Thursday September 3rd, 2015

Bouncing the reality check

Dan Lyke comments (0)





Dan Lyke comments (0)

New York Times: Documents reveal the NSA campaign against encryption. From the documents:

The SIGINT Enabling Project actively engages the US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs. These design changes make the systems in question exploitable through SIGINT collection (e.g., Endpoint, MidPiont, etc.) with foreknowledge of the modification. To the consumer and other adversaries, however, the systems' security remains intact.

Emphasis mine, so that I could call out: Do they believe the bullshit they write? I wonder how many of the exploits that we're discovering have been inserted by the NSA, discovered by the scammers and crackers, and are now our problem?

Among the goals stated for the project for FY2013:

Reach full operating capability for SIGINT access to a major Internet Peer-to-Peer voice and text communications system.

ie: probably Skype. And:

Complete enabling for ■■■■■■■■ encryption chips used in Virtual Private Network and Web encryption devices.

Careful with your hardware VPN devices, kids.

Is this a date?

Dan Lyke comments (0)

RT mcc ‏@mcclure111

Please note: Per ISO ISO 8601 if it is not formatted like 1994-11-05T08:15:30-05:00 it is not a date, it is just "hanging out"

Calculating RSA private keys

Dan Lyke comments (0)

Calculating RSA private keys from its public counterpart. A nice little walk-through of cracking a short public key.

Pupusas at noon in Santa Rosa

Dan Lyke comments (0)

Pupusas at noon in Santa Rosa, NW corner of Marlow & W. College. "Pupusas at noon" sounds like an old western, don't it?

Wednesday September 2nd, 2015

DA Ken Thompson: Charges for Punching Driver, No Charges for Killing Child:

East 22nd Street north of Ditmas Avenue, where the crash occurred, is a narrow, two-way cul-de-sac lined with apartments. The News said Auguste “lived on the block and was known for having a lead foot.” A witness said he “tried to press the brake, but went 15 to 20 feet before he stopped,” an indication that Jadann might be alive today if Auguste had been driving slower.

Lovecraft does C

Dan Lyke comments (0)

The C Programming Language Brian W Kernighan & Dennis M Ritchie & HP Lovecraft

People in the nearby towns had talked about C for nearly a century, and nothing new could be wilder or more hideous than what they had whispered and hinted years before. Many things had taught them secrecy, and there was now no need to exert pressure on them.

lack of web control

Dan Lyke comments (0)

More proof we don't control our web pages. Examples of ISP and network providing MitM-ing the web.

What part of sex or free enterprise are you opposed to?

Dan Lyke comments (0)

ACLU: Since When Are Consensual Sexual Relationships a Threat to National Security? On the raids, and the Department of Homeland Security's participation in them.

Relatedly, yesterday I discovered that there are people who un-ironically celebrate J. Edgar Hoover's notion that "justice is incidental to law and order." Shudder

More: Truth Out: Beyond Rentboy: Will the LGBT Movement Really Fight for Sex Worker Rights?

Antineutrino Global Map

Dan Lyke comments (0)

This is fascinating: Nature: AGM2015: Antineutrino Global Map 2015. Go look at the pretty pictures in section 1.

Omni Hoverboards. YouTube video of a flight.

As the n-copter set of technologies progresses to human flight, I didn't think that this'd be the first viable form-factor, but it kinda looks like it is.

Tuesday September 1st, 2015

Infected Phones

Dan Lyke comments (0)

Bought a brand-new phone? It could still have malware.

Ray Gorman, Lenovo's executive director of external communications, wrote in an email that the device G Data analyzed came from a third-party marketplace. The malware was installed by middlemen, he wrote.

"This is the only such occurrence we have been made aware of," Gorman wrote. "We always recommend customers transact with authorized distribution channels and only accept merchandise that comes in an official box with original factory seals."

Smartphone malware planted in popular apps pre-sale.

Via /.

Belkin vulnerabilities

Dan Lyke comments (0)

We've been having some performance issues with the home network, and I've been thinking about one of the more expensive Microtik routers, because it'll give us some diagnostics, do away with a hub on the home network.

We're currently using a Belkin for the NAT portion of the home network routing. This should change.

Popular Belkin Wi-Fi routers plagued by unpatched security flaws.

Lunch run 4

Dan Lyke comments (0)

Lunch run 4.27 miles, just under 9min/mi. Including a tricky traverse of the wet ditch south of Amy's, and some crossing traffic issues.

Heaven forbid they should block

Dan Lyke comments (0)

Heaven forbid they should block automobile traffic

less sex than 40 years ago

Dan Lyke comments (0)

Bettina Arndt: The growing male sex drought:

Surveys from across the world are now reporting dropping sexual frequencies, more celibate marriages and an increasing gap between male and female sexual desire with even young women reporting loss of sexual interest.

Arndt links to a PDF of an article that she wrote for The Weekend Australian (that, alas, doesn't seem to be available in a more friendly form) which quotes Osmo Kontula:

"Why was there such a decline in intercourse frequency in the 2000s? There’s been a 10 to 15 per cent drop in people of all ages who say they’ve had sex in the last week. People are now having less sex than in the early 1970s and the greatest decline has been for young people, those aged 25 to 40."

Kontula looks like he's got some fascinating papers. I'm interested in how this might tie into some of the demographic shifts happening in Japan (that will probably make their way over to the U.S. and Europe of those haven't started happening already)...

Monday August 31st, 2015

Nail biting suspense

Dan Lyke comments (0)

Nail biting suspense, gorgeous scenery, human drama, and obsessive climbers relentlessly pursuing a goal:

The cost of a bug

Dan Lyke comments (0)

How a bug in Visual Studio 2015 exposed my source code on GitHub and cost me $6,500 in a few hours.

Bug in Visual Studio's git integration made github repos that were supposed to be private public, which expose Amazon credentials, which Bitcoin miners use to spin up a bunch of EC2 instances...

Intimacy and the Law

Dan Lyke comments (0)

The Whore Next Door: Intimacy and the Law. On various different personal services, and their legality.

Share the Road, Spoil the Driver

Dan Lyke comments (0)

New Study Confirms: “Share The Road” Is a Problem

The study is “Bicycles May Use Full Lane” Signage Communicates U.S. Roadway Rules and Increases Perception of Safety, Hess & Peterson.

We'll see how long it takes for the various bicycle advocacy organizations to catch up, but given that people are still painting door zone "sharrows", I'm not optimistic.

First time running since the training

Dan Lyke comments (0)

First time running since the training pause before my back injury, circa 2 weeks. A leisurely 2.9mi, 8:50min/mi.

Whole Foods & prison labor

Dan Lyke comments (0)

Sunday August 30th, 2015

Down at The Rafael to see Meru

Dan Lyke comments (0)

Down at The Rafael to see Meru, because apparently we don't have enough nail biting terror in our lives right now.

On the way up to Indian Tree

Dan Lyke comments (0)

On the way up to Indian Tree

Friday August 28th, 2015

If you bet your ass

Dan Lyke comments (0)

If you bet your ass, are your winnings in more of your ass, or someone else's? Because it's not like ass is a fungible commodity...

As You Sow Files Notice Of Legal Action Against Soylent Super Food: High Levels of Lead and Cadmium Found by As You Sow in Two Samples of the Trendy Meal Replacement Powering Silicon Valley Coders.

"Nobody expects heavy metals in their meals," said Andrew Behar, CEO of As You Sow. "These heavy metals accumulate in the body over time and, since Soylent is marketed as a meal replacement, users may be chronically exposed to lead and cadmium concentrations that exceed California's safe harbor level (for reproductive harm). With stories about Silicon Valley coders sometimes eating three servings a day, this is of very high concern to the health of these tech workers."

Rain is sizzling bacon

Dan Lyke comments (0)

Because somehow I ended up as the Foley guy for a local troupe of people playing around with doing radio play dramatic readings: Rain is sizzling bacon, cars are lions roaring: the art of sound in movies

Costa Concordia time lapse

Dan Lyke comments (0)

Raising the Costa Concordia: A Time Lapse. Hat tip to Mark Dalrymple.

That huge squashed area of staterooms where the boat hit the bottom is particularly sobering.

Governments creating bogus phishing sites

Dan Lyke comments (0)

Associated Press sues FBI for impersonating its site to install spyware:

According to the AP lawsuit (PDF), the incident occurred when the FBI was investigating bomb threats made against a high school in Washington State. Hoping to lure out the person behind a MySpace account connected to the threats, FBI agents came up with an elaborate ruse: they constructed a legit-looking webpage with a fake news story under the AP masthead and the headline "Bomb threat at high school downplayed by local police department." Also buried within the site was a script to covertly install a piece of spyware. A link to the story was then sent to the MySpace account in a private message.

And, the EFF reports that a bogus domain purporting to be them is being used in another malware phishing campaign: was not the only domain involved in this attack. It seems to be part of a larger campaign, known as “Pawn Storm”. The current phase of the Pawn Storm attack campaign started a little over a month ago, and the overall campaign was first identified in an October 2014 report from Trend Micro (PDF). The group behind the attacks is possibly associated with the Russian government and has been active since at least 2007.

Sunday events

Dan Lyke comments (0)

Ideas for hanging out with Charlene on Sunday...

Or we could have a leisurely morning, walk down to the Petaluma River Heritage Center, borrow a boat, paddle around for a bit, go walk down to the hot rod show at 4th and Sea...

Dear every search engine

Dan Lyke comments (0)

Dear every search engine: I *always* want the venue web site above the Yelp page. *Always*.

Thursday August 27th, 2015

OMG Google and Facebook can sway

Dan Lyke comments (0)

"OMG! Google and Facebook can sway elections!" <-- Yeah, because the New York Times has historically been *so* responsible on that front.

Netflix and chill

Dan Lyke comments (1)

I love etymology: ‘Netflix and chill’: the complete history of a viral sex catchphrase. Although I'd probably have used something other than "viral sex" in that headline...

And in 20 years I'm sure we'll be looking back at "Wanna Netflix?" in the same way that we now look back at "Wanna cyber?"

Ohio is scary!

Dan Lyke comments (0)

Fuck Fashion

Dan Lyke comments (0)

License plate data

Dan Lyke comments (0)

If 1984 doesn't come to pass, it'll be because Big Brother gets caught up in procurement regulations: Oakland Californian Cops decide to collect less license plate data after 80GB drive got full: Police department unilaterally decides to impose six-month retention policy.. And Windows XP.

Why I'm Leaving

Dan Lyke comments (0)

Leaving Everywhere. Using real U.S. Census data, generates one of those "why I'm leaving X for Y" letters.

Wednesday August 26th, 2015

Infosec Reactions

Dan Lyke comments (0)

Infosec Reactions. Animated gifs for your information security situations.

AT&T in the Middle attacks

Dan Lyke comments (0)

AT&T Wifi hotspots are injecting ads. Which you probably suspected.

weekly fruit box has arrived at work

Dan Lyke comments (0)

The weekly fruit box has arrived at work. Have decided that "Hardass Peaches" is my new drag name.

Rentboy Raid

Dan Lyke comments (0)

What The Rentboy Raid Tells Us About The Gendered Rhetoric Of Trafficking:

Reading the press release, I was immediately struck by its use of rhetoric. Unlike official statements around the crackdowns on Backpage and similar services that are known primarily for advertising cis women sex workers, no mention is made of Rentboy aiding the nefarious work of sex traffickers. As well, unlike in most sex work raids, no mention is made of anti-trafficking organizations reaching out to supposed “victims.” It is a loud and curious omission given that police find it impossible to talk about sex work at all these days without discussing trafficking.

Edit: Will the bust be the Stonewall of sex work?.

Finding a decade old "

Dan Lyke comments (0)

Finding a decade old ".working.panic.php" file in a directory may be an indication of a broken release process...

Oh. Great. Firefox 39 and Firefox 40.0.2 apparently have different cookie behavior. #FML

Your target audience doesn't exist

Dan Lyke comments (0)

Your target audience doesn't exist, some notes on computer games and gamer demographics, but I think these are useful for marketing in general.

Singing call

Dan Lyke comments (2)

Tuesday August 25th, 2015

OH: Uber, but with "cars that travel on fixed railways" or "cars that can contain a lot of people, but fly to other cities"... Snerk.

Jobs treated like sex work

Dan Lyke comments (0)

RT Somhairle Kelly ‏@Eithin:

You're an artist? You realise by charging for it you're devaluing the beautiful things other people make, right? #jobstreatedlikesexwork

Cthulhu uses a 9 iron

Dan Lyke comments (0)

Ya know, special effects have gotten way too cheap. On the other hand, this might be enough to get me to watch golf:

Dangerous Heels

Dan Lyke comments (0)

SexyCyborg goes Pentesting:

So I devised the Wu Ying Shoes (无影鞋)! - Penetration Testing Platform Heels! "Wu Ying" means “shadowless", the name is from the folk hero Wong Fei Hung’s (黄飞鸿) famous "shadowless kick" (无影脚). Wong Fei Hung is from Foshan, which is my ancestral home as well as the ancestral home of Bruce Lee. As legend has it, to execute the "shadowless kick" Wong would distract his opponent with a punch or upper body move while striking with his foot.

With my shadowless shoes I distract the target with my…upper body and they don’t see the real danger on my feet:-) Also I get tired of English names for everything. If we are ever going to stop copying Western things we should stop copying Western names as well right? So "Wu Ying Shoes".

You can 3d print your own 6" pumps with hidden compartment for router, keylogger and lockpick set...

Monday August 24th, 2015

RT Ash Warner ‏@AlsBoy:

Slightly disturbing design flaw in this Minion body wash

[Minion body wash container, eyes appear to be bleeding.]

Sesame Street

Dan Lyke comments (0)