Monday, July 27, 2015

“…informed by reason and experience...”

“…informed by reason and experience...”  As one of the New York Times token conservatives, Ross Douthat is someone with whom I often disagree.  Time and again he demonstrates the reasons why the Democratic mouthpiece rag chose him: he's one of the least worst conservatives, from their perspective.  But in this case, writing about the Planned Parenthood videos, he is spot on.  An excerpt:
And the problem these videos create for Planned Parenthood isn’t just a generalized queasiness at surgery and blood.

It’s a very specific disgust, informed by reason and experience — the reasoning that notes that it’s precisely a fetus’s humanity that makes its organs valuable, and the experience of recognizing one’s own children, on the ultrasound monitor and after, as something more than just “products of conception” or tissue for the knife.
He starts with a story I've read before, but that ties in nicely with his piece.

I read in this morning's news that the Republicans have fast-tracked a bill to defund Planned Parenthood.  I suspect this is mainly for show, because I can't imagine a veto-proof majority passing it in either the Senate or the House.  But who knows?  Maybe the disgust of those who have heard about it (it's even on NPR now) will motivate even some of the Democrats to pull Planned Parenthood's funding.  Obama, of course, will veto any funding restrictions...

Security theater...

Security theater...  Via my pistol-packing mama:
Here are the latest results from TSA body scanning.
August Statistics On Airport Screening From The Department Of Homeland Security:
Terrorists Discovered
Hemorrhoid Cases
Enlarged Prostates
Breast Implants
Natural Blondes
(It was also revealed that 535 members of Congress had no testicles.)
This is, of course, a joke. What is not a joke, though, is the first line of that table. It's absolutely true that the billions of (our tax) dollars spent by the TSA on airport security has caught or stopped exactly zero terrorists.  Here's some essential reading on the subject.  All that money, all that inconvenience, has accomplished nothing real.  It does seem to have made some people feel better, somehow – but everyone I know who has an above-room-temperature IQ can observe for themselves just how ineffective the TSA is.  The scariest way to do that is to place yourself in the position of a terrorist, and try to imagine a way around the security.  Try it.  There, now, that wasn't very hard, was it?  Feel more secure now?

I use a password manager...

I use a password manager ... (1Password, which I recommend), so this post on Slashdot caught my eye.  Why do I use one?  That's easy: at the moment, I have 582 logins stored in my 1Password “vault”.  Probably 100 or so of them I've used in the past year.  Who on earth could possibly remember even that smaller number of secure passwords – much less the larger number?

So I do what many other security-conscious people do, especially those people with some understanding of cryptography: I secure my password “vault” with a very secure password that I have memorized – just the one, thank you – and then all my other passwords are randomly-generated strings between 12 (because some web sites limit me to that) and 24 (because I'm paranoid about advances in hash crackers) characters long, using a random combination of letters, numbers, and punctuation.  On my most important accounts, I change passwords fairly often (as 1Password makes this quite painless).

I've been doing this for quite a long time now.  I didn't record my first use of a password manager, but I believe it was in 1998 or 1999.  I can't even imagine going back to the regime of memorizing a password for every account.  And I certainly would never rely on a single password for multiple accounts ('cause then if a hacker somehow cracked any one account, he's into all of them that use the same password).

One consequence of using a password manager is that you'll find yourself frequently copying-and-pasting from the password manager into the web application you're logging into.  Something I've noted recently (the past couple of years) is that more and more web sites are preventing pasting into password fields.  I'm not sure what their motivation is, though I'm pretty certain it's misguided.  One thing they are definitely doing, though, is making life tough for people who use password managers – something I think they'd not want to do, since the careful use of a password manager clearly improves security.  Only a small minority (under 5%, possibly under 1%, depending on whose statistics you choose to believe) of users make use of password managers, though, so perhaps these web sites just don't care about them.  In any case, I certainly wish they would stop it!  And that's the subject of the post I linked.

That post really didn't have a lot of information in it.  Far more interesting to me were the series of poorly informed comments to it.  There are a few voices of sanity in there, but most of the comments are more like disinformation than they are useful.  That makes me wonder if the ratio of well-informed to poorly-informed comments reflects the sophistication of Slashdot users – whom I'd think would be much more sophisticated (about cryptography) than a random group of citizens.  If so, then no wonder there are relatively few users of password managers!