Warning: mysql_query(): No such file or directory in /home/robusto/robustmcmanlypants.org/blog/wp-content/plugins/autobanreferer.php on line 127

Warning: mysql_query(): A link to the server could not be established in /home/robusto/robustmcmanlypants.org/blog/wp-content/plugins/autobanreferer.php on line 127
Robust McManlyPants on Average Display » 2009 » June

June 2009


Seen this morning at Republic of Dogs, Fort Worth police raided a gay bar on the 40th anniversary of the Stonewall Inn riots, roughed up the patrons, put one in intensive care and started arresting people for “public intoxication.”

I can’t even process that this would happen now, in 2009. I want to say it’s a sign of our success, that it’s a backlash against the way we’ve managed to modify society to be somewhat more accommodating of us, but that’s not true. It’s just business as usual for the class of persons who think they have a right – usually god-given in their minds – to patrol the borders of acceptable behavior and fuck up anyone they feel like.

I hope a lot of people lose their jobs over this but somehow I suspect the result will be promotions.

I’ve got an iPhone, but it’s one of the old, first generation models that uses the 2G EDGE network for data rather than AT&T’s 3G network. Is it me, or did the EDGE network get faster the day the 3G S came out? I am forced to think it’s a combination of two factors: (1) AT&T adding a whole bunch of bandwidth for new 3G S customers and old EDGE customers increasing their potential bandwidth use by going to the 3G S and (2) a bunch of users moving off the EDGE network. Awesome!

The Boyf and I watch a lot of old TV because we are suckers for shows such as Twin Peaks and Rockford Files and Buffy and the like. When we watch something like that one of us almost always points out the way in which the cell phone would have negated the entire plot or at least a great deal of its action. Twin Peaks would have been utterly impossible in the age of the cell phone, or at least a lot more difficult. A tremendous number of scenes in Rockford involve someone being locked in a room, out in the middle of nowhere or trying to run to a payphone. Countless moments of suspense in Buffy would have been easily solved by the eponymous heroine simply having a phone by which she can be reached when everyone else needs some critter’s ass kicked.

It’s remarkable to me how such a simple idea – a mobile phone – can rewrite our everyday expectations. Those sorts of technological transitions endlessly fascinate me: the shift into a mindset where day-to-day living includes there being a telephone available at all times or, in earlier eras, that transportation is readily available and can move at one’s chosen speed on one’s chosen path, that mobility has come to the masses in the form of the automobile, that correspondence needn’t take weeks or months, all the ways transportation and mass communications have completely reshaped our world. I watch something like Rockford and I think, wow, this entire goose-chasey episode would make no sense in the age of the cell phone because at the very beginning he could have just called the guy. I watch one of the Thin Man movies and there are Nora’s clucking old relatives dressed like a Victorian wedding party and I think, wow, these people probably don’t understand how to use the telephone they own. I see little artifacts of set dressing – a telephone table in a hallway or a payphone in the background or a horse on a city street or a living room that isn’t oriented towards a television – and I marvel.

I don’t claim any special insight as a result of this. I basically am just entranced by the ways we barely notice how everything has changed.

A colleague sent me a link to a fascinating discussion of Iranian internet traffic patterns surrounding the election and what they say about what methods of access to and distribution of media the Iranian regime cut off to control information.

They’re using something called, amongst other things, “traffic shaping.” Basically it allows different types of traffic – web browsing vs. SSH vs. file-sharing vs. WoW vs. whatever – to be throttled or shut down without affecting other applications. As they note, WoW traffic went undisturbed but access to Flash video was all but eradicated. (I choose to forgive their mangling of WoW cosmology – Azeroth is a continent and the planet on which it is found, not an island – in light of their clever off-hand suggestion that WoW be a meeting place to organize protests in the real world.)

Looking at the final graph, here’s what they most blocked in descending order:

  • SSH, normally used for encrypted command-line access but also very useful as a sneaky way to proxy web traffic. If you have a co-worker who can always get to anything online no matter what your IT staff does, and SSH is allowed, that co-worker is using an SSH proxy. (For purposes of full disclosure, guess who’s shite at getting that to work? Moi. I’ve just never cared that much.) Other possible transgressive uses of SSH: terminal session to an external host that has a command-line IRC client installed; encrypted file transfer; etc. If the chart listing percentage dropped is also a rough guide to their list of concerns then they are quite right to consider SSH the most subtle threat to their attempted smothering of information access.
  • Flash, used by basically every video site, including YouTube and many news sites, to embed video.
  • Bittorrent, which of course would make an excellent way to distribute, say, video of the militia murdering someone in the street without it being localized or necessarily traceable to the original person who held the camera.
  • POP, because you don’t want just anyone receiving email from their international friends and relatives, do you?
  • Alternative web ports and HTTP proxies are always a popular target for IT staff who want to control access to porn or, you know, news. I’m going to guess they’re just taking a stab at random ports that are likely candidates for alternate web traffic (say, TCP 8080 or 8181) but maybe they’re packing the serious web filtering heat on that scale. If so then I have to wonder if there are some embargoes being broken.
  • Web cam = citizen journalist/potential YouTube star/access to international friends and family who’ve pointed a web cam at their HDTV tuned to CNN. Verboten!
  • SMB: surprise, Microsoft is super-chatty in Farsi, too. Also file-sharing, though gods help the poor bastard who’s down to trying to share drives across international lines. Any modern ISP that is at all conscious of what it’s doing will be blocking this at its own borders anyway.
  • Then, waaaaaaaaaaaaaaaay down the list: normal old web traffic, email (I’m assuming they mean SMTP and IMAP only, since they list POP separately) and FTP.

So, related to my web filtering comment above, I don’t know a damned thing about what embargoes are in place. Ever since I got yelled at by a corporate VP in 1994 for calling up the Commerce Dept. on my own initiative to ask them about regulations related to international shipping of books that discuss encryption I’ve kind of let the lawyers worry about that stuff. That said, the ability to do this kind of traffic shaping on this scale suggests access to equipment that I would expect is embargoed. I don’t know, though. Maybe they can just buy all their Networking Company X equipment directly from X’s contracted manufacturer in China, y’know? I sure don’t. (Know, that is.) Maybe they’ve got enough people sitting around that they can just write up manual access-lists and try to filter everything by port on whatever devices they’ve got that can take ACLs and that’s why they’re only blocking some of this. I don’t know. In some ways the article raises more questions than it answers, for me, since it makes me want to know the specific techniques and technologies being applied.

All that aside, doesn’t it just kind of stab the ghost of my freshman self through the heart with an icicle to see the internet used to limit information and mask access to the truth? Yes it does. Why it still surprises me I’ll never know.

58-57 on the second vote. That’s a close shave, but it’s good enough. For the first time ever NC state law makes specific, explicit mention of sexual and gender minorities as categories of persons who deserve equal treatment and protection. Today it feels pretty good to be a Tar Heel.

Tonight (Monday) the good version of the anti-bullying bill made it through the first of two votes in the NC House. This is the version that includes explicit mention of sexual orientation and gender identity as aspects of a student’s life that may make them more likely to be bulled.

The vote was a very close one – just 59 to 57 – but I am reminded of the time I had to back a truck over a flexible irrigation pipe at the research farm. The irrigation system was made up of flexible hoses joined to one another by metal couplings. Having been warned to avoid backing over a coupling I managed to miss the nearest one but only by about this much. When a co-worker teased me about it my boss said to me, “You know what? An inch is as good as a mile.”

Part of why I’ve followed this bill as closely as I have – I wrote to and called my state representative, who in fact voted in favor of the bill, and I’ve already sent a thank you message – is that I am so utterly galled by the two main conservative responses to this bill: to claim that recognizing that queer students are often picked on will somehow lead to gay marriage being legalized and to claim that the bill is insulting to teachers and administrators because it suggests they don’t know which kids need to be protected.

I hate to break it to the conservatives – Republican and Democrat alike – in the state house, but some teachers and principals plain don’t know which kids need to be protected. Worse, though, and much more likely in my experience, they know exactly which kids are the targets of bullying and for one or more of a variety of reasons they simply turn a blind eye. Worst of all, there are some teachers and administrators who actually join in.

This happened to me twice in high school. For various complicated reasons two of my high school teachers had explicit knowledge, or close enough so as not to make a difference, that I was a gay student in their school.

One had become one of my favorite teachers ever over the course of my senior year. She was warm and supportive in her commentary on my work and I did well in her class. When she found out I was gay, however, she immediately went cold. She just froze up like a block of ice. For the rest of the semester she didn’t address me directly that I can recall in any manner other than the bare minimum required by my presence in her classroom – say, during role call – or to criticize me in front of others. On the last day of school I stopped by her room to thank her for what I had learned that year – she remained a gifted teacher – and she simply looked at me before turning around and going back to what she was doing.

The other made fun of me to my face in front of most of our very large classroom. He was known, however, as a master manipulator and so of course he did it in an oblique way that would have required me to out myself to my classmates in order to call him on it. I have probably felt more humiliated in my life but I couldn’t say when. This left such an impression on me that a couple of years ago, when I heard he’d had some major health problems and that some old classmates were sending him cards together, I commented to The Boyf that I wanted to send the guy a card but that I wanted to write in it, “I guess I’m not disappointed that you lived.”

Hell, one of my acquaintances, when he asked an assistant principal to help him ward off some bullying, was told that “things might improve if [he] got a fucking haircut.” Yet another acquaintance was the object of such scorn that when he was assaulted one day in the lunchroom a group of teachers held up makeshift Olympics-style scorecards. Eventually he dropped out of school and, last I heard, had run off to a major city in another state and become a prostitute to support himself. He was in ninth grade.

I don’t think that the existence of these rules would have necessarily prevented the experiences I and others had. I know they wouldn’t have fixed the environment that made such treatment possible. However, having them on the books is important. Bureaucrats live and die by the letter of the law and a smart kid could potentially use these rules to chip away at the ground under the feet of an uncooperative or complicit administrator. A good teacher or a good administrator could use it as a shield against those in their communities who think fags are for beating up. It wouldn’t have stopped that teacher from making fun of me but it would have given me something to call him out on. When I was that age and convinced I was the only person in the world who felt what I felt, I would have taken all the help I could get.

In an ideal world, the conservatives who think this bill goes too far by naming categories of student, who think that teachers and administrators will protect all students equally, would be right. Unfortunately, we live in nothing even a little bit like an ideal world.

The Boyf and I were loading some groceries into the car on Saturday evening when he noticed the back of one of my recent comics purchases featured an advertisement for a comic adaptation of Philip K. Dick’s Do Androids Dream of Electric Sheep?. Holding it aloft he asked me to add it to my bag at good ol’ Chapel Hill Comics. “It’s Philip K. Dick!” he said, but my eyes fixed on something else: Warren Ellis.

Reading up on it this morning I now know that he’s not writing it or doing the adaptation of the novel. Instead he’s going to be writing something called “back matter,” which is the commentary and fan interaction at the back. Apparently the text of the comic itself just comes straight from the book, suggesting that this is in more ways an artistic endeavor than a literary one. I think this is a good thing. Why? Because much as I love a lot of what Warren Ellis has written, and much as I will always treasure Global Frequency for containing the most sincerely sweet storyline ever penned about a bunch of people in one neighborhood in NYC who are made to weep tears of blood, become bisexual and speak an alien language, he is just shite at finishing things. I confess that I have come to have something of a love-hate relationship with his work and seeing his name on a title for the last couple of years. Here’s why:

  • The Authority was, when he was writing it, amazing. So ridiculously good, and I’ll be the first to say that The Midnighter was a total hottie. Ellis wrote a couple of funny, affectionate drama queens really well.
  • Global Frequency was a really neat idea, really fun stories and perfect for my short attention span. That the TV series never got made really disappointed me because Ellis so heartily endorsed the pilot. Ah, well.
  • Transmetropolitan, when it wasn’t just filled to brimming with how much it liked itself too much, was a really fascinating setting with some very original elements.
  • Planetary was, almost entirely, amazing. The last issue that showed up in my bag – #24, I guess? Something like that? – anyway, the last issue I read left me with the distinct impression of having gotten closure and that was refreshing. Now apparently there’s another one coming out? Another three issues or something? Fuck. Given it took ten years for them to crank out 24 issues then I have no idea when or if it will ever finish. I’ll buy it, though, because The Drummer is so mad hot and because whatever bizarre gems of classic comics and/or sci-fi lore Ellis unearths to drive the story will be worth consuming.
  • Nextwave is a fascinating idea that has thus far suffered from a trainwreck of a publishing schedule. Is it coming out? Is what’s coming out a one-shot? When whatever may or may not come out does hit the streets will I remember a thing about the last issue? Will I still care? Let’s find out!
  • Desolation Jones is/was, to be honest, revolting. I have no problem with comics that tend towards the gritty, the over-the-top, the “adult,” the scandalous or even the disturbing. This one was too much for me, though. I would sit there reading it and wonder whether another issue of Planetary had been delayed so he could produce this, the 24 of exploitation porn. No thanks.
  • Fell, which is fantastic and makes me wonder just what was going on behind the scenes to disrupt the schedules of good books and push one bad one to market for so long: too many projects? Too little time? Rent due? YouTube addiction?

Maybe I’m being too critical. I dunno. When I first, mistakenly thought that Ellis was adapting Do Androids Dream of Electric Sheep?, I said to The Boyf, “Well, I’ll add it to the bag, but I’ve got to be honest and warn you that if it promises 24 issues in two years we’re going to be lucky to get fifteen in five.” If all he’s doing is the back matter, OK, I’ll give it a chance.

That said, this further illustrates (no pun intended) what an interesting publisher BOOM! has become. Fall of Cthulhu is, honestly, pretty dreadful. Cthulhu Tales, on the other hand, has been wonderful. Farscape‘s first three issues left me completely cold but I have no choice except to believe that a title like Muppet Robin Hood must surely be fantastic. The original titles they’ve produced seem to be hit or miss, as are their adaptations, but when they hit they are truly something special. I don’t really have any love left for remakes, adaptations or otherwise resoled properties – the film industry has used up all my tolerance for them – but if one is likely to catch my attention, at this point, it’s probably going to come from BOOM! so I am, in all sincerity, pretty stoked about this PKD adaptation.

(Now if only BOOM! would pick up Spellgame from the defunct Speakeasy Comics portfolio…)

Random half-considered theory: the use within the information security field of the term “sensitive data” as a catch-all for anything worth protecting subtly guides us to be evasive, tentative, even secretive about the mere existence of such information and unwilling to discuss openly the risk management strategies appropriate to a given set of data because of the way we interpret, use and think of the word “sensitive” in other contexts. It’s too easy to make the leap from “sensitive data” to “sensitive people” and we are trained to tiptoe around sensitive people. If we switched to using the term “valuable data” we would more easily discuss it in a matter-of-fact manner.

I spent part of yesterday morning and afternoon fiddling with the WordPress theme I use on this blog. Originally – years ago – I used Connections, but then over time I started fiddling with the colors and the font and that turned into fiddling with the banner image at the top (the current one is a scanned photograph I took in the early ’90s while driving from somewhere or another back to my hometown). There is an updated, widget-enabled version of Connections called Connections Reloaded but when I tried applying it I found that some of the sizes of things had changed and I just didn’t feel like spending all day trying to turn it back into my modded version of Connections so instead I stole its sidebar.php file and started fiddling in order to Widgetize my now heavily modified version of old-school Connections.

In the course of doing so I also (finally – it’s only been, oh, five years since I started using this theme) cracked open the stylesheet sufficiently long to find the text-alignment and blockquote settings so now everything is justified and blockquotes are gloriously unitalicized. You have no idea how long I have hated my theme’s italicized blockquotes. I have abandoned posts containing blockquotes because I decided I couldn’t handle staring at that much italicized text. Seriously. Yes, I am a little insane.

Now I have a widgetized sidebar, though, which was fun to play with. I also have a mystery “Meta” box that doesn’t seem to come from anywhere in particular in my theme so I’m a little confused about how to get rid of it. Ah well, I’ll probably figure it out in five years. In the meantime I am ridiculously pleased to have a last.fm widget. I started with the last.fm widget in the WordPress widget database – the one that’s old and doesn’t work anymore – and manually replaced the last.fm script it called with one I generated using their create-a-widget tool, then fiddled with sizes both within the last.fm widget and within my theme to try to get the widget and sidebar to more or less fit together. Whee! Sometimes I remember that I enjoy being a nerd.

Yesterday evening the FTC shut down ISP and data farm service to Pricewert LLC, aka 3FN (amongst other names). It is – or was – a major distribution channel for spam along with even less savory internetalia including child pr0n and they acted as a haven for botnets:

The FTC also alleges that the defendant engaged in the deployment and operation of botnets – large networks of computers that have been compromised and enslaved by the originator of the botnet, known as a “bot herder.” […] According to the FTC, the defendant recruited bot herders and hosted the command-and-control servers – the computers that relay commands from the bot herders to the compromised computers known as “zombie drones.” Transcripts of instant-message logs filed with the district court show the defendants’ senior employees discussing the configuration of botnets with bot herders. And, in filings with the district court, the FTC alleges that more than 4,500 malicious software programs are controlled by command-and-control servers hosted by 3FN. This malware includes programs capable of keystroke logging, password stealing, and data stealing, programs with hidden backdoor remote control activity, and programs involved in spam distribution.

Since they were running botnets and keyloggers it’s safe to say that a major part of their business plan was identity theft, the fucks. If this is true then we are all better off with these people off the internet for at least a little while.

Late last year there was a similar shutdown of McColo, another major haven for this type of thing, and at the company where I then worked we saw a significant drop in spam traffic that corresponded almost to the minute with the shutdown. Now I’m very curious to track what happens in my various spam folders today and over the weekend. We might be about to enjoy a very pleasant few days. Given that it looks like Pricewert were caught as red-handed as can be, maybe even a little longer.

However, even if everyone involved in running Pricewert itself were to go to jail and never have the chance to run this sort of operation again, their bot herders and the criminal clients who sought out Pricewert’s services will just go somewhere else and set up shop again. They don’t even necessarily have to wait for things to cool off first… and I don’t think there’s a solution to that. Security tools such as intrusion prevention have issues that make some fantasy of in-the-cloud security across all ISPs or all major upstream providers just that: fantasy. While the 40 and 100 Gbps standards are on the horizon, 10 Gbps security devices are still prohibitively expensive for almost all potential customers. If individual organizations can’t afford that kind of inspected speed in their own data centers then there’s no way an ISP could hope to do the same. On top of that, intrusion prevention has too much potential for a false positive taking out something important. As for firewalls, they’re for premises and individual organizations, not entire classes of customer.

There are things that can be done – basic ACLs on border routers, policies that block specific known bad traffic at the outermost edges of ISP networks – but the internet is simply always going to be, to some degree, the frontier. That’s kind of the point of the internet, actually. By the time some technology or standard or service is understood sufficiently to have vulnerabilities identified and those risks mitigated, there are ten more completely new technologies or standards or services coming down the pipe. The only way to protect a given network from malicious traffic originating outside of that network is to disconnect from the outside world.

ISPs and especially their upstream providers are in the business of providing as much bandwidth as possible as reliably as possible. Just as at the user level there is the potential for tension between convenience and risk management, there is tension between risk management and the level of availability demanded by a hosting center. Any ISP or upstream provider that started policing the traffic of its large, high-bandwidth, highly available clients would be asking to go out of business and that’s just the legit providers. Even if tomorrow someone were to wave their magic wand so that inspection took no more resources than routing there would still be people who see the criminal elements of the internet as little more than an under-served market, especially in times like these.

The Boyf and I went to see Terminator: Salvation this weekend with Katastrophes, Mr. Pink Eyes, Mr. Saturday and Pants Wilder. I have always been a fan of that setting for its uniqueness within sci-fi: while man vs. machine may be well-trod territory, the Terminator movies never actually fix the future. Each one simply delays the war. No movie claims to prevent it. I find that fascinating, that it’s a story about different forces struggling over the timing of an otherwise inevitable tragedy. That puts an interesting spin on the usual fight-the-big-bad-to-save-the-world finale of people vs. robots.

Prior to the jump, which will be used to prevent accidental spoilers, I will simply say that there were a lot of things I liked about it and the things I didn’t like could have been a lot worse.

Below the jump are spoilers galore. Be warned!

(more…)