Terminally Incoherent

It’s Halloween so I figured I might as well check out Flickr and see what do people do costume wise this year. All of the photos here were publicly available, uploaded this year and tagged with “Halloween”. I assigned each costume an arbitrary score based on how cool, geeky, obscure, well made, or original it was. All the scores are absolutely subjective, and biased.

Btw, one star does not mean bad. It means that for some reason your costume is cool enough to warrant my attention. If you get 5 stars, you are just plain friken awesome!

Oh, and I don’t know any of these people in the pictures unless stated otherwise.

Since there will be about a gazillion pictures in this post, I’m only displaying this introduction on the front page. Read rest inside.

(more…)

It seems that voters casting early ballots using the Diebold machines in Florida already have reported persistent bugs and glitches preventing them from casting their votes correctly. Apparently most of the faulty machines would assign the votes cast for Democratic candidates to Republicans:

Mauricio Raponi wanted to vote for Democrats across the board at the Lemon City Library in Miami on Thursday. But each time he hit the button next to the candidate, the Republican choice showed up. Raponi, 53, persevered until the machine worked. Then he alerted a poll worker.

Heh… How convenient. But you know what is really scary? This is apparently a very common issue, and the poll workers are actually expected recalibrate these machines on the spot to realign the screen and correct these issues:

Broward Supervisor of Elections spokeswoman Mary Cooney said it’s not uncommon for screens on heavily used machines to slip out of sync, making votes register incorrectly. Poll workers are trained to recalibrate them on the spot — essentially, to realign the video screen with the electronics inside. The 15-step process is outlined in the poll-workers manual.

So let me get this straight. The Diebold machines are so unreliable that their touch screens go out of sync all the time, registering the wrong votes. The poll workers are expected to frequently reboot and recalibrate them when the voters complain… But how many voters will notice these glitches? How many will bother to stick around and wait while the machine is calibrated? These machines are crap! Why the fuck do people insist on using them?

Besides, you don’t have to be a conspiracy theorist to notice that this flaw could be abused. After all, if you want to install a stealth vote stealing program on one of these machines you simply need to insert a specially prepared memory card into the slot on the side of the machine and reboot. Loading malicious patch takes 20-30 seconds tops, not counting the time to open the lock protecting the card interface. Of course we now know that the key used in Diebold machines is a standard office furniture key design used in mini-bars and desk drawers. You can buy Diebold compatibile keys on ebay or from your local office furniture store.

So, in order to rig a machine a poll worker simply needs to “notice” that the screen sync is out of whack, and then simply slip a card carrying a vote stealing code into the machine using a key purchased on ebay, and reboot while pretending to do the calibration steps.

Logistically speaking, rigging elections in Diebold districts is easier than ever. It is relatively hard to loose or destroy hundreds of paper ballots without anyone finding out about it. It is extremely easy to do the same with electronic votes, provided that you can prepare a vote stealing patch similar to the one Ed Felten and the Princeton crew developed during their testing projects.

In other words, if you live in a Diebold district, cast an absentee vote instead of using the machine, just to be on the safe side…

These two short sentences summarize the great potential as well as massive legal confusion surrounding online media:

The big media companies shouldn’t worry that people will post their copyrighted material on YouTube. They should worry that people will post their own stuff on YouTube, and audiences will watch that instead.

Go read Paul Graham’s Power of the Marginal essay for more. I found this quote via Paul Gościcki’s blog and I knew I just had to steal it.

It always amazes me when companies waste money and resources to have all the 3 minute clips of their shows removed from Youtube and similar websites. It seems counter intuitive… The same network that mercilessly hunts down short user uploaded clips on video sites is willing to pay thousands of dollars to air a very similar teaser clips on other networks as part of their promotions. Where is the logic here?

Big media totally underestimate the power of viral advertising. Yes, Snakes on the Plane flopped at the box office but this was simply due to the fact that the movie itself sucked big time. But no other movie in the history of cinema has generated so much hype.

YouTube and similar sites are the places you go to get free hype and viral advertising! A simultaneous digg, slashdot, boingboing and fark front page appearance, combined with links from multiple A bloggers can get your message to more people than a multi million dollar advertising campaign.

Comedy Central aired Shaun of the Dead the other day. Since I didn’t see it when it first came out, I decided to check it out. There should be no spoilers in the review below - I will try to make this into a rule from now on. Review will go into the hReview box, and the spoilage and commentary will go into the main post body below the rating.

Yes, I do dock a full star for deus ex machina. It is a piss poor plot mechanic, and writers should be punished for using it. But it is a damn good movie too, so go watch it. Comedy Central will probably rerun it several more times in the next few weeks.

I can’t believe I totally missed this. It appears that last week Adobe finally released a Flash Player 9 for linux! You can get it from Adobe Labs download page.

You won’t believe how many times I was locked out of certain web content because I only had the Flash Player 7 plugin.

This is wicked cool!

This is possibly the scariest thing that you will read this Halloween: Bush just signed a provision which will remove any limits over military involvement in domestic law enforcement effectively allowing him to declare martial law at any time and for any reason.

In a stealth maneuver, President Bush has signed into law a provision which (…) will actually encourage the President to declare federal martial law. It does so by revising the Insurrection Act, a set of laws that limits the President’s ability to deploy troops within the United States. The Insurrection Act (10 U.S.C.331 -335) has historically, along with the Posse Comitatus Act (18 U.S.C.1385), helped to enforce strict prohibitions on military involvement in domestic law enforcement. With one cloaked swipe of his pen, Bush is seeking to undo those prohibitions.

Step by step we are getting closer and closer to becoming a totalitarian fascist state. We really need to get these idiots out of the government. Come on people - vote Democrat. Elect some people who can start fixing up this mess. Stop this descent into madness now.

Oh, and if your district is using diebold machines just do the absentee ballot instead - the machines in swing states are bound to be rigged. After all it only takes 20-30 seconds to flash the firmware of that thing.

This is a most awesome Lego creation I have seen in my life!

found on the internets; author unknown

I wonder if it is up to scale. I would figure that it would be a little bigger than a standard dread.

Btw, if you have any idea who made this can you please post a link to the original source in the comments? I would love to give the creator of this thing all the credit he deserves.

User Friendly comic shows us how to defeat Apple’s DRM scheme using a high-tech toolkit:

img © User Friendly; click to see the original

It’s funny because it’s true. The thing about DRM is that it can never be effective. If you can listen to it or watch it, you can copy it. The only way you can circumvent this is by implanting everyone with encryption chips and pipe the data directly into their brains… And even then, someone is bound to invent a device that will collect the signal based on your electromagnetic brain activity when it leaves the chip. DRM will never, ever work. No matter how effective and hard to break you make it - at some point you must transmit the data in plaintext - otherwise we can’t watch or hear it. And that’s where we can collect it and copy it.

Here is a story for you:

1. In 2003 a security researcher Bruce Sheiner pointed out that the anyone can print a fake boarding pass at home
2. In February of 2005 the Slate magazine published an article describing the same security problem in detail
3. In April of 2006, NY Senator Charles E. Shumer mentioned these security issues on his website and sent multiple letters about the issue to TSA.
4. In October of this year, Christopher Soghoian a PHD student at Indiana U created a web application allowing people to print fake passes directly from his website
5. Finally, after 3 years someone in the government notices the issue. Congressman Edward Markey totally freaks out and… demands that Christopher Soghoian to be immediately arrested.
6. Today, FBI paid Christopher a visit and politely told him to take down his site.
7. Boarding passes remain insecure…

Apparently, Christopher was not labeled an enemy combatant, and he was not sent to a secret torture prison without a sentence. But he came very close to it. The next person who implements an application that exploits known vulnerabilities in the airport security systems may not be so lucky.

Can someone explain to me how in the hell did we manage to make airline travel 90% less convenient in the last few years, but we haven’t fixed the most fundamental, rudimentary security issues that have been publicaly known since 2003?

The sad part here is that if Christopher’s app would not end up on the front page of digg, slashdot and boingboing and in the wired magazine no one would care about this. The only reason anything has been done is because some jackass in congress felt embarrassed that the story of the gigantic failure to secure our airports is making rounds in the tech news networks.

The response to the problem is also a classic - punish the security researcher, make his findings inaccessible to general public and then just hope that no other programmer in the world can figure out how to exploit the same vulnerability.

With an attitude like that, we will never have good airport security.

Update Sun Oct 29 22:14:53 EST 2006 → apparently FBI busted Christoper’s door in the dead of the night, ransacked his house, confiscated all his computers and other personal belongings. This is after he took down the website, and was interrogated. This sucks. Sigh…

tags: security, airports, flying, boarding pass, fbi, stupid, government, tsa, politics

It appears that YouTube is getting worse, and worse. Apparently they have started bulk deleting clips of Comedy Central shows such as The Daily Show, Colbert Report and South Park. Heh… Maybe they got scared when Colbert said they owe him $700 mill.

Strangely enough I can still find many working Colbert videos, but most of John Stewart vids are dead.

This just plain sucks. And it is a huge disservice to Steward and Colbert who’se popularity stems largely to huge internet following they have. YouTube drives in more for these two shows than any other source and both comedians admitted it. At many occasions they claimed that they did not mind short video clips from their shows being posted online.

But then again John and Steven most likely do not own copyrights to their own stuff - their studio does, and it probably decided to send DMCA lawyergrams as a part of some sort of collective “let’s screw google” initiative.

I wonder how long will it take for the YouTube community to rebuild these collections…