I am sure if you are anti AGW (Anthropogenic Global Warming) or man made global warming you subscribe to the theory that the reason why so many scientists agree that global warming is man made is because that’s where the money is.

Research done suggests that 97% of scientists support man made global warming.

Ok lets take a look at this logic.

If proponents of this theory are to be believed it means that a significant proportion of that 97% are more interested in money than in scientific truth.

The theory goes like this. To get grant money a scientist must apply. An applicant that supports AGW is more likely to get grant money therefore most climate scientists submit papers supporting AGW.

In short a very large percentage of climate scientists are dishonest. Isn’t that what  Global Warming Deniers believe?

So if we assume that a very large percentage of climate scientists are dishonest and they are in fact only following grant money (I used to believe this until common sense got in the way). Then we must believe they are intrinsically dishonest.

BUT if they are intrinsically dishonest why do 97% support AGW surely they would go wherever the money leads. Governments aren’t the only source of grant money. Large corporations provide grant money, universities provide grant money interested groups provide grant money. There are dozens of different sources of grant money for a scientist whether they are climate scientists or not.

Many of those organisations on the surface don’t believe in AGW. They have vested interests in AGW being wrong. Oil Companies. Insurance Companies. Political Parties etc etc.

Lets assume that say 60% of climate scientists are dishonest and only follow the money. So for every 100 climate scientists who agree with AGW 60 are dishonest and only do it for the money (the other 40% are just easily led).

This means that of the 3% who are against AGW 1 is easily led the other 2 out of the 100 are dishonest.

But if 60 out of 100 are just plain dishonest, Why do most of them side with AGW when there is plenty of money available to anyone with a science degree who is willing to denounce AGW.

Why? because the very clear majority of climate scientists are in fact honest and therefore believe that AGW is real.

I used 60%. You can use whatever percentage you think makes sense. The answer will always come out the same.

The claim makes no logical sense whatsoever.

I awoke this morning to the news that over 100 students were murdered in Peshawar. Shot in their classrooms by Taliban Militants.

A reprisal attack for a recent military offensive against the Taliban.

What evil twisted minds can justify an attack on innocent students sitting at their desks.

There is no justification. There are no words that can be uttered there are no mitigations there is no softening of thought towards these evil men.

If you harbour any thought of justification towards this evil. Then you are evil. There is no other way to think of it.

Perhaps its a bit of a generalisation, but in watching people I have realised that people in general need god to exist.

They need the concept of god to…

• make their own life have worth
• answer unanswerable questions
• feel like they can be forgiven for the bad they do
• and many many other reasons

The very fact that man needs god to exist is proof positive that god does not in fact exist.

If you have never been told, one of the quickest easiest and certainly cheapest way you can improve the health of your teeth is to swish.

That is as simple as it is and it can be done almost anywhere. Take a glass of clean water after meals or drinks or eating any sugary food (my down fall was sultanas, I love them) and swish then spit it out. If you do it in a clean basin you may be surprised to see how much stuck food it removes.

When I say swish I mean using your cheeks to force the liquid through your teeth. It will dislodge a lot of stuff that will otherwise sit for hours and also remove a lot of, if not all of the sugar left behind. My other love was sugared coffee, had I swished after each cup I’d probably be in much better shape.

So eat drink swish and be merry!

Conspiracy theorists attempt to censor research into their actions

This article on Ars Technica discusses the removal of a study into conspiracy theories due to pressure from the conspiracy theorist blogs themselves.

Here is the original now removed article. Fortunately the University of Western Australia is not so easily cowed by such threats.

http://websites.psychology.uwa.edu.au/labs/cogscience/Publications/LskyetalRecursiveFury4UWA.pdf

Now lets watch the Streisand effect do its work.

This article also introduced me to the term “Conspiracist Ideation” A great term

I read a lot about how md5 is hacked and don’t use it for passwords blah blah blah

It is true that finding collisions in md5 is easy enough and brute forcing them with modern day computers is trivial.

But are they useless?

I Don’t Think So!

The following is based on someone getting access to your database because say you left the door open and they were able to inject some sql which revealed your user accounts. Sadly a very common occurrence.

The reasoning for not using md5’s as password hashes goes like this. I can brute force 5 Billion Hashes a second therefore I can crack all your passwords within minutes therefore md5 is terminally broken.

Well Yeah, That is correct if you don’t salt your hashes and you should! What is salting? Salting is adding random characters to the password to increase its complexity. It is done by the webserver or whatever program is using the password

It goes like this..

instead of

hash = md5(password);

you have

hash = md5(password . salt) ;// . means concatenate

Now if the cracker doesn’t have the salt he cannot brute force your password and rainbow tables and collisions are also out.  (rainbow tables are massive precomputed tables of cracked hashes)

The trouble with the above solution is two users with the same password have the same hash. That little leakage of information could be enough to crack the password.

So what you need to do is to add a unique salt, one per password. This then prevents two passwords having the same hash.

hash = md5(password  .  unique salt);

But this means you need to store your unique salt with your password. So if your database is hacked then your salts are also known! But it does give the bad hacker a headache they still need to brute force every password in your database with a different salt for each password. It makes it exponentially harder.

How about we add another salt to the system will that help? Yes it will!

If you add a third common salt to the system so that your algorithm now becomes

hash = md5(password . unique salt . common salt);

Then the bad hacker needs all three. As long as the hacker does not get the common salt then your passwords are safe. BUT DO NOT STORE THE COMMON SALT IN THE DATABASE!

If they have the database and get your common salt because you were silly enough to store it there then you are back to the salt plus unique level of complexity. Good but not great!

Remember this too, as a developer we can do all we want to protect our users passwords. But if users are stupid enough to use simple passwords and then share them across multiple sites then they deserve to get hacked.

To protect them from themselves when setting passwords for users always set a minimum complexity.

So go ahead and use md5 in the knowledge you are reasonably safe. Of course if they get access to your server then once again you are in trouble!

So the solution is two salts a unique and a common salt stored in a different media (configuration file)

AND insist on minimum complexity passwords.

md5 Is fast and that’s why its still a good choice for a busy server.

Of course you may have different reasoning so I’d love to hear it.

P.S. If you really want to give your bad hacker a hard time then add a counter to your hashing algorithm.

hash = md5(password . unique salt . common salt);
for (i = 0 to 1000000) {
           hash = md5(hash);
}

Amit Singhal, Google’s head of search ranking, announces Instant Search at an event in San Francisco

Googles Instant Pages

“Google is ready to make waiting for Web pages to load a thing of the past—at least for those pages found using its search engine and the company’s Chrome browser. As a user peruses the list of results returned in response to a query, the browser will fetch and load in the background the page it considers most relevant. If a person does click that result, the page will load instantaneously.” src – technology review

What’s Special about this?

Firefox has had prefetch for a long time now. It was damn annoying. If you had a slow connection or limited bandwidth this could become very expensive.
I disabled prefetch a long time ago because it was detrimental to my surfing.
Rarely is google so good that the first result is the one you want. Therefore it will often be fetching something you don’t need. This smacks of an apple/microsoft like announcement. More marketing than truth.
If you believe google is so good then just click I am feeling lucky. which send you to the first website in the search results.

SEO (search engine optimisation)

From SEO point of view it means a site would get inflated hit figures for hits they never actually received because the user decided to click the second or subsequent link

Malicious Sites

Malicious sites could conceivably give you a virus even though you look at the result and think “Hey I ain’t going there it looks suss to me”

Cookies and Privacy

When google and Firefox combined in the past to do this I was tipped off by sites requesting to place cookies on my machine. even though I never visited the sites. I never accept third party cookies, to me this was an invasion of privacy, Hence the main reason I disabled it.

Dumb move Google and even dumber announcement. it so smacks of Steve Jobs*. Was he hired as a consultant on this?

* In case you didn’t realise it this article was written before Steve Jobs passed away

Did you know that 50% of all people have below average intelligence?

And average is pretty ordinary if you  ask me!

I don’t want to be here.

I don’t like it here any more, Things are too hard, I am too tired.

I want to be anywhere that is not here.

If I go there I will be here, and I don’t want to be here.

I don’t want to be.

Today I installed Microsoft security essentials, Normally I am not a fan of anything Microsoft, and this probably won’t change that. But I figured I better give it a go! The first quick scan took 16 minutes. not too shabby I guess for 64K files, provided it works of course.

One area that does worry me is the information collection. they collect a lot of information and some of it seems a bit dubious as to its application as antivirus. really they shouldnt need to care what programs I use. I don’t/won’t use IE, but should they need to know I use firefox or chrome? It seems they are ‘scanning’ for more things than just viruses.

Even given that I have chosen to send basic information to Microsoft’s poorly name Spynet.

Massive False Positives (March 26, 2011 at 11:52 pm)

I have removed MSE from my computer. it had a brain fail and reported everything as infected. shutting down ALL applications. I couldn’t even get Task Manager running it reported a virus in the executable and refused to let it run.

After restarting the PC in safe mode and doing a full virus scan with both MSE and Antirvir it came up as clean. I can only assume either a transient memory virus that was wiped when I restarted infected my PC or MSE failed. I uninstalled MSE and the problem has not re-occured.