Ken's Weblog

People should not fear their governments; governments should fear their people.

Month: May 2009

  • Standing up to the Evil Empire

    Terrorist Pianos of Doom!. Toward the end of last month, a noteworthy incident occurred in the classical music life of Los Angeles:

    Polish pianist Krystian Zimerman, who is widely admired for his virtuosic performances and who famously tours with his own custom-altered Steinway, created a furor at Disney Hall on Sunday night when he stopped his recital to announce that this would be his last American appearance — in protest of the nation’s military policies overseas.

    In a low voice that could not be heard throughout the auditorium, Zimerman, universally considered among the world’s finest pianists, made reference to Guantanamo Bay and U.S. military policies toward Poland.

    “Get your hands off my country,” he said.

    Then he turned to the piano and played Szymanowski’s “Variations on a Polish Folk Theme” with such passion and intensity that the stunned audience gave him multiple ovations.

    Earlier, about 30 or 40 people in the audience had walked out after Zimerman’s declaration, some shouting obscenities. “Yes,” the pianist, known in Poland as “King Krystian the Glorious,” answered, “some people, when they hear the word military, start marching.”

    [Once Upon a Time…]

    The whole post is worth reading.

  • It’s amazing how much the boss…

    It’s amazing how much the boss being on vacation does to improve productivity. If only he’d stay that way…

  • Counterproductive password policies

    Calculating Password Policy Strength Vs. Cracking. snydeq writes “InfoWorld’s Roger Grimes offers a spreadsheet-based calculator in which you can key in your current password policy and see how your organization’s passwords might hold up against the number of guesses an attacker can make in a given minute. The calculator includes results for four different password entropy models, and is based on length, character set, maximum age, whether complexity is enabled, and the number of guesses per minute an attacker can attempt. As an example, Grimes assumes an eight-character password, with complexity enabled, a 94-symbol character set, and 90 days between password changes. Such a policy, typical for many organizations, would require attackers to make only 65 guesses per minute to break — not at all hard to accomplish, Grimes writes.”

    Read more of this story at Slashdot.

    [Slashdot]

    I have some experience with foolish password policies like that. They’re actually even worse than this article suggests, because a policy requiring hard to memorize passwords that change regularly mean that users generally can’t memorize their passwords, and as a result with either write them down next to their computer or follow some predictable pattern such as “password1!,” “password2!,” etc.

  • Good stories and networks don’t mix

    Sarah Connor Chronicles — Why It Died. brumgrunt writes “Sarah Connor was a non-populist, meditative, complex piece of television on a smash-bang, show-me-the-ratings kind of network. The two were never going to get on. Plus: how the Terminator name proved more hindrance than aid.”

    Read more of this story at Slashdot.

    [Slashdot]

    It was definitely one of those “too good for television” shows. Too bad it wasn’t on a cable channel, where good stories can survive–for example, Battlestar Galactica made it all the way to the end of its run on the Sci Fi Channel, which (despite the name) doesn’t actually have much sci-fi on it.

  • Photographer pay

    From a mailing list for music photographers:

    What do photographers make?
    *Salary data is from PayScale.com. Salaries listed are for full time workers with 5-8 years of experience and include any bonuses or profit sharing.

    Freelance photographer — $35,728
    Photojournalist — $37,403
    News photographer — $43,001
    Fashion photographer — $48,710
    Sports photographer — $44,686

    And people ask me why I don’t want to be a professional photographer…

  • PGP Whole Disk Encryption

    After trying it for three weeks without problems, I bought the latest version of PGP Desktop Professional, which includes whole disk encryption. Both my MacBook Pro’s internal hard drive and the external drive I use for Time Machine backups have gotten along with it just fine, even through the system update to 10.5.7. For the most part there’s no noticeable impact on performance, but then my laptop doesn’t do anything really disk intensive–all my photography work happens on a different computer which I will not be encrypting. There did seem to be a slowdown in Time Machine backups, but that’s not an area where performance is really relevant. I would really prefer to use TrueCrypt, but as it currently can only do whole disk encryption on Windows (where I have been using it for some time), that wasn’t an option.

    The rest of the PGP Desktop package gets a mixed review. I had looked at PGP last summer and dismissed it as unacceptable because of the horribly designed proxy it relies on for encrypting email, but this time around I discovered that there is also an officially unsupported plugin available for Mail. The plugin works the same way as the GPGMail plugin, but with fewer features. This is not surprising, as they have the same author. Apparently some brainless product manager at PGP Corporation had decided to kill the plugin (presumably to force users into using their worthless proxy), and it was brought back by popular demand.

    Since the last time I looked at PGP, it’s lost the ability to communicate with public key servers other than the one actually run by PGP Corporation, which very few people use. According to a thread on the PGP support forum, the developers know about this bug and just don’t care about fixing it. Well, nobody will ever accuse the PGP Corporation of having good customer service or QA! Fortunately the keyservers have web interfaces so the problem can be worked around as long as you’re using the “unsupported” Mail plugin. Anyone foolish enough to use the proxy will be out of luck, though.

    I ultimately decided to switch from GPG to PGP for my email needs, at least for the moment, because while both of them have huge problems on the Mac, PGP’s refusal to work with keyservers that aren’t owned by the PGP Corporation is less of a problem than the hideously unusable keychain management that GPG inflicts.

  • More police state surveillance

    No Warrant Required in U.S. for GPS Tracking.

    At least, according to a U.S. District Court ruling:

    As the law currently stands, the court said police can mount GPS on cars to track people without violating their constitutional rights — even if the drivers aren’t suspects.

    Officers do not need to get warrants beforehand because GPS tracking does not involve a search or a seizure, Judge Paul Lundsten wrote for the unanimous three-judge panel based in Madison.

    That means “police are seemingly free to secretly track anyone’s public movements with a GPS device,” he wrote.

    The court wants the legislature to fix it:

    However, the District 4 Court of Appeals said it was “more than a little troubled” by that conclusion and asked Wisconsin lawmakers to regulate GPS use to protect against abuse by police and private individuals.

    I think the odds of that happening are approximately zero.

    [Schneier on Security]

    I agree. Also note that this really only applies to cops spying on drivers who don’t have cell phones. If you’ve got a cell phone, it’s simpler and cheaper for the cops to spy on you using the tracking device you paid for and volunteered to carry around rather than going to the trouble of bugging your car.

  • History continues to repeat itself

    Training the Police State’s Next Generation.

    Remember when the Boy Scouts were merely about helping old ladies across the street, learning how to tie a decent knot, and excluding gay people?

    Meet the post-9/11 Scouts.

    The Explorers program, a coeducational affiliate of the Boy Scouts of America that began 60 years ago, is training thousands of young people in skills used to confront terrorism, illegal immigration and escalating border violence — an intense ratcheting up of one of the group’s longtime missions to prepare youths for more traditional jobs as police officers and firefighters.

    “This is about being a true-blooded American guy and girl,” said A. J. Lowenthal, a sheriff’s deputy here in Imperial County, whose life clock, he says, is set around the Explorers events he helps run. “It fits right in with the honor and bravery of the Boy Scouts.”

    The training, which leaders say is not intended to be applied outside the simulated Explorer setting, can involve chasing down illegal border crossers as well as more dangerous situations that include facing down terrorists and taking out “active shooters,” like those who bring gunfire and death to college campuses. In a simulation here of a raid on a marijuana field, several Explorers were instructed on how to quiet an obstreperous lookout.

    “Put him on his face and put a knee in his back,” a Border Patrol agent explained. “I guarantee that he’ll shut up.”

    This is really despicable stuff.

    [The Agitator]

    It’s not at all surprising, though. It’s natural for any oppressive police state to create its own analog to the Hitler Youth and Young Pioneers.

  • @sethdill I just got the same …

    @sethdill I just got the same thing.

  • Quote of the Day

    Arguing with anonymous strangers on the Internet is a sucker’s game because they almost always turn out to be–or to be indistinguishable from–self-righteous sixteen-year-olds possessing infinite amounts of free time.

    Neal Stephenson, “Cryptonomicon”