Thursday, December 15, 2016

Tuesday, February 9, 2016

Monday, November 16, 2015

Monday, October 19, 2015

Wednesday, September 16, 2015

Thursday, September 10, 2015

Short Takes

Republicans move the goalposts on the Iran deal vote.

Australia joins the air war against ISIS.

The Kremlin tries to organize a “peace” conference for Ukraine.

Apple unveils new products.

Kickback: TV camera person fired for kicking running refugees in Hungary.

Fox and National Geographic announce a joint venture.

Tropical Update: Grace is dissipating; TS Henri is curving out to sea.

The Tigers lost in an 8-0 shutout by the Rays.

Wednesday, July 22, 2015

Highway Hacking

From Wired, Andy Greenberg faces a new road hazard.

I was driving 70 mph on the edge of downtown St. Louis when the exploit began to take hold.

Though I hadn’t touched the dashboard, the vents in the Jeep Cherokee started blasting cold air at the maximum setting, chilling the sweat on my back through the in-seat climate control system. Next the radio switched to the local hip hop station and began blaring Skee-lo at full volume. I spun the control knob left and hit the power button, to no avail. Then the windshield wipers turned on, and wiper fluid blurred the glass.

As I tried to cope with all this, a picture of the two hackers performing these stunts appeared on the car’s digital display: Charlie Miller and Chris Valasek, wearing their trademark track suits. A nice touch, I thought.

The Jeep’s strange behavior wasn’t entirely unexpected. I’d come to St. Louis to be Miller and Valasek’s digital crash-test dummy, a willing subject on whom they could test the car-hacking research they’d been doing over the past year. The result of their work was a hacking technique—what the security industry calls a zero-day exploit—that can target Jeep Cherokees and give the attacker wireless control, via the Internet, to any of thousands of vehicles. Their code is an automaker’s nightmare: software that lets hackers send commands through the Jeep’s entertainment system to its dashboard functions, steering, brakes, and transmission, all from a laptop that may be across the country.

People laugh at me for hanging on to my 1988 Pontiac 6000 station wagon.  Heh.  Try to hack that.

Friday, June 19, 2015

Wednesday, June 17, 2015

Friday, February 27, 2015

Net Gain

KellogCandlestick2The F.C.C. voted yesterday to approve net neutrality, basically making the internet a public utility, not unlike the rest of telecommunications in the United States.  Upyernoz has a concise explanation of what net neutrality is, how it works, and why there’s any controversy about it.

A phrase that I remember from a class I took a long time ago on the history of broadcasting was that a utility such as the telephone company and broadcast networks must operate in the “public interest, convenience, and necessity.”  The internet is no longer a luxury or a curiosity.  Just about everything we do in our daily lives has some element of connectivity to it, and we’ve become as dependent on it was we have of the electric power grid or water system.

That means that the people who provide the service need to remember they have a duty to operate in the public interest, convenience, and necessity, and if it makes their profit margin a little tighter or they can’t screw over someone for wanting to watch House of Cards instead of something they own a stake in, that’s what comes with being indispensable.

History reminds us that the phone companies fought the designation of their service as a utility back in their infancy, as did the radio broadcasting networks, who were fighting with the newspapers over their right to broadcast the news.  Somehow American Telephone & Telegraph survived, as did the National Broadcasting Company and the Columbia Broadcasting System, and so will Comcast and Time Warner.

Short Takes

The House is trying to come up with a plan to fund DHS without messing with immigration and pissing off the right wing.

The guy known as Jihad John, the English-speaking executioner of ISIS, has been identified as a Briton.

You’re welcome — Liberia’s president thanked the U.S. for helping them with the Ebola crisis.

The F.C.C. votes in favor of net neutrality.

The Klown Kar is in town.

Wednesday, February 11, 2015

Reply All

If any of my fellow Floridians wrote an e-mail to Jeb Bush during his tenure as governor of the state, the whole world now knows it.

Jeb Bush, a rumored 2016 Republican presidential candidate, just decided to publish hundreds of thousands of emails sent to him during his time as governor of Florida. On its face it seems like a great idea in the name of transparency, but there’s one huge problem: neither Bush nor those who facilitated the publication of the records, including the state government, decided to redact potentially sensitive personal information from them.

“In the spirit of transparency, I am posting the emails of my governorship here,” a note on Bush’s website says. “Some are funny; some are serious; some I wrote in frustration.” Some also contain the email addresses, home addresses, phone numbers, and social security numbers of Florida residents. The emails are available in Outlook format, and can be searched on the web at Bush’s website.

I’m guessing this was not the brainchild of Mr. Bush’s new technology officer who took the time to purge his electronic filing cabinet of misogynistic and homophobic musings.

The campaign later figured out the oops and took the raw e-mails down, but oh well, dems da berries in the digital age.

Thursday, February 5, 2015

Cutting The Cable

Tom Wheeler, the chairman of the F.C.C., is in favor of net neutrality.

First, Mr. Wheeler proposed regulating consumer Internet service as a public utility, saying it was the right path to net neutrality. He also included provisions to protect consumer privacy and to ensure Internet service is available for people with disabilities and in remote areas.

Mr. Wheeler’s plan would also for the first time give the F.C.C. enforcement powers to police practices in the marketplace for handling of data before it enters the gateway network into people’s households — the so-called interconnect market. For good measure, he added a “future conduct” standard to cover unforeseen problems.

This will undoubtedly piss off the cable companies such as Comcast, Time Warner, AT&T, and Verizon, who think that having a monopoly over telecom is the way God and the Bell System intended it.

Anything that curdles the milk of those companies is fine with me ($140 a month for intermittent service?  Seriously?), so go for it.

Monday, December 22, 2014

Revenge of the Nerds

Via the New York Times:

North Korea’s already tenuous links to the Internet went completely dark on Monday after days of instability, in what Internet monitors described as one of the worst North Korean network failures in years.

The loss of service came just days after President Obama pledged that the United States would launch a “proportional response” to the recent attacks on Sony Pictures, which government officials have linked to North Korea. While an attack on North Korea’s networks was suspected, there was no definitive evidence of it.

Doug Madory, the director of Internet analysis at Dyn Research, an Internet performance management company, said that North Korean Internet access first became unstable late Friday. The situation worsened over the weekend, and by Monday, North Korea’s Internet was completely offline.

Gee, I wonder what happened.  Perhaps Kim Jong-un tripped over the extension cord?

CloudFlare, an Internet company based in San Francisco, confirmed Monday that North Korea’s Internet access was “toast.” A large number of connections had been withdrawn, “showing that the North Korean network has gone away,” Matthew Prince, CloudFlare’s founder, wrote in an email.

Although the failure might have been caused by maintenance problems, Mr. Madory and others said that such problems most likely would not have caused such a prolonged, widespread loss.

The failure follows requests by the Obama administration to China seeking its help in blocking North Korea’s ability to wage cyberattacks, an early step toward the “proportional response” that Mr. Obama promised, as well as a broader warning to others who may try similar attacks on American targets in the future, senior administration officials have said.

The loss of service is not likely to affect the vast majority of North Koreans, who have no access to the Internet. The biggest impact would be felt by the country’s elite, state-run media channels and its propagandists, as well as its cadre of cyberwarriors.

If the attack was American in origin — something the United States would probably never acknowledge — it would be a rare effort by the United States to attack a nation’s Internet connections. Until now, most operations by the United States have amounted to cyberespionage, mostly to collect defense information or the communications of terrorism suspects.

This is what happens when you fuck with the big dogs.

North Korea at night

Saturday, November 1, 2014

Friday, July 25, 2014

Friday, June 13, 2014

Short Takes

Iraq: President Obama ruled out sending troops but took nothing off the table.

Sgt. Bowe Bergdahl returns to U.S. soil.

House delays vote on school meal standards.

Ya, mon — Jamaica to relax some rules on pot smoking.

Tesla to open-source its patent portfolio to encourage electric car development.

R.I.P. Ruby Dee, 91, actor and civil rights activist.

The Tigers beat the White Sox 4-0.

Thursday, April 3, 2014

Short Takes

Iraq veteran kills himself and three others in shooting at Fort Hood.

Supreme Court strikes down campaign donation limits.

U.N. reports the number of Syrian refugees in Lebanon is 1 million.

Aftershocks cause more evacuations in Chile.

Yahoo adds more security to thwart surveillance.

The Tigers beat K.C. 2-1 in extra innings.

Thursday, January 30, 2014

Wednesday, October 23, 2013

Code Talking

David Auerbach at Slate clears up the clutter of reporting on the website mess.

Last weekend, some anonymous “specialist” told the New York Times that “5 million lines of software code may need to be rewritten” in order to fix the mess that is (The good news, according to the source, is that the project has a total of “500 million lines of software code,” so only 1 percent has to be rewritten. So the code’s 99 percent good—or something.)

I don’t mean to jump back on my hobbyhorse of complaining about lack of knowledge in tech journalism, but printing a claim like that is egregious.

Why? Well, here’s a line of C++ code:


The close curly brace signals the end of a block of code. It could be put on the same line as the previous, more substantive line, but for the sake of cleanliness, programmers tend to put it on a line of its own. When it comes to coding in HTML, Perl, and AJAX, different programmers have different styles. Some will split code up into many lines; others will compress it into a handful of lines. I’ve seen nearly identical segments of code written in 10 lines or in 50.

Here’s another line of C++ code.

// TODO: make sure this code doesn’t crash!

That’s a comment. It doesn’t do anything—those two slashes at the beginning tell the compiler (which converts code into actual computer instruction) to ignore the line. It’s there to explain things to people reading the source code, or in this case to remind the programmer to fix whatever lies immediately below. I’ve written cryptic bits of code that required more lines of comments than lines of actual code, simply to explain what on earth was going on.


So not all lines of code are created equal. As a programmer, I had weeks where I produced 1,000 lines of code. I had weeks where I produced 20. Usually the latter weeks were more grueling, because any 20 lines requiring that much time and effort are going to be a) important, b) complicated, and c) bug-prone. The 1,000 lines were far more likely to be simple stuff that I could code by rote. I even had weeks where I removed 2,000 lines of code by removing redundancies between similar blocks of code. Those were the best weeks of all, because less code means fewer bugs.

Programmers who do user interface code—which is responsible for the visuals and input components of software—tend to produce far more code than other programmers, because user interface code requires a lot of boilerplate. I knew programmers who wrote 10,000 (good) lines of user interface code in a week. Many of them were copied and slightly modified from other projects or example code.

Consequently, it’s rather silly to say, as the Times article does, that “a large bank’s computer system is typically” 100 million lines of code. Investment banks have far more complex code than commercial banks—they need more in order to do all their clever, sneaky trading. Assuming the Times is referring to commercial banks, there is such variety among implementations and coding standards that speaking of an “average” amount of code is meaningless. Bank code written in FORTRAN will be far longer than bank code written in Python. Does it make a difference? Not really.

But while the numbers in the Times article don’t tell us much about the codebase itself, they do tell us something about the “specialist” sources that inform the article. The sources are not programmers, because programmers would not speak in terms of lines of code with no further context. We hear that “disarray has distinguished the project” in part because government “officials modified hardware and software requirements for the exchange seven times.” The officials probably modified them 70 times—requirements for any software project are constantly in flux, and it’s expected that project managers and software engineers will adapt. Modifications alone do not signal a project in disarray.

On top of the fact that writing code for anything is complicated and error-prone, there’s the simple fact that working for the federal government’s IT system is complicated, as this fellow at World of Pie explains.

I’m writing this post as a rant. I am tired of hearing people who have never worked in Federal IT try and come forward with ideas about what was wrong about the way was developed. I have one statement for all of you who think you could have done better.

You would have ALL failed miserably.

Federal IT is broken. Hell, all of Federal contracting is broken from what I’ve seen, but I want to focus on the IT side for now.

Before I get started, a quick reminder of my background. My first Federal project was back in the late 90s as the tech lead for the Secretary of the Air Force’s correspondence tracking system. Over the years, I have worked on a multitude of projects and managed many more while I was the Director of Technology Solutions for Washington Consulting . I’ve responded to many proposals and run Federal IT projects through the wide variety of hurdles that they face.

I can tell you right now, I am impressed that even boots up.


Let’s forget the obvious facts surrounding a system that is interfacing with over 36 states, a multitude of insurance carriers, and several federal agencies that think they have the best IT shop in the land. I want to talk about the over-arching process.

In Federal IT, typically nobody with both knowledge and authority owns all the components of a system. Even on smaller efforts, one contractor owns the data center, another runs the database infrastructure, one is developing the actual system, and a fourth contractor is in charge of making sure all the rules are followed.

Also take into consideration that we’re dealing with a website that deals with a very complicated industry — insurance — in the first place.  Getting a quote for car insurance online isn’t as easy as they would have you believe.  Try it and see.

Finally, in the effort to make a system that is open and accountable to the people and Congress, the federal government has set up so many checks and balances that it breeds red tape like minks in heat.

Try writing the code for that.

PS: It’s nostalgic to see FORTRAN mentioned.  That was the computer language I learned when I was a freshman in high school in 1967.

HT to CLW.