<![CDATA[Toast442.org]]> http://www.toast442.org http://blogs.law.harvard.edu/tech/rss jasonk@toast442.org © Toast442.org Fri, 29 Dec 2006 16:26:45 -0700 Fri, 29 Dec 2006 16:26:48 -0700 iBlog 1.4.5 <![CDATA[Update your feeds! ]]> http://www.toast442.org/C333223631/E20061229162635/index.html The RSS file has moved. I've updated the blog software to Wordpress, and the RSS URL has (out of necessity) changed to:

http://www.toast442.org/feed

If you're reading this, you've still got the old one.  ]]> Fri, 29 Dec 2006 16:26:35 -0700 http://www.toast442.org/C333223631/E20061229162635/index.html <![CDATA[Complete works of Darwin online ]]> http://www.toast442.org/C236517467/E20061020123621/index.html Charles Darwin using his laptop
The complete works of Charles Darwin have been posted by University of Cambridge for your free perusal. The cool thing about this is that it isn't just in plain old text format. You can also choose to view the text along side a scan of one of the original published books. They've got the text to multiple editions of The Origin of Species , The Descent of Man, and even his field notebooks from the Beagle voyage.

Good stuff here. They also state that only about 50% of the material has been published, and are promising to get everything on the site by 2009. 
]]> Fri, 20 Oct 2006 12:36:21 -0600 http://www.toast442.org/C236517467/E20061020123621/index.html <![CDATA[Roomba monkey ]]> http://www.toast442.org/C333223631/E20061015212756/index.html Check out this über-creepy monkey head mounted on a Roomba. I'm going to have nightmares for a week.

Link   ]]> Sun, 15 Oct 2006 21:27:56 -0600 http://www.toast442.org/C333223631/E20061015212756/index.html <![CDATA[Hosting sucks... ]]> http://www.toast442.org/C333223631/E20060927003652/index.html Is this thing on ... I hate switching providers - everything breaks for a bit. If this makes it up there, I'll be super surpsrised.

Update: Well slap me silly - it appears everything is back to normal. OK I admit - it was easier than I thought.  ]]> Wed, 27 Sep 2006 00:36:52 -0600 http://www.toast442.org/C333223631/E20060927003652/index.html <![CDATA[ISP data retention laws ]]> http://www.toast442.org/C662738431/E20060920103500/index.html This would suck. The powers that be are agitating for new data retention laws that would force ISPs to keep track of just about everything you do online and hold that info for years. Imagine - every instant message or email you sent could have it's destination and source logged for use by law enforcement. Any web site you visit or file you download - logged.

This means that at any point in the future, your online activities could be dredged up examined for any purpose or any cause that may be unpopular at the moment. Not to mention that your records are kept by companies who have a less than stellar track record for keeping things like that private. Hell, with info like that being stored, you can be sure that information will leak like a sieve.

Right now these companies keep some of this info, with varying amounts of enthusiasm and effectiveness, so don't think you're immune right now. However, you're free to choose a provider who keeps nothing at all or use anonymizer services. In the future this may not be an option. Even now, having and using privacy tools is extremely important, even for everyday activities.

Check out:

Tor, (A relatively easy-to-use network anonymizer)

Privoxy (included with the complete Tor distribution, helps keep private data from being sent to every web site you visit. Also includes a nice ad-blocking setup as a bonus.)

Firefox with some nice plugins, specifically NoScript, FoxyProxy, SafeCache, and SafeHistory

Learn to use them and use them often. Little brother may be watching.  ]]> Wed, 20 Sep 2006 10:35:00 -0600 http://www.toast442.org/C662738431/E20060920103500/index.html <![CDATA[Zune won't play your purchased music ]]> http://www.toast442.org/C662738431/E20060915145835/index.html I can't even believe that this is true, but here is is, straight from the horse's mouth:
Plays for Sure: Zune isn’t “Plays for Sure” compatible and the DRM-protected music from PFS services likely won’t play without the usual burn to CD workaround. Lee’s explanation: PFS was established to make sure non-integrated players and services were compatible; because Zune is an integrated environment, it doesn’t need PFS. Lee: “We wanted an integrated experience from the beginning. … Our focus is on giving the user one great experience.”
You read that right - Microsoft is not going to allow their new Zune music player to use content purchased from stores supporting their own "Plays for Sure" technology. Again: IT WON'T PLAY CONTENT FROM STORES USING THEIR OWN FORMAT. WTF?

Apparently they're going for the ultra-niche market of those people who haven't yet bought a digital music player. Sure as hell won't be people who have any investment in music they've purchased from their own music partners...

I would be pissed if I was Napster or Rhapsody or any of those other music store also-rans. This thing has the potential to just bury them. Their own partner has basically just dumped them for a new platform and not letting anyone else play. Suckers.

They're trying to pull an Apple marketing move here and actually make a good end-to-end solution for music - but since when has Microsoft *EVER* been able to do that? They've already screwed their customers once with "Plays for Sure," are you really going to trust them with your music purchases again?
  ]]> Fri, 15 Sep 2006 14:58:35 -0600 http://www.toast442.org/C662738431/E20060915145835/index.html <![CDATA[Daily Kos put to sleep... ]]> http://www.toast442.org/C333223631/E20060830160140/index.html Daily Kos used to be my favorite place to get fairly solid reporting on political news. Yes, the thing is ridiculously skewed toward the liberal side of the fence and I tend to fence-sit, but the overall news gathering and digging really stood out with good links to source material and whatnot.

However, there's been a downward trend toward inanity there, which finally pushed me over the edge today. The straw that broke the camel's back was this one where there's an entire article and 300+ comments devoted to proving once and for all that the idiot Lieberman's new campaign ad shows a sunset ("a metaphor for the end of his senate career?") instead of the obviously intended sunrise.

They've got someone digging up the original source material from Getty and lengthly, apparently serious, discussions of such important issues as:

1. This can't be a sunrise because only sunsets cause red sky glow

2. Where this picture was taken couldn't be a sunrise because the beach faces the wrong way

3. The found original source isn't really the right one, there's a slightly different one that is a better fit

4. Much mirth at Lieberman's campaign manager who initially insisted that it was, indeed, a sunrise.

This goes on and on. As I read, I realized that these people were completely out of it. This is but one example of the idiocy that now typifies any given day at dkos. I can't take it any more. The bad outweighs the good and it's too time consuming to sort through the crap there.

Buh bye.  ]]> Wed, 30 Aug 2006 16:01:40 -0600 http://www.toast442.org/C333223631/E20060830160140/index.html <![CDATA[PGP Appears to Suck ]]> http://www.toast442.org/C1457933734/E20060720092120/index.html Well, it's official. It looks like newer versions of PGP are just going to suck and there's nothing you can do about it. Their ridiculous new email (sorry - messaging) system is here to stay. The official word from a posting by Earle Lowe, a Dev Manager at PGP from June 11, 2006:
Obviously there is a philosophical (and fundemental) disagreement about the nature of email encryption. The current technology was felt as clearly the best path forward for PGP as a software product. It solves numerous issues with integrating into the various email applications that people want to use. It supports PGP/MIME. It supports centralized policy management. It enables a much simpler experience for the user (we have not yet achieved this obviously). The list continues.

The way you want PGP to work where you actually see the ciphertext was and continues to be simply not possible in any number of email clients. The old architecture was neither maintainable nor extensable. As an example, Outlook Express, for all its obvious faults is a popular email client. Prior to PGP 9, the PGP rip-in for this email client was a significant amount of tricky code requiring substantial developer expertise (and was prone to break frequently - particularly with MS updates). PGP 9, on the other hand, has zero specialized code to handle Outlook Express.
OK - I can completely understand the problems with keeping up with email clients. It's a pain in the butt. But removing security so it's easier for the end user? What a dumb statement. Why not just remove all encryption from the product? That will make it even easier. In fact, this is basically what they have now anyhow.

Their craptastic "easy to use" messaging proxy defaults to settings so you don't have to change anything in your email client to make it work. Seems like a convenient feature. All emails could be encrypted/signed on their way out. Except if the proxy ever fails, that email you just sent doesn't get encrypted - it just gets sent because your mail client doesn't know the difference. It just uses the same old settings it always did. This failure mode is completely unacceptable. I can't even believe they offer this as an option. Dumber than hell.

The really screwed up part about this is that their proxy does fail for non-obvious reasons, mostly because it's a pain in the ass to set up and get working properly, even with their auto detection running. In my case, emails from one account went out signed, another didn't - all because my SMTP port wasn't something they were expecting and were trapping (and there is no way to change this either, apparently.)

My advice? Don't even think to use this hunk of junk for email on the Mac (or anywhere else for that matter.) It's not worth it. Stick to using GPG. It actually does the right thing, despite lacking the nice key management front end. I didn't even test anything else in their software. What other crap doesn't work or is broken in non-obvious ways?

I feel sorry for all those n00bs out there running this crap and thinking they are secure in any way.

Update: I posted to their forums about these concerns. Despite tons of "views" no one has answered. Based on the posts they actually answer on their forums, it looks like their target market has changed to be those customers who think running something called "PGP" magically makes them secure.
  ]]> Thu, 20 Jul 2006 09:21:20 -0600 http://www.toast442.org/C1457933734/E20060720092120/index.html <![CDATA[PGP For Intel Macs ]]> http://www.toast442.org/C1457933734/E20060719133032/index.html PGP just released a beta version of PGP 9.5 that has universal binary support. I used to use PGP back in the day on Windows, but didn't really keep up with it, eventually moving on to GnuPG for my encryption needs. However, after seeing the note about this new release, I thought I'd give them another shot. I always loved their nice key management (something GnuPG doesn't have a great front end for at the moment.)

I was browsing through their user's manual while downloading, and came across a paragraph titled "Memory Static Ion Migration Protection" in the "Special Security Precautions Taken by PGP Desktop " section. This thing goes on about how an attacker could theoretically retrieve key or passphrase information from your machines memory - after it's already been turned off - by reading the static charge left over from memory that has had the same information stored for long periods. This is some deep stuff here, and they go on about how they help to protect you against this remotest of possibilities. Cool stuff.

So the download finishes, and I install the thing, import my keys from GnuGP, and go to send an email, and realize that they've done away with the plugin model for mail, instead relying on a network proxy that intercepts mail and encrypts and decrypts it automatically, based on rules you set up. This works similarly to their Universal Server product. So now Mail.app (and any other mail client) sends mail to the proxy, where PGP will encrypt it. On the other side of things, incoming encrypted mail is automagically decrypted and then handed to the email client. Works OK (though with some pain trying to get everything set right.)

Then I realized that all the encrypted and signed email that I'd be receiving, would now be stored in PLAINTEXT in my freaking email folders, on a public IMAP server. In addition, there doesn't even seem to be a way to turn this off or any alternate mechanism aside from not using the email proxy portion of the product. This breaks about 90% of the functionality that I use PGP for.

Without storing the encrypted/signed version of incoming mail, I can no longer guarantee that someone hasn't messed with it on the server. All that's left is some text pasted at the top of the mail that says it was signed and verified at some point. No indication of what that may have been, of course. At that point, someone could just as easily change the contents to whatever they like, completely bypassing any security that at one time existed.

This also goes for sent mail - it's no longer stored in your sent folder encrypted - it's sitting there in plaintext too. Still worse, there's no indication of what you did to the email when you sent it. Did I encrypt it? Sign it? Who knows now - that information is gone now that we're not storing the encrypted/signed copy of the message.

And still worse, someone could easily - MUCH TOO EASILY - forge a message that now looks like it's been verified by the proxy, when it has, in fact, done no such thing.

They do still have a legacy mail plugin that permits decryption of older emails that you may have received and didn't pass through the digestive tract of their new product. But get this - on the message boards someone was complaining that the plugin didn't successfully decrypt messages from certain people. The response? "Oh, that plugin only works with some message types. Use the proxy."

What a junker.

Yes, they protect you from some arcane attack that requires an electron microscope and a clean room to make work, but they'll happily decrypt and store your email in the most unsafe way possible. What in the world were they thinking? This isn't even limited to the new Mac product apparently - this is an across the board product line change that screws everyone.  ]]> Wed, 19 Jul 2006 13:30:32 -0600 http://www.toast442.org/C1457933734/E20060719133032/index.html <![CDATA[Free SubEthaEdit Licenses? ]]> http://www.toast442.org/C1457933734/E20060425153512/index.html Well, maybe - in any case, they're cheaper than the normal $30. BLOGZOT 2.0 on MacZOT.com has SubEthaEdit from CodingMonkeys up as their subject for today. The price basically keeps dropping by a nickel each time someone blogs about it (like this!) or until 3000 copies are sold. If it gets to be free, so much the better! All the bloggers get theirs at no cost. Boo-ya. This amounts to MacZot and the Coding Monkeys giving away $105,000 in free software.

If you're not familiar with SubEthaEdit you're really missing out. It's got the best collaborative writing system in existence, as well as being just a plain nice editor. If you've never taken conference notes with five other people doing the same in the same document, you haven't lived.

Check it out and get yours for cheap.
  ]]> Tue, 25 Apr 2006 15:35:12 -0600 http://www.toast442.org/C1457933734/E20060425153512/index.html <![CDATA[New MacBook Pro ]]> http://www.toast442.org/C1457933734/E20060411114724/index.html I've now fully converted to running everything on my new MacBook Pro. A few points:

1. Rosetta RULES: I can't believe how seamless and fast it is. I can run Quake 3 (ok, not the most recent thing, but still!) full screen with all options turned on, and I can't tell the difference from my 1.67 G4 PB. I want to run some FPS benchmarks to see what kind of penalty I'm getting.

2. World of Warcraft: 80 FPS with most graphics options turned on. Enough said.

3. You need 2GB of RAM. Period. Don't even think of running without it.

More in the coming days.  ]]> Tue, 11 Apr 2006 11:47:24 -0600 http://www.toast442.org/C1457933734/E20060411114724/index.html <![CDATA[Hey Nutjobs: You Lose ]]> http://www.toast442.org/C236517467/E20051220120404/index.html It's a nice Christmas gift! The judge in the Pennsylvania intelligent design trial has ruled today and said:

... (Wait for it) ...

That ID isn't science, can't divorce itself from it's creationist and religious roots, and hence, cannot be taught in science classes in PA. Expect the counter suits to begin any day now, as well as Pat Robertson to call for the death of the judge, lawyers, and any "science types" in Pennsylvania.

Can we put this behind us now, please? Keep your fairy tales out of the science classroom. That is all.

Link to CNN article.  ]]> Tue, 20 Dec 2005 12:04:04 -0700 http://www.toast442.org/C236517467/E20051220120404/index.html <![CDATA[Whales are fish, right? ]]> http://www.toast442.org/C236517467/E20051213112042/index.html This was too funny not to post. Google News picks up these little editorials and letters from small papers around the country with the keywords evolution, intelligent design, etc. Most of these are unintelligible and completely forgettable. But every once in a while, you get something like the following:
Another convincing proof is the fact that there are similarities between species, which would be expected if they were all designed by the same Designer. If evolution is the great unifying principle in biology, why don't we see the evolution of species today? (The sort of massive change that would be necessary for Darwinism to be true. Imagine. Mammals becoming whales, reptiles becoming birds, etc.) In the absence of such evidence, the proof is strong that one intelligent designer is responsible for whatever similarities exist in nature.
Imagine! WHALES BECOMING MAMMALS! Man, if that ever happened, evolution would have just have to be true. But since they're, like, fish, or something, there must be a designer.  ]]> Tue, 13 Dec 2005 11:20:42 -0700 http://www.toast442.org/C236517467/E20051213112042/index.html <![CDATA[Buttars at it again ]]> http://www.toast442.org/C236517467/E20051117161132/index.html State Senator Chris "I'm not from South Park" Buttars is again in the news with yet another misguided attempt to shove intelligent design down the throats of educators and students alike. That's right - if you don't like science, just pass a bill to legislate the truth out of existence.

This guy is just setting up the state for a ridiculous number of lawsuits costing millions of dollars. I can't seriously believe that someone in this day and age can be so willfully ignorant that he spends his time in office not helping his constituency, but actively working to destroy children's educations.

Like Kansas, soon Utah will become the laughing stock of university admissions boards everywhere.

Keep up the good work Chris! Legislating science worked so well in Russia, it's bound to do the same for us!!  ]]> Thu, 17 Nov 2005 16:11:32 -0700 http://www.toast442.org/C236517467/E20051117161132/index.html <![CDATA[Email Priorities ]]> http://www.toast442.org/C662738431/E20051117124518/index.html OK, when did this start and how can we stop it? NEARLY EVERY FREAKING EMAIL I GET now has the little "high priority" thing set. Doesn't matter if they're asking about the weather or if it's a pardon from governor for that prisoner being executed. Almost all mail is being sent with this flag on. I've turned off the icons in my client that highlight the apparently ultra-urgent "LOL, YOULL LOVE THIS JOKE, LOL :-)" I get from "friends" or cow-orkers.

Seriously, did some new Outlook version get deployed which allows this to be defaulted to High for all mail? And who the hell are these jerks kidding that they think everything they send needs immediate attention? If you need immediate action, pick up the damn phone. Otherwise, it's probably going to sit in my inbox for a while until I get enough cycles to deal with it.

Look, emails get delayed, lost, folded, spindled, and occasionally mutilated. It's not a 100% reliable form of communication. If it really is important, email should only be a backup for a phone call. So DROP THE OVERUSE OF HIGH PRIORITY MAIL. It sucks, and if you continue to abuse it, you'll suck too. It's already been rendered useless for me, so just DROP IT.  ]]> Thu, 17 Nov 2005 12:45:18 -0700 http://www.toast442.org/C662738431/E20051117124518/index.html