About Me

PBX My name is Paul Bissex, and e-scribe.com is my consulting business. I build web applications using as much open source software as possible. From September to June I teach web design and other important non-photographic professional skills to photographers. In the '90s I wrote technology commentary and reviews for magazines, newspapers, and web publications, including Wired, Salon.com, FamilyPC, the late lamented Web Review, and the Chicago Tribune. Feel free to email me.

Colophon

This runs on Django, served by Apache and mod_python. The database is SQLite. The operating system is FreeBSD, on a VPS hosted at Johncompanies.com. Comment-spam protection by Akismet. Vintage topo imagery from the Maptech archive. The markup engine is Markdown.

The Book

Book cover I'm co-author of "Python Web Development with Django", an excellent guide to my favorite web framework. Published by Addison-Wesley in October 2008, it is available from Amazon and your favorite technical bookstore as well. Click on the book title above to learn more.

Pile o'Tags

Stuff I Use

Akismet, del.icio.us, Django, dpaste.com, Emacs, FreeBSD, Freenode, jQuery, LaunchBar, MacPorts, Markdown, Mercurial, OS X, Postfix, Python, SQLite, Subversion, TextMate, Trac, Ubuntu Linux, wmii

Spam Report

At least 45583 pieces of comment spam killed since January 12th, mostly via Akismet.

MacBook wireless security exploit fracas primer

In case you haven't been following this mini-saga -- about two security researchers, an alleged MacBook wireless security vulnerability, and a writer from the Washington Post -- here's your study guide.

The original story at blog.washingtonpost.com (does the "blog" part mean we should lower our journalistic expectations?) has the unassuming title of "Hijacking a MacBook in 60 Seconds." An alternate, more descriptive title is "Hijacking a MacBook via a Third-Party Wireless Card that Nobody Would Ever Use, in 60 Seconds, and Also Allegedly Hijacking it via the Built-In Card that Everybody Uses, But Wait, Maybe Not, Sorry, We Can't Talk About That." You can see why they went with the shorter title.

Then there was a follow-up, followed by an update to the follow-up, followed by the release of the verbatim transcript of the original interview. Much heat, not much light.

Then John Gruber got sick of all this and issued an open challenge -- offering a brand-new MacBook in exchange for a demonstration of the alleged exploit against a stock machine. No takers. Then an update to the challenge. Still no takers.

What's interesting is that while my gut -- based on the behavior of the key participants, not on technical details -- says that there is actually no exploit that works against the stock MacBook, I'm not nearly as positive as Gruber is. I look forward to learning the truth, which is scheduled for delivery Real Soon Now.

By the way, don't read any of the contentious comment threads attached to the various blog postings. You'll just feel dirtier and more confused.

More as the situation develops.

Wednesday, September 6th, 2006
os x + risks