Torture, American-Style

Torture, American-Style

the CIA has a list of acceptable interrogation methods, including soaking naked prisoners with water in 50-degree rooms and making them stand for 40 hours handcuffed and shackled to an eyebolt in the floor.

"Palestinian hanging," where a prisoner's arms are twisted behind his back and his wrists are chained five feet above the floor.

Waterboarding (in which a prisoner is made to believe he is drowning) and withholding pain medication for bullet wounds

blasting detainees with high-volume "futility music" (the report's phrase) by Metallica and Britney Spears, dressing a detainee in a bra, and making him do dog tricks

In the Bush lexicon, therefore, sexual humiliation, acute sleep deprivation and threats to have a detainee's mother kidnapped and imprisoned are humane.

18- to 20-hour-a-day questioning for 48 out of 54 days, blasting prisoners with strobe lights and ear-splitting rock music, menacing them with snarling dogs, threatening to hurt their mothers, and humiliations such as leading them around on leashes Pfc. Lynndie England-style, stripping them naked in front of women, or holding them down while a female interrogator straddles them and whispers that we've killed their comrades.

Huh. Leader of the free world.

The US government, on torture by its clients

The U.S. Embassy said in a statement that it was "united" with the Iraqi government in deploring the mistreatment of detainees.

http://www.latimes.com/news/nationworld/wire/ats-ap_top12nov17,0,2672377.story

huh. sounds like milspec U.S. government issued male cow manure to me. And no, I'm not referring to Abu Ghraib, I'm referring to the U.S. Vice President's vigorous, shameless and (so far) successful attempts to give certain U.S. arms the right to torture non-citizens, on their own soil or elsewhere.

"Detainee abuse is not and will not be tolerated by either the Iraqi government or the Multi-National Forces in Iraq," it said.

Which implies that it's the U.S. government that calls the shots in the Iraqi Government. Not particularly surprising in this context since, certainly, the U.S. government *does* call the shots in Iraq, but any competent hypocrite would mask the blatant insensitivity to a sovereign nation's decisions. But then one should not be surprised, amazed or otherwise discombobulated by such hubris.

I would wait for the gods to make U.S. leaders mad, but it seems that has already been accomplished.

refreshing conservatism

I took some quotes for my sig quotes file from an article on the decline in parental guidance in the U.S.. Some quotes though are too juicy even for me, e.g.,

Not that I’m laboring under the illusion that modern girls are all sugar and spice and everything nice. Owing to feminism, which liberated the fairer sex from common-sense, morality, restraint, and chastity, quasi-harlotry now infects much of contemporary womanhood. A lady close to my heart said it best: “Forty years ago you knew who the bad girls were; now you know who the good girls are.” And now we have a whole generation of girls-gone-wild.

Altogether a good article, very useful point. It doesn't address the issues with old-time conservatism though (some repression is a good thing, excessive paternalistic repression is, well, excessive and oppressive). Some sort of middle ground moderated and guided by love (rather than fear and punishment, as of old) is certainly the better way, but I can see that that middle ground would be difficult to maintain. Possibly it takes more goodness and wisdom than is normally available. It's something sort of like the rhythm method a good idea but too difficult for normal persons.

I think they should make them glow in the dark!

Cockeyed has a an article on The Military Applications of Silly String.

I don't know if that's a hoax. It probably isn't. I think they could enhance the product a bit by making it glow in the dark :-). Does mentioning the concept make it unpatentable? Or do I actually have to create some silly string that glows in the dark and then document that somewhere? :-).

tiger

Bad show, Funny wmv

Like my mom (she was scandalized by scenes involving toilets and activities therein) I can't stand Pinoy Big Brother. I'm not as sensitive as my mom, but stupidity bothers me. Hmmm, that link says that Willie Revillame is in there, that might be why it's so shallow then. Although maybe that has to do with Asia Agcaoili too. I wasn't very clear on who Asia Agcaoili was, but a quick google image search on her name reminds me that she's the Sex guru on one or another soft pr0n magazine sold publicly hereabouts. I wasn't going to give her much respect anyway, since she works on the show, but now my already negative impression of the show drops to new lows. huh. morons.

On the other hand, a friend sent me a link to a (no doubt unauthorized) video of the Pinoy Big Brother theme song and that's freaking funny. Hahahah, highly recommended.

The song itself is reasonable. The lyrics are upbeat and although it isn't particularly gripping, the song works well enough. But since it's related to the show, well, I can't like it. Not that it matters though. I'm not anyone's target market for anything.

Testing jet engines with chickens

In an article on studies on $bhow to minimize the impact of airplanes on birds (and vice versa):

Jet engines must now be able to withstand the ingestion of an 8 pound waterfowl without failing (this is tested in the lab by firing a chicken from a cannon at point-blank range).

I just added that to my sig quotes file :-).

It's a funny article, lots of good quotes, although all are a bit morbid, of course.

And its not just birds. Sometimes jet-stream encounters can take a page from the X-Files. "We've had frogs, turtles, snakes. We had a cat once that was struck at some high altitude," said the Smithsonian's Dove. She says birds like hawks and herons will occasionally drop their quarries into oncoming planes. "The other day we had a bird strike. We sent the sample to the DNA lab and it came back as rabbit. How do you explain to the FAA that we had a rabbit strike at 1,800 feet?"

Readings

Disputed English Grammar. Fun read. for english geeks.

and

Monotremes are weird

sol and i were discussing Omnipotence of God (she recently became a Christian) and that link led me to Theodicy, which is very long, interesting, and might be disturbing to someone who believes in Omnipotence (the Omnipotence entry also says that Omnipotence is only mentioned once in the bible, in Revelation, which I did find this morning, so I suppose the jews are not scripturally bound to the concept, although I don't know what their extended analysis of the situation might have led them to recently).

I've read quite a lot more than that today. This happens when I occasionally get demotivated with work. As it happens, today it wasn't ramcar (where the work is massive, but I'm glad to have it, since it's fun) but IPRC (where the work is done and they haven't paid the final installment yet, so I'm not highly motivated to add the features they've requested).

Dynamic DNS in Linux

That title is a bit over the top, of course. I only looked at one solution, and when that worked for me, I stopped looking.

I've got a sort of static IP. My internet provider, Destiny Cable Internet, as of this writing, uses the ISC DHCP Server. That server tries to allocate the same IP to the same requesting MAC if the IP is still available. So the IP is pretty stable. However, there is no promise that the IP will never change, so it's semi-stable.

I thought I'd be OK with just assuming that it was stable, but I changed my mind. It *might* change and when it does, then I'll have to go to everywhere that assumes it's stable and fix it. And then it might change again.

Instead I decided to use a dynamic DNS server. For the client software, I first looked at EZ IP-Update and, since there's a list of dynamic dns servers at that site, I chose DynDNS. Both choices were pretty random, but I'm happy with both of them.

ez-ipupdate took around 20 minutes to set up (there was a minor compile error, something wrong in the ./configure script's deciding how to use errno, so I had to figure that out and fix it, it's a quick and dirty hack though, not good enough to propagate upward, but I may email the ez-ipupdate maintainer so that he can look at his configure configuration) and DynDns took 2 minutes (plus the less than a minute to wait for the email to arrive).

So I've got dynamic dns working now. bopolissimus.homelinux.net

Port forwarding with ssh

I find forwarding ports (and, actually, also reverse forwarding ports) over ssh very useful. I'll probably find it less useful now since I've found OpenVPN so easy to setup and use, but it's still a very useful technique, particularly where I don't have root access.

I always use -v when doing this because -v will tell me if the link is slow or the link is down (while i'm still connecting, less wasted time). It also shows a message everytime a request is forwarded down the ssh tunnel, useful for debugging to make sure I'm doing the right thing.

With the setups below, surfing to http://localhost:8080 will forward requests to the internal or external server specified. Note: by default, port forwarding binds only to 127.0.0.1, so from the box itself you can connect to the forwarded service, but you can't from another box. Use GatewayPorts for exposing the service (warning, think about that, it might open security holes).

1. I'm on my laptop and I want to surf the website on remote.com.ph as if I were physically there. So what I want to do is forward my port 8080 to remote.com.ph:80 (it's an internal website and is inside a firewall, so I can't surf to that site directly from the open internet).

ssh -v -L 8080:localhost:80 remote.com.ph

what that does is, connections on my local port 8080 will be forwarded to remote.com.ph. From there, it will be forwarded to remote.com.ph's localhost:80.

2. Same as #1, I can ssh to remote.com.ph but the web server isn't on remote.com.ph, it's on another internal box inside the firewall, 192.168.80.80:80.

ssh -v -L 8080:192.168.80.80:80 remote.com.ph

What that does is, connections on my local port 8080 will be forwarded to remote.com.ph over the ssh tunnel. Remote.com.ph will then forward them onward to 192.168.80.80:80

3. Same as #2, but I'm trying to surf to some external web site that doesn't let me in if I surf from the Philippines, or if I surf there from the Philippines something bad will happen. For instance, PayPal will block paypal accounts if they're used from IPs that it identifies as being in the Philippines. This has to do with very high fraud rates. But maybe I'm not a fraudster, I just want to use my paypal account, but I can't because I'm physically in the Philippines. If I have ssh access to a host in the USA which paypal won't be suspicious about, I can do port forwarding through that server, e.g.,

ssh -v -L 8080:www.paypal.com:80 my_us_server.com

There is also reverse port forwarding. I do that when the server I need to connect to (usually not for http, but for some internal server) is inside a firewall and I can't get to it directly and the firewall won't port forward to the internal server. In that case, what I do is ssh to the gateway, and from there ssh to the internal server. Then I do reverse port forwarding. What that does is, it will ssh back to *me*, and open a localport on *me* which will be forwarded down that second ssh link back to it. This, of course, only works if the internal server has a route out to the internet, if it doesn't, then some other solution will have to be found.

# first ssh to the gateway
ssh gateway.remote.com.ph

# at the gateway, ssh to the internal box
ssh my-internal

# at my-internal, open the reverse tunnel back to me, i am, client.com.ph

ssh -v -R 8022:localhost:22 client.com.ph

What that does is get my-internal to ssh to client.com.ph (my box, outside the firewall). Once it gets there, it will set up port forwarding so that port 8022 at client.com.ph so that when I (at client.com.ph) connect to port 8022, the request will be forwarded to port 22 at the my-internal computer. I use that much less often than -L, but when -L doesn't work, -R is often a lifesaver.

Comparison of different SQL implementations

Online there's a pretty long (not sure how comprehensive, but informative and useful) Comparison of different SQL Implementations

Haven't read it all yet (busy), but I'll need to get to that within 1-2 days.

Biking Through Tanzania - article

I read the New York Times occasionally, mostly for the culture. The politics there tend to be rather to my left and even where I agree, as in the general opinion of George Bush II, they tend to be more strident and, in the case of Maureen Dowd, hysterical. But there are good articles, often in the culture and travel section, and the financial section too, occasionally.

An example, and the trigger for this post:

http://travel2.nytimes.com/2005/09/04/travel/04tanzania.html?pagewanted=1

and another:

http://travel2.nytimes.com/2005/09/04/travel/04okinawa.html

Destiny Cable Internet SMS Number

To get Destiny Cable Internet to call me (in case of technical
problems),

SMS to 09175771111

MD [account name] [account phone number]

Very convenient since I have a cell phone and cell phone charges being
exorbitant in the Philippines, I'd rather not have to call them.
Besides, I don't know what the tech support number is and I'm too lazy
to look :-).

Windows Solutions

Long ago I saw a list of "Windows Solutions". I had it in my sigs and now I can't find them. Fortunately, I keep my old sig file around even though I don't use it anymore (I haven't seen a tool yet that will modify the gmail sig via cron).

Anyway, here they are, so I don't forget them, hopefully google will cache them and google can find them with "Windows Solution bopolissimus" :

1. Don't use Windows
2. Stop the program and start it again
3. Ctrl-Alt-Del and kill the program in Task Manager
4. Reboot
5. Uninstall the program and reinstall it.
6. Reinstall Windows and Everything else
7. Backup, format the disk, install windows, reinstall everything else, restore your data.

Charles Murray on The Inequality Taboo

http://www.commentarymagazine.com/production/files/murray0905.html

GoogleTalk

I was going to whine about GoogleTalk invites that I got. Three people invited me and when I read the invite it says that the client is windows only.

But on the GoogleTalk site there are indications that the protocol used is Jabber. And in the Help Center link (they really should put this information on the main site) there's a link to How to install GoogleTalk on Gaim. So I'm happy. I don't have the voice chat features of GoogleTalk. I wish I did. I'll probably figure that out at some point. Particularly since I've now got lots of bandwidth, enough for voice chat or video. But I'll do that some months in the future. I don't have a headset and mic setup and I just don't have the time to deal with that right now.

Zotob and why the victims deserved it

I didn't know anything about Zotobuntil days after it had been out. Well, two days after it came out. Or maybe three.

I have the same reaction as every other time something hits the Microsoft side of the world. Everyone who was cracked deserved it. If anyone was injured because a Microsoft controlled warship misbehaved, or maybe some sort of system in space stations, orbiters, space shuttles or hospitals injured or killed someone, well, the people injured weren't to blame. However, the armed forces, space or hospital agencies (and all those financial and banking agencies and power generating and distribution agencies) that chose to deploy and continue to use Microsoft software for anything mission critical are certainly to blame.

They should have patched.

They should have bit the bullet and spent the millions necessary to upgrade to the most current version (XP), and then they should have patched, once, twice, and three times. There would still be holes in there, but they'd not have fallen to Zotob (if they were still at W2K) or any of the various XP remote root attacks.

They could also have switched to Linux. I think that there's a lot of value in Linux for common office workers. They won't get windows viruses, they probably won't get any Linux remote compromises (since they're desktop users and most remote compromises are to commonly run daemons or to web based applications, which regular desktop users just don't run, and even if they got compromised, most compromises on web programs can't promote themselves to root, so they're limited to web page defacements which are embarrassing [to professional linux administrators] but probably unnoticed among regular users, if they even run web servers]).

There's a lot of value in Linux for server applications too, but those need to be locked down more seriously than do desktop systems. Although, generally, they're far less insecure than comparable windows systems. But this isn't an anti-windows rant. It's more a rant against unthinking windows administrators who aren't paranoid about their systems. Any administrator should always be paranoid. But windows administrators should be certified insanely paranoid. They'll get cracked anyway, but at least they'll do their best. And they'll get cracked less often. The amateurs who let Zotob into their systems should be fired and then shot as a favor to the gene pool.

One more reason why I shouldn't live in the USA

I was reading the Washington Post, and I saw:

This article about BooksFree.

It's not a *bad* thing about the USA (there are some bad things about the USA, people work too hard, there is no time for a life and everyone is chasing after their credit card debt, it's all too tense), but this isn't one of them. This is a *good* reason why I'm fortunate not to live in the USA.

This site is an instant entree into the poorhouse for me. I'd be a member instantly, and I'd never get any work done because I'd be reading so much. Maybe I'd have *two* subscriptions, thus receiving twice the number of books per month.

I need to work harder, so that I'll be able to either setup such a company (all those books right in my warehouse, free to read before I send them out) or retire and subscribe :-)

Oh, wait, the URL for that company is:

BooksFree

Chikka on Gaim, needs gaim-devel

There's been a Chikka plugin for Gaim for a while now. I got it to work some time ago, then reinstalled linux and never found the energy or need to get it to work again. It's pretty easy, but I got sidetracked by a desire to make it work with source built gaim rather than using the gaim that already came with my distribution.

I decided to look at it again from the standpoint of just getting it working instead of trying to make it smarter (so that it could detect where gaim was installed if it wasn't in the standard places, etc). When I last did that, I lost interest again since it didn't work.

Today I tried again and I realized that I probably needed to install gaim-devel to get chikka working. and after a:

urpmi gaim-devel

and a simple ./configure;make;make_install in both the chix and chix_gaim directories, i've got chikka functionality in gaim. Now, I don't think it's working yet. I can go online in chikka and i see when other people are online (they just received or sent a chikka message), but messages i send don't seem to be working. I'll need to look at this again some more. I'll probably get it working tonight.

anyway, installing chikka does need gaim-devel. Without it, i couldn't even get gaim to notice that it was possible to connect to the chikka network, or that chikka even existed.

Incredible Speed with Destiny Cable Internet

I was testing downloads overnight and I was getting speeds in the range of 200+ kBytes per sec, which is around 1.5mbps. I didn't think that was possible since I thought the modems themselves were capped at some level (even if destiny internet doesn't have a network appliance doing bandwidth capping per individual user). But I guess the modems aren't capped. I think I did hear mention of 1.5mbps being the physical limit though. Maybe the modems aren't capable of any more than that. But I'm going to test some more to see what the real limits are :-).

Boy, this is great.

Destiny Cable Internet

I need Internet access at home since, as a consultant, I often work offsite and while the QSR offices are close enough to walk, sometimes I just need to work past midnight or on weekends. I can still get to QSR on weekends, but it's just nice to be able to work from home.

I considered DSL (mainly, PLDT MyDSL), but i decided on Destiny Cable Internet due to price and the fact that PLDT MyDSL is capped at 384kbps while Destiny has no caps. Of course it's cable though, so the bandwidth is shared. Destiny just doesn't do any bandwidth capping at all. The management thinks that the thing to do is just to provide the bandwidth (their bandwidth is greater than they need,that is, they buy more bandwidth than actually distribute). I like that attitude, even though it might be better for me (or for the generic customer) to have a cap so that bandwidth hogs don't slow down everyone connected to the same node.

The service has been pretty good. I'm getting consistent downloads in the 400-600 kbps range. I haven't really been monitoring very much yet, or consistently enough. But I'm waiting to get to 1Mbps. QSR has destiny bandwidth too and once or twice I've seen downloads in the megabit range.

Of course, to people from the U.S. (all my brothers and my sister have been through here lately to be with my stepfather before his heart surgery) that's not much. 1.5mbps at home is pretty common there, if you're close enough to a telco switch. But 400-600kbps is great here. and i'm confident that Destiny will continue working on their line quality and will eventually keep me in the megabit range continuously.

Not that I can do all that much with that bandwidth. But it'd be great to have it when necessary.