Tuesday, July 31, 2007

Technorati Widget

Hmm, the grotesque JavaScript thingy at the bottom right, just above the archive. Supposed to be configured just to show "authority" (ha, ha - authority is not the same as "the number of sites that link to you") and the "tag cloud" as here:


In return, you get this (slightly modified) to embed:
[script src="http://widgets.technorati.com/t.js" type="text/javascript" charset="UTF-8"][/script]
[div class="tr_embed_t_js"]
[a href="http://technorati.com/blogs/www.surreptitiousevil.com?sub=tr_embed_t_js" class="tr_embed_arg_blog"]Blog Information[/a]
[a href="http://technorati.com/profile/surreptitiousevil?sub=tr_embed_t_js" class="tr_embed_arg_username"]Profile for surreptitiousevil[/a]
[/div]
Now, this clearly doesn't work 'cause you (and I) can see all of the "features", including the mess they have made of my little .gif.

So, either I can't click and cut and paste, or somebody at Technorati has goofed (or has smoked too much happy stuff and is channelling the "WordPerfect for Windows" programmers.) The widget will remain in its current techno-gulag until they fix it.

S-E

Monday, July 30, 2007

More Idiots

Why normal people should shut the eff up when their evil shoulder fairy tells them that they should talk about information security (emphasis mine):
In addition, he (RIM's Kevin Oerton) said, end users most often don't secure their Wi-Fi access points, which is what leads to problems. "That's why it's critical for the device all the way through to the BlackBerry Enterprise Server to provide triple AES encryption independent of whether the users set up Wi-Fi security at home."

Now, there is no such thing as triple AES - the previous official US standard crypto, DES, exists in several, still used, implementations collectively referred to as triple-DES ... In fact, Kevin even got it nearly right earlier in the piece when he referred to 256-bit AES (correctly, he should have said that BES offers a number of options for its end-to-end encryption, of which the most secure and recommended is 256-bit AES).

Now, looking at this, there are two completely separate points here. Blackberry Enterprise Server to Blackberry communications is protected by end-to-end encryption, therefore, despite Mr Arnold's (another non-security person opining) protestations, your email is not at increased risk.

However, and this depends on the way RIM have engineered the WLAN client engine (and your techies have configured it), not on your corporate WLAN itself - if you do web surfing over your Blackberry and it is configured to join open networks (like the stock XP and, to a lesser extent, OSX clients) you can find yourself joining untrusted networks unwittingly and, if things techy have not been set up properly, at a degree of risk. Just how much risk is difficult to abstract - the combinations of the web-sites and other IP-based applications the arbitrary "you" might use are too vast, as are the levels of user knowledge. The worst case scenario would be credential (username & password, or similar) capture (eg POP3 or unsecured web-site) or transparent HTTPS proxy (requires a bit of user dimness) via an "evil twin" type set-up. (Evil twin attacks work best on open, i.e. unencrypted, networks - if you have decent encryption set on your home or corporate WLAN, a pukka evil twin setup would require the attacker to know the key. If they have that info then you have other issues.)

On the other hand, if your corporate WLAN is set-up insecurely, then, to be honest, you shouldn't be worrying about your newest Blackberries, you have other things to worry about - and client devices (aka laptops) with a much worse attack surface (and tools readily available to attack them) .

Hat-tip to ISN. For the record, I have used Blackberry devices for three or four years now, and am currently using an 8100 "Pearl", which almost manages to be both a reasonable phone and a reasonable email device.

S-E

Apologies - having trouble with the English language today. Clearly, too much time spent in proximity to there.

Not exactly a surprise ...

Unless you are the USA, of course. Let me see, a brutalised illegal detention followed, for the chosen few, by a Stalin-esque show trial is was really a trial education programme designed to convince people of the truth of the American way?

Update: Even bloody Falconer managed to see that this acts as a 'recruiting agent'. Imaging what actually being in an orange jump-suit for three years would do.

Hat-tip, again, to Druss.

Saturday, July 28, 2007

Mild Digression

Why is the Red / Blue political labelling opposite in the US compared to the UK. Red = Republicans & Labour; Blue = Tories and Democrats.

Now, I know that it can trivially be suggested that the Cameroonies are to the left of the Dems on a large chunk of political real estate and that Bliar was so far up Shrub's butt that when he was needed for "Peace in Our Time", the smirking chimp needed surgery to have him removed ...

Still, the labelling predates our current bunches of wasters so, why?

S-E

Poacher turned ... Convict

Oh, the delicious irony (and the delicious beer or many next time I meet up with Dr Blythe.) He already owed me, anyway. Hat-tip to Druss.

From the BBC:
A university tutor who taught students about computer security and identity theft has been jailed for two years for identity fraud offences.

Eni Oyegoke, 28, held classes at the University of Glamorgan in Pontypridd after getting the job using a false passport.

You can see Eni's staff page here, the university online version now being rather bare (or, possibly, a 404 by the time you see this), the picture clearly not being that of any Nigerian gentleman. I would also note that despite his claiming a CISSP, the ISC2 certificate verification page returns a null result for his surname.

So, clearly, even the best of us can be caught out. And Andy and Iain are very good, particularly with the ongoing annual investigation into data recovery from hard disks bought on eBay, which purports to be particularly juicily embarrassing this year.

S-E

Society, clearly, is doomed

Goodness, a Lib-Dem councillor is "revealed" as a stripper and phone-sex operator. Better, I am sure, than being a pathetic work-shy imbecile (and far more use to, admittedly a limited portion of, society). So her colleagues quit. Apart from showing the depth of their loyalty to party and electorate, this is, as both Guido and the Reactionary Snob point out, hardly "liberal" of them.

Even the anti-porn extremists keep pointing out to us that it is all the fault of evil men, not of the women who perform the various roles in the spectrum from titillation to prostitution. However, that is entirely by the by, especially as nobody is (yet?) accusing Councillor Bushell of anything that may be considered on the louche side of legal. (Ed notes - I am sure YouTube may end up with some evidence on the matter, though - thinks "Stag Night" - that's "batchelor party" for those reading this in American.) And, it has to be said, a politician who actually works for a living is rare enough in these benighted isles that it should be encouraged. Small-business entrepreneur, and all that.

The question has to be asked, though - what vetting, exactly, did the Lib-Dems do? Did she submit a CV? Or, the link to her web-site?

  • We know what Zanu-Labour ask: "Are you an unprincipled bastard who can win us this seat? Oh, and do you have rich friends who can make a donation want a peerage can give us a loan?"
  • We know what the Tories ask: "Can you manage to lose this election in as embarrassing way as possible? Oh, and what house were you in at Eton?"
So, given that she was selected and elected, what did they ask her? At least one enquiring mind would really like to know. Was she recognised by one, some or all of the men (if there were any) on her interview panel? They clearly didn't admit it, possibly not even to themselves.

S-E

As an evil aside, are the MSM camped outside waiting to ask Councillor Bushell (Mel Loric, rather than Myrna Roseanne) his their opinion (Mel being one of those names) {see below} on the fuss?

Update: Thanks to Technorati ('cause I ain't going to read the tripe), I find this from the Daily Mail. Mel is a bloke and her husband (okay) but Myrna wasn't even a member of the Lib-Dims when she was elected (and may still not be). Farce ladled over farce.

Update 2: Hmm. What about Torridge District Council and their Lib-Dim Group? You'll notice that although the luscious Jessica aka Myrna is not part of this body, her three complainants still are. Bideford Town Council, although with its two wards - therefore not strictly a Parish Council, is closest to a Community Council oop-here, where overt party politics are strongly discouraged and strictly forbidden (and unremunerated, not even expenses.) They are, it has to be said, of none-too-much importance (due, almost entirely, to a lack of both spending power and administrative support. If you are only allowed to meet monthly, it is hard to respond collectively to planning applications within 14 days, to pick one example.) The District Council on the other hand, seems to be one of these them Unitary Authority things, with spending power, pay and endless opportunities for fanatical egotism. I wonder why Caroline, Tony and Simon haven't quit from here? Update 3, anyone?

Update 3: Okay. Tuppence ha'penny to them for consistency. Our three illiberal ex-liberals are now the "Group of Councillors that have not yet joined a Group" on Torridge Council. As this Council already has an "Independent Group" and "Non-Aligned Group", it seems to this simple soul that Devon has a veritable surfeit of people who just can't quite make up their minds.

Wednesday, July 25, 2007

Late as ever (but still read this)

While I was away, the ever excellent Dan Hardie rounded up a few bloggers to get something done about the plight of Iraqis who work for the British and other coalition forces and face appalling violence and murder directed against them and their families. Late, but better than never ...

Read about this here (and here, here, here, here and here. And even here, if you ignore the comments.)

Then go and have a look at this petition and, though it will make scant difference to the activities (or lack of) of the mendacious statists that rule us, please sign it.

S-E

While walking to work ...

Am in London, spreading discord and distress amongst the ruling classes :)

Walking down the Farringdon Road, I passed the offices of el Gruniad and noticed a couple of large posters covering the bottom windows. One read:

Owned by nobody. Free to say anything.


I thought, yes, exactly. Not "Free to report the truth", or "News without special interests" but "anything". As long as it is left-wing muddle-headed evidence-free tripe. And bedly mispulled.

S-E

Wednesday, July 18, 2007

Saturday, July 14, 2007

More Depressing Trivia

Or it might just be the disconnect between US political definitions and the real world. Via Martin:

Your Political Profile:

Overall: 60% Conservative, 40% Liberal

Social Issues: 50% Conservative, 50% Liberal

Personal Responsibility: 50% Conservative, 50% Liberal

Fiscal Issues: 100% Conservative, 0% Liberal

Ethics: 25% Conservative, 75% Liberal

Defense and Crime: 75% Conservative, 25% Liberal


At least I seem to be fiscally responsible :)

S-E

Friday, July 13, 2007

Killing The Cult of the Gentlemen Amateur

Being "en vacance" as it were, I have been reading, slightly outside of my regular comfort zone, a number of critical histories of France. Before I get anywhere near the point, can I recommend both Julian Jackson's "The Fall of France" which only suffers from having (the same) accolade from Max Hastings on front and back covers and Alistair Horne's "Friend or Foe: An Anglo-Saxon History of France". I will probably try to get hold of Jackson's follow-up, "France: The Dark Years, 1940-19944" once the posties stop striking :).

However, the thing that I had never really considered before (though, strictly, I did know this - that Napoleon was promoted General of Brigade in the Revolutionary Army), not having done much of the 18th Century in my dimly remembered history lessons, how little time elapsed between the settings of those two great literary heroes - Sir Percy Blakeney, gentleman par excellence and amateur, and Richard Sharpe - professional and proletarian. From 1789 where Sir Percy first meets Marguerite, to "Sharpe's Tiger" set in 1799 does not cover much time, although the change in social order with the arrival of the Industrial Revolution is significant (as portrayed in the Sharpe TV episode where he rebels against being the Militia officer 'enforcer-in-chief' for a north-English squire - I forget which one but Sharpe's brother was the 'enemy').

It is a pity that this cult cannot be resurrected for our political classes - the odd bit of experience outside of union officialdom (trade and university), law school, Party HQ and running for office would do the buggers the world of good.

S-E

Wednesday, July 11, 2007

Why?

Is this excellent blog now obsessed with being the anti-blog for this excellent blog? Unity, Dale is fallible, but he isn't Polly.

I must admit, however, for having to Google to find out who Denise (NSFW) actually was.

S-E

What is the role of the Royal Navy?

Now that's a dreadful question for an ex-matelot to be asking. Actually, it was worse earlier, it was going to be "What is the point ..." or "W(h)ither the Royal Navy". Dan, Alex and I have been having some discussion about what to do to improve UK Defence in general and the Army in particular, and I was poked into providing some view on the RN. I suspect you will be able to see the results on Dan's site at some point in the near future.

In a time where we have an Admiral appointed to the Home Office[1], apparently in charge of Security (although both his official bio and the Cabinet Office site on Ministerial portfolios are currently rather light on his actual responsiblities, it is probably time to readdress what the Navy does and should do (the two not being desperately strongly linked) for this country.

Now, the RN has a few issues at the moment - and has had others for some time. We are involved in two major conflicts minor peace-keeping operations, one of which is wholly inland and the other only (now, 'though I will cover trade and blockade a bit later) only peripherally involves them and not, it must be said, always to their benefit.

The RN, as it was a few years ago, was constructed (mostly) for the purpose of being a small part (although the second largets) of the fleet ensuring that the Reforger convoys would (mostly) reach Europe intact, in the event of a Warsaw Pact / NATO war across the Inner German Border. This is clearly, now, redundant, but with a warship life cycle of some 40+ years (initial design through to razor-blading of last of class), we still have a lot of that kit around. Our job was submarine hunting and our attack subs, including the new Astute Class, the Invincible class aircraft carriers "Through Deck Cruisers" fly-boys cocktail party venues, the Type 23 frigate (and the remaining Batch 3 22s) all come from that era. And the Type 42 and new Type 45 destroyers (destroyer, in modern parlance = "air defence") are there to protect these (possibly) fit-for-their-original-purpose-but-what-do-we-use-them-for-now ships.

So, what else does the RN do - well, actually, lots. Most of it important (although you may disagree on how much should be done by a military service). We provide the UK independent (and it is, unless we have a long-term break down of relations with the chimp's successors in interest) deterrent patrol, humanitarian aid throughout the world, power projection for UK interests (both national, protectorate and other - WIGS, the "West Indies Guardship" is a nice cruise though is regularly involved in serious aid work), the best maritime charting service in the world, aid to customs both in UK and international waters, and the floating (and Royal Marine) bits of the UK amphibious warfare capability. We generally just don't do it with kit properly designed for the various purposes (although, on the amphib side, at least, we seem to be getting there. It has also been nice to see the 4th manouevre unit for 3 Commando Brigade, though what 1 RIFLES would think if we actually sent them to see would probably not be too nice.)

So, what should we be doing? I have discussed this before. The first thing that needs to happen is that the Government need to come clean and set down a proper requirement for what they want the UK military, as a whole, to be able to achieve. Then they need to get the funding and the military procurement (and maintenance) systems sorted so that the necessary kit is available (due to major project life-cycles, this will take a ridiculous amount of time). Then they need to get recruiting and retention sorted so that we have the right people, properly trained and motivated (not worrying about the appalling accomodation their families are living in) to do the job - but that is all pan-defence. What about the Navy?

As I have said before, let's farm the budget (rather than the operation) of the deterrent out to a MOD-centre budget holder - say PUS or CDS. The order for launch already comes from the Prime Minister of the day rather than a military authority. Once we have that painful distortion of the naval budget cleared out, let's look at support for "Other Government Departments". Fishery Protection and support of HM Customs could go (or at least be paid for) by DEFRA and the Treasury.

What would that leave as core roles? Trade protection and embargo enforcement - you need ocean capable ships (but also small enough for operations in narrow-ish straits and coastal restricted waters) for this, but you don't need anti-ship or long-range anti-aircraft missiles. One of the problems in both Corporate / Falklands and Granby / 1st Gulf War was the relative paucity of gun armament on the newer ships. Littoral warfare - amphibous landing and landing support (including forward air power), as well as corvette-type patrol vessels. Anti-submarine - call me old fashioned but we are very good at this and it would be a shame to lose it. However, let's restrict it to our attack submarine capability, replacing the RAF's Nimbats with airframes that are younger than me, and some ASW capable aircraft for the new carriers. Mine hunting (and, as we keep picking on opponents with stocks of tethering mines, minesweeping) need to be brought back in to vogue. I would also retain the Hydrographic Office as an international centre of expertise - but that is probably another candidate for being transferred to an MOD-central budget.

What else do we need to sort. Well, naval procurement is a disaster. Not only is it subject to all the long term incompetence effecting large government projects (I am not sure that the MOD is much worse in general, say than, to pick one of many expensive disasters, the NHS IT Spin(e). However, the RN has problems that don't appear to effect the Army or, as much, the RAF. Ships need to be replaced, every 30 - 35 years: of the Type 22s, the first 2 of which were brand new for the Falklands, only the 4 Batch 3s are still in service. Therefore, they get sold off or razor-bladed and you rarely see much of the "we must keep" campaigning in the same way that the combining of the traditional Scottish regiments into the Royal Regiment of Scotland (regardless of the rights or wrongs of the actual decision) generated. This allows the politicians or the Treasury to salami slice the number of ships by cutting replacement programmes once the old ships. If we have a declared RN requirement, as part of the overall defence requirement, this will, at least, become public.

More later.

S-E

[1] - Are we going to be talking about "friends of Gordon" in the same dismissive way we learnt to talk about "friends of Tony", or, as AC Yates QPM might remark, in private of course, "the accused."

Friday, July 06, 2007

You are asking the wrong people :)

We live in a civilised society, do you really have to swear? Surely you are capable of writing without recourse to foul language (sic)

Errm. Which part of "swearblogging" don't you fucking get you pathetic anonymong excuse for a castrato's jockstrap? Capable, yes. Willing, certainly, albeit not always. Having fun - we are, what about you?

S-E

BBC Sort of Missing the Point?

So most imams are foreign? I understand you can say much the same (if you count Irish as foreign) about Catholic priests, although the stats are almost certainly not as extreme. However, the bit that got my goat is that only 6% speak English as a first language but that 8% are UK born.

That means that at least a quarter of UK born imams are from areas of society so withdrawn and regressive that even the blokes ('cause imam = male, at least for now) don't speak English as their first language. And we wonder why we have home-grown jihadis and suicide bombers?

S-E

Thursday, July 05, 2007

Planet Watching

Last night, I managed to see a really spectacular view of the Gallilean satellites of Jupiter; Ganymede, Io, Europa and Callisto. Unfortunately, I didn't have my CCD imager with me but, thanks to Sky & Telescope, I have been able to simulate the view:


We did manage to get a very clear view through my astronomical binoculars (despite a nearby street-light) and, compared to the simulation, the only difference we observed was that the moons appeared to be in more of a plane. This may be due to the relatively low magnification (15x) we were using. If you want to see for yourself, and the sky is clear, I am currently observing Jupiter low in the south-slightly-by-eastern sky at 9 to 10 pm. It is obvious, even at dusk, as one of the first objects to appear (Earth's Moon isn't visible until after midnight, although still bright and obvious at 10am local), although you will obviously have to wait for the sky to darken somewhat more before you will be able to see Jupiter's moons. If you want more details, you can generate your own local sky chart (free registration required and it is a bit of a pain on OSX) here.

A bit lower, and to the right, you can also see the super-giant star Antares, which, last night at least, was obviously red.

S-E

Wednesday, July 04, 2007

RIPA Part III Code to Parliament

The Home Office, not that they exist anymore but that is what they have signed themselves off as, have informed me that that final draft (until the poliscum get their hands on it) of the Regulation of Investigatory Powers Act 2000 Part III Code of Practice has been placed before Parliament. If you remember, Parliamentary approval of the CoP is necessary before Part III, and its associated draconian powers, come into effect.

Given that the legislation has been in place for some time and is truly appalling, it was always going to be extremely unlikely that we could (and latterly clear that we wouldn't) get a citizen-friendly exposition of the regulatory limits on the exercise of the legal powers. Now, Sections 3.4 to 3.11 do contain some good advice on limiting the circumstances in which powers, especially key disclosure should be exercised but, as there is no "outside the tent" supervision (neither NTAC nor the Surveillance Commissioners are outside the tent), I am dubious how strictly these will be followed.

Section 3.29 makes sense but I can still see the warrants flying and Sections 3.34 and 3.37 are nicely direct. Sections 4.22 and 4.23, which a number of people specifically requested, gives you a single contact point, nationally, for querying the validity and correctness of a disclosure order, and a unique number for each order. This is seriously good news and should minimise abuse at the local law-enforcement level. 4.45 and 4.46 also provide a degree of protection for the techies who are likely to be tasked with actually complying with the notices - they now get an official record of their (apparent) compliance, especially vital where there is a strict time constraint on the disclosure and where the disclosure would be to a forensics lab or similar facility, rather than directly to the investigating officer.

Costs, Sections 4.43 & 4.44, I can see leading to serious bun-fights. If these make it through Parliament intact, it is going to be interesting to see how this pans out with our cash-strapped police. Ideally, from far-far-away.

Section 6.7 bullet 5, while of itself (in my opinion) a reasonable ground for needing the key as an item of evidence in itself, is rendered completely moot by 6.10 & 6.11 - here, if, for example, I have access to a key and the passphrase makes it clear that it is my key (as my personal and work PGP passphrases certainly do), I can give out a copy of my key (or generate an appropriate sub-key) with a completely different passphrase, possibly even hinting that the key was generated or is used by somebody else.

Sections 6.8 and 6.9 should re-assure the banks - the "must reconsider" in the last sentence is the strongest we could have hoped for. We'll wait and see the final version and the subsequent FSA protocol before casting too many plaudits, though.

Section 8 seems to have been toughened up a bit - I am still disappointed by the restriction to expensive civil action rather than using the offences in the Act itself to charge inappropriate subsequent publication or release of disclosed material but the establishment were never going to let us win that one.

On the whole, better than it had been - we'll see now what happens to it under the nouveau regime.

S-E

PS - I note from the draft order itself (statutory instrument) that we all (may) have until 1st Oct 2007 to bin all of our old keys as thoroughly as we can. Get started. Let them see what their mates in the drugs squads have to put up with :)

Tuesday, July 03, 2007

Attack of the clones

This could be why nobody had heard of her before:

Not Harriet Harman

Not Jacqui Smith
It is just the hair dye and a change of clothes, isn't it?
 
HTTP Error 403: You are not authorised to access the file "\real_name_and_address.html" on this server.

(c) 'Surreptitious Evil' 2006 - 2017.