Sour Grapes
Of course we're Fair and Balanced!


No, the Supreme Court wasn’t joking about Citizens United

Today's Daily Beast reports on the ruling by a federal appeals court that there can be no limits on cash contributed to a conservative PAC support the Republican candidate for Mayor of New York City. The decision is unlikely to affect who will be Mayor, but the ruling confirms that the floodgates are wide open for legally influencing politicians with money.


H-bombs away over North Carolina: 1961

According to The Guardian, in a story published yesterday, a recently declassified document...
...reveals that the US Air Force came dramatically close to detonating an atom bomb over North Carolina that would have been 260 times more powerful than the device that devastated Hiroshima.

The document, obtained by the investigative journalist Eric Schlosser under the Freedom of Information Act, gives the first conclusive evidence that the US was narrowly spared a disaster of monumental proportions when two Mark 39 hydrogen bombs were accidentally dropped over Goldsboro, North Carolina on 23 January 1961. The bombs fell to earth after a B-52 bomber broke up in mid-air, and one of the devices behaved precisely as a nuclear weapon was designed to behave in warfare: its parachute opened, its trigger mechanisms engaged, and only one low-voltage switch prevented untold carnage.


Surprise! Surprise! NSA violates privacy!
The Washington Post reports today that the National Security Agency engages in hundreds of largely unpreventable privacy violations every quarter. The source materials—also available on the Post's website—"include a level of detail and analysis that is not routinely shared with Congress or the special court that oversees surveillance [FISA court]."
The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, according to an internal audit and other top-secret documents.

Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by statute and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. e-mails and telephone calls.


Isn't this a security lapse?
I recently wrote to a website I use regularly:
I changed mobile phones recently. When I try to log in to <appname> Android app, I keep getting the message, "Your nickname or password is incorrect. Please try again." I use a password program to generate and store passwords for all my apps and so I copy and paste my nickname and password rather than typing it in. After getting this message several times in a row, I followed the instructions to change my password. After re-entering my nickname and password at the website I was directed to, I am still unable to log in. I never had anything like this problem before.
Before they responded, I determined that the problem was special characters that I force the inclusion of in generated passwords; one of those characters in this password was a backslash (or reverse solidus, "\"), which I suspect was interpreted as an escape character (Unix/Linux programmers will understand why I so suspect). So I changed my password to consist of only upper- and lower-case letters and numbers.  My problem disappeared.

A short while later I received the following reply in clear text:
Hello <username>,

Here is your username: <username>
Here is your password: <password>

Please note that this may be case-sensitive on some mobile devices.

Let me know if you have any further questions or problems.

Emailing password in clear text is not secure.  Furthermore, I wouldn't have thought the site administrator had access to my password other than in its encrypted form.

Qui utitur passwords, cave!

Blog home
Blog archives