NASA finally realizes the Space Shuttle is an X-plane

NASA finally acting like the Shuttle is an experimental spacecraft[*1] .

Indeed, the spacewalk suggests that NASA has fundamentally changed the way it looks at the shuttle, seeing it as a truly experimental vehicle.

For years, NASA managers were loath to make this concession. It amounted to an admission of defeat. The shuttle was intended to be an operational vehicle – something that made going into space almost routine.

Twenty-five years and 14 dead astronauts later, NASA finally figures out that the Shuttle is an experimental vehicle. Progress of a sort, I guess.

Mozilla goes corporate

Mozilla Foundation creates for-profit subsidiary[*1] .

Mozilla Foundation has announced the formation of the Mozilla Corporation, a for-profit organization that will handle relations with commercial companies and continue development, distribution and marketing of Firefox and Thunderbird.

Profits from Mozilla Corp are to be plowed back into development efforts of the Foundation.

A day in network security

Tom Liston[*1] is my hero.

Item: Cisco is having a bad month . . .

Cisco CCO Password Issue
Ever have one of those days? Looks like Cisco is having one of those months… It appears that something has happened to compromise the passwords for their Cisco Connection Online service. What exactly happened? Cisco isn’t saying.

Attempting to log into CCO brings up the following terse message:

IMPORTANT NOTICE:
* Cisco has determined that Cisco.com password protection has beencompromised.
* As a precautionary measure, Cisco has reset your password. To receiveyour new password, send a blank e-mail, from the account which you entered upon registration, to cco-locksmith@cisco.com. Account details with a new random password will be e-mailed to you.
* If you do not receive your new password within five minutes, please contact the Technical Support Center.
* This incident does not appear to be due to a weakness in Cisco productsor technologies.

Note: I do, indeed, know what caused this issue, but I’ve been enjoined from disclosing it until next year’s Black Hat.

Gotta love that last bullet point… It reinforces that old security maxim: All the technology in the world won’t save you from doing something dumb.

Update: A tip o’ the always stylish Handler-On-Duty propeller beanie goes out to Scott who wondered whether Cisco is having Pancho check for differences in the “From:” and “Reply-To:” addresses on messages to cco-locksmith@cisco.com before sending out a password. He is…

Next, Tom discusses idiot vendors and the idiotic things they do with his contact information:

It Takes a Village…
Just yesterday, I received a canned message from a vendor:

Hey,
I’m updating my address book. Please take a moment to update your latestcontact information. Your information is stored in my personal address book and will not be shared with anyone else. Plaxo is free, if you’d liketo give it a try.”

This was followed by a listing of my contact information that he’d sent to Plaxo and a link where I could sign up for his wonderful free service too.

No, I’d rather not, thank you.

Over the past few years, I’ve noticed the rising tide of online “communities.” And like some sort of unholy sludge, they’ve increasingly been floating across the Internet and seeping their way into my inbox.

Stop it.

Stop it now.

Both Plaxo and the recently discovered (for me) sms.ac entice users to “import and invite” their contacts. They make it easy, giving the clueless noobs step-by-step instructions on how to upload the contents of their contact lists.

Don’t.

Just don’t.

If you happen to have someone’s contact information, that person gave that contact information to you. If they wanted their information given to Plaxo or sms.ac, they would give it to them. Do you go around posting your friend’s phone numbers on bathroom walls? Do you walk up to strangers on the street and give them Aunt Mildred’s P.O. Box? How about your teenage daughter’s IM identity?

Needless to say, Mr. Vendor (and his boss) got a quick phone call from me, wherein I pointed out my belief that some village somewhere must be missing its idiot.

Don’t follow in his footsteps. Your village needs you…

Scrappleface Update

Scott Ott has been busy the past couple of days:

Bush: Schools Show No Evidence of Intelligent Design[*1]

After Ohio, Dems Map 50-State ‘Virtual Victory’ Plan[*2]

S. Koreans Perfect Mass Abortion of Cloned Dogs[*3]

Air America Hires Dan Rather as Scandal Spokesman[*4]

Bush Orders Congressional Fitness Program[*5]

Aw, heck, just go to Scrappleface[*6] yourself and be amused, be very amused.

This just in: marketing departments are clue-deprived

Confirming what countless IT department geeks[*1] have known since the dawn of time:

More than half admit they forget to provide a warning at least some of the time, and nearly two thirds of marketing bods confess to having no idea how many user transactions their website can support, despite an average transaction value of £50 to £100.

The consequence of this communications gap is not surprising: 73 per cent of companies reported web site failures during marketing campaigns. Presumably the surviving few include the 22 per cent of companies who say they always talk to the tech team about such things.