E-Scribe : a programmer’s blog

About Me

PBX I'm Paul Bissex. I build web applications using open source software, especially Django. Started my career doing graphic design for newspapers and magazines in the '90s. Then wrote tech commentary and reviews for Wired, Salon, Chicago Tribune, and others you never heard of. Then I built operations software at a photography school. Then I helped big media serve 40 million pages a day. Then I worked on a translation services API doing millions of dollars of business. Now I'm building the core platform of a global startup accelerator. Feel free to email me.


I co-wrote "Python Web Development with Django". It was the first book to cover the long-awaited Django 1.0. Published by Addison-Wesley and still in print!


Built using Django, served with gunicorn and nginx. The database is SQLite. Hosted on a FreeBSD VPS at Johncompanies.com. Comment-spam protection by Akismet.


Pile o'Tags

Stuff I Use

Bitbucket, Debian Linux, Django, Emacs, FreeBSD, Git, jQuery, LaunchBar, macOS, Markdown, Mercurial, Python, S3, SQLite, Sublime Text, xmonad

Spam Report

At least 237138 pieces of comment spam killed since 2008, mostly via Akismet.

MacBook wireless security exploit fracas primer

In case you haven't been following this mini-saga -- about two security researchers, an alleged MacBook wireless security vulnerability, and a writer from the Washington Post -- here's your study guide.

The original story at blog.washingtonpost.com (does the "blog" part mean we should lower our journalistic expectations?) has the unassuming title of "Hijacking a MacBook in 60 Seconds." An alternate, more descriptive title is "Hijacking a MacBook via a Third-Party Wireless Card that Nobody Would Ever Use, in 60 Seconds, and Also Allegedly Hijacking it via the Built-In Card that Everybody Uses, But Wait, Maybe Not, Sorry, We Can't Talk About That." You can see why they went with the shorter title.

Then there was a follow-up, followed by an update to the follow-up, followed by the release of the verbatim transcript of the original interview. Much heat, not much light.

Then John Gruber got sick of all this and issued an open challenge -- offering a brand-new MacBook in exchange for a demonstration of the alleged exploit against a stock machine. No takers. Then an update to the challenge. Still no takers.

What's interesting is that while my gut -- based on the behavior of the key participants, not on technical details -- says that there is actually no exploit that works against the stock MacBook, I'm not nearly as positive as Gruber is. I look forward to learning the truth, which is scheduled for delivery Real Soon Now.

By the way, don't read any of the contentious comment threads attached to the various blog postings. You'll just feel dirtier and more confused.

More as the situation develops.

Wednesday, September 6th, 2006

0 comments pending approval
Comments are closed for this post. But I welcome questions/comments via email or Twitter.