ofcourseimright.com Eliot Lear's Ramblings – Of Course I'm Right!

ofcourseimright.com
Title: Eliot Lear's Ramblings – Of Course I'm Right!
Keywords:
Description: Eliot Lear's Ramblings – Of Course I'm Right! Skip to content Eliot Lear's Ramblings Of Course I'm Right! Hilary Clinton: A little improvement over making America break again Many of us have experienc
ofcourseimright.com is ranked 28623285 in the world (amongst the 40 million domains). A low-numbered rank means that this website gets lots of visitors. This site is relatively popular among users in the united states. It gets 50% of its traffic from the united states .This site is estimated to be worth $777. This site has a low Pagerank(0/10). It has 1 backlinks. ofcourseimright.com has 43% seo score.

ofcourseimright.com Information

Website / Domain: ofcourseimright.com
Website IP Address: 62.12.173.114
Domain DNS Server: cesium.clock.org,secondary.clock.org,ns1.ofcourseimright.com

ofcourseimright.com Rank

Alexa Rank: 28623285
Google Page Rank: 0/10 (Google Pagerank Has Been Closed)

ofcourseimright.com Traffic & Earnings

Purchase/Sale Value: $777
Daily Revenue: $2
Monthly Revenue $63
Yearly Revenue: $777
Daily Unique Visitors 196
Monthly Unique Visitors: 5,880
Yearly Unique Visitors: 71,540

ofcourseimright.com WebSite Httpheader

StatusCode 200
Content-Type text/html; charset=UTF-8
Date Tue, 16 Aug 2016 07:33:04 GMT
Server Apache/2.4.7 (Ubuntu)

ofcourseimright.com Keywords accounting

Keyword Count Percentage

ofcourseimright.com Traffic Sources Chart

ofcourseimright.com Similar Website

Domain Site Title

ofcourseimright.com Alexa Rank History Chart

ofcourseimright.com aleax

ofcourseimright.com Html To Plain Text

Eliot Lear's Ramblings – Of Course I'm Right! Skip to content Eliot Lear's Ramblings Of Course I'm Right! Hilary Clinton: A little improvement over making America break again Many of us have experienced loss in our lives, and we get hit with the cruel irony that we don’t know what we’ve got until it’s gone. We Americans like complaining. To be sure there is plenty to complain about. You have your own list; I won’t write one for you. But things can get a lot worse for Americans than they are. Donald Trump looks up to President Putin and envies China, because he sees an uncontested leader and hunger to win, regardless of rules, respectively. But that doesn’t mean we want to live in those countries, where people are subject to arrest without cause, where one cannot say what wants to say. These are countries that operate by the rule of man (and I do mean “man”) and not the rule of law, where might makes right, and where the ends justify the means. Putin took the Crimea because he could. He imprisoned and poisoned his opposition because he could. He has interfered with an American election because he could. China violates intellectual property rules and builds islands in the Pacific because they can. These are the ones Trump looks up to. The American ideal is different. We don’t believe in kings, and we surely do not believe in thugs. We like our freedom, where government acts on the will of the People and not the will of an individual, and where it is constrained not only by the People, but by those who we elect through their oaths to uphold the Constitution, a document that guarantees freedom and fairness, that a person won’t be treated different because of sex, race, or religion. Our ideal extends the Constitution to cover other innate characteristics, such as sexual orientation. Fairness is something we hold dear. I do not believe that Donald Trump understands any of this. He has spent his life cheating people out of money. To him, the ends will always justify the means. To him, the art of the deal is a matter of deceit, and knowing when to violate its terms. And he does so as long as he can get away with it. An agreement to him only binds him until he finds it inconvenient. Donald Trump will never deliver on his promises, and we know this because of all the broken promises of his past. He is vindictive, and spews hatred towards others. He does not know how to delegate responsibility, and he does not know how to accept responsibility for his mistakes. According to Trump, he’s never made a mistake. Hillary Clinton lacks the charisma of her husband. She is not a visionary like Bernie Sanders. She is an incrementalist. She is a policy wonk, and she’s a bit nerdish. She will be challenged by a vociferous and resentful opposition. Under a President Hillary Clinton we will not see a Democratic House of Representatives. That will never be her mission. What we will see is steady leadership. Mostly status quo. Status quo means that we get mostly what we have. And we have quite a lot. We have freedom. We have a functioning, if imperfect, support infrastructure. We have an innovative society. We have democracy. We have checks and balances. We have the right to practice whatever religion we want, so long as we don’t hurt others. Under a President Clinton we would have humility in leadership, and someone who is serious about trying to take a great America and make it better; not by a lot, but at least in the right direction. She is the type that will work to fix the potholes and leaks in the roofs. And she won’t promise more. She will also deal honestly and ably with what crises hit her. No president is defined by his or her campaign platform, but rather how they react to the problems that are thrown at them. Hillary Clinton will do that will a cool head. We cannot say the same about Trump. Image Courtesy: Gage Skidmore from Peoria, AZ, USA – Hillary Clinton, CC BY-SA 2.0 Author EliotPosted on July 30, 2016July 30, 2016Categories Humanity, PoliticsTags Donald Trump, fairness, Freedom, Hillary ClintonLeave a comment on Hilary Clinton: A little improvement over making America break again Guns and Gun Control: The Numbers Are Beginning To Add Up Many people have made the claim that they need to own guns to protect themselves, that they can’t leave it to police to protect them, the enormous assumption being that a gun actually does offer some protection. There are a number of scholarly works to test that assertion. A longitudinal study by Johns Hopkins and Berkeley published in 2015 the American Journal of Public Health shows that Connecticut’s Permit to Purchase law reduced firearm homicide by 40%. A separate Johns Hopkins study showed that firearm suicide rates in Connecticut dropped 15.4% after that law was passed, while Missouri’s firearm suicide rate increased by 16.1% after they repealed gun control legislation. There was also a lower than expected overall suicide rate in Connecticut. Missouri also saw a 25% increase in homicides after their background check law was repealed. An earlier CDC study published in 2004 in the Journal of American Epidemiology showed that simply having a gun in the home, regardless of how it is stored, increases the odds of death by firearm by a factor of 1.9. A more recent meta-study by Harvard researchers in the Annals of Internal Medicine showed an increase risk of both suicide and homicide in homes where guns are present. In particular, that study found that homicide victimization rates were slightly higher for those who had guns in their homes than those who did not. A 2011 CMU study did show that having a gun in the home seems to deter certain planned crimes such as burglary, but has no effect for unplanned crimes. Furthermore, it showed that only having a gun in the home does not provide the deterrence, but that this fact needs to be somehow brought to the attention of the burglar. Summing up: studies thus far demonstrate that having a gun in the house increases the chances of someone in that house dying by firearm, it increases the risk of suicide, and it does not prevent a crime of passion, although it may deter a burglary. More analysis is needed. It is likely, for instance, that the type of gun matters. A lot of studies are needed about open carry laws. Still, if you think a gun offers you any sort of protection against others, consider the risks. Image courtesy of aliengearholsters.com. Author EliotPosted on July 12, 2016Categories Complexity, Humanity, Politics, securityTags guns, homicide, suicide, violenceLeave a comment on Guns and Gun Control: The Numbers Are Beginning To Add Up Here’s MUD in your eye! A way to protect Things on the Internet How can the network protect so many types of things? We need for manufacturers to step up and tell us. Since 2011 Cisco Systems has been forecasting that there will be at Since least 50 billion devices connected to the Internet by the year 2020. Those are a lot of Things. but that’s not the number I’m worried about. Consider this: Apple manages somewhere in the neighborhood of 1 billion active iOS devices on their own, and there are about 1.4 billion Android devices that are also managed, though less well. Rather, it’s the number of types of things that people should be concerned about. To begin with,not everyone is going to do such a great job at managing their products out in the field as Apple and Google do. Moreover, even Apple and Google end support for different versions of their products after some period of time. I call this the Internet of Threats. Each and every one of those devices, including the device you are reading this note on right now, probably has a vulnerability that some hacker will exploit. A good number of the manufacturers of those things will never provide fixes to their customers, and even those that do have very little expectation that the device will ever be updated. Let’s put it this way: when was the last time you installed new software on your printer? Probably never. The convenient thing is that many Things probably only have a small set of uses. A printer prints and maybe scans, thermostat like a Nest controls the temperature in your house, and a baby monitor monitors babies. This is the exact opposite of the general purpose computing operating model that your laptop computer has, and we can take advantage of that fact. If a Thing only has a small number of uses, then it probably only communicates on the network in a small number of ways. The people who know about those small number of ways are most likely the manufacturers of the devices themselves. If this is the case, then what we need is a way for manufacturers to tell firewalls and other systems what those ways are, and what ways are particularly unsafe for a device. This isn’t much different from a usage label that you get with medicine. So what is needed to make all of this work? Again, conveniently most of the components are already in your network. The first thing we need is a way for devices to tell the network where to get the manufacturer usage description file (or MUD file). There’s an excellent example of that in your browser right now, called a Universal Resource Locator (URL), like https://www.ofcourseimright.com. In our case, we need something a bit mroe structured, like https://www.example.com/.well-known/mud/v1/someproduct/version. How you get that file, however, is exactly the same as how you got to this web page. Next, we need a way for the Thing to give the URI to the network. Once again, the technology is pretty much done. Your device got an IP address today using Dynamic Host Configuration Protocol (DHCP), which provides an introduction between the device and the network. All we need to do is add one new parameter or option so that the client can simply pass along this MUD URI. There are even more secure ways of doing that using public key infrastructure (PKI) approaches such as IEEE’s 802.1AR format and 802.1X protocol. The nice thing about using a manufacturer certificate in 802.1AR is that it is then the manufacturer and not the device itself that is asserting what the device communication patterns are. Now, thanks to DHCP or IEEE 802.1X, the network can go get the MUD file. What does that look like? At the moment, of . {“it” , [“may”, “look”, “more”], “like, {“json”}} in the future. The good news here is that once again, we’re building on a bunch of work that is already complete. The XML itself is structured using a data model called YANG. So long as it conveys to the network what sort of protections a device needs, it could be anything, but YANG will do for now. Finally, the basic enforcement building block is the access control function in a router or access point. That function says what each device can communicate with, and they’ve been around since the earliest days of the Internet. And that’s it. So now if I have printer from HP and they make a MUD file available, they might tell my network that they only want to receive printer communications, and that the printer should only ever try to send certain types of unsolicited messages. If anyone tries to contact the printer for another use, forget it. If the printer tries to contact CNN – or more importantly random devices on my network, it’s probably been hacked and it will be blocked. Google can do the same with a Nest. We’re talking about this at the IETF and elsewhere. What do you think? Author EliotPosted on April 19, 2016Categories Internet, securityTags IoT, manufacturers, mud, security1 Comment on Here’s MUD in your eye! A way to protect Things on the Internet The Internet of Everything: Everything will communicate with something! Things will communicate to their manufacturers, and they need to do so to be secure. A number of security researchers are getting upset by seeing home devices communicate with one another or with random sites in China. Is this an attack? Probably not. But there may be vulnerabilities that can be exploited that should cause consumers pause. There are two common design patterns. Today I’m just going to discuss what we call “Calling Home”. When we use the term, we are not referring to your home, but to a centralized management site. In the case of Thing manufacturers, the site is likely offered by the manufacturer. So you just bought that new digital video recorder and it offers a great new feature: you can program it wherever you are. There are many such devices on the market today, such as a SlingBox. How do those communications happen? In the figure above, all your home devices sit behind your home router. They’re generally allowed to connect to systems outside of your network, but systems outside are not able to connect in. In part this is a security feature: your firewall will block incoming connections so that the entire world can’t attack you. In part, however, it’s because the systems in your home are only using locally recognizable IP addresses. And since your iPhone moves around, your home doesn’t know how to get to it. Therefore, a rendezvous service is needed. That’s what that cloud function is performing, and that is what those curved lines indicate. The SlingBox on the left may not just be connecting for the sake of communicating with your smart phone. It is probably also doing so for other reasons, such as receiving electronic program guide information. In the world of IoT, that is a common design pattern. Devices will need to communicate with their manufacturer web sites for all different reasons, but there is one common and important reason: devices will have bugs. As manufacturers develop fixes, devices will need to learn of those fixes and install them. Every modern-day operating system and browser has this feature. All Things will need these features as well. In fact, one big concern today is what happens when manufacturers do not offer fixes? Then those vulnerabilities are out there for anyone to exploit. This is a big problem in the developing world, where consumers often buy devices on the secondary market, long after manufacturers have intended them to be retired. Could a device transmit private information to a manufacturer? Sure. In fact, Samsung got caught last year through their dreadful privacy policy where their televisions could have been listening and reporting conversations. Here’s the rub: without extensive analysis, it’s hard to know exactly what is being exchanged between a device and a manufacturer. Encryption will keep observers from seeing what is being exchanged. At the same time, a lack of encryption would be as or more risky to consumer privacy. When devices are able to communicate at all it is possible that they will be compromised. It’s important to understand that there are risks with each Internet-enabled device. But it’s also important to consider any benefit the communication will have. A refrigerator or a heater that knows it is in need of repair can have a manufacturer contact the owner, for instance. That’s worth something to some people. Judge the risks for yourself. What should the best practices be in this space and what should consumers expect in products? More on that over time, but feel free to answer those questions yourself for now. iPhone image courtesy World Super Cars on Wikipedia. Author EliotPosted on March 1, 2016March 1, 2016Categories Internet, securityTags Call Home, IoT, security, ThingsLeave a comment on The Internet of Everything: Everything will communicate with something! Court Order to Apple to Unlock San Bernardino iPhone May Unlock Hackers A judge’s order that Apple cooperate with federal authorities in the San Bernardino bombing investigation may have serious unintended consequences. There are no easy answers. Once more, a broad dialog is required. Previously I opined about how a dialog should occur between policy makers and the technical community over encryption. The debate has moved on. Now, the New York Times reports that federal magistrate judge Sheri Pym has ordered Apple to facilitate access to the iPhone of Syed Rizwan Farook, one of the San Bernardino bombers. The Electronic Frontier Foundation is joining Apple in fight against the order. The San Bernardino fight raises both technical and policy questions. Can Apple retrieve data off the phone? Apparently not. According to the order, Apple is required to install an operating system that would allow FBI technicians to make as many password attempts as they can without the device delaying them or otherwise deleting any information. iPhones have the capability of deleting all personal information after a certain number of authentication failures. You may ask: why doesn’t the judge just order Apple to create an operating system that doesn’t require a password? According to Apple, the password used to access the device is itself a key encrypting key (KEK) that is used to gain access to decrypt the key that itself then decrypts stored information. Thus, bypassing the password check doesn’t get you any of the data. Thus, the FBI needs the password. What Apple can do is install a new operating system without the permission of the owner. There are good reasons for them to have this ability. For one, it is possible that a previous installation failed or that the copy of the operating system stored on a phone has been corrupted in some way. If technicians couldn’t install a new version, then the phone itself would become useless. This actually happened to me, personally, as it happens. The FBI can’t build such a version of the operating system on their own. As is best practice, iPhones validate that all operating systems are properly digitally signed by Apple. Only Apple has the keys necessary to sign imagines. With a new version of software on the iPhone 5c, FBI technicians would be able to effect a brute force attack, trying all passwords, until they found the right one. This won’t be effective on later model iPhones because their hardware slows down queries, as detailed in this blog. Would such a capability amount to malware? Kevin S. Bankston, director of New Americas Open Technology Institute has claimed that the court is asking Apple to create malware for the FBI to use on Mr. Farook’s device. There’s no single clean definition of malware, but a good test as to whether the O/S the FBI is asking for is in fact malware is this: if this special copy of the O/S leaked from the FBI, could “bad guys” (for some value of “bad guys”) also use the software against the “good guys” (for some value of “good guys”)? Apple has the ability to write into the O/S a check to determine the serial number of the device. It would not be possible for bad guys to modify that number without invalidating the signature the phone would check before loading. Thus, by this definition, the software would not amount to malware. But I wouldn’t call it goodware, either. Is a back door capability desirable? Unfortunately, here there are no easy answers, but trade-offs. On the one hand, one must agree that the FBI’s investigation is impeded by the lack of access to Mr. Farook’s iPhone, and as other articles show, this case is neither the first, nor will it be the last, of its kind. As a result, agents may not be able to trace leads to other possible co-conspirators. A Berkman Center study claims that law enforcement has sufficient access to metadata to determine those links, and there’s some reason to believe that. When someone sends an email, email servers between the sender and recipient keep a log that a message was sent from one person to another. A record of phone calls is kept by the phone company. But does Apple keep a record of FaceTime calls? Why would they if it meant a constant administrative burden, not to mention additional liability and embarrassment, when (not if) they suffer a breach? More to the point, having access to the content on the phone provides investigators clues as to what metadata to look for, based on what applications were installed and used on the phone. If Apple had the capability to access Mr. Farook’s iPhone, the question would then turn to how it would be overseen. The rules about how companies handle customer data vary from one jurisdiction to another. In Europe, the Data Privacy Directive is quite explicit, for instance. The rules are looser in the United States. Many are worried that if U.S. authorities have access to data, so will other countries, such as China or Russia. Those worries are not unfounded: a technical capability knows nothing of politics. Businesses fear that if they accede to U.S. demands, they must also accede to others if they wish to sell products and services in those countries. This means that there’s billions of dollars at stake. Worse, other countries may demand more intrusive mechanisms. As bad as that is, and it’s very bad, there is worse. The Scary Part If governments start ordering Apple to insert or create malware, what other technology will also come under these rules? It is plain as day that any rules that apply to Apple iPhones would also apply to Android-based cell phones. But what about other devices, such as televisions? How about Refrigerators? Cars? Home security systems? Baby monitoring devices? Children’s Toys? And this is where it gets really scary. Apple has one of the most competent security organizations in the world. They probably understand device protection better than most government clandestine agencies. The same cannot be said for other device manufacturers. If governments require these other manufacturers to provide back door access to them, it would be tantamount to handing the keys to all our home to criminals. To limit this sort of damage, there needs to be a broad consensus as to what sorts of devices governments should be able to access, under what circumstances that access should happen, and how that access will be overseen to avert abuse. This is not an easy conversation. That’s the conversation Apple CEO Tim Cook is seeking. I agree. Author EliotPosted on February 17, 2016February 17, 2016Categories Internet, Politics, securityTags Apple, Justice, Privacy, securityLeave a comment on Court Order to Apple to Unlock San Bernardino iPhone May Unlock Hackers Posts navigation Page 1 Page 2 … Page 62 Next page Search for: Search The Internet is for everyone! Tags Airlines Apple banks children China Constitution crime cybercrime Cybersecurity Democrats economics economy election Facebook FBI Fox guns healthcare History Identity IETF Internet iPhone IPv4 IPv6 Israel ITU McCain NSA Obama OpenId phishing Politics President Bush Privacy Republicans right wing Russia security silliness stupid Supreme Court taxes torture TSA Meta Log in Entries RSS Comments RSS WordPress.org Eliot Lear's Ramblings Others (including Eliot’s employer) might ramble differently / Proudly powered by WordPress

ofcourseimright.com Whois

Whois Server Version 2.0
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
  Domain Name: OFCOURSEIMRIGHT.COM
  Registrar: GKG.NET, INC.
  Sponsoring Registrar IANA ID: 93
  Whois Server: whois.gkg.net
  Referral URL: http://www.gkg.net
  Name Server: CESIUM.CLOCK.ORG
  Name Server: NS1.OFCOURSEIMRIGHT.COM
  Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
  Updated Date: 12-nov-2015
  Creation Date: 09-jan-2000
  Expiration Date: 09-jan-2017
>>> Last update of whois database: Mon, 16 May 2016 10:31:12 GMT <<<
For more information on Whois status codes, please visit https://icann.org/epp
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.
TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.
The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars