When Hollywood made films about evil crony capitalists

The Queen Of The World and I watched a really interesting film the last movie night.

First, it was a good flick, with a good script, good acting, interesting characters, and a compelling story.  We give it two thumbs up, and the QoTW thinks it for for a royal command performance.  She remembered the film and picked it for movie night.*

But what I thought was particularly interesting was the choice of villain - a US Senator in the pocket of Tucker's competitors.  The Senator used the FBI and the IRS to go after Tucker's company and shut it down (this story is a little timely, amirite?).

You see, Tucker had designed a revolutionary car, one with enhanced safety features, fuel injection, a padded dash, and a third headlight that would pivot as the car went around corners to light up the road ahead.

And this film wasn't just made in Hollywood - it was produced by George Lucas and directed by Francis Ford Coppola.

Remember, the bad guys are the Senator and the corporations donating to his re-election campaign.  It is best described as a polemic railing against the power of the government when it is directed by big business to crush small, innovative competitors.

But the car was sweet:

You can see the third headlight in the picture.  They only built 51, but 48 are still running.  The film asked the Tucker Automobile Club of America for volunteers, and 21 of those 48 cars appear in the film.  Pretty cool.  Martin Landau was nominated for a Best Supporting Actor Oscar and Joe Jackson (yes, that Joe Jackson) was nominated for a Grammy for his composition.

Recommended, especially if you have kids.  This is entirely family friendly, and appropriately subversive.

* She's clearly not just a pretty face, but smart as a whip.  And delightfully subversive, too.  Unexpectedly so for a Queen.

"Smart" Thermostats hacked

More news from the Internet of (Insecure) Things:

Last week, Andrew Tierney and Ken Munro from Pen Test Partners demoed their proof-of-concept ransomware for smart thermostats, which relies on users being tricked into downloading malware that then roots the device and locks the user out while displaying a demand for one bitcoin. 

The researchers have not released sourcecode or the name of the manufacturer. They say that they gained vital intelligence by examining the manufacturer's regulatory filings with the FCC, and that they could design an attack that turned heating or cooling to arbitrary setpoints, ran both at once, or rapidly power-cycled them, possibly causing damage.

This seems to be not just bad coding and a grotesque inattention to security, but architectural decisions that seem to guarantee failure:

* First, the device has no interlocks to prevent unsafe or unwise settings -- nothing to limit the heating or cooling, or simultaneous air-conditioner/furnace operation, or repeated high-speed power-cycling -- which means that software defects, as well as malicious software, can do significant damage that might be prevented with more thoughtful systems design 

* Second, the business-model for smart thermostats overwhelmingly assumes that users are hostile parties, and protects against them with DRM of some kind. Some thermostats are designed to be sold to power companies who'll subsidize their installation in customers' homes so that the power authority can tweak power consumption to reduce load at peak times -- these sales are much easier to make if the vendor can assure the power company that there are no apps that allow users to override these tweaks, and no apps that enable this will be approved for the device (and the device will not run unapproved apps).

Interestingly, the vendor is not named, so it's not possible for consumers to make informed decisions on what product not to purchase:

This matters because a device with DRM poses significant legal risks to security researchers. Anti-circumvention laws like the section 1201 of the DMCA and European laws implementing Article 6 of the EUCD have been invoked to make civil and criminal threats against security researchers, on the theory that information about defects in a device will assist people who want to bypass the DRM, which is banned under these laws.

Government is what we choose to do together.  Like forcing you to only have insecure products to purchase.  Behold your Philosopher Kings.

Crony Capitalism - not just for Wall Street

It looks like Google owns the White House.

I wonder what  they give in return that makes them so valuable.