unixronin: Galen the technomage, from Babylon 5: Crusade (Default)

December 2012


Most Popular Tags

Expand Cut Tags

No cut tags
Sunday, June 25th, 2017 07:20 am

Air temperature 60 F, dew point 55, calm, scattered clouds. Bike ride scheduled.

Saturday, June 24th, 2017 03:57 pm
Buttercups beheaded.
Saturday, June 24th, 2017 02:00 pm

Galapagos Tortoise_5

It’s not that tortoises don’t swim. It’s that they *ordinarily* don’t swim.

Originally posted at
Saturday, June 24th, 2017 09:51 am
I see no gain in responding to someone who doesn't know the difference between "principle" and "principal" . . .
Saturday, June 24th, 2017 08:13 am

Air temperature 66 F, overcast, wind south about 10 mph at newspaper walk time. Rain started later. So much for mowing the lawn.

Friday, June 23rd, 2017 11:01 pm

Alligator Snapping Turtle_1

It’s no use trying to get his attention. He’s got turtle stuff to do.

Originally posted at
Friday, June 23rd, 2017 09:23 pm

Posted by Bruce Schneier

A paddleboarder had a run-in with an injured giant squid. Video. Here's the real story.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Read my blog posting guidelines here.

Friday, June 23rd, 2017 06:57 pm

Posted by Bruce Schneier


As codes go, Potter's wasn't inordinately complicated. As Wiltshire explains, it was a "mono-alphabetic substitution cipher code," in which each letter of the alphabet was replaced by a symbol­ -- the kind of thing they teach you in Cub Scouts. The real trouble was Potter's own fluency with it. She quickly learned to write the code so fast that each sheet looked, even to Linder's trained eye, like a maze of scribbles.

Friday, June 23rd, 2017 06:01 pm

Spider Monkey

After you make the mistake of reading the comments on a political think piece.

Originally posted at
Friday, June 23rd, 2017 02:01 pm


“Folks on the Internet say that the end of the world is right around the corner, but I don’t see it.”

Originally posted at
Friday, June 23rd, 2017 07:56 am

Air temperature 58 F, mostly cloudy, wind south about 5 mph. Supposed to rain here and there, now and then.

Engaging Minimal Interaction Drive.

Friday, June 23rd, 2017 11:26 am

Posted by Bruce Schneier

Amazon has been issued a patent on security measures that prevents people from comparison shopping while in the store. It's not a particularly sophisticated patent -- it basically detects when you're using the in-store Wi-Fi to visit a competitor's site and then blocks access -- but it is an indication of how retail has changed in recent years.

What's interesting is that Amazon is on the other side of this arms race. As an on-line retailer, it wants people to walk into stores and then comparison shop on its site. Yes, I know it's buying Whole Foods, but it's still predominantly an online retailer. Maybe it patented this to prevent stores from implementing the technology.

It's probably not nearly that strategic. It's hard to build a business strategy around a security measure that can be defeated with cellular access.

Thursday, June 22nd, 2017 11:01 pm


“And far away, as Frodo put on the Ring and claimed it for his own, even in Sammath Naur the very heart of his realm, the Power in Barad-dûr was shaken, and the Tower trembled from its foundations to its proud and bitter crown. The Dark Lord was suddenly aware of him, and his Eye piercing all shadows looked across the plain to the door that he had made; and the magnitude of his own folly was revealed to him in a blinding flash, and all the devices of his enemies were at last laid bare. Then his wrath blazed in consuming flame, but his fear rose like a vast black smoke to choke him. For he knew his deadly peril and the thread upon which his doom now hung.”

Originally posted at
Thursday, June 22nd, 2017 06:01 pm

Wood Duck

You can’t tell because he’s in the water, but he also has killer rims and a lift-kit installed.

Originally posted at
Thursday, June 22nd, 2017 11:29 am

Rhododendrons dropping flowers, those full fairy-skirt blossoms that want to be strung into a lei or other garland. Lupines building seed pods at the bottom of their spikes. My itchy eyes say that the grass is also blooming . . .

Yesterday's yearling raccoon remains. I'd expected it to vanish -- perfect take-out dinner for a coyote or fox.

Breezy, pleasant temperature, got out on the bike. Did not die.

15.25 miles, 1:15:33

Thursday, June 22nd, 2017 02:01 pm


Must be an adult

Originally posted at
Thursday, June 22nd, 2017 07:58 am

Air temperature 56 F, clear, wind WSW at about 5 mph for the newspaper walk. Tomorrow's forecast leads me to think I should get a bike ride in today.

Thursday, June 22nd, 2017 10:52 am

Posted by Bruce Schneier

According to a recently declassified report obtained under FOIA, the NSA's attempts to protect itself against insider attacks aren't going very well:

The N.S.A. failed to consistently lock racks of servers storing highly classified data and to secure data center machine rooms, according to the report, an investigation by the Defense Department's inspector general completed in 2016.


The agency also failed to meaningfully reduce the number of officials and contractors who were empowered to download and transfer data classified as top secret, as well as the number of "privileged" users, who have greater power to access the N.S.A.'s most sensitive computer systems. And it did not fully implement software to monitor what those users were doing.

In all, the report concluded, while the post-Snowden initiative -- called "Secure the Net" by the N.S.A. -- had some successes, it "did not fully meet the intent of decreasing the risk of insider threats to N.S.A. operations and the ability of insiders to exfiltrate data."

Marcy Wheeler comments:

The IG report examined seven of the most important out of 40 "Secure the Net" initiatives rolled out since Snowden began leaking classified information. Two of the initiatives aspired to reduce the number of people who had the kind of access Snowden did: those who have privileged access to maintain, configure, and operate the NSA's computer systems (what the report calls PRIVACs), and those who are authorized to use removable media to transfer data to or from an NSA system (what the report calls DTAs).

But when DOD's inspectors went to assess whether NSA had succeeded in doing this, they found something disturbing. In both cases, the NSA did not have solid documentation about how many such users existed at the time of the Snowden leak. With respect to PRIVACs, in June 2013 (the start of the Snowden leak), "NSA officials stated that they used a manually kept spreadsheet, which they no longer had, to identify the initial number of privileged users." The report offered no explanation for how NSA came to no longer have that spreadsheet just as an investigation into the biggest breach thus far at NSA started. With respect to DTAs, "NSA did not know how many DTAs it had because the manually kept list was corrupted during the months leading up to the security breach."

There seem to be two possible explanations for the fact that the NSA couldn't track who had the same kind of access that Snowden exploited to steal so many documents. Either the dog ate their homework: Someone at NSA made the documents unavailable (or they never really existed). Or someone fed the dog their homework: Some adversary made these lists unusable. The former would suggest the NSA had something to hide as it prepared to explain why Snowden had been able to walk away with NSA's crown jewels. The latter would suggest that someone deliberately obscured who else in the building might walk away with the crown jewels. Obscuring that list would be of particular value if you were a foreign adversary planning on walking away with a bunch of files, such as the set of hacking tools the Shadow Brokers have since released, which are believed to have originated at NSA.

Read the whole thing. Securing against insiders, especially those with technical access, is difficult, but I had assumed the NSA did more post-Snowden.

Wednesday, June 21st, 2017 10:24 pm
The Andromeda Galaxy

Also, Saturn was recently at opposition. Here's what I was able to manage.

Thursday, June 22nd, 2017 12:01 am


Huh. Wonder why.

Originally posted at