Thursday September 3rd, 2015
LISTEN PAL IT'S ONLY IMPOSTER SYNDROME IF YOU'RE ACTUALLY SMART
OTHERWISE IT'S CALLED A REALITY CHECK
New York Times: Documents reveal the NSA campaign against encryption. From the documents:
The SIGINT Enabling Project actively engages the US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs. These design changes make the systems in question exploitable through SIGINT collection (e.g., Endpoint, MidPiont, etc.) with foreknowledge of the modification. To the consumer and other adversaries, however, the systems' security remains intact.
Emphasis mine, so that I could call out: Do they believe the bullshit they write? I wonder how many of the exploits that we're discovering have been inserted by the NSA, discovered by the scammers and crackers, and are now our problem?
Among the goals stated for the project for FY2013:
Reach full operating capability for SIGINT access to a major Internet Peer-to-Peer voice and text communications system.
ie: probably Skype. And:
Complete enabling for ■■■■■■■■ encryption chips used in Virtual Private Network and Web encryption devices.
Careful with your hardware VPN devices, kids.
Please note: Per ISO ISO 8601 if it is not formatted like 1994-11-05T08:15:30-05:00 it is not a date, it is just "hanging out"
Calculating RSA private keys from its public counterpart. A nice little walk-through of cracking a short public key.
Pupusas at noon in Santa Rosa, NW corner of Marlow & W. College. "Pupusas at noon" sounds like an old western, don't it?
Wednesday September 2nd, 2015
East 22nd Street north of Ditmas Avenue, where the crash occurred, is a narrow, two-way cul-de-sac lined with apartments. The News said Auguste lived on the block and was known for having a lead foot. A witness said he tried to press the brake, but went 15 to 20 feet before he stopped, an indication that Jadann might be alive today if Auguste had been driving slower.
People in the nearby towns had talked about C for nearly a century, and nothing new could be wilder or more hideous than what they had whispered and hinted years before. Many things had taught them secrecy, and there was now no need to exert pressure on them.
More proof we don't control our web pages. Examples of ISP and network providing MitM-ing the web.
ACLU: Since When Are Consensual Sexual Relationships a Threat to National Security? On the Rentboy.com raids, and the Department of Homeland Security's participation in them.
Relatedly, yesterday I discovered that there are people who un-ironically celebrate J. Edgar Hoover's notion that "justice is incidental to law and order." Shudder
This is fascinating: Nature: AGM2015: Antineutrino Global Map 2015. Go look at the pretty pictures in section 1.
Tuesday September 1st, 2015
Ray Gorman, Lenovo's executive director of external communications, wrote in an email that the device G Data analyzed came from a third-party marketplace. The malware was installed by middlemen, he wrote.
"This is the only such occurrence we have been made aware of," Gorman wrote. "We always recommend customers transact with authorized distribution channels and only accept merchandise that comes in an official box with original factory seals."
We've been having some performance issues with the home network, and I've been thinking about one of the more expensive Microtik routers, because it'll give us some diagnostics, do away with a hub on the home network.
We're currently using a Belkin for the NAT portion of the home network routing. This should change.
Lunch run 4.27 miles, just under 9min/mi. Including a tricky traverse of the wet ditch south of Amy's, and some crossing traffic issues.
Surveys from across the world are now reporting dropping sexual frequencies, more celibate marriages and an increasing gap between male and female sexual desire with even young women reporting loss of sexual interest.
Arndt links to a PDF of an article that she wrote for The Weekend Australian (that, alas, doesn't seem to be available in a more friendly form) which quotes Osmo Kontula:
"Why was there such a decline in intercourse frequency in the 2000s? Theres been a 10 to 15 per cent drop in people of all ages who say theyve had sex in the last week. People are now having less sex than in the early 1970s and the greatest decline has been for young people, those aged 25 to 40."
Kontula looks like he's got some fascinating papers. I'm interested in how this might tie into some of the demographic shifts happening in Japan (that will probably make their way over to the U.S. and Europe of those haven't started happening already)...
Monday August 31st, 2015
Nail biting suspense, gorgeous scenery, human drama, and obsessive climbers relentlessly pursuing a goal: http://www.merufilm.com/
Bug in Visual Studio's git integration made github repos that were supposed to be private public, which expose Amazon credentials, which Bitcoin miners use to spin up a bunch of EC2 instances...
The Whore Next Door: Intimacy and the Law. On various different personal services, and their legality.
We'll see how long it takes for the various bicycle advocacy organizations to catch up, but given that people are still painting door zone "sharrows", I'm not optimistic.
First time running since the training pause before my back injury, circa 2 weeks. A leisurely 2.9mi, 8:50min/mi.
Sunday August 30th, 2015
Down at The Rafael to see Meru, because apparently we don't have enough nail biting terror in our lives right now.
Friday August 28th, 2015
If you bet your ass, are your winnings in more of your ass, or someone else's? Because it's not like ass is a fungible commodity...
"Nobody expects heavy metals in their meals," said Andrew Behar, CEO of As You Sow. "These heavy metals accumulate in the body over time and, since Soylent is marketed as a meal replacement, users may be chronically exposed to lead and cadmium concentrations that exceed California's safe harbor level (for reproductive harm). With stories about Silicon Valley coders sometimes eating three servings a day, this is of very high concern to the health of these tech workers."
Because somehow I ended up as the Foley guy for a local troupe of people playing around with doing radio play dramatic readings: Rain is sizzling bacon, cars are lions roaring: the art of sound in movies
According to the AP lawsuit (PDF), the incident occurred when the FBI was investigating bomb threats made against a high school in Washington State. Hoping to lure out the person behind a MySpace account connected to the threats, FBI agents came up with an elaborate ruse: they constructed a legit-looking webpage with a fake news story under the AP masthead and the headline "Bomb threat at high school downplayed by local police department." Also buried within the site was a script to covertly install a piece of spyware. A link to the story was then sent to the MySpace account in a private message.
Electronicfrontierfoundation.org was not the only domain involved in this attack. It seems to be part of a larger campaign, known as Pawn Storm. The current phase of the Pawn Storm attack campaign started a little over a month ago, and the overall campaign was first identified in an October 2014 report from Trend Micro (PDF). The group behind the attacks is possibly associated with the Russian government and has been active since at least 2007.
Ideas for hanging out with Charlene on Sunday...
- "Trestle Talk" Presentation at the Petaluma Museum
- 9th Annual Greek & Middle Eastern Food Festival at St. George Orthodox Church in Rohnert Park
- Various Exhibits at the Charles Schulz museum
- Whales: Giants of the Deep at the California Academy of Sciences
- Tule Elk at Point Reyes
- Union Square Life: Dance tribute to Michael Jackson
- San Francisco Botanical Garden
- Stranded! Tropical Island Survival, looks like the Conservatory of Flowers is going kind of Gilligan's Island
- Operation Babylift exhibit at the Presidio Officer's Club, about the two thousand Vietnamese babies flown to the U.S. during the fall of Saigon
- Walt Disney Family Museum
Or we could have a leisurely morning, walk down to the Petaluma River Heritage Center, borrow a boat, paddle around for a bit, go walk down to the hot rod show at 4th and Sea...
Dear every search engine: I *always* want the venue web site above the Yelp page. *Always*.
Thursday August 27th, 2015
"OMG! Google and Facebook can sway elections!" <-- Yeah, because the New York Times has historically been *so* responsible on that front.
I love etymology: Netflix and chill: the complete history of a viral sex catchphrase. Although I'd probably have used something other than "viral sex" in that headline...
And in 20 years I'm sure we'll be looking back at "Wanna Netflix?" in the same way that we now look back at "Wanna cyber?"
If 1984 doesn't come to pass, it'll be because Big Brother gets caught up in procurement regulations: Oakland Californian Cops decide to collect less license plate data after 80GB drive got full: Police department unilaterally decides to impose six-month retention policy.. And Windows XP.
Leaving Everywhere. Using real U.S. Census data, generates one of those "why I'm leaving X for Y" letters.
Wednesday August 26th, 2015
Infosec Reactions. Animated gifs for your information security situations.
AT&T Wifi hotspots are injecting ads. Which you probably suspected.
The weekly fruit box has arrived at work. Have decided that "Hardass Peaches" is my new drag name.
Reading the press release, I was immediately struck by its use of rhetoric. Unlike official statements around the crackdowns on Backpage and similar services that are known primarily for advertising cis women sex workers, no mention is made of Rentboy aiding the nefarious work of sex traffickers. As well, unlike in most sex work raids, no mention is made of anti-trafficking organizations reaching out to supposed victims. It is a loud and curious omission given that police find it impossible to talk about sex work at all these days without discussing trafficking.
Finding a decade old ".working.panic.php" file in a directory may be an indication of a broken release process...
Oh. Great. Firefox 39 and Firefox 40.0.2 apparently have different cookie behavior. #FML
Your target audience doesn't exist, some notes on computer games and gamer demographics, but I think these are useful for marketing in general.
My singing call at the Ken Ritucci Caller School student dance in Sunnyvale, Sunday a week ago.
Tuesday August 25th, 2015
OH: Uber, but with "cars that travel on fixed railways" or "cars that can contain a lot of people, but fly to other cities"... Snerk.
You're an artist? You realise by charging for it you're devaluing the beautiful things other people make, right? #jobstreatedlikesexwork
Ya know, special effects have gotten way too cheap. On the other hand, this might be enough to get me to watch golf: http://www.gfycat.com/AgileSaneIrishsetter
So I devised the Wu Ying Shoes (无影鞋)! - Penetration Testing Platform Heels! "Wu Ying" means shadowless", the name is from the folk hero Wong Fei Hungs (黄飞鸿) famous "shadowless kick" (无影脚). Wong Fei Hung is from Foshan, which is my ancestral home as well as the ancestral home of Bruce Lee. As legend has it, to execute the "shadowless kick" Wong would distract his opponent with a punch or upper body move while striking with his foot.
With my shadowless shoes I distract the target with my upper body and they dont see the real danger on my feet:-) Also I get tired of English names for everything. If we are ever going to stop copying Western things we should stop copying Western names as well right? So "Wu Ying Shoes".
Monday August 24th, 2015
Slightly disturbing design flaw in this Minion body wash
node-cobol, COBOL running under NodeJS.