Notes and Jottings

http://www.schneier.com/blog/archives/2006/09/faulty_data_and.html

Most people probably know Schneier as a respected member of the cryptography community, and writer of some famous cryptographic books. He also writes very interesting and throughtful articles in Cryptogram and on his blog about real-life security mechanisms and failures. Here are some thoughts from him:

Maher Arar is a Syrian-born Canadian citizen. On September 26, 2002, he tried to fly from Switzerland to Toronto. Changing planes in New York, he was detained by the U.S. authorities, and eventually shipped to Syria where he was tortured. He’s 100% innocent.

Judicial oversight is a security mechanism. It prevents the police from incarcerating the wrong person. The point of habeas corpus is that the police need to present their evidence in front of a neutral third party, and not indefinitely detain or torture people just because they believe they’re guilty. We are all less secure if we water down these security measures.

Glenn Greenwald: http://glenngreenwald.blogspot.com/2006/09/george-bushs-vast-new-powers-of.html

… the Republicans are the party of torture, indefinite and unreviewable detention powers, and limitless presidential power, even over U.S. citizens on U.S. soil. By contrast, Democrats have opposed these tyrannical, un-American and truly dangerous measures. Even if Democrats didn’t oppose them as vociferously as they could have and should have, this is still a meaningful and, at this point, critically important contrast.

I know at least one Republican supporter in the US personally, and I appeal to him and any other Republican supporters to bear this in mind before voting for your “party of choice” in the November elections.

“Taken together, the bill’s provisions rewrite American law to evade the fundamental principles of separation of powers, due process, habeas corpus, fair trials, and the rule of law, principles that, together, prohibit state-sanctioned violence. If there is any fixed point in the historical understandings of constitutional freedom that help to define us as a people, it is that no one may be picked up and locked up by the American state in secret or at an unknown location, or without opportunity to petition an independent court for inspection of the lawfulness of the lockup and of the treatment handed out by the state to the person locked up, under legal standards from time to time defined by Congress. This core principle should apply with full force to all detentions by the American state, regardless of the citizenship of detainees.”

http://www.salon.com/politics/war_room/2006/09/28/critics/index.html

The Senate is well on its way towards ratifying HR 6166, with all the nasty parts I mentioned before. The only options left appear to be a filibuster (unlikely), or that the law gets knocked down as unconstitutional by the SCOTUS.

We must start treating our moral authority as a precious national asset that does not limit our power but magnifies our influence. That seems obvious, but this Administration still doesn’t get it. Right now – today — they are trying to rush a bill through Congress that will fundamentally undermine our moral authority, put our troops at greater risk, and make our country less safe.

Let me be clear about something—something that it seems few people are willing to say. This bill permits torture. It gives the President the discretion to interpret the meaning and application of the Geneva Conventions. No matter how much well-intended United States Senators would like to believe otherwise, it gives an Administration that lobbied for torture just what it wanted.

The only guarantee we have that these provisions really will prohibit torture is the word of the President. But we have seen in Iraq the consequences of simply accepting the word of this Administration. No, we cannot just accept the word of this Administration that they will not engage in torture given that everything they’ve already done and said on this most basic question has already put our troops at greater risk and undermined the very moral authority needed to win the war on terror.

Senator John Kerry

Update: Here’s a good summary of the problems surrounding the bill. At this point (1905 UTC+1), it looks like filibuster is not an option, and the bill is almost certain to pass. It’s a dark dark day for the US.

Weird, I seem to have lost the last 15 months of entries. Don’t worry, there wasn’t anything that important there! MovableType, eh? Maybe it’s time to write my own.

To expand on my post the other day, the House of Congress should currently be debating HR 6166, Military Commissions Act of 2006. This does away with the right of habeas corpus. This means that it may be possible (unless the law is struck down as unconstitutional) that the US Administration could hold a person indefinitely without charge. Currently this is being done in Guantanamo, but this puts it on a pseudo-legal footing. Is this the first step towards a totalitarian state?

If it passes the House (which it looks like it will), then there’s still the Senate - but odds are slim that the Democrats can halt passage of the bill.

Rep. Louise Slaughter posted an update before she went to debate the issue. It’s a shame that more people don’t see the huge danger (bipartisan danger, even) that this bill poses to US democracy.

It’s shameful for Democrats, who haven’t put as much effort as they should into stopping it, but it’s even more shameful for the Republicans, who show yet again that they are the “rubber stamp” party, willing to pass any legislation passed in front of them.

If Republicans keep control of both Houses after the November elections, it will not just be distasteful, it will be a disaster for everybody! Including a brief mention that control by the Republicans is quite likely to be followed by a strike on Iran.

http://www.cits.rub.de/MD5Collisions/ - best example yet of MD5 being broken for serious use as a cryptographic hash. OMFG! What’s the new hash for a new era? Looks like SHA1 is reasonably promising as a general usage hash, the way MD5 used to be.

Hehe. Now that I’ve gotten your attention, what’s the story with Hotmail’s support for UTF-8?? Try sending a HTML mail in the UTF-8 encoding, accented characters will come out like gobbledegook.

This is 2005, not 1997, UTF-8 is seriously becoming (sorry, has become) the lingua franca of the Internet, and I really did not expect Hotmail not to have full support for it.

So I have a bug in work, “Incorrect handling of accented characters when viewed with Hotmail”, and I’m thinking “what now?”. I have a UTF-8 mail, do I just always transcode to ISO-8859-1 (sorry, Windows-1252)? What does that do to Chinese people, or 日本人? Nothing good, is the answer.

P.S. If this actually gets read by people at Microsoft, I am seriously impressed! Maybe we should call it “sidetalking”. Oh wait, that one was taken already

Is this really the best way to use an alternative ssh key for checking out from CVS?

#include
#include

int main(int argc, char **argv)
{
char **args;
int i;

args = (char **) malloc((argc + 3) * sizeof(char *));

if (args == NULL)
{
fprintf(stderr, “Out of memory\n”);
exit(1);
}

args[0] = argv[0];
args[1] = “-i”;
args[2] = “/opt/gary/ssh/identity”;

for (i = 1; i

Well, well, [Google Maps](http://maps.google.com/) now has a [UK/Ireland version](http://maps.google.co.uk/). All the usual Google maps loveliness - with obvious exceptions for Ireland. No mapping outside the major towns and road arteries. Bennettsbridge? Does it exist? Thomastown has a mark, but it’s certainly not the town I once knew, either. I know that Google has to work with the mapping information that’s available for Ireland, and that is sometimes sparse on the ground. [Ordnance Survey Ireland](http://www.osi.ie/) should do better… they certainly have the mapping DATA. *Disclaimer:* I don’t really know that much about the commercial aspect of how to get good Irish mapping, so a lot of what I said is really just noise.

If we consider its ability to recommend directions, ask it for directions from XXXX to O’Connell Street.

Did you mean:

O’Connell Street, the Scottish Borders, The Scottish Borders, Scottish Borders, TD9

O’Connell Close, St. Helens, Merseyside, WA11

Eh, no. I guess with that “.co.uk” designation, it’s not quite ready for Ireland yet. Still, it is pretty! And I bet it works reasonably well in the UK.

Actually… let me think about this a bit more… considering the hacks that are available to overlay you own route on top of a map through Javascript… this could be useful!