U.S. allows states to legalize recreational marijuana within limits

This is great news. I’ve said it before but I hope North Carolina’s leaders will become enlightened and the guns will disappear from Raleigh’s streets. Yeah, that’s asking a lot but this is a huge step in the right direction.

The Justice Department said it would refocus marijuana enforcement nationwide by bringing criminal charges only in eight defined areas – such as distribution to minors – and giving breathing room to users, growers and related businesses that have feared prosecution.

The decisions end nearly a year of deliberation inside President Barack Obama’s administration about how to react to the growing movement for relaxed U.S. marijuana laws.

Advocates for legalization welcomed the announcement as a major step toward ending what they called “marijuana prohibition.”

via U.S. allows states to legalize recreational marijuana within limits | Reuters.

Distracted driving day

As if to prove yesterday’s point about distracted driving, on my way home from work I had the unfortunate luck to be driving next to a young woman busy texting. Her car was weaving over both sides of her lane, on Wade Avenue, nontheless, where opposing traffic whizzes by only a foot or two away. I honked the time she nearly nudged me off the road and spent the rest of my drive glowering at her in my rear-view mirror, hoping she had enough sense to notice if I stopped.

I have never before called the cops on anyone texting while driving but I swear that drivers doing this might as well be driving drunk. The next dumbshit driver that weaves into my lane, hunched over his or her phone, is going to be promptly referred to authorities. I don’t feel like playing Russian Roulette on the roads anymore.

Warner Herzog created a short, powerful film that addresses this texting problem. I’m going to make sure our kids see it.

The NSA: “The Abyss From Which There Is No Return”

Interesting commentary.

So if we already knew that the government was spying on us, what’s the big deal? And more to the point, as I often hear many Americans ask, if you’re not doing anything wrong, why should you care?

The big deal is simply this: once you allow the government to start breaking the law, no matter how seemingly justifiable the reason, you relinquish the contract between you and the government which establishes that the government works for and obeys you, the citizen—the employer—the master. And once the government starts operating outside the law, answerable to no one but itself, there’s no way to rein it back in, short of revolution.

via The NSA: "The Abyss From Which There Is No Return".

Secrets and who can keep them

I was mining my blog for some unrelated information (isn’t that always how it starts, eh?) when I came upon this post I wrote last December after the job networking site LinkedIn had its entire password database stolen. I made the point that 99% of passwords being used out there are trivially cracked by modern computers.

The post made me recall how time and again how the federal government has sounded the alarm over how vulnerable American business is to cyberattack. In light of the revelations of massive, illegal NSA spying on Americans, these warnings seem patently ludicrous. You see, the whole time the federal government has played the cybersecurity good guy in public, in reality the last thing it wants is for American business to secure its data. Make it secure, they tell us. Just don’t make it too secure.

Yeah, right.

NSA, DEA, IRS Lie About Fact That Americans Are Routinely Spied On By Our Government

This is an astonishing development in the U.S., a nation that, until recently, carefully restricted the power of its domestic spying agencies by forcing them to submit narrow requests for spying authority to a court, which would issue a warrant if the government showed probable cause to believe that the surveillance target was engaged in some sort of wrongdoing. At this point, it’s clear those limits are gone. The United States is now a mass surveillance state.

via NSA, DEA, IRS Lie About Fact That Americans Are Routinely Spied On By Our Government: Time For A Special Prosecutor – Forbes.

Email service used by Snowden shuts itself down, warns against using US-based companies | Glenn Greenwald

I didn’t know about Lavabit until they pulled their own plug yesterday, but I deeply respect its owners’ refusal to play along to the NSA’s excessive and unconstitutional spying.

A Texas-based encrypted email service recently revealed to be used by Edward Snowden – Lavabit – announced yesterday it was shutting itself down in order to avoid complying with what it perceives as unjust secret US court orders to provide government access to its users’ content. “After significant soul searching, I have decided to suspend operations,” the company’s founder, Ladar Levinson, wrote in a statement to users posted on the front page of its website. He said the US directive forced on his company “a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit.” He chose the latter.

via Email service used by Snowden shuts itself down, warns against using US-based companies | Glenn Greenwald | Comment is free | theguardian.com.

The NSA Leaks Put Our ‘Methods’ At Risk, But Bragging About Monitoring Al Qaeda Emails Doesn’t? | Techdirt

Techdirt points out the obvious: how can the entire legislative branch be crowing about detecting an imminent terrorist threat through intercepted emails and not be divulging sources and methods? Snowden pointed out that the NSA is spying on millions of innocent Americans but government leaders can tell Al Qaeda and the world that we’re reading their emails and it’s somehow okay?

Anyone else get the idea that the American public is being played for fools here?

The intercepted conversations last week between Ayman al-Zawahri, who succeeded Osama bin Laden as the head of the global terrorist group, and Nasser al-Wuhayshi, the head of the Yemen-based Al Qaeda in the Arabian Peninsula, revealed one of the most serious plots against American and other Western interests since the attacks on Sept. 11, 2001, American intelligence officials and lawmakers have said.

So… revealing that we collect data on everyone somehow turns Snowden into a traitor, while having officials in the government tell the NY Times that we directly intercepted emails between Al Qaeda’s top leaders is somehow perfectly fine? How does that work?

via The NSA Leaks Put Our 'Methods' At Risk, But Bragging About Monitoring Al Qaeda Emails Doesn't? | Techdirt.

WordPress brute force hack attacks

Since this spring, the world’s WordPress sites have seen a surge of brute-force hacking attempts, where scripts running from “botnets” have been steadily trying one dictionary word after another in an attempt to take over their victim sites.

I was alarmed to discover this traffic hitting my website earlier this week and was stymied as to how to prevent it. Normally when one gets a hacking attempt, it’s a simple thing to block that site’s IP address using firewall rules. In this case, however, the attackers are using a massive array of hacked computers scattered around the world. Each hack attempt comes from a different IP address, making it impractical to block them all.

Wondering if my site would soon fall to these script kiddies, I took some time to configure some analysis tools to get a better idea of what I was facing.

I needn’t have worried. This is what these genius password attempts look like:
Continue reading →

Poor password management by banks

I recently signed up to the site of one of my (many) 401K administrators. When it came time to pick a password for my account, I was disappointed to see the kind of restrictions the bank put on my choice of password:

Password requirements:

Must contain 8 – 20 characters
Must contain at least one letter and one number
Is case sensitive (e.g. “MyPassword” with an uppercase “M” and “P” is different from “mypassword” with a lowercase “m” and “p”)
Cannot contain any spaces
Cannot contain special characters (e.g. !#$%^&@,;*( )+~?<>‘\”)
Cannot contain more than 2 of the same consecutive letters or numbers (e.g. aaa or 222)
Cannot be the same as your previous 6 passwords
Cannot be the same as your Username

I understand some of these, but not allowing spaces or special characters? That significantly reduces the complexity of available passwords, making the password easier to crack. Now perhaps they get around this by giving the user x number of tried before locking her out, but why not just allow special characters?
Continue reading →

Hackers Are Now Leery About Inviting the NSA to Their Conventions

Ruh-roh.

The announcement appeared at the conference website yesterday, in a post titled, “Feds, We Need Some Time Apart.”

For over two decades DEF CON has been an open nexus of hacker culture, a place where seasoned pros, hackers, academics, and feds can meet, share ideas and party on neutral territory. Our community operates in the spirit of openness, verified trust, and mutual respect.

When it comes to sharing and socializing with feds, recent revelations have made many in the community uncomfortable about this relationship.

via Hackers Are Now Leery About Inviting the NSA to Their Conventions – Yahoo! News.

S	M	T	W	T	F	S
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30