« August 2007 | Main | October 2007 »

September 2007

September 20, 2007

Schneier on the Tor "Hack"

"Hack" here having the meaning "not actually a hack", but anyway. Here's a good article from Bruce.

Tor is onion routing... onion routing prevents an observer from knowing the two endpoints of a communication by "routing" messages through multiple encrypted layers, where the onion router at each layer only knows where the message came from and where it's going to next (i.e. not the original sender or final destination).

However, if the actual content you send through the onion routing network identifies the communicating parties, in the clear, then the exit node (the last router in the "route", which must decrypt the last layer of encryption and send the message to its non-onion-routing destination) can read it. Onion routing doesn't protect the content, it provides protection from traffic analysis.

Which is all for naught if you didn't encrypt the traffic in the first place. Let's say you live in Outer Phuongolia where it is illegal to own Seinfeld DVDs. In order to prevent the rampant proliferation of Jerry Seinfeld, Outer Phuongolia has also made it illegal to shop at Amazon.com. You really want the latest season, but how? Onion routing, of course! (that was your first thought, right?)

You use Tor to place your order, and thus the goons at OPHQ can't tell you plan to further corrupt society with another season of Seinfeld. Or so you think... turns out the Phuongolian administration isn't as dumb as it looks, and they're running a bunch of Tor nodes! Lo and behold, the exit node for your purchase happens to be one of theirs, and you didn't use SSL to place your Amazon order. The HTTP traffic from the exit node to Amazon identifies you, your order, everything. The goons are coming.

You gotta encrypt the traffic! If you had used SSL, the OPHQ goons wouldn't have been able to read a thing, and since they couldn't know where the traffic originated, they couldn't have done anything. Your dastardly plan would have succeeded. Seinfeld would have lived on in Outer Phuongolia.


Technorati Tags:
, ,


Posted at 07:59 AM in Crypto | | Comments (1) | TrackBack (0)

September 11, 2007

New Photography Website

I've made a major overhaul of my photo website, check it out at http://getjlb.com/. The site is statically managed right now, but it's a prime candidate for some Rails goodness in the coming weeks.

getjlb-screenshot-500.jpg

Posted at 09:31 PM in Photography | | Comments (0) | TrackBack (0)

September 10, 2007

From iPhone With Love

Just trying out typepad's iPhone interface. Nice!

Posted at 06:30 PM in iPhone | | Comments (0) | TrackBack (0)

September 07, 2007

iTunes Ringtones: How Sweet It Is!

This is awesome. My first thought when they announced ringtones was "we'll be able to make our own" and so it is. Sweet.



Technorati Tags:
,


Posted at 04:38 PM in Apple, Audio, iPhone | | Comments (0) | TrackBack (0)

September 05, 2007

Starbucks' Bad Rap

Starbucks really gets a bad rap. Some people like to complain about how expensive the coffee is... they rant about spending $4 on a cup of coffee. Other people poo-poo it because it's "so corporate" and not indie and so on.

But the reality is that Starbucks represents a complete shift in the coffee palate of America and much of the world. A shift away from mega-corporate bad coffee. The vast majority of coffee served in "cheap" coffee places (diners, convenience stores, fast food, and most people's homes) is grown at incredible low cost and is extremely exploitive of the workforce that produces it. It's also highly caffeinated and lacking in flavor, and not by accident... produced from robusta beans instead of the less-caffeinated, more flavorful arabicas. So to complain about how "corporate" Starbucks is, is a joke in most contexts.

Second, a cup of coffee isn't $4 at Starbucks. A basic cup of regular coffee is just over $1. Not $4. Some espresso drinks, in the larger sizes, cost around $4. If you want to complain about prices, complain about Frappuccinos, which aren't made with a significant amount of coffee and still cost in the range of the large espresso drinks.

Third, I frequent quite a number of "indie" coffee shops... and they're no better. The prices are about the same. Worse, they usually can't make good espresso. Starbucks produces consistent quality, you know what you can expect. It isn't brilliant, but it's good, and it's almost always good, at every Starbucks. Starbucks baristas are trained... not thoroughly, but sufficiently. Indie shops are all over the place in quality, mostly worse.

It's not that Starbucks is perfect, far from it. They sell "black apron" coffees for insane prices, but really don't pay much more for them (or at least that has occurred in the past, whether it's true of all of those beans, I don't know). They aren't the force they could be to change the coffee industry to improve the lives of farmers. And so on. But it is really unfortunate that they get disparaged by coffee snobs and coffee neanderthals alike. They don't really deserve it.


Technorati Tags:
,


Posted at 11:24 PM in Coffee | | Comments (2) | TrackBack (0)

The iPhone Price Reduction

OK, so lowering the price is really cool. No question about it. Not giving "early" (2 months?!) adopters anything? Not cool. Not cool at all. Apple continually releases new products and people feel screwed, this is nothing new... but usually they release a new product six months to a year after the previous one. They have never, ever released a brand new flagship product and then 2 months later reduced the price by 33%, without any recompense to the early adopters.

I expect reasonable business behavior from Apple. I expect that from all companies, but by and large don't get it and by and large don't vote my dollars towards those companies that behave badly. Apple is a business and it should make good business decisions. If it needs or wants to lower the iPhone price, great... more power to them. If they do it two months after the initial launch end screw the line-standing-in people for 33% of the price? They should compensate those people. Maybe not the full $200, I dunno, but more than nothing. The announcement should have been accompanied by an announcement of what they're doing for their customers who bought the thing early.

The fact that it wasn't is very bad form, IMO. The blogosphere is full of incredibly wise people who didn't buy it and are happy to shout about it, but the reality is that this isn't Right (tm), it isn't good business, and Apple should do something about it.

It doesn't have to be a check in the mail, but $100 or $150 store credit or something would be sufficient. We'll all be back to buy stuff anyway... that good will would go a long way. The lack of it will go a long way, too, in the other direction.

Most concerning to me is that, if I recall, a significant percentage of iPhone purchases were made by new Apple customers... customers who had never purchased an Apple product. Will they be pissed? I'm gonna guess so! Overall, not helping out the people who paid $200 more for the phone is astonishing. If I was a new Apple customer, this would be the end of my relationship with the company. Forget buying an iMac or something.



Technorati Tags:
, , ,


Posted at 02:57 PM in Apple, iPhone | | Comments (2) | TrackBack (0)

September 03, 2007

The Artifact Treatment

Everyone remembers the drawing of Rose from Titanic (the James Cameron film), right? Here's a recent headshot given a similar "treatment" of time and damage.

CRW_9008 (3).jpg

Posted at 05:55 PM in Photography, Photoshop | | Comments (0) | TrackBack (0)

The Story of Stuff

Photoblog

Photography Site

Flickr

  • jeremey. Get yours at bighugelabs.com/flickr

Houston Photobloggers

Blog powered by TypePad