David Gessel

Gate C at phx

Thursday, January 5, 2012 

It is still xmas in PHX.

Posted at 05:22:48 GMT-0700

Category: Media

The Cloud is Ephemeral

Sunday, January 1, 2012 

Never trust your business, applications, or critical data to a cloud service because you are at the mercy of the provider both for security and availability, neither of which are terribly likely. Cloud services are the .coms of the 2nd decade of the 21st century, they come and go and with them so go your data and possibly your entire enterprise. Typically the argument is that larger brands are safer, that a company like Google would not wipe out a service leaving their customers or partners high and dry, that they would be safe.

That would be a false assumption.

“The cloud is great when and while your desired application is present—assuming it’s secure and robust—but you are at the mercy of the provider for longevity.”

It is necessary to understand the mathematics of serial risk to evaluate the risk-weighted cost of integrating a cloud-provisioned service into a business. It is important to note that this is entirely different from integrating third party code, which just as frequently becomes abandonware; while abandonware can result in substantial enterprise costs in engineering an internally developed replacement it continues to function, a cloud service simply vanishes when the provisioning company “pivots” or craters, instantly breaking all dependent applications and even entire dependent enterprises: it is a zero day catastrophe.

Serial risks create an exponential risk of failure. When one establishes a business with N critical partners, the business risk of failure is mathematically similar to RAID 0. If each business has a probability of failure of X%, the chances of the business failing is 1-(1-X/100)^N. If X is 30% and your startup is dependent on another startup providing, say, a novel authentication mechanism to validate your cloud service, then the chances of failure for your startup rise from 30% to 51%. Two such dependencies and chances of failure rise to 64% (survival is a dismal 36%).

Posted at 22:34:08 GMT-0700

Category: PrivacyTechnology

28C3 Scariest Talk of the Day

Wednesday, December 28, 2011 

We attended Effective Denial of Service attacks against web application platforms by Alexander “alech” Klink and Julian | zeri where they described a really, really easy to implement denial of service attack that exploits an artifact of hash checking which is computationally intensive when the hash table is filled with hash collisions. It is fairly easy to find 2-4 character hash collisions for a given hash functions (and there are only a few variations in use) and as hash operations are performed by default on all POST and POST-like functions, which take (by default) from 2-8MB of data, one can easily tie up a computers CPU effectively indefinitely.

The researchers tested the attack on most web languages in use (and all in common use – only Perl is deployed safe (since 2003) and Ruby 1.9 has a patch available. Every other OS is vulnerable. Today. The attack is only a POST option with a table of delimited hash collision values. You could copypasta a working exploit, it is that easy. The vast (vaaast) majority of sites on the web run PHP, and 1 Gbps of attack vector bandwidth could take down 10,000 cores. With ASP.NET, that 1 Gbps can hold down 30,000 cores cRuby 1.8 (not patched, about half of Ruby installs): that 1 Gbps can keep a million cores tied up.

Yow.

Posted at 18:32:59 GMT-0700

Category: EventsTechnologyTravel

You can’t read this at the Westin

Monday, December 26, 2011 

Oddly, this server is blocked by the network at the Westin Grand, Berlin.  Everything else seems to work, even www.dis.org (which is blocked by sites that subscribe to the  Barracuda filter list, cause any site with information on radios is frequented by hackerz).  It does not seem to be a national level block as I get plenty of visitors from Germany.

Easy enough to get around by VPN, but odd.  Very odd indeed.

Posted at 09:02:40 GMT-0700

Category: HotelsSelf-publishingTechnologyTravel

Rose Picture

Sunday, December 25, 2011 

Not sure why the roses are blooming xmas eve, but they’re pretty in the sunset light.

DSC07338.JPG
Posted at 00:55:06 GMT-0700

Category: photo

huh… MITM or switching mafia allegiances

Sunday, December 18, 2011 

Certs are so fail for authentication.

cert_patrol_Facebook_change.jpg

Posted at 21:34:27 GMT-0700

Category: Media

SOPA/Protect IP: Retarding Progress

Tuesday, November 22, 2011 

If you have ever found the internet useful for anything other than browsing corporate web sites, for example if you’ve ever looked up an independent review or enjoyed a post like this one by anyone at all, then you must contact your representative and insist they reject SOPA and Protect IP.

This act is the most inane, repressive, anti-progress, anti-civil-rights, special interest protecting, bought and paid for legislation I’ve ever had the displeasure of reading.  Every site that has an opinion that might offend anyone with an in-house lawyer will be erased from the DNS system.  The primary opponents of the bill point out that sites like Google and Youtube are targets, but the tactic will not be to strike at targets that can afford lawyers, the tactic will be to wipe out small sites that aren’t generating much revenue first and establish precedent before taking out the big guys.  First all the fun sites will go, then youtube, but, hey, you’ll still have Hulu and Microsoft.com.

Anyone who is favorable to this bill does not understand the constitution and is not fit to stand in office.  It is an absolute rejection of the constitutional mandate to “promote progress and the useful arts” solely to enable short-term profiteering by absurdly wealthy studio execs.

The bills primary sponsors, Patrick Leahy and Lamar Smith: whatever you can do to get these tools of the studio execs out of office, please do.  They’re not from my state, but if they were I’d back anyone who challenged them.

Co spononsors must also be ejected as forcefully as possible.

Protect IP Cosponsors

Sen Alexander, Lamar [TN] – 5/25/2011
Sen Ayotte, Kelly [NH] – 6/27/2011
Sen Bennet, Michael F. [CO] – 7/25/2011
Sen Bingaman, Jeff [NM] – 10/19/2011
Sen Blumenthal, Richard [CT] – 5/12/2011
Sen Blunt, Roy [MO] – 5/23/2011
Sen Boozman, John [AR] – 6/15/2011
Sen Brown, Sherrod [OH] – 10/20/2011
Sen Cardin, Benjamin L. [MD] – 7/13/2011
Sen Casey, Robert P., Jr. [PA] – 9/7/2011
Sen Chambliss, Saxby [GA] – 11/2/2011
Sen Cochran, Thad [MS] – 6/23/2011
Sen Coons, Christopher A. [DE] – 5/12/2011
Sen Corker, Bob [TN] – 6/9/2011
Sen Durbin, Richard [IL] – 6/30/2011
Sen Enzi, Michael B. [WY] – 9/7/2011
Sen Feinstein, Dianne [CA] – 5/12/2011
Sen Franken, Al [MN] – 5/12/2011
Sen Gillibrand, Kirsten E. [NY] – 5/26/2011
Sen Graham, Lindsey [SC] – 5/12/2011
Sen Grassley, Chuck [IA] – 5/12/2011
Sen Hagan, Kay [NC] – 7/5/2011
Sen Hatch, Orrin G. [UT] – 5/12/2011
Sen Isakson, Johnny [GA] – 11/2/2011
Sen Johnson, Tim [SD] – 10/3/2011
Sen Klobuchar, Amy [MN] – 5/12/2011
Sen Kohl, Herb [WI] – 5/12/2011
Sen Landrieu, Mary L. [LA] – 10/17/2011
Sen Lieberman, Joseph I. [CT] – 7/7/2011
Sen McCain, John [AZ] – 7/26/2011
Sen Menendez, Robert [NJ] – 10/31/2011
Sen Nelson, Bill [FL] – 9/23/2011
Sen Risch, James E. [ID] – 11/7/2011
Sen Rubio, Marco [FL] – 5/26/2011
Sen Schumer, Charles E. [NY] – 5/12/2011
Sen Shaheen, Jeanne [NH] – 6/30/2011
Sen Udall, Tom [NM] – 7/7/2011
Sen Vitter, David [LA] – 11/7/2011
Sen Whitehouse, Sheldon [RI] – 5/12/2011

SOPA Cosponsors

Rep Amodei, Mark E. [NV-2] – 11/3/2011
Rep Barrow, John [GA-12] – 11/14/2011
Rep Bass, Karen [CA-33] – 11/3/2011
Rep Berman, Howard L. [CA-28] – 10/26/2011
Rep Blackburn, Marsha [TN-7] – 10/26/2011
Rep Bono Mack, Mary [CA-45] – 10/26/2011
Rep Carter, John R. [TX-31] – 11/3/2011
Rep Chabot, Steve [OH-1] – 10/26/2011
Rep Conyers, John, Jr. [MI-14] – 10/26/2011
Rep Deutch, Theodore E. [FL-19] – 10/26/2011
Rep Gallegly, Elton [CA-24] – 10/26/2011
Rep Goodlatte, Bob [VA-6] – 10/26/2011
Rep Griffin, Tim [AR-2] – 10/26/2011
Rep King, Peter T. [NY-3] – 11/3/2011
Rep Lujan, Ben Ray [NM-3] – 11/14/2011
Rep Marino, Tom [PA-10] – 11/3/2011
Rep Nunnelee, Alan [MS-1] – 11/3/2011
Rep Owens, William L. [NY-23] – 11/14/2011
Rep Ross, Dennis [FL-12] – 10/26/2011
Rep Scalise, Steve [LA-1] – 11/14/2011
Rep Schiff, Adam B. [CA-29] – 10/26/2011
Rep Terry, Lee [NE-2] – 10/26/2011
Rep Wasserman Schultz, Debbie [FL-20] – 11/3/2011
Rep Watt, Melvin L. [NC-12] – 11/3/2011

Posted at 07:54:21 GMT-0700

Category: Politics

Facebook Lose

Sunday, November 13, 2011 

For some time now I’ve used Facebook as a broadcast channel for my content. That is, I post to my personal, self-hosted, on my own server, in my own house blog so I actually, unambiguously own my content. Then I let facebook rebroadcast it. That is, apparently, going to end.

They have decided that they will make it more difficult to use facebook to disseminate content facebook doesn’t own – that is any content you actually enter into the facebook interface is facebook’s and they chose whether to keep it or delete it, make money off it or bury it. You’re just an unpaid worker troll feeding their advertising revenue machine, and you will no longer let to play with their toys if you don’t play along.

Social networks are kind of cool, but it will be a good thing when facebook jumps the shark and we get the next iteration. It’ll be a sad day for everyone who has put a lot of effort into gifting facebook with as much content as they can though, when all that UGC goodness ends up on ebay’s used hard disks section for bargain hunters to sift through with disk recovery tools for their own amusement.

facebook_lose.jpg

Posted at 09:27:52 GMT-0700

Category: Media

2012 Mitsubishi Spyder

Thursday, November 10, 2011 

Hertz gave me this very nice little convertible as a rental when I found my allocated slot empty and they didn’t have my allocated class in the lot, a nice upgrade.IMG00291-20111110-1653.jpg

It has two defining features:

  • it is a convertible and a sporty one at that,
  • it comes with a subwoofer equipped stereo which defines the target market.

This is definitely not a car targeted at classical music listeners. The stereo with the fosgate “punch” setting cranked up is a base heavy “boom car” experience. It sounds fine, the base is clean and well rendered, but it isn’t the balanced, well staged clarity of the sound system in a Mercedes, for example, but fits a particular demographic well.IMG00290-20111110-1622.jpg

The car itself is quite sporty and handles well. Unlike a lot of lower end convertibles, including the Mustang, the body is very stiff and and takes turns and bumps without any tangible body flex. The car corners flat and understeers predictably and with good control (I discovered unintentionally while making a quick u-turn). The car also has more power than one would expect for such a small vehicle, and can spin the back wheels from a stop without resorting to a neutral drop, also an unintentional discovery. Really.

Road noise with the top up is pretty good for a convertible, and better than most at freeway speeds with the top down.

I’d say it is a pretty good choice for a low cost, youth-oriented convertible.

Posted at 20:35:54 GMT-0700

Category: photoPositiveRental carsReviews

Deplane via mobile lounge?

Wednesday, November 9, 2011 

This is a first for me: the jetbridge was stuck, after about 40 min of trying to get it to lower they brought us a mobile lounge and we deplaned from the rear.

Posted at 05:20:27 GMT-0700

Category: Media