Last month, an angry man chose to chug his liter of vodka, rather than to surrender it to airport security officials. Although this man made a hilarious—but unwise—decision, it seems as though he started a revolution for liquor connoisseurs. San Francisco Chronicle columnist Mark Morford recently forgot a 375 milliliter bottle of Krohn port in his bag. Instead of making him throw it out, a screener said Morford could enjoy it before passing back through the checkpoint. The lucky traveler even shared his coveted liquid with another passenger. Who knew passing through security could be so—hiccup—delightful?

I'm not all that surprised by these developments--flying out of Madrid two years ago, I arrived to board my flight to JFK and was then told I could not bring my water and the small bottle of Glenfiddich I'd bought to help pass the delay onto my flight (apparently somebody had tried to blow-up a plane in Heathrow a couple weeks earlier). The screeners were reluctant to try any, but the gentleman whose very nice looking writing pen was ordered not to board felt as if he would share a nip, leaving the rest of the bottle to me.

Unfortunately, with my water also exhausted prior to boarding, it was a dehydrating flight.

(unrelated, our company's list is the first item on the page)

Mobile telecom carriers run networks that allow phones (and other devices) to connect to them. When mobile (cellular) phones first starated becoming massively popular, each handset had to be keyed with specific values before it worked with a carrier, and therefore it made sense for these carriers to also sell the handsets for use with their network. At some point in the 1990s, the network/subscriber-specific values were moved to a removable chip which could be moved between compatible phones. This meant that telecoms only needed to sell these chips, and subscribers could get their phones from any source.

Let me summarize what is conservatively calculated as a metric fuckton of articles in the past week: Verizon is saying that it is doing what the rest of the world has been doing since the 90s--at best, the specifics aren't out, and knowing Verizon they probably won't go the tried and true route in favour of some BREW-like abomination. The only other new piece of news is that Verizon will let people write programs for their phones, presumably without the massive licensing costs associated with BREW--like people already can for almost every other phone on the market since they have a standard J2ME interpreter, or native APIs like Symbian devices.

So there's nothing earth shattering, nothing "progressive", and no "industry revolution" beginning--it started over fifteen years ago!

Now what finally got my dander-up was one particularly uninformed article. This article is talking about two distinctly different topics. In one case, how Verizon has announced that it will let its subscribers use non-Verizon-purchased phones on their network--similar to how the rest of the world functions since the introduction of SIM cards. It then goes towards the argument of the Jesus Phone upon shifting ground, positing that AT&T will follow in Verizon's footsteps by unlocking Jobs' toy to be used outside of its network.

Let me now recap this article. Verizon says it'll do what AT&T already does. Will AT&T follow Verizon's move by doing something unrelated? Maybe AT&T will start handing-out tickets to the circus with a three-year contract (instead of making you call their customer service number for the show).

How consumer desire to use the Apple toy on other providers could lead AT&T into an openness move is lost on me, and the author of the article didn't even try rationalizing this statement..

Stewart's ever-increasing popularity among young viewers directly correlates with the declining influence of progressive thought in America. Coincidence? I think not.

Michael Kalin--author of the above, from a Boston Globe article in March 2006 entitled "Why Jon Stewart isn't funny"--had a point, but I don't think knew how to support it.

Let me provide my own observation. Jon Stewart is funny, he's got a funny bit, it might even be funny when you've heard it a couple times. The problem is that Stewart relies on a one-trick-shtick: he mocks politicians or other public figures with puerile imitations.

Has this caused Joshua Goldberg, a fictional composite of the typical apostle of ''The Daily Show." to forgo politics in favour of the glories of investment banking? The overwhelming majority of people don't go into politics, and it isn't because of one TV show. College-political passions disappearing upon graduation and the real worldis nothing new.

Mr. Stewart and his show does in effect anesthetize his audience through repetition of jokes, stories, and focus. To assume that those affected are the Theodore Roosevelt[s] or Woodrow Wilson[s] of today is fallacious--instead one would better look towards the AHA (where both were members) or even white supremecists (Teddy advocated the superiority of the Teutons while Mr. Wilson reinstituted segregation).

Those that would be dissuaded from action by Mr. Stewart rather than turn-off the show would probably only transform into one of the objects of mockery anyway.

[09:37:33 AM] <dmcc> < http://www.idcorner.org/?p=161 >
[09:40:37 AM] <m> Point 1: "only sometimes" and "only when you're not paying attention"--which yes, is a problem.
[09:41:21 AM] <m> You can avoid the situation by making sure you're logged into the provider before you try logging into the other site, this is actually what LiveJournal (used to do?) and they would generate an error if you weren't already logged-in.
[09:41:59 AM] <dmcc> sounds like that should be part of the protocol
[09:42:18 AM] <m> user friendlyness would be sacrificed
[09:42:59 AM] <m> proper use of SSL certs and more obvious browser indications when something is wrong should work in "most" cases, if people notice the SSL certs and don't ignore the warnings
[09:43:45 AM] <m> after a few paragraphs on that, it's basically saying "a host the user trusts could be tray him"
[09:44:02 AM] <m> which, while a valid observation, shouldn't be considered an issue
[09:44:31 AM] <m> DNS robustness *is* a valid concern, however.
[09:45:00 AM] <m> But probably not as big of a problem as they want it to be.
[09:45:25 AM] <dmcc> i'm not sure if they *want* these things to be problems
[09:45:43 AM] <m> they being the people whom they are quoting
[09:45:47 AM] <dmcc> i'd be surprised if their goal wasn't improving security
[09:46:01 AM] <dmcc> they might not be especially constructive about it, though
[09:47:00 AM] <m> There are two issues with dns poisoning, hijacking the response--which won't get you the user's login credentials, but will get you access to an OpenID site/prevent others from accessing it.
[09:47:18 AM] <m> This is limited scope, but if the site is important enough, could be valuable.
[09:48:08 AM] <m> But at the same time, the DNS system at the higher levels is not as problematic as it once was, and you'd think these servers would have a more trusted chain of servers.
[09:48:42 AM] <m> The other problem, is simply redirecting users to a bad host. This is no more or less a problem than we already have.
[09:49:05 AM] <m> and is the bigger concern in any event
[09:53:48 AM] <m> The privacy concerns are all bollocks.
[09:54:14 AM] <m> "the site knows where you're logging in" is the only valid one
[09:54:24 AM] <m> (which they reword a couple times)
[09:55:32 AM] <m> choose a different provider if that's a concern for you, or be your own. Your ISP knows everywhere you go, log-in or not. It still beats what happens if you're using all of the Google services in my opinion.
[09:57:32 AM] <m> It confuses trust systems with Identity. Saying somebody is John doesn't say anything about who John is or if you should trust him. You just know he's John. It's not that OpenID isn't trustable, it's that OpenID doesn't say anything about the trustworthiness of the users.
[09:59:00 AM] <m> "people aren't used to it" and "some sites aren't designed with this in mind" makes up the usability section. I don't feel those deserve specific response.
[09:59:42 AM] <m> and of course, they then have a separate "adoption problems" section, which is what I thought the previous one was, just with a more generic name.
[10:00:39 AM] <m> There are ways to work around availability issues, but in general that's valid, although generally unlikely if you choose well.
[10:02:05 AM] <m> I was unaware that they patented OpenID, although they claim that they'll be stating that they won't assert the patent ... no story at the moment.
[10:02:20 AM] <m> 90% FUD
[10:03:01 AM] <m> well, 90% baseless FUD, 6% somewhat valid FUD
[10:03:12 AM] <m> 4% filler

Civil liberties groups have called the program Kafkaesque. But I have an even bigger problem with it. It's a waste of money.

I like Scheier not only because he knows what he's talking about, he knows how to say it in a way most people are more likely to care.

This particular article is about the pointlessness of the Terror-score the US assigns to every international traveller.

In fact, the Automated Targeting System is arguably illegal as well (a point several congressmen made recently); all recent Department of Homeland Security appropriations bills specifically prohibit the department from using profiling systems against persons not on a watch list.

There is something un-American about a government program that uses secret criteria to collect dossiers on innocent people and shares that information with various agencies, all without any oversight. It's the sort of thing you'd expect from the former Soviet Union or East Germany or China. And it doesn't make us any safer from terrorism.

While on the subject of airports, a man climbed a seven-foot fence and decided to pass the time sitting in a Boeing jet.

"It blows my mind that you can't get 3.5 ounces of toothpaste on a plane," he said, "yet somebody can sneak on a plane and take a nap."

What gets me, though, is that Delta gave its passengers a $7 food voucher. Airport food must be much cheaper in the Carolinas for that to be of any use. Schneier is quoted in the NYT article about the most recent run of TSA arbitrariness, the war on Gels and Liquids. This has resulted in my needing to empty a bottle of spring water, as well as a bottle of Scotch, while allowing me to carry my laptop and sparking power cables which almost lit a train on fire in Italy.

The most interesting article this digest is moderate length post on choosing and cracking passwords. The common thought on this has traditionally been "pick one or two words you can remember, and in the middle (or between them) insert some number)". This results in a fairly easy-to-remember password that, judging from the analysis mentioned in the article, is not super easy to crack. The more interesting is that the mainstream software mentioned takes advantage of swapped memmory and general insecurities prevalent in MicroSoft's and other operating systems. The solution is to use encrypted swap space, which can done on a GNU/Linux system by calling the following at start (in place of putting <swap> in your fstab):

losetup -d /dev/loopN
losetup -p 0 -e blowfish-256 /dev/loopN <swap> < /dev/random
mkswap /dev/loopN
swapon /dev/loopN

What this does is create a new loop device, loopN (N should be a number, use 0 if you have no other loop devices). It then mounts the partition you set aside (swap) for swap using a blowfish cipher with a 256-bit random key from /dev/random to write and read any memory swapped out. This can significantly degrade performance, and it will probably prevent you from hibernating (suspend-to-disk). The important thing is to use a different key whenever you reboot, which is one reason why hibernating will not work.


Finally, the story of two people getting their Virginia state drivers' licenses.

although maybe not since honestly, I think it was the first for a lot of people.

I remember my copy of 4.2 (Biltmore). We'd just recently upgraded from the 286 machines we had around to getting our first Pentium, and I was interested in moving from BASICA on those DOS running Compaqs to more interesting languages. This "Red Hat" thing had compilers for C, Pascal, and a load of other things. It mentioned something about being its own operating system which seemed odd to me, and I couldn't figure out if it was actually its own operating system, or just something that ran on top of Win32. I actually wasn't sure what I was buying in that catalogue ...

I've still never gotten that SVGA-lib Doom port working either. I can't seem to post comments to Marueen's web log anymore, so I pasted it here.

I find it funny whenever JWZ complains about his Apple toys because of his initial infatuation.

In summary:
* Apple's software: So awesome. The honeymoon is not yet over.
* Apple's hardware: Pissing me off. (But not nearly as much as PC hardware pisses me off.)
* Apple's support: Good for not trying to charge me for any of this. Pissing me off by being so slow, and for apparently not having fixed it right the first time.

For what it's worth, I agree with almost all of it, although I'm less enthused with the software because it tended to get in the way of the user. Many ofthe programs felt like the user existed for them instead of the other way around.

In other news, Apple released a lot of stuff in normal Apple fassion.

Apple CEO Steve Jobs promised some "medium-scale" product introductions and delivered along those lines, introducing a new version of the company's low-end computer and an iPod-powered boom box.

But if the actual products were underwhelming, the company's vision is becoming clearer -- and bolder. The product announcements indicate that Apple is clearly trying to establish itself as a player in the battle for the digital living room, where computer and networking technology is married with consumers' traditional entertainment systems.

As Rob Begbie said, "it had better sound good, cause it looks like crap." Investors weren't thrilled either:

That lack of a "wow" product rollout was seemingly reflected in Apple's stock price, which began slipping Tuesday after the products were announced; the shares were recently off $1.77, or 2.5%, to $69.22.

As the verbose subject states, two people, two blogs, two styles. One provides prose with exposition, the other a single line stating what happened. Two backgrounds, two styles.

(I wonder if I said anything more interesting about this the other day.)

This actually seemed interesting, so why not do it. Year in Review, one sentence a month out of my web log's entries. I'd also like to point out that 51.14 weeks ago, there wasn't any snow, while looking out my window this morning, it looks promising for skiing tomorrow.

January: If you don't control everything completely, you don't control anything.


February: It still sits right next to my other computer architecture books.


March: On the positive side, Anna should be here soon.


April: I've gotten good pizza, good Chinese food, and White Castle .


May: Apparently they are only trained to click candied buttons.


June: I have also further distanced myself from the pestilent days of RPI.


July: My accomplishment this month.


August: Yep, I'm actually logged into the bane of webloggers, the '00s version of the '90s personal web page with a bad neon color-scheme and starfield background.


September: Basically, I still can't believe I just spent $8.20 and only got three lously slices, and you get to read about it!


October:Why am I doing sports more now as a grad student than I was when I was ugrad?


November: At one point in time, English was much more understandable.


December: It does seem weird doing December only a week in, but I figure I might have more to say in three weeks anyway.

In what I can only assume is mere coincidence, the day after I asked this question, The Register asked its readers the same question in a poll.

The results are in, and it turns out that Web 2.0 is or might be (among others):

Web 2.0 is ... the vapourware output of people moving forward in pushing back the envelope of the corporate paradigm (to the sound of whalesong)
Michael Shaw

Web 2.0 is made of ... millions upon millions of bandwagons, circled into one giant investor cluster-f**k
Richard Ellis

Web 2.0 is made of ... marketing and collaborative self-deception
Dave Burt

Web 2.0 is [...] repackaged and rebranded to sell something that has existed on the internet since it begun. [...]
Roy Davis

So there you have it.

Apparently people who stare at a PC monitor for more than three hours a day can develop a condition known as Computer Vision Syndrome (CVS) which causes all sorts of nasty headaches, blurred vision, and other unwanted aches and pains.

Engadget has been the only member of Weblogs Inc. that I ever actually read, and recently I have noticed that there was little interesting news coming from them. This latest gem is humorous in its crapulence. There is little if any real information in the post: oh, look, new monitors that are average quality but prevent this alleged problem which I didn't know about but good God it's the end of the world if we don't stop it!

Seriously, WTF guys?

It feels like it has been a long time since I ranted about the LiveJournal package/site/code. I'm not even clear what exactly it's doing, never having used it.

Jessica's web log is syndicated on 無, where I read pretty much everything. She decided to post several blog entries about the recently released Harry Potter book.

The first of which is captured in the RSS item:

<item>
<guid isPermaLink="true">
http://www.livejournal.com/users/paperclippy/390279.html
</guid>
<pubDate>Mon, 18 Jul 2005 01:56:54 GMT</pubDate>
<title>Harry Potter</title>
<link>
http://www.livejournal.com/users/paperclippy/390279.html
</link>
<description>
<a name="cutid1"></a><br />I knew, when I heard that someone important would die in this book, that it would be Dumbledore. But somehow, when it actually happened, it still surprised me. I can't imagine what could possibly be in book 7.<br /><br />I think this is the most depressing book so far. I don't know that if I had young children, I would want them to read it. And though I figured out that Dumbledore was going to die before opening the book, I didn't figure out that Snape was the half-blood prince until he said so, amazingly enough. I'm still not 100% sure whose side Snape was really on, despite the fact that he killed Dumbledore. It was just kind of weird. Did he do it because of the Unbreakable Vow or whatever? Or to save Draco? Or because he is actually evil? I can't help feeling like if Dumbledore trusted him so much, there must have been something worth trusting there. Oh well.<br /><br />After spending my entire day (okay, not the entire day, only about 10 hours) reading this book, I am left with a general feeling of ugh. I guess I had hoped for something a little more satisfying. Anyone have any idea who R.A.B. or whatever the initials were is?<br />
</description>
<comments>
http://www.livejournal.com/users/paperclippy/390279.html
</comments>
</item>

Or from the Atom feed (which Planet often has problems with):

<entry>
<title mode="escaped">Harry Potter</title>
<id>urn:lj:livejournal.com:atom1:paperclippy:390279</id>
<link rel="alternate" type="text/html" href="http://www.livejournal.com/users/paperclippy/390279.html"/>
<created>2005-07-18T01:56:54Z</created>
<issued>2005-07-17T14:55:00</issued>
<modified>2005-07-18T12:40:55Z</modified>
<author>
<name>Jessica</name>
</author>
<content type="text/html" mode="escaped">
<a name="cutid1"></a><br />I knew, when I heard that someone important would die in this book, that it would be Dumbledore. But somehow, when it actually happened, it still surprised me. I can't imagine what could possibly be in book 7.<br /><br />I think this is the most depressing book so far. I don't know that if I had young children, I would want them to read it. And though I figured out that Dumbledore was going to die before opening the book, I didn't figure out that Snape was the half-blood prince until he said so, amazingly enough. I'm still not 100% sure whose side Snape was really on, despite the fact that he killed Dumbledore. It was just kind of weird. Did he do it because of the Unbreakable Vow or whatever? Or to save Draco? Or because he is actually evil? I can't help feeling like if Dumbledore trusted him so much, there must have been something worth trusting there. Oh well.<br /><br />After spending my entire day (okay, not the entire day, only about 10 hours) reading this book, I am left with a general feeling of ugh. I guess I had hoped for something a little more satisfying. Anyone have any idea who R.A.B. or whatever the initials were is?<br />
</content>
</entry>

Now, this post has very little to do with the author of the web log herself, and everything to do with the syndication engine in LiveJournal. I'll ignore RSS because I think it is not very good. Atom, specifically, though provides a measure for having both summary and content made available. The issue is that there appears to be different text in different views than in the entry in question. In fact, if you look at the correct views, you can see the spoiler warning. Other cases you do not. It would seem that in the case of atom, the one view should be the summary, whereas the other should be the content. In RSS, if there is different content, and only one feed, it seems to make sense that the feed provide the summary.

Why the LiveJournal engine does not include the other text in syndication, I do not know. It seems broken to me, but perhaps somebody who is more familiar with the LiveJournal system could explain it to me.

< http://www.groklaw.net/article.php?story=20050717111835239 >
PJ has an article which supposedly references a NY Times article (link wasn't working for me, and didn't appear to be going to the Times site anyway) that mentions that people are frequently purchasing new computers when their (presumably MicroSoft based) computers become littered with unwanted programs. I have not heard of this before, and it sounds pretty ridiculous to me. If you are going to go through the whole process of reinstalling software, restoring your files from backup (you would want to connect your vulnerable new machine to the one you just left a worm/virus laden mess, would you?) wouldn't it be cheaper to just reformat your machine? Isn't that the MicroSoft way anyway? Most of the things around these day only appear to infect the operating system or higher levels, it has been a long time since I've seen news of a new boot-sector virus epidemic.

JWZ has been in the news a lot lately (for this post), and I've been reading the other rants on his site. I understand very much how he feels about CDDB. The world of web log software, protocols, and everything else seems to be as well thought out as most of JWZ's fellow posters of the service he uses.

Issue number one. Trackback pings are a way of having one web log send a notification back to another site saying I'm talking about this or I'm responding to this. Awesome idea. It helps the democratization of the web leading to something akin to its original goal. Hyperlinks auto-generate and are relevant. Some information is sent with the trackback ping, including entry title, entry location ('permalink'), and the web log title.

Notice that there is no mention of character encoding. This gets sent along in the headers of the HTTP request (which encapsulates a trackback ping). It also gets ignored by most web log software I've seen. Not only that, but some software expects all or certain arguments of the ping to be included, even though the only thing that's 'required' by the de facto [original] spec is the 'permalink' argument. The display of the entry can sometimes be weird or non-usable because of this (the only reference to the permalink being a hypertext reference surrounding the empty string that would have been the web log name, for instance).

The bigger problem in my opinion is that no translation is done for character sets. Documentation for trackback pings don't mention anywhere who should be responsible for this translation--it seems in my mind that this should be done on the receiver's side since the receiver knows better than anyone else what is best for it. It could be possible though for the sender to remember the encoding type when it looks for the trackback url and do the conversion first. Unfortunately, this could lead to problems of loss of data (converting from EUC-JP to a Latin encoding for instance) and the receiver might want to store the original version for a later time in case of an upgrade and a larger charset becomes available. As someone said when this came up elsewhere, perhaps we should all just switch to UTF-8? Perhaps eventually anyway.

Netcraft reports about phishing sites being taken down by vigilantes. I'm sure a lot of people disagree, but I don't think anything is wrong with these actions--especially in the cases where (as the article mentions) the original site was already compromised which is what allowed the scam site to exist to begin with. It is obvious in these cases that the system administrators are not pursuing security with due diligence.

Also of note is that the article explicitly states that there appears to have been no collateral damage in any of the defacing of the phishing sites. This is a major difference than e.g. vigilantism with respect to spam.

There's been an issue floating aroun for the past few weeks, made public to the Linux world at large on April 5th via kerneltrap and picked up by barrapunto yesterday as well as slashdot. It's been posted a few other places now including el Reg.

To summarize the issue, BitMover, the company that produces BitKeeper, offered Linus and other Linux developers gratis licenses for BitKeeper. This started one of the larger political debates among the Linux developers in the recent era as Linux decided to use BitKeeper for the official tree causing other developers to follow suit (see the kerneltrap article for more information). Now BitMover has withdrawn the licenses from the developers causing some minor havoc and forcing the mass movement of a lot of code to a system that hasn't been determined yet.

If you don't control your software, it's going to end up controlling you.

Congratulations to Unprompted for his recent victory at the Game Jam down in NYC. C|Net has screen shots, choosing to lead off with his game.

Other famous games include his own ninja game, Kilt Chronicles and the cult classic Extreme Hat Putter Onner.

Templar was recently asking on lilly for phone info, having gotten himself a new Nokia 6620 running the Series 60 OS. He seems to be collecting a list of useful apps for the OS so I figured I'd link over to the post. Other apps I mentioned are below (didn't feel like posting an e-mail for the comment section, and I figured I'd test my trackback pinging ... hopefully it works out, sorry if it doesn't).

gpsmap used to be freeware, now apparently not. Official(?) homepage at http://www.vikinggames.hu/product.php?id=7. Other information at http://my-symbian.com/7650/applications/applications.php?faq=30&fldAuto=789.
The Opera Web browser is available for a price at http://opera.com.
FExplorer is freeware, available at http://users.skynet.be/domi/fexplorer.htm and allows you to copy/move/view all files on the handheld.
Doom was ported to S60--not sure if it runs on all phones. I can't find it at the site I got it from, but you might still be able to find it at
http://my-symbian.com/7650/applications/applications.php?faq=3&fldAuto=136 or using a web search. It *should* be open source I assume, based on one of the two code releases by id, but I can't verify that at the moment.