So the Vice President of the United States of America said "Fuck". On the air. Twice.
Big fucking deal.
I've been prodded by a few people about this, so here's my 90 second commentary:
Joey-B dropped the F-Bomb twice during daytime programming hours (well outside the 10pm - 6am "Safe Harbor" for cussing up a storm on the air).
The last time I checked the FCC was to levy a fine of $7000 for each violation (i.e. every time a word slips out over the air), scalable up to $32500 based on other factors, like a history of prior infringements (and we clearly have at least two violations here).
So I have a few quetions.
Is the FCC going to fine all the broadcasters who carried this speech live-live (no delay) and/or those who carried it with a net & failed to hit the bleep button fast enough?
Is the FCC going to fine either Joe Biden (personally) or the US Government (as an entity) for producing/distributing profane material?
Will we ever get rid of our nation's irrational fear of the word FUCK and the sight of breasts?
... seriously folks, it's just a word. Get over it and move on.
While I usually read El Reg for teh lulz occasionally they come up with an interesting nugget, like their article on a "severe" OpenSSL vulnerability (quotes theirs). This vulnerability comes to us courtesy of the University of Michigan, and is tied to a simple oversight in the OpenSSL code: It doesn't perform a verification pass on signatures before sending them to a client.
So all you crypto-nerds, how many of you do a verify on your signatures before you send them? Hands please? Nobody? Not even me? -- Yeah, we all tend to trust that our math Just Works. I mean it's a computer, you put in fixed input through a deterministic algorithm and you get the same output ever time. Right? Nope.
Computers, as we all hopefully know, aren't perfect. Trillions of minor errors happen every day, and they're usually compensated for: ECC RAM, cross-checks of math, etc. But because OpenSSL doesn't do a cross-check it's possible for those minor errors to creep into a transmitted signature. As the good folks from UMichigan explain in their paper if you can induce some minor errors in the OpenSSL signature math and collect a good signature and a large enough set of flawed signatures you can eventually derive the private key used for the signing.
That is all well and good, except it relies on errors in the system generating the signatures. These errors are rare (and pretty random) in the real world, so no problem, right? Wrong again Sparky! These clever folks came up with something I wouldn't ever have thought of.
Those of you who have worked on old Commodore computers probably know one of the first symptoms of a power supply going wonky is that the system starts acting up: Lots of random crashes, video corruption, etc. Why does that happen? Because the voltage being supplied to the system is fluctuating. Fluctuating voltages (specifically down-swings) cause all the magical voltage regulation hardware to go out of regulation, which feeds out-of-spec voltages to the chips, which in turn start making mistakes in their math.
The bottom line for this attack is an extension of that well-known Commodore problem: By putting controlled voltage fluctuations into the power supply of real computers (SPARC boxen running Linux) the UMichigan folks were able to induce errors in the math used by the real-world OpenSSL code and recover an actual key.
Continue reading "Interesting (impractial) OpenSSL attack"
So the point of this whole thing is trivial enough that I went ahead and did it: Go to Wikipedia and type in your birthday (month and day). Then you write down 3 events, 3 births, 3 deaths and 3 holidays. December 29
Events
1778 – American Revolutionary War: 3,500 British soldiers under the command of Lieutenant Colonel Archibald Campbell capture Savannah, Georgia without firing a shot. Way to go Georgia, just roll over and take it. Bitches.
1890 – United States soldiers kill more than 200 Oglala Lakota people with four Hotchkiss guns in the Wounded Knee Massacre. 120 years later we're still treating the natives like shit & using the treaties to wipe our national ass -- Progress, we no can has
2003 – The last known speaker of Akkala Sami dies, rendering the language extinct. Interesting tidbit in honor of all those linguistics courses I took.
Births
1800 – Charles Goodyear, American inventor (d. 1860) A subtle reminder from the universe to check your tire inflation and wear pattern
1921 – Robert C. Baker, Inventor of the chicken nugget (d. 2006) Cue ironic chorus of "Nugget Man"
1967 – Andy Wachowski, American director I still won't forgive him for the Matrix sequels. Filthy humans ruinsed a good thing.
Deaths (Excluding the "event" death)
1731 – Brook Taylor, English mathematician (b. 1685)
1737 – Joseph Saurin, French mathematician (b. 1659)
1891 – Leopold Kronecker, German mathematician (b. 1823)
Apparently not a good day to be a mathematician… Do I get any bonus points for a trifecta?
Holidays Only 2 and nothing relevant: The 5th day of Christmas (but nobody cares aside from the song) and apparently St. Becket's day (patron saint of secular clergy, so I suppose that's appropriate with me being an ordained minister and all)
