brentashley

Dave Winer hosts an article from Mir Tamim Ansary on Afghanistan which seems to suggest there is the possibility of a reasoned, targeted attack on the evildoers, avoiding unnecessary Afghan civilian casualties, but at the risk of larger numbers of American military casualties.

Both Dave and Doc declare themselves as pacifists. It strikes me that pacifism is a tenet which we have only been able to afford continuously to hold over the last 50 years as citizens of a free and democratic society unthreatened by maniacal regimes. We would not be in this position of enjoying the luxury of peace-maintenance had we not stood down the threats of the past by means of necessary force. There are times and enemies for which there is no chance for negotiation. There have been times when the imminent threat of war has maintained peace where negotiation would have failed.

The time for us to use our pacifist first aid kit has passed. The cancer has set in and is laying in wait. It may well still be in the stage where tactical targeted surgery will remove the danger, but we mustn’t be afraid to admit when serious amputation becomes necessary to return the patient to a stable condition.

Gordon Sinclair, a Canadian radio announcer, wrote this tribute to The Americans in 1973.

A couple of people lately have got me thinking about building an EXTREMELY lightweight implementation of Remote Scripting using images and cookies, so I went and threw one together. I call it RSLite. Hokey but functional. Could be beefed up if necessary to dispatch calls to functions, but for now it’s one task per remote page.

I’ve watched news coverage from 20 different channels, listened to the radio, seen the major news websites, but it took someone reporting to Dave Winer’s weblog to publicly say the words on everybody’s lips.

Holy Fuck.

Hey, Chris Locke, you’ve got some great things to say, but drop the damn subway graffitti lettering crap. It runs entirely counter to your proselytizing on reducing the layers of unnecessary obfuscation in communication between reasonable humans.

Rick pointed out that the crux of the Verizon problem was guessable session IDs, not cookies directly.

True, the guessable session ID is the final culprit, but it wouldn’t be an issue if they weren’t avoiding cookies.

I’m assuming the reason the session ID is being exposed to the user (and therefore the hacker too) by being passed around in the URL is that they are using a cookie-less session mechanism because they want to cater to users who turn off cookies.

Bah, humbug, I say. No cookies, no service. You wanna drive around shirtless, you gotta put one on before getting served at the lunch counter. If you’re really paranoid about cookies, learn what they are and how to delete them regularly.

While I’m at it, no DOM browser, no fancy DHTML application. You’re not gonna get real high fidelity stereo on that crystal radio no matter what tricks I use, so consume my services with a tool that’s up to the task, or go get one – they’re giving them away free.

The longer we continue to jump through hoops accomodating throwbacks and paranoia, the longer it will be before we can truly move forward. As for those accomodations that ARE necessary, they’ll be much more manageable with newer tools.

This is what happens when you try to avoid using cookies. Verizon’s
URL-based sessionID avoids using cookies for people who are worried about security and privacy implications and ends up opening up a much worse security and privacy hole for everyone.

True Story:

It was one of those questions from my wife that I just can’t supply an answer to without getting myself in trouble.

“Look, here it says this local bar is having a ‘Thong Contest’. Do you think I should enter?”

Gack. Think Think Think….

“Don’t be thilly, you couldn’t thing to thave your life.”

Although I’m less and less enamoured of Microsoft’s greedy business shenanigans, their technology continues to seriously impress me.  Have a look at Charles Carroll’s ASPNG site to see how damned powerful, comprehensive, and once learned, easy to use this ASP.NET stuff is.

Chris observed yesterday about the world-famousness of things.  I have often wondered just exactly where it is that you go to check the Global Registry of Chinese Buffet Dimensions in order to make sure your local restaurant has indeed got the World’s Largest Chinese Buffet.