Map: http://quake.wr.usgs.gov/recenteqs/M
Details: http://quake.wr.usgs.gov/recenteqs/Quak
Current Mood: 
surprised
surprised|
Page Summary
|
I'm running two new journals on Blogspot, syndicated as LJ users Current Mood:
 busyI want the US Mint to drop the dollar bill. We've got a good dollar coin that's visually and tactilely distinguishable from quarters and other coins. The coins are more durable than bills, and they're in circulation. So just stop printing new dollar bills. Stop delivering them to banks by default. As worn $1 bills come in, destroy them and replace them with coins instead of bills. Within a year or two natural turn-over will handle the rest. Current Mood:
busyNo FanFaire for me this year, I think. It's a close call. $100 less and it'd be easy to say I can accommodate that in the budget. $100 more and it'd be a no-brainer that it's just not doable. I'm so tempted, but being up in the air at this late a date I think I'd better say "Next year.". Current Mood:
 grumpySo want: Current Mood:
 enviousThe FDIC has taken over another 2 banks: 1st Nation Bank of Nevada and First Heritage Bank. I expect this is going to cause a drop in the markets on Monday. And people are going to be pulling their money out of those banks. When the regulators caution against concern for depositors, I say "If I've no reason to worry, you wouldn't have had to take over the bank. I want my money, now. Go gamble with your own money, I'm taking mine somewhere more stable.". Current Mood:
 sleepyOne of the reasons the SF sysadmin at the center of the current flap had for keeping everyone else out of his network was his fear that he was the only one competent to keep everything secure. Current Mood:
 amusedWay back when I lived in Nevada, I did lawn-mowing as a side job. For plain mowing (and bagging cuttings) of a small yard, no edge trimming or anything, I'd charge $20. This was back in '90 or so, these days I'd charge $35-40 or so for that. I could do about 8 yards like that in a day without much trouble, depending on travel times. Larger yards scaled up based on how long they'd take to do. Current Mood:
amusedDebian "lenny" is being frozen next week in preparation for a September release. That means I've got to start looking at getting things sync'd up to it. I'm currently running "etch", the stable version, and the big thing is deciding whether to update the system or simply save my configuration and install from scratch. Time to fire up Minerva, install "etch" and try the in-place update process. Current Mood:
 hotGas prices are going down. The Arco station's at $4.21/gallon now. That's a good 15 cents cheaper than a week ago. Current Mood:
listlessLooking back through my entries, I found this one about server hosting. It's weird seeing how things have changed. 2001, server hosting would be $300+/month and come with a 10GB bandwidth allowance. Today I can find hosting from ServerBeach starting at $75/month with a 1.2TB bandwidth allowance. My, how times have changed. And it's only been 7 years. Current Mood:
sleepyYou know you're working with heavy equipment when someone's looking at an 8' tall, 3-ton gas spring and you go "Yeah, that's the little one. For what you're talking about you'll want to use one of our bigger models.". Current Mood:
 sillyWell, there's apparent confirmation on the exact method of attacking the DNS vulnerability Kaminsky reported last month. And the details show it's a nasty one. I got most of it, missing only one detail: the use of additional data in DNS responses. When you make a DNS query, the response can contain not just the answer to the query but additional RRs that the querying server should cache as well. The main use for this is when handling domain delegation: the answer contains the NS records needed plus as additional data the A records for the NS names. Apparently a lot of nameserver software trusts all additional data in the response and caches it. Nameserver software also had a fix for a vulnerability there: only data belonging in the same domain as the query will be trusted. So, send a query for say aaaa.google.com. Forge a response packet with an additional data record: an A record for www.google.com pointing to your server instead of Google's. Race Google's nameservers to get an answer in. You'll probably lose, failing to guess the transaction ID properly. Repeat for aaab.google.com, aaac.google.com and so on. Eventually you'll win at least one race. The nameserver you're running your queries through will now unconditionally cache your forged www.google.com record and return that to everybody from that point on until the TTL runs out. Current Mood:
amusedYou remember the Janet Jackson Superbowl breast exposure flap back in 2004? Well, the Court of Appeals has thrown out the fine completely. They noted that, while the FCC is entirely within it's rights to set it's own rules, it's not free to change those rules without giving broadcasters and others fair notice and warning of the impending changes. The FCC fine in that case was a drastic unannounced departure from policy as the FCC had enforced it for decades, and the court found that unreasonable. Current Mood:
amusedWent to see Hellboy 2. Not a bad movie. Feels like it could've used 15 more minutes for a more gradual introduction of a couple of plot points, but overall good. Current Mood:
sleepyWhy it's a bad idea for some people to have too much time on their hands: Joss Whedon's Doctor Horrible Current Mood:
amusedYou've probably heard about the flap in San Francisco where the admin has allegedly locked everybody out of the city's data-processing network. Well, apparently there's a few part of the story the city isn't mentioning. Like that fact that the network's been humming along perfectly ever since this started, so all the uproar about "sabotage" doesn't have a basis in reality. And the fact that the admin didn't lock anybody out. That implies some action on his part, and he took none. Nobody but him has access now because nobody but him has ever had access. He's refused to let anybody else have the passwords, refused to document the network configuration, won't even do something as simple as save router configuration to flash memory. He's paranoid about inferior admins getting into "his" network and breaking it. And the big problem the prosecutors are going to have is that this has been going on for a very long time (as in years, apparently, not days or weeks), and his superiors have known about it and have done absolutely nothing about it for all that time. Current Mood:
amusedIBM has cloned the Linden SL servers. They've got server code that'll talk to the stock SL client program correctly, and that supports most if not all of the SL world stuff. Current Mood:
 geekyRay Bradbury Current Mood:
busySo. Senator Dodd is saying that Fannie and Freddie aren't in a liquidity and financial bind. Current Mood:
working |
![[info]](http://l-stat.livejournal.com/img/syndicated.gif){kind=small}