Friday, October 09, 2015

Stephen Hawkings is a damn dirty communist - What I am reading 10/9/2015

US Uncut - Stephen Hawking Says We Should Really Be Scared Of Capitalism, Not Robots -
On Reddit, Hawkings said that the economic gap between the rich and the poor will continue to grow as more jobs are automated by machines, and the owners of said machines hoard them to create more wealth for themselves.
The question was about technological unemployment, in which jobs are automated out of existence.  A lot of people believe that will lead to the rampant poverty and death.  I believe that humans are adaptable and our economic systems will adapt to create an opportunity for people to provide work and value.  Hawking appeared to be arguing for wealth redistribution.  BTW, if the Terminator movies have taught us nothing else it's that the robots don't like to share, so maybe we should be scared of them.

Ars Technica - “Weev” threatens prosecutors with info from Ashley Madison leaks -

(I)n an "open letter" sent today to two federal prosecutors by e-mail and posted on Twitter, Auernheimer says he will reveal private information about Department of Justice prosecutors who have attempted to cheat on their wives.
The new letter doesn't name any alleged adulterers, but it says information about lawyers in the office that prosecuted him "will be the first to be disclosed." Auernheimer says he and his colleagues will "broadcast your indiscretions to the world for months."
Might just be me but I don't think this is going to make him more popular around the courthouse.

OK that's basically it for the day.

Thursday, October 08, 2015

So the world didn't end yesterday, but the e-commerce world may end tomorrow - What I am reading 10/8/2015

Ars Technica - SHA1 algorithm securing e-commerce and software could break by year’s end -
SHA1 has long been considered theoretically broken, and all major browsers had already planned to stop accepting SHA1-based signatures starting in January 2017. Now, researchers with Centrum Wiskunde & Informatica in the Netherlands, Inria in France, and Nanyang Technological University in Singapore have released a paper that argues real-world attacks that compromise the algorithm will be possible well before the cut-off date. The results of real-world forgeries could be catastrophic since the researchers estimate SHA1 now underpins more than 28 percent of existing digital certificates.
This is a  pretty big deal given that most banking and e-commerce sites are secured by SHA1 certificates and as far as I know the change over to something more secure has barely started.  I would be very careful with your online transactions for awhile.

WiredSteve Jobs and Tech’s God Complex -
Most biopics tend to mythologize their subjects. Jobs came pre-mythologized—by himself as much anyone else—so maybe it’s appropriate that Steve Jobs takes the opposite tack, demystifying the mystic and underscoring his very human failings. In this way, it’s more like one of those postmodern Westerns—McCabe & Mrs. Miller or Unforgiven—deconstructing America’s self-image by poking holes in the stories it tells about itself. Yeah, Jobs may have made good computers, this movie says, but that hardly matters, because—whatever Jobs might believe—machines are secondary to our work as humans, not extensions of it. “What you make isn’t supposed to be the best part of you,” Kate Winslet’s Joanna Hoffman tells Jobs. “Your products are better than you are, brother,” Woz spits. “I’m poorly made,” Jobs confesses.
Personally I think Steve Jobs was overrated as a person and a creative genius and that Apple is overrated by it's fans, but that's me.  I think one reason that these movies keep getting made is people want to reconcile their hero worship with the actual assholishness of the person.  I can't find the article now but I saw one yesterday where Jony Ives was complaining that by presenting the dark sides of the Jobs story it impinges on his legacy, which kind of proves my point.

The Register - Understand 'Safe Harbor', Schrems v Facebook in under 300 words -
As Snowden's leaks showed, there is no law legitimising the interference by the National Security Agencies, so one does not know whether any interference on their part is necessary.
'Safe Harbor' is unsafe because such agencies in the USA can access personal data without due process, and because the US has no law that limits the use of personal data by them.
So there ya go a quick and easy primer.

SANS - S+P Could Downgrade Banks with Inadequate Cybersecurity (September 29, 2015) -
Standard & Poor's (S+P) said it could downgrade banks that do not employ adequate cybersecurity measures even if the banks have not experienced a breach. Although S+P has not yet downgraded a bank over a breach, it could take action if the breach damaged the institution's reputation enough to lose customers and/or capital. 
[Editor's Note (Pescatore): Not very meaningful if S&P downgrades only after a breach damages a bank's "reputation" and only after breaches. That will be like when S&P and others downgraded the banks *after* the last financial crash. ]
Linux Botnet (September 29, 2015)
The XOR DDoS botnet comprises infected Linux computers. The botnet targets education and gaming websites with traffic up to 150 gigabits per second. The majority of the targeted sites are in Asia. In some of the attacks, the IP address of the bot is spoofed to make it appear to be part of the targeted network. 
Network World - Report: Target failed to execute security basics -
Verizon consultants probed Target’s network for weaknesses in the immediate aftermath of the company’s 2013 breach and came back with results that point to one overriding – if not dramatic - lesson: be sure to implement basic security best practices.
  • Failed to Segment Networks
  • Poor Password Policy Enforcement
  • Weak Passwords
  • Lax Patch Management
  • Running Outdated Vulnerable Services
  • Insufficient Authentication Requirements
So basically every poor security management practice possible short of actually just selling the data to the Russian Mafia.  Someone really needs to be held criminally responsible.

Wednesday, October 07, 2015

Airline Boarding Passes Hate You and Are Out To Get You - What I am reading 10/7/2015

Which brings us to rent seeking and the TfL response that Dabbs was talking about. Quite the most eye-popping of the proposed new rules to me was that drivers should only be able to drive for one specific network. This struck me as a very clever indeed move on the part of the rent seekers. And yes, this is rent seeking: so is the whole structure of The Knowledge and so on for black cab drivers.
Sure, it started out as a form of quality control: only those who know that Fleet Street is in the vicinity of Ludgate Hill get to ferry people around town, those who think that one or the other is in Wimbledon don't. But we do have these phones now, $50 Android and mapping services. It just isn't necessary for people to spend two years learning the roads before we want to let them take peoples' money.
Sure, it's a different form of rent seeking than the NYC taxi medallions we discussed here but it is still a form of rent seeking: attempting to restrict the competition so as to increase incomes.
But.. But, Uber is the future.  Bull, Uber is a cab company with a slightly better delivery model and a penchant for exploiting it's workers.

Tech Crunch - How Google Thinks About Hiring, Management, and Culture -
Managers thinking about self-improvement should think small. (9:13) People learn best when they focus on the smallest possible things, when they practice one small skill that is a constituent component of a much bigger thing. Doing that has two benefits. One is immediate repetition of that skill, and the second is immediate feedback and course correction. People learn best when they have those two things working.
Sweat the small stuff. (13:26) Managers have to be acutely aware of how small things can affect the culture of a company. Things like slamming a door or leaving garbage on the table after lunch in the boardroom: Those signals get internalized by everyone in the company. There was one tech firm where they had free towels in the gyms. And then one day they decided, on some cost cutting exercise, to start charging some trivial amount for towels, like two bucks a month. But that small decision was a tipping point in the culture; people realized, “This isn’t the place I joined.”
Amazingly nowhere in this do I see illegally collude with other companies to prevent workers from leaving for a better job or Pay Unfairly, but throw a fit when that fact is exposed.

Ars Technica - Trans-Pacific Partnership accord’s copyright details leaked -
The deal, which now needs approval from the pact's member nations, makes copyrights last for the life of the creator plus 70 years after death, according to the New Zealand government (PDF). That's basically the same as in the US.
I don't know enough to make a final definitive decision but so far I am against this deal.  I think copyright is headed in the wrong direction and currently defeats it's constitutional purpose.  

Krebs on Security - What’s in a Boarding Pass Barcode? A Lot -
“Besides his name, frequent flyer number and other [personally identifiable information], I was able to get his record locator (a.k.a. “record key” for the Lufthansa flight he was taking that day,” Cory said. “I then proceeded to Lufthansa’s website and using his last name (which was encoded in the barcode) and the record locator was able to get access to his entire account. Not only could I see this one flight, but I could see ANY future flights that were booked to his frequent flyer number from the Star Alliance.”
So the lesson here is anything with a barcode is a potentially evil document waiting to lead you to your doom and should be shredded.  Unless you need it for an expense report in which case it should be turned in but all employees with access to it should be shredded insteade.  Wait... does that work? Never mind, just be careful with the data.

Tuesday, October 06, 2015

Another stupid Navy story

Was just watching some comedy clips on You Tube and one of them the guy was talking about African-Americans talking during movies (actually he used different terms but you can figure it out) and that reminded me of another stupid story from my time in the Navy.

It's like late '91, I was stationed in Philadelphia and I hadn't gone to Antarctica yet.  I was dating a girl named Sondra who at that time was living in NYC so I had grabbed the train up there Friday after work and now was waiting for the train back.  For some reason it was delayed for a couple hours and to kill time I went back up to Times Square and went to see a movie at one of those shitty little theaters that were all over.  (No, they weren't all porn just 99.99999%)  

Anyway went to see Presidio with Mark Harmon and Sean Connery.  Right as the movie starts this African-American gentleman comes in, old army fatigues, backpack, 2 garbage bags full of whatever, makes a bunch of noise getting to his seat and then starts immediately talking in the loudest voice possible.

"Oh Yeah, San Francisco, City of my birth.  City I love.  blah blah blah"

Other people are talking too but this guy is by far the loudest and most annoying and he just keeps going on and on.  Finally after about 10 minutes this huge shadow stands up in the back of the theatre and says, "Yeah well New York is gonna be the city of your death, IF YOU DON"T SHUT THE F**K UP.

Instant silence.  From everyone.  I have no doubt that if one more word had been uttered before that movie was over blood would have flowed.

Just one of the stupid things you remember.

Monkey Autism? - What I am reading 10/6/2015

Ars Technica - Vaccine safety tested (again) by injection into infant macaques -
The authors of this study examined 79 infant rhesus macaques. These monkeys were either placed into a control group, where they were given saline injections, or they were given an injection of the tri-valent MMR vaccine. This vaccine, which contained the preservative thimerosal, was very similar to the vaccine that Wakefield initially connected to autism in his 1998 paper.
After injections, the monkeys were tested for autism like nonsocial behavior, fear behaviors, and repetitive activities. The examined behaviors of the monkeys that received the MMR vaccine were not significantly different from those that received the saline injection. The researchers to conclude that the monkey’s propensity for autism-like behaviors was not affected by their exposure to the MMR vaccine with thimerosal.
TL:DR - Suck it Jim Carrey and Jenny McCarthy.  Speaking of Jim Carrey -

The Superficial - Anti-Vaxxers Already Saying Big Pharma Killed Jim Carrey’s Girlfriend -
News of Jim Carrey’s girlfriend committing suicide hit late yesterday morning, and by mid-afternoon anti-vaxxers were already saying Big Pharma murdered Cathriona White because Jim Carrey is too important to the cause.
Of course Jim Carrey has my sympathy for his loss, so don't take this as me making light of his situation.  I am not.  The ant-vaxxers though are sure trying to use it to push their message.  My question is what does this get them?  Wouldn't it have made more sense to arrange an accident for Carrey or to infect one of his loved ones with a disease easily preventable by vaccination or any of a billion other possibilities?  This just doesn't make sense.

Wired - Inside Reddit’s Plan to Recover From Its Epic Meltdown -

A very long article to say, in my opinion, there really isn't one.  Are new mod tools and some speech restrictions really going to do it?  I don't think so, but then again I am not a billion dollar entrepreneur.

The Register - Silicon Valley now 'illegal' in Europe: Why Schrems vs Facebook is such a biggie -
Experts say that the Schrems decision nukes the uncomfortable political compromise of creating a "safe harbour" for data exports that the EU and the USA thrashed out in 2000, that became untenable after former NSA sysadmin Edward Snowden spilled the beans. No matter how much Brussels bureaucrats want their latest Safe Harbour fudge to work - the cat's out of the bag. US companies that export data are fundamentally illegal in Europe.

Safe Harbour ruled INVALID: Facebook 'n' pals' data slurp at risk -

Basically as I read this Facebook and the like will need to retain all European data in Europe and completely restructure their operations.  This is going to be a hugely destructive ruling.

Monday, October 05, 2015

Follow up on Why I Thought Mad Max Fury Road Sucked -

No, I haven't changed my opinion.  I still think that as Mad Max movies go it sucks, but now I know that I am not the only one.

 This post is the most active one I have had in a very long time.  It is still generating comments almost 5 months later and given my low low levels of blog readership that is saying something.  To me it indicates that there is a much larger group of people out there who just wanted a real Mad Max movie, instead of one that tried to go all politically correct on us.  It also indicates that maybe all those magazines and sites declaring this the greatest Mad Max movie ever should have taken a little closer look at what their readership thought of it.

(Again I think the movie would have been fine as a generic post-apocalyptic movie "Fury Road" I only object to it being part of the Mad max universe)

Saturday, October 03, 2015


Watched the first episode and a half of Blindspot.  Already over it.

First episode started out ok.  Naked lady covered in tattoos found in Times Square.  Tattoos contain clues that help solve crime.  Not an original story but not horrible.  Then the reveals started.  First off they are revealing too much to fast.  Second there is nothing original in what they are doing.  I got bored and I have a high boredom threshold.  I predict the shows last less than a season.

52 Weeks of @LindseyPelas - Week 6