121 stories
1 follower

Apple buys original space drama TV series from 'Battlestar Galactica' creator

1 Share
Article Image

Ronald D. Moore, the brain behind the critically acclaimed remake of "Battlestar Galactica," will pen a new space drama for Apple, as the company continues its push into original TV content to compete with the likes of Netflix, Amazon and Hulu.
Read the whole story
10 hours ago
Share this story

High/low dressing

1 Share

The biggest potential pitfall with tailored dressing is looking fussy.

Fussy is not sexy; it is not attractive. It is closely related to appearing ‘affected’ or ‘mannered’.

Looking relaxed in clothing, on the other hand, is very attractive. It lies at the core of terms such as sprezzatura, grace and elegance.

It is why Hardy Amies told us to forget all about our clothing, once we had put it on.

I would argue this is at the very core of dressing well as a man, and is the thing sartorial dressers most frequently get wrong.

Fortunately, there are many ways to achieve it.

The first is dressing more simply, or avoiding anything that you feel you need to fuss with. The second and easiest is just being at ease, but this usually comes over a long period of wearing the same things. And a third is deliberately having some aspects of your dress imperfect (sprezzatura).  

Here we will look at a fourth: mixing casual and formal elements together - sometimes called high/low dressing.

It is not the easiest way to avoid looking fussy or mannered; indeed it is easy to get wrong.

But it is perhaps one of the most stylish way.

One guiding principle for high/low dressing is to play with the accessories, not the core. So outerwear, not jackets; shirts, not trousers.

A second is to be aware there are grades of high and low, which should not be pushed too far apart. So a Barbour jacket with a casual suit, but not with black tie.

The further apart these two extremes are, the easier it is to get it wrong.


1 Outerwear

The easiest and by far the most popular way to add casual, or low elements to an outfit is with outerwear.

Examples of casual (and often cheaper) outerwear pieces that can work well are:

  • Waxed/hunting jackets (Barbour, on Jake below, often being good because many are long enough to cover the full length of the jacket)
  • Duffle coats (Gloverall’s Monty - above - being the classic, but there are lots of other options)
  • Tweed/raglan-sleeved country coats (Smarter, but still definitely more casual than a tailored overcoat)
  • Cotton army coats (Largely field jackets like the M-45, and at a stretch a fishtail parka)

It's easier to look casual and unfussy if the coat is a little beaten up, which leads to a lot of men buying them vintage.

If the fit can work on you, that’s fine, and certainly better than buying artificially aged versions from designer brands.

But be careful with the length. For example, I love my vintage M-45 (shown in the introduction) but my height means it is too short to wear over a tailored jacket.

The issue there is milder version of short gilets over jackets. This is certainly a look, and I can see why some people like it, but for me it stretches the high/low separation too far.


2 Shirts

Second easiest is the casual shirt. Two examples of this have been ubiquitous in recent years: the denim shirt and the polo shirt.

One extreme of the denim shirt is the thick, pearl-snap cowboy shirt (above). The other is the Everyday Denim shirt, which is closer to being a dress shirt that fades nicely.

Mostly it’s safer to have something in the middle - which is obviously denim, but still functions well under a jacket (above).

My advice here would be to never sacrifice fit points (eg long tails to tuck in, collar at a decent height) but feel free to play with the colours, washes and design details.

On the polo shirt, of course, my favourite is the two versions of the Friday Polo I’ve offered here on Permanent Style. But many others, particularly The Armoury (above), offer really nice versions to wear with tailoring.

It subverts the assumptions of tailoring in exactly the same way as denim, but if cut like a regular shirt, mostly just shows in the material and texture.


3 Accessories

Accessories are one of the easiest things to add an outfit, but don’t tend to make as dramatic difference as outerwear.

A beanie that sits close on the head and retains a clean look (above) can be nice with tailoring, and is a big contrast to the alternative of a fedora or trilby.

Caps sit somewhere in between.

Colourful scarves, such as those from Drake’s, Liverano, Rubinacci and others, are not so much more casual and ‘low’ as more fun. They’re colourful, more playful, and can soften tailoring in that way.

They can also be a little flamboyant though, and if anything I tend to prefer more muted scarves such as indigo dyes to achieve the same effect.

I also often wear, as shown at the top of this post, Hermes silk scarves with coats and knitwear.

If anything this is high/low the other way round: the fanciness of a silk scarf being brought down to earth by a wax jacket. 


4 Shoes

A difficult area, largely because guys want to wear trainers with everything and it rarely works.

I’ve covered this in detail in my posts on how to buy and how to wear trainers, but in summary:

  • For a trainer to work with tailoring it must mimic some aspects of a dress shoe. Specifically long, clean lines, plain colour and a simple design.
  • They are best worn with more casual tailoring. So a cotton suit rather than a worsted suit, and most often just smart trousers, without a tailored jacket.

Most of the time, the best way to use shoes to look more relaxed is to just wear them - so they get worn in, look much loved and a little beaten up


5 T-shirts

A T-shirt under a jacket is a favourite of fashionable types, but rarely works.

If you have anything but a short neck, it will be much less flattering than a collared shirt. Also not great for the jacket collar against the skin.

In general - although not as casual - a rollneck or polo-collar buttoned up to the neck will be more effective. 

If you do want to try it, go for a lightweight crewneck sweater underneath the jacket, rather than a T-shirt.

If it’s in cotton, it won’t be much warmer than a T-shirt, and it will make the neckline much smarter. John Smedley even does short-sleeved cotton knits in the summer.

Wearing a slim scarf underneath (as shown above) the jacket can help, as it will create a substitute collar at the neck, and follow the lapels of the jacket nicely.


If you want to try something along these lines, I recommend starting with outerwear.

Wear a sports jacket and flannels into a vintage store, and try various things over the top of your jacket, to see how you like the look.

And don’t be fooled by magazine shots. If you think someone looks good in a T-shirt and jacket, cover up their good-looking face and athletic body, then reconsider.

Photography: All Jamie Ferguson except silk scarf/D-43 and indigo scarf (both Drake's), white trainers (James Munro) and T-shirt (Gieves & Hawkes)

Read the whole story
9 days ago
Share this story

Something is wrong on the internet


Writer and artist James Bridle has noticed that something is wrong on the internet. Specifically, algorithmically chosen and produced content is taking over more and more of the internet, including what your young children are watching on YouTube.

Someone or something or some combination of people and things is using YouTube to systematically frighten, traumatise, and abuse children, automatically and at scale, and it forces me to question my own beliefs about the internet, at every level.

By his own admission, there doesn’t seem to be anything egregiously wrong or upsetting about many of the examples Bridle uses. I mean, have you read Grimm’s fairy tales? Some of them are really dark and/or weird, like Black Mirror for children. But the effect in the aggregate is huge, resulting in what he asserts is a system of abuse in which Google is complicit, a technology fueled by advertising and weaponized against its users:

The architecture they have built to extract the maximum revenue from online video is being hacked by persons unknown to abuse children, perhaps not even deliberately, but at a massive scale. I believe they have an absolute responsibility to deal with this, just as they have a responsibility to deal with the radicalisation of (mostly) young (mostly) men via extremist videos — of any political persuasion. They have so far showed absolutely no inclination to do this, which is in itself despicable. However, a huge part of my troubled response to this issue is that I have no idea how they can respond without shutting down the service itself, and most systems which resemble it. We have built a world which operates at scale, where human oversight is simply impossible, and no manner of inhuman oversight will counter most of the examples I’ve used in this essay. The asides I’ve kept in parentheses throughout, if expanded upon, would allow one with minimal effort to rewrite everything I’ve said, with very little effort, to be not about child abuse, but about white nationalism, about violent religious ideologies, about fake news, about climate denialism, about 9/11 conspiracies.

Tags: Google   James Bridle   YouTube
Read the whole story
38 days ago
Share this story

Equifax Breach Fallout: Your Salary History

2 Comments and 5 Shares

In May, KrebsOnSecurity broke a story about lax security at a payroll division of big-three credit bureau Equifax that let identity thieves access personal and financial data on an unknown number of Americans. Incredibly, this same division makes it simple to access detailed salary and employment history on a large portion of Americans using little more than someone’s Social Security number and date of birth — both data elements that were stolen in the recent breach at Equifax.


At issue is a service provided by Equifax’s TALX division called The Work Number. The service is designed to provide automated employment and income verification for prospective employers, and tens of thousands of companies report employee salary data to it. The Work Number also allows anyone whose employer uses the service to provide proof of their income when purchasing a home or applying for a loan.

The homepage for this Equifax service wants to assure visitors that “Your personal information is protected.”

“With your consent your personal data can be retrieved only by credentialed verifiers,” Equifax assures us, referring mainly to banks and other entities that request salary data for purposes of setting credit limits.

Sadly, this isn’t anywhere near true because most employers who contribute data to The Work Number — including Fortune 100 firms, government agencies and universities — rely on horribly weak authentication for access to the information.

To find out how easy it is to view your detailed salary history, you’ll need your employer’s name or employer code. Helpfully, this page lets you look that up quite easily (although if you opt to list employers alphabetically by the fist letter of the company name, there are so many entries for each letter that I found Equifax’s database simply crashes half the time instead of rendering the entire list).


What’s needed to access your salary and employment history? Go here, and enter the employer name or employer code. After that, it asks for a “user ID.” This might sound like privileged information, but in most cases this is just the employees’s Social Security number (or a portion of it).

At the next step, the site asks visitors to “enter your PIN,” short for Personal Identification Number. However, in the vast majority of cases this appears to be little more than someone’s eight-digit date of birth. The formats differ by employer, but it’s usually either yyyy/mm/dd or mm/dd/yyyy, without the slashes.

Successful validation to the system produces two sets of data: An employee’s salary and employment history going back at least a decade, and a report listing all of the entities (ostensibly, the aforementioned “credentialed verifiers”) that have previously requested and viewed this information.

Once you’re successfully “authenticated,” the system asks you to change your PIN to something more secret than your birthday. When the default PIN is changed, The Work Number prompts users to select a series of six challenge/response questions, which Equifax claims will “improve the security of your data and create an extra layer of protection on your account.”

Unfortunately, consumers whose employee history is stored by this service effectively have no privacy or security unless they possess both the awareness that this service exists and the forethought to access their account online before identity thieves or others do it first.


The Work Number does allow employers to opt for TALX’s “enhanced authentication” feature, wherein after logging in with your employer ID and PIN (often the last four digits of an SSN plus the birth year), the system is designed to require the requester to respond to an email at a work address or a phone call to a work number to validate the login.

However, I did not find this to be the case in several instances involving readers whose employers supposedly used this enhanced authentication method. In cases where corporate human resources departments fail to populate employee email addresses and phone numbers, the system defaults to asking visitors to enter any email address and phone number to complete the validation. This is detailed here (PDF), wherein The Work Number states “if you do not have the required phone and e-mail information on file, you will be prompted to update/add your phone numbers/email addresses.”


Worse yet, while companies that use this service tend to vary their approaches to what’s required in terms of user IDs and PINs, a great many employers publish online detailed instructions on how to fill out these various forms. For example, the State of California‘s process is listed here (PDF); instructions for the Health Resources & Services Administration (HRSA) are here; employees at the National Institutes of Health (NIH) can learn the steps by consulting this document (PDF). The process for getting this information on current and former UCLA employees is spelled out here. There are countless other examples that are easy to find with a simple Internet search.

Many readers probably consider their current and former salaries to be very private information, but as we can see this data is easily available on a broad spectrum of the working population in America today. The information needed to obtain it has been widely compromised in thousands of data breaches over the past few years, and the SSN and DOB on most Americans is for sale in a variety of places online. In short, if you can get these details from Equifax’s online service, so can anyone else.

Fortunately, you can reduce the likelihood that an acquaintance, co-worker, stalker or anyone else can do this by claiming your own account, changing the PIN and selecting a half-dozen security questions and answers. As always, it’s best not to answer these questions truthfully, but to input answers that only you will know and that can’t be found using social networking sites or other public data sources.

I could see this service potentially helping to create a toxic workplace environment because it offers a relatively simple method for employees to glean data about the salaries of their co-workers and bosses. While some people believe that companies should be more transparent about employee salaries, this data in the wrong hands very often generates a great deal of resentment and hostility among co-workers.

Employers who use The Work Number should strongly consider changing as many defaults as possible, and truly implementing the service’s enhanced authentication features.

October is National Cybersecurity Awareness Month, and as such KrebsOnSecurity will continue pointing readers to similar services that let anyone access your personal data armed with little more than static identifiers about you that should no longer be considered private. Although some readers may take issue with my pointing these out — reasoning that I’m only making it easier for bad people to do bad things — it’s important to understand that knowledge is half the battle: Planting your flag before someone else does is usually the only way to keep others from abusing such services to expose your personal information.

Related reading:

USPS ‘Informed Delivery’ is Stalker’s Dream
Student Aid Tool Held Key for Tax Fraudsters
Sign Up at IRS.gov Before Crooks Do It For You
Crooks Hijack Retirement Funds via SSA Portal
Social Security Administration Now Requires Two-Factor Authentication
SSA: Ixnay on txt msg reqmnt 4 e-acct, sry

Read the whole story
67 days ago
Share this story
2 public comments
64 days ago
theworknumber has been down for "maintenance" since the weekend, and of course this happens when i actually need to get data from it
Dallas, Texas
68 days ago
Really, people? Sigh.
Central Indiana

Remembrance of blogs past

1 Share

A week or two ago, this old post of mine got linked on Hacker News. I learned about it on Twitter a day or two later and saw it had been given a short flurry of attention.

Tweets via Hacker News

This happens every year or so, either on Hacker News or some forum on Reddit. The post recounts a story from the mid-80s in which Don Knuth wrote an article/program in the literate programming style and Doug McIlroy wrote a literary-style critique of it. The story seems to interest young programmers with strong opinions, i.e., the kind of people who hang out at Hacker News and Reddit.

Whenever I see this happen, I don’t think about the post or the story behind it. I think about the first time it got attention, which was just a few days after it was written in December 2011, and how I came to learn about it.

I was sitting in a small room in the Edward Cancer Center. It was my wife’s first day of chemotherapy. We had been told this initial session would take longer than normal, and we should bring books, magazines, iPods, computers—whatever we needed to keep ourselves occupied for the full morning and into the afternoon. Janet had some magazines and her iPad; I had my MacBook Air—the same one I still have, but it was only a year old back then.

Her mastectomy had been in early November—the sixth anniversary is coming up—and her oncologist wanted her past the worst effects of that before starting the chemo. The session did last a long time, as promised, but it went pretty smoothly. Easy for me to say, I suppose, but I think she’d agree, because she had recovered well from the surgery and she hadn’t had any chemo before. It wasn’t until the next day, when she started the cycle of drugs taken to counteract the side effects of other drugs—what I likened to The House That Jack Built—that she began to feel rotten.

This is the Taxotere and Cytoxan, which prevent the return of the tumor.

This is the Neulasta, which stimulates the production of white blood cells, which were killed by the Taxotere and Cytoxan, which prevent the return of the tumor.

This is the steroid, which dulls the bone pain caused by the Neulasta, which stimulates the production of white blood cells, which were killed by the Taxotere and Cytoxan, which prevent the return of the tumor.

This is the laxative, which alleviates the constipation, which was caused by the steroid, which dulls the bone pain caused by the Neulasta, which stimulates the production of white blood cells, which were killed by the Taxotere and Cytoxan, which prevent the return of the tumor.

But as we sat in the little room, that was still in the future. She read and surfed the web; I sent some emails and checked Google Analytics to what kind of traffic ANIAT had been seeing. My timing must have almost perfect. Not only were the GA numbers way too high for a post that hadn’t been Fireballed, they were increasing significantly in real time. After a quick check on the referrers, I realized I was getting traffic from both Hacker News and Reddit, which both had active arguments going on about the post with many disparaging comments about me. I can’t remember a time when I’ve cared so little about being criticized so much.

Every time my Knuth/McIlroy post gets renewed attention on Hacker News or Reddit, I’m back in that little room.

After the first visit, Janet took her treatments out in the Cancer Center’s big open area with a wall of windows that overlooked a pond. The sessions didn’t last as long, but they were harder because now she knew what was coming. They were always scheduled for late morning/early afternoon, so I’d get us lunch at Jimmy John’s and we’d eat and look out at the winter as the poisons dripped into her arm.

I just realized, looking back at that last paragraph, that this sounds like it’s going in a dark direction. Sorry about that. Janet’s still here and cancer-free. Although breast cancers like hers can return years later, there’s been no sign that hers will.

Dark memories, though, are hard to avoid, regardless of how things have turned out. Some triggers are obvious, like when I visit a doctor in the building next to the Cancer Center. But some, like seeing a link on Hacker News, are based on odd coincidences that manage to form strong associations.

Steve Jobs’s death, for example, hit us both very hard because it happened during that horrible limbo period between Janet’s diagnosis and mastectomy. His cancer and hers became linked in our minds, and I remember us both crying so much that day. Even today, the connection is there. I found the tribute to Steve during the Apple Event a couple of weeks ago difficult to watch, and I expect the stories next week on the sixth anniversary of his death will bring on the same feelings.

[If the formatting looks odd in your feed reader, visit the original article]

Read the whole story
77 days ago
Share this story

Why Is Cisco Pushing LISP in Enterprise Campus?


I got several questions along the lines of “why is Cisco pushing LISP instead of using EVPN in VXLAN-based Enterprise campus solutions?”

Honestly, I’m wondering that myself (and maybe I’ll get the answer in a few days @ NFD16). However, let’s start at the very beginning…

Read more ...
Read the whole story
94 days ago
I've been asking this same thing without good responses.
Share this story
1 public comment
95 days ago
"Long story short: ask yourself whether you really need large VLANs or whether you need a simpler IP network and smart apps (and as I said, do report your findings in the comments)."

Yes! Though if you walk into a new role and all you have are VLANS and VRFs everywhere, it takes time to get out of it... And probably some bumps along the way that everyone questions which takes more time.
Atlanta, GA
95 days ago
So much truth here.
Next Page of Stories