Much to my surprise, this site is coming together, and despite the variety of software packages involved, it even looks fairly cohesive.

Other than cleaning some CSS and resolving my watermark issues with the photographs, I probably will let the robots begin indexing this site very soon. And then I can concentrate on content alone. At least mostly.

You know, I’ve grown to hate coding (and I use that term loosely) webpages. There is no great meaning in formatting a page to appear consistent across platform, browser, and screen resolution. Moreover, because of the nature of webfonts, I can’t even use the typefaces I like. Dwelling on that is of little value, but I have learned one useful thing in this dance of two steps forward one and a half back – the back of a 20″ CRT is a great way to reheat food in styrofoam packaging.

Bruce Schneier recently wrote an article, published in 2600 (the summer 2006 issue; go out and buy it – I’ll wait) discussing the elements of the hacker mentality. It is interesting to see 2600 publishing (and having the clout to publish) an expert of such stature – a welcome change from the often trivial and outdated hacks that have plagued 2600 issues over the past few years. I hope the future brings more article of similar quality from others of his caliber, not just from security and cryptology, but from all fields of interest – EE, telecom, OS developers – and even from those in fields not obviously or directly related to traditional hacking – linguistics and physics, for example. True, this would be of less immediate value in a practical sense, but such articles contribute to a timeless treasury of thought, not easily rendered obsolete from the constant state of technical development.

With respect to his article, much of it was a rehash of the classic definition of a hacker as defiant explorer, whose principle resources are his curiosity and disregard of common beliefs. While little of it was original or groundbreaking, there were two aspects worth noting in what he did say, and one in what he didn’t.

First of all, he quite rightly does away with the hacker/cracker issues. For the uninitiated, most old school hackers have come to call malicious users of exploits “crackers” in response to the demonization of the term “hacker” in the media, in an attempt to reclaim the term for the innovators who struggle against the boundaries of established systems. While the impetus behind this endeavor is well intentioned, it is ultimately self-defeating. Hacking, Schneier avers, is solely about the struggle against boundaries, limits, and definitions. How the hacker proceeds to use that knowledge makes him good or bad. Removing morality from the definition is something uncommon from the pages of a magazine which calls itself “the Hacker Quarterly,” as they, more than most, need to decriminalize hacking to avoid the condemnation of their work. Ultimately, however, supporting a definition which is largely reactionary is self defeating. It leads to terms no one other than hackers will use anyway – white hat, black hat, and gray hat – as if CNN will start using mage classes in their articles to evaluate the intentions of hackers! Schneier is simply returning to the classic definition by discarding the moral cruft now attached to the word and leaving the morality to an evaluation of intent and practice. Again, by definition this is not an innovative thought, but it is a corrective attempt, notable for the medium in which he chose to make it.

Similarly, Schneier holds that as a rule – and perhaps the ultimate rule of hacking – there is there is no concept of “cheating.” Just because an attack on a secure system does not rely on theoretical math, but employs a “mundane” approach like a side channel attack, makes the hack no less worthy of a first rate hacker. While his reasoning is rooted in the fact that he sees the hacker as motivated by the actual implementation of knowledge – hacking as applied thought – (and it should be noted that Schneier has admirably critiqued some of his own academic work for being too “ivory tower” – perhaps secure mathematically, but less so in real world implementation, when subject to the laziness of users and the needs of usability) but critiquing a hack based on certain rules of how one should think is the very antithesis of the outside-the-box thinking that hacking should both develop from and engender.

As far as I can tell, he is right in both respects; but then again, bright people often are. What surprises me is while he attempts to relate computer hacking to other activities – phreaking, lockpicking, and the defiant science of men like Galileo, he does this only while providing a background for the mindset of the hacker and its corollaries. At the end of the article, he is a bit more timid and falls back on the most obvious use of a hacker’s knowledge – security hardening. I don’t think anyone will seek to minimize the value of applying hacking knowledge to strengthen real world systems. However, if the only application he can think of is systems security, Mr. Schneier may need to step outside the box himself.

At dinner, on the first night of this past Rosh ha-Shana, I had the pleasure of discussing a range of topics with a very bright man, who happens to work as a medical physicist. When the conversation made its way over to cancer, he simply said that cancer would be cured by a ruthless mind, and probably a criminal one at that. (He then proceeded to list a number of brilliant and accomplished researchers who have done time for certain business practices. In any case,) Here too, there is no cheating, Mr. Schneier. The hacker mentality serves in all real world problems and often in the theoretical as well – for any theory that is not subjected to every rational attack is weaker for it.

In any case, if Bruce Schneier has never been on your reading list, he should be – and this article is a decent and digestible place to start. Ultimately, of course, Applied Cryptography is what you want to tackle if you have any interest in how these things actually work – from simple historical ciphers to public key systems.

Happy New Year!

So I just got my hands on the most recent Subliminal release, “Just When You Thought It Was All Over” (בדיוק כשחשבתם שהכל נגמר). Perhaps I am completely out of it, but I’ve never quite seen anything like this on an album:

For those of you who are Hebrew impaired, next to each song is an SMS code to order a ringtone – either synthesized from the right column or sampled (Truetone) from the left. (The rest talks about joining “friends of Subliminal club” by SMS.) What I want to know is, what did they do with the first track which is mostly silence with a little bit of rapping and some melody played on a keyboard in theremin mode.

Has this become common across the pond(s)? After all, you have to be pretty big in your country for it to be worth setting up this system – I mean Subliminal has shattered every Israeli music sales record, so the guy isn’t hurting – but the back of his album looks like a bus stop ad. At the same time, it’s pretty clear that his music is not strictly a commerical item – there is some attempt at artistry in his music – some of the songs are just plain good, if not the most original.

Now I’m not going to begrudge a man for trying to earn some more money, but I am simply wondering if this has become common practice in the ringtone addicted world – even with non “*-idol” albums- , or is this an example of Sabra ingenuity?

Now that I think about it, had it just been an insert in the album, I would have been amused, but it wouldn’t have been comment worthy.

Parties are overrated.

Jello shots are overrated, even with generous vodka.

Friends are not.

Last night I recieved far too much computer hardware for my humble apartment. As JK moves to places farther north, he passes on that which was passed to him:

• a Nextstation Color
• a Next (sync on green) Monitor
• a Quadra 900
• a Mac Monitor
• a Beige G3 PowerMac (Tower)
• an IBM Netfinity 4000r (though neither of us knew what this was at the time).
• a Sparc 5
• a Lexmark Optra RN+ Laser Printer
• a Mac Classic
• assorted cables and widgets.

Now some of these are working right off the bat. Some of these will take some work, mostly because they were either designed for enterprise installations or they are just plain obscure. Possibly both. Thng is, while I enjoyed being able to boot up the G3 and have my first chance to play with my very own Mac (discounting some experimentation with OS/X on x86) the real fun is with the Sparc and the Next.

There are these computers, that exist between the dinosaur PCs (in the larger sense of personal computing) and the Wintel GUIs of the late 90s and today, which occupy a certain place in every geek’s heart. Somehow, they contributed to the modern computing experience – or they somehow exceeded it – but were relegated to a role that kept them out of the hands of most users either by price, availability, or a failed business model. Possibly all. The Sparc and the Nextstation were two big ones on my list to aquire. As the day passed, others popped into my head, mostly in the following order:

• an SGI Indigo
• a BeBox
• a DEC alpha
• a NextCube (I admit, a bit greedy)
• one of the later Amigas
• and to make up for lost time with Apple since my Apple IIc- a IIgs, Lisa, and G4 cube.

Sure, there are others, and the G4 hardly fits with the rest of the list, but these are the computers that over the last 20 years have left me with a feeling of… well it’s hard to generalize, but they are all “cool” in one way or another – even the very corporate Sparc (for its design and OS) and Alpha (for its hardware and being the only non-x86 platform ever to run a commercially available version of Windows). They are also very system oriented – none of these computers have the commodized feel of an AMD or Intel box. Of course, that is part of the reason these computers are on this list and not in my house – their uniqueness drives their price the wrong way, making them notable objects of interest, even perhaps desire, but unobtainable until years after the company folds or sells off its hardware division as it escapes the path of the invincible price/performance ratio of x86(-64).

But now some of them are mine. And I will be scrounging for parts and attaching them to my network and then wondering what in the hell to do with them.

I’ll think of something.

(more…)

After hosing my previous install, I think I have everything working fine.

See?

I have extended the cache to all php filenames in my themes. Seems to have fixed the loading blank page problem.