… we’ll leave your underpants out of it for now. But yes, this post is scheduled to go live right as our plane is leaving SeaTac to begin our week-ish long trip to Paris for New Year’s. As I’ve said to others, I pretty much win at girlfriend. She deserves a ton of credit for, well, everything, but in particular she did a much better job of keeping it a secret than she did for our London trip - she lost the battle with secrecy a month or more before the trip took place (she’d planned to get me to the East Coast and then tell me where we were actually going). This time, sure enough, I had clue-oriented gifts in my stocking, leading me eventually to search our bookshelf, where I found a gift-wrapped guide to walking tours in Paris. W00t!
We get there on the 31st, early, so there can be napping and re-adjusting. Then dinner at some swank digs and, if we can stay awake for it, fireworks at the Eiffel Tower for midnight. I mean, come on. Then a walk-about on the 1st, museums and such on the 2nd-4th, and home on the 5th. Here’s a map showing likely points of interest, but I welcome any suggestions. Keep in mind, we’re more interested in trying to see a few things with some depth, as opposed to doing drive-bys of the entire city. I heard someone brag once about “doing” Musee du Louvre in 45 minutes. That’s… well, that’s dumb.
A few days ago, the Massachusetts Bay Transit Authority (MBTA) finally accepted that security problems should be solved, not suppressed. In August, three student researchers from MIT were going to present a paper at DEFCON (the tech / hacker convention) which outlined vulnerabilities in the magnetic stripe swipe card system that MBTA uses to handle fares in the “T” subway in Boston. Despite the fact that the students were going to leave out certain key information so that their work couldn’t be easily duplicated, MBTA filed for a restraining order, saying that disclosure of the flaws, before it has a chance to fix them, will cause irreparable harm to the transit system. (See more here.) The DEFCON talk was cancelled, and eventually they brought a lawsuit to permanently stop the release of information. Finally, they announced that they were dismissing their lawsuit and had agreed, instead, to work with the students to improve security in their Automated Fare Collection System.
Cory Doctorow coined Schneier’s Law in his DRM talk at Microsoft in 2006:
“Any person can invent a security system so clever that he or she can’t imagine a way of breaking it.” This means that the only experimental methodology for discovering if you’ve made mistakes in your cipher is to tell all the smart people you can about it and ask them to think of ways to break it. Without this critical step, you’ll eventually end up living in a fool’s paradise, where your attacker has broken your cipher ages ago and is quietly decrypting all her intercepts of your messages, snickering at you.”
Clearly, MBTA was trying to stay in that “fool’s paradise,” but somehow or other they clued in to the reality of the situation. Good on them; I just hope that there isn’t some behind-the-scenes deal that’s quietly screwing the students who did the yeoman’s work of advancing the security of MBTA’s system.
The Star Wars Holiday Special has been legendary from the moment it aired in 1978. I don’t know what the other competitors are, but it has to be in the running for worst television program ever, “variety” category. Those of us of a certain age have dim recollections of seeing it; it was never re-aired so you had to catch it that night. For a long time I thought I had a mistaken memory of it, but as I became integrated into the Geek tribe in my 20s the lore was revealed to me that it did exist, but was not to be spoken of for fear of rape goblins. Or something.
Cut to the chase: it has long been circulated as a VHS bootleg. Well, I hadn’t thought of it in a few years so it never dawned on me that, just maybe, the digital age has affected its limited availability.
First thing’s first - I get nothing out of these EFF posts. I’m not sending you to an affiliate link, there’s no kickback, nothing like that. The closest thing to “what’s in it for me” is that my quasi sister-in-law works there, but in all sincerity I was an EFF geek before I ever met my beloved, so that’s just a happy coincidence. She’s always mildly bemused (and take your pick which “she” I’m referring to) that I’m a little star-struck by somebody who seems to have a normal-seeming job.
That being said, EFF has a new page up that’s a) cute and b) effectively (hur hur) describes what they’ve been up to for the past year. Please do check it out, and if it tugs at you at all, consider joining EFF or making a donation. The internet you save could be your own.
Sneaky me, I’ve got two different motives for this post. The second is to see if I’m able to embed a clip from YouTube; all signs point to it being so blindingly easy that failure will encourage me to seriously consider suicide. But, for all that, I’ve never tried it before. Voila!
My first motivation is to share this really great preview from Lily Allen’s upcoming album, “It’s Not Me, It’s You”, although it’s now slated for release in February of 2009 soooo.. boo. Despite not being the likely target demographic (36YO suburban white male) I absolutely adore her first album, xxxxx , but kinda had her chalked up to a typical sophomore slump. If this track is any indication, it turns out I was full of shit. I’m genuinely looking forward to this - yum!
(Added later…:)
DEAR LORD! For being the hoity-toity blog platform of choice, embedding video in Wordpress is a frickin’ pain. Seriously, it’s not that it’s super-hard, but when YouTube et al provide simple embed code next to their videos it shouldn’t be hours and a plug-in later before it works. That thing I said before? I’m considering, I’m considering…
There are a lot of charitable causes in the world. Heaps. Tons, even. The one that gets my support these days is the Electronic Frontier Foundation (”EFF”), “the leading civil liberties group defending your rights in the digital world.” I know, there are a lot of causes out there that might feel more immediate - curing cancer, say, or providing service animals to the blind. That’s easy; everybody can get behind those causes. I can explain to my grandmother that blind people get along better with a dog, and she’ll pony up twenty bucks. On the other hand, if I tell grams that the EFF is behind the lawsuit to hold AT&T accountable for facilitating illegal NSA spying, or that they’re safe-guarding the future of cultural innovation, I’m going to be rewarded with a blank look. So here’s the thing - because I do understand what EFF does, and why it’s important, I’ve got a responsibility to support them on behalf of myself and those that are unwittingly protected by them.
And so do you. At least, I hope you think so, because EFF needs your help. To quote a recent email I received, “[d]ue to the tough economic times we are all experiencing (and maybe folks with spare cash to spend on activism feeling tapped out after the election), EFF is not getting the usual end-of-the-tax-year donation love.” As a result, this non-profit organization that, to the best of my knowledge, never charges their clients for representation, is coming up short. Trust me on this, there are a lot of top-flight lawyers at EFF that are working waaaaaaaaaay below their market value because they believe in what they’re doing, but they (and EFF as an entity) still have bills to pay.
Bonus for reading this far: I’ll blog more about this later, but read Cory Doctorow’s latest collection of essays (c)ontent, about some of these very things, for free! Cory releases his books under a Creative Commons license, so this is a legal download of the entire book. Some % of you will buy it, of course, which is the point. I say “bonus,” but it’s not like he’s doing this just for me - it’s just something I figure you don’t know about.
In October of 2004, a Secret Service sting centered around the website shadowcrew.com (no link because it’s now a generic parked domain) led to the arrest of 28 people involved in identity theft, credit card scamming and the like, and created a cascade effect that shuttered most of the other sites that facilitated trade in this kind of information. From the wreckage, DarkMarket.ws arose to fill the void. Known for its zeal in scrutinizing users to filter out narcs, the site had a solid reputation as a 1st rate den of thieves.
Inevitably, jealous competitors tried to knock them down a peg. In 2006, Max Ray Butler (a “security consultant” who turned to the darkside) claimed that he had infiltrated the darkmarket server and discovered that the site’s lead administrator, “Master Splyntr” was logging in from an FBI location in Pittsburgh. This was typical of the jousting between competing sites; Butler was later arrested for cyber crimes and darkmarket grew to be more popular than ever.
This news feels too good to be true, and yet it is. McColo Corp., in San Jose, California, is a Web hosting service that had been identified by those savvy folks in the know as a bearer of bad things for some time now. These same sav-sters conducted their own studies and determined that up to 75% of all spam (der wha? 75% of all worldwide spam!) originated from McColo’s servers. Armed with this information, Security Fix over at the Washington Post contacted those companies that provide “pipe” from McColo to the internet at large. By Tuesday afternoon, both Global Crossing Hurricane Electric had cancelled McColo’s service, with Hurricane’s director of marketing flatly stating “[w]e shut them down.”
Since then, spam traffic has been cut by 65%. *pauses for reader to stop dancing around like Snoopy* I had, in fact, noticed a slight lessening, but my filters are already pretty good. I’m curious if any of you felt this before you knew it?
According to this article at the freakonomics blog, spam costs U.S. companies (alone!) $33 billion a year in lost productivity and, according to this study (it’s a pdf, beware!), likely generates far far less revenue than that for spammers. If ever there was a parasite, spam is it. Granted, given the relative inexpense of running botnets vs. the revenue achieved, it’s likely that someone will rise up and take McColo’s place. Still, it’s nice to know that the white hats out there are learning how to shoot back.
Liar’s Poker: Rising Through the Wreckage on Wall Street has to be the first book about the mortgage crisis that the United States is going through. I say this with some confidence, because it was first published on October 1, 1990. Yes yes, 18 years ago, but I swear to you it is the most coherent explanation of mortgage securities, and what can go wrong with them, that I’ve seen. The author, Michael Lewis, was a trainee at Salomon Brothers in the mid-1980’s, just when these securities were invented, whole cloth, by a savvy trader on Salomon’s trading floor.
Oddly enough, I picked this book up almost two years ago on a lark; Lewis’ more recent books (Moneyball
and The Blind Side, both economics/sports books) had been enjoyable reads, so I snagged his first book, used, on a lark. It turns out that his first career out of college was in finance, and so his first book was a memoir-ish look back at his time at Salomon Brothers, just in time to see it spiral into its death throes.
I’ve been a busy boy lately, and believe it or not a lot of it has had to do with this blog. Well, blog network. Sorta thing. Despite the almost complete lack of posting on my part, I’ve:
learned about Wordpress-mu
installed Wordpress-mu
navigated the transition of the one-blog-many-authors model to the many-niche-blogs-feeding-an-uber-blog model
tried to market Ray’s great economics posts while, simultaneously, learning how to market Ray’s great economic posts.
She deserves a ton of credit for, well, everything, but in particular she did a much better job of keeping it a secret than she did for our London trip - she lost the battle with secrecy a month or more before the trip took place (she’d planned to get me to the East Coast and then tell me where we were actually going). This time, sure enough, I had clue-oriented gifts in my stocking, leading me eventually to search our bookshelf, where I found a gift-wrapped guide to walking tours in Paris. W00t!
DEAR LORD! For being the hoity-toity blog platform of choice, embedding video in Wordpress is a frickin’ pain. Seriously, it’s not that it’s super-hard, but when YouTube et al provide simple embed code next to their videos it shouldn’t be hours and a plug-in later before it works. That thing I said before? I’m considering, I’m considering…
This news feels too good to be true, and yet it is. McColo Corp., in San Jose, California, is a Web hosting service that had been identified by those savvy folks in the know as a 
has to be the first book about the mortgage crisis that the United States is going through. I say this with some confidence, because it was first published on October 1, 1990. Yes yes, 18 years ago, but I swear to you it is the most coherent explanation of mortgage securities, and what can go wrong with them, that I’ve seen. The author, Michael Lewis, was a trainee at Salomon Brothers in the mid-1980’s, just when these securities were invented, whole cloth, by a savvy trader on Salomon’s trading floor.
, both economics/sports books) had been enjoyable reads, so I snagged his first book, used, on a lark. It turns out that his first career out of college was in finance, and so his first book was a memoir-ish look back at his time at 
