The Daily Parker

I promised earlier to discuss the joys and sorrows of traveling for business. I had some time this morning in the airplane to do so.

Every week, I fly back and forth between Boston and Chicago. This morning I caught the bleary-eyed special leaving Chicago before 7, and I still missed my 11:30 Scrum. Between that, having to get out of bed slightly before 5am, and a general feeling of lethargy that no amount of coffee can cure, not to mention the lost billable hours, I'm going to start returning to Boston on Sunday nights.

Neither Anne nor I is thrilled with the arrangement. But then, we're not ecstatic about the 100% travel to begin with. The compromise is for me to be home no less than 48 hours a week, and for her to come out to Boston every so often.

A funny thing happened to Anne recently. She used to be an Aisle Person. She's becoming a Window Person, possibly because I have been one for the 30 years I've been flying.

Aisle People don't really like to fly. It's a means to an end. I'm here, I need to go there, this requires sitting in an aluminum tube for several hours; best to sit in the asile to minimize the aluminum-tube time.

I, on the other hand, always take a window seat. The very first time I got in an airplane, before I could even spell my name, I think my nose was pressed against the window for four hours. I've never gotten over how cool it is to look down 10 km (6 mi) and see...everything.

As I write this, we're over Lake St. Clair, just passing into Ontario. I can see that Lake St. Clair has two distinct currents, one direct from Lake Huron, which is dark green, and the other from the marshes on the Canadian side, which is muddy brown. The two flow in parallel down the Detroit River almost to the Renaissance Center, where turbulence from Belle Isle finally mingles them in swirling eddies of what I can only assume are heavily-polluted mud.

Ten minutes more and we're over the great swirling sandbar jutting out into Lake Erie right in the middle of the Canadian shore. I can actually see the sand flowing past it, lengthening it, creating a huge sandy beach upstream and a hazard to navigation downstream. Just a few minutes past that and we're over Buffalo, N.Y. There's Niagara Falls, identifiable from the cloud of mist hanging over it, and Toronto, barely discernable through the morning haze. Next, over Western New York and the Finger Lakes, deep valleys scooped out only a few thousand years ago by the southern edges of the massive ice sheets that dug out the Great Lakes. Finally, depending on our approach, I'll either get a terrific view of Nashua, N.H., from about 2,000 m (6,000 ft), or we'll get up close and personal with downtown Boston.

This is why I always get the window seat. And Anne, who finds herself flying a lot more than before we met, has started to agree.

Photo: Cape Ann, Mass., on downwind to Logan on today's flight.

One of my favorites:

Old man Moskowitz was getting along in years. He decided to retire and let his 3 sons run the company (which manufactured a wide variety of nails). The sons thought they could increase market-share with some judicious billboard advertising.

Only a week later the old man was taking his usual Sunday drive in the country when he saw the first billboard ad. There it was—a picture of Jesus on the Cross, with the caption: "Nails for Every Purpose. Use Moskowitz Nails."

The old man immediately met with his three sons to voice his concern. He explained that the backlash could be horrendous. The company could be ruined. The sons agreed to discontinue that ad.

A week later the old man was again taking his usual Sunday drive when he saw the second billboard ad. There it was—a picture of the same cross, empty, with Jesus crumpled on the ground below...and the caption: "Next Time Use Moskowitz Nails."

The President's approval rating has fallen to 36%, its lowest ever, according to a new AP-Ipsos poll out today:

• Just 36 percent of the public approves of Bush’s job performance, his lowest-ever rating in AP-Ipsos polling. By contrast, the president’s job approval rating was 47 percent among likely voters just before Election Day 2004 and a whopping 64 percent among registered voters in October 2002.
• Only 40 percent of the public approves of Bush’s performance on foreign policy and the war on terror, another low-water mark for his presidency. That’s down 9 points from a year ago. Just before the 2002 election, 64 percent of registered voters backed Bush on terror and foreign policy.
• Just 35 percent of the public approves of Bush’s handling of Iraq, his lowest in AP-Ipsos polling.
• Just 30 percent of the public approves of the GOP-led Congress’ job performance, and Republicans seem to be shouldering the blame.

The MSNBC report includes a quote from a Republican pollster repeating the canard that it's not as bad as it seems because the Democrats don't have much of a plan. But we do have a plan. Our plan is to fix the enormous damage to our international reputation, our economy, and our political institutions that the GOP has perpetrated on us. It would appear that 64% of the public think that's plan enough.

We spent two hours yesterday debugging some code that kept firing early. It wasn't clear to anyone, including the people who wrote it, why this happened. We patched it with the C# equivalent of duck tape, but really, it still doesn't work right.

This incident shows how important it is to know what your code is supposed to do, and not to accept the code if it doesn't. Many tools exist to help—most notably, unit-testing tools like NUnit—but they have trouble with the specific problem that we encountered: events fired from black-box controls.

I will have more to say about this later.

Before nodding off to bed tonight, on a whim I searched Google for a funny story I remembered hearing on WFMT-Chicago's Midnight Special many years ago.

The New Year's Eve Midnight Special always ran long, and always played a bit called "Moose Turd Pie." Thanks to Google, I finally found out where it came from: U. Utah Phillips, who even has a link to the bit on his site.

This is what the Internet is all about.

The New York Sun is reporting that President Bush authorized leaking Plame's identity, at least implicitly, according to the vice president's former chief of staff, I. Lewis Libby:

A former White House aide under indictment for obstructing a leak probe, I. Lewis Libby, testified to a grand jury that he gave information from a closely-guarded "National Intelligence Estimate" on Iraq to a New York Times reporter in 2003 with the specific permission of President Bush, according to a new court filing from the special prosecutor in the case.

The court papers from the prosecutor, Patrick Fitzgerald, do not suggest that Mr. Bush violated any law or rule. However, the new disclosure could be awkward for the president because it places him, for the first time, directly in a chain of events that led to a meeting where prosecutors contend the identity of a CIA employee, Valerie Plame, was provided to a reporter.

Whether or not this is true, it's interesting to watch the administration's in-fighting get to this level. One hopes the electorate remembers, and understands, in November.

My old personal site, www.braverman.org, has seen better days. It's creaky, it hasn't been maintained, and I think this blog has mostly supplanted it.

It does, however, have a library of hundreds of jokes, all dying to be read again. So starting today, I'm adding a new category: Jokes. (No, I'm not changing the name to the "Waspj Blog.")

Here's the first one, from an anonymous fan:

Eulogy for a Dog

Morris in Brooklyn lived in a big home with his pet dog that he loved for 12 years. His best and only companion. The dog died, and a heartbroken Morris went to the Rabbi of his congregation and asked, "Rebbe, my dog is dead. Could you please offer a prayer for this faithful creature?"

The Rabbi replied, "No, we cannot hold services for an animal in our synagogue, but nearby there is a new temple that opened, no telling what they believe, maybe they can hold services for an animal."

Morris said, "So I'll go see them now. Do you think $10,000 is enough to donate for the service?"

The Rebbe replied, "So why didn't you tell me the dog was Orthodox?"

First, the House last night passed a campaign-finance package last night on a strict 218-209 party-line vote:

The House approved campaign finance legislation last night that would benefit Republicans by placing strict caps on contributions to nonprofit committees that spent heavily in the last election while removing limits on political parties' spending coordinated with candidates.

Lifting party spending limits would aid Republican candidates because the GOP has consistently raised far more money than the Democratic Party. Similarly, barring "527" committees from accepting large unregulated contributions known as "soft money" would disadvantage Democrats, whose candidates received a disproportionate share of the $424 million spent by nonprofit committees in 2003-2004.

I have a dream that someday, the House of Representatives will represent me. I have another dream involving Angelina Jolie. Which dream do you suppose is more likely to come true?

In other news, the best administration we have (as Molly Ivins likes to say) is once again muzzling climate scientists who dare say there is a link between human activity and climate change. This seems to be because there is a link between human activity and climate change, a link the administration's policies are reinforcing:

Employees and contractors working for the National Oceanic and Atmospheric Administration, along with a U.S. Geological Survey scientist working at an NOAA lab, said in interviews that over the past year administration officials have chastised them for speaking on policy questions; removed references to global warming from their reports, news releases and conference Web sites; investigated news leaks; and sometimes urged them to stop speaking to the media altogether. Their accounts indicate that the ideological battle over climate-change research, which first came to light at NASA, is being fought in other federal science agencies as well.

Because if no one talks about it, it isn't really happening, even as the Republic of Kiribati disappears beneath the Pacific...

Anne brought to my attention the security practices at a medium-sized company in Chicago that make security nearly impossible: the company's IT department assigns Windows domain passwords to the users. In a recent communication, IT said this practice made the domain more secure.

It actually made me mad to hear about this practice. They're not only wrong, they're wrong in a particularly ignorant and incompetent manner, and someday they're going to have a significant security incident.

Secure log-ins serve two distinct purposes: authentication and authorization. Authentication means that the log-in procedure should guarantee that the person providing the log-in credentials is who she claims to be. Authorization means that the successfully logged-in person has access to the data he needs access to, and no more.

Most people only equate log-in screens with the latter. In many organizations I've worked with, people share passwords all the time, thinking that the password controls what they can do. It's often then impossible to figure out who did what with which data. Within a company that has Sarbanes-Oxley reporting requirements, this kind of sloppiness may actually violate criminal law in some cases.

Your bank knows about authentication. It's why you have a PIN (personal information number) for your cash card. It's also why sites like the IRS Website ask for hard-to-know information, like your previous year's adjusted gross income, before they let you do anything. Some people at your bank and at the IRS are authorized to see your information, too, but when they look at it, there's a record that they are looking.

IT administrators never actually need your password, because their authorization far exceeds yours. Plus, it's usually important for IT departments to know who did what to each computer. When you have the keys to the kingdom, you come under greater scrutiny.

For these reasons, the only person who should know a log-in password is the person who chose it. Any password that the person did not, herself, choose, is no better than a password that a "malicious user" has cracked or stolen.

Now look at what the company Anne mentioned is doing. The IT department has a list of passwords, which can be stolen. Also, the IT department can log in to any employee's workstation as that employee (which is, I think their goal). Once in, they can send email under the employee's identity, rummage through confidential information (for example on a law partner's computer, where the lawyer has a legal obligation to keep the information private, even from other people in her firm), etc.

No doubt the IT department would claim they need this kind of access to ensure employees aren't using computers for personal work, or storing copyrighted materials on work computers. But since the password list exists, even if compromising material were found on the employee's machine—which, by the way, the IT people have the ability to find under their own login credentials—now there is a legitimate claim that the employee had no knowledge of the problem, because there is no way to show conclusively that only the employee could have put it there. (Had IT put it there under their own credentials, this would be easily determined by checking the security information on the computer.)

This isn't the only idiocy perpetrated by this particular IT department, but it's the one most contributing to their lack of security. If there were a professional organization of computer people, these guys would be thrown out.

Experts say the Enron executives' testimony is extremely risky for the pair.

They will have to overcome the obvious conclusion that they knew they were robbing hundreds of employees and thousands of investors before company collapsed. Stay tuned.