Recently in News Category
Basically, an attacker can grab 64K of memory from a server. The attack leaves no trace, and can be done multiple times to grab a different random 64K of memory. This means that anything in memory -- SSL private keys, user keys, anything -- is vulnerable. And you have to assume that it is all compromised. All of it.
"Catastrophic" is the right word. On the scale of 1 to 10, this is an 11.
Half a million sites are vulnerable, including my own. Test your vulnerability here.
The bug has been patched. After you patch your systems, you have to get a new public/private key pair, update your SSL certificate, and then change every password that could potentially be affected.
At this point, the probability is close to one that every target has had its private keys extracted by multiple intelligence agencies. The real question is whether or not someone deliberately inserted this bug into OpenSSL, and has had two years of unfettered access to everything. My guess is accident, but I have no proof.
I strongly recommend creating a new unique password for each of your accounts. Yes, this is a headache, but LastPass will make it a lot easier.
This story by Dan Balz and Scott Clement about some midterm election poll results makes several errors in discussing some results as causes rather than effects. I believe this confusion of cause and effect is a result of the tendency for political reporters to view elections as sporting events, but a historical voting trend is very different from a batting average.
The first example is in the second paragraph:
Midterm elections generally favor the party that does not hold the White House, which gives the GOP a head start this year.
It is true that the party that doesn't hold the White House generally does better in midterm elections, especially if the President is in his second term. However, this historical fact doesn't "give the GOP a head start". The GOP's projected advantage lines up with this historical trend, but isn't caused by it. Both the historical trend and the GOP's projected advantage in 2014 are effects with common causes: inevitable dissatisfaction with whoever has been running the country recently.
In the next example, I will bold the confusion:
The poll shows broad dissatisfaction with Washington politicians. Just 22 percent say they are inclined to reelect their representatives in Congress. Almost seven in 10 Americans (68 percent) say they are inclined to look around for someone new this fall, the highest percentage recorded in a Post-ABC poll.
That does not mean the fall elections will mean defeat for significant numbers of House members, given the high reelection rates for incumbents and the polarized voting patterns of recent years.
As in the first example, high reelection rates for incumbents is a historical trend that is likely to continue in 2014, but the trend doesn't cause itself. The trend is an effect of "polarized voting patterns" as well as the human tendency to stick with "the devil you know".
With President Obama and Congress at loggerheads on major issues and little prospect for legislative action on major initiatives, the president's approval ratings have shown little change since earlier this year.
Here, it's not entirely clear if the authors are implying a cause-and-effect, or which way it's going. By my observation, it appears that the more President Obama "achieves" the less popular he becomes. That lowered popularity is partly the cause of the lack of legislative action, not the effect of it. If Obama were widely popular, he would have more success pressuring Congress.
All but about two-dozen House districts are occupied by someone from the same party as the presidential candidate who carried the district in 2012, which makes it harder for the opposing party to pick them off.
The fact that all but two-dozen House districts voted for a Presidential candidate of the same party as the Representative they elected doesn't "make" it harder to pick the Representative off. That the prior election and the upcoming election are likely to have similar outcomes is an effect of the voting preferences of the district.
Historical voting patterns are not like batting averages, and trends do not self-perpetuate in a causal fashion. Voting instances are reflections of underlying beliefs at a point in time.
So net neutrality is over, at least for now. What is net neutrality anyway? It's simple to explain, but the implications are murky. Short explanation: net neutrality means that your internet service provider has to treat all your internet data the same. ISPs can't throttle some kinds of data, or charge you extra for other data, or block data from competitors.
On the surface net neutrality sounds good, right? However, it also prevents ISPs from experimenting with new business models and pricing structures. For example, at peak times Netflix accounts for something like 30% of internet traffic in America. Netflix makes a ton of money from this, but they don't pay anything for the bandwidth. ISP subscribers pay for all that capacity as a part of their monthly service fees. This is fine if you use Netflix, but if you don't (as I don't) then you're paying for someone else's Netflix bandwidth. Why shouldn't Netflix kick in some money to pay for the bandwidth their subscribers are using?
Ok, so now you're convinced that net neutrality is bad! Those big internet content companies should pay for the bandwidth they use! Right?
Well, what happens when your ISP signs a contract with Netflix? Netflix pays some money to your ISP to get super-fast data to your livingroom during peak TV-watching hours, and maybe your internet bill goes down. However, Amazon doesn't want to pay for access, or maybe they're just outbid by Netflix. So if you prefer Amazon Prime's movie selection to Netflix, you either can't get it at all or your bandwidth is throttled. Lame! (Not to mention start-up companies that won't be able to afford to buy access.)
It's not really clear if net neutrality is all-good, but the internet has managed to thrive with the philosophy in place. I can understand some theoretical advantages to removing net neutrality, but considering how good things have been for the past 20 years I'm not willing to take the risk.
Here's an Orwellian use of the word "demand". Does Sebelius remember that the law requires people to buy this product? The "demand" is entirely on the government side.
"The numbers show that there is a very strong national demand for affordable healthcare made possible by the Affordable Care Act," said U.S. Health and Human Services Secretary Kathleen Sebelius.
79% of Obamacare enrollees are received subsidies from taxpayers. I hope that's not sustainable.
Most of the people who bought coverage on the exchanges this fall got subsidies to help them afford the premiums. That's in contrast to the first month of the program, when less than one-third of buyers were subsidized. People earning up to four times the poverty rate--as much as $96,000 a year for a family of four--can get help buying coverage.
It should be obvious that the proposal to erect a statue of Satan for the Oklahoma Capitol isn't really about Satan.
I'll venture a guess and say that 99% of "Satanists" don't believe in Satan. The purpose here isn't to honor a real set of beliefs but simply to mock Christians. This is pretty pathetic, because American Christians are generally peaceable and tolerant. If the Satanists really want to be edgy they should try this in any other the capitol in any other country in the world and see what happens.
At the risk of inciting mockery from my intellectual superiors, Satan is very real and is actively working to subvert and destroy humanity. The Bible describes him this way:
1 Peter 5:8 "Be sober-minded; be watchful. Your adversary the devil prowls around like a roaring lion, seeking someone to devour."
I don't believe it's worthwhile to spend a lot of time talking about Satan. He will ultimately be defeated and is God's to deal with.
"The monument has been designed to reflect the views of Satanists in Oklahoma City and beyond," said Lucien Greaves, a spokesman for the group, in a statement reported by the AP. "The statue will also have a functional purpose as a chair where people of all ages may sit on the lap of Satan for inspiration and contemplation."
The group is based in New York, but says it's not fair for Oklahoma lawmakers to let a Ten Commandments statue stand at the building, without also allowing monuments that reflect other spiritual beliefs, The Associated Press reported. The Ten Commandments statue was privately funded. The American Civil Liberties Union sued to have it removed shortly after it was place, AP reported.
And the Satanic Temple isn't the only group seeking equal access to the site.
The AP reported that a Hindu head in Nevada wants to put a monument at the Capitol, along with an animal rights group and the -- satirical -- Church of the Flying Spaghetti Monster. In response, the Oklahoma Capitol Preservation Commission has put a moratorium on deciding new requests.
A great sign for liberty: more Illinoisans want guns than want Obamacare. An armed citizen is a free citizen.
Illinois State Police spokeswoman Monique Bond said that number is included in Sunday's total of more than 11,000 people who have signed up because of an early application process that began December 18 and was open to only firearm instructors. Officials told the Sun-Times they expect 350,000 to 400,000 people (about 1,000 per day) will sign up for conceal carry firearm permits this year. ...
In contrast, the number of Illinois residents going to healthcare.gov over a two-month period and enrolling in Obamacare is currently on a slower pace than those looking to become conceal carry permit holders. Only 7,043 Illinoisans were enrolled in Obamacare plans two months after the website's launch, the Chicago Tribune reported in December.
Additionally, reports say that in the same month, Illinois officials told 30,000 residents who applied at healthcare.gov to re-do their applications, as applicants were denied private coverage and the government mistakenly referred them to Medicaid. The issue has yet to be resolved.
I hope you and yours are having an awesome 2014 already. Blogging has been light, but has anyone been reading now anyway? It's nice to take some time away from the computer.
Onyango Obama has been granted legal residency, which is perfectly routine except for the fact that he's President Obama's uncle. In 2011 the President said that he and his uncle had never met. This past week the uncle revealed in his immigration hearing that the future-president had lived with him for almost a month and that they were in in periodic contact while Barack was living in Cambridge.
I'm not sure if it's news anymore when President Obama lies.
President Obama acknowledged Thursday that he lived with his Kenyan uncle for a brief period in the 1980s while preparing to attend Harvard Law School, contradicting a statement more than two years ago that the White House had no record of the two ever meeting.
Their relationship came into question Tuesday at the deportation hearing of the president's uncle, Onyango Obama, in Boston immigration court. His uncle had lived in the United States illegally since the 1970s and revealed for the first time in testimony that his famous nephew had stayed at his Cambridge apartment for about three weeks. At the time, Onyango Obama was here illegally and fighting deportation.
On Thursday, a White House official said the press office had not fully researched the relationship between the president and his uncle before telling the Globe in 2011 that it had no record of the two meeting. This time, press office staff members asked the president directly, which they said they had not done in 2011.
According to the poll, 57 percent of millennials disapprove of Obamacare, with 40 percent saying it will worsen their quality of care and a majority believing it will drive up costs. Only 18 percent say Obamacare will improve their care. Among 18-to-29-year-olds currently without health insurance, less than one-third say they're likely to enroll in the Obamacare exchanges.
More than two-thirds of millennials said they heard about the ACA through the media. That's a bad omen for Obamacare, given the intensive coverage of the law's botched rollout. Just one of every four young Americans said they discussed the law with a friend or through social media. Harvard's John Della Volpe, who conducted the poll, said the president has done a poor job explaining the ACA to young Americans.
An unknown quantity of cobalt-60 has been stolen in Mexico. It would be foolish to believe that it wasn't stolen for use in a dirty bomb. A cobalt-60 dirty bomb could be used to prevent access to the release location for years and would be devastating if used to contaminate, e.g., fresh water infrastructure.
Mexico has informed the IAEA's Incident and Emergency Centre (IEC) of the theft of a truck carrying a dangerous radioactive source used in medical treatment.
Mexico's "Comisión Nacional de Seguridad Nuclear y Salvaguardias (CNSNS)" said the truck, which was transporting the cobalt-60 teletherapy source from a hospital in the northern city of Tijuana to a radioactive waste storage centre, was stolen in Tepojaco near Mexico City at around 08:00 UTC on 2 December 2013.
As Obamacare crashes and burns everyone should remember that zero Republicans in Congress voted for it. The Democrats had to use extraordinary measures to push the bill through after Massachusetts elected Republican Scott Brown to the Senate and the Democrats lost their filibuster-proof majority. Republicans have done everything they could for several years to stop Obamacare, so don't blame them for the consequences. As Jammie Wearing Fools tells the Democrats:
You own him, folks. See you next November.
The Obama presidency has been a disaster for America, domestically and around the world. The only good thing to have come from it is that Obamacare has completely trashed the notion of Big Government competency.
And no, Obamacare isn't like Katrina:
I can think of a whole bunch of non-parallels:
1. Bush's political party didn't design and enact Hurricane Katrina.
2. Bush didn't have 5 years to craft his response to the hurricane.
3. Bush didn't have the power to redesign the hurricane as he designed his response to it.
4. The Republican Bush believed he could not simply bully past the Democratic Mayor of New Orleans and the Democratic Governor of Louisiana and impose a federal solution, but the Democrat Obama and his party in Congress aggressively and voluntarily took over an area of policy that might have been left to the states.
5. The media were ready to slam Bush long and hard for everything -- making big scandals out of things that, done by Obama, would have been forgotten a week later (what are the Valerie Plame-level screwups of Obama's?) -- but the media have bent over backwards for years to help make Obama look good and to bury or never even uncover all of his lies and misdeeds.
6. If Bush experienced a disaster like the rollout of Obamacare, the NYT wouldn't use its front page to remind us of something Bill Clinton did that looked bad.
But don't worry, some poll numbers are looking good for America!
The most interesting opinion survey we've seen about the ObamaCare cataclysm is one that's only indirectly about ObamaCare. Gallup asked Americans: "Do you think it is the responsibility of the federal government to make sure all Americans have healthcare coverage, or is that not the responsibility of the federal government?" Only 42% of those surveyed said it is the federal government's responsibility, vs. 56% who said it isn't.
More telling is the trend. Gallup has been asking the question since 2000. "Prior to 2009, a clear majority of Americans consistently had said the government should take responsibility for ensuring that all Americans have healthcare," the firm reports. The proportion answering "yes" peaked in 2006 at 69%--27 points higher than today's number. Then it began declining, to 64% in 2007 and 54% in 2008.
The current 42% is the lowest figure ever recorded, but the percentage answering in the affirmative hasn't risen above 50% since 2009. Remember what happened in 2009?
Mead points out the most astounding and shocking revelation from Obama's Obamacare press conference: the President had no idea that the website wouldn't work. I'm not surprised by this at all. President Obama seems to think that the laws of nature bend to his decree, so why wouldn't a website simply work if he wills it to?
OK. On the website, I was not informed directly that the website would not be working as -- the way it was supposed to. Ha[d] I been informed, I wouldn't be going out saying, boy, this is going to be great. You know, I'm accused of a lot of things, but I don't think I'm stupid enough to go around saying, this is going to be like shopping on Amazon or Travelocity, a week before the website opens, if I thought that it wasn't going to work.
This was eyepopping. Obamacare is the single most important initiative of his presidency. The website rollout was, as the President himself has repeatedly stated, the most important element of the law's debut. Domestically speaking there was no higher priority for the President and his staff than getting this right. And the President is telling the world that a week before the disaster he had no idea how that website was doing.
Reflect on that for a moment. The President of the United States is sitting in the Oval Office day after day. The West Wing is stuffed with high power aides. His political appointees sit atop federal bureaucracies, monitoring the work of the career staff around them. The President has told his core team, over and over, that the health care law and the website rollout are his number one domestic priorities.
And with all this, neither he nor, apparently, anyone in his close circle of aides and advisors knew that the website was a disaster. Vapid, blind, idly flapping their lips; they pushed paper, attended meetings and edited memos as the roof came crashing down. It is one thing to fail; it is much, much worse not to see failure coming. There is no way to construe this as anything but a world class flop.
I just found out that former Intrade CEO John Delaney died on Mt. Everest in 2011 and his body is still entombed in ice neat the summit. I first linked to Intrade on this blog in 2006 and received a nice email from Delaney in response. We exchanged a few emails subsequently. In addition to being a huge loss to his family, Delaney's death is a loss to the world that benefited from his futures market.
So healthcare.gov is 500 million lines of code? That suggests a level of brokenness that cannot be fixed. Here's a great visualization that compares the 500,000,000 lines of code in healthcare.gov with some other substantial codebases.
The Obamacare roll-out has been a disaster of epic proportions, and the only employee we're aware of who has been fired is a telephone operator who talked to Sean Hannity. It seems unfair that this unfortunate woman was fired for being more helpful than any elected or appointed official yet heard from on the matter.
On Monday, Hannity called an Obamacare hotline and had a conversation with the woman, Erling Davis, in which he pressed her for details about the lackluster rollout of Obamacare.
That phone call led to her termination from the private contractor where she worked, Davis said when Hannity interviewed her Thursday. Hannity then promised to give her a year's salary.
"They fired me from my job," Davis said.
The host asked her to lay out the details of the situation, and she explained how things unfolded leading up to her firing.
"If you like your health care plan, you can keep your health care plan" said President Obama on August 11, 2009. However, hundreds of thousands of families are having their health insurance policies canceled right now. These folks are being told they have to sign up for new insurance through the Obamacare exchange, which is currently not operational.
Florida Blue, for example, is terminating about 300,000 policies, about 80 percent of its individual policies in the state. Kaiser Permanente in California has sent notices to 160,000 people - about half of its individual business in the state. Insurer Highmark in Pittsburgh is dropping about 20 percent of its individual market customers, while Independence Blue Cross, the major insurer in Philadelphia, is dropping about 45 percent.
For the families who had these policies these cancellations are a major life-changing event. Despite any opposition to Obamacare, one can only hope that these families are not too severely impacted by this completely avoidable disruption to their health care.
Police have found a series of dry ice "bombs" in secure areas of LAX: three today and one on Sunday. The articles don't say much, but presumably these "bombs" are plastic beverage bottles crammed full of dry ice and water and then screwed shut. As the dry ice sublimates the pressure in the bottle builds up and eventually bursts. These explosions would be loud, but relatively harmless to people and entirely harmless to buildings or aircraft.
So what's going on? Some theories:
- The bombs are a warning from some misguided do-gooder that the secure areas at LAX aren't very secure.
- The bombs are dry runs by real terrorists. But why draw attention to vulnerabilities?
- The bombs are a prank.
- The bombs are a cry for media attention. The single bomb on Sunday didn't get any national news coverage, so the "bomber" spent Monday building two more and then planted them today. Voila! Top story on Drudge.
LAX Police confirm that a bottle filled with dry ice exploded inside an employee bathroom at Terminal 2 at LAX Sunday.
The "bomb" exploded about 6:30 p.m. in an restricted access bathroom near Gate 27.
Officials said that no one was injured.
The FBI and the Los Angeles Police Department were investigating.
Sunday evening, FBI spokeswoman Laura Eimiller released the following statement: "Earlier this evening, law enforcement and airport officials responded to a report of an explosion in an employee bathroom in Terminal 2 ... In a restricted area of the terminal (not accessible to the general public), responders found evidence of a plastic bottle containing dry ice. A chemical reaction caused the explosion. The area is being examined for evidence. The FBI and partners with LAPD, LAX PD, LA Fire, CBP, TSA and other officials will investigate the incident to determine the individual or group responsible."
"A chemical reaction caused the explosion." That makes it sound much more dangerous than it was. A chemical reaction! As if chemicals aren't reacting around us at all times.
Although it's fashionable to denigrate Christopher Columbus these days I prefer to take a broader view and celebrate the opening of the New World. Individuals are always flawed, but Columbus' achievements were instrumental in reviving Western Civilization and leading us to the vast prosperity that the world enjoys today.
The news reports aren't clear yet, but the early indications are that the Capitol Police shot and killed an unarmed woman who was attempting to flee. Hopefully we'll learn more soon, and hopefully the Capitol Police had a legitimate reason for killing this woman.
Witnesses said they heard multiple gunshots. The vehicle first slammed into a post near the White House at 15th street and Pennsylvania Avenue, NW. It then fled east to the Capitol.
When the car arrived on Capitol Hill, police cars tried to box it in, according to Ryan Christensen of Idaho Falls, Idaho, who witnessed the end of the chase. The car got away from police, and that's when shots were fired. Christensen told reporters he thought it was a "motorcade" at first.
Two eyewitnesses said Capitol Police fired multiple shots at the black sedan on Constitution Avenue near the Hart Senate Office Building. Two people -- including a child -- were removed from the vehicle.
"There's a possibility there was a child in the car," Dine said.
The female suspect is dead, according to numerous police officers and congressional officials.
One Capitol Police officer was injured in the crash, police said, and transported to a hospital. The cop was injured after running into the barricade while chasing the suspect.
Apparently the new iPhone 5S has a flawed inclinometer (which measures the tilt of the phone, like a carpenter's level). This cracked me up: