Schneier on Security
A blog covering security and security technology.
« Liars & Outliers Update |
| Alan Turing Cryptanalysis Papers »
April 20, 2012
Friday Squid Blogging: Extracting Squid Ink
How to extract squid ink.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Posted on April 20, 2012 at 4:49 PM
• 52 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Those squid seem to be dead. I always thought that they used to milk them somehow.
Guy strips down at PDX checkpoint-- a lot of blogs carried the initial reports but this is a fuller story, explaining that the trigger was a positive test for explosives. He decided to demonstrate that he didn't have an explosive device concealed under his clothes.
Sadly, the online version doesn't have the headline that appeared in the printed paper, which stated that he had made the "no-shy list".
Meanwhile, another local man alleges he was abducted and tortured at the behest of the FBI while visiting the UAE, because he had refused to become an informant. One story here, another here. He's joining a prospective lawsuit over the no-fly list.
That's three stories from my local paper in one week! (Plus there was a Mohamed Mohamud update, but I haven't posted a link because it didn't contain anything that seemed all that interesting to readers of this blog.) Is this happening everywhere, or is Portland just full of nonconformists and iconoclasts the way it's always claimed to be?
The perfect title for this thread: Learning from the Octopus: "How Secrets from Nature Can Help Us Fight Terrorist Attacks, Natural Disasters, and Disease," by Rafe Sagarin. The short review in Nature (22 March 2012, page 403) focuses on how adaptability "exemplifies key defence principles."
Just saw a link about DCWG on another site; saying the FBI is going to be taking down a botnet. Few reputable places seem to be talking about it. Is this a scam or a very quiet legit thing? http://www.dcwg.org/
"On a cold and windy February 23rd of 2011, my illusions came to an
abrupt end when I saw the payload bytes of an 802.15.4 frame's data
--- transmitted inside a valid packet as a regular payload ---
received as a frame of its own, reproducibly.
The "inner" packet, which I believed to be safely contained within the
belly of the enclosing frame would occasionally break out and arrive
all by itself, without any sign of the encapsulating packet."
Travis Goodspeed, Sergey Bratus, Ricky Melgares, Rebecca Shapiro,
Ryan Speers, "Packets in Packets: Orson Welles' In-Band Signaling Attacks for
Modern Radios", USENIX WOOT, August 2011
Travis Goodspeed, Remotely Exploiting the PHY Layer,
Len Sassaman, Meredith L. Patterson, "Exploiting the Forest with Trees",
BlackHat USA, August 2010 - part 1/5
Len Sassaman, Meredith L. Patterson,
"Towards a formal theory of computer insecurity: a language-theoretic
approach" Invited Lecture at Dartmouth College, March 2011
Payload already inside: data re-use for ROP exploits
Is this happening everywhere, or is Portland just full of nonconformists and iconoclasts the way it's always claimed to be?
I wish it was just us, keeping Portland weird.
I suspect we'll see more security theater headlines in The Oregonian since Mayor Adams (whom I support 90% of the time) negotiated that awful agreement to rejoin the JTTF. Now more Mohamed Mohamuds must be recruited to justify it.
On a lighter note: Alaska Air gives priority boarding to people wearing Timbers jerseys. Laurelwood or Rogue should give the guy a free pitcher for the full monty.
An article with a cute title, "Friends, Gangbangers, Custody Disputants, Lend Me Your Passwords," discusses a serious topic. How does one go about authenticating social media for legal purposes. According to the article judges are "freaking out" over the issue.
@ Petréa Mitchell,
Is this happening everywhere, or is Portland just full of...
Hmm, being "British" the last time I was in Portland it was pleasant, leafy and felt very normal compared to most parts of the US.
The worst part of the US I've visited as far as I'm concerned by a very long way is New York... There are two words that relive the nightmare of the place for me "Bugs and Brownstones".
What is it with the roaches that live there they look like they've just crawled out of some pre-history jungle, and New Yorkers are "proud of them"...
The first night I went to bed in the flat in the Brownstone almost as soon as I'd turned the lights out they were on the move, within minutes one was crawling across my face...
Needless to say it's not what most people would expect of a place that bills it's self as the most cosmopolitan place in the world...
Then to find out from the exterminator that I was probably wasting my time and money getting him to fumigate the place as the roaches would be back within a week....
They were back within three days, and that's when I started hitting the singles bars...
Are we doing movie plots again?
1) It occurred to me, as it has to many readers here, that a fire drill or false alarm is a great way of getting people to move to a designated location. As I was walking home one afternoon, I saw hundreds of people in a parking lot, waiting for the "all clear" signal. Parked in the center of the mass were a few white vans. What if...
2) As I parked my car one morning, I noticed an old train bridge, still in operation after nearly 100 years, and listed in my head the number of trains that rely on its trackage. If the bridge were disabled, or destroyed, no commuters south of Newark would be able to reach NYC for months. Likewise, commuters north of Newark would not be able to reach any points south. Re-routing would be expensive, difficult, and cause delays unimaginably often. The bridge is easily accessed from the ground as well as rivers, at multiple points. It is impossible to secure. What if...
3) Parking lots (again): parking lots frequently butt against the venue; tailgating often brings with it large vans, campers, even RVs and buses to some lots. How much explosives can you fit into a bus? What would happen to surrounding vehicles? What if it wasn't just that one vehicle, but a ring of vehicles? What if...
4) Cheap, homemade UAVs can fly over barbed wire fencing easily. Sometimes the only thing between an attacker and a large substation is a fence. The UAV can be designed to carry solid-core copper wire. What if...
5) .22 caliber rifles are cheap, easy to purchase, and not considered a strong threat. Insulators on electrical systems are frequently made of hard, brittle ceramic. What if...
6) HEPA filters and filter packs in general are not protection sealed. Anthrax spores can be seeded into the filter material. What if...
I've been in places that had a drill while i was there. I refused to participate.
@Daniel: given the condition of this country since 9/11, you mean to say. With all that happend under BushCo, my biggest worry was what would the opposition party do with the powers that were left behind. I am sure the opposition party does rue the day they left all those new administrative capabilities in place. Yet, each new administration tends to do the same. The people have to take back the power.
Interesting attack, described in Danish press this week.
1. Criminal obtains log-in info to tax reporting system from member of public, choosing someone with a simple tax situation via phone. Pretends to be from tax authority.
2. Criminal logs on, changes reported tax so a tax refund is due. Criminal changes bank account details to their own.
3. Some weeks later, refund is paid into criminal's account.
4. Criminal spends / withdraws the cash.
Victim (member of public) first knows about this when there is a tax audit. This can be months or years later. He will have received an email telling him of activity in his tax file, but he will expect this since he has recent cnotact with 'tax authorities'.
Criminal has plenty of time if correct victims are chosen
Attack relies on the 'privacy' afforded by the email containing few details, the social engineering to select a victim with simple tax affairs who is unlikely to logon to system for some time, and the trust in the system exhibited by normal members of public.
Please, don't insult my intelligence:
I suppose that comes with a potential "terrorist" rating. This should really interest the spy guys. Come on Google, where is your "mood" assessment tool? Oh, it is already in place. Ouch, that's gotta hurt.
If you support privacy you are an anti-American zealot who collaborates with terrorists seeking to undermine the glories of fascism. Or something like that. The article is so incoherent it's difficult to know what it's point actually. maps I think. or something.
btw if you missed my reference it's this meme
I want some more quantum random number generators no matter how truly random or not they may be...(thx aikimark)
Thanks for social media article, I almost fell off my chair laughing when I read:
In State v. Greer the Ohio appellate court held that the trial court did not err in admitting the accused’s own statements from his MySpace page offered by the government. In a South Carolina case, an alleged bank robber logged into his MySpace page to inform his followers: On tha run for robbin a bank Love all of yall.” That message was admissible.
On tha run for robbin a bank Love all of yall...man that is just...just go to jail for being so f'in stupid...
The best thing to do on social media is to either impersonate someone else or fake your thoughts, feelings...everything. See what kinds of ads you can get, fill servers with false data..good stuff
Hmm I was aware that squid ink was used in Japan not just as "ink" and for "cooking" with fresh, historicaly they also used to ferment it with a few other ingredients to make a sauce that quite frankly is a challenge to many peoples tast buds (think anchovy essence on steroids). However the other ingredients made it a significant flavour enhancer with just one or two drops significantly enhancing various scarce protein sources. Like soy sauce it has a taste effect known as umami in Japanese.
And like anchovy essence it works well (as do oysters) in beef casseroles, stews, pies and even mixed with other ingreedients to either use as a rub prior to grilling or as for use where marinated for other dishes. I first came across it with Korean cooking (Japan had invaded Korea some six hundred years ago and Korea was only liberated at the end of WWII) and I understand it has fallen into less use in modern Japanese cooking.
Not strictly a "security" story yet but certainly of some significance for the future as an effectivly "spoof proof" system for navigation in space.
As some may know various celestial objects of significant mass and density emit energy at various EM frequencies with a stability that rivals many atomic clock sources and these signals can as far as we are aware be "heard" across the entire Universe in a reliable way.
Well some of you might also be aware that some emit sweaping beams of energy that produce pulsed signals or bursts, again with a very high precision.
And again most are aware of time based navigation systems such as GPS and earlier phase and beam systems to provide location information to within increadably small distances (significantly smaller than a small fishing boat length such that lobster pot lines and bouys can be found in very thick fog).
Well the thought of using celestial bodies that radiate EM signals in one form or another as a navigation system has occured to German scientist Prof Werner Becker from the Max-Planck Institute for Extraterrestria Physics in Garching.
He estimates you could locate your position to within 5KM anywhere in the Universe where man is ever likley to go either directly or by sending robot probes.
Well if you are thinking "we've only got as far as the moon" I should perhaps remind people that there are more and more realistic plans to send man to Mars and in development plans for considerably more space probes to other planitary bodiess. And even at the distance of Mars the technique could even now provide a more accurate possition fix than the current methods (Google JPL Ranging Codes to get a start point). Which use measuring radio time delays and doing complex calculations based on the relativistic motion of both the earth and the space probe which even at Mars distance can have more than 10km of uncertainty and 100's of KM at the furthest distance we currently have probes (sent up in the 1970's) which are now approaching the edge of the solar system.
With more and more funding being based on previous results it would probably pay to have some added "security" in space navigation. For those that think "yeah so what" think back to the "Space Race" of the 1950's and 1960's, well this time around it won't be just for "National Prestige" it will be for monetary gain and "energy and other strategic resources". It already appears that it is financialy viable to "strip mine" the surface of the moon for Helium three,
Once developed for the likes of the moon it will not belong before other "easier" parts of the Solar System will become fair game for non renewable resource exploitation.
@ Clive Robinson
Well, he's late to that party. The focus in the past was on pulsars. Sagan thought their behavior was inconsistent with the mainstream theory & they have signs of being at least modified by extraterrestrial intelligence (ETI). In 2000, Laviolette published a book detailing specific behaviors and data that strongly argues the case for them being artificial. He claimed they were there for navigation or possibly sending us a message. The latter made me raise an eyebrow, but he had good data on it too.
Laviolette & Sagan on Pulsars
The University of Pittsburgh continues to receive daily bomb threats. Officials have, however, begun to tone down their decapitated-chicken responses. Final exams this coming week will be held in only a few locations; those locations will receive regular bomb sweeps and heightened security; and only "imminent threats" as determined by law enforcement will result in evacuations. Similar arrangements will be in place for the residence halls; evacuations due to "imminent threats" will be voluntary, not mandatory.
Funny how they talk about squid ink while showing a person holding an octopus.
I guess it beats the Ika Musume technique, though.
"Funny how they talk about squid ink while showing a person holding an octopus."
Left Cartoonist Ted Rall has a controversial theory why Americans shoot more Cops:
Experts blame a variety of factors for the carnage: the economic depression, low manpower due to budget cuts, policies that assign more cops to the most dangerous neighborhoods, and more aggressive patrolling of those areas, including “stop and frisk” stops of people the police deem suspicious. Maybe.
I think something else is missing in analyses of cop shootings: the motivation of the shooter.
Corporate media outlets cite the shooters’ prior records in order to imply: once a violent felon, always a violent felon. Sometimes that’s true. But not always. There’s more to it than that. Like law-abiding citizens, criminals employ rational decision-making strategies.
Harsh sentencing laws are killing police officers.
I think it's ok to go off-topic on a Friday post, Bruce is saying discuss stories he hasn't posted. Plus I think energy-security, national-security and even our collective global-security are at stake when we start talking about mining other planets.
I've heard some things about the He3 mining on the moon, like grandiose claims that it could supply total earth energy needs for 1000-2000 years. Even wealthy individuals and private companies beginning to consider staking claims of plots of land on the moon.
These issues raise more jurisdiction and legal authority questions than ever (who can tell who what to do and why). I'm all for pioneering explorers, but I say let's not get ahead of ourselves, what about our own atmosphere that is turning into a dangerous swarm of high-speed space junk? What a fun, stress-free job it would be keeping our satellites from colliding with one another or being obliterated. Who could forget the recent couple of falling satellites that could take out your house?
Space exploration is a fun topic to think about but right now any manned colonization missions are suicide missions, probes and robots should set-up living quarters first, maybe set-up a miniature breathable atmosphere.
I did find one actual squid, but only after I went to Make: Projects and found the article proper. Which shows the same two octopus pictures and just one dismembered squid, where you can't even see the ink sac. To be fair, I think that the risotto topped with octopuses might be flavored with ink, but what kind is anyone's guess.
The article itself is sad. You could sum up nearly the whole thing by saying you just pull the squid apart, then pop the ink sac. You can't really even do that with an octopus, because there's no body tube to pull off. If anyone actually wants to do this, there's a much better guide:
This one has good pictures of an actual squid, an actual ink sac, and clear information on how to properly clean and prepare squid. No octopuses are pictured.
Note that cleaning an octopus is actually fairly similar, but you don't start by pulling it apart. You have to cut off the arms first, deal with the beak, then deal with the head. If anyone wants to do that, they can find a guide here:
And this ends my cephalopod-related pedantry for the night.
It's not a new theory. There are some groups that have campaigned against the long sentences given to pedophiles on that logic too; that long sentences are more likely to prompt the pedophile to kill the child rather than go to jail. However to my knowledge there has never been an rigorous studies of that thesis, probably because the number of children killed by pedophiles each year in America is less than 50 (despite what the media would have you think).
Personally I don't give much credence to the theory. I'm sure there is an outlier here and there where it has been the case but I'm not so sure "murder" and "rational decision making" go hand in hand too often.
> I'm not so sure "murder" and "rational decision making" go hand in hand too often.
Assuming that sentencing is mostly accurate, you could also compare the murder 1 vs. murder 2 rates. I don't know what that gives you, though, or how accurate the assumption is.
Movie Plot Threat:
(aside: At the moment, Boiron, the world's largest (I think) single manufacturer and distributor of homeopathic remedies is being sued for false advertising - ie. they said it works. It doesn't.)
Just get a job at a homeopathic product plant packing things, and then slip into a good-sized batch of pills a lot of highly diluted dimethyl mercury. It doesn't take much, but this does have to be done after the homeopathic dilutions (presuming they're not just dousing them with tap water. I know what I'd do if I were peddling snake oil).
Since "homeopathic" medicines aren't (generally) regulated (or tested) by the US FDA, off they go to consumers.
For even more fun, you have time to get away. The symptoms of dimethyl mercury poisoning don't show up for some time, and can be baffling to doctors.
PS - Handle with extreme EXTREME care. Dimethyl mercury can and has killed people who knew how to handle it and had the proper the equipment to do so. Even if you know what you are doing, don't do it.
Living "just up the road" from one of the worlds leading research / development environments for satellites I have a modicum of interest in the subject. And was actually involved in the very early days both professionally and as a keen hobbyist initialy from school age and thus have my own collection of "space junk" all be it firmly earth bound.
These issues raise more jurisdiction and legal authority questions than ever (who can tell who what to do and why).
Yes for some reason we appear as a society to have a pathalogical desire to put labels of ownership and liability on everything. I'm not sure if this is a reflection of society expressed in law or if we have got to the point where the shoe is on the other foot and society is just a reflection of the laws we have enslaved ourselves with (I'll leave that debate for one of Bruce's "Outlier" posts ;)
But history has shown us that as a species we are teritorial in nature but as we have developed we also realise that people have rights of way and the rights to be protected from the actions of others directly and indirectly. One interessting area of study is Maritime Law and how it has developed especially with respect to such things as salvage.
I don't know if you have seen a 3D projection of NASA's database of the many thousand near earth space objects they keep a watching brief on? But it usually looks like a bad halo of dandruff around a pristine earth.
And that only covers the larger satellites and junk bigger than 10x10x10cm. Which coincidently is the size of a picosat or cubesat and has been given the exciting title of 1U (engineers have such exciting imaginations ;)
And as you note extraterrestrial space junk is becoming a significant hazard and it is a very serious issue that has to be dealt with when launching interplanetary probes as these have very narrow launch windows without having to also play dodgems with high delta-vee junk.
However with all our scientiffic and commercial extraterrestrial activities we currently appear stuck on salvage and clean up. Whilst Russia and China appear to have a broad consensus on a way to go the US and others appear almost diametrically opposed and degenerate talks into "Space-warefare" and high technology theft or "Space-espionage" (just as we currently see with "Cyber").
However over in Switzerland their space agency has recently anounced the intention to deploy a new "seek and pull down" satellite (ClearSpace One) to seek out snare and pull down to earth two cubesats they currently have in orbit.
However the design has various complications not least of which is the design its self is considerably larger than the satellites themselves and as we know launches and all to frequent failed deployments are a major source of space debris. The real problem boils down to the energy to get suitable mass up to speed to snare the target and then slow it down. The Swiss solution as portrayed gets this energy from chemical sources which is counter productive in many respects.
One solution I am interested in is the use of "solar sails" because these use low mass solutions that use the energy ejected from the sun in much the same way sail boats use the wind. And unlike other past proposals have several advantages one of which is it will work up above the 1000Km mark where atmospheric drag is not going to pull satellites down "naturally".
A proposal from Surrey in the UK from about a year before the Swiss anouncment to use solar sails,
Appears on the face of it little better than the Swiss proposal, in that it would be of similar size and mass as well as a "one shot" prototype.
However you then need to remember that unlike the Swiss proposal it can deal with satellites considerably larger and greater in mass than it's self and can take a "slow and steady" approach.
How ever as you note indirectly one of the most fragile and least resiliant parts of any space mission is the "squidgy biological bit",
right now any manned colonization missions are suicide missions, probes and robots should set-up living quarters first, maybe set-up a miniature breathable atmosphere
One thing we have discovered quite recently is that the chances of Humans getting to Mars without going through detrimental effects is going to be small. For instance there is a high probability an astronaut's vision would be so impaired due to fluid preasure changes in the eye they would be all but blind on arrival. Hopefully the likes of the ISS will find out most if not all these biological stressors before any long term missions are attempted.
But perhaps the important question is "do humans have to pack their bags?" it is extreamly difficult to keep humans alive and well in space as well as extreamly expensive in terms of mass and energy. It is considerably cheaper to send automated probes to do both exploration and commercial exploitation of space than send a human. We can see this on earth with the deployment of drone aircraft and deep sea Rovers.
When looked at this way the main reason for humans to go into space would be "political" and "Pleasure". And as time goes on the "Political" asspect will not be about "prestige" as it was with Apollo but due to the "legal" nicety that assumes "ownership" is not just about "placing a flag" as Russia has supposadly tried with dropping a flag from a submarine at the North Pole ( http://news.bbc.co.uk/1/hi/world/europe/... ), it requires a permanent human presence to set up a "Sovereignty".
I think it was Isaac Assimov who wrote a story many years ago that linked the need to do "deep water" exploration/habitation to understand what would need to be done in space. And this was prior to the man who was to become the second to stand on the moon proving that "underwater training" was a prerequisite for EVA activities.
Left Cartoonist Ted Rall has a controversial theory why Americans shoot more Cops
Two things first even in Britain Ted Rall's thinking is considered "Right of center" and in some respects quite old fashioned (see the bit in his article about British Soldiers in Iraq).
It is reasonably well accepted in Europe that "tough sentancing gives tough criminals" due to "association with existing tough criminals", suggesting that seperation of first time offenders from repeate offenders would be a good idea along with appropriate education. and trade training (many offenders are semi literate at best and to have failed in academic as oposed to vocational education).
But the actuality in the US for the increase in "shooting back" was questioned many years prior to 9/11. New York had a bad reputation for "cop killings" that is the police had a higher than national average rate of shooting civilians. It turns out that the rise had been coincident in the relaxation of physical fitness requirments. And it was suggested at the time that it was easier for "a cop to shoot a running away susspect" than it was for them to give chase to catch them...
Now you have to ask a question that the US Movie industry raised with the "Do you fell lucky punk?" catch phrase of "Dirty Harry" films. If as a criminal you feel that if a cop discovers you whilst in progress of committing a felony you are going to be shot rather than arressted are you more or less likely to try to "get one in first"?
What about countries where guns are common but cops either don't carry guns or very rarely shoot suspects? the figures are worth looking up and normalising against US numbers.
Several studies have shown that what most criminals caught in the act want to do is "escape" they don't want to fight but flee, but if cornered they will fight if forced to, this is an ordinary biological response from millennia of evolution.
However there is a problem certain criminals are not blessed with normal evolutionary responses or have inhibited them with the use of drugs etc. These are the criminals that many street cops will come up against and the best way to deal with them is by suppression with significant force be it as man power or fire power.
Thus you get a chicken&egg situation arising which effectivly drives the situation.
Sadly though things are changing for the worst and it is with youth gang culture we see the leading edge. Guns were not the norm even of street criminals now in certain youth culture you are "not a man without a weapon and the bigger the weapon the more your (faux) manhood". Belive it or not this appears to be as a result of "fear" initialy of other gangs encoraging a youngster to join a gang for safety. But once "signed to the devil" it's the fear of other gang members and this makes a "pecking order" where those with less social/impulse control rise up the hierarchy of the gang.
And as is so often pointed out "violence begets violence" but unfortunaly once a particular line is crossed and a person crosses over into a violent micro society the tipping point changes significantly. Thus reducing violence around an individual within a violent micro society actualy encorages more violence from them as this is linked in their mind to success/rising up in that micro society. The solution to this problem appears to be in part confronting the individuals not with violance, but showing the harm their violence does to others important to them such as their family etc, then giving them a non threatening meathod of moving out of the micro society and making available the resources for them to be successful in normal society.
@Clive, RE: shootings between Police and Civilians
I don't know how well this meshes with your theory, but there are (on paper) use-of-force rules which limit shootings of fleeing suspects.
Those rules came into place after a US Supreme Court ruling in 1985. (Tennessee vs. Garner.) The ruling held that using deadly force against a fleeing suspect is forbidden unless the policeman have reason to believe that the suspect poses a significant threat of death/injury to the officer or to others nearby.
However, the movie you mention was a 1970s film. Also, film-makers aren't known for being legally precise about such things...
You'd have to ask someone knowledgeable in Police procedure and law in the U.S. to know how this plays out in real life.
@Jacob, Clive, et. al.,
RE: LEO's killed in the line of duty in the United States.
At the moment, I can't access Ted Rall's paper for some reason. But I have my suspicions...
The FBI issues a Uniform Crime Report for many years. One category is assault/homicide of Officers in the Line of Duty.
Strangely, I can't get to that data by navigating from the FBI-UCR web page. (At least, I tried to find the data by hitting the links on the pages for 2010, 2009, and 2008...)
A little searching found this link with data for year 2009:
A table for LEO's feloniously killed in the line of duty for years 2000 through 2009 is here:
The number of officers killed is small (on the order of 50 per year, relatively unchanging over the decade). The total number of LEOs in the United States for those years is large (on the order of 1 million) for those years. This gives a rough death rate* of 5 officers per 100K.
Is Ted Rall talking about changes in this rate, from year to year? Because a small increase in absolute number can give a high percentage-increase result, and still be statistical noise.
Or is he talking about the differences between deaths of American LEOs in the line of duty and British LEOs in the line of duty?
I am assuming that British LEO fatalities run at less than 5 per 100K annually. But how much less?
I'm curious, mainly because it is easy for a person with an opinion to misunderstand or misstate the statistics involved.
* A related thought: the same resource also publishes accidental LEO deaths for the same decade, and gave a declining rate of 8 per 100K to 5 per 100K over the same decade.
Did Ted Rall distinguish between accidental deaths of LEOs and felonious deaths of LEOs? Or did he run with the entire death rate?
"then giving them a non threatening meathod of moving out of the micro society and making available the resources for them to be successful in normal society."
Why would a normal society want to do that though. Once a crook always a crook. Once a debtor always a debtor. I think that the actual public interest in rehabilitation is vastly overstated. Look how hard it for ex-cons of any type to get a decent job. People talk a great deal about the virtues of rehabilitation but they don't want the ex-con living next door or teaching their child. Sweeping the floor is OK though.
I had almost this exact same conversation in another context this morning and the person's response was "look, right now I have 100 qualified applicants for that job who don't have applicant's X defect so why the hell would I chose X." Why should society lend a helping hand and give a second chance when there are plenty of people in the wings waiting for their shot.
"then giving them a non threatening meathod of moving out of the micro society and making available the resources for them to be successful in normal society."
"Why would a normal society want to do that though. Once a crook always a crook. Once a debtor always a debtor. I think that the actual public interest in rehabilitation is vastly overstated. Look how hard it for ex-cons of any type to get a decent job. People talk a great deal about the virtues of rehabilitation but they don't want the ex-con living next door or teaching their child. Sweeping the floor is OK though.
I had almost this exact same conversation in another context this morning and the person's response was "look, right now I have 100 qualified applicants for that job who don't have applicant's X defect so why the hell would I chose X." Why should society lend a helping hand and give a second chance when there are plenty of people in the wings waiting for their shot."
Because the alternative is more costly. Convicted criminals do not just go away if you deign to embrace punishment over rehabilitation. Instead they simply exist without the benefit of education, job training, drug and mental health counseling, or whatever other social services. This means two things:
-The workforce as a whole is less proficient, less versatile, and less competitive. Educating the least among us makes for better-swept floors, and means that we can expect more out of our floor-sweepers.
-Convicts who are not given a proper 'second chance' are more likely to return to crime, pure and simple.
It's important to consider that the number one cause of crime is not, as your fatalistic approach would suggest, a poverty of the soul but rather poverty in the socioeconomic sense.
Nice, owning a piece or two of space junk, or better yet a chunk of meteorite would "suit my fancy" I guess they say in the UK. Regarding maritime law, another one of those hard issues to judge fairly; just sounds like a corruption booby-trap. I thought the recent 'Black Swan Project' was pretty interesting, it would be nice to bring $500 mil to the U.S. economy but I think they judged it right.
Nope, haven't seen a 3D projection of all the NEO's in the LEO or the GEO, only 2D images and I'm not even sure how up-to-date those are; would love to though.
All countries have skeletons in the closet, and we (or our militaries and 3-letter intelligence agencies) collectively seem to have built up this unresolvable accumulated paranoia about what another state's intentions are; but recent incidents like that in which China fires a missile at one of its satellites and creates ~3000 trackable objects and an estimated 150,000 debris particles larger than 1cm and then a U.S. response make me wonder about the sanity of the people making these decisions.
Yeah, I saw that too, regarding the posturing for a claim to the resources under melting ice caps. Another phenomenon that likely won't change its current direction it's headed towards.
All of it makes me want to zone out while "spacewalking", "moonwalking" or some other untethered EVA.
At RSA there was a pannel chat about the fragility of the "Smart-Grid" due to both lack of investment in the hardware and insecurity of the software protocols etc locking it all together.
The Alantic Council has an op-ed on it,
It's nothing I've not already said but hey I'm glad other people are starting to talk about it.
I did a squid dissection class with a group of AG kids, led by my Sister-in-law who does the biology thing. That was part of the class, to extract the back "bone" pen and use the squid ink to write their names on their notebooks. They thought it was very cool.
This one has made me shake my head and give a rueful smile,
As some of you may have heard via various news (/FUD) sources the "Internet will be doomed" on July the 9th ;)
As the opening paragraph of the article says,
Hundreds of thousands of computers worldwide may have been infected by hackers in an online advertising scam and may lose their ability to connect to the Internet on July 9
Now the important bits are "infected" and "online advertising scam", meaning in all probability the "user clicked on something" the should not have on a web page popup etc...
But guess what, this particular news posting like so many others is telling users to,
Go to http://www.dcwg.org Click on "Detect" in the upper left corner, or on the Green Button next to it
Which is effectivly re-enforcing the users bad "Click on what the page tells you to click on" behaviour that got them into trouble in the first place...
Oh and as you will notice the news item says the advice comes from the FBI, without any links or recognisable URL's etc by which the user could verify this...
Thus this news item like many others checks most of the boxes and thus has all the hallmarks of being a scam to get you to load malware onto your PC...
Oh and what is it those infected with the malware clicked on in the first place? and the FBI and other Government agencies are being very quiet about...
Well the ARS Technica did a write up back in Nov last year which also gives usefull advice on "self checking" your PC,
And it would appear the major infection vector was clicking on a link to download a video codec to watch online video. Apparently this was the way very many PCs at NASA and other major US Government sites (including the FBI) were infected, and the online video appeared to be only on Porn sites... I guess the Government is a little red around the ears over this :)
One of the serious indicators of what sort of disasters are awaiting for us with the Smart-Grid the politico's wish to ram down our throats without due consideration, is what's occuring on Net-Appliances.
At the moment Net-Appliances can be found on high end home equipment. Now if the designers cannot get these even remotly close to being secure what hope is there for the $5 Smart-Meter comming to your home any time soon by Governmant mandate?
Well... It looks like the high end systems are not just bad but very bad,
So ho hum think of all the cr4p to come with fridges air cons even your toaster and electric kettle...
@ Clive Robinson
That guy was worried that he might loose control of himself if he gets another one and, I don't know, exploit it or something. That's so lame. I have one better: make the TV's of the heads of Trusted Computing initiatives show hardcore porn during their wive's tea parties with their friends. They will act if they get yelled at enough by their wives. It's tradition in government and military. ;)
(I guess, in retrospect, it's better that the aforementioned security researcher got his hands on one and I didn't. 8)
Had my first patdown, finally.
The airport was not very busy, so they sent every other person through the scanner. I said "I'm not going through that", the TSA agent looked puzzled. I said "I'm opting out". She called for a supervisor who was not pleased (I was the only one opting out during the 10 minutes I was there). The supervisor commanded me to empty my pockets. The patdown was no big deal, I think the agent was more embarrassed than me. Now here's the interesting part (at least I didn't know this): After the patdown, he told me to wait and went to a machine where he placed his latex gloves and checked them for explosives. I think that's a nice (new?) twist. If you have been near any fertilizer in the last week of so, I'm sure the machine will sound an alarm and they can make sure you won't catch your plane.
Interesting post on passwords here:
How did this squid business start? I have been reading this blog for a long time and never learned this. Googling says that squid are inherently amusing the way ducks are inherently funny. Really? Tell us a squid joke then.
This is an interesting one...
I understand some venders like to insert these things for better troubleshooting/support. etc. That may and I say may have been a good idea 3 decades ago.
The problem is that now with hackers, etc. it is just plain stupid and maybe criminal to leave, encode, or hardware a backdoor into infrastructure. OTH, do people still put backdoors in themselves to service. Thinking about IT people who can connect remotely. Just a thought.
Penetration testing just got more interesting. GPS, probes,etc. Now what backdoors exist in the network???
"And as is so often pointed out "violence begets violence" but unfortunaly once a particular line is crossed and a person crosses over into a violent micro society the tipping point changes significantly. "
I agree. The question for me, and I acknowledge that this is tough to figure out, is that one size fits all justice needs to really be looked at and evaluated.
Nonviolent, violent, reprobate (no hope of reintegration) could be categories to start from. I hope the justice system does that but sadly based on cops and lawyers I've seen in action, nope. The feds are another category.
In the justice system you are more likely to get mercy from the IRS....They just want their money....jeez sorry too cynical this morning...
So they're just like Siemens, then. The problem in that industry is the demand side. There's no demand for security & few customers are going to sue over the issue. Hence, why bother to fix it.
Well, they said something...
Just goes to show that a firewall is a firewall?
I can think of several things but just to mention one. If a company feels the need to account for accidents by customers...a 1min fix versus telling a customer they are truly in for a painful process...ease of use trumps security, sound familiar?
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.