No kidding I read about this in the Boston Globe *last week*. It's a pretty nice hiring strategy although I was confused about placement. In cambridge there are two major universities on the Red line, Kendall (MIT) and Harvard (uh Harvard). This huge banner appeard at the Harvard stop... why wouldn't they go after the guys from MIT??
"I never recall seeing any statement that suggested the key could be seen plaintext in memory"
Which advisory did you read? "It is also possible to attach a debugger to the Safe Guard software and read the password from memory. The Safe Guard software takes care of the decryption and the password can be seen in plain text within memory when the software does a compare between the stored password and the supplied password."
With all the heated debate about XOR I thought I'd point to one of my favorite posts about this topic. One quote in particular I like is "Xor encryption is not inherently breakable by it's nature, however it is easy to use incorrectly, leading to breaks in the encryption scheme. In fact, xor can be unbreakable if used correctly. " given that the key is seen decrypted in the debugger one can easily say that Lexar's did NOT use it correctly.
busy little bees over there Advisory Name: Pingtel Xpressa Denial of Service Release Date: 09-13-2004
Device: Xpressa phone (Model PX-1)
Firmware: Core Apps: 2.1.11.24 Kernel: 2.1.11.24
Severity: An attacker can cause the phone to fail. A power
cycle is required to restore functionality.
Author(s): James Vaughan Vendor Status: Vendor has halted sales of device CVE Candidate: CVE Candidate number applied for
Reference: www.atstake.com/research/advisories/2004/a091304-2.txt
Make sure you check out 1201(g) which states that encryption research is a valid exemption. Of course I really think they should redefine the word encryption in this case.
Actually wait it's the entire security industry! Many people sell 'sploits these days, get over it. Oddly MS is the only one here who *isn't* selling them. Look at the article again and try to get past the first few paragraphs. First, " the program was expanded in April 2004 to include all customers who will sign an appropriate non-disclosure agreement". Yes you have to be a customer but it includes mom and pop shops as well. Second IF you read the last few paragraphs you'll likely notice this line: "At the time, NGSS co-founder Mark Litchfield said it was "annoying" that CERT gave early warning on six vulnerabilities to its paid sponsors before vendor patches were created and made available." CERT is someone you wouldn't expect to sell information about vulnerabilities. but wait.. it gets much better iDefense has built an entire business model over this. They sell information about vulnerabilities to their client roster. If you've ever seen an advisory from iDefense there is a timeline at the bottom. The disclosure always starts with the vendor, then it's client list, then the public.
I start to wonder about survival though. If *you* were a money grubbing freak and had nothing to contribute to society anymore, well wouldn't you do the same? I'm not saying it's right, but the heirs and slightly alive members of the band don't actually *do* things anymore. they don't create now, just consume. With no skills left that the world needs or wants (all were sucked dry by the 70's it seems) they must do what that do to maintain their lifestyle.
This post below is from one of the developers friends. It's mostly a sob story about how broke the developer is. If you didn't bother to read the app automates encoding movie files which is, I must admit, a cool thing to write. The windows world doesn't have much of this. discreet makes Cleaner (purchased from Terran) but it costs way more then $20. For the price it really is a decent piece of ware. the closest the windows world has is TMPEG but last I checked it doesn't work with nearly as many formats (divx, etc).
"I happen to know the developer in question, and while I don't agree with what he did, I empathize with his frustration over this whole matter. He's spent many months getting ready for this release, and the next day, some brainless low-life had reverse-engineered his serial gen code, and released several working serials for it. Since the numbers were posted, registrations for his app completely stopped, and he's now facing the grim situation of possibly halting all development on this very useful program. He's in debt, and broke, and getting nothing for all his hard work. Seeing all his hard work getting flushed down the toilet made him understandably angry, and he was mainly trying to get revenge on the cracker, and to scare people away from attempting to pirate his software. That being said, he's already seen the error in his ways (so to speak), and the current build of his app has the home directory wiping code removed. If you download it now, the serials won't work, but it won't wipe your home directory anymore. He's contemplating less drastic measures, and new ways to protect his app, but won't be destroying user data anymore, even if they are just pirates. I think this was something that was done in the heat of the moment, in the frustration of seeing the thoughtless acts of a cracker destroy his income from this work, and went a bit overboard. I wouldn't be so hard on him, as I'm sure it's something many developers have thought of doing, and wished they had the balls to actually carry through. I think many in his position would have done something similar. At this point, the offending code is gone, and the pirates' data is safe, however the future of the (extremely useful) app is very uncertain, as registrations have all but stopped. I hope he doesn't have to stop development due to lack of support, but the actions of that cracker who shall not be named may well have forsaken this app's future." Posted by: WiseWeasel on September 7, 2004 04:51 AM
Another of the developers friends fingers the cracker in another post
"C'mon. As its been stated, the scheme in question only targeted the cracker (iDave) and his cronies...and the specific serials created. What's more, since slava misreported this, the app didn't really delete the home directory; it obfuscated it. Only by further PIRATE THIEF ACTION would it actually have been wiped."
Posted by: JackHandy on September 7, 2004 12:25 PM
During the early 2000's an idea like this had already surfaced during the much hyped Storage Service Provider (SSP) rush. While most companys like the now defunct StorageNetworks (NASDAQ:STOR) were just building massive terabyte clusters into CoLo's around the country one provider Digital Knox was creating a system very similar to the OceanStore concepts from Berkeley. The idea was not using P2P however since this required users to volunteer space. Simply put take the idea of a RAID array with parity and instead of drives think CoLo. Now that the data is spread across multiple centers having just one go down will not effectively kill it. The only draw back of course is time to recover the data which would be slower but far more resiliant to natural disasters (hurricanes, terrorist attacks, etc). These ideas were published in a book, written by former CTO of DigitalKnox, "Fundamentals of Secure SAN" although the book isn't available yet. The biggest problem of course is the fact that most clients do not like sending their sensitive data to others. For this reason an additional layer of obscurity was added in the form of EFS. This would allow for non RAND type storage to remain secret even from the storage provider. More importantly it eased concerns that *other clients* of the storage service could somehow sneak a peek at their data. The problems only multiply at this point since now key escrow and remote searching become an issue. The speed tradeoff seemed accetable to many but only for long term storage. The problem hasn't gone away obviously but the market dropped off the face of the planet. One of the only major survivors was Iron Mountain who not only stores your data online but will keep backup tapes in secure vault locations around the country.
Before commenting on anything of this nature please read Noam Chomsky's "Hegemony or Survival" and "The Two Koreas" by Don Oberdorfer. There is so much history behind this conflict that one can not begin to decipher the likelihood nor the implications of something like a successful nuclear test. North Korea has always boasted of any type of military advantages. If they had nuclear capabilities at this point they would have announced it themselves. Becoming a nuclear power is something that PRK would use as a bargaining chip at the table however tactically it would not help them win a war with S Korea. the fallout from a blast would affect them as well as ruining the land they wanted to conquer. PRK has always flapped their wings and pretended to be bigger then they are.
what I would want to see is a book on network penetration testing. Books like NSA seem more like a conglomeration of How To's and Man pages with a friendly narrator.
[source:http://www.anti-spamtools.org/SenderIDEmai lPolicyTool/Default.aspx] No SPF Record has been found for the domain microsoft.com. However, MX and/or A records currently exist for this domain. The domain's MX and A records contain the following information:
Addresses Listed in A Records 207.46.130.108 207.46.250.119 Mail Servers Listed in MX Records maila.microsoft.com 131.107.3.124 131.107.3.125 mailb.microsoft.com 131.107.3.122 131.107.3.123 mailc.microsoft.com 131.107.3.121 131.107.3.126
I think the industry term is "eat your own dog food". thanks for the recommendation MS, let me know when you start using your own bloody system.
last time I checked MST3k (a show i love btw) isn't performed live. Alamo is one of the coolest theaters on the planet (they have wifi and beer) and they usually show older movies (at the south location) with many of the patrons making mst3k style comments anyway. MST3k also spent most of the time showing b sci fi movies not stuff like dirty dancing. As for drumming up publicity, it's in AUSTIN TX! This isn't a world wide distribution, it's not even broadcast on the internet. You can only see this in one location in the entire planet. As much as I love this show (which you can't even see on tv anyway) I think they are way out of bounds on this one. Mr Sinus is a live performance parody of the MST3k television show.
It's like he was just making the answers up as he went along. Most of the inaccuracies were already pointed out so I won't bring those back up. The licensing issue (digital things last forever) really shocked me. Tech stuff sure, he's old and never had a clue. I'm not shocked he just said "use 1000 algorithims" and then followed up with "only the dedicated hackers will make copies". I'm sure those dedicated hackers won't bother making anyone else copies. but really the "cognac glass" analogy was something he *should* be able to spell out for us and have it stay consistent with the party line. I don't license cognac glasses! Here's a better analogy jerk weed. If a lease a car I am essentially licensing it and have to stay within a lot of restrictions. If I BUY the car I can do whatever the hell I like. OK cars may be a little too modern for Jack. I think he might understand a horse analogy but it's 7am and I really need sleep.
All he said was "I had to install an update to Firefox to block a flaw that would've allowed an attacker to run a program on my system." e.g. he has OTHER browsers and he keeps up with security flaws in those browsers as well.
"sticking a feather up your butt does not make you a chicken" Tyler Durden, Fight Club
"You don't have this kind of trouble in foreign airports that are BIGGER targets for this sort of thing." How many foreign airports have you been to? The last one I saw (in germany) had several armed guards walking around with SMG's. Some international airlines also fly with armed agents on board. Think about that.
It does seem silly in this context but remember how many shows removed images of the twin towers after 9/11? We are just as overly sensitive as the rest of the world at large. We just don't have as many things to complain bitterly about because we are such a young nation. I guarentee you that no one will think about adding planes crashing into buildings in their video games (say age of empires 9). People have, and continue, to die over Taiwan's status as well as other countries. None of this belongs in an article about MS software though. It does show that you need a PhD in world history and a personal diplomat to not offend people worldwide when your voice/thoughts reaches that far.
ps; this email likely offended at least one person somewhere or will in the future
I'm curious about how many apps break during installation now. Some programs require constant phone home signals to run and won't work now. I'm sure XP activation and 2003 activation work just fine. The most annoying feature is the limiting of 10 connections at a time using rawsock.
As someone who helps corporations find flaws in their networks I had the following setup: XP as base OS with multiple VM images for "serious work". This worked well since XP had RAW_SOCK support and all my corp applications (read Exchange Outlook) worked fine. My images didn't mind the overhead since we had 1GB of RAM and all the packets went out without problem (think SYN scanning). that was then, this is the new crappy future. Now I have error 4226 ALL over my system event log and any types of scans from my images are limited to 10 connections. thanks guys. I've been contemplating moving to a linux base OS with MS vmware images that would hold my corp applications (again read outlook/exchange) but haven't because of the time it would take to build all these things. Now it looks like I may not have a choice.. MS has essentially shut me out of it's OS. Not that I represent a large section of users but thanks all the same. Just goes to show that the MS operating systems should be considered Tinker Toy quality only. Not for serious work. If you need something that will not purposely limit your network connections out of fear then skip the MS area all together.
They likely eliminated named pipes for ODBC connections which is a horrible way to go a bout things anyway. I think it's for the better really, a lot of vendors used really shoddy procedures for their software and this type of behavior will be corrected with newer implementations like this.
Biologically speaking if there were some new virii infecting humans (say a new flu) I wouldn't want good hearted strangers randomly jabbing me with a needle full of vaccine. It's just not a good idea. I think the intentions are good but the best case scenario I see is a full out war between "white" and "black" worm writers which will eventually fill the networks with worm and vaccine packets. Leaving little to no room for everything else. Again don't get me wrong, I applaud their effort but it's just not a good idea.
I can see it now, a black clad riot storm trooper.. err peace officer runs up. He's out of breath and tells his sargent, "Sgt, the right-wing nutjobs are beating the extreme left fruitcakes with cruifixes.. should we do something?" "nah, let them get it out of their system a little... then give them the tear gas" Now that's entertainment. OK you've talked me and my camera into it. I mean I really want to see a picture of that, it'll be like watching the "God hates fags" group picketing in front of the town hall when same sex marriages were allowed!
BTW my favorite new environmental change is the constant friendly announcement (every 5 mins or so) warning me to tackle the next person I think is acting funny. Pick him up and toss him onto that third bar then notify the next train offical for my reward. OK it's not that bad but there are a lot of posters and voice announcements making sure we are "alert" and it's getting really annoying.
This is why I love reading the register: "We hasten to add that he has not, however, just shot his best mate and buried his face in an enormous pile of cocaine." You just don't find that kind of reporting on the mainstream news.
Slashdot Mirror
No kidding I read about this in the Boston Globe *last week*. It's a pretty nice hiring strategy although I was confused about placement. In cambridge there are two major universities on the Red line, Kendall (MIT) and Harvard (uh Harvard). This huge banner appeard at the Harvard stop... why wouldn't they go after the guys from MIT??
"I never recall seeing any statement that suggested the key could be seen plaintext in memory"
Which advisory did you read?
"It is also possible to attach a debugger to the Safe Guard software and read the password from memory. The Safe Guard software takes care of the decryption and the password can be seen in plain text within memory when the software does a compare between the stored password and the supplied password."
With all the heated debate about XOR I thought I'd point to one of my favorite posts about this topic. One quote in particular I like is "Xor encryption is not inherently breakable by it's nature, however it is easy to use incorrectly, leading to breaks in the encryption scheme. In fact, xor can be unbreakable if used correctly. "
given that the key is seen decrypted in the debugger one can easily say that Lexar's did NOT use it correctly.
busy little bees over there2 .txt
Advisory Name: Pingtel Xpressa Denial of Service
Release Date: 09-13-2004
Device: Xpressa phone (Model PX-1)
Firmware: Core Apps: 2.1.11.24 Kernel: 2.1.11.24
Severity: An attacker can cause the phone to fail. A power
cycle is required to restore functionality.
Author(s): James Vaughan
Vendor Status: Vendor has halted sales of device
CVE Candidate: CVE Candidate number applied for
Reference: www.atstake.com/research/advisories/2004/a091304-
Make sure you check out 1201(g) which states that encryption research is a valid exemption. Of course I really think they should redefine the word encryption in this case.
security research is still allowed. :)
Actually wait it's the entire security industry!
Many people sell 'sploits these days, get over it.
Oddly MS is the only one here who *isn't* selling them. Look at the article again and try to get past the first few paragraphs.
First, " the program was expanded in April 2004 to include all customers who will sign an appropriate non-disclosure agreement". Yes you have to be a customer but it includes mom and pop shops as well.
Second IF you read the last few paragraphs you'll likely notice this line:
"At the time, NGSS co-founder Mark Litchfield said it was "annoying" that CERT gave early warning on six vulnerabilities to its paid sponsors before vendor patches were created and made available."
CERT is someone you wouldn't expect to sell information about vulnerabilities. but wait.. it gets much better
iDefense has built an entire business model over this. They sell information about vulnerabilities to their client roster. If you've ever seen an advisory from iDefense there is a timeline at the bottom. The disclosure always starts with the vendor, then it's client list, then the public.
Here is an example from an IBM fault injection advisory
VIII. DISCLOSURE TIMELINE
04/21/2004 Exploit acquired by iDEFENSE
05/05/2004 iDEFENSE clients notified
05/05/2004 Initial vendor notification
05/07/2004 Initial vendor response
06/23/2004 Public disclosure
Let's see now, clients notified 5/5 and public notified 6/23!
I start to wonder about survival though. If *you* were a money grubbing freak and had nothing to contribute to society anymore, well wouldn't you do the same? I'm not saying it's right, but the heirs and slightly alive members of the band don't actually *do* things anymore. they don't create now, just consume. With no skills left that the world needs or wants (all were sucked dry by the 70's it seems) they must do what that do to maintain their lifestyle.
For those who didn't want to RTFA
This post below is from one of the developers friends. It's mostly a sob story about how broke the developer is. If you didn't bother to read the app automates encoding movie files which is, I must admit, a cool thing to write. The windows world doesn't have much of this. discreet makes Cleaner (purchased from Terran) but it costs way more then $20. For the price it really is a decent piece of ware. the closest the windows world has is TMPEG but last I checked it doesn't work with nearly as many formats (divx, etc).
"I happen to know the developer in question, and while I don't agree with what he did, I empathize with his frustration over this whole matter. He's spent many months getting ready for this release, and the next day, some brainless low-life had reverse-engineered his serial gen code, and released several working serials for it. Since the numbers were posted, registrations for his app completely stopped, and he's now facing the grim situation of possibly halting all development on this very useful program. He's in debt, and broke, and getting nothing for all his hard work. Seeing all his hard work getting flushed down the toilet made him understandably angry, and he was mainly trying to get revenge on the cracker, and to scare people away from attempting to pirate his software. That being said, he's already seen the error in his ways (so to speak), and the current build of his app has the home directory wiping code removed. If you download it now, the serials won't work, but it won't wipe your home directory anymore. He's contemplating less drastic measures, and new ways to protect his app, but won't be destroying user data anymore, even if they are just pirates. I think this was something that was done in the heat of the moment, in the frustration of seeing the thoughtless acts of a cracker destroy his income from this work, and went a bit overboard. I wouldn't be so hard on him, as I'm sure it's something many developers have thought of doing, and wished they had the balls to actually carry through. I think many in his position would have done something similar. At this point, the offending code is gone, and the pirates' data is safe, however the future of the (extremely useful) app is very uncertain, as registrations have all but stopped. I hope he doesn't have to stop development due to lack of support, but the actions of that cracker who shall not be named may well have forsaken this app's future."
Posted by: WiseWeasel on September 7, 2004 04:51 AM
Another of the developers friends fingers the cracker in another post
"C'mon. As its been stated, the scheme in question only targeted the cracker (iDave) and his cronies...and the specific serials created. What's more, since slava misreported this, the app didn't really delete the home directory; it obfuscated it. Only by further PIRATE THIEF ACTION would it actually have been wiped."
Posted by: JackHandy on September 7, 2004 12:25 PM
During the early 2000's an idea like this had already surfaced during the much hyped Storage Service Provider (SSP) rush. While most companys like the now defunct StorageNetworks (NASDAQ:STOR) were just building massive terabyte clusters into CoLo's around the country one provider Digital Knox was creating a system very similar to the OceanStore concepts from Berkeley. The idea was not using P2P however since this required users to volunteer space. Simply put take the idea of a RAID array with parity and instead of drives think CoLo. Now that the data is spread across multiple centers having just one go down will not effectively kill it. The only draw back of course is time to recover the data which would be slower but far more resiliant to natural disasters (hurricanes, terrorist attacks, etc).
These ideas were published in a book, written by former CTO of DigitalKnox, "Fundamentals of Secure SAN" although the book isn't available yet. The biggest problem of course is the fact that most clients do not like sending their sensitive data to others. For this reason an additional layer of obscurity was added in the form of EFS. This would allow for non RAND type storage to remain secret even from the storage provider. More importantly it eased concerns that *other clients* of the storage service could somehow sneak a peek at their data.
The problems only multiply at this point since now key escrow and remote searching become an issue. The speed tradeoff seemed accetable to many but only for long term storage. The problem hasn't gone away obviously but the market dropped off the face of the planet. One of the only major survivors was Iron Mountain who not only stores your data online but will keep backup tapes in secure vault locations around the country.
Before commenting on anything of this nature please read Noam Chomsky's "Hegemony or Survival" and "The Two Koreas" by Don Oberdorfer.
There is so much history behind this conflict that one can not begin to decipher the likelihood nor the implications of something like a successful nuclear test.
North Korea has always boasted of any type of military advantages. If they had nuclear capabilities at this point they would have announced it themselves. Becoming a nuclear power is something that PRK would use as a bargaining chip at the table however tactically it would not help them win a war with S Korea. the fallout from a blast would affect them as well as ruining the land they wanted to conquer. PRK has always flapped their wings and pretended to be bigger then they are.
Say the limit were 75 years or something similar to my lifetime. I'd be all for that. I doubt that they are thinking this long term.
what I would want to see is a book on network penetration testing. Books like NSA seem more like a conglomeration of How To's and Man pages with a friendly narrator.
[source:http://www.anti-spamtools.org/SenderIDEmai lPolicyTool/Default.aspx]
No SPF Record has been found for the domain microsoft.com. However, MX and/or A records currently exist for this domain.
The domain's MX and A records contain the following information:
Addresses Listed in A Records
207.46.130.108
207.46.250.119
Mail Servers Listed in MX Records
maila.microsoft.com 131.107.3.124
131.107.3.125
mailb.microsoft.com 131.107.3.122
131.107.3.123
mailc.microsoft.com 131.107.3.121
131.107.3.126
I think the industry term is "eat your own dog food". thanks for the recommendation MS, let me know when you start using your own bloody system.
last time I checked MST3k (a show i love btw) isn't performed live. Alamo is one of the coolest theaters on the planet (they have wifi and beer) and they usually show older movies (at the south location) with many of the patrons making mst3k style comments anyway. MST3k also spent most of the time showing b sci fi movies not stuff like dirty dancing.
As for drumming up publicity, it's in AUSTIN TX! This isn't a world wide distribution, it's not even broadcast on the internet. You can only see this in one location in the entire planet.
As much as I love this show (which you can't even see on tv anyway) I think they are way out of bounds on this one. Mr Sinus is a live performance parody of the MST3k television show.
It's like he was just making the answers up as he went along. Most of the inaccuracies were already pointed out so I won't bring those back up.
The licensing issue (digital things last forever) really shocked me. Tech stuff sure, he's old and never had a clue. I'm not shocked he just said "use 1000 algorithims" and then followed up with "only the dedicated hackers will make copies". I'm sure those dedicated hackers won't bother making anyone else copies.
but really the "cognac glass" analogy was something he *should* be able to spell out for us and have it stay consistent with the party line. I don't license cognac glasses! Here's a better analogy jerk weed.
If a lease a car I am essentially licensing it and have to stay within a lot of restrictions. If I BUY the car I can do whatever the hell I like. OK cars may be a little too modern for Jack. I think he might understand a horse analogy but it's 7am and I really need sleep.
All he said was "I had to install an update to Firefox to block a flaw that would've allowed an attacker to run a program on my system."
e.g. he has OTHER browsers and he keeps up with security flaws in those browsers as well.
"sticking a feather up your butt does not make you a chicken"
Tyler Durden, Fight Club
"You don't have this kind of trouble in foreign airports that are BIGGER targets for this sort of thing."
How many foreign airports have you been to? The last one I saw (in germany) had several armed guards walking around with SMG's. Some international airlines also fly with armed agents on board. Think about that.
It does seem silly in this context but remember how many shows removed images of the twin towers after 9/11? We are just as overly sensitive as the rest of the world at large. We just don't have as many things to complain bitterly about because we are such a young nation. I guarentee you that no one will think about adding planes crashing into buildings in their video games (say age of empires 9).
People have, and continue, to die over Taiwan's status as well as other countries.
None of this belongs in an article about MS software though. It does show that you need a PhD in world history and a personal diplomat to not offend people worldwide when your voice/thoughts reaches that far.
ps; this email likely offended at least one person somewhere or will in the future
I'm curious about how many apps break during installation now. Some programs require constant phone home signals to run and won't work now. I'm sure XP activation and 2003 activation work just fine.
The most annoying feature is the limiting of 10 connections at a time using rawsock.
As someone who helps corporations find flaws in their networks I had the following setup:
XP as base OS with multiple VM images for "serious work".
This worked well since XP had RAW_SOCK support and all my corp applications (read Exchange Outlook) worked fine. My images didn't mind the overhead since we had 1GB of RAM and all the packets went out without problem (think SYN scanning).
that was then, this is the new crappy future.
Now I have error 4226 ALL over my system event log and any types of scans from my images are limited to 10 connections. thanks guys.
I've been contemplating moving to a linux base OS with MS vmware images that would hold my corp applications (again read outlook/exchange) but haven't because of the time it would take to build all these things. Now it looks like I may not have a choice.. MS has essentially shut me out of it's OS. Not that I represent a large section of users but thanks all the same. Just goes to show that the MS operating systems should be considered Tinker Toy quality only. Not for serious work. If you need something that will not purposely limit your network connections out of fear then skip the MS area all together.
They likely eliminated named pipes for ODBC connections which is a horrible way to go a bout things anyway. I think it's for the better really, a lot of vendors used really shoddy procedures for their software and this type of behavior will be corrected with newer implementations like this.
Biologically speaking if there were some new virii infecting humans (say a new flu) I wouldn't want good hearted strangers randomly jabbing me with a needle full of vaccine. It's just not a good idea. I think the intentions are good but the best case scenario I see is a full out war between "white" and "black" worm writers which will eventually fill the networks with worm and vaccine packets. Leaving little to no room for everything else.
Again don't get me wrong, I applaud their effort but it's just not a good idea.
I can see it now, a black clad riot storm trooper.. err peace officer runs up.
He's out of breath and tells his sargent,
"Sgt, the right-wing nutjobs are beating the extreme left fruitcakes with cruifixes.. should we do something?"
"nah, let them get it out of their system a little... then give them the tear gas"
Now that's entertainment. OK you've talked me and my camera into it. I mean I really want to see a picture of that, it'll be like watching the "God hates fags" group picketing in front of the town hall when same sex marriages were allowed!
BTW my favorite new environmental change is the constant friendly announcement (every 5 mins or so) warning me to tackle the next person I think is acting funny. Pick him up and toss him onto that third bar then notify the next train offical for my reward. OK it's not that bad but there are a lot of posters and voice announcements making sure we are "alert" and it's getting really annoying.
see something? ear
say something? eye
This is why I love reading the register:
"We hasten to add that he has not, however, just shot his best mate and buried his face in an enormous pile of cocaine."
You just don't find that kind of reporting on the mainstream news.