Security in 2020

Bruce Schneier sees the future, and sounds a warning. After reading the whole article, I say be afraid, be very afraid.

Amplify’d from www.schneier.com

The “Internet of things” won't need you to communicate. The smart appliances in your smart home will talk directly to the power company. Your smart car will talk to road sensors and, eventually, other cars. Your clothes will talk to your dry cleaner. Your phone will talk to vending machines; they already do in some countries. The ramifications of this are hard to imagine; it’s likely to be weirder and less orderly than the contemporary press describes it. But certainly smart objects will be talking about you, and you probably won't have much control over what they’re saying.

One old trend: deperimeterization. Two current trends: consumerization and decentralization. Three future trends: deconcentration, decustomerization, and depersonization. That’s IT in 2020—­it’s not under your control, it’s doing things without your knowledge and consent, and it’s not necessarily acting in your best interests. And this is how things will be when they’re working as they’re intended to work; I haven't even started talking about the bad guys yet.

That’s because IT security in 2020 will be less about protecting you from traditional bad guys, and more about protecting corporate business models from you. Deperimeterization assumes everyone is untrusted until proven otherwise. Consumerization requires networks to assume all user devices are untrustworthy until proven otherwise. Decentralization and deconcentration won’t work if you’re able to hack the devices to run unauthorized software or access unauthorized data. Deconsumerization won’t be viable unless you’re unable to bypass the ads, or whatever the vendor uses to monetize you. And depersonization requires the autonomous devices to be, well, autonomous.

In 2020—­10 years from now­—Moore’s Law predicts that computers will be 100 times more powerful. That'll change things in ways we can't know, but we do know that human nature never changes. Cory Doctorow rightly pointed out that all complex ecosystems have parasites. Society’s traditional parasites are criminals, but a broader definition makes more sense here. As we users lose control of those systems and IT providers gain control for their own purposes, the definition of “parasite” will shift. Whether they’re criminals trying to drain your bank account, movie watchers trying to bypass whatever copy protection studios are using to protect their profits, or Facebook users trying to use the service without giving up their privacy or being forced to watch ads, parasites will continue to try to take advantage of IT systems. They'll exist, just as they always have existed, and­like today­security is going to have a hard time keeping up with them.

Welcome to the future. Companies will use technical security measures, backed up by legal security measures, to protect their business models. And unless you’re a model user, the parasite will be you. Read more at www.schneier.com

 

See this Amp at http://amplify.com/u/iimp

Wikileaks Clones

I definitely think there is a place for something like Wikileaks, although I might have more use something that provides some context and interpretation to them as opposed just dumping hundreds of thousands of documents into the public. I also honestly believe that there is more to Assange than he allows us to see; at any rate, and effective leaks forum independent of Assange can only be beneficial in the long term.

Amplify’d from thenextweb.com

Even if Wikileaks does end up getting closed down for good it has a legacy. We could be about to see the dawning of a new age of Wikileaks-inspired sites, each with their own take on the idea.

As we’ve already reported, OpenLeaks is a site hoping to open as soon as Monday, now it looks like European politics could be getting its own specific whistleblowing destination.

BrusselsLeaks says it aims to expose “Dodgy dealings behind closed doors” at the heart of Europe. Seemingly created by people who work within the European Union’s political machine, the site’s WordPress-hosted front page states: “There are plenty of good people in powerful positions who too often see shocking information pass them by. How do we know this? We’ve been there.”

UPDATE: Just after we published this post, the founders replied saying that they’re not really courting media attention “But it helps”. “We want to support a transparent and fair EU system which could benefit many millions”, they say. Read more at thenextweb.com

 

See this Amp at http://amplify.com/u/i3uy

A tale of evolution. How Facebook and I grew apart.

An interesting story of someone's disenchantment with Facebook. His story certainly speaks to me, even if his ultimate solution is not Amplify (though perhaps it could be!).

Amplify’d from gilest.ro

I am leaving facebook or at least I am going to concentrate my social activity somewhere else. Most people leave because they are worried about privacy violations and similia but I don’t really care about that. I am well aware that my credit card companies, my banks, my favorite grocery stores¹ and my postman know more about me than facebook does – and more importantly they know things I never actually told them directly. So facebook privacy invasion is the least of my worries.

I am leaving simply because I realized facebook didn’t evolve at all during the five years I have been using it but my social needs did. I joined facebook to keep in touch with old friends (the second most common reason after getting laid, I suppose) but eventually found myself trapped in a network of people that I barely knew or didn’t know at all, sharing mostly contents I really don’t care about or that were trivial to find. I interact regularly with probably less than 10% of my facebook friends and it turns out it’s not because they posted a new picture of a cat doing funny things but because they shared interesting reading, worth following or commenting. I figured that if this has become my main use of facebook, than the platform is badly flawed for that use. As people say when they split:  it’s not you, it’s me.

Seeing how things are going, it doesn’t look like facebook is interested in targeting my needs. None of the points here above had been even remotely addressed since I joined (2005). They had half a dozen of UI changes, a little more power in grouping people and a myriad of flash games. No effort versus organizing contents the way I need, really. So Long, Facebook (and thanks for all the phishing.)

Why don’t you just reorganize your friends, you silly!

Yes I could do that. I could just get rid of that 90% of people I care little about and my signal to noise ration will get better. But I doubt it would work fully for I noticed that even that 10% of people I follow is posting less and less or even disappeared in the past months. I presume it’s because they are experiencing the same frustration so there is no good in having only interesting friends who are hardly active anymore. I am feeling so it’s better to leave the sinking ship.

Hello Google!

So, where to concentrate my networking now? Looking at the four points above, it seems that what I miss the most is the possibility to organize and search for contents and not for people: “search” and “contents” being the keywords here. What is a good internet company specialized in searching contents?

Here we go, Google. To be honest, I tried a couple of alternative before. Never been a fan of twitter but I figured I should give it a try. I also gave a chance to friendfeed and delicious. None of them did it for me: again way too much noise. Then I took my virtual ladder and climbed up to my virtual dusty loft where I restored a completely unused Google buzz account and a Google Reader account filled with bold numbers.

Buzz gives me the chance to share status updates and pics if I want; Google reader the opportunity to organize my readings and the tools to discover new contents and people, based on my interests and likes. Also the environment seems unfriendly enough to attract the people I care to meet. The only problem so far is very few friends of mine use any of the two. In fact, if you are reading this post most likely is because you have been shortlisted to be one of those I want to bring with me (congratulations) and I am trying get you to use your buzz and/or reader account.

The good thing about the new combination is that in fact they are split tools with different purposes that cover different needs. The former is a bit more facebook like and it’s about sharing your status, pictures and such; the latter is mainly a way to organize your readings on the web that also happens to be socially integrate so that you can actually share and discuss with other people what you find. So, it’s completely possible to just use the Reader without joining yet-another-social-yadayada. That’s how you do it:

Will it last? A couple of nerdy observations.

I think so. It seems Google and I share the same outlook on what I need and how has to evolve. There are only a couple of things that worry me: first, the Android app for Google Buzz sucks big time and this may be a sign that they are not investing so much in this direction as I wish they were. But that may be not necessarily true: at the end of the day, most of the Google developed Android app still suck²  yet there is no doubt Google has no plan of dropping Gmail or the Android market. The second thing that worries me is how Google wave was handled and failed. Buzz didn’t have the publicity it deserved and Google profiles never really took off. Yet, the tool is really nice and worthy and that’s why I am writing this, to make my friends aware. Read more at gilest.ro

 

See this Amp at http://amplify.com/u/ho76

Full Body Scanners: What's Next?

It appears that Bruce is starting to lose patience over the airport security situation, along with the rest of us. Money quotes:

"Airport security is the last line of defense, and it's not a very good one."

"We have a job here, too, and it's to be indomitable in the face of terrorism. "



Congress critters need to read this one, too.

Amplify’d from www.schneier.com

Organizers of National Opt Out Day, the Wednesday before Thanksgiving when air travelers were urged to opt out of the full-body scanners at security checkpoints and instead submit to full-body patdowns -- were outfoxed by the TSA. The government pre-empted the protest by turning off the machines in most airports during the Thanksgiving weekend. Everyone went through the metal detectors, just as before.

Now that Thanksgiving is over, the machines are back on and the "enhanced" pat-downs have resumed. I suspect that more people would prefer to have naked images of themselves seen by TSA agents in another room, than have themselves intimately touched by a TSA agent right in front of them.

But now, the TSA is in a bind. Regardless of whatever lobbying came before, or whatever former DHS officials had a financial interest in these scanners, the TSA has spent billions on those scanners, claiming they're essential. But because people can opt out, the alternate manual method must be equally effective; otherwise, the terrorists could just opt out. If they make the pat-downs less invasive, it would be the same as admitting the scanners aren't essential. Senior officials would get fired over that.

So not counting inconsequential modifications to demonstrate they're "listening," the pat-downs will continue. And they'll continue for everyone: children, abuse survivors, rape survivors, urostomy bag wearers, people in wheelchairs. It has to be that way; otherwise, the terrorists could simply adapt. They'd hide their explosives on their children or in their urostomy bags. They'd recruit rape survivors, abuse survivors, or seniors. They'd dress as pilots. They'd sneak their PETN through airport security using the very type of person who isn't being screened.

And PETN is what the TSA is looking for these days. That's pentaerythritol tetranitrate, the plastic explosive that both the Shoe Bomber and the Underwear Bomber attempted but failed to detonate. It's what was mailed from Yemen. It's in Iraq and Afghanistan. Guns and traditional bombs are passé; PETN is the terrorist tool of the future.

The problem is that no scanners or puffers can detect PETN; only swabs and dogs work. What the TSA hopes is that they will detect the bulge if someone is hiding a wad of it on their person. But they won't catch PETN hidden in a body cavity. That doesn't have to be as gross as you're imagining; you can hide PETN in your mouth. A terrorist can go through the scanners a dozen times with bits in his mouth each time, and assemble a bigger bomb on the other side. Or he can roll it thin enough to be part of a garment, and sneak it through that way. These tricks aren't new. In the days after the Underwear Bomber was stopped, a scanner manufacturer admitted that the machines might not have caught him.

Once again, the TSA is covering their own asses by implementing security-theater measures to prevent the previous attack while ignoring any threats of future attacks. It's the same thinking that caused them to ban box cutters after 9/11, screen shoes after Richard Reid, limit liquids after that London gang, and -- I kid you not -- ban printer cartridges over 16 ounces after they were used to house package bombs from Yemen. They act like the terrorists are incapable of thinking creatively, while the terrorists repeatedly demonstrate that can always come up with a new approach that circumvents the old measures.

The truth is that exactly two things have made air travel safer since 9/11: reinforcing cockpit doors and convincing passengers they need to fight back. The TSA should continue to screen checked luggage. They should start screening airport workers. And then they should return airport security to pre-9/11 levels and let the rest of their budget be used for better purposes. Investigation and intelligence is how we're going to prevent terrorism, on airplanes and elsewhere. It's how we caught the liquid bombers. It's how we found the Yemeni printer-cartridge bombs. And it's our best chance at stopping the next serious plot.

Because if a group of well-planned and well-funded terrorist plotters makes it to the airport, the chance is pretty low that those blue-shirted crotch-groping water-bottle-confiscating TSA agents are going to catch them. The agents are trying to do a good job, but the deck is so stacked against them that their job is impossible. Airport security is the last line of defense, and it's not a very good one.

We have a job here, too, and it's to be indomitable in the face of terrorism. The goal of terrorism is to terrorize us: to make us afraid, and make our government do exactly what the TSA is doing. When we react out of fear, the terrorists succeed even when their plots fail. But if we carry on as before, the terrorists fail -- even when their plots succeed. Read more at www.schneier.com

 

See this Amp at http://amplify.com/u/hcxr

Close the Washington Monument

Amen. Perhaps it is the only way. I wish our congress critters would read this in its entirety, and be ashamed.





Clipped via Android

Amplify’d from www.schneier.com

Securing the Washington Monument from terrorism has turned out to be a surprisingly difficult job. The concrete fence around the building protects it from attacking vehicles, but there's no visually appealing way to house the airport-level security mechanisms the National Park Service has decided are a must for visitors. It is considering several options, but I think we should close the monument entirely. Let it stand, empty and inaccessible, as a monument to our fears.

An empty Washington Monument would serve as a constant reminder to those on Capitol Hill that they are afraid of the terrorists and what they could do. They're afraid that by speaking honestly about the impossibility of attaining absolute security or the inevitability of terrorism -- or that some American ideals are worth maintaining even in the face of adversity -- they will be branded as "soft on terror." And they're afraid that Americans would vote them out of office if another attack occurred. Perhaps they're right, but what has happened to leaders who aren't afraid? What has happened to "the only thing we have to fear is fear itself"?

An empty Washington Monument would symbolize our lawmakers' inability to take that kind of stand -- and their inability to truly lead.

Terrorism isn't a crime against people or property. It's a crime against our minds, using the death of innocents and destruction of property to make us fearful. Terrorists use the media to magnify their actions and further spread fear. And when we react out of fear, when we change our policy to make our country less open, the terrorists succeed -- even if their attacks fail. But when we refuse to be terrorized, when we're indomitable in the face of terror, the terrorists fail -- even if their attacks succeed.

The grand reopening of the Washington Monument will not occur when we've won the war on terror, because that will never happen. It won't even occur when we've defeated al Qaeda. Militant Islamic terrorism has fractured into small, elusive groups. We can reopen the Washington Monument when we've defeated our fears, when we've come to accept that placing safety above all other virtues cedes too much power to government and that liberty is worth the risks, and that the price of freedom is accepting the possibility of crime.

I would proudly climb to the top of a monument to those ideals. Read more at www.schneier.com

 

See this Amp at http://amplify.com/u/h8h5

Risk Reduction Strategies on Social Networking Sites

I don't currently use Facebook. If I did, I might consider practices something like these.

Amplify’d from www.schneier.com

Mikalah uses Facebook but when she goes to log out, she deactivates her Facebook account. She knows that this doesn’t delete the account ­ that’s the point. She knows that when she logs back in, she’ll be able to reactivate the account and have all of her friend connections back. But when she’s not logged in, no one can post messages on her wall or send her messages privately or browse her content. But when she’s logged in, they can do all of that. And she can delete anything that she doesn’t like. Michael Ducker calls this practice “super-logoff” when he noticed a group of gay male adults doing the exact same thing.

Shamika doesn’t deactivate her Facebook profile but she does delete every wall message, status update, and Like shortly after it’s posted. She’ll post a status update and leave it there until she’s ready to post the next one or until she’s done with it. Then she’ll delete it from her profile. When she’s done reading a friend’s comment on her page, she’ll delete it. She’ll leave a Like up for a few days for her friends to see and then delete it.

I've heard this practice called wall scrubbing.

In any reasonably competitive market economy, sites would offer these as options to better serve their customers. But in the give-it-away user-as-product economy we so often have on the Internet, the social networking sites have a different agenda. Read more at www.schneier.com

 

See this Amp at http://amplify.com/u/h5uo

WikiLeaks reveals more than just government secrets

Glenn Greenwald on all the Wikileaks hand-wringing.

Amplify’d from www.salon.com

The WikiLeaks disclosure has revealed not only numerous government secrets, but also the driving mentality of major factions in our political and media class.  Simply put, there are few countries in the world with citizenries and especially media outlets more devoted to serving, protecting and venerating government authorities than the U.S.  Indeed, I don't quite recall any entity producing as much bipartisan contempt across the American political spectrum as WikiLeaks has:  as usual, for authoritarian minds, those who expose secrets are far more hated than those in power who commit heinous acts using secrecy as their principal weapon.

First we have the group demanding that Julian Assange be murdered without any charges, trial or due process.  There was Sarah Palin on on Twitter illiterately accusing WikiLeaks -- a stateless group run by an Australian citizen -- of "treason"; she thereafter took to her Facebook page to object that Julian Assange was "not pursued with the same urgency we pursue al Qaeda and Taliban leaders" (she also lied by stating that he has "blood on his hands":  a claim which even the Pentagon admits is untrue).

The way in which so many political commentators so routinely and casually call for the eradication of human beings without a shred of due process is nothing short of demented.

Those who demand that the U.S. Government take people's lives with no oversight or due process as though they're advocating changes in tax policy or mid-level personnel moves -- eradicate him!, they bellow from their seats in the Colosseum -- are just morally deranged barbarians.

Then, with some exceptions, we have the group which -- so very revealingly -- is the angriest and most offended about the WikiLeaks disclosures:  the American media, Our Watchdogs over the Powerful and Crusaders for Transparency.  On CNN last night, Wolf Blitzer was beside himself with rage over the fact that the U.S. Government had failed to keep all these things secret from him:

Then we have The New York Times, which was denied access to the documents by WikiLeaks this time but received them from The Guardian.  That paper's Executive Editor, Bill Keller, appeared in a rather amazing BBC segment yesterday with Carne Ross, former British Ambassador to the U.N., who mocked and derided Keller for being guided by the U.S. Government's directions on what should and should not be published (video below):

It's one thing for the Government to shield its conduct from public disclosure, but it's another thing entirely for the U.S. media to be active participants in that concealment effort.

Then we have the Good Citizens who are furious that WikiLeaks has shown them what their Government is doing and, conversely, prevented the Government from keeping things from them.

Before setting forth why these WikiLeaks disclosures produce vastly more good than harm, I'll state several caveats as clearly as I can.  Unlike the prior leaks of war documents, there are reasonable concerns about this latest leak (most particularly that impeding diplomacy makes war more likely).  Like all organizations, WikiLeaks has made mistakes in the past, including its failure to exercise enough care in redacting the names of Afghan informers.  Moreover, some documents are legitimately classified, probably including some among the documents that were just disclosed.

Nonetheless, our government and political culture is so far toward the extreme pole of excessive, improper secrecy that that is clearly the far more significant threat.  And few organizations besides WikiLeaks are doing anything to subvert that regime of secrecy, and none is close to its efficacy.  It's staggering to watch anyone walk around acting as though the real threat is from excessive disclosures when the impenetrable, always-growing Wall of Secrecy is what has enabled virtually every abuse and transgression of the U.S. government over the last two decades at least.  Read more at www.salon.com

 

See this Amp at http://amplify.com/u/gxb1

TSA Backscatter X-ray Backlash

Some of Bruce Schneier's stream of consciousness on the topic.

Amplify’d from www.schneier.com

A woman has a horrific story of opting-out of the full body scanners. More stories: this one about the TSA patting down a screaming toddler. And here's Dave Berry's encounter (also this NPR interview.

Sadly, I agree with this:

It is no accident that women have been complaining about being pulled out of line because of their big breasts, having their bodies commented on by TSA officials, and getting inappropriate touching when selected for pat-downs for nearly 10 years now, but just this week it went viral. It is no accident that CAIR identified Islamic head scarves (hijab) as an automatic trigger for extra screenings in January, but just this week it went viral. What was different? Suddenly an able-bodied white man is the one who was complaining

This video provides tips to parents flying with young children. Around 2:50 in, the reporter indicates that you can find out if your child has been pre-selected for secondary, and then recommends requesting "de-selection." That doesn't make sense.

Nor this story. The author convinces people on line to opt-out with him. After the first four opt-outs, the TSA just sent people through the metal detectors.

There's talk about the health risks of the machines, but I can't believe you won't get more radiation on the flight. Here's some data:

A typical dental X-ray exposes the patient to about 2 millirems of radiation. According to one widely cited estimate, exposing each of 10,000 people to one rem (that is, 1,000 millirems) of radiation will likely lead to 8 excess cancer deaths. Using our assumption of linearity, that means that exposure to the 2 millirems of a typical dental X-ray would lead an individual to have an increased risk of dying from cancer of 16 hundred-thousandths of one percent. Given that very small risk, it is easy to see why most rational people would choose to undergo dental X-rays every few years to protect their teeth. More importantly for our purposes, assuming that the radiation in a backscatter X-ray is about a hundredth the dose of a dental X-ray, we find that a backscatter X-ray increases the odds of dying from cancer by about 16 ten millionths of one percent. That suggests that for every billion passengers screened with backscatter radiation, about 16 will die from cancer as a result.

Jeffrey Goldberg asked me which I would rather see for children: backscatter X-ray or enhanced pat down. After remarking what an icky choice it was, I opted for the X-ray; it's less traumatic.

In 2005, I wrote:

I'm not impressed with this security trade-off. Yes, backscatter X-ray machines might be able to detect things that conventional screening might miss. But I already think we're spending too much effort screening airplane passengers at the expense of screening luggage and airport employees...to say nothing of the money we should be spending on non-airport security. On the other side, these machines are expensive and the technology is incredibly intrusive. I don't think that people should be subjected to strip searches before they board airplanes. And I believe that most people would be appalled by the prospect of security screeners seeing them naked. I believe that there will be a groundswell of popular opposition to this idea. Aside from the usual list of pro-privacy and pro-liberty groups, I expect fundamentalist Christian groups to be appalled by this technology. I think we can get a bevy of supermodels to speak out against the invasiveness of the search.

Exactly two things have made airline travel safer since 9/11: reinforcement of cockpit doors, and passengers who now know that they may have to fight back. Everything else -- Secure Flight and Trusted Traveler included -- is security theater. We would all be a lot safer if, instead, we implemented enhanced baggage security -- both ensuring that a passenger's bags don't fly unless he does, and explosives screening for all baggage -- as well as background checks and increased screening for airport employees. Then we could take all the money we save and apply it to intelligence, investigation and emergency response. These are security measures that pay dividends regardless of what the terrorists are planning next, whether it's the movie plot threat of the moment, or something entirely different. Read more at www.schneier.com

 

See this Amp at http://amplify.com/u/fn8j

Arrested for tweeting

For some reason, I find this absolutely hilarious.

Amplify’d from languagelog.ldc.upenn.edu

What in the hell motivates the tweeting craze? Twitter seems insane to me. If all my Language Log posts had to be 140 chars I wouldnt be abl

And people wreck their lives tweeting. A UK politician's "joke" suggesting a muslim writer should be stoned to death got him arrested by th

(Dont forget, China is not the only country where you can get arrested simply for online comments; the UK too has no constitutional guarant

And a frustrated UK airline traveler who wrote in jest about "blowing the airport skyhigh" has been fined a total of $3000 for "menacing" tw

Its clear that the lives of these Twitter users would've been far happier and less fraught if they had never heard of Twitter. So why the fu

Comment if you wish but your comments will be strictly limited to 140 ASCII characters. I dont see why you guys should get more leeway thanRead more at languagelog.ldc.upenn.edu

 

See this Amp at http://amplify.com/u/f9jz

Removing Belts at Airport Security

The obvious answer? SUSPENDERS!

Amplify’d from www.schneier.com

The TSA is making us remove our belts even when we don't have to.

European airports have made us remove our belts for years. My normal tactic is to pull my shirt tails out of my pants and over my belt. Then I flash my waist and tell them I'm not wearing a belt. It doesn't set off the metal detector, so they don't notice. Read more at www.schneier.com

 

See this Amp at http://amplify.com/u/eyit

'Are Any Parts of Your Body Sore?' Asks the Man From TSA

One experience with the new body scanner opt-out regulations. Security theater at its finest. The process is obviously geared to make avoiding the scanner as embarrassing and time-consuming as possible. More proof that the TSA doesn't work for you.

Amplify’d from www.theatlantic.com

Eventually, I'm called over for my pat-down. "Do you want to do this privately?" he asks. "No, right here in the middle of the airport is fine," I say.

"The guidelines have changed, just to warn you. We now have to run our hands through your groin until we meet --" "Resistance. Yes, I know," I say.

"Are any parts of your body sore?" he asks.  "No," I say, instantly regretting that I didn't say, "Yes. My groin. Very sore."  Next time.

He feels me up. "Could you widen your stance, please?" he asks. "Hey, I'm not in the United States Senate!" I say, widening my stance.

"How come you don't go through the machine?" he asks me. I give him several more answers than he expected: 1) I prefer to limit my exposure to radiation, which the back-scatter imager produces; 2) I don't think this new technology will stop terrorism; 3) I find the idea of the government taking pictures of my genitalia a discomfiting invasion of privacy; 4) I find the specific pose a person is forced to take inside the machine -- hands up, as in a mugging -- particularly debasing.Read more at www.theatlantic.com

 

See this Amp at http://amplify.com/u/et25

The End of In-Flight Wi-Fi?

Personally, I doubt they will be able to ban in-flight WiFi; there's just too much money in it for the Guvmint to stand in the way.

Amplify’d from www.schneier.com

Okay, now the terrorists have really affected me personally: they're forcing us to turn off airplane Wi-Fi. No, it's not that the Yemeni package bombs had a Wi-Fi triggering mechanism -- they seem to have had a cell phone triggering mechanism, dubious at best -- but we can imagine an Internet-based triggering mechanism. Put together a sloppy and unsuccessful package bomb with an imagined triggering mechanism, and you have a new and dangerous threat that -- even though it was a threat ever since the first airplane got Wi-Fi capability -- must be immediately dealt with right now.

Please, let's not ever tell the TSA about timers. Or altimeters.

And, while we're talking about the TSA, be sure to opt out of the full-body scanners and remember your sense of humor when a TSA officer slips white powder into your suitcase and then threatens you with arrest. Read more at www.schneier.com

 

See this Amp at http://amplify.com/u/et1w

Google suing US Department of the Interior for Google Apps snub

Since most people don't ever use 90-95% of Microsoft Office features, I'm not sure the standardization argument holds much water.

Amplify’d from www.engadget.com

Google has filed a lawsuit in the US Court of Federal Claims against the US Department of the Interior for being what it claims as "unduly restrictive of competition." Apparently the DOI wrote up procurement requirements for a hosted email and collaboration solution (it's currently hobbling along with 13 different platforms for its 88,000 users) that specifically stated the software had to be part of the Microsoft Business Productivity Online Suite. Google thinks there should be a competitive procurement process for the $59 million contract, allowing for potential alternatives to Microsoft (like Google Apps, for instance). The DOI says it's up for open competition on the contract, but it's "standardized" on Microsoft tech. We'll have to see how this plays out. Read more at www.engadget.com

 

See this Amp at http://amplify.com/u/efrc

Firesheep Countermeasures

It's just that simple.

Amplify’d from steve.grc.com

Amid all the fury over the release of Firesheep, no one else seems to have noticed, or at least mentioned, that the only thing any WiFi hotspot needs to do to protect its users is activate WPA encryption using any simple publicly-known password.

As long as the universally supported WPA encryption protocol is used, each individual user receives their own private “session key” that absolutely prevents eavesdropping between users, even through they are all using the same WiFi password.  It’s just that simple.

Hotspots only need to switch from “no encryption” to WPA and post or publish any static WPA password … and a large part of the problem, and more, is solved. Read more at steve.grc.com

 

See this Amp at http://amplify.com/u/e5g2

The Meltdown Caucus

Argh! I feel like Brewster's Millions. I just want to vote for "None of the Above"

Amplify’d from www.slate.com

I bring this up because it's the legacy of Macaca, an inevitability of the age of cheap, free media and atomized political media. You can ruin your career by doing or saying something stupid. And that's obvious, but we might be adding more bodies to the pile this year.

I'm not sure how I feel about this. Members of Congress should be deferential to their constituents, and they should never physically assault the people they're arguing with. Obviously. But the danger of being captured on film looking like a jackass (and it really could be the introduction of the camera that induces the jackassitude and panic) is, so far, leading to smarter candidates realizing they should limit access. See: the Democrats putting restrictions on how to attend their town halls. Read more at www.slate.com

 

See this Amp at http://amplify.com/u/e5bb

Obama's Last Laugh

A (surprisingly?) lucid take on Stewart's interview with Obama on #thedailyshow. I have to say I have been impressed with Stewart's abilities as an interviewer, particularly with guests he clearly doesn't agree with. He presses them, but he doesn't go out of his way to belittle them or humiliate them.

Amplify’d from www.thedailybeast.com

While joshing around with Barack Obama last night on a set festooned with faux Roman columns, Stewart spoke as the voice of disenchanted liberalism, demanding to know: What happened to that hope-and-change guy?

"You ran with such, if I may, audacity… yet legislatively it has felt timid at times," the host said. "I am not even sure at times what you want out of a health care bill."

That the president of the United States would appear on the Daily Show six days before a midterm election that could sink his party speaks volumes, or at least chapters, about that buzzworthy forum. But it was also a test of sorts for the host, who is casting his big "sanity" rally in Washington as an escape from the nuttiness fostered by the extremes of both parties.

I'd say Stewart passed the initial exam, making Obama feel comfortable while also delivering the zinger that "Democrats this year seem to be running on 'please baby one more chance.'"

Stewart told me years ago that he regarded the nightly interview segment as little more than filler that spared his staff from having to write one more comedy sketch. But it's evolved into an key component of the program, as anyone who saw his combative sessions with CNBC's Jim Cramer or health care critic Betsy McCaughey can attest (though Stewart conceded that Bush torture defender John Yoo "slipped through my fingers"). Read more at www.thedailybeast.com

 

See this Amp at http://amplify.com/u/e54p

A guide to the misguided criticism of the Stewart/Colbert rally

Good take-down of press angst over #rally4sanity. My favorite criticism: "But Stewart appears uninterested in generating enduring change; he wants a day-long party. Then people can go back to the things that matter — lives of domesticity, and watching shows that make jokes about how seriously screwed up things are." Party on, dudes!

Amplify’d from www.tbd.com

Stewart, who's been rationing out details for weeks, would only say, "Let me put it this way — you'll have fun." It's a word that bears repeating — "fun" — and one that Stewart has been repeating, perhaps because a growing number of cultural critics, unlike his fans, refuse to believe that a comedian who hosts a news-satire show on a channel called Comedy Central could possibly aspire only to be entertaining.

"I think that they're all guilty of what jazz musician Charles Mingus called 'mental tardiness,'" Slate's Jack Shafer, who doesn't plan to write a Press Box column about the rally, tells me. "I think these critics aren't really thinking it out all the way."

Or maybe they're thinking too hard. While their conclusions, invariably, are that Stewart and Stephen Colbert should cancel their Oct. 30 rally, the supporting arguments are myriad, ranging from "Stewart is too serious" to "laughing isn't funny."

What strikes me most about the aforementioned critiques is their tone — of admonishment, betrayal, and even anger.

Clearly, the rally is political. Stewart even admitted at Monday night's taping of The Daily Show that he booked the National Mall right after he heard about Glenn Beck's "Restoring Honor" rally, and surely it's not lost on Stewart that his event falls just three days before the midterm elections. To say the rally isn't political is slightly disingenuous.

What Stewart means to say, of course, is that he's not overtly espousing a particular partisan line. Is he pushing his fans in a leftward direction? Sure — just look at The Daily Show lineup this week, which includes President Obama tonight. But anyone who's watched the show knows where Stewart's political beliefs lie, and many of the critics above are professed fans of his. So why this sudden defection? Because, I think, they felt a certain ownership over, or at least camaraderie with, Stewart. Print and web journalists, generally speaking, are a prickly, defensive, and arrogant bunch. We imagine ourselves superior to TV newscasters, who traffic in sound bites and manufactured controversy and high-decibel alarmism. In our minds, we writers slave away at our desks, composing thoughtful articles that are too nuanced for TV, and yet we remain largely anonymous while all those empty-headed beautiful people soak up the relative fame afforded by television.

As the criticism of Stewart's rally proves, we are delusional: Writers often aren't very thoughtful at all. We're just bitter. We loved Stewart because he voiced that bitterness we felt — about politics, about television, and even about our own careers. Now that his narrative has diverged from our own, we fear he'll become just another media figure — or worse, a politician — about whom we're forced to write articles. Some of us, consequently, reject Stewart in the way we might reject a boyfriend or girlfriend who has left us for something bigger: He or she is already gone, but somehow we convince ourselves that the decision was ours to make. Read more at www.tbd.com

 

See this Amp at http://amplify.com/u/e2k3

The World’s Largest Solar Project

It seems to me that 1000 MW is kind of small for industrial power generation, but it is significant. The company's website indicates other projects that generate more, so I don't know if this is really the largest. It's a start, anyway.

Amplify’d from techcrunch.com

Solar Millennium, a German firm, plans to build four plants on the expansive property with a total capacity of 1,000 megawatts— which is roughly on par with the country’s current total solar capacity. With 1,000 MW at completion, the station would be able to power more than 300,000 homes.

The hope, the company says, is to start supplying the grid with electricity by 2013. In terms of regional economic impact, Solar Millennium predicts that the project will hire 1,000 people during the construction phase and 220 permanent workers (once its operational). Read more at techcrunch.com

 

See this Amp at http://amplify.com/u/e0wy

The Top 5 PC Alternatives To The MacBook Air

Just a little perspective for those those getting a little tired of the big Apple-gasm going on.

Amplify’d from www.crunchgear.com

Well, yeah, but the MacBook Air isn’t for everyone. Good thing the PC world has been doing the ultra-portable thing just as long as Apple and offers some quality alternatives. Sure, there really isn’t one model that soundly beats the new MacBook Air in every category, but the same can be said about the Air versus the five computers listed after the jump. Read more at www.crunchgear.com

 

See this Amp at http://amplify.com/u/e0ue

Sorry for the repeat, just testing... http://amplify.com/u/dv7l

The real danger from NPR's firing of Juan Williams

I don't always agree with Greenwald, but here he has an effective takedown of all the faux umbrage over the firing of #juanwilliams.

Amplify’d from www.salon.com

But there's one point from all of this I really want to highlight. The principal reason the Williams firing resonated so much and provoked so much fury is that it threatens the preservation of one of the most important American mythologies:  that Muslims are a Serious Threat to America and Americans.  That fact is illustrated by a Washington Post Op-Ed today from Reuel Marc Gerecht, who is as standard and pure a neocon as exists:  an Israel-centric, Iran-threatening, Weekly Standard and TNR writer,  former CIA Middle East analyst, former American Enterprise Institute and current Defense of Democracies "scholar," torture advocate, etc. etc. Gerecht hails Williams as a courageous "dissident" for expressing this "truth": Read more at www.salon.com

 

See this Amp at http://amplify.com/u/dv7h

Know Its Features. Know It's Real. The New $100 Bill

The Treasury has now announced the new design for the $100 bill, which was last changed in 1996. The big new feature is the blue/white motion thread running down the middle. More information at www.newmoney.gov. As cool as it looks in the video, it looks even better in person.

Don't mind the missing apostrophe in the new slogan.

Jindal Redux

I remember when Bobby Jindal was ridiculed some for complaining about spending on volcano monitoring. It is certainly time for some more.

Jarvis on the Cloud

Perhaps there is nothing like a volcanic eruption, except maybe a thunderstorm/tornado/hurricane, to remind people that the word "cloud" has another meaning, one not related at all to computers and the internet. Jeff Jarvis has some interesting reflections on his narrow escape from Europe ahead of the famous cloud, with thoughts on how the media (and governments, too) are failing to really address the event in real time.

My favorite quote.

What’s failing us, all in all, is our power structures, which aren’t built to think big and fast at the same time. ... They are treating this is a short-term, one-time event. It may well not be.

Update:
Here, by way of Matt Yglesias, is an interesting description of just why this cloud of ash causes all this trouble.

Required Reading

Roger Ebert has an excellent blog post discussing the recent controversy on Texas school books. (Strange; when I saw him on "At The Movies," I thought he was kind of a pompous ass, and now he seems to be one of the better thinkers of our time!) My favorite quote:

Does it make me a liberal if I believe Jefferson has been more central to American history than Calvin? That Lincoln was our greatest president, and Davis not our President at all? That the Theory of Evolution towers with majesty above those who, in some cases, believe the earth may be 10,000 years old, and that men walked the earth with dinosaurs? No, it doesn't make me a liberal. It makes me an educated, rational being.

His solution:

I have a simple proposal. More enlightened states should refuse to play along. Their State Boards could require generally-accepted educational standards, and vote against purchasing the corrupted Texas texts. This would have the result of limiting the influence of the Texas religious right over the rest of the country. And it would allow publishers to cling to a certain degree of self-respect.

Unfortunately, I don't think it will work out quite that way.

Psychic Beheading

Saudi Arabia is going to behead a psychic. My first reaction is that he should have seen it coming. When you think about it, though, it makes you wonder just who are the Saudis and why do we really want to deal with them when they do what they do? Warning: there is a picture at the second link.

Extraordinary Thief

A very interesting story about an extraordinary thief, courtesy of Bruce Schneier

The Census: 2010

I finally filled in my census form and sent it in. I have to say, it was quite painless; I don't know why I waited so long.

One thing I find briefly amusing is that apparently many right-wing birthers, tea-partiers, and other wingnuts are rebelling and not sending in the form. I want to enjoy thinking about how all these nuts are shooting themselves in the feet, reducing their federal aid and congressional representation; but then I realize that, since the Census Bureau can't use statistical methods to improve the count, they are required to spend hundreds of millions of dollars to send canvassers out to try and correct the undercount. (For every one percentage point increase in the national participation rate by mail, taxpayers can help the Census Bureau save about $85 million in operational costs.) These guys spend so much energy decrying wasteful government spending, and then force the government to spend all this money to overcome their petulance.

Come on guys, just fill out the damn form!