Author: Ed That Goes Ping

GMail Messages are Vulnerable to Interception

GMail Messages are Vulnerable to Interception — nice buffer overflow there. Glad you saved all those CPU cycles by using C rather than a language which is not vulnerable to buffer overflow exploits, like, well… like anything else except C and its cousins, basically! Nice job Google.

Oleg on Google programmers, a couple years ago:

Peter Norvig was also cavalier about programming languages. He said people often need more control over memory allocation — that’s why they choose C++. Google uses a lot of C++. Doesn’t Peter Norvig know how hard it is to manage memory? That’s why it is better to leave this task to professionals. One of his slides said: “It’s better to hire an active VB programmer than a guru who isn’t interested in your problem.” This is exactly the attitude that keeps bringing buffer overflow news every week.

News about the ‘sploit via afterslash.

TextWrangler

Once upon a time, Bare Bones Software, makers of BBEdit, ruled the Mac text editor world. They had a free version, BBEdit Lite, which hooked you in, and then you’d get so used to it, you’d pay mucho buckos to get their pay version with added extra features.

Eventually they looked around at all the people using BBEdit Lite and realized, “we’re not getting money from these people! We must eliminate BBEdit Lite and only let people use BBEdit, which costs three digits of dollars. Then we will be rich, and the mooching will stop.”

They found that people were not willing to go from “free” to “three digits of dollars,” so they added TextWrangler, a chopped down wussified version of BBEdit which was only in the mid two digits of dollars.

However, people also weren’t interested in something which was both “wussified” and “two digits of dollars.” So the ones who weren’t willing to go with the three digits started looking elsewhere, because it turned out other developers were working on modestly-two-digit-priced text editors which weren’t deliberately wussified, substandard versions of a better editor. SubEthaEdit, TextMate, and others.

Finally Bare Bones Software achieved enlightenment, and they started giving away TextWrangler for free and adding some features to it, thus returning things to the way they were when BareBones was king.

And there was peace in the land.

TextWrangler rocks.

iProduct.

The power to buy anything — and feel good about it.
Will it be merely an incremental improvement? Will we simply increase the storage capacity of an existing product and increase the price? Or will we remove features and capacity and reduce the price? It doesn’t matter. We’ll still trumpet it as a brand new product, and you’ll buy it. You know you’ll want it. And you know you’ll pay big for it. Steve Jobs could take a dump, put it in an off-white plastic case, add two grey buttons and a small LCD display, and you’d pay $600 for it. Just fucking admit it.

via mph, the second thing that he’s IMed me today that makes me remember why deep down I’m not a real Mac user. Because I don’t have that kind of spare cash. I’ve never bought a Mac computer new. I don’t own an iPod. I’m not one of the real mac people. And yet, I’m pretty happy with my mac, object to it on some grounds though I might. Sure better than freaking Winders. And it’s sure less pain and hassle than Linux… mostly anyway. What can you do.

Update: rebuttal, not as funny as the iProduct one, IMO.

Fake Credentials for Government Information Systems Pooh-Bah

Reason: Cut-Rate Diplomas: How doubts about the government’s own “Dr.
Lauraâ€? exposed a résumé fraud scandal — If this sort of thing is widespread, it explains a lot about the government’s relationship to computers and software, and the laws and corporations that deal with them. (Equal opportunity outrage! This fraud not only was in charge of information systems for Homeland Security under Bush, she also covered up lost emails that were subpoenaed for the Lewinsky scandal under Clinton!)

The Torture President Still Choosing Pro-Torture Cabinet Members

ACSBlog: The Blog of the American Constitution Society: White House Chooses New Homeland Security Chief
: ‘According to American University Law Professor and ACS Faculty Advisory Herman Schwartz, Chertoff is the second major Bush cabinet nominee to be involved in the scandal over abusive treatment of detainees. In an August 18, 2004 op-ed published in Newsday, Schwartz writes that “[h]arsh ‘stress and duress’ tactics used by the CIA in early 2002 – such as simulated drowning – were reviewed and apparently cleared by the Justice Department Criminal Division, then headed by Michael Chertoff.”‘