I feel like this is the story of my life: Are smarter people better at ignoring things?
Less
More
Archive for January, 2006
as the title says, here’s the article from the Guardian. Sadly, I bet it’s true.
I’m glad to see someone sees it my way in regards to cheating. Or I’m just trying to justify my former position at the center of a massive cheating ring :-).
(in case you didn’t get that little smiley, I’m just kidding)
EXACTLY what I thought was going to happen, exactly. Some group found a bunch of Javascript XSS holes on the main page and because all LJ users share the same base domain name (www.livejournal.com/users/) you can steal all their cookies. Hah!
The LJ reaction was to immediately give everyone their own subdomain and rely on the browser to stop the attack. A path of least resistance, yes, but definitely not a secure solution.
I hope they get owned over and over and over again until LJ collaspes. It’s been my dream ever since high school 
Here’s a thought on this Slashdot article. What if those companies questioned had integrated security into their development cycle from the beginning? Could they have saved money in spending to prevent the break-in they later suffered? This Slashdot article doesn’t tell me there’s rampant computer crime, it tells me there’s rampant mischaracterization of organizations security problems and needs.
Either that or those organizations already did a cost benefit analysis and came to the conclusion that it’s cheaper to let the losses happen than to prevent them. That would be a big problem, and that’s where I would come in. Design a security product or develop a security process that reduces their expenditures but increases their protection.
I read this really interesting article about what this guy thinks will happen to the income tax system over the next 10 to 20 years. His idea is a popular one usually co-opted for explaining the collaspe of civilizations, most publicly by Jared Diamond in Guns, Germs, and Steel (a book I asked for and got for Christmas, still haven’t read it) and Collaspe: How Societies Choose to Fail or Succeed Joseph Tainter in The Collapse of Complex Societies.
More evidence of what people are calling “Titan Rain” in the Guardian today. Nothing more than targeted phishing and sophisticated spyware.
http://mapage.noos.fr/joelapompe2/
see who copied who in tons of blatantly pirated ad concepts over the years
I was trying to explain ShmooCon to a friend of mine and came across this interview with the Shmoo Group by the DCist last week. Check it out!
My favorite quote was from Beetle: “I for one, actually own a few non-black t-shirts.”
I’m finally back at my apartment for good. After traveling around NY and DC for the last 3-4 weeks I’ll finally get to sleep in my own bed tonight.
Here’s the information I have about RIAA subpoenas.
http://www.muddlawoffices.com/laws/RIAA/RIAA.htm
http://www.eff.org/IP/P2P/?f=riaa-v-thepeople.html
What’s going on here is the RIAA only has your IP address and the knowledge that you were sharing music. They filed a subpoena at the location of your ISP directed at your ISP to reveal information about you, so that then they can go further and approach you and then perhaps sue or demand money from you. There was a ruling in Pennsylvania that requires ISPs to give notice to the individual who’s information was requested and ask that individual for how they would like the ISP to respond. This is most likely the first letter you’ll receive in this process. Actual subpoena’s delivered to you need some time of confirmation you received then (you’ll have to sign for it, that sort of thing). That’s how you know it’s gotten serious.Now the important thing in that last paragraph was that the lawsuits are filed, usually, in areas where you don’t live. If that is the case, the appropriate reaction is for you to find a lawyer to file a motion to quash on the basis that the location they filed the lawsuit in does not have jurisdiction over you. This tactic may work because the way the RIAA is filing lawsuits is without regard to much else besides speed. Their entire subpoena process is automated and they count on people not resisting at all. There is a list of lawyers who provided their names to the EFF to do just that at this location:
http://subpoenadefense.org/legal.htm
and the appropriate motion to quash here:
http://www.eff.org/IP/P2P/?f=local_motion.html
Past that I can’t make many recommendations without seeing the actual papers you were given. Something you might be able to benefit from is this explanation of the exact process the RIAA goes through with their lawsuits and frequently asked questions for each stage: http://www.muddlawoffices.com/laws/RIAA/RIAA_Stages.htm
One more thing you should do is track down the original point of contact at your ISP or University for the subpoena. They’ll be in the best positition to determine the severity of the subpoena, what the usual reactions are to them, and the past history of them instead of relying on hearsay.
It occured to me that maybe I haven’t gotten to see as much of the city as I should have to make my previous conclusions. Woodley Park, Pentagon City, and Arlington are mostly professional areas where I’m not likely to meet people other than what I described. Tonight I’m hanging out by Gallery Place/Chinatown so we’ll see what I experience there.
The subway has been functioning well all through the weekend. I didn’t have to wait long at 1am to get the right trains to pick me up. This morning, however, I did get yelled at for taking a sip of my milkshake in a far corner of the station I was waiting at.
By the way, ShmooCon is over. I saw all the panelists I wanted to. I’ll be doing some presentations based on the material I saw at SFS meetings and I’ll try and write up those presentations here when I’m done with them. The Shmoo Group will also be putting videos of the panelists up on bittorrent fairly shortly so keep an eye on that.
If you’re looking for a free tool to root out office document metadata, my good friend Michal Zalewski has come to your rescue with a linux utility that finds and parses it. Download here.
I’m currently at ShmooCon and hopefully sometime tomorrow I’ll have time to write up some presentations I’ve seen here. Check back soon.
My first impression of DC was how clean it was compared to NY. Impossibly clean. So clean that the subway could afford to be carpeted and not stink and look like hell.
The second thing I noticed was how many people like to jog in DC. I’ve never seen so many people jogging before! Not on long island, not in NYC, not anywhere else I’ve ever been. It’s strange because the population density is obviously lower than NYC but there have to be at least 20x the number of people exercising outside. This is also a testament to the fact that it’s so much cleaner and less polluted than NYC.
In respect to population density: you’d have DC about right if you thought of it as an autonomous Brooklyn that had been transported here with its own fully functional, easy to travel subway system. Most buildings look about 4-5 stories high and the number of people on the street resemble a busy Park Slope or Downtown Brooklyn. The one thing it did not inherit were the traffic problems. I was laughing as my Aunt Michele got frustrated when there was a taxi in front of her turning without a blinker. Traffic problems here seem trivial compared to anything anywhere in NYC or Long Island.
The general population strikes me as educated, physically fit, politically conscious, socially responsible, well traveled, non-pretentious, and unconcerned with a lot of the things in NY that sometimes make me disgusted, like high fashion. People in general are also much more friendly here. Guns aren’t allowed in DC, I feel safer. There also aren’t hoardes of thug kids walking around like they’re hot shit, they know their place. I even saw a group of about 20 black kids get onto the subway in my car and when 3 or 4 of them sat down the first thing they did was pick up a Washington Post and read it! Never in NY. Last night a group of my friends went out to a few bars and managed to get a girl to sit with them in no time. This woman, Lily, lived in Russia for 5 years, rides her bike to work, is a professional photographer, was much more friendly than anyone I’ve ever met in a first conversation in NY, and knew about what was going on in the world. She couldn’t have been more than 24 or 25. The reason she probably stayed with us for so long was because 4 guys with us also knew Russian and started speaking it with her. I feel like this was an “only in DC” moment and that she was indicative of the rest of the population around here.
I think I’ve run out of comparisons for the moment. I can say that the food around here is very very good. It’s quiet. There are lots of museums and a zoo with Giant Pandas! The Pentagon City Mall is only slightly smaller than Roosevelt Field on Long Island and contains a similar makeup of stores.
There is one thing though. DC is related very closely to cities like Detroit or Vegas. It has a singular purpose. Take away the auto industry, Detroit goes bye bye. Take away the porn industry, Vegas goes bye bye. DC is built solely on the location of the capital. Every other business here is peripherary and made to support the people who work inside the government. Although that is not a small breadth of jobs my any means.
All in all it’s a great city and I think it’s really opened my mind up to believing that there are more places than NY that are great cities to live in. It’s really exposed faults with NYC I never cared to think about. It appears like a hulking, mismanaged, slum from down here. I’m looking forward to spending more time here to get a better picture of it because I’m sure I’m stilling missing things.
