jump to navigation

Droning on again! December 26, 2015

Posted by wastedspacer in Everything Else, Global Industry, New Rules and Compliance, Political Issues, Rants, Technologies, The Fun Stuff.
Tags:
add a comment

ARDrone

I guess I could be classed as a drone early adopter of sorts with a trusty 4 year old Parrot AR Drone. I am somewhat dismayed that the FAA demands I now need to register it! It doesn’t weigh very much, nor fly very high nor even get out much but it does exceed the paltry 250 gram weight.
Being a responsible and law-abiding adult I decided I had better respond to the FAA drone-user nagging by visiting the FAA drone registration site and send them my $5 :
So what’s the big deal?    You first have to set up an ID which should be simple but of course there are unnaturally complex password requirements. You are informed that you cannot proceed with drone registration until your identity has been verified by a web link that has just been sent to you by email. Of course hour after hour go by with no incoming email from the system. You cannot log on again as your verification remains in a pending state, I send a help request to the supplied usahelp@faa.gov contact. Many more hours pass with no response or verification email!
Eventually (later the next day) I see the FAA mail has finally arrived. I click on the supplied link and I get a 404 “not found” error! I try again an hour later with the same result, I send another Email to usahelp but once again receive no response. Many hours later the site finally appears operational and I can register my drone. I was hoping to pay via something other than a credit card (Amazon, Paypal, BitCoin etc). Certainly of concern would be the need for trusting a historically porous government entity such as the FAA with my credit card information!! But given no alternative, I am forced to supply my credit card details (perhaps I should place a bet on how long before the FAA manages to leak their customer details?)!

DroneLALAFinally I receive a printable certificate to stick on my box and I can write my FAA registration on my Parrot drone! In fact if I buy another drone perhaps I don’t need to register that, simply use the same registration number hmmm? Well the chances of me flying more than one drone at a time is unlikely to say the least.

DroneLALA2
But why do I need to register this at all? Just how dangerous is my drone – or is it more about who is actually using the drone, the where and how?  Or is it just another media fueled paranoia piece of legislation latched onto by a government department keen to elevate its own sense of importance by adding yet more “care-bear” bureaucracy that comes with a whole department of taxpayer supported employees?

bigkite
If we are registering drones why don’t we register big kites? I see 7-10 ft wide kites being sold that come with 1000 to 3000 or more feet of line! They seem to be potentially more dangerous and can also be fitted with cameras. We don’t even register guns for heaven’s sake and don’t get me started on the dangers there.
On the positive side, it is only costing $5 for every 3 years and the $5 is being rebated (though I will believe it when I see the rebate appear in my statement).  I do get a “Certificate” which makes my little drone seem just that bit more “official” than it did.
On the concern side, yet another massive, notoriously porous, allegedly incompetent and insecure government department is being needlessly inflated. The FAA itself has become a juicier target with the millions of new drone-owner identities and credit card details for harvesting and exploitation by nefarious individuals 
Sorry for droning on!!!

More Trumped-up nonsense? December 11, 2015

Posted by wastedspacer in Government, Islam, Political Issues, Rants.
add a comment

donald-trumpWhile I find almost all of the seemingly hateful rhetoric from the odious Donald Trump distasteful I find it even more challenging to totally condemn all of it when visiting the UK I stumble upon material that actually appears to support some of his claims. A particular example: as Trump alluded, there really may be seemingly radicalized no-go areas in London where many local inhabitants and some UK Police officers feel this way 😦

Daily Mail article citing a number of British Police Officers unable to wear a uniform in some parts of London.

News clip on emerging “No-Go” areas in London from 2012.

Trump’s approach to dealing with Islam are nothing new, here’s an interview from 2011 where he makes his views on Islam clear.

The problem with all of this material is that it focuses mostly on the most radical and extreme aspects of Islam. Nobody bothers making a documentary on “normal” tolerant Muslims since it would in all likelihood be rather boring.

However, I also think Trump in his incessant bouts of (possibly feigned) stupidity has extrapolated his suggestion of a ban for US incoming Muslims as akin to the wartime proclamations of President Franklin D. Roosevelt, including “Alien Enemies — Japanese” (No. 2525); “Alien Enemies — German (No. 2526).” . His kindergarten level logic suggests while not only the US but the entire civilized part of the planet is at war with “Islamic State” and IS claim to be the only “true” Muslims. Trump therefore is absurdly supporting the IS view and presents a statement that all Muslims must be banned from US entry for the time being! What he missed is that part of the civilized world IS MUSLIM most of who will declare that miniscule number of Islamic State followers violate just about every tenet of what it is to actually be a devout Muslim!

So why would we want to ban those who would be allied against IS rather than turn them away at the door and risk alienating a few to the point they become radicalized!

The same simplistic logic could be applied to ban Christians if we used the doctrine of Timothy McVeigh, the KKK or the Spanish Inquisition as paragons of Christianity they clearly would be unwelcome in a civilized society. However, when compared to other religions Islam has many political and more subversive components perhaps making it a more effective religious platform from which to launch radical ideals 😦 Take a look at the Islam and Politics Crash Course.

Perhaps Trump is merely a self-appointed spokesperson for a large contingent of society that refuses to evolve? Here in Britain there is an ever increasing backlash from both Islamic and non-Islamic factions.

Here’s a few examples from several years ago illustrating growing hatred within a polarized British society: Driving through a formerly innocuous part of London

A series of UK documentaries about the same time titled “Generation Jihad” paint a similar story:

The bottom line is that with the current trend, it would appear that civilized society as we know it is on the verge of collapse. Above all we need new counter-terrorism directions despite media fuelled societal, and political imperatives to react violently with even more indiscriminate military action or to create even more “care-bear” security policies with new taxpayer funded organizations. To fear, collectively identify, react and acknowledge the terrorist simply adds credibility and more encouragement to those hate groups.

If societal collapse is ever to have a hope of reversal,  massive majority of the civilized and tolerant world must rally together. Despite threats, enable avenues of communication, reach out to educate the ignorant and the religiously repressed and to ultimately stop fomenting hatred.  Easier said than done especially from within more radicalized societies but everyone who advocates tolerance over hatred and knowledge over ignorance needs to drive towards this goal despite the threats from within.

Where do we stop? Does banning Muslims at the US border actually provide a solution or merely further inflames the domestic Muslim communities already resident within each country’s borders?

Thanks Chase for our new Chip cards but what happened to the PIN? July 14, 2015

Posted by wastedspacer in IT Security, Rants, Technologies.
Tags: , , , ,
1 comment so far

What is the point of having a Chip card without a PIN?

In my opinion, the US credit card industry is bonkers and just squandered $33 Billion on upgrading everyone’s credit cards by adding a Chip but neglecting to add any kind of personalization step to create a PIN (too difficult they claim)!

A simple implementation and personalization step would have been to require the card’s FIRST USE in a chip reader to create a PIN and also require a positive ID from the merchant/bank and/or face capture at an ATM sent to the owner to confirm/decline within 48 hrs.

Instead the US card holder has a card that will still work for an unauthorized person even if it is lost, “borrowed” or stolen. The only minor improvement is to reduce fraud in the case of card-skimming or number + CSC theft.

What particularly galled me was the US banking industry citing how effective the fraud reduction had been in Europe as a principal driver for this change. But those fraud-reduction statistics are actually based on the use of Chip AND PIN not just a chip alone.

Another irritating claim by Chase is the suggestion that using a CHIP card in Europe “may” require the use of a PIN in which case you are out of luck so carry cash instead! In my experience in the UK, if you have a CHIP you MUST present the PIN so this daft credit card is no longer going to be usable over in the UK. We don’t even have an option to create a PIN if we wanted one, the default settings for these pieces of dumb plastic is OFF 😦

Here’s one of the less-than helpful pieces of documentation from Chase:

DumbChipImplementation

Seems I am not alone in the lambasting of this rather dumb and seemingly pointless waste of $33 BILLION!!

Source: Money – You’re about to get a new credit card … and it’s an epic failure

and Wal-Mart’s executive in charge of payments thinks the United States’ switch to chip-based credit cards is going to be a disappointment.

So far our experience with what just arrived in the mailbox is certainly looking that way! We are being given 60 days to comply, they changed the CSC and nudged out the expiration date so we will need to update all our auto-pay settings AGAIN. We only recently received new cards and had just completed that onerous exercise!

Perhaps its time to start a consumer security pressure group to force US Credit Card companies to implement the PIN, or at least provide a way for those of us who WANT a PIN can get one since that is an embedded part of the EMV design.

Toxic Trains – Bay Area Rotten Transport January 13, 2015

Posted by wastedspacer in Political Issues, Rants, Social State.
Tags: , , , ,
2 comments

As seen from my seat (my bag was sitting on that)!BartMyseatBart1531xTowards Front

I’m writing this journal entry as I sit among the filth and squalor that is Bart carriage 1531x, part of the 10 car 10:14 am from SFO to Pittsburg Bay Point. A cringing couple, holding an infant sitting a few seats away, concerned on the seemingly infectious nature of this squalid carriage. A possibly mentally ill, foully aromatic individual who remained on the train when it arrived at SFO sits mumbling obscenities and threats like “I’ll kill you” or “In your eye” every time the train operator made an announcement. The rest of the time he spent grunting, chewing and expectorating on the floor. I look over the other side of the car and I see a sign proclaiming “This Car Proudly Maintained by the Concord Shop”,

BART1531XrearBART1531XBeepBeep

I wonder about what the cadence, is, perhaps an annual maintenance? I wonder how long it takes for a car to get into such a horrendous state and why there seems to be no enforcement of some of the disgusting things that violating passengers do?

Is this an isolated case? Not at all, I am an infrequent user of this relatively costly however mostly convenient service. Sadly my journeys on Bart seem to be beset with such unfortunate scenes. I have traveled on far less costly public transit in many cities around the world and have to note that Bart is possibly the very worst. In the days when it went straight to SFO, around the early morning commute hours at the Dublin/Pleasanton station it is not unusual to see numerous individuals carrying blankets getting off the inbound train and board the outbound one each one quickly snagging a double seat to lie down on, forcing commuters to stand.

Drunk, messy-food consuming, vomiting, urinating and defecating possibly homeless and/or mentally ill passengers are also regular sights in the evening hours. Panhandlers, usually passive but occasionally hostile, make their way through carriages while shaking folks down looking for money. Reporting these infractions to station agents at best get a tepid “we’ll look into it” for the most part, BART police are invariably nowhere to be seen during these unfortunate events.

A few years ago, I had the misfortune one time to sit behind a couple of ironically comedic hand-holding BART employees. They also happened to be “proud” Union badge bedecked workers who’s overheard conversation snippets were disturbing. They thought it hilarious that they were able to procure overtime then just sat around or slept and that the tax paying public could do nothing about it. In my opinion, they could start by cleaning these darned cars but I’ll bet that’s a different Union? I assume their union would not tolerate crossing work boundaries.

Sometimes I wonder why bother connecting to airports such as SFO, there’s no specialized luggage racks (is it for fear that some passengers might sleep on them), many of the early morning flights cannot be connected to due to the relatively late start times (especially at weekends).

Is it just me or are other travelers appalled at the state of our Bay Area Rotten Transport. Do we seriously believe that we should spend vast sums of money on high speed rail while critical connecting infrastructures such as Bart remain such a cesspool of inefficiency and squalid conditions?

Signing off as I stare at what looks like mold growing on the floor I pause to consider I really need a second shower today!

Net Neutrality – A presidential U-Turn? November 11, 2014

Posted by wastedspacer in Global Industry, Political Issues, Rants, Social State.
Tags: , , , , , ,
add a comment

NNewt*sigh* Too little too late perhaps? I hear all of the Comcast, Verizon and AT&T execs crying foul over this supposed U-Turn. It seems that now we have a president unfettered by the mountain of promises needed to get elected and able to say what he really thinks! Of course, it will make way for 2016 presidential candidates to “disagree” with a now unpopular leader and enable new cable company supporting politicians to line their campaign pockets with the vast trove of funding to decry the misguided neutrality musings of the former president!

I like the chart with the Netflix shakedown, Comcast (and to some extent Verizon/AT&T for that matter) is all about squeezing maximum profit so they can spend  what appears to be 90% of it on marketing, lobbying, lawsuits, civic “incentives” to help block private and community cable or communications initiatives and of course a large pot of money to buy up any of the smaller competition and supplemental organizations. Comcast doesn’t actually need to block access only neglect to add upgraded connections where customer streaming services like Netflix add burden. It can then shake-down those service providers to pay to accelerate the process. “XFINITY” marketing suggests is all about giving the customer fast access to the services they desire – yet their actions are completely counter to that!!!

Now we have a huge presidential support for Net Neutrality! Throwing all of his old-buddy election campaign backers under the bus now he no longer has a future presidential bid to worry about funding! Plus the chances of any future Democratic candidates seeking Obama endorsement are unlikely – OTOH I’m sure the cable guys will be only too happy to help them if they can oppose this Net Neutrality stance.

We have the appointment of the former pro-cable lobbyist Tom Wheeler as the chairman of the FCC. presidential golfing buddies – Comcast’s CEO Brian Roberts, campaign bundle specialist David Cohen Exec VP at Comcast who was a staunch supporter and massive fund-raiser for the Obama campaign with some really compelling Comcast promises including grand statements around “internet for the poor”. (How extensive was this and where did that actually end up)? No wonder all these folks are now crying foul – but I guess this is politics 101 when you no longer need the money from those former “buddies” toss them under a bus!

http://deadline.com/2014/11/comcast-responds-obama-net-neutrality-1201280353/

http://www.phillymag.com/articles/david-l-cohen-profile-david-l-explained/

Once again the end-consumer is going to be the one ultimately paying for this with increasing charges, no improvement and possible degradation in services!

[SCAM baiting Central] Windows Service Center calling October 15, 2014

Posted by wastedspacer in IT Security, Rants, Spam, SPIM and other annoyances, Technologies.
Tags: , , , , , ,
add a comment

ScamAware34

The phone rang early this morning, a call reportedly from AIG-Corp (212) 458 7243. A man calling himself Dan with what sounded like a heavy Indian or Pakistani accent allegedly working for the Windows Service Center. Having received a number of these calls before my first thought was to simply hang up. Instead, since I still had my coffee to finish off, I started asking the questions starting with where they were calling from – it sounded like “Dulls Testes” – I said you mean “Dallas Texas”? He was calling to inform me that my Windows computer “was causing virus”. I knew what would be coming next so I ask for another telephone number in case we get “cut off” (214) 272 0277. About this time I hear the phone being snatched away then someone with a lot better English tried to explain about how my Windows system was reportedly attacking the internet and if I would allow them to connect to my PC they could remotely fix the problem (yeah right).

They want me to install a program called AMMYY (which is actually a free remote-control software for WIndows). I ask why Microsoft would want me to load a non-Microsoft program? I then ask for the IP address my machine is supposedly using, he doesn’t have that available and by now the caller is clearly getting irritated. I realize that since I was in fact using a Mac at that time I could follow along and this is not going to work, but feigning some denseness, I haven’t told him that yet. Eventually when I reveal I am using a Mac, the gig is up and he starts hurling numerous expletives, after I suggest he seek another profession or source of income and I hang up. After a little more research baiting the Windows Service Center scam folks is become something of a popular “sport” captured and reported such as this example on Youtube (you will notice dozens of similar recordings).

The Dallas number (214) 272 0277 is surprisingly listed under the Dallas BBB, I suspect it is may be an auto-populated reference. Though it does seem to have an actual postal address of 12800 Abrams Rd, Dallas, TX 75243-2104 (looks like a field on Google Street View)!

Microsoft has clearly stated they do not engage in calling customers with this type of “service” they even have a community notice regarding AMMYY:

As for the phone numbers – if you see these numbers below on your caller ID Beware! Searching them both on Google or Bing reveals numerous scam complaints going back over 4 years. The AIG-Corp CID is clearly (and illegally) spoofed!

(212) 458 7243 – AIG Corp

(214) 272 0277

Now here’s a thought, I get a lot of notifications from places like Nigeria offering me opportunities to make millions of dollars if I provide a name, address and phone number. Perhaps the Windows Service Center would like me to refer them to those opportunities *evil grin*

When does Preserve mean anything but preservation? September 12, 2014

Posted by wastedspacer in Political Issues, Rants.
Tags: , , , ,
add a comment

San Ramon Housing Insanity

So when does Preserve mean anything but preservation?

When it is used to hide the true intent of a high-density housing project. Check out the latest citizens outraged but council approved nonsense:

Faria Preserve:

After the fiasco of the veritable ocean of million-dollar homes that comprise the Dougherty Valley, the sneakily titled “Faria Preserve” is just another black-eye to the predominantly developer/real-estate enabled San Ramon Council. Not that the current council is squarely to blame, just that the 5 year old agreement/can was kicked down the road by the previous incumbents for the current folks to have to deal with. Reading between the lines, San Ramon is under an “obligation” to provide a certain percentage of affordable housing (or the state will penalize San Ramon). Vastly increased drought induced water consumption issues aside, this begs the question as to why that was not planned during the Dougherty Valley planning – oh yes, let’s not sully the high property values with the less desirable “affordable housing” blight and an even worse Bollinger Canyon Road nightly backup!!! But here we are in 2014 with a council forced to vote AYE to this fiasco.

The “Preserve” is nothing of the sort, normally that label suggests, peace and quiet, tranquility and a riparian setting. Nope, it is HIGH DENSITY HOUSING and all of its accompanying traffic, access and other problems. Expect massive delays at the Bollinger/Crow Canyon intersections. We the people of San Ramon seem unable to stop this obvious train-wreck of a project it seems that contractually and state mandate governed we are locked into a commitment to see this tragedy through to its ugly conclusion.

The council made these plans and agreements during the time when the San Ramon growth situation was vastly different than it is today (See this Bloomberg study:http://www.bloomberg.com/apps/… . The Bloomberg article identifies the “demand” for housing fueled by AT&T (moved to Texas), Chevron (moving many organizations to Texas), Zynga (rapidly declining revenues and massive layoffs), Robert Half (declining fortunes and recently voted the 7th worst company to work for by Fox Business). Thus there are strong arguments that the rationale behind pushing forward with the Faria Preserve no longer exists.

So why is the Council being so boneheaded on pulling the plug? Is there something else they are not telling us?

Serious Security Threat or Marketing Ploy? – WSJ “Night Dragon” February 10, 2011

Posted by wastedspacer in 1, Global Industry, IT Security, Notable Incidents, Political Issues, Rants, Spam, SPIM and other annoyances, Technologies.
1 comment so far

According to a report from the Wall Street Journal – on “Night Dragon” attacks:
Oil Firms Hit by Hackers From China, Report Says

How convenient for something like this to turn up the week before RSA! Seemed like an important headline and I suspect some additional news coverage could have been imminent given there was even a scrolling ticker about this on a couple of the local TV News channels this morning. Unfortunately for whoever thought this was a perfect time to disclose they got usurped by the Egypt breaking news alerts!

The McAfee PDF report is an interesting enough study however, there appears to be a number of shortcomings in the analysis, far too much circumstantial intelligence and many disclaimers of actual allegations. Furthermore “Night Dragon” is merely McAfee’s selected report moniker for their particular identification of a threat-bundle. Symantec, Microsoft, Trend, Sophos may select the same individual threats but call them different names and may not pull them together into a creative study such as McAfee sponsored. A couple of virus definitions are highlighted identifying known threats several months ago from May and August 2010.

I’m always skeptical when a security products company does a periodic security driven “the sky is falling” in-depth analysis. There may indeed be some bread crumbs of significance, my main concern is that it could just be another thinly disguised “wag the dog” company visibility increase exercise.

My more cynical side suggests that perhaps this is an effective security company marketing strategy that undertakes a “scientific” study around high-visibility targets, periodically wave a headline comprised of: (insert enemy state here) hackers attack (insert newsworthy Western iconic industry here) Gigabytes of data and trade secrets stolen. Then add some vague traffic analysis to show the volume, where it’s going and who’s allegedly controlling it, who knows, maybe some US bank or oil company outpost had been leveraged and was being unwittingly used as a Chinese/Ukrainian managed BitTorrent host for illegal videos? Or is it really corporate sensitive bidding information and active well log data? Without concrete proof in-stream or at the endpoint, any possible botnet C&C and network findings results would show pretty much the same data stream which could allow any security company to allege such a finding without actual proof.

We (or at least corporate executives as the target of this info when escalated to the lofty heights of a WSJ article) certainly appear to fall for it every time and then demand answers around what their internal security experts intend to do about it? Of course in the shadow of “cry wolf” warnings , once in a while there really are dire and present issues that require immediate remedial action so those security experts always have to remain vigilant but circumspect.

Perhaps if we (and apparently the WSJ) are really concerned about threats from “Chinese Hackers”, we should also address the oil industry “best-practice” of off-shoring to low-cost-geographies and perhaps consider that hiring an increasing number of our Western petroleum engineers and geologists from Chinese universities may pose a more insidious threat in the potential espionage space over the long term? We certainly should take security integrity and sustainability in mind when chasing the almighty short-term efficiency and cost savings fuelled drive to top ratings supporting the investors on Wall Street itself.

On a positive side, the WSJ article cited the attack vectors were typically via Microsoft vulnerabilities so companies that take an aggressive stance towards rapidly applying patches to help obviate threats. McAfee and Sophos share threat signatures so in this particular case where the detection was spearheaded by McAfee, at least, customers of these companies may enjoy a slightly better level of immediate protection and thus should benefit from any behind-the-scenes patching that McAfee had put in place to mitigate these threats. I just cant help wonder when Symantec, then Trend, then Kaspersky will see this approach as a “winning” strategy and start spinning their own versions perhaps “Soup Dragon” or “Nuts Dragon” analysis variations?

This seems like an ideal opportunity for security personnel to put in place better detection systems beyond IDS/IPS. Perhaps including honey-pots to at least be in a position to identify the liklihood of actual inside-the-perimeter threat activity. Furthermore, they will be able to consistently state whether they are being actively targeted over time and how frequently. Those metrics could be easily accumulated and used to not only track down current threats but also provide a current state report to executives when these kinds of issues are raised by the media.

In the meantime it’s ok to cry “wolf” (or depending on your security company’s naming convention: “loup”, “mac tíre”, “भेड़िया”, “الذئب”, “lupo”, “úlfur”), CVE goes a little way towards individual definitions but would help if anti-malware security companies got together and agreed upon a common name or at least resolution for a collection of threats from a suspected single source.

Some assembly required! Success as a Service! September 7, 2010

Posted by wastedspacer in Everything Else, Rants, Social State.
Tags: , , , ,
1 comment so far

How extensively are dissertation services used to falsely obtain educational qualifications?

What value is there in an education assessment system where a significant number of “successful” students derive that have achieved that success via leveraging a professional essay, thesis and dissertation service?

I was dismayed to see these posts in the Craigslist services section:

Essay Emergency Writing Services, Confidential, Affordable, Urgent
“Undergraduate, Graduate, and Doctorate clients.
Premiered and renowned personalized writing service for International Students from China, Japan, South Korea and the Middle East “

I can certainly understand a little help with a critique, editing essays or simple assistance for thesis work but to completely outsource the production effort makes the derived qualifications something of a joke. No wonder there are so many honors graduates who apparently can’t spell or string some sentences together when they arrive in the workplace.

Ecuador – Another Chevron Lawsuit proponent disqualified February 9, 2010

Posted by wastedspacer in Global Industry, Political Issues, Rants.
add a comment

It seems there’s no end to the corruption elements involved in trying to pick the deep pockets of Chevron. Now we have one of the engineers supported by the Amazon Defence Coalition who despite previous denials has recently been found to be a significant owner of an eco-remediation company who would benefit significantly should the lawsuit succeed!

http://www.chevron.com/news/press/release/?id=2010-02-09

After a Judge is forced to recuse himelf and other prosecution supporting individuals are under clouds of suspicion – who will be next to get tossed off of the suit.