30 Mar 2006

Comedy central, linguistics field station

Two different language notes on tonight's offerings from Comedy Central.

First, from the Colbert Report. Tonight's Wørd was "Merrier". The concluding bullet point—often a repeat of the Wørd—was "Marry 'er". With a setup like that, how could I not blog about this famous minimal pair? In a lot of dialects, including my own, "marry" and "merry" are completely homophonous, making this a good pun. But a significant percentage of American English speakers pronounce them differently (and some with yet a third pronunciation for "Mary", also homophonous in my dialect). So naturally, I had to bounce the TiVo back and forth to see what Colbert did with it. The verdict? Though I've heard even-more-distinct pronunciations, he definitely pronounced the two differently. I wonder whether he came up with the pun, or someone else? No dispositive evidence either way, of course, since puns work just fine even if the homophony isn't perfect.

Second observation: In tonight's South Park, Trey and Matt have to voice some characters as being hopelessly smug. The number one feature? Uptalk.

(Minor third observation: The park ranger comes up with a lovely construction at one point: "Well, you should have ... , shouldn't-you-'ve?" Sure, why not?)

"An interesting thing...if you remove Garfield's thought balloons, it goes from an unfunny comic to a rather sad, poignant story about a lonely man who has wasted his life talking to his cat." --Lakin Malich

Posted by blahedo at 12:03am | Comments (1)

25 Mar 2006

Change of plans

I totally just spent six hours working on my kitchen floor.

Earlier this week, I came to the sad conclusion that there was just no saving my kitchen floor—although theoretically possible, it'd just be too hard. See, after Kathy and I got the top layers off, we discovered three things: 1) the kitchen used to be three rooms, and where the walls were the hardwood floor isn't, 2) a lot of nails broke when we tried to pull them, and just wouldn't come out with pliers, so we had to hammer them in (rendering later sanding impossible), and 3) the bottom layer of grey paper was solidly glued to the floor in most of the room.

So I talked to the guy at Breslin's to come out and measure my kitchen floor for linoleum; we scheduled a time for 11am today. Last night, I wanted to tidy up the kitchen and get the last of the quarter-round out before he came.

I'm not sure what made me do it, but I scraped a bit at the spot I'd spread stripper over. I'd tried that earlier in the week, but when it didn't dissolve the paper and glue, I abandoned it. But tonight I discovered that after it dried the paper had become brittle and really easy to scrape. And, afaict the resulting layer requires no sanding.

This caused me to reëvaluate my plans.* Because now, I have a very real possibility that I could get the part of the floor that's not the former walls (conveniently near the cabinetry) restored as a hardwood floor. So I had to check on that, verify that the stripper was doing what I thought it was, and make sure that the grey paper and glue was uniform over that part of the floor. After six hours (!) of working on the floor, I'm fairly convinced that I can get a good-looking hardwood floor out of the part of the room past the cabinets, and near the cabinets where the floor is clearly bad, I can do the linoleum. (Credit to Kathy for the original idea.) I may have the guy do both measurements just in case, although he's probably going to have to order the materials on Monday, so the extra set of measurements wouldn't do much good.

Anyway, now I need to take a nap until he gets here. I am gonna be so sore tomorrow. Today.

*Yes, yes, I knöw.

"For all I know, someone put it together as a joke and sent copies around. It almost doesn't matter: the example is so perfect that mere existence could not possibly add anything to it." --Vicki Rosenzweig

Posted by blahedo at 6:21am | Comments (1)

22 Mar 2006

The bank fiasco

A lot of you have asked, so here's the skinny on my bank problem.

It started when I went to check my balance and saw this message. The relevant line is "Your initial password will be the same as your User ID...." Holy crap!

So, I sent a detailed email to the bank's address as well as to the two people I'd had previous email contact with. The email not only pointed out why that password policy was totally insecure, in case it wasn't obvious, but it detailed the steps they'd need to take in order to remedy the problem. This was Sunday night.

Monday morning, and no response, and no change on the site. Monday afternoon, I called the operations VP at the bank (who hadn't been on the original email). I introduced myself and explained the problem. After several minutes of her trying to claim that the system was not insecure and me explaining why she was wrong, she admitted that she had read my email (why didn't she say so before?) and had forwarded it to their IT person, who had "taken it under advisement". I confess to getting completely flustered at this point, and we hung up. I was just so amazed, and I still am, that officers of this bank are apparently the only people in the whole world that don't see this as a significant security breach.

Right before the close of business on Monday, she sent me an email. Apparently their IT manager had read the email and wished to respond, so she wanted to know if I'd be free for a conference call later this week, or an in-person meeting early next week. What is she, his secretary? He couldn't respond to me himself? I sent a response, giving more examples of why it's a problem, and letting them know that the thing that bothered me most was not as much the initial situation as their continuing casualness about the security of people's financial information.

The next day she sent me an email notifying me that her response was being sent via US Mail. I haven't the faintest clue why she couldn't send them via email, but anyway.

Today the letter arrived. It was more of the same. Some choice quotes:

"Only a current customer of internet banking or a person our customer shared their ID would know the formula, therefore the risk of who would have the ability to enter the system is negligible."
Gee, why even have passwords, then, if the usernames are so hard to guess? They aren't, of course. Out of courtesy to the bank's other customers (because I'm sure not feeling very loyal to the bank anymore), I won't reveal the whole scheme here, but suffice it to say that users have no choice over their account name, and it contains nothing but (deterministic parts of) your full name, followed by a number which is usually 00 (presumably a serial number).

"Your suggestion that the password should have been mailed or requiring clients to come into the bank has several flaws. Stealing someone's mail is still the highest form of identity theft today. Many of our clients do not live conveniently close by or keep hours that would allow them to stop by the bank to receive a new password. This method would prevent a vast majority of our clients from receiving a new password, and therefore, access to their online account(s). The idea behind internet banking is customer convenience."
The clear message here is that the bank ranks customer convenience as a higher priority than customer security, and furthermore that they are willing to sacrifice everyone's security for some people's convenience. Furthermore, she is implying that the security risks posed by thieves stealing mailed passwords are greater than those posed by simply giving the thieves the passwords outright. It'd be comical if it weren't so serious. The chilling punchline: "Our new provider is one of the top internet banking companies in the nation."

In an interesting recent twist, I notice that the page detailing the new password policy no longer exists—not only is there no link to it, they've actually taken the page down. I wonder if they randomised the passwords of the people who've not yet logged in? Because, as I told them, that's not enough; since this hole has been open for nearly three weeks now, they have to assume that even if an account has been used since the changeover, that might have been by a malicious user. So now I think they're trying to cover their tracks, perhaps realising the flaws in the original security, perhaps not, but still not willing to actually fix the security breach.

So, like I said, now seeking another bank. Hopefully local. But while being a local bank may win you warm fuzzy points, it certainly can't trump a complete disregard for information security. At this point, I can't imagine what they'd have to do to convince me to stay, after their thorough work at convincing me they are completely clueless about security and just don't care. I just hope their other customers are lucky enough not to fall victim to fraud and theft as a result of the lax security.

"That there is still a craving for occasional formality is evident on the two such occasions left for it---the prom and the wedding. It would be nice if the older generation could show them what it really is. A hint: It is not riding around town in an impossibly long and expensive car, throwing up." --Miss Manners

Posted by blahedo at 10:54pm | Comments (1)

21 Mar 2006

For LaTeX help...

I've stumbled across the site before, but didn't bookmark it. The problem is, it doesn't seem to pop to the top of google searches unless you get just the right query, so I keep losing it; and then when I do go looking for something I just end up with yet another mirror of the main LaTeX2e documentation.

So I figured, hey, post it here and it will not only benefit from a smidge more Google karma, but also, I'll be able to search the archives of my blog next time I need it. :)

Hypertext Help with LaTeX

That's all.

"Worcestershire sauce CURDLES MILK. I had not known that before, but I will not forget. And now you know too. Do not forget!" --Eva Sweeney

Posted by blahedo at 2:25am | Comments (1)

20 Mar 2006

Shopping

I should be working on my syllabi, but what am I doing? Shopping for a new bank. Details later, but it's a doozy.

Readers in Illinois, remember to vote in tomorrow's primary!

UPDATE: the whole story.

"Senator, when you took your oath of office, you placed your hand on the Bible and swore to uphold the Constitution. You did not place your hand on the Constitution and swear to uphold the Bible." --Jamie Raskin

Posted by blahedo at 10:14pm | Comments (1)

15 Mar 2006

Kitchen cleared

My kitchen is now empty, or at least visibly so. There's still a bunch of stuff in the cabinets, but all the tables and such are moved out, and the counters are clear. I think I'm all set to get started on tearing up the floor now; hopefully the timing will work out so that I can get this all done before the start of the term. I'm not looking forward to the temporary dining-room-as-kitchen arrangement becoming any more long-term than absolutely necessary. :P

"To be sure, being forced, physically or through peer pressure, to 'chug' beer is not an obstacle. It's a stupid, dangerous, self- destructive act. Who's more of a pansy? The guy who won't chug the beer, or the guy who lets himself be browbeaten into a pointless and stupid act?" --Scott Harman

Posted by blahedo at 5:31am | Comments (0)

14 Mar 2006

A private message

To my CS 262 students, whose exam I am grading right now:

Would it kill you to read the directions once in a while? I mean, are you trying to annoy me by making it harder to test your code? Because honestly, it's usually not a good idea to actively annoy people who are trying to come up with a grade for your work. Not if you want a good grade for that work, at least. You should probably consider yourselves lucky that I'm a softie and, despite running on no sleep, am bothering to correct the simple errors in your interface so that I can assign a fairer grade for the body of the problem.

But I'm still pretty annoyed about the whole thing.

"Everyone knows the Painful Chill of Nonexistence. That's high school." --Sam Heath

Posted by blahedo at 6:13am | Comments (4)

13 Mar 2006

Dance, dance, dance

Knox sent eight people to the Cyclone Ballroom Classic this year. As usual, the ISU Ballroom Dance Company put on a nice competition at the best venue ever. I think some of the team was a little disappointed, because there wasn't as much placing as last time, but happily, they aren't discouraged—they are all going to Northwestern's competition in three weeks, and are determined to keep getting better.

Andrew and Dana did a fabulous West Coast Swing, taking first in the bronze division. I think that's better than I would've done. :) I got a trophy because Kathy and I were the only ones up to the task of competing all 19 dances. Which seemed a little cheap until I realised that the reason that the others didn't compete all 19 was because they knew they wouldn't look very good. So, there's something to that. Continuing a lifetime trend for me, my best placement was in a fun dance: reverse-role cha, led by Dana; we made the callback to the finals and then placed second. Dana then turned around and followed Jennifer, the ISU coach, in a Jack-and-Jill waltz, getting called back twice and placing fourth!

The real highlight of the competition was in many ways the workshops the next day. The judges gave eight hour-long workshops on everything from Paso to Peabody, and Knox folks were at nearly all of them. It was nice to hear them repeat a few things I'd been telling them, but it was even better that the judges were saying things that I hadn't gotten around to saying (or didn't know!). We really need to figure out how we can get up to a professional studio every now and then to get lessons from a pro.

"I'm "that" guy at an Oscar party.... I make fun of dresses and awkward (stuff) like the rest, but it quickly deteriorates into rants about the ignorance of our society and how lame it is that we are watching this crap. I usually am banished to the kitchen by the costume designs." --Justin Kaufmann

Posted by blahedo at 7:48pm | Comments (0)

9 Mar 2006

Container ports

This whole ports business is a fascinating study in political positioning, and a great game of "who's paying attention?". It'd be funny if it weren't so deadly serious.

I think every person can be spotted a first reaction that objected to the deal. It's a knee-jerk, but a relatively reasonable one: "What? The Emiratis are taking control of our ports? No way!"

Then you start to settle back and think about it. Maybe you're a little ashamed at prejudging the situation; not all Arabs are bad, after all. And the Dubai company wouldn't be in charge of security any more than the current London one is—as several pundits have commented, we'd still have the same crappy security we've got now. And as Arab nations go, UAE is a comparatively moderate one. It's no Iran; it's not even a Syria. So maybe Bush was right to fight to approve the deal.

But while the initial knee jerk didn't pan out, the subsequent reflection on the idea turns up some puzzling facts. Even if Bush was strongly in favour of this deal, why does he feel so strongly that he'd use his first veto ever over it? And the ownership of the company is worse than just some Arabs based in Dubai; we'd be turning over control of five major ports to, in part, the government of Dubai. Who, it turns out, would not be required to keep records on American soil, where they'd be subject to US subpoena—as virtually every other major offshore company operating in the US is required to do. And finally, if the company was really vetted like Bush claims, and the dossier says what Bush claims it does, I guess I'd be less worried than otherwise, but wait: we've been down that road before. W has demonstrated, repeatedly, that he is willing to massage the data and flat-out lie about reports he's been given, so we really shouldn't just take his word on this.

I'm a little nervous about the involvement of a foreign government in the running of the ports, but if a careful investigation decides that this doesn't pose a risk, then I think I'm ok with that. I'm just very glad that this grand hoo-ha has forced there to in fact be a careful investigation, first.

And I'd really like to revise that agreement to force them to keep onshore records. You know, just in case.

"For now, suffice it to say that making the users of your design unhappy is not likely to be precisely the result you were looking for, unless you're designing a French film." --Joel Spolsky

Posted by blahedo at 5:41pm | Comments (2)