Daily Archives: February 22, 2009

It was the Blurst of Times

Posted on by

I’m not surprised that there was a controversy over that cartoon which appeared in the Post (one link, in case you haven’t seen it). Al Sharpton, among others, has claimed racism, saying that the cartoon is “troubling at best, given the historic racist attacks of African-Americans as being synonymous with monkeys.”

But what we have here is a failure of logic, combined with human bias. That some depictions using monkeys are racist does not mean that any depiction of a monkey is. Political cartoonists have a habit of using caricature, or when they don’t, of labeling the targets of their satire, neither of which happened in this case. The problem with this medium is that it’s subjective, and interpretations made by individuals reveal their preconceptions and biases — if we look too hard, we see things that aren’t there. I’ve seen it in my own cartoons, when people told me how clever/stupid/offensive I was for including some imagery, which was a surprise, since that’s not what the intent was. After that happened a few times, I realized that I wasn’t going to be held responsible for how someone (mis)interprets a cartoon. It’s rare that something can’t be misconstrued. Al Sharpton is an activist/protagonist. Of course he’s going to see racism.

Here’s another example — and you shouldn’t go below the fold if you aren’t willing to risk being offended.
Continue reading

If Even a Mouse-Click is Too Loud This Morning, Read This

Posted on by

Under the broad heading of What causes hangovers? which is addressed in the link, along with some other alcohol-related information.

Congeners

Congeners are toxic chemicals that are formed during fermentation, some liquors have more of them than others. These congeners are widely responsible for headaches.

Word to the wise: if you can’t pronounce “congener” anymore, stop drinking.

(h/t to YT and John)

(remember: Beer is good)

Security and Usability

Posted on by

Balancing Security and Usability in Authentication

In most cases, how an authentication system works when a legitimate user tries to log on is much more important than how it works when an impostor tries to log on. No security system is perfect, and there is some level of fraud associated with any of these authentication methods. But the instances of fraud are rare compared to the number of times someone tries to log on legitimately. If a given authentication system let the bad guys in one in a hundred times, a bank could decide to live with the problem—or try to solve it in some other way. But if the same authentication system prevented legitimate customers from logging on even one in a thousand times, the number of complaints would be enormous and the system wouldn’t survive one week.

Balancing security and usability is hard, and many organizations get it wrong. But it’s also evolving; organizations needing to tighten their security continue to push more involved authentication methods, and more savvy Internet users are willing to accept them. And certainly IT administrators need to be leading that evolutionary change.

In my experience, systems that have a captive audience, rather than a voluntary one (e.g. employee vs customer) are much less likely to care about usability in security but also in general, since they can go Nike on you and say, “Just do it.”

related:

Humans are incapable of securely storing high-quality cryptographic keys, and they have unacceptable speed and accuracy when performing cryptographic operations. (They are also large, expensive to maintain, difficult to manage, and they pollute the environment. It is astonishing that these devices continue to be manufactured and deployed. But they are sufficiently pervasive that we must design our protocols around their limitations.)

— Kaufman, Perlman, and Speciner