cahwyguy | Entries tagged with security

Observation Stew This has been a busy weekend, what with theater, working on the highway pages, cleaning the house, and hunting for a replacement car after my accident. But I do accumulate links, and they need to be cleared out periodically. Before we do, please take a moment and remember those who have given their lives so that we may have the freedoms we have in this country. Despite our flawed political candidates, the flawed presidential selection process, and the divisions created by entrenched political parties, we still have more freedoms in this country than many elsewhere in the world; many have given their lives to protect those freedoms, and to ensure others are free as well.

(pauses for a moment)

Here are the news chum links I’ve accumulated since my last news chum post:

“How to get rid of hum and eliminate other noises from your audio and video systems“. An interesting reference post exploring what causes audio hum and the ways to reduce or eliminate it.
“L.A.’s First Subway Terminal Is Being Resurrected As A Shopping Center“. An area of interest for me is the Pacific Electric. The Subway terminal downtown has never been used to its potential since the first, short, subway went away. Now there is a proposal to make it a shopping mall, incorporating memories of the PE.
“Soon, feds will snoop on your social networks before granting security clearance“. This should be of interest to anyone who currently has a clearance or may need one in the future. Think carefully about what you are putting out there in public posts.
“New method of producing random numbers could improve cybersecurity“. Random numbers are at the heart of most of our cryptographic systems. This article talks about an interesting new method. If proven out, it could drastically improve our security.
“Tape recording was introduced 70 years ago“. I grew up with recording tape, and with making my own tapes of my music. Tapes are still important; just listen to the latest 99% Invisible for a good idea why.
“This guidebook helped African Americans find a hotel along segregation-era Route 66“. Another article on the Green Book and its role in African-American history, and how LA may be preserving its role in that history.
“Confusion over those ‘best by’ dates means lots of wasted food“. If you think that date on your food as an expiration date, think again. Dates on food can have many different meanings; often, they are just suggestions or ploys to make you throw the food away and buy more.
“Green light found to ease the pain of migraine“. I have no idea if this is true, or why. Still, it is intriguing and worthy of exploration.
“Official advice on low-fat diet and cholesterol is wrong, says health charity“. We are learning more and more about how humans works, and why what seems to be common sense isn’t always right. One of those notions was “Eat fat, get fat”. We’re now finding that low fat diets may not help, and avoiding cholesterol might not be the way to prevent heart attacks.
“The Bechdel test, the Ellen Willis test, ALL THE TESTS: or, a handy guide to feminist critiques of narrative” An interesting guide to all those tests out there to determine if what appears diverse really is.
“Psoriasis is a Real (Migraine) Headache“. A very interesting post on the connection between Migraines and various other auto-immune disorders.
“Why scientists are fighting about the origins of Yiddish – and the Jews“. An exploration of the origins of Yiddish, as well as that old canard about Jews originating in Eastern Europe.
“‘Totaled’ Car: Let’s Get This Straight“. A fifteen year old post recently brought to my attention in light of my situation. It explores the options you have, and what you should do, when your insurer says your car is totaled.

Lastly, (a) remember to read and comment on my potential replacement cars (remember the car is for me and how I live, not how you think I should live); (b) remember that the Hollywood Fringe Festival starts Tuesday, and you should pick your shows now; (c) that tickets are now on save for November’s new Faire: Nottingham Festival (no word on Tumbleweed Township tickets yet); and (d) you have the ability to help Spring Awakening be on the Tony Awards.

Share/Bookmark

This entry was originally posted on Observations Along The Road (on cahighways.org) as this entry by cahwyguy. Although you can comment on DW, please make comments on original post at the Wordpress blog using the link below; you can sign in with your LJ, FB, or a myriad of other accounts. There are currently comments on the Wordpress blog. PS: If you see share buttons above, note that they do not work outside of the Wordpress blog.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1837569.html

Observation Stew Note: In case you missed my posts earlier this week, I had one with a collection of articles related to why I decided to support Hillary Clinton; a collection of articles related to food and diet; and a summary of the shows that I’m planning to see at the upcoming Hollywood Fringe Festival. But now it is Saturday, and I’m staring at the list of links I’ve accumulated over the week… and realizing there’s not a coherent theme buried in there. You know what that means — it is time to make News Chum Stew!

Steve Julian. Steve Julian passed away this week, after a short but intense battle with brain cancer. I never met the man, but I listened to him on KPCC and saw his work in and on behalf of the LA Theatre community. A loss for the community at the young age of 57. 57. That’s one year older than me. This comes on the heels of the death of Hope Joffee Rankell, a middle-school friend who pancreatic cancer got at the same age, and on the heels of the death this week of Rick Wisotsky, a camp counselor of mine and all around good person, again from a brain tumor. It makes one think about one’s mortality when one’s contemporaries pass away. Luckily, all three expressed the same philosophy: embrace life, enjoy life, and love those around you while you can. Something worth remembering.
Dress for Success. Mental Floss has a nice summary of 8 rules for dressing appropriately at work. This article basically takes those terms like “business professional”, “business casual”, and such, and breaks them down into what they really mean. Now if someone can just tell me how to dress to work on formal methods.
Thunderbird. This week I had a set of battles with Firefox, and saw increasing news about Firefox losing market share. Just another step in the continuing transition from Netscape to Mozilla to Seamonkey to Firefox. The week also brought news about how Mozilla is trying to offload Thunderbird, their mail client. Mail clients are a pretty mature market, and with the exception of overlying end-to-end encryption (something I explored in my MS Thesis on the subject back in 1985 — yes, 1985), there’s not much innovation needed. It doesn’t bring income to Mozilla, but I hope they find a good home. I’m still a regular Thunderbird user.
Cabrillo Music Theatre. There’s been a lot of publicity about Cabrillo Music Theatre being saved from death, but there is one piece of news that hasn’t been heavily reported: Lewis Wilkenfield is stepping down as Artistic Director after Little Mermaid. We’ve been there all 10 years with him, and we’ll miss his selections and good work. I hope Cabrillo finds an Artistic Director who can move them to bigger and better things, with large audiences and community support.
Spritual Places. Here’s a list of 15 places that are intensely spiritual. Why am I posting this? Because Gindling Hilltop Camp — my summer camp — made the list. I’ll agree. I don’t find God in a sterile synagogue. I find God at camp.
Puff, The Magic Dragon. In case you don’t believe Peter Yarrow (one of the song’s authors) that Puff is not about drugs, perhaps you’ll believe it from the guy that wrote the original poem. What’s neat here is that the guy who wrote Puff went on to invent those 3D glasses for movies.
URL Shorteners and Risk. A big risk these days are URL shortners and email URL redirectors. You have no idea what the real link is behind a URL to know if it is malicious or not. Fear not. Here’s a site that will fetch the underlying URL behind a obfuscating link.
800 Numbers. Have you ever wondered why toll-free numbers start with 800? Perhaps you remember Zenith numbers. Here’s the scoop on toll-free numbers.
Head Transplants. This is pretty unbelievable, and the stuff of science fiction movies. A doctor is ready to perform the first human head transplant, and the patient is willing to go along. If this works, I suggest he contact the GOP.
Red Car Conspiracy. One of my hobbies is transportation and the Red Cars, so I hear the conspiracy theory about LA Transportation all the time. The problem is: it’s not true. Here’s a great summary of the debunking.
ITunes Birthday. Apple’s iTunes turns 13 this week, and a lot of folks find it a pretty ugly teenager. I only use iTunes for my iPod Classic, and find it clunky. But I’m tied to its ecosystem because no one else can handle the ratings, play counts, and smart playlists. I’m also staying away from iTunes 12. iTunes 11 works fine for me.
God Mode Risks. Many years ago, I wrote about how to turn on God Mode on a Windows PC. Alas, it turns out that attackers have figured out how to leverage God Mode to their advantage. Damn.
Pershing Square. They are talking about redesigning Pershing Square downtown. Here are the four proposals. Which one do you like?
Typeface History. Here are the stories behind a number of famous typefaces and how they came about. You can learn why Times New Roman is called “Times”, and the difference between Times Roman and Times New Roman; the problem with the typeface in Titanic, and the lasting influence of Microsoft Bob.
System Security Engineering. Lastly, a great article from the Air Force on the need for system security design.

Share/Bookmark

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1831746.html

Observation Stew First and foremost: to those who observe: May you have a happy Pesach (Passover). May your seder move you in ways that matzah never will. Here’s some accumulated news chum for the week for your Pesach discussions. I promise you they’ve only been thickened with potato starch:

Seders for Christians. If you are like me, you probably we brought up on the belief that Jesus’ Last Supper was a Passover seder. After all, it was a meal with a large group, and Passover occurs around the time of Easter, right? But then again, I’m Jewish. What do I know? But we all should have been suspicious of the “Take this bread” comment. But as a result of this misbelief, Christian groups have been holding their own seders to remember the Last Supper, and Jews have often invited Christian friends to their seders. The Coffee Shop Rabbi has a nice informative piece that sets the record straight: To Christian Friends Coming to Seder. Well worth reading.
Expect to See This on “Wait Wait Don’t Tell Me”: Do you ever read an article online and go: “We’ll see this on Wait Wait?” Here’s an article destined for the show; I could easily see this in the “Bluff the Listener Game”. It is a story about the next advance in the Internet of Things. Here’s the quote describing the item from Slashdot: “Do you worry that your significant other is having mid-day romps in your bedroom while you’re stuck at work banging out TPS reports? There’s an app for that, and a smart mattress with built-in sensors to detect when between-the-sheet activities are taking place, with or without your participation. It’s part of what a mattress company in Spain is calling its “lover detection system.” You can’t make this stuff up. Or maybe you can. You might seriously question whether or not the so-called Smarttress from Durmet is a real thing or an attempt at a viral marketing stunt. By all accounts, it certainly looks real. There are two dozen ultrasonic sensors embedded in the springs of the mattress. These tell-all sensors detect the speed and intensity of motion, how long the mattress has been active, and the history of encounters. That data is used to create a 3D map in real time, which you can view on your mobile device with an app for either iOS or Android devices.“
Expect to See This on “Planet Money”: Then again, there are those articles that you know will show up on Planet Money from NPR, especially after they have already done a podcast on the subject. Hot on the heels of that podcast, which was about how Argentina racked up great debt, and then refused to pay it leaving bondholders in the lurch. Most eventually settled for pennies on the dollar (or whatever the Argentinian equivalent is). Today brings news that, in order to get the black mark of bond default off their record, Argentina is paying off the remaining bondholders in full. So, two questions: (1) If you were a bondholder who settled for bubkis, how would you feel? (2) Given this history, would you lend this money country, or invest in a pension fund that does?
Diversity and Hollywood. In the recent past, I’ve highlighted some very interesting podcasts that have increase my understanding of diversity, including some excellent episodes of both Startup and of Reply All. Here’s another interesting question on diversity: Why does Hollywood keep casting whites in Asian roles? Performance art (theatre, movies, TV) clearly has a diversity problem: both on-stage/before-the-camera and in the unseen creative and production roles. If this country is truly a melting pot, then our creative results should reflect that. But here’s a question as a result: As a result of this, one culture’s expression may become popular with all. How does one balance broad acceptance with cultural approbation? For example, I saw a friend posting about a Color Vibe run. I saw it, and instantly thought of the Holi Hindu color festival. Think about the first item in this chum, about Christians picking up the Seder custom. Cultural approbation? It even occurs at the Seder: look how the idea of the Orange on the Seder Plate was adopted and changed by the male majority.
Cybersecurity Chum. Here are a few cybersecurity items to scare you:
- QR Codes of Death. Windows 10 has updated the blue screen of death to give a QR code with more information about what went wrong. Sounds good, no? But how do you know you can trust that QR code — where will it take you?
- A New DNS Attack. You’ve probably heard about botnets phoning home for command and control via HTTP and web protocols. Here’s a new one: DNS Tunneling. That right: there is a variety of POS malware that ‘phones home’ by using the Domain Name Service protocol that is never blocked. Just use a bit of that extra space on the protocol, and send it to your favorite compromised DNS server.
- Grid Cybersecurity. We can rest easy now that an upgrade is coming to cybersecurity of the power grid. But then again, anything is better than nothing, right? Or is this just another form of security theatre?
Development Chum. Two development related articles: Boyle Heights — a community in Los Angeles that was home to the first synagogue and has a vibrant hispanic life — is battling the attempts to gentrify the community and change its nature. If it happened to DTLA (excuse me, Downtown Los Angeles), it can happen to you. Up in the Bay Area, there has been more success: although the area around the original Mel’s Drive In is being converted to housing, Mel’s will remain.
Behind the Scenes. Two interesting articles that take us behind the scenes. The first looks at the dying life of the film projectionist in the UK. The second takes us behind the scenes of Medieval Times, the faux knights-and-damsels pageant. Both are extremely interesting reads.
Drugs and Brains. Our last article is something I’ve reported on before: how common allergy drugs can create problems for the brain. This is of particular concern: I”m a regular user of benedryl, and have other drugs that affect the head but help the migraines.

Share/Bookmark

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1830604.html

Observation Stew This afternoon, I’ve been spending some time cleaning up. What’s this? A list of links? Let’s write about them before they go stale and rotten (like the plums on the dining room table):

Dancing Around Politics. If you’ve been around LA at all of late, you’ve probably been handed a flyer for the Shen Yun dance troupe, who have been performing at halls across the city. You’ve probably never heard of them. The LA Times had an interesting article on who they really are and who is backing them: they are a touring dance troupe founded in New York by practitioners of Falun Gong, the spiritual practice banned by the Chinese Communist Party in 1999. The party calls it a cult; Falun Gong says the Chinese government is trying to eradicate thousands of years of culture and tradition and that its repression of Shen Yun shows an intolerance of freedom of expression and religion. Indisputably, the dance company — marking its 10th anniversary — has become a cultural phenomenon. That fits with what my wife called the show: religious indoctrination. As the article noted: “Nonetheless, it’s safe to say that the bright costumes and spinning dancers are meant to convey a message. “The Falun Gong has a very well organized, managed and elaborate program of public relations, and Shen Yun is part of that,” said James Tong, a UCLA professor, expert in Chinese politics and author of a book about the Communist Party and Falun Gong. When audiences see Shen Yun, “people want to know more about the Falun Gong.””
Digital Last Wills. Here’s a good reminder article from LastPass about Digital Wills. As they note in the article: “When preparing a will, many of us focus on our monetary and physical assets. But what about social media accounts? Or email addresses? Or the myriad of online accounts we use to manage our lives, every day? Making a “digital will” that includes passwords and other important digital details will go a long way in helping those who need to settle your affairs, or in helping you if you need to settle the affairs of others.” It is an important concern: I know I do my banking via Quicken… would my wife be able to easy pick that up. To inform all those whom I’m friends with online of what is happening with me? To pass off my highway pages somewhere? To handle other online financial accounts?
Upgrading Your Smartphone the Smart Way. Here’s an interesting article on how cell phone companies get you yet again: the upgrade fees if you buy a phone through them. With some, it is cheaper to buy your phone elsewhere, and then just bring it in and have it activated. Useful information to know.
Fighting Blisters. One of the scourges of walking as exercise are blisters. They are the reason I’ve switched to Injinji Toe Socks and Vibram Five Fingers. Too bad I didn’t know about this: there is evidently an easy way to combat blisters: use of surgical paper tape. I’ll have to give it a try one day, especially when the plantars fasciitis is acting up and I need shoes with padding and arch support.
Women in Cybersecurity. As you know, I’m part of ACSA, the sponsoring group behind SWSIS — the schoarship for women studying information security. Here’s a profile about one of our first recipients. I met Jill when she came out to ACSAC; I wish I had known this about her.
High Fidelity. Yesterday was Record Store day, and alas I missed it. But then again, I have enough records for this month. The iPod is at just under 38,000 songs. But here’s a good guide, for Record Store Day, about getting the right equipment to play your records. As for me, I have two turntables (Technics and Sansui), a good JVC amplifier with a phono curve, which feeds into my soundcard and the Roxio tools for recording to MP3 or WAV.
Free, as in Free Gigs. How would you like 2GB of free days for a month or two? Evidently, Verizon has a promotion where if you use Android Pay at three retailers, they’ll give you and extra 2GB for two months. The giveaway is part of a promotion that encourages people to start using Android Pay, which is essentially the Android version of mobile payments. Any Verizon customer with a postpaid plan who has an Android Pay-compatible phone will get 1GB of free data the next time they use Google’s mobile payment platform. Use it another two times, for a total of three separate purchases, and Verizon will throw in another gigabyte of free data.Once you’ve got the data freebie, Verizon says you’ll be able to use it across two billing cycles. The offer ends on June 14.
Mulholland Drive. Lastly, here’s a fascinating history article on Mulholland Drive: its origins and first plans. If you happen to be inspired to drive all of Mulholland — including the dirt portion across the top of the Santa Monicas, keep your eye out for a watch. I lost it there sometime in high school :-).

Share/Bookmark

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1830341.html

userpic=cardboard-safe In advance of the silliness tomorrow, here’s some serious cyber-related news chum:

Ransomware on the Attack. There is a particularly nasty new ransomware out there called Petya. It’s nasty because it encrypts your disk extremely fast. How does it do it? When the ransomware is installed, the master boot record (MBR) is replaced with a malicious loader and the system is then forcefully rebooted. This then causes Windows machines to load the malicious code rather than the operating system. A screen then appears which pretends to be the system tool check disk (CHKDSK) and runs a ‘scan.’ As this fake scan proceeds, Petya is encrypting the Master File Table on the drive. Two tables encrypted, and your drive is toast. What can you do? Of course, be careful on that which you click. Cisco has a good article on detecting ransomware, and Bitdefender has a free tool that supposedly modifies your system so ransomware thinks it is already infected.
Toshiba Batteries: Halt and Catch Fire. If you have a Toshiba laptop (as I do), you should know that there is a major recall in place for Toshiba batteries. It could affect you if you bought your system between 2011 and 2016. Slashdot has a bit more information, including a link to download a program to check your battery. I did. My system is safe.
Windows 10 on the Attack. Last week I provided some advice on how to prevent automatic Windows 10 upgrades. PCWorld has an article on a free utility that will control automatic and unwanted upgrades to Windows 10.
Antisemitic Printer Attacks. Here’s another attack in the news: A White Supremacist group took advantage of unprotected printers on college campuses and made them all print antisemitic flyers.
Unsafe Hospitals. Think your medical equipment is safe. Think again. Nearly 1,500 vulnerabilities have been found in automated medical equipment.
Tracking on Android. On a lighter note, here is some Android software you can use to ~~stalk~~ track your friends. Hopefully it is better than Friendfinder, which I find to be somewhat flakey on Android.
And We Bow our Heads. Lastly, here’s a lament for the hard drive.

Share/Bookmark

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1826556.html

userpic=cardboard-safe Ready for the third course of news chum? This part of the meal is a collection of articles related to cybersecurity:

Help! I’m DROWNing. This week, researchers announced yet another attack against TLS, the protocols used to secure the traffic that you see as HTTPS://. More than 11 million websites and e-mail services protected by the TLS protocol are vulnerable to this low-cost attack that decrypts sensitive communications in a matter of hours and in some cases almost immediately. The attack works against TLS-protected communications that rely on the RSA cryptosystem when the key is exposed even indirectly through SSLv2, a TLS precursor that was retired almost two decades ago because of crippling weaknesses. The vulnerability allows an attacker to decrypt an intercepted TLS connection by repeatedly using SSLv2 to make connections to a server. In the process, the attacker learns a few bits of information about the encryption key each time. While many security experts believed the removal of SSLv2 support from browser and e-mail clients prevented abuse of the legacy protocol, some misconfigured TLS implementations still tacitly support the legacy protocol when an end-user computer specifically requests its use. The most notable implementation subject to such fatal misconfigurations is the OpenSSL cryptographic library.
More Exposure at Berkeley. No, I’m not talking exposure of a student body, but exposure of the student body. The University of California, Berkeley, has admitted to a second data breach which may have exposed the data of 80,000 people to misuse. Current and former students, faculty members and vendors linked to the university are among those who have been warned about the incident, which took place through financial management software which contained a security flaw, allowing an attacker — or group — to access internal services. In total, 57,000 current and former students, including student workers, 10,300 vendors and others — at a ratio of roughly 50 percent of current students and 65 percent of active employees — could have had their information taken.
Dealing with Ransomware. Our biggest worry used to be viruses. Those were the days. Today, the big fear is ransomware — malware you get by a drive-by-download or clicking on a bad link in an email. These attacks encrypt the data on your computer and require you to pay a ransom if you want to have any hope of decrypting it. Here’s a reasonably good PCWORLD article with somethings you can do to prevent attacks. As usual, it boils down to the 4 “E”s: Use the engineering in your system to stop attacks by having a good always-on malware and dangerous site scanner; have usage policies and enforce them about not clicking on links, using non administrative accounts, etc.; educate your users on what to look for, and what not to do; and plan for emergency services by having a external disk backup that is not always connected using a reliable back tool.
Dealing with Requests. This article from ComputerWorld explains what really is at risk in the Apple vs FBI fight. The issue is not encryption or encryption backdoors. The FBI is not trying to break the encryption on the phone. They are trying to unlock the phone, which will decrypt it. To find that key they need to do a brute force attack; to do that attack, they can’t have the system wipe the phone after 10 failures. So what they want Apple to do is put up a special signed software update that the phone will automatically install that will remove the limit. In other words, this request is to force Apple to put up an untrustworthy software update that weakens the phone. That’s the precedent that Apple does not want to set. In particular, such an update can’t be limited to just one phone, and if a faked update can get out, then the entire spider-web of automatic software updates becomes untrustworthy. If it becomes untrustworthy, people won’t automatically install updates, and that will result in known holes being unpatched, which means weaker systems.

Share/Bookmark

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1822807.html

Observation Stew ’tis the weekend, and that means it is time to clear out the accumulated links that didn’t them… well, at least those I remembered to send back home from work. In the spirit of the day, feel free to share these stories with your sweetie.

A Yiddish Date. Let’s start things with something fun for the day. If you haven’t seen the Yidlife Video linked in this post yet, go watch it. It is hilarious. Plus, it stars Mayim Bialik.
Nobel Drama in Trouble. The Nobel Middle School drama program is in trouble, falling victim to a parent complaint and district policies that dictate, at the Middle School level, that activities can’t select based on skill level. Thank you to Colin at Bitter Lemons for spreading the word about this beyond the school community to the theatre community in Southern California.
Congratulations to Van Nuys HS. Ever since my daughter was part of the Van Nuys Academic Decathalon team, I’ve silently cheered them on against the nation’s leader, Granada Hills HS. So congratulations to Granada for winning at the LA level and going to state, but even more congratulations to the other high schools the district is sending: Marshall, which finished second; Franklin, which finished third; El Camino Real; Garfield; Bell; Van Nuys; Grant; Narbonne; Hamilton; North Hollywood; and, for the first time, Cleveland and Lincoln. It is a lot of hard work by a lot of good kids.
A Nigerian Needs Your Help. At the ACSAC conference, we presented the Nigerian Spam Scam Scam, a story about how Dean Cameron led on Nigerian spammers to get money out of them. Well, it appears another Nigerian needs our help: this one is lost in space unless you provide the funds to bring him back. What I found most interesting here was the email address used: XXXX@nasrda.gov.ng . At the conference, we actually had a Nigerian senator in the audience, and even he was using a Hotmail address because the Nigerian government infrastructure wasn’t set up. Note that here we have a .gov.ng address. Very interesting.
Kickstarters Makes Good. Two Kickstarters we’ve supported have made the LA media. The first, which we knew as Smash Cup but is now called StoJo, is a collapsible reusable coffee cup that got written up in the LA Times Gear section. The second kickstarter is Game Haus Cafe, a wonderful board gaming cafe that got a nice piece from KCET’s SoCal Connected. They only made one error: the problem with the place is not finding a seat, but finding parking.
Theatre Podcasts. Here’s an interesting announcement from The Folio Group, which has brought together a number of theatre podcasts into a collective, including two that I listen to: the Ensemblist and Theater People. I do find it interesting that they did not get The Producer’s Perspective or Broadway Bullet to be part of their collective.
Undercover Boss. One of the shows I enjoy watching is Undercover Boss, although I do find it odd that only a few select people win the largess lottery. Here’s an interesting article on the show from one of the bosses from a recent episode.
Changes in the Archie Universe. Whereas comic books in the past tended not to push the bounds, today’s comic books reflect society. Surprisingly, one of the ones at the edge is Archie, which once was the whitest of the white breads. Riverdale has added gay characters, and now Jughead has come out as asexual. This is good: the asexuals are a group that society doesn’t understand, and attempts to force into mold that just doesn’t fit them.
The Feathers are Gone. The last Showgirl show in Las Vegas has ended. Jubilee, at Bally’s has closed its 35 year run, leaving the strip devoid of shows with the traditional Las Vegas showgirl. Will the era ever return?
Crumbling Presidents. 43 Presidential Heads are decaying in a field in Virginia. I view the images as a pictorial commentary on the state of our politics, and of the respect we show for our leaders.

Share/Bookmark

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1819740.html

Observation Stew For some, this is the start of a 3 day weekend; for others, just the normal weekend craziness. Whichever it is, it’s been a busy week. I’ve been accumulating a lot of articles of interest, but none of them have themed into groups of three, or proved to be the start of a single-subject rant. So let’s toss them into the crock-pot of discussion, and see if we can at least come up with a thread to connect each to the next:

CSI: Cyber Under the Microscope. I miss the mothership of CSI:, although it had gotten a bit predictable towards the end. It’s current lovechild, CSI: Cyber, is just wrong. For someone who works in cyber, however, I can’t keep my eyes off of it. On one hand, it does do a good job of educating the public of some of the threats that are out there. This is a good thing. What’s bad is how they do it: usually by amping the FUD (Fear, Uncertainty, Distrust) and using techniques that aren’t to the level they show. Last week’s show with the air traffic control system is a great example, and Ars Technica rips it to shreds.
Ripping Apart Los Angeles. Speaking of ripping things to shreds, let’s look at how Los Angeles has been rippped apart. I love Los Angeles history, and so a recent article from KCET caught my eye. It explored how Orange County split off from Los Angeles. The southern part of the state used to be divided into just a few very large counties: San Diego, Los Angeles, Santa Barbara, Mariposa. Over time the split, with Los Angeles giving birth to Kern, San Bernardino, Riverside, and Orange. This article explores the last split, which created the “orange curtain”.
Los Angeles History Podcast. Speaking of Los Angeles: By the way, if you like Los Angeles, Boing Boing just highlighted a really interesting podcast on LA History. I’ve listened to a few episodes, and it is really good.
History of the 3.5mm Plug. Speaking of History: History is fascinating. Sometimes you use something every day, and you don’t realize how old it is. Take, for example, the 3.5mm plug you use for your headphones. The history of that plug goes back to 1878 and the quarter-inch plug (6.35mm). It was originally designed for use by operators in old-fashioned telephone switchboards, plugging and unplugging connections. They needed secure connections that could be easily inserted and removed.
iPhone 7 Rumors. Speaking of 3.5mm connectors: The interest in the 3.5mm connectors comes from the fact that Apple now wants to get rid of the plug in the iPhone 7. PS: There’s also a rumor they will take the iPhone 7 to 256GB, but I’m not sure that’s much greater than the 160GB classic, given the requisite app storage, photos, and other crap that memory shares space with. Still, it might entice the remaining classic audience.
Unlocking the Moto X. Speaking of phones, news came out this week that Lenovo was dropping the Motorola name and moving to using just Moto and Lenovo. Moto used to be a great phone to have, because they kept is updated. That promise isn’t always kept, and so Motorola is offering a bootloader so you can unlock your Verizon Moto X 2014-generation, and update the OS. I’m not sure I’m going to do it.
Name Changes. Speaking of name changes, here are two more of interest. GE is selling their appliance business to the Chinese company Haier. Supposedly, they will still market under the GM name. Also in the news is Yosemite National Park, which is proposing changing the name of many historic lodges and areas because of a trademark dispute with a prior concessionaire. This one is really exciting the public, who are up in arms about a private company claiming they own the rights to “Curry Village” or “Ahwanee”. The trademark dispute is an example of ancillary damage: the result of a contract that included intellectual property.
Ancillary Damage. Speaking of ancillary damage: In all these well publicized crimes on the internet, we think a lot about the victims and the people that committed the crime. We don’t think about the ancillary damage: the damage to the family of the criminal. Here’s a great example of that: a woman whose husband (unbeknowst to her) went out and raped two other women. He was convicted, but her life was destroyed.
Fighting Back. The author in the previous link fought back, and speaking of fighting back, let’s look at a new honeybee technique: biting back. Keeping honeybees healthy has become a challenge for beekeepers. One main reason is a threat that has been wiping out bees since the late 1980s: the varroa mite: a new breed of honeybee that bites the legs off of the mites. This is part of a larger breeding technique to create bees that will survive.
Broccoli and Dogs. Speaking of breeding programs, have you ever realized that broccoli is a dog? I learned this listening to the latest Surprisingly Awesome podcast, which was about broccoli. I learned that broccoli, cauliflower, all the kales, all the collard greens, brussel sprouts, all the cabbages, and kohlrabi are actually the same species of plant, just bred for different characteristics.
Viewing Fat Differently. Speaking of science and food, this weeks Science Friday had an interesting discussion about why we need body fat. It talked about how fat is an organ, the purposes that it serves, and most importantly, how we might just need to retrain our body so it doesn’t think it needs to store the energy in fat.
The Gut Microbiome. Speaking of diets, more and more information is coming out about the gut microbiome. New research is showing how our western diets (with all our junk and processed foods) are destroying our gut microbiomes, potentially in non-recoverable ways.
Science Games. Speaking of destroying things and science, here’s an interesting quickie (and read the comments for more): using the periodic table to play battleship.
The Dragon Cancer. Speaking of games, I’ve been reading a lot of reviews of a new videogame: That Dragon Cancer. The Reply All podcast recently had a fascinating episode on the origins of that game.
Science Themes Stamps. The game That Dragon Cancer serves as a memorial to a lost child, and speaking of memories: commemorative stamps serve to memorialize and celebrate things. This year is seeing the release of lots of stamp remembering the successes of the space exploration program. Cool.
Weather Apps. Speaking of cool (I didn’t say these would always be strong connections 😏 ), here’s a list of some good Android weather applications.
Windows 10 Nagware. Speaking of weather, I’m sure some of you are debating whether to move to Windows 10. Perhaps you think it is all wet. Perhaps you’re just tired of the nagware. Although Microsoft is pushing Windows 10 on more and more users, this week brought information on how to finally turn off the Windows 10 nagware window (and also here).

Lastly, I’m sure you think I’m crazy in the head for trying to thread all these disparate articles together. Speaking of crazy in the head: how’s this for a headline: “Doctors dismissed his pain as migraines. Then they said he had 24 hours to live.” Did that get your attention? It got mine. The connected article was about something I mentioned last week: undetected subdural hematomas. Scary.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1814472.html

userpic=cyborg It’s been a busy week both at work and at home. Articles have been accumulating, but there are a few theme groupings to get out of the way before we get into the stew. So, for an appetizer, here’s a collection of interesting articles dealing with computer related news chum:

Microsoft Continues the Push to Win10. Microsoft is continuing its push to get everyone to upgrade to Windows 10 (ref: “I Think I’ll Wait to Wash the Windows“). The latest salvo is a warning from Microsoft that Windows 7 is unsafe. What do they mean by that? Here’s the answer, from the horses, umm, mouth:
Speaking to Windows Weekly, Microsoft Marketing chief Chris Capossela explained that users who choose Windows 7 do so “at your own risk, at your own peril” and he revealed Microsoft has concerns about its future software and hardware compatibility, security and more. “We do worry when people are running an operating system that’s 10 years old that the next printer they buy isn’t going to work well, or they buy a new game, they buy Fallout 4, a very popular game, and it doesn’t work on a bunch of older machines,” Capossela stated.

The real meaning came out in his next sentence, where he stressed it is “so incredibly important to try to end the fragmentation of the Windows install base” and to get users to a “safer place”. Translation: They want everyone on Windows 10 so they can control the ecosystem and have that captive market like Apple has.
When You Need to Upgrade Windows. There is a time that you really must upgrade your windows: If you are running the original Windows 8, not Windows 8.1. If you don’t upgrade original Windows 8 to 8.1 or 10, security patches stop this week. Security patches are critical. The problem is that Microsoft doesn’t make the upgrade easy, hiding it in the Windows Store. Here’s how to install the Windows 8.1 upgrade. To help you more, here’s a tutorial.
Deprecating Old Internet Explorer. Here’s another push to get you to upgrade: Microsoft has stopped support of older versions of IE except the latest for each supported OS. Beginning next Tuesday, January 12, Microsoft will officially retire Internet Explorer versions 8, 9, and 10 for most Windows operating systems, according to a Microsoft support page. Internet Explorer 11 will be the only officially supported version of the browser for Windows 7, 8.1, and 10. The only exception will be Windows Vista users, who will stick with Internet Explorer 9. Vista’s mainstream support ended more than a year before IE11 rolled out. The unpopular OS is almost up for retirement anyway. It reaches the end of its extended support phase in April 2017. After that, Vista will be unsupported just like Windows XP.
Lastpass Upgrade. This week, Lastpass announced an upgrade to Version 4.0. Even though Password Managers have some risk, I still recommend them. They move you to using longer and more complex passwords, but store them in such a way that they can’t be easily exploited. There are visual candy upgrades, but the most important thing is a new feature: Emergency Access. This lets users designate trusted family, friends or colleagues to have access to their password vault in the case of an emergency. They’ve also improved the Sharing Center. The new LastPass Sharing Center is one central location that allows users to easily manage and share passwords in a secure, encrypted way. Whether partners need to share logins for the mortgage and paying bills, or aging parents need to share important logins with their family, the Sharing Center keeps the passwords in sync for everyone. Users can manage who has access to shared accounts and have the option to remove access at any point. Alas, I’m still waiting for them to update my Firefox plug in.
Facebook News Feed. Here’s a really interesting, but long, article on how the Facebook news feed algorithm works and how you can manipulate it. I still miss the days of Livejournal, where I could easily catch up chronologically with what all my friends were doing. I can see Facebook’s problem with doing that as the number of status updates and shares, combined with the number of friends, has grown exponentially. Really an interesting read.
Internet of Things. Do you really need that connected refrigerator? Here are two great articles that make clear the cybersecurity risks of the Internet of Things.
The first talks about how as the IoT grows, security is being left in the dust. It is like the early days of the Internet. At its fundamental level, the Internet of Things (IoT) are devices that connect to the internet. They can be anything from data-guzzling devices that monitor your physical activity, smart thermostats that monitor the outside air and adjust your home temperature accordingly, or appliances that can think on their own and order groceries while you’re at work. The problem: all too often, device manufacturers have the same problem: they’re thinking too much about the product, and not enough about security. Once an adversary gets a toehold in your network onto an IoT device, it can then exploit its trusted access to do things even more nefarious.

Like what, you ask. Here’s where the second article comes into play. Consider ransomware in the IoT. Since anything with a computer for a brain and an Internet connection is vulnerable to a virus, hackers with lofty ambitions can go after a wide range of devices. Conjure up that laundry list of “Internet of Things” gadgets: smartphones, fitness bands, smartwatches, fridges and ovens, smart locks, thermostats. Imagine your phone refusing to work when you need it, your refrigerator threatening to defrost your food, your house refusing to heat or cool, your smart locks refusing to let you into your house… or letting someone else in. As opposed to disabling attacks, the ransomware attack threat is only going to continue to grow… especially as it can lie latent until triggered.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1812267.html

userpic=turkey,turkeys Thanksgiving is over, and I’m sure you’re wondering what you’re going to do with the leftover: the drips and dregs of turkey links. You’ve had it to here with sandwiches, and aren’t in the mood for stew. How about some news chum tetrazzini?

Squashing It. Let’s start with some food: winter squash, to be specific. All squashes are not the same, and here’s how to know when a squash is at its best. Acorn, butternut and Hubbard squash — just a few of the season’s delights — fill different culinary niches. And, although they’re all typically picked within a month or so of each other in early fall, the optimal moment to eat them can differ quite a bit.
The Writing on the Walls. Here’s an interesting exploration of the meaning of the writing on latrine walls in the military. Quoting a paragraph in the article: «Superficially at least, the latrinalia resembled a YouTube comments section. There were the wild accusations of servicemen with vague vendettas: “Cpt. Franklin is a pussy and doesn’t give a shit about you.” There were sweeping political pronouncements: “Kill all politicians.” Misattributed appeals to authority in defense of ill-defined ideologies: “Only the dead have seen the end of war. —Homer.” And of course, there was the passionate, ongoing discourse between the “FTA,” or “Fuck the Army,” crowd, and those who rushed to the loyal defense of their beloved institution: “You’re a pussy.”»
Alexander Who?. The talk of Broadway this fall is Hamilton, the hip-hop Broadway musical about the life of Alexander Hamilton. It’s got surprising traction, but doesn’t tell the whole story. Here’s what you’re missing by only listening to the show.
Theatre Rules. Another theatre article (alas, I didn’t get to the magic three) that covers 8 rules that every theatre person should know. I knew many of these, but didn’t know the origins of them. For example, “breaking a leg” is not a wish for bad luck, and not whistling is for your safety.
He said, Sheepishly Here’s one I couldn’t make up if I tried: There’s an Austrian shepard who sings Yiddish to the Syrian refugees that he rescues. This shepard drives them through dirt-paved roads to his home in Austria, a remote cabin in the woods without running water. His risks could land in him in jail, but he clearly believes it’s worth the reward. It’s personal. His Jewish father fled to Britain before World War II, escaping persecution. He draws comparisons between his father’s plight, like the plight of so many Jews during Nazi rule in Europe. “It makes me cry again and again if I think of my father, of his situation, and of other immigrants–and I put it together with these people.”
Password Managers. I’m a password manager convert. I used to write them down in 4pt type and keep them in my wallet, but a password manager has made it easy to make my passwords stronger, with better protection of the passwords. Still, there are flaws in password managers, such as Lastpass, which I use. But I still use it. Why? This article says it all: “There is no bug-free software and any future research on other password managers would likely have similar results,” wrote the researchers. In the case of Lastpass, they responded by fixing the issued, and implementing new security measures in response to the research. No approach is perfect — the goal is to reduce risk. Another security researcher recently showed that it was possible to steal the user passwords from another manager, KeePass, which doesn’t upload anything to the cloud. Remember: Any password manager is safer than the current password practices used by most folks.
A Migraine Game. The latest new game round up from BoardGameGeek had me intrigued with the first item: “Let’s start with Hannah Shaffer‘s 14 Days, which bears the subtitle “A Game About Life With Migraines” and which originated from the designer’s own experience: “I didn’t know how to talk to the people around me about how migraines were impacting my life. This game exists to help break through some of the silence and stigma around migraines, as well as other types of chronic pain.” 14 Days was funded on Kickstarter in July 2015 and due out before the end of 2015.” I contacted Hannah: you can preorder either a box or a PDF version now. The game intrigues me; I’m curious about the game play. I may order the PDF version, or wait for some reviews. It may be a good way to explain chronic pain.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1805796.html

userpic=cardboard-safe Figured I’d continue with my song lyrics. I’m sure no-one knows where that lyrics is from, but you can hear a snippet here. Today’s news chum post has to do with computers, and in particular, cybersecurity and its impacts. Well, with one exception.

Avast Security. This first link is more for my reference. Amongst the free antivirus products out there, I’ve been using Avast for years, supplemented when needed by Malwarebytes and Spybot Search and Destroy. Here’s a nice writeup of the current Avast suite.
Amazon Security. Here are two good articles on how to enable two-factor authentication for Amazon: The Verge, PC World. In general, you should enable two-factor authentication whereever you can. P.S.: The Google Authenticator app (Android, iTunes) or Authy is another great way to support two-factor. If you use Google Authenticator, here’s how to move it to a new phone. Here’s a list of who supports Two Factor Authentication.
Securing Lastpass. I’ve also grown to really like password managers, although they do have a few risks (what doesn’t). Here’s a new blog article on how to enable some additional protections if you use Lastpass. Hint: Use two-factor authentication.
The Risk of Ransomware. Here’s a good summary of ransomware out there, and what you can do to protect yourself. The best answer: Get a good backup program (I recommend Acronis), and backup to a USB drive that you connect only during the backup. Backing up to the cloud is second best, because if you sync to the cloud, you might just sync encrypted versions over the good files.
Mainframe Security. When I got started in computers, I was working on mainframes. I remember the IBM 360/91 well. Now it is the Z/Series, and other friends work on them. Here’s a good article on mainframe security.
Freeze Right There. Here’s a good article from Brian Krebs where he recommends always enabling a security freeze. As he notes: “credit monitoring services do little if anything to stop thieves from stealing your identity. The best you can hope for from these services is that they will alert you when a thief opens or tries to open a new line of credit in your name. But with a “security freeze” on your credit file at the four major credit bureaus, creditors won’t even be able to look at your file in order to grant that phony new line of credit to ID thieves.”
Wasting Time. Here’s a non-security article, unless you’re talking an availability attack: The History of Windows Solitaire.
Seeing The Light. Here’s an article about why staring at a screen before bed is bad for you — i.e., the problems with blue light. I’ve seen many articles in addition to this recommending f.lux, so I tried it. I’m sorry. I just couldn’t stand the color change and the impact on scrolling. YMMV.

But online I don’t drive in a shy way, in my big rig on the Information Superhighway….

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1803080.html

userpic=masks Boo!

Are you scared yet? You might be after reading this collection of news chum:

From The Sexy Nurse. You’ve seen them everywhere: the “Sexy” (insert your noun here) costumes. I wrote about some of them recently. You probably don’t know about the company that made them, though. Leg Avenue. It was going with shorter skirts that transformed Leg Avenue from a small company that made leggings and lingerie into a dominant force in the Halloween costume business. How, by bringing in the “sexy”.
The Cars Have Ears. Back when I was in high school, I had a friend who liked to wrap his head in aluminum foil to avoid the radiation from the aliens. Don’t know whatever became of him. But aluminum foil — is still useful for wrapping things. For example, this article recommends that you wrap your car keys in aluminium foil. Why? Your car is always listening. Not for your voice, like the Amazon Echo or Siri, but for an electronic signal, such as the coded “unlock” signal from your electronic key fob. If it’s a newer car model, you might not have to press any buttons; just approach your car and the doors will unlock automatically. In some cars, the engine will even turn on. If someone can copy and duplicate that signal, who needs the physical key? Scared yet?
First, Vocal Fry. Now NPR Voice. A while back, everyone was in a panic because vocal fry was everywhere. Be scared again. This time, it is NPR voice. This is a characteristic of NPR and many podcast announcers that derive from NPR. In NPR voice, in addition to looser language, the speaker generously employs pauses and, particularly at the end of sentences, emphatic inflection. A result is the suggestion of spontaneous speech and unadulterated emotion. The irony is that such presentations are highly rehearsed, with each caesura calculated and every syllable stressed in advance.
What Happens To My Accounts When I Die? The answer, if you don’t do anything, is that they become zombie accounts, alive but with no life behind them. How to prevent this? Make sure you share your password with someone you trust. Ideally, collect your passwords in a password manager, and store the password to that account in a safe place (such as with your spouse, in her password manager, while you store hers). Leave them in escrow with your lawyer. Put them in the pantry with your cupcakes. Oops, wrong song.
Your Friendships Will Change. One side effect of getting older is that your friendships change. All those close friends from childhood. Most are different than your adult friends. I think I have, perhaps, one close friend from elementary school days, with a few more on the acquaintance side. I have perhaps a handful from High School. Here’s the explanation of why friendships change when you become an adult.
Will You Die of A Heart Attack? You probably have a better chance not to die thanks to the contributions of Dr. Walter S. Graf, who died this week. Graf was a cardiologist who who helped establish the modern system of paramedic emergency care. Alarmed by high death rates and encouraged by new technology, a small group of pioneering physicians started equipping ambulances with defibrillators and paramedics who knew how to use them. Graf was former chief of staff for the Daniel Freeman Hospital. In the 1960s, he established what was thought to be the West Coast’s first dedicated coronary care units there and later created the groundbreaking Daniel Freeman Paramedic Training Program. In 1999, it merged with the UCLA Center for Prehospital Care. In 1969, Graf, who was then president of the Los Angeles chapter of the American Heart Assn., converted a white Chevy van into a “mobile critical care unit.” How much of an influence was it? Consider that the TV series Emergency started in 1972, a mere 3 years after Graf created the idea.
Scared About Running Out of Water. Ever hear that old adage “water, water, everywhere but not a drop to drink.”? Scientists have discovered a gigantic ocean of water 400 miles towards the center of the earth. It could fill our oceans 3 times over. The problem: You can’t just drill down and get it. But due to it, we have our oceans.
Satellites Falling from the Sky? First there was Skylab. A really big thing to fall from the sky. Then more and more. Now we have smallsats and cubesats… and according to this article, thumbsats. A “ThumbSat” is controlled by a tiny circuit board and carries an experiment that is just 48 mm x 48 mm x 32 mm across at most and weighing around 25 grams (0.055lb). The mission is cheap — about $20,000 US for an experiment — it will only last about eight to 10 weeks in orbit. This is long enough to do some science, but short enough to carry just a tiny battery. The payload is designed to be in a low enough orbit to burn up harmlessly in the atmosphere shortly after finishing, to avoid becoming space junk.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1799367.html

userpic=im-with-stupid The process of clearing out the accumulated links continues, although I’m getting close to caught up. This groupa-three deals with some unintended consequences:

Unintended Consequences of High Definition. Bloomberg has an interesting article about how the growth of high-definition video has made the prop master’s job harder. Simply put: the detail now visible means that props have to be stunningly believable, although that can create problems with things like realistic fake money. Wood has to look like wood, not plastic. Words on printed items need to be sensical. Logos of products need to be believable. What used to be visibility to a 2″ circle is now down to a ⅛” circle. Dust, dirt, and paint chips are visible.
Unintended Consequences of Answering Your Phone. Have you ever gotten a phone call, answered it, and … nothing. NPR explains how this simple act of answering your phone can be the start of phone fraud. This is how fraudsters determine there is a human on the other end and the number is a valid number. From there, it escalates…
Unintended Consequences of Conserving Water. The LA Times has an article about how all the water saving during the drought is creating a big problem. Sanitation districts are yanking tree roots out of manholes and stepping up maintenance on their pipes to prevent corrosion and the spread of odors. And when people use less potable water, officials say, there’s less wastewater available to recycle. Water suppliers, meanwhile, say the dramatic decrease in consumption has created multimillion-dollar revenue shortfalls. Shorter showers, more efficient toilets and other reductions in indoor water usage have meant less wastewater flowing through sewer pipes, sanitation officials say. With less flow to flush the solids down the system, those solids are collecting and can eventually damage pipes. [I’ll note there are similar problems with power districts as people move to self-generated solar: suddenly, they don’t have the revenue to pay for all their power plants.]

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1788914.html

userpic=verizon In my continuing quest to work down the saved links, here are a collection of links associated by the fact that (a) they are related to technology (and perhaps cybersecurity), and (b) they were interesting to me. Note also that I’ve added some links to my post on Windows 10.

Let’s start with everyone’s favorite operating system, Android. Here are some Android related articles:

5 tips to make your Android phone run faster, longer. Most of these are common sense, but still they are useful.
Android Stagefright. A number of articles related to Stagefright. First, Kapersky has a wonderful summary of the problem and all the attempts to repair it. Motorola has promised a swift fix, but as I’m still waiting for Lollipop on my Moto X… So what to do? This post from Kapersky gives a great suggestion: turn off auto-prefetch of MMS messages.
Lastpass for Free on Android. Ever since I’ve switched to a password manager, I’ve been loving it. My passwords have gotten stronger, and I don’t have to remember or write down loads of stuff. The best Password Manager I’ve found out there is Lastpass. They used to be free on the PC, and you paid for your phone. Great News. Lastpass is now free for the first device you put it on; you pay for multiple devices. So what are you waiting for?
Lockscreen Patterns are Insecure. Here’s another Kapersky article on why lockscreen patterns (as opposed to passwords) are insecure: they are too predictable.

Let’s now look at Windows and other software:

Evernote. Evernote is a wonderful note-keeping software than runs on your phone and your PC. Here’s how to make it more secure.
Libre Office. I think in the battle of Free Office Suites, LibreOffice has won. Here’s an interesting article from a LibreOffice developer on the lesson’s learned from its success. [ETA: And if you still use OpenOffice, here’s why you should ditch it and move to LibreOffice]
Firefox. Although Firefox has improved greatly, it still sneaks in stuff. In this case, it is prefetching (or at least, pre-building the TCP connection) when you hover over links. Here’s how to stop the behavior.
Thunderbird. No article here, just some shared experience. We recently switched over to Office 365 and Exchange 365 at work. In the Lotus Notes era, I was lucky enough to have a Notes IMAP server, and happily used Thunderbird. It was a pain for calendar entries, however, saving the ical file and reloading it into Google Calendar. Here are some things that make my life easier — perhaps they will help yours. First, install the Exquilla Plug In. It is $10 a year, and allows Thunderbird to talk Microsoft Exchange. You’ll need the Outlook Web Address, and you’ll need to make the change in the URL they show. Next, at least temporarily, install the Manually Sort Folders extension. This allows you to move your Exchange account to the top and set it as the default. You can disable it when done. You should be prompted to turn on the Lighting calendar. After you have done so, add the addon Provider for Google Calendar. You can now add a new calendar and link it it to your Google Calendar. Remember to synchronize whenever you start up Thunderbird. Although you can’t accept events directly into the Google Calendar, you can accept them into your local calendar, and then drag them to Google. [EDITED TO ADD: An Update: Nevermind. This seemed to be working at work… until it wasn’t. There appears to be an interaction between Lightning and Thunderbird that causes it to (a) keep losing the folder pane, and then (b) keep crashing on startup. I had to disable Lightning and the Google Calendar Provider. Sigh.]

One last useful article: What to do when a CD or DVD is stuck in the drive.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1784189.html

userpic=soapbox Reading the news over lunch the last few days has been very upsetting. I’ve read articles about trophy game in Africa, potential underage sex, anti-abortion activists, and much more. What has been upsetting me most, however, is not the ostensible subjects of the articles — the killing of animals, the sex, and such. What is upsetting me — and what is prompting me to climb up on my soapbox and write this article over lunch — is the way that the Internet is turning people into cyberbullies, cybervigilantes, and cybermobs.

Let’s take the case of the dentist, Walter Palmer, who admits to shooting a lion with a bow and arrow. Long before he has had his day in a court of law, where it would be determined if he actually violated the law, his personal information was placed on the Internet. He has received death threats; his practice has been harassed and shut down. This has impacted not only Palmer, but his employees, his family, and his patients — none of whom are guilty of any crime. It has gone beyond Palmer. Even different dentists who happen to share the same last name are being harassed and threatened. Other game hunters — who hunted legally — are being harassed.

We’ve seen this happen in numerous other areas. Consider Jared of Subway fame. Claims have been made, and even before they are investigated, there is harassment. This harassment has extended to Subway franchises, who have done nothing other than try to run a business. It is even true in the case of Bill Cosby. I’m not trying to say that Cosby is innocent. But displays of African Art collected by Cosby are being boycotted — this doesn’t benefit Cosby at all, and financially hurts the art institution that was viewing the items as art.

Growing up, we all read books like The Ox-Bow Incident, where we learned about the dangers of vigilante or mob justice. We work to teach our children that cyberbullying is wrong. Yet on the Internet, we participate in it. There are people who troll comment forums, attacking anyone who expresses an opinion they disagree with. There are people who dox other people, disclosing home addresses and phone numbers to permit personal harassment and threats and expansion to family members. There are people that organizes attacks on businesses they do not like. There are people that go undercover and illegally film events, to disclose identities that put people at risk. These people are all, essentially, taking the law into their own hands.

I’m not trying to argue that Cosby’s actions, or Palmer’s actions or whomever’s actions are right. I’m saying that the Internet is not the place to try them. They need to be judged in a court of law, against the laws that are on the books, not someone’s personal moral code. If you don’t like the law, get the lawmakers to change the law. But we are a civilized society, and we do not take the law into our own hands. That means no trials in the court of public opinion, no sharing of rumors and heresay on the Internet, no doxing, no online harassment, no trolling, no cyberbullying. We — as a society — are better than that.

I shall now climb off my soapbox. That feels better.

P.S. If you are kid / teen facing a cyberbully, here’s some good advice on what to do.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1782795.html

Observation Stew It’s Saturday, and it’s been a busy couple of weeks. Time to clean out the accumulated links. Before I do, however, here’s a reminder link: If you are a Windows user and comtemplating upgrading to Windows 10, you should read my summary post about why I’m waiting, and what I want to remember when I finally do. On to the stew:

Theatre Etiquette. Every since Patti LuPone went into the audience and grabbed a cell phone, how to behave in the theatre has been in the news. In fact, Ms. LuPone has posted an interesting article on her five rules of theatre etiquette — all of which I agree with. There’s also been an interesting article on the prevalence of smart phones in the theatre, which raises the question of why you come to the theatre anyway. The debate goes on and on. Lastly, and I don’t have an article on this one, there’s been a growing discussion on whether Ms. LuPone was right or wrong in what she did: that is, should an actor confront a patron who is using a cell phone? A growing number of people are pointing out that doing that is not the job of the actor — it is the job of the house manager or management-on-site. The actor should pass the word to management to get the situation corrected. I agree with this. P.S.: Just remember this: you are much safer going to live theatre than you are going to a movie (unless you’re an actor). The last time there was an active shooter in a live theatre was 1865. What? Too soon?
Let The Sun Shine In. Back in the 1980s, when I saw Ain’t Misbehavin’, I saw it at the Aquarius Theatre. The building, now Nicolodeon Studios, has a truly fascinating history.
A Birthday Song. You’ve probably wondered about my “list of birthday songs“. That started because I got tired of the traditional “Happy Birthday to You”. Additionally, there was always the question of copyright. It appears the battle is still going on, and it is starting to look like it may not be copyrighted after all. Then again, the copyright might still be there. It’s up to a judge to decide now.
Psychology and the Drought. The drought in California has brought to light some interesting psychology. For the longest times, utilities out here have offered rebates to switch to low-flow toilets and to rip out lawns. The former hasn’t been successful, but recently, the latter has been overly successful. The why is what is interesting: Ripping out your lawn is visible, and we like to keep up with the Joneses. In other words: even though ripping out a lawn saves less water than replacing your toilet, it is a visible advertisement to your neighbors that you are doing something about the drought. They don’t see your toilet or your washing machine. Appearance is everything.
Fat Heads / Fat on the Mind. A few fat related articles. First, have you ever wondered what “fat” taste likes. No, get your mind out of the gutter, I mean the food fat. It turns out fat is a sixth basic taste, up there with sweet, salty, bitter, sour, and umami. In fact, humans may be programmed to like fats and dislike fatty acids. Next are two articles related to which fat is the best to cook with. The answer is: it depends on what you’re doing with the fat. Speaking of sweet fat, here’s a list of 14 LA area ice cream parlors everyone should try.
Nigerian Spammers. We’re working on getting the program together for ACSAC, and I’m pleased to announce that our conference dinner will feature a performance of The Nigerian Spam Scam Scam. But Nigerian spammers are doing things much worse. In particular, they are buying exploit kits to defraud Asian businesses. To carry out the scam, the group often uses the Microsoft Word Intruder exploit kit. The kit can be used to create malicious Word documents that are then sent over email. If opened, the victim’s computer will be infected with a keylogger.The group buys the tools from experienced malicious software coders, paying for remote access tools, keyloggers and exploit kits.
Android Attacks. If you have an Android phone, hopefully by now you’ve heard of Stagefright, an attack on Android phones that involved sending a crafted MMS text message that can trigger remote code execution. You don’t even have to open the message; the attack occurs as part of downloading the message. Until a fix comes across, you should go into your text application and disable automatic downloading of MMS messages. Oh, and Motorola has announced the new Moto X and Moto G phones.
Science Podcasts. Lastly, here’s an article with a list of good science podcasts, although they did leave off my favorite, Quirks and Quarks from the CBC. Some of them look interesting, but I’m getting pretty backed up on podcasts. Certainly Radiolab and Gastropod sound good, but there’s only so much commuting I can do.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1782267.html

userpic=security Continuing the cleaning of the collected links, here are a few articles and comments related to cybersecurity. Note: Those who read my post yesterday on iPods and other Digital Audio Players should revisit it — I’ve updated it with lots more info.

Training the Next Generation. A few interesting articles relating to the training of new Cybersecurity experts — at least ones that caught my attention because of their connections. First, Caltrans is getting involved with Cybersecurity. Sponsored by Caltrans and the California Transportation Foundation, the 2015 CyberCIEGE Competition challenged high school-aged teams to deal with a realistic simulation of a workplace environment that teaches project management and computer network security concepts. Students hired and trained employees, purchased and configured workstations and network devices and defended against cyber attacks while managing their budget. Also focusing on high school students, a program at NSA is working with a number of schools, including UC Berkeley, to educate high-school students about cybersecurity careers. I happen to know one of the folks at NSA behind that program — I’ve known Steve LaFountain for years, going back to when I was at SDC. With Steve involved in this program, you know it is doing good work.
Investing in Cybersecurity. In what is surely a sign of the times, there is a new Exchange Traded Fund (ETF) that focuses on Cybersecurity.The fund seeks investment results that correspond generally to the price and yield of an equity index called the Nasdaq CEA Cybersecurity Index.This new ETF includes companies primarily involved in the building, implementation and management of security protocols applied to private and public networks, computers and mobile devices in order to provide protection of the integrity of data and network operations. It is an interesting notion and cybersecurity is a growth field, but as to how this index will perform… I’m not sure about that.
Building Blocks. About a year and a half ago, there was an effort to create a NIST FFRDC. It now exists, and I’ve seen the first announcement of its output: a series of building blocks that have been released for community review and comment. The building blocks cover cybersecurity implementations that apply to multiple industry sectors and will eventually be incorporated into many of the National Cybersecurity Center of Excellence’s sector-specific use cases. The two that have been released are: (1) “Domain Name System-Based Security for Electronic Mail“, which proposes using the DNS-based Authentication of Named Entities (DANE) protocol to help prevent unauthorized parties from reading or modifying an organization’s email or using it as a vector for malware; and (2) “Derived Personal Identity Verification (PIV) Credentials“, which proposes a way for mobile devices to use two-factor authentication without specialized card readers, which read the identity credentials embedded in on-card computer chips to ensure authorized access to computer systems or facilities. With derived credentials, mobile device users could get the same level of security with their mobile devices that desktop users get with card-reader access.
Government Cybersecurity. An article on Slashdot today teased with the headline: “Despite Triage, US Federal Cybersecurity Still Lags Behind“. The article demonstrated Slashdot’s usual journalistic sensationalism, stating: “According to the NY Times, U.S. government officials will soon announce all the improvements their IT security teams have made to federal systems in response to the OPM breach. Unfortunately, says the Times, these updates only just scratch the surface, and are more to show that the government is “doing something” than to fix the long-standing problems with how it handles security. “After neglect that has been documented in dozens of audits for nearly two decades, the federal government is still far behind its adversaries. And it is still struggling to procure the latest technological defenses or attract the kind of digital security expertise necessary to secure its networks.” What the Slashdot article fails to acknowledge is that the government, by definition, cannot easily be bleeding edge in this area. There are so many legacy IT systems across the entire Government that it is difficult to secure them all, especially when many are old and did not have security engineered in. Budgeting for improved cybersecurity is only now getting attention, and Government funding exhibits the battleship problem: it is slow to turn around. Add to that the delays inherent in any large bureaucracy, and you’ve got what we’ve got. In short, governments cannot be nimble. You might think one could only focus on the critical systems; alas, we all know that critical systems are often attacked from stepping stone systems that play the role of trusted connections. The answer isn’t easy, but a lot depends on pushing to engineer security in from the start; to consider security as important as any other mission functionality requirement. More importantly, even if you can’t get it engineered in, you need to get everyone thinking about it: education, enforcement of policies, and emergency resilience can be as important as what is engineered in. Hmmm, seems like I climbed up onto a soapbox — the view is interesting from here. Articles like this can do it to you. Perhaps I’ll climb down now. Carefully.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1780148.html

Observation Stew It’s been stewing on the stove for two weeks because I’ve been so busy. Let’s hope it is still tasty and flavor-right. Here’s your news chum stew for the last two weeks:

Going For a Ride in my Car-Car. As you probably know, I’m in a vanpool. So when I saw a headline that read “Long commutes make you fat, tired, and miserable“, I was curious. The article notes that spending more than two hours of your day commuting — as 8.3 percent of American workers now do — will probably make you miserable. But there’s research that suggests doing it with other people will make it far less unbearable. As for the “fat”, it isn’t the commute that does it. Rather, it was the fact that commuters were less likely to get exercise. When you get home after a long commute, you’re too beat to exercise. Now, add to the fact that the touted “driverless” cars may mean we will be willing to commute longer — alone — and… well… you do the math.
Sorting it Out. Penn and Teller once did an episode of Bullshit noting that people really want to recycle, even if it is meaningless separation. It turns out that our not sorting — that is, putting all recyclables into a single blue bin, is leading to recycling stalling in America. The cost to separate is so high, and the value-return for recyclables is so low, that it is cheaper to make new. What a waste… but then again, we often forget we need to waste a lot of energy to recycle. There is a better solution. Use less in the first place.
Out, Out, Damn USB. Have you ever tried to get Windows to eject a USB device, but it keeps refusing. Here’s a list of what to do when Windows is recalcitrant.
Graphic Subtleties. You may not have noticed it, but Facebook is sporting a new logo. Look closely. Its subtle.
Celiac Disease Riddles. Here’s an interesting article about celiac disease, where they may have found the underlying culprit. It turns out that it is an immune response, and the heredity pattern with celiac disease is very similar to the pattern with other autoimmune diseases.
Food and Fun. Three interesting food related articles. The first explores how to cook ribs in the pressure cooker. The second talks about high fat foods that might be healthy for you. The last looks at outstanding mom and pop restaurants in the San Fernando Valley.
Drought Landscaping. If you live in California, you’ve probably seen a major visual effect of the drought: people replacing their lawns with either plastic grass or gravel. We know plastic grass is bad — ~~you can’t smoke it~~ it is isn’t porous, and prevents water from being absorbed into the water table. But it turns out gravel is equally bad. What’s worse is one company, Turf Terminators, has made a business taking rebates and making yards ugly. If we go to xeriscaping, I’d like something prettier than gravel, except perhaps in selected paths.
Bubble Wrap No More. Do you enjoy popping bubble wrap? Soon you might not be able to do so. The company behind Bubble Wrap, sealed air, is exploring a new wrap that is shipped flat and inflated on site. There’s a major advantage to this: shipping costs depend on size of the package, and inflated bubble wrap rolls are too expensive to ship distances.
iPod Solutions. Why, oh why, can’t Apple make an iPod with an SD slot. 200GB storage is getting affordable.
Underwriters Lab for Cybersecurity. Mudge has left Google to try to create an Underwriters Laboratory for Cybsersecurity. The problem is: we already have one. What’s worse is that most people don’t know about it.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1778289.html

userpic=lougrant It’s Saturday, and that means it is time to clear out the links. These are articles I found interesting during the week, but either didn’t have the time or the inclination to write about then:

The Lastpass Hack. One of the big security items last week was the hack of Password Manager “Lastpass” (which happens to be the password manager I use and recommend). There was word about how hashed Master Passwords may have been leaked, as well as password reminders. But as usual, Lastpass provided the best explanation on why and whether you should worry, and showed why people still don’t understand risk — In response to the question “Was my master password exposed?”, their response was:
“No, LastPass never has access to your master password. We use encryption and hashing algorithms of the highest standard to protect user data. We hash both the username and master password on the user’s computer with 5,000 rounds of PBKDF2-SHA256, a password strengthening algorithm. That creates a key, on which we perform another round of hashing, to generate the master password authentication hash. That is sent to the LastPass server so that we can perform an authentication check as the user is logging in. We then take that value, and use a salt (a random string per user) and do another 100,000 rounds of hashing, and compare that to what is in our database. In layman’s terms: Cracking our algorithms is extremely difficult, even for the strongest of computers.” In other words, what may have been exposed was a deep one-way hash of an already deeply one-way hashed password. You’re really only at risk if they could guess your password, and that comes from a dumb password reminder. Still, they recommended changing your master password. I did so, and I changed it in the few other places I use it (none of which are web accessble; it is for similar non-web application vaults).
Going to Waste. We are an incredibly wasteful country. Two articles from NPR on that subject. The first deals with a grocery chain in Northern California, that has decided to sell “ugly produce” that would otherwise go to waste at deeply discounted prices. The second deals with a landfill of lettuce — salad tossed because it might not make it to market in time. In this time of drought, and considering the amount of water that goes into growing and raising food, we should work hard to make sure that all food, ugly or not, is put to good use. We have loads of families in need that could benefit from just-in-time delivery of fresh, but ugly, vegetables and similar food products.
The Celiac Cry. I’ve been pressing this point for a while, but this article expresses it really well: why the gluten free fad dieters are a bad thing for Celiacs. People think they know GF, but don’t do complete checking and poison those for home it really makes a difference.
Buying Music Is For Old People. This article really saddened me. It posited the notion that only old people buy music these days. The “younger generation” wants more and more variety, and they can get that by streaming their music from music services anywhere anytime. Of course, this is like AM radio of old, but we won’t tell them. The problem is that streaming doesn’t work everywhere, doesn’t cover all audiences, and tends to cost money (both subscriptions and data). It also puts what you listen to in the hands of the streaming services. No thank you. I’ll keep owning my music, making copies of my digital music as backups, and listening to it whenever and whereever I can.
Architecture in the West. Two architectural articles. The first deals with interesting undiscovered architecture in Tucson. The second deals with another product of the 50s to go away: first it was drive-ins, not it is bowling alleys. There aren’t many left in the valley; Mission Hills Bowl is now gone. Bowlers will miss it.
Sons!. My first live theatre that I saw on stage was the LACLO’s production of The Rothschilds, which I still love to this day. This week news came out that a revamped version is in the works.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1774103.html

Observation Stew Well, it’s late Saturday night, and I’m home from my first Fringe show. That writeup will be tomorrow morning — tonight, it’s time to clear out the links so we can make some news chum stew. Are you hungry yet?

Windows 10 is Coming. Quick, get a Dixie Cup. OK, so it’s an old joke and in bad taste. But we’re talking Windows here. Seriously, if you have a Windows 7 or Windows 8 system, you might see a new little icon so you can sign up to get the latest and greatest Windows when it is released on July 29. You’ll have a year to upgrade for free. So I’ve got a collection of articles that I found of interest on the upgrade. First and foremost, there are a number of features that will not work or will be removed when (if) you upgrade. Second, here’s an article on what to expect when the upgrade happens. Supposedly, you’ll need to do a clean install. What I haven’t seen yet is how well the upgrade process works for an in-place system, or seen a good list of what other older software will not work. My advice: You’ll have until July 2016 to request the upgrade. I’d suggest waiting a good two months and letting everyone else be the guinea pig.
Apple, are you listening? Having talked about Microsoft, let’s now talk about Apple. This week brought the news that Microdia will be selling a 512GB micro-SD card for around $1000 (and you can expect the price to go down as others start manufacturing, plus there are reminders that the extra-capacity SDXC format allows for up to 2TB cards. OK, Apple, here’s your challenge. Do you want to win back all the people that loved the iPod Classic for their music? Do you want to prevent these folks from migrating to any of the other large capacity players? Here’s a simple answer: sell an iPod Touch that can take a micro-SD card up to 2TB. Not only can folks store their music, they have room for loads of apps, and loads of photos (they will be grabbed by photographers). Think of all the money you can make backing that up to the cloud.
Water Water Everywhere. Here are three articles related to water. The first explores how to find the control room for the Bellagio fountains. There are loads of facts in the article; my favorite was the following: “The water they use for the fountains is a self-sustained source that used to be used for the old Dunes golf course before they took it down.” I had read in another book on Vegas that Wynn bought the land for the Bellagio because it had its own springs. Speaking of piping water, when you hear Budweiser, what do you think of? I know, watered-down beer. Did you know in emergencies that AB doesn’t add the beer (of course, how would you know?). Seriously, those of us in LA know that AB canned water during the big earthquake. Well, with the recent damage in Texas, they switched to canning water as well. Lastly, I found a real good collection of stories at the Times on drought gardening.
A-One. A-Two. If you are security aware, you turn on two-factor authentication whereever you can. But how do you do it? Here’s an article with information on turning on two-factor authentication on over 100 sites. In particular, it links to a step-by-step guide to turning on two-factor authentication.
Illusions in the Air. Here’s an interesting (well, to me) discussion of Avatar Airlines, an airline that is too good to be true. Just like the recently panned (and rightfully so) Bitter Lemons Imperative (plus one, two, three), here’s an idea that might have sounded good on a surface read, but when you dig deeper, it is fraught with problems. This really goes to show why you need to think an idea out thoroughly before you put it on the net. [I didn’t earlier today, and learned my lesson]
A Burnin’ Issue. OK, Grammar Geeks. Here’s one for you (h/t Andrew D): Which unicode character should represent the apostrophe? The answer is easy to get wrong, as the Unicode committee did. They chose ’ (U+2019), which is RIGHT SINGLE QUOTATION MARK (as opposed to ‘ (single quote)), as opposed to ʼ (U+02BC), which is MODIFIER LETTER APOSTROPHE. Why is this significant? The former creates a word boundary; the latter does not. Now you know why your capitalization routine changes it’s to It’S.

===> Click Here To Comment <==
(Click Here to Comment)

Crossposts: http://cahwyguy.livejournal.com/1771932.html

Observations Along The Road... at Dreamwidth

Roadkill Along The Information Superhighway

Memorial Day Stew

Saturday Stew: A Little Bit of Everything

For Your Seder Discussion: Kosher L’Pesach News Chum

Link Chum Stew: What’s In The Pot This Week, Johnny?

CyberStew: Security, Safety, and More

Security News Chum: Browsers, Berkeley, Ransom and Requests

Weekend News Chum to Fill your Loving Cup

Week End News Chum: Threading a Connection

CyberNewsChum: Windows, Facebook, and the Internet of Things

Thanksgiving News Tetrazzini: Squash, Migraines, Latrines, Lastpass, and more…

Wearing Snakeskin Boots like Billy Ray Cyrus, Totin’ my Norton Antivirus…

A Virtual Witches Brew of News Chum

Unintended Consequences

Chips In The Stew: Technology News Chum

Vigilantes, Mobs, and Bullies, Oh My!

Saturday News Chum Stew: Theatre Etiquette, Water, Fat, Cybersecurity, and Science

Are You Feeling Cybersecure?

Independence Weekend News Chum Stew

Saturday News Chum: Lastpass, Food Waste, Celiacs, Music, and Sons

Saturday Stew: 10, 512, H20, 2, 0, and 0219

Profile

June 2025

Syndicate

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags