Speed and style reminds me of Matt Hensley. And music is good, too. Apparently from a video “No Strings Attached”.
Month: May 2010
My Battle at the Berrics 3 Picks
For BATB3, I see Cory Kennedy and Marc Johnson going all the way this year, and Cory taking it. Although P-Rod is usually ultra consistent I’m calling his defeat to Billy Marks. I’d like to see Lutzka go farther if he can get past Koston’s dork tricks.
Mike Mo took the first one. Cole the second, bust just barely.
HealthCare Thought Exercises
I can’t remember where, but I’m fairly certain I saw compelling evidence that nations with universal access to healthcare, contraceptives, and abortions have the lowest rates of abortions. Let’s assume this is true.
Also assume that the U.S. military, as well as foreign militaries aided by the U.S., engage in a perhaps small but non-zero number of actions which cause more human suffering, in lives and in residual physical and emotional scars, than the actions prevent.
Now assume that, ten years from now, ObamaCare will have reduced abortions by millions/year and have produced a net fiscal drain on the federal government, forcing it to reduce some of the aforementioned military actions.
Would it be a “moral” law?
I think the biggest leap here is assuming the federal govt. would cut military spending. More likely we’d see cuts targeting the weakest interests (the poor), and/or tax increases most significantly affecting the middle class.
Assume now that ObamaCare ends up raising significantly the net per capita cost of healthcare (cost of drugs, premiums, copays, taxes, etc.), and this effectively reduces the standard of living, particularly at the lower classes.
Also assume that ObamaCare results in the stifling of drug & medical product innovation, resulting in millions of avoidable deaths and suffering in the future.
Would it be a “moral” law?
What if FDR had successfully lobbied to get a national healthcare system established; and that U.S. medical innovation had progressed at a reduced rate since 1940 or so?
What if Republicans enacted a “free market” healthcare system which turned out to significantly reduce costs, but in doing so also reduced quality and the margin of profit available to go towards innovation? I.e. is a “cheap” healthcare system (which we certainly had before WWI) “better” than a costly one if the margins go towards preventing future suffering?
Is it fair to assume that in our costly system those margins do go towards “societally beneficial” innovation rather than, say, executive pockets and the development of expensive new drugs which are only slightly more effective than existing ones?
Shifting Morals and Shifting Laws
Blogger Classically Liberal shows how codifying the morality of the day (“societal justice”) can give you laws that abuse a slowly changing demographic of victims. With support of Christians, England at one time had criminalized homosexuality; but now that most brits openly accept it, England’s remaining Christians and their speech are becoming targets for abuse by today’s laws.
The desire to use the law to impose one’s morality has to be a human thing because it seems to have been pretty universal. Some have well-meaning reasoned intentions, but many want prohibitions simply because it’s wrong to let gays marry, use “drugs”, watch dirty movies, gamble, use alcohol, be gay, allow women to vote, marry out of race, education your slave… How morality shifts.
What if instead you had law based on the unchanging principle of positive personal liberty? Would society collapse in an orgy of sex, drugs, and Adult Swim marathons? We kinda tried this. The U.S. Constitution was radical in that it mostly limited the behavior of the government rather than of the individual, not that the Good Old Days of the U.S. were the golden age of personal liberty.
As the author of Last Call noted on Fresh Air, Prohibition was the first Amendment really limiting personal conduct, and we later got rid of it. I don’t drink, but I’ll have a sugary rum drink in celebration when DOMA falls.
SCOTUS: Florida handed out cruel & unusal sentences
The Supreme Court today ruled that juveniles cannot be sentenced to life without parole for nonhomocide crimes. Good. How does Florida fit in the picture? Seventy-seven of the 129 American juveniles sentenced to LWOP are in Florida. Either Florida’s teens are the most evil in the nation or something in the CJS is wrong. Today it’s slightly less wrong.
Fun fact: Florida eliminated parole in 1983.
Update: I’m hesitantly changing my mind on this decision. I think good will come of the attention it (and FL’s CJS) receives, but I don’t think it was necessarily correct. Whether the victim(s) of a crime happen to all survive—even if left for dead—is as much an arbitrary delimiter as whether the offender was just shy of 18 when the crime was committed. The case before the court presented one of the obvious examples of FL’s sentencing inflation, but the decision isn’t going to fix that. FL prosecutors can continue to request just barely short of life sentences. If anything will “fix” it, it’ll be the cost of continuing to build prisons.
Scathing AP Editorial on U.S. Drug War
AP IMPACT: US drug war has met none of its goals
This writer is obviously on fire about this issue, and while I appreciate the fact that it will expose more people to the wider effects and history of our drug policy, it’s simply unfair to claim that the drug war has met no goals. If the goal of drug prohibition was to completely wipe out drug usage, then sure, complete failure, but many people support prohibitions to keep prevalence of usage below a certain threshold, and they do work for that. The data in Drug War Heresies pretty clearly suggests that commercialization increases use, and illegality provides a non-zero deterrent to purchase and to use for a large part of the population. In that aspect, prohibitions very much likely have kept usage down.
That said, there are a lot of goals to public policy, and in the grand scheme of things, basing a drug policy mostly on reducing the prevalence of mainly marijuana use has had some horrible outcomes that have gone mostly unmeasured and unreported. Thankfully that’s starting to change.
I hope to give my thoughts on the White House’s new “strategy” soon. The Good: some real improvements in goal-setting, promotion of proven ideas in parole/probation reform. The Bad: More federal dollars towards drug law enforcement; no explicit goals of measuring/reducing the use of militaristic SWAT-style policing; more, more, more foreign meddling shown mostly to cause a lot of harm to foreigners with little evidence of utility in the U.S.
Skate 3 Could Use a Light
Skate 1 was and remains awesome. EA delivered an amazing city in Skate 2, but tinkered with the mechanics, breaking a perfect thing in my opinion. I eventually re-bought S2 and it’s OK, but returning to S1 always feels like switching to a pair of well-worn in skate shoes—skating is easier when you can feel the board and not slip around it. S2 brought better filming options (downloadable content $$$!), but turning now looks terrible, as do no-complies and most of the other junk they added.
For S3 it looks like the Black Box team have broken new ground to bring you…skating with cigarette.
Dan Drehobl’s a great skater—who in interviews wishes he could quit smoking—but after playing the S3 demo, I wish whatever time was spent modeling his cigarette would’ve been squeezed into bringing back the feel of S1. Was Skate really missing darkslides, underflips, and an “easy” mode? The Skate world continues to look less like the real world and more skate park.
And what’s with killing the Skate Reel upload servers for a game only 3 years old? Can I get more bitter and nostalgic?
The Future is Windows 3.11 Workstation
[slightly NSFW]
Related: Screenshot of the Win3.11 skin for WindowBlinds
Bookmarklet and PHP to prevent Shibboleth-related Firefox Lockouts
/*
* Remove all _shibstate cookies if there are too many of them. This usually
* occurs due to Firefox session restores. Unfortunately we don't know which is
* the active state cookie, so we have to delete them all, but this is a lessor
* crime than locking the user out with server errors.
*
* In an app a good time to call this is when a user is not logged in or has an
* expired app session. This way we can cleanup their cookies before forwarding
* them to the shib login process. Also after logout you'll want to call this
* with parameter 0 to always remove them.
*
* @param int $allowableStateCookies if the number of _shibstate cookies
* exceeds this, they will all be removed.
*/
function Shibboleth_preventFirefoxLockout($allowableStateCookies = 10)
{
$stateKeys = array();
foreach ($_COOKIE as $key => $val) {
if (0 === strpos($key, '_shibstate')) {
$stateKeys[] = $key;
}
}
if (count($stateKeys) > $allowableStateCookies) {
foreach ($stateKeys as $key) {
setcookie($key, '', time() - 3600, '/');
}
}
}
Here’s a bookmarklet that essentially does the same thing: Fix Shibboleth Lockout
Google’s School for Hackers
Google is offering programmers their own personal sandbox application—called Jarlsburg—and hints of how to exploit the common vulnerabilities purposefully left in it. Although Google is basically walking folks through how to attack apps, publicizing this info is a necessary evil in order to build safer programmers. We have to start thinking of each line of code, cookie, HTTP request, and configuration option as another attack surface.
The table of contents lists the who’s who of vulnerabilities (though there are a lot more out there). Several of these attacks no one would’ve even dreamed of a few years ago, so the sad reality is that the web is chock full of vulnerable “legacy” apps just waiting to be exploited—unless we can fix them in time.
- Cross-Site Scripting (XSS)
- XSS Challenges
- File Upload XSS
- Reflected XSS
- Stored XSS
- Stored XSS via HTML Attribute
- Stored XSS via AJAX
- Reflected XSS via AJAX
- More about XSS
- Client-State Manipulation
- Elevation of Privilege
- Cookie Manipulation
- Cross-Site Request Forgery (XSRF)
- XSRF Challenge
- More about preventing XSRF
- Cross Site Script Inclusion (XSSI)
- XSSI Challenge
- Path Traversal
- Information disclosure via path traversal
- Data tampering via path traversal
- Denial of Service
- DoS – Quit the Server
- DoS – Overloading the Server
- More on Denial of Service
- Code Execution
- Code Execution Challenge
- More on Remote Code Execution
- Configuration Vulnerabilities
- Information disclosure #1
- Information disclosure #2
- Information disclosure #3
- AJAX vulnerabilities
- DoS via AJAX
- Phishing via AJAX
- Other Vulnerabilities
- Buffer Overflow and Integer Overflow
- SQL Injection