Doonesbury Say What?

"Wait a minute, we can't have acquittals. If we've been holding these guys for so long, how can we explain letting them get off? We can't have acquittals. We've got to have convictions."
-- Pentagon general counsel William Haynes to Col. Morris Davis, Gitmo chief prosecutor, August 2005

"I concluded that full, fair and open trials were not possible under the current system."
-- Col. Davis, on his subsequent resignation


Geee, ya think?

Gotta love system security! Remember the Clear system that lets you skip lines at airports?

It is a system where you can pay money to be investigated and get a pass to let you skip the inspection lines at airports. You submit fingerprints, the FBI does checks, etc. 33,000 people have enrolled.

Well, a couple of weeks ago a laptop that contained the detailed information of everyone who has signed up for the program was stolen from a locked office at San Francisco airport. The server that the data is stored upon is encrypted.

The laptop wasn't.

But everything is OK -- the laptop was found again! In the same office that it was stolen from. In a different place in the office. Behind a locked door.

But don't worry -- "they" have determined that the data was not accessed.

The same people who didn't encrypt the laptop? And we're supposed to take their word that someone who can go into a secure area, through locked doors, and steal a laptop, and then replace a laptop in the same office, again, through locked doors and in a secure area, can't remove the drive from the laptop and clone it?

http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/08/05/BU2V125HTF.DTL&tsp=1

http://yro.slashdot.org/article.pl?sid=08/08/06/1021225

There's a fundamental flaw in the RIAA lawsuits for file sharing that anyone can exploit

The RIAA claims that they can link an IP address to a computer. Your computer is uniquely identified by a MAC address, it's a two-part hexadecimal address burned into your ethernet card. The first part is a code that identifies the manufacturer of the chipset, the second is sort of a serial number and is supposed to be unique to that manufacturer. It's pretty critical that the combination of these two numbers remains unique for networking to work, I won't bother you with the details.

Among the many problems is that IP addresses are frequently assigned dynamically and you might not have the same address every time you boot your computer. But that's not the biggest problem.

It's possible to spoof MAC addresses and configure your computer so that whenever a program asks for your MAC address, it does not return the address burned on the chip but a specific value that you configure.

So if you're going to university, how about getting the MAC address of the school provost. Suddenly the RIAA is subpoenaing the school provost?

Of course, not everyone would be able to use the same address because, like I said before, it needs to remain unique on the network. There's forms of cache poisoning and other techniques that can be used to shut down the other address in order to make your spoofed address work.

This also requires some somewhat involved system level work in linux, so it's not for everyone. But if you're running linux, you're probably skilled enough to do this, so why not have your MAC address change every day?

But there's an easier way.

Go to Fry's Electronics, or wherever, and buy a box of Ethernet cards. PAY CASH, don't use any sort of frequent buyer club bonuses. Make it so they cannot be tracked back to you. Cards go for $10-15 these days, and if you buy a box of 'em, you might get a quantity discount. Replace the card in your PC every couple of months, sell the old card at a swap meet so that it goes back in to circulation and that MAC address appears in other network logs.

I said easy, not free. And obviously this technique wouldn't work on a laptop.

"Moouse Taunnts Man, Steals Dentures"

One of the best spam subject lines that I've seen in a long time. Heck, correct the spelling, it could make for a great short story!

It was, of course, an ad to "Double YYour Sexual Pleasure", complete with a Ni hao.

Air Force hacks software to avoid licensing lockdown then ignores DMCA lawsuit

It's good to be the king!

It's a somewhat complicated story involving software written by someone in the Air Force, but ultimately they broke the code written to control pirated software, and because the government can avoid law suits by claiming Sovereign Immunity, they can't be sued.

http://arstechnica.com/news.ars/post/20080804-air-force-cracks-software-carpet-bombs-dmca.html

http://tech.slashdot.org/article.pl?sid=08/08/04/2253246

The Knights Templar are suing the Pope!

Pretty cool. They want their name restored and possibly several billion dollars in assets (and, I'm sure, interest) returned. Why do I get a feeling that this will go nowhere?

http://news.slashdot.org/article.pl?sid=08/08/04/1459210