Wednesday, October 27, 2010

I Hacked Your Facebook Today, and I'm Sorry

I'm fairly computer savvy, although not a hacker by any means. I never really had any interest in breaking into other people's accounts, computers, or identities. Until today, when the barrier for doing it was lowered so much that anyone could do it. I was curious: if I could hack into anyone's account, they could do it back to me. I wanted to see how easy it was.

And man, is it easy. Yesterday, some guy announced the release of Firesheep, an add-on to the Firefox Browser that allows you to 'sniff' around in a public WiFi channel for logins, passwords, etc. It turns out, that when you are sitting in a coffee shop, or an airport, enjoying the WiFi access, certain websites (most notably Facebook and Twitter) send your username and password 'in the clear' - that is, without encryption. When they do that, Firesheep can read it and use it.

It is incredibly easy to use. I went to Starbucks to check it out. I downloaded the software, installed it, and re-started Firefox in about 90 seconds. Then I ran the program and immediately, it found Grace's Facebook account. A quick scan found Grace on the other side of the shop - typing unaware onto her laptop. This was a complete and utter violation of her privacy - it wasn't just that I could see her pages, I was actually logged in to her account as her. I could see photos, chats, messages, everything. I could have sent nasty mails to her friends, her boss, her mom. It was crazy that it was so easy to hijack her account.

My view of security and privacy is typically kind of lax - I call it the bicycle lock theory. I used to only buy cheap bike locks -- it keeps out the casual thief, but if someone really wants to steal my bike they will, no matter how expensive a lock I have. I enjoy the internet and social networks too much to worry about obscure security leaks that only sophisticated hackers can exploit. Even when people got enraged at Facebook's privacy policies I was ambivalent - I mean I get all of Facebook for free, so if they want to profile me to target some ads so be it.

But now I feel different. The barrier is too low. If I can do it, anyone can. And apparently, they are. News reports of how to protect against Firesheep attacks are not easy to understand for the lay person. I applaud the developer of the software, he is trying to expose the security problems, and thought this was the most effective way (he was right!). In fact, in a followup blog post, he explains, in pretty common language, what the problems are, and what you can do about it. Apparently, the fixes aren't hard, but it takes the Facebooks and Twitters of the world to change (apparently they need to use something called SSL). He should win some kind of security Nobel Prize as far as I'm concerned.

So, until Facebook adopts SSL, no more Facebook on public WiFi for me. And as for Grace, I'm sorry, I really am.

Sunday, February 21, 2010

Everything's Wrong But It's Alright

#4 Hold Me Up: Goo Goo Dolls. I lived in Buffalo from 1988 to 1992 and there was no bigger band than the Goo Goo Dolls. At this time they were a bunch of local guys who had managed a little bit of national press by having a few minor college radio hits. They were known for their punk sensibilities, drawing from the Stooges, Ramones, Husker Du, and (especially) The Replacements. They were loud, they screamed, they broke stuff, they slept in their car, and they sang angry anthems with titles like "Up Yours".

Six years later they would be on top of the world, with huge megahits and every 14 year old begging their mom for a few bucks to go to the mall to get the latest CD with a weepy song from the latest weepy movie and a Johnny Rzeznik poster.

However, in the midst of their transformation from wrong side of the tracks dirtbags to makeup wearing lightweights, they created some fantastic music combining punk sensibilities and insanely good melodies worthy of - if not surpassing - Paul Westerberg at his best.

In 1990, they dropped Hold Me Up, and it was the soundtrack to my life for about two years. It was a perfect mix of garage noise mixed in with beautifully crafted songs.
The concerts I went to with all my friends are some of my finest memories of some of my finest times. Even listening to it now, it brings back those good feelings. Maybe this isnt really the fourth best CD of all time, but I cannot separate the goodness of the feelings from the goodness of the music. (why should I?) But, I do think the music is damn good. Listen to Just the Way you Are (not a billy joel cover!), You Know What I Mean, or the great renditions of Million Miles Away or Never Take the Place of Your Man.

But the song that makes it is Two Days in February, a beautiful, understated ballad, that hints toward the megahits to come (like Name and Iris). The Goos always made pretty melodies, but they were at their best here when they wrapped 'em in punk, instead of later, when they chose synth and violins.

Many of the early fans felt betrayed by the ultimate mega-stardom. I dont fault them for selling out, hell, who wouldnt want to be a real rock star? But the unfortunate thing is that those who judge them for syrupy stuff of the last decade are missing out on the brilliance of their early career.

Monday, February 8, 2010

Strap Your Hands Cross My Engines

#5 Born To Run: Bruce Springsteen. This is one of the bedrock albums of rock n roll, an epic describing the trials and tribulations of life "somewhere in the swamps of Jersey". Springsteen is a master of painting vibrant portraits of characters just trying to get by and have a little fun. This was a culmination of a maturing of Springsteen's sound, which was a little raw and meandering on his first two CDs - this one tightens it all up. Everyone knows about the classic rock staples on here, , but what makes this great is the power packed intensity of songs like Night and She's The One (probably his most underrated song). Very few not named Dylan can bring to life characters (Born to Run) or scenes (Jungleland) like the Boss does here. Still a thrill to listen to.

Saturday, January 30, 2010

Looking Back at Ten

Here is my list of the best of the years 00-09. You 'aught' to like it!

Lame jokes aside...I dont get exposed to a lot of new music - mostly in my house I get to hear High School Musical and Hannah Montana. But I try to keep up by listening to NPRs All Songs Considered, and online at stations like Philly's WXPN and Seattle's KEXP. A few times a year, I am moved to buy (yes, buy) a CD. iTunes makes it so easy to scan the last 10 years and see what held up over the decade. Let me know what you think!

By the way, for those of you new to this blog, I've been going through my top 50 CDs of all is taking my quite a while. See below to see the list through #6. This list below might not be totally consistent with the other list - that's because my tastes might have changed in the year and a half it has taken me to get through the top 50!

1 The Crane Wife - The Decemberists
2 Elephant - White Stripes
3Guero - Beck
4 In Rainbows - Radiohead
5 Yankee Hotel Foxtrot - Wilco
6 American Idiot - Green Day
7 Get Away From Me - Nellie McKay
8 Acid Tongue - Jenny Lewis
9 Fever To Tell - Yeah Yeah Yeahs
10 Narrow Stairs - Death Cab For Cutie
11 Garden State Soundtrack
12 Last Broadcast - Doves
13 GaGaGaGaGa - Spoon
14 In Between Dreams - Jack Johnson
15 Is This It - Strokes
16 Corinne Bailey Rae
17 Shine - Trey Anastasio
18 Keep It Together - Guster
19 Veni Vidi Vicious - Hives
20 Franz Ferdinand
21 The Meadowlands - Wrens
22 Drastic Fantastic - KT Tunstall
23 The Rising - Springsteen
24 Electric Version - New Pornographers
25 We Started Nothing - Ting Tings

A Picasso or a Garfunkel

#6 Gordon: Barenaked Ladies. I know what Trevor's thinking....I waited 100 days for this? But this is my list, not his. And Gordon transports me back to a place and time. This was released in the Summer of '92, and I was on my way driving X-country to Seattle -- after living my whole life in NY, I was breaking out and driving solo to a far away place, and this album was my companion. BNL were from Toronto, where they were cult heroes -- their popularity extended across to Buffalo, from where I had just graduated college. I had never heard a CD that was such a complete mixture of fine musicianship and side-splitting humor. This CD is just so much fun. The snarky humor of Be My Yoko Ono and $1,000,000, the absolute goofiness of Grade 9 and King of Bedside Manor, and brilliant, brooding songs like Hello City and especially the beautiful Brian Wilson. It was the soundtrack for that cross-country trip - full of hope and fear and laughs.
Another gem on that album is Box Set, where they chronicle the life cycle of a pop band that hits heights and crashes down. The story of Box Set almost came true last year, as BNLs lead singer Steven Page became a cliche with a bizarre drug bust in NY and then getting booted from the band. They are not the same without his soaring vocals and biting satire. But they are still one of the most fun bands live you will ever see - just dont forget to bring the macaroni and cheese!

Saturday, October 10, 2009

Since I Met The Devil I Ain't Been The Same

#7 Cure For Pain: Morphine. Morphine might be the best band that almost nobody knows about. It is very rare for a band to have a sound that is unique, just to them, but that is what Morphine was: a low-fi crooning sound with basically a baritone sax, a two-string (!) bass, and a snare drum. What you get is a very atmospheric, deep sound that just cuts right through you. Plus Mark Sandman's deep dark and mellow vocals leading the way. All their CDs are good, but this one is the best - with classics like Buena, Thursday, and the title track. It is all very sax-heavy - and that low, deep groove of the baritone sax is just a great sound. I saw them in concert once and the awesome sax player played TWO AT A TIME! Wouldnt believe it if I didnt see it.

Mark Sandman tragically dropped dead on stage about 10 years ago of a heart attack. Damn shame - they only got to make 5 albums.

Sunday, October 4, 2009

The Dead Lay In Pools of Maroon

#8 Ten: Pearl Jam. My senior year in college - I was never too far from this CD - it was everywhere. The Pearl Jam formula is familiar, heavy chords, a powerful singer, and songs about deadbeats and outcasts - but somehow they sounded more sincere, more urgent, emotionally deeper. This CD is a standout from start to finish, and some some of the lesser known tunes are some of the best - Porch, Once and Why Go are some of the best on here. Alive is the one that really stays with me the most - the last two minutes are an extended guitar solo by Jeff McCready that just makes me want to close my eyes and do the rocker back and forth head shake the whole time. It was hard to see how these guys could top this, and they never quite have - I cant say that any of their subsequent albums come anywhere close to this one.