Log in

You are coming to a sad realization. Cancel or allow? [entries|archive|friends|userinfo]
Obstructionist Husband

[ website | Spare Brains Games ]
[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

MAJOR vulnerabilities in Windows 10 and iOS [Aug. 27th, 2016|09:32 am]
Obstructionist Husband
[Tags|, , ]

First, Apple. An exploit was found and weaponized that can root an iPhone or, apparently, also an iPad. You need to update your devices RIGHT NOW is you're running iOS 9. It will update your devices to 9.3.5. It's a small patch, less than 40 meg, so a fairly quick and painless update.


Windows 10 also has a big problem that is currently not patched, so it requires a registry edit to close the hole.

To update the registry, do the following steps:
Click the Start button, and in the search field, type in "regedit", then select "regedit.exe" from the list of results
Navigate through the tree to "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad"
Once you have the "Wpad" folder selected, right click in the right pane, and click on "New -> DWORD (32-Bit Value)"
Name this new value "WpadOverride"
Double click the new "WpadOverride" value to edit it
In the "Value data" field, replace the "0" with a "1", then click "OK"
Reboot the computer

Obviously this is not a trivial thing to do and messing with the wrong keys and values can brick your computer. I'm not sure if this is also a problem in earlier editions of Windows, so you should do a bit of research before doing something like this. It's already been fixed in most Linux distributions and also in MacOS.

linkpost comment

Cool! Apple patent to try to capture finger print and photo of phone thieves! [Aug. 26th, 2016|09:54 am]
Obstructionist Husband
Very interesting idea! I quite like the concept, but I think smart thieves will know to get the stolen phone in to a Faraday bag ASAP and get the SIM chip out of it so that it won't be connected to the network. I think it's more likely to catch the secondary purchaser rather than the thief, but it might lead to more thieves being caught and diminish the market for stolen iPhones.

Myself, I use a six digit passcode to unlock mine. I only use the fingerprint reader to authenticate some purchases, like Apple Books or Amazon.


[great -- my post tags aren't working right now!]
linkpost comment

First confirmed case of PRISM surveilance was against a democracy rights activist in New Zealand [Aug. 15th, 2016|09:53 am]
Obstructionist Husband
[Tags|, , , ]

PRISM is/was an NSA intelligence-gathering program. It has been widely speculated that friendly governments spy on other countries so that said country doesn't violate laws about spying on their own people. And this happened in NZ. The activist was from Fiji, and was very active in trying to get democracy for Fiji and get rid of the prime minister. So in sweeps the NSA and PRISM to try and find dirt on him, which they did not find.

First Confirmed Prism Surveillance Target Was Democracy Activist (fortune.com)

Posted by manishs on Monday August 15, 2016 @08:00AM from the truth-is-out-there dept.
A new report by Television New Zealand in collaboration with The Intercept, based on leaks of former U.S. National Security Agency worker Edward Snowden has for the first time named a target of the NSA's controversial Prism program. The target was a middle-aged civil servant and pro-democracy activist named Tony Fullman. Fullman, who is originally from Fiji but has lived in New Zealand for decades, is an advocate for democracy in Fiji and a critic of Fijian prime minister Frank Bainimarama, who took power in a 2006 coup.

From a Fortune report:
According to The Intercept, the NSA in 2012 monitored Fullman's communications through the Prism program and passed on information to the New Zealand intelligence services. Around the same time, the New Zealand authorities raided Fullman's home and revoked his passport. The New Zealand intelligence services were not themselves allowed to spy on Fullman, who was a New Zealand citizen. However, as Snowden has repeatedly described, the agencies of many Anglophone countries spy on each other's behalf, in order to bypass their national legal restrictions. Fullman suggested in the article that people in the group may well have said violent things about Bainimarama, but this was just venting, not a plot. According to the report, they never suspected someone was listening into their communications. The NSA was said to be helping by analyzing Fullman's Facebook and Gmail activities. The 190 pages of intercepted documentation seen by The Intercept apparently didn't reveal evidence of a plot.

link1 comment|post comment

I'm getting really sick of "Christians" [Jul. 27th, 2016|06:19 am]
Obstructionist Husband
[Tags|, ]

And I put it in quotes because they're the ones who claim the loudest that that is what they are, rather than letting us see it in them for ourselves and to be inspired by it. You know, sort of like how Jesus told his people to behave.

The Beatitudes are part of the Sermon on the Mount, and appear in slightly different form in Matthew and Luke. Luke also adds four Woes. They're really simple computer programming or logic concepts: if this, then that. The thing that has me riled is a comment by kimuro in reply to a post by Elizabeth Moon's blog where she describes asking a Christian about The Beatitudes, and being told that those only apply AFTER they are in heaven (it is not Kimurho's comment, Kimurho is describing a FB incident with a self-identified Christian). WHAT THE [expletive deleted] IS THAT SUPPOSED TO MEAN?!

From Wikipedia, also available from Project Gutenberg or any online or offline bible that you like:

The eight Beatitudes in Matthew 5:3–12 during the Sermon on the Mount.

Blessed are the poor in spirit: for theirs is the kingdom of Heaven. (Matthew 5:3)
Blessed are those who mourn: for they will be comforted. (5:4)
Blessed are the meek: for they will inherit the earth. (5:5)
Blessed are those who hunger and thirst for righteousness: for they will be filled. (5:6)
Blessed are the merciful: for they will be shown mercy. (5:7)
Blessed are the pure in heart: for they will see God. (5:8)
Blessed are the peacemakers: for they will be called children of God. (5:9)
Blessed are those who are persecuted for righteousness sake: for theirs is the kingdom of heaven. (5:10)

In verses 5:11-12, the eight Beatitudes are followed by what is often viewed as a commentary—a further clarification of the eighth one with specific application being made to the disciples. Instead of using the third-person plural "they", Jesus changes to second-person "you":

Blessed are you when people insult you, persecute you and falsely say all kinds of evil against you because of me. Rejoice and be glad, because great is your reward in heaven, for in the same way they persecuted the prophets who were before you.

R. T. France considers verses 11 and 12 to be based on Isaiah 51:7.

The Beatitudes unique to Matthew are the meek, the merciful, the pure of heart, and the peacemakers. The other four have similar entries in Luke, but are followed almost immediately by "four woes".


The four Beatitudes in Luke 6:20–22 are set within the Sermon on the Plain. Verse 20 introduces them by saying, "and he lifted up his eyes on his disciples, and said"

Blessed be ye poor: for yours is the kingdom of God.
Blessed are ye that hunger now: for ye shall be filled.
Blessed are ye that weep now: for ye shall laugh.
Blessed are ye, when men shall hate you, and when they shall separate you from their company, and shall reproach you, and cast out your name as evil, for the Son of man's sake.

Luke 6:23 ("Rejoice ye in that day, and leap for joy: for, behold, your reward is great in heaven: for in the like manner did their fathers unto the prophets.") appears to parallel the text in Matthew 5:11-12, which reads, "Blessed are you when people insult you, persecute you and falsely say all kinds of evil against you because of me. Rejoice and be glad, because great is your reward in heaven, for in the same way they persecuted the prophets who were before you".

The four woes that follow in Luke 6:24–26

Woe to you who are rich, for you have already received your comfort.
Woe to you who are well fed now, for you will go hungry.
Woe to you who laugh now, for you will mourn and weep.
Woe to you when everyone speaks well of you, for that is how their ancestors treated the false prophets.
(emphasis by TheWayne)

The fourth "woe" in verse 26 may be parallel to the commentary in Matthew 5:11-12. These woes are distinct from the Seven Woes of the Pharisees which appear later in Luke 11:37-54.

I had forgot about the Woes.

Christianity has some basic truths, such as:
Treat others the way that you would like to be treated. Sadomasochists need not apply.
Be good to other people: help out the needy, and don't expect reward.
Conversely, apply Wheaton's Law: Don't Be A Dick.
Be an example of what a good person is, but don't advertise your faith.

Let's distil those down a bit further:
Do good. Do not do bad. If you don't get rewarded for doing good, it happens, don't sweat the little stuff.


Let's add some more Matthew, this from chapter 25:

(34)Then the King will tell those on his right hand, ‘Come, blessed of my Father, inherit the Kingdom prepared for you from the foundation of the world; (35)for I was hungry, and you gave me food to eat. I was thirsty, and you gave me drink. I was a stranger, and you took me in. (36)I was naked, and you clothed me. I was sick, and you visited me. I was in prison, and you came to me.’

(37) “Then the righteous will answer him, saying, ‘Lord, when did we see you hungry, and feed you; or thirsty, and give you a drink? (38)When did we see you as a stranger, and take you in; or naked, and clothe you? (39)When did we see you sick, or in prison, and come to you?’

(40)“The King will answer them, ‘Most certainly I tell you, because you did it to one of the least of these my brothers, you did it to me.’

(41)Then he will say also to those on the left hand, ‘Depart from me, you cursed, into the eternal fire which is prepared for the devil and his angels; (42)for I was hungry, and you didn’t give me food to eat; I was thirsty, and you gave me no drink; (43)I was a stranger, and you didn’t take me in; naked, and you didn’t clothe me; sick, and in prison, and you didn’t visit me.’

(44) “Then they will also answer, saying, ‘Lord, when did we see you hungry, or thirsty, or a stranger, or naked, or sick, or in prison, and didn’t help you?’

(45) “Then he will answer them, saying, ‘Most certainly I tell you, because you didn’t do it to one of the least of these, you didn’t do it to me.’ (46)These will go away into eternal punishment, but the righteous into eternal life.” Again, emphasis mine.

*sigh* I wish I could find a rock that I could crawl under for the next many years.

Another comment to Elizabeth Moon's post talked about how in the USA you supposedly have separation of church and state, yet politicians feel it is required to talk loudly about their Christianity, while in England they do not have separation of church and state and it's considered rude for their politicians to talk publicly about their religion.
link1 comment|post comment

Spam, wonderful spam! [Jul. 14th, 2016|09:05 am]
Obstructionist Husband

One recurrent spam that I receive at my former work account and regularly on one of my personal email accounts has the subject line "New F@ck buddy alert!"

The @ symbol is commonly read as "At", so how do you pronounce "fatck"?

In linux you have the fsck for file system check, so is this a Windows command for checking the file allocation table? And why would I need a buddy to check that?

I just don't understand this modern world.

Another amusing spam that I received was from someone named Asia who said they were from the Ukraine. Do they travel a lot and recently relocated? Do they change their name whenever they travel? If they were in Africa, would they say their name was North America?

Yes, I'm rambling. The last few days have been conducive to random acts of weirdness. But my wife arrived yesterday, and we went and saw The Secret Life of Pets last night, and I laughed my butt off. I should check with the theater and see if they found it, it's hard to keep your pants up when your butt is missing.
linkpost comment

Interesting Slashdot post on stopping Ransomware from trashing your computer [Jul. 8th, 2016|09:16 pm]
Obstructionist Husband
[Tags|, ]

There are various ways of stopping malware. Antivirus works by watching for strange behavior or if a program matches a known signature. The problem with signature matches is that it's very easy for a program to change its signature so that it won't hit in the protection program's database. This is known as a polymorphic virus (self-changing). Some malware encrypts itself.

The worst is ransomware. This is malware THAT ENCRYPTS YOUR HARD DISK. In doing so, all of your files get encrpyted, then a message pops up that says you will have to pay X number of bitcoins to get the decrypt key, and it will frequently have a deadline -- if you don't pay by the date, the decrypt key will be deleted and your files will be forever lost.

Some ransomware is written poorly, and some have been decrypted. Some security researchers have created web sites where you can upload an encrypted file and they can analyze the file and give you a key. But you can't count on that.

Backups are a form of protection, but some ransomware versions have sat silently and watched for a backup drive and encrypted it first. So your main recovery method might already have been compromised.

In other words, randomware is a bitch.

But some security researchers have come up with a very interesting approach to fighting it. They don't try to match a signature because that's a losing game. What they do is watch file system activity. If they see files being encrypted, the program identifies the activity and stops the process cold. So you may lose a handful of files, but you won't lose everything.

Here's what I just saw on Slashdot:

Researchers Develop A Way To Stop Ransomware By Watching The Filesystem (phys.org)
Posted by BeauHD on Friday July 08, 2016 @06:50PM from the always-watching dept.

An anonymous reader quotes a report from Phys.Org:
Ransomware -- what hackers use to encrypt your computer files and demand money in exchange for freeing those contents -- is an exploding global problem with few solutions, but a team of University of Florida researchers says it has developed a way to stop it dead in its tracks. The answer, they say, lies not in keeping it out of a computer but rather in confronting it once it's there and, counterintuitively, actually letting it lock up a few files before clamping down on it. "Our system is more of an early-warning system. It doesn't prevent the ransomware from starting [...] it prevents the ransomware from completing its task [...] so you lose only a couple of pictures or a couple of documents rather than everything that's on your hard drive, and it relieves you of the burden of having to pay the ransom," said Nolen Scaife, a UF doctoral student and founding member of UF's Florida Institute for Cybersecurity Research. Scaife is part of the team that has come up with the ransomware solution, which it calls CryptoDrop.

"Antivirus software is successful at stopping them when it recognizes ransomware malware, but therein lies the problem," reports Phys.Org. "'These attacks are tailored and unique every time they get installed on someone's system,' Scaife said. 'Antivirus is really good at stopping things it's seen before [...] That's where our solution is better than traditional anti-viruses. If something that's benign starts to behave maliciously, then what we can do is take action against that based on what we see is happening to your data. So we can stop, for example, all of your pictures form being encrypted.' The results, they said, were impressive. 'We ran our detector against several hundred ransomware samples that were live,' Scaife said, 'and in those case it detected 100 percent of those malware samples and it did so after only a median of 10 files were encrypted.'" The University of Florida uploaded a video briefly explaining its software.

Let's look at that second to last line again: it detected 100 percent of malware samples and did so after a median of 10 files were encrypted. So on average, you'll lose fewer than that, but you will guaranteed lose one or two files. And you may or may not have other copies of those files.

Still, QUITE impressive. It's not a released product and will need the security community at large to pound it and try to break it, but still, pretty cool.

Personally, if I were relying on Windows computers and concerned about this, I think I'd install Deep Freeze. It's a program we used at a university that creates a frozen copy of your operating system. You install the OS, update it, install the programs that you need, update them, then you freeze it. In order to update the OS or the programs, you have to unlock the system, do the updates, then freeze it again. It's not perfect, but it's darn good. It's VERY hard for a virus to infiltrate a system protected by Deep Freeze. Not impossible, but VERY difficult. Your user data files (word processing documents, spreadsheets, photos, music, etc.) are stored in a different area on the hard drive as they change regularly.

In Linux and some other systems you can install a program such as Tripwire that watches the operating system to see if any files change. It theoretically could detect the system becoming infected and could halt everything and not let it run until it's cleaned up.

But a lot of virus makers these days are pretty darn brilliant and tricky. The best thing you can do is to keep your computer updated, only install programs from trusted sources and web sites, and NEVER open attachments that you were not expecting or specifically requested. That means when your Aunt Ethel sends you that cute kitty video that you don't open it. It just ain't worth it.
link2 comments|post comment

Shot yesterday at the El Camino Bird Sanctuary [Jul. 1st, 2016|11:28 am]
Obstructionist Husband

Also known as my parent's front yard when we irrigate. Canon 6D, 75-300 lens hand held at 300mm and f5.6 1/350th. I think it's kind of cool how their shadow lets you see the grass beneath the water.

link2 comments|post comment

Two Bits of Random Strangeness [Jun. 28th, 2016|08:25 am]
Obstructionist Husband
[Tags|, ]

Yesterday I took my mom to do her grocery shopping. I didn't want her doing it alone as it's bloody hot out there -- right now, at 7:45am, it's over 95f. At the second grocer that we went to, I parked next to a Mazda Miata. Nothing unusual about that, it's a VERY common car that's been around for ages, at least 20 years. It honestly wasn't in very good shape: it had been banged up and equipped with a roll bar, so the owner apparently did some racing of some sort in it.

Personally, I'd love to have one. I've driven one, and it was crazy fun. And the roads where I live, on top of the mountain, would absolutely be a blast in a nice little convertible sporty car. And it's fairly inexpensive.

But that wasn't the cool thing. The cool about this car was that it had historic license plates.

Not a remarkable car, but it was old enough to qualify for historic plates. That, in and of itself, is not difficult -- the vehicle only needs to be 20 years old. I have cameras older than that.

Still, I was amused.

* * * * *

Just now I came across something interesting. I'm in a weird place right now, and by place, I mean mental headspace. I'm at my parents, in this blistering heat, and I'm having to deal with the fact that my dad has cancer. Well, I'm an information junkie, so I'm doing what I do best: organizing information. I'm scanning lab reports and such to PDFs as they come in, such as the full workup for his emergency room/hospital stay, and providing them to other doctors as needed. When my immune system went on permanent vacation seven years ago, I started learning what I could about my condition and possible long-term problems that could result. And I really don't know anything about cancer, just the odd bits that you get from TV, so I went to one of my favorite bookstores and got two books. One that I got I had learned about from a radio/podcast interview with the author when his book won the Pulitzer Prize, it is The Emperor of All Maladies by Siddhartha Mukherjee. He is a cancer physician and researcher, an assistant professor of medicine at Columbia University, and a staff physician at Columbia University Medical Center. He is also a Rhodes Scholar. In other words, a smart cookie.

But my second interesting bit of random strangeness isn't about the book per se -- it's about what was in the book.

When I bought the book, used, I noticed a bookmark in it. Nothing unusual about that, but it wasn't my preferred bookmark. Kinda stupid how a person may have a standard for bookmarks, but there we are. Today I have to take my dad to one of two (or three) doctor appointments this week, and I decided that I needed to start reading this book, so I put my preferred bookmark in it. And while fanning to where the sub-standard bookmark was, I noticed a piece of paper. Fanning back to it, I saw it was a boarding pass. Thinking it was a boring domestic flight, I looked at it, and it was decidedly not boring. The person in question flew from Copenhagen to Amsterdam in late September. I thought that was cool, but then again, I'm the weird guy who has standards for what bookmarks he uses. Then I found a second boarding pass, this was a few days later, flying from Copenhagen to Newark. I was a little disappointed in the second trip -- Newark is a pretty scuzzy airport IMO, but sometimes you have to fly where you can, not where you might want to.

The bookmark also had an interesting characteristic: a receipt that showed the purchase of the book in question at the Phoenix airport, Sky Harbor, in 2011 for $18, the cover price of the book, and the first paperback edition was August 2011, so in all probability the receipt was for this particular book.

The question is: are the receipt and the boarding passes related? There's no name on the receipt, except the clerk who rang up the sale, and oddly the boarding passes don't have the year on them. The receipt was mid-September, the first flight was about a week later, the second about five days later. And if they are, when did the book go from Phoenix to Amsterdam, though it may have stopped somewhere first. Presumably it made that trip the day of the sale -- one doesn't go to airports to buy books -- but there is no physical evidence. I'm curious if the book went, more or less, directly from Phoenix to Amsterdam, or what significant intermediate stops were made.

And then there's the fact that I bought the book in Phoenix. So presumably there was a flight from Newark to Phoenix, and the person then ultimately sold the book to the bookstore where I got it. Coincidentally, when we flew back from Berlin to Phoenix last July, we also went from Berlin to Newark, then on to Phoenix.

I am tempted sore to look up the name on the boarding pass. I suspect there is a high possibility that if I were to search, I might find the person in the Phoenix area. Possibly in my vague local area, since the bookstore is only 2 miles from my parent's house.

Is there a point to this? None whatsoever. But they are interesting artifacts that appear to show a book that has been to another continent, then back to Phoenix, Arizona.

Originally, I was going to throw the boarding passes away. But now I think I'll keep them and try to work them in to a role-playing game scenario. I occasionally run a spy game, and they could be an interesting prop.
link2 comments|post comment

Trump celebrating the Brexit [Jun. 25th, 2016|10:37 am]
Obstructionist Husband

"[Scotland] is going wild over the vote. They took their country back, just like we will take America back. No games!"
-- Donald Trump, tweeting during the Brexit vote; Scotland ended up with 62% choosing "remain"

From Scottish tweets criticizing Trump for his error:
"You clueless numpty."
"You spoon."
"You mangled apricot hellbeast."

John Scalzi has a few thoughts on the Brexit and some of the ramifications. He's especially concerned over the people who voted for the Brexit because 'there's no way it'll pass'. Well, you voted that way and it did pass. His point is that the same reasoning, a protest vote, could create President Donald Trump. The people who voted for him are older people, and if they voted in the primaries, they will vote in the general election, which is where it really matters.

SO AMERICANS MUST VOTE if they don't want to see President Trump and what could be the ruination of the USA. While it is possible for the system of checks and balances to prevent something like that, the President can certainly screw over relations with the rest of the world. And an isolated United States is a vulnerable United States, and probably much poorer.

Scalzi pointed to a blog entry by Charles Stross, a Scottish writer whom I am quite fond of. The first line is "The idiots did it, they broke the UK."

In other news, when the Brexit result was announced, Fox Newts announced that the UK had left the United Nations. It's so good to see accurate journalism.

If I remember I may start referring to Trump as a Mangled Apricot Hellbeast. I really liked that one.
link1 comment|post comment

UK: Welcome to "Interesting Times" [Jun. 24th, 2016|08:32 am]
Obstructionist Husband

Obviously a majority of non-UK citizens can't be as well-informed on the Brexit issues as a Brit, assuming Brits tried to educate themselves on it, still I'm surprised at the vote. Well, maybe I'm not surprised. After all, we're the country where Donald Trump has a decent chance of becoming leader of the free world.

I personally don't think the Brexit is a good idea. I think the UK had an excellent approach of keeping the Pound and not adopting the Euro: I think the unified currency was a really bad idea, as Greece, Spain, etc. have demonstrated.

We all live in Interesting Times, I guess. I have a theory that every country occasionally goes insane. I think the USA is well in to moving in to such a time where we have people voting against their interests in the name of party ideology where the political parties don't give squat about the people who vote for them, perhaps the UK is entering a similar stage.

Trump is symbolic of only part of the problem. The reality is that greed has overcome helping your fellow man and doing good. It seems that most companies' sole purpose is providing increasing dividends to their top investors, the rest can go hang.

There's some interesting discussion on Slashdot about the result of yesterday's Brexit vote, only time will tell what happens in the long-run.

In the end, it's too depressing to think about. And ultimately, we're all dead anyway.
linkpost comment

[ viewing | most recent entries ]
[ go | earlier ]