Category Archives: Security

Food, Security

NRA Attacks Lawyers

Leave a comment

I suppose everyone now and again takes a shot at lawyers. Here’s one of my favorites:

Client: “I hear your hourly rate is really expensive. If I give you $600 could you answer two questions for me?”
Lawyer: “Yes. Now what’s the second question?”

But the NRA might find their latest magazine cover messaging on lawyers could backfire:

I am pretty sure their imagery actually suggests that if you kiss a frog with a briefcase you will get a handsome environmentalist — a hunter who intends to shoot only cleanly and accurately.

Lead is for followers, I use copper

The controversy is actually related to poisoning from lead bullets. Copper is argued to be a more sensible choice for hunters because lead shot or bullets cause serious damage or death to non-target animals, the hunters and their families.

Studies show that huge numbers of water-fowl are unnecessarily poisoned by lead shot.

Based on the survey’s findings, the ban on lead shot reduced lead poisoning deaths of Mississippi Flyway mallards by 64 percent, while overall ingestion of toxic pellets declined by 78 percent over previous levels.

The report concludes that by significantly reducing lead shot ingestion in waterfowl, the ban prevented the lead poisoning deaths of approximately 1.4 million ducks in the 1997 fall flight of 90 million ducks. In addition, the researchers state that approximately 462,000 to 615,000 acres of breeding habitat would have been required to produce the same number of birds that potentially were saved by nontoxic shot regulations that year.

There is also the secondary poison effect. Hunts for prairie dogs will poison raptors (e.g. eagles) that feed on the shot animals filled with lead fragments. This, of course, begs the question of why anyone who reads the latest ecology evidence would hunt prairie dogs since they prevent soil erosion and support larger game, but I digress. Even the US military is migrating away from lead on their firing ranges because of poison concerns.

The quickest route to innovation often comes from regulation — the latest bullet technology now surpasses lead performance.

During testing, the M855A1 performed better than current 7.62mm ball ammunition against certain types of targets, blurring the performance differences that previously separated the two rounds.

The projectile incorporates these improvements without adding weight or requiring additional training.

According to Lt. Col. Jeffrey K. Woods, the program’s product manager, the projectile is “the best general purpose 5.56mm round ever produced.”

The only scientist I could find who supports lead ammunition sits on the board of the NRA. That reminds me of how the inventor of leaded gasoline tried to prove in 1925 that the string of deaths obviously from lead were not his fault — he washed himself with leaded gasoline, and promptly fell seriously ill from lead poisoning. Unfortunately it took another 50 years, and the huge costs in clean-up and health-care (US$43.4 billion a year), before America finally fixed combustion design properly…by regulating lead. The same goes for paint.

Each dollar invested in lead paint hazard control results in a return of $17–$221 or a net savings of $181–269 billion.

Although the properties of copper means bullets behave differently on impact the point is that non-toxic metals are equally effective at killing targets without potentially damaging more than what is intended.

If you like the outdoors and you have a choice, why handle and throw a poison around? There is no good reason, not even cost.

The use of lead bullets is so hard to support it actually makes that frog (or even a toad) look a lot more attractive than it should.

Sailing, Security

The Onion Terror News Update

Leave a comment

You can really tell there has been a lull in terror attacks and warnings when The Onion writes a story called “U.S. Authorities Can’t Really Fault Al-Qaeda For Deadly Bombing Of Carnival Cruise Ship”:

“Terrorism is a crime against humanity for which there can never be any justification,” Homeland Security Secretary Janet Napolitano told reporters. “But then again, so is a 130,000-ton boat with an indoor ice skating rink, 24-hour buffet access, and a dance club called the Caliente Lounge. To condemn al-Qaeda outright for this attack would be to ignore the fact that, well, you can’t really argue with them on this one.”

[…]

Foreign leaders in France, Britain, and Germany, as well as citizens in the Carnival Cruise port city of St. Thomas, have joined the U.S. in issuing strongly worded statements of their own, saying that the suspected architect of the attack, Ayman al-Zawahiri, did the United States a huge favor. In addition, sources in the State Department said their only problem with the strike was that it wasn’t on a Disney cruise ship, which they claimed would have allowed al-Qaeda to kill two birds with one stone.

Security

Securosis Warns Against Cloud

1 Comment

Mike Rothman warns in his blog entry called “RSA Guide 2011: Key Themes” that only a very elite and small group (himself included, of course) can understand the cloud, let alone the security issues.

Last year you could count real cloud security experts on one hand… with a few fingers left over.

[…]

The number of people who truly understand cloud computing is small. And folks who really understand cloud computing security are almost as common as unicorns.

Unless I am reading that wrong he is saying that no one really understands cloud computing security. How does one enter the cloud if no one exists that can understand how to make it safe? Is that a warning against it?

He probably means to say only he and his immediate colleagues are to be hired — they are the real deal and will save you from the cloud. Even that sounds to me like scare-mongering, marketing and hype. Perhaps he could just issue a new Securosis byline:

We are like unicorns in the cloud — and everyone else is dumb

The truth is that many people outside his sphere of influence understand cloud security and are actively working on tools, architectures and live deployments. Not all of them take the time or even want to give presentations. And let’s face it, cloud security actually is not that hard to understand. It is essentially applying controls to new engineering, architectures and technologies and then finding ways to address gaps. That is a familiar exercise for anyone who has worked in the past with security for product companies and development, especially within large shared environments.

Speaking of marketing hype, Mike gives a clear set of criteria for how to choose a good presentation, but then he appears to ask you to violate his own criteria for two presenters that are related to his company.

Skip over session descriptions that say things like, “will identify the risks of cloud computing” and look for those advertising reference architectures, case studies, and practical techniques (don’t worry, despite the weird titles, Rich includes those in his cloud presentation with Chris Hoff).

This is some odd advice. Don’t worry? On the one hand he warns about others who engage in a kind of behavior he wants you to find distasteful, and on the other hand he (and his colleagues) engage in it. Not sure what to make of that; much of what he says is interesting and well researched, but it is hard to overlook contradictions and double-standards. Why not just say “don’t worry” about the cloud?

Disclaimer: I am also presenting on cloud security at RSA and I do not believe in unicorns.

History, Poetry, Security

The History and Meaning of Finding Kumbaya

Leave a comment

The NYT attempts to preserve or even restore meaning for the song often known only as Kumbaya

The lyrics told of people in despair and in trouble, calling on heaven for help, and beseeching God in the refrain, “Come by here.”

[…]

Far from compromise, “Come By Here” in its original hands appealed for divine intervention on behalf of the oppressed. The people who were “crying, my Lord” were blacks suffering under the Jim Crow regime of lynch mobs and sharecropping. While the song may have originated in the Georgia Sea Islands, by the late 1930s, folklorists had made recordings as far afield as Lubbock, Tex., and the Florida women’s penitentiary.

With the emergence of the civil rights movement in the 1950s, “Come By Here” went from being an implicit expression of black liberation theology to an explicit one. The Folkways album “Freedom Songs” contains an emblematic version — deep, rolling, implacable — sung by the congregation at Zion Methodist Church in Marion., Ala., soon after the Selma march in March 1965.

Like other songs I have mentioned before here, it was an encoded message among slaves to fight against injustice such as restrictions on speech.

To sing Kumbaya was to resist, perhaps even to signal to others an event that would need more resources — calling in backup. The peculiar characteristics of this song that originated in the American south are born out of resistance to authority; simple repetition with obfuscation helped ensure the availability, integrity and confidentiality of a message.

Also Folklife Center News, Volume 32, Nos 3-4, Summer/Fall 2010, in their exhaustive research of the song origins, explains how an alleged link is problematic and… Wikipedia tends to publish garbage.

The most common claim made today about the origins of “Kumbaya” is that it is from the Gullah-Geechee people of coastal Georgia and South Carolina. (The more outlandish versions of this theory, such as the one espoused on Wikipedia on April 2, 2010, claim that “Yah” is a remnant of Aramaic, and refers to God, despite the fact that “yah” means “here” in Gullah.) While a Gullah origin is certainly closer to the truth than either of the previous theories, AFC’s archival versions also call the Gullah claim into question.

The Folklife Center News provides instead a self-dealing alternative story:

…the evidence from the American Folklife Center Archive does not fully support any of the common claims about the origin of “Kumbaya.” Instead, it suggests that “Kumbaya” is an African American spiritual which originated somewhere in the American south, and then traveled all over the world…. Although it is truly a global folksong, its earliest versions are preserved in only one place: the AFC Archive.

Coastal Georgia and South Carolina is somewhere in the American south, no? Perhaps too specific. Either way, Kumbaya is a fight song.