Bookmark and Share

MyTake - US Government Digitally Signs .gov TLD

US Government Digitally Signs .gov TLD 
Thursday, January 22, 2009, 2:41 AM - Public Policy, Software, Security
Posted by Administrator
Using my own DNS Check tool I noticed that the .gov is now signed using DNSSEC. This means that the government has actually met its schedule on this one. But there are a few issues:

1. Who actually signs it? NIST? DHS? Some other agency? This is important for answering #2.

2. How do we validate this key? How do we know this isn't a hacker's key? The agency that maintains the key should distribute a hash of the public key so that we know its the real deal.

I'm hoping in the near future all of this information will come out, but until it does, .gov isn't really any better off than it was before.

UPDATE [2-18-2009]: Apparently GSA is responsible for .gov and DNSSEC. It is still considered in experimental stages and keys may change, therefore no final key information is available for validation yet.

UPDATE [3-1-2009]: GSA has posted the .gov public key on their website.
view entry ( 164 views )   |  permalink   |  related link   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1590 )
Tom Leykis Complaints to the FCC 
Monday, January 5, 2009, 10:53 PM - Public Policy
Posted by Administrator
Freedom of Information Act Results (PDF)
view entry ( 112 views )   |  permalink   |  related link   |  $star_image$star_image$star_image$star_image$star_image ( 2.9 / 173 )
Your Phone is Your Boarding Pass 
Saturday, January 3, 2009, 10:44 PM - Computing Technology, Security
Posted by Administrator
Northwest airlines has begun issuing eboarding passes for select flights from Detroit, Indianapolis, and Minneapolis. The way it works is by following the usual online checkin procedure, but you are given an additional option to use an eboarding pass. You are then asked for an email address or phone number (text message) to send the url for your eboarding pass. If you choose to use your phone, you will be asked for the carrier along with your phone make and model. This is presumably to ensure that the boarding pass is provided in a format that is compatible with your phone. My phone (Motorola Z9) wasn't listed, but I chose a RAZR instead as they use very similar screen sizes and software and I didn't have any problems.

Upon checking in I was able to bring up my boarding pass on a third party website without a need for any further authentication. It consists of a WML format page with a gif image of an aztec 2D barcode at the top followed by standard boarding pass text. The barcode appears to include the standard boarding pass information without any type of digital signature.

When I got to the airport security checkpoint I never had to actually hand my phone over or even show my eboarding pass to another person. The eboarding pass scanner took about 15 seconds to boot up and I simply placed the barcode against the scanner and it displayed my name and other information for the security agent. There was an issue getting it to scan because the backlight on my phone was not on at first. He then checked my ID and I proceeded through security as normal. Next I walked through the metal detector and was asked for my boarding pass by the security officer. I simply stated that I used an eboarding pass and was allowed to continue. Therefore I question the effectiveness for only checking print boarding passes at this point.

Finally, boarding the plane was simple. I simply placed my phone against the scanner at the gate and was cleared to board.
view entry ( 128 views )   |  permalink   |  related link   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 576 )
Paying Down the US National Debt 
Saturday, December 13, 2008, 2:11 PM - Public Policy
Posted by Administrator
You can't make this stuff up. Everyone please write your $35,000 checks immediately to solve this problem.

Courtesy US Treasury Department:

How do you make a contribution to reduce the debt?

Make your check payable to the Bureau of the Public Debt, and in the memo section, notate that it is a Gift to reduce the Debt Held by the Public. Mail your check to:

Attn Dept G
Bureau Of the Public Debt
P. O. Box 2188
Parkersburg, WV 26106-2188
view entry ( 390 views )   |  permalink   |  related link   |  $star_image$star_image$star_image$star_image$star_image ( 2.9 / 241 )
Auto Industry Bailout 
Friday, December 12, 2008, 9:58 PM - Public Policy, Economics
Posted by Administrator
Let's pretend I have a job that is linked to the economy, maybe real estate or something (read: auto makers). Economy takes a crap, I'm not doing so good, can't sell houses (cars). Now I'm having trouble paying the bills now. Oh and by the way, no bank wants to loan me money because in all likelihood I won't be able to pay it back or I'll go bankrupt if the economy doesn't turn around. So then of course I must make a last ditch effort to stay afloat so I go to one of my good friends (the government) with lots of money laying around (nevermind he is already in debt up to his eyeballs). I lay out my plan complete with expenditures and whatnot, say I need $35,000 to get me through to January. Then my friend says, well, I want to help you out, I can't allow you to fail, you are a big part of my life. Nevermind that no one else thinks investing in you is a good idea. Here's $15,000. I look back at my friend, extremely confused.

Me: Didn't I just tell you that I needed $35,000 to not go bankrupt?

Friend: Yes

Me: Didn't you just say I can't be allowed to fail?

Friend: Yes

Me: Isn't bankruptcy failure?

Friend: Yes

Me: Don't you have $35,000?

Friend: Yes, but I'm only giving you $15,000.

Me: Wha?! So basically you are going to "loan" me $15,000 knowing that I'm not going to be able to get the $20,000 difference, forcing me to go bankrupt and default on the $15,000 you loaned me? So you've pretty much "loaned" me $15,000 that you know you won't get back.

Friend: *Crickets*

UPDATE: Mike Huckabee made the same point on FOX News, The O'Reilly Factor, on December 12.
view entry ( 114 views )   |  permalink   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 2880 )

<<First <Back | 1 | 2 | 3 | 4 | 5 | 6 | 7 | Next> Last>>