February 2014 – Page 2 – Observations Along the Road

Credit Cards, the Internet, and Security

Posted onSunday, February 16, 2014Authorcahwyguy

userpic=cardboard-safe The LA Times has an interesting article today on the payment card problem: it points out that the movement to EMV (chip and PIN) is painfully slow, that credit/debt card breaches are increasing, and that its going to get worse before it gets better. I’ve also been looking into the issue, finding the investigatory work of Brian Krebs regarding the Target incident fascinating. So what advice would I give based on all of this?

Don’t Use Debit Cards. Debit cards are basically electronic checks. You have no protection in terms of fraudulent charges, although you might be able to get money back after the fact. I would tend to believe that Debit Cards are slightly riskier than checks, simply because the information on checks is not stored in databases as much as debit cards are.
Monitor Your Credit Cards. Don’t wait for your monthly statement; check your credit card transactions every few days. This is easy to do if you use Quicken (or a similar service) and download transactions; you can also check with your card issuer on the web. As soon as you spot a fraudulent transaction, report it via phone to the credit card company and follow that up with a written report. Credit cards are better because you typically have this grace period to report transaction fraud without being liable, and often the cost of that fraud is born by the banks or the merchants.
Don’t Fear the Internet. If you look at a lot of the breaches, the problem has not been the connection between your computer and the merchant — just make sure you have an encrypted connection and are talking to the merchant’s web site. The massive problems have been attacks on the merchant’s databases themselves — and these database often contain both web and physical transaction information. Work needs to be done to encourage merchants to improve their overall security stance — the PCI standards are just a start and focus on the transactions; the merchants needs to adopt appropriate risk management frameworks and security controls (see NIST SP 800-37 Rev 1, SP 800-53 Rev 4, SP 800-30, SP 800-39 Rev 1) to secure how they are storing their information.
Check Where and How You Swipe Your Card. One of the easiest ways that adversaries gain information with our insecure mag-stripe cards is with credit card skimmers. When you are swiping your card (especially at ATMs), always look for skimmers over the reader and potential cameras to capture PINs.

You can never bring your personal risk of credit card fraud to zero (well, unless you only pay cash, and then you have a different set of risks). You can, however, transfer the risk to an acceptable level by using credit cards over debit cards, and further mitigate it down by being prudent where and when you use your card.

A Hearty Stew, With Lots of Nuggets of Interest

Posted onSaturday, February 15, 2014Authorcahwyguy

Observation Stew Whereas last week’s stew was thin and barely filling, this week’s is quite hearty. Although I had trouble finding groups of three articles to link with a theme, I had bunches of groupatwos with interesting subjects. So in this week’s stew you’ll find mini-themes on milk, money, connections, bones, security, plus some other random stuff for flavoring. Shall we begin?

Milking It. This is a groupatwo having to deal with milk and diet. (1) The first deals with the diet aspects — much as we think we know the foods that make us fat and the foods that don’t, we keep learning things that turn that understanding on its ear. For the longest time we thought it was simply calories, and low-cal food was in. We saw that didn’t necessarily solve the problem. Next we looked at low-fat and low-carb, and getting rid of animal fat. Here’s a survey that confounds that: it appears that full-fat dairy products help you lose weight better than low-fat dairy products. (2) The second item deals with milk itself — particularly breast milk. It appears that the chemical composition of breast milk differs based on whether the child is a boy or a girl. This actually dovetails with a segment that was on a recent Quirks and Quarks that cows produce more milk for daughters than for sons. This emphasizes the notion that breast is best — and more importantly, your mom’s breast is best for you. Producing a one-size fits all formula just doesn’t work.
Where The Money Is. This is a groupatwo that looks at where the money is. (1) The first item looks at Las Vegas casinos and where they make their money on table games. What’s interesting here is that they make a lot of money on table games — more than would be expected by just looking at the odds on the games. That’s because the odds are calculated on people playing the games in a perfect manner, and people rarely do. Translation: Not only does the house have an advantage, but unless you’re perfect, they have a greater advantage than you think. (2) The second item looks at the changing market for collectable American cars from the 50s and 60s. It appears that such cars are going down in value — boomers are less interested and millenials couldn’t care less. The translation here is not to depend on things you collect for your retirement nest egg (ask anyone who collected Beanie Babies). I’ve seen this with stamp collecting — once a popular hobby, you now don’t see it anywhere, and most collections aren’t worth all that much (I know mine isn’t, and there’s not much interest in my dad’s first day covers).
Everything is Connected. This is a groupatwo dealing with connections. (1) The first item looks at the weird weather this year, and showing that it is all connected to the ridge of high pressure off the California coast, which has started changes in the jet stream that has created snow in the south, rain in Britain, and warmth in Sochi. (2) The second looks at the impact of all the chemicals we use, and how many we thought were safe may be leading to the growth in autism. Yup, it’s not vaccines at all; it is plastics and pesticides. Humans often get risk identification wrong, as this shows. So perhaps GMOs are safe?
Great Bones. This last groupatwo looks at the underpinnings of some things here in LA. (1) The first item looks at a massive concrete pour here in Los Angeles — a continuous 20 hour pour with more than 2,000 truckloads of concrete, each of which must be delivered freshly made. This is all to build the foundation of the new Wilshire Grand, which will end up as the tallest building W of the Mississippi. Fascinating pour, especially when you look at the cooling issues. (2) The second item is a look at the Burbank Studios, and their history as the NBC Color City complex. I’ve actually been to the studios — I was there to see a taping of Flip Wilson, as well as the 2nd incarnation of Laugh-In. I’ve also been to CBS to see Cher filming. In any case, I love history like this.
Security. I’ve grown more and more impressed with the work Brian Krebs does — and he’s the source for the last groupatwo. In the first article, Brian continues his in-depth study of the Target Breach — this time looking at how email was involved. What’s interesting here is how the metadata on innocuous files provided information that was later used on the attack. The second article is a bit more intriguing — it explores how some denial of service attacks are created by exploiting a flaw in the Network Time Protocol.
Looking for Love. And a last singlet for flavoring. For Valentines Day, LA Metro introduced speed dating on the Red Line. So how did it go? Pretty good, according to the LA Times. I wonder what this says about our city?

Thoughts on a Theatre Season – Ahmanson 2014-2015

Posted onThursday, February 13, 2014Sunday, February 16, 2014Authorcahwyguy

userpic=ahmanson The Ahmanson Theatre has announced their 2014-2015 season, and except for one bright spot and one maybe, it’s a big “meh”:

A Trip To Bountiful (starring Cicely Tyson). Sept 17, 2014 – Nov 2, 2014. This one is a maybe, if only to see Cycely Tyson on stage.
Heartbeat of Home. Dec. 9, 2014 – Jan. 18, 2015. A dance extravaganza by the producers and director of “Riverdance,” featuring tributes to dance from various nations. A big “meh”.
Dame Edna and Barry Humphries: The Final Farewell Tour. Jan. 24, 2015 – March 15, 2015. Dame Edna and another farewell tour. Again, meh.
Rodgers & Hammerstein’s Cinderella. March 17, 2015 – April 26, 2015. I just can’t get too excited over this — I know the music; I’ve seen it on TV (for which it was originally staged). I’d rather see “State Fair“.
Matilda: The Musical. May 29 through July 12, 2015. This one is the big “yes”.

What is it with musicals this year. The Pantages is mostly “meh”, the Ahmanson is “meh”, and Cabrillo doesn’t have anything I’ve already seen. C’mon folks. Let’s see some exciting stuff that hasn’t been in LA in a while. Hell, I”d settle for a good production of “Hello Dolly” or “Sweet Charity”. That reminds me… I wonder what Doma is doing? [Answer: Nothing of interest, as least according to their webpage]

Looking Beneath the Skin

Posted onThursday, February 13, 2014Authorcahwyguy

userpic=masks Finally, a chance to come up for breath… and lunch. Here are some news chum articles collected over the week, all looking beneath of skin of something we see everyday. h/t to FiddlingFrog and AndrewDucker on LJ for some of these.

Under the Skin of… VPAC. The Daily Sundial had a nice article talking about growing reputation of the CSUN’s Valley Performing Arts Center, which is now ranked #3 in the Top 25 Campus Theatres. The Sundial article was neat because it talked about why VPAC has the reputation: Its walls are internally tunable for each type of performance to give the best sound quality possible. This can’t be done at the Disney Hall or Staples Center.
Under the Skin of… Chocolate Chip Cookies. Here’s an interesting article that explores the science of chocolate chip cookies, and what each ingredient brings to the overall perfection. As always, baking isn’t as easy as it looks (of course, if you want to see fun pictures of baking, look at Stephanie Pressman’s new baking blog, “Stephanie Learns to Bake”).
Under the Skin of… ATM Machines. You’ve all heard the warnings about Windows XP going away in April. Here’s something you might not know: A large percentage of ATMs run Windows XP. Should you be scared? Probably not from that, as the linked article explains.
Under the Skin of… New York Subways. Here’s an interesting article about how an urban explorer gained access to one of the oldest subway tunnels in New York… and lost it.

Nuts.

Posted onMonday, February 10, 2014Monday, February 10, 2014Authorcahwyguy3 Comments

userpic=compusaur Today’s EaterLA brings news of the closure of the last Good Earth restaurant in California. This brings to mind a story…

When I was in college at UCLA in the late 1970s/early 1980s, I used to hang around the UCLA Computer Club (3514 Boelter Hall — we would receive mail addressed to “the messiest room on the 3rd floor, Boelter Hall”). Club members would regularly walk down to Westwood to get dinner — this was when Westwood was a much more vibrant college town than it is today (alas).

At this time, there were two general interest bookstores in Westwood: the Pickwick Bookstore near Westwood and LeConte, and College Books (or was it University Books) near Westwood and Weyburn. College Books originally had a basement from which they sold textbooks, but by the early 1980s they had lease out that space to the Good Earth. The Good Earth was one of the restaurants regularly frequented by clubbies (there was also a Thai place behind Ships, but that’s a different story). The Good Earth seemingly had nuts of some variety in every dish one could order.

One day we went to the Good Earth for dinner. As I recall, someone ordered their meal with no nuts. After this, everyone started requesting no nuts, eventually resulting in our singing “nuts, nuts, nuts, nuts” in the manner of the Monty Python spam routine.

I guess you had to be there.

When They Say Forever…

Posted onSunday, February 9, 2014Sunday, February 9, 2014Authorcahwyguy

Cabrillo Userpic There are just some shows that theatres just love to do. These shows don’t require fancy sets; they have small casts; and they please the audience. We saw one such show two weeks ago, “I Love You, You’re Perfect, Now Change” at Repertory East Playhouse (FB) (which is sold out for the remainder of the run). We saw another such show last night at Cabrillo Music Theatre (FB): “Forever Plaid“. The funny thing about this is that we saw the same two shows back in 2006, in the same order, at the same two theatres. Remember what I said about theatres loving these shows? [I’ll note we first saw “Forever Plaid” back in 1991 at the Pasadena Playhouse.]

“Forever Plaid” (written by Stuart Ross) isn’t a bad show — in fact, it is very much like it’s subject: harmonious, humorous, and completely inoffensive. “Forever Plaid” tells the story of the 4-man harmony group Forever Plaid, who was broadsided on the way to their first big gig by a bus full of parochial school girls who were on their way to see the Beatles on Ed Sullivan (exactly 50 years ago today). The musical “Forever Plaid” is the show that the Plaids were never able to put on in real life. As such, it is a collection of classic harmony songs from the 1950s and early 1960s, interspersed with some very humorous numbers and humorous patter.

I will note that I do have some favorite numbers in this show, which were all executed very well. These include the entire Ed Sullivan Show (in 3 minutes and some-odd seconds), which is very funny; “Perfidia”; the whole Heart and Soul audience interaction bit; the “Crazy ‘Bout Ya Baby” bit with the plungers; and the “Sixteen Tons”/”Chain Gang” number. To me, these are the best parts of the show.

During this show, I was watching the audience as well as the show (this is the third production of FB that I’ve seen). You could see this show was bringing back good memories: there were people singing along, people tapping their toes, people rocking in time to the harmonies. This show was hitting a good nerve, and people were leaving the theatre happy. This is a good thing.

Alas, while the show had few faults, the audience was a different story. There was a fellow in the Founders Circle who was seemingly texting for 80% of the show. There were the two young ladies sitting in front of me who used their cell phone to record “Perfidia”. There was another young couple who lit up their tablet at one point. My opinion: If you cannot exercise the self-restraint to turn off your cell-phone for 90 minutes and keep it in your pocket, you don’t belong in the theatre. You don’t belong in the movies either — you need to be reeducated in etiquette and how to behave in public places. Sorry, I’ll get off my soapbox now. Back to Forever Plaid. After all, they didn’t have cellphones in the early 1960s — and the audience better behave as if they were in that time!

Larry Raben, a former Plaid himself (indeed, we saw him as Sparky in the 1991 production), did a nice job directing this group of young men. The four Plaids themselves were, again, just like the musical itself: harmonious, humorous, and completely inoffensive. Their harmonies were tight and spot on; their humor worked well, and they had the uniform appearance that a group like this should have. About the only problem was individual: some of them were slightly off in their solo parts. The four Plaids were: Roger Befeler (Francis), Scott Dreier (Smudge), Jeffrey Scott Parsons (Sparky), and Kurtis Simmons (Jinx), and they were supported onstage by Alby Potts (Piano/Musical Director), and John Smith (Bass).

Technically, this is a simple show: four microphones, a piano, a bass, some projections, and loads of props. As such, there are no credits for set design or even the main prop design, although Alex Choate designed additional props. Jonathan Burke (FB), the resident sound designer at Cabrillo, did the sound for this show and it worked well. Jean-Yves Tessier did the lighting design, and it was problematic, for while the principal singer was always lit, often the other Plaids were in shadows or darkness. Gary Mintz was the technical director — and I’m guessing the man responsible for the projections — and he did a very nice job with those. However, his fog machine seemingly was creating problems for the people in the front row of the orchestra. There were no credits for the costumer or makeup artists — all were reasonably plaid, although one of the Plaids had this lock of hair that kept falling into his face. Additional technical credits: James Raitt (Musical Continuity and Arrangements); Kevin Traxler (Producer); Christine Steele (Company Manager); Phil Gold (Production Stage Manager); Kirsten D’Agostaro Shook (Assistant Stage Manager).

The last performance of “Forever Plaid” is today at 2pm at Cabrillo Music Theatre (FB). If you haven’t seen it before, it is a fun show to see. At this point, I’d suggest just going to the box-office at the Thousand Oaks Civic Arts Plaza to get tickets. Cabrillo has announced their 2014-2015 season; I wrote about it in this post and won’t repeat it. Oh heck, I will: it is “Memphis“, “Mary Poppins“, “Oklahoma“, and “Company” as a bonus show. Still haven’t decided if I’m going to resubscribe.

[Ob. Disclaimer: I am not a trained theatre critic; I am, however, a regular theatre audience. I’ve been attending live theatre in Los Angeles since 1972; I’ve been writing up my thoughts on theatre (and the shows I see) since 2004. I do not have theatre training (I’m a computer security specialist), but have learned a lot about theatre over my many years of attending theatre and talking to talented professionals. I pay for all my tickets unless otherwise noted. I believe in telling you about the shows I see to help you form your opinion; it is up to you to determine the weight you give my writeups.]

Upcoming Theatre and Concerts: Next weekend (February 16) brings Lysistrata Jones at The Chance Theatre (FB) in Anaheim. The next weekend, February 22 I’m doing a site visit to Portland OR for ACSAC, so if I see any theatre, it will be up there. The last day of February sees us in Studio City at Two Roads Theatre for Tom Stoppard’s “The Real Thing“, followed the next evening by the MRJ Regional Man of the Year dinner at Temple Beth Hillel. March theatre starts with “Sex and Education” at The Colony Theatre (FB) on March 8. (this might be good for March 16); The weekend of March 16 brings Purim Schpiels, with Sunday afternoon bringing “Inherit the Wind” at the Grove Theatre Center (FB) in Burbank. March 22 is being held for “Harmony” at The Ahmanson Theatre (FB). March concludes with “Biloxi Blues” at REP East (FB) on March 29. April will start with “In The Heights” at Cabrillo Music Theatre (FB) on April 5, and should also bring “Tallest Tree” at the Mark Taper Forum, as well as the Southern California Renaissance Faire. April may also bring “My Name is Asher Lev” at the Fountain Theatre (FB) (as this runs through April 19). As always, I’m keeping my eyes open for interesting productions mentioned on sites such as Bitter-Lemons, and Musicals in LA, as well as productions I see on Goldstar, LA Stage Tix, Plays411.

Busy Week == Thin Stew

Posted onSaturday, February 8, 2014Saturday, February 8, 2014Authorcahwyguy

Observation Stew This has been a busy busy week, what with the National Space Infosec ~~Conference~~ ~~Symposium~~ Workshop, completion of first downselect for ACSAC Site Selection for 2015/2016, and my normal work. Combine this with a relatively light week with of news of interest. This hasn’t allowed much time to find articles for the stew this week. Still, I’ve got a few articles for you:

Pete Seeger. Pete died a little over a week ago. One of the best obituaries I’ve seen for the man comes from Michael Jonathan, host of the Woodsongs Old Time Radio Hour. Here’s his blog post in memory of Pete.
Jay Leno. This was the last week of the Jay Leno tonight show. My facebook feeds have been fully of the cynics who think he stole the show back from Conan, and that he’ll do it again with Fallon. I tend to disagree — there are significant differences between the Conan situation (Jay wasn’t ready to go, plus he still had his staff together and his show going on in Burbank) to the Fallon situation (Jay’s staff have gotten their pink slips, his is the last NBC show left in the Burbank complex, and Fallon is in New York with Lorne Michaels at the helm, and Jay doesn’t still have a show). I’ve particularly enjoyed Mark Evanier’s take on the subject, such as this, this, or this.
Stamp Art. An interesting article on a woman who turns postage stamps into art. I have strong memories of a table we used to have that was made from postage stamps and envelopes. Even though stamp collecting seems to have gone out of vogue, stamps are still wonderful works of art.
The Target Hack. Brian Krebs has done a remarkable job — especially when you realize he’s doing it solo — on uncovering and investigating the Target hack. Here’s his latest take on it. What’s most interesting about this is that the vulnerability came from a different type of insider attack — maintenance personnel — who (thanks to cyber-physical system interconnects) were able to have greater access than they should have (cough — least privilege — cough). How many other systems are vulnerable to the same attack? Then again, we have to remember that a brute force attack can be equally effective.

P.S.: No, I’m not going to say anything on the Woody Allen situation. I’ve never been a big fan of Allen’s style of humor, although some of his movies have been good. Much of this is “he said/she said” dragged through the mud-flats of the media, and the only people that know the truth are the particulars involved — and after this many years, that truth may well have been colored by how the brain remembers things (on both sides). There is no good answer to this one.

What Old Technology Do You Still Use? What Will You Use?

Posted onMonday, February 3, 2014Authorcahwyguy

userpic=record While riding the van into work this morning, my mind was pondering the following question: What technology do you use today that you used, in the same form, 30 years ago (i.e., 1984)? How about 40 years ago (1974)? 50 years ago (1964)? Similar to that, 30 years from now, what technology from today will you still be using. Let’s exclude pens, pencils, and the like. I’m talking things connected via electric cords of some form.

Some technology has gone by the wayside. I know I don’t use cassettes any more (although I still have a player), and I haven’t hauled out my electric typewriter in years. Certainly how I connect to the network is different — in 1984, I was still on services like Agora or Rain, using basic terminal servers; in 1974, I wasn’t even on computers except for the Compucorp programmable calculators. TV has changed as well — although my TV could take analog input, there’s no more analog OTA or CCTV anymore — it is digital to the house, and then goes through a converter box. Without those modern boxes, my old TVs would be useless. CDs? I got my first CD back in the early 1990s, less than 30 years ago.

But there is some technology that hasn’t changed. I’m still listening, on analog record players with tonearms, to LPs from the 1940s and 1950s. My telephone is still POTS (plain old telephone service) using copper wires — the only change was moving from pulse (dial) to tone (DMTF) between 1974 and 1984. AM and FM Radio hasn’t changed from 50 years ago, except for stereo.

What about the future? What technology that we use today will be the same 30 years in the future? Hopefully, all that digital music we’ve purchased will still be usable, even though it might be a copy of a copy. LPs will likely still be around. Cassettes and CDs probably won’t. Radio will likely have gone digital, if only to recover the bandwidth. Telephones will probably have a VoIP backbone instead of copper pair, but will that change the instrument on the wall?

So, what about you? What do you use from 30 – 40 – 50 years ago? What will you be still using in 30 years?