Monday, April 30, 2007


On a semi-related-to-yesterday's-post note, comes news that "podcast safe" music might not actually be all that safe. Whether or not there's any truth in in the scare, it seems that the RIAA has a legal trick that allows them to collect fees for any music, even if the songwriter, the performers and the distributor all sign documents that allow for free distribution of the song and/or performance. What we're talking about here is a statutory license. In reading the Copyright Law, I'm not so sure that the RIAA can legally perform such an action (remember, I am not a lawyer). I don't think that the law specifically considers situations involving Creative Commons licenses.

This may be one of those situations where a judge needs to get involved to correct the difference between the letter and the intent of the law. If the RIAA does go forward with this (and damages the podcasting community), I hope that the judge allows for damages and legal fees.

DVD Archiving

I've admitted previously that I'm somewhat of a tech law groupy. The recent court case involving Kaleidesape and the DVD Copy Control Association will likely have repurcussions across a number of other cases. In short, the Judge stated (links here) that it's not illegal for someone who owns a DVD to change it's media. My read on it (and I'm probably wrong) is that someone forgot to include the definition of "authorized use" in the license agreement.

If so, expect this hole to be closed in the near future.

Saturday, April 28, 2007


[*sigh*] Spammers have discovered the comment function in the wiki (I'm receiving anonymous test posts). Hopefully they've discovered that there's no autopost capability.

Friday, April 27, 2007


(heh) We can get Billy to take his medicine if we all work together. You hold his arms. You hold his legs. You sit on his chest. You pinch his nose shut and I'll drop the pills in when he gasps for air.

Q: Who's Billy? A: You.

Having lived a number of years, the "if we all work together" is one of those phrases that sets alarms off in the back of my head. The hidden meanings usually include: you're expected follow the speaker's "vision", the willing are expected to force the unwilling, and you're also expected to sacrifice something yourself. Keep in mind that the sister phrase to "if we all work together" is "if you're not part of the solution, you're part of the problem".

The speaker's effort is one that goes counter to market forces. What he's asking is to force a single version of DRM upon a market that doesn't want it. Ignoring the fact that there is in-fighting over whose DRM should be used (driven by $$), this attempt is doomed to failure as you can only annoy your customers so much before they find new ways of entertaining themselves.

The entertainment industry is in a spot where they should be beating up pirates and "playing nice" with their legitimate customers, rather than beating up everyone. That spot? How about: that piece of entertainment in your hand is considered a license to view/listen an intellectual work (i.e., it's virtual) only until you attempt to view/listen to it via an "alternate" format (e.g., CD vs. MP3). Then, it's considered a physical product in that you have to buy the entertainment again if you expect to access it via that different format. It's becomes confusing in that, should the plastic become scratched, the industry won't replace it (i.e., the virtual license is subject to physical damage).

Is it any surprise that both sets of the music industry's customers (those that make the music and those that buy it) are experimenting with alternate methods to connect with each other. The incentive for doing so is that the music makers can get paid more for their work and the listeners get more work for what they pay?

Markets are slippery things. You can only squeeze one so hard before it squirts sideways and takes on a different form. Personally, the only commercial music I've heard in years (other than the occasional live BNL concert) was either part of a television commercial (I don't watch much) or came out of my car radio on the way to work (when there weren't enough podcasts to get through the week).

With apologies for the rambling...

Wednesday, April 25, 2007


You can thank DMiessler for the ROT26 silliness at the bottom of this page. I've added him to my list of people with entirely too much spare time. (Hint: hover your mouse over the graphic.)

Monday, April 23, 2007


I'm seeing a lot of press about how Silverlight runs on Windows, OS X and, yes, Linux. However, in going to the MS site, I can only find the Windows and OS X versions. There's a lot of "Q: What about Linux? A: We'll support it if there's enough demand for it"-type info but no binaries.

I think that what we're seeing is yet another case of the media parroting without verifying.

Sunday, April 22, 2007

School Wiki going down

For anyone whose been using the wiki for the wireless security class, I'm planning to incorporate the data from it into the main wiki and delete the school wiki. There's not much unique data so it shouldn't cause too much pain.


Many thanks to Jon Schlueter, whose been wading through parts of the wiki, fixing my errors, adding content and suggesting links to still more.

Jon, good luck with the thesis!

Saturday, April 21, 2007

Asterisk AGI

Perl is giving me absolute fits in Asterisk's AGI (or rather, the AGI is giving me fits). Argh!!

SageTV Menus

(heh) Figured out how to edit the menu bar in the web server for SageTV. I've added the howto to the wiki. (Hint: look at EpgChannel)

Thursday, April 19, 2007


In doing spring cleaning, I came across my DLink DSM-320 again. Compared with the flexability provided by SageTV and MediaMVP, the DSM-320 sucked royally when I last used it. At first I wanted to offer it up as a trade for another MVP box. In doing the research for providing docs to go with it, I found an interesting looking piece of software called Cidero. Maybe I'll have a reason to keep the box.

Anyone ever worked with it?

Saturday, April 14, 2007


Quite a few people have talked about how nice the AppleTV. Even Leo Laporte has commented on just how quiet the box is. I've been able to play with one for short bit and have two complaints:
  • It's more or less locked to iTunes (bleh!)
  • It runs hot, almost too hot to touch.

I'm not saying that I don't like it, just that it needs improvement (which some have already undertaken). While it is probably a good choice for first-time non-geeks, I'm going to stick with SageTV and my MediaMVP boxes.

Friday, April 13, 2007

HaloScan Weirdness

It took me a little time to figure out what was going on with the comments for the blog. The only difference between the code for the blog and the wiki was basically the site name and one target tag (I wanted comments for the blog to pop up in their own tab in Firefox).

After troubleshooting for a couple nights, I gave up and set the target= tag back to what Haloscan suggests. Danged if that didn't fix it. It's going back to "annoying popup" status (it doesn't open a new pane in Firefox anymore, like I'd originally had it). Such is the risk when you rely on other people's code updates I guess...

Anyways, back to your irregularly scheduled blathering...

Class notes

I've got some notes from last night's class, dealing with compiling Kismet2 (on top of a Backtrack2 live cd) and wireshark-inject, that I'll move from the class wiki to the main wiki and beef up with some screen shots.

Give me a few days.

Tuesday, April 10, 2007

Shooting of the messenger(s)?

Just when you thought the SCO v. IBM case couldn't get any weirder, it does. Methinks that someone at the SCO table has a vintage copy of the Illuminati card game. That or they're a distant relative of Steve Jackson.

In doing the tiny bit of research for this post, I noticed that there's another expansion module out for the card game. I loved playing the game on Saturday mornings (yeah, when I was single), though I never owned a copy. I think I may thank Steve by tracking down copies of the game+expansions and buying them.

Oh! Anyone want to start a pool on when SCO pulls the next weird thing? You don't have to name a specific event, the majority just has to agree that the event/incident is weird, strange, or amounts to conspiracy theory.

Wednesday, April 4, 2007

Bloglines subs

Using the previously described Bloglines trick of finding ShmooCon related commentary, I've picked up a ton of new blog subscriptions. There's some interesting ones in there. If you care to take a look at what I subscribe to, go here.

I'm now way over my self-imposed limit of 300 subscriptions. I'll be weeding out the list in the coming weeks. Enjoy!

Monday, April 2, 2007

New wireless card

One of the problems associated with improving your wireless equipment (better NICs, higher gain antennas) is that your detection range improves and you're more likely to see "odd" stuff. Case in point: the following two screenshots were made about 12 hours apart. Can you tell what my neighbor's kid got for Christmas and can you tell why his dad might get upset? (Note: this is not a contest. It's just silly.)

Answers: it looks like the kid received a Nintendo and it looks like it was on all night.

Sunday, April 1, 2007

Back from ShmooCon

Wow. Has it already been a week since I last posted? While attending an out-of-town conference does save on your vacation days, it does eat up your weekend. I am just now getting a chance to put my feet up and blog a little bit (it's been one of those weeks).

ShmooCon was "okay" this year. The content was a bit of a let down from the previous two years (then again, there's only so much "new" topics that your can talk about).

Having the nose count double yet again (for the third year) isn't all that attractive but it does allow for more of your friends/acquaintances to catch up. Shouts to: Mr. Watts (you're our hero), Squidly1, Renderman, Telmnstr, Remad, Syn Ack, Count, Hurdboy, Dave S. (who went with me), Josh Wright, Rob (Goon!), Johnny Long, current/former members of various Red Teams, and the SploitCast crew.

No shows this year: Syngress Publishing (boo!), Hamachi (you missed out on a coin!), Derez (where were you?), and the team of Doug & Howard.

Complaints: the ticket scheme sucked, the door prize session sucked (Rock-Paper-Scissors, while quicker, is lazy), the hotel discount sucked (it was screwed up from the start and disappeared too quickly), the hotel sucked (it was under construction), the subway was under construction, the WarDrive guys only brought Wi-Fi stuff (I brought cash for Bluetooth and Zigbee equipment), attendance was too large (too many people looking for what was experienced during the first two cons), Nate had too much to drink (again) and two of the three best talks didn't make it onto DVD (I believe there's a bounty out for the audio). All that and I was still able to have a good time.

Cheers to Josh Wright, Johnny Long, and Dan Kaminsky for the usual extremely good quality talks (though Dan K. was definitely off on a tangent). I think Josh and Mike Kershaw now hold the record for having the most Shmoo balls thrown at them during a talk (not for what you think though).

Points go to Renderman for applying Johnny Long's talk during the Con. Bonus comedy points for involving the Core Security crew.

If you're interested in actually reading about what went on at the Con, visit and type shmoocon into the search function. Use both the "Search for Posts" and "Search for Citations" options (you'll get different sets of responses). Note: a login is not needed to do this. There's tons of info in there.

I'm looking forward to next year and hope that Bruce, Heidi, and crew learned enough this year to improve next year's Con. Note: next year's Con will probably occur somewhere else other than DC. Word is that there's only four weekends that aren't already booked for the Wardman Park Marriot (it being an election year and all). I hereby volunteer Virginia Beach. The January/March time frame is the off season and hotel space on the waterfront is dirt cheap. That and it's only a few miles from my house.