Thursday, September 18, 2008

Why Security Questions are a Bad Idea

Touted among some as a way to increase security, I always thought of security questions as a step backwards in security. To think that someone can guess a few simple facts about myself instead of the complex password I dreamed up defeats the point of that complex password.

In the old days, if you forgot a password, it was emailed to an email account. Now, most accounts have implemented these security questions and allow you to reset a password by answering the security questions correctly. The problem with this is that, in most cases, the security questions are too simple. Questions like Where were you born, what is your zip code, what is your pet's name, etc. Questions that anybody may be able to figure out by googling your name - particularly if you are a public figure.

In the news today, it was announced that Gov/VP Nominee Sarah Palin's Yahoo email account was broken into using these security questions (http://www.appscout.com/2008/09/hacking_sarah_palin_what_we_ca.php ). Questions such as birthday, zip code, and where did you meet your spouse. Those questions were answered correctly in less than 45 minutes, and then the perpetrator has access to her account and was able to change the password to something else.

Now an email account is a little different than most other website accounts, as you might not have another email address to send a forgotten password to. However, in no case should simple security questions such as these be the sole means of gaining access to the account. Besides the security questions, there ought to be some secondary means of authentication, or some other way to send a forgotten password - this could be sending a password via text message, or a telephone call to the phone number on the account. Security questions should be used to enhance an existing form of authentication. Using security questions as the only form of authentication is a step backwards in the world of security.

Thursday, September 11, 2008

Evil OPEC Cartel

The price of oil has dropped by 32% over the past few weeks from a high of $147 to todays closing price of $101. Not that we have also seen gas prices drop by 32%, but that is a rant for another day.

And how does the evil OPEC reward us for the falling price of oil? By cutting output to keep prices high. See, the OPEC countries have grown used to all the oil revenue that has been pouring in, and dropping oil prices mean less revenue to them. Although...less revenue is relative since the price of oil is still far higher than the $20-$30 range pre 2001.

In OPEC's decision to cut oil production yesterday, they said they wanted to cut supply to keep prices above $100. Excuse me? Yes, keep prices above $100.

The high price of oil is hurting our nation's economy, and hurting the worldwide economy as well. We are using less oil now than we were last year because we can't afford to pay for it at $100 let alone the peak of $147.

Now how is it that an organization can just artifically set the price of a commodity? Cartels are illegal in the U.S. and Europe because artificial price fixing is just unfair for the consumer. However, OPEC is not your standard cartel. OPEC is a cartel of nation states. As such, it is immune to anti trust regulations under international law and the doctrine of state immunity.

I guess all I can say is those Bastards!

Monday, September 08, 2008

Noah's First Visit with Mickey!

I just had to post this...

Sunday, July 06, 2008

Getting With The Times

I finally got a facebook account.

Saturday, May 17, 2008

Sunday, March 02, 2008

Noah's First 2 Weeks

Noah is 2 weeks old today.

We've had our ups and downs, but we've gotten through this so far.

Some Highlights:
Day 1 - born at 9lbs 10oz
Day 2 - we get to leave the hospital that night. Noah arrives home for this first time.
Day 3 - Noah's first night at home had us nearly in tears as he kept us up all night crying and wanting to constantly feed. This was a long day as we adjusted to a new baby at home. We also took him back to the hospital to correct a problem with him being "tongue tied". He slept for a few hours that evening, but was otherwise awake and fussy most of the day.
Day 4 - Another all-nighter, but we worked this one in shifts. Why can't he eat, sleep, and poop like a normal infant? He's awake and fussy most of the day. His first Dr. Appt is today. 8lbs 14oz. The Dr was concerned that he had lost so much weight since birth. 5-10% weight loss is normal, and he lost way more than 10%. Amanda's Mom and Kimmie arrive for the week, and we start feeding Noah more. The additional milk seems to do the trick, as he is less fussy, and sleeps more inbetween feedings.
Days 5-10 - Amanda's mom was a great help for us through these days. I don't know how we could have gotten through without her help this week. We actually got some well needed sleep, and the baby is doing much better. We also got the baby out of the house for a few days
for a few errands and a restaurant trip.
Day 9 - I went back to work for a few days and a few hours each day.
Day 11-14 - The rest of Amanda's family and a friend arrive. Becky comes up from Cancun to visit. Now we're taking care of a newborn and entertaining a whole troop of visitors. Where'd the help go? Things have finally quited down now as everyone has gone home except for Becky.
Noah is doing much better though and we manage a trip to the Mall for a whole afternoon.

Wednesday, February 13, 2008

100th Post!

It took long enough. Hopefully the road to 200 posts is quicker than the first 100.

Update

Well, in short. No baby yet.
We had our our last Dr appointment today and everything looked good except for Peanut being 9 days overdue. We go to the hospital tomorrow so they can run some additional tests to make sure the baby is doing well. If anything is abnormal, they will deliver the baby tomorrow. Otherwise, we are now scheduled to have labor induced at 8am this Sunday if it does not happen naturally before then.

Monday, February 11, 2008

Max at the Beach

85 degrees in Fullerton in February. No peanut yet. How do you spend the day? At the beach of course.



I'm trying to keep Amanda walking as much as possible to help her pregnancy progress. So we decided to take Max for a walk on the beach this beautiful day. He loves the water even if it is a bit cold.








Wednesday, February 06, 2008

Super Tuesday

Good News... The props went the way I wanted. 91-93 were voted down, and 94-97 were passed.

Bad news that doesn't affect me... City of LA voters were overwhelmingly duped into passing a phone tax by believing they were voting for a 1% tax reduction. In reality, the current tax was thrown out by the courts, so a yes vote resulted in keeping the tax at 9% instead of 10% (a 1% tax reduction) while a no vote would have resulted in the entire 10% tax being eliminated.

The Ugly News...Where do I start about the presidential primary. My worst nightmare is seeing McCain and Hillary battle it out in November. I can't stand the thought of another Clinton in office, and I serious don't know how McCain can call himself a Republican. Seriously, if it comes down to those two, I quit. Even though Obama would turn this country into a socialist state, I would vote for him before voting for McCain. I just can't trust McCain - his voting record shows the complete opposite from what he is saying right now. Obama truely believes in what he says even though some of what he says is truely frightening. The only thing Huckabee has going for him is his professed Christianity. His economic tax plan is hiddeous. Ron Paul has no chance of winning. That leaves Romney. I thought Romney had a chance of catching up to McCain, and was my choice for the Republican nomination, but yesterday was very disappointing. Romney now has almost no chance...and Huckabee and McCain are secretly talking (neither likes Romney). If McCain were to offer Huckabee the Vice Presidency, it would put the Republicans in a better position to challenge the Democrats. However, so many people like me just can't stand McCain.

The Libertarian party has decided to run Ron Paul on their ticket if he doesn't win the Republican nomination. Maybe I'll vote Libertarian in November if my other choices are between McCain and Hillary. Interestingly enough, Ron Paul ran for president once before on the Libertarian ticket in 1998.

Saturday, February 02, 2008

CISSP I am

I got the congratulatory email today. I am now a Certified Information Systems Security Professional (CISSP).

Now to help the rest of the guys in my office to pass.

Saturday, January 26, 2008

rebate or advance?

All the news sources are raving about this $1200 tax rebate we'd be elligible for this year. Is it really a rebate that we can take for free? or are they being sneaky and going to make us pay it back next year?

Anyone remember the last time we were given tax rebate checks? $300 in 2001 as part of another so called stimulus package designed to help end the recession after Y2K. We gleefully spent that $300, and when 2002 rolled around we were all in for a shock. It was not a rebate, it was an advance. It was not advertised before, but we had to pay back that $300 advance on our 2002 taxes. 2002 tax refunds were $300 smaller, or if you owed taxes, you owed $300 extra to pay back the $300 advance we received.

Is this $1200 the same? Is it really an advance on our 2008 taxes that we have to pay back next year? Nobody is sure yet. But then again, no one was sure in 2001 either. I just know I really don't want a $1200 shock in 2009.

Monday, January 21, 2008

My Take on the CA Ballot Propositions

7 Propositions have made the ballot for the upcoming primary. Here's my take.

Prop 91 - Transportation Funding Initiative - NO
Even the supporters of this measure say to vote no now. A law was recently passed that makes this OBE.

Prop 92 - Community College Funding - NO
Currently CA education funding is divided between K-14 education as needed. This would force the state to allocate specific amounts to Community Colleges leaving the rest to K-12. It also reduces the tuition to $15 a unit. This amounts to huge spending increases for Community College education either at the expense of K-12 or requiring the state to spend more for K-12 with no additional revenue source. In addition the reduced fees could only be increased if the per-capita income in the state increased by more than 7% in a single year (which has only happened once in the last 20 years). Thus the tuition fees are no longer a source of revenue, and they cannot be raised in the future - not even for inflation which would cause an even bigger burden on the state budget.

Prop 93 - Term Limits Modifications - NO
Currently a person can serve a total of 14 years - 2 4-year terms in the state senate, and 3 2-year terms in the assembly. This would reduce the total amount of time a person can serve in the state legislature from 14 years to 12 years, but it would allow a person to spend the entire 12 years in a single house. However, this also allows all current members to serve a total of 12 consecutive years in the house in which they are currently serving, regardless of prior service. The proponents argue that they are reducing term limits, and promoting experience by allowing individuals to serve the entire time in a single house. That is a BIG FAT MISLEADING LIE. This measure was written and sponsored by the current assembly speaker and 46 others who would otherwise be forced out of the state legislature by term limits this year. They don't tell you that this measure really extends the legislative careers of those 47 individuals. Instead they wrap this in the guise of reducing term limits. Don't pass this misleading measure. Lets actually kick out those whose terms are expiring this year and shake up our current liberal legislature with new bodies by voting NO.

Props 94-97 Indian Gaming Amendment - YES
The governor recently re-negotiated 4 Indian gaming compacts. A petition was filed to stop the law ratifing these compacts from going into effect unless these propositions (one for each tribal compact) are passed. The compacts basically increase the number of slot machines each tribe can operate, and force them to contribute a larger share of their revenue to the state general fund. More slot machines plus a larger % being contributed to the state equals much more money to our general fund to ease our budget crisis. The critics are mainly anti-gambling folks and Nevada casinos who don't want to see gaming in CA. They also argue that it's not fair that only 4 tribes are included in these compacts. In actuality, any tribe can re-negotiate their gaming compact, and others have done so in the past. They only target these tribes, however, since they have the largest gaming operations now, and pose the largest threat to Nevada casinos. A YES vote would allow these compacts to be ratified, allow these tribes to expand their current gaming operations, and provide a huge boost of funds to the state general fund.

While this next measure doesn't apply to me (it only applies to LA city residents), I include it here because I can't stand misleading ballot measures, and this measure is extremely misleading (so for full disclosure):
LA City Telephone Tax
The city of LA currently has a 10% telephone tax. That tax was successfully challenged in court because it never had votor approval. This measure will reinstate a 9% telephone tax. The supporters of this measure are promoting it as a tax reduction from 10% to 9%. That is anything but the truth. The 10% tax was deemed illegal, and is going away. Thus this measure is really a 9% tax increase. It also prevents the city from having to pay back everyone for the illegal 10% tax they have been collecting. The only reason they set the tax rate at 9% was so they could bill this as a tax reduction for all the uninformed voters out there. In the end, since this doesn't affect me, I leave it up to the voter to make a decision. I can't stand the tactics used to promote this measure. However, I also understand that no city can survive on a loss of $270 million a year which is what voting no on this measure would mean. Voters should understand that they voting to legalizing a tax (or implementing a new tax if you see it that way) and not voting on a tax reduction.

I passed!

I passed the CISSP exam I took in December!

This email was waiting for me this morning:

Congratulations! We are pleased to inform you that you have passed the Certified Information Systems Security Professional (CISSP®) examination - the first step in becoming certified as a CISSP.

I still need to complete my resume and have my application endorsed by someone already certified in order to get my certificate.

Tuesday, January 08, 2008

Avoid Chicago like the plague

I had a quick business trip to Ohio this week. On last trip before the baby is born. If only was that simple.

I started off Monday with a very comfortable flight from LA-Chicago. This was a nice 3-class 777 aircraft, and I was upgraded to business class which made the flight comfortable and enjoyable. The fun started as we were decending to land. Apparantly President Bush was leaving Chicago, and they had to basically shut down the airport while Air Force One took off. That caused us to land about 30 minutes late. No biggie, as I had a 90 minute layover for my flight to Ohio. Looking at the departure board, most flights are now shoing delayed due to the Air Force One isuue. As our new departure time approaches, it starts raining. If you've watched the news recently, even a single drop of rain can wreck havoc on Ohare operations. Our flight was delayed again. Then a thunderstorm hits....another shutdown of Ohare due to lightning. Our airplane still hasn't arrived as our delay keeps getting worse. Finally, they say the airplane we were supposed to travel on was diverted to South Bend, IN due to the weather and cancel our flight. I was fortunately rebooked on another flight that was not much later now due to all the delays. We board, and depart, only to be #26 in line for takeoff with another hour delay. Finally after spending 7 hours in delays in Chicago, the 45 minute flight to Ohio took off and I arrived at my hotel shortly after midnight. Grr..to 8am meetings the next morning.

I might add that the my original flight was on a smaller regional jet, so it left from the commuter F terminal. The commuter terminal was not designed for 7 hour delays. It was designed for short commuter flights. So, it was crowded, cramped, had little available food, and had a broken air conditioner which made for a bad waiting experience.

Now I sit in my hotel room with rain/wind pounding my window wondering how my flight home will go tomorrow. The only evening flight from Ohio to Chicago tonight that some coworkers tried to get on after our meeting ended up being cancelled. We'll see what tomorrow brings.