I still can’t sleep on a normal bed – even the firmest mattress is way too soft for me. Finally gave up, and am using a sheet of plywood as a matress…
Currently trying to get a portfolio together out of all my half-finished projects.
I was asked about new spells the other day, so I thought that today I would share with you all some of the new spells that we have been using in the TEBEL Playtesting campaign I have been playing here. I hope you enjoy them all!
Chasing the Dragon
From Free Leah
First and foremost, do not panic.
Leah wanted for us to express these points to you with this news:
- She is extremely traumatized and experienced a lot of very, very bad things, but she is alive. The state of her mental health is also very bad.
- She asks that people do not jump to wild conclusions about her release because they do not apply.
The internet has evolved into “just” the web, and the web has evolved into a system of walled gardens. Information wants to be free, but instead, constrained within these walls, it’s stiffled. The massive gains we were promised by social networking, and networking in general have never been realized. Cloud computing hasn’t lived up to its potential either. Instead of a seamless world, the cloud has just given us more walls and compartments.
I want a web without walls, clouds that truly are connected, data that I can move anywhere, access anywhere, and use and share as I see fit. And I want this web to respect my privacy and security above all else.
Mashups should be nearly automatic across many different services. I’ve got tasks in Google Tasks, my company’s basecamp, and various bug trackers. Is it too much to ask to be able to work with them all in one place?
What do we have to do to make this happen – cloud services that are unobtrusive, portable, and seamless, and cloud applications that don’t care what service you use to store the data?
In studying various democracies throughout the world, I’m struck by one in particular, which is Switzerland. The Swiss democracy is a hybrid of direct and representative democracy.
Any legislation passed at a national level can be brought to a referendum shortly after it’s passing by circulating a petition and gaining a sufficient number of signatures. That legislation is then put on hold, and goes to a public referendum where it needs a simple majority to either uphold it or reject it. In this manner, controversial matters end up going before a public vote, while keeping the advantages of a representative system.
This mechanism amounts to a “public veto”. Unpopular legislation has to pass not only the parliament or congress, but also the public – making it harder for bad laws to pass, and making it harder for politicians to be bought and sold.
FOR IMMEDIATE RELEASE:
June 4, 2012
NIYA Demands Executive Order to Stop Deportations of DREAM Act-eligible Youth
Prosecutorial discretion has failed—deportations of DREAMers continue
DENVER—The National Immigrant Youth Alliance is calling for the President to issue an executive order to stop the deportation of DREAM Act-eligible youth. We simply cannot continue to allow our lives to be held up by petty partisanship and congressional gridlock.
Late in the day Thursday, a New York court passed a ruling that will require the FDA to get serious about antibiotics in meat.
The lawsuit, brought by the Natural Resources Defense Council (NRDC), Center for Science in the Public Interest, Food Animal Concerns Trust, Public Citizen, and Union of Concerned Scientists, is a pretty big deal. But to understand it, we must step back in time to 1977, when the FDA saw the first clear evidence that connected low doses of growth promoting antibiotics in animals to the existence of antibiotic-resistant bacteria capable of infecting people.
This article deals with securing an Android device against the possibility of spyware, and intrusive surveillance. This is specifically aimed at people with a reason to suspect that they are being spied upon.
If in doubt, wipe your device.
If you have any question about whether malicious software may have been installed on your device, wipe it.
Keep your device locked.
Set a lock code, and keep your device locked at all times. If your device is out of your possession for even a second while unlocked, then someone could easily install malicious software to spy on you.
Consider the benefits and risks of rooting, and make an informed decision.
Rooting your device offers you far more control over what runs on it, but it’s not without risks. Your phone manufacturer, or carrier will not provide support to rooted phones, especially if the problem is regarding phone software. The process of rooting your phone is also risky – if you don’t follow the steps exactly right, you risk turning the phone into a paperweight. Root access also can be abused by malicious applications.
However, many carriers shipped their phones with spyware already installed, in the form of CarrierIQ’s spyware, and rooting the phone is the only way to get rid of it. Also, many carriers are well behind on updating software, so you can get a much newer (and potentially safer) version of Android by rooting.
Keep USB Debugging Off.
USB debugging is necessary for some things, like tethering apps, and to use adb to work with your device. Unfortunately, USB debugging also enables anyone with a computer, or a specialized phone debugging device such as those offered to carriers and law enforcement agencies by Cellbrite to access your phone, EVEN IF LOCKED. If you need to do something that uses USB debugging, turn it on, and remember to turn it back off when you are done.
Consider the implications of allowing non-market applications.
Simply put, if you don’t need this functionality, don’t turn it on – try to avoid needing it, but if you have to use it, use it.
Be careful even with market applications.
Be particularly wary of new applications – it’s best to stick to well-established applications that have strong reviews. The screening process for the Android Market is after-the-fact – bad applications are removed after they are found, rather than prevented from being added.
Even with precautions, don’t let your device stray too far.
Even with a lock code, and USB debugging off, rebooting a smartphone into recovery mode may still offer a way to access it, and the SD card can be removed and/or tampered with. In particular, avoid letting random people use your phone and watch them closely if they need to do so. All the precautions in the world will only buy you a few minutes.
Turn off GPS and location services when not needed.
This is a no-brainer – if you don’t need these services at the time, don’t have them on. There are widgets that can easily turn this on and off.
Consider the risks and benefits of Google services.
Google is a US-based company, and is subject to having to disclose information to the US government under the PATRIOT act, it’s a fair bet to say that they will give out your information to the feds if asked, and that you probably won’t know about it when they do.
Consider the risks of surveillance by the carrier.
Your mobile carrier will have a record of all calls, texts, and other communications from the phone, as well as the location of the phone based on triangulation (which is independent of GPS, can easily be accurate to 150 meters or so) . Encrypting traffic to internet services will prevent the carrier from snooping on them, but they will still know which services you are communicating with.
As someone who’s tried in vain to find tutorials in the past that actually reflect good practices, this article strikes home for me.
We need tutorials that are done right, that don’t teach bad habits, and above all, are mindful of security at every step. The programming practices advocated by many tutorials are the exact reason why we still see mistakes like buffer overflows, string format vunerabilities, XSS, and SQL injection – programmers learn their fundamental skills without security awareness – therefore making security a perpetual afterthought.
The problem isn’t exclusive to web programmers – all programmers need to learn fundamentals of good programming, rather than just the basic concepts – even if it makes the examples more complex, security can’t be an afterthought, it has to be intregal to the art and practice of programming.