The day, the comic died?

“Parisienné Pie”

“Charlie Pie”?

[Intro]

A long, long time ago

I can still remember how that comic used to make me smile

And I knew if I had my chance

That I could make those people laugh

And maybe they’d be happy for a while

But January made me shiver

With every news that was delivered

Bad news on the doorstep

I couldn’t take one more step

I can’t remember if I cried

When I read about all those that died

But something touched me deep inside

And yet the jest survived

[Chorus]

So bye-bye, Miss Parisian Pie

Drove my Peugeot to the levee, but the levee was dry

And them good old boys were drinkin’ pernond ‘n Wine

Singin’ “This’ll be the day that I die

This’ll be the day that I die”

[Verse 1]

Did you write the book of love

And do you have faith in God above

If the Allah tells you so?

Now do you believe in rock and roll?

Can laughter save your mortal soul?

And can you teach me how to dance real slow?

Well, I know that you’re in love with him

‘Cause I saw you dancin’ in the gym

You both kicked off your shoes

Man, I dig those rhythm and blues

I was a lonely teenage broncin’ buck

With a pink carnation and a pickup truck

But I knew I was out of luck

The day the comic died

[Chorus]

So bye-bye, Miss Parisian Pie

Drove my Peugeot to the levee, but the levee was dry

And them good old boys were drinkin’ pernond ‘n Wine

Singin’ “This’ll be the day that I die

This’ll be the day that I die”

[Verse 2]

Now for ten years we’ve been on our own

And moss grows fat on a rollin’ stone

But that’s not how it used to be

When the jester sang for the king and queen

In a coat he borrowed from James Dean

And a voice that came from you and me

Oh, and while the king was looking down

The jester stole his thorny crown

The courtroom was adjourned

No verdict was returned

And while Mohammed read a book on Jesus

The quartet practiced in the park

And we sang dirges in the dark

The day the Comic died

[Chorus]

So bye-bye, Miss Parisian Pie

Drove my Peugeot to the levee, but the levee was dry

And them good old boys were drinkin’ pernond ‘n Wine

Singin’ “This’ll be the day that I die

This’ll be the day that I die”

[Verse 3]

Helter skelter in a summer swelter

The birds flew off with a fallout shelter

Eight miles high and falling fast

It landed foul on the grass

The players tried for a forward pass

With the jester on the sidelines in a cast

Now the halftime air was sweet perfume

While the sergeants played a deathly tune

We all got up to laughter

Oh, but we never even got the chance

‘Cause the players tried to take the field

The marching band refused to yield

Do you recall what was revealed

The day the comic died?

[Chorus]

So bye-bye, Miss Parisian Pie

Drove my Peugeot to the levee, but the levee was dry

And them good old boys were drinkin’ pernond ‘n Wine

Singin’ “This’ll be the day that I die

This’ll be the day that I die”

[Verse 4]

Oh, and there we were all in one place

A generation lost in space

With no time left to start again

So come on, Jack be nimble, Jack be quick

Jack Flash sat on a candlestick

‘Cause fire is the devil’s only friend

Oh, and as I watched him on the stage

My hands were clenched in fists of rage

No angel born in Hell

Could break that Satan’s spell

And as the flames climbed high into the night

To light the sacrificial rite

I saw Satan laughing with delight

The day the Comic died

He was singin’ bye-bye, Miss ParsianPie

Drove my Chevy to the levee, but the levee was dry

Them good old boys were drinkin’ pernond ‘n wine

And singin’ “This’ll be the day that I die

This’ll be the day that I die”

[Outro]

I met a girl who sang the blues

And I asked her for some happy news

But she just smiled and turned away

I went down to the sacred store

Where I’d heard the jest years before

But the man there said the laughter wouldn’t play

And in the streets, the children screamed

The lovers cried and the poets dreamed

But not a word was spoken

The church bells all were broken

And the three men I admire most

The son, Son and the son,

They caught the last train for the coast

The day the laughter died

And they were singin’ bye-bye, Miss Parisian Pie

Drove my peugeot to the levee, but the levee was dry

And them good old boys were drinkin’ pernond ‘n  wine

Singin’ “This’ll be the day that I die

This’ll be the day that I die”

[Chorus]

So bye-bye, Miss Parisian Pie

Drove my Peugeot to the levee, but the levee was dry

And them good old boys were drinkin’ pernond ‘n Wine

And singin’ “This’ll be the day that I die”

—

On the courtesy of Don McLean http://www.azlyrics.com/lyrics/donmclean/americanpie.html this has been edited to suit the current discourse.

The Day the Music Died, dubbed so by a lyric in the Don McLean song “American Pie”, is a reference to the deaths of rock and roll musicians Buddy Holly, Ritchie Valens, and J. P. “The Big Bopper” Richardson, in a plane crash near Clear Lake, Iowa, on February 3, 1959. Pilot Roger Peterson was also killed.

-thank you rysiek.

Doctors, emails and blood test results: Sensitive medical data on the Internet

I went to the doctor’s not to long ago. A very nice office, good service even though I had to wait.

While waiting I had to do all sorts of paperwork. Sure, okay, not big deal. The last pice of paper requring my signature was a form where I would agree on receiving the results of any medical tests they wouldrun (urinetests, blood tests etc)…

via email.

They wanted to email me the results of sensitive medical tests.

I did not sign that piece of paper. I quickly asked if they were sending this information via encryption, but the assistant didn’t reply.

Are doctors usually sending sensitive information via email? Is it a common practice? There are so many things wrong with doing this. So many things.

First of all, I don’t know how the medical data is stored in the Doctor’s system. Ideally, it should only be stored on a computer which is only connected to an intranet — not the Internet. A computer with Internet is an accessible computer. By accessible I mean it can be hacked, it’s part of the network of all networks.

Secondly, I don’t know who hosts my Doctor’s mail. Is the Doctor using a service run by google or some other big company? Do they self-host? Is it something private medical secret mail service they have within the secret sect of Doctors?

Thirdly, the Doctor doesn’t know what kind of mail service I use. Is it hosted by google or yahoo? What does it mean to send plaintext email stuff to google? or Yahoo? Especially if it is then composed and sent on a google client as well.

Fourthly, the email is not going to be sent encrypted. I’m going to say that as a fact, because on the piece of paper noone asked me for my public key or fingerprint.

If my doctor is sharing my medical information with a third party — aka Google, isn’t that a breach of confidentiatlity? Isn’t it a bit scary thought that we are allowing doctors- just because people don’t know anybetter — to send potentially really *REALLY* sensitive medical data to the Internet. To services I don’t have any control over– they don’t have any control over. And not even using the technology available in order to make it encrypted on other people’s servers.

Doctors and medical staff — definietly next in line for those who need proper infosec training.

Translating the anti-porn vs Censorship debate: The use of Ad-block

Have you ever wondered how downloading sites such as the Pirate bay or whatever downloading or streaming sites look like without ad-block?

They look like this. A gif of a young woman being fucked from behind and some provocative manga.

The Pirate Bay Porn

Why am I pointing this out? Because most nerds who say “don’t censor the internet” are already censoring the all ads on the Internet with an opt-in adblock filter. This gets rid of provocative advertisements on webpages such as the Pirate Bay, and other annoying ads on normal news sites and what not.

However, not everyone are aware that it exists or how it functions.

There is a prevailent argument about porn in this “protect the children” debate on the Internet, made by anti-porn/pro-child-safety activists: ‘Some webpages are forcing pornography or provocative images to our children…’ and elaborating that this is or can be harmful for children and teenagers as it does not present sexuality in a positive way, promoting consensual sex, use of protection and what not.

Nerds don’t see those advertisements. Because they, more often than not, use adblock. Angry moms who are vehmently against pornography, are referring to those advertisements, the ones that the nerds don’t see. So when they are asking to censor the internet, they don’t need one big mega filter. They need ad-block, but nerds say, no you can’t censor the internet.

But the debate about porn and internet censorship is usually like this:

Anti-porn: “Let’s put up a filter to censor the porn on the internet!”
Anti-censorship: “No you can’t censor the internet, it’s wrong”
anti-porn: “But porn is harmful!”
Anti-Censor: “But censoring is harmful!”

This debate is not really useful, because two not too well terms are being put forward, without trying to understand where people are coming from and what the problem actually is.

Of course there is a wide range of how far people will go in wanting to censor pornography — however, the nerds, who are usually quite vocal on not censoring the internet in my experience, are already censoring parts of it. The ads. They do not realize this.

So, to raising the debate to another level it is more constructive to try and figure out what it is they want to block. Is it that there is, in fact, porn advertisements on the websites they or their children frequent? In that case you can mention that you filter those out with adblock.

Is it that you’re worried about your son or girl watching hardcore porn? Well, I’m not the parent, but whitelisting is definietly possible on your router.

If they have problem with the porn industry as it is, well. Then adblock won’t help you, nor a megafilter.

So: Ad-block is a form of censorship which can be used to minimize expose of crude ads you do not wish to see. Use it and help people to use it, cause even if there’s a time and place to watch porn, you don’t necessarily want to be exposed to it whenever you download a car.

#pray4encryption — #pray2encrypt

Encryption software and internships have one thing in common: They have ridiculous high demands.

When applying for a straight forward office internship, one needs to have fluent demand of at least three languages, being able to fly a Boeing 747 while stewarding the plane and willing to fetch coffee, do the laundry and clean, preferrably for free but otherwise a small stipend will be provided.

Encryption software depend on you to have at knowledge of the command line in your operating system, two programming languages (HTML is markup language so that doesn’t count), to be able to read thoughts of the programmer who made it, and being extremely good at solving puzzles Indiana Jones style, when you’re just trying to read your damned email.

Just as one simply does not just walk into Mordor, one does not just use TOR, PGP, Pond or whatever the newest trend is. It is probably more difficult to use this software than to get a paid internship at the UN. It is simply not for beginners to figure out how to configure TOR bridges, install Tails or understand that the Seahorse program is connected to your encryption keys.

And yet everybody says:
“Use Tor!”
“You have to use PGP – blah the most recent Snowden revelations!”
“We just have to teach users good internet hygiene!”
“Free and open operating systems are morally superior than those of the big corporate giants!”

As much as I agree with this, those arguments fall like a house of cards when thoroughly examined. One big point has not been taken seriously by the free and open source software community developing a substantial part of these tools.

User interface
Communicating how the software is to be used is a far more necessity than to brainwash people into believing that encryption is the way to go. The brainwashing part is easy, but as it is today, I don’t have much to show when people ask me for advice on secure communication tools. There is simply nothing there with an acceptable user interface I can recommend to people.

The current state is more or less useless, because, it cannot be used by normal human beings.

It is important that the developers of tools enabling more security on the Internet realize that if they fail to communicate how the software is to be used, set up, or function it is a bug. It’s not a bug in the code, but a bug in the wider sense of the function of the code or the system – It is a Human Relation Bug and involves the step which actually makes the software work: By being used. Software not used is failed software and the responsibility is not on the user’s end to learn abstract techology, but on the developer’s end to communicate their intentions to humans.

The problem which result in Human Relation Bugs can be classified into three main problems:

a) Communication
b) Assumption of different startpoints when starting to explain what you’re supposed to do
c) It is simply not expected that a non-technical user is using the software.

Communication
In most cases the problem is the communication from the software developer to the user is lacking. This can sometimes just be fixed by updating the text on the webpage with additional information, or clarify in the program what a certain action actually means.

What does a ‘signature’ mean? For most people it means what you have on the bottom of your email, not that you have done a proper key exchange of electronic signatures via a third party program. What is a bridge? What was the name of that program again where I can look up keys? What’s a certificate?

Different expectations
Sometimes it is different expectations of the start point. It is not logical, just as the linux downloading instructions for Tor, that you’ve to enter the downloads folder via terminal for doing the demand line to start it up. Neither is what the LANG means in the instructions. If I am trying to connect to the Internet through the Tor Browser, the instructions of the more advanced settings are ambiguous.

They assume that you already have secure enough access to the Internet to be able to mail them should you need any help to configure for example, Tor bridges. This is a single point of failure which could easily be mended by adding, let’s say, a free phone number which can be called in emergencies. Access Now is currently running an emergency service like that, but that information is not included anywhere on the Tor Webpage nor when you’re actually in a critical situation trying to connect to the Internet via the Tor browser.

Non-techies not Welcome
Other times, it’s just assumed that the technology is not used by non technical people. The instructions are based on documentation of the code, it is assumed that you can do whatever the coder was doing and have good command on the highly specialized language, including various abbreviations.

It is simply not assumed that a non-technical person is using Linux to download Tor. This can be concluded when comparing the instructions on downloading tor for Windows, OSx and Linux. The Windows and OSx do have graphical installers, quite straight forward. The Linux version, however, relies on command lines. In addition to the abstractness of using command lines, they don’t include that you’ve to do something like ‘cd Downloads/Tor-Browser-Bundle’ and then press enter and then follow the instructions. The Tor Browser Bundle for does not come with an icon either, so I actually have to Google “How to start Tor on Linux” to restart it.

If it is to be used – Make it usable
If the software should be used it has to be usable to the general public. That means the graphics, the text, the communication and analyzing how people think and understand computers is essential. It is essential to make it actually work – as in being used on a normal human being’s laptop, you know, the kind that thinks Google and Facebook is the Internet.

Until then, all I can do is to pray for encryption. That’s how bad the user interface status of the current encryption technology is.

Adventures in Free and Open software land (Part I)

Once upon a time many many years ago, there was a little girl who had a dream to start her own webpage where she could rant about the things she felt worth ranting about. She had been thinking about it for quite some time and figured out what would be the sensible thing to do:

1. Buy a domain
2. Get server hosting
3. Self-host your webpage
4. Get a self-hosted email with nice @somthing.is behind!

The domain was bought, the server hosting was decided. The domain from just ISNIC, the one that sells the .is topdomain. The server hosting would be 1984.is, a hosting with good reputation. Although the first steps were seemingly easy, her dream gradually became a nightmare as the jungle of Free and Open source forest is not keen on little girls who want to wander around. 

After spending weeks trying to learn HTML and CSS, as a responsible blogger should do, she finally gave up and decided to stay away from that path. This was simply not something the little girl wanted to do. The problem solving didn’t give her any pleasure and even though she was learning something, it didn’t give her any joy. It was like for someone who hates going shopping to spend two weeks in a shopping mall, trying on all the clothes. Her frustration was great.

As she was trying to stay away from the closed, from the big and from the dominants of the webpage world, such a tumblr and wordpress, she decided to give Ghost a chance. Sure, free enough, open enough, on github and it actually looked nice. She felt like she’d soon be able to start her own webpage that wouldn’t make all the other girls and boys in school laugh at her.

The first wolf on the road was that it was impossible for the little girl to install it on her computer without help. It was impossible for her to run it without help. It was impossible for her to navigate through the Ghostly forest without attention. Surely, there were some White Riders that offered her help as she was lonely on the dark, cold road to the Free and Open Softwareland. Where beer is free and wasps are bees, rainbows, unicorns and whatnot.

The little girl felt desperate — feeling like she had lost her independence and autonomy on the way, dependent on White Riders of the forest of the Internet, she lost hope. She finally lost hope after weeks of trying and strugging to change background colours or uploading new ghostly themes. The little girl had been trying for years to stay on the side of the freedom, but the road to Commercial Darkness-land was just much faster. More convenient.

There fore, this blog was accidentally born. Not because of longing or want to be yet another wordpress blogger. Nay, the little girl had for a long time tried to stay away from that faith. But in order to be heard, she had to have a voice. WordPress gave her voice, a voice no longer strained by directions on opening terminals and typing something in.

The dream had come true. She had a voice.