Diary of a Wolfeman

Brian Krebs of Security Fix writes to let us know that Microsoft has been prodding lawmakers to enact a Federal-level privacy law to pre-empt all the states who have been doing so locally. Makes plenty of sense to me.

First, M$ is a huge bloody company, selling its products globally. I’d bet that a sizable portion of their expenses can be found under the heading “legal fees”. If every state enacts it’s own privacy laws, then M$ has to pay a lawyer to decipher each one, and then make sure they are abiding by all of them. It gets expensive. A little money now spent urging Congress to act unilaterally will pay for itself later on down the road. Smart move.

Secondly, it’s good PR. M$ has been taking it without lube or a kiss lately over the general insecurity of their products, and this might help swing public opinion a little. Also a good move.

Here’s where we get to the part I don’t like. M$ is big enough to buy some serious sway, and that means they could have a big hand in writing the law. Him that writes the law will often make himself a loophole to get out of it.

Still, the devil will be in the details, (Chris) Hoofnagle cautioned, noting that Microsoft’s statement of principles says the company supports “consumer opt-in” — the consumer’s advance permission would be required — for sharing of sensitive (e.g., financial or medical) data but supports “opt-out” — data can be shared unless the consumer explicitly says “no” — for every other kind of information.

Personally, I am of the firm belief that any company I do business with needs to ask permission in writing before disclosing any of my personal information. This should be a completely seperate form, not wrapped up in another block of legaleze. It should have only the one option, so therefore it would be quite short, so you can use a nice easy-to-read font.

Here’s an example: “I agree to let XYZ Company share my personal information with that company’s business partners for the purpose listed here.” Followed of course, by said purpose. One purpose per page, each page requiring a signature.

Some of you may have heard this particular story before – feel free to skip along as you see fit. For those that haven’t, sit right back and you’ll hear a tale…

Way back in the never-never of 2000, I was living in apartment A of a 4-unit building. B:TNG lived in unit C, with TS and the Physicist living in the stacked apartments between us. We all decided life would be much better if we could network all of our computers together to share out B’s DSL connection and get all of us out of dial-up hell. Me being the cable guy, I spent a few hours crawling around under the building and got the whole thing working without much fuss – with one exception.

Read the rest of this entry »

Girls: fancy an SMS-fired Bluetooth vibrator? | The Register

Our female readers are invited to imagine the folllowing scenario: It’s Monday, you’re at work, you’re bored, you’re thinking “how could I possibly spice up this trawl of the 2,000 weekend emails in my inbox?” when it occurs to you that if someone were to invent an SMS-triggered Bluetooth vibrator then your partner could bring you to an earth-shattering climax simply by texting a few sweet words of lurv, leaving you totally satisfied as a woman and fit to face the most daunting online task…

The Toy is worn internally, linked to a mobile phone and controlled by sms text messages sent to the phone. Once read, the message is transported automatically to The Toy, which turns it into vibrations – with a huge range of movements, depending on what you have written.

That’s right folks, a vibe triggered by a text message. Puts that ‘unlimited’ messaging plan in a new light, doesn’t it?

I will link this here because every little bit of publicity helps, and I am always willing to help a fellow Oregonian:Recording Industry vs The People

This is the case peer-to-peer file sharers have been waiting for. Tanya Andersen, a 41 year old disabled single mother living in Oregon, has countersued the RIAA for Oregon RICO violations, fraud, invasion of privacy, abuse of process, electronic trespass, violation of the Computer Fraud and Abuse Act, negligent misrepresentation, the tort of “outrage”, and deceptive business practices.

Ms. Andersen’s counterclaims demand a trial by jury.

Give ’em Hell, sister!

Apparently I, Asshole is having the same problem I am lately: I can’t find a ringtone I like.

I had my phone replaced a week or so ago due to the fact it was dropping incoming calls like hot potatoes, and I lost my previous ringtone in the process. (“Tom Sawyer” by Rush). Not wanting to pay another $1.99 to download it again, I have been on the lookout for something new, and I have become stumped. Why are none of the really obvious songs made into ringtones? Consider these:

“Who are you?” By The Who. Currently the theme song from C.S.I., and a damn good song in general. Seems an obvious choice. Or “Mother” by The Police. C’mon, the opening lines are “Well, the telephone is ringing / Is that my mother on the phone?”

I did manage to find Men Without Hats’ “Who can it be now?”, but it was a bad cut and didn’t sound right. The Clash’s “London Calling” was another atrocious midi ringer you could barely recognize, but crap by any number of flash-in-the-pan pop artists sounded perfect.

Back to the original, when there are multiple ringtones featuring Ozzy, Iron Maiden or Quiet Riot, why is there only one Rush? These guys nailed many Grammy awards, and we are left with “Metal Health”?

Oi.

(psa)

Just a quick heads-up for those of you out there who own a domain name that is due to expire anywhere within the next decade: you will be receiving a letter in the mail from a new Registrar trying to get you to switch over. There is no requirement to do so, and it is not a bill. If you’re happy with your current Registrar, throw away the letter.

(/psa)

I received another letter today, this one from my stepsister. I’ve never talked about her before because I don’t talk to her, and feel no need to talk about her. See, when The Old F.a.r.t. married the MallHag, he got stuck with her daughter as well. The both of them are the worst sort of mall-bunnies a man could run afoul of. I admit that The Old Man was never a good father, but it got worse after he married MH. This was back when my brother and I were both fighting tooth-and-nail to get by, and would every now and then get stuck in a “crap they’re gonna evict me!” or similar problem. Dad, however, was never in a position to help because the Hag had already spent all of the money – on the daughter.

They are currently long-haul truckers who spend a fair amount of their time on the West coast and could conceivably drop by to see us sometime, but they only ever see my bro, because her parents live in the same town. The last time, they spent the weekend with the in-laws, and saw my brother for an hour. I’ve been here for 4 years, right on I-5, and they’ve stopped to see me once.

Of course, this is the same man who bragged to me about how much money he was saving on his new house because the builder was using illegals to build it – at a time when I had been unemployed for 6 months and was signing up for food stamps because thousands of tech jobs had been outsourced to India.

Bitter? Moi?

In the eight years I lived in ‘Vegas, the stepsister lived there for I think 7, and the only communication I received from her at all was via her mother – something about having met an old girlfriend of mine and wanting to know if she could give out my phone number. Never heard from her again, and this was sometime before I got married, which means pre-1995. (The return address on the letter was First-initial.Last-name, and I couldn’t remember what the initial stood for. That’s how long it’s been.)

Well, she is finally worth something to me: she’s blogfodder.

Today’s letter was a teaser invitation about her upcoming wedding. Not a full invitation mind you, but a teaser invite with the pertinent names, date and location with a “More info coming soon!” tacked on the end.

Worse than that, the thing is printed on a fridge magnet, with a quote from Johnny Cash’s “Ring of Fire”. Ok, if you just look at the lyrics, it can me thought of as a love song – but it never struck me as one. More like a man reminiscing about a love that burned him, but he can kinda look back on it as a lesson learned.

The kind of song a divorced guy would sing.

On a wedding invite.

This article needs to be required reading for every programmer and developer in the world. It is a bit long winded, but I think I can actually combine two things into one. Here’s a shorter version:

#1 Default Permit and #2) Enumerating Badness really point in the same direction.

The idea here is that computers today either do everything unless told not to or let everything in unless told not to. This means you have to spend your time looking for all the things in the world they shouldn’t be playing with. Exhausting to even think about!

What they should be doing is only what we tell them to and allowing in the same. Brilliant concept, no? Here’s an example: a Blacklist vs. a Whitelist.

A blacklist is, of course, a list of all the things you shouldn’t do or people you shouldn’t talk to. Your Anti-virus client has a list over 75,000 items long of things not to do, that has to be updated weekly, if not daily.

A whitelist, on the other hand, is a list of things you should do or people you should talk to. How many programs do you use daily? Three? Maybe up to seven? That list just got orders of magnitude shorter. And how often do you install something new? Maybe once a month?

Obviously, implementing a whitelist-type security policy would benefit a corporate environment the most, where computers are used more as tools rather than entertainment consoles, but the home user would still see some benefits – like an end to spyware.

Here’s something that made his list only peripherally: Ease-Of-Use. In the early days, computers could only be used by people who had specific training. To generate a greater demand for computers and thus bolster the profit margin, they had to make them easier to use so more people could do so and grow dependant on them in their daily lives.

This has unfortunately led us to a situation where the average computer user knows nothing about how the computer actually works – which in turn means that to get anything done, the software needs to be designed to function on a single click of a mouse. That one click can now have the effect of executing millions of lines of malicious code, with the user none the wiser.

Me, I think we should ease up on the user-friendly bit and force the user to gain a little education and think about what they are doing. Yes, I realize that this would end up alienating a chunk of the userbase, but the ones who don’t want to learn are the ones that make it bad for everyone.

-Begin Rant- Read the rest of this entry »

This post tells us that there will be 6 (count ’em, six!) versions of Microsoft’s new Vista Operating System to contend with.

Good frelling Gods of Computing!

This is the definition of Bad Software Design, and the elimination of upgrade-ability. The distinctions between these six versions aren’t really all that clear yet (MS is splitting some hairs pretty fine), but my take is that the consumer isn’t going to know one way or the other what they really need or want, and are going to end up paying the premium to get extra functionality they don’t need, just on the off chance that they may need it eventually. Why will they do that? Because MS sure as shit won’t make those extra functions as something you can add later – you’ll have to do a whole-hog upgrade re-install.

They have now taken their approach of wraping everything into the OS to it’s utter extreme of idiocy, and the world will suffer for this.

On the other hand, since Linux doesn’t bend you over a barrel like this, it may just end up being better press for us. This should be fun to watch.

Well, SpamAssassin seems to have it’s sights set fairly well right out of the gate, but I have had to teach it a few things. Me being lazy, I developed the following script to automate the process of telling SA to read each of my three inboxes and the Spam folder to catalog the collection.
——————————————————————————————
#!/bin/bash

exit
———————————————————————————————-

To use the script, save it to your home directory as spammy.sh. You will then need to set it as an executable file with this command:chmod 777 spammy.sh, and call it using ./spammy.sh in a terminal window.

I really love it when I get a chance to do a script, since it’s very close to the programming I learned waaaaay back in high school (DOS-based stuff and Pascal). Unfortunately, I don’t do many repetitive tasks that would benefit from being scripted.

Of course, if I did, I’d end up going whole hog and becomming a programmer again. I don’t need that kind of workaholicism :)

You’ve heard me bitch recently about the sudden increase in 419 scam emails I have been receiving, and I finally got tired of deleting them by hand. Definitely time to give a spamkiller of some sort a try.

30 seconds of Googling later for “kmail+spam” gives me the idea that the best method for stemming the tide would be to install SpamAssassin (SA). Since I’m running a version of apt-get designed to work with SuSE, this was simply running Synaptic package manager and clicking a box.

The question then was, how do I get this thing working?

Read on to find out. Read the rest of this entry »