Killer clowns and silver linings

Seems killer clowns (or the fear thereof) have significantly reduced the number of trick-or-treaters on the streets tonight – certainly round our way.

Usually on Halloween, our little street is full of the horrid little goblins, with their hands out demanding sweets or money. Last year parents were actually ferrying their porcine little horrors down here in huge people movers, from surrounding council estates, under the illusion that pickings would be richer round here. While the parents sat in their vans smoking a fag, of course.

Whereas this year I saw just one very orderly child escorted by both parents at the beginning of the evening. They looked more more like they were off to a party than knocking on doors bothering people. And the family next door walked down the road a few minutes ago to another family’s place, dressed up a bit – but very, very quiet. And again, accompanied by both parents.

All-in all it’s been the most pleasant Halloween for decades. So that’s three-cheers for the killer clowns as far as I am concerned – even if most of the ensuing hysteria was made-up and hyped-up by the popular press. What was it like round your way?

RIP Truecrypt?

Anyone who is interested in IT security and hasn’t been in Antartica with their head stuck in a bucket of tar, cannot fail to have heard of the demise of Truecrypt encryption software.

Being a fairly pragmatic sort of goose, I decided to forget the conspiracy theories for now, and to try find a way out of this mess instead. So here are some recent developments and fact(oid)s that you may wish to have a gander at…

1) A site has been set up in Switzerland to continue the Truecrypt project. Earlier (and most-likely unaffected) versions of Truecrypt are available there for all major operating systems:-

2) The above site has also placed all the Truecrypt source code in a publicly accessible, and freely copyable repository called Github:-

3) There are other projects that have been working on Truecrypt-compatible alternatives for some time. One such project is TCPlay. TCPlay and its associated libraries are in most GNU/Linux and BSD repositories. Whilst is a CLI-only utility, it will create, encrypt and decrypt Truecrypt volumes.

4) Users of Debian-based GNU/Linuxes, such as Ubuntu, Kubuntu, Mint etc. can get TCPlay by opening a terminal window and typing the following command and hitting the return key:-

sudo apt-get install tcplay

5) For those who need a GUI version of TCPlay, one such application is under development, called ZuluCrypt:-

Please note that ZuluCrypt has some usability shortcomings that the developer is currently fixing. And it also currently requires you to compile the executable binary from source. However, expect to see pre-compiled binaries c/w many bugfixes for various GNU/Linux distros in the next few months.

6) Also expect to see most encryption projects concentrating on GNU/Linux and/or BSD first, before they are ported to Windows. There seems a general consensus in the infosec community that people who are serious about security do not use Microsoft Windows.

7) Finally, and this is important: there is currently NO evidence that earlier versions of Truecrypt have been affected. The advice to users is continue with an old version until this mess is sorted out. Moving all your stuff to another encryption methodology, in a wild panic, is probably the worst thing you could do.

PS. for any Truecrypt users who could not be arsed to read any of the above, please at least read this:-

Steve Gibson is a pretty clued-up guy and it’s good to see a little common sense amidst all the hysteria and conspiracy theory.

HTH. G

Farewell Maggie

News has just come in that The Rt Hon Margaret Thatcher, former prime minister has finally shuffled off this mortal coil at the grand old age of 87. I’ll leave it to others to comment on whether her time at the top was a complete disaster or not.

I just have this lingering image of the old girl stamping her foot outside the Pearly Gates, arguing most forcefully with St Peter that she is only prepared to enter the Kingdom of Heaven, providing God promises to do what he’s told.

Meanwhile a choir of angels on the other side of the gates are chanting “Maggie, Maggie, Maggie, Out! Out! Out!

http://www.guardian.co.uk/politics/2013/apr/08/margaret-thatcher-dies-aged-87

Honk! Honk! 😉

London 2012 Olympic fiasco

The London Olympics is set to be a cock-up of Olympic proportions. It is already many times over budget. The Government promised it would cost us £2.4 billion GBP. It has already cost £6.4 billion GBP more than that!

http://www.dailymail.co.uk/news/article-2159050/London-2012-Olympics-just-6-4bn-budget.html

The railway workers and border guards are going on strike. The “Olympic” traffic lanes on London’s narrow streets and discontinuous urban motorways will bring the rest of the capital’s traffic to a standstill. Half the staff working for G4S (formerly Group 4 Securicor) the company in charge of what they laughingly describe as “security”, have failed to turn up for work!

http://www.bbc.co.uk/news/uk-18837524

Meantime, the army is mounting surface to air missiles on the top of residential blocks – though exactly what they intend to do with them is anybody’s guess. As comedian Groucho Marx once quipped, “Military intelligence is a contradiction in terms”

http://www.telegraph.co.uk/sport/olympics/9373177/London-2012-Olympics-Government-confirms-use-of-surface-to-air-missiles.html

And the guy organising the whole sad and sorry fiasco, a dumb-assed, jumped-up PE-teacher type called Sebastian Coe who cannot tell his arse from his elbow. At one time he was quite a good runner. These days he is called “Lord Coe”, and spends his time swanning about with the Olympic elite in big limousines on their specially reserved traffic lanes, all at our expense, of course.

Meanwhile the IOC is trying to kid us that the Olympics will leave us Brits with some great sporting legacy. In reality this will be a crappy stadium that will eventually be turned into a football pitch, once the legal wrangling is over, and a 100 metre-tall lump of scrap metal that is no use for anything.

Worst of all, we’ll have yet another massive debt, to add to that already shouldered by the taxpayer, thanks to the as-yet-unpunished criminal activities of the banksters at RBS etc.

All this so we can watch the only Brit who wins anything score a bronze with his air rifle. What a disgusting waste of valuable resources.

Honk! Honk! 🙂

Murdoch kills the News of the Screws

At around 15:30 UTC today, James Murdoch, Chairman of News International and son of the wrinkly media mogul Rupert, announced that the troubled News of the World newspaper will close.  The final edition will roll off the presses on Sunday 2011-07-10. Seems that mounting pubic anger, coupled with many big advertisers including Ford and Orange withdrawing their advertising, meant that the 168 year old newspaper had to go.

Thus 250 people, many of whom were not even employed by the paper when the hacking took place, get the sack. Meanwhile, Rebekah Brooks, the woman who was in charge at the time keeps her job as News International’s Chief Executive.

So why does the person in charge keep her job, when hundreds of innocent workers lose theirs? Why is Rebekah saved, while Andy Coulson, another Screws editor who permitted rampant phone hacking on his watch, gets thrown to the wolves? Or, as Kevin Maguire, associate editor of the Daily Mirror put it earlier today, “…astonishing that 168 years of history had been wiped out but that Rebekah Brooks is still there.

One can only conclude, as I did in my last post, that the “Slapper” knows where all the proverbial bodies are buried.

Also, was closing Britain’s oldest newspaper paper really such a sacrifice for the Dirty Digger? Well no. As with anything involving Murdoch, there is another agenda at play here that may not be immediately obvious.  Seems that Murdoch wanted to rationalise things at Fortress Wapping (the newspaper plant) anyway. Moreover, there were already plans in place to run a 7 day week for his daily gutter rag, The Sun. In fact The Guardian covered that development, over a week ago:-

Further proof of Murdoch’s intention may be found by undertaking a simple lookup on the new domain. For those of you with access to a Unix terminal, type:-

whois thesunonsunday.com

Seems this domain was registered 2011-07-05,  two days before the closure was announced. The domain’s owner is anonymised.

Good ol’ Rupe certainly knows how to make a virtue out of necessity, doesn’t he?

Honk Honk! 😉

PS. If you fancy a good roll in the gutter, then you’ll probably find The Slapper ‘s Wikipedia entry rather entertaining :-

Why Rupert won’t dump Rebekah

I’d like share a few goosy thoughts on the News of the Screws World phone hacking scandal, that seems to have gripped our green and pleasant land.

Former Screws editor Rebekah Brooks is an ambitious, clever and thoroughly ruthless woman. As many commentators have already observed, it is highly unlikely that anything of any significance occurred on her watch without her knowledge. So why doesn’t Murdoch simply throw the lovely Ms Brooks to the wolves? We’re led to believe that it is because the lack of unity would mess up his BSkyB deal.

However, recent allegations regarding the activities of the the wrinkly media mogul’s offspring, James Murdoch, suggest to me that there may be another reason. What if the Murdoch family itself has a far greater involvement this catalogue of evil than we have been led believe?

Put bluntly, if Rupert dumps Rebekah, then she would squeal like a stuck pig. Remember, she’s smart, spiteful and has absolutely no morals at all. Also bear in mind that she was a competent tabloid journalist. Therefore, she probably has enough dirt on both Murdochs Jr and Sr to have the pair thrown in the slammer, if they were foolish enough to upset her.

Hell hath no fury and all that. Honk! Honk!

The baffling Stuxnet saga

2011-01-16, The New York Times added its weight to claims that the USA and Israel were responsible for the notorious recent Stuxnet computer worm attack on Iranian nuclear centrifuges. Amongst many other claims, it said:

The virus was designed as an American-Israeli project to sabotage the Iranian program.

http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html

But closer inspection of the Stuxnet saga indicates a story with some gaping holes and anomalies. Some of the issues that puzzle me include…

1. Why did Iran, a sworn enemy of the United States, base its nuclear energy programme around a proprietary American operating system? If I were using an enemy’s software product to build a highly contentious and vulnerable plant, I would at least want to inspect its source code for malware & possible back-doors.

2. MS Windows is not renowned for security at the best of times. Who in their right mind would use it for a controlling a Nuclear power plant? Kinda puts a whole new spin on the expression “blue screen of death” doesn’t it?

3. Why did Siemens (the manufacturer of the plant controller software) hard-code the system password? And then tell its users never to change it?

4. Anyone noticed how quiet Microsoft is regarding this matter? And why did Microsoft allow one of the four serious vulnerabilities that were eventually exploited by Stuxnet, to go unfixed for over a year?

http://www.h-online.com/security/news/item/
Vulnerability-exploited-by-Stuxnet-
discovered-more-than-a-year-ago-1095797.html

5. If USA and/or Israeli Governments did create (or sponsor the creation of) Stuxnet, then I wonder if it occurred to its orchestrators that their own Windows-based systems could also be vulnerable? Whilst Iran has suffered the most, as of August 2010, 1.56% of Stuxnet strikes were in the USA!

http://j-j.co.za/?tag=stuxnet

6. Indeed, if the US and/or its allies have really initiated this attack, then, considering their dependence on MS operating systems, this could prove to be a deeply embarrassing and costly own goal. I wonder if the geniuses in the Pentagon have a name for it yet? “Friendly-cyberfire?” “Collateral-cyberdamage?” And what plans are in place to put right the damage?

To misquote Paul Daniels, I suspect, “Not a lot!

scutigera coleoptrata animation

So it seems to me that huge chunks of this story are missing. Since we can no longer believe a word that any Government says about anything, perhaps Mr Assange and his chums will dig up something they can share with us?

I can’t help feeling we need whistleblowers now, more than ever. Or as George Orwell rather aptly put it-

During times of universal deceit, telling the truth becomes a revolutionary act.

Honk! Honk!

Merry Wikileaks

A Yuletide pause for reflection

Much has been said in the popular press recently regarding Julian Assange and his notorious Wikileaks website. Three things strike me about the Wikileaks saga…

1. Our leaders’ total lack of integrity.

Wikileaks has verified what I have suspected for many years, namely that many of our politicians have four priorities:-

First priority for our leaders is pursuance of their own careers. Their second priority is the political party to which they belong. A very close third come the big corporations, upon whom these political parties depend for their funding. Finally, last and very much least, come the poor schmucks who vote for them and ultimately pay their wages.

Worse, the above rule-of-thumb applies to our relatively honest politicians. The dodgier specimens, (e.g. Bush, Blair, Cheney, et al), are even more disgusting and worthless. Seems these scum-sucking lowlifes are happy simply to grab as much taxpayers’ money as possible and squander it on stupid wars and/or to line their own pockets. They don’t care how many people die, or how much of our money they waste in the process.

2. Covering up is more important than reform.

As a result of those very damning revelations from the pages of Wikileaks,  the planet’s political class is now striving very hard indeed to find more effective ways to cover up its lies and evil doings. However, I feel it is much more significant, not to mention depressing, that not one of our “leaders” seems in the least bit interested in the concept of better governance. Perhaps if our politicians genuinely cared about honest and open government, then there would be less to cover up in the first place?

3.The “Special Relationship” scam.

Any nation that considers itself to have a “special relationship” with the United States should urgently reconsider its position. Old Blighty in particular, please take note!

Honk! Honk! and Merry Christmas.

Will someone please sue Adobe?

Adobe has skilfully engineered itself into a monopoly position. Now it is doing what all monopolies tend to do in this situation, namely ignore the needs of its customers. If we want (or need) to use Flash sites, then we are forced to use Adobe’s products, whether we like it or not. Therefore, why should Adobe care if its products fail to keep pace with our needs?

And it’s not just Adobe’s laughably rotten security that is the problem. Fact is that 64-bit operating systems have been publicly available for many years. Yet Adobe has chronically failed to deliver a 64-bit version of its Flash reading software. Instead, we have been forced to make-do with a variety of 32>64-bit so-called “compatibility layers”. These are lash-ups that are supposed to make 32-bit Flash work on 64-bit operating systems. But as many users will bear testament, these ungainly hacks cause immense problems.

One particularly ungainly and unreliable hack is the “nspluginwrapper” for Linux, that allows 32-bit Flash to run within 64-bit Gecko browsers, such as Firefox, Seamonkey etc. Granted, “nsplugincrapper” does work most of the time, after a fashion. However, it also causes frequent browser crashes and for many people, this makes Flash on Linux virtually unusable.

Amidst much crowing from the laggards at Adobe, there is finally an alpha-test version of 64 bit Flash. However, currently, it is only available for Linux. Amazingly, installing it is relatively straightforward – much easer than the instructions would have you believe. In principle, you first need to remove all instances of Flash from your system. Then grab a copy of the latest 64 bit flash for Linux. Then extract the libflashplayer.so file (yes, just one file!) to the correct location in your home folder, usually: ~/.mozilla/plugins/libflashplayer.so

Linux users will observe this is a “user-based” solution. This means you can play/upgrade etc. without risking messing-up your entire system. Also means and you have just one file to kill if/when you want to get rid of it and you don’t need to be “root” in order to do so. You could even create a specific user just for using flash-enabled browsers, thus protecting the rest of your system against Adobe’s now infamous and plentiful security holes. After all, this aplha-test version may be new but there is no guarantee with regard to its security.

My experience is that the alpha-release, native, 64-bit flash for Linux is an improvement upon the old 32>64 bit bodge-ups. However, it is still far from stable. Sadly however, for 64-bit Mac & Windows users, seems you have no choice at all. You just have to put up with whatever 32-bit rubbish Adobe throws at you, or go without!

Therefore, I sincerely hope that some right-minded individuals in the US do the rest of the planet a huge favour and file a class-action against Adobe. Adobe has behaved quite disgracefully in this matter. So like many of Adobe’s hapless customers, I would welcome any legal challenge that forced Adobe to release all its Flash source code under a General Public License, or similar. That would mean that other companies, as well as open source projects such as SWFDec and Gnash, would be able to offer rival products that actually worked properly!

I don’t know if anyone has visited Adobe’s website lately? Suffice it to say I think the company should change its name to “Excuses’R’Us. Thus confirming my view that a little healthy competition might persuade Adobe to spend less time providing excuses and more time providing solutions?

Honk! Honk! 🙂

Police officers seize high-powered sports car – then crash it into garden wall

We’ve seen some pretty uninspiring performances from our boys-in-blue over the years. But this one takes the proverbial cake.

Seems that on 2010-09-03 at around 01:15 UTC, two officers from the Manchester force stopped and arrested a suspected drunk driver and confiscated his sports car. Whilst waiting for the tow truck to collect the vehicle, these clowns-in-uniform then decided to take it for a joyride. Shortly after climbing into the vehicle, a powerful Mitsubishi Evo 8, they slammed it into a garden wall in a quiet residential district called Trafford.

The street in which the incident took place has a 30 mph | 50 km/h speed limit – not that there is much evidence of this when you study the video of the wrecked car! Apparently, Chief Supt Mark Roberts, divisional commander for Trafford, told the Manchester Evening News, I can assure the local community that this incident will be rigorously investigated.”

http://menmedia.co.uk/manchestereveningnews/news/s/
1315935_police_officers_seize_highpowered_sports_car
__then_crash_it_into_garden_wall

Now, after the matter has been rigorously covered up investigated, I wonder what Mr Roberts’ report will look like? Something like this perhaps…

The brave and conscientious officers were proceeding with great care along Hale Road at 29 mph when a delightful fluffy little kitten suddenly ran into the road. This caused the officer to swerve and clip the curb at just the wrong angle.

By a strange freak of nature, this caused the vehicle to leap into the air and spin round several times, mid-air. This resulted in a rapid increase in velocity, thus providing sufficient kinetic energy to completely demolish the brick wall on impact. Also, the wall was very badly built.

The vehicle was a Mitsubishi Evo. This is a Japanese vehicle. This means it was designed for little slitty-eyed people. Therefore, it was inadequately sized for a pair of well-built British police officers. These are men who have diligently endured a lifetime of stuffing their faces with double portions of fish & chips with sausages-in-batter, mushy peas and gravy, whilst on duty.

However, the colour of the vehicle may have contributed towards the accident. The yellow street-lights may have dangerously reflected off the yellow paintwork, which may have temporarily blinded the officer driving the vehicle, possibly.

We also note that the car was poorly maintained and had not been washed for almost a week. There were also traces of ash in the ashtray and a sweet wrapper on the floor.

Most importantly, the utterly wrecked state of the vehicle does not constitute evidence that my officers were doing 140 mph in a 30 mph zone. The vehicle is made of very thin metal and therefore it dents very easily. Besides, considering the combined weight of the two officers, it is unlikely the vehicle could ever have reached its top speed anyway.

Unfortunately, the enquiry has been unable to determine exactly which officer was driving because they both suffered a loss of memory due to the accident. Therefore neither of the officers concerned can be prosecuted.

Consequently, the vehicle’s owner will not be entitled to compensation. Moreover, the owner may face the very serious charge of “failure to provide a police officer with a decent vehicle to go joyriding in.”

Meantime, the home-owner, upon whose property the vehicle finally came to rest, and whose garden wall was demolished in the incident, has also made a claim for compensation. However his claim has also been dismissed and he now faces charges of “having a very untidy garden, in a fairly posh area” and “wasting police time“.

Honk! Honk! 😉