Monthly Archives: August 2007

Why does the Australian Christian Lobby exist?

I guess I should be thanking the Australian Christian Lobby. Not being an avid watcher of commercial television, I completely forgot that Californication was being shown last Monday. Never fear, however, the ACL’s predictable bleating about the show’s “gratuitous sex” generated considerably more media coverage for the show than it otherwise would have received, which prompted me to, err, obtain the first episode – and as far as black-comedies go, it wasn’t too bad.

I’ll leave aside the issue of why these holier-than-thou organisations are forever whining about sex on TV, yet so very rarely make a peep about violence – although I will note that the ACL did bang on about Channel Seven’s “City Homicide” show, also. I don’t recall them ever making any noise about the very excessive violence and torture in 24, but I guess it’s just possible that they were elated that the bad guys were almost always of Middle-Eastern appearance.

What I would like to know, though, is why the Australian Christian Lobby even exists? This is Australia. Our constitution guarantees freedom of religion. There’s probably not a better place in the world to be a Christian, because our society tolerates pretty much any belief, provided that you don’t go trying to ram it down their throat. We certainly don’t have the sectarian violence that Northern Ireland put up with for so many years. We give religious organisations tax-breaks. We even put up with the religions that are racist, sexist and aren’t particularly tolerant about non-believers.

I can only conclude that the ACL exists because these people, not content with living their lives as they see fit, feel a need to force the rest of us to live that way too. In a liberal democracy, there is simply no need to argue for stricter laws to match those of your religion; there’s nothing stopping you from adhering them as you wish (with the usual caveat of not hurting anyone else).

Don’t want to work on a Sunday? Well, don’t. But don’t stop me from shopping on the only day I find it convenient because your supreme-being tells you it’s a day of rest. You don’t want your kids given sex education? Fine, have them removed from class – and accept the consequences of an increased risk of teenage pregnancy, because no amount of your god-bothering is going to stop them if they want to. If other parents are happy about it, then there’s no reason for you to oppose it. Don’t like Californication? Well, for Christ’s sake, don’t watch it. Surely the name would have been enough of an indication that it might offend?

Want your kids protected from the evils of teh Interweb? PUT THE DAMNED COMPUTER IN YOUR LIVING ROOM WHERE YOU CAN WATCH WHAT YOUR KIDS ARE DOING! Sheesh, does social conservatism always come with a free frontal lobotomy?

Wikipedia and the media

I have just one thing to say about today’s revelations that staff of the Department of Prime Minister and Cabinet have been caught removing damaging details about certain events from Wikipedia: will someone please tell Australia’s radio and TV journalists and newsreaders that it is pronounced /?wiki?pi?di.?/, not wickerpedia, as every report I’ve heard today has said it. It’s a Wiki, not a Wicker.

Introducing ARMbuntu – Ubuntu for ARM processors.

Well, holed up in bed, as I am, with the flu, I finally had time to finish this off, after almost a year. ARMbuntu is an attempt to port Ubuntu (Dapper Drake) to the ARM architecture.

I built it by running a copy of Debian/ARM (Sarge) under QEMU (instructions here), and then slowly building Ubuntu’s source packages until I had enough to run a very minimal system. Usually they built cleanly, but in a few cases I had to apply some patches (glibc is one that springs to mind), and for some other packages I’ve done really dodgy things like skipping all the testing, because it was just too slow and for others. Most of the time was taken up figuring out whether Debian sarge/etch packages would work as build-dependencies, and if not, compiling up build-deps from Ubuntu’s sources.

There’s no kernel packages, currently I’m using a kernel image that I found on the QEMU website; basically, all that is available at this stage is enough to satisfy the dependencies for the ubuntu-minimal package, and build-essential.

I didn’t have any real reason for working on this… just too much spare time, last year, and too many spare cpu cycles. I know I could probably have done it faster with a cross-compiler or Scratchbox, but as I already had the QEMU/arm system working, it seemed like less effort this way.

I don’t have enough bandwidth to handle lots of people potentially trying to suck it down at once, so I’ve set up a bittorrent tracker instead. If anyone really wants a copy quickly, drop me an email and I’ll point you to a url where you can get it.

Not sure what I should do next, with it. Maybe some Ubuntu people out there have some suggestions.

How hard is it to use a fax machine?

You’ve got to love Wilson Tuckey. Wilson sent a fax to the Prime Minister to ask him to quit, but then accidentally sends it to a good number of other backbenchers, too.

I’m trying to figure out how this can happen. Put the paper in, type in the number, press the big green button. I suspect that if this really was an accident, rather than a publicity stunt, then a member of staff probably misunderstood their instructions.

I’d love to know why politicians are still using fax machines for such correspondence. It’s just asking for the cleaner to pick it up at its destination and sell it to a journalist for some quick cash…

Hrmm.

You know you’re getting old when you’re surprised that Nirvana is described as Classic Rock and is played on “oldies” radio stations.

Limiting password attempts considered harmful

Whoever thought it was a good idea to lock passwords after a number of incorrect attempts? Aside from being incredibly annoying, it strikes me that this is a very simple vector for a denial of service attack. I’ve been working with a bunch of machines that are linked back to a single-sign-on system, and the central authentication server is set to automatically lock the user’s account after three incorrect attempts at the password. I’ve now had to have it unlocked often twice or three times daily, because it’s very easy to get my password wrong when sudoing to root as regularly as I have to do.

While users are regularly urged to keep their passwords secret, the same can’t be said of their usernames. In fact, in the Unix world, all usernames are clearly available to other users, in the /etc/passwd file as a matter of necessity. Furthermore, I’ve seen plenty of organisations who publish staff usernames in their internal online directories.

What does this mean? Well, it makes it very easy for a disgruntled member of staff to create a denial of service attack by locking huge numbers of users out of their accounts, just by attempting to connect to the systems with a dummy password. I’d be interested to know if Australian law even considered it an offence to do something like this, given that no unauthorised access would be gained. Want to really annoy someone? Grab their mobile phone, type in their PIN wrongly several times, and watch them have to call up their provider to have it unlocked.

Obviously I know why such account locking is done – it’s to prevent brute force attacks on passwords. However, it seems to me that a better solution would be to use a series of backoff timeouts, so that users aren’t permanently locked out, but brute force attacks are rendered less effective, due to the amount of time they’d likely take to be successful.

I noticed that my internet banking account was locked, a few years ago, when I accidentally used the wrong password several times. I wonder how far off we are from someone getting a list of user IDs to such a system, and then locking out all their customers in one hit?

One out of three ain’t bad?



Depends whether you consider the creation of thousands of McJobs to be a good thing, I guess.