Archive for December, 2009

Heathcare reform: a Festivus miracle!

Speaking of Festivus, I should note a recent sighting of a genuine Festivus miracle… they still had a quart of Maple View Farms eggnog at the grocery store!

Er, actually, a better Festivus miracle is that today the senate democratic caucus reached the 60 votes needed for their final cloture vote and will vote on healthcare reform tomorrow.  FWIW, the vote could have been held today, but Vitter (R-LA) objected.  The bill also could have been held up until 8pm tomorrow, but republicans couldn’t quite bring themselves to wait that long to get out of town.  So instead, the vote (needing only 50 ayes plus Biden) will happen at 7am tomorrow morning.

A quick note on the bill.  Put me in the camp with folks who wanted something better, but regard the senate bill as a significant step forward.  Specifically, I would love to see something like a single payer system.  People seem pretty happy with Medicare (wasn’t a common teabagger cry: “keep the government out of my Medicare!”?), so gradually expanding Medicare eligibility to younger people, eventually allowing a person of any age to buy into Medicare seems like a good idea.   We would still need to fix the republican Medicare Part D prohibition on negotiation with drug companies, but that’s minor.

Failing single payer, what I really would like to see are controls on how hard the insurance companies can screw you (currently hard enough to make you want to scream “green balloons“), and then provide subsidies to allow more people to buy insurance.  Well, that’s what we got.  Sure, there’s a purchasing mandate – you must buy insurance, but that’s pretty reasonable.

So, it’s not a perfect bill, but it’s a good start and will help literally millions of people and will literally save tens of thousands of lives each year.  That’s a good first step.  There’s nothing that says that we can’t improve the bill over the next decade.  That’s what has happened with every other expansion of the social safety net for the past 60+ years, from social security to medicare.  There is no progressive rapture.  We won’t pass a bill and then be taken up to liberal heaven or achieve social nirvana.  There aren’t 72 hippie virgins waiting for us at the signing of any piece of legislation.  And neither mankind nor its societies are perfectible.  But both mankind and society is subject to continuous improvement.  We can make things better and this bill is another step in that process.

Comments (3)

Happy Festivus!

Just a reminder of that it’s the 23rd. Bring on the feast and the airing of grievances! After dinner, all of the pets in the house will have to try to pin me in the feats of strength 🙂

[youtube]http://www.youtube.com/watch?v=dS7-jcsB_WQ[/youtube]

Comments off

All the old favorites

Now I want to be professor Claus when I grow up. I wonder where you can find Nietzsche sweaters?

Comments off

42 and sunny…

42 ° and sunny, perfect for turning:

10273
into:
10270
into: 10276
and then: 10267

Comments off

“Hacking” predator drones

This just makes me sad.  Two articles, one in the WSJ, the other on CNN, describing how insurgents in Iraq are hacking predator drones and receiving the video feeds that the drones are sending back to U.S. ground stations.   First things first, let’s fix the headlines.  Both are running something like “Iraqi insurgents hacked Predator drone feeds.”  That should more clearly read:  “Iraqi insurgents watching the videos that the Predator drone sends out unencrypted.”  Or maybe “Iraqi insurgents watch Predator drone feeds on TV.”

If you look into the article, you find that insurgents are apparently using a $26 piece of software that let takes satellite data and saves parts of it that might not be intended for your computer.  Essentially, it monitors the data that is sent and when it sees a file transferred will save it to your hard drive, regardless of whether or not your computer was the intended destination.

Now, I’ve been doing computer security work for over a decade.  I was the first person at my university to implement anti-virus in email, I was the first to require a department to use all-encrypted communication for transmitting passwords.  I discovered one of the earliest IRC-based botnets.  I’ve found vulnerabilities in financial systems.  I’ve seen … [a]ttack ships on fire off the shoulder of Orion. I’ve watched C-beams glitter in the dark near the Tannhauser Gate.  Er, some of that last bit may have been someone else, but you get the idea.

This stuff isn’t that hard.  SSL is over 15 years old, we know how to do encryption.  Hell, back in the 90s when we were developing the Predator, the U.S. was treating encryption as a munition – you had to get the government’s blessing to use decent encryption.  Is it too much to ask that an actual weapon include the munition that was encryption?  And this from the WSJ article strikes me as BS:

Predator drones are built by General Atomics Aeronautical Systems Inc. of San Diego. Some of its communications technology is proprietary, so widely used encryption systems aren’t readily compatible, said people familiar with the matter.

In an email, a spokeswoman said that for security reasons, the company couldn’t comment on “specific data link capabilities and limitations.”

Or more  to the point, entirely irrelevant.  First, the communication system can’t be *that* proprietary, since the commercial (if somewhat sketchy) SkyGrabber software can read the transmissions.  Second, you developed a proprietary communication system in the mid to late 90s and didn’t include encryption?  That’s the sort of thing that makes the baby Bruce Schneier cry.

On the other hand, this from CNN seems far more likely:

A senior defense official who was not authorized to speak about the security breach said, “This was an old issue for us and it has been taken care of,” but he would not elaborate on what specifically had been taken care of.

The official said that many of the UAV feeds need to be sent out live to numerous people at one time, and encryption was found to slow the real-time link. The encryption therefore was removed from many feeds.

Removing the encryption, however, allowed outsiders with the correct tools to gain unauthorized access to these feeds.

I’ll buy that.   There are certainly a few encryption schemes that will send encrypted data to multiple parties, hell at the very least, you could use symmetric encryption with shared keys.  But that kinda sucks.  Most commercial communication encryption technology assumes point to point transfers.  If you wanted to send the same data to many people… you send it multiple times.

Regardless, this is just embarrassing.  These days I’m doing security modelling work and if this is the sort of thing that we’ll have to consider, I’m going to sink into


Comments off

Boycott!

I’m officially boycotting any retailer using “Santa Baby” in their commercials.  Yeah, it’s an empty threat since I wasn’t going to the mall anyway, but there you are.  Now to get the idiotic song out of my head.  Maybe the Mighty Mighty Bosstones?  Failing that, a power drill may be my best bet.

Comments (2)

Calendar update

K and I received our copies of the Yellowstone calendar and they look great.  I’m happy with both the images we selected and also the printing – which was great.  As I mentioned earlier, we went with Zazzle for doing the printing and couldn’t be happier.  My mom got the ones for the folks in Louisiana and she also thought they looked good.  But hey, your mom is supposed to think everything you do looks good, so I was even happier to see that someone I don’t know in Illinois bought a copy on the Zazzle marketplace.  I didn’t expect that, but it was nice to see 🙂

10261

Comments off

Back from the dead

Okay, I wasn’t really dead, I had the flu, but I was wishing that I was dead for a while there. Five days is too long for a massive headache and very high fever. I’m finally recovering and doing some self-imposed quarantine after getting on Tamaflu Monday.  Tuesday afternoon was somewhat interesting.  My doctor’s office had given me a little trick – you can take full doses of acetaminophen and full doses of ibuprofen.  They’ll both contribute to lowering fever and reducing pain, but their side effects are different and you don’t risk ulcers or your liver as if you had doubled up on one.

So, Tuesday, I’m lying in bed doped up on acetaminophen, acid blockers, caffeine, ibuprofen, and tamaflu, feeling better than I had in quite some time.  I was wishing there was a Phish album playing, but was too lazy to go put one on.  Instead, I laid (diagonal 🙂 ) in my bed and daydreamed about Bill’s in-place, parallel sorting problem.  I think I’ve got the solution and it seems to hold even now when I’m not so dippy.

Comments off