Archive for July, 2009

Hola, senior. We are the Federales; you know, the Mounted Police.

Friday, July 31st, 2009


I only had to stand in line for about 20 minutes to get one. The latest batch was gone by noon; there were signs up at registration that they were not getting any more, and rumors later in the day that a fresh batch had come in.

Also, posting this gives me an excuse to link to one of my favorite sites, for those who haven’t seen it before.

Five. Five dollar. Five dollar slice.

Friday, July 31st, 2009

What is the greater cultural meaning of a New York pizza place charging $5 for a single slice of cheese pizza?

A small slice of heaven on Earth.

Thursday, July 30th, 2009

Sometimes, life is nothing but “bad news and the pills that go with it” (to quote Achewood). And then, sometimes, something goes right.


Num Tok

Woon Sen soup

Scallops with red curry

0-Day DEFCON Notes

Thursday, July 30th, 2009

I like DEFCON. I like Dark Tangent personally. I like Joe Grand, the guy who has designed the DEFCON badges for the past few years.

But, guys, it looks really bad when, for the second year in a row, you run out of badges early on Thursday and have to issue temporary badges until more real ones get to the con Friday morning. You don’t even have the Olympics to blame this year. This is especially frustrating now that badge hacking is an official event/contest.

DEFCON talks I will not be attending:

“Hacking UFOlogy 102: The Implications of UFOs for Life, the Universe, and Everything.”

“Two years ago at Def Con 15, Richard [Thieme] presented Hacking UFOlogy. He supported his contention that (1) UFOs are real and (2) the data to support that statement is voluminous with numerous references and links…”

Hippie, please.

DEFCON talks I plan to attend:

“Is your iPhone Pwned”, Mahaffrey, Hering, and Lineberry. (This may be tough to get into, but it is scheduled against Dark Tangent’s intro and Joe Grand’s discussion of the badge, so we’ll see.)
“Hacking with the iPod Touch”, Willhelm
“That Awesome Time I Was Sued For Two Billion Dollars”, Scott
“Three Point Oh”, Long. (For the speaker’s reputation; I’ve heard Johnny Long speak before, and he’s someone I’d like to know better.)
“Something About Network Security”, Kaminsky. (Again, for the speaker’s reputation; Kaminsky is to TCP/IP what Musashi was to the sword.)
“Hacker vs. Disasters Large & Small”, RenderMan and Schearer
“Personal Survival Preparedness”, Dunker and Dunker
“Picking Electronic Locks Using TCP Sequence Prediction”, Lawshae
“Sniff Keystrokes With Lasers/Voltmeters”, Barisani and Bianco
“Bluetooth, Smells Like Chicken”, Spill, Ossmann, and Steward. (It looks like they’re going to talk about using software-defined radio to sniff Bluetooth, techniques for breaking the pseudo-random hopping sequence, and apparently some stuff that can be done with sub-$10 off-the-shelf hardware.)
“RAID Recovery: Recover Your PORN By Sight and Sound”, Moulton
“USB Attacks”, Vega
“Cracking 400,000 Passwords, Or How To Explain to Your Roomate why the Power Bill Is a Little High”, Weir and Aggarwal

I missed the panels on “Hacking With GNURadio” and “Hacking the Apple TV and Where your Forensic Data Lives”. Perhaps next year I need to arrive on Wednesday. If there is a next year.


Thursday, July 30th, 2009

I’m not exactly sure how to describe this *NYT* story; I would use the phrase “human interest”, but it’s actually about a revolver. Specifically, a vintage S&W .32 Hand Ejector that fell out of a perp’s waistband, went off, and hit a cop.

The revolver was traced to the Smith & Wesson plant in Springfield, Mass., according to law enforcement sources.

Oh, boy. That’s some fine police work there, tracing a Smith and Wesson revolver back to the Smith and Wesson plant.

But, when a .32-caliber revolver is fired, it keeps the casings inside its rotating chamber instead of spitting them out like a semiautomatic pistol, making it hard for forensic investigators to determine whether it had a criminal past.

Say what?

Like other guns seized by the police, it will be melted down and reincarnated as wire clothes hangers.

(insert cheap Mommie Dearest joke here)

(Above by way of the S&WCA mailing list.)

In other news, the legendary Reverend Ike has died.

Going Transmetropolitan FYI

Thursday, July 30th, 2009

I’m in Las Vegas for DEFCON, so posting may or may not be light.

I may try to do some live (or semi-live) blogging from the convention, depending on how things go. I may end up just compiling notes and posting when I get back to the room at night. (For those who are not familiar with DEFCON, one of the things it is most famous for is having the most hostile network in existence.)

I wish Wikipedia had one throat, and I had my hands around it.

Wednesday, July 29th, 2009

By way of the *NYT*, we learn about the latest Wikipedia controversy:

“… a furious debate involving psychologists who are angry that the 10 original Rorschach plates are reproduced online, along with common responses for each. For them, the Wikipedia page is the equivalent of posting an answer sheet to next year’s SAT.”

Bonus: Mike Godwin content.

Efficient closest point calculation; how to?

Tuesday, July 28th, 2009

Randall Lawrence Waterhouse

Current meatspace coordinates, hot from the GPS receiver card in my laptp:

27 degrees, 14.95 minutes N lattitude 143 degrees, 17.44 minutes E longitude

Nearest geographical feature: the Bonin Islands

—Neal Stephenson, Cryptonomicon

One of the projects that I’ve had cooking in the back of my mind is to implement something like Waterhouse’s signature block in Cryptonomicon. After all, I’ve reached a point in my life where I actually have GPS equipment and a computer that are small enough to use on an airplane. (Unlike Waterhouse, I tend to fly coach.)

There’s a couple of different parts to this project as I see it.

  • You need an interface to the GPS reciever to get the current position data. That should be easy; both Perl and Python have GPSD interfaces.
  • You need a database of geographic points. It looks like that shouldn’t be a hard problem to solve; there’s some online databases that I think can be made to work, or converted, for this purpose.
  • You need an interface between your programming language and the database to look up points. Again, that should be easy; I’m assuming the database of geographic points is stored in some sort of standard SQL databse, and both Perl and Python have SQL database interfaces. (One possible problem is that I want to be able to run this on a Nokia N800, and the SQL database choices for that machine are kind of limited.)
  • You need to be able to calculate distance between two points. That’s easy: see  for an example.
  • But here’s the problem. Let’s say you have a database of two million geographic points. How do you efficiently find the closest point to your current geographic location?

I’m stumped by the last part. Doing two million Haversine calculations seems like a time consuming operation; I suspect on a N800, the closest point would have changed substantially by the time the calculations finish.

Anyone have any good ideas? If I ever do write the script, I promise public acknowledgment (and public posting of the code).

Welcome to Whipped Cream Difficulties.

Tuesday, July 28th, 2009

Whipped Cream Difficulties is an occassional web log about things I find interesting. Some of those things might be:

  • Food (especially around Austin, TX).
  • Guns (especially Smith and Wesson revolvers).
  • Interesting items I find around the net (but I’ll try not to duplicate FARK).
  • People who died (died).
  • Popular culture.
  • Computer security.
  • Art, damn it, art!

This isn’t intended to be all-inclusive.

I work for a large four-letter computer company, but I am not an official representative of same, and will not comment on non-public information.

I welcome comments. Spam will be vigorously deleted.