Thursday, December 31, 2009

The Best

I spend a lot of time (words) on this blog ranting about failures of tech, politics, and the assorted sundry of man's general idocy.   Today - the last of 2009 - I think I'll reverse that.  For one post at least.  

Hands down the best thing of 2009 for me was that I got to spend a bit more than 9 months with my sons.  This is a very big deal to a divorced father living 2000 miles from where his kids attend school.  It came about in a scary way but in the end turned into maybe the best year I've ever had with my boys.  I am amazed that sometimes the worst of situations can deliver such joy.  

I am blessed to have two of the most intelligent, loving, funny, caring, and tolerant sons that have ever existed.  Every day they do things that make me laugh and make me proud.  Sometimes they do things that make me cry.  Occasionally people and the world make me angry and protective of them.  All of it makes my love for them that much stronger.   I wake up every day excited to see what they will be up to.  

Over the last year I have also gotten to know my parents in a way that few sons ever do.  They have always been there for me.  This last year has been unquestionably the hardest of my life from many angles.   Dealing with the death of a dear friend.  The scare of someone I care deeply for being mortally ill and the financial burden brought on by several events and life choices to name just a few.  It's still far from over.  I wish the passing of another calendar would make that possible.  What I do know, my parents have been there for me - both as protective parents and as good friends.  They have been there for me in a way that I hope I can repay.  Probably only in doing the same for my boys.  Thank you Mom and Dad!

Another of the best things has been reconnecting with several of my good friends.  This year has been a goldmine for that and I will solidly give credit to technology in that arena.  Mostly to Facebook.  As much as I distrust it and really hate many of its features and annoyances it has brought me together with at least several friends that I don't want to ever loose touch with again.

Through the hardships of this year and mostly through the amazing good things I have crested yet another peak in the long mountain climb of life.  I understand myself better than I ever have.  Love more deeply than I ever have.  Enjoy each day more than I ever have, and now truly know what is important and what doesn't matter.  I'm standing on the top of that peak - looking at the climb to the next and this time I'm excited.  No matter what the future holds I know what is truly the best for me.

I hope that for anyone reading this that 2010 can bring you what is "the best" in your life and the ability to recognize what doesn't matter.

Wednesday, December 30, 2009

Nuff Said.

iTunes Sucks

I just did battle with iTunes for second time and my tweets about it got a little attention.  With that in mind I thought I'd post on the whole experience to clear the mud as they say.

I've done this before but I forgot what a pain the whole deal is.   I got my youngest son an iPod Touch for his birthday in October.  At the time we just set him up to use the same account that I created for his older brother.  Now with the advent of things like iTunes gift cards for Christmas this was no longer acceptable from the eyes of an 11 yr old.

Set aside for a moment that it's ridiculous to require an account to download free content.  (My Droid did not require any such thing)

I began by attempting to set the account up directly on the iPod.  Dumb idea - who in their right mind would want to use a well designed handheld computer with it's own internet connection for such things...  (Really stupid from any angle Apple)  Then I went to the Apple website.  After two hours of searching and cussing the only thing I could do was to create the beginnings of an account with a user name and password and maybe apply for a credit card...  WTF?

Out of frustration I clicked the "chat with an expert" button and was greeted by a person named "Omed".  I asked "him" how I could change payment options for my iTunes account and "he" just sent me a link back to the website FAQ.  I told him in that case I would not be purchasing any more Apple products and wished him a pleasant evening.  What horrible, stupid customer service!  I would expect that from Microsoft (along with a bill for a few hundred dollars) but Apple?  

So over the last couple of days I've done some Googling and discovered the convoluted method of creating an app store account without a credit card.  (this does not appear anywhere in the FAQ that I could discover over my several hour battle)

So, even though I don't want it and will un-install it.  I downloaded all 90mb of iTunes and sat through the 20min install routine.  Telling it "no" to things like should it be my default media player, should it search my computer for media, etc. etc.  Upon running, iTunes apparently forgot that I answered "no" and found that I have a drive mapped to my NAS and 80gb of audio...  (maybe they need a "hell no!" option)

Two and a half hours later it had "found" all of the songs and had begun to calculate gapless playback info for them.  Thank (insert deity here) that iTunes lets you stop this process.  So I spent the next hour following the instructions on creating a credit card free account and discovering that even though I had not been able to complete the process from either the iPod or the website, that I had an account and could not complete the "hack".

In the end I gave up.  Logged in and added the remaining info and selected PayPal out of desperation to have this over with.  It sent me to the usual PayPal login where I accepted the payment agreement.  But iTunes would not continue.  Even though it launched the web browser session to PayPal it could not recognize when I had finished.  I had to make IE my default web browser and go through the whole thing again.  Then at the end I still had to enter a billing address - For a PayPal account. 

Dumbest - Process - of - the - Year!

F U APPLE!  I don't care how cool the tablet is!

Wednesday, December 23, 2009

The Problem with Predators

The news this week was littered with reports of insurgents capturing the video from our UAVs and other aircraft.  Then I read the "Howto"on Wikileaks and found out that the drones are just broadcasting a direct MPEG II stream with embedded meta-data including the exact coordinates of the aircraft!  Not only the drones do this but many of our other warplanes!  Inconceivable!   This is the same technology used by direct broadcast satellite providers like Dish Network, DirectTV, and probably your local cable provider - only they use some (lame) encryption to make it at least difficult to steal programming.   It makes me want to personally hunt down and cockpunch the officials involved.   In this case simply broadcasting analog tv signals would have resulted in less damage because location data could not have been included with the signal.

All you need is a C band (the big old kind) satellite dish and software or hardware capable of playing mpeg II streams.  Save the $25.99. You could do it with windows media player and the correct hardware...

Encrypting this signal was no doubt considered but I bet it was thrown out by someone with stars on their collar or the title of congressman because they were worried about the keys or technology falling into enemy hands.  Nothing like the 3rd grade concept of encryption that the movies have led the public to believe. 

Simply setting up an off the shelf VPN with a reasonable encryption algorithm like AES and identity certificates from a central (DOD) CA would have solved all issues.  The encryption tech is openly available and unbreakable with good automatic keys and hashes.  Hardware to do this is available at Wall Mart for $49 in the guise of home network routers.

The identity of the drone and anyone receiving the connection could be verified by the certificates or a one time password system.  The certificates could be granted only for the duration of the mission at hand and revoked at any time.  Problem solved.  With off the shelf tech.  This could even be done for free using open source software.  And it would be completely secure.  Not even Hugh Jackman could break this encryption (with a gun to his head while getting a blowjob).

Instead I bet we are paying billions in pork to some senator's, son in law's company to develop a system any 13 yr old can crack by saying "It's Unix, I know this" and guessing three passwords... 

The real predator drones are at work right now.  In upper levels of our government.  Feeding off our tax dollars.

Update: One of my security heroes, Bruce Schneier has a post on is blog about this very subject. While he and I seem to initially disagree, his conclusion is much the same as mine. Commercial grade encryption is the solution. He is much less hard on "the man" than I, and definitely in a much more informed position in general. I'm still angry. My reasoning still stands. Based mostly on a fact I'm not sure he is aware of. Look at the analysis available on Wikileaks and you will see that there is actual position data in the MPEG stream. The exact location of the drone is part of the video. Assuming interception - this totally mitigates the reason for the drone. Why did we spend the money?

He speaks to the difficulty of providing keys. I find this disturbing coming from Mr. Schneier. A simple certificate based PKI hosted at "drone control" combined with a one time password system (like Safeword for example) on the ground would allow finite control from a central location. At worst you would need to upload new certificates while the drone was being ground serviced. With the existing real time control link it should be possible to upload or revoke even during a mission. At this date it would require a re-tool of the electronics in the drone, new gear on the ground and creation of branch of command and control to issue access. The point is - this should have existed from the get-go.

I know next to nothing about the capabilities of Land Warrior, but assuming (always a dumb thing) that it has basic encryption and a secure satellite link - maybe the simplest method would be to just turn off the direct downlink from the drones and provide the video feeds via this system.

I know - crazy talk. That would make sense and save money. Never fly.