So all you want is bloody poetry huh?

April 17, 2016

I try to blog as often as I can.  But I’m really depressed that only my poems get Likes.  My political, cultural and other entries get next to no interest.  I’m not going to stop posting stuph about politics, culture, privacy, security and the other subjects that get me riled.  And the poetry of course (bread and circuses FFS).  I’d just be happier if my “serious” posts got more attention.

Also, even the poems get next-to-no Comments.  I need Comments so I can hopefully improve. Please please, poetry Likers, could you also Comment?  I’d really appreciate it.  Thanks for reading.

UPDATE: as of 18 April (day after posting) I’ve received two Likes: from anthonymize and Juansen Dizon.  Just general, click-the-Like-button likes, and no comments.  Likes please me, as I have an ego that enjoys beeing stroked; but the whole point of this post is that I want Comments too.  If you’re too shy to make Comments readable by everyone who visits the blog post, there’s a Contact Form button at the top of the page.  You can put your Comments there, abd if you want anonymity that’s what I’ll give you – your name etc will not be kept on record if that’s what you want.

sad-face-sticker

Leave Comments, damn your eyes!

This blog isn’t an anthology of what I consider my best work.  I put works-in-progress here, meh stuph that I’d love to be reviewed and love to get Comments on.  So pleeeze! – if you have the time, write something in the Comments or Contact Form.  Comment on my blog, I’ll come look at your blog, if you have a blog of course, and if I can create a window in my already bursting bag of commitments.  That last bit is a joke of course.  But in all serious, Comment on me and I’ll Comment on yours.  Quid Pro Quo I think it’s called: washing each others’ backs.

Cheers, Martin X!


free web stat


Why putting back doors in message apps will not stop terrorism

February 17, 2016

I’m not a security expert.  So why don’t you listen to one?  This video is Bruce Schneier, a well-known security and cryptography expert, taking questions at DEFCON 23.  He addresses the issue of back doors at about 07:20, but the entire video is worth watching.

If you don’t want to watch it, I’ll paraphrase:   The feds say that ISIS recruits via Twitter.  A recruiter will get into conversation with people,  and the feds can monitor that okay.  But then the recruiter says “go download secure-app X” and all of a sudden the authorities can’t monitor them any more.  This makes the cops sad.  So they want to put back doors in all the messaging apps.  But that is not going to solve the problem!

(About 09:10) “This is not a scenario that any type of back door solves. The problem isn’t that the main security apps are encrypted. The problem is that there is one security app that is encrypted. The ISIS guy can say ‘Go download Signal, go download Mujaheddinsecrets, go download this random file encryption app I’ve just uploaded on Github ten minutes ago.’ The problem is not the encryption apps that the authorities want to get into, the problem is general purpose computers.  The problem is the international market for software.”  Back doors are not the solution for the problem the authorities claim to have.

You’d have to put back-doors in all messaging apps.  Not just the mainstream ones.  Not the not-so-popular niche apps that some people like to use.  ALL apps.  Including ones created by ISIS guys and uploaded to whatever-server-wherever-whenever.  “So we need to stop talking about that [back doors] or we’re going to end up with some really bad policy.” [about 10.00]

 

 


How to delete that iffy stuph off your computer

November 18, 2015

Hopefully, most/all people know that simply clicking “delete” on your computer is not going to delete the files.  Erasing a file simply erases the file system entry, leaving the actual file intact and accessible to others if they have the correct tools and know-how.

To combat this, various “secure” deletion programs have been created: eg shred and secure-delete (srm) etc in the Linux/UNIX world, and programs such as Eraser, Freeraser, Blank and Secure and DP Shredder (and others) for Windows operating systems.

Unfortunately these tools are not a cure-all.  If someone has physical access to your laptop, a skilled technician can fool these programs and make the computer to spew its guts.  Just look what the NSA and GCGQ did to a Guardian computer believed to be carrying details of what NSA whistleblower Ed Snowden had told them.  Just check out what staff members of the Guardian newspaper had to do under the watchful eyes of NSA/GCHQ operatives to ensure no nasty ones and zeroes got out there to knock Western Civilisation down onto its knees.

Many folk in the computer security community think this was “security theatre”… the NSA/GCHQ experts did stuph that was in no way necessary, it just helped stop educated security guys from figuring out what bit of laptop needed to be trashed and what was trashed for no reason except for the daft notion of “obscurity = security”.  Secirity experts will have talked with their expert buddies to find out what they thought as they watched the computer dismantled and buggered-up beyond recognition.

Anyway, have the NSA/GCHQ forgotten that mantra that is beaten into them at school “back-up, back-up, back-up”.  Who says that the files on that laptop were unique?  I seem to remember that a number of newspapers around the world were publishing details of this story… do NSA/GCHQ held the only copy of the intel?  That is a stupid idea.  If I was given a story whose details and proofs were on a disk, I would send copies to everyone, to be published if I slipped and fell horribly in the shadow or I disappeared one night never to return.

Bloody stupid intelligence service.  Their #1 secret = there is no intelligence regarding their intelligence.  Because they have none.  Now let’s go drive off a cliff somewhere.  Orders is orders, innit?

 


So are the terrorists coming to get us or not?

July 10, 2014

On Monday the Guardian reported the former head of MI6, Richard Dearlove saying that the risk to the West of Islamist terrorism is overblown and the activity is now centred in the Middle East – “Muslim on Muslim” as he put it. And as he recently ran MI6 he probably knows more about this stuff than most of us. Dearlove was addressing the Royal United Services Institute from a pre-prepared speech just hours after broadcast an interview with a Briton who had appeared in an Isis video. Abdul Raqib Amin, from Aberdeen, said:

“I left the UK to fight for the sake of Allah, to give everything I have for the sake of Allah. One of the happiest moments in my life was when the plane took off from Gatwick airport. I was so happy, as a Muslim you cannot live in the country of kuffars [non-believers].”

This means that he is not going to come back to Britain to put his new military skills to use. It’s far more likely that Amin and his comrades will remain in Islamic regions to “fight the fight”.

So, if the domestic terror threat has receded, why is the British government using emergency powers to pass communications surveillance law that has just been ruled as illegal by a judicial review claim in the high court?

Cameron and his lapdog Clegg is carrying on with blowing the “threat” out of all proportion by using emergency powers to fast-track this legislation through parliament when there is no actual emergency. And Labour leader Ed Miliband is supporting it too! Labour MP Tom Watson says there was a secret deal between party leaders and MPs knew nothing about it until today! It’s being called a “stitch-up”. British democracy in action.

On a related note, the government has announced that anyone carrying an electronic device onto an aeroplane would have to demonstrate it actually worked, because of “intelligence” that terrorists have learned a new method to replace a battery with explosives. But this is just “security theater” – the practice of investing in countermeasures intended to provide the feeling of improved security while doing little or nothing to actually achieve it. Airport security is always playing catch-up with the “terrorist threat”. This week you’ll have to switch on your phone to prove it contains a real battery. Next week the terrorists will make batteries that work as batteries as well as containing explosives. And what if you’re like me and constantly forget to charge your phone? Dead battery, device can’t power up, and you’ll have a pretty stark choice: dump your expensive smartphone and go on the flight, or keep the device and go home. And it’s apparently going to be a random check! Okay, British Airways and Virgin Atlantic say they will send your device home for you if you can’t take it on the plane. But that’s just two airlines. And anyway, if the explosive in the phone can’t be detected by usual checks, what’s to stop the terrorist just putting it in his suitcase in the baggage hold?


Ubuntu Forums down! Security breach! Don’t panic, carry on…

July 23, 2013

Ubuntuforums.org, the bestest user forum for Ubuntu users that I know of, is offline due to a security breach whereby usernames, passwords and email addresses were compromised. This happened on 20 July, apparently, I only just noticed (come here for the latest news, eh).

Canonical, the company behind the Linux-based Ubuntu operating system, and whose servers host the Forums site, have put up an announcement page, to which you get redirected if you try to browse to the forums. From what Canonical have said, it appears:

1. Usernames, passwords and email addresses have been compromised. The passwords were stored hashed, ie not in plain text, but users who use their Ubuntuforums.org password on other sites should change them, just to be sure;

2.Ubuntu One, Launchpad and other Ubuntu/Canonical services are not affected by this.

I’m wondering: the forums site was being hosted on Canonical servers, and it was compromised. But other Canonical services are unaffected… So, is Canonical giving Ubuntuforums.org second-class service? Or are all Canonical servers this badly managed, meaning users should forget about using Ubuntu One, Launchpad, etc?

I don’t want to be an asshole about this – but Canonical, WTF??!

EDIT: I’m a bit behind the times with this, but Ubuntuforums.org is up and about again.  They’ve changed the logging-in mechanism, now you need a Launchpad account too, but it’s easy to do.  Just go to Ubuntuforums.org as usual and you’ll be walked through the new process.  If you’re into Ubuntu it’s a wonderful resource, I’ve managed to keep an account there since 2007, I’ve had a shit load of infractions (official warnings), one admin said he didn’t know of anyone worse, but the community there is really good.

Make_a_donation

Locations of visitors to this page


free web stat


Another 1200 soldiers deployed to fill G4S Olympics security shortfall

July 25, 2012

Well whaddayaknow… G4S, the private security company allegedly providing security for the upcoming London Olympics, still haven’t got enough properly trained staff in place, despite the fact they’ve had seven years to sort it out. So now 1200 personell mostly from the Royal Marines, and 16 Air Assault Brigade have been drafted in to make up for g4S’s appalling failures. I don’t know if their failure is going to hit G4S in the pocket; but it should.

I really don’t understand why G4S is one of the government’s favoured private sector security companies. But I can tell you this: if G4S win any of the upcoming contracts to provide privatised police or prison services after this cock-up, it will be plain to see that the ConDem “government” is rotten to the core. If G4S win contracts despite their all-too-obvious ineptitude, we’re gonna be looking to see who stands to benefit from such a ridiculous decision. Corruption in government is nothing new – but we’re talking about crucial security services at a time of terrorist alert. I don’t want my safety in the hands of the G4S cowboys… do you?

Locations of visitors to this page


free web stat


They’re screwing up Olympic security… and now G4S want to run our prisons?!

July 22, 2012

This is completely insane. Security firm G4S won the nice juicy contract to run London Olympic security – which they’re messing up already, before the Games even start; they are possibly in the running to take over privatized police services in the West Midlands (though luckily the Olympic security fiasco has changed some minds over this); and now they are bidding to run 5 new privately-run prisons – a plum worth up to £2 billion!

Call me old-fashioned if you like, but I think services like policing and running prisons should not be run by companies whose only aim is to make a profit, We’ve seen how G4S works in the Olympics fiasco – they can’t employ the number of guards and trainers required, despite the fact they’ve had years to prepare for it, and now the Army are going to have to supply soldiers to do the work G4S have already been paid to do. If G4S win the bids to run prisons and police forces there will be at best Keystone Kops antics going on, at worst there’ll be carnage in the prisons and on the streets.

We need to make it clear to our “government” (wtf are the LibDems thinking of, going along with such insane policies?) that privatising the police would be madness, and G4S in particular should be kept away from anything to do with safety or security, be it private or public.

I also think G4S need to be looked at very carefully: why do the government continue to consider them for these roles? Is someone in government getting kickbacks from this? FFS, when will government corruption ever end?

Locations of visitors to this page


free web stat


%d bloggers like this: