LegRoom.net Kick back and relax

I usually refrain from posting about such stuff on my site, mostly because I tend to work myself up into a rant and I just don't have the time and energy to deal with that these days, but this was a really good read. While responding to a question about a certain aspect of airline security, a pilot provided his thoughts on the industry as a whole. This is a very insightful point of view, and covers a lot of what's just plain wrong with the state of affairs today.

I highly encourage anyone interested in this sort of stuff (and if you ever have reason to fly on a plane, you should be interested) to read the full article. It only takes a few minutes.
http://hotair.com/archives/2007/07/16/a-pilot-on-airline-security/

(as found on Bruce Schneier's blog)

It's good to know I'm not the only one that feels this way. :-)

Real Life Comics, 07/25/2007

This is just a quick post about an article I recently read. Cory Doctorow (of Boing Boing, among others) has written a pretty insightful article for Information Week on "...the back room dealing that allowed entertainment companies and electronics companies to craft public policy on digital rights management." It manages to be insightful, disturbing, and disgusting all at the same time, and is worth a read if you're interested in how DRM comes to be.

Here's a small excerpt from the article:

Then the MPAA dropped the other shoe: the sole criterion for inclusion on the list would be the approval of one of its member-companies, or a quorum of broadcasters. In other words, the Broadcast Flag wouldn't be an "objective standard," describing the technical means by which video would be locked away -- it would be purely subjective, up to the whim of the studios. You could have the best product in the world, and they wouldn't approve it if your business-development guys hadn't bought enough drinks for their business-development guys at a CES party.

You can read the full article here:
http://www.informationweek.com/news/showArticle.jhtml?articleID=201000854

or, you can find the much friendlier single-page version here:
http://informationweek.com/shared/printableArticle.jhtml?articleID=201000854

JST posted a good question a while back in the Universal Extractor forum. He wanted to know if any executable files (such as installers) were actually run during the extraction process. For the vast majority of files, UniExtract will "rip" the contents out of the file using a extraction/decompression utility. For example, Inno Setup installers are handled by innounp, self-extracting Zip files are handled by 7-Zip or Info-ZIP, etc. However, there also cases where some files simply must be executed in order to extract the contents.

JST was concerned about this because he sometimes uses Universal Extractor to investigate malicious files. Obviously you want to be very careful when examining malicious files, so his concern was well justified. He asked for a list of file types that UniExtract will actually execute when extracting. It took me a while to get around to documented this, but I've finally done so. You can read the full list in this forum thread:

Are any files executed during extraction?

This is good information to know, especially if you ever work with suspicious files. I'm probably going to add this information to the main UniExtract page as well, and will look into possibly adding a warning message to UniExtract itself before executing any untrusted files.