What I am reading 7/22/2014 - It's not Manic Monday, It's not a Hazy Shade of Winter, It's Black Friday (dunh, dunh, dun duh)

Sploid - How the United States can collapse and fall on a Black Friday -

Our complex society is so fragile that a virus—spreading through cash and products sold during Black Friday—would bring it to its knees in a couple of days.

And since I mentioned them in the title of this post:




Ars Technica - Senate committee report excoriates Air Force for IT incompetence -

“The Air Force failed in its procurement of [ECSS]… because it lacked a clear objective and the organizational will to implement changes to its internal business processes vital to integrating ECSS into the organization,” the Senate investigators wrote in the report. “In doing so, the Air Force violated many crucial guidelines and best practices for information technology acquisition.”

...

The Air Force also failed to properly plan for the purchase of the system in advance. The program leaders only knew that they wanted to replace a collection of older systems with a new one; they had no real understanding of the functionality required to do that. In the original contract solicitation, the Air Force said that it wanted a system that was “truly ‘off-the-shelf’: unmodified and available to anyone.” But it also wanted a fully integrated system out of the box. What it got instead was three separate software products from Oracle and a collection of tools that a system integrator (Computer Sciences Corporation) could use to put them all together in the fashion the Air Force wanted.

Why did I know that Oracle's name would appear somewhere in conjunction with incompetence and failed Government IT projects?  Just Sayin'.

The Register - Manic malware Mayhem spreads through Linux, FreeBSD web servers -

Malware dubbed Mayhem is spreading through Linux and FreeBSD web servers, researchers say. The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security patches.

What can you really say?  Nothing is safe.

Pando Daily - Homophobia, racism and the Kochs: San Francisco’s tech-libertarian “Reboot” conference is a cesspool -

I think you kind of get the gist of the article from the title.  I am going to go out on a limb here and say that Mark Ames and company don't like Libertarians or conservatives.  I am also going to suggest that he probably doesn't know any real libertarians or conservatives, and that he just operates of the self-reinforcing caricature that he and his buddies at Valleywag and Boing Boing spew out every chance they get.

What I am reading 7/21/2014

Ars Technica - Growth factor restores insulin response in diabetic mice -

 working with mice, researchers have found that a well-known growth factor also restores the body's sensitivity to insulin and does so without any of the side effects associated with existing drugs. And they show that a modified form of the growth factor can still work effectively while reducing the risk of unforeseen consequences. This doesn't mean that using this method as a treatment will be free of side effects, but it does provide a promising avenue for further experiments.

Suck it PETA.

Endgadget - Search engine turns the tables on hackers by exposing their info -

Want to see a textbook definition of irony? Look no further than Indexeus, a search engine that primarily exposes the info of malicious hackers caught up in the very sort of data breaches that they inflict on others. As it was originally structured, people had to "donate" $1 for every record they wanted to purge from the engine's index; in other words, they had to pay to avoid the wrath of their fellow thieves.  

Can you imagine the hell this site must go through on a daily basis?

Gizmodo - Watch NASA's Full TV Broadcast of the Apollo 11 Moon Landing Right Here

What can you say, it's history and it's interesting.

What I am reading 7/20/2014 - Bad Bosses and Russian Hackers, Another Day In America

Gizmodo - Sure Your Job Sucks, But At Least Darth Vader's Not Your Boss -

the worst part isn't the force-strangling or lack of faith. It's having to work alongside the jerk and pretend like nothing ever happened.

Most of the bosses that I had who were like this were in the Navy so their behavior was moderated to an extent by the knowledge that if worse came to worse that I could always knock them out and sell them to some third world whorehouse for use with their more experimental clientele.  Not that such a thought ever crossed my mind and I certainly never blurted it out in the middle of a meeting where my Chief was rambling on and on about my many shortcomings.

GeekWire - My Uber got pulled over by the Denver police — and then things got really weird -

Same old, "Uber's great! Cabs Suck!" schtick.  

Bloomberg Business Week - How Russian Hackers Stole the Nasdaq -

In October 2010, a Federal Bureau of Investigation system monitoring U.S. Internet traffic picked up an alert. The signal was coming from Nasdaq (NDAQ). It looked like malware had snuck into the company’s central servers. There were indications that the intruder was not a kid somewhere, but the intelligence agency of another country. More troubling still: When the U.S. experts got a better look at the malware, they realized it was attack code, designed to cause damage.

There is no such thing as perfect security, but when you even ignore the basics, as it appears NASDAQ did, you are just asking for trouble.

Quartz - Putin is having trouble backing out of the corner in which he’s trapped himself -

Edward Lucas, of the Center for European Policy Analysis, suggests that the problem is the corner itself: even if he wanted to shift course, Putin has little room to maneuver after months of building a forceful domestic case—and his people into a frenzy—against outside enemies. He can’t back down from the brink, Lucas told Quartz in an email exchange. It would be “too humiliating now that he has demonized the West and Ukraine.”

OK, this is purely speculation and NOT related to any conversations I may or may not have had with friends who have been involved in Signals Intelligence both in the Marine Corps and in the Navy.  

Suppose you had a world leader who was being an ass - what do you do?  Sanctions, right?  And if sanctions don't work?   Well you can try military force, but in this case that isn't possible because a) The country that ass-leader is in charge of is a major power, and b) We don't have a President who can make a forceful enough case.  In that case maybe the NSA and CIA can help by - I don't know shooting down a passenger jet and making it look like the other guys did it.  

It wouldn't be that hard.  

The CIA is known to have stashes of Russian / Soviet weaponry, including tanks, artillery, anti-aircraft missles, etc.  The also have access to uniforms and expertise in placing people into positions infiltrate or act as nationals of other countries.  They also have a history of dirty trick operations like this.

Then we have the NSA.  Their job is Signals Intelligence, including disinformation.  So far all the evidence pointing at rebels or Russians has been intercepted conversations and some facebook posts, a system that the NSA is widely known to have compromised.  And whose is being asked to validate this evidence?  The NSA.

Again I am NOT saying this is anything but speculation, but possibly it bears consideration.




*If you haven't guessed yet, all the above NSA / CIA talk is complete BS.  If you seriously considered it for even a second, please re-evaluate your decision making style*

On Marvel Comics...

Over the last couple of days Marvel Comics has announced some fairly major changes to their line-up to the consternation of many (see #MarvelDiversity ). This evening I was online with some friends and we were discussing the changes a little bit and afterwards I decided to share my take on this with the rest of the universe - because as we all know my views are the only ones that matter.

 "OK Chad", you ask, "What are your thoughts?" (I know you didn't but in my fantasy world not only are you waiting with baited breath, but you are an extremely good looking blonde, who is actively swooning at the thought of me sharing my wisdom)

 Basically, who cares? At least in regards to Thor and Captain America. Both changes fit easily into the already established continuity. The wielder of Mjolnir is whoever is judged worthy and that person is imbued with Thor's power. As far as I know Marvel has never said that worthy is spelled P-E-N-I-S so I see no reason a woman can't be the hammer bearer. Captain America is much the same case, Steve Rogers isn't Captain America because of the super-soldier serum. That was just a tool. He is Captain America because of his belief in America,and his sense of justice etc. It doesn't matter who is wearing the uniform and carrying the shield as long as they hold those convictions are are a decent person.

 Iron Man is a different story - Being a dickish millionaire industrialist is centrally tied to the character, you can't change that and still have Iron Man work. He cannot be some Silicon Valley App Developer it just doesn't fit the character. I mean if you read Pando Daily or Valleywag you'd probably agree that the dick part does, but the rest just won't work.

 So there you go, anyone who feels humbled by my genius [crickets chirp loudly} can feel free to send money (or beer or PAID FOR piizas). Anyone who doesn't (everyone in the world) just feel glad that this isn't a subscription site and you didn't pay for this tripe.

Microsoft Announces Layoffs - Up to 18,000 (14 percent) of Total Workforce

Ars Technica has the full story with the CEOs email.  I just want to excerpt part -

First, we will simplify the way we work to drive greater accountability, become more agile and move faster. As part of modernizing our engineering processes the expectations we have from each of our disciplines will change. In addition, we plan to have fewer layers of management, both top down and sideways, to accelerate the flow of information and decision making. This includes flattening organizations and increasing the span of control of people managers. In addition, our business processes and support models will be more lean and efficient with greater trust between teams. The overall result of these changes will be more productive, impactful teams across Microsoft. These changes will affect both the Microsoft workforce and our vendor staff. Each organization is starting at different points and moving at different paces.

My experience has been that whenever that many buzzwords appear together in an announcement nothing good ever follows.  If I were a pessimistic person I would say that this is Microsoft's Death Knell.  It is going to be another case of death by MBA / B-school jargon.  (BTW I hope I am wrong I am a huge Microsoft Fan and have a lot of friends who work there)

What I am reading 7/17/2014 - The Tenth Amendment to the Constitution Forbids You Having High Speed Internet

Boing Boing - Car Hacker's Handbook -

Because any book that has a chapter starting with the word "Weaponize" has to be worth reading.  Right?

Ars Technica - Congresswoman defends “states’ rights” to protect ISPs from muni competition -

US Rep. Marsha Blackburn (R-TN) wants to make sure the Federal Communications Commission never interferes with "states' rights" to protect private Internet service providers from having to compete against municipal broadband networks.

...

Yesterday, she proposed an amendment to a general government appropriations bill that would prohibit taxpayer funds from being used by the FCC to preempt state laws governing municipal broadband.

As a Republican I would like to tel Representative Blackburn to kindly Fuck Off.

Bloomberg - We Don't Need a Corporate Income Tax -

while I don’t agree that we need to make corporations pay their “fair share,” I do agree that jettisoning the corporate income tax would be expensive. So here’s my proposal: Eliminate the corporate income tax and take the money from people. That’s what you’re doing anyway, so do it in a simpler, fairer and more progressive way, by raising income taxes on the wealthy and taxing capital income (dividends plus capital gains) more like ordinary income. And stop wasting everyone’s time and money on this insane, unwinnable chess game.

This seems like a sure fire way to kill the economy to me and usually I would expect better from McCardle, but maybe I am missing something.

National Defense Magazine - Cyber Labor Shortage Not What it Seems, Experts Say -

“There is no shortage of people who can talk and write about cyber security,” he said in an interview. “The shortage is in the people who actually have the hands-on skills to quickly find the infections, get rid of them and do good incident handling. Those skills are very rare.”

U.S. universities are cranking out plenty of graduates with cyber security related degrees, but they have mostly studied policy, he said. Many of those graduates aren’t getting good jobs. Faculty members don’t have real-world skills, so they are not teaching how to perform complicated tasks such as application penetration testing, advanced memory forensics or wireless hacker exploit development.

Are they saying that layers and layers of administrators don't exponentially increase value in every endeavor?  If so, I find that hard to believe.

What I am reading 7/16/2014 - Pow! To the moon Alice!

Gizmodo - How they assembled Apollo 11 -

The United States was fighting against all odds to beat the Soviet Union on the race to the Moon. The effort turned the country into a technological powerhouse like no other in the world, catapulting it decades ahead of everyone else, with more engineering students getting out of college than ever with the sole intention of participating in the greatest, most amazing project ever imagined.

And now we are a nation of MBAs who destroy companies with the ease of Superman leaping over a tall building.  Just saying.

pbs.org - Get a liberal arts B.A., not a business B.A., for the coming artisan economy -

Katz believes the artisan economy can help shore up the American middle class by creating new jobs to replace those mass production and middle management jobs lost to outsourcing or new technology. And he thinks that a firm grounding in the multidisciplinary liberal arts is the best preparation – better even than a business degree – to taking advantage of the artisan economy that he hopes will be a path to upward mobility for the average American.

Unlike many I believe that the traditional liberal arts course of study has value, when it is held to it's original purpose; the development of broad multidisciplinary knowledge that can be applied across many fields. (Basically what this guy says in his interview).  I am not sure about the idea of an artisanal economy shoring up the middle class however.  By definition artisinal works don't usually scale especially well. Still nothing the matter with people striking out on their own to give it a try.  

Krebs on Security - Java Update: Patch It of Pitch It -

According to Oracle, at least 8 of the 20 security holes plugged in this release earned a Common Vulnerability Scoring System (CVSS) rating of 9.0 or higher (with 10 being the most severe). Oracle says vulnerabilities with 9.x CVSS score are those which can be easily exploited remotely and without authentication, and which result in the complete compromise of the host operating system.

The trouble with Java is that it has a very broad install base, but many users don’t even know if they have it on their systems. There are a few of ways to find out if you have Java installed and what version may be running. Windows users can click Start, then Run, then type “cmd” without the quotes. At the command prompt, type “java -version” (again, no quotes). Users also can visit Java.com and click the “Do I have Java?” link on the homepage. Updates also should be available via the Java Control Panel or from Java.com.

Aaaaaaarghhhhhhhhh!!!!!!!!!!  

SANS - Despite Breaches, Most Critical Infrastructure Executives Say Security is Not a Priority (July 11, 2014)  -

According to a study that compiles responses from nearly 600 IT and IT security executives around the world, two-thirds of those responding said that their infrastructure had been compromised in the preceding 12 months, but just over a quarter said that security is a top priority.

Well honsetly, Security should not be the top priority.  Power delivery should be, but security should be very high in the list of considerations when building up the infrastructure for power delivery.  (or water or whatever the critical substance is.)  Security is an enabling tool not the end itself. 

What I am reading 7/15/2014

Ars Technica - Obama administration says the world’s servers are ours -

Global governments, the tech sector, and scholars are closely following a legal flap in which the US Justice Department claims that Microsoft must hand over e-mail stored in Dublin, Ireland.

In essence, President Barack Obama's administration claims that any company with operations in the United States must comply with valid warrants for data, even if the content is stored overseas. It's a position Microsoft and companies like Apple say is wrong, arguing that the enforcement of US law stops at the border.

I'm sure that some lawyer will step up to tell me I am wrong but here is how I would resolve this:  If anyone that was party to the email was present in the United States when the e-mail was sent then it is subject to a warrant; otherwise follow whatever process the various treaties lay out.  Simple huh?

Gizmodo - Snowpiercer Is Out On Demand Today, Just Weeks After Hitting Theaters -

Snowpiercer looks like a badass movie. Like if Blade Runner had sex with Speed. The sci-fi film has great reviews, an intriguing plot about hardscrabble future people engaging in class warfare on a really fast cold-weather train, and Tilda Swinton. But with a limited theatrical release, it hasn't been very easy to see.

I posted about this on Google+ earlier.  This does not look like a badass movie.  It looks like the stupidest movie I could possibly imagine someone making.   Seriously an ice-age begins and the way we survive is by riding around the world on a train?  Let me introduce you guys to something called buildings, and central heating, and greenhouses.  You don't need to circle the world endlessly on a goddamned train.  I think I might find suspension of disbelief to be difficult for this one.





svbtle.com - SocialCoin: A Cryptocurrency for a Global Basic Income -

Enter SocialCoin. We need a decentralized basic income that comes in the form of cryptocurrency. The basic idea is that 10% of the profits that miners earn from mining this coin is pooled and distributed to every member of the network on a bi-weekly basis. As adoption of the currency grows, the value of the coins will increase. It doesn’t matter if retailers don’t accept the coin, users can just exchange the coins for bitcoins or local fiat currency for immediate real world use.

I'm pretty sure you can guess where I come down on this idea.  

Variety - USA Picks Up Computer Hacking Drama Pilot ‘Mr. Robot’ -

USA has given a pilot pickup to “Mr. Robot,” a drama about an anti-social computer programmer who finds he can only connect with other people by hacking into their personal lives.

I am positive that this show will be both technically and sociologically accurate.