Commemorating twelve hours since our last open thread. Talk amongst yourselves.
Reader Interactions
62Comments
Comments are closed.
by Tim F| 62 Comments
This post is in: Open Threads
Commemorating twelve hours since our last open thread. Talk amongst yourselves.
Comments are closed.
beltane
It’s cold and getting colder. No sign of it ever ending.
ranchandsyrup
quick post on Norm Macdonald’s twitter essay regarding SNL 40, Celebrity Jeopardy history and Eddie Murphy.
muddy
@beltane: WCAX at noon said it might rain on Sunday briefly, before the temp bottoms out again. Oh sweet! I don’t plan to leave the house tomorrow or Monday.
Bobby B.
@ranchandsyrup: In southern OR it’s getting chilly, almost down to 60 degrees!
I thought Will Farrell was the Jeopardy guy.
beltane
@muddy: And I was just telling my husband that we’ve at least been spared ice this winter.
ranchandsyrup
@Bobby B.: norm mcdonald brought the idea for the skit over from SCTV (and others) and used to write for a lot of it and play Burt Reynolds.
Yes, Ferrell played Trebek.
Karen in GA
Iggy, confused.
Might have more winter weather headed into north Georgia, so I just signed up for an Adobe Lightroom introduction class taking place on Saturday morning in Gainesville. Optimistic, ain’t I?
JPL
@Karen in GA: You should be okay. As long as it’s sunny, Finch loves going outside. I wouldn’t let him stay for long.
BethanyAnne
If you have a recent Lenovo machine, odds are high that its security has been compromised. See here for a roundup: http://www.metafilter.com/147168/Superfish-superinsecure
Short, geeky version: Lenovo installed their own root certificate and adware that takes advantage of it. This root cert has been cracked, and https is not secure on those machines. Just removing the adware isn’t enough; it leaves the cracked cert in place.
muddy
@beltane: Oh thanks, it’s probably your fault then! I hope we don’t get an ice crust, safety/electric aside it might let my dogs step right over the fence the snow is so damned high.
It’s been so cold this year there were times the propane wouldn’t flow. I don’t guess it’s any worse than how it used to be in the 80’s but I am just not used to it anymore.
Karen in GA
@BethanyAnne: Oh, good. So glad I got a Lenovo laptop back in November.
Facepalm, headdesk, etc.
Yatsuno
Other than processing a $350K cheque and basically telling a guy he’s ungestuppt? Not too much. I do wish it was Friday though…
FlyingToaster
It’s snowing again in the Hub. I just got back from Party City in Brighton, and there’s a 12 foot plow wall in front of the shopping area (Staples, Party City, California Closets, Starbucks), with two narrow driveways and it’s taking your life into your hands to turn left out of either of them onto Soldier’s Field Extension. Or you can take the unplowed back driveway to go west, which was plenty exciting. All of this in the blowing snow.
We’re supposed to go to a birthday party in Burlington on Sunday, during the Snow/Mix/Freezing Rain/Rain/Freezing Rain/Mix/Snow event. And it’s supposed to drop from ~40° to about 0° on Monday. Our school is doing make-up PT meetings that day, so there’s a reasonable chance that by Tuesday start of classes the parking lot and driveway and roof will be cleared off.
When I put my minivan into the shop the third week of May, I’m renting a car for a week. Mine’s gonna need a lot of work.
Doug r
@BethanyAnne: Lenovo is a Chinese company. Based on rumors I’ve heard ’round the internets, that may be a “feature” and not a bug.
Pee Cee
@BethanyAnne:
I love my Thinkpads, but I’ve hated the preinstalled software back since the IBM days. I’ve gotten into the habit of installing a clean OS whenever I get a new laptop, even if it is time-consuming.
This is a pretty good justification for the effort of installing a clean OS …
kindness
Where’s Charles Pierce been?
Tree With Water
@Yatsuno: There are a lot of places in America where calling someone an ungashtupt will get a person punched in the mouth (a Catskills resort, for example). Great word, though.
Amir Khalid
@BethanyAnne:
There’s an update at that link says Lenovo only installed Superfish between October and December 2014. If so, then my Lenovo laptop, purchased in 2012, is safe. And so is my Lenovo smartphone.
kindness
Shit. I’d been pulling up the same page for Pierce since Tuesday. After I post the above I go over and see a whole bunch of stuff I hadn’t gotten. WTF? Damn intertubes and I can’t even blame Lenovo.
FlyingToaster
@kindness: He posted at 1:40 pm.
And his office is in Watertown Square. Where the front loaders finally started taking the 10′ snow mountains off the sidewalks last night.
trollhattan
LGM has been having fun with some Cato Institute butthurt that Tigerbeat on the Potomac published a Cato email solicitation (target=Obamacare!) . For one thing, they object to the “right-leaning” description. Uh, guys, if your right ear is pressed against carpet you’re no longer merely “leaning.”
BethanyAnne
@Amir Khalid: Here’s a more detailed breakdown:
Is there a way to tell by model if your computer is likely affected?
From Lenovo:
Superfish may have appeared on these models on products shipped between September and December of 2014:
G Series: G410, G510, G710, G40-70, G50-70, G40-30, G50-30, G40-45, G50-45
U Series: U330P, U430P, U330Touch, U430Touch, U530Touch
Y Series: Y430P, Y40-70, Y50-70
Z Series: Z40-75, Z50-75, Z40-70, Z50-70
S Series: S310, S410, S40-70, S415, S415Touch, S20-30, S20-30Touch
Flex Series: Flex2 14D, Flex2 15D, Flex2 14, Flex2 15, Flex2 14(BTM), Flex2 15(BTM), Flex 10
MIIX Series: MIIX2-8, MIIX2-10, MIIX2-11
YOGA Series: YOGA2Pro-13, YOGA2-13, YOGA2-11BTM, YOGA2-11HSW
E Series: E10-30
This is what they are currently claiming, YMMV. And it looks like Firefox isn’t affected.
Bethany
Roger Moore
@BethanyAnne:
Which apparently wasn’t hard, because the harebrained scheme they used involved putting the private key on every computer. The whole thing was obviously designed by somebody with no knowledge of, or respect for, security.
trollhattan
Test, the 2nding.
Okay, now looks like I’ve blasted many comments into moderation for some FYWP reason or other.
My apologies to the BJ cleaning staff.
BethanyAnne
@Roger Moore: And I should say that my own security knowledge is … patchy. I do user experience and information architecture, not security or networking. So, on lots of this stuff, I just have to find sources I trust, and try to link to them.
jl
@kindness:
” Where’s Charles Pierce been? ”
Besides the snow, maybe he is having trouble keeping up with the rightwing crazy.
Multiple memos seem to have gone out to commit maximum crazy on all fronts.
Man, that leftwing PC is a the really big problem, ain’t it?
I can’t keep track of all the intricate linguistic rules I am supposed to follow in discussing current events in order to know, be sure, that I really love America and am Patriotic in my heart.
I read a piece with documentary evidence that bin Laden was worried that the quisling Obama and American Hating DemocRAT approach was very damaging to violent Islamic extremist movements, and wondering how to get his bunch of murderous wackos to simultaniously both lay off killing too many innocent Muslims and ramp up aggressive religious war talk from US and other Great Satans.
Edit: Did bin Laden ever read the tale about the mice trying to bell the cat. From what I read, the answer would be no.
I’ll have to go look for the link. Anyway, refutations of current reactionary (and to be honest, viciously partisan) hate/crazy is always nearby and soon.
Steve in the ATL
@trollhattan: you mentioned Shiva Rea the other day. Apparently she’s famous in the yoga world these days. She and I were friends in middle school and both took tae Kwan do from Kang Rhee. You always knew when he was in the building because the pink Cadillac that Elvis gave him was parked out front. Things my friends in east memphis never experienced!
ThresherK
@ranchandsyrup: I was always an SCTV geek while my friends were about the more famous show.
Didn’t SCTV have “Hi Q” with Eugene Levy as “Alex Treble”?
Waiting for someone to top “Battle of the PBS Stars”.
jl
@trollhattan:
” right ear is pressed against carpet ”
Or, both ears are sewn into the backing?
ranchandsyrup
@trollhattan: but but we care about use of force and other police issues as a figleaf for our RW positions!
PlanetPundit (used to be Sir Laffs-a-Lot)
Since it was so long between threads, we should have had a Max Open Thread (hint, hint)
ranchandsyrup
@ThresherK: Yeah they did have Hi Q. loved that. lmao @ battle of the pbs stars.
justawriter
Aw crap
http://www.cnn.com/2015/02/19/living/feat-oliver-sacks-cancer-essay/
ThresherK
@ranchandsyrup: …and that’s because a boxing match between Julia Child and Fred Rogers was only about two millimeters sillier than the actual program on ABC.
PS As a self-professed “comedy nerd” I love Norm MacDonald, and one find is this “genius at work” items I’ve assembled from his Twitter feed:
(Thanks for the link. I hardly ever read Twitter otherwise.
Roger Moore
@BethanyAnne:
I saw something about it on Slashdot and LWN. As I understand it, the software is supposed to let them insert ads into web pages. To enable them to continue that even for secure pages, they installed a fake root certificate, i.e. one that claims to be a high-level security authority that can sign any security certificate. The program can then do a man-in-the-middle attack, where it intercepts and modifies the web pages without you realizing it, since your browser believes that the pages have been encrypted by the site you connected to.
For that to work for any site, though, they have to be able to fake the security certificates on the fly. That means they need to include the signing key in the program, and the jackasses who wrote it used the same signing key for every computer. That means anyone who can extract the signing key from the program can pull the same trick on every computer that has the fake certificate installed. Since somebody has successfully extracted the key and posted it online, those computers now have completely hosed security. I assume some clever person will use it to create fake Windows Updates that will completely take over the computers. It’s a security hole so big you can drive a truck through it.
Joel
Baby steps.
trollhattan
@Steve in the ATL:
Daggonit, that’s some interesting crossed paths.
Playing three-degrees of Elvis, a friend who worked at Harrah’s Tahoe in the ’70s got to meet numerous celebrities, including the rat pack and Elvis himself. Played pool with him once and couldn’t help but notice the derringer under his coat sleeve.
His favorite celeb was Sammy Davis, who would throw parties for the staff and hang out with them.
Tommy
@trollhattan: Generally speaking I don’t like rich and/or famous people. But Sammy. I think I could spend an afternoon with the man. If I could get Miles Davis in the same room, we might have a party going on :).
Sister Rail Gun of Warm Humanitarianism
@Karen in GA: I’m really starting to wonder if the Ally Bank people I’ve been dealing with for the last hour are having the same problem as Iggy.
ranchandsyrup
@ThresherK: loved that part as well. Cheers man.
? Martin
If you guys think the Lenovo story is bad, keep an eye on this one.
Remember when the SecurID keys were stolen?
The detail in this story is a little bit too incredible, but it might also explain why the feds have been giving Apple a bit more of a hard time with their end-to-end encryption. They may not rely on 3rd party encryption hardware since they design their own silicon, and they don’t rely on the secure element in the SIM for encryption, they have their own designed secure element inside the Ax chips themselves.
Tommy
@ThresherK: I am not much of a Twitter guy. But followed your link to his feed. His last Tweet is this:
That is a good.
a hip hop artist from Idaho (fka Bella Q)
@Karen in GA: Thanks! I love to read Iggy.
Suzanne
So Luna seems to be doing better today, and she is putting some weight on that right rear foot. She’s still limping a bit, but she definitely has improved. I wonder if she sprained her ankle or something. I still am planning to get her in to the vet, but at least now it’s not an emergency.
lamh36
alright, so of you old foagies here at BJ watch my new favorite show, and the ratings. defying juggaurnaut that is Empire on Fox, starring Terrence Howard and Taraji P Henson as Lucious and “Cookie” Lyons?
the show is killing the ratings like gangbusters. I know all my peeps are watching it, and now, apparently, Rush Limpaballs has talked about liking it on his radio show, I’ve noticed a much more RWNJ crowd of commenters on the Entertainment blogs coming out of the woodwork. And of course, where RWNJ come, more racism and bigotry follows…ugh. it’s like a bat signal I guess.
Calouste
@Roger Moore:
And approved of by people with no knowledge of, or respect for, security. Which for a company that gets a large part of its sales from enterprise contracts is a pretty big PR disaster.
bemused
I may be the only fan of Downton Abbey to miss this but I just learned that Elizabeth McGovern has a band, Sadie and the Hotheads which toured last fall. Another DA connection is that Michelle Dockery sang on one album.
PBS made a smart move putting on more Masterpiece Theatre series. I got hooked on Doc Martin due to that. The problem is that I stumbled into these series middle of first seasons and had to get the dvds to catch up.
Roger Moore
@? Martin:
I find that surprising, because the security on GSM is supposed to be so miserable it might as well not even be there. If private hackers have already cracked the security, I would assume that serious spy agencies must have broken it long before that.
As far as Apple and its encryption, that appears to be about encryption of the phone contents, not of the transmissions. That shouldn’t have anything to do with the SIM, since the phone still needs to work even if the SIM is replaced.
lurker dean
@lamh36: love empire! cookie, among others (like jamal), is killing it. i was lmao at her “fake ass lena horne” comment. so glad taraji landed on her feet after person of interest, we hated that she got killed off. i’ve read various recaps but i’m afraid to wade into the cesspool of comments, i don’t want to ruin a good experience. it’s taken a few weeks but drip drop has finally faded as an ear worm, lol.
trollhattan
ABC [A is for Australia, a country AND a continent…] sends people inside Fukushima so you don’t have to go yourself. One of the four reactors has had its fuel rods removed. The other three, well…”Entry to closed areas would lead to instant death”
We can do this with robots! First, we have to invent the robots.
Four years have passed. Not only will they be dealing this the rest of our collective lives, those of our kids and grandkids.
Mike in NC
@lamh36: Empire is one of our favorite new shows, starring the always outstanding Terrence Howard. I missed last week’s episode and my wife deleted it from our DVR before I could watch it. When is somebody going to invent a DVR with unlimited storage capacity?
trollhattan
@Mike in NC:
If I thought I could get away with it, I’d stuff a 4TB drive in that thing. Never. Enough. Room.
Confess I was one who mocked TIVO when it was introduced. “Why would anybody want that?!?” Little did I realize….
Calouste
@trollhattan: If the radiation levels are so high that they lead to “instant death”, chips inside robots are not going to survive that long either. Building a robot that can withstand that kind of environment is going to be… interesting, considering that testing to those levels is going to be impossible.
Jerzy Russian
I just noticed that I have a “Jesus” and a “Mary” in each of my classes, but no “Joseph”. Now I will have to go back to see if I ever had all three of them together at once.
trollhattan
@Calouste:
Kind of what I was imagining (if way beyond my technical understanding). I know the military wants EMP-resistant electronics but I don’t think their stuff has to perform in unrelenting massive radiation. Hardware designed for space is probably a better model.
Maybe they can have tethered devices that keep the key electronics outside the exclusion zone? Dragging a cable behind would create its own problems. How about steampunk robots? “Sir, your drone needs more coal.”
Roger Moore
@Calouste:
I would assume they’d actually be making waldos rather than true robots, so there wouldn’t need to be much in the way of chips in the high radiation zone.
Karen in GA
@Sister Rail Gun of Warm Humanitarianism: I don’t know about that — Iggy got things figured out pretty quickly.
Karen in GA
@a hip hop artist from Idaho (fka Bella Q): No, thank you.
@Suzanne: Yay Luna!
? Martin
@Roger Moore: It has to do with Apple’s messaging services. They are end-to-end encrypted without using the SIM.
lurker dean
@Mike in NC: unlimited capacity would be nice. we had to add an external hard drive to our dvr to expand the capacity, we were always right at the limit. the external doubled the capacity so i think we’re good for awhile. yeah, we watch too much tv, lol.
? Martin
@Mike in NC: Many DVRs allow you to plug in an external USB drive. Pretty much all modern TiVos offer this. They also allow you to transfer shows to your PC.
Roger Moore
@? Martin:
Even there, it’s as much that they don’t have control over the strength of the encryption algorithm as anything. The reason I’m surprised they’ve bothered stealing the SIM information is because the European governments basically insisted on crippled encryption when the standard was set so they wouldn’t have to worry about stealing people’s keys. If somebody like Apple designs their own software, they’re much harder to influence than a big international standards body.
That said, trying to lean on Apple is a losing strategy. Yes, Apple’s software is going to be widely used, but there’s nothing to stop people who care deeply about encryption from writing their own apps, and good encryption libraries are available easily enough that those apps should be using good algorithms. There are even cryptosystems that have been designed without NSA input for the people who are paranoid about backdoors in AES.