The Fix for High Sierra’s Embarrassing Privilege Escalation Bug and the Fix for the Fix

Apple has already released a fix for its embarrassing privilege escalation bug. If you haven’t already, open the App Store, go to Updates, and install Security Update 2017-001. However, after installing that you may notice that file sharing no longer works. In order to fix this problem you need to perform the following steps:

  1. Open the Terminal app, which is in the Utilities folder of your Applications folder.
  2. Type sudo /usr/libexec/configureLocalKDC and press Return.
  3. Enter your administrator password and press Return.
  4. Quit the Terminal app.

In conclusion High Sierra is still a steaming pile of shit and you should stick to Sierra if you can.

Fraud is the Status Quo for Government Agencies

What do you do when you’re a postal service that, in spite of enjoying a legal monopoly on delivering certain types of mail, has troubles making ends meet but also enjoy the immunity that generally comes with being a government agency? You commit fraud, of course:

She told CBS46 her former supervisors at the post office gave her specific instructions to misrepresent delivery times because, she says, they know what’s at stake if Amazon packages are late.

“At 7:15, whatever you have not delivered, pull your truck over to the side of the road and scan every single one of your amazon packages. We cannot have late packages because that will jeopardize our contract with Amazon,” said the former mail carrier.

CBS46 drove around and found a current mail carrier working in a different county who attested to the claims. She also asked to be kept anonymous.

“Basically, we have to falsify the timing, and a lot of carriers don’t want to do that, but we’re mandated to with a direct order,” she said.

While these carriers admit the official records at the post office are being tampered with, their advice to customers is this:

If you know for a fact that your package came late, make a complaint and stand your ground. Most of the handheld scanners that carriers use have GPS records that can be looked up if it comes down to it.

First, the United States Postal Service (USPS) is defrauding the people who ordered the packages because if the package is delivered after 20:00 they get a free month of Amazon Prime. Second, it’s defrauding Amazon by lying about when packages are being delivered. Since the USPS is a government agency there likely isn’t anything Amazon or its customers can do other than stop using USPS in areas where these practices are happening. Even then neither party can stop doing business with USPS entirely because it enjoys a monopoly on delivering certain types of mail. And the USPS has no motivation to fight these kinds of fraudulent practices because it’s a government agency and fraud is the status quo for them.

What Could Have Been

The last presidential election is where third parties had a chance to shine. Both major parties were fielding the worst candidates that they could find. Unfortunately, the Libertarian Party threw away its chance of making itself known by once again nominating Gary Johnson when it had the chance to field this man:

There, naked but for an ammunition belt, was 71-year-old tech tycoon and former fugitive John McAfee, spraying bullets into the wall and ceiling of the living room.

That right there is the future libertarians want; a future where everybody has the freedom to wear nothing but an ammunition belt and fire rounds into their own damned property!

What’s really funny is the fact that this man has a better grasp of libertarian principles and is better at expressing them than the Libertarian Party’s nominee.

Adaptability is an Established Military’s Greatest Weakness

You may have heard the phrase, “The military is always preparing to fight the last war.” Any military that has been established for a length of time seems to get dragged down by entrenched ideologies and traditions. This leads them to become very rigid. The United States military is a great example of this. During its War on Terror it has clung to its usual tactics, which work well against other large national militaries but are more or less useless against asymmetrical tactics. It has also proven incompetent at information security, which is no a major component in warfare:

After uncovering a massive trove of social media-based intelligence left on multiple Amazon Web Services S3 storage buckets by a Defense Department contractor, the cloud security firm UpGuard has disclosed yet another major cloud storage breach of sensitive intelligence information. This time, the data exposed includes highly classified data and software associated with the Distributed Common Ground System-Army (DCGS-A), an intelligence distribution platform that DOD has spent billions to develop. Specifically, the breach involves software for a cloud-based component of DCGS-A called “Red Disk.”

Don’t get me wrong, I’m all for government transparency and appreciate the military’s current, albeit accidental, dedication to it. However, from a strategy standpoint this is pretty damned pitiful.

Floating Gitmos

The Army, Navy, Marines, and Air Force have all had their share of major scandals in recent decades but the least known branch of the military, the Coast Guard, has been comparatively unscathed. Apparently the branch was jealous of its siblings because it decided to operate its own floating Guantanamo Bays:

Now, it turns out, there’s a secret US detention system in the War on Drugs, too — and this one is aboard US Coast Guard cutters sailing in the Pacific Ocean.

In an effort to staunch the flow of cocaine and other hard drugs from South America to Central America and points north, Coast Guard cutters have been deployed farther and farther from the shore in the Pacific Ocean. When these cutters capture a boat carrying drugs, the smugglers are brought onto the ships and kept shackled to the deck, sometimes outside in the elements, until the Coast Guard makes arrangements for them to be transported back to the US for trial.

Can you imagine the outrage that would occur if a foreign military captured an American citizen, held them without trail for an arbitrary length of time in inhumane conditions, and then shipped them off to their own country for a show trial? It wouldn’t go over well. But the United States can get away with doing so because it currently has enough military power that small Central and South American countries can’t do jack shit about it. And if one of those countries did try to free one of its kidnapped citizens, they would likely be declared pirates and quickly find their navy sitting at the bottom of their harbor.

One of the defining features of the United States has become its hypocrisy. It seems that the national motto has become, “Do as I say, not as I do.” While American politicians will flip their shit on C-SPAN when other countries build secret prisons and treat prisoners inhumanely, the country they’re supposed to be in charge of is doing the exact same thing.

macOS High Sierra is Still Terrible

macOS High Sierra may go down in the history books as Apple’s worst release of macOS since the initial one. Swapping the graphical user interface to use the Metal API wasn’t a smooth transition to say the least but the real mess is in regards to security. There was a bug where a user’s password could be displayed in the password hint field so logging in as a malicious user only requires entering a user’s password incorrectly to trigger the hint field. But yesterday it was revealed that the root account, which is normally disabled entirely, could be activated in High Sierra by simply typing root into the user name field in System Preferences:

The bug, discovered by developer Lemi Ergin, lets anyone log into an admin account using the username “root” with no password. This works when attempting to access an administrator’s account on an unlocked Mac, and it also provides access at the login screen of a locked Mac.

The only good news is that you can defend against this bug by enabling the root account and giving it a password.

The security mistakes in High Sierra are incredibly amateur. Automated regression testing should have caught both the password hint mistake and this root account mistake. I can only assume that Apple’s quality assurance department took the year off because both High Sierra and iOS 11 are buggy messes that should never have been released in the states they were released in.

Mistaken Identity

“They all look the same to me.” —Trump Fans

LeVar Burton, the actor who’s best known for his past work in “Reading Rainbow” and “Star Trek: The Next Generation,” is getting bombarded with angry tweets from Trump fans who have mistaken him for LaVar Ball.

The most amusing thing about American politics has to be the fact that all sides have become such batshit crazy extremists that it’s trivial for opposing sides to act as one another. Take this case. Are the people mistaking LeVar Burton for LaVar Ball actually angry Trump supporters who are too dumb to know one black man from another or are they Trump haters pretending to be Trump supporters in order to embarrass their opposition? I’m guessing it’s really a bit of both. However, it’s impossible to know for sure because a lot of Trump supporters are stupid racists (I know it’s a redundant term) who enjoy publicly demonstrating their stupidity and probably can’t tell one black man from another so it’s easy to play them on TV (or the Internet in this case).

There is a drought of intellectuals in American politics, which has lowered the bar for political debate. Arguing over issues and philosophy is no longer the preferred form of political discourse in the United States. Instead character assassination has become the primary tool, which has created a focus on the most idiotic members of each party.

He Almost Had a Trifecta

Pocahontas joke? Check.

A painting of Andrew Jackson in the background? Check.

If Trump would have referred to the code talkers are “injuns,” he could have had a trifecta:

Native American groups have long objected to President Trump’s use of the nickname “Pocahontas” to deride one of his political foes, Sen. Elizabeth Warren (D-Mass.).

But even at a White House event specifically intended to honor the World War II Navajo code talkers — the heroic Native Americans who helped the U.S. Marines send coded messages in the Pacific Theater — Trump couldn’t resist.

The president of the United States is the face of the nation. More and more I’m convinced that Trump is the prefect representation of the United States. He’s loud, he doesn’t put too much thought into his words, and he’s demonstrated a complete lack of ability or willingness to follow through with any of his meaningful promises. Trump is the leader the United States deserves.

Make Way for the Master Species

You’ve heard of the master race, now get ready for the master species:

It appears subculture, which has long been associated with gay and left-wing beliefs, is now being infiltrated by right-wing extremists known as “alt-furries”.

The alt-furry movement started as a joke on Twitter, with right-leaning members sharing pro-Trump, furry-themed memes using the #AltFurries hashtag.

What started as the promotion of satirical policies such as a ban on “species mixing”, soon became much more serious as the white supremacist agenda started to creep into real world furry events.

If I could come up with comedy this ridiculous, I’d probably have a great standup career.

It seems like everybody is obsessed with boogeymen. Whether it’s Russians controlling American politics or Neo-Nazis infiltrating furry scenes, it seems like every group is being infiltrated by a sinister group that is the source for all of that group’s problems. It’s as if no group on the planet wants to take a look in the mirror and admit that its members are probably the most significant source of its problems.