tamaranth: (Default)
[personal profile] tamaranth
2014/07: Annihilation -- Jeff VanderMeer
At first, only I saw it as a tower. I don’t know why the word tower came to me, given that it tunneled into the ground. [loc.54]

non-spoilery review )
tamaranth: (Default)
[personal profile] tamaranth
2014/06: We Are All Completely Beside Ourselves -- Karen Joy Fowler
... the happening and the telling are very different things. This doesn’t mean that the story isn’t true, only that I honestly don’t know anymore if I really remember it or only remember how to tell it. Language does this to our memories—simplifies, solidifies, codifies, mummifies. An oft-told story is like a photograph in a family album; eventually, it replaces the moment it was meant to capture. [loc.630]

review that is less spoilery than the actual book cover )
tamaranth: (Default)
[personal profile] tamaranth
2014/05: A Clash of Kings -- George R R Martin

if it is the swordsmen who rule us in truth, why do we pretend our kings hold the power? [loc.2227]

non-spoilery review )
tamaranth: (Default)
[personal profile] tamaranth
2014/04: Gemsigns -- Stephanie Saulter

'...when the various governments allowed embryos to be genetically modified beyond what was necessary to avert the Syndrome and other illnesses, they neglected to define the legal status of the resulting people. They just let the gemtechs get on with it.' [loc.2050]

non-spoilery review )
tamaranth: (Default)
[personal profile] tamaranth
2014/03: The Incrementalists - Steven Brust and Skyler White
No one is going to turn Rupert Murdoch into a liberal, but a few nudges might convince some British investigators to follow up on what he's done, if they're inclined in that direction anyway. [p. 30]

slightly spoilery review )
juliet: (waveform tree)
[personal profile] juliet

Mirrored from Twisting Vines.

I’m running a free Introduction to Permaculture one-day course at Burgess Park Food Project on the 26th April. Contact me, or the address on the website, to book.

There’s lots of other cool stuff going on there this summer, too. (JPG only at that link, sorry; have requested text version.)


Apr. 15th, 2014 02:53 pm
silentq: (post via email)
[personal profile] silentq
I used to love the wind. A big part of the reason I made a cloak as a teenager was due to fantasies of standing on a cliff over the sea and having a cloak blowing about me - I would wear that thing out on every windy day that I could. I went sailing on tall ships and gloried in the days when the wind would get us going at around 20 knots. I loved watching leaves and flower petals blown about by the wind, and the sound of trees in motion, and the feel of wind on my body. I loved going out to open fields and flying kites.

Then during the trip planning for Patagonia, I started to find myself worried at all the mentions of how windy it was. I saw a TV program that showed just how much of a factor the wind was in that area of the world - it's in the Roaring 40's - and got quite nervous. Once we landed in Patagonia and I felt how hard it was to stand up straight in the gusts, and learned that we'd be heading into the back country just ahead of an impending storm, I had to screw my courage up to not back out and just stay in the BNB. We were warned that the gusts could be up to 100kph, and part of our route was exposed. Cris's write up with image of the weather forecasting rock (the bit that stuck with me - if the rock is not here, it's very windy). He was blown over once, I came very close myself, and we had to stop and brace ourselves when we'd hear the wind approaching through the trees. We bypassed one side trail because it was too exposed (aka we couldn't actually move up it). An afternoon spent huddled in the tent listening to wind sounding like an expressway may have left lasting mental scars (we were in a small stand of trees, and I could hear them creaking above us). We also saw some touring cyclists battling the winds on the pampas, and every time I face a headwind on my ride to work now, I remember them crawling along.

So of course what do I do less than a year later? Plan a camping trip to Mt. Washington, NH, home of the highest winds on record. My travel diary isn't something I re-read very often, the experience is kinda burned in. I viscerally remember climbing up a ridge practically on hands and knees after having been blow a couple of steps sideways by a wind gust and having a long long look a long long way down.

Then a few tropical storms hit the Boston area, and with my living room windows leaking air in high winds (aka whistling and moaning), I would retreat to my bedroom to wait out the storms, listening for the crack of breaking glass.

Yesterday and today have been pretty windy, and I've found myself wincing/flinching away from it. I really want to stop that, to find my joy in (non destructive) winds again. They key may be to not try moving around in it. *wry smile* The ride to work wasn't bad today, I do love tail winds and can deal with headwinds, it's when the crosswinds decide to move me sideways that I get really nervous, and that didn't happen today (well, much). I honestly considered taking the bus instead. *sigh*

Maybe I'll try going to Goth Fly a Kite this year.

Update: weather report says to expect "more gusts up to 50mph". Never mind, it is really windy out, I don't feel so bad for feeling bad. :-)

Is there a Gnostic in the house?

Apr. 15th, 2014 12:42 pm
nancylebov: (green leaves)
[personal profile] nancylebov
Or a student of Gnosticism? Preferably one who's seen the movie Noah.

Here's a review of the movie which claims it has a tremendous amount of Gnostic/Kababalistic symbolism: bodies are inferior to being pure spirit, the snake was right, God the creator is bad....

And some ranting about how Christian pastors and leaders couldn't tell how heretical it all was.

Anyone know whether this is a reasonably fair interpretation of the movie?

(no subject)

Apr. 15th, 2014 04:28 pm
flick: (Default)
[personal profile] flick
It's been another lovely day, although colder than the last few: we had a frost first thing this morning, and I was glad of a jumper during our riding lesson:

We've been busy with K&M staying for the last few days, which was lovely but I'm tired now! There was much walking around the woods and admiring the bluebells, which are very fine.

Here are some less fine bluebells, from when we went for a hack a few days ago:

We went into Canterbury for dinner last night, as the pubs all seem to close on Monday evening. Much to Jodie's relief, the Belgian beer place allows dogs, so she just went to sleep on Mike's feet. Before we ate, we had a little wander around town. There's a very peculiar tree in the grounds of the cathedral:

It has little fuzzy red flower balls on it, and what looked like the remains of last year's seeds were brown balls about an inch across. No idea what it is!
[syndicated profile] newstechnica_feed

Posted by David Gerard

TELLYHOUSE, Cable and Witless, Tuesday (NTN) — TalkTalk and BSkyB are building their own fibre network in York to deliver the most unreliable, limited and filtered Internet service seen in Britain to date.

Scorpions “Virgin Killer” in LegoTalkTalk chief Dido Harding said: “We are going to deliver a pure fibre network that will deliver speeds of 1 gigabit per second direct to homes and businesses in York … within the fair use bandwidth allowance, and duly filtered against rudeness, unpleasantness and copyright violations.”

The “state of the art” network will have superfast connections to tens of thousands of homes and businesses, with full clear speed guaranteed by not actually letting people see anything they want to. Filters against porn, health information, gays, music, telly, unpleasantness, Wikipedia and gays will be on by default — though any customer will be able to opt out by putting an advertisement in their local newspaper announcing “I AM A VILE WHOREMONGER” for thirty days.

Virgin Media are not standing still. Computers on a Virgin cable connection will issue an electric shock through the keyboard whenever a customer attempts to access a filtered site. The company will automatically forward the customer’s address to the Internet Watch Foundation and the British Phonographic Institute.

TalkTalk customers frequently express outrage at the Internet provider’s censorship mechanisms, though not enough outrage to actually pay a penny more to go somewhere else.

vatine: books-related stuff (books)
[personal profile] vatine
Previously unread.

This is the second book in a YA fantasy series. It continues off shortly after the events in the first book, dials the tension (and to some extent the romance) up a couple of notches.

If anything, the one thing that I noticed was that it was a really fast read (and by "really fast", I mean "I started it yesterday morning" and "I was finished well before I arrived in the office this morning"; if this was how fast things normally get read, I'd probably be looking at order 270 books per year).

Nonetheless, a good read. I may or may not buy the sequel right now, I haven't quite decided.

"Aim my smiling skull at you"

Apr. 15th, 2014 02:38 am
rosefox: Spock's pointy ear. (ear)
[personal profile] rosefox
Fun things, Apr 14: giant ice cream sundae.

I earned that ice cream. Today was the Menière's treatment study enrollment day, which ate four hours of my work day with a lot of paperwork, a blood test, a hearing test, an ear exam, and more paperwork. I put on my most bright and cheerful and funny attitude, and made the study coordinator's day when I pulled up all my carefully tagged LJ/DW entries and was able to give exact dates for diagnosis and various treatments. I was the perfect patient. Then I got lunch, got ice cream, attempted to work a bit, came home, and fell over.

In four weeks I get a cold liquid injected into my ear that then turns into a gel and hangs around for a month. Four months after that, I find out whether it was the medication or the placebo. Yay science, or something.

The hearing test shows that the hearing in my right ear is the worst it's been (or at least the worst it's been on a day when I'm getting a hearing test). I've been braced for vertigo for days. I almost wish it would show up just so my hearing would improve for a few days. Only almost, though. Being hard of hearing in one ear is better than vertigo. It's just tiring having to work so hard to hear people. And today I got talked at a lot, by people with thick accents who were telling me very important things that I needed to understand fully, so there was a lot of active listening and careful hearing going on. I am so wiped.

I went up on the roof earlier to watch the lunar eclipse for a bit, but it was chilly and I was tired, so I came back in. It's nearing totality now, so I'm going to take one last look. Then I'm passing all the way out, with no alarm set.
[syndicated profile] newstechnica_feed

Posted by David Gerard

DAS BUNKER, Whopping, Monday (Sky None) — Rebekah Brooks, former editor of The Sun and News of the Filth, will retire from journalism and take up writing fan fiction.

Rebekah Brooks (Wade) of Slytherin“I feel journalism in our super soaraway style is completely out of fashion,” she said under oath in the Old Bailey today. “It’s time to go back to the Chilterns, fire up Tumblr and do something worthwhile and lasting.”

Planned works include:

  • Tom Riddle and the Poisoned Chalice: Lady Rebekah Voldemort, the heroine, battles a horrid little oik called Nick Potter, who is allied with Lady Rebekah’s old enemy Dumblebridger, headmaster of the Auto Trader Media Group.
  • Star Trek IV: The Search For Milly: spunky young red-haired and red-shirted Ensign Rebekah Crusher hacks into the captain’s son’s tricorder. Captain Mary-Sue Brooks laughs indulgently at these hijinks and concurs that they are entirely justifiable on grounds of press freedom.

  • Oh Bugger Get Me Out Of This One, Jeeves: A lighthearted romp through 2010s Edwardian Britain, with comic-relief idle-rich idiot aristocrat Bertie Cameron and his “gentleman’s personal gentleman” Andy Jeeves. Bertie flutters about incompetently with the highly eligible young Rebekah Wadehouse, but it turns out she’s been copping off with Jeeves.

Mrs Brooks has also been working on original stories. “I came up with a good one — this wizened creature who’s got hold of a ring of huge power that corrupts everyone who comes near it and makes him near-immortal in a diseased and twisted form, and he calls it ‘moy preciousssss, mate. Bewdy.’ But apparently it’s been done.”

vatine: books-related stuff (books)
[personal profile] vatine

So, this is the "slightly more cheerful" tale of doom, loss, horror and other depressing things that noetheless is a smidgen cheerier than Night & Demons.

I realised when I read this that I don't think I've read The Apocalypse Codex close in time to The Fuller Memorandum and, well, the implications implicate, as implications do.
vatine: books-related stuff (books)
[personal profile] vatine
Previously unread.

Assorted shorts by David Drake. None of them cheery, all of them well-written. May well be worth a read. I will probably re-read it in some sort of future, but right at the moment, I prefer cheerier things (which will probably show exactly how dark this collection is, when you see the next entry).
vatine: books-related stuff (books)
[personal profile] vatine
Previously unread.

Hm. Well... This felt almost exactly like the previous Robert Conroy book I read. A slight twist to a historic large-scale conflict, leading to an alt-hist large conflict, with the plucky Americans winning the day and our primary Plucky American Viewpoint Character winning the woman.

So, yeah, no, I wouldn't recommend this, unless it is close to a core interest for you. It isn't, for me, so I only ever accidentally get them through book bundles. But, I guess expanding one's horizons isn't specifically a bad thing.

DIY sucks #27

Apr. 14th, 2014 09:23 am
rbarclay: (donald)
[personal profile] rbarclay
No prettifying yesterday, as I discovered that the workers (on orders of the father-in-law) had nailed together most of the awning without treating the wood in any way. Which ain't good from a "this should last a couple decades" perspective.
So I ripped off the tar paper and oiled everything up. And discovered that that the father-in-law had also instructed the workers to use cheap glued wood in some places - which I also ripped out, as I don't want the roof to be of too many colors, 3-4 are fully sufficient: there's red-ish larch and light-brown-ish fir/spruce for the framework, dark brown for some of the roof panels, ochre for some of the other roof panels.

Then I ripped out the decorative strip one of the workers had made, because it needed to be painted (see "not of too many colors"), and I couldn't do that while it was in place, plus I want the wood to be treated everywhere, not just where it's easy to reach.

Some pics: http://bofh.us/auM


Apr. 14th, 2014 03:01 am
rosefox: A little blonde girl in a men's shirt and tie and a black skirt, with a glued-on mustache (genderqueer)
[personal profile] rosefox
Fun things, Apr 13: got prettied up for the Seder.

Today's outfit was entirely logic-driven:

* going to the Seder at my mom's place, so dressing up a bit
* want to wear a skirt and sandals because it's warm and breezy
* needs to be a long skirt so my mother doesn't give me the hairy eyeball over my hairy legs
* following the recent de-femming of my closet, I have precisely one long skirt, one top that goes with skirts, and one jacket that goes with that top
* oh right, girly clothes mean earrings and a necklace, I remember that
* it's warm enough to justify a straw hat


a photo of me in a long black skirt with a grey short-sleeved blazer and a pale straw fedora with a black band

(Image is a link to a larger image. Photo by [personal profile] xtina.)

When I cleaned out my closet, my rule was that I would keep any femme clothes that make me think "I look smashing in this", on the theory that those are the ones that really work for me rather than being about conforming to what other people think I should look like. This was my first time testing that theory and I am extremely pleased with the results. This blouse (which you really can't see at all under the jacket--it's a black sleeveless blouse with a deep v-neck) was my cleavage blouse back when I had cleavage, but I've lost so much weight since then that my chest is practically flat, which is great for menswear and gives me a fun bit of cognitive dissonance when I femme up. I also just got my hair buzzed, and gave my face a nice proper shave this morning. I didn't feel like a guy in drag, though. I just felt like me, looking and feeling good. It's nice. :) And something of a relief. I always want to have the option of girling up, even if I don't often take it.

Originally I was going to wear a women's wide-brimmed straw hat, but it didn't quite work when I put it on--too much of a muchness with the long skirt--and then I tried the straw fedora and it was far better than I expected. I think I always need something just slightly gender-dissonant like that. Even if I'm not in a particularly transgressive mood, I look better and feel better when I'm a little bit audacious.

Oh, and I think this is my first photo post since going back to wearing contact lenses! (Contacts + completely buzzed hair = my face looks naked, so when I got rid of my hair I switched to glasses.) I LOVE them. I love how I look in them, I love how much easier life is with them, love love love. I plan to stick with this hairstyle for a while--still buzzed on the sides and back, but longer on top--so I can keep wearing them.

Real-world Secure Boot attacks

Apr. 13th, 2014 09:43 pm
[personal profile] mjg59
MITRE gave a presentation on UEFI Secure Boot at SyScan earlier this month. You should read the the presentation and paper, because it's really very good.

It describes a couple of attacks. The first is that some platforms store their Secure Boot policy in a run time UEFI variable. UEFI variables are split into two broad categories - boot time and run time. Boot time variables can only be accessed while in boot services - the moment the bootloader or kernel calls ExitBootServices(), they're inaccessible. Some vendors chose to leave the variable containing firmware settings available during run time, presumably because it makes it easier to implement tools for modifying firmware settings at the OS level. Unfortunately, some vendors left bits of Secure Boot policy in this space. The naive approach would be to simply disable Secure Boot entirely, but that means that the OS would be able to detect that the system wasn't in a secure state[1]. A more subtle approach is to modify the policy, such that the firmware chooses not to verify the signatures on files stored on fixed media. Drop in a new bootloader and victory is ensured.

But that's not a beautiful approach. It depends on the firmware vendor having made that mistake. What if you could just rewrite arbitrary variables, even if they're only supposed to be accessible in boot services? Variables are all stored in flash, connected to the chipset's SPI controller. Allowing arbitrary access to that from the OS would make it straightforward to modify the variables, even if they're boot time-only. So, thankfully, the SPI controller has some control mechanisms. The first is that any attempt to enable the write-access bit will cause a System Management Interrupt, at which point the CPU should trap into System Management Mode and (if the write attempt isn't authorised) flip it back. The second is to disable access from the OS entirely - all writes have to take place in System Management Mode.

The MITRE results show that around 0.03% of modern machines enable the second option. That's unfortunate, but the first option should still be sufficient[2]. Except the first option requires on the SMI actually firing. And, conveniently, Intel's chipsets have a bit that allows you to disable all SMI sources[3], and then have another bit to disable further writes to the first bit. Except 40% of the machines MITRE tested didn't bother setting that lock bit. So you can just disable SMI generation, remove the write-protect bit on the SPI controller and then write to arbitrary variables, including the SecureBoot enable one.

This is, uh, obviously a problem. The good news is that this has been communicated to firmware and system vendors and it should be fixed in the future. The bad news is that a significant proportion of existing systems can probably have their Secure Boot implementation circumvented. This is pretty unsurprisingly - I suggested that the first few generations would be broken back in 2012. Security tends to be an iterative process, and changing a branch of the industry that's historically not had to care into one that forms the root of platform trust is a difficult process. As the MITRE paper says, UEFI Secure Boot will be a genuine improvement in security. It's just going to take us a little while to get to the point where the more obvious flaws have been worked out.

[1] Unless the malware was intelligent enough to hook GetVariable, detect a request for SecureBoot and then give a fake answer, but who would do that?
[2] Impressively, basically everyone enables that.
[3] Great for dealing with bugs caused by YOUR ENTIRE COMPUTER BEING INTERRUPTED BY ARBITRARY VENDOR CODE, except unfortunately it also probably disables chunks of thermal management and stops various other things from working as well.