Reported by Bruce Schneier:
The NSA would like to remind everyone to call their mothers this Sunday. They need to calibrate their system.
Don't know whether that's funny or scary...
Here's some code I discovered while tracking a bug this morning:
const string DATE_FORMAT = "M/d/yyyy";
string dateString =
ConfigSettings.GetString("Some setting", DateTime.Now.ToString(DATE_FORMAT));
DateTime someDate =
DateTime.ParseExact(dateString, DATE_FORMAT, CultureInfo.InvariantCulture);
The DateTime.ParseExact method throws a FormatException if the string (dateString) doesn't exactly match the format string. I mean, exactly. So when dateString comes back from the configuration settings class as "5-12-2006" (instead of "5/12/2006"), guess what happens.
DateTime someDate = DateTime.Parse(dateString, CultureInfo.InvariantCulture);
The DateTime.Parse method takes any legal input and attempts to parse it, freeing the developer from having to know what formats may occur. The DateTime.ParseExact method has some specific applications, but when you don't know what you're getting, it's risky—especially when you don't actually catch the FormatException anywhere.
Of course, the DateTime.Parse method could also throw a FormatException. In the code I'm debugging, since the date isn't really coming from a configuration set that we control and is, in fact, coming from an unknown third party, I'm actually going to go with an even more forgiving option:
string dateString = ConfigSettings.GetString("Some setting", string.Empty);
if (DateTime.TryParse(dateString, someDate) == false)
someDate = DateTime.Now;
Moral: Never assume anything about inputs you don't directly control.
 You could tell all that from the name of the class, right? I mean, if you see something called "ConfigSettings" you kind of assume that the class has something to do with configuration settings, and doesn't have anything to do with talking to computers in Ohio, right? I'm not making this up: the method call in question may go to Ohio for its data. This highlights the importance of naming your classes correctly so that people trying to use your code don't curse your name unto the generations.
A grand jury has indicted Republican Governor Ernie Fletcher on three misdemeanor charges of conspiracy, official misconduct and political discrimination:
The jury also indicted former transportation Cabinet official Sam Beverage for perjury, which is a felony. And the jury also submitted to Franklin Circuit Judge William Graham 14 more indictments that are under seal.
Those indictments cover crimes that may have occurred before Aug. 29, 2005 when Fletcher pardoned all administration officials except himself.
Here's a fun game you can play tonight: Count the number of times Fox News mentions Fletcher's party affiliation, then when they run a story about Democratic Illinois Governor Rod Blagojevich, count the number of times they mention his.
On second thought, don't watch Fox News if you can avoid it.
USA Today reported earlier that the National Security Administration has collected an enormous volume of phone records from AT&T, Verizon, and Bell South. Only Qwest refused the NSA's request:
With access to records of billions of domestic calls, the NSA has gained a secret window into the communications habits of millions of Americans. Customers' names, street addresses and other personal information are not being handed over as part of NSA's domestic program, the sources said. But the phone numbers the NSA collects can easily be cross-checked with other databases to obtain that information.
... Qwest declined to participate because it was uneasy about the legal implications of handing over customer information to the government without warrants.
Qwest's refusal to participate has left the NSA with a hole in its database. Based in Denver, Qwest provides local phone service to 14 million customers in 14 states in the West and Northwest. But AT&T and Verizon also provide some services — primarily long-distance and wireless — to people who live in Qwest's region. Therefore, they can provide the NSA with at least some access in that area.
This is absolutely stunning. The phone companies' disclosure without court orders may be criminal. The NSA's collection of the data is certainly illegal.
I don't care what your political views, do you really want the U.S. government knowing how often you called your mother last month? Do you want some bureaucrat in Maryland figuring out how many links separate you from Kevin Bacon? Or, more to the point, Osama bin Laden? Say you call a restaurant to make reservations frequented by the uncle of the brother-in-law of the daughter of (insert terrorist suspect here)...do you really want someone to make that connection for you?
Do you want your phone company to just give this data over to the government in the first place?
I remember a simpler time when a cop had to go to the U.S. Attorney who had to go to a judge to get permission to get the phone records of a Mafia boss.
Just in case anyone has forgotten: the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. This is the law, and has been so for 215 years. It's time to enforce the law.
Polls open in 179 days and 18 hours.
Update: Anne found that the Electronic Frontier Foundation has an ongoing class-action suit against AT&T stemming from the revelations last November that AT&T had helped the NSA listen in on conversations. I imagine they'll amend the suit to take into account USA Today's allegations.
The Chicago Tribune reports today that the Chicago Transit Authority has agreed to buy 406 new El cars for the Blue and Pink lines. The cars will have aisle-facing seating rather than the mixed seating arrangement currently in use (see the Tribune graphic). This is a long-overdue improvement on the Blue line, whose trains go to O'Hare. Struggling with luggage on the current trains causes pain; the new arrangement will alleviate it.
The CTA expects the cars to roll by 2009, shortly after we have a new President (984 days from now).
I heard on New Hampshire Public Radio this morning that—hang on—<ACHOO!>—<sniff>—(sorry) I heard that tree pollen is peaking right now across New England.
Bruce Schneier linked to this Wired article about Radio Frequency ID (RFID) tags. It will fascinate or terrify you, depending on how thorough and disciplined you think the implementations will be. Choice passage:
"I was at a hotel that used smartcards, so I copied one and put the data into my computer," Grunwald says. "Then I used RFDump to upload the room key card data to the price chip on a box of cream cheese from the Future Store. And I opened my hotel room with the cream cheese!"
I don't agree with everything Motley Fool columnist Bill Mann says, but I think in essence he's correct:
My editors hate it when I call people idiots. But I mean it. Our elected officials are either stupid, or they think enough of us are stupid that they can say stupid things and we'll just thank 'em for it. ... Pay $100 from the federal Treasury to compensate Americans for high gas prices? Are you people completely, utterly devoid of brain matter?
You want to blame $3 gas on something? Fine, let's start with where blame should go—on $0.95 gas.
I think he's right that cheap gas hurt in the long run, but I'm not sure that the free market justifies the enormous profits oil companies are reaping. I'll think more about this.
I had planned to take two co-workers up for a sightseeing flight around Nashua last Tuesday, but the 500-foot ceilings and 24-knot winds argued against it. So we postponed until today.
The terminal area forecast right now calls for northeast winds at 14 gusting to 24 knots with 5,000-foot ceilings, with both winds and ceiling diminishing to 12 knots and 1200 feet respectively by 9pm (01:00 UTC).
So, once again, I'll use the #1 Aviation Safety Procedure: "staying on the ground."
Phooey. I wanted to fly.
My office building decided to wash windows today. I am not in my office building; I am, in fact, 1,330 km (826 mi) away. Despite clear instructions to be careful with the Inner Drive Webcam, and to replace it when done washing the windows...well... Let's see what happens in the next hour, because I don't want to stare at this for the next four days:
This is on top of a strange "image freeze" issue I've had for about three weeks. I'm looking into that as well, as much as possible from New Hampshire.
The damn thing ran flawlessly for four months. This is most aggravating. Nothing has changed—except possibly a Windows 2000 patch mid-April, which may be the source of the problems.
Update (10:25 CT/15:25 UTC): My building manager is on top of it. The window washers are apparently taking a long time. She graciously turned the webcam for me so that it now points to something more interesting: the other wall.