Saturday assorted links

1. Insect Allies.

2. Consider the Wombat: “Despite the fact that they do not look streamlined, a wombat can run at up to 25 miles an hour, and maintain that speed for 90 seconds. The fastest recorded human footspeed was Usain Bolt’s 100m sprint in 2009, in which he hit a speed of 27.8 mph but maintained it for just 1.61 seconds, suggesting that a wombat could readily outrun him. They can also fell a grown man, and have the capacity to attack backwards, crushing a predator against the walls of their dens with the hard cartilage of their rumps. The shattered skulls of foxes have been found in wombat burrows.”

3. NeanderCare.

4. Neil Gorsuch will be teaching at GMU Law.

5. “San Francisco Board of Supervisors Tuesday unanimously passed an ordinance requiring that women be depicted in at least 30 percent of the city-sponsored artwork contains non-fictional people.

6. Hacker News thread on the Bloomberg China chip hack storyQuora on the same.

Comments

#5 - Is there going to be a non-fictional artwork female content percentage inspector?

As with many progressive ideas, I agree with the spirit and intent but am cautious of the free speech implications of making these things legal requirements. This is - whether you like it and agree with it or not - a legal limit on freedom of artistic expression.

Interesting that they presume to know the genders of those depicted.

Try reading more closely, jackass. Hint: "non-fictional people"

Interesting that they presume to know the gender-identities of non-fictional people who would very likely have been frightened into Silence by the prospect of the ridicule to which they would surely have been subjected had they proudly declared those gender-identities, duck-billed platypus.

Don't disparage the platypus. But otherwise, you got it.

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

There is not a free speech implication here. The city is setting a rule for itself about what kind of artwork it will buy.

This is entirely reasonable to do. If a city is going to purchase art, it's probably a good thing to have standard about its content. Wanting to increase the representation of women also seems like a worthy goal, when they currently only have two non-fictional women out of 87 statues.

I'm not sure a quota is the best way to accomplish this. But really, I see little to object to in this story.

@dan1111 - the most hilarious, lol funny Frisco (CA, not TX) artwork I ever saw was in the mid 1990s, when a poster designed to sensitize people about rough sleepers (homeless people) showed two well-dressed businessmen, one was black as I recall, looking off into the distance, and one of them saying in a dialog bubble (in a clear reference to a homeless person, as the official caption made clear, along the lines of 'don't make fun of the homeless'), "He's not going to eat that, is he?" LOL! Literally I laughed out loud. Later, some do-gooder wrote the local paper saying this poster is not appropriate and the city took them down. It was so good I would have liked to have stolen it. Banksy would approve!

Bonus trivia: #2- the wombat literally shits square bricks.

Respond

Add Comment

Respond

Add Comment

'a legal limit on freedom of artistic expression'

In which case, you clearly do no believe that any buyer is allowed to buy what they want, instead of what the artist is selling, because the buyer deciding what art to purchase is a legal limit on freedom of artistic expression.

But then, many artists have blamed a lack of buyers for why their artistic expression has been restricted, so it isn't as if you are completely wrong, from one perspective.

Respond

Add Comment

This will require a board of commissioners(@ what is it now? $187,000) and a little extra for the chairperson.

Respond

Add Comment

It's not a worthy goal. It's gender bean counting devoid of any contextual rationale for why gender representation should be an issue.

Respond

Add Comment

As you know, a law without enforcement is not a law. So clearly we are going to need enforcers and a system to punish non-compliance.

Beautiful!

Respond

Add Comment

Respond

Add Comment

No, Supreme Court justice Gorsuch's involvement is with the law school formerly known as ASSoL, before someone involved with PR among the law and econ crowd (or the Federeralist Society, as if that is much of a distinction) realized that for a secret donation of 20 millions dollars, buying such an unfortunate abbreviation was not actually all that bright. 'The name change came after the law school in Arlington, Va., received $30 million in donations, to include $10 million from the Charles Koch Foundation and $20 million from an anonymous donor. It was not scheduled to be announced last week, but Nina Totenberg got word of it and tweeted it, the school soon confirmed it, and numerous unspeakable jokes were soon made.

The school has moved fairly quickly to amend the name in order to avoid any scatalogical acronyms. Dean Henry Butler sent out a letter to alumni, first reported by the “Above the Law” blog Tuesday, that the school will be called the Antonin Scalia Law School.' https://www.washingtonpost.com/news/true-crime/wp/2016/04/05/george-mason-u-changes-name-of-scalia-law-school-to-avoid-embarrassing-acronyms/

Gorsuch has likely enjoyed the ever so coincidental interactions with his fellow Federalists at George Mason University’s Antonin Scalia Law School. A name which should not be that hard for any member of the GMU faculty to remember - particularly any faculty with offices at the Arlington campus.

After all, it wasn't just the Kochs that paid good money for the state to change the law school name, though at least they were honest enough to attach their foundation's name to that check.

Maybe they can use both

The Antonin Scalia(ASSol) School of Law

Seems about right.

Up there with the now defunct Trump University's Trump Associate Realestate Development (TARD) program. Together with a Doctorate in Obamacare (DO) the dual degree offerings of DO & TARD makes one quite the very stable genius. Dear Leader would be proud.

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

#6 The quora post by Seidman makes a lot of sense to me. This attack seems too easy to detect to work with any breadth.

First of all, I hope everyone reads the upstream article behind the Hacker News discussion:

https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/

Second, I'm not sure it is that easy to detect. No one wants to slow down their network by stopping and examining every packet. And even if thry could, it would not be easy. One thing we learned from old 1960s style bugs is that they can be set up to transmit very infrequently, so that scans show nothing most of the time.

These chips sound plent smart enough to only go active one every 20 boots, or even more rarely. It would still be enough to get you in.

A lot of servers may never see 20 boots after initial config. They stay up for several months and last anywhere from 3-4 years.

I'd say transmit frequently in low volume. No unusual spikes in traffic, or change in traffic's baseline.

Nothing to see here. Move along.

...Before being elected head of Interpol in November 2016, Meng was vice minister of public security in China, which critics say gave him control over the secret police....

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

In a reasonably secure environment, any communcation outside a whitelisted set of IP addresses will set off an alarm.

Well, military secure is one thing, but I believe many useful company "secrets" are set up to be shared "securely" world-wide.

Respond

Add Comment

I work in network security, and I can tell you that I've never seen a network that locked down. Especially for a company like Apple or Amazon, where they need their web services available to anyone, anywhere.

In fact, it's a small minority of networks where the admins have any idea whatsoever what traffic is running on their networks. Bringing in a good capture device and showing them what's in a big rolling capture usually ends up in shocking them.

Data exfiltration is a major problem, and hardly any networks, even the big defense related ones, are anywhere near secure enough to notice it, much less stop it.

This kind of attack is not only credible, it's been warned about for years. Especially in light of things like Intel's Management Engine, which is basically a pre-installed, required, unblockable back-door.

Whether or not it happened in this instance isn't definite, but we're not likely to find out the truth for a few decades. If it is true, hardly anyone in any of these companies is going to know about it, and the people investigating aren't going to declassify the investigation to save some PR flacks from trouble.

The problem is that you make to make sure that no computer with modified chips ever makes it into a place where people will monitor for traffic.

I've built tools that capture everything, and at a different company I worked on a tool that would have noticed any kind of "never-talked-to-that-guy-before" anomaly.

Separately, it's good to know that HackerNews is full of the same kind of crazy as it was when I left it. Time to put it back on my block list for another 3 years.

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Why stop at a female quota? What about people of color? Trans? Gay? Etc... Go all the way or not at all.

California is reacting to the Kavanaugh scandals first by mandating women in the boardroom and now SF with this. New York more pragmatically is going after some Trump tax dodge money.

Or to look at it other way, conservatives look under the rug for something remote to be upset about, in hopes to balance something much bigger and more directly related to our lives.

We may soon have a Supreme Court Justice who did not pretend to be apolitical, and ranted publicly about "revenge on behalf of the Clintons and millions of dollars in money from outside left-wing opposition groups."

How can he now judge any political issue? How can he not recuse?

He was not being political, but pointing out the attack on him was political. Should Ginsburg ever get to vote?

When attempting to appear apolitical, do not name classic boogeymen.

In the same way an "apolitical" leftist should not blow his cover by saying "the Koch's!"

Are you disputing opposition to him came from “revenge on behalf of the Clintons and millions of dollars in money from outside left-wing opposition groups”? I especially liked the generic opposition letter on Day One from Women’s March which named him as “XX” (as pointed out by Graham and Collins).

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

We already have one very political justice, RBG, who publicly opposed a particular presidential candidate, three times, in three mass media, not in the heat of the moment, unambiguously.

https://www.politifact.com/wisconsin/article/2016/jul/13/what-ruth-bader-ginsburg-said-about-donald-trump/

Do you expect RBG to recuse when any case entitled “Donald Trump v. Anyone “ comes before the Court?

-dk

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

'Why stop at a female quota?'

Why should any buyer have any limits on what they want to buy? Do you really hate a free market in art that much?

When the buyer is the government beast that feeds its bloated belly from taxpayers it is most certainly legitimate to place restrictions on what it may buy. This country isn't some socialist hellhole like Germany (even if SF qualifies as a filthy socialist hellhole).

'When the buyer is the government beast'

Well, then all one needs to do is use the electoral process to ensure that the government beast is actually your pet.

As you actually seem to understand - 'it is most certainly legitimate to place restrictions on what it may buy.' Of course the ultimate buyers have every right to restrict what their representatives do - such as electing new ones.

The Federalist Society could explain the basic concept, though they focus on the judiciary.

And under the U.S. Constitution gender quotas are inherently suspect, which soon-to-be Justice Kavanaugh understands.

I am not really sure how to break this to you, but the buyer of art is the one who decides what to buy - and that is fully constitutional. If the Smithsonian decides to fill a museum with American art by men, there is no question that they are fully entitled to exclude Canadian women from being purchased. Or for that matter, American women.

You might be on a bit firmer ground if this involved the creators of the art - but it doesn't, it involves the subject matter. In other words, if SF had said that 30% of the art they were buying had to represent SF, they would be fine. Which is precisely the same case involving the 30% of the art they are buying has to meet their criteria for purchase.

One can only hope that Kavanaugh understands the distinction between subject matter and creator.

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

To be fair SF is both a socialist and a capitalist hellhole. But better to make a billion dollars in hell than to be doped out on oxycontin in heaven. Especially if heaven is some boring flyover state.

Is this heaven?

No, it's Iowa.

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

How about one for opioid-addicted trailer park rednecks who lack front-teeth but married their 14 year old first cousins?

Respond

Add Comment

What about a quota for chubby, college aged Republicans that wear business suits with a National Review tucked into their armpits? Would look good in watercolor.

Respond

Add Comment

Oh I know. Let's make one for Donald Trump Jr. That is one goofy looking dood.

Respond

Add Comment

Or, a quota for people from geographic regions that often get depicted in inset boxes on maps.

Respond

Add Comment

Respond

Add Comment

6. Agree with most of the comments there. Without more evidence, this is fake news. A bit surprised that this made it through Businessweek. A shame though that Supermicro took a nose dive on the NASDAQ. May be a lawsuit can heal some wounds.

The is can happen because reporters don't have the domain knowledge to assess the story. Heck, I'm a software engineer, and I don't know enough to evaluate the claims in the Hacker thread.

Respond

Add Comment

'Without more evidence, this is fake news.'

It is unlikely that there will be a Chinese Snowden coming forward any time soon, but it is not all that implausible in broad outline - 'A document included in the trove of National Security Agency files released with Glenn Greenwald’s book No Place to Hide details how the agency’s Tailored Access Operations (TAO) unit and other NSA employees intercept servers, routers, and other network gear being shipped to organizations targeted for surveillance and install covert implant firmware onto them before they’re delivered.

These Trojan horse systems were described by an NSA manager as being “some of the most productive operations in TAO because they pre-position access points into hard target networks around the world.”

The document, a June 2010 internal newsletter article by the chief of the NSA’s Access and Target Development department (S3261) includes photos (above) of NSA employees opening the shipping box for a Cisco router and installing beacon firmware with a “load station” designed specifically for the task.

The NSA manager described the process:

Here’s how it works: shipments of computer network devices (servers, routers, etc,) being delivered to our targets throughout the world are intercepted. Next, they are redirected to a secret location where Tailored Access Operations/Access Operations (AO-S326) employees, with the support of the Remote Operations Center (S321), enable the installation of beacon implants directly into our targets’ electronic devices. These devices are then re-packaged and placed back into transit to the original destination. All of this happens with the support of Intelligence Community partners and the technical wizards in TAO.' https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/

Respond

Add Comment

Respond

Add Comment

2. I've heard of one person being killed by a wombat. Apparently he put his mobile home over its burrow and it took umbrage at this and opened an artery in the man's lower leg.

This article tells of a woman in Canberra being attacked by a wombat while walking her dogs:

https://www.canberratimes.com.au/national/act/are-wombats-really-that-dangerous-yes-says-an-expert-20160819-gqwm0h.html

But then I suppose people must get attacked by wolverines and bald eagles in Washington all the time.

More like bears or cougars. Australia might have a definite lead in nasty creatures, but North America still has bigger predators/omnivores that do occasionally kill humans. Wolverines or eagles are not in the same league.

I should have added a D.C. to the end of that Washington. No doubt many tourists have been eaten by bears instead of wolverines and bald eagles due to confusing the two Washingtons.

Well, no wolverines in DC, though there are in Washington state.

What you might find are possums (often enough rabid), which I was taught decades ago were the only marsupials that live outside of Australia. Not really pleasant animals, though noted for being the inspiration of the American expression 'playing possum.' Which is pretty interesting, actually, in a certain morbid way - 'When threatened or harmed, they will "play possum", mimicking the appearance and smell of a sick or dead animal. This physiological response is involuntary (like fainting), rather than a conscious act. In the case of baby opossums, however, the brain does not always react this way at the appropriate moment, and therefore they often fail to "play dead" when threatened. When an opossum is "playing possum", the animal's lips are drawn back, the teeth are bared, saliva foams around the mouth, the eyes close or half-close, and a foul-smelling fluid is secreted from the anal glands. The stiff, curled form can be prodded, turned over, and even carried away without reaction. The animal will typically regain consciousness after a period of a few minutes to four hours, a process that begins with slight twitching of the ears.' https://en.wikipedia.org/wiki/Opossum

Possums are not as clever as raccoons at getting into a trash can, but just about as determined.

We were taught there were two groups of marsupial outside of Australia. The opossums and the opossums. (It's not our fault they have the same name.)

Our possums don't play dead. Well, if they do they are extremely committed method actors.

Actually, it is kind of your fault (or the poms) - the word opossum comes a Virginia native American language, Powhatan, from around 1610.

Well, there are two orders of marsupials in the Americas. Stinky opossums of which there are many species and South American shrew opossums. When Europeans arrived in Australia they called a tree dwelling marsupials possums, probably because their earlier attempts at naming things properly were so embarrassing. For example kangaroo roughly translates as, "This guy's acting like he's never seen a kang before."

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

Alas wolverines are very, very rarely sighted let alone attacked by. Bears not at all. They'll dig through a trash container in the middle of the street.

Respond

Add Comment

Respond

Add Comment

Wombats are not very likely to harm humans but do do a fair amount of damage to the underside of cars when run over. Unfortunately, they are hit by cars a fair amount. Their butt muscles are so strong that they literally shit rectangular poops. It's a bit funny to see.

Yes, my father hit a wombat on a rural road and is very lucky to be alive. The car flipped and landed on its roof. There were no telephone poles or trees on the side of the road, which is pretty much the reason he lived. Destroyed his shoulder though. This was in about 1984. Still not sure how he got home.

Respond

Add Comment

Respond

Add Comment

Great news out of Chicago

Respond

Add Comment

A wombat bite can go right through your walking boots and leave you with a nasty wound on your foot. Tease not the wombat!

When their attacks are lethal it's known as mortal wombat.

Nice!

Respond

Add Comment

Respond

Add Comment

Respond

Add Comment

3. "Healthcare provisioning can thus be understood alongside other collaborative ‘risk pooling’ strategies such as collaborative hunting, food sharing and collaborative parenting. "

Or, the Deep evolutionary Roots supporting something like National Health.

Just like we have National Food and National Childcare.

Respond

Add Comment

Respond

Add Comment

5. They didn't used to call it the "Board of Stupidvisors" for no particular reason.

Ha ha! Because they are so stupid! Oh man that is devastating. Talk about genius...

Respond

Add Comment

Respond

Add Comment

1. The story has a point - engineering bugs to carry a virus is creepy. Also, the guy running the program, Blake Bextine, sounds like a
Pharma Super Villan.

My feelz say this DARPA program should be opposed. Tho not to the same extent as Kavenaugh. Props to the WaPo for balance here (at least).

Respond

Add Comment

#6 Good thread and link (https://www.lightbluetouchpaper.org/2018/10/05/making-sense-of-the-supermicro-motherboard-attack/) on Hacker News. The Quora post reads like a conspiracy theory and is strangely defensive about the accusation.

Respond

Add Comment

6: thanks for the update. It's an important story if it's true, which seems to still be under debate. I lack the expertise to determine which side is correct, it looks like it'll take a few days or more for the experts and observers to sort this out.

Respond

Add Comment

Respond

Add Comment