aubreyturner.org

I have been considering a couple of upgrades for my home network.  First, I’d like to move the firewall and router duties off of a PC and onto a dedicated router (less power, less heat, less noise, and less cost).  And secondly I would like to be able to use my laptop without having to plug into the network.  The network equipment companies are now starting to deliver 802.11g devices, which have a maximum possible throughput of 54Mbps (as compared to 11Mbps for the older 802.11b standard).  One downside, though, is that 802.11g is still a draft standard and is not yet finalized.  However, most of the devices that I am considering have upgradeable firmware that will allow them to be upgraded should the standard change by the time it is finalized.

One of the great things about having the Internet as a resource is that companies can make available more information than they could in the past, when they would have to rely on salespeople (who are mostly clueless about this stuff) and glossy brochures (which often weren’t worth the paper they’re printed on).  Getting answers to technical questions could be difficult (even if the company has a technical presales group).  In my case, one of the things that I need is the ability to forward SSH requests through the firewall to my Linux system.  I’m considering the Linksys WRT54G, which is a wireless access point with a router/firewall (and 4 wired 10/100 Ethernet ports).  Linksys actually provides the manuals for almost all of their devices on their site, which made answering my question much simpler.  I downloaded the manual and was able to determine that the router does support port forwarding and as a bonus it can also directly update the DynDNS.org database with the latest IP address (which was a pleasant surprise and appears to be a new feature they’ve added since the last time I looked at their routers).

This kind of information availability is one of the things that has kept me using their products for all of my home networking for the past 5 years.  I got started with them because of their LNE100TX PCI cards, which were inexpensive and easy to use, and it’s grown from there.  So, when I finally decide to pull the trigger on this network upgrade, it’ll probably be with the Linksys equipment.

This is the kind of thing that really gets me steamed.  Here’s the overview:

To: ukcrypto-at-chiark.greenend.org.uk
Subject: Citibank tries to gag crypto bug disclosure
Date: Thu, 20 Feb 2003 09:57:34 +0000
From: Ross Anderson <Ross.Anderson-at-cl.cam.ac.uk>

Citibank is trying to get an order in the High Court today gagging public disclosure of crypto vulnerabilities:

http://www.cl.cam.ac.uk/ftp/users/rja14/citibank_gag.pdf

I have written to the judge opposing the order:

http://www.cl.cam.ac.uk/ftp/users/rja14/citibank_response.pdf

The background is that my student Mike Bond has discovered some really horrendous vulnerabilities in the cryptographic equipment commonly used to protect the PINs used to identify customers to cash machines:

http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-560.pdf

These vulnerabilities mean that bank insiders can almost trivially find out the PINs of any or all customers. The discoveries happened while Mike and I were working as expert witnesses on a `phantom withdrawal’ case.

The vulnerabilities are also scientifically interesting:

http://cryptome.org/pacc.htm

For the last couple of years or so there has been a rising tide of phantoms.  I get emails with increasing frequency from people all over the world whose banks have debited them for ATM withdrawals that they deny making. Banks in many countries simply claim that their systems are secure and so the customers must be responsible. It now looks like some of these vulnerabilities have also been discovered by the bad guys. Our courts and regulators should make the banks fix their systems, rather than just lying about security and dumping the costs on the customers.

Curiously enough, Citi was also the bank in the case that set US law on phantom withdrawals from ATMs (Judd v Citibank). They lost. I hope that’s an omen, if not a precedent …

It’s bad enough that we often get dinged for the incompetence of some corporations (like Charter Communications starting to charge me rent for a cable modem I bought two years ago), but I understand that mistakes happen.  However, attempting to cover up mistakes really gets me going.  In this case, it appears that Citibank is trying to cover up something that is costing people money.  It’s the kind of thing that (on an emotional level) makes me hope that Citibank gets their ass handed to them in this case.

The above link also contains more information about the process of the attack.

Via Slashdot.

This really caught my attention, since this is the main theater that I use.

HICKORY CREEK — It could have been a scene from one of the action movies that typically show at the Rave Motion Pictures. On Tuesday, a SWAT team and dozens of officers searched the 16-screen motion-picture complex in a fruitless hunt for a masked man who stabbed an employee of the theater earlier that day.

It’s a little ways south of Denton, so it’s not the most convenient theater, but they don’t have a stupid “no guns” sign like the one at the mall (even though their sign has no legal value for me, I know when I’m not wanted).

Mainly I liked their seating.  They have stadium seating so you’re not stuck watching the back of somebody else’s head, and the seats are big enough for an adult (unlike those crappy little seats at the mall).

Maybe I’ll postpone seeing a movie this weekend (although I was interested in seeing Gods And Generals).

I’ve never cared for birds as pets, but this might change my mind.

Kevin Butler loved animals of all sorts, and he gladly took in strays and pets that his friends couldn’t keep.

His family says it’s fitting that his pet cockatoo provided the evidence that helped Dallas police track down the men accused of killing him – one of whom was convicted of capital murder Tuesday and sentenced to life.

A Dallas County jury deliberated less than 25 minutes Tuesday before convicting Daniel Torres of killing his Pleasant Grove neighbor after Mr. Torres and his half-brother went to Mr. Butler’s home on Christmas Eve 2001 to settle a disagreement.

“He acquired the bird via a roommate who had to move,” said Kathy Butler, the victim’s sister. “All of his animals were strays. He treated his pets with love, and in doing so, his pets loved him back, and that was certainly the case here.”

Lead prosecutor George West told jurors that the bird – an 18-inch white-crested cockatoo – flew at Mr. Torres in an attempt to aid his owner. The bird, named Bird, helped police obtain enough evidence to get an arrest warrant for Mr. Torres.

Mr. West said that the bird’s beak bloodied Mr. Torres’ head and that Mr. Torres wiped the blood and then touched a light switch, leaving his DNA at the crime scene.

The prosecutor noted that Mr. Torres’ DNA had been found on the handles of two knives used to attack Mr. Butler. One of them was found under the victim’s body, Mr. West said.

Now that’s a good bird.  He may not have saved his owner, but at least he did enough damage to identify the suspect.

Out local ABC affiliate, WFAA, has been following the case of some serious allegations against the Haltom City jail and a municipal court judge.  I commented on the complaints against the judge earlier.  A new complaint was filed yesterday against not only the judge, but the entire city council

The lawsuit makes charges of a widespread pattern of unconstitutional pratices and conditions. It repeats complaints, first reported by News 8, that jailers had sex with inmates. But, named in this action are seven city council members, Haltom City itself, and 36-year-old municipal judge Jack Byno.

Judge Byno, who made his last municipal court appearance in January, was known as Max Jack for the tough fines and sentences he handed out. The lawsuit alleges that Byno violated people’s civil rights, and that the city council is responsible for the system he used.

Cited in the case is an unnamed 18-year-old male, charged with truancy, who allegedly appeared before Byno. The judge fined the 18-year-old approximately $24,000. After he’d served five weeks, the suit said, his grandparents had to take out a home equity loan of $16,000 to pay the city to get him released.

Attorney Everett Newton tries dozens of cases in Dallas Municpal Court each week.

“I’ve never seen a municpal judge make that type of decision,” Newton said. “Most people have an expectation that the judge they appear in front of is going to be famailiar with the law, and is going to be judicious, and use good judgement and be reasonable when dispensing justice.”

But, the attorney suing Haltom City, Michael Pezzulli, said that in Byno’s case, that didn’t happen in perhaps thousands of cases.

“If you cannot pay the fine, you’ll sit it out for $100 a day,” Pezzulli said. “And the law has been clear for years: you simply cannot do that.”

The suit said Byno misuesed what’s called a capias warrant.

“It’s not appropriate to say, ‘I’m throwing you in jail unless you give me all the money I want from you’,” Pezzulli said. “That’s where he stepped over the Constitutional line. That’s the problem.”

(The above text is copied directly from the link above, all typos are from the original).

Wow!  $24,000 for truancy.  That’s way over the line.  Clara Harris only got a $10,000 fine (although she did get prison time) for murder.  I guess the old saying about power corrupting is true.  This judge sounds like a petty tyrant who got off on exercising extreme power over the people who came before him.

Seen on the back of a vehicle in the parking lot at work:

Vegetarian: Indian word for lousy hunter

As I’ve noted before, I’m easily amused. 

From what I’ve been able to gather, it was her advocation of violence against violent “peace” protesters that was the cause of all the hatred directed at Megan McArdle on her site.  I actually thought that she was being too nice.  She only suggested using 2×4’s on them.  I would have advocated shooting the bastards.  But then I’m not the forgiving sort when it comes to destruction of private property.  I have a negative sympathy quotient for scum who destroy the property of others, especially when those others have no involvement in their so-called cause.

I consider it a just response to respond to violence with sufficient violence to end an attack.  Those who use that old, tired saw that “violence just begets violence” are right in a way.  But I don’t necessarily consider it a bad thing.  If someone is violent towards me, I’ll be violent right back.  There is no reasoning with someone who wants to harm you.

I wonder if it’s a concidence that these destructive idiots don’t try their silly little games in heavily-armed states like Texas?  For example, ELF seems to like to set fires.  Texas law actually provides for the use of deadly force to stop arson.  Not that I would necessarily use it, but there it is.

Another in a series of random crap from my head…

• I take a break from this blog thing for a couple of days and all hell breaks loose.  I still haven’t managed to get through my normal blog list yet (and it appears that Bill Whittle has cooked up another great entry that I haven’t had a chance to read yet, but everyone else is raving about it).
• Is it just me or have people been jumpy, grouchy, and generally discombobulated over the past few days?  I’d blame the full moon, but it would be unscientific of me to make such a superstitious statement.
• It seems that the hate-filled invective of the pro-Saddam appeasement crowd (and the left in general) has been unleashed over on the weblogs of Megan McArdle and Andrea Harris.  Maybe the full moon has hit the left as well.
• According to my handy VFW calendar, the Desert Storm ground offensive began in Iraq on February 24, 1991.  The 12th anniversary of that will be one week from today.  If we’re going to go in there, then let’s damn well get it over with.  It’s unfortunate that we’re going to have to keep futzing around with the UN and the EUroweasel appeaseniks (I suppose it’ll be worth it if it helps Tony Blair, but it had better not cost us any strategic or tactical advantage, which could mean more lives lost on all sides).
• I saw a Dodge Ram today with a pair of balls hanging from the trailer hitch receiver (if you’ve ever seen the south end of a bull, you’ll know what I’m talking about).  I’ve seen propellers and various other humorous devices, but I’ve never seen balls on a truck before.  I thought it was damn funny, but I have to admit that I’m easily amused.   Update: Here’s a link to the product.

Well, that went fairly well.  The only glitch I ran into was that I was upgrading from Movable Type 2.21 to 2.6.  The installation instructions indicated that since I was using MySQL I was supposed to run mt-upgrade25.cgi and then mt-upgrade26.cgi to update the database schema to the latest level.  Unfortunately, the mt-upgrade25.cgi script had a version check that checks for level 2.5 (rather than 2.5 or later).  I just commented that part out and all was well.

One feature that I’m glad to see in this release is the ability to close comments on old articles.  I have an old posting about Bushisms that seems to attract several visitors a day.  It’s now so old that I’m not really interested in getting any more comments on it.

Update:  It helps if you remember to upgrade the template for the individual archive pages.  Otherwise the handy new logic to turn off comments will be ignored.

I’m getting tired of the layout and color scheme on this site.  I’ve installed Movable Type onto my Linux system so that I can play around locally without screwing up the actual site (and without having to deal with network latency).  It may take me a while to get around to deploying the changes, since right now all I have are some basic ideas about what I want to do.

In the meantime, I’m going to upgrade this site to Movable Type 2.6, starting right now.  It should be transparent to people viewing the site, but if anything wierd shows up you’ll know why.