Month: June 2011

HP/Palm TouchPad Goes on Sale July 1st

HP/Palm’s (I know the Palm name is dead but damn it I refuse to stop using it) iPad competitor, the TouchPad, is set to go on sale July 1st. I’m rather excited about this device because I think it’s one of the few new tablet devices that at last has something interesting to offer consumers beyond the capabilities of the iPad (namely WebOS).

It do foresee a problem with the price though as the 16GB model will cost $499.99 while the 32GB model will cost you $599.99. This is the exact same price range as Apple’s iPad which I believe to be a potential problem. I just believe it will be hard to justify the high costs of the TouchPad when the app ecosystem for WebOS is pretty poor (and most current apps being written using the Mojo API will run in a small window much like iPhone apps run on the iPad) and WebOS has very little penetration into the mobile market at the moment. At the price HP/Palm is asking it’s very unlikely I’ll buy one unless they offer a great developer discount.

It’s Time to Use Pass Phrases

As computers have become more powerful shorter passwords have become more useless. This story does a good job of driving home the fact that short passwords are becoming meaningless:

The results are startling. Working against NTLM login passwords, a password of “fjR8n” can be broken on the CPU in 24 seconds, at a rate of 9.8 million password guesses per second. On the GPU, it takes less than a second at a rate of 3.3 billion passwords per second.

Increase the password to 6 characters (pYDbL6), and the CPU takes 1 hour 30 minutes versus only four seconds on the GPU. Go further to 7 characters (fh0GH5h), and the CPU would grind along for 4 days, versus a frankly worrying 17 minutes 30 seconds for the GPU.

And it doesn’t stop there:

It gets worse. Throw in a nine-character, mixed-case random password, and while a CPU would take a mind-numbing 43 years to crack this, the GPU would be done in 48 days.

Surely throwing symbols in there keeps you safe, right? Wrong! Take a password consisting of seven characters, mixed-case/symbols random password like ‘F6&B is’ (note the space), that’s gotta be tough for a bruteforce attack. Right? A CPU will take some 75 days to churn through the possibilities, while a GPU is done with it in 7 hours.

Basically short passwords are worthless and offer little if any security. Of course this isn’t the end of the world as other patches have been added to password-based authentication systems. For instance most systems have a time delay tossed in if you enter the wrong password too many times and other devices like the IronKey self-destruct if the wrong password is entered too many times. The first technique can greatly hinder the rate at which an attacker can access your system unless they’re working directly from a file containing password hashes (as they wouldn’t be hindered by operating system behavior). Most systems also use a value known as a salt which is tossed in with a password to create a hash making it far more difficult to brute force (as you have to try every possible combination of salt values and passwords).

It’s finally come time to begin using more complex passwords. This is difficult for many people as few are going to remember a password like “8*7wFWE12@#$iwkf” or anything similar. This is where the idea of pass phrases comes into play. Instead of using a word you use a sentence. For instance it’s going to be far more difficult to brute force a pass phrase like “This is my pass phrase which should be hard to brute force” than a ten character password. On the other hand pass phrases are potentially susceptible to dictionary attacks if the phrase you use is common so throwing in random characters for good measure is still, well, a good measure.

I will be completely honest in saying that passwords and pass phrases are becoming less and less viable as means of authentication. Some day we will have to move beyond them but as of right now the easiest option is to make more difficult passwords.

iOS 5 May Warn About Unsecured Calls

Some chatter has been going around the iOS community about a possible feature in iOS 5 that would warn users of unsecured calls. The encryption used by GSM was cracked and a great presentation and demonstration (which I had the privilege of attending) were given about the crack at Defcon last year. The presentation is available on YouTube for free and is split up into four segments:

[youtube=http://www.youtube.com/watch?v=rXVHPNhsOzo]

[youtube=http://www.youtube.com/watch?v=Fo1OPoBS5Q8]

[youtube=http://www.youtube.com/watch?v=RXqQioV_bpo]

[youtube=http://www.youtube.com/watch?v=a4-KAvWUiDA]

Obviously this feature won’t be able to detect if a government agent at the phone company is listening into your phone call (this is why we need secure point-to-point communication capabilities on all phones) it would at least let you know if your phone call is being intercepted locally.

Even Though Gun Sales are Up Violent Crime is Down

Although this will come as no surprise to those who advocate the right to keep and bear arms the following news will have anti-gunners plugging their hears and screaming “LA LA LA LA I CAN’T HEAR YOU!”

According to the National Shooting Sports Foundation (NSSF) gun sales are up yet again in 2011 while the Federal Bureau of Investigations (FBI) has reported that violent crime dropped yet again. Once again the facts demonstrate no correlation between an increase rate of firearm ownership and an increase in the rate of violent crime.

Once against a favorite argument parroted by anti-gunners is proven to be completely wrong.

Herman Cain OK With Restricting Second Amendment Rights

I think Herman Cain just got caught in a typical neo-con mistake; he tried expressing a libertarian belief without understanding libertarian philosophy. In a recent interview with Wolf Blitzer Mr. Cain stated that he believes it’s OK for individual states to enact gun control regulations:

BLITZER: How about gun control?

CAIN: I support the 2nd amendment.

B: So what’s the answer on gun control?

C: The answer is I support, strongly support, the 2nd amendment. I don’t support onerous legislation that’s going to restrict people’s rights in order to be able to protect themselves as guaranteed by the 2nd amendment.

B: Should states or local government be allowed to control guns, the gun situation, or should…

C: Yes

B: Yes?

C: Yes.

B: So the answer is yes?

C: The answer is yes, that should be a state’s decision.

This is a typical neo-con maneuver. Neo-cons love to pander to the libertarians because they feel giving those of us subscribing to the philosophy are easy votes to get. The problem is most of us are used to those running as Republicans paying lip service to libertarian philosophy and then going full neo-con when they get elected.

Ignoring the recent Super Court ruling in McDonald vs. Chicago libertarian philosophy would prohibition any government entity from interfering with the right to own a consumer good. A firearm ultimately is a consumer good and my ownership of that good doesn’t cause harm to another therefore no regulation should exist that bars me from owning a firearm. Mr. Cain took a concept often discussed favorably by libertarians, stopping the federal government from executing any power not specifically granted in the Constitution, and tried to use it in an attempt to avoid stating concrete support of the second amendment.

I already refused to support Mr. Cain as he was involved with the Federal Reserve but hearing his position on the second amendment just put another nail in the coffin of my support. The position he stated shows that Mr. Cain is going to play the typical neo-con game where he’ll pay lip service to libertarian ideals but deep down inside is just another statist.

The United Nations Summed Up

I think Uncle summed up the problem with the United Nations perfectly:

The UN says internet access is a human right. Right to self-defense, nope. Right not to be raped, nope. But free ice cream, yup.

The United Nations is perfectly fine with saying things that must be provided to you by a third party are rights. This makes no sense because a right by definition is something that can’t be taken from you. People who subscribe to the libertarian philosophy believe in the natural right to self-ownership. This is because you own yourself and that ownership of yourself can not be taken away as you have free will even as a slave (you can attempt to escape for instance). In the United States the Constitution guarantees a set of rights but as they are rights for which the government is supposed to be prohibited from interfering with the government decided to go ahead and interfere with them. Either way a right is something that is exercisable withing interference.

The problem for many comes in when they claim something they can’t provide themselves is a right. For instance some people claim healthcare is a right but for that to be true access to healthcare can’t be interfered with. Those who support the idea of healthcare being a right demand government provided healthcare solutions because they hope it will remove any potential interference that could come between a person and their “right” to receiving healthcare. What these people don’t stop to realize is the fact that a right to healthcare also requires medical practitioners. Thus the only way to make healthcare a right is to force medial practitioners to provide healthcare which essentially makes those in the medical field slaves. If the government wishes to make healthcare a right they must force enough people to be doctors and then force those doctors to work on people.

This is the problem with the whole concept of positive rights, you must make slaves out of a portion of the population to guarantee those “rights.”

Even Though We’re More Law Abiding the Law Hates Us

I still can’t comprehend the fact that most second amendment advocates are law abiding citizens yet the police seem to have it out for us. The Baltimore Police Criminal Intelligence Section recently issued a warning against people displaying second amendment stickers because such people could be armed:

….while the individual who is displaying the symbol may not be armed, the presence of the symbol provides an early warning indicator that you MAY be about to encounter an armed individual.

Looking at the rate at which carry permit holders commit crimes (it’s lower than the rate at which other people commit crimes) an officer should happy to encounter a second amendment advocate. Hell somebody who is a strong supporter of the second amendment are probably strong supporters of other rights as well… and now I know why the police don’t like us. Either way I have no stickers visible on my vehicle other than those put on by the factory so I’m not too worried for myself but I am concerned about those who rightly wish to express their support of civil rights.

I will say that this profiling situation has lead to me question what other stickers are being profiled by various police departments. Maybe I should get a bumper sticker made that looks like this:

I can imagine what the police profiling department will tell their officers about that sticker.

Pennies No Longer Legal Tender

We’ve all heard stories of people paying fines in pennies and most of us cheer on this kind of behavior. The government may be able to put a gun to our heads and force us to pay unjust fines but paying it in pennies is one way we can at least stick it to them a little bit. Well that used to be the case as it seems paying in pennies will get you charged with disorderly conduct now:

No lucky pennies here: Police have charged Jason West, an aggrieved medical patient in Vernal, Utah, with disorderly conduct. His alleged crime? Attempting to pay a disputed medical bill of $25 entirely in pennies.

What’s funny is this charge came not from trying to pay an unjust government fine but by paying a bill to a private corporation. According to United States law any currency issued by the Federal Reserve is considered legal tender for all debts. Although you don’t have to accept Federal Reserve issued money for instant transactions you must accept them if somebody is paying back a debt which a bill can be considered. Apparently pennies are no longer considered legal tender though if this charge is to be taken into account.

iOS 5 Beta

So I loaded iOS 5 Beta 1 onto my iPod Touch and took a look around. I haven’t had much time to fiddle with it but I’ve decided that Apple did a great job of ripping off Android’s notification system and that’s a good thing. With that said Apple did add two things that I greatly appreciate; widgets on the notification pull-down and the ability to make notifications appear on the lock screen.

I’m not sure if Apple is going to allow third parties to write widgets for the pull-down menu but they have included one for stocks and another for weather. When you pull down the notification page the weather widget will give you the current temperature which is nice. Hopefully third parties are allowed to write widgets for the notification page as I could name a few things I’d like to see there.

The other change to the notification system that Apple made was making notifications appear on the lock screen if you want them to. When you turn the phone on any notifications set to appear on the lock screen will be there and swiping across a notification will open the app that sent out the notification. Thus swiping across an e-mail notification will open Mail and take you right to the message you swiped across. Overall I really like the new notification system and feel it makes iOS a far better OS to work with.

Yet Another Excuse By the Government to Stay in Afghanistan

The United States love to invade countries and then stick around even after the “mission” is completed. It seems that the government is now grasping at straws trying to find a reason to continue staying in Afghanistan even though the war there isn’t all that popular here at home. Fresh off of the press is the new excuse that Afghanistan could face an economic depression if the troops leave:

It calls for better use of the roughly $320m (£195m) in foreign aid the US spends every month in Afghanistan, with a focus on sustainability.

It concludes that misspent foreign aid can result in corruption.

First of all I don’t know why we send money taken from American citizens through force by the government to other countries. Since the government put a gun to our heads the least they could do is keep the money here. Second… foreign aid can result in corruption? No shit. In other news water is wet and most politicians are assholes.

It can also alter markets and undercut the ability of the Afghan government to control its resources.

“Afghanistan could suffer a severe economic depression when foreign troops leave in 2014 unless the proper planning begins now,” the report says.

Basically 2014 will roll around and our government will make some claim that we must keep our troops there a while longer in order to prevent economic disaster. It’s a poor excuse but the government doesn’t know how to make any other type of excuses.