Friday, March 19, 2004
cheese... cake...
NYTimes reviews cheesecake joints in New York; includes a mention of my sentimenal favorite, Eileen's in SoHo, which is down the street from where I lived as an undergrad.
Rumsfeld vs. Rumsfeld
The scary thing is that I actually think Rumsfeld believed that he had never said that phrase. Rumsfeld seems quite capable of doublethink, in the full Orwellian sense.
p.s. While I'm at it, I'll bitch about one of the main reasons I hate plugins --- unlike, say, images or HTML pages, most browsers are not set up to allow you to save plugin content conveniently on your hard disk. You can't right-click and choose "Save as...". I think most people assume this is some kind of technological limitation, and live with it. It's not. Your browser's got the object in memory, and probably even a cached copy on your disk. Browser software with a good user interface would allow uniform, consistent treatment of all objects on a web page --- plugin objects would be "first class citizens", just like images.
Alas, this is not the case. It's a design decision enshrined by Netscape, long ago, in order to give more control to distributors --- maybe the provider of the Flash animation didn't want you to be able to save it --- which sounds fine, until you realize it has the inevitable consequence of taking control away from the user.
To get a copy of Rumsfeld's lie to save for posterity, you have to go exploring in the HTML source, and even then you actually have to look at the XML source of the playlist. Here's the direct URL to the video stream only. (This chops off the navigation wrapper that MoveOn added.)
Labels: politics, republicans, self-deception
Political giving in Manhattan
Monday, March 15, 2004
March Crypto-Gram highlights
It's Crypto-Gram day again...
- Financial institutions responding to identity theft with their usual concern for the customer. Don't use debit cards, and don't use online cash transfers. Use credit instead --- you're better protected from liability.
- Port knocking (Linux Journal article) is a cool new hack for increasing network security.
- Forget the password to some important password-protected thingie lately? Alternatively, need to snoop on friends and lovers who use Windows? Help is available.
Lastly, and for the umpteenth time, Schneier explains why "better" (more centralized, more standardized) identity cards wouldn't make us any safer from terrorism, this time in the context of a recent proposal called V-ID, from journalist/entrepeneur Stephen Brill. The whole article is worth reading, but here are some choice passages:
Trusted people within Choicepoint and V-ID are, of course, a potential problem. Several of the 9/11 terrorists had real Virginia driver's licenses in fake names, issued by dishonest state employees. This system will not be immune to that sort of problem, although I'm sure the creators will take pains to minimize the risk.
I worry about the back-end system. Somewhere there will be a computer that generates the questions, matches identity information with government databases, and generally administers the system. The fingerprint database will be stored somewhere, possibly on every reader. These databases would be vulnerable to attack, from insiders and outsiders.
...
The system is designed to be decentralized, so that someone cannot be tracked through the use of the card. It is an open question as to whether law enforcement could force the company to change that design and use the system to track people. The infrastructure is all there to do that: software on the reader and a communications system between the readers and some central point. Brill has said that it would be impossible, but from his description of the system, that's clearly not true.
...
Brill's plan is that people who have the card get a more lenient security treatment than people without. Call it what you will, but it means that people with the card are more trusted than people without.
The reality is that the existence of the card creates a third, and very dangerous, category: bad guys with the card. Timothy McVeigh would have been able to get one of these cards. The DC sniper and the Unabomber would have been able to get this card. Any terrorist mole who hasn't done anything yet and is being saved for something big would be able to get this card. Some of the 9/11 terrorists would have been able to get this card. These are people who are deemed trustworthy by the system even though they are not.
And even worse, the system lets terrorists test the system beforehand. Imagine you're in a terrorist cell. Twelve of you apply for the card, but only four of you get it. Those four not only have a card that lets them go through the easy line at security checkpoints; they also know that they're not on any terrorist watch lists. Which four do you think will be going on the mission? By "pre-approving" trust, you're building a system that is easier to exploit.
By any serious security analysis, identity cards are not an effective antiterrorism measure. On the other hand, they would be damn handy if you wanted to track the movements and behavior of ordinary Americans for political purposes. Of course, our government would never do that.
UPDATE: More on FBI surveillance of protesters (several large Quicktime files).
Sunday, March 14, 2004
self.shitlist.add(Microsoft)
So it turns out Microsoft helped SCO obtain a loan from Baystar Capital; this confirms (to some extent) allegations in Halloween Document X.
Hard to believe the man had a drug problem
At Kos, DHinMI quotes from a recent Rush Limbaugh show:
We have unnamed world leaders who somehow have reached out to John Kerry and have prayed and have urged him to win. The whole world wants Kerry to win. The fact is, he's probably telling the truth. I'll bet there are a lot of world leaders who would love to have a pacifist, ago knifing intellectual flip-flopping phony baloney, plastic banana, good-time rock 'n' roller in the White House for a change, people like Kim Jong ll, Fidel Castro, Hugo Chavez, Yasser Arafat, Father Aristide, "Baby Doc" Duvalier, Slobodan Milosevic. And I'll tell you who the number one guy, who has no doubt reached out to Kerry - Saddam Hussein.
I'm sure this quote's numerous factually incorrect characterizations have been thoroughly dissected on the Daily Kos comments by now, but I just have to say that this made me burst out laughing. What is a "plastic banana good time rock 'n roller", anyway, and why would Kim Jong Il want one in the White House? Is this some kind of bizarre Andy Warhol/Velvet Underground reference?
Further links on voting machine manufacturers' arrogance
Jeanne summarizes how far we've gotten in the debate on voting machines.
Truthfully, the behavior of Diebold and friends throughout this whole debacle --- lying, obfuscating, and distorting at every turn --- has convinced me that these voting machine companies are untrustworthy as institutions, rendering moot all theoretical arguments about the security of electronic versus paper voting. It hardly matters if somebody could build secure electronic voting machines. These companies --- the ones presently building these machines --- are run by charlatans and incompetents. If I had my way, I'd throw all the bums out, and wait till some other companies got into the business --- companies that I could actually trust.
