Category Archives: Security

History, Poetry, Security

The Least You Can Feel

Leave a comment

John Stewart has a fine news report on the latest mood swings of the American President, coupled with a flashy new public service announcement theme for Bush called “The Least You Can Feel”. The announcement that started the report was:

Nobody likes to see innocent people die.

Incidentally, I was doing some research on the Library of Congress site and happened to take a look in their online store. I was a bit surprised to find that they sell a fancy “Bombers Tie“:

Handsome red and black tie features famous fighter planes of World War II: the B-17 Flying Fortress, B-25 Mitchell, and, of course, the workhorse of the European Campaign, the 4-engine B-17 bomber. Pure silk, hand-finished.

Of all the things the Library of Congress could offer the public to remember the price of past conflicts or to commemorate the service of soldiers, does it have to be a blood-red necktie with silhouettes of bombers? Could this have something to do with a new “hey, innocent people die” sense of fashion on the hill?

Seems like a hint of a “war is hell, get over it” mentality. Speaking of which, when you check out the official “Today in History” page it appears that the LOC is dominated by a list of war and battle stories, along with the impact of war on civilians. Take August 23 for example, which has an entire page dedicated to Farragut’s battle in the Civil War. Compare this rather pointed view with the Wikipedia offering, or the BBC, or the New York Times, all providing a rich list of social and economic events for the same day. And if you really want to see stark contrast from the American style of “which military event happened today” public record, take a look at the Canadian version:

1941 England – William Lyon Mackenzie King 1874-1950 booed by restless Canadian troops in England when he makes a speech; most have been in England for a year without seeing action.

Quite different, eh? On this day troops were upset because they saw a lack of action, or “crew from Saint John defeat Renfrew crew from England in a rowing race”; things in history to feel good, or less bad, about.

Maybe my sample size is too small. I think I’ll go back to reading their archive of poetry now and wonder how to get a good sample from soldiers and civilians, or someone who can really feel and relate the horrors of conflict. Until then, here’s yet another “life goes on” vision of war from their 180 collection for high school students…

Security

Salon’s Six States Story

Leave a comment

Salon has an interesting article on the methods used by some to control citizens’ identity and their voting systems in order to influence elections in America:

Under a draconian new Arizona law that supposedly targets illegal immigrants, she needs proof of citizenship and a state-issued driver’s license or photo I.D. to register. […] She’s unable to overcome the hurdles thrown in her way — and in the way of as many as 500,000 other Arizona residents — by the state’s Republican politicians.

Security

Recent IE patch leads to buffer overflow

Leave a comment

eEye has reported that the August 8th cumulative patch for Internet Explorer 6 SP1 (MS06-042) actually creates another serious exploit vector on Windows 2000 and Windows XP SP1:

This information is already known in various research circles and also with exploit writers. So it is important that IT administrators understand the true threat of this problem that this is not simply a crashing bug as Microsoft has been incorrectly misrepresenting it but in fact that it is an exploitable security bug. Researchers and exploit developers know this, therefore it is extremely important that IT administrators are told what really is going on.

The current recommendation is a workaround for Windows 2000 (disable HTTP 1.1) and to upgrade Windows XP to SP2. Although if you are not on SP2 by now already, you also probably want to check out the workaround.

Security

Stupid Security Awards

Leave a comment

This is kind of funny and sad at the same time:

A civil rights organisation wants to hear examples of security measures that are so ill-advised, impotent or irritating that they should be named and shamed.

Privacy International (PI) announced on Monday that it is holding the “Stupid Security Awards” in an attempt to highlight the absurdities of the security industry.

I guess the positive aspect of this is that it brings security into a sphere of communication and discussion that could lead to improvements, if improvements are really the desired outcome. I worry that the trade-offs will not be discussed in a fair light, since it could easily become a “we hate helmets and we’re louder than you so repeal the law now” festival.

Does it count if you are in the security industry and create an ill-advised measure just to win the award? That would be sooo fitting if someone were to game a system meant to highlight stupidity in security measures.