kgblogz

  • Increase font size
  • Default font size
  • Decrease font size
kgb999

kgb999

Website URL:

Monday, 30 December 2013 22:38

Those who profit from selling exploits.

There are two schools of thought when it comes to how security researchers should respond to the discovery of exploitable bugs in the software running our electronic devices. On one hand are those who think the vendor who produces/distributes the software in which a researcher has found an exploitable bug should be notified immediately so that the bugs can be repaired; on the other, those who think researchers should avoid telling the software producer for as long as possible while auctioning the information they have discovered to random third parties who then use it to do goodness only knows what. These camps have generally been labeled along the lines of "public disclosure" and "professional response" advocates respectively.

For the longest time those in the "professional response" camp liked to pretend like the difference between the two was in the public disclosure part. The assertion was that under a "professional response" impacted software makers were being notified quickly along with the community of vetted academic professional consultancies who were able to deploy enterprise solutions while the vendor worked on deploying a public patch. The "public disclosure" side believed after being notified, if the manufacturer was not deploying a patch the vulnerability information became increasingly important to all IT professionals that may have their systems impacted (with any exploit, the likelihood of discovery by additional parties increases in direct proportion to the passage of time).

Then Anonymous went to war with HB Gary. And it turned out these "professional response" advocates weren't faithfully notifying the software makers at all. In fact, they were actively hiding these bugs from the software makers and selling them. Their dirty little secret was out.

Sunday, 20 October 2013 12:55

Hello.

Howdy.

Turns out the site is all but defunct. The software is old and administering a blog is difficult.

But hey ... at least there isn't a SQL error anymore. So there's that going for it.

 

New user signup is disabled. If for some reason old users want to log it, they should still be able to.

I'm figuring out what to do with the content and stuff ... but I'm feeling no real hurry or anything.

Wednesday, 07 November 2012 11:05

Some Day-after-election Advice

Well, the election is over. That was fun.

Now, for those in non-hurricane ravaged regions ...  get your butts out there and fill up those vehicles at election-day gas prices!

My bet is that they won't stick around for too long.

Tuesday, 06 November 2012 22:08

State-level win for students and teachers.

Back when Scott Walker and his crew in Wisconsin pushed through their controversial overhaul of the state's school system it caused quite a media stir. Causing far less of a national bru-ha-ha was the fact that very similar laws were rammed through in several other states at the same time. My home state of Idaho was one such state. Despite widespread protests and vigils held from the top north to bottom south, legislature went ahead and passed what are known here as "The Luna Laws."

The response to Walker's actions in Wisconsin was an epic recall attempt aimed at replacing Walker and company with fine, upstanding Democrats. In retrospect, even with 100% success, this solution would result in all the undesirable laws staying if full force .. only now under the watchful eye of Democrats who, naturally, would repeal them ... eventually ... maybe ... if it's not too hard.  As it turns out, the solution was far from 100% successful. In the end, Democrats simply consumed the entire budget available to fight against the laws held in coffers of Wisconsin unions and achieved an extra seat or two for themselves in legislature. And today Walker's laws are totally in force. Lame if you happen to be student or teacher in Wisconsin.

Where the teachers of Wisconsin put their faith in the Democrats, the teachers of Idaho put their faith in the people.  Here, they decided to invest all the resources into fighting the bad laws instead of fighting to elevate a specific political party. The "Vote no on Prop 1, 2 and 3" campaign has been nothing short of awesome. By not weighting the campaign down with the ideology of a specific party, the floor became open to lines of argument that spoke to the concerns of those in each party. From the government overreach to unfunded mandates and deficits to eliminating negotiations on class size and student safety issues. People from all walks of Idaho political life came together and threw the kitchen sink at it ... with a full garbage disposal.

And the campaign to halt these terrible laws has achieved an overwhelming success. The final tally isn't in yet ... but it isn't even close. With Prop 1 & 2 both lagging by double digits and Prop 3 getting creamed by more than 30, it's over. Excuse me ... but ... hahahahahahahahahahahahaha!

That is not to say the Democrats of Idaho did not play a pivotal role in this success - they have worked it every step of the way. But this success was achieved because all of those involved have allowed the campaign to be about something bigger than a conflict between "good" and "bad" parties .... they presented a conflict between good and bad policy. Amazingly, the public isn't too stupid to understand a campaign asking them to decide on policy specifics after all - at least not the public of Idaho. And so it is that the Democrats, Republicans, independents and third-party voters of Idaho all have a part in this win. Pulling that off  took the kind of real leadership America could use a whole lot more of ... the kind that doesn't demand a brand-name be attached.

And just think, once-credibly-liberal Democrats currently trying to wash the dry taste from your mouths of voting for more of the same of more of the same thing you supposedly voted against Republicans in 2008 to change; we're the spittle-spewing, knuckle-dragging, home-schooled, racist, anti-union, teabagger militia red-state fuckers poised to overrun America were Romney to win the election that obviated you having no choice but voting the way you did.

For those keeping score at home ... as far as the kiddies in school go, Idaho knuckle-draggers:1  Wisconsin Dems: zilch.

Tuesday, 06 November 2012 00:24

A difference between Obama and Bush

George Bush: Great president ... or greatest president ever?

George W. Bush, former president. War criminal it has even been asserted at times. While individual tellings may differ in detail and specific focus, the point of these assertions usually revolve around a global network of secret prisons set up by Bush's national security apparatus - and the unfortunate actions that took place in them.

As we all remember, in a post-9/11 frenzy, American security forces were grabbing detainees in droves on the vaguest of suspicions from all over the globe and moving them through Bush's hidden prisoner processing plants. By all accounts now exposed to the public, it is clear that many actions taken by US interrogators while sorting an onslaught of the newly incarcerated appear identical to those that have been called both war crimes and torture when used against American personnel in past conflicts. In the absence of any rational negation of apparent facts, at best the question becomes a case of splitting hairs - certainly not a place our nation which prides itself on being a beacon of democracy and honor should feel particularly comfortable.

Take the case of Omar Khadr for example. Removed from the battlefield at 15 years old and placed in Bush's labyrinth of black prisons. No matter if one takes the view that young Omar was tortured ... or the view he was not ... the simple fact is he was 15 years old. I can only imagine what would go through the mind of a 15 year old in the middle of a battle - watching as everyone he knows fell dead one by one. Of all the reactions and decisions to make upon the capture of such a young person, I can not fathom the mindset that selected the course we took.

Recently Omar Khadr left the military prison complex at Guantánamo Bay. He is now in the Canadian justice system and an environment with potential to provide resources that may steer him in a positive direction. Beyond this, it is now known he will be released in a finite period of time.

Likewise in the case of David Hicks. Despite the flimsiest of evidence, he finally accepted a "conviction" in exchange for release - seemingly to allow the US government to save face (or perhaps more cynically, to avoid lawsuits). He is now free in Australia. It is difficult to imagine he doesn't still live with what happened in our prisons every day, but he is free, alive ... and moving forward. As are many other individuals who were graced with a visit to one or many of Bush's blacksite hotels.

Throughout Obama's administration, the president has paid a price in the form of media histrionics at almost every turn in the (at times grudging) process these cases have followed in the post-Bush era. Regardless how one feels about Obama's focus on making results happen quickly, or perhaps even fairly, the wheels of what passes for justice in this modern world have been grinding and slowly tossing out bits of humanity held in a limbo of the Bush administration's purported crimes. And Obama has indeed absorbed media criticism for every transfer - apparently a terrible burden for the modern politician to bear.

Therein lies the seed of a major difference between Bush and Obama. Bush never faced the political fallout associated with having sold a group of (at times randomly selected) detainees to the nation as admitted terrorists based on coerced confessions. He never had to ponder bringing them to trials that would, based on simple justice, see some prisoners acquitted. He left Obama with the question of how an individual can be set free after better than half the nation holds a gospel belief they are confirmed as terrorists ... at least without taking on an amazing downside political risk? Even worse, in today's environment this risk may hold true for any individual pulled from the global "battlefield" on which we play out our War on Terror, were they to go through American court proceedings.

So, the system adapts. In the new era America doesn't typically arrest terrorists in the War On Terror; certainly not under any publicly disclosed American law. The risk is too great. The political cost too high. There is now a cleaner approach.

And so it is today we are able to watch as many targets of Bush-era policies begin to collect the broken pieces of their lives and move forward, clearly damaged but alive. As with the Bush era, our current one too will eventually fade and America will move on to whatever comes next. Then perhaps the difference between Bush and Obama in this regard will become even more stark. While the policy is perhaps less prone to cause near-term political damage, the nature of mistakes now being made ensure an opportunity to move forward - as is slowly appearing for many caught in Bush-era blunders - will never exist for the victims of Obama's drone war excess. Humanity rendered to blood, dust and bone can never heal.

Happy voting day.

Sunday, 30 September 2012 08:55

Obama Is Peaking Early

There hasn't been much point in weighing in on the current race for president between Obama and Romney. Partly because there really hasn't been any need to update the conclusions drawn back before the Iowa primaries and partly because it's really difficult to build up the energy to give two poops.

But for the record, Obama is peaking early.

On the one hand, of course he'd rather be ahead than behind at this point. On the other, with a volatile electorate such as the one he's currently facing, I'll bet team Obama would really have preferred to see this surge come in the weeks building up to November rather than the ones that bring October. Odds are very good that the tide is going to shift the other direction. The big question is to what degree.

I still think Obama is most likely to win. But sadly, it appears we will be in for a serious MSM narrative shift and the "it's a horse race" coverage will become all but insufferable. Modern politics. Yay.

When last we checked in on erstwhile internet magnate Kim Dotcom, he was busy getting his mansion raided by a tactical police squad in full riot gear ... for file sharing. Well, it's been a fulsome couple of months for Mr. Dotcom. While the complete elimination of his business was coincidentally timed to occur scant days before one of Obama's strongest supporters announced a competing product, allowing the launch of "Google Drive" into a market with significantly reduced competition ... it turns out that none of it was particularly legal. As it sits at this point, Kim Dotcom will probably never face a day in US court over the issue. And so, without a scintilla of due-process, one of the largest businesses on the internet was simply shut down. Ultimately on the unilateral word of Obama's DoJ. In many ways this appears a tandem policy to the one by which Obama simply assassinates anyone he views as too much trouble to figure out how to prosecute.

Fortunately for Kim Dotcom, he resides in New Zealand. So he has slowly been getting back some of his money as courts untangle the impressive degree to which their authorities ignored anything resembling New Zeland law to do the bidding of America's FBI. And now he has announced some of his plans for doing stuff with the money. In addition to a re-launch of the Megaupload file locker service, he has announced a new music streaming service with an advertising  model causing a minor stir in the tech commentariat.

To listen to songs through Megabox, users will have two options—purchasing the music through the service, or installing "Megakey" software onto their computer to listen for free. The Megakey software, as Dotcom explained to Torrentfreak, acts like ad-blocking software—except that it isn't. Megakey allows most advertisements to appear, but replaces about 15 percent of the ads served up by websites with ads hosted by Megabox.

"These new solutions will allow content creators to keep 90% of all earnings and generate significant income from the untapped market of free downloads," Dotcom told TorrentFreak. "I created an innovation that could solve the piracy problem."

While it doesn't seem like much, this really does have the potential to stand the online advertising market on it's ear.

Wednesday, 05 September 2012 12:27

Potheads Send A Message To Obama.

Well. So, I guess Obama decided to make a web-ad featuring Harold and Kumar and play it at The Convention as a prelude to the "Kumar goes to Charlotte" sketch. Kind of reminds me of that period when Cheech went all preachy straight-edge and totally got into playing police detectives. Anyhow. I'm not embedding that one. If you want to watch it ... and read a decent takedown of the thing, it's featured over on JustSayNow.

Well, apparently some (likely) potheads kind of thought it was bullshit. And they made their own ad.

According to the Huffington Post, "Penn himself told Yahoo's Chris Moody that the president's marijuana policy has been "consistent.""

Concerns over internet accessibility issues have been somewhat of a recent theme of late. One thing often discussed that might go over the head of less-technical readers is a group of concerns I've taken to calling "last mile" connectivity - often more specifically as it relates to rural broadband. There is a recent op-ed in Ars Technica discussing negative impacts and implications of Verizon's recent strategy of killing off wired broadband services that highlights nicely one way these concerns manifest in the real world.

Back in April, you may recall that Verizon stopped selling standalone DSL, taking us back to the stone age of broadband when users were forced to bundle a costly landline they might no longer want. That move was just one part of a broader tactical shift by Verizon aimed at completely re-configuring the American broadband landscape—potentially for the worse.

Nowadays, in order to get internet from Verizon, users must also purchase bundled landline phone services. This has effectively sent the cost of DSL through the roof, and that's really the tip of the iceberg. Indeed, it seems in this piece Karl Bode has provided a decent case that Verizon's strategy is shaping up to leave the landscape *far* worse.

A Cato Institute guy has started an online campaign for a worthwhile cause; highlighted in an opEd this morning. I'll let him explain:

A year ago this coming Sunday, the US Court of Appeals for the DC Circuit ordered the Transportation Security Administration to do a notice-and-comment rulemaking on its use of Advanced Imaging Technology (aka “body-scanners” or “strip-search machines”) for primary screening at airports. (The alternative for those who refuse such treatment: a prison-style pat-down.) It was a very important ruling, for reasons I discussed in a post back then. The TSA was supposed to publish its policy in the Federal Register, take comments from the public, and issue a final ruling that responds to public input.

So far, it hasn’t done any of those things.

The reason for the delay, stated in a filing with the court last year, was the complexity and expense of doing a rulemaking in this area.

the Cato Institute has always sort of been one of those hit-and miss type of outfits (recently more miss than hit), but in this case, good on 'em for keeping on top of the issue. The ruling got some attention last year, and I think a lot of folks (myself included) imagined a court order would mean action was in the works. Apparently, Obama doesn't roll like that.

  • «
  •  Start 
  •  Prev 
  •  1 
  •  2 
  •  3 
  •  4 
  •  5 
  •  6 
  •  7 
  •  8 
  •  Next 
  •  End 
  • »
Page 1 of 8
English

Latest Comments

Saved as a favorite, I love ...
X-mass
By RaphaelJun 25, 2014, 02:14