August 2008 Archives

Why I Didn't Buy a Hybrid


As you may or may not recall, I had ordered a 2009 Ford Escape Hybrid from my local dealer back in April, but it never arrived. Ford instead randomly selected 5 people from the 50 who had placed orders with the dealer, rather than taking names in order (we were the first on the list). At any rate, we've had a change of mind on the subject, and here's why.

1) Monthly Cost: By buying a Ford Escape instead of an Escape Hybrid, we're paying about $265/month less over 60 months. At $5/gal, that would be 53 gallons of gas per MONTH that I'd have to use in the non-hybrid in order to break even. That would be a lot of driving, and we simply do not plan to use this vehicle as our primary around-town car. (I recall doing a post on this a while back, but I can't find it now. Maybe someone will remember my chart and its associated post.)

2) Sticker Cost: We looked at a couple used Escape Hybrids at the dealer on Saturday before settling on the non-hybrid choice. The dealer is paying more than the original sticker price to bring these things into the region, where demand is through the roof. A used 2008 Escape Hybrid with nearly 15k miles was stickered at $35k and there would be no budging on that price. A slightly more appointed 2008 Escape Hybrid on the lot with around 25k miles was listed for even more. MSRP on these would have been in the $30-34k range a 12-18 months ago.

3) Total Cost of Ownership: I learned that for new Ford vehicles you can buy a maintenance plan up front that covers all regularly scheduled maintenance for x years up to y miles. In my case, $1390 gives me 6 years or 97,500 miles, which covers oil changes, brake jobs, transmission service, tire rotation/balance, power steering service, etc, etc, etc. Considering I spent about $800 this year alone on my Civic for the 50k miles service, I see a lot of value in that package. Ford has offered this service as a relatively cheap way to increase customer satisfaction and, ultimately, customer retention. At the same time, it lowers my TCO.

Favorite Olympic Moments

Now that the Olympics are at an end, I wanted to take a few minutes to reflect on some moments that I thought represented the best and worst of these Games.

Top Moments
1) Michael Phelps - Talk about an iron man. 17 races over the course of, what, 10 days or so? Winning all that gold was quite amazing, too, as were all the world records. I even heard Spitzer pronouncing him the greatest Olympian. Phenomenal.

2) Beach Volleyball (May-Treanor/Walsh and Rogers/Dalhausser) - I put in a couple late nights the last two days in order to watch the gold medal matches in beach volleyball. Rogers/Dalhausser gutted out a strong win after getting off to a lousy start. I really thought we were going to see another Latvian-style upset, but thankfully the "thin beast" woke up and made a nice run. Hands-down, though, my favorite matches were watching May-Treanor/Walsh absolutely destroy their competition. These two athletes are simply amazing. I don't think I've ever seen a team so consistently on the same page with each other. It was also remarkable to see their mental toughness. I don't think they ever got down, despite a miss here or there. Most excellent!

3) Usain Bolt - Wow, what a speed-demon! His 200m performance was simply remarkable - perhaps even better than his 100m, where he coasted into the finish. For someone that tall to run so fast and so easy - it's truly a wonder. Normally you'd see a guy like that running a 400m or greater. Very nice.

4) Changing Times (China surges with gold, wins gold with the Games, too) - Aside from the oppression of demonstrations, I do think that China put on a very nice Games. There have been some complaints here or there, such as about stands not being full, but that's really quite normal, I think. The biggest challenge I imagine was getting visas to people to get them into the country (I've read that this was a challenge). Overall, though, I think this really represents China's coming out party as a major player on the world stage that knows how to play (mostly) nicely with others.

Not-So-Top Moments
1) Usain Bolt - Well, we have to counterbalance Bolt's amazing performances with his theatrics and stupidity. My greatest annoyance was his pulling up at the end of the 100m because he was so far ahead. What a jackass. Run all the way through. It's really quite simple. Just do it. I hope he misses out on endorsements as a result of his antics, because he has not demonstrated adequate maturity to handle his place on the world stage. Disappointing.

2) Women's Gymnastics - I can't think of a single Olympics where there hasn't been some sort of controversy in women's gymnastics. Frankly, the system is still only 3/4 baked (better than half-baked, I suppose). Judges really need to provide short explanations for deductions. Perhaps more concerning than the judging, however, is an apparent flaunting of the rules by the Chinese. It was reported on NBC late last night (or, uh, early this morning) that the IOC has referred the matter of underage athletes to the FIG for review in light of new evidence presented. It's possible that up to 3 of China's athletes were under the age limit of 16. Now, I don't want to get into a discourse on why this rule exists, because I personally find it to be rather stupid, but rules are there nonetheless, and they're intended to provide for a fair competition. If all three Chinese gymnasts are found to be underage, China stands to lose all but 2 bronze medals, which would be a major shock. Hopefully it won't be found to be that bad, because it would be a crumby way to win a (higher) medal. Still, cheating is cheating, and the rules are the rules. Why is it always China that's pushing the limit on these things? Particularly disgusting now that they're the host nation.

3) Team USA Track (disappointing results) - Well, there's not much for me to say here. We had a few standouts, such as in the decathlon and women's discuss, but overall our track team has not been looking very good. Dropping the baton (men and women) in the 4x100m was pretty bad, as were the performances in the 100m. At least we swept the 400m. I dunno, maybe we didn't do too badly, but it sure doesn't seem like that's the case. It just feels disappointing. Next up: all the doping results. Let's hope nobody major is DQ'd and banned.

That's pretty much it for me on this. Overall, I'd say it was a good Games, but man do I ever need some sleep. :)

I just wanted to quickly highlight two stories - one ok, one not-so-ok. First off, the not-so-ok story.

Per the Washington Post, new Justice Department rules would allow the FBI to "open a national security or criminal investigation against someone without any clear basis for suspicion." This is really just sad. There used to be a time when you had to actually be reasonably suspected of wrongdoing before law enforcement resources were expended on an investigation. Now the Justice Department is essentially sanctioning witch hunts and harassment by the FBI, and for no good reason. When combined with border seizures of laptops (see my comments here and here), American federal law enforcement appears increasingly intent on creating a police state where secret interrogations and investigations are conducted simply on the whim of political leaders with the intent of terrorizing and oppressing citizens. It's just pathetic, bad police work, and bad policy.

In more positive news, the US 9th Circuit Court of Appeals has ruled that people placed on the "no-fly list" can sue in court to get their names removed. This is a reversal of previous rules that had made the process so onerous that almost nobody could meander through to confirm that their name was on the list, let alone get it removed. Thank goodness that someone somewhere has decided that all this excessive secrecy is a Bad Thing (tm). (Hat tip to Slashdot for the story.)

I love The Onion's off-beat humor. Check out their story Michael Phelps Returns To His Tank At Sea World.

Coach Your Way to Better Security

As noted earlier, I've recently read James Flaherty's excellent book Coaching: Evoking Excellence in Others. My original purpose in reading this book was to help generate content for an internal training course I'm developing on savvy skills for consultants (I also read Ron Fry's Ask the Right Questions Hire the Best People for the same project). However, as I began reading this work, it occurred to me that what Flaherty describes is really a philosophical shift that has great applicability to the information security profession. In particular, this line jumped out at me: "...command-and-control organizations cannot bring about the conditions and competencies necessary to successfully meet the challenges holistically. For the most part, organizations know this and have attempted to reorganize themselves using the principles of total quality management and reengineering." (p2) Put in a security context, what he's saying is that all these top-down initiatives may be good and fine, but they only serve to reinforce the self-defeating practice of a command-and-control management structure, disincentivizing people to step up and act responsibly.

Within information security, perhaps the number one place where we see this sort of situation is in policy enforcement. Most organizations today have policies, but how well are they enforced? If they are enforced, is it through a heavy-handed approach, or because everyone is onboard? From a psychological perspective, the bottom line - as always - is that people will only change either because they want to or because of a trauma. Unfortunately, as Flaherty notes, simply providing stimuli (pain or reward) is not generally enough incentive on either account.

I've recently read through (most of) James Flaherty's Coaching: Evoking Excellence in Others. This book is very information and excellent in the way that it directly challenges the status quo of people management in the modern corporate environment. I think of all the companies I've worked in or with over the years, and every single one would have benefited significantly from Flaherty's guidance.

Instead of going into a lot of detail about the book, allow me to just recommend it to you. I'm doing this because my next post will be my thoughts on applying the coaching approach and mentality to improving information security within organizations, which will cover much of the material in the book. However, rather than leave you empty-handed, allow me to provide a quote from early in the book in which Flaherty states his case for this approach:

"It is one of the central tenets of this book that command-and-control organizations cannot bring about the conditions and competencies necessary to successfully meet the challenges holistically. For the most part, organizations know this and have attempted to reorganize themselves using the principles of total quality management and reengineering. The usual problem with these interventions is that they are implemented by and end up reinforcing the command-and-control structure. Here's my objection to that: command-and-control organizations are based on the premise that a power and knowledge hierarchy is the most effective way of structuring an organization. People at the top make the decisions and people further down implement those decisions, changing them as little as possible. The process is slow, expensive, and has at its core belief that people cannot be trusted and must be closely monitored. As long as those beliefs are in place any organization will have tremendous difficulty flourishing in today's world. Of course, what I'm saying here is not a new statement. What I'm offering in this book is an alternative to working in a command-and-control environment by beginning with the new premises. It's been my experience that organizations must be dedicated to allowing people to be both effective and fulfilled. Organizations are the ongoing creations of the people who work in them. Treating organizations as if they are huge machines, as is done with command and control, badly misunderstands the nature of the phenomenon. To sum up and simplify what I'm saying, coaching is a way of working with people that leaves them more competent and more fulfilled so that they are more able to contribute to their organizations and find meaning in what they are doing. I hope that reading this book will convince you that this is possible and that you will experiment with the ideas presented here. That is the only way you can find out for yourself that what I'm saying here is worthwhile." (p2-3)

DIY DefCon 16 Badge by Jack :)

China Wins Much Gold, US Many Medals

Here's an interesting article from the LA Times talking about the much-improved performance of the Chinese in this Summer Games. They've already bested their gold medal count from 2004, and they are far ahead of the US in the same category. The US has a 1 medal lead in the overall count, which is fine, but isn't the old saying that 2nd place is 1st loser? :) Just kidding! Don't flame me for disparaging silver and bronze medals - I think our athletes have done amazing things that we should be very proud of.

Here are my quick thoughts on the Olympics:
* Hanna has made an excellent point about China. Of course they should be performing well. What other country in the world seizes children as young as 3 and carts them off to Olympics training in a specific sport, allowing them to see their parents only once per year? How does a free country compete with that?

* China has performed surprisingly well in some unexpected areas. For instance, who would have thunk that they would beat the US #2 womens' beach volleyball team? Yao Ming aside, you don't typically think of the Chinese as being tall or jumpers.

* The US has had some disappointing performances (100m dash, womens' swimming, diving, etc.). How strange is it that the US swept the individual medals in womens' saber and then didn't get a medal in womens' team saber?

* How do we balance disappointment in key areas like Track & Field vs the outstanding performance of our athletes? Moreover, how do we balance continued frustration in areas like gymnastics where the judging system, though a little less obtuse, still seems funky. I liked Howard Wasserman's comments here suggesting that the judges should be required to disclose the rationale for every deduction.

* I'm tired of hearing about doping and age controversies. The best athlete available should be allowed to compete. If the athletes want to give themselves a perceived advantage using drugs, then fine. However, that being said, I believe that all participating countries must then agree to and enforce laws that hold coaches, trainers, and doctors legally responsible should bad things happens from performing too young or from overdoing the drugs. Hold people accountable and then you can get away from this cat-n-mouse game.

For our anniversary, my lovely wife presented me with the book Yes, You're Pregnant, But What About Me? by comedian Kevin Nealon (of SNL fame). She thought this looked like a good choice of books for me, the soon-to-be father. As it turns out, she was right! :)

The book started out a bit slow and awkward for me. I attribute this to it being Nealon's first stab at book-writing (that I could find). However, by a third of the way into the book, Nealon really found his stride, keeping the storytelling and one-liners rolling smoothly. By the last few chapters, I hardly wanted to put the book down, just to find out if they had a boy or girl and how the whole delivery went (apparently it went smoothly).

Personally, I found the parallels between his thoughts on everything and mine to be quite eerie. His quips were well in-line with my thoughts on the whole pregnancy and delivery. It's nice to know that I'm not alone (or unique) in those observations and concerns.

Lest you think this book is just for guys, incidentally, I think that women may enjoy it, too. If for no other reason than to get a better understanding of how guys perceive the whole process. As for guys whose wives are expecting, this is a must-read, and it won't bog you down for a long period of time. Definitely recommended!

Skip Tropic Thunder

The wife and I thought that we'd catch an early evening movie. She thought that Ben Stiller's latest lunacy, Tropic Thunder, looked amusing in the previews, so we gave it a go. Boy, what a mistake! I should have known from the size and depth of the ensemble cast that it was going to be bad, but this was absolutely horrendous.

As a public service to the two of you who might accidentally read this blog, I provide you with three reasons not to go see it:

#1: It's not funny. Seriously. The trailer had all the funny parts. Everything else is just plain stupid or mean or ugly or all of the above.

#2: There's more cursing than a Denis Leary stand-up act. Seriously. More than every-other-word during most scenes are cusses. It's was unnecessarily excessive.

#3: The controversy is valid, it is insensitive to the mentally challenged. Seriously. If you've not heard about the controversy, just Google the movie title. The groups were right to protest. They literally make fun of Stiller's mentally challenged character using derogatory terms denoting a mentally challenged individual. It's just tasteless.

Now, none of us should be surprised by any of this. It is, after all, a Ben Stiller movie. Well, except for the language. I don't ever recall so much profanity crammed into his movies. You should do yourself and your family a favor and simply skip this rubbish. Go watch Dark Knight again or something.

Ever since I took Systems Engineering I in my masters program at GW, I've viewed information security and risk management a little differently. In fact, as I've matured over the years, I've come to view the field(s) through multiple lenses, and continue to seek out new perspectives. From Systems Engineering, I learned to view risk as a systematic problem that required fault tolerance and that needed to balance the cost of solutions against the effective reduction of loss potential. This approach is also very compatible with the "risk resiliency" approach that my current employer is favoring in their marketing pitch, and something that I've naturally latched onto as being similar to my style of communication around risk management.

To that end, I had an opportunity to meet with Dr. Vernon Grose of the Omega Systems Group this week. His organization has been providing systematic risk management services for a few decades. In particular, his methodology has a couple key components that I found to be particularly interesting. First, Omega advocates a top-down workshop approach to initiating risk assessment as a lead-in to making risk management decisions. This workshop has some similarities to the NSA IAM/IEM approach, but differs by focusing on the executive/strategic level, making use of scenarios for planning. Second, Dr. Grose brings to bear a systems engineering approach to risk management wherein all scenarios are evaluated against a minimum of 3 countermeasures, looking uniquely at the costs of reducing or eliminating the losses associated with a given risk scenario based on a refined ranking approach.

Remember all that press last year about the pending Internet apocalypse? I sure do. At the time I said "how convenient - this AF General is looking for money for his 'Cyber Command' program and suddenly there's a huge, looming, imminent threat." Well, as it turns out, this program has now been suspended. It's little wonder, too. As the article points out, it's not like there aren't already computer warfare divisions in the Navy and Army already that have well-established track records (didn't the legendary SANS guru Stephen Northcutt have involvement with the Naval program some 20-30 years ago?!?). So, perhaps, for once, we'll see less tax dollars wasted for this one small instance. Oy!

Hat tip to HelpNet Security.

Faking the Ceremony Follow-Up

In follow-up to my post on China faking some of the Opening Ceremony, the BBC has a great article up with more info on the story. Here we were led to believe that a common girl from a local school had been selected to sing, and now we find out that she was yanked at the last minute because a committee didn't think she was cute enough. Goodness me - what silliness! :)

Interesting Phone Scam

I'm always leery when the phone rings and someone tries to offer me something I didn't ask for. Today was no exception - and possibly a good example of social engineering masquerading as a "deal" to lower my credit card rates.

When I picked up, the automated system said "This is your final change to lower your rates - please press 1 now to speak to a live agent." Unsure just which "rates" were going to be lowered, I went ahead and pressed 1 to see what it was about.

A few seconds later an agent came on the line. She thanked me for pressing 1 to have my MasterCard and Visa rates lowered (hmmm - interesting - why would they be calling regarding competing credit card brands?). She asked me if I would like my interest rates lowered, and I said that might be ok. She then proceeded to ask me what the balance is on my current card(s). I said "if you're from the credit card company, you already know the current balance - I'm sorry, which credit card company are you calling from?"

She responded that she needed to ask me 4 questions to qualify me for a lower rate. I said "well, I need you to tell me what credit card company you're calling from first before I answer any of your questions." *click* She hung up!

Scam 101: If it seems too good to be true, it problem is. If the caller purports to be representing competing brands, then they're probably a competitor. If they can't/won't tell you who they're working for, then you should not disclose anything to them. And, lastly... If they hang up, you've just busted their scam! :)

BTW, for those interested, the caller ID listed the number as 321-729-9349, which appears to be a Melbourne, FL, phone number. Just in case you'd like to proactively block that number on your phone or PBX. :)

This won't be a long post, unfortunately, but I think everyone needs to take a moment to reflect on the significance of this Olympics. No, I'm not talking about the sports and the athletes and the achievements. I'm talking about the digital sleight of hand that was used to make everything appear perfect, when in actuality there has been just a little bit too much sheen and shine.

For me, it started last night while watching a special bit on NBC about how China has forced everyone to change their behavior and attire in Beijing. This approach has been lauded as great and revolutionary. "Look, honey, the Chinese people all look Westernized now!" Except for one little problem: they were forced or coerced into these changes, sometimes using nationalism, and sometimes sheer brute force. That's somewhat disturbing from a civil rights perspective. But now we're starting to hear details about the Opening Ceremony and how they were manipulated digitally to portray things in a better light.

From an information security perspective, it concerns me greatly that so much digital manipulation has occurred. We're not just talking about bleeping out bad words on a time delay, nor are we talking about the magic of television (such as levitation tricks using wires we can't see). Instead, we're talking about entire series' of events simulated digitally instead of being performed live, and time-based manipulation of the sequence of events simply to drive up ratings. Specifically:

* Did NBC Alter the Olympics' Opening Ceremony? It seems that NBC manipulated the sequence of events in their telecast of the Opening Ceremony in order to drive up viewership. It is alleged that they held off showing the entrance of Team USA until a much later time. This is one of those manipulations that is just idiotic. Did they seriously think that people would suddenly stop watching the minute they saw Team USA? I mean, for me, personally, I stopped watching as soon as the teams started entering the stadium. 3 hours of sheer boredom that is! :)

* Olympic Opening Ceremony Fireworks Were (Partly) Faked This manipulation is somewhat disturbing, because nobody would have known if the Chinese hadn't disclosed it. Apparently the "footsteps" firework show was filmed in advance and then edited into the live coverage of the Opening Ceremony. From a security perspective, everybody should take note: this takes to a new level the amount of distrust we ought to be placing in what we see with our own eyes. If you're not physically present, then you cannot trust what is shown. We're used to some "television magic" making things work, such as green screens and the like, but this is one of the first times I recall that a live presentation was significantly altered using digital manipulation. It's kind of scary, actually.

* China Olympic ceremony star mimed This isn't overly remarkable, but it's still annoying. Remember the cute little girl singing the Chinese anthem? Apparently she was lip-synced. Ok, no biggie, right? Well, actually... she lip-synced to someone else's singing. Oh, sigh. That's so Hollywood (or is it Disney?)! One clear trend here is that the Chinese are putting the visual presentation of the Olympics ahead of the truth and reality of it, whenever possible anyway.

* Windows BSoD takes the Gold at the Beijing Olympics This one is just amusing, not the least of which because it couldn't be covered up live (I wonder if it was visible during the broadcast, though? Here's another case to investigate around digital manipulation of reality...). Apparently one of the Windows systems supporting the Opening Ceremony had a Windows Blue Screen of Death, which got projected on the ceiling of the stadium. Check out the pics in the link. Very funny. :)

So, enough complaining from me. I suppose some day we'll find out that the Opening Ceremony really took place in a sound studio and that the athletes don't have to even show up in person to compete any more. If it's alright by everyone else, I'll just sit here and mourn the loss of trust in that which is presented as "live" and "reality." In television and business, apparently nothing is sacred.

2008 Goals: July Progress Report

Well, goodness, July sure got away from my quickly, and here it is already the 10th of August. Where does the time go? Here on baby watch, Hanna sits 3cm dilated for going on a couple weeks, and we're just wonder WHEN will the little girl emerge? *sigh* It's all about timing! In all honesty, though, the past month went fairly well, and we're now in pretty good position this month for the pending delivery and all the fun that will ensue in the aftermath.

Overall, I think July was a good month, though frankly it went so quickly I can't remember all the details. July 4th was a lot of fun out at Jill's and a good way to start the month. I had a couple work-related trips that were productive, and things have in generally been bopping right along. Perhaps the biggest accomplishment of the month was getting the baby's room all setup, despite that going against our "no new debt" pledge. Oh, well. More below...

Check out this cool video from Clarified Networks showing the progress of patching against the Kaminsky DNS vulnerability.

Hat tip to O'Reilly Radar for the find...

Hilton Responds to McCain Ad :)

Humor alert! Humor alert! Speaks for itself. :)

See more Paris Hilton videos at Funny or Die

Hat tip to the Star Tribune.

As noted here and here, Rage Against the Machine will be performing in Minneapolis while the Republican National Convention is convened in St Paul. Too funny. :) In honor of that scheduled performance, I bring you the famous poem "Do Not Go Gentle Into That Good Night" by Dylan Thomas:

Do not go gentle into that good night,
Old age should burn and rave at close of day;
Rage, rage against the dying of the light.

Though wise men at their end know dark is right,
Because their words had forked no lightning they
Do not go gentle into that good night.

Good men, the last wave by, crying how bright
Their frail deeds might have danced in a green bay,
Rage, rage against the dying of the light.

Wild men who caught and sang the sun in flight,
And learn, too late, they grieved it on its way,
Do not go gentle into that good night.

Grave men, near death, who see with blinding sight
Blind eyes could blaze like meteors and be gay,
Rage, rage against the dying of the light.

And you, my father, there on the sad height,
Curse, bless me now with your fierce tears, I pray.
Do not go gentle into that good night.
Rage, rage against the dying of the light.

"Dependence," Not "Addiction"


"the state of being enslaved to a habit or practice or to something that is psychologically or physically habit-forming, as narcotics, to such an extent that its cessation causes severe trauma"


"1. the state of relying on or needing someone or something for aid, support, or the like"

I'm getting very tired of the use of the term "addiction" in reference to oil-based energy sources. It's not an addiction, it's a dependence. I realize that the more scary the rhetoric, the better job the politicians think they're doing (Obama included). However, it's time to insist on using proper vocabulary.

An addict can walk away from their addiction and go on with life (obviously withdrawal is painful, but the point is that the addiction is not generally to a necessity of life). Dependence denotes a degree of reliance that is more fundamental. If you were to remove all oil-based fuel sources overnight, we would - as a country - be in a very bad place immediately. In the case of dependency, the thing upon which you are dependent must be replaced or supplanted. In the case of addiction, you can do without.

Know the difference, understand the difference, and reject the over-the-top rhetoric, regardless of your political leanings.

Free Topo Maps from USGS

Hey hey hiking/camping/outdoors fanatics! Guess what? You can now download topographical maps for free from the USGS. You can also order print copies from them for a few bucks, if you prefer. Cost of printing at home is your responsibility, too.

To get your topo maps, go to and click on "DOWNLOAD TOPO MAPS FREE!" on the right under "TOPO MAPS." If you're getting an error on the site, make sure to (re-)enable accepting 3rd party cookies (this is enabled by default in Firefox, but I usually disable it). I didn't have any luck in Safari, though I didn't play around with it much.

The nav site to pick your map is a mashup with Google Maps. It's pretty cool, actually, and could be very handy for those interested in some nice detailed hiking maps. :)

Hat tip to

Monday Diversions: The Guild

Ok, so, it's Monday, blah, back to work you slackers! :) I was catching up on my Google Reader this morning and ran across this Lifehacker interview with Felicia Day. In the intro of the article, it mentioned that she was the writer/director/star of an online only series called The Guild about a group of online gamers. Suffice to say, I checked it out, and it's hilarious. Definitely recommended viewing for the digitally enhanced member of modern society. It definitely ranks right up there with the World of Warcraft episode of South Park. :)

Go watch The Guild. :)

In direct follow-on to my post 2 seconds ago... This quote perfectly highlights for me the disconnect in the thinking of the DHS and related agencies.

Homeland Security Secretary Michael Chertoff wrote in an opinion piece published last month in USA Today that "the most dangerous contraband is often contained in laptop computers or other electronic devices." Searches have uncovered "violent jihadist materials" as well as images of child pornography, he wrote.
Translation: The best way to protect the country is through thought policing. Chertoff here openly admits that controlling what people read and think is the most important outcome of this program. Yeah, sure, they may have caught kiddie porn on laptops, but is it really a legitimate tradeoff that to catch 1 kiddie porn offender we should violating the privacy of all business travelers? This is patently offensive and represents a very poor spend. How many arrests stem from a review of all laptops? Seriously? What's the cost-benefit ratio? Have they even done the calculation? Or is it really the mindset of the DHS that no cost is too high to catch every last offense? If that is true, does that not mean that they're advocating a police state?

We must actively resist and rally against such egregious claims, assertions, and behaviors. It is plainly clear that the leadership of the Bush administration do not understand the fundamentals of security and are willing and eager to trade reasonable police investigation work for a complete betrayal of privacy, freedom, and actual security.


Just when you think the US Government can't get any more ridiculous, they do. According to the Washington Post, DHS has made several more broad claims about their border security capabilities. According to the DHS (home of the ever-brilliant TSA), without any just cause or suspicion Border agents may seize laptops for as long as they want, they can take them off-site, they can image them, and they can then share those drive images with any number of other government agencies. From the article:

"DHS officials said the newly disclosed policies -- which apply to anyone entering the country, including U.S. citizens -- are reasonable and necessary to prevent terrorism. Officials said such procedures have long been in place but were disclosed last month because of public interest in the matter."

(warning: RANT) To the DHS and the reigning terrorist regime that is the Bush administration: Seizing laptops without cause does more damage to the cause of freedom, democracy, and free markets than anything any half-wit terrorist with a shoe bomb could ever accomplish. You, Bush administration, have used "national security" and "terrorism" as a direct excuse to fundamentally undermine key tenets of this country, and you continue to make boneheaded decisions and policies like the one cited here without one iota of competence in the field of security. You can never eliminate all threats and vulnerabilities. There will always be risk. If you are not able to understand this core concept within information security than, please, for all of our sakes, remove yourselves from office because YOU are the threat to national security. Your continued use of terrorist threats, meant to scare and intimidate (indeed, to terrorize) the citizens of this country have grown tired and weak and pathetic.

It's my hope that Congress will finally intervene to constrain Border agents and DHS and TSA and any other idiots who think that all freedom and privacy should be sacrificed for "national security" so that practices like these will be halted. This policy of indefinite seizure of laptops is hostile to business travelers, and at a time when we need international business to be increasing! It's time to stick a fork in this "national security" abuse and reinstate a bit of personal security and privacy protection.

1010. The baby is due any day now.
1001. I don't look good in black.
1000. CRISS ANGEL Believeâ„¢ Hasn't Opened Yet
0111. No piercings or tattoos.
0110. I don't enjoy over-hyped over-the-top presentations.
0101. In the game "spot the fed" I would always be identified as "the fed" (though I'm not one).
0100. Unable to get into the really good parties (see "spot the fed" remark).
0011. My philosophy of security is much broader than 3117 h4X0ring.
0010. August is the wrong time of year for hiking the Grand Canyon.
0001. Because with BlackHat, what happens in Vegas doesn't seem to stay in Vegas.

About this Archive

This page is an archive of entries from August 2008 listed from newest to oldest.

July 2008 is the previous archive.

September 2008 is the next archive.

Find recent content on the main index or look in the archives to find all content.

Monthly Archives


  • about
Powered by Movable Type 6.3.7