Shared posts

25 Aug 23:28

What's a good radio station because I'm having trouble finding one and last week..

by noreply@blogger.com (Merlesworld)
Fergus Noodle

Merle should review radio shows

I have just turned the radio on and some how the station was moved and I'm on The Kyle and Jacki-O show maybe I'm too old for radio today but these two are beyond belief, the news was on so I left it there, they stuck a ad in the news never come across that before then Kyle was telling everyone about all the stuff he had stolen from hotel rooms in his life the same as Kim K he stated, why are these two not arrested and locked up for thief or do hotels just add more to their bills to cover costs makes sense to do so. Then there was a interview with Jason someone who was a singer in USA, he is 26 and done well in this field the questions were about his sex life what car he was driving not much about his music career but they did play one of his songs."Touch the sky'' it was called not bad a few swear words thrown in but that is common these days. there was a delay between the questions and the answers I know it was a overseas interview but I got the feeling he was being a bit cagy about his answers, in all honesty if someone had asked me some of those questions I would just tell them to bugger off.      
This is my shed not much floor now but with luck the floor will be back in a few months, the son and daughter in law have moved all their stuff out of the house they sold but not moved it to QLD so it's in my shed for the time being.

Their back yard and the Beer Fairy looking confused.
They have a lot of paint.
The shed was pretty full of left over building supplies
but the house is now completely empty

I always liked their entrance gate
and these stickers didn't come off but they are cute, the beer fairy really likes this mirror bet you cant't guess what it is made of.
We all got together for a meal and I caught a train there as they had hired a van with only 3 seats and the beer fairy caught the train home.
Interesting trip I encountered a steam train at Straithfield Station not seen one in years in Sydney, love the sound and sight of these trains the smell not so much, the driver blew his whistle a lot and everyone took photos.


Me at dinner as you can see it's cold. I can't turn these photos., so you get a sideways view.
24 Aug 16:13

United Airlines Sets Minimum Bar on Security

by BrianKrebs

United Airlines has rolled out a series of updates to its Web site that the company claims will help beef up the security of customer accounts. But at first glance, the core changes — moving from a 4-digit PINs to password and requiring customers to pick five different security questions and answers — may seem like a security playbook copied from Yahoo.com, circa 2009. Here’s a closer look at what’s changed in how United authenticates customers, and hopefully a bit of insight into what the nation’s fourth-largest airline is trying to accomplish with its new system.

United, like many other carriers, has long relied on a frequent flyer account number and a 4-digit personal identification number (PIN) for authenticating customers at its Web site. This has left customer accounts ripe for takeover by crooks who specialize in hacking and draining loyalty accounts for cash.

Earlier this year, however, United began debuting new authentication systems wherein customers are asked to pick a strong password and to choose from five sets of security questions and pre-selected answers. Customers may be asked to provide the answers to two of these questions if they are logging in from a device United has never seen associated with that account, trying to reset a password, or interacting with United via phone.

Some of the questions and answers United come up with.

Some of the questions and answers United come up with.

Yes, you read that right: The answers are pre-selected as well as the questions. For example, to the question “During what month did you first meet your spouse or significant other,” users may select only from one of…you guessed it — 12 answers (January through December).

The list of answers to another security question, “What’s your favorite pizza topping,” had me momentarily thinking I using a pull down menu at Dominos.com — waffling between “pepperoni” and “mashed potato.” (Fun fact: If you were previously unaware that mashed potatoes qualify as an actual pizza topping, United has you covered with an answer to this bit of trivia in its Frequently Asked Questions page on the security changes.)

I recorded a short video of some of these rather unique questions and answers.

United said it opted for pre-defined questions and answers because the company has found “the majority of security issues our customers face can be traced to computer viruses that record typing, and using predefined answers protects against this type of intrusion.”

This struck me as a dramatic oversimplification of the threat. I asked United why they stated this, given that any halfway decent piece of malware that is capable of keylogging is likely also doing what’s known as “form grabbing” — essentially snatching data submitted in forms — regardless of whether the victim types in this information or selects it from a pull-down menu.

Benjamin Vaughn, director of IT security intelligence at United, said the company was randomizing the questions to confound bot programs that seek to automate the submission of answers, and that security questions answered wrongly would be “locked” and not asked again. He added that multiple unsuccessful attempts at answering these questions could result in an account being locked, necessitating a call to customer service.

United said it plans to use these same questions and answers — no longer passwords or PINs — to authenticate those who call in to the company’s customer service hotline. When I went to step through United’s new security system, I discovered my account was locked for some reason. A call to United customer service unlocked it in less than two minutes. All the agent asked me for was my frequent flyer number and my name.

(Incidentally, United still somewhat relies on “security through obscurity” to protect the secrecy of customer usernames by very seldom communicating the full frequent flyer number in written and digital communications with customers. I first pointed this out in my story about the data that can be gleaned from a United boarding pass barcode, because while the full frequent flyer number is masked with “x’s” on the boarding pass, the full number is stored on the pass’s barcode).

Conventional wisdom dictates that what little additional value security questions add to the equation is nullified when the user is required to choose from a set of pre-selected answers. After all, the only sane and secure way to use secret questions if one must is to pick answers that are not only incorrect and/or irrelevant to the question, but that also can’t be guessed or gleaned by collecting facts about you from background checking sites or from your various social media presences online.

Google published some fascinating research last year that spoke to the efficacy and challenges of secret questions and answers, concluding that they are “neither secure nor reliable enough to be used as a standalone account recovery mechanism.”

Overall, the Google research team found the security answers are either somewhat secure or easy to remember—but rarely both. Put another way, easy answers aren’t secure, and hard answers aren’t as useable.

But wait, you say: United asks you to answer up to five security questions. So more security questions equals more layers for the bad guys to hack through, which equals more security, right? Well, not so fast, the Google security folks found.

“When users had to answer both together, the spread between the security and usability of secret questions becomes increasingly stark,” the researchers wrote. “The probability that an attacker could get both answers in ten guesses is 1%, but users will recall both answers only 59% of the time. Piling on more secret questions makes it more difficult for users to recover their accounts and is not a good solution, as a result.”

Vaughn said the beauty of United’s approach is that it uniquely addresses the problem identified by Google researchers — that so many people in the study had so much trouble remembering the answers — by providing users with a set of pre-selected answers from which to choose.

An infographic from Google's research study on secret questions. Source: Google.

An infographic from Google’s research study on secret questions. Source: Google.

The security team at United reached out a few weeks back to highlight the new security changes, and in a conversation this week they asked what I thought about their plan. I replied that if United is getting pushback from security experts and tech publications about its approach, that’s probably because security people are techies/nerds at heart, and techies/nerds want options and stuff. Or at least the ability to add, enable or disable certain security features.

But the reality today is that almost any security system designed for use by tens of millions of people who aren’t techies is always going to cater to the least sophisticated user on the planet — and that’s about where the level of security for that system is bound to stay for a while.

So I told the United people that I was a somewhat despondent about this reality, mainly because I end up having little other choice but to fly United quite often.

“At the scale that United faces, we felt this approach was really optimal to fix this problem for our customers,” Vaughn said. “We have to start with something that is universally available to our customers. We can’t sent a text message to you when you’re on an airplane or out of the country, we can’t rely on all of our customers to have a smart phone, and we didn’t feel it would be a great use of our customers’ time to send them in the mail 93 million secure ID tokens. We felt a powerful onus to do something, and the something we implemented we feel improves security greatly, especially for non-technical savvy customers.”

Arlan McMillan, United’s chief information security officer, said the basic system that the company has just rolled out is built to accommodate additional security features going forward. McMillan said United has discussed rolling out some type of app-based time-based one-time password (TOTP) systems (Google Authenticator is one popular TOTP example).

“It is our intent to provide additional capabilities to our customers, and to even bring in additional security controls if [customers] choose to,” McMillan said. “We set the minimum bar here, and we think that’s a higher bar than you’re going to find at most of our competitors. And we’re going to do more, but we had to get this far first.”

Lest anyone accuse me of claiming that the thrust of this story is somehow newsy, allow me to recommend some related, earlier stories worth reading about United’s security changes:

TechCrunch: It’s Time to Publicly Shame United Airlines’ So-called Online Security

Slate: United Airlines Uses Multiple Choice Security Questions

21 Aug 15:08

Sixpenny, Stanmore

by Helen (Grab Your Fork)
Fergus Noodle

I donno

If there's one dessert you must hunt down right now it's the black truffle St Honore at Sixpenny. Originally only available for special occasion pre-orders, the dessert was such a hit that the kitchen will now occasionally make whole ones available for the day's diners. Individual slices are available as an additional dessert course until it sells out. It always does. 2014 Sebastien Brunet
24 Aug 00:56

A Life or Death Case of Identity Theft?

by BrianKrebs

Identity thieves have perfected a scam in which they impersonate existing customers at retail mobile phone stores, pay a small cash deposit on pricey new phones, and then charge the rest to the victim’s account. In most cases, switching on the new phones causes the victim account owner’s phone(s) to go dead. This is the story of a Pennsylvania man who allegedly died of a heart attack because his wife’s phone was switched off by ID thieves and she was temporarily unable to call for help.

On Feb. 20, 2016, James William Schwartz, 84, was going about his daily routine, which mainly consisted of caring for his wife, MaryLou. Mrs. Schwartz was suffering from the end stages of endometrial cancer and wasn’t physically mobile without assistance. When Mr. Schwartz began having a heart attack that day, MaryLou went to use her phone to call for help and discovered it was completely shut off.

Little did MaryLou know, but identity thieves had the day before entered a “premium authorized Verizon dealer” store in Florida and impersonated the Schwartzes. The thieves paid a $150 cash deposit to “upgrade” the elderly couple’s simple mobiles to new iPhone 6s devices, with the balance to be placed on the Schwartz’s account.

“Despite her severely disabled and elderly condition, MaryLou Schwartz was finally able to retrieve her husband’s cellular telephone using a mechanical arm,” reads a lawsuit (PDF) filed in Beaver County, Penn. on behalf of the Schwartz’s two daughters, alleging negligence by the Florida mobile phone store. “This monumental, determined and desperate endeavor to reach her husband’s working telephone took Mrs. Schwartz approximately forty minutes to achieve due to her condition. This vital delay in reaching emergency help proved to be fatal.”

By the time paramedics arrived, Mr. Schwartz was pronounced dead. MaryLou Schwartz died seventeen days later, on March 8, 2016. Incredibly, identity thieves would continue robbing the Schwartzes even after they were both deceased: According to the lawsuit, on April 14, 2016 the account of MaryLou Schwartz was again compromised and a tablet device was also fraudulently acquired in MaryLou’s name.

The Schwartz’s daughters say they didn’t learn about the fraud until after both parents passed away. According to them, they heard about it from the guy at a local Verizon reseller that noticed his longtime customers’ phones had been deactivated. That’s when they discovered that while their mother’s phone was inactive at the time of her father’s death, their father’s mobile had inexplicably been able to make but not receive phone calls.

KNOW YOUR RIGHTS AND OPTIONS

Exactly what sort of identification was demanded of the thieves who impersonated the Schwartzes is in dispute at the moment. But it seems clear that this is a fairly successful and common scheme for thieves to steal (and, in all likelihood, resell) high-end phones.

Lorrie Cranor, chief technologist for the U.S. Federal Trade Commission, was similarly victimized this summer when someone walked into a mobile phone store, claimed to be her, asked to upgrade her phones and walked out with two brand new iPhones assigned to her telephone numbers.

“My phones immediately stopped receiving calls, and I was left with a large bill and the anxiety and fear of financial injury that spring from identity theft,” Cranor wrote in a blog on the FTC’s site.  Cranor’s post is worth a read, as she uses the opportunity to explain how she recovered from the identity theft episode.

She also used her rights under the Fair Credit Reporting Act, which requires that companies provide business records related to identity theft to victims within 30 days of receiving a written request. Cranor said the mobile store took about twice that time to reply, but ultimately explained that the thief had used a fake ID with Cranor’s name but the impostor’s photo.

“She had acquired the iPhones at a retail store in Ohio, hundreds of miles from where I live, and charged them to my account on an installment plan,” Cranor wrote. “It appears she did not actually make use of either phone, suggesting her intention was to sell them for a quick profit. As far as I’m aware the thief has not been caught and could be targeting others with this crime.”

Cranor notes that records of identity thefts reported to the FTC provide some insight into how often thieves hijack a mobile phone account or open a new mobile phone account in a victim’s name.

“In January 2013, there were 1,038 incidents of these types of identity theft reported, representing 3.2% of all identity theft incidents reported to the FTC that month,” she explained. “By January 2016, that number had increased to 2,658 such incidents, representing 6.3% of all identity thefts reported to the FTC that month.  Such thefts involved all four of the major mobile carriers.”

The reality, Cranor said, is that identity theft reports to the FTC likely represent only the tip of a much larger iceberg. According to data from the Identity Theft Supplement to the 2014 National Crime Victimization Survey conducted by the U.S. Department of Justice, less than 1% of identity theft victims reported the theft to the FTC.

While dealing with diverted calls can be a hassle, having your phone calls and incoming text messages siphoned to another phone also can present new security problems, thanks to the growing use of text messages in authentication schemes for financial services and other accounts.

Perhaps the most helpful part of Cranor’s post is a section on the security options offered by the four major mobile providers in the U.S. For example, AT&T offers an “extra security” feature that requires customers to present a custom passcode when dealing with the wireless provider via phone or online.

“All of the carriers have slightly different procedures but seem to suffer from the same problem, which is that they’re relying on retail stores relying on store employee to look at the driver’s license,” Cranor told KrebsOnSecurity. “They don’t use services that will check the information on the drivers license, and so that [falls to] the store employee who has no training in spotting fake IDs.”

Some of the security options offered by the four major providers. Source: FTC.

Some of the security options offered by the four major providers. Source: FTC.

It’s important to note that secret passcodes often can be bypassed by determined attackers or identity thieves who are adept at social engineering — that is, tricking people into helping them commit fraud.

I’ve used a six-digit passcode for more than two years on my account with AT&T, and last summer noticed that I’d stopped receiving voicemails. A call to AT&T’s customer service revealed that all voicemails were being forwarded to a number in Seattle that I did not recognized or authorize.

Since it’s unlikely that the attackers in this case guessed my six-digit PIN, they likely tricked a customer service representative at AT&T into “authenticating” me via other methods — probably by offering static data points about me such as my Social Security number, date of birth, and other information that is widely available for sale in the cybercrime underground on virtually all Americans over the age of 35. In any case, Cranor’s post has inspired me to exercise my rights under the FCRA and find out for certain.

Vineetha Paruchuri, a masters in computer science student at Dartmouth College, recently gave a talk at the Bsides security conference in Las Vegas on her research into security at the major U.S. mobile phone providers. Paruchuri said all of the major mobile providers suffer from a lack of strict protocols for authenticating customers, leaving customer service personnel exposed to social engineering.

“As a computer science student, my contention was that if we take away the control from the humans, we can actually make this process more secure,” Paruchuri said.

Paruchuri said perhaps the most dangerous threat is the smooth-talking social engineer who spends time collecting information about the verbal shorthand or mobile industry patois used by employees at these companies. The thief then simply phones up customer support and poses as a mobile store technician or employee trying to assist a customer. This was the exact approach used in 2014, when young hooligans tricked my then-ISP Cox Communications into resetting the password for my Cox email account.

I suppose one aspect of this problem that makes the lack of strong customer authentication measures by the mobile industry so frustrating is that it’s hard to imagine a device which holds more personal and intimate details about you than your wireless phone. After all, your phone likely knows where you were last night, when you last traveled, the phone number you last called and numbers you most frequently text.

And yet, the best the mobile providers and their fleet of reseller stores can do to tell you apart from an ID thief is to store a PIN that could be bypassed by clever social engineers (who may or may not be shaving yet).

A NOTE FOR AT&T READERS

By the way, readers with AT&T phones may have received a notice this week that AT&T is making some changes to “authorized users” allowed on accounts. The notice advised that starting Sept. 1, 2016, customers can designate up to 10 authorized users per account.

“If your Authorized User does not know your account passcode or extra security passcode, your Authorized User may still access your account in a retail store using a Forgotten Passcode process. Effective Nov. 5, 2016, Authorized Users and those persons who call into Customer Service and provide sufficient account information (“Authenticated Callers”) Will have the ability to add a new line of service to your account. Such requests, whether made by you, an Authorized User, an Authenticated Caller or someone with online access to your account, will trigger a credit check on you.”

AT&T's message this week about upcoming account changes.

AT&T’s message this week about upcoming account changes.

I asked AT&T about what need this new policy was designed to address, and the company responded that AT&T has made no changes to how an authorized user can be added to an account. AT&T spokesman Jim Greer sent me the following:

“With this notice, we are simply increasing the number of authorized users you may add to your account and giving them the ability to add a line in stores or over the phone. We made this change since more customers have multiple lines for multiple people. Authorized users still cannot access the account holder’s sensitive personal information.”

“Over the past several years, the authentication process has been strengthened. In stores, we’re safeguarding customers through driver’s license or other government issued ID authentication.  We use a two-factor authentication when you contact us online or by phone that requires a one-time PIN. We’re continuing our efforts to better protect customers, with additional improvements on the horizon.”

“You don’t have to designate anyone to become an authorized user on your account. You will be notified if any significant changes are made to your account by an authorized user, and you can remove any person as an authorized user at any time.”

The rub is what AT&T does — or more specifically, what the AT&T customer representative does — to verify your identity when the caller says he doesn’t remember his PIN or passcode. If they allow PIN-less authentication by asking for your Social Security number, date of birth and other static information about you, ID thieves can defeat that easily.

Has someone fraudulently ordered phone service or phones in your name? Sound off in the comments below.

If you’re wondering what you can do to shield yourself and your family against identity theft, check out these primers:

How I Learned to Stop Worrying and Embrace the Security Freeze (this primer goes well beyond security freezes and includes a detailed Q&A as well as other tips to help prevent and recover from ID theft).

Are Credit Monitoring Services Worth It? 

What Tax Fraud Victims Can Do

The Lowdown on Freezing Your Kid’s Credit

16 Aug 20:15

Photo

by hell-baby




18 Aug 18:29

A Weekend at The Raffles Hotel, Singapore

Fergus Noodle

Who is gonna pay to send me to Raffles?

The Mercedes glides its way through Singapore's streets. At 7am it is early and it has yet to reach its peak humidity. I take a L'Occitane towelette and a bottle of water and flick through the newspapers on offer. And for those who prefer their news delivered through a tablet, there is an iPad to use too. This is just the start of the extraordinary service at Raffles Singapore.
14 Aug 08:11

Dragonflies eat bees

by Saving Our Trees
Fergus Noodle

"A single dragonfly can eat hundreds of mosquitoes a day." luv u dragonflies

We went to the markets to buy fresh fruit & vegetables today.  On the way out we stopped at the flower stall to marvel at the huge amount of bees that were enjoying the flowers, especially the Poppies.  One wonders how could so many bees know to come to collect pollen in an area surrounded […]
14 Aug 15:41

White Taro, Surry Hills

by Helen (Grab Your Fork)
Angie Hong is in the kitchen. The food is coming out thick and fast. If you've always lusted over the Instagram pics that are #mondayhongdinners, this is a dream come true. It's all part of the new dinner service at White Taro commencing quietly last week. Minimal fanfare and muted publicity meant the dining room was only half-full when we visited on the weekend. Don't expect that to last. The
14 Aug 18:15

Going Greek At The Smoking Goat, Abbotsford

A lot of people think I live in the inner west of Sydney. That's because I always seem to be writing about places there. But I only really know Newtown, Enmore and Marrickville well, but other suburbs like Abbotsford are quite new to me. It's a cold Wednesday night and my stomach is growling and all I can think about is Greek food as I make my way across Sydney's peak hour traffic. I'm late, as I always seem to be whenever I drive across the city but thankfully parking isn't an issue as The Smoking Goat is located at Sydney Rowing Club and there's parking. Free parking. Thank goodness for this minor Sydney miracle.
12 Aug 15:44

Evolution, Complexity, and Human Mating Strategies

by Lisa Wade, PhD

Flashback Friday.

I heard stories this week about dung beetles and cuttlefish.  Both made me think about the typical stories we hear in the media about evolved human mating strategies.  First, the stories:

—————————-

Story #1 :The Dung Beetle

Photo from flickr by Camilo Hdo.
Photo by Camilo Hdo, retrieved from flickr.

A story on Quirks and Quarks discussed the mating strategies of the dung beetle.  The picture above is of a male beetle; only the males have those giant horns.  He uses it to defend the entrance to a tiny burrow in which he keeps a female.  He’ll violently fight off other dung beetles who try to get access to the burrow.

So far this sounds like the typical story of competitive mating that we hear all the time about all kinds of animals, right?

There’s a twist: while only male dung beetles have horns, not all males have horns.  Some are completely hornless.  But if horns help you win the fight, how is hornlessness being passed down genetically?

Well, it turns out that when a big ol’ horned male is fighting with some other big ol’ horned male, little hornless males sneak into burrows and mate with the females.  They get discovered and booted out, of course, and the horned male will re-mate with the female with the hopes of displacing his sperm.

But.

Those little hornless males have giant testicles, way gianter than the horned males.  While the horned males are putting all of their energy into growing horns, the hornless males are making sperm.  So, even though they have limited access to females, they get as much mileage out of their access as they can.

The result: two distinct types of male dung beetles with two distinct mating strategies.

———————————

Story #2: The Giant Australian Cuttlefish

846693304_2d180b3fff_z
Photo by Paul Oughton, retrieved from Flickr.

The Naked Scientists podcast featured a story about Giant Australian Cuttlefish.  During mating season the male cuttlefish, much larger than the females, collect “harems” and spend their time mating and defending access.  Other males try to “muscle in,” but the bigger cuttlefish “throws his weight around” to scare him off. The biggest cuttlefish wins.

So far this sounds like the typical story of competitive mating that we hear all the time about all kinds of animals, right?

Well, according The Naked Scientists story, researchers have discovered an alternative mating strategy.  Small males, who are far too small to compete with large males, will pretend to be female, sneak into the defended territory, mate, and leave.

How do they do this?  They change their color pattern and rearrange their tentacles in a more typical female arrangement (they didn’t specify what this was) and, well, pass.  The large male thinks he’s another female. In the video below, the cuttlefish uses his ability to change the pattern on his body. He simultaneously displays a male pattern to the female and a female pattern to the large male on the other side.

———————————

So, can the crossdressing cuttlefish and dodge-y dung beetle tell us anything about evolved human mating strategies?

Probably not.

But I do think it tells us something about how we should think about evolution and the reproduction of genes. If you listen to the media cover evolutionary psychological explanations of human mating, you only hear one story about the strategies that males use to try to get sex. That story sounds a lot like the one told about the horned beetle and the large male cuttlefish.

But these species have demonstrated that there need not be only one mating strategy. In these cases, there are at least two. So, why in Darwin’s name would we assume that human beings, in all of their beautiful and incredible complexity, would only have one? Perhaps we see a diversity in types of human males (different body shapes and sizes, different intellectual gifts, etc) because there are many different ways to attract females. Maybe females see something valuable in many different kinds of males! Maybe not all females are the same!

Let’s set aside the stereotypes about men and women that media reporting on evolutionary psychology tends to reproduce and, instead, consider the possibility that human mating is at least as complex as that of dung beetles and cuttlefish.

Originally posted in 2010.

Lisa Wade, PhD is a professor at Occidental College. She is the author of American Hookup, a book about college sexual culture, and a textbook about gender. You can follow her on Twitter, Facebook, and Instagram.

(View original at https://thesocietypages.org/socimages)

12 Aug 18:11

Saturday Night at Emma's Snack Bar, Enmore

Fergus Noodle

We always getting flyers from here

Emma's Snack Bar on Liberty Road in Enmore is a very popular local's favourite. Serving up well priced Lebanese plates in a casual setting, you'll know it when you see it. It's the one where crowds are waiting outside. Open originally as "Emma's on Liberty", it reopened in 2014 as Emma's Snack Bar denoting a more casual style of food and setting.
10 Aug 18:23

Chicken Sashimi & An Unexpected Final Night in Tokyo, Toriki Yakitori

Fergus Noodle

This is what many of my times in Japan were like

Life is a funny thing. I had a recommendation for a yakitori place in Tokyo. It was called Toriki. Being the very last night of our trip to Tokyo it meant that things were a little sloppy. And by things I mean me. As in I was tired and not really paying attention. I googled "Toriki" and up came a result showing a place in a suburban area of Tokyo called Hatanodi. It's far from the Shinjuku/Shibuya/Ginza madness and when we switched trains to the Tokyo Ikegami line it deposited us into a suburban area of Tokyo's Shinagawa. And what ensued was one of the highlights of our Japan trip.
07 Aug 05:44

Uncle Tetsu's Japanese Cheesecake, Sydney

by Helen (Grab Your Fork)
Fergus Noodle

U can get these at Bread Top

There's no shopping bag more de rigeur right now than the red and white carry bag from Uncle Tetsu's. Forget your fancy designer labels. The hottest accessory in Sydney will set you back just $18. This Japanese cheesecake shop has been inundated with queues as soon as it opened. For a cheesecake that has built its reputation in Japan on its use of Australian cream cheese, it's a neat circle of
06 Aug 18:28

Eating Like An Egyptian at Piccolo's Cafe, Rozelle

Fergus Noodle

looks good but busy

Piccolo's Cafe on Darling Street in Rozelle is easy to spot from the street. Even with a chilly, windy 10° morning there is a crowd ten people thick waiting for their name to be called and their booking struck through with a pen on the front window. They're waiting for a menu laden with items like Cairo Eggs, Shakshuka, Mama's Felafel or Dukkha Dukkha reflecting the owners' Egyptian heritage. Breakfast goes until noon and then a lunch menu kicks in but there's plenty to find on both.
08 Aug 14:43

Signaling White Supremacy and Provoking Racist Backlash

by Lisa Wade, PhD

Signaling white supremacy.

On the heels of the Republican national convention, the notorious KKK leader David Duke announced his campaign for the Louisiana Senate. On his social media pages, he released a campaign poster featuring a young white woman with blonde hair and blue eyes wearing a gray tank top decorated with American flag imagery. She is beautiful and young, exuding innocence. Atop the image the text reads “fight for Western civilization” and included David Duke’s website and logo. It does not appear that she consented to being on the poster.

When I came upon the image, I was immediately reminded of pro-Nazi propaganda that I had seen in a museum in Germany, especially those depicting “Hitler youth.” Many of those posters featured fresh white faces, looking healthy and clean, in stark contrast to the distorted, darkened, bloated, and snarling faces of the targets of the Nazi regime.

7

8

It’s different era, but the implied message of Duke’s poster is the same — the nationalist message alongside the idealized figure — so it wasn’t difficult to find a Nazi propaganda poster that drew the comparison. I tweeted it out like this:

Given that David Duke is an avowed racist running on a platform to save “Western” civilization, it didn’t seem like that much of a stretch.

Provoking racist backlash.

I hashtagged it with #davidduke and #americafirst, so I can’t say I didn’t invite it, but the backlash was greater than any I have ever received. The day after the tweet, I easily got one tweet per minute, on average.

What I found fascinating was the range of responses. I was told I looked just like her — beautiful, blue-eyed, and white — was asked if I hated myself, accused of being a race traitor, and invited to join the movement against “white genocide.” I was also told that I was just jealous: comparatively hideous thanks to my age and weight. Trolls took shots at sociology, intellectuals, and my own intelligence. I was asked if I was Jewish, accused of being so, and told to put my head in an oven. I was sent false statistics about black crime. I was also, oddly, accused of being a Nazi myself. Others, like Kate Harding, Philip Cohen, and even Leslie Jones, were roped in.

Here is a sampling (super trigger warning for all kinds of hatefulness):

1011 12 13 14

It’s not news that twitter is full of trolls. It’s not news that there are proud white supremacists and neo-nazis in America. It’s not news that women online get told they’re ugly or fat on the reg. It’s not news that I’m a (proud) cat lady either, for what it’s worth. But I think transparency is our best bet to get people to acknowledge the ongoing racism, antisemitism, sexism, and anti-intellectualism in our society. So, there you have it.

Lisa Wade, PhD is a professor at Occidental College. She is the author of American Hookup, a book about college sexual culture, and a textbook about gender. You can follow her on Twitter, Facebook, and Instagram.

(View original at https://thesocietypages.org/socimages)

30 Jul 18:16

Doing The Double Dutch With Peanut Butter Chocolate Stroopwafel S'mores!

Fergus Noodle

You can buy them at Woolies NQN!

Want a delicious twist on the traditional S'more? Try these Dutch stroopwafels, toasted with marshmallows, a layer of milk or dark chocolate (your choice), a tiny pinch of salt and a lick of peanut butter! It's sweet and salty heaven!
31 Jul 18:16

24 Hours In The Life Of One Of The Best Hotels In The World: Behind the Scenes of The Raffles Singapore!

The other-worldly Raffles hotel is an almost mythical place. Evoking a time long past, the genteel service and exclusive atmosphere is one beloved by guests and visitors alike. Colonial history is rooted in this hotel and today we peel back the curtains on this intriguingly beautiful hotel and see what it takes to run a hotel unlike any other on earth.
28 Jul 19:31

Would You Use This ATM?

by BrianKrebs

One basic tenet of computer security is this: If you can’t vouch for a networked thing’s physical security, you cannot also vouch for its cybersecurity. That’s because in most cases, networked things really aren’t designed to foil a skilled and determined attacker who can physically connect his own devices. So you can imagine my shock and horror seeing a Cisco switch and wireless antenna sitting exposed atop of an ATM out in front of a bustling grocery store in my hometown of Northern Virginia.

I’ve long warned readers to avoid stand-alone ATMs in favor of wall-mounted and/or bank-operated ATMs. In many cases, thieves who can access the networking cables of an ATM are hooking up their own sniffing devices to grab cash machine card data flowing across the ATM network in plain text.

But I’ve never before seen a setup quite this braindead. Take a look:

A not-very-secure ATM in front of a grocery store in Northern Virginia.

An ATM in front of a grocery store in Northern Virginia.

Now let’s have a closer look at the back of this machine to see what we’re dealing with:

groceryatmback

Need to get online in a jiffy? No problem, this ATM has plenty of network jacks for you to plug into. What could go wrong?

Daniel Battisto, the longtime KrebsOnSecurity reader who alerted me to this disaster waiting to happen, summed up my thoughts on it pretty well in an email.

“I’d like to assume, for the sake of sanity, that the admin who created this setup knows that Cisco security is broken relatively simple once physical access is gained,” said Battisto, a physical and IT security professional. “I’d also like to assume that all unused interfaces are shutdown, and port-security has been configured on the interfaces in use. I’d also like to assume that the admin established a good console login.”

While it’s impossible to test the security of this setup without tampering with the devices, “considering that this was left like this in the front vestibule of a grocery store with no cameras around AND the console cable still attached, my above assumptions are likely invalid,” Battisto observed.

“In my experience, IT departments often overlook basic security practices, and double down on the oversight by not implementing proper physical security controls (you’d be surprised, maybe, at the number of server rooms that I’ve been in that had the keys to all of the racks taped to the outside of the doors),” he said.

If something doesn’t look right about an ATM, don’t use it and move on to the next one. It’s not worth the hassle and risk associated with having your checking account emptied of cash. Also, it’s best to favor ATMs that are installed inside of a building or wall as opposed to free-standing machines, which may be more vulnerable to tampering.

If you liked this piece, check out my entire series on skimming devices, All About Skimmers.

27 Jul 18:19

The Charm of Royal Copenhagen

Fergus Noodle

$7 coffee!

I flick the magazine open and the words sprang out at me. Does that ever happen to you? Your eyes just catch a sentence that seems tailor made for you? I was on my way to Copenhagen and the words "Copenhagen was voted the most charming city". Now that's a big claim. Plenty of cities have their own charm. And besides, aren't Danes like most Scandis? A bit reserved?
25 Jul 14:37

Why is Nationalism Dangerous?

by Lisa Wade, PhD
Fergus Noodle

"To be proud and protective of one’s country sounds like something good" not really

In his speech last week accepting the Republican nomination for President, Donald Trump said (my emphasis):

…our plan will put America First. Americanism, not globalism, will be our credo. As long as we are led by politicians who will not put America First, then we can be assured that other nations will not treat America with respect.

Donald Trump’s insistence that we put “America First” hardly sounds harmful or irrational on its face. To be proud and protective of one’s country sounds like something good, even inevitable.  Americans are, after all, Americans. Who else would we put first?

But nationalism — a passionate investment in one’s country over and above others — is neither good nor neutral. Here are some reasons why it’s dangerous:

  • Nationalism is a form of in-group/out-group thinking. It encourages the kind of “us” vs. “them” attitude that drives sports fandom, making people irrationally committed to one team. When the team wins, they feel victorious (even though they just watched), and they feel pleasure in others’ defeat. As George Orwell put it:

A nationalist is one who thinks solely, or mainly, in terms of competitive prestige… his thoughts always turn on victories, defeats, triumphs and humiliations.

  • Committed to winning at all costs, with power-seeking and superiority as the only real goal, nationalists feel justified in hurting the people of other countries. Selfishness and a will to power — instead of morality, mutual benefit, or long-term stability — becomes the driving force of foreign policy. Broken agreements, violence, indifference to suffering, and other harms to countries and their peoples destabilize global politics. As the Washington Post said yesterday in its unprecedented editorial board opinion on Donald Trump, “The consequences to global security could be disastrous.”
  • Nationalism also contributes to internal fragmentation and instability. It requires that we decide who is and isn’t truly part of the nation, encouraging exclusionary, prejudiced attitudes and policies towards anyone within our borders who is identified as part of “them.” Trump has been clearly marking the boundaries of the real America for his entire campaign, excluding Mexican Americans, Muslims, African Americans, immigrants, and possibly even women. As MSNBC’s Chris Hayes tweeted on the night of Trump’s acceptance speech:

  • A nationalist leader will have to lie and distort history in order to maintain the illusion of superiority. A nationalist regime requires a post-truth politics, one that makes facts irrelevant in favor of emotional appeals. As Dr. Ali Mohammed Naqvi explained:

To glorify itself, nationalism generally resorts to suppositions, exaggerations, fallacious reasonings, scorn and inadmissible self-praise, and worst of all, it engages in the distortion of history, model-making and fable-writing. Historical facts are twisted to imaginary myths as it fears historical and social realism.

  • Thoughtful and responsive governance interferes with self-glorification, so all internal reflection and external criticism must be squashed. Nationalist leaders attack and disempower anyone who questions the nationalist program and aim to destroy social movements. After Trump’s acceptance speech, Black Lives Matter co-founder Patrisse Cullers responded: “He… threaten[ed] the vast majority of this country with imprisonment, deportation and a culture of abject fear.” Anyone who isn’t on board, especially if they are designated as a “them,” must be silenced.

When Americans say “America is the greatest country on earth,” that’s nationalism. When other countries are framed as competitors instead of allies and potential allies, that’s nationalism. When people say “America first,” expressing a willfulness to cause pain and suffering to citizens of other countries if it is good for America, that’s nationalism. And that’s dangerous. It’s committing to one’s country’s preeminence and doing whatever it takes, however immoral, unlawful, or destructive, to further that goal.

.

Lisa Wade, PhD is a professor at Occidental College. She is the author of American Hookup, a book about college sexual culture, and a textbook about gender. You can follow her on Twitter, Facebook, and Instagram.

(View original at https://thesocietypages.org/socimages)

25 Jul 18:23

The World of Barzaari, Marrickville

Fergus Noodle

Just down the road but I don't think I want to eat any of this stuff

What happens when an ex Quay chef opens up his own restaurant after studying the business side of the restaurant world and opening up dozens of others restaurants? It's a relatively smooth transition for Barzaari's chef Darryl Martin and business partner and family friend Andrew Jordanou. And it's a path gilded in pretty dishes that will make you want to take out your phone or a camera, even if just to remember them.
17 Jul 15:03

i-Creamy Artisan Gelato, Sydney

by Helen (Grab Your Fork)
Scoops of gelato? Ptooey. Who wants a boring old hemisphere jammed onto a cone when you can have a lovingly shaped gelato flower instead? Sydneysiders can't get enough of these rose-inspired artworks, judging by the crowds each night at i-Creamy. The gelato itself is serious business too. i-Creamy founder Ben Chitmitrechareon learnt the trade from Gelato Messina legend, Nick Palumbo, at
03 Jul 18:16

Meet My Suburb: Concord in Sydney's Inner West!

Concord is a suburb in Sydney's inner west bordered by North Strathfield to the West, Breakfast Point to the North and Five Dock Canada Bay on the east. The main thoroughfare and shopping street is Majors Bay Road. When I wrote about my last food tour of Summer Hill with Belinda, a fellow blogger Bianca from For Food's Sake asked if I would like a food tour of her suburb, Concord. I make it a policy of never refusing an offer like this-it would be foolish, nay crazy to refuse an offer from these guys.
08 Jul 08:08

Canterbury Foodies and Farmers Market, Canterbury

by Helen (Grab Your Fork)
Inner westies have a new farmers market to wake up every Sunday with the Canterbury Foodies and Farmers Markets. This is the third market venue for the Organic Foodies Markets, adding to its current markets at Ramsgate and Peakhurst. I went along in its second week of trade (the markets started on June 26 this year) and was amazed by the number and variety of stalls. Daffodils The market
30 Jun 15:15

Ramadan Food Festival, Lakemba

by Helen (Grab Your Fork)
If there's ever a time to visit Lakemba, it's now. Every evening Ramadan night markets transform the main strip of Haldon Street into a convivial food festival. Families, young kids and teenagers roam the footpaths crowded with charcoal barbecues, juice stands and food stalls. Everywhere you look, there's something happening. The hiss of fat hitting charcoal. Plumes of steam rising from a
29 Jun 14:03

The Most Trustful Societies are Weakly Religious and Diverse

by Evan Stewart

We often think that religion helps to build a strong society, in part because it gives people a shared set of beliefs that fosters trust. When you know what your neighbors think about right and wrong, it is easier to assume they are trustworthy people. The problem is that this logic focuses on trustworthy individuals, while social scientists often think about the relationship between religion and trust in terms of social structure and context.

New research from David Olson and Miao Li (using data from the World Values survey) examines the trust levels of 77,405 individuals from 69 countries collected between 1999 and 2010. The authors’ analysis focuses on a simple survey question about whether respondents felt they could, in general, trust other people. The authors were especially interested in how religiosity at the national level affected this trust, measuring it in two ways: the percentage of the population that regularly attended religious services and the level of religious diversity in the nation.

These two measures of religious strength and diversity in the social context brought out a surprising pattern. Nations with high religious diversity and high religious attendance had respondents who were significantly less likely to say they could generally trust other people. Conversely, nations with high religious diversity, but relatively low levels of participation, had respondents who were more likely to say they could generally trust other people.

5

One possible explanation for these two findings is that it is harder to navigate competing claims about truth and moral authority in a society when the stakes are high and everyone cares a lot about the answers, but also much easier to learn to trust others when living in a diverse society where the stakes for that difference are low. The most important lesson from this work, however, may be that the positive effects we usually attribute to cultural systems like religion are not guaranteed; things can turn out quite differently depending on the way religion is embedded in social context.

Evan Stewart is a PhD candidate at the University of Minnesota studying political culture. He is also a member of The Society Pages’ graduate student board. There, he writes for the blog Discoveries, where this post originally appeared. You can follow him on Twitter

(View original at https://thesocietypages.org/socimages)

27 Jun 13:42

In Which We Woke Up This Morning And All The Direwolves Were Gone

by Durga
Fergus Noodle

'so too may some of the Stark children be the product of a similar relationship. The way Ned Stark looked at his sister as she was dying in childbirth was a bit on the creepy side.' I thought this too! This post contains spoilers!

Fully Thronesed

by DICK CHENEY

Game of Thrones
creators David Benioff & D.B. Weiss
HBO

It was a show that barely got a second season order, so constrained by budgetary limitations that in early seasons Jon Snow's direwolf Ghost was portrayed by a toy poodle from Tom's River, New Jersey named Lady Sunstein.

All the direwolves are gone now, and all the Lannister children as well. They were all the product of an ill union between brother and sister - and, it is intimated, so too may some of the Stark children be the product of a similar relationship. The way Ned Stark looked at his sister as she was dying in childbirth was a bit on the creepy side. Maybe we find out later, in the vast books of the Citadel, that Rhaeger was impotent.

There was something a bit trite about these climactic scenes as they finally arrived. The first twenty minutes of this show was brilliant and probably should have been in last week's episode. It was amazing how Cersei sort of gave up on her son and left his bay windows open for a deadly fall. I was so happy that I would never be forced to watch Natalie Dormer or Jonathan Pryce act again that I almost cried.

Grandma Tyrell's indignation at this state of affairs seemed rather forced. I don't really understand why the Golden Girls need to be affliated with Daenerys, since she seems destined to enter into a love relationship with her nephew Jon Snow. On the other hand, the absolute insane amount of people that have been killed off means that the remaining characters are necessarily inhabiting a larger role.

The worst part of the finale was undoubtedly the turgid scene between Daenerys and Tyrion. What kind of woman throws out a perfectly good terrible actor and replaces him with a much shorter terrible actor? Tyrion as a character would have a lot more relevance if he exhibited any emotion at all. Like, what is even the point of this mutual appreciation party? Cersei may not have liked him very much, but didn't he already get his revenge?

The power struggle in the North is a nice wrinkle, but a couple things. The Onion Knight was absolutely fine with Melisandre for like a year, but suddenly he's accusing her of being a murderer? He's been acting like they were best friends the entire season. Also, I'm pretty sure the little girl was going to die from greyscale any day. Melisandre could have plausibly used that in her defense. I guess it's time for her to meet up with the Brotherhood without Banners. She could finally bring Catelyn Stark back from the dead.

So many people were and are still caught up in thinking that Arya Stark never left that little shit room in Braavos, and the Waif is now Arya Stark. I guess it's possible, although why she would go and eat all of Walder Frey's children I truly don't know. I felt like that probably could have used an episode in itself. Arya should have infiltrated the camp and shown all her skills. This way it just seems like she teleported to her destination and the kill has so much less effect.

Cersei Lannister should be a tremendous villain, but I'm sort of failing to see where she went wrong in any of this. Bran saw her fucking Jaime in Winterfell. She took mercy on the boy and never killed him. She returned to Westeros. Her husband was a dangerous alcoholic so she got rid of him, but in the nicest possible way. She did kill Ned Stark, but in her defense, he was very nosy and anyway I doubt she could have stopped it from happening. The Golden Girls killed her daughter and the Tyrells killed Joffrey. So exactly how did she lose the moral high ground in any of this? This entire season she's been nothing but trod upon by a group of religious fanatics who stole her remaining son.

I honestly don't know why he even bothered finishing the series of books. It feels like we are so close to end of things that the rest of Game of Thrones will just approximate the feel of this episode. The finale was just a big epilogue, a Where Are They Now? for a group of people that have already experienced all the tragedy they will ever know. How do you punish the punisher, or torture the tortured? There was a finality to everything, a sense that we could watch these shifting alliances forever, until we decide ourselves to leave well enough alone.

Dick Cheney is the senior contributor to This Recording. He will return to his reviews when the remake of Lost hits ABC in the year 2026, or when Game of Thrones returns, whichever occurs first I guess.


26 Jun 23:02

A Dessert for Summer and Winter: Pineapple Tarte Tatin!

Ahh tarte tatin. Nothing says "welcome to winter" like a gorgeous baked buttery pastry but with half the planet experiencing summer I decided to make a tarte tatin for both hemispheres. Nothing could be easier than making these buttery gorgeous saucy tarts. For starters pineapples are perfect for an individual serve of tarte tatin. Plus they are even easier than apple tarte tatin as the fruit needs no cooking. Are you ready to impress?
26 Jun 15:38

Mercado, Sydney

by Helen (Grab Your Fork)
Fergus Noodle

4 webber

They're not garlic cloves. The glistening hillocks on our wagyu beef shortrib are melt-in-the-mouth dabs of bone marrow, splashed over with a richly sweet jus poured with ceremony at our table. It's a dish that exemplifies the approach at Mercado - simple and uncomplicated fare that doesn't rely on fancy garnishes or plating. Mercado, which means market in Spanish, is the latest undertaking
22 Jun 16:01

Leaving Work to Care for Family Could Cost You Hundreds of Thousands of Dollars

by Alyssa Peterson
Fergus Noodle

I think I still earn my wage increases when I am on maternity leave. Phew.

A new interactive from the Center for American Progress helps you calculate how much you will lose if you exit the workforce to care for a family member — and the answers are depressing. 

Take me for example: I’m 23 and earn $38,000 a year. If I take off one year of work at the age of 28 to care for a child or an aging parent, the cost of that decision will be $131,000. That’s because, in addition to the wages lost during that period, individuals who take time out of the workforce also miss out on the wage increases they would have earned had they remained, which in turn reduces their retirement savings and social security benefits.

Screen Shot 2016-06-21 at 6.08.06 PM

 

These costs disproportionately fall on women, who often shoulder the bulk of caregiving responsibilities whether they want to or not. Pew Research Center data shows that 39 percent of surveyed mothers have taken a significant amount of time off to care for a family member, as opposed to 29 percent of fathers. This disparity may be linked to societal expectations around caregiving; one Pew survey found that 80 percent of respondents believed that young women with children should work part-time or drop out of the labor force; by contrast, 70 percent of these respondents believed that men with young children should work full-time.

These discriminatory attitudes stand in the way of more egalitarian caregiving arrangements and can discourage men from trying to balance the scale. For example, if I were a man, I would actually lose $30,000 more than a woman, according to the interactive. As the concept of a stay-at-home dad remains heavily stigmatized (only 4 percent of the Pew survey respondents saw it as ideal), men who have gaps in their resume due to caregiving are strongly discriminated against when they try to return to the workforce.

And so, rather than taking an absolute position about what is best for everyone, we should work to reduce the penalties associated with caregiving.

For some people, that will mean making child care more affordable. Right now the Center for American Progress notes that the average cost to have two children in a child care center is nearly $18,000 annually. As a result, many low-and-moderate income families are caught in a bind where they have to either accept that much of their earnings will be eaten up by child care expenses or stop work and take a huge hit to their current/future earnings.

But, we can’t stop at child care or elder care. Focusing solely on labor force participation obscures the very real ways that people contribute essential care work that isn’t compensated for within capitalism. One way of accounting for this in the context of retirement would be through enacting a Social Security caregivers credit. At present, the labor of individuals who exit the workforce to provide uncompensated care for a family member is not valued for Social Security purposes. A caregivers credit would ensure that care work is valued when calculating future Social Security benefits.

A more comprehensive solution to compensating care work would be to enact a Universal Basic Income (UBI), a policy where individuals receive an unconditional sum on a regular basis. As Judith Shulevitz has written in the New York Times, enacting a UBI would be a way to more appropriately account for labor that mothers and other caregivers currently provide for free.

We have all benefited from the care work of others, compensated or not. It’s time that our public policies accord that labor the respect and visibility it deserves.

Header image by Kainaz Amaria via NPR