The “first programmer”? Don’t insult her

In some circles it’s become an article of dogma that Ada Lovelace was the first computer programmer, and those who dispute it are denounced as “sexist.” When disagreement with a claim becomes heresy, that makes it worth looking into, if only to find out what’s stirring up such passion. Having looked into it, I have to conclude that not only is the claim false, but it trivializes her actual accomplishments. (Here’s an example, whose author says she was coding a mere “adding machine.”)
Read the rest of this entry »

Advertisements
Posted in General. Tags: , . Comments Off on The “first programmer”? Don’t insult her

Clearing out Mac login junk

This morning, when I booted my Mac, it told me that “Android File Transfer Agent.app” was something I’d downloaded from the Internet and asked if I really wanted to open it. I’d recently installed Android File Transfer, but didn’t know what Android File Transfer Agent was, or why it should be launching even if it was related to what I’d installed, so I said no. Android File Transfer wasn’t doing me any good, since my Mac can’t see my Android phone over the USB cable, so I deleted it from the Applications folder and emptied the trash. (It may be something Tracfone did; Tracfone is cheap but does annoying things to limit its phones.)

After a reboot it did the same thing again. I searched for Android File Transfer Agent and found there was nothing by that name on my computer.
Read the rest of this entry »

Posted in General. Tags: , , . Comments Off on Clearing out Mac login junk

St. Mary’s Bank’s gross negligence

If you’ve got an online banking account with St. Mary’s Bank, change your password now. Then come back to this article. It’ll still be there. Hopefully your money still is too, but I wouldn’t guarantee it.
Read the rest of this entry »

Posted in General. Tags: , , , , . Comments Off on St. Mary’s Bank’s gross negligence

Fixing a Firefox problem

Lately a couple of sites weren’t working right for me on Firefox. On Twitter, I couldn’t post a Tweet, and on Udemy, I couldn’t even log in. With the other browers I have, Safari and iCab, I was able to do everything I needed, but Safari is a typically user-hostile Apple product, not even showing the full URL in the URL bar, and iCab isn’t very well maintained. Besides, Firefox lets me use NoScript, with which I can select which sites to accept JavaScript from. This is valuable with Twitter, which disguises all its links with shortened URLs, making it an attractive site for malware links.

I tried all the usual things: clearing the cache and cookies, temporarily disabling extensions, and so on. Nothing made a difference. Some other people on Twitter have experienced similar problems, and one of them suggested using Tor, which I have but hadn’t tried because it’s simply Firefox in plate armor. I tried it, and the problems didn’t occur there! (Though since Tor uses proxies, Twitter started sending me email warning that I’d logged in from an unfamiliar IP address.)

Then I tried using Firefox from a different account. (I have one account with administrative privileges, and another from which I do normal work.) That one didn’t show the problems either. This got me thinking about root certificate issues, but Firefox on the Mac stores its root certificate with the application, not the user information, so that wasn’t a variable. But then I thought about my profile and decided to create a new profile. Running Firefox with the new profile, I didn’t have the problem.

This was a slight nuisance. I had to re-add my plugins, import my bookmarks, and “void my warranty” (a dumb joke that some managers take seriously) by changing about:config settings to my liking. Of course, I did this one step at a time and made sure I hadn’t broken anything. Now things are the way I like them again and nothing broke.

I still don’t know what in my profile was causing trouble, but I’m posting this as a possible fix to some Firefox problems.

Posted in General. Tags: , . Comments Off on Fixing a Firefox problem

New article on software patents

I’ve got a new article on the FEE website, on why software patents are bad.

Posted in General. Tags: , , , . Comments Off on New article on software patents

Support woes at HE.net

Update:HE.net support tells me they’ve fixed the SSL certificate issue described below. I haven’t tested it, since I have something that works and don’t want to risk breaking it again.

You’d think that an Internet service provider would be able to deal with common issues like getting an email connection on an Android phone. This turned out to be beyond the ability of HE.net’s support staff, though.

This morning I tried to set up email on my new Moto phone with Android 4.4.4, using the standard email application. After entering the POP3 server information I got this error message: "Can't safely connect to server. (java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.)"
Read the rest of this entry »

Posted in General. Tags: , , . Comments Off on Support woes at HE.net

Chrysler’s computer security disaster

Andy Greenberg and associates demonstrated that they can remotely hijack a Jeep Cherokee, making it do things that could kill everyone in it. Fiat Chrysler is recalling 1.4 million vehicles as a result of this revelation. Greenberg doesn’t fully explain how they did it, for obvious reasons, but he tells us this:

All of this is possible only because Chrysler, like practically all carmakers, is doing its best to turn the modern automobile into a smartphone. Uconnect, an Internet-connected computer feature in hundreds of thousands of Fiat Chrysler cars, SUVs, and trucks, controls the vehicle’s entertainment and navigation, enables phone calls, and even offers a Wi-Fi hot spot. And thanks to one vulnerable element, which Miller and Valasek won’t identify until their Black Hat talk, Uconnect’s cellular connection also lets anyone who knows the car’s IP address gain access from anywhere in the country.

Every computer on the Internet has an IP address, so the real issue is the “one vulnerable element.” We can only guess about it, but this seems like serious negligence on Chrysler’s part. When a computer system can put people’s lives at risk, you have to pay serious attention to security. According to a Computerworld article, it’s the entertainment system which is open to remote access, but it “is commonly connected to various electronic control units (ECUs) located throughout a modern vehicle. There can be as many as 200 ECUs in a vehicle.”

A basic principle of secure design is that you grant only as much access as is necessary. It’s hard to imagine why an entertainment system would need access to life-critical components. If it is necessary, perhaps so that a warning of a major malfunction can go to the speakers, the critical component needs a firewall that limits the access it allows. Did Chrysler allow the entertainment system free run of its ECUs, or was the firewall defective? We don’t know yet, and maybe it will never be made public.
Read the rest of this entry »

New article on FEE website

FEE is running my latest article, “The Ghosts of Spying Past,” at just the right moment. The FBI is demanding the sacrifice of computer security to “national security”; this would represent a return to the encryption restrictions of the Clinton years. We’re still feeling the consequences of those requirements, and the NSA and FBI are demanding that we give up strong security because ISIS will kill us all!

Please spread the word if you like the article. A good hit count makes me more attractive as a repeat contributor.

Posted in General. Tags: , , , . Comments Off on New article on FEE website

Dumping my Comcast cable modem

Comcast is one of America’s most reviled companies. It’s not hard to understand its obnoxiousness when you realize it lives off government-granted monopolies. While people conceded vast powers to the FCC because of the questionable threat that it would throttle competing video streams, the real problem has remained untouched: its widespread status as a local cable monopoly. For broadband I have two choices: the cable monopoly (Comcast) or the phone monopoly (Fairpoint). When Comcast raised my rates, I planned on returning to Fairpoint once their strike was over. The delay wasn’t because of moral opposition to strike-breaking, but levels of service that had fallen from poor to almost nonexistent during the strike.

However, after the strike Fairpoint didn’t even say on its website what it’s charging for broadband. Their website says “‘High-speed Internet’ doesn’t even begin to describe it.” That’s true, and that’s all they tell you. Considering that the reason I’d left Fairpoint was its tendency to drop connections, I decided they aren’t interested in new broadband customers. So I’m stuck with Comcast.

However, “stuck” doesn’t mean “totally stuck.” $10 of my $54.99 charge has been for leasing a cable modem. This amount has actually gone up as the device has aged. Once I decided that I wouldn’t escape Comcast quickly, I looked into replacing it with a purchased device. This was pretty easy for me, but describing what was involved may help some others. If you have Comcast Internet service and plan to keep it for a year or more, you should definitely escape that ridiculous lease.

The first step is to look at Comcast’s list of approved devices. There are lots of choices, many of them not too expensive. Just make sure you pick one that will keep up with the service level you’re paying for. You might want to check which manufacturers have been caught putting spyware in their devices, but that’s a matter for a different post.

Linksys DPC-3008 cable modemI bought a Linksys DPC-3008 for about $60 from Amazon and set it up. It has just a single Ethernet port, so to keep things simple I connected my main computer directly to it. At this point you have to be patient. If I’d waited long enough, maybe ten minutes, it would have redirected any URL I entered to the Xfinity activation page and I probably could have done it online. But I thought that it wasn’t going to do that, so I called Comcast service. A successful battle with the phone tree led to a real person, who transferred my call to another person.

One of them, I think it was the first one, asked for the last four digits of my Social Security number (my “social,” as people call it when they’re trying to beguile you into handing over confidential information). I declined firmly and wasn’t pressed on the matter. (Why does Comcast make its customers’ Social Security numbers available to its support people!?) I had a bill at hand, so I gave my account number and they were satisfied with that.

Before connecting the device up, I had already copied the serial number and MAC address from its underside. Having these numbers available is important; it’s annoying to read tiny print off the bottom of a connected device while on the phone.

The woman who handled my setup was initially confused because she had the model number listed as a Cisco rather than a Linksys. Apparently it’s both. After asking some questions to make sure it really was what I was saying, she went ahead and did whatever magic occurs to recognize the device. (Comcast makes no secret of its back door to your modem.) There was a slow reinitialization and then I tested a well-known website (cnn.com, but any reliably accessible site will do), and all was well.

The next step was to get my wireless network working again. I’d previously put my Netgear Wi-Fi router into bridge mode, meaning it simply passed all traffic through to the cable modem. I connected up through it and my computer worked, but my Wi-Fi devices couldn’t find a local network. I went fishing on addresses like 192.168.1.1 and 10.0.0.1 and couldn’t find anything. Then it sank in that this box really was just a modem and had no IP address or browser-accessible service. Not really a problem; I just had to take my router out of bridge mode.

However, putting it into bridge mode had lobotomized it. The router now had no IP address of its own to talk to. The only option was to do a full reset on it, which for some reason took several tries at holding the recessed button in for 10 seconds. I then had to re-enter all the Wi-Fi settings, but it worked.

The last step was to return the Comcast device. Fortunately they have a shop in Nashua, so it was a short trip for me. I brought a recent bill for any account information they might need, and an Ethernet cable just in case they insisted that one belonged with the modem (they didn’t). My bill should now be reduced by $10 a month.

I hope this level of detail has been helpful rather than frightening. I will say that the Comcast people I talked with were polite and competent. They’re probably impressed by anyone who doesn’t take their anger at the company out on them.

Posted in General. Tags: , . Comments Off on Dumping my Comcast cable modem

Clinton’s email server

I try to avoid addressing specifically political issues on this blog too often, since I could easily get carried away with them to no useful purpose. This post is an extended reply to a couple of Twitter responses from a friend; discussing anything complicated on Twitter just doesn’t work. Also, it relates to issues where I have a bit of knowledge.

While she was Secretary of State, Hillary Clinton used a private server for the large majority of her official email. According to the New York Times, she didn’t even have a .gov email address. This doesn’t appear to have violated any laws, but legal isn’t the same thing as reasonable and prudent.

An article on Gizmodo discusses the security risks that may come with a less than expert setup of an email server. She used the domain clintonemail.com, managed by a company called Perfect Privacy, LLC. Perfect privacy sounds good, but names are easy. It’s hardly likely that its security was as good as the State Department’s. (Although, perhaps … she had reasons to think that hostile spy agencies had completely compromised the State Department’s email and she escaped to a private server? These days you can’t be too paranoid, but it isn’t clear how her course would have helped much. Future news developments might yet surprise us.)

The problems with such a system include lack of credible authenticity (If you got a message from “clintonemail.com,” would you think it was from the Secretary of State?), easy confusion with other domains, an uncertain level of security, and a far too convenient ability to delete anything she didn’t want known. Whether President Obama knew she was using this server is very confusing. A Guardian article says, “Barack Obama emailed Hillary Clinton several times at her personal email address, the White House said on Monday, while insisting the US president did not realise his secretary of state was operating an independent email system detached from government servers.” How is that even possible? Whatever Obama is, he isn’t stupid. Would he accept email from any old address that claimed to be his Secretary of State, without even wondering about it?

Maybe I’m just underestimating how tech-stupid most people, even intelligent ones, are. Some email clients, like the inexplicably popular Outlook, do their best to hide the address from which you got any email, showing only the name. When I had to use Outlook at a previous employer, even I found it hard to tell what address a message really came from. (Which isn’t to say that an email address authenticates anything. They’re trivial to forge.) This affair has me wondering just how vulnerable high-level government email communications are. Maybe it isn’t so unreasonable that Obama would be oblivious to an unfamiliar address. There must be clever technical people in Washington constantly begging high-level officials not to do stupid things, and I don’t envy them; who’d want to tell someone at the White House or Cabinet level, “Don’t do that, you idiot” for a living?

When caught, Clinton blustered; that’s a normal politician’s reflex. It only made her look more stupid to me, but not that many people understand the technical issues. I know how to read email headers; most people don’t know anything more than “From” and “To.” I’m regularly surprised when people don’t know things I consider common knowledge, like that Linux is an operating system or that Lenovo shipped Superfish with many of its computers. There are as many things I don’t know that other people take for granted. But somebody, in all that time, should have noticed that Clinton was engaging in seriously bad security and accountability practices. I suppose no one dared raise the issue.