Chinese Mobile Execution Bus

China Makes Ultimate Punishment Mobile

The country that executed more than four times as many convicts as the rest of the world combined last year is slowly phasing out public executions by firing squad in favor of lethal injections. Unlike the United States and Singapore, the only two other countries where death is administered by injection, China metes out capital punishment from specially equipped “death vans” that shuttle from town to town.

Makers of the death vans say the vehicles and injections are a civilized alternative to the firing squad, ending the life of the condemned more quickly, clinically and safely. The switch from gunshots to injections is a sign that China “promotes human rights now,” says Kang Zhongwen, who designed the Jinguan Automobile death van in which “Devil” Zhang took his final ride.

SQL SA Password Tips

The sa account is created during the installation process and the sa account has full rights in the SQL Server environment. By default, the sa password is blank (NULL), unless you change the password when you run the MSDE Setup program. To conform with the best security practices, you must change the sa password to a strong password at the first opportunity.

Verify if the SA password is blank

1. On the computer that is hosting the instance of MSDE to which you are connecting, open a command prompt window.

2. At the command prompt, type the following command, and then press ENTER:

  osql -U sa

This connects you to the local, default instance of MSDE by using the sa account. To connect to a named instance installed on your computer type:

  osql -U sa -S servername\instancename

You are now at the following prompt:

  Password: 

3. Press ENTER again. This will pass a NULL (blank) password for sa.

If you are now at the following prompt, after you press ENTER, then you do not have a password for the sa account:

  1>

We recommend that you create a non-NULL, strong password to conform with security practices.

However, if you receive the following error message, you have entered an incorrect password. This error message indicates that a password has been created for the sa account:

"Login Failed for user 'sa'."

The following error message indicates that the computer that is running SQL Server is set to Windows Authentication only:

Login failed for user 'sa'. Reason: Not associated with a trusted SQL Server connection.

You cannot verify your sa password while in Windows Authentication mode. However, you can create a sa password so that your sa account is secure in case your authentication mode is changed to Mixed Mode in the future.

If you receive the following error message, SQL Server may not be running or you may have provided an incorrect name for the named instance of SQL Server that is installed:

  [Shared Memory]SQL Server does not exist or access denied.
[Shared Memory]ConnectionOpen (Connect()). 

Change your SA password

1. On the computer that is hosting the instance of MSDE to which you are connecting, open the command prompt window.

2. Type the following command, and then press ENTER:

  osql -U sa

At the Password: prompt, press ENTER if your password is blank or type the current password. This connects you to the local, default instance of MSDE by using the sa account. To connect by using Windows authentication, type this command:

  use osql -E

Note If you are using SQL Server 2005 Express, avoid using the Osql utility, and plan to modify applications that currently use the Osql feature. Use the Sqlcmd utility instead.

3. Type the following commands, on separate lines, and then press ENTER:

 sp_password @old = null, @new = 'complexpwd',  @loginame ='sa' 

  go

Note Make sure that you replace "complexpwd" with the new strong password. A strong password includes alpha-numeric and special characters, and a combination of upper and lower case characters.

You will receive the following informational message, which indicates that your password was changed successfully:

  Password changed.

Friday Fun - Personality Type: The Backstabber

From The Bastardly

It’s perfectly natural if a particular face flashed into your mind after reading the title. It’s always good to remember those who we must watch out for as we tread through our robotic lives.

The Backstabber is yet another special personality type. Special, because it is The Backstabber & Backstabber alone, who keeps us between a prosperous life & a life full of poverty, hatred & depression (even a murderous life, if we choose to take it that far). For the sake of my own sanity & hopefully your own, I’m creating a list of Backstabberly characteristics that we must all memorize and attempt to pin onto people we live, work & play amongst. No one must be left out! It is a question of life & death, my friends. For safety, use the ‘3 strikes & you’re a fucking Backstabber’ rule.

1. The typical Backstabber will always be lurking. Lurking to see what you do, when you do it & how you do it.
2. In the office, the Backstabber might just be the person who comes to your cube unsuspectingly.
3. The Backstabber will always be first person willing to help when you need assistance—not because he genuinely wants to help, but because he wants to learn how you work & possibly expose weaknesses in the process.
4. The Backstabber, whenever the opportunity arises, will use the CC (or God forbid, the BCC!!) function in Microsoft Outlook.
5. The Backstabber will never take any blame upon himself. Never.
6. The Backstabber is also either a Drama Fanner or Drama Queen (personality types already covered The Bastardly).
7. The Backstabber pretends to be naive of very obvious things for the sake of seeing how you react.
8. The Backstabber’s main goal is to expose you in front of as many people as possible. In meetings they tend to laugh a lot, possibly ask stupid questions. Don’t fall into this stupidity trap. Their main goal is to get you to open your mouth, so that you may set yourself up for a beating.
9. All backstabbers are naturally very selfish & spoiled people. They will do anything to get the most and be the best. This includes whoring themselves, shady bribing techniques, hiring brothas to make hits—pretty much whatever it takes (think of the Terminator.)
10. Always know your Backstabber, but don’t become one yourself. It’s like the War On Terrorism—it will go on forever (or at least until one man is left standing). Basically, ignoring the Backstabber is not an option b/c that’s when you’re most vulnerable!

Remember, the only way to get a Backstabber off your back is to move to a different city, challenge them to an old-school duel, & of course, secede.

Godspeed!

British contractors shooting "A "trophy" video"

"The U.S. military has concluded its investigation into a video that appeared to show private security contractors shooting at civilian vehicles on highways in Iraq and determined that no one involved will be charged with a crime, a military spokesman in Baghdad said. The investigation, which officials have not released publicly, began after the video was posted on an Internet site purportedly run by employees of Aegis Defense Services, a London-based firm with a $293 million U.S. government security contract."

Naked Suspect Stunned By Oklahoma Police

ANN WEAVER
The Daily Oklahoman

MIDWEST CITY -- Police used a taser to subdue a naked man seen streaking down SE 29, Police Chief Brandon Clabes said.

Mark Alan Oliver, 47, was taken into custody Monday night by two police officers while in the Village Oaks mobile home park in the 9400 block of SE 29.

Clabes said the man crawled under one of the mobile homes and refused to come out. Even after officers Archie Huston and Joe Cruz pulled the man from underneath the home, he continued to struggle until one of the policemen used a taser gun to subdue him, Clabes said.

Oliver was booked into the city jail on complaints of public intoxication and indecent exposure.

Clabes said Oliver told officers he had taken off his clothes to urinate and had forgotten where he left them.

Friday Fun - Windows' hidden "features"

Try this under Windows:

Right-click on the Desktop
Create a new Shortcut
Point the location of the item to any executable... such as: c:\windows\system32\calc.exe
Name the shortcut, for example, www.microsoft.com
Start Internet Explorer (IE5 and IE6 work best)
Type "www.microsoft.com" into the address bar
Enjoy.

More info can be found from here.

Shredding scissors -- five-scissor blades on one handle

These Japanese shredding scissors provide a low-tech way to discard of docs at your home or office desk.

Friday Fun - What E&Y Does Best!

Ernst & Young's laptop loss unit continues to be one of the company's more productive divisions.

The Register can again exclusively confirm the loss of the Hotels.com customer information after having received a copy of a letter mailed out jointly by the web site and Ernst & Young. A Hotels.com spokesman also confirmed the data breach, saying Ernst & Young notified the company of the laptop loss on May 3. The laptop in question was stolen from an Ernst & Young worker's car in Texas and did have some basic data protection mechanisms such as, erm, the need for a password.

"Weapon of Mass Destruction" Targets Sex Shop In FL

In Waldo, people have held prayer vigils and protests aimed at an adult bookstore along US 301, trying to keep the "Cafe Risque" from opening its doors on time.

Those efforts have all failed, so investigators say it looks like someone has turned to what they're calling a clear act of terrorism to keep the store's owner from opening up shop.

Spam Or Ham

SpamOrHam.org is a web site where you can help anti-spammers (like SpamOrHam creator John Graham-Cumming) by manually sorting email. In order to accurately test spam filters anti-spammers need to have large amounts of email that has been accurately divided into spam and ham (normal) messages.

Although there are some existing sets of sorted messages available (such as the SpamAssassin public corpus and the TREC 2005 Public Spam Corpus), they are either small or have been sorted by machine and may contain errors.

SpamOrHam.org has been created to solve that problem by harnessing people power. By manually classifying (clicking This is Spam or This is Ham) a small number of messages a large number of people can quickly sort thousands of messages.

You can help out by clicking through messages that are randomly displayed and saying whether you think the message is spam or ham. It's as simple as that.

Linux for Human Beings

"Ubuntu" is an ancient African word, meaning "humanity to others". Ubuntu also means "I am what I am because of who we all are". The Ubuntu Linux distribution brings the spirit of Ubuntu to the software world.

I can't say enough good things about this free distribution. Ubuntu is a free, open source operating system based on Debian. A single disk is all you need for install and a Live CD ver is also available.

Great stuff...

Fridays are for Fun! No prison stay for 5-foot-1 child molester

A man found guilty of sexually assaulting a child has been given 10 years of probation by a judge who said the man was too small to survive prison.

District Judge Kristine Cecava of Cheyenne County sentenced Richard W. Thompson, 50, Tuesday on two counts of sexually assaulting a minor.

“What you have done is absolutely inexcusable,” she said.

His crimes deserved a long sentence, Cecava said, but she expressed concern that the 5-foot-1 Thompson would be especially imperiled by prison dangers.

Reporting Vulnerabilities - Not for the Faint of Heart

Interesting essay, and interesting comments, along with an article on the essay.

Nothing bad happened to me, but it could have, for two reasons.

The first reason is that whenever you do something “unnecessary”, such as reporting a vulnerability, police wonder why, and how you found out. Police also wonders if you found one vulnerability, could you have found more and not reported them? Who did you disclose that information to? Did you get into the web site, and do anything there that you shouldn’t have? It’s normal for the police to think that way. They have to. Unfortunately, it makes it very uninteresting to report any problems.

The second reason that bad things could have happened to me is that I’m stubborn and believe that in a university setting, it should be acceptable for students who stumble across a problem to report vulnerabilities anonymously through an approved person (e.g., a staff member or faculty) and mechanism. Why anonymously? Because student vulnerability reporters are akin to whistleblowers.

Top ten spam-generating countries by Spamhaus.org

We are number one!

The US is the leading spam origin country. China and Russia are next.

Management Problems

“There are management solutions to technical problems, but there are no technical solutions to management problems.”

This is true in any business environment, but it is especially true in the security world. Often executive management will look at security and see something that can be “fixed” with a magic box, maybe a firewall, an encryption device, etc.

However, the only way to really fix security is to have management truly understand the right reasons for needing an effective security program vs only perusing security due to external pressures/mandates to do so. Then once they have grasped this basic tenant then and only then can they successfully transmit this message to the troops.

Security can be looked at as an art or even a religion, but with out a foundation built on integrity, reality and wisdom… It is nothing but a lot of smoke and mirrors.

Fridays are for Fun - Cryptography Rap

Crap its Sunday not Friday! Oh well, fun anyway...

The rapper MC Plus+ has written a song about cryptography, "Alice and Bob." It mentions DES, AES, Blowfish, RSA, SHA-1, and more...

Quiz Of The Week

What does JDAN ENTERPRISES, Inc. do?

Ck their website here.

Computer-Savvy Thieves Rip-Off Gas Stations

For almost any crime there needs to be motivation... High Gas $s = motivation

At least two St. Louis gas station owners or managers say somebody is breaking into gas pumps, reprogramming interior keypads and instructing the machines to dispense fuel at no charge.

Free gas is certainly not what the gas station owners had in mind.

Kevin Tippit is manager of the Phillips 66 at Lindell and Boyle in St. Louis. Tippit says his boss lost between $6,000 and $10,000 worth of gas Friday before a regular customer tipped-off an employee.

"They (the thieves) have a key to the pump and then after they open up the pump they go in and they reprogram the pump, so they can have free gas. And then everybody behind them sees what they're doing, and they continue," says Tippit.

X-ray Machines Fail to Detect Assault Weapon

Narcotics officers found the Professional Ordnance Carbon-15 Type-97 pistol in the car of a drug suspect in Newark and noticed it was a cut above the usual weaponry employed by local drug dealers, Fontoura said.

Officers in his ballistics laboratory, who said they had never seen an assault weapon made with so much plastic, had it taken to Newark Liberty International Airport earlier today for a test-run through the security scanners — minus its 30-round clip.

The image on the X-ray appeared as a straight metal rod, with no outline of a stock or a trigger guard, something an inattentive security guard may view as no more threatening than a curling iron, the sheriff said.

How a Boarding Pass Can Get You More Than a Plane Ride

Read how a small stub can enable access to personal information, including passport numbers, date of birth and nationality. Providing the building blocks for stealing an identity, ruining future travel plans - and even creating a fake passport.