Thursday 29 May 2008 at 10:01 pm
If you've been following the news media for the past year or so, stores have been cropping up with frightening regularity about travelers who are detained at the border while customs agents demand the login credentials for their notebook computers so that they can be examined for gods-know-what kind of information. From time to time, the hard drives of computers are actually imaged for later analysis. As if that weren't enough, the United States Supreme Court has stated the opinion that this is permissible and a legally defensible thing to do, regardless of whether or not you are an American citizens, regardless of whether or not you're actually up to no good. Just a few days ago, it came out that Canada
is trying to push through the Anti-Counterfeiting Trade Agreement, which would make it legal for Canadian border authorities to search not only portable computers, but USB keys, cellular phones, and MP3 players for information (specifically, pirated MP3 files)... the very act of searching one's personal and corporate storage media constitutes a potential information spillage situation because it may not be possible to prove in a court of law that data
wasn't copied during the search. You can't necessarily prove a negative when you're dealing with file systems.
As one might imagine, not a few companies and government agencies (funny, that) are starting to get nervous about this because it means the potential leakage of sensitive information. Many companies put their employees under non-disclosure agreements that specifically forbid the disclosure of corporate information, and it's possible that they could lose their jobs if their computers are examined by the border patrol, even if they could prove that nothing sensitive was copied. On top of this, they can and have demanded the passwords to full-disk encryption software to facilitate their searches, which pretty much throws the "because it's encrypted, you can't prove that you have anything at all" argument to the dogs. As if that weren't enough to make important people sweat, there are now federal laws in effect that mandate hefty fines in the event that there is a data spillage - HIPAA comes immediately to mind.
These developments have so many people concerned that some companies are beginning to roll out policies in which laptops are issued to people in the field that have only a basic operating system images pressed onto them. Aside from a web browser and a basic office suite, there a VPN client is also installed. The person on field assignment connects back into their employer's network using the VPN client, and either uses Remote Desktop to access a server to get work done (which minimizes the possibility of data leakage) or copies data back to their issued laptop. Changes are pushed back later, usually just before the return trip. Secure erasure of data is performed to eliminate the possibility of data leakage in the event that the officials at the airport feel a burning desire to check out the laptop.
There are still people out there who espouse the "if you're not doing anything wrong, you have nothing to hide" party line, and by now
if people far more erudite than I still can't convince them, I certainly can't. However, one thing that I wish to point out is how often laptop computers are stolen along with all of the data inside of them. How many of you out there manage your budgets and accounts with the same laptop that you take on the road? How many of you out there do your taxes every year on the same laptop that you take on the road? Aside from being easily sold on eBay or the black market, laptop computers contain lots of information that thieves (or accomplices of thieves with a decent amount of technical acumen) can pull off of the computer's hard drive and abuse.
Stolen identities can go for as little as $0.40us on the black market these days, but being able to take out a $8kus line of credit that can be abused for a few months makes that handful of pennies worth their weight in platinum, if I may bend a metaphor until it breaks. Just because your laptop requires a password to get into doesn't mean that the hard drive can't be extracted, and the contents mined with a few minutes of effort. It is due to the fact that
most security countermeasures are worthless once the attacker gets their hands on the hardware that disk and file-level encryption technologies are beneficial to set up on portable machines.
More under the cut...
Tuesday 27 May 2008 at 6:06 pm
A couple of weeks ago, one of the trailers that was shown before the movie
Iron Man was for a theatrical showing of the live-action movie based upon a popular manga and anime series called
Death Note. As Lyssa and I are both fans of the series (she of the manga, I of the live-action movies), we made it a priority to hit the one night only showing at Tyson's Corner AMC last week. Mika was kind enough to score tickets for us early (she had to, because they were almost sold out by the time we got into line), and the three of us, joined by Hasufin, joined in the fun after a quiet and tasty dinner at one of the restaurants on the bottom floor.
If you're not familiar with the premise of the series, a
Death Note is a black notebook that never seems to run out of paper from the world of the shinigami, the Japanese gods of death. Anyone whose name is written in a death note will keel over of a heart attack within forty seconds. If a cause of death is specified for a particular name, then they will die in the manner prescribed by the death note. Somehow, a death note with the rules underlying its use written inside the cover has found its way to Earth and into the hands of a brilliant college student, Yagami Light, who obsesses over justice... I'll not go into more detail because this also means giving away some important plot points but I will say that the story is an excellent psychological thriller, with two twisted geniuses locked in a life-or-death battle.
About a year ago, I bought copies of the first and second
Death Note movies on DVD. They were subtitled with decent translations from Japanese, so I wasn't sure what I was in for when it hit the silver screen. Unfortunately, Viz Pictures chose to dub the soundtrack to the movie rather than keep the subtitles... while they had to at least make an attempt at matching the motions of the actor's mouths to the new soundtrack, the delivery came across as stilted and kind of cheesy (in a "Kung-Fu Theatre" sort of way) and some of the translations were, in a word, awful. They also overdubbed some new lines for 'L' that better explained how the character of Misora Naomi was brought into the movie with little warning - it ties things in with the novel
Death Note: Another Note
(which tells the story of one of L's earlier cases nicely). Round things out was Kaga Takeshi as Police Detective Yagami Soichiro - Light's father. Fans of the original
Iron Chef will recognise the actor instantly...
More under the cut...
Sunday 25 May 2008 at 02:00 am
Fascinating!
Thursday 22 May 2008 at 9:46 pm
Fans of the famous BBC television series
Doctor Who - in particular, the newly rebooted version which began in 2005 - probably ask themselves from time to time what executive producer Robert T. Davies is on, and whether or not being caught carrying any is a felony. Sure, he started the series up again and it's still going strong after four years, but every once in a while he comes up with a real stinkburger.
The Christmas Invasion.
Love and Monsters. Some of the stuff that happened in
Last of the Time Lords. Overuse of the Daleks in each season. Some people want to pretend that the second season just didn't happen, in fact.
Earlier this week it was announced that
RTD will be stepping down as both Lead Writer and Executive Producer and will be replaced by Steven Moffat. For those of you not familiar with Mr. Moffat, he wrote the episodes
Blink,
The Empty Child, and
The Girl In the Fireplace, which are not only widely regarded as some of the series' best episodes but have also won a number of prestigious awards. I am of the opinion that this is a Good Thing, and the overall quality of the series is going to go farther up because.. well... otherwise good to excellent seasons of the show won't have the occasional head-slapper episode.
Tuesday 20 May 2008 at 9:20 pm
Oh, holy shit - not safe for work... at a public presentation by Garry Kasparov in the Russian Confederation a couple of days ago,
somebody buzzed the crowd with a remotely controlled flying dildo.
No, I'm not kidding. If you click on the link, you can clearly see a radio controlled helicopter shaped like a large penis flying over the crowd for about half a minute, until it was struck out of the air by a security officer. There is a screenshot from the video as well as a copy of the video itself, in which you can clearly see the double rotor... replica organ merrily flying over the crowd in a scene reminiscent of a certain practical joke in
Robert Anton Wilson's Schrodinger's Cat Trilogy.
First the Church of Scientology gets rickrolled, and now a famous chess master
is upstaged by a plastic wang. Hail Eris.
Tuesday 20 May 2008 at 4:06 pm
As if it wouldn't be
interesting enough at
EuSecWest this week, another hardware attack has been discovered. This one is arguably nastier because it could conceivably cost the user quite a bit of money if
someone hoses equipment by forcing a bad firmware flash. Rich Smith, who is the head of research into offensive technologies and threats at the HP Systems Security Lab (you know, they really could have come up with a more ominous name for their outfit) has developed a method in which an attacker can cause a permanent denial of service attack on a unit by finding vulnerabilities in the protocol used to update the firmware (usually
TFTP, but there are others) and then causing a crash partway through the firmware image loading process. Bad or missing firmware usually means a bricked device, but
sometimes there are ways to recover from such a problem. Either way, however, a network that's been hit is looking at replacement fees or annoyingly high amounts of time to recover from an attack.
Tuesday 20 May 2008 at 3:45 pm
One of the most arcane yet commonly encountered pieces of equipment on the Net today are
routers - devices (usually big, expensive devices) that look at the destination IP addresses of each packet they see and decide which port to throw them out of to help them on their way. Usually you don't see them up close because they tend to live in data centers or wiring closets (for smaller shops) in racks, safely locked away. While there are a couple of manufacturers out there who specialize in them, for people in the know the first thing they think of when you say the word 'router' is usually
Cisco, who's been in the market for years. At any rate, Cisco's battening down the hatches because one Sebastian Muniz of Core Security Technologies is preparing to unveil his research at the
EuSecWest conference later this week. It seems that Muniz
has figured out how to write rootkits for compromised Cisco routers. If you've never encountered a
rootkit before, a rootkit is a software package that is designed to hide the presence of an intruder in a system. Sometimes you'll see daemons that permit remote access or utilities that really shouldn't be there, but you'll definitely find kernel modules or other OS modules that modify the running kernel to hide network connections, parts of the file system, active logins, and more. Following on the heels of
Mike Lynn's research from a few years ago Muniz has figured out how to embed his own software inside of
Cisco IOS, the firmware that underlies Cisco's networking equipment once the device has been compromised.
There is already controversy brewing over this development: Some people are saying that this is impossible, or that the vulnerability is hypothetical. Others are saying that it doesn't matter because you need
level 15 privileges on the router before you can install the modified firmware image (but then again, you need root or Administrator privileges to install a rootkit on general purpose machines, and historically speaking that's not impossible, either). A select few voices are calling for this guy's head on a platter, though after the hit that Cisco took when they tried to hush Lynn's work a few years ago, I don't think that it's going to work due to all of the bad press they got. One thing that I can say for certain is that there are people out there who aren't just attacking computers, they're also spending time trying to compromise routers to reconfigure them in interesting ways. It's not as common an attack as, say, people writing daemons to brute-force accounts over SSH, but of the people who actively monitor the logs coming from their routers, a small number of them are seeing dozens to hundreds of attempts to brute force accounts every day.
Monday 19 May 2008 at 11:26 pm
Remember when
Lowmagnet was in town and we wound up at Spellbound?
He posted the pictures he took while he was in DC.
Monday 19 May 2008 at 9:54 pm
The way the last couple of weeks have been going, it's a safe bet that you can guess how Friday went. If you guessed 'more dental work', then you hit the nail squarely on the head. It has been two weeks (now a bit more than that) since my root canal, and I had gone back to Family Dentistry to get the molar in question cleaned out, built up, and have a temporary crown installed. Ordinarily, this isn't such a big deal because once the nerve's gone (i.e., post-root canal) you can pretty much dig around inside the tooth without a whole lot of trouble, but for some reason I kept feeling... things... down below that tooth, or at least early on I did.
I'm really not sure what they were. My working hypothesis is that the heat generated by the drill bit was traveling down into the jawbone past the region that had been numbed, and into the places that hadn't been knocked out by the novocaine. The molar in question is quite a bit closer to the front of my mouth than usual, which is why this was a new experience. After turning up the flow of cooling water a couple of notches, however, that problem was pretty much solved.
What really got me was the modifications that had to be made to my gumline to fit the temporary crown over the built-up post. I realized that things were amiss when I kept feeling Dr. Hong packing that little black thread down under the gumline to push the flesh back, and I don't normally feel that. Or, if you want me to be perfectly accurate, it was whatever he was doing immediately before that which hurt like hell. I found out after the fact that he had to trim away part of the gumline to get a good fit, which is what I think I kept feeling. By the time I looked in the mirror after getting out of the chair, I got a good look at where he'd been cutting and poking around.
I'll be honest with you, if he'd told me what he was going to do before he started cutting away bits of skin I'd probably have broken down crying because I'm just about at my wit's end when it comes to going to the dentist these days. I'm pretty much resigned to losing about half of my existing teeth by the time my body turns thirty-five regardless of what I do. I'm also concerned about my remaining sickleave because I seem to be burning through quite a bit of it these days, even though I make up the hours before and after. I'll have to go in to work and talk to my boss about it soon. I didn't do much on Friday night, just some reading and laying around watching the Food Network because going under the drill for any reason always knocks me out. At least when the chair's all the way back, it minimizes the pressure on my lower spine.
While I was passed out on Saturday morning, Lyssa and Hasufin journeyed westward to visit our local farmer's market, just a few miles away. The thing about farmer's markets is that you really should get there early if you want to get your best pick of the produce. On the weekends, I generally don't get up before 0800 unless the situation involves long distance travel or firearms, so sad to say I missed out on this particular trip. I was privileged to reap the benefits several hours later, however, in the form of tasty farm butter, fresh strawberries, and a small spinach and cheese quiche (courtesy of Trader Joe's and the freezer). Coupled with some coffee from the French press I rescued from my office a couple of weeks back, it was a pleasant way to start the day, indeed.
More under the cut...
Thursday 15 May 2008 at 8:25 pm
Running between work, home, and the bed to sleep, mostly. It's been an unusually long week (and it's not even Friday yet), and rather than write incoherent posts in the evening I've decided to catch up on sleep where and when I can. Consequently, there hasn't been much to write about in the past few days, but I can authoritatively state that there are no pin-holes in my eyelids. Battling highway traffic in southern Virginia is tiring work, though ultimately rewarding.
I've just pre-registered for
The Last HOPE conference in New York City later this year (18-20 July 2008, to be precise). I've been e-mailing back and forth with some friends who are also going, and I've arranged for crash space and sharing of supplies, so unless something horrible happens, I'll be hopping a train for NYC to attend what very well could be the final HOPE that
2600 Magazine ever has. If nothing else,
Steven Levy, who wrote the book Hackers, will be the keynote speaker this year. I wish I knew whom I loaned my copy to because I'd really like to get it autographed. Maybe I'll bring one of my VMS manuals, too, on the off chance that Kevin Mitnick comes back.
The Supreme Court of the state of California has decided that
the ban against same-sex marriage was unconstitutional and has been stricken down. The court further decided that "the right to form a family relationship" applies to all citizens of California, regardless of their sexual orientation. The Court went over the head of Governor Schwarzenegger, who vetoed laws that would legalize same-sex marriage in the state twice (even though allowing it was one of his campaign points, I hasten to add).
It's about time, folks. Two states down, forty-eight to go. Eventually we'll get there.
However, at the other end of the spectrum of experience is something that I have absolutely no qualms about calling horror: While deporting people from the United States, US Immigration and Customs Enforcement has started
injecting people with large doses of psychotropic drugs, including the antipsychotic compound
haloperidol to keep them quiet. Some of these people have every right to flip out, given that said people could be deported back to countries they fled out of fear of death.. but I digress. These people are shot up with strong tranquilizers (sometimes multiple times during the trip), restrained with handcuffs, and loaded on board planes for transport out of the country after their requests for asylum are refused. Since the year 2003, approximately 250 such cases have been uncovered, and there are probably others still buried under all of the paperwork. 250 cases of forced drugging in direct violation of US as well as international law. Interestingly, DIHS (Department of Immigration Health Services) has been trying to recruit new 'medical escorts' lately - people who are to accompany drugged deportees back to their countries of origin and keep them a) sedated, and b) alive.
Frankly, this scares the hell out of me. So much so, that I don't know what to say about it. I find the idea of drugging someone who isn't mentally ill or a danger to anyone (the medical justification for sedation in one instance was 'chronic nasal problems') abhorrant. It's unthinkable to me to knock someone flat with such powerful drugs just so you can get them out of the country; the only reason I can think of for that is to make them easier to get rid of, in the sense of trash. These are very similar to tactics used behind the Iron Curtain during the Cold War, I hasten to point out: Haloperidol was often used on political dissidents to keep them quiet in Soviet Russia.
Friday 09 May 2008 at 4:56 pm
Remember my rant about
people who don't get their kids vaccinated because they're afraid for the health and safety of their children? Guess what? The health and safety of kids who attend the East bay Waldorf School in El Sobrante, California are at risk
due to an outbreak of whooping cough. Students and a teacher were diagnosed with the disease, which lead to the school being closed until rounds of antibiotics can be administered to everyone who came down with the disease. School officials went on the record as saying that an unusually high number of students weren't vaccinated for pertussis at that school, which is something that California state law permits at this time.
Let me break this down for everyone: When They (yes, the omni-present They whom Everyone is afraid of - see, I can make sweeping generalizations, too!) say that a disease has been eradicated, it doesn't mean that every last bacterium or virus which causes a disease has been eliminated from the face of the planet. Short of sterilizing the entire planet with nuclear weapons, that simply isn't possible. It means that so many people are either immune to a disease or have been vaccinated against it that the virus or bacterium can no longer affect the populace in any meaningful way. When you don't vaccinate children against diseases, you expose them to the risk of contracting the disease. If they're lucky, their lives will suck for a while because they'll have to be treated and time will be necessary to get better. If they aren't so fortunate, they might die. One of the reasons that vaccines were invented was because some of these diseases were known to be lethal.
What's going to break out next? Polio?
On second thought, don't answer that.
Wednesday 07 May 2008 at 10:55 pm
On 1 February 2003, the Space Shuttle Columbia
was destroyed while re-entering the Earth's atmosphere following a touch-and-go mission due to the damage incurred by the orbiter during lift off some days earlier. The crew was killed and the shuttle lost, presumably with all of the data collected while in orbit going with it. Save for the data from experiment CXV-2, which gathered information pertaining to the point of critical viscosity of xenon gas.. while poring over the wreckage of the Columbia, the recovery team operating out of the Johnson Space Center found most of the fragments of a 400 megabyte Seagate hard drive that was used to store experimental data during the mission. The drive was handed over to
Kroll Ontrack of Minneapolis, Minnesota in the faint hope that they could find anything useful in the remains.
Even though the drive fell to Earth in a space vehicle that was not only on fire, but several miles above the ground,
they managed to recover approximately 90% of the data from the hard drive.
Now that's amazing.
Monday 05 May 2008 at 10:53 pm
Unfortunately, I spent much of last Friday asleep, recovering after a routine filling went south and turned into an emergency root canal. I don't know what does it about the procedure, but it wipes me out completely - it might be the body reacting to having a part of it removed with what amounts to tiny drill bits, or it might be the knowledge of it. For all I know, it could be the aftereffects of multiple injections of local anesthetic
that happens to contain epinephrine, which would logically bring about a fight-or-flight reaction as the syringe-loads naturally leaked into the bloodstream. I was up and around by later in the evening, however, and spent some quality time with Windbringer after the considerable amount of work done earlier in the week, which is why I hadn't been posting in the evenings.
Something that I had very little experience with up until now has been
full disk encryption, which is the practice and attendant methods of encrypting the hard drive of a computer below the level of the file system (i.e., all data written to or read from the disk, including file system metadata used by the OS is encrypted). Because I work from my laptop more often than any other system these days, it seemed only logical that I should experiment on Windbringer to get a feel for how it works and what kind of effort goes into it. To that end, I spent a couple of days doing research, making notes, and working out well in advance what had to be done, and taking multiple backups of both data and systemware using
rdiff-backup (which I highly recommend to anyone running Linux or a UNIX of some kind).
As a wise man once said, there are two kinds of people: Those that make backups, and those who have never had a hard drive fail.
Anyway, the longest part of the process was filling the empty space on the drive with garbage, per
the instructions in the Gentoo wiki, so as to disguise where the disk partitions (and thus the data) end and where the slack space on the disk begins. Restoring from backup didn't take long at all, though USB v2.0 isn't nearly as fast as marketing makes it out to be. By far, the trickiest part was getting the
initramfs made, which holds a very stripped down set of systemware to get the system booted to where the keys can be entered. What I wound up doing was creating the contents of said initramfs in the directory
/usr/src/initramfs and configuring the kernel to build it automagically (did you know that probably-most-but-not-all v2.6 Linux kernels have a very tiny initramfs built into them? I didn't.) whenever the kernel is recompiled. Moreover, by copying the .config file and executing a
make oldconfig whenever I upgrade Windbringer, the configuration changes are seamlessly pulled in to the new version. In short, by using what was already present, it wasn't terribly difficult at all. After compiling a couple of drivers in statically (meaning fewer things to debug, ultimately), everything was right as rain. I will say that there is a slight performance hit when software first starts up (maybe a quarter second or so, I haven't formally benchmarked it), but I'm willing to accept that because I don't run any servers from Windbringer; most of what I do is actually writing in some form or another. I dare say that it was far easier than I'd expected - the instructions pretty much worked right off the website, without any tweaking.
Because I'd slept most of the day, I wasn't able to get to sleep until quite late in the evening, which gave plenty of time for hacking around.
On Saturday afternoon after I pulled myself out of bed and ran a couple of errands (note to self: most banks in NOVA are closed by 1200 EST5EDT on Saturday) before heading out to the mall to spend the day hanging out with Trav from
These City Streets. He's been spending time getting aquainted with
Fedora Core on his HP laptop, and he's got most everything worked out and operational. One annoying thing about Fedora Core is that it doesn't seem to bother configuring wireless network interfaces to work with
NetworkManager right out of the box. Sure, NetworkManager makes it very easy to configure networking and wireless in general, but FC has a ticky-box in the properties of each network interface it finds that says "Let NetworkManager configure this interface", or words to that effect, and at least some of the time that ticky-box isn't set. It's mildly annoying, and it might be a bug inn FC7. Then again, it might not; I'm not a habitual Fedora user so I can't say with any certainty. I can say that it's an easy fix - the 'properties' box is always your friend. We wound up drinking coffee and hacking around, and then running up to the food court at Tyson's Corner because Barnes and Noble doesn't have free wireless, but they do up by the movie theatre. They also happen to have a darth of power outlets at the food court, though...
More under the cut...
Friday 02 May 2008 at 2:12 pm
I worked the first half of today from home because I had an appointment to have
a permanant crown installed in the top-left side of my mouth. At the same time, Dr. Hong was to start drilling out tooth #30, the first molar from the front on the bottom-right side of my mouth to take care of a fairly nasty cavity that's also been giving me trouble lately.
Four hits of novocaine later and I was still feeling the drill and trying to run away from it. No matter what he did, he wasn't able to knock out the nerve to do the job. Family Dentistry managed to get me another emergency appointment with Dr. Suh down on route-7, so after stopping off at home to change clothes (I didn't realize that it was supposed to hit the high-70's/low 80's Fahrenheit today) I was off to have more inflamed nerve tissue extracted from my jaw with a series of small metal drill bits and a rapidly spinning drill. Thankfully this trip was just as easy as the last one, save for the fact that I took another three hits of lidocaine to the jaw and one right down inside the tooth (thanks for finding that extra nerve, by the way), this time accompanied by an ominously wet crunching noise coming from somewhere below the gum line. The deed was as rapid as it usually is under Dr. Suh's care, and much easier to handle thanks to the placement of this particular tooth.
At this moment most of my face is numb, the hinge of my jaw hurts like somebody kicked me (I hurt all the way up into my temples), and my front teeth feel weird, as if one of them got knocked loose somehow (it didn't; I checked several times).
I don't have much else to say on this matter, save for the fact that I'm going to bed to sleep this off.
Friday 02 May 2008 at 09:13 am
In the past decade or so, a worrisome movement has cropped up that seems hell-bent on using bad science to try to protect their children: People who refuse to have their children vaccinated for various childhood diseases out of fear that their children will wind up brain damaged, or worse. It seems that they've triumphed:
seven US states have reported an outbreak of measles to the Centers for Disease Control. Figures released by the CDC state that 64 cases of full-blown measles have been reported to doctors, with more expected to appear as the year continues. Slightly over one fifth of the patients have been hospitalized for complications of same, usually pneumonia on top of the measles, though to be fair thirteen of the children were too young to be safely vaccinated (under one year) and one person actually had received the standard two doses of vaccine.
The movement got its start when someone discovered that a preservative used in vaccines,
thimerosol, contains as part of its molecular structure the element mercury, which is known to have neurotoxic effects in humans. Their reasoning goes that since mercury is toxic to humans it's toxic to children, and someone along the way conflated exposure to mercury containing compounds with autism, which seems to be a condition that sparks faux compassion in far too many people.. but I digress. However, thimerosol hasn't been used in pediatric vaccines for years. Moreover, most vaccines don't even use thimerosol as a preservative, and haven't since the early 1980's. The movement also makes the fragmentary claim that thimerosol is comprised of almost half mercury.. by weight.
Let's look at
the molecular structure of thimerosol and do a little arithmetic. The chemical formula for Ethyl(2-mercaptobenzoato-(2-)-O,S) mercurate(1-) sodium is C
9H
9HgNaO
2S. The atomic weight of Carbon is 12.01; of hydrogen 1.00; of mercury 200.59; of sodium 22.99; of oxygen 16.00; of sulfur 32.07. (12.01 * 9) + (1.00 * 9) + 200.59 + 22.99 + (16.00 * 2) + 32.07 results in a sum molecular mass of 404.74. Hefty, but what they aren't telling you is that a) mercury is a massive metal, and b) there is only one atom of mercury in an molecule of thimerosol. What we have here is someone tailoring the facts so that they sound much more scary, and thus credible in today's "if you're not for us, you're against us" social climate. On top of this, babies and children
seem to excrete thimerosol metabolites much more rapidly than people think they do. Some vaccines, like the measles-mumps-rubella complex
never contained mercury compounds, not that they'll tell you that. The mercury/vaccination/autism studies of the past few years
also fail to find a causal link between vaccination of children and autism. What they do suggest, however, is that the first appearance of autism does tend to happen around the time that kids are vaccinated anyway. Please let me direct you to the following medical studies that aren't part of rense.com:
