Hiring Hackers

Via the man who should be national security advisor, this fascinating email exchange between a “hacker” and a congressional staffer. The staffer wanted his college GPA “fixed” to improve his grad school outlook. The hacker apparently just wanted to mess with the guy:

If attention comes down, remember that we’re both equally liable in the actions. I’d rather not go to prison, you? I’ll use some snazzy IDS evasion techniques, spoof my IP, use my neighbor’s wireless, send decoy packets from a BitTorrent network, use some old PBX tricks to make them think it is an internal job and more. Think of all the stuff you see in the movies, but better.

They Might Be Giants Are Marketing Geniuses

When They Might Be Giants started releasing kid’s albums back in 2002 with “No!”, I didn’t really understand why they had chosen to go in that direction. Two years later, though, I had a kid, and now I realize They are marketing geniuses.

(my kid)

They Might Be Giants made their mainstream debut in 1986. The oddball audience that really got it would have been between 13 and 25 years old at the time (as was I). Most of those folks now have settled down into stable jobs, disposable income (read: can afford to purchase music), and kids.

For those of us worried about inculcating our children with an appropriately developed sense of irony to get them through the next century, TMBG is the perfect prescription. We can play our kids these new albums and rest assured that our kids will eventually appreciate Terry Gilliam, Ze Frank, John Belushi, and the like. And learn the alphabet (mp3) (ogg) while they’re at it:

F is far too fussy and only eats with fancy wine
G eats only gourmet but never can decide
H burns food so horrible
all I tastes is smoke
J just likes drinking juice
and K drinks only soda

(Please note the Cake tribute — which is interesting, since Cake was undoubtedly influence by TMBG.) (If you don’t get the joke, it’s “soda.”)

The target audience, of course, is still “us” — those of us over 30, who are more likely to actually purchase music rather than copy it. It’s an interesting reversal of the more typical marketing plan which involves getting kids to nag their parents to buy things.

It thus makes a lot of sense that TMBG is selling tracks direct online from their website in unencumbered formats — $9.99/album in MP3 format, or $11.99/album as FLAC files. An extra two bucks for lossless audio? Of course I’ll buy that! You should too.

Advertisements… trailers?

Movie trailers linked from IMDB now apparently require you to watch an unrelated advertisement before the trailer starts.

And here I thought movie trailers were advertisements…

Questionable Verizon EVDO Support

Once you’ve had a taste of EVDO (presently offered only by Verizon and Sprint), it’s hard to imagine not having it. Like cell service, you quickly forget what it was like not to be online always everywhere. (It’s a great example of our rising “baseline” standard of living).

Recently, I switched to an embedded EVDO card on a new laptop (running Windows for reasons beyond the scope of this blog entry). It worked for a couple of days, and then I started getting mysterious “error 913” messages when trying to connect. After trying all the solutions that seemed obvious to me, I contacted Verizon Wireless Tech Support as suggested by the error message, which otherwise provided no information about error 913.

Perhaps surprisingly, Verizon Wireless Tech Support didn’t really know what error 913 was either. After a few minutes, I was escalated to second level tech support. They had me reboot. Then they had me reinstall the card controller software. The second-level tech support person put me on hold to speak with whatever higher level tech support she had access to. Then they had me delete the EVDO connection from the dial-up networking control panel and re-create it. None of these things worked. So she said I should just return the laptop to the store and get a new one.

It was perhaps the best example of the three “R’s” of Windows Tech Support I had ever experienced: reboot, reinstall, replace. This may perhaps be the only cost effective way of providing such support.

I persisted, though, as I was pretty sure there wasn’t a hardware issue given that all the diagnostics were coming up without error. I would rather not return a perfectly good laptop just because we couldn’t figure it out. I was also suspicious because I had seen several instances of precisely this problem popping up in message boards, and the tech support person herself told me that she had recently been unable to solve the same problem with another customer. It just didn’t have the symptomology of broken hardware.

After a few more minutes of speculating about why this might happen, the tech support person said she had an idea, and asked me to try to reconnect. Since then, it has worked perfectly.

As I understand the problem, my account was enabled for unlimited “roaming” EVDO access, but did not actually have authorization for “non-roaming” (i.e., within the network) access. Thus the connection was rejected.

There are several things wrong with this picture. Why didn’t the EVDO access manager software provide an error message that actually indicated that the connection was refused for lack of authorization? Why didn’t anyone at Verizon know what error 913 was? Shouldn’t Verizon have a checklist for such issues that includes “check to see if the subscriber is properly signed up”? (For that matter, why did my account spontaneously lose non-roaming access?) These are just a few questions that come to mind.

I hate to beat on Verizon, since I’ve done it three times before, but it’s almost like they’re just asking for it. Maybe it’s time they rethink their organizational strategy.

Bad Passwords

Interesting article by everyone’s hero Bruce Schneier on real-world passwords. Schneier analyzed the spoils of a phishing attack on MySpace that resulted in the collection of 34,000 usernames and passwords:

We used to quip that “password” is the most common password. Now it’s “password1.” Who said users haven’t learned anything about security?

Web Video Comedy

As it has become virtually costless to become a web video publisher, we’re seeing more and more really funny noncommercial content. To make a funny web video, you don’t really need anything, other than to be funny. Special effects and paid actors are not really essential and perhaps detrimental.

After much urging by Steve, I have finally become a devotee of The Show with Ze Frank. See this wikipedia entry for background. I suspect if The Daily Show had been born a few years later, it might have taken the no-budget format that Ze Frank uses. (The fact that the show is the top result in a Google search for the show (no quotes) must be some proof of its worth.) I was going to recommend a particularly good episode, but they’re all great.

Also via Steve, this excellent piece about OS X and Linux security (slightly not work-safe). Lest you think I’m unduly influenced by Steve’s recommendations, I should point out that Steve has finally gotten around to taking some of my suggestions.

(As a follow-up, I’ve been meaning to assemble my numerous tips in assembling/publishing video from linux, but the list keeps growing. Unfortuantely, it’s not trivial, but once you’ve figured out all the arcane pieces it’s possible to have a pretty efficient video production workflow. I’ll get around to documenting it eventually.)

Second Life Posner

William Patry on Judge Posner visiting Second Life. Unfortunately, I missed the event. I haven’t quite mastered Second Living. It’s hard enough to fit everything that needs to be done in First Life.

Canvaspaint

Via Rajbot, CanvasPaint:

A near pixel-perfect copy of Microsoft Paint in HTML, CSS and JavaScript, using the tag as specified by WHATWG and supported by Safari 1.3, Firefox 1.5 and Opera 9.

Maybe we don’t need Flash so much after all.