I searched the review and never once found the term "crackpot" anywhere. From what I saw the reviewer never actually attacked the author, but the book was left completely destroyed.
I think a little SLAPP action is going to happen with this case.
Unfortunately, in truer Slashdot form, the author of the article summary got it completely wrong. The actual review never referred to the author as a 'crackpot', classical or otherwise. He did not attack the author personally, but he shredded the contents of the book from cover to cover.
That's not to say that any educated reader wouldn't draw his own conclusions and consider Pivar a crackpot after having read the tripe.
Anyway, you should read the review. It's hilarious.
The doodles in this book bear absolutely no relationship to anything that goes on in real organisms, but after staring at them for a while, I realized what this book is actually about.
This book is a description of the development and evolution of balloon animals.
It's that bad. This is a book suitable only for use at clown colleges, and even there, I suspect the clowns would tell us that it is impractical, nonsensical, and has no utility in their craft.
I was aiming only at his hubristic claim that it will "never" happen again. We have plenty of laws against robbery, extortion, murder, etc., yet they seem to continue to happen. More laws may make some improvements in the situation, but are certainly not a panacea, and should never be thought of in that way.
So who is "responsible" then if a phisher puts up a fake website that looks like YourBank.com? Is YourBank responsible for your stupidity at falling for the phish?
What about a DNS attack, where legitimate customers going to the legitimate YourBank.com site are redirected to a man-in-the-middle site? Everything looks legit (albeit slow) and it's a near-picture-perfect real-time clone of the bank's site and the user's account info. Who has to pony up in this case? Linksys/Cisco for making a router susceptible to DNS hijacking? IE or Firefox for somehow not recognizing the MITM? Verisign for legitimately issuing a certificate to a hacker that he then later misused?
At some point a lot of these fall into the category of technological failings. Are we suddenly going to see disclaimers on routers and ethernet switches claiming "Not suitable for secure financial transaction data"?
The only way to truly end this is to remove the ability to use the data online, and require face-to-face authentication. Shut down commercial use of the internet. Not a likely scenario.
The next best solution would be to train employees and end-users how to safely transact business over the internet. Joe Sixpack can't even identify every button on his TV remote control -- what are the chances he can learn how to check certificates for authenticity? Even if he could be trained, would you then shoulder the responsibility for training him how to spot hacks just in time to have a new hack come out and steal his account information anyway? "Mr. Trainer, I followed your instructions exactly and I still got hacked. Here's a lawsuit for damages due to your incompetence."
And before you place too much faith in IPV6 to solve all these problems, you should take a look at every other piece of technology claiming to solve security problems. They're all flawed -- some more than others. It's just that we don't know IPV6's vulnerabilities yet.
"all you have to do is pass a law...and it would never happen again"?
Oh, if it were that easy. Pass a law and Windows bugs are fixed. Pass a law and dishonest employees will never steal again. Pass a law and a hard drive will never be misplaced, or a delivery service will never lose a tape en route, or a destruction service will never hire a corporate spy.
California (and a few other states) has a law requiring notification. Minnesota has almost exactly the law you would like requiring the leaking parties to be responsible for the costs, yet continues to have breaches.
Laws aren't like some magical "wand of protection +5". Sure, they give people incentive to do something, but they can't actually stop the dishonest people, nor do they protect us from the incompetent until after the damage is done.
According to Google products, really cheap tubes are about $0.10 per foot. Of course, those can get all tangled up with your own personal internets. It's not something you just dump something on. It's not a big truck.
EAR / ITAR and government monitoring discussions are completely irrelevant. The industries have both the cryptographic know-how as well as full access to the technology. Plus, the industry has no particular concern that the government not be able to monitor or decrypt the communications. They'd be fine with a key escrow based solution. Trust me: the U.S. government isn't keeping Visa from having access to RSA or AES.
The problem is strictly one of Visa's origin. 9 years ago Mastercard created the Secure Electronic Transaction (SET) protocol, which was a robust public-key based encryption scheme. It spelled out precisely the algorithms to use, and exactly the message envelope structure. It appeared to be cryptographically secure. So what happened to it? Visa killed it. The envelope was so secure that merchants could communicate directly with banks, completely bypassing any need for the message to travel over their closely-guarded proprietary VisaNet. And messages that don't flow over VisaNet don't generate revenue for Visa.
It's strictly Visa's greed that has permitted the current intolerable situation to appear. And until SET or an equivalent standard is adopted (and believe me Visa will try hard to kill it) it's likely to remain the status quo. Whether or not the government wishes to mandate an escrow key on top of the protocol will make no difference.
Well , knowing the encryption algo. makes it easier to guess passwords.
Kerckhoff's Principle states that a crypto system should be secure even if the attacker knows the algorithm. The strength of the algorithm rests solely on the secrecy of the key.
If they even used encryption (which is still a question) they probably used a home-grown solution with no cryptographic review of the algorithms, the process, or of simpler things such as key management. Perhaps they baked a symmetric key in their source code, or something equally stupid. Or maybe they encrypted the account on the authorization requests, but not in the transaction data that was stored.
But don't lay 100% of the blame at TJX's feet. I partly blame Visa, Mastercard and the entire payment card industry for failing to standardize on an encryption solution. Right now the PCI CSP audits simply state nebulous crap like "you must encrypt some stuff". They don't say "how" to encrypt them, they don't say precisely what to encrypt, and they certainly don't provide encryption formats, routines, key management practices or anything that would be useful to a retailer trying to implement encryption. If Visa really wanted security, they'd provide a secure end-to-end encrypted transaction format and require retailers to conform to it (anyone remember SET?) But no, they let TJX install something like a ROT13 cypher, and then TJX likely hired the cheapest PCI auditing firm they could find consisting of a drunk guy with a Cap'n Crunch Decoder Ring who claimed to be an encryption expert. (I've heard that some retailers who failed their PCI audits have shopped around for a more lenient auditor.)
Don't get me wrong -- PCI has some very solid security requirements that can go a long way towards thwarting attackers. If properly designed. And properly implemented. And properly maintained. And properly audited. But that's a whole lot of "if".
I don't admire any of Ventura's fiscal policies. His tax cuts were purely personal. A man with a Porsche collection cuts vehicle registration taxes, and now we don't have enough money to fix our roads. A man with a movie-star income cuts income taxes. And Pawlenty(spit!) who was propped up by an Astroturf "Taxpayers League Of Extraordinarily Rich Gentlemen" steadfastly refuses to increase state taxes, shifting the burden to local taxes -- oh, wait, we can't have local income taxes, so we all raise our property taxes instead, and especially on Grandma's house since she's on a fixed income. And he claims some mythical high ground for "doing what he promised" -- by the simple act of ignoring all the needy equally. Hope you like the old folks home, Granny, just don't get sick.
I liked Jesse's social policies of "leave us the fuck alone," but every time he touched the budget it was always out of his own greed. And I can't wait for Pawlenty(spit!) to head off to Washington to hitch his wagon to some scandal-clad repuglican. I hope he ends up sharing a cell with Delay, and they can spend their days arguing about "who gets to be the hammer tonight."
the real variable here is how that money is spent.
I agree totally, but I want to point out that's not entirely the school's fault. Our most expensive-per-pupil school districts are the Minneapolis and Saint Paul districts ($9,000+/year vs $5,000-8,000/year for the average suburban districts) and they're definitely struggling more than the suburbs. The real problem is poverty. The test score statistics are frequently misused to claim "the urban schools are wasting the money we give them." But these districts have more kids from poor families than most other districts, and there's certainly a strong correlation (if not a direct cause) between poverty and learning. I believe all the schools are actually trying very hard to find ways to teach these kids, but there's only so much they can do. For many of the children the school is the only positive structure in their lives. School lunch is their only substantial meal of the day; occasionally it's their only meal. There are plenty of single mother families where mom is working two minimum wage jobs leaving her 6-year-old to come home from first grade to an empty house, living upstairs from a crack dealer. You could spend $50,000 a year on a kid like that and still make no progress on his test scores, which is still the only measure of education that is counted.
But if you place that money in the mother's hands where she might use it to be able to be home for her kids, you get nothing but selfish bastards in the state capitol shouting "Welfare queens are scamming the system! Look at her with a 37 hour a week job ripping off state aid money!!"
I see a direct link between poverty and almost every other social problem, especially crime. During the boom years of the 90s, crime steadily decreased around here. Since the bubble burst crime has been on the increase, even though enforcement has too. Enforcement doesn't seem to slow crime down as much as giving people enough money to survive; money reduces the number of desperate people who turn to crime as a last resort.
So yeah, the money has to be spent wisely. But the schools can't use the money to fix everything that needs fixing.
Be careful in leaping too quickly to that judgment, because you're looking at only a single point in time.
The Minnesota Miracle began in the 1960s, at which time our state got serious about pouring money into our schools. Our tax rates soared and remained consistently among the highest in the nation; and at the same time our schools performance rocketed to the top of the nation. Education remained mostly well funded up until about 1998. But ever since then our schools have been either coasting on steadily decaying infrastructure or independent districts have been imposing ever-larger property tax levies. Our previous governor screwed up the tax base for his own gain, and our current Chicken Little governor has continually refused to fix the mess his predecessor left behind, saying "everything's always been just fine, you don't need more money."
Our schools are still performing pretty well, but we're hemorrhaging experienced teachers as they can't afford to remain in their jobs. Unless something drastic changes around here, don't expect Minnesota to remain near the top of that list for much longer.
And if someone ever asks you to elect a professional wrestler as your governor, just shoot them repeatedly until they stop asking.
Extra points to whoever makes an xkill clone that has configurable sound when you shoot the app,
That was done eight years ago: Doom as a tool for system administration. I like the creative ideas, like giving new sys admins puny weapons, and making them think hard before they run into a room full of processes and killing them at random. Or that "wounding" a process translates into renicing it.
Re:I thought my Linux education was going well...
on
Creative Documentation
·
· Score: 2, Funny
One of the problems will be in what some people consider "funny". Would you have read the documentation if it went like this?
Narrator: In A.D. 2007, virtualization was beginning. LGuest: What happen ? Machine: Somebody set up us the guest kernel. User: We get host OS. LGuest: What ! Operator: Main OS boot up. LGuest: It's you !! Hypervisor: How are you gentlemen !! Hypervisor: All your kernel are belong to us. Hypervisor: You are on the way to virtualization. LGuest: What you say !! Hypervisor: You have no chance to survive make your time. Hypervisor: Ha Ha Ha Ha.... User: Captain !! LGuest: Take off every 'IO' !! LGuest: You know what you doing. LGuest: Move 'IO'. LGuest: For great justice.
A good design document based on use cases can make a really good starting point for the "why" document. If a use case titled 'Load guest kernel' doesn't mean anything to you, you're probably not the target audience for the document, let alone the product itself.
We had a guy spend months preparing a bunch of online courses that gave step by step instructions on how to click here, drool there, drag this and drop that for some source code management product. He gave complete details on how to click on the most detailed minutia of their tools. He came back to us at the end and proudly said "So, what do you guys think of the online courses?" I felt bad telling him that they were almost useless, because I didn't know when or why I'd want to do any of that stuff. I may not know what the hell a subordinate change request document is, when I'd want one, why I'd need one, who would request one, or what I'd type on one, but I sure know how to create one. I asked him if he documented the use cases (meaningful things like "Request a Build") but I never heard back from him.
This attack sounds like one I heard about 10 years ago. Some kid showed up at a locksmith convention selling Medeco opening kits for cheap. A former buddy bought one.
Basically, the trick is you don't pick the lock at all. You pass the metal strip THROUGH the body of the lock and out the back, and use it to retract the bolt mechanism behind the cylinder. Damned clever attack.
There are many reasons for doctoring photos. The point of these isn't to "confuse the enemy", but to "boost morale of the troops", by showing their leaders as so successful that they can sit out in the open, in a living room somewhere, and lead a normal life in the face of the insignificant U.S. forces. While in reality, they're cowering in bunkers or caves, or perhaps hiding in Pakistan or Iran.
Unfortunately, detecting the fakes isn't enough. The CIA could say "Hey, look, these are faked, you're following cowards" but that'd be dismissed simply due to the source. What really needs to happen is these forgery-detection tools need to get in the hands of the "faithful" so they can convince themselves that they're being led by cowardly stooges. (Not that they would, as the leaders would probably dismiss such tools as lies from the Great Satan.)
Our company had the same issue with Windows NT. We didn't upgrade to XP until the end of life of NT, and I suspect we'll drag our feet on Vista until Microsoft drags the XP support out from under us.
But that kind of begs the question: what could be so bad about XP service pack 6b that would make us need to keep support for it? It's not like it'll "wear out" or anything.
What I find more interesting is that XP is still available for sale in retail stores AND it's priced the same as it was before the release of Vista. Apparently Microsoft isn't trying all that hard to push customers to Vista by ending new sales of XP.
Sure, TATP is difficult to make in quantity, but who says you need a lot? It just needs to be placed in the correct position to cause maximum damage to the plane: perhaps near a fuel tank or line, control cable, or hidden wiring harness.
And who says it has to be an explosive? There are many toxic gases that could be mixed on site that wouldn't require a lot of volume or time, and wouldn't be detectable by nitrate sniffers. Even if you don't kill the pilots, landing a plane carrying 253 corpses is going to cause a reaction. A small breath-spray can filled with LSD-laden water would make landing the plane oh-so-groovy. Hollywood has several "Armageddon movies" showing viruses causing worldwide pandemics. And other possibilities include using flammable metals, such as a magnesium encased laptop (anyone remember GRiD?), to ignite the aluminum structure of the plane itself. The heat to ignite them could be generated by short-circuiting a fully charged lithium ion battery, and waiting for the battery to burst into flame.
Check Bruce's blog, I think he's running another movie-plot terrorism contest to see if he can get something even stupider than 3 ounces of liquid banned (like leather belts or baby pacifiers or something.)
If they thought the liquids were really hazardous (as in, 'might be a bomb') then they'd need to put it in some sort of special disposal container. That they don't makes it clear that they know they're just taking people's shampoo.
Actually, this idea does have a bit of science behind it. The supposed threat they're trying to defend against are "binary" bombs -- where one part of stable chemical A plus one part of stable chemical B combine to make an unstable compound. While they're not mixed together, they're safe, but if the terrarist mixes them up on the plane they'll detonate. They're still safe to throw the components individually into the trash bin.
Every time I fly, there's some screwup due to the TSA. More than once in the last two years I've been picked out for "special screening". The last time I flew was out of McCarron in Las Vegas, and the security lines were 90 minutes long. Even having Penn and Teller record a stupid video to "entertain" us while waiting didn't help.
More people are beginning to understand that security theater is nothing more than smoke and mirrors. But not enough to end this lunacy any time soon, I'm afraid. Some people are still convinced that this hoax somehow makes them "safer". Frankly, I'd rather have travelers scared crapless -- if the cowards would stay home, there'd be less congestion at the airports (and maybe fewer people bringing three-year-old kids to kick the back of my seat for five fscking hours!)
A: Take your foot off his throat.
I think a little SLAPP action is going to happen with this case.
That's not to say that any educated reader wouldn't draw his own conclusions and consider Pivar a crackpot after having read the tripe.
Anyway, you should read the review. It's hilarious.
I was aiming only at his hubristic claim that it will "never" happen again. We have plenty of laws against robbery, extortion, murder, etc., yet they seem to continue to happen. More laws may make some improvements in the situation, but are certainly not a panacea, and should never be thought of in that way.
What about a DNS attack, where legitimate customers going to the legitimate YourBank.com site are redirected to a man-in-the-middle site? Everything looks legit (albeit slow) and it's a near-picture-perfect real-time clone of the bank's site and the user's account info. Who has to pony up in this case? Linksys/Cisco for making a router susceptible to DNS hijacking? IE or Firefox for somehow not recognizing the MITM? Verisign for legitimately issuing a certificate to a hacker that he then later misused?
At some point a lot of these fall into the category of technological failings. Are we suddenly going to see disclaimers on routers and ethernet switches claiming "Not suitable for secure financial transaction data"?
The only way to truly end this is to remove the ability to use the data online, and require face-to-face authentication. Shut down commercial use of the internet. Not a likely scenario.
The next best solution would be to train employees and end-users how to safely transact business over the internet. Joe Sixpack can't even identify every button on his TV remote control -- what are the chances he can learn how to check certificates for authenticity? Even if he could be trained, would you then shoulder the responsibility for training him how to spot hacks just in time to have a new hack come out and steal his account information anyway? "Mr. Trainer, I followed your instructions exactly and I still got hacked. Here's a lawsuit for damages due to your incompetence."
And before you place too much faith in IPV6 to solve all these problems, you should take a look at every other piece of technology claiming to solve security problems. They're all flawed -- some more than others. It's just that we don't know IPV6's vulnerabilities yet.
Oh, if it were that easy. Pass a law and Windows bugs are fixed. Pass a law and dishonest employees will never steal again. Pass a law and a hard drive will never be misplaced, or a delivery service will never lose a tape en route, or a destruction service will never hire a corporate spy.
California (and a few other states) has a law requiring notification. Minnesota has almost exactly the law you would like requiring the leaking parties to be responsible for the costs, yet continues to have breaches.
Laws aren't like some magical "wand of protection +5". Sure, they give people incentive to do something, but they can't actually stop the dishonest people, nor do they protect us from the incompetent until after the damage is done.
I can just hear you now: "If you don't like the way I drive, get off my sidewalk you damn kids!"
According to Google products, really cheap tubes are about $0.10 per foot. Of course, those can get all tangled up with your own personal internets. It's not something you just dump something on. It's not a big truck.
The problem is strictly one of Visa's origin. 9 years ago Mastercard created the Secure Electronic Transaction (SET) protocol, which was a robust public-key based encryption scheme. It spelled out precisely the algorithms to use, and exactly the message envelope structure. It appeared to be cryptographically secure. So what happened to it? Visa killed it. The envelope was so secure that merchants could communicate directly with banks, completely bypassing any need for the message to travel over their closely-guarded proprietary VisaNet. And messages that don't flow over VisaNet don't generate revenue for Visa.
It's strictly Visa's greed that has permitted the current intolerable situation to appear. And until SET or an equivalent standard is adopted (and believe me Visa will try hard to kill it) it's likely to remain the status quo. Whether or not the government wishes to mandate an escrow key on top of the protocol will make no difference.
If they even used encryption (which is still a question) they probably used a home-grown solution with no cryptographic review of the algorithms, the process, or of simpler things such as key management. Perhaps they baked a symmetric key in their source code, or something equally stupid. Or maybe they encrypted the account on the authorization requests, but not in the transaction data that was stored.
But don't lay 100% of the blame at TJX's feet. I partly blame Visa, Mastercard and the entire payment card industry for failing to standardize on an encryption solution. Right now the PCI CSP audits simply state nebulous crap like "you must encrypt some stuff". They don't say "how" to encrypt them, they don't say precisely what to encrypt, and they certainly don't provide encryption formats, routines, key management practices or anything that would be useful to a retailer trying to implement encryption. If Visa really wanted security, they'd provide a secure end-to-end encrypted transaction format and require retailers to conform to it (anyone remember SET?) But no, they let TJX install something like a ROT13 cypher, and then TJX likely hired the cheapest PCI auditing firm they could find consisting of a drunk guy with a Cap'n Crunch Decoder Ring who claimed to be an encryption expert. (I've heard that some retailers who failed their PCI audits have shopped around for a more lenient auditor.)
Don't get me wrong -- PCI has some very solid security requirements that can go a long way towards thwarting attackers. If properly designed. And properly implemented. And properly maintained. And properly audited. But that's a whole lot of "if".
I liked Jesse's social policies of "leave us the fuck alone," but every time he touched the budget it was always out of his own greed. And I can't wait for Pawlenty(spit!) to head off to Washington to hitch his wagon to some scandal-clad repuglican. I hope he ends up sharing a cell with Delay, and they can spend their days arguing about "who gets to be the hammer tonight."
I agree totally, but I want to point out that's not entirely the school's fault. Our most expensive-per-pupil school districts are the Minneapolis and Saint Paul districts ($9,000+/year vs $5,000-8,000/year for the average suburban districts) and they're definitely struggling more than the suburbs. The real problem is poverty. The test score statistics are frequently misused to claim "the urban schools are wasting the money we give them." But these districts have more kids from poor families than most other districts, and there's certainly a strong correlation (if not a direct cause) between poverty and learning. I believe all the schools are actually trying very hard to find ways to teach these kids, but there's only so much they can do. For many of the children the school is the only positive structure in their lives. School lunch is their only substantial meal of the day; occasionally it's their only meal. There are plenty of single mother families where mom is working two minimum wage jobs leaving her 6-year-old to come home from first grade to an empty house, living upstairs from a crack dealer. You could spend $50,000 a year on a kid like that and still make no progress on his test scores, which is still the only measure of education that is counted.
But if you place that money in the mother's hands where she might use it to be able to be home for her kids, you get nothing but selfish bastards in the state capitol shouting "Welfare queens are scamming the system! Look at her with a 37 hour a week job ripping off state aid money!!"
I see a direct link between poverty and almost every other social problem, especially crime. During the boom years of the 90s, crime steadily decreased around here. Since the bubble burst crime has been on the increase, even though enforcement has too. Enforcement doesn't seem to slow crime down as much as giving people enough money to survive; money reduces the number of desperate people who turn to crime as a last resort.
So yeah, the money has to be spent wisely. But the schools can't use the money to fix everything that needs fixing.
The Minnesota Miracle began in the 1960s, at which time our state got serious about pouring money into our schools. Our tax rates soared and remained consistently among the highest in the nation; and at the same time our schools performance rocketed to the top of the nation. Education remained mostly well funded up until about 1998. But ever since then our schools have been either coasting on steadily decaying infrastructure or independent districts have been imposing ever-larger property tax levies. Our previous governor screwed up the tax base for his own gain, and our current Chicken Little governor has continually refused to fix the mess his predecessor left behind, saying "everything's always been just fine, you don't need more money."
Our schools are still performing pretty well, but we're hemorrhaging experienced teachers as they can't afford to remain in their jobs. Unless something drastic changes around here, don't expect Minnesota to remain near the top of that list for much longer.
And if someone ever asks you to elect a professional wrestler as your governor, just shoot them repeatedly until they stop asking.
That was done eight years ago: Doom as a tool for system administration. I like the creative ideas, like giving new sys admins puny weapons, and making them think hard before they run into a room full of processes and killing them at random. Or that "wounding" a process translates into renicing it.
We had a guy spend months preparing a bunch of online courses that gave step by step instructions on how to click here, drool there, drag this and drop that for some source code management product. He gave complete details on how to click on the most detailed minutia of their tools. He came back to us at the end and proudly said "So, what do you guys think of the online courses?" I felt bad telling him that they were almost useless, because I didn't know when or why I'd want to do any of that stuff. I may not know what the hell a subordinate change request document is, when I'd want one, why I'd need one, who would request one, or what I'd type on one, but I sure know how to create one. I asked him if he documented the use cases (meaningful things like "Request a Build") but I never heard back from him.
Aha! So that's why I know so freakin' much about aardvarks, but jack sh!t about zebras.
Basically, the trick is you don't pick the lock at all. You pass the metal strip THROUGH the body of the lock and out the back, and use it to retract the bolt mechanism behind the cylinder. Damned clever attack.
Unfortunately, detecting the fakes isn't enough. The CIA could say "Hey, look, these are faked, you're following cowards" but that'd be dismissed simply due to the source. What really needs to happen is these forgery-detection tools need to get in the hands of the "faithful" so they can convince themselves that they're being led by cowardly stooges. (Not that they would, as the leaders would probably dismiss such tools as lies from the Great Satan.)
But that kind of begs the question: what could be so bad about XP service pack 6b that would make us need to keep support for it? It's not like it'll "wear out" or anything.
What I find more interesting is that XP is still available for sale in retail stores AND it's priced the same as it was before the release of Vista. Apparently Microsoft isn't trying all that hard to push customers to Vista by ending new sales of XP.
And who says it has to be an explosive? There are many toxic gases that could be mixed on site that wouldn't require a lot of volume or time, and wouldn't be detectable by nitrate sniffers. Even if you don't kill the pilots, landing a plane carrying 253 corpses is going to cause a reaction. A small breath-spray can filled with LSD-laden water would make landing the plane oh-so-groovy. Hollywood has several "Armageddon movies" showing viruses causing worldwide pandemics. And other possibilities include using flammable metals, such as a magnesium encased laptop (anyone remember GRiD?), to ignite the aluminum structure of the plane itself. The heat to ignite them could be generated by short-circuiting a fully charged lithium ion battery, and waiting for the battery to burst into flame.
Check Bruce's blog, I think he's running another movie-plot terrorism contest to see if he can get something even stupider than 3 ounces of liquid banned (like leather belts or baby pacifiers or something.)
More people are beginning to understand that security theater is nothing more than smoke and mirrors. But not enough to end this lunacy any time soon, I'm afraid. Some people are still convinced that this hoax somehow makes them "safer". Frankly, I'd rather have travelers scared crapless -- if the cowards would stay home, there'd be less congestion at the airports (and maybe fewer people bringing three-year-old kids to kick the back of my seat for five fscking hours!)
No problem. You can use my goldy meter or my bronzy meter. They're just like your irony meter, only they're made of gold and bronze.