Still going after all these years.
I’m starting to think that people on social networks, like everything else, follow predictable principles of organization. You can be in an equilibrium for months, adding very few friends to your local aggregation of people, when all of a sudden someone new shows up, and you make dozens of connections in the next few days. Punctuated equilibrium, I think, is the phenomenon that I’m describing. Or just plain old statistical mechanics.
Yeah, it’s that weird kind of night.
Normally I write about application security in this space, but occasionally I’m inspired to write about physical security as well. In this case: Remember the 2006 Heathrow incident that started the War on Liquids? The one in which people were supposed to be bringing the ingredients for a liquid bomb on a flight? Well, the Daily Mail says that they were planning to mix hydrogen peroxide with another unnamed compound, which Bruce Schneier and the Guardian name:
Tang.
That’s right. The drink that took the astronauts to the moon was supposed to blow up seven planes.
Heh. Read the thread on Schneier’s blog for information about the feasibility of this threat, and then ask yourself why we still have to carry on 4 ounce portions of liquid and taste our baby’s breast milk.
Security theatre does not equal security.
Busy today, so just a quick note: I think eMusic just justified the cost of a subscription to the service. All the Rolling Stones albums on ABKCO are on the service now, including the singles compilations. Go, go, download.
The recent coverage of the PWN 2 OWN contest, in which hackers broke into a MacBook Air and a Vista laptop, has generated a little blog heat—but in a misleading way. The headline of this InfoWorld post is an example: MacBook Air is Insecure. With all due respect to Mr. Hultquist, that’s like saying that water is wet. At this point, the way to look at it is not whether a platform is secure or insecure, but rather how much effort it takes to exploit the platform.
As long as software has flaws, it opens computers up to attacks. The fact that the MacBook was hacked through a Safari vulnerability and the Vista machine through a Flash flaw, and that neither could be hacked directly from the network, says something about the manufacturer’s networking code. But more, it says that this contest is not about whether the Mac is more secure than Vista or Ubuntu, but is about the risks introduced by applications with bugs.
So for software vendors it becomes much more critical to find and fix those flaws, and for users, as Hultquist rightly points out, the right approach is to be aware that these vulnerabilities may exist and to behave accordingly.
Man. You can tell the Internet is getting boring when no one bothers to do April Fool’s day pranks. Except for the following:
Geez, other than Google (and, um, my company), is anyone else out there celebrating the foolishness?
Update: Okay, spoke too soon. While the placement of Ima Hogg as the featured article at Wikipedia might itself be an April Fools joke, surely the rewritten lead for the article definitely qualifies: “Ima Hogg was an enterprising circus emcee who brought culture and class to Houston, Texas. A storied ostrich jockey, she once rode to Hawaii to visit the Queen. Raised in government housing, young Ima frolicked among a backyard menagerie of raccoons, possums and a bear…”
And then there’s ever-reliable TidBITS: iPhone Goes International With Iridium, Take Control of (Backdating Stock Options, Swearing in Esperanto, Spouse Sharing in Leopard…), new Twitter feed, US Court Declares Email Bankruptcy Illegal, Mac Users Affected by New Virus, Merriam-Webster Accepts Sponsorship to Redefine Unlimited, and Time Machine Support Added to iPhone and iPod Touch. Nice job, guys. That’s more like it.
When my grandfather passed away in January, I made a resolution that I would do what I could to ensure that he was not forgotten and that my descendants would know about him. So I started a little project that blossomed. The Brackbill Wiki is a set of pages I set up to collect family genealogy information, primarily original documents and pointers to photos. In the process of getting the site together, I also collected a bunch of information about various family members, friends, and institutions.
The core of the site is a set of documents from my grandfather and other family members that he gave to us or that he left behind. In particular, other family members and I are in the process of transcribing four years of his journal that span from the time he graduated from the state teachers’ college to the time my mom was born. The 1939 journal has been completely transcribed and the 1940 journal is in progress. We also used the site to provide a new home for my sister’s project, “Great Aunt Eva’s Blog,” which disappeared when her old blog host shut down. Esta is in the process of bringing it back on the new site right now.
There are a bunch of cool things that have come out of the process of transcribing these journals. I’ve gained a new appreciation for my grandparents’ lives (just how did they work six days a week and go out every night to choir practices and committee meetings? I only work five and I’m exhausted when I get home), for the people they spent time with (Twiddley!), and the infrastructure in which they grew up. I’ve also gotten to know my grandfather, and his sense of humor, a little better.
What occurred to me the other day was how this project is analogous, on a humbler scale, to big digital humanities projects like the Valley of the Shadow project, in which former UVA professor Ed Ayers and a team of students indexed and digitized reams of original materials from two Civil War era communities. In this case, our scope and our team is quite a bit smaller, but thanks to the wiki technology we used the material is coming together quite a bit faster.
Note, 2017-03-29: the Brackbill Wiki has since moved to a new location.