Archive for January, 2009

Gmail and SSL

 | January 27, 2009 9:05 PM

Gmail

Previously I had reported on the Gmail Account Hacking Tool and how I thought the threat was overblown.  I said that I would not use SSL with Gmail as recommended because I thought it would affect the performance.

Well soon after that article my security friend sent me an email and convinced me to always use SSL with Gmail.  I have been using SSL with Gmail for several months and have not noticed a performance difference.  I would recommend you do the same.

Packet sniffing is a real problem.  Email harvesters are constantly searching and sniffed packets for email addresses, Session ID’s, and other personal identifiable information (PII) for spamming purposes.

Even if you have secure wifi, that’s only secure the connection between your laptop, and our home router.  From the house to google, it’s unencrypted.  So, an SSL connection would carry from your laptop to a server regardless of the communication medium.

So, what about SSL performance slowing down my network connection, it’s negligible.  There’s only MAYBE a noticeable performance hit the first time you make an HTTPS connection between your browser and a webserver.  This is noticeable, because there’s key generation, certificate exchange, certificate verification, key exchange, etc.  This only happens the first time. Every time your browser goes back, it just uses the same SSL encryption key every time.  You don’t have to do this initial SSL handshake unless your close your browser, or go back a day later.

What about encryption algorithms eating up CPU cycles.  Encrypting a packet of data is not the bottle neck.  Current algorithms on 2 year old CPU’s can encrypt close 7-10MB/second.  Far far faster than any DSL or Cable modem connection.

What about encryption algorithms eating up CPU cycles on the webserver.  With advance networking equipment, hardware based SSL acceleration and load balancing keeps server response times low, and is common practice.

How big a deal is packet sniffing?  All proxy servers/fire walls, and network address translators (NATs) can look at network packets passing through them.  There are probably 3 to 6 of them between you and gmail.  If the connection between you and a webserver is over SSL, these network junctions can not view or tamper with your packets. They simply act as pass-through points.  There is logging capability built into these servers from some vendors.  For an attacker who is trying to sniff data, these are likely targets for hacking.

Share

It is sad that the Supreme Court is saying that for the sake of free speech the government should not restrict pornography on the web and that parents should install filters to protect children.

I think this is both inconsistent at best and terribly damaging to society at worst.

  1. I thought that pornography did not come under the category of protected speech.  For example if I remember correctly New York City strip joints sued for greater freedom in what their strippers could show and lost.  New York City adult stores were denied licenses and kicked out of various areas.  Yet for some reason the internet is not regulated?
  2. There are many regulations on what can be shown in adult magazines, where adult magazines can be displayed, how they can be displayed, etc.  But on the internet you can show anything and not have to verify a person’s age?
  3. I thought that software filters are not effective.  In the past there was discussion about having adult content web sites use their own domain suffix which would making filtering much easier.  There is no real reason for an industry as shady as the pornography industry to want to comply with any software filters.
  4. This is just a theory but the proliferation of online pornography seems to have coincided with the rise in sexual predation on children.  I think people are far too naive about the harm pornography has on society.

I believe we should move to a much more regulated internet in terms of pornographic and violent content.  And we should make the internet providers culpable with well-framed guidelines.

I can go on with my ideas but this post is getting long and considering the Supreme Court’s recent ruling, my ideas would be just hot air.  The only chance to change things is to prove that pornography is harmful to society but that’s not going to happen soon, in fact the trend is moving towards pornography being an enjoyable entertainment product for all people.

A long legal drive to shield children from sexually explicit material on the Web ended in failure Wednesday when the Supreme Court let a 10-year-old anti-pornography law die quietly.

In striking down the law on free-speech grounds, the justices said parents could protect their children by installing software filters on their computers.

Supreme Court lets Internet porn law die – Los Angeles Times.

Share

I love fried chicken but rarely cook it because of the amount of oil that is needed.  But apparently this fried chicken dish “tastes so good” and only uses 1/4″ or less of oil.

The recipe says to use tahini but you can substitute peanut butter.  However I wonder if that will not taste as good, definitely sounds like it would taste heavier.  There is supposed to be an Asian equivalent, sesame paste,  but I am not sure what that would be in Korean cooking.  Here is a simple recipe for tahini.

The amount of oil needed to get a really crisp crust on the chicken is minimal. But the flavor is terrific, as a quick glance at the ingredient lineup will tell you: onion, herbs and tahini.

The Minimalist – Fried Chicken That Reaps Superlatives – NYTimes.com.

Share

Ellin Klor, 58, holds the wooden knitting needle fragment that pierced her heart while sitting at her home in Palo Alto, Jan. 24, 2009. Klor is being featured in a book being published about trauma survivors. She survived an accident with a knitting needle that pierced her heart and two separate diagnoses of breast cancer. (David M. Barreda/Mercury News)

I did not know this but if you get stabbed in the heart, like with a knitting needle, leave it in there until they get it out during surgery.   It seems like common sense but I am sure if I was in that situation I would have pulled it out, especially if the ER doctor told me to pull it out.

An accidental stab wound to the heart is unusual but not unheard of, said Susan Brundage, the surgeon at Stanford University Medical Center who removed the needle from Klor’s heart and stitched up the wound. How one reacts to that kind of trauma can be crucial.

Two years ago, Australian “Crocodile Hunter” Steve Irwin died after he was stabbed in the heart by a sting ray’s barb, Brundage noted. Unlike Klor, who left the needle in her chest, Irwin reportedly removed the barb from his.

Palo Alto woman stares down death three times – San Jose Mercury News

Share

No Knead Bread

 | January 26, 2009 4:38 PM

The Secret of Great Bread: Let Time Do the Work

I almost want to do this.  Making your own bread seems so healthy and even empowering.

Mr. Lahey’s method is striking on several levels. It requires no kneading. (Repeat: none.) It uses no special ingredients, equipment or techniques. It takes very little effort.

It accomplishes all of this by combining a number of unusual though not unheard of features. Most notable is that you’ll need about 24 hours to create a loaf; time does almost all the work. Mr. Lahey’s dough uses very little yeast, a quarter teaspoon (you almost never see a recipe with less than a teaspoon), and he compensates for this tiny amount by fermenting the dough very slowly. He mixes a very wet dough, about 42 percent water, which is at the extreme high end of the range that professional bakers use to create crisp crust and large, well-structured crumb, both of which are evident in this loaf.

The dough is so sticky that you couldn’t knead it if you wanted to. It is mixed in less than a minute, then sits in a covered bowl, undisturbed, for about 18 hours. It is then turned out onto a board for 15 minutes, quickly shaped (I mean in 30 seconds), and allowed to rise again, for a couple of hours. Then it’s baked. That’s it.

The Secret of Great Bread: Let Time Do the Work – New York Times

Recipes:

Share

Pantry Essentials

 | January 23, 2009 1:59 PM

Fresh Start for a New Year? Let’s Begin in the Kitchen

I did not know that Mark Bittman wrote for the New York times but I found one of his articles, Pantry Essentials, in the San Jose Mercury News.  I looked up the original at nytimes.com and found his prolific Bitten blog.

Based on his article I am inspired to add these to our pantry.

  1. frozen shrimp
  2. dried mushrooms
  3. fish sauce
  4. dried beans
  5. real bacon or prosciutto
Share

Gospels by Balloon

 | January 22, 2009 2:51 PM

I am not sure what to think of what Voice of the Martyrs is doing in South Korea.  Many years ago VOM opened my eyes to the severe oppression in North Korea when they gave me an autobiography of a North Korean refugee.  I know VOM has been sending tracts by balloon over the border to North Korea for many years.

In some ways it is admirable they are doing this, trying to get the gospel across in any way possible to one of the most closed countries in the world.  On the other hand the cost for the North Korean recipients is incredibly high.  Being found with a tract could result in imprisonment/torture/death.  Becoming a Christian is illegal.  A person and three generations of his family could be jailed and tortured because a tract could have been found on his property without him even knowing.

I guess VOM’s reasoning is that regardless of the cost the gospel is worth that much, that it is the only way to eternal life.  I think they are right but I just wonder if there’s a better way.

 Christian activists in South Korea sent hundreds of thousands of gospel tracts over North Korea

Christian activists in South Korea sent hundreds of thousands of gospel tracts over North Korea’s closed border in November using helium-filled balloons. Equipped with a time-release mechanism, each balloon carried 10,000 leaflets that tell the story of a 1907 Christian revival in Pyongyang, and compare Kim Jong-Il to Nebuchadnezzar. The effort is part of a resurgence of balloon launches, used for decades by political and religious groups to send propaganda past the North’s information blackout. Such launches worsened relations between North and South in 2008. In response, North Korea’s government further restricted travel and communication between the two countries.

Gas-Powered Gospels | Christianity Today

Share

Happy Inauguration Day

 | January 20, 2009 10:32 AM

Obama

A day of history, summed up well by Secret Asian Man.

Share

Bush’s Faith-Based Legacy

 | January 19, 2009 9:25 PM

On the last day of George W. Bush’s presidency I saw a link saying editors around the world “pilloried” Bush one last time.

Now I am not a George W. Bush fan.  In general I felt his foreign policies leaned too much towards military action, his economic policies favored the rich, his environmental policies were weak and his stance on torture (waterboarding) indefensible.

However being the contrarian that I am I cannot help but feel like coming to Bush’s defence as I read so much criticism of him.  I believe that George W. Bush shares my faith and I believe that he is a good man.

Here are some accomplishments of his that I appreciate in no particular order.

  1. Allowing faith based charities to receive government funding.
  2. Expanding the protected marine regions, especially near by in Monterey Bay.
  3. Fighting AIDS and malaria worldwide through PEPFAR and PMI.
  4. Fighting for immigrants, legal and illegal.
  5. Stopping embryo stem cell research and leading a pro-life agenda.

I also learned recently that Bush reads the Bible cover to cover every year though I have not been able to verify that.

Christianity Today has gone against the tide and published an article called “Bush’s Faith-Based Legacy.”

Share