OT

Off Topic

Why BC holds the record for “World’s Weirdest Politicians”

Whenever political pundits get together, they all start the competition for “our politicians are more corrupt/venal/just plain weird than yours.”  Whenever anyone from BC enters the fray, everyone else concedes.

Herewith our latest saga.

The ruling “Today’s BC Liberal Party” is finding itself polling behind the NDP.  (Do not let the word “liberal” in the party name fool you.  Whereas pretty much every other liberal party would be centre-left, the BC Liberals are, politically, somewhat to the right of Attila the Hun.)  The liberals are runing attack ads stating that, twelve years ago, the leader of the NDP backdated a memo.

(No, I’m not making this up.)

The Liberals have just released another version of the same attack ad, this time using a snippet of footage from the recent leaders debate.  Trouble is, the media consortium that ran the debate has copyright on the video of the debate, and all parties agreed that none of the material would be used for political purposes.

The Liberals, called on their use of the video, have refused to take it down.

(How old do you have to be to understand the meaning of “copyright infringement?”)

(I am eagerly awaiting the next installment of this story.  I assume the lawyers paid for by Today’s BC Liberals [or possibly by public money: that’s happened before] will argue the provisions of “fair use,” and claim that the attack ads are commentary, or even educational …)

“New” ideas about distributed computing?

The CEO of BitTorrent thinks we should think about using distributed computing to deal with upgrade issues over the Internet.

It sounds like a good idea.  So good, that you wonder why someone hasn’t thought of it before.  Well, surprise, surprise (unless you know Slade’s Law of Computer History), someone has.  How about Shoch and Hupp, who worked on the idea at Xerox PARC in the late 70s, and reported on it in 1980 and 1982?  Or Fred Cohen, who was quite vocal about using “good” viruses in the late 80s, and mentioned it in one of his earlier popular books?  Or Vesselin Bontchev, who, in the 90s, gave a detailed outline of what you have to do to make it work

Memory lane …

I ordered a new computer before Christmas, and there have been delays getting it.  Today the shop called and said that the one I ordered (with 4 Gigs of RAM) was still short, but they did have one with 6 Gigs, if I was willing to pay an extra ten bucks.  So I said fine.

Got off the phone and told Gloria about it.  She asked “How many Commodores is that?” since I still have a Commodore 64 in the “computer museum” trunk.

32,000.  Give or take a few for rounding purposes.  For ten bucks, the equivalent memory of 32,000 Commodore 64 computers.

We work in a bizarre field.

Online forum rule haikus

On the CISSPforum we were discussing precepts for getting along and keeping the discussions meaningful.  Somebody started listing rules, so I started casting them as haikus.  That prompted a few more.

I wondered if these were only for that group, but then realized most of them were applicable to online discussions of whatever type.  So, herewith:

 

Create your own space
Meaningful content only
Comes to those who post.

Silence calls silence
Lurkers don’t disturb quiet
Sleep beckons as well.

The posts are boring?
Raise topic of interest
Thread starter lauded.

Forum like sewer:
What you get out of forum
Depends on input.

Being creative
Is much better than being
Tagged as complainer.

These are your colleagues.
Why are you so much  better
That they must start first?

The forum that is
Is not what must always be.
Build a better world.

Friday is not for
Building new realities.
Your colleagues would sleep.

 

Then some other chimed in:

I remember trust
It disappeared so quickly
I guess we were fools

Pointing to resource
Always appreciated
Who can search the whole?

Putting platitudes
into pleasing haiku
removes sting of truth

Now you’re getting it.
Format is everything.  (Well,
And maybe context  :-)

friday gratitude
is here at last for resting
ignoring infosec

Friday at last! Time for
Bottles of overpriced wine.
Why’m I still at work???

Request not correct.
Reformat for this thread.
Please resubmit now.

UNSUBSCRPTION post
Jangles cosmic harmonies
Til balance achieved.

Official (ISC)2 Guide to the CISSP CBK

Recently, on the CISSPforum, there was some discussion of the new, third edition of the Official (ISC)2 Guide to the CISSP CBK (which, I note, is pretending to be available as an ebook for only ten bucks).  At the end of one post, one of the correspondents stated that he was “leaning towards buying the new book.”

First, lemme say that, for those who haven’t yet got the cert, I do recommend the “Official Guide” as my first choice.  (Harris is easier to read, but does contain *lots* of errors, and I tell my seminar candidates that I refuse to answer any question that starts out “Shon Harris says …”   :-)

However, on the other hand … why would anyone who has the cert buy the guide?  Of course, I am speaking from the perspective of someone who does read the source literature (and I am aware that all too many of my colleagues do not).

I also recall at least two seminar attendees who actually did have the cert.  Furthermore, they were consultants, and thus going on their own dime for the course.  The reason given was the same: they charged by the hour, so any time spent upgrading was time they could not charge.  Therefore, regularly attending the seminar was the fastest, and therefore, in their situation cheapest, way to ensure they were current.

So, yes, I can see that some people would want to get the guide as a quick check.  (In that regard, I would tend to recommend ISMH instead of the guide, but …)  But I still find it kind of odd …

Beware! The “Metavirus”!

In the spirit of many infosec and antivirus company “announcements” of “new threats” in the past year:

A leading (if unemployed) information security and malware researcher, today noted startling developments (which were first mentioned in 1988, but we’ll leave out that bit) in cross-platform malware.

Dubbed the “metavirus,” this threat could completely swamp the Internet, and render literally billions of computers useless.  The chief researcher at the Vancouver Institute for Research into User Security has found that these entities can be created by almost anyone, even without programming knowledge or skills.  “This doesn’t even require a malware kit,” said Rob Slade, who has “discovered” this unregarded vulnerability.

Although the number of metavirus “families” are very small, in comparison to the millions of viruses, worms, and trojans discovered yearly, they are remarkably resistant to disinfection.  Infections tend to be clustered, and can affect almost all machines in an infected company, network or group.

“This is definitely cross-platform,” said Slade.  “It doesn’t rely on a specific operating system, program, or even virtual machine, like Java.”  Infections have jumped between Windows, Mac, Linux, iPhones, Android, and even CP/M and VMS machines.  Transmission can occur via email, sneakernet, wireless, and even phone and fax.  In all cases productivity is affected as time is lost.  In one class of the threat machines can be rendered inoperable.

Rob Slade can be made available for presentations on how to deal with this enormous threat.  Anyone wanting to protect themselves can send first class airfare, proof of prepaid hotel accommodation, and a bank draft for $15,000 deposit.  (US or Canadian dollars, whichever is higher at the time  :-)

Bell bull

I recently re-upped with Bell Canada for cell phone service.  I bought new phones and upgraded the plan to include “unlimited” text messaging (since that’s how the grandkids mostly communicate).  The plan I got  is supposed to include picture and video messaging.

In order to use the picture messaging I am told, by both the kiosk and telephone personnel, to turn on the cellular data (not wifi: I’ve been a communications specialist for 30 years and I know the difference) connection on the phone.  Every time I do that I am charged $5.00 for “Pay per use flex data Data Usage.”

Each time I can get it reversed, but I have to spend 20 minutes getting through to an agent on the phone in order to do so.  (All the telephone agents initially insist that this is a “mobile browsing” charge, and I have to point out that I have turned off every app on the phone every time I try this.)

I am not being given the services it stipulates on my contract.

Right now I’m on the phone with Bell’s telephone “support.”  She’s already tried to get rid of me once by claiming to call “technical support.”  When I asked to speak to a supervisor, the agent did the same thing, but eventually put me through to “Puneet.”

I have spoken with supervisor “Puneet.”  She will not answer the simple question of how to access the services I am paying for.  Her only answer is that I upgrade to a data plan.

Therefore Bell is lying in it’s contract stating that I have access to picture and video messages.

Puneet has also just told me that Bell will no longer reverse or adjust any charges for using the picture messaging.

(Puneet did make one rather damaging admission late in the call: she did admit that, actually, Bell has no way to tell what the “Pay per use flex data Data Usage” is.  It could be updating.  It could be mobile browsing.  It could be Twitter.  It could, also, be the picture and video messaging for which I’m not supposed to be charged …)

Airline security

Mom and my little sister were supposed to go on a cruise over Christmas.  The first leg of their flight to the embarkation port was cancelled when a door wouldn’t close.  The storm in the midwest, and the consequent meltdown of the North American air travel system, put paid to any chance of getting re-routed.  So they didn’t go.

The door that wouldn’t close on the first flight wasn’t an outside door, it was the cockpit door.  Mom was peeved.  Most people would have complained about the security policy that prevents takeoff without a locked cabin door.  Not Mom.  Her take was that there were lots of security guards around the airport, and that they could have just got one to stand in the doorway for the flight.