David L. Farquhar on technology old and new, computer security, and more
I’ve been seeing a lot of news this week about web browser plugins getting exploited to plant malware on computer systems. A lot of people know to keep Flash up to date, and to keep Java up to date or uninstall it–at least I hope so by now–but there are two targets that people generally forget about: Shockwave and Silverlight.
Because so many people have them installed and don’t know it, and therefore never update them, they are ripe targets for attack. Read more
It seems like a hundred years ago, but in 1996, I briefly infiltrated a group of conspiracy theorists–“sovereign citizens”–and wrote a few news stories and an analysis piece about them. They quit speaking to me after the first one was published, and I received threatening phone calls at the newsroom.
The group was newsworthy because it was causing a lot of problems for officials in that town, but we struck gold. Another reporter in the newsroom was a Marine–there are no former Marines–and when he saw the ringleader’s claim he was a retired Marine colonel, he made some phone calls. This “colonel” turned out to only be a low-level enlisted. (There are two tracks in the military: officers and enlisted. A colonel is the rank below a general–a big deal. This guy was probably a common infantryman, and probably wasn’t in very long.) When I printed this finding, he lost credibility. If he was lying about his rank, what else was he lying about?
This movement fizzled out after a couple of years, but this and other movements like it are back again. Read more
Rubik’s Cube turned 40 this week. In a reflection of how much faster the world moves today than it used to, I remember Rubik’s Cube from the early 1980s, when it was a big, national craze. I had no idea at the time that it was invented in 1974 and took six years to reach the U.S. market. I asked for one for Christmas in 1981, and so did everyone else I knew. We all got one. And none of us could solve it. Granted, some of that may have been because we were in grade school, and the early years at that. My best friend’s older sister, who was in sixth grade or so, had a book, and she could solve it with the book’s help.
It was even the subject of a short-lived Saturday morning cartoon. I only watched it once or twice. It turns out it’s not easy to make engaging stories about a six-sided puzzle. There were tons of cheap knockoffs out there too, but unlike the knockoffs of today which are generally regarded as better, the 1980s knockoffs were generally worse. After a year or three, the craze died down. We moved in 1983, and I don’t remember anyone in our new town talking about Rubik’s Cube. Mine ended up in a drawer. I’ve looked for it a few times over the years, but never found it. Read more
In a well publicized incident that happened earlier this month, someone who wrote a bad review on Amazon about a cheap router got threatened with a lawsuit by the router’s distributor, Mediabridge. Amazon retaliated by banning the distributor from selling on Amazon. But unfortunately, this means we have to think about how to write reviews without getting sued.
By the time this happened, the review was no longer on Amazon, so all I’ve heard about the review is secondhand. Ars Technica published this guide to writing reviews without getting sued (link removed in retaliation for Conde Nast’s 11/3/2025 layoffs–sorry not sorry) and I think it’s good advice, but of course, having written dozens, if not hundreds of reviews myself, I feel inclined to elaborate. I actually value online reviews by people who bought the product and tried to use it. I value them a lot, so I want people to write reviews, and not be afraid to do it. And since I went to school for this stuff, hopefully I can say something helpful. Read more
We’ve had a pair of Magellan 1420 GPSs for several years, but they’ve grown very unreliable. I suspect they have some bad capacitors in them, but I hear a lot of complaints about Magellan hardware quality even today. Recently I was able to buy a couple of 3.5-inch Garmin units for less than $20 apiece. I prefer the Magellan user interface–I think it’s easier to learn and easier to use–but for that kind of money, we’ll learn to use the Garmins. And I’ll note these Garmins are every bit as old as our Magellans, but have held up fine. Read more
Neocities has decided to do something about Net Neutrality–shunt the FCC into the slow lane, and post the code for doing it so the rest of us who run web sites can do it too. The original was written for Nginx; I need to give serious thought to implementing the Apache version.
Net neutrality has nothing to do with the political bent of the content–the people you may hear talking about it on the radio are wrong, which is why they’re yakking on the radio and aren’t working at ISPs or IT departments–and everything to do about raising prices. What we’re seeing now is telecommunications companies, who are already ultra-profitable, gouging companies like Netflix. And Netflix is doing exactly what a company that suddenly has to pay new taxes would do–raising prices.
The difference is that it’s old-line companies doing the taxing in this case rather than a government. That’s all.
The other objection I hear is that lots of innovation happened on the Internet without regulation, so why regulate now? The difference is that the environment in the late 1990s, when the seeds of all of this were planted and started to sprout, was very different. Back then we had hundreds of ISPs, all of whom participated in building out what we have now. None of them wanted to charge both subscribers and content providers, and none of them could have anyway. If Earthlink had tried to shake down Ebay and Amazon and make them slow, people would have switched to someone else–one of any number of regional providers, or equivalent services run by companies like IBM and the old AT&T (prior to its re-merger with Southwestern Bell). Today, many people live in areas only serviced by one broadband provider. Most people have two, but that’s not like the old days.
If I could have anything, I’d like more competition. I’d love it if the average U.S. citizen had a choice of a dozen or so broadband providers. Then we could have a truly free market. Instead, we have duopolies, a situation much like the situation with electricity and natural gas in most municipalities, and broadband providers face far less regulation than power companies do, even though as they grow in importance.
On Tuesday, Motorola announced the Moto E, a new low-end, $129 phone. Sporting a dual-core 1.2 GHz CPU, a single-core GPU, 1 GB of RAM, and a micro SD slot for expandability, it’s a modest phone for modest needs. It won’t be much good for gaming, but it’ll be a nice upgrade over my aging Samsung Galaxy S 4G, and I can take it to T-Mobile, where I have an unsubsidized, bring-your-own-phone plan. Not having a subsidized phone plan saves me about $100 per year, which pays for the phone. When the phone dies, I’ll buy whatever’s available at a comparable price then, which will be better than the most expensive phone on the market right now. There wasn’t anything out there like the Moto E in 2011 when I bought the SGS4G.
I’m probably the kind of person Motorola had in mind for this phone. I use my smartphone but I don’t live on it. I use it to check e-mail, occasionally look something up on the web, use it to download and listen to podcasts, and I have a few apps loaded on it to take advantage of having a dual-core computer in my pocket, but I don’t game or use social media on it. I also don’t use my phone as a status symbol. Give me two cores and a gig of RAM, and I can do everything I need or want to do.
I’ve been tempted by several of Blu’s supercheap phones, but their 512 MB of RAM was a dealbreaker. This costs $40 more than the Blu Advance I’d been eyeing, but to my mind it’s worth it. It ships with 1 GB of RAM, which is more usable, and Android 4.4, which is better suited to the Blu Advance’s skimpy memory than the OS Blu ships with it. Plus it’s guaranteed to get at least one update from Motorola. On top of that, Motorola ships its phones with a better screen and more durable build quality than Blu does. And, given Motorola’s storied past, the Motorola name is worth at least something to me.
I’m also sure the phone will sell well enough to get an aftermarket following, to extend its life even further by delivering future Android releases to it. The Moto G has good aftermarket ROM support, so I would expect the Moto E to follow.
The U.S. release date is June 3. I have better things to do than wait outside for a store to open to get one on that day, but I may very well get one sometime in June.
“Oh, so you think you’re Mr. Genius Man,” the crackly voice said, drowned out by static caused by his cheap VOIP connection. “Enjoy your broken computer, Mr. Genius Man. Goodbye, Mr. Genius Man.”
So ended 23 minutes of my life that I’ll never get back, but I figure it’s 23 minutes he wasn’t spending scamming someone else. I don’t do it often, but my kids were playing nicely and we were all in the same room, so I guess I don’t regret it too much. Read more
Last month, Rapid7’s Trey Ford appealed to security professionals:
You have an opportunity to be an ambassador. When you see XP out there, have an adult conversation, educate in terms that others will appreciate. Your actions and words reflect on the entire community.
As the family CIO/CSO – look for the smart investment. There are options that will make your life easier. A small investment is a lot easier to stomach than compromised shopping/banking/credit card credentials (or identity theft.)
My employer has me doing some very gray-hat work that I don’t want to describe in detail, because the information has a tremendous potential for misuse. But suffice it to say I’ve been trying to send data places the data shouldn’t go, and I tried to do it by going all 1987 on it by compressing the data with obsolete compression programs. Ever heard of security by obscurity? I was trying to bypass security by using obscurity. In the process, I learned why PKZIP won the compression wars.