Archive for January, 2006

h1

Heh

Tuesday, January 31st, 2006

Decision ’08 discussing Gore, Kerry, and the unhinged moonbat left’s recent bizzare and counterproductive behavior:

Nothing says irrelevancy like losing an election that the intelligentsia assumed was yours to win. John Kerry, and Al Gore before him, can still steal a headline or two, based on their name recognition, and in Kerry’s case, his prominent office. But if they didn’t move the vast American heartland when they sang in its own key, who believes they can do it by scraping their fingers down the chalkboard?

Moderated: Insightful

Kerry, Gore, Democrats,moonbats,liberals,conservatives, Republicans

h1

DVD Review: One Six Right: The Romance of Flying

Saturday, January 28th, 2006

I hesitated to order this DVD, the price was a little on the high side. But I’d been watching and enjoying the trailers on the web for several months, so in a weak moment I broke down and sent Hal at $portys the ~$35 he charges for this product:

One Six Right: The Romance of Flying :: An Aviation Documentary Film about the Passion for Flying at the Van Nuys Airport

It was worth it. This is a terrific production, it contains some of the best aviation cinematography that I’ve ever seen. It’s really something. Watch this DVD on a good surround sound system, you’ll love hearing the airplanes fly around the room.

The best part of the production is chapter 1 of the DVD, the introduction. It’s a wordless story of a guy flying his J-3, mixed in with a lot of other fantastic airplane porn, set to angelic chorus music. I’ve viewed this one chapter about ten times.

The actual documentary is excellent, telling the story of VNY from its ground braking to the present with historical pictures and eye witness accounts.

There is a discussion of the closure of Miegs Field that broke my heart, I can’t stand to hear that sad tale. There is a sort of atmosphere in much of the DVD that seems to say “enjoy it while it lasts, this is almost gone”.

Don’t miss the special features. There is a picture of a U-2 with an N-number that operated out of VNY. I googled it, it turns out that the first batch of CIA operated U-2s all had N-numbers.

Did you know that during WWII a girl named Norma Jean Baker worked at the “Radio Airplane Company” of Van Nuys, where she was photographed by Captain Ronald Reagan’s military film unit? And that these photographs lead to a modeling job, which lead to movie stardom as Maryln Monroe?

There are a couple of aviation music videos that are spectacular.

There is a very touching deleted scene in which an older retired airline pilot is interviewed. He shows off the leather helmet and goggles that he wore as a fourteen year old student pilot. There are pictures and even a movie of him in a biplane wearing this helmet at age 14, grinning ear to ear. This pictures dissolve into a picture of the same pilot in the present day, in the back of a beautiful red biplane, with the same helmet, and the same grin.

Every pilot should see this movie. Every person with a friend or loved one who is a pilot should see it.

h1

Rumor de Jour

Thursday, January 26th, 2006

Yahoo to buy Digg.

I’ve become a Digg fan, its a good service, better than /. They are a good fit with Yahoo.

h1

Java v. Python v. Ruby v. C

Tuesday, January 24th, 2006

My brother has a good article on his web page comparing some of the more popular computer languages.

C++ vs Java vs Python vs Ruby.

I was wondering just the other day about what language to learn next myself, so Dave’s article is helpful. Most of my professional work has been in C++, with some C, Java, Perl, Javascript and even (shudder) some VB thrown in here and there.

I do wonder which languages would work best for desktop applications that must have a nice GUI and run on a wide variety of platforms. I know server side apps are all the rage, but there is still a lot of client side work being done in the world.

And Dave, you are very lame for not having comments.

h1

Blue Jay

Monday, January 23rd, 2006



Texas Jay

Uploaded by JimNtexas.

A flock of Jays frequents my back yard, they are noisy, proud, and I think they bully the other birds. I enjoy watching their antics, they remind me of some the fighter pilots I used to work with.

They are camera-shy, I’ve had a hard time getting a good picture of any of them.

I got lucky and caught this fellow on our bird bath with my trusty D50.

bird,birds, D50

h1

More on Metafiles

Friday, January 20th, 2006

Windows Ubbergeek Mark Russinovich has looked at the windows metafile issues, in particular to determine if this vulnerablity was a mistake or by design.

Mark says:

“In my opinion the backdoor is one caused by a security flaw and not one made for subterfuge.”

Mark goes on to explain that the ‘feature’ of metafiles that lets them run arbitrary code is by design, but it was included for legitimate, non-evil reasons.

Meanwhile Steve Gibson has updated his information on the issue here, including an email from Mark that contains pseudocode for metafile execution.

The way I understand it, the metafile is playing what amounts to a script of graphics commands. This script can take some time to execute. Back in the days of Windows 3.0 the whole Windows system was based on cooperation of software. Every software component that ran had 100% of the CPU for as long as it liked. Each and every Windows programmer had to remember to ‘yield’ control back to the operating system to prevent the whole computer from freezing up during time consuming operations. The way the metafile ‘player’ handled this problem was by periodically calling an ‘abort procedure’ while the script ran. This abort procedure is where the evil-doers place their malware.

I would like to rise to the defense of Steve Gibson. In his orginal podcast he several times stated that he was still working on fully groking the metafile vulnerablity. He gave a clearly labled and caveated opinion, that’s all.

He is being attacked all over the web for people who clearly didn’t listen to his podcast and don’t know what they are talking about.

metafile, Steve Gibson, Mark Russinovich,microsoft, security

h1

Ben Nelson (D-Nebraska) will vote for Alito

Tuesday, January 17th, 2006

Reuters reports that

Ben Nelson of Nebraska on Tuesday became the first Senate Democrat to announce his support of conservative Supreme Court nominee Samuel Alito, who is expected to be confirmed later this month by the full Republican-led Senate.

“I have decided to vote in favor of Judge Samuel Alito,” Nelson, a moderate, said in a statement issued by his office.

“I came to this decision after careful consideration of his impeccable judicial credentials, the American Bar Association’s strong recommendation and his pledge that he would not bring a political agenda to the court,” Nelson said.

Hat tip: Polipundit

Alito, supreme court,democrats, senate,politics

h1

Microsoft responds to Allegation

Monday, January 16th, 2006

Microsoft’s security team has posted a blog entry that responds to Steve Gibson’s allegation that the windows metafile exploit is there by design:

Now, there’s been some speculation that you can only trigger this by using an incorrect size in your metafile record and that this trigger was somehow intentional. That speculation is wrong on both counts. The vulnerability can be triggered with correct or incorrect size values. If you are seeing that you can only trigger it with an incorrect value, it’s probably because your SetAbortProc record is the last record in the metafile. The way this functionality works is by registering the callback to be called after the next metafile record is played. If the SetAbortProc record is the last record in the metafile, it will be more difficult to trigger the vulnerability.

I have a lot of respect for Steve Gibson, but I’m inclinded to give MS the benefit of the doubt on this. It is axiomatic that one never attributes to malice what can be easily attributed to error.

It will be interesting to watch Steve’s site to see how he responds.

Microsoft,MSFT, wmf, security, Steve Gibson

h1

The USAF Repeats a Mistake

Sunday, January 15th, 2006

The dead tree Aviation Week and Flight International are reporting that the U.S. Air Force may cancel the planned B-52 radar jammer.

This will be a terrible mistake. So called ‘stealth’ airplanes are more accurately called ‘low observable’ airplanes. They are never ‘no observable’, no matter what Air Force public information officers may say.

There is a lot of babble from the Air Force about ‘net-centric warfare’. But that’s all just talk. The Air Force is chooseing to simply turn over the electromagnetic spectrum below 9000 mhz to the the enemy. That’s a recipe for disaster.

What is happening is that the fighter pilots who run the Air Force are looting the whole service to fund the overpriced F-22 for purely emotional reasons. We needed the F-22 badly in 1990. We probably need a few, maybe 100 now. But we don’t need any if they can be easily detected and shot down because they have no jamming support. And that’s where we are headed.

aviation, b-52,f-22,USAF, Air Force

h1

Allegation: Windows Metafile vulnerablity was included in Windows by design

Friday, January 13th, 2006

Steve Gibson’s latest Security Podcast contains an explosive allegation. Steve alleges that the recent metafile exploit that prompted Microsoft to issue an unusual unscheduled windows update was included in Windows code by design, rather than by accident. Steve believes this code is “an intentional backdoor inserted into Windows by Microsoft for reasons unknown”.

Steve basis this allegation on careful analysis of the behavior of the SetAbortProc Windows API call that is the call that enables a malformed image file to call and execute arbitrary code on windows.

This podcast is a must-listen for anyone interested in computer security and/or windows programming.