Why base64 encoded strings might confound and dismay

Problem: You are trying to to crack Base64 encoded password hashes and failing. Possibly a simple program to Base64-decode the hashes is trying to print unprintable characters and/or making beeping noises. I’ve never seen an answer that explains this relatively simple problem in a very simple way. I will try to do just that.

Background: When a value is hashed, the bytes are all changed according to a hashing algorithm and the resulting bytes are often spun up or down beyond the range of printable characters. For example, the bytes of the String “Pennsylvania” are:

80 101 110 110 115 121 108 118 97 110 105

When “Pennsylvania” is hashed with MD5, the resulting bytes are:

-102 -61 29 -5 58 47 91 -103 79 64 9 -21 10 60 9 73

It is not surprising that we can’t look directly at a string representation of the bytes of a hash. An attempt to do that looks like this (often accompanied with beeps and whitespace):

I’ve never tried to store an audible beep in a database or send it to the printer, but I don’t think it will work very well.

Instead we just look at a list of bytes like above _OR_ represent those bytes in an alphabet that accommodates all the crazy values. This is exactly what base64 does. It makes a list of bytes into a string and guarantees that they will be printable and human readable.

Base64 encoding the bytes of the MD5 hash of “Pennsylvania” outputs a string: msMd+zovW5lPQAnrCjwJSQ== . This is just a string to render that list of bytes for humans to read. Positive, negative, Base64 doesn’t care! It has an alphabet that goes up that high.

If I’m guessing correctly, this is the spot many people are starting from: working with a file full of base64 encoded strings that must be decoded and turned into a hexadecimal string to work with hash crackers. One might be tempted to just turn msMd+zovW5lPQAnrCjwJSQ== back into a byte array and base64 decode them to get the original hashed bytes and then Base16-encode those bytes. Nope. Look at the nice list of bytes from msMd+zovW5lPQAnrCjwJSQ== in the printable range:

109 115 77 100 43 122 111 118 87 53 108 80 81 65 110 114 67 106 119 74 83 81 61 61

No negative numbers! No numbers above 200! This has nothing to do with the list of bytes resulting from the hash of the string “Pennsylvania”.

Solution:
The base64 encoded string has to be converted back into the array of bytes with all those negative numbers that created it. String.getBytes() will not do this. In Java, this needs a function that takes a string and knows which encoding scheme it is dealing with.

Here are some simple java lines of code using the Apache commons codec Base64 class that will perform this function and print out the byte values to confirm that they are the same.

org.apache.commons.codec.binary.Base64 b64 = new Base64();
String p = "msMd+zovW5lPQAnrCjwJSQ==";

byte[] bs = b64.decode(p);

for (byte k : bs){
System.out.println(k);
}

Google’s Guava is a little nicer because all encodings are available from the BaseEncoding class:

byte[] bytesFromEncodedString = BaseEncoding.base64().decode(encodedString);

Before using these results with a HashCat or John The Ripper, they must first be encoded into base16 (Hexadecimal):

Here is the last step using Google’s Guava libraries:

String hex = BaseEncoding.base16().encode(bytesFromEncodedString);

Posted in General, java, security | Comments Off

Astounding Firefox memory improvements

Read and learn as Firefox developers discuss how they reduced our favorite browser’s memory footprint.

Problem: Giant pages of images can lock up recent versions of Firefox. In recent versions, when Firefox receives a page, it uncompresses all the image files at page load time, loading all the uncompressed images into memory.

Developers recently took two steps towards solving this problem:

First, they made it so the layout provides information on which images are visible or likely to be visible (Bug 689623). It was nothing fancy. They just extended the viewport a bit up and down and deemed any images within that slightly-larger-than-normal viewport as visible or likely to become visible and kept those in memory, discarding others. This made it into Firefox 24, the most recent release. However, my Firefox 24 still crashes when loading a page with thousands of images. This is because it was still decompressing every single image on page load and then throwing most of those away as soon as they were decompressed because they weren’t deemed visible to the viewer.

This most recent fix (in Firefox 26) has taken care of that problem. The layout (more specifically the presentation shell or presShell) now keeps a constantly updated hashtable of every image on the page. The hashtable has a switch for each image, loading them into memory when they enter that expanded viewport. So, it doesn’t do decompression or loading into memory until that image nears the viewport.

Going through the discussion of the bug can reveal even more:

  1. A teacher of data structures who needs a real-world example on why to use a HashTable instead of a sorted array can use their example:

    Part 1. Use a hashtable instead of an array to store list of visible images on the presShell.
    We’ll need this so we have a fast way to remove an image from the visible list.

  2. Firefox pref tweakers can look forward to image analysis prefs:

    If the image visibility pref is off we need to skip trying to determine if the image is visible and just assume it is visible.

  3. They worked network requests for images into their fix:

    Try to avoid asking for a decode of an image whose network request finishes before painting is unsuppressed.

    In other words, don’t decode an image just because it is delivered quickly.

  4. It helps to understand reflows. In this solution, reflows trigger the check to see if an image is visible and the update of the hashtable. Whenever the user’s actions change the page, the size and position of elements get recalculated and trigger a reflow. They decided that reflows should trigger the check instead of image related events because image actions simply occur in too many different places and for different reasons. Reflow events can be depended upon and so they only have to put the trigger in one place.
Posted in General, firefox | Comments Off

The passive aggressive spouse: A literature review

There is a whole chapter in this book about promising to paint.


I’ve been trying to understand passive aggressive behavior and so this post is basically a review of the “literature” available on the internet. I am alarmed because I recognize myself in a lot of the descriptions. Now that I’m aware of my own passive aggressive tendencies, I notice it all the time.

For instance, I was carefully placing the coffee pot down on my wife’s gospel CD when I realized that even that simple act might be construed as passive aggressive.

I used to associate passive aggression with other people’s more overt actions, like the tenant in an apartment building I lived in who piled all her blinds in the center of the living room floor and poured maple syrup on them before moving out. That, I knew was pathological. As I now realize, so is crushing your wife’s lady supplies, hiding them, and then pretending to help her look for them.

Things that I used to think made sense, like voting Republican to punish the world, no longer do.

The key to the whole thing, I think, is having anger and not knowing how to express it. You are angry at someone and take it out covertly or indirectly. You learned to do this as a child and over time, it has become an entrenched habit.

The media is quite hard on us passive aggressive types.
Even The New York Times exposes its bias, calling us, “the multitude of hedging, foot-dragging mopes that populate everyday life.” Dang!
It uses this poor woman as its poster child for those women married to us:

“But in time, she said, it was apparent that he was also passive-aggressive. On one occasion, she said, he gave away her seat on an airplane while she was finding a storage compartment for her luggage, saying he thought she had taken another seat. On others, he would arrive home early from work and finish off meals they normally shared, without explanation.”

Wow.
Some of our best tricks are exposed:

And be sure to be on guard against likely retaliation.

“If he agrees to go over to your relatives’ place for Thanksgiving, but you know he’s upset about it, make sure you have alternate transportation to get over there,” Dr. Wetzler said.

“He may take the car and not manage to get home in time to make it.”

This article is about passive aggressive men withholding sex. I don’t know if it is some sick joke or if they are from some parallel universe where this happens.

That same site says

The passive aggressive person is a master at covert abuse.

Which makes me feel like a relationship ninja.

If any of these descriptions seem to apply to you, and you are not already exploring alternative faiths as a way to covertly punish the Christians in your life, you may want to take up Buddhist meditation. Meditation will make you more mindful and give you insight into your behavior, but forget about that and meditate anyway, because sitting still and not saying anything might be your only way to not be passive aggressive.
It is possible to learn to deal with the passive aggressives in your life. As this poster from FreeRepublic.com says,

She would ask “Do you want to go to the ballet?”. If I said “No”. I would find the question was really a statement and I had rejected her. She would go off like a rocket. Instead of saying “I want to go to the ballet”, she would go all passive aggressive and make it a question that wasn’t really a question.

Later, when she asked if I wanted to go to the ballet, I finally learned to tell her that I wished she and her whole family would die.

You can get lots of great relationship advice at freerepublic.com
For example, this fun-sounding lady posts there often:

I found the best way to deal with it was to fight fire with fire.
He used to ask, “Do you feel better now?” in a patronizing fashion, which would only make me angrier.
One day, instead of yelling, I started laughing at him. He became furious. LOL, the more I laughed, the angrier he became. It was about the only time I ever saw him lose his temper.
Best thing I ever did

Be careful, though. It can be dangerous to surprise your spouse with your merry laughter as this horrible local story illustrates:

The charges stem from an incident Jan. 20 at his home in the 1000 block of Hatch Avenue in St. Paul’s North End.

Blackwell’s wife of 7-1/2 months had decided that their marriage was over. They had been talking about it for some time, she testified Thursday. But on Jan. 17, Blackwell said he wanted them to do a relationship exercise he’d found in a book.

“It was an exercise where you make sounds to express how you feel,” she said. As he told her about it, she laughed.

whoops.

As you will see as you think about this, it soon dissolves into just labeling every shortcoming as “passive aggressive” until the term becomes a synonym for, “He’s an asshole”. But what kind of asshole? I think the average passive aggressive does not view himself as an asshole, but as someone defending himself.

the passive-aggressive style is simply another way of trying to maintain the integrity and strength of the fragile ego.

My advice is to first look for other factors that are undermining your ego, like did you spend ten years playing computer games, watching Futurama and reading 8,000 page epic fantasy series and now you are mad because you don’t have the status you expected?

After a while, “passive-aggressive” just starts to be a label for behavior you don’t like. But lets not fool ourselves, we witness our decision making and if we are honest with ourselves, we will laugh at our behavior.

If it has reached the point where your wife has to use her hands to hold her brains in, a book is probably not going to help you.

A good way to check yourself is to write out the logic of your actions and then imagine yourself explaining why you did what you did.

The other funny thing about passive aggression is that this disorder can make you think that other people in your life are in fact passive aggressive and because you think that way, you assume others do too. And a lot of forum posts take the form of, “Yeah, I suffered with that bitch for 15 years before I called her on her personality disorder. She pretended to not know what I was talking about, and she was all, if the color we chose for the bathroom 8 years ago was bothering you, why didn’t you say something and I was like, because we both know you chose that color to punish me.”
One thing I’ve learned from reading people’s struggles with Passive Aggressive people is that they all start out as “nice guys” and this leads me to think that nice people are just ticking time-bombs of passive aggressive lunacy.

Staring at cats. A lot of energy goes into pretending there isn’t a problem. Look at these people:

I tell him that I figured he wouldn’t go through all of the above if it wasn’t a problem. Because I called him out on his behavior, he wasn’t sure how to respond, so he stood staring at the cat for a minute.

I’ve stared at that same cat many times. When the passive aggressive stares at a cat, that is when all the trouble begins. On the other hand, reading that story makes me want to declare this “opposite day”, throw the coupons in the storm drain and buy all the wrong stuff at the grocery store. Does that make any sense? No.

Two Huge Questions Remain:
Why do so many passive aggressive people make promises relating to painting?
and
Is there help?

I think a lot can be approved with meditation and a good counselor, but like a lot of things, you have to be ready to admit to the problem and let down your defenses a bit, as I did. Also, you will start to see your own children copying your behavior and that is frightening. Frightening enough to change you.

Take heart from this guy who is now just admitting to it:

I have been married for 17 years and apparently slowly torturing my wife for all of them.

Finally, I’m putting this persons call out in hopes she can get what she needs:

If any of you know of an effective treatment for passive-aggressive personality disorder, I’d be very grateful to hear from you.

Posted in General | Comments Off

Kevin Mitnick’s Memoirs

Ghost in the Wires: My Adventures as the World's Most Wanted HackerGhost in the Wires: My Adventures as the World’s Most Wanted Hacker by Kevin D. Mitnick

My rating: 4 of 5 stars

This is a fascinating book. The first fascination is his way with technology. The second was his way of bypassing the technology by deceit. What he did seemed like magic to people and scared the crap out of them. Scared them to the point targeting him, I felt, out of proportion to his crimes.

The book portrays a kid burdened with some kind of compulsive disorder. I felt genuine concern for him because he was clearly a vulnerable kid in many ways. Am I being manipulated to have sympathy for him? Possibly.

Sometimes it seemed like he wanted to get caught. I kept thinking, “how can the great Kevin Mitnick be so careless?”
He is constantly getting busted because he left evidence lying around. He did his hacking from phone lines that could be linked to him. He left piles of incriminating disks and printouts in his car while he engaged in unauthorized visits to phone company facilities. He showed off to people that he should not have trusted.

How did a guy with such a knack for hacking social systems as well as computer systems fail at hacking our legal system? A good lawyer could have protected him from some of the abuse that seems to have happened to him at the hands of the justice system. This was not fully explored in the book, but if Mitnick’s claims about outlandish accusations and court proceedings are true, then there are questions about the fairness of his early trials.
Finally, he had a knack for enraging his friends and fellow hackers to the point of them wanting to help the authorities bust him.



View all my reviews

Posted in books, security | Comments Off

thank you, John Stewart

This perfectly sums up the logical fallacies of the gun lobby.

Posted in guns | 1 Comment

Tip O’Neill’s memoirs still hold up 25 years later

Man of the House: The Life and Political Memoirs of Speaker Tip O'Neill .Man of the House: The Life and Political Memoirs of Speaker Tip O’Neill . by Tip O’Neill

My rating: 4 of 5 stars

This book was helpful in learning more about the U.S. House of Representatives.
It was very instructive to learn about the Speaker’s frustrations in dealing with various white houses. It sounds like Carter’s staff was extremely aloof and hard to work with, while Reagan’s staff was very diligent.

The book is strong on stories and light on analysis. Tip looks back on the highlights of his career but doesn’t get very deep. It certainly paints O’Neill as a saint. There are a lot of insightful observations and funny anecdotes. The conversational tone makes his garrulous Irish uncle voice come through.

In spite of the breezy tone, this book is able to bring across the essences of political characters and events. Tip’s own experiences help colorize well-known historical events and people (Michael Curly, ABSCAM, Watergate, Iran Hostage crisis). There are some passages, though, that are third hand stories presented as fact. For instance, he talks about a meeting between Einstein and Roosevelt about the atom bomb. None of Einstein’s biographers think that such a meeting ever took place.

It was interesting to read about the early days of C-Span in doing so learn that Gingrich has always been a rat:

I happened to be watching in my office one afternoon as Newt Gingrich was taking advantage of special orders to attack Eddie Boland’s voting record and to cast aspersions on his patriotism. The camera focused on Gingrich, and anybody watching at home would have thought that Eddie was sitting there, listening to all of this. Periodically, Gingrich would challenge Boland on some point, and then would step back, as if waiting for Eddie to answer. But Boland had left hours ago, along with everybody else in the place.

The next day, when Robert Walker of Pennsylvania tried something similar, I called Charlie Rose, the member in charge of television in the House, and told him I thought the cameras should pan the entire chamber. Charlie informed the camera crew, and when they showed the empty hall, Walker looked like a fool.




View all my reviews

Posted in books, history | Comments Off

They Exist: Crime Novels with Excellent Writing

The Four Stages of Cruelty: A NovelThe Four Stages of Cruelty: A Novel by Keith Hollihan

My rating: 4 of 5 stars

I was reluctant to read this book because I thought it was going to be a sad story without much action about a young convict that I was supposed to feel sorry for. Why did I think this? I dunno, the cover? Once I began, though, the plot just took right off and I barely gave a shit about the kid. Graphic and fast paced, this book would make a great movie.

Every so often, I hear someone on NPR rave about a “crime fiction” author. Lee Child and Carl Hiaasen come to mind. I go and read the authors and I’m utterly disappointed because the writing sucks even in the best of them and they aren’t very creative. I feel like I can hear the authors brain scraping an empty plastic bucket looking for fantastic plot devices.

This book, though, is the one I was searching for. It is well written (by a St. Paul author!) and delivers the grit and adventure of the crime genre without the baggage of that genre. I enjoyed the feeling of not knowing what would happen next. I enjoyed the author’s clever turns of phrase and I did care about the main character, a female corrections officer.
The prison had this magical realism quality to it. This made me not able to completely trust the world it was set in. For example, I couldn’t trust that the inmates wouldn’t wake up one morning with the ability to fly because so many unlikely privileges were delivered to them.

I heartily recommend it and my copy is already in the hands of one of my co-workers.



View all my reviews

Posted in General, Minnesota, books | Comments Off

how many inaccuracies can we fit in a book summary?

It caused real physical pain to read this. But also some pleasure at the pure fly-in-the-face-of-facts attitude and pulling in Nazis and Soviets as the ones smart enough to figure out that oil comes by magic. If I could choose one book to mail back in time to Albert Speer, it would be this one.

At the end of World War II, U.S. intelligence agents confiscated thousands of Nazi documents on what was known as the “Fischer-Tropsch Process”, a series of equations developed by German chemists unlocking the secrets of how oil is formed. When the Nazis took power, Germany had resolved to develop enough synthetic oil to wage war successfully, even without abundant national oil reserves. For decades, these confiscated German documents remained largely ignored in a United States where petro-geologists and petro-chemists were convinced that oil was a “fossil fuel” created by ancient decaying biological debris.

Clearly, big U.S. oil companies had no financial interest in explaining to the American people that oil was a natural product made on a continual basis deep within the earth. If there were only so many fossils in geological time, there could only be so much oil. Big oil could then charge more for a finite, rapidly disappearing resource than for a natural, renewable, and probably inexhaustible one.

The Great Oil Conspiracy explains how Stalin at the end of World War II demanded his petro-geologists “dig deeper”; when petro-scientists in the United States had determined that the Soviet Union, like Germany, lacked national oil reserves. Russia today has challenged Saudi Arabia for the lead in oil production and exportation. Once oil is understood as an abundantly available resource, there is no reason hydro-carbon fuels cannot indefinitely propel the development and production of cheap energy reserves the United States needs to maintain its dominant position in the emerging global economy.

Posted in history | Comments Off

Wandervogel at Wolf Ridge

I was fortunate to be able to chaperon a weeklong field trip to Wolf Ridge environmental learning center with my son’s sixth grade class. I was in charge of a dorm room full of eleven year old boys and accompanied outdoor classes during the day. I got to know and appreciate Frank’s classmates, his teachers and some other parents. One of the perks was that a fellow parent brought a case of home-brewed beer.

Being physically and socially “on” most of the time instead of slouching front of a computer monitor slinging code meant that I really needed breaks to sit quietly and read. The book I had along was The Coming of the Third Reich by Richard Evans. It is a very powerful book that I will post separately about. I mention it because it led to some interesting conversations with fellow adults and also some dark thinking about the private school that we shared our dormitory building with. If you were chaperoning at wolf ridge this month and someone said, “Gregor Strasser over there won’t let our kids use their bathroom”, then I apologize. I also apologize for referring to the spilled food incident as “your little Reichstag fire”.

The ropes course was the most intense experience up there. As a chaperon, I got to man one of the towers and ensure that kids were transferring their safety harnesses correctly and give them encouragement and advice ( and also crawl out to the middle if someone froze out there, which I did not have to do). That meant I went first with the entire class watching me. I almost shit my britches up there while crossing a wire. I was on the edge of panic and the only thing that kept me going was that it wouldn’t be very helpful to the program if they first had to put up a ladder and remove a 220 pound sack of flesh that had adhered itself to the burma bridge. I kept thinking that the equipment was made for children and would break apart if I fell. It didn’t.

A remarkable thing I noticed is that these kids were largely kind to one another, at least on the surface. When I was in school, the pecking order and the ostracism of socially inept kids was more overt, I think. It is possible that these kids are under more stringent social management (bullying is definitely out of fashion these days and the definition of bullying is very open ended) and so the unkindness could be more underground and more subtle.

This trip made me realize that as parents, we continue the same social drama we had as elementary school kids.

I ate a lot of wheat up there. I indulged in pasta, pancakes, pie, sloppy joes. I ate way more wheat than I’ve been eating for more than a year and I experienced interesting side effects. Most noticeably, my joints started aching. I’ve had a years-long stretch free of back pain and this morning my back is achy like I remember it being often before I started riding to work every day. My knees, hips and ankles are also stiff, especially in the morning. My ankles take a good half hour to “warm up” every morning. This little (very enjoyable) foray into the wheat life will provide a great experiment to see if these symptoms go away when I cut it out again right after I finish this here muffin.

Posted in General, Minnesota, outdoors, parenting | 1 Comment

Charlie is my Darling

learning to relax with a camera around

Charlie is my Darling is a documentary film of the 1965 Rolling Stones tour in Ireland. I saw it last night at Pepito’s Parkway Theatre. I think portions of it are available online, but this version features unreleased material and cleaned up audio. It was great to watch Keith Richards in motion after reading his autobiography. It becomes clear that he is a scion of some genius minstrel who survived the black plague by being especially entertaining. There are a lot of sequences of the group without their media masks on. For example, the group is trying to act cool and sip tea in public when a girl walks up behind Keith and pulls one of his hairs out. Kieth goes “yowwww!”.

They really tore it up on stage. After a Chuck Berry cover, which was awesome enough, they broke into an almost speed-metal version of Satisfaction that gave me chills. While the shows were great and featured the group running for their lives from fans, the best part for me was having a fly on the wall view of them as they hung around their hotel room working on new songs and singing some Elvis and Beatles songs and even some Dion. The songwriting parts where previously unreleased because they “gave away some of the magic.” Fortunately, that reasoning has expired and now we get to see the magic. Brian Jones seems very affected and maybe in the early stages of some mental illness.

Before the film, the theater played an obnoxiously loud video of the Stone’s recent release Doom and Gloom. It was great fun to see it with an theatre full of people. It is playing again on Sunday as part of a weekend-long “Stones Fest”.

Posted in General, Minneapolis, music | 2 Comments

Train by Pete Dexter

Train: A NovelTrain: A Novel by Pete Dexter

My rating: 4 of 5 stars

I liked this book because it has great characters and allows them to build little worlds for themselves. In addition to the main character, Train, there is a hard-boiled L.A. police Sergeant that reminds me of Don Draper. It is a very dark book. Pete Dexter must live in some kind of hell-world if he can imagine people thinking and acting this way well enough to make it come alive like this in a novel. Thank God he can work it out by sharing it with the world. Like Paris Trout, this book is about race and class in America. There is more slapstick violence in this book than in Paris Trout. Some segments made me laugh until I was undone. Dexter really knows how to capture American males, their pecking order in any given group, and their berserk anger.



View all my reviews

Posted in books | Comments Off

A Roadace

I bought a beat-up old Marushi Roadace 505 bicycle at a yard sale. $50.00 It is equipped with a mish-mash of parts including a bmx handlebars, a gigantic sofa of a seat, one shifter on the handlebar and one really low on the frame, a great basket, and a well-maintained drive train. I bought it, rode it home and immediately snapped one of the crank arms. Upon inspection, I should have checked for and noticed cracks in the arm. Of course, it was the right side one with all the gears and it sucks because the gears were in good shape and the crank set was a nice, lightweight good looking thing.

I really wanted to get this bike back on the road, so I went to Sunrise Cyclery on Lake street and found a replacement that is a bit heavier but in good condition for $10.00. I replaced the crankset without stripping the threads or breaking my bike tools!
“Success is counted sweetest by those who never succeed.”

So now I have this fully functional weirdo bike that is relaxing to ride because there is no way anyone would think they were supposed to get somewhere quickly while riding it. It is the kind of bike you would ride wearing a football helmet and listening to talk radio from a transistor radio hanging off the handlebars and maybe a huge blinking construction light wired into the basket in back.

Posted in bicycle, cycling | Comments Off

Life by Kieth Richards

Purely by accident I picked up LIFE by Kieth Richards and was instantly, irredeemably hooked. Looking at it on the shelf, it had to be some kind of joke, but this book is amazingly well written and thoughtful. Keith Richards has a gift for slapstick comedy. The stories didn’t just make me laugh out loud, they incapacitated me.

I was never more in fear for my life than I was from teenage girls. The cops are running away, and you’re faced with this savagery of unleashed emotions. I think it was Middlesbrough. And I couldn’t get in the car. It was an Austin Princess, and I’m trying to get in the car and these bitches are ripping me apart. The problem is if they get their hands on you, they don’t know what to do with you. They nearly strangled me with a necklace, one grabbed one side of it, the other grabbed the other and they’re going, “Keith, Keith,” and meanwhile they’re choking me. I get hold of the handle and it comes off in my hand, and the car goes zooming off, and I’m left with this goddamn handle in my hand. I got left in the lurch that day. The driver panicked. The rest of the guys had gotten in the car, and he just wasn’t going to stick around any longer. So I was left in this pack of female hyenas. Next thing, I woke up in this back alley stage door entrance, because the cops had obviously moved everyone on. I’d passed out, I’d suffocated, they were all over me. What are you going to do with me now you’ve got me?

It was interesting and fun to read this biography knowing that it might be told by an “unreliable” narrator who was possibly under the same spell he accuses Mick Jagger of being under, the 40 years of abject flattery and worship, and also under the influence of heroin, cocaine, and drugs I’ve never heard of before. However unreliable he may be, he gave a good history of his years of struggle with heroin addiction and of painful family events. He recounts losses of friends like Gram Parsons and of course the various accidents and run-ins with the law. He also has a very generous nature and spent a lot of the book appreciating the great friendships he has built over the years. I enjoyed the stories of Kieth’s childhood, his early years of poverty, playing music and knotting his guitar strings together when they broke, of the inside jokes he shared with the other Rolling Stones.

We were cynical, sarcastic and rude where necessary. We used to go to the local caff, which we called the “Ernie” because everyone in there was named Ernie, or so it seemed. “Ernie” became everybody else. “What a fucking Ernie, Christ.” Anybody that insisted on doing his job without doing you a favor was a fuckin’ Ernie. Ernie was the working man. Only got one thing on his mind, making another extra shilling.

There may be some revelations for guitar players as he delves into technical descriptions of how he hacked his guitar to replicate the licks of the blues greats that he worshiped. He writes a lot about his devotion to the craft. He worked tirelessly to turn out some of the Rolling Stone’s most famous albums: Beggars Banquet, Let it Bleed, Exile on Main Street, and Goats Head Soup. He does a great job of telling the story of how that sound came to be realized. Pages and pages devoted to the layout of the studios, who was there, where the inspiration came from. I can’t find anything to refute what he claims about his character, his hard work, and his musical innovations, so I’m leaning towards his being a reliable witness. This was only just completed in 2010. I kind of bought the media image of him being an absolute gonner, but he is much still here. It reminded me again of how hard people work to have some success in their lives. I felt grief when I finished it because I enjoyed his company. Just a really warm, amused guy.

Besides wondering if he was an unreliable narrator, I had a suspicion that this book was just another sensational Rolling Stones album in book form, but I couldn’t put it into words until I found this quote in the New Yorker: “Half book, half brand extension”. Exactly. He (and his co-author) knew that part of their job was to deliver a bit more of the Rolling Stones and give you a thrill and a peek into the band’s inner circle. They certainly achieved this.

Posted in books, music | Comments Off

eating like a mcguire

This is from someone who was taking care of Frank:

My favorite Frank line:
Me to Frank: Are you sure you can eat that whole thing?
Frank: I can eat the whole anything.

Posted in General | Comments Off

Steve Gibson’s body is an amusement park

As a long time Security Now listener, I find almost nothing stranger and funnier than Steve Gibson describing the day he achieved Ketosis as if it were his first orgasm.

Posted in health, science, security | Comments Off

Using the fires in Colorado for political points? I can do that too.

I noticed that conservatives with nothing better to do are taking to the internet to blame Obama for the fires out west. In that spirit, I provide this:

State and federal officials have outlawed fires and fireworks on all public land and unincorporated private land. A long list of municipalities have also banned those activities. But officials can do nothing to prevent irresponsible hotshots from putting all Utahns at risk by firing guns out in the brush. Target shooters sparked a blaze near Saratoga Springs that has sent 2,500 residents fleeing from their homes and so far has scorched 5,600 acres. Five hundred firefighters are still battling that fire. It is the 20th this year caused by firearms use.

Conservative Utah legislators, in their usual frenzy to protect the all-important right to keep and shoot guns, have dictated that no state officials other than themselves can “enact or enforce any ordinance, regulation or rule pertaining to firearms.” Cities can, and should, limit shooting to approved ranges. Provo has limited shooting to indoor ranges.

Once again, guns are mystically excluded from public safety measures. This is because a small but vocal minority are emotionally fixated on the seeming power and control that guns bring. It is tough to live in a democracy with these folks. One cure I’ve found is watching videos of gun fetishists get hit in the face by the recoil of their own weapons. There are a lot of such videos because gun lovers love to take movies of themselves looking all bad-ass.
so here are some videos:

Posted in General, guns | Comments Off

Swimming Discouraged

I took my kids and some others to the new pool on our side of town. I have to say it was fun and that the climbing wall and zip line were great for the novelty factor. We saw lots of people we knew and I have no doubt we’ll be back many times this summer.

After a while, though, I realized that the pool was carefully engineered to minimize actual swimming. I noticed this because I was initially very nervous about keeping track of the 5 kids I was with (there are various reasons for this including safety and fact that at least two think it is OK to fish food out of the garbage when feeling peckish). I soon realized that I could relax because kids visiting this pool spend most of their time either waiting in line for attractions like the zip line or lazy river (or cliff diving or wall climbing or water slide, or the snack bar) or actually floating in an inner tube on the “lazy river” which is 3 feet deep and forbidden to swim in. There is a small “lap” pool with no deep end that is OK to bob around in without a flotation device. No actual swimming was happening there either (to be fair, this was a crowded day and you could probably swim there on a weekday). A significant portion of the lap pool is devoted to a huge ramp so people don’t have to work too hard to haul their asses out to get back in line for nachos.

This new pool replaces the old Como Pool which was actually a “swimming” pool where people could actually swim. Yes, I’m bitching after others put a lot of planning and effort into making this new pool happen. No, I wasn’t involved during the public input phase. Yes, everything was better back in my day.

Highland Pool, which is on the other side of town has a huge Olympic-sized pool with a deep end that is over my head. You can actually play tag and swim more than 15 feet before you run into a wall. A kid might even start breathing hard at Highland. Highland pool was also recently rebuilt to have water park-ish features like a climbing wall. You can still see the rusty spots in the concrete where the high-dive once stood. You can’t see those spots at Como any more.

My payback for taking five kids to the pool turns out to be a multi-day bitch session for not putting sunscreen on the little snowflakes. There is a reason for this. We got to the pool after 3PM. I don’t apply sunscreen after 3PM. That’s one of my rules.

Posted in General, St. Paul, health, parenting, swimming | 2 Comments

I’m sick of being treated like a criminal

I want to record the shit I put up with around here. Four times yesterday, I was treated like a criminal:

  1. At 9:00 AM, I got notice that my dependents will lose their health insurance in 9 days if I don’t document that they are in fact my dependents. The state has launched an audit to hold down costs. Because I might be a cheater out to get health insurance for a bunch of children that don’t deserve it, I have to spend a bunch of time bowing and scraping before the auditor kings and hope they accept my papers. They set up a site where I can upload scanned images of the birth certificates, my marriage certificate, and my tax return. I hope they’ll enjoy looking at the extra images. How much are we paying for this audit?
  2. At 11:00 AM I got a reminder about harassment training. The state has mandated that every single state employee undergo harassment training. 30,000 people will sit in conference rooms across the state to be told that it is NOT OK to move their fist back in forth in front of their mouths while pressing out against their cheek with their tongues. I don’t need to be told not to slowly circle my lips with my tongue while looking over my cube wall at my co-worker or make suggestive motions with grocery items. If I DID, a two hour meeting would not cure me! I skipped the training. Because I have work to do. I expect dire consequences.
  3. When I got home after this long day of being bad, I was accused of eating a chocolate Gelato (whatever the THAT is) that someone gave my daughter for her birthday. This is fake drama about living with a male who can’t control his urges.
  4. Finally, that same evening, the clerk at Target took my $20.00 and held it up to the light. Because I might be trying to pass funny money. I was like, “I’m outta here. Keep your Archer farms Smoked Ham”. How big of a problem is counterfeiting, really? Big enough to train all cashiers to spot bad bills? Big enough to make it worth while to subject all customers to this kind of treatment? Well, if the cost of insulting your customers is zero, then maybe it is worth while. I’d like to raise this cost.

One: Do I get bent when I walk by a bike that is locked up? Isn’t that treating me like I might steal a bike? No. I’m not having a transaction with that bike owner. It also addresses a real problem. I know from personal experience that all unlocked bicycles will be immediately stolen by a supernaturally efficient bike theft underworld.

Two: Don’t all those measures help keep crime at bay and benefit society? I don’t think so. We, as a society, have smashed the living shit out of crime, relatively speaking. New crime prevention measures are reaching the point where cost exceeds benefit. These measures are not going to solve some kind of huge costly problem. Kind of like a runaway train of virtue, well meaning bureaucrats are trying to engineer all slack out of the system and make sure nobody is ever ripped off, injured or even upset. The ultimate effect is to control and harass ordinary citizens to the point where we can’t think of anything else except how not to look suspicious.

Posted in General | 1 Comment

claymation hospital

this was a group project with some clay and a webcam

Posted in General | Comments Off

Locking Down Facebook

I get a lot of pleasure out of Facebook. While I’m happy to use it and even be advertised at, this free application needs to be watched. A lot of security and privacy folks have quit Facebook for their security and privacy lapses. The lapses will continue. As someone who will use Facebook anyway, I wanted to make it as secure and private as possible. So, for this blog post, I made note of the things I was surprised by. The things listed here are really only pointers or teasers for the Exhaustive Guide (updated September of 2011).

That guide goes deep and shows some new features, some of which allow for more privacy. For example,

  • Make sublists of friends so you can control which groups of friends see which posts.
  • Keep an eye on those Apps. With Application Access Logs, you can see a history of which Apps requested which personal information from you.
  • Test your security settings by viewing your Facebook page as it would be seen by another user. To do this, go to privacy settings –> edit profile –> view as. Now type someone’s name in the box and you will see if that person sees only what you want them to see.

There was a good set of instructions going around more than a year ago. I followed those recommendations and like many people, I just assumed those would stick. Well, enough has changed in the account and privacy settings that that old “lockdown” is no longer complete. So, the first step to locking down Facebook is : Pay attention to changes. The graphic at the end of this article shows the changes over time to default Facebook privacy settings and they trend towards more exposure, not less. A good source of Facebook info is the ZDNet friending Facebook blog.

Here are notable facts from the article:

  • Especially if you use Facebook with public wi-fi, you need to force HTTPS. It took a long time, much longer than it should have, but FB now allows you to use exclusively HTTPS. This means that your communication between your browser and Facebook will be scrambled so that nobody can read your traffic or hijack your session. HTTPS is not on by default, though. You have to turn it on. If you have any doubt about the need for this, watch this video.
  • Customization for Apps has been upgraded. Facebook apps are things like Scrabble, Wordtwist, Mob wars, and whatever else you are adding into Facebook . These third-party applications are often poorly and insecurely written and can even be malicious. Note that the list of apps you see on your front page when you click “apps” is much shorter than the actual list of apps that are installed and silently monitoring your life. To view the full list go to Privacy Settings –> Apps –> Edit Settings. I was surprised to see several apps that I had forgotten about, silently working.
  • I missed this in my first pass at checking account settings, but Facebook can also use your “Like” vote about a product or business as endorsement when they show an ad for that product to your friends. You can turn this off Account Settings –> Facebook Ads –> Edit Social Ads Settings.

Two things I would add to that guide:

  1. If you haven’t changed your password recently (or ever), do that now. Breaches in the past year make it somewhat likely that your password has leaked out somewhere.
  2. This might be more paranoid than you wanna be, but photographs uploaded to Facebook may leak personal information. This information may include the make and model of your camera, time of day and location. If you do not want this information known, consider scrubbing the photograph’s exif data before posting

This is from Facebook itself (link):

Applications your friends use can also access information from your profile

Not much has been written this, but your friends’ poor security choices could affect you. It happens when they post on your wall advertising a funny video that is really a virus.

Posted in General | Comments Off