General - Page 14

Courage and Cancer

Not many people are brave enough to go public with intimate details of medical problems, especially cancer, and to start going public when the problem is diagnosed, not just when it’s cured. Ken Holman is one of those rare people who have done so, and in email with him shortly after he came out of hospital he welcomed my doing my small bit to publicise what he went through, in the hopes that it will help others (from Ken: “I know that I would have appreciated reading actual testimonials from patients rather than just corporate medical reports”).

For those who don’t know, Ken has been a stalwart in the SGML/XML community for many years, taking part in various standards committees as well as being a well-regarded teacher and speaker. He’s had a bad run health-wise recently, culminating in a bout with prostate cancer (which now appears to be effectively cured, though some side-effects still remain). The details are at Awareness of Male Cancers – my personal stories; what may be startling is that even test results within the normal range can indicate cancer that needs to be treated. Here’s hoping that few people need to go through what Ken just has, but if you do, I hope you recover well and quickly.

Phishing Sophistication

I’m starting to be impressed by the (almost) sophistication of phishing attempts. The latest one in my inbox today contained a message from someone purporting to have bought an item via eBay that they hadn’t received and unless they heard back they were going to complain to eBay and then the police — I can quite see some nervous seller who thinks there might be a mistake in the system clicking on the “log in to eBay message center” link (which of course doesn’t go to eBay at all) to try to rectify it.

Mind you, the spam filters are also starting to become sophisticated — my ISP adds headers to the email marking potential spam and this one tripped a number of meters, adding up to quite a lot of red flags. Some of them are, on their own, quite legitimate of course, but not all:

    1.0 FROM_ENDS_IN_NUMS      
        From: ends in numbers
    1.3 RCVD_NUMERIC_HELO      
        Received: contains a numeric HELO
    1.0 MSGID_SPAM_CAPS        
        Message-ID =~ /^\s*< ?[A-Z]+\@(?!(?:mailcity|whowhere)\.com)/
    0.1 HTML_TAG_EXISTS_TBODY  
        BODY: HTML has "tbody" tag
    0.4 HTML_70_80             
        BODY: Message is 70% to 80% HTML
    0.1 HTML_FONTCOLOR_BLUE    
        BODY: HTML font color is blue
    0.7 MIME_HTML_ONLY         
        BODY: Message only has text/html MIME parts
    0.2 HTML_MESSAGE           
        BODY: HTML included in message
     0.3 HTML_FONT_BIG          
        BODY: HTML has a big font
    1.1 MIME_HTML_NO_CHARSET   
        RAW: Message text in HTML without charset
    0.2 MIME_QP_LONG_LINE      
        RAW: Quoted-printable line longer than 76 chars
    0.4 NORMAL_HTTP_TO_IP      
        URI: Uses a dotted-decimal IP address in URL
    0.1 FORGED_HOTMAIL_RCVD2   
        hotmail.com 'From' address, but no 'Received:'
    3.0 FORGED_MUA_OUTLOOK     
        Forged mail pretending to be from MS Outlook
    0.6 MISSING_MIMEOLE        
        Message has X-MSMail-Priority, but no X-MimeOLE
    1.1 FORGED_OUTLOOK_HTML    
        Outlook can't send HTML message only
    1.1 MIME_HTML_ONLY_MULTI   
        Multipart message only has text/html MIME parts
    1.1 FORGED_OUTLOOK_TAGS    
        Outlook can't send HTML in this format
    3.0 SARE_MSGID_YAHOO       
        Message-ID is forged, (yahoo.com)
    1.1 HTML_MIME_NO_HTML_TAG  
        HTML-only message, but there is no HTML tag

After I saw this I promptly went and got the latest version of Pegasus Mail, which I use for my personal email. Pegasus has always had good anti-virus protection, has had decent spam filtering for some time, and shows the real URL that is being linked to on HTML emails, but it now advertises anti-phishing checks as well. It will be interesting to see how well they work in practise.

Crochet Danger

I had to laugh at Eve’s link to the story of the weenie who was scared of knitting needles (while admitting I first saw the link at whump dot com from following XML 2005 Aggregator links). I have a better story than mere knitting needles or even needlework needles, since all of those have really blunt ends.

When the TSA directives first came out after September 11, banning knitting needles, I, along with a lot of other people, was struck by the arbitrariness of the bans. No knives, but forks were still allowed, and so were glasses made of glass. Personally I’d rather have someone come at me with a blunt knife that’s not capable of cutting anything than a broken glass. So I read the list of banned items and noticed that crochet hooks weren’t on the list. Given that in terms of crafts I bounce between knitting, needlework, crochet, and lots of others, I have a good supply of crochet hooks. I picked one out to take on my next set of flights. Not just any crochet hook though, one of my fine 1.25 mm crochet hooks that at the time I was using for filet crochet. So this is a hook, with what can only be described as a barb on one end, with a total diameter of 1.25 mm (I have smaller, but had two of the 1.25 mm hooks so could easily risk losing one).

The first security person checked the hook, looked worried, asked her supervisor, the supervisor said “crochet hooks are allowed”. And that was it. On board I went, with my filet crochet and my crochet hook. These days knitting needles are expressly allowed, as are crochet hooks (although the TSA calls them “crochet needles”) so I will still be able to carry around my filet crochet hooks and scare unsuspecting knitting needle phobics (yes, there is such a thing as a needle phobia; most people who suffer from it have phobias about vaccination and blood test-type needles, not knitting needles, although the phobia is apparently bad enough in some people to be set off by any needle-type object).

So if you see someone with what looks like a viciously thin, barbed object and thin yarn, just remember the TSA permits it. Mind you, reading that list does raise other questions, such as “if you can’t smoke on board, why do you need a cigar cutter?” and “why are toy transformer robots expressly permitted but not other toys?” but that’s just me being picky.

Katrina

Like so many others, I feel compelled to add to the blogflood of words about Hurricane Katrina (and I pity any child of that name!). My own words seem inadequate; I don’t have Shelley’s lyricism, or Cecily’s perspective, or consistency. I’ve never even been to New Orleans, so I have no photos to add to the store of what was there. I have no idea whether New Orleans will be rebuilt, although it’s obvious it will never be the same again. I appreciate people who say that now building codes can be developed and enforced to withstand hurricanes, but worry about what the costs of those buildings will do to the poor who already can’t afford reasonable accomodation.

It seems large parts of the damage and destruction were preventable, much of the pain and horror could have been ameliorated. What does this do to the people who have seen it, experienced it? What sort of nightmares will they relive in their dreams and pass on to their children? And what sort of lessons will be drawn? Will the systems to hold back the water be designed and built with the same determination as in Holland after the massive floods in 1953 that killed almost 2000 people? (60% of the Dutch population lives on land that is under sea level). I can’t help thinking of that old song that somehow still seems to ask many of the right questions — “The answers, my friend, are blowing in the wind, the answers are blowing in the wind”.

Visibility Online

One unexpected but totally welcome side-effect of blogs and instant messaging these days is knowing that people you care about are ok. Just being able to see their names and their postings while the effects of what happened in London sunk in made a big difference to my day. My condolences to all those for whom that couldn’t help.

London

The bombs in London have proven again that Londoners are resilient, that they have learnt from the WWII blitz and the years of IRA attacks, how to cope with terror that would bring other cities to a screeching halt. And yet, I can’t help but worry what the reactions will be. Will the governments of the world now insist that everyone getting on a bus or train go through metal detectors, or worse, be scanned by the incredibly privacy-invading backscatter X‑ray scanners? (See Bruce Schneier’s blog for more discussion on this). I don’t care what anyone says, I don’t believe that making people go through X‑ray machines is healthy, even if the amount is low — having trained as an experimental nuclear physicist, I’ve learned that even low dosages are cumulative.

Screening public transit passengers would slow down public transport and force more people into their cars; it’s just not practical in London rush-hour traffic to completely screen every person getting on to every train or bus at every stop and station without bringing the system to a complete halt. And the traffic congestion in London is so bad already that encouraging people to drive won’t solve any problems either!

Tony Blair insists that the terrorists won’t win — but then why is the British government trying to push through legislation on ID cards that has significant privacy and cost implications (thanks to Robin Wilton for the link) ? The attacks on September 11, 2001, proved that suicide terrorists will go to extreme lengths to ensure that their identity papers look right, and that they have built up a reasonable history (the hijackers had valid ID and were frequent flyers, in part in order to plan the attacks meticulously). Making people carry identity cards will just make life difficult for ordinary people, not for the terrorists who will be prepared with all the identification (fake or real) that they need.

I don’t know what can be done to solve the terrorist problem but making life more difficult for ordinary people trying to go about their lives without a definite benefit (for example, the x‑ray machines mentioned above can’t search in body cavities so it’s also of limited use) really seems to me to be letting them win. Yes, there are definite things people can do — the classic advice to not leave luggage unattended and to avoid suspicious packages, for example. And some amount of security checking when you board aircraft is reasonable — I wouldn’t want someone with a gun on board or a long knife, even if they’re not terrorists, in case of accidents. But the more draconian parts of the various Acts that many governments rushed to pass after 2001 are not necessary. There’s an old saying that the police generally tend to treat all people as criminals who haven’t been caught yet (and given that they usually deal with criminals all day, one can forgive their perception as to the relative proportions of criminals and honest people in the population). We need to ensure that we’re not all treated as terrorists-in-waiting, while balancing the security needed to catch the real terrorists.