That is what happened at the CIA: A culture of process destroyed a culture of excellence. There are many outstanding people at the agency, in both the Directorate of Intelligence and in Operations. The agency's obsession with the intelligence process crushes these people daily. Those who flourish in this environment are those who can sit through long meetings without falling asleep. The people who can peer through the darkness and see the truth are either sucked into the surreal world of modern management or shunted aside.

Jeremy says: Gold Star.

I say: This link is on Free Republic. They are a bad reputation for being the Republican version of the Slashdot hordes. All power in numbers and no clue. However, the article is Stratfor, and hence worthy of attention. It reads a bit Republican, which is likely why the freepers have posted it. I'm not sure that it is. Stratfor likes to talk about what is going on and why. They don't usually talk about what might have been done. Its rare that they talk about what ought to be done.

The Problem With the CIA

] In recent years automatic identification procedures (Auto
] ID) have become very popular in many service industries,
] purchasing and distribution logistics, industry,
] manufacturing companies and material flow systems.
] Automatic identification procedures exist to provide
] information about people, animals, goods and products.

An extremely technical discussion of RFID including schematics!

RFID-Handbook - RFID: a short introduction

] This section shows the pricing obtained from
] manufacturers for tags, readers and related equipment. At
] present, purchasing inquiries should be made direct to
] the manufacturer or distributor. RFID Exchange will
] establish direct purchasing arrangements as soon as
] possible - please contact us for more information.

This guy has compiled a comprehensive list of companies offering rf-id developer kits. Some are extremely expensive. Some are really cheap, but not standards compliant. I like the Crosspoint unit the best.

RFID Exchange - Purchasing Options

] RFDump is a tool to detect RFID-Tags and show their meta
] information: Tag ID, Tag Type, manufacturer etc. The
] user data memory of a tag can be displayed and modified
] using either a Hex or an ASCII editor. In addition, the
] integrated cookie feature demonstrates how easy it is for
] a company to abuse RFID technology to spy on their
] customers. RFDump works with the ACG Multi-Tag Reader or
] similar card reader hardware.

This was one of the more interesting presentations from Black Hat. Apparently a company deployed a retail RF-ID pricing system in Germany in which the tags could be rewritten! So this guy can roll into a store with his iPaq and a PCMCIA rf-id card and recode items in the store.

Unfortunately, I can't figure out how to purchase the rf-id card that is compatible with this software. So I started doing some research... See the post above...

RFDUMP.ORG - Hacking RF-ID

There was some discussion over the weekend about this but I didn't look into it. Now I have. And I'm pretty unhappy about it.

1. The music selection on iTunes sucks. Modern music is hit or miss. They had the new Orb album, but not the 50 first dates soundtrack. Their 80's selection, on the other hand, leaves a very great deal to be desired. My luck with 80's songs has been about 1 in every 5 searches.

2. iTunes locks you into a pay per play model. If you own an ipod you will never be able to engage in a Rhapsody style subscription model. Jobs is almost religiously opposed to that model. This means that you can't really explore iTunes in search of music that they do have that you might like but haven't heard before. The only real opportunity for that is the Celebrity playlists, which I went through in about an hour when I first loaded the thing up. You won't be able to find the song you want, and you won't learn about new songs that you might like.

3. Apple will never allow any other legal music stores to sell songs for their player. Apple wants a cut of every song that gets sold for their player even though they claim to be taking a loss on iTunes overall and making the money back on selling iPods. This is totally irrational. They are loosing money selling songs, and they are reducing the value of their players by not letting anyone else sell songs for them.

4. Apple has significantly reduced the value of your iPod investment. You will never be able to get all of the songs that you want for your iPod legally unless you continue to buy those old fashioned plastic disks. A competitor in the Windows space will put out a player which is capable of playing songs sold on any music service, and people who buy that player will be able to buy the music they want within the business model that they want. Ultimately, the iPod will look pretty lame when compared to it's Windows alternative, because they'll be downloading all the cool new songs which you won't be able to enjoy unless you hoof it out to the last remaining CD store in your town which hangs on by a thread and mostly sells to Mac users and people who need things on vinyl.

5. Apple has invoked the DMCA to prevent interoperability with their technology. Using a bad law in a bad way ought to be a strike against them.

6. Apple has made a very serious strategic error here that will not only undue their present leadership role in this space, but which damages the investments that their customers have made. This is the reason I didn't own a Mac back in the day. This is the Apple that built a closed platform that didn't interoperate very well with anything and couldn't be taken apart and played with. This is the old Apple. They're back. And they suck.

I'm really unhappy about this.

Why iPod owners should be angry at Apple over the Real case.

] Intel Executive Vice President Leslie Vadasz told the
] committee that Hollings' idea was a brain-dead approach
] that ignored Silicon Valley's concerns in favor of those
] raised by Hollywood lobbyists.
]
] Kerry's advice? "We might need to legislate," he said,
] ignoring Vadasz's objections.

I think I've mentioned before that Kerry's website sort of flirted with the copyright maximalists. Well, turns out he supported the Fritz Chip. He also seems to like Key Escrow. Now I do think tech issues are a side item in this election. I'm not voting on them. Nor do I think Bush's stances are any better. But if Kerry wins, don't expect any changes in this regard.

John Kerry's real tech agenda | Perspectives | CNET News.com

] Nine out of 10 eligible Afghans have signed up for
] landmark October elections, the United Nations (news -
] web sites) said Sunday, a resounding endorsement of a
] democratic experiment supposed to help Afghanistan (news
] - web sites) turn its back on years of debilitating war.

Yahoo! News - 90 Percent of Afghans Registered to Vote

] Raisethefist.com is not shutting down, and the RTF Direct
] Action Network will continue to grow and remain active.
] A 1 year sentence is not the end of this. It's just the
] begining.

Sherman Austin has been released from prison. He is the first and only person that I am aware of who has ever severed time in prison in the United States for thought crime. What might have been a juvenile fascination with anarchy will now be a life long mission. People who are fucked over like this don't grow out of it.

Austin is a canary in a coal mine. In the wake of 9/11 no one was interested in the idea that he actually didn't DO anything. He just operated a website. They nailed his ass to the wall anyway. First Amendment be damned...

I don't like Austin's politics. He is the worst sort of leftist. Motivated by blind hatred. But if he doesn't have the right to freedom of speech, then freedom of speech isn't a right anymore.

Raisethefist's Sherman Austin PATRIOT-Throttled

This morning there was a post on Slashdot about two *blackhat* talks about pointless twists on the PortKnocking concept, in which one of the authors confuses the concept of a one time password and a one time pad. Man, it doesn't take much to be considered a computer security expert these days.

Between a flashy website, articles in all the major admin journals, Blackhat talks, and endorsement from Bruce Schneier, its quite clear that this is one meme that has gone too far. It occurred to me that I could write a single packer stealth authenticator with better security and more flexibility then most pork knocker implementations in a single afternoon, so I did a google search, and fortunately somebody already did it.

] This particular implementation deviates a bit from his
] original proposal, in that the doorman watches for only a
] single UDP packet.   To get the doorman to open up, the
] packet must contain an MD5 hash which correctly hashes a
] shared secret, salted with the client's IP address and
] the (correctly rounded) time-of-day.

No replay, no multi-port silliness, no problems with route flaps fucking up your authentication, lots of features. Straight up protection from port scanners without all of the lunacy. If you think portknocking is "cool" this is what you are looking for. You can stop writing presentations for hacker cons. Its over.

The Doorman - Putting this portknocking silliness to rest

] At one major airport, for example, the check-in agent
] writes a large red "S" on your boarding pass if you're
] designated for this search; you don't have to be a rocket
] scientist to know what this means. So only clueless bad
] guys will be searched, and groups of bad guys will be
] able to transfer any contraband into the bags of group
] members who won't be searched, with plenty of time after
] the security checkpoint to redistribute it as desired.

In case it never occurred to you...

ATAC: Abusable Technologies Awareness Center: Security Theater