09:13 – Wow, the cold weather has really moved in. Our lows are below freezing for the next several nights. For tomorrow the forecast high is just above freezing and the low is 18F (-8C).
Costco run and dinner with Mary and Paul yesterday. Mary is vegetarian and cooks amazingly good no-meat dishes, so I gave her a copy of the list of seasonings that Frances and Barbara came up with and asked her to please add to and annotate it from the point of view of someone who was going to be cooking meals from boring staples like rice and beans over a long period. I’m sure Mary will come up with some worthwhile additions and suggestions.
Yesterday was the first Costco trip in a long time that I didn’t buy much in the way of shelf-stable foods. Other than six jars each of spaghetti sauce and apple sauce, a pack of seven one-pound assorted pastas, a jar of red pepper, and two bottles of Worcestershire sauce, the only thing I added to our cart was two 12-packs of 12-ounce cans of evaporated milk. I couldn’t resist those. They were on sale for about $0.75/can.
Man, feminists are just determined to find something to be offended about.
I expect y’all know about the kerfluffle about the shirt worn by the lead scientist for the Rosetta/Philae mission. Fortunately, vast swaths of the Internet seem to think that the shirt is just fine, and the that uproar is pretty pathetic.
However, did you know that wearing a plain, grey t-shirt is equally sexist? As near as I can wrap my brain around it, the reasoning is this: women care about clothes. Therefore, if a man states that he does not care about clothes, he is implicitly devaluing women.
The mind boggles.
[edit] I see I started this post with “man”. Pardon me, that should have been “woman”…I mean “woperson”…nope, still got something male in there, let’s make it woperdaughter!
Assholes are assholes, regardless of their sex, and progressives are progressives, regardless of their sex. But I repeat myself. Ignore them or, better yet, ridicule them.
ShirtGate is the new FemiNazi cause. Many of those outraged are the ones fueling “slutwalks”, wearing giant vaginas, free the nipple, etc. Hypocrites all. Read Paglia’s article on consenquences of slutty behavior. Yes, it’s all OK, but when you get hammered, don’t be surprised, outraged and use the “No true Scotsman” fallacy.
More war on drugs. The DEA raids a bunch of NFL teams over the weekend. Does anyone give a shit about footballer drug use? The WoD failed miserably, so the DEA is now going to arrest the US and put us all in our place.
The radical fembats are just not gonna go away anytime soon, and yes, they delve very deeply for things to be offended about, just as the previous professional grievance whores and pimps have done for decades now. Half the country buys their drivel and the other half, including us, is outraged by it. This will continue for more decades until the two halves finally have it out, one way or the other.
“Wow, the cold weather has really moved in.”
We’ll say that here when it stays in single digits or below zero for a while. But right now it’s snowing steadily and visibility is very low; a white-out over the lake. Straight down, no wind.
“The WoD failed miserably…”
The War on Some Drugs; there, fixed that for ya.
I am an expert on this: booze is the greatest destroyer of people, by far, and it’s booze that has caused the most problems, in families, and for “law enforcement.”
Then there are the truly murderous drugs like crystal meth, crack, heroin, etc., but they’re fah, fah, outnumbered, dwarfed even, by booze. And our heroic cop warriors up here are still busily rooting out pot users, growers and dealers. This is the Low-Hanging Fruit Theory of Modern Law Enforcement.
Just as they will nail the poor slob motorist doing 7 MPH over the speed limit and ignore the maniac racing by at 110. At least during the day. At night the maniacs kinda tend to stick out and they’ll get chased, what a thrill for everyone.
Agreed. I wonder if alcohol is the biggest drug problem because it’s the most readily available drug or for some other reason.
Well, to give credit where credit is due: arresting a zoned-out pot user is a lot safer than arresting someone hopped up on crystal meth. Also, unlike meth labs, pot plants don’t blow up. And on the gripping hand, you may be able to snag a few baggies for yourself, because the arrestee sure ain’t gonna tell the judge “man, I had more than that!”
@OFD: What do you reckon? How may cops have a dime bag ready to drop into a vehicle, just in case they happen to find a use for it? Are we talking 5% (what I hope to hear) or 50% (what I’m afraid you’ll say), or somewhere in between?
Meanwhile, alcohol. It does cause problems, but the prohibition showed that there is no easy solution. People who need to escape that way are going to find a way. Either they eventually realize that booze isn’t the solution (hard, hard, and laudable when it happens), or…they don’t. There’s really not a lot anyone else can do.
Dave B posted while I was writing, but I just have to answer his question: “I wonder if alcohol is the biggest drug problem because it’s the most readily available …”
Definitely availability. This Fall we had a jug of apple juice sitting in the fridge, and totally forgot about it. Several weeks later, my wife tried a sip…it had turned into a really delicious hard cider, without any intent at all. Natural yeasts are everywhere; if you take care to avoid damaged fruit, apples and grapes will happily ferment themselves. Probably other fruits as well – I’d bet on plums and cherries, for a start.
I make beer regularly, for my own consumption – while I buy the yeast, there’s no reason I have to. I’m pretty certain that I could take any random bottle of my beer (second fermentation in the bottle) and use it as a starter for the next batch.
Distillation is also dead easy. Getting something that tastes nice may be more difficult, plus you want to avoid concentrating any methanol. But beer, cider and wine? So easy that they happen by accident.
RE Brad’s post: I see I started this post with “man”. Pardon me, that should have been “woman”…I mean “woperson”…nope, still got something male in there, let’s make it woperdaughter!
Nah. The progression to “sexless” language goes like this: Woman is unacceptably sexist because of the presence of “man;” “woperson” is equally unacceptable because of the suffix “-son.” There is already a word in English that fills the bill, and it is “one” as in “one knows,” one sees,” “one does,” etc. So… that vile sexist word “woman” becomes woperone. Wo-Per-One. Perhaps it could be pronounced “whopper-OWN.”
Larry
Who has entirely too much time on his hands
Ruh Roh! National Guard going to Ferguson. Lock and load a 30-rounder. This won’t end well.
Activate Baiter: Sharpless
Activate Baiter: Jackwagon
Activate Baiter: Fartinacan
Hopefully they’ll be out front when the lead starts to fly.
“Sharpton: Obama Wants Ferguson Protesters to Stay on Course”
http://www.frontpagemag.com/2014/dgreenfield/sharpton-obama-wants-ferguson-protesters-to-stay-on-course/
If this is true, this would have been an impeachable offense by any previous president. Inciting to riot is a felony in most jurisdictions, especially if anyone gets hurt.
Went and saw cardiologist #3 today. I think that he is beginning to catch on to my lies. That is ok because I am not believing his either. “If you lose 20 lbs then you can get off all the heart medicines” did not work for me very well and I called him on it. To which I got a sad smile.
Had an echo-cardiogram today. Looks like my heart volume ejection fraction has declined to 48%. It was 52% two years ago.
“@OFD: What do you reckon? How may cops have a dime bag ready to drop into a vehicle, just in case they happen to find a use for it? Are we talking 5% (what I hope to hear) or 50% (what I’m afraid you’ll say), or somewhere in between?”
In my day not many; maybe that 5%, even in the big cities. The only guys who did that regularly were the regular narcs. Now, I have no ideer, but suspect the percentage is higher.
On the booze thing, yes, the availability and the *legality* and public moral acceptance of it. Booze is happy times, gaiety, laughter, tailgate parties, New Year’s Eve, tying one on, getting blasted, getting juiced, etc. No problemo, senor! Drugs are evil, except for “..the ones that Mother gives you..”
Here is some fun reading if you have about twenty minutes or so; it’s worth it:
http://dailycaller.com/2014/11/15/the-daily-callers-all-star-greatest-hits-alphabet-of-racism/
Here’s an example of “anti-racist” logic:
“the privilege of being oblivious to questions, of never having to grapple with the everywhere; the right of false naming,”
Check yer privilege, hosebags.
“Hopefully they’ll be out front when the lead starts to fly.”
Jever notice da loudmouth sons-of-bitches are never out front then?
This could go several ways; if the locals are smaht, they’ll keep it low-key and peaceful. If they riot, the hired State thugs and gunmen are likely to give the whole nay-shun an example of how it’s gonna be. I don’t see any good guys in this scenario so fah.
““For most white people we leave our houses everyday and we don’t have to worry about getting shot. We don’t have to worry about being assaulted. We don’t have to worry about being arrested. That’s not true for everybody in this country and that’s one of the reasons why we’re out here on the streets,” he says…”
Well, that’s changing pretty fast, and it also depends on where one lives and works. And how much one might stupidly mouth off to the cops when stopped or “resist arrest” when being stomped into the pavement and not flattening out enough to suit them.
“And I also think we’re not going to get change in this society unless white people are just a little bit afraid.”
Yeah, I’m quaking in my plush-lined moccasins.
Only thing I’m afraid of at this point is running outta Moxie and pretzels.
OFD, how did the interview go?
And on the alternative income front, how is the rat catching going? I’m assuming your making use of your available resources, to wit a fierce feline, and are catching rats for their pelts, from which you craft elegant evening wear, for sale for big bucks.
As is often the case, Heinlein called it: you don’t have to worry about the large-mouthed malcontents. It’s the small-mouthed malcontents who are dangerous. Idiots flinging themselves in front of the TV cameras are unlikely to accomplish anything except by accident.
“Steve M. writes of how much he appreciates my book, The Real Lincoln. He also has some choice comments about the Lincoln cult:
“Unlike many of your critics (many of whom should be sued for slander), my interest is not in propping up a massive, overbearing federal government, but in the sort of freedom a good moral person deserves.”
And getting to the heart of the matter: “Your critics are lying, dissembling losers. The facts are so sharp, they are like cornered rats. And predictably, they act like it.”
http://www.lewrockwell.com/lrc-blog/a-reader-comments-on-the-lincoln-cult/
“The Real Lincoln.” Highly recommended.
Cops in Queensland just cleansed the gene pool a bit:
http://www.abc.net.au/news/2014-11-18/police-shoot-and-kill-man-north-of-brisbane/5898404
The Real Lincoln got a pretty bad review on Wikipedia…
“OFD, how did the interview go?”
Seemed to go very well. It’s a rack-monkey gig at the same data centers I was a rack-monkey in before, just a different contractor/subcontractor deal. No more involvement with the RHEL servers, other than the hw end of it, fine with me, I don’t really care at this point; the server end has been offshored, come to find out, to India and Slovakia. I’d be working with them to get the Cisco routers and switches set up and hooked to the servers and they do the rest. Whatever. Job could last up to three years or three days, who knows; what a wacky field it is now. Fah as I’m concerned, it’s a gig to get us through the holidays and winter, period. If it goes further and I can hack it and stomach the peeps I work with, fine.
“…how is the rat catching going?”
No rats around here. Only mice, shrews, moles, and birds being found KIA. But the production has dwindled of late.
“The Real Lincoln got a pretty bad review on Wikipedia…”
No doubt from the Lincoln acolytes, as the late Gore Vidal called them. He also referred to them as the “Lincoln priesthood.” Dissent from the myth and you are Anathema to them. The real article was a murderous sociopath and should have himself been used in the front line bayonet charges against entrenched Confederate rifle fire and artillery. Along with Stanton, another real piece of work.
The only bugger who’s given Lincoln a run for his sociopathic money was LBJ, a truly evil character. Makes Nixon look like a choirboy.
I’m only able to get on the net right now with my iPhone used as a tethered hot spot; ComCast tech will be out Thursday to set us up with the real deal.
Should be interesting.
صليبي
The above is what I shall have embroidered in white on a black background baseball cap.
I so admired those of the brave and heroic ISIS fighters I saw in a picture the other day, hoisting their wunnerful flags and AK-47s.
I will do a selfie of me with the above embroidered hat, while raising a 1776 flag and some kinda assault rifle I’ll borrow from somebody, maybe….post it over on their web site…see if they can dig it…
Looks like an interesting book here….
http://whowhatwhy.com/2014/11/16/double-even-triple-government-russ-baker-deep-politics-bushes/
I have plenty of plain grey t-shirts and sweatshirts. I was considering that they used to be more popular than they once were, and was thinking bout relegating them to the back of the drawer, but this femcrap stuff gives me renewed reason to wear them daily. They still make them. In big numbers.
White seems dead as outer wear for men, though. Used to be very big before tie-dye.
Guess I have been really lucky to have females care about me at all. A few still do. I’ll get by without the others.
Going down to 8 tonight, and it’s closing in already.
Cold?
http://mynoise.net/NoiseMachines/fireNoiseGenerator.php
Lincoln – yes, indeed, we are all taught in school how he was a hero, ended slavery, etc… It’s only reading between the lines that other possible explanations pop up – they sure aren’t in the standard history books. Victors write the history, and all that…
Had the same thing in my Spanish class today. The teacher put up a picture of Mother Teresa and asked me to describe her. I hestitated, but finally compromised with “well, *some* people think she was a good person”. Ummm…many raised eyebrows… (For those wondering, there is a fair bit of evidence that she refused access to medical care for her patients – the theory being that saw medical care as a threat to what she was doing, namely, having sick people to care for.)
ComCast tech will be out Thursday to set us up with the real deal.
The Comcast modem is fairly good and provides a good wireless signal. However, Comcast charges you monthly for the modem and in 1.5 years you could have paid for your own modem. If you are getting voice Comcast will provide the voice portion through their modem and unfortunately there are no reasonable options to use your own purchased modem.
I have voice, data and TV through Comcast. I have two modems, one for voice, one for data. My data modem is purchased. I was paying for a modem and decided to buy my own and get rid of the fee. Did not work. The fee is for the voice modem, the data modem that Comcast had provided was at no charge. So I wasted some money on my own modem as I still have to pay for the voice modem.
I also have my own router, a Nighthawk. The Comcast provided modem will do routing and provides wireless. The problem was the range, at least on the model I had. Newer modems may be better. Now I get good signal throughout the house and out on the back patio by the pool with my the Nighthawk.
I give you all this so you can evaluate your cost options. With voice you have to get Comcast modem, well not really, but the alternatives of buying your own is not worth the hassle with Comcast.
If you do buy your own data modem and turn in Comcast equipment immediately scan the receipt from Comcast and the receipt for your purchased modem. Comcast receipts have a habit of fading over time. These receipts are needed as many people have had Comcast bill them for a returned modem or charge them a monthly charge for a customer owned modem.
Watch Comcast like a hawk.
We have a couple of month old Comcast “modem” for our Internet service. Speedtest shows 20 megabits per second plugged directly in the router. Using either WiFi or our old Ethernet over powerline gear gives us 5 megabits per second. WiFi range is good. Have had WiFi access on my cell phone while walking a few houses down the street.
Cold?
Thanks Mr. Chuck. I downloaded the free app to try out. I love white noise to relax while reading. I’ll stream it to my Big Jambox.
Thanks for the Comcast intel, Mr. Ray and Mr. Dave B.; I do intend to watch them like a hawk; for 15 years I heard the guys in the Greater New Hampshire Linux User Group crab about the service they had with Comcast in NH, where they had/have a monopoly. We’re getting the Comcast modem for now; I’ll look into voice options and we’ll see how the wireless works here, which is a problem area. Someone else around the ‘hood has Comcast, too, our next-door neighbor, I think; I’ll interrogate him next time I see him out back when we’re both slaving away at our Honey-Do Lists.
The snow from yesterday has mostly disappeared and it’s extremely windy again. 28 here right now and “feels like 19.” 30% chance of more snow. This is now more like mid-autumn, finally. Actual wintuh is still five weeks away.
>> 28 here right now and “feels like 19.” <<
Sounds balmy compared to our 15 right now, "feels like -2" in SW Ohio .
I do intend to watch them like a hawk
For the most part I have been very happy with their service. The billing sometimes gets screwed up and that is what you really need to watch. Especially if you change and turn in equipment. Scan those receipts before the ink fades.
The internet is fast. I get 50 down and 10 up and the speed tests indicate that I am getting what I am paying for. I do use my own modem and router for internet, Comcast modem for phone. I do have a limit of 300 gig per month and I can watch the utilization on my router.
I have setup wireless in a few people’s homes that have Comcast. The Comcast modem seems to work OK and actually has fairly secure SSID at the factory default. The SSID and password are on a sticker on the bottom of the modem and I saw no compelling reason to change either. The factory default actually has good settings for a normal domestic environment.
Of course a propeller head like yourself will most certainly expand beyond the basics that us mere mortals use.
“Sounds balmy compared to our 15 right now…”
Yes, we live in the Banana Belt here, on the Redneck Riviera. T-shirt weathuh.
“Of course a propeller head like yourself will most certainly expand beyond the basics that us mere mortals use.”
I dunno about propeller head, but sadly I am the type of person who thinks it’s great if the new modem comes with a CD loaded with 200 pages of documentation of stuff I can do with it.
Does anyone use grc.com’s Shields Up to test router settings and security? Curious about opinions, including better ways.
I used to be a Gibson fanboy, but now think he’s a bit of a charlatan.
I haven’t even considered Gibson since he kept selling SpinRite for IDE/ATA drives.
Plus he’s a tad outta date, and there is no excuse for someone in that line of biz who still maintains web sites in that biz.
For the basic home pooter user who just wants piece of mind without a whole lotta tweaking and paranoia I usually recommend two places:
https://securityinabox.org/en
And the Road Warrior product from these guys:
https://secure.cryptohippie.com/
If you wanna do more with yer own stuff, there ways to harden yer router/modem/switch and if you keep going with that, you can also dedicate a Linux machine to run a Linux vm on it with the Tor browser, an offshore email account and PGP encryption. You can also still use the last good version of TrueCrypt.
A step beyond that is to create a Tails CD, DVD or USB stick and use that to boot up any pooter; you can run the persistence feature to save files with it, too.
There’s a good debunking of Gibson here:
https://groups.google.com/forum/?hl=en#!original/comp.dcom.xdsl/Vm2xVSu6prk/jpfCIyPj7poJ
Gibson : “we doubt whether anyone but Steve and a handful of aliens would even
know what all this is”, and, as John Navas replied “(no argument there)”.
and here:
https://allthatiswrong.wordpress.com/2009/10/11/steve-gibson-is-a-fraud/
My beef with Gibson is that I bought SpinRite 6 in about 2004 on the promise that documentation for that version would be available soon. I e-mailed and posted on his forum when that didn’t happen and got no satisfactory response. A year or so later the promise to update the documentation was quietly dropped, leaving only SR version 5, 4 and even 3 doco in place.
I am also fundamentally opposed to his “Small is Beautiful” campaign. He advocated writing code in assembly language because it made a product smaller and more “efficient”. This is basically bunkum. Nowadays you don’t write in assembler unless you need access to some feature not provided in a high level language or, in some cases, where speed or small size is crucial. I wrote assembler for CDC Cyber peripheral processors, with 4k 12 bit words, and you really did need to be obsessive about saving space in programs. Plus COMPASS was the only available language. But it is not an efficient use of time to write assembler nowadays, nor is it easy to debug.
If you thought touting SpinRite for IDE/ATA drives was bad, these days Gibson is talking about it working on SSDs.
Thanks, OFD for the two sites… Lots to consider there, and too tired today to go on.
I had read some of that stuff about Gibson before, but it just seemed like mud slinging. Agree about his arrogance, and about SpinRite, but have to admit that ShieldsUP is an attractive quick check for open ports. Nothing more.
I am trying to learn more about securing networks and home computers, but admit to not being very diligent. I know a few Linux admins who have some good knowledge, but some of their schemes seem like overkill. I don’t care much about anonymity, but do worry about security when I access (especially) banking sites, where a minor slip-up could be costly. I believe I am reasonably safe using a Mint box behind a DD-WRT router. At least I seem to be a less popular target.
No! Don’t end it all! You’ve got so much to live for! Think about … think about getting a teenage girlfriend. See? Life’s not so bad.
(Considering today’s discussion somewhat on this topic, it is left as an exercise for the reader whether I’m malicious or merely incompetent at suicide prevention.)
Assuming you find the strength to go on, I think well of http://www.amazon.com/Hacking-Exposed-Sixth-Edition-Solutions-ebook/dp/B001NLKUMS . To be honest, I’m several editions behind on this book, but the first several eds were good and I don’t see why the 6th wouldn’t be as well. This comes mainly from an attacker’s point of view, but in order to defend you need to know how attacks are made. There is (or was, in earlier eds) some explicit discussion from a defender’s point of view, but that’s not the emphasis.
“I believe I am reasonably safe using a Mint box behind a DD-WRT router.”
Not bad, so long as you don’t do the financial or other sensitive stuff on wireless, unless you’re adept at wireless security, too. And it depends on yer browser; for that stuff I’d wanna use Tor, or pop in a Tails stick for those transactions, keep the data on the persistence volume and transfer it to encrypted folders somewhere. But you’re probably OK.
“… think about getting a teenage girlfriend.”
I can’t even imagine how bad that would actually be. Nightmarish. Yet you see old fart guys swanning around with nymphettes sometimes and they’re not daughters. I hope the chicks clean them out, but good.
By wireless, I assume you mean Wi-Fi. All computers are on Ethernet, but I do have Wi-Fi for the Android phones, and I realize this is a vulnernability. I used to have the Wi-Fi on a different segment, but the inconvenience was not worth the small gain in security. Besides, my biggest problem with my Wi-Fi is the weak signal. I can barely cover the house and some of the yard. If I ever fix that, I will for sure consider a second router for that segment.
Not considering ending it all, just taking the rest of the evening off! Teenage? We are both in our sixties, unless you count the cat’s age. I am only wired for 110, and 220, so teens would def be incompat :/!
“… my biggest problem with my Wi-Fi is the weak signal. I can barely cover the house and some of the yard.”
Ditto here. We are told that many lakeshore residents have the same problem, further exacerbated in our case, so the former postmistress told me, by a large pile of scrap metal at the local highway department yard, about 200 yards from our front door. They’re right on the shore, and the move is on to get them outta there and further inland; it will be interesting to then find out what happens to that very prime lakefront real estate.
We were using the WAP at the town hall across the street for a while, and it wasn’t bad, until lately, when it hardly works at all. So it’s been the iPhones running as tethered hot spots, at least until Thursday, when we hope to have our wired setup back via Comcast. Haven’t broken the nooz to Fairpoint yet; sorta waiting to see if they postpone their activation again on Saturday, at which time I will bid them a fond adieu; they were pretty much OK for us for a number of years at both residences. But between the strike and five weeks with no net, buh-bye.
For beaucoups boffo laffs, I kid U not:
http://thepeoplescube.com/
But it is not an efficient use of time to write assembler nowadays, nor is it easy to debug.
I thought I was the only person who thought Gibson was crazy. Assembler definitely has its place but when you have to sit down and think for ten minutes about “did I push four bytes or eight bytes”, that is just crazy.
God invented C and then high upon the mountaintop, C++ was given to us as the pinnacle of programming.
Of course, real programmers can write Fortran in any language.
“Sinbad – A woman who understands the signs of stroke ”
https://www.youtube.com/watch?v=vJCZVcCQR3E
Why an older guy does not want a young girlfriend.
“Quit making faces at me!”.
I believe I am reasonably safe using a Mint box behind a DD-WRT router
I would not worry about it much, if any. Give yourself a secure password for your WIFI and be happy. Skip all the other crap as you are not a high value target. There is not much they can do with your banking credentials. Sure they could transfer funds but that is an electronic transaction protected by REG E and the money can be gotten back from the recipient financial institution.
They may find out how much you have and your paycheck amounts. So what?
They will not get your SSN as banks don’t put that on any of their pages unless the bank is really really stupid and then you should change banks.
All financial institutions use SSL so the data is encrypted when it hits the WIFI signal. Yes, the information can be decrypted given enough resources. But your financial information is just not worth the effort for no real gain.
A bigger risk is from using checks. I could send you a check for $1.00. Within a week I would have your checking account drained using real checks. Getting that money back is much more difficult and in many cases require you to file a criminal complaint against a John Doe as you would not have the real person’s information. You may know it was me but you could not prove it.
Use strong passwords on WIFI, strong passwords at your bank, and don’t worry. You are not a good target at that point.
Thanks, Ray. That is the kind of practical info I was looking for. I already knew some of it, but did not know about the check scheme. I use only a few checks per year, and then only to trusted recipients. My wife uses lots of checks, but that is a different account. We try to partition our risk.
We don’t use debit cards, and wouldn’t unless they were to gain the same strong protection as credit cards. We have had some credit card fraud over the years, but were impressed by how well that was handled, with no loss of funds, and minimum inconvenience.
My biggest worry is ID theft, but that is a different subject. Guarding SSNs has become almost impossible.
Mr. Ray is correct; the propeller-head here got a little carried away with the IT security end of things; my view is that you may have more to worry about from our own government being intrusive and seizing accounts than the criminal element, and it was to that end I brought up the potentially evasive methodologies.
A good password goes a long way for most folks.
but did not know about the check scheme
The check scheme is relatively easy. I send you a check, you deposit the check, I see the check image in my account history. I now have your account number and the R/T for the bank. With that information I can now print checks with your account number, payable to anyone I like, with any signature. Signatures are never checked unless there is fraud. And there is a good chance I have your signature on my check that you deposited when you endorsed the check.
There is a simple guard against such happening which makes the criminals job much more difficult. Never, never ever write your account number on the back of the check when you deposit a check. Simply write “For Deposit Only”. Don’t even sign the check. There is no legal requirement to sign a check when it is deposited into your account. In such a situation the payee and the name on the account have to match. Once you write that on a check draw a horizontal line below the “For Deposit Only” and a diagonal line from that line to the bottom of the endorsement area.
Hopefully your bank, if they are smart, will not write nor endorse your account number on the check. I know that my CU uses an account number that is tied to my checking account but will not allow any checks to be drawn on the account using that account number.
Most banks will also protect your debit card and return unauthorized fund withdrawals. Especially if the debit card is branded with VISA or Mastercard. If the card is branded in that way use the card as a credit card, not a debit card. There are ways to do that on all card terminals. You will be required to sign on the terminal When used as a credit card the debit card will still draw from your checking account but be afforded the same protection as any credit card.
Currently any fraud is restored by the bank and the merchant. That will change with the chip and pin cards that are being issued. Fraudulent use now falls upon the card holder if the pin is used at such a terminal. The thinking is that whomever used the card had the card and the pin. You did not safeguard your pin and therefor you are responsible for any charges. Any charges that do not require a pin will still be slapped back on the bank and the merchant.
Ray: yes, I don’t write my account number on checks to be deposited, and I use the “For deposit only” phrase. Will check on the CU’s additional info on the processed checks’ images. One exception is that I do sign the endorsement area. Our CU doesn’t require this, but apparently some clearing houses do. In particular, we get some checks that explicitly require both of our signatures, and I don’t want them to be rejected. Your thoughts? I am a little out of date on modern clearing procedures, but have heard stories of such two signature checks having been rejected in the past.
OFD: thanks still… I do plan to read that Security in a Box site more. I glanced at several chapters, and there is good info there, although a bit paranoid. I repeat that I often re-read basic stuff, just to try to learn more. Maybe I am stuck at too basic a level, but will fix that going on. I did take a local Linux class, and learned a lot about admin, and even some about security, but the participants and teacher lacked desktop distro experience. Most of them are programmers. Although this is OK, they were somewhat oblivious to a whole raft of desktop related stuff that would have been useful. In particular, I need to work on CLI skills, starting with automating backups.
One exception is that I do sign the endorsement area. Our CU doesn’t require this, but apparently some clearing houses do. In particular, we get some checks that explicitly require both of our signatures, and I don’t want them to be rejected.
If both of your names are on the account into which the check is deposited no endorsement is required. Clearing houses have to follow the same rules as the rest of the banks. “For Deposit Only” is good enough. Only exception that I know of is IRS tax refund checks.
For some reason the government thinks they are special. Checks have to be endorsed even though the federal banking laws do not stipulate as such. Power of Attorney is no good for the IRS or the Social Security Office. IRS POA is not good for SS. SS POA is not good for the IRS. The rules us normal serfs have to follow are not good enough for the overloads in the government offices.
Besides, with the check truncation that occurs today no one looks at the checks anymore. They are deposited into the account, the image digitized, and the information sent on to the clearing house. The clearing, a Federal Reserve Bank, just routes the images and the transaction information. No one looks at any of the information. That information on the check is only used if someone reports a fraudulent check.
“I glanced at several chapters, and there is good info there, although a bit paranoid.”
They, like me, are more concerned about governments than criminal enterprises. And with good historical reason. Their political slant is more to the left of mine but that’s OK; we don’t throw babies out with bathwater anymore.
“In particular, I need to work on CLI skills, starting with automating backups.”
Highly recommended:
“The Linux Command Line: A Complete Introduction”… (Paperback) by William E. Shotts Jr.
Backups:
http://www.techrepublic.com/blog/10-things/10-outstanding-linux-backup-utilities/
I’ve only used rsync but will look at the others myself, as the network here gets a little bigger.
C and C++ are unspeakably ugly to read. Once you know Fortran and Pascal all other languages are redundant.
Thanks, Ray and OFD. Fat chance I will ever get a tax refund, but good to know.
I think Lucky Backup is still in Mint. I played with it a while ago in another distro, and it was a nice GUI frontend to rsync. It generated and showed the syntactically correct command stream it created. It was even possible to edit those commands. I thought it was a small touch of Linux brilliance.
Thanks to all here for the good recommendations.
Good security podcasts,
Liquid Matrix Security Digest
.mg
C and C++ are unspeakably ugly to read. Once you know Fortran and Pascal all other languages are redundant.
Depends on the programmer. Here is one of my methods:
int FormsMain::isReverseCalculationSequence ()
{
int isReverse = aGenGroup -> isReverseCalculationSequence ();
return isReverse;
}
Note that the variables are fully spelled out and that intermediate variables are used (makes for easier debugging).
The problem with Fortran and Pascal today is that there is not a good compiler / IDE manufacturer standing behind them. The languages have not stood the test of time. If Microsoft still supported both in Visual Studio then I would agree with you. Unfortunately, MS abandoned both decades ago.
We still have 800,000 lines of F77 code and it is killing us. We are getting ready to move it all to C++. Pray for us.
The problem with Fortran and Pascal today is that there is not a good compiler
One of the best for Pascal was Borland’s Delphi. Unfortunately, the product got bought and pretty much whacked out the price. I used it for several applications and it made making Windows applications with controls and such not too difficult.
Embarcadaro bought the product and shot the price through the roof. What once used to cost $100.00 is now $4200.00. You can get a starter edition for about $200.00 which is still way over priced with the limits the company places on the use of the product.
Don’t know about Fortran.
We used to run Macola account software. It is written in Micro Focus Cobol, and badly at that. More than once we would encounter “unexpected stop run encountered” and that was it. No line number, no error code, no module name, nothing. Calling for support was a nightmare as they would want to know where it bombed. We could not tell Macola where it crashed as even their software did not know. In most cases the problem was data related indicating that their software did a very poor job in validating the data. Perhaps they had code in their program of the sort:
IF WIDGET-COST * 0.10 GREATER THAN 500.00
STOP RUN.
More than likely their database returned a value from the DB that was not numeric, contained spaces when it shouldn’t, who knows. Code that cannot at least provide some sort of unique error code is really crappy.
“We still have 800,000 lines of F77 code and it is killing us. We are getting ready to move it all to C++. Pray for us.”
Why? Can’t you get a decent Fortran programmer/s?
Ray, serves you right for using Cobol: the programming language of hell.
Miles_Teg, haven’t you been reading Lynn’s comments over the years? He’s self-described as a tyrant. He probably can’t keep any good people.
Or… he says the job requirements include both a PhD in chemistry (or chemical engineering, or petro engineering or something) and a degree in CS. When you combine that with being willing to move to the Houston area (and put up with the tyrant) the talent pool probably shrinks to about 0.
Honestly, the work Lynn’s company does sounds interesting. Technically I’d be interested in the challenge, but I don’t have the chem knowledge. (And am not particularly interested in moving down there, nor put up with the tyrant.)
I know he demands a PhD in chemical engineering (which I don’t have), didn’t know he wanted a CS degree as well (which I have.)
Houston? They talk funny there, but the houses there are half or less the price for something similar in Australia. And I know very little about C/C++.
Ray, serves you right for using Cobol: the programming language of hell.
I didn’t use it, it was the language of the application that we used. We needed the application and had no control over the language that was used.
I cut my teeth in the USAF on IBM 1401 Assembler, then moved on to Burroughs COBOL, Assembler, BPL and Algol (and it’s derivatives). I actually liked COBOL for it’s intended purpose and that was batch processing for general business. It worked, and worked well. Having worked in Assembler and COBOL, COBOL was much easier to train people, easier to debug for these people and was certainly less prone to obscure and difficult to find problems. This was well before relational DB’s, objects and WEB applications. They can still be done with COBOL but there are better choices.
Yes, COBOL was verbose. Yes, the code was sometimes not well optimized. With online terminals and the elimination of Hollerith cards, every faster machines with much more memory those problems were trivial. I do know that on the Burroughs machines much of the generated code was actually quite good. Makes sense since the Medium System architecture was designed with COBOL in mind. That made for a very well performing combination.
When I was coding COBOL I rarely, as in extremely rarely used that much maligned (and deservedly so) GO TO statement. That was the cause of more problems than anything other statement. Resulted in sloppy code that caused stack overflows and other nasty logic flaws. Add in the ability to modify the destinations on the fly and you had a real mess. You could also PERFORM through multiple paragraphs, yikes! May have been needed at some point but should have been a compiler option that flagged any such use as a syntax error.
COBOL’s biggest downfall was the standards committees that took forever to decide something. Between the arguing, personal objectives, vendor disputes, etc. the language changes just moved to slow to keep up with the ever faster changing computing environment. Committees killed COBOL.
Oh sure, Cobol was better than assembler for some applications, but Fortran, Pascal and PL/1 were better still.
When I started work as a programmer in 1980 I almost immediately got involved in a train wreck: a system called “Population Projections” was written in Cobol using a primitive database system called LISA on a CDC 3500 with not much memory. It was designed to run overnight (sharing the machine, not dedicated) with a whole bunch of options. In the end it had to be run over the weekend in a dedicated machine with a severely cut down set of options. The project manager admitted he should have pulled the plug and developed it on our new Fujitsu M200 running a MVS clone. (Writing it for the 3500 in Fortran would have worked too, IMHO.)
I started learning Cobol in December 1978 and have *never* stopped hating it. It should never have been used in what was basically a numerical intensive application. And the lack of the structured programming environment of Pascal hurt it too.
@Lynn: 800,000 lines reimplemented in a new language, what an untertaking! Just a couple of random thoughts:
From what I know of your application, most of this code probably does calculations, and doesn’t interact with the user. Do you have good, documented test cases that can be used to compare old code and new? Is the code decently modularized, so that you can write/test/replace one bit at a time?
If the answer to all of those questions is yes, or could be made to be yes, then I can suggest two alternatives:
First, you could farm the code out to code monkeys. It’s not important to understand what’s going on, if the only requirement is the that new C++ function produce results identical to the old Fortran function. Just lay down basic style guidelines, divvy up the modules, and go for it. Your only in-house job would be verifying the testing and integrating the new modules one-by-one into your system. That’s a big enough job in itself, but it’s one you would have in any case.
Second alternative: For 800,000 lines of code, I could imagine a university would be interested in creating a Fortran-C++ translator tool, as a sort of practical CS research project. It wouldn’t be perfect, but the code could then be tested/polished using student labor. I know that my school would be interested in this sort of project – I imagine you have local colleges that would be as well.
This ought to come cheaper than hiring your own programmers for the task (800,000 lines = $millions). This assumes, of course, that you have a real budget for this – even a university project of this size won’t be exactly inexpensive.
It should never have been used in what was basically a numerical intensive application
Indeed. COBOL worked for business applications that typically just moved a lot of data around, generated some reports and did a few calculations. Banking applications are one such animal. Lots of data has to be moved, simple calculations accomplished and a lot of reports with aggregated data.
It also helped in my environment that what we were running the COBOL program on was a machine designed with COBOL in mind. The machine was a truly decimal machine as presented to the user. All address were in decimal. All numbers were in decimal. The machine could multiply two 100 digit numbers and get a 200 digit result accurate to the last digit using one instruction. Conversely, you could divide a 100 digit number by a 50 digit number and get 50 digits of precision in one instruction. Full decimal digits. Floating point, while available, was just not necessary for interest calculations. For a bank to do interest calculations to 20 digits of precision was trivial. Not so on IBM machines with word limits.
A language is a language. Choosing the best language for the job is what is important. For the banking environment COBOL worked very well. The language had is flaws, as do all languages, especially when used in the wrong environment. I would shudder to write a banking application in FORTRAN.
This ought to come cheaper than hiring your own programmers for the task (800,000 lines = $millions). This assumes, of course, that you have a real budget for this – even a university project of this size won’t be exactly inexpensive.
I have a tool for converting F77 to C, FOR_C:
http://www.cobalt-blue.com/fc/fcmain.htm
It has a bug converting with our code since we use the Vax data structures extension. When we get serious, I am going to have to pay Clive to fix the bug.
The reason that I want to move to C++ is to get the Visual Studio environment with the new automatic paralleling compilers. Intel’s Fortran kinda runs inside Visual Studio but it have some fairly major issues with large software like ours. IMHO, the best thing to do for the long run for us is to convert to a mainstream language.
I do have experience with conversion of software from one language to another. We converted our user interface from Smalltalk to C++ using a tool that I wrote. Took me and three interns about 18 months for 300,000 lines of Smalltalk to end up with 400,000 lines of C++.
The most serious problem that I am worried about is that Fortran arrays are one based and C arrays are zero based. That is a big hill to climb and will be the source of many bugs.
When I started work as a programmer in 1980 I almost immediately got involved in a train wreck
All software programs of any size are train wrecks.
http://www.joelonsoftware.com/articles/fog0000000069.html
Do you have good, documented test cases that can be used to compare old code and new?
Yes. Thousands of them, mostly from customers. We fully benchmark each release with a subset of about 1,000 of these test cases.
Is the code decently modularized, so that you can write/test/replace one bit at a time?
Nope. It is typical spaghetti fortran. Most of the core code was written in the early 1960s and has been patched, band-aided and shoehorned into place over and over again.