We just love these guys

Prof. Felton explains why CD DRM leads to spyware:

So if you’re designing a CD DRM system based on active protection, you face two main technical problems:
  1. You have to get your software installed, even though the user doesn’t want it.
  2. Once your software is installed, you have to keep it from being uninstalled, even though the user wants it gone.
These are the same two technical problems that spyware designers face.

Dept. of Excellent Developments

The band My Morning Jacket will distribute unencumbered, uncopy-protected copies of their new record to fans who complain about Sony’s MediaMax bullshit: “It should have been enough that fans are annoyed,” [Mike Martinovich, MMJ’s manager] says. “But [MediaMax’s security problems] should be the final reason.” Nice job, guys. Now, if only the labels would get it, too.

Coins, or, Voluntary Story Problems

Mrs Heathen and I have a big-ass jar on our dresser into which we place our change nightly. It accumulates at a fairly rapid clip, so despite the jar’s size we end up redeeming it about twice a year. It’s usually between $250 and $300, depending on how full we let it get before we head to the Coinstar machine — which is a pretty clever thing, and a very savvy business model, we believe; they take a (fair) cut of the free money you’re bringing in, and you leave with 91% of the cash.

This whole thing got us wondering, however, on account of we’re powerful geeky: How close could we get to the value of the jar if we estimated based on the jar’s weight (adjusting for the weight of the empty jar, natch), the known individual weight of each denomination of coin, and the estimated distribution of American coinage?

Presumably, the biggest barriers to this would be (a) getting a good estimate of the distribution and (b) finding a precise enough scale, as coins are very, very light. With those in hand, the next obstacle would be distribution variance — i.e., how much does our household distribution differ from some national “normal” value?

Anyway, after turning in a mostly-full jar today ($297. plus 4 Sac dollars and a new nickle that Coinstar knows not what to make of), we discovered that the machine gives out its tally of denominations, so we figure we’ll use this for a jumping-off point:

Half Dollars 1 0.04% $0.50 0.17%
Quarters 867 30.91% $ 216.75 72.00%
Dimes 518 18.47% $ 51.80 17.21%
Nickles 346 12.34% $ 17.30 5.75%
Pennies 1069 38.11% $ 10.69 3.55%
Sac 4 0.14% $ 4.00 1.33%
Coin ttl 2805 $301.04

More on airline “security” and air marshall shootings

From Bruce Schneier, quoting Salon’s pilot columnist:

In the days ahead, you can expect sharp debate on whether the killing was justified, and whether the nation’s several thousand air marshals — their exact number is a tightly guarded secret — undergo sufficient training. How are they taught to deal with mentally ill individuals who might be unpredictable and unstable, but not necessarily dangerous? Are the rules of engagement overly aggressive? Those are fair questions, but not the most important ones. Wednesday’s incident fulfills what many of us predicted ever since the Federal Air Marshals Service was widely expanded following the 2001 terror attacks in New York, Pennsylvania and Washington: The first person killed by a sky marshal, whether through accident or misunderstanding, would not be a terrorist. In a lot of ways, Alpizar is the latest casualty of Sept. 11. He is not the victim of a trigger-happy federal marshal but of our own, now fully metastasized security mania.

Truth from TechDirt

In a post titled “Music Business Blames Apple Again,” TechDirt discusses once again that the music industry screwed. This time, it’s pointing out that they’re irritated with Apple for the iTunes Music Store’s continued flat-pricing model and, to a lesser extent, Apple’s unwillingness to allow other stores and devices to work with iTMS’ DRM scheme. Of course, they can’t pull out of iTMS, either, as it’s the biggest online music retailer by a long shot at this point (and is in fact bigger by volume than some physical outlets). The irony of the whole situation is that it’s the labels who gave Apple all this power in the first place by insisting their music be DRM’d:

There is something [the labels] can do — open up their own store, and sell unrestricted MP3 files at whatever price they want. iPods, and and pretty much any other digital music player, can play those files. The labels’ insistence on trying to control what people can do with the music they buy has gotten them into this mess, and it will take a reversal of that position to get them out.

Jackbooted Thugs On The March

Say you’re asleep in your house with your kid in the middle of the night, and some people bust in with paramilitary gear, and you — law-abiding, gun-owning citizen that you are — open fire on the intruders in an effort to protect yourself, your daughter, and your home. Say you kill one of the intruders. Why, where I live, they’d probably give you a slap on the back and buy you a beer.

You certainly wouldn’t expect to end up on death row, would you? Certainly not in Texas. Certainly not in the Mississippi I grew up in, either. Except, of course, if you’re black, and the intruders are dimwitted redneck cops storming the wrong home in search of a drug den, and the guy you killed is the white son of the chief of police. Then all bets are off, and you may well find yourself in a world of hurt. For example, you might be on death row.

Christ.

There are some things so irredeemably fucked that they transcend party politics, and this is one of them. It’s monstrous.

More on the case here; that blogger follows it pretty closely, so his top page is always a good place to go.

Remember that Justice Dept. redistricting kerfluffle?

Yeah, the Bushites have made sure it won’t happen again. From Talking Points Memo:

A week ago it was reported that Justice Department lawyers had concluded at the time that the DeLay redistricting plan of 2003 violated the Voting Right Act, but that senior DOJ officials overruled that finding and okayed DeLay’s plan anyway. Justice Department officials have now instituted a policy to assure this never happens again. They have, as reported in today’s Post, “barred staff attorneys from offering recommendations in major Voting Rights Act cases, marking a significant change in the procedures meant to insulate such decisions from politics.” It’s the Bush model: politics over expertise and/or law. Whether it’s at the Pentagon, the CIA, Justice or the EPA hardly matters. The formula is consistent throughout.

And more brilliance from Fafblog

Quoted in its entirety, due to brilliance:

The Central Front In The War On Facts The usual antiwar suspects have been up in arms for well over a week over the military’s planting of covert propaganda in Iraqi newspapers, caterwauling about the undermining of a fundamental tenet of Iraqi democracy. As always, their concerns are wildly misplaced. First, shouldn’t a pretend democracy have a pretend free press? Second, most of these pieces weren’t factually inaccurate, but mere “spin” – such as the article that spun an Iraqi general’s death under torture as death under not-torture. Third, propaganda is merely a weapon. America’s leaders would be foolhardy indeed to refuse a weapon in their arsenal, especially against an adversary as deadly as the truth. While it may not be the ideal of journalism in a free society, is this planted, pro-military propaganda so different from the anti-military truthaganda published every day in the New York Times? While military propaganda shows a bias towards distortion, obfuscation, and outright lies in the service of the war effort, the baleful face of the Mainstream Media shows a clear bias towards reporting reality – and reality has always been America’s greatest enemy in Iraq. Along with facts on the ground and the ugly truth, cold hard reality has persistently undermined America’s efforts in the war on terror. Were it not for reality, America would already have destroyed Saddam Hussein’s nuclear-powered robo-mummy factories while uniting Sunni, Shiite, and Kurd in common love of their American liberators. Malicious facts, however, have conspired to turn Iraq into a bloody war zone racked by insurgent violence and sectarian bloodshed, and the war itself into an unwinnable quagmire built on a transparent fraud. Even now, reality is working to tarnish America’s reputation by exposing its routine torture of military prisoners, in defiance of the stated policies of the Bush administration. This pattern of obstruction and interference can leave no doubt: reality isn’t merely misguided or ill-informed. It’s on the other side. Is it any wonder the American military is fighting back by deploying strategic anti-truth operatives to counteract malicious, terrorist facts? Unfortunately, it may be too little, too late. What of those who assist the truth in its sabotage of US interests? By acting as independent journalists, American reporters are giving aid and comfort to the enemy, if not actively engaged in a terrorist conspiracy. Why is Dana Priest allowed to freely roam the streets? Shouldn’t Seymour Hersh be detained for questioning? Aren’t the offices of the Washington Post little more than a terrorist training camp? And while a certain willingness to take out these enemy bases is more than welcome, eventually the United States must take the fight directly to the enemy, with airstrikes and commando raids on logic, regime change in mathematics, and missions to hunt down the laws of physics wherever they may hide. Until we are confident that nothing we see or hear is real, victory may be impossible.

Fafnir and Condi

Fafblog Interviews Condi, sort of:

RICE: First of all, we don’t send prisoners off to be tortured, Fafnir. We just transport prisoners to countries where torture happens to be legal and where they happen to end up getting tortured. FB: Well that explains everything then! It’s all just a wacky misunderstanding, like that episode a Three’s Company where Jack sends Janet off to Uzbekistan to get boiled alive by the secret police. RICE: I’d also like to point out that whenever we send a prisoner to a country that routinely tortures prisoners, that country promises us NOT to torture them. FB: And then they get tortured anyway! RICE: Yes, they do! It’s very strange. FB: Over and over again, every time! That’s gotta be so frustrating. RICE: Oh it is, it is. FB: So the first time you kidnap a prisoner an send him to Saudi Arabia you’re like “don’t torture this guy” an they’re all “we totally won’t” an then they go an torture him an you’re all “ooh Saudi Arabia I told you not to torture him!” an they’re all “oh we’re sorry, we promise next time” an then you go “well you better” an you send em the next guy an they torture him too an you go “oh man Saudi Arabia you did it AGAIN!” RICE: The president believes in the value of patience, Fafnir. He’s not going to let a few dozen innocent torture victims come between him and his favorite third-world dictators. FB: See after the first coupla hundred times that happened I woulda registered a complaint with customer service. RICE: But the real point is that these accidental torture missions are vital to the war on terror. Remember that these aren’t just prisoners. These are known Muslims with names very similar to suspected associates of other Muslims. FB: They’re just the sorta key players that could lead us to Hosama bin Blaben and Musad al Zarcotti! RICE: Exactly. And by subjecting these high-profile non-targets to not-torture in nonexistent secret prisons, you can bet we’ll stop a lot of pretend terror.

Oh, nice. What fucking thugs.

From New York Magazine, via TPM:

Bush-administration officials privately threatened organizers of the U.N. Climate Change Conference, telling them that any chance there might’ve been for the United States to sign on to the Kyoto global-warming protocol would be scuttled if they allowed Bill Clinton to speak at the gathering today in Montreal, according to a source involved with the negotiations who spoke to New York Magazine on condition of anonymity. Bush officials informed organizers of their intention to pull out of the new Kyoto deal late Thursday afternoon, soon after news leaked that Clinton was scheduled to speak, the source said. […] In his Friday speech, Clinton blasted the Bush administration’s opposition as “flat wrong.” But the speech almost didn’t happen. The contretemps started late Thursday afternoon, when the Associated Press ran a story saying that Clinton had been added at the last minute to the gathering’s speaking schedule at the request of conference organizers. According to the source, barely minutes after the news leaked, conference organizers called Clinton aides and told them that Bush-administration officials were displeased. “The organizers said the Bush people were threatening to pull out of the deal,” the source said. After some deliberation between Clinton and his aides, Clinton decided he wouldn’t speak, added the source: “President Clinton immediately said, ‘There’s no way that I’m gonna let petty politics get in the way of the deal. So I’m not gonna come.’ That’s the message [the Clinton people] sent back to the organizers.” But the organizers of the conference didn’t want to accept a Bush-administration dictum. They asked Clinton that he go ahead with the speech. “The organizers decided to call the administration’s bluff,” the source said. “They said, ‘We’re gonna push [the Bush people] back on this.'” Several hours went by, and at the Clinton Foundation’s holiday party on Thursday night, the former president and his aides still thought they weren’t going to Montreal. “The staff that was supposed to go with him had canceled their travel plans,” the source said. At around 8:30 p.m., organizers called Clinton aides and said that they’d successfully called the bluff of Bush officials, adding that Bush’s aides had backed off and indicated that Clinton’s appearance wouldn’t in fact have adverse diplomatic consequences.

Dept. of Security Updates

Last night between 5:46:48AM and 5:50:02AM, the IP 209.50.238.122 attempted to SSH to the admin account of one of my boxes 318 times. At 5:50, DenyHosts noticed and shut the IP down.

Though the IP is doubtless a spoof, it’s amusing what happens if you hand it to hosts:

$ host 209.50.238.122
122.238.50.209.in-addr.arpa domain name pointer mail.harvard.com.

Dept. of Dozens

Saturday will mark Alec Baldwin’s 12th appearance on SNL. He’s tied with John Goodman for 2nd place at this point; Steve Martin still holds the record at 13.

“There are two types of hosts,” Mr. Baldwin said. “You either send up your own persona or you become part of the company. And if you become part of the company, you just make an ass of yourself. You do whatever they ask you to do.”

“Dear friend or relative or business associate…”

Dept. of For-Some-Reason Buried Stories

Remember Sami al Arian? The Florida professor so evil and so terroristic that then-AG John Ashcroft went on national TV to announce his indictment in 2003?

Yeah, he was aquitted. In gaining this aquittal, his lawyers called no witnesses at all. What does this tell you about the Feds’ case?

Yeah, that’s what I thought. TBogg, though, points us at some folks who see things in an altogether more wacky way.

“I never was such a Johnny Ace fan, but I felt bad all the same.”

Twenty-five years ago today, Mark Chapman killed John Lennon. I was in the fifth grade, and had no real idea who he was. Another kid — name long since lost — asked me if I knew about it at recess. I’d heard of the Beatles, but didn’t know any of their names or much about their place in the world. My parents, God love ’em, were warbaby nerds (b. 1940) who, in the truest sense of the quote, “had two 50s and went right on into the 70s.” They had no appreciation for or interest in the era’s music despite being essentially the same age as the Beatles and the Stones (no original member of either band was born after 1943; Bill Wyman was born in 1936).

I remember thinking it was odd that a few other kids were so upset, yet I had no idea who the man had been. Soon after I became a relatively obsessive music fan on my own — Mom and Dad didn’t even have real stereos — and grew to understand the shock of the loss. Other musicians have died early, but few were murdered outside their own homes for no good reason, and fewer still were truly pioneers.

The title to this post, as Mike has no doubt noticed, is from a Paul Simon song off his excellent and often overlooked “Hearts and Bones” record, released three years after Lennon’s murder. It’s predominately about Simon’s breakup with Carrie Fisher, but the final track is called “The Late Great Johnny Ace.” There really was a Johnny Ace, but the song is actually about Lennon. The final stanza goes like this:

On a cold December evening I was walking through the Christmas time When a stranger came up and asked me If I’d heard John Lennon died And the two of us went to this bar And we stayed to close the place And every song we played was for The Late, Great Johnny Ace

About six different kinds of AWESOME

GI Joe View Master Reels on the web. And not that tiny-molded-plastic, no-fuzzy-hair, COBRA-fightin’ bullshit imposter crap, either (sorry, Frank); this is about the real deal GI Joe from the early 70s.

Thanks to overgenerous grandparents, we had most of the toys pictured. We’re pretty sure that tower is still in mother’s attic, for example.

Dept. of Endorsements

Yesterday, we caught some kiddie trying to log into one of our servers. He — or his script — tried a brute-force attack on SSH some 740 times in about 45 minutes. Based on the security profile of the machine, that sort of attack is wildly unlikely to bare fruit, but still: some jackoff is trying the locks, and we don’t like it.

Lots of Googling and guru-asking later, someone pointed us at DenyHosts, which rules. If you run an SSH server, you probably ought to look into this. It watches your logs; when it sees more than X invalid ssh attempts in Y time period from a given IP, it adds that IP to /etc/hosts.deny (or other appropriate file, depending on your flavor of *nix). It distinguishes between invalid logins (for accounts that don’t exist) and failed ones (for accounts that do), so it’s possible to allow 5 invalid attempts in 14d before lockout AND only 3 in 30d for actual accounts, for example. Also, the author was smart enough to incorporate a –purge option, which is key. The IP the script kiddie had yesterday might well be the one you have today, so a permanent ban list isn’t the way to go.

Nice work. It’s not quite ideal — by which we mean that if someone kept trying the locks on our HOUSE at night, well, eventually we’d get down the stairs with the Steyr in time to make short work of the miscreant; to the best of our knowledge DenyHosts does not in fact poke additional holes in the attacker — but it’s certainly a worthwhile extra step to take.

Who is Freedom-to-Tinker?

Wired gives us a bit of background on everyone’s favorite anti-DRM duo, Princeton prof Ed Felton and researcher John Halderman.

Halderman, you may recall, is the guy who noticed that Sunncomm’s first stab at copy protection could be circumvented by turning off AutoRun in Windows — or by holding down the shift key when the CD was inserted. He published a paper including this finding, and was promptly threatened with a $10M lawsuit and felony prosecution under the DMCA (the company backed down in the face of widespread outrage).

Felton and Halderman remain the go-to men for information on DRM and copy protection schemes and how they’ll invariably screw up either your CDs or your computer; we here at Heathen love their work and are very thenkful they’re doing it.

Gilmore vs. our Papers-Please government

Wired has a piece on millionaire John Gilmore’s fight against the Feds’ insistence on papers checks when we travel. Even more disturbing is that the actual rule — which isn’t a law — the Feds cite is classified, so they maintain we have to live by it, but they don’t have to show it to us. How’s that again?

So far, the government has refused to show Gilmore the order compelling airlines to ask for identification, saying that the rule is “sensitive security information,” a security designation that was greatly expanded by Congress in 2002, allowing the Transportation Security Administration wide latitude to withhold information from the public.