Kahomono - It Means Lucky

Random musings on whatever subject strikes my fancy that day.


Every now and then I am reminded what a loss it was that Andy Kaufman died so young.  Today it was this clip:

If you have not seen it, you owe it to yourself to check out Man in the Moon starring Andy’s greatest fan (maybe), Jim Carrey.

And finally: whoever booked this appearance should be in the Production Assistant’s Hall of Fame.



One Week to Go!

One more week until Opening Day 2017!

The O’s always open the season at home.  It’s a throwback to the many years there was no team in DC, just so the President could always have a nearby game at which to throw out the first pitch.

And for the first year in 108, the defending champs are…


Passwords Again

In the wake of this week’s issues with LastPass, I see today’s brilliant Saturday Morning Breakfast Cereal takes up the topic.

The trick to passwords is to just reset them every time you need to log in

The hovertext for this cartoon is, “The trick to passwords is to just reset them every time you need to log in”.  Which is kind of an interesting idea, and one that I would like to consider from a security point of view, because I hear it proposed in less jocular contexts than this one.

The standard model of a password is that it’s the “something you know” among the three factors considered for authentication: something you know, something you have and something you are (i.e., biometrics).  Using a second factor greatly improves the overall security, and I recommend it regardless of what else you decide about this.

If instead of recording or remembering your password to every site, you simply use the password reset function, have you improved the safety of your authentication to that site?  Before you adopted this strategy, your main points of weakness were the manager providing storage of your very-complex password, or the too-simple password  you chose so your would not need a manager.  Now, at least, you have a really complex password (right?  RIGHT?), and you’re not storing it anywhere.

But now your main point of weakness is your email account.  Which is probably also vulnerable to the manager providing storage of your very-complex password, or the too-simple password  you chose so your would not need a manager.  Not only have you simply shifted the same exact issue, you have concentrated it into the single resource that affords access to all your other resources.  It takes an already vulnerable situation and makes it a single point of failure for your entire online life.

Until we can get rid of passwords completely, somehow, I’m afraid there are not many shortcuts available.  So: make a strong password you can remember.  Use it to secure your password manager.  And, enable a second factor for every site that offers the option.


Season 9

Ru Paul’s Drag Race Season 9 kicked off last night on VH1, and I have to say this is one of the most interesting batch of queens starting in a long time.

Not to mention the wonderful job they did of integrating the most special guest judge into the entire show

If you doubt that Lady Gaga has her success based on anything but smarts and ability, watch this episode.  You can see it several times this week on LogoTV.



Down the YouTube Rabbit Hole

I was looking for

Which led me to

(the fun starts at about 2:40, but play the whole thing for context).  Bill is the guitar virtuoso who is probably responsible for me looking for the original.   Well, sort of original – turns out it’s a cover.

Once I found that I found among the dozen or so versions of it, this little gem tucked in.

Now you say, “OK, David, so that 11 year old kid shamed the lead guitarist from a second-tier metal band off the stage.  But can he shred the F out of the Star Spangled Banner?

Why yes.  Yes he can.



Those who know me, know that sometimes my taste in entertainment runs to the moderately insane.

And there’s few who are more insane than ol’ Warren Zevon

If “Werewolves of London” is mostly what you know of his, you’re missing out.


LastPass Ouch

Woke this morning to the news that my password manager of choice, LastPass, had a bug that (for the first time I can recall), put the passwords in the vault at risk.

In the linked article, Tavis Ormandy suggests dumping LastPass and going to another password manager.   But to me that’s like when it starts to rain (no lightning) and you run under a tree.  Eventually the rain works through the leaves, so now you go run for a different tree.  Well, duh!  The rain has worked through all the leaves on all the trees.

There’s no reason to think my passwords are more or less safe elsewhere.

And oh by the way as of this writing, LastPass has pushed a fix.


Page 1 of 117

Powered by WordPress & Theme by Anders Norén