There are distinct smells to seasons, and in New York, this is not limited to the floral dawn of spring.  Here, at least, the smells are decisive heralds, for once they come, they and their season do not leave until complete.

Winter’s is perhaps my favorite of these, and as of yesterday afternoon, it seems Fall has drawn to an early close.  You can never be sure what precisely produces it - it is the amalgam of all things grey: woolen clothing, the smoke of roasted nuts, the exhaust of overtaxed cars. Appropriately, it arrived a few hours after the victory parade for the Fall Classic.

Given these circumstances, and that relocating to the South is at its most uncertain today, necessity mothered me with:

Winter Tea

3.5 oz Rye
2 oz Simple Syrup
1 oz Dry Vermouth
1/2 oz Grenadine
Lemon Bitters

Bring Rye, Simple Syrup, and Grenadine to a boil, pour into mug, add vermouth cold, add bitters.

The drink can obviously be overly sugary, so add water and time to the boil according to taste.  In the alternative, a weaker but still enjoyable concoction can be had by mixing this with hot tea. I used green tea (shamefully from a bag) in a 3:2 tea to “Tea” ratio.  The trick is to boil the alcohol while waiting for the tea to steep.  Pour the hot alcohol, then the cold alcohol, then the tea.

Be careful with high proof drinks and fire.

Today, Slashdot posted a story to the front page regarding a widespread SMC 8014 router/modem vulnerability, allowing access to administrative functions.  I would link to the original blog post, but it seems to be slashdotted. (Edit: no longer. I also indulged myself with a comment on the slashdot story and the blog post, both came late in the game. No, I’m not selling anything nor do I get ad revenue.)  In any case, this is nothing new.  These and similar SMC routers are common in New York and are identifiable in their use of a four digit hex SSID.  Naturally, all APs broadcast their Wifi adapters’ MAC address in the clear, allowing for identification of the manufacturer (barring spoofing).

These SMC routers were ordered in bulk with a custom firmware, with some “features” that were put in place to (presumably) assist in over the phone tech support.  The firmware enables WEP encryption with a preset key on the network and uses Javascript to disable more advanced features, including choosing WPA.  If that wasn’t problematic enough, the WEP key is derivable from the MAC address.  Let me repeat that point as clearly as I can.

The preset WEP key is derivable from the MAC address that is broadcast in the clear.

That last part is trivial, and I’m not going to give out (what I hesitate to call) the algorithm.

But wait, there’s more.  One of the advanced features disabled by the Javascript hack is the ability to change the WEP key.  I was not vulnerable to this (I use a different service with my own hardware), but a friend was -which allowed me to do a bit of work on these routers and their deployment.  We were told (July 2008) by a customer service rep that changing the WEP key was not supported for the end user - even after I asked my friend to claim that she thought someone had her “network password” (which was technically true).

Ironically, the vulnerability mentioned in the Slashdot article is the means to secure the router: by using various techniques (disabling Javascript, Greasemonkey, etc.)  you can restore these functions: changing the mode of encryption, the key, and the administrative values.

SMC is not the only company to have sold these gelded all-in-one routers to bulk telecom customers; nor is Time Warner the only customer to deploy them.  In a private discussion sharing these findings with some westcoasters at Defcon in Aug 2008, I was told there was an L.A. telecom doing exactly the same things - mass deployed routers with predictable keys and a broken firmware that prevented a fix.

It is a curious effect of copy and paste, of quote and translation.  Today, one can easily find fifteen minutes of fame, in the most literal of senses.  This is not news.

The oddity is that you can find that you were famous months after the fact.

Back in February, when Facebook was considering some controversial TOS changes, I was (apparently) early in joining one of the the Facebook protest groups.  Now admittedly, I did care about the TOS issue: I posted items and used my status message to try and raise awareness.  I made one or two wall posts in said protest group.  Mostly, I wanted to clarify that the TOS wasn’t seizing copyright ownership, but the distribution license had onerous consequences.  I then said that in response, I deleted my uploaded photographs, save a profile picture or two.

Now, mind you, I have no precise idea what I said : after Facebook abandoned the proposed terms, I quit the group.  With many such Facebook groups having been formed, and hundreds of thousands of users joining them, and in turn, generating thousands of posts and threads, my original is sufficiently misplaced.

None of this would be of any interest to me - or to any right thinking individual - but for the curious addendum.  A couple of weeks ago, I googled variants of my name to see where this site was showing up.  Lo and behold, by page three, nearly all the links were in Spanish.  This was of particular curiosity to me, as my Spanish aptitude never progressed beyond some Fs and Ds in high school classes.  (Immersion methods do not work well with me, unfortunately, it took me years to figure this out and learn what does.  Another story for another time.)  Apparently, some tech writer for the EFE news service needed a quote for his piece on the TOS changes – and the user response – and quoted me.  In turn, this article was reposted and quoted by aggregators and blogs across the Latinternet.  This happens, nothing special.  However, since the original quoting was translated into a language I don’t speak or read, I had no idea until May, despite the EFE being the fourth largest news agency in the world.

Now, I cannot be certain why the original author quoted me (and I should point out, that while I don’t recall the precise wording, the translation entirely correlates with  my recollection of what I wrote) but I suspect it is because:

• I wrote with a reserved, educated tone.
• I separated my understanding of the situation from my response.
• I sounded like I knew what I was talking about.
• I am from New York.

To invoke a bit of Cialdini, the first two strike me as social liking through identification.  The first point results in a tone similar to modern journalism, and not only garners the sympathy of a writer accustomed to the style, but in using a similar style, it fits smoothly into a newspaper piece.  Similarly, the second is akin to an editorial response or, more liberally, the conclusions of a reporter.

Coupled with the a writing style, (I’m glad the reporter kept the “permissive and perpetual” bit in Spanish – I liked it enough to remember) simply sounding like I had read the new TOS and was capable of calmly correcting others probably secured me a air of authority.  Finally simply being from New York (my primary Facebook network), which the reporter did specify in the quote attribution, is both identifiable and desirable from a global perspective.  This is certainly liking and authority at play – a well spoken, informed, urbane “expert” from an international city says… – but also maintains a smooth flow for the reader who already has some idea where New York is, as opposed to stopping to wonder what or where Buffalo is.

Still, this story is just a an anecdote, a curiosity of a google search, and the subsequent analysis somewhat facile and obvious.  The lesson is not:  if you choose to write with a certain style, you will “speak” louder than others in a written medium.  Make sure that you want those words repeated: if you write well-formed drivel or masterful and erroneous prose, you may find the echo much louder than expected and the ringing criticism deafening.

This is the burden of educated speech, whether educated in fact or in tone: if you write with care, have a care with what you write.

Is the right way to drink gin. To wit,  an (obvious) martini variant I made up the other week:

The Brandon

2 oz Gin
1 oz Cranberry Schnapps
4 dashes Peychaud’s Bitters
2 dashes Regan’s Orange Bitters

Pour the schnapps into a chilled cocktail glass, coat the insides
Pour out the cocktail glass into the mixing glass.
Add Gin, Bitters, stir, double strain.
Garnish with a large orange slice or cherry.

Nothing brilliant here - other than the taste - it just restores the bitters from the classic Martini recipe, replaces sweet vermouth with cranberry schnapps, and uses the Peychaud’s to add contrast in the finish. Some things to note - since quality kosher vermouth is hard to find (Stock, Cinzano, and Martini & Rossi only have hechshers in Israel, the US Kedem vermouth it not good enough to burn, let alone drink) - this allows a nice kosher alternative to the traditional Sweet Martini.

Since neither Peychaud nor Regan carry hechshers, they do need to be substituted.  I added the (considerable amount of) Peychaud’s to give the drink an anise flavor, so perhaps a teaspoon or less of such that flavor in a  red or clear liqour might stand in - arak or ouzo should work; Sambuca is probably too sweet.  As for the Regan’s,  one or two dashes of Angostura mixed with orange oil or zest could stand in.  If you grate rather than twisting the oil from the zest, double strain with a mesh strainer.  Hell, do that anyway.  Ice fragments ruin this drink.

Don’t use more than 3 oz Gin or the drink will lose its particular charm.  If the cocktail is poured to the lip of the glass, the in and out (coating) is pointless.

Finally, since it seems I’m posting odd news stories today:
Man shoots and wounds his daughter after she pours out his gin

Whatever.
I shot a man in Reno, cause he spilled my rye.

Ok, every Jewish kid has heard the story of some high school couple who manage to “accidentally” do the nissuin thing and end up needing a get.  Maybe it’s happened before (and maybe it will happen again*), maybe not.  But now, in this Brave New Intarweb, you can point to a Google search to show that it has:

14-year-old girl becomes Israel’s youngest-ever divorcee - Haaretz

I picked the Haaretz coverage because it covered the best detail - not the consummation of the marriage - but the 10,000 NIS payoff by the groom’s family to get the girl to go away.

* Good bye, BSG.  You were the show I would have made.

The children are right.  It is not an indictment; it is reconciliation.

The academics are right, albeit inadvertently so:  German is beautiful; the fault lies in those to whom its legacy is bestowed.

(D)er schreibt wenn es dunkelt nach Deustschland.

Recently, it seems that I’ve been bitten by the writing bug once more - not that you’d know from the dearth of posts or the cliched metaphor in this very sentence.  Be that as it may, I find myself writing once more, and often prefer a computer to pen and paper as I am given to editing in place.   It’s just my way.

I’ve been looking at editors geared to little distraction for a while and considered the obvious - the obvious to me - such as lyx and vim but neither seemed to turn my Ubuntu running EeePC 701 into the full screen editor / typewriter emulator I was looking for.  I remembered a recent Slashdot thread - recent being almost a year ago(!) - inspired by a New York Times article discussing this very problem.  Amongst the recommendations was a program called Writeroom, a stripped down full screen editor presented in green on black glory. Writeroom, however, is an OS/X program, which meant I was still without a solution.

Apparently, in the time between that story and my latest bout of scrivenery inclinations, an enterprising and kind soul released an open source Python based clone: PyRoom.  Even better, he maintains Fedora and Ubuntu repositories, sparing me from the annoying maintenance involved with tarballed binaries.  I’m just putting the program through its paces, but it looks to be precisely what I was looking for - a simple full screen keyboard oriented writing implement designed to minimize  distractions and maximize writing.

If you have been looking for a solution to the same problem, it is worth the few minutes it takes to add the repo and install.

When a Math/Compsci Professor comes to your apartment, peeks his head around a corner and exclaims

- with sarcasm, suprise, and a hint of disgust -

“Oh look. Another computer.”

The UAL story - as a parable - is too good to be true. (As fact, it seems patently unfair to UAL.)

As a cautionary tale, it got even better - expanding on the chaotic complexity of interacting state machines:

Single Web Hit Led to UAL Glitch, Tribune Says - WSJ.com

Missed Last HOPE? Wanted to hear the OpenSSL lecture but couldn’t get into Turing?

The ridiculously overpriced DVDs ($20 per talk, $100 for ten) of the lectures are being ripped and tracked here.

Note that the video quality issues (poor color and contrast) are DVD issues, not a consequence of the ripping.