The Command Line #66 – Listener Comment Line 360-252-7284

Hey, don’t forget to check the website, thecommandline.net for more stories and info.

I received some new feedback from Tor in Norway about my commentary on David Brin’s essay on the need for line programming languages as part of learning to hack. Also, I noticed a glitch in the comment system on the web site so only recently moderated two comments from Brian in response to episodes 53 and 55. Sorry about that, Brian.

There was one big, honking security alert this week, the so-called zero day exploit in Microsoft’s Internet Explorer. Please, people, if you don’t have to use this browser, just don’t. An exploit for the vulnerable was found rather quickly in the wild. If you must use MSIE, do what you can to protect yourself.

The hacker word of the week this week is camelCase.

In this week’s news, a book review on yet another tool to build high integrity software, ten supposed science based frauds, chromatic has some interesting commentary on the necessity of reading code as a skill, and if you are a listener in Canada then follow this link for suggestions to fight the bill C-60, the Canadian version of the DMCA.

This week I follow up on Diebold: furniture keys can unlock the cabinet, Ed Felten refutes Diebold’s response to last weeks research, and Diebold shows their supreme naivete. Also, the Swedish Pirate Party suffers a lose but marches on, a very suspect poll among Americans on network neutrality, and Apple patches a security fix which is not verifibly the same one that Maynor and Ellch demonstrated.

This week’s Inner Chapter is on Passion and Will.

Download the show in plain mp3 or enhanced formats.

2 Replies to “The Command Line #66 – Listener Comment Line 360-252-7284”

  1. I understand there is a problem with the security and it seems funny that all the minibars sach as the http://www.frost-minibar.it have the same key. But look at the problem form the producer point of view. If we at http://www.frost-minibar.it were to make an individual key for every minibar, and you know how clients in a hotel are always losing the keys, can you imagine the difficulty, for the hotel managment and for the producer to keep track of all the keys, al the codes etc.
    Regards

  2. I’m not entirely sure if this comment is legitimate, regardless, it misses the point.

    The issue isn’t about the security of mini-bars and office furniture. Quite the contrary. What is appropriate for those products, in terms of the security-convenience trade off is not at all appropriate for a system with much more sensitive security requirements, i.e. the cabinet of an electronic voting system.

    Sure, you do not want to inconvenience a hotel guest, so make it easy to keep a supply of replacement keys. The worst case is some shrinkage from those mini-bars, which probably happens anyway. But that same ease of acquisition puts national and regional elections into an unnacceptable risk category.

    And Diebold’s response is essentially of the character is, “The requirements stipulated a lock but they didn’t say it had to be a secure lock. We met the requirements.” Totally out of sync with the security aspects of reality here and the severity of the consequences.

Leave a Reply

Your email address will not be published. Required fields are marked *