saying he will call the company to "negotiate a peaceful resolution of the issues affecting consumers."
So that risky gamble paid off

InfoSec Island - What Network Security Lessons Can We Learn from the Sony Attack? -
Sony's network security defenses, from poor access control to weak passwords, were so lacking in 2007 that an auditor told the company’s executive director of information security, "If you were a bank, you'd be out of business." Then there was the 2011 hack of Sony's Playstation network – an attack that was preceded two weeks earlier by the company laying off two employeeswho were responsible for network security.
In retrospect, it's easy to construct a seven-year trail of breadcrumbs back to Sony being hacked, and to allege that executives should have known they needed to do more to shield the company from attack. But, as it was suggested by the FBI's Joseph Demarest, assistant director of the agency's cyber division, the high sophistication of the attack proved to be just as much a factor as how porous the company's network security may have been.
I'm tempted to continue the joke and say the number one lesson should be don't piss off Google, but that might piss off Google and get me sued.  So the long and short of the article is basically don't be boneheads and follow good network security practices.  

NY Times - A Scourge Is Spreading. M.T.A.’s Cure? Dude, Close Your Legs. -

Taking on manspreading for the first time, the authority is set to unveil public service ads that encourage men to share a little less of themselves in the city’s ever-crowded subways cars.
The targets of the campaign, those men who spread their legs wide, into a sort of V-shaped slouch, effectively occupying two, sometimes even three, seats are not hard to find. Whether they will heed the new ads is another question.
Truly these men are history's greatest monsters and I for one applaud the NY Times decision to devote 33 paragraphs, 5 pictures and a video to this scourge.  If only they would devote as much effort to investigating things like, I don't know - actual news maybe.  

Friday, December 19, 2014

The FBI has an open investigative file on #GamerGate - What I am reading 11/19/2014

Muckrock via Slashdot - FBI has an open investigation related to #Gamergate -
Rejecting a request for the FBI's files on #Gamergate and its affiliates, the bureau stated that, while they have responsive documents related to the loose coalition, those files are part of an ongoing investigation, and release "would interfere with law enforcement proceedings." Who or what is being investigated remains an open question.
I don't really know what this means.  They could be investigating #GamerGaters for making death threats or the could be investigating people for falsely reporting death threats (and I have seen allegations that some of the higher profile people on the anti-gamergate side have made false claims).  Maybe both.  Who knows?

The Hacker News -  -
FEATURES OF COOLREAPER BACKDOOR According to Ryan Olson, intelligence director at Palo Alto, CoolReaper backdoor can perform a wide number of unsolicited tasks. The backdoor has ability to:
  • Download, install and activate any Android application without the user's consent or notification
  • Connect to a number of command and control (C&C) servers
  • Clear user data, uninstall existing applications, or disable system applications
  • Send fake over-the-air (OTA) software updates to devices that install unwanted applications
  • Send or insert arbitrary SMS or MMS messages into the phone
  • Dial arbitrary phone numbers
  • Upload device information, its location, application usage information, calling and SMS history to Coolpad server

Personally I blame both George Bush #blamebush and the #NSA.

Washington Post - Private colleges are a waste of money for white, middle class kids -

take a large survey of college graduates published this year by Gallup. It asked graduates how they were doing across five different metrics, including financially, physically and socially. Eleven percent of graduates of public universities and private universities said they were "thriving" across all five. Twelve percent of graduates of U.S. News & World Report's top 100 schools were thriving, essentially the same as the rest.
The biggest predictor of whether a graduate wasn't thriving was whether he or she had student loans. Fourteen percent of those without any debt said they were thriving, compared to 2 percent of those with more than $40,000 of debt. You can't draw iron-clad conclusions from that, but those figures should be worrisome all the same for anyone thinking about taking on student loans.
I've maintaine for a long time that the biggest advantage to the elite schools isn't the education itself.  It's the networking opportunities.  According to this article that may not be true either.

CNN - Watch out world: North Korea deep into cyber warfare, defector says -

Jang Se-yul, who defected from North Korea seven years ago, told CNN that he thinks there are 1,800 cyberwarriors in the agency stationed around the world. But he says even the agents themselves don't know how many others work for the secretive group, called Bureau 121, whose mission is to "conduct cyberattacks against overseas and enemy states."
Everyone is freaking at the moment because of the SONY hack but as I recall from what I read initially this wasn't a particularly sophisticated attack and it was made even more successful than it would have been by the SONY admins leaving an unencrypted folder called "passwords" on the desktop of one af the compromised machines.  Given that I am not ready to go into panic mode yet.

Wednesday, December 17, 2014

US and Cuba Talk - May Normalize Relations

WASHINGTON — The United States will open talks with Cuba aimed at restoring full diplomatic relations and opening an embassy in Havana for the first time in more than a half century after the release of an American contractor held in prison for five years, American officials said Wednesday.
As I write this I am watching my twitter feed blow up with people once again accusing the President of treason, claiming this is the first step to a new totalitarian regime, etc.  Personally I am for it.  I would have rathered that it wait until the Castros were out of power but I swear they are like vampires - they just refuse to die.

Obviously the sanctions haven't worked - they have been in place for 50 years and Cuba is no closer to being free than it was back when Che Guevara was having prisoners executed in Havana.  I have maintained for a long time that normalized relations would destabilize the Castros far more effectively than not allowing them to buy new cars or blue jeans will.  Especially since, as far as I know, no other country refuses to trade with them.  Let the dollar bring them down.  Plus - CUban women are hot and I want to go hang out in Havana and watch them walk up and down the street.  Just saying.

Watch out Google Fiber - What I am reading 12/17/2014

Hey all, been awhile since I have done one of these.  There is a reason - all anyone was talking about was "Jackie" and the "UVA Gang Rape", and I wasn't about to wade into that mass of spinning buzz saws, if I was stupid enough to do that I might as well just like a light socket.  It would be less painful and over quicker...  So anyway lets get back to expanding our minds:

The Register - Gigabit-over-TV-cable spec DOCSIS 3.1 passes interop test -
DOCSIS 3.1, a standard designed to deliver downloads at up to 10Gbps on existing hybrid fibre-coax cable television networks, has passed an interoperability test.
When DOCSIS 3.1 arrives, it will put the cat among the pigeons. Few internet service providers anywhere offer gigabit services. Cable television outfits will therefore be in a position to make their broadband offerings rather compelling.

Amazing how these things happen when it appears ther might be actual competition for a customer.

Pando Daily - Daily Dot admits reporter covered Anonymous without disclosing major ties to the group -

A reporter for tech culture site, The Daily Dot, reported on Anonymous for several months without disclosing his strong ties to the group, Pando has confirmed.
Reporter Dell Cameron has written over a dozen articles involving the hacker collective, including one about how Twitter had shuttered a hugely popular Anonymous account. However, Cameron failed to disclose to readers that, until May of this year, he was responsible for administering that same account, which describes itself as “a [s]ignal boost for Anonymous operations.” At least half a dozen of Cameron’s articles about Anonymous were published prior to the date he claims to have stepped down from running the @YourAnonNews account.

You know between this, the UVA story, #gamergate, the high school student who supposedly made $72,000,000 trading stocks at lunch time, and a few other examples, I am beginning to doubt both the intelligence and integrity of our journalistic overlords.

Dark Reading - Price Tag Rises For Stolen Identities Sold In The Underground -

One year after the cybercrime underground slashed the price of a stolen identity by as much as 37% due to a glut in the black market, the price tag for a pilfered ID has inched upward again.
Researchers at Dell SecureWorks published their latest report on the underground hacker market today. Counterfeit identities are the new hot product to support fraud -- new fake identity kits, passports, Social Security numbers, utility bills, and driver's licenses. A new identity, including a working SSN, name, and address, goes for $250, and for an additional $100, you can get a utility bill for ID verification purposes when perpetrating fraud, the researchers found.
Stolen IDs are cheaper than phony ones, but a bit pricier than last year. (price list below)

So the question is, are the shortage of identities that are driving these prices a result of fewer stolen identities being available for sale (unlikely), or a result of and increased number of criminals attempting to buy them.?  My money is on option 2.

Sunday, December 14, 2014

HMMMM, who could have seen this coming?


Pretty much anyone who isn't a socialist f***ing moron (or is that f***ing socialist moron?).

Socialist Council-member Kshama Sawant was the main proponent of the $15 ordinance. She and her supporters denied that the policy change would hurt businesses in the city. In one interview, Sawant said there need be “no unintended consequences.”
She went on to state that “any additional costs could come out of ‘extravagant profits’ rather than consumers pockets.”

Does she have any concept of economics?  I know stupid question - Of course she doesn't because she is a f***ing socialist moron.   (I guess I made a decision on phrasing)  The sad part is that this retard will be reelected in perpetuity  because it's Seattle and people will wonder why all the jobs have fled to the suburbs or more likely other states.  It's just sad.

Thursday, December 11, 2014

Stupid Employee Policies

Good article.

 I have been working since the 9th grade in jobs ranging from dishwasher at a chain restaurant to a variety of IT and Engineering jobs.  Some I have been successful at some I haven't, but over the course of my working life I have encountered most of these policies and with a couple minor exceptions this guy is pretty much right on target.  That's one of the reasons I stayed at Avocent as long as I did (until they closed the office I was working at otherwise I would still be there).  They avoided most of the garbage associated with rules like these.  We had policies and maybe even some variant of these policies but they weren't onerous and the people in charge (Karl Mills , Eric Bisset , Jedd Perry , etc.) were smart enough to make them work.  It remains one of the few places I would go back to work at in a minute, and I would work with any of the Engineering team again at anytime.

Sunday, December 07, 2014

Time for the weekly pilgrimage to Powell's (@powells) - My crappy book thread (crappy thread not crappy books)

I need book suggestions people.

I am finishing up Countdown to Zero Day - about the discovery (and development) of Stuxnet.  It was pretty interesting, although some parts were very repetitive.

Still working on Dome City Blues - So far it's good but a lot of deja-vu feelings in the book.  Has hints of Noir by K.W. Jeter, and When Gravity Fails by George Alec Effinger as well as a few others. That is not a criticism just an observation.

If you know of any books in the vein of Mark Russinovich's Jeff Aiken series shoot me the title.  I don't know why there aren't more good cyber-thrillers out there.

Not as interesting as the book thread at Ace's but what do you expect from a moron with a below room temperature IQ?