Today, Apple empties my pockets


It has been a big day for Apple products. The iPhone 6, 6+ and AppleWatch all popped in to existence… sort of. These products in and of themselves are little more than tech kitsch. However, they have a game changer.


Apple designed ApplePay to replace credit cards. I will not need to bring cards with me for payment anymore. I do not carry cash and will not carry cards. The only thing I will need to have with me is ID. Imagine how much less I will have to carry around with me in my daily life.

With the AppleWatch I can open locked doors, like the front door of my house. I can start my car. I can unlock…

In fact, there is my kick starter idea. I will build a lock that is unlocked by the AppleWatch. It will replace combination and key locks. It will have a rotary dial (like a combination lock) connected to a generator that will provide enough power for the lock to receive and process data from the watch.

In this way someone at the gym will not have to even keep a key with them while running, playing racquetball, or swimming.

Will I pay $350 for a watch? I do not know. I do not wear one now. I can say that Apple has provided me with motivation though. No keys, no cards, and empty pockets ;)

Andrew Brown – The argument for Muslim babies?


Some Muslims will never speak of “converts” but only “reverts” because they believe that everyone is born a Muslim, even if some babies have this truth hidden from them by their parents who tell them they’re Christians or atheists.

The problem with this argument stems from an unsubstantiated claim regarding Allah. In order for this statement to be true, Allah must exist. The author assumes this is the case and offers no substantiation. When the first sentence in an article requires a logical fallacy it is unlikely that anything logical or truthful will be derived from it.

And there’s a style of atheist rhetoric that makes exactly the same point. To take two random examples from my recent Twitter stream: Joan Smith wrote: “I’m not convinced there are Muslim or Christian children. They have religious parents, but should be able to decide when they grow up.” And Richard Dawkins wrote: “When you say X is the fastest growing religion, all you mean is that X people have babies at the fastest rate. But babies have no religion.”

But there are no atheist babies, and certainly no agnostic ones.

How come my son was not born believing in Zeus or Thor? How come my daughter does not know about Vishnu or Budha?

This is for two reasons. The first is that if we’re going to be consistent, and to demand that babies only be ascribed identities that they themselves embrace, there are no German, British or Chinese children either.

The comparison is not the worst attempt at a false analogy I have ever seen. First, religion or belief has nothing whatever to do with genetics. You are comparing belief to genetics. I can look at someones DNA and tell where their ancestors came from. I can not look at someones DNA and tell if they are Hindu, Christian, or Muslim. Next, you do not embrace a lack of belief any more than you embrace a lack of a hobby.

There are simply the children of German and English and Chinese parents, who will in due course learn the habits and the rules of the cultures around them and grow into their parents’ language, nationality, food habits – and religious opinions.

Oh, so you are not talking about genetics, you are talking about culture. And based on what you just said (religious opinion) you concede that your entire argument is false.

The way in which they express these will become more subtle and more interesting as they grow up – or at least we can hope it will – but the fact remains that babies are entirely anchored in the world by their parents.

As you are pointing out babies learn about culture (including religion) from their parents. Before they learn religion, they have no religion. Therefore, as your own argument points out, Dawkins is correct.

But you don’t get Dawkins and Smith complaining because people talk about “Chinese babies”.


They think religion is different. Well, it is.

No kidding, as you have pointed out it is taught, and it is trained.

For one thing, and despite the existence of loathsome and barbaric laws against apostasy, in most of the world it’s much easier to change your religion than your language or nationality.

“Apostasy” would only be loathsome or barbaric if you had started by proving Allah existed. Neither you, nor anyone, has done so. So those laws protect people from charlatans that lay claims that are unfounded and unproven.

It is generally accepted that changing your religion is a human right, but changing your nationality is not.

Okay, so you have demonstrated another way that you used a false analogy.

The big difference is that religions usually make it hard to leave and nationalities usually make it hard to enter.

No, that is NOT the big difference. That is one of many differences. You are a very confused individual.

But in neither case does an individual get to choose as if no one else were involved.

Actually, someone can decide to leave a religion without consideration of anyone else. It happens all the time. You even mentioned it earlier talking about “Apostasy.”

To imply that babies have a default theological position of atheism is as silly as assuming that they have a default language or nationality.

No, this would be like saying they have no default language (which they do not). Your comparison to nationality is unwarranted and has already been identified as a false analogy.

Of course, in an environment where religion is regarded as weird and old-fashioned, children grow up atheist because that’s what their parents are. They don’t think about it. They may have profoundly superstitious and unscientific beliefs, but they will think of these as rational and atheist because that’s what – they know – all decent people are.

Since you do not seem to understand what an Atheist is, I will help you out. An Atheist is literally man without god. When we use the term Atheist we are talking about someone that has not been provided with adequate evidence that there is a god or god that exists. This has nothing to do with superstition, or holding unscientific beliefs. An Atheist would simply state that you have not done an adequate job of proving a god or gods exists.

This is a perfectly sensible piece of conformist time-saving – life’s too short to live without prejudice – but it isn’t a reasoned rejection of belief after serious consideration of its possible truth.

Your posit is wrong therefore your conclusion is wrong.

There is another reason why babies can’t be atheists or agnostics.

In neither of the quotes you provided did anyone say anything about agnostics. I will assume for the rest of your argument you mean atheists only, since that is all that was implied.

Everything we know from science shows that supernaturalism comes naturally to children.

So does imaginary play. Like religion.

It is not just that they believe much of what their parents and the surrounding societies tell them: they show a preference for remembering and transmitting stories that defy scientific rationality. So do we all, unless we train ourselves out of it.

So the basis of your argument is that because some people of a certain age have a preference for fiction that does not correspond to reality, we are supposed to agree that it is the “normal.” Great, why do Muslims get preferential treatment in this instead of the Greek pantheons, Hindus, Christians…

To reach the state where you can really reflect critically on your own beliefs – rather than simply understanding that your parents are deluded old fools – takes a long time if it ever happens at all. As Bertrand Russell observed, many people would rather die than think and most of them do. And that is why no one can really be called an atheist or an agnostic until they have grown up.

Your conclusion has no support. You have failed. An Atheist is someone that does not believe in god, a baby can not understand the concept of god. You posit that though a baby can not understand the concept of god, they believe in (your specific god), anyway, and you state this with no proof.

Andrew Brown – Thank you for the opportunity to practice dismantling arguments.

Yesterdays work for tomorrow…


And now I submit the top half of Printrbot simple.




This is a project that I will finish on Friday. I receive the volume upgrade then. I will be printing on a metal heated bed, using a simpler design than most 3D printers, for lower cost, and similar quality.

To make this clear I feel that the 3D printing revolution is in desperate need of a Steve Jobs. Someone to make a printer for, “the rest of us.” One that, “just works.” Until then I will enjoy figuring out everything that this little joy can do. And yes, there will be pictures.

LOOK! I live in the future (well almost)….


You have likely read of the exploits of my 3 year-old daughter. We went to the Denver Mini Maker Faire on the weekend of May 3rd and 4th. This is a follow-up to tell you what I have been doing since then. 3-D printing is now what the home computer industry was at the end of the 70’s. While I was at the Faire I saw and smelled many 3-D printers. Despite the smell I decided to see if I could find one to fit in the budget.

Make did a special on 3-D printing. I purchased it, read through it, scanned it, flipped through it, looked for other articles on-line to compare to, and purchased the digital version on my iPad Mini. All my reading kept coming back to one printer. I slowly, deliberately, and unremorsefully fell head over heals for the printrbot simple Maker edition. I found one for $250 and snatched it up.

This was the work I did on Friday, May 16th:


Here you see the circuit board with some cables plugged in. In front of the bottom of the circuit board there is a metal rod popping up. That is the Z axis (up and down) motor. On the left are some steel cylinders. These are the bearings for the X axis (left and right). I will be sliding 10″ steel rods in them. The printer table will sit on these steel rods.


On the left is the logo for printrbot. The back of the pc board is logo’d. The total height is about 6 inches (at this point). This is not a large printer folks. The surface construction is laser cut plywood. This is convenient because it glues together with bolts holding stress points.


The little sanding drum that is sticking out is the X axis motor. Between the bearings there is an end stop switch . This way the bot knows when it can not pull any more.

This was an hours work, at a leisurely pace, late one Friday night. I ran into a problem with a power connector that I solved to my satisfaction.

This reminds me of seeing the Apple 1 in a wooden case.

Denver Mini Maker Faire Day 2


Let me open by saying,”May the fourth be with you.” Abigail wanted to start with another picture of R2-D2. I think she has a crush on him ;)

Next she wanted to go look at the SteamPunk shop again. She found some jewelry she really liked, and Sam was kind enough to let her try it on for a picture.


After we got the pretties out of the way, Abigail wanted to play fetch with some of the robots.

She would have done this for hours. It is really neat to see her interacting with technology this way. I look forward to the day that a company comes along and does for robots what Apple did for computers in the late 70’s.
CubeCraft was a must stop as well. Abigail loves to build with blocks, and these innovative toys kept her focused. That is an impressive thing for a toy to do to a 3-year-old. I look forward to hearing from Jeremy that these toys have gone in to production.

Abigail enjoyed creating a glove monster. The lady that helped her do this was an angel. Sadly, I did not get her name which is more a reflection on my skill than hers.




We got to visit one of my favorite booths at the Maker Faire. SparkFun is one of the best bunch of individuals I have seen in the business. They truly understand that they are interacting with people who want to build it better. SparkFun went out of their way to do this, not just by teaching soldering. They offered a kit (free of charge) that you could solder, and have a game (Simon), watch (LED screen), or a little “bug.” We picked Simon.


Passing one of the booths we saw airplane kits. These interested her. Abigail asked the lady that ran the booth if Abigail could build one. She got to work showing my little girl how to put together an airplane. Abigail could hardly wait for it to dry to go outside and try it out. The plane will survive long enough for Abigail to get some use out of it.

At the end of the day, why does all this matter? My three-year old said it best, “Daddy, can we turn off Dora and build a project?” One girl who want’s to do more than she sits and watches. I would have bought three tickets for the Faire had I known that it would spark in her little heart the desire to talk to people, ask what they are doing, and then…

Do it herself.

Denver Mini Maker Faire: Day 1

Denver Mini Maker Faire


Abigail went to her first Maker Faire today. It was my first Maker Faire too. This was also the first Maker Faire in Denver. To start off the show, we got a picture with R2-D2:

While wandering around we got to make different types of art. First we used a styrene paper plate as a plate in a printing press. Later Abigail got to make a sculpture out of colored junk.

Next, she built her own toy selecting parts from 4000 pounds of used and discarded toys.

She went on to paint part of a mural that other children assisted with and worked on.

A more creative day together I do not think we could have had. I got to stop at the SparkFun booth, and look forward to visiting there again tomorrow. My favorite booth was Mago’s Magic Shoppe, oddities and curios. It had the right flair to provide many of the props I will want when telling stories of a Lovecraftian nature.

Denver Mini Maker Faire: Day 2

A reply to Ranum’s 6 Dumbest Ideas in Computer Security


A student in a security class offered a link to Ranum’s blog.  Having not overused the material there before, it seemed like a good starting place was The Six Dumbest Ideas in Computer Security.  The next six articles will address the ideas presented by Ranum, with arguments explaining mistakes and misconceptions.  Below is the opening to the article in question.

#1) Default Permit

This dumb idea crops up in a lot of different forms; it’s incredibly persistent and difficult to eradicate. Why? Because it’s so attractive. Systems based on “Default Permit” are the computer security equivalent of empty calories: tasty, yet fattening.

The most fundamental concept of Information Security is the CIA triad.  Confidentiality, Integrity, and Availability are the components of this triad.  “Default Deny” is more commonly called Implicit Deny in the Security Industry.  In teaching and explaining Information Security it is helpful to use generic terms people are more familiar with.  So do not mistake my mentioning this as an attack on the author.  In fact, a simplification may help in explaining Implicit Deny.

Using a Subject, Verb, and Object relationship we can break down security concerns and see the “how and why” of each.  Let us start with Implicit Deny showing its components.  No subject is allowed to verb an object unless there is a white list (a subject that is a list of subjects) showing that the subject in question (now an object on a list) is allowed (the verb).  In essence “no person is allowed in, unless this list says they are allowed in.”  Please note this is a function of access only.  It is not a function of what you are allowed to do to an object.  Implicit deny only concerns itself with if you are allowed access, NOT what you are allowed to do with access.

Now to explain the problem with Ranum’s thinking.  The first problem occurs here:

The most recognizable form in which the “Default Permit” dumb idea manifests itself is in firewall rules.

By definition there is one difference between a firewall and a router.  When a packet with an unknown network arrives at a router, the router has a default action.  That is that a router will pass this packet down a default route.  This is in effect the “default allow” that Ranum is talking about.  A firewall by comparison does not have this default action.  When a firewall receives a packet it checks against a list of rules.  If there is no rule present for what to do with the packet, it dissipates as heat.  That is, the firewall drops the packet.

The author’s first example is inherently contradictory to the function of a firewall.  The function of a firewall is based entirely on Implicit Deny.  Now we see more confusion on the part of the author:

Back in the very early days of computer security, network managers would set up an internet connection and decide to secure it by turning off incoming telnet, incoming rlogin, and incoming FTP.  Everything else was allowed through, hence the name “Default Permit.”

A router did this, NOT a firewall.  A router would be configured with an ACL (Access Control List) that limited connections based on a port number or source and destination addresses.  This is why there was a default permit function, it was a router NOT a firewall.  I bothers me that a security researcher would make such an oversight.

Suppose a new vulnerability is found in a service that is not blocked – now the administrators need to decide whether to deny it or not, hopefully, before they got hacked.

Maybe like the web service?  Should we shut the web server down?  Is that REALLY the recommendation you are making Ranum?  What about availability?  What do I do to make sure that my on-line business continues?  What recommendation ARE you actually making?

A lot of organizations adopted “Default Permit” in the early 1990’s and convinced themselves it was OK because “hackers will never bother to come after us.” The 1990’s, with the advent of worms, should have killed off “Default Permit” forever but it didn’t.

Either you are not making one, or you are telling me I should just stop web traffic.  I would also like to see some supporting documentation for your assertion that:

In fact, most networks today are still built around the notion of an open core with no segmentation.

The risk and liability alone would make this unbelievable.  Please, offer some documentation for this assertion.  Information Security practitioners often are skeptics, so do not be surprised by a request for the source of this claim.

Ranum moves on after providing some fear.  It is time for us to consider how this is more than just a problem with networks.

Another place where “Default Permit” crops up is in how we typically approach code execution on our systems. The default is to permit anything on your machine to execute if you click on it, unless its execution is denied by something like an antivirus program or a spyware blocker.

Mac OSX.  Programs are NOT by default permitted to run.  This has been a component of Unix/Linux/OSX for the better part of a decade and a half.  Just because one operating system has a problem with this (the assumption here is that Ranum is commenting on Windows) does not mean that every OS has this problem.  After this Ranum talks about it being a bad idea.  Maybe it would be a good idea to get in touch with Microsoft and mention this?  Rather than make it sound like everyone has this problem, be specific.  That is another component of quality information security research, specificity.

Now we finally get a well written anecdote that demonstrates what the author is talking about:

A few years ago I worked on analyzing a website’s security posture as part of an E-banking security project. The website had a load-balancer in front of it, that was capable of re-vectoring traffic by URL, and my client wanted to use the load-balancer to deflect worms and hackers by re-vectoring attacks to a black hole address. Re-vectoring attacks would have meant adopting a policy of “Default Permit” (i.e.: if it’s not a known attack, let it through) but instead I talked them into adopting the opposite approach. The load-balancer was configured to re-vector any traffic not matching a complete list of correctly-structured URLs to a server that serves up image data and 404 pages, which is running a special locked-down configuration. Not surprisingly, that site has withstood the test of time quite well.

Congratulations, you used a load-balancer as a firewall.  Now Ranum starts to wrap up his opinion:

One clear symptom that you’ve got a case of “Default Permit” is when you find yourself in an arms race with the hackers. It means that you’ve put yourself in a situation where what you don’t know can hurt you, and you’ll be doomed to playing keep ahead/catch-up.

So the idea that a vulnerability could exist in the design even with implicit deny enabled is completely foreign to you?  Has there ever been a problem with a TCP stack such that people got into a network even with a port closed (impact deny enabled)?  Yes, that has happened.  So the idea that someone having to do their job and figure out how a “hacker” (I hate that term) does not mean that there was a failure in implicit deny.  It means there was a vulnerability.  We are then treated with this platitude:

The opposite of “Default Permit” is “Default Deny” and it is a really good idea. It takes dedication, thought, and understanding to implement a “Default Deny” policy, which is why it is so seldom done. It’s not that much harder to do than “Default Permit” but you’ll sleep much better at night.

The problem is you can not always deny access to everything that has a vulnerability.

  1. You may be using the service that has a vulnerability
  2. What if the vulnerability is a zero day exploit?
  3. The attack can look like legitimate traffic (TCP handshake attack)
  4. This article focuses on 20% of the problem, external attacks.  It does not address the other 80% of the issue, security failures from inside the company.  Every illustration shows protection from attacks originating outside the company.

In short this article does not address the anything remotely related to a new security concept, or even make a useful recommendation.  It is my hope that Ranum revises his article to be “more in line with reality” as I think he put it.