Why I Think the NSA is Releasing a Free Reverse Engineering Tool This Year at RSA:

The NSA is releasing a free reverse engineering tool this year at the RSA security conference in San Francisco.

Many in the security community—who have an understandable and healthy distrust of the NSA—are wondering if there could be a backdoor in the software, if they’re using it to spy on people, etc. The various theories are interesting reading.
And reducing the loss of talent they already have.
I think the answer is much simpler—they’re using the release of the tool to inject some goodwill into the community in hopes of attracting new talent.
In short, it’s all about recruiting.
Between Snowden, the ShadowBrokers leaks, and the damage caused by EternalBlue and NotPetya, I’m guessing morale is at a dangerously low level and they need to do something to raise interest and motivation for working there.

(Via Daniel Miessler)
An interesting theory, to be sure. It does assume one key aspect that may, in fact, be lacking: that someone with the wherewithal, knowledge, and authority released this tool at this time.
I wonder if it was slated to be released some time ago and the timer for release expired. No one was “at the switch”, as it were. The intent may well be as Daniel and Leslie think initially, but the person(s) who put it into place is perhaps long gone from the administration or else taking advantage of chaos – placing a maybe valuable tool to security professionals because the government can’t be trusted to do it themselves either through malfeasance or through incompetence.
Or it could be something else entirely. We’re all just guessing.

Watch The Smiths Play Their Last Live Show (December 12th, 1986):

It couldn’t have lasted—a flame burning twice as bright, and so on. One of the best bands to emerge from the explosion of British new wave and post-punk in the 1980s, The Smiths built a template for thousands of mope-rock bands who followed. Longstanding animosity has meant that their brief time together contains their total legacy. No reunion shows or albums—despite rumors over the decades since they broke up in 1987; no ersatz version of the band, missing key members but limping ever on.
Live albums, compilations, and box sets may have appeared over the years, but they all contain music written, played, and recorded between 1982 and 1987, a period during which the songwriting duo of Morrissey and Marr had as much creative energy and purpose as any of the famous songwriting duos of twenty years earlier. Love them or hate them—there seem to be few people in-between—The Smiths’ importance to alternative and indie rock is inescapable.
Like many other hugely influential bands in popular music, the mythology can eclipse the complexities. Unmentioned in many a glowing account, for example, are the unsung onetime-members who played bass or guitar at points in the band’s short life—most significantly guitarist Craig Gannon, sometimes called the “fifth Smith.” Gannon played on such seminal hits as “Ask” and “Panic” before being let go from the band before they played their final concert, an Artists Against Apartheid benefit at London’s Brixton Academy on December 12th, 1986. See it above in a fan-recorded video.
Delayed after Marr was in a car accident, the concert shows them back to their core four lineup, reunited with fired, then rehired (then arrested) bass player, Andy Rourke. They play “Shoplifters of the World Unite” from their upcoming final album, 1987’s Strangeways, Here We Come; they play The Queen is Dead’s “Some Girls Are Bigger Than Others” for the first, and last, time live onstage; they end the night where they began, with their very first single, “Hand in Glove.” No one knew at the time that it would be their last gig, including the band.
They continued on for the next few months, recording, making TV appearances, and pondering a major label move. Differences personal, legal, and creative soon drove the four members apart. They have all continued to contribute significantly to the direction of alternative rock, as supporting players, superstar indie guitarists, and, well, Morrissey. We might wish for a more polished document of their last show, but so it is. Fans are extremely unlikely to ever get chance to see it happen again.
“Yes, time can heal,” wrote Morrissey in his often embittered autobiography. “But it can also disfigure. And surviving the Smiths is not something that should be attempted twice.” We should count ourselves lucky—those of us in the love-the-Smiths camp—that they survived as long as they did, producing jangly, gorgeous, snide, maudlin, and morbidly hilarious indie-pop gems from the very beginning to the very end of their maybe-perfectly-concise career.
See the full setlist below:

Bigmouth Strikes Again
London/Miserable Lie
Some Girls Are Bigger Than Others (only live performance)
The Boy With The Thorn In His Side
Shoplifters Of The World Unite
There Is A Light That Never Goes Out
Is It Really So Strange?
Cemetry Gates
This Night Has Opened My Eyes
Still Ill
/The Queen Is Dead
//William It Was Really Nothing
//Hand In Glove

via Sonic More Music
Josh Jones is a writer and musician based in Durham, NC. Follow him at @jdmagness.

(Via Open Culture)
I still kick myself for not appreciating The Smiths when they were still a going concern. One of my brothers Eric became a fan in about ’84 or so. Still, they would have broken up anyway.
Or would they have had they known I was a fan? Doubtful.

Start Up No.980: the vitamin D myth, how smart TVs pay, Brexit’s paranoid fantasy, where Apple stumbled, and more:

Taking the smarts out of smart TVs would make them more expensive • The Verge

Nilay Patel: You guys are committed to low price points and you often beat the industry at those price points. Can you hit those price points without the additional data collection that TV does if you don’t have an ad business or a data business on top of the TV?
Bill Baxter, CTO of TV maker Vizio: So that’s a great question. Actually, we should have a beer and have a long, long chat about that.
So look, it’s not just about data collection. It’s about post-purchase monetization of the TV.
This is a cutthroat industry. It’s a 6-percent margin industry, right? I mean, you know it’s pretty ruthless. You could say it’s self-inflicted, or you could say there’s a greater strategy going on here, and there is. The greater strategy is I really don’t need to make money off of the TV. I need to cover my cost.
And then I need to make money off those TVs. They live in households for 6.9 years — the average lifetime of a Vizio TV is 6.9 years. You would probably be amazed at the number of people come up to me saying, “I love Vizio TVs, I have one” and it’s 11 years old. I’m like, “Dude, that’s not even full HD, that’s 720p.”
…And the reason why we do that is there are ways to monetize that TV and data is one, but not only the only one. It’s sort of like a business of singles and doubles, it’s not home runs, right? You make a little money here, a little money there. You sell some movies, you sell some TV shows, you sell some ads, you know. It’s not really that different than The Verge website.

Well, it’s a point of view. Now let’s rewind a couple of years…
link to this extract
February 2017: VIZIO to pay $2.2m to FTC, state of New Jersey to settle charges it collected viewing histories on 11 million smart televisions without users’ consent • Federal Trade Commission

VIZIO, Inc., one of the world’s largest manufacturers and sellers of internet-connected “smart” televisions, has agreed to pay $2.2m to settle charges by the Federal Trade Commission and the Office of the New Jersey Attorney General that it installed software on its TVs to collect viewing data on 11 million consumer TVs without consumers’ knowledge or consent.
The stipulated federal court order requires VIZIO to prominently disclose and obtain affirmative express consent for its data collection and sharing practices, and prohibits misrepresentations about the privacy, security, or confidentiality of consumer information they collect. It also requires the company to delete data collected before March 1, 2016, and to implement a comprehensive data privacy program and biennial assessments of that program.

link to this extract


(Via The Overspill: when there’s more that I want to say)
Also, try to buy a “dumb” car.

Some Org Agenda keybindings:

This post is just a friendly reminder that it may be a good idea to look in the manual from time to time, just in case there are some gems hidden there you don’t remember (even if you read it once).
It turns out that you can do a lot of things from the Org Agenda buffer. Usually, I just wander around that buffer using the normal movement commands and exit it using q. Of course, I also often mark things done using t and jump to them using RET. But until recently, that was about it.
It turns out Agenda can do a lot more. One nice thing is C-c C-o, which just opens the link from the selected entry (and displays a list of links found there first if there is more than one). f and b move forward and backward in time, and . gets back to today. A number of commands starting with v changes the appearance of the agenda, showing or hiding various kinds of information.
If you have a habit of not closing your agenda (e.g., with q), you might find M-<up> and M-<down> useful – they allow to rearrange the order of agenda entries, but only temporarily (until the agenda is (re)generated again).
If you want to reschedule your tasks, S-<right>, S-<left> and > may be for you.
You can also manage clocks (i.e., start and stop clocking etc.) from the agenda view.
One of the cooler things you can do in the agenda is bulk actions. You can mark more than one entry (manually or with a regex) and then perform some action on all marked entries. The available actions include manipulating todo state, tagging, archiving, scheduling/deadlining and refiling. You may also, as the manual puts is, “[r]eschedule randomly into the coming N days”, which I never used, but that looks cool. If that weren’t enough, defining custom actions is (of course) also possible, either on the fly or permanently.
Do yourself a favor and check out the manual, there are even more possibilities!
CategoryEnglish, CategoryBlog, CategoryEmacs, CategoryOrgMode
Let’s block ads! (Why?)

(Via Marcin Borkowski: Homepage)


Firefox 69: Flash disabled by default

Hang on. Mozilla killed off Firefox Live Bookmarks, RSS, legacy extension ecosystem & other bits but kept Flash around until … tomorrow-ish? If they’d killed Flash first, could I still have some of the things I liked?

Bozhidar Batsov’s Year End Emacs Review by jcs:

In my continued atonement for failing to produce a year end Emacs review, here’s an offering from Bozhidar Batsov. Batsov has done a lot of interesting work–including Prelude, CIDER, and Projectile–so his take on things is worth noting.
Oddly, he finds most of the changes introduced by Emacs 26.1 don’t affect him at all. He’s excited by the advances in concurrency but, of course, it’s still early days. He expects that it will become more important as package writers start taking advantage of the capability.
He makes two further points that I agree with. First, he says that MELPA has become the only repository that matters. Sure, there’s a couple of packages in GNU elpa that we all need and, of course, there’s the Org repository but, really, MELPA is the place to go.
The other point involves GNU elpa. He says that he’d like to see more of the packages that are built in to Emacs core–Org, for example–moved to GNU elpa and the core be dedicated to providing the best possible editing experience. That would have the advantage that the packages could be updated more regularly and, of course, make Emacs more configurable.
Batsov’s post is interesting and worth a read.

My takeaway is that I lost emacsredux.com from my Emacs RSS feeds somehow. I need to tend to that garden.

I owe my love of pimento cheese to a man named Lake by Kevin Pang:

The side of our refrigerator is reserved for special mementos. I’m staring at it right now as I type: There’s a Polaroid of my now-wife and myself in our early days of dating, a photograph with our two-year-old at the beach last summer, there are food-themed novelty magnets from cities we traveled to over the years. Oh, I also see my health insurance card that I need to put back in my wallet. But, for the most part, important mile markers from our lives, memorable and flat enough to attach onto a fridge.
Curious enough, there’s a 8 1/2-by-11 sheet of paper on our fridge since 2010. Looking at it conjures a warm memory–it comes from a man I met nine years ago for one afternoon. His name is Lake E. High, a wonderful name of a wonderful man who met up with me in Columbia, South Carolina. At that time, High was president of the South Carolina Barbecue Association (he stepped down from the position this past July and is now president emeritus), and he agreed to show this Chicago newspaper reporter and barbecue neophyte the delicious foods of his home state.
I was young then, inexperienced in the food traditions of the American South. I told High I had tried pimento cheese for the first time only days earlier in Shelby, North Carolina at Bridges Barbecue Lodge. And with that cue, High launched into a 20-minute monologue about the particulars of pimento cheese. I sat listening to him, entranced that pimento cheese could yield 20 minutes of soliloquy.
Weeks later, I returned from my barbecue road trip week and discovered an e-mail in my inbox. It was from Lake High. It included a Microsoft Word attachment titled: Pimento Cheese. It read, in part:
> I gave this recipe to a friend who thought mine was the best he had ever had so he took the recipe and went out and bought some Piggly Wiggly sharp cheddar used the Hellmann’s mayonnaise his wife likes and had in the fridge. He was dumbfounded that it didn’t taste anything like mine and he said it was awful. I gave him a short lecture and had him re-read the recipe.
High included a number of secrets. He insisted only Kraft Reserve Sharp cheddar cheese be used, and if not available, Kraft’s Extra Sharp is also acceptable. He implored that only Duke’s mayonnaise be used (it has a higher egg yolk ratio, which gives it a “homemade” richness–plus it’s also the officially sanctioned mayo of the South). He add lots of black pepper. He mashes the jarred pimentos with a fork. And he adds a half teaspoon of sugar to “take the edge off the sharp cheese while leaving the flavor.” High says: “If you can taste the sugar, you’ve added too much sugar.”
I don’t know if using a different mayonnaise, or withholding the sugar, would make a taste difference that my palate could discern. But I also haven’t been consuming pimento cheese my entire life. And so I defer to the sage wisdom of Lake E. High, a gracious man who forever changed my worldview on pimento cheese. This is the only way I’ve made it, and the only way I’ll make it going forward. It’s absolutely delicious. That itself earns a place on our fridge forever.

Lake E. High’s Pimento Cheese

  • 10 oz. Kraft Reserve Sharp cheddar cheese
  • 1/2 tsp. sugar
  • 1 small jar (4 oz.) chopped pimentos, mashed up with a fork
  • Lots of black pepper (and some red pepper flakes if you like it hot)
  • 3-4 heaping Tbsp. Duke’s mayonnaise
    Grate cheese into a bowl. Drain one small jar of pimentos and place onto plate. Mash with a fork into tiny pieces. Add cheese and pimentos into bowl, then add Duke’s mayonnaise to desired consistency. Add 1/2 teaspoon sugar and mix. Blacken the top of the cheese mixture with fresh ground black pepper, then stir it all up.
    Postscript: I e-mailed Lake E. High while writing this, asking for permission to reprint his recipe here. He graciously said yes, and added, “I tell people about your comment, ‘Pimento cheese has changed my life’ to much enjoyment.” He’s right.

Outside of inside of olives, I don’t know if I experienced pimentos much. Luckily I have two sisters, a brother, their families, and a mom to whom pimento cheese is a way of life.
I can’t say that I am a fan, but based off of this recipe I can see why I am not – that is a small amount of pepper (the pimentos, TIL) and black pepper to counter the sharpness of the cheddar. The sugar might not be best to cut the cheese sharpness – maybe lemon juice? The recipe misses the mayonnaise completely I presume at least 50% in volume to the total (UPDATE: They added it in and I reflected it above); I subscribe to the use of Duke’s in lieu of Japanese Kewpie mayonnaise.
p.s. ※ to self: taste test Duke’s and Kewpie

Who thought a re-imagining of “Here Comes The Bride” would make a good reggae song?

Hi, Slack!
Thanks for how you try.
I need you to try harder.
First, I need you to stop stealing my attention and focus. People want to express themselves with animated GIFs and emoji (see #4 below) and stuff. Let them express. But let me control. If I’m reading a post needing my attention and some [wonderful coworker] wants an animated penguin dancing just on screen above or below, focus becomes a challenge (as is my good will toward said [wonderful coworker], but that’s another issue).
Second, I need you to be more efficient. Your desktop “apps” are battery vampires because they are not apps. They are your website wrapped up in Google’s Chrome browser in something called Electron. While there are some advantages to the arrangement, I value efficiency in message delivery and the battery life to act upon such messages.
Third, searching is weird. There is some syntax around it but is specific to your service. I would not mind so much if it were more or at least as mature as PCRE or Google’s search. As it is I find it hit and miss.
Fourth, emoji has its place. In Slack, it’s decoration and message medium and “flair” and … More often than not I can’t tell what message is being sent. “Huh?” is becoming my #1 response. Let me render them all as text (see #1 above) or block them.
One area where I like what you’re doing is identifying bots. In most circumstances bots are useless and I prefer to avoid them. I like that they are labeled so I can ignore them. I would like to be able to block specific bots for me while keeping them available for others.