Daniel Miessler's Blog, page 117

It’s getting harder to tell the difference between marketing and security news.

I was alerted to this problem (at a conscious level) when a friend of mine pinged me about the recent study on a potential catastrophic failure of infrastructure in the U.S. It was right before Blackhat USA, and it was produced by a company with something to gain from the story.

Since then I’ve been Baader-Meinhof noticing this happening everywhere in my security news feeds. It’s happening so much that I immediately perform the following algorithm on any new “research” at this point.

What’s the claim being made?
Who’s the company that did the “research”?
What does that company make or sell?
Would that product or service help solve this problem?
If so, subtract 40-95% of the weight I would have assigned the findings if it had been from an impartial source.

The image above is a great example of this. There’s a security magazine saying that there’s a security problem.

Cool, sounds impartial enough. Oh, wait, it’s about:

An email filtering problem
The researcher is an email filtering company

Add to that the fact that these types of security sites / magazines are massively pay to play. So not only are they publishing “research” that’s been created and/or massaged by marketing departments, but they’re often getting paid by that vendor directly to make a product pitch.

Great.

I mean, we already knew this was happening to some degree. And it happens in any industry. But it seems particularly bad in infosec right now.

To all the marketing departments out there, find a way to avoid being so transparently opportunistic. I know it’s your job to sell your company’s services, but maybe poke some fun at the conflict of interest or something. Anything would be a great alternative to the ‘perfect key for this perfect lock’ schtick that’s passing for research these days.

And to the management of the companies that have smart people, consider letting your researchers go free range and organic. Stop turning every nugget of an idea into a perfectly cultivated marketing story from the first moment of conception.

We can tell the difference.

All you’re doing is tuning people out to pure research, and that’s a disservice to everyone.

Please stop.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

The VIA Model of Security Filtering Technologies
Why Google Sucks at Ecosystems
You Should Write Email Like the BBC Writes News Stories
Summary: The 21 Immutable Laws of Marketing
Infosec News Aggregation Sources

Following Sam Harris’s lead, I’ve decided to get a bit more serious about enabling others to help support my work. I’m spending enough time on content creation, and enough people seem to enjoy the output, that I think it’s worth trying to recoup costs (first) and maybe even make a dollar (later) through the generosity of readers/listeners.

So I’ve created the /support page as the main landing page for doing that, and I’ve set up three main options for helping out—a monthly subscription, a one-time donation, and purchase of my book on the Internet of Things.

For certain levels of support I’m now offering mentorship services that go along with them. I grew up in the Bay Area listening to PBS drives so this feels weird (but also right).

At the $50 level I’m offering email assistance with the supporter’s career. I’ll review your resume, make comments on it, recommend one or more career paths based on what you say you want to do, and tell you what you should do to achieve that goal through an ongoing email dialogue.
At the $100 level I do everything in the $50 level, but we also have a monthly call to discuss your progress and do additional planning. I also open you up to my larger network, and if you have the fire I’ll also use social media and my various connections to try to get you either your first job in infosec, or a much better one than you already have.

I was using Patreon for this type of thing, but I strongly believe that it’s best for content creators to own as much of their platform as they can. With this change I’m moving over to Stripe for my payment processor. Stripe is one of the most respected companies in the fintech world, and I personally know that they do a fantastic job with security.

So that’s the story.

It feels a little…um…commercial to be doing this, which is annoying to me. But at the same time I’d also like to not feel stupid as hell for spending 5 hours working on my newsletter, paying tons of money on infrastructure, writing content, or doing whatever, when I could simply ask people to help and see if they find it worth it to do so.

In an ideal world this is all I would do. I’d learn things, curate the best stuff, and travel around the world speaking about those things with people.

I might do that full-time when I grow up. But for now I’ll do a miniature version of it, as a security consultant who spends most of his spare time doing that curation and broadcast.

I’m going to try to keep the annoyance to a minimum, but if the requests ever cross into “icky face territory”, please let me know.

As always, thanks for reading. And if you are interested in subscribing you can do so at the new place for that.

[ danielmiessler.com/support ]

Notes


I am also working on doing sponsorships for vendors that I really love, which I display or mention as a simple text snippet in the sidebar of the site. No JavaScript, no tracking, just text. I’m currently looking for a set of vendors that I like enough to do this with. If you have any ideas let me know.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Support
How to Interact with Someone More Accomplished or Well-known Than You
Idea Expansion Format (IEF)
Study: SMTP
The Steam, Water, and Ice of Modern Communication

We’re sorry, but your transaction failed to process. Please try again or contact site support.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Privacy
XHTML/CSS Coding Job Available
Pimping Linode
Some Thoughts on Google’s Bookmarking and Linkrolling Strategy
Why Google Sucks at Ecosystems

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Payment Failed
The Evolution of Payment Systems
Uber’s Payment Model is the Future
Contemplating Confirmation Bias
Prediction: Apple Will Announce a Mobile Payment System

I’ll start by saying that I am not an expert in Buddhism, or even well-informed on it. So maybe I’m simply not smart enough to understand it, or am missing something major.

Those caveats aside, I see a major contradiction with the philosophy.

It seems to me that its primary advice to people is to focus inward, that attachments to things are the cause of suffering, and that the best path to happiness is to sever ties to things you cherish and become one with the universe.

Well, no.

If the universe were empty, and I were the only one in it, sure—that sounds grand. But in a world full of suffering, it sounds awfully dickish to sit with folded legs and seek mental harmony while the world cries out around you.

Congratulations on your ability to tune out the sounds of weeping from the less evolved.

The way I see it, if Buddhism offers some extreme bliss to those who are able to sit quietly and meditate, then that should be considered a dessert. A reward. A victory celebration for a job well done.

What job you say?

Saving the world. That’s what.

If the world is still burning around you, and you are sitting in some cave, or some nice apartment in San Francisco or New York or London, and you’re contemplating the oneness of the universe—then maybe you’re just an asshole.

You can’t be one with the universe if you’re not participating in it. The universe is people. The universe is their happiness and their suffering. And if you’re choosing to disengage from that then you’re rejecting the very unity that you claim to be seeking.

So, use it to recharge. Use it to settle your thoughts. Use it to become a better person. But don’t disengage. Don’t separate. And don’t claim that such distancing from people is the path to happiness.

Because even if it were, it wouldn’t be right while people need you.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Buddhism
Don’t Be Agnostic About Ridiculous Propositions
How Religion Creates Happiness
Embracing the Illusion of Free Will
More People, More Guns

I recently spent two weeks in London followed by a week in Las Vegas.

As I was leaving London I could tell I was getting something like a sinus infection, which I used to get fairly often. I’ve solved that problem, but that’s story for another time.

Anyway, being someone who just goes to clinics every year or so for an antibiotic prescription, and who never sees a doctor, never uses his insurance, etc., I decided I’d just go to a clinic and get a prescription. I’ve solved that problem too, but that’s a story for another time as well.

Well, I was in for an education.

I’m not sure if this is just Las Vegas, but one does not simply get a prescription while out of state.

I had to call around to find a clinic that was open, and there were not many. One said it would be a two to three hour wait to be seen. So I went to the highest rated place in the city—the UNLV emergency room.

The place reminded me of a modern-day dystopia. Nobody greeted me. The person doing reception looked like was hardened against any possible attack of empathy that the world could throw at her. There was a shielded guard shack right next to her, as if they might have to rush out at any moment to throw tear gas canisters in order to rescue her from the infected masses.

The room was full of people that were clearly poor and/or who could not speak English, some of which looked seriously close to needing an ICU. One woman could barely stand, and lacked the strength to even cough properly. Her husband was holding her up with heartbreaking concern in his eyes.

They were already unprocessed, but nobody came out to them. Nobody seemed the slightest bit concerned.

I felt like a genuine asshole just for being in the same room with the people there. They had REAL problems, this was likely their ONLY medical care option, and here I was worried about a goddamn sinus infection.

But at the same time I was becoming angry at the system, because here I was a fully insured person who’s paid tens of thousands of dollars to medical insurance companies and never really used the service. And now I need the service, in the middle of a giant American city, and I can’t get a single person to glance in my direction.

So I wait for over an hour, which I happily did given the people who actually needed help. Well, not happily, but I wasn’t mad at the people going before me.

When I finally get back there some PA tells me I should take Amoxicillin. I tell him that every doctor I’ve gone to for 15 years has said not to take that because it’s basically nerfed against current bugs. He says he’s never heard that, and to try it out.

Cool.

So I tell my girl afterwards, who’s a nurse, that I had to get a prescription at an ER for my possible sinus infection, and she’s like,

Well, that’s going to cost you big time. You shouldn’t have gone.

What? Shouldn’t have gone? I pay for insurance? I live in the United States. What am I supposed to do if not ask for help when I need it?

Well I just got the bill. It was $1,000 fucking dollars.

Insurance paid a lot of it, so I’m only paying $337 now. Yay.

So the takeaway here is that I’ve paid unholy amounts of money to insurance companies and if I go out of my region, or state, or whatever (even though the insurance companies are national) then I’m basically screwed.

There’s no number to call and say,

Hi, I’m a member and I have a sinus infection and I need a prescription.

I can’t do that. Doesn’t exist. It’s not a capability that the United States of America has in 2017. It’s too hard of a problem, evidently. The insurance companies are making millions though, so that’s good.

And fuck MY problems. My problem is easy. Don’t get sick. Get sick in my own state nearby a clinic that already has my insurance card. Go during the day. Etc.

What about the people who don’t have good enough jobs to have good insurance? That’s a misnomer, by the way, since I’ve just learned that there is no good insurance.

What are they supposed to do? Go to a clinic, sit among the unbelievably ill and be processed like cattle until someone unemotionally throws a half-hearted treatment at them? I guess that’s the only move they have.

It’s honestly embarrassing to me. As an American. Basic human services. Someone basically dying in an ER and they have no recourse. And when they get upset there are guards there behind bulletproof glass to keep the peace.

We’re living in a dystopia already. The conservative belief that the poor deserve to suffer, combined with the liberal inability to intelligently and efficiently manage money has created a third-world healthcare system in the richest country in the world.

I’m at the point where I’m basically bypassing the system through the use of some extremely high-end services. Tech-based solutions that allow me to consult with a professional, get a prescription, and have it delivered to me without even visiting anyone in person.

And one step beyond that will be having a doctor come to me and write me a script whenever I need one. That’s starting now and coming soon.

But these are services for the rich. What about everyone else?

So you and I are about to have an Amazon drone drop customized medicines that fill us with magical nanobot stem cells—because we can afford it—while the other 95% of the country is going to sit, shivering from fever, on the other side of bulletproof glass that protects the private security forces, who are paid virtually nothing and probably have crap coverage themselves.

I’m ashamed of this country’s healthcare system. Ashamed.

Notes


To add icing to this shit cake, I go to the site to pay this $337 bill and it says, “Oops, you don’t have Flash Player 6 installed.” Ooops indeed. Ooops on the direction of our country. This is after it took the main page around 30 seconds to load. So I’m going to use the postal service to send mail, if that’s still around. Or maybe I’ll fax it. Or perhaps send a courier on horseback.
Fun fact: I never filled the prescription.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

The Rich and Selfish Have Enlisted the Poor to Fight For Them
Insurance Companies Make U.S. Healthcare Expensive
The Birthday Attack
Is Insurance the Next Industry to get Ubered?
Information Security as Insurance

I think I bring this up every year or so, but the point is becoming more acute for me.

Reading is life.

I’m starting to believe that the most brilliant people in the world were, before and above all else, obsessed readers. Christopher Hitchens basically read and wrote constantly, and I’m now understanding why.

When I am reading at a solid pace I am consumed by ideas—and they’re often ideas completely unrelated to the input. The content triggers pattern recognition in other domains, and I’m suddenly lit up with enthusiasm for the world in general.

And this is constant when I’m reading.

I tend to read good books, and they are full of concise little insights and big ideas that help me better understand the world. And when I stop reading—well—when I stop reading life becomes significantly dimmer. I drift from high to high, be that food or film, laugh or luxury, but the thrill of ideas seems like a distant life lived by another.

And then I read again, and within moments of consuming a good chapter on an interesting topic, I immediately feel rejuvenated.

To be clear, I’m not saying I’m cool because I read, and that if you want to be in this cool club you should read too. No. What I’m saying is that the only reason I ever have good ideas is because GREAT ideas enter my brain at high velocity and cause a ruckus.

Take that away and I’m probably a drooling turnip.

Stop what you’re doing and read.

I’ve made a million recommendations here. I have my reading project. There are book lists out there of what you should be reading. Start with the classics. Start with the NYT bestseller list.

Just read.

It will make you smarter, and it will make you happier.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Powering Innovation With Inputs
Creative Output Requires Quality Inputs
Reading and Conversation as Idea Evolution
Summary: The Stranger
Summary: Metamorphosis of Prime Intellect

This is episode No. 90 of Unsupervised Learning—a weekly show where I curate 3-5 hours of reading in infosec, technology, and humans into a 30 minute summary. The goal is to catch you up on current events, tell you about the best content from the week, and hopefully give you something to think about as well…

This week’s topics: Swedish gov leak, OPM hacking arrest, cybersecurity spending $1T, Oreo, Whole Amazon Foods, intelligence genes, false dichotomy of conflicting ideas, OPSEC obscurity, discovery, aphorism, and more…

Listen and subscribe via…

Read below for this episode’s show notes & newsletter, and get previous editions…

Infosec news 





The largest governmental data leak ever has just been uncovered in Sweden. The data was transferred to The Cloud (TM) some time ago, managed by IBM, and included police records, names/addresses/photos of Air Force pilots, elite special forces units, witness relocation people, and basically anyone else who was supposed to be secret. Plus tons of data on military vehicles and tons of other critical infrastructure. It’s essentially the most sensitive information in the entire country, all in the cloud, all exposed through what seems to be incompetence. This will likely add momentum to the trend of people pulling their data back to their own datacenters. Link



The FBI has arrested Yu Pingan on charges related to the hacking of OPM. Link



China’s government is now requiring that you use your real identity to make comments online, effectively eliminating anonymity on the Chinese internet. Link



Barclays’ mobile banking app now lets you pay with Siri. Expect voice interfaces to become more of an attack surface in coming years. Link



The U.S. has a massive surveillance spy hub in the middle of Australia. Link



1/4 of the president’s cybersecurity panel has resigned in moral protest. Link



Gartner says information security spending will hit $93 billion in 2018, and exceed $1 trillion over the next five years. Link



Crashplan is getting out of consumer backup services. They’re focusing now on enterprise and education customers. Link



It’s a bad idea to allow access to your boarding passes. Link





Technology news 





Google has announced the next release of Android, called Oreo. Link



The problem for mobile app developers, and the app industry as a whole, is that 66% of consumers download 0 apps per month. Zero. So if you want to be a successful app developer at this point you either need to be so awesome that you’re creating a new space, or so awesome that you’re knocking out the app that everyone already has in an existing space. Both are hard. Link



Medium is experimenting with paying writers based on how much people like their work. Link



iOS 11 is going to strip AMP content from links automatically. Link



Amazon is significantly lowering the prices at Whole Foods, starting Monday. Link



Shonin is launching a personal bodycam on Kickstarter. I think we’re getting close to the reality I described in my Lifecasting post from 2008. Link



YCombinator is making a significant pivot into the B2B space with its current round of investments. Link





Human news 





We now have a significant photo of the red giant star Antares. I always loved looking at this star. If placed in our solar system it’s outer edge would end between Mars and Jupiter. Link



Scientists have identified 22 genes associated with intelligence. Link



Maine’s statewide laptop program appears to have been a complete failure in terms of raising test scores. Link



1 in 3 Americans have nothing saved for retirement, and 56% have less than $10K. Link



Gut microbes may talk to the brain through Cortisol. Link



It seems listening to certain sounds through the night while sleeping can help your memory. Link



This is our broken economy in one simple chart. Link



A study has shown that teenagers with fewer good friends rather than lots of looser friends are more likely to be happy later in life. Link



Get ready for Season 4 of Black Mirror. Link





Ideas 





The False Dichotomy of Conflicting Ideas Link



If obscurity weren’t a valid security layer, nobody would be doing OPSEC. Link



There is some confusion about the difference between artificial intelligence and machine learning. Here’s a quick summary: artificial intelligence is an attempt to create a human-like agent that can detect its environment and try to achieve its goals. Machine learning is a sub-domain of AI that deals with teaching computers to learn from data rather than needing to be re-programmed. Link



Continuing on the AI topic, Weak AI is AI that can only do one particular thing, and Strong AI (or General AI) is the kind we don’t have yet, where it can do everything a human can, but as good or better.



We should send our key politicians to space so they can experience “The Overview Effect”. Link



It seems that if a show is popular enough, like Game of Thrones, then piracy of content isn’t a major threat. A number of leaks have hit GoT this season, but they seem to have had very little effect on viewership. Link



An interesting female perspective on the STEM gender gap being overblown. Link



It’s evidently possible to improve how much you like a song by adding FOMO (fear of missing out) to the track. People have been adding muffling to songs so that they sound like they’re coming from next door, and it’s making them like them even more. I find this fascinating because it’s clearly a ‘grass is greener’ issue. The effect should be strongest for party songs, where it most clearly communicates that someone is having fun but it ain’t you. Link



An argument that most people are using git quite incorrectly, and how it should be used instead. Link





Discovery 





Corporations are trying hard to do for your job what they’ve already done for tomato sorting. Link



D&D now has an official digital platform for managing tabletop games. Link



A Redditor put 1.8 petabytes of porn on Amazon just to see if “unlimited” really was unlimited. It wasn’t, and his account was shut down. Perhaps relatedly, so was Amazon’s unlimited data storage service. Link



How to practice a programming language. Link



This company will take an idea and build a prototype of it for $20K. Link



A humorous list of 10 things that will make you appear smart in a meeting. Link



A massive list of free computer science courses. Link



Reverse engineering the art of storytelling. Link



NetworkMiner 2.2 — NetworkMiner has been updated with new features and now runs on .NET 4.0. This has always been one of my favorite Windows utilities.



Vulscan — a vulnerability scanning module for Nmap that uses the NSE engine. It uses the -sV information and matches it to a number of vulnerability databases. Link



Using Shodan and some Golang to do mass scans of bug bounty targets to find vulnerabilities. Link





Notes 





I am currently reading The Fourth Turning, a book about constantly repeating cycles in the United States that affect the population, politics, and innovation. The most interesting piece is that the book was written back in 1998, and it made predictions that have (evidently) largely come true. I think this book is likely to change how I see the flow of events in the world. I can’t wait to do the summary for this one. Link



I’m also starting a book by Gavin de Becker called The Gift of Fear. It was recommended by Sam Harris on one of his podcast episodes, and I’m looking forward to it. It’s about how to survive in various real-world situations. Link





Recommendations

 



David Brooks talks about there being two different types of attributes: resume attributes, and eulogy attributes. Resume attributes are what give you a good career. Eulogy attributes are what make people say nice things about you after you’re gone. Don’t let your focus on resume attributes distract from working on your eulogy attributes.





Aphorism





“There is no excellent beauty that hath not some strangeness in the proportion.” ~ Francis Bacon

 

You can also sign up below to receive this newsletter—which is the podcast’s show notes—every week as an email, and click here to get previous editions.

Newsletter

Every Sunday I put out a curated list of the most interesting stories in infosec, technology, and humans.

I do the research, you get the benefits. Over 10K subscribers.

Thanks for listening. I’ll see you next week.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Companies Are Abandoning College as a Filter
Unsupervised Learning: No. 68
Unsupervised Learning: No. 56
Existing Bookstores Should Become Front-ends for Amazon
Summary: Homo Deus

The struggle for ideological simplicity forces a polarization in our public dialog that doesn’t match reality. This is happening constantly, all around us, on multiple topics.

Essentially, when someone has an opinion and they are presented with an alternative view, the conclusion they draw is that either they’re right, or I’m right, and since I’m right they must be wrong. The most advanced among us sometimes remain open to the other person being correct, and that perhaps we should change our opinion, but lately this approach has been rare.

The move that most seem unable to make is to realize that life is often a hybrid. This is not to say that it’s somewhere in the middle, but rather that many different things are true at the same time.

Here are some examples where people seem compelled to see the world as one or the other:

If women don’t represent 50% of all jobs it means there is systemic gender bias against them because their own preferences are obviously not a factor. Or, all of disparity in representation in the field must be because of their preferences, and none of it due to discrimination, because many women clearly don’t want to work in tech.
Islam can’t be source of beauty and peace because I’ve seen it be a source of hatred and death. Or, Islam can’t be a source of hatred of death, because I’ve seen it inspire love and peace.
The regressive left is harming the country, so any points that they make must be incorrect. Or, the left is always correct in whatever it fights for, so anyone against anything labeled as left must be trying to harm the world.

What seems clear to me is that the left is generally trying to do the right thing, and that many of its efforts are righteous. It’s also true that the regressive left become toxic to itself on many points, and that conservatives have something to add to the morality and happiness conversation that is not being heard by the left. These are all true at the same time.

It also seems evident that Islam is simultaneously a source of medieval hatred as well as profound beauty and harmony.

And there is obviously discrimination in the tech world against women—both in letting them in as well as making them feel welcome while they’re there. But it seems equally obvious that work that doesn’t involve interaction with others doesn’t appeal to a large percentage of women.

Not only do you not have to choose a side, but you shouldn’t choose one.

Life isn’t a set of ones and zeroes. It’s nuanced and dirty, and if we are thoughtful people our opinions should mirror that complexity.

Ultimately the problem is intellectual laziness.

Fox News is popular largely because it’s so clean. Nothing is more pleasing in the world than knowing exactly what you believe, and that’s precisely what it offers.

Thoughtful people should remain vigilant against positions that produce no discord when they intersect with the world. Such beliefs should be seen as the most dangerous of all, precisely because they are unassailable.

This is what makes an alt-right rally—or a Berkeley mob obstructing unpopular ideas—so dangerous. It’s the fact that they’ve already decided on the matter and have stopped listening.

They’ve made their choice between one or zero, and there’s no need for them to hear about arguments for the opposite. And even less so an argument that the world is not binary in the way they believe.

This oversimplification of thought and position is something to protect yourself against. Don’t let it take you.

The next time you hear many sides of a complex topic, don’t ask which side to take and which side to vilify. Instead try to imagine reality as a hybrid of most or all these truths, and work instead to figure out the percentages.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

Islam and the Swastika
Embracing Female Oppression as a Sign of Feminism
Start With Top Life Regrets and Work Backwards
The Attraction Argument for Why There Are Fewer Women in “Male” Jobs
Separate the Life Model from the Person

This is probably nothing, but if I were Putin, and I was in charge of a massive disinformation capability, I would study and instigate racial tension in the U.S.

Like I said, probably nothing.

No, but hear me out. Or not.

They already have operatives here.
Tensions are already extremely high for actual racial tension reasons.
When you have issues like this what you need are nudges, sparks, and prods.
How hard is it to provoke via hate language online, vandalism, or even violence, in a way that inspires someone to take the next level action?

I don’t think that hard.

And no, I’m not blaming Russia for this. This isn’t another attribution discussion.

I’m just saying, as someone who thinks about how to break things all day, and someone who’s done some intelligence work in the military, this seems a bit too ripe to not get plucked at some point.

Stay vigilant, my friends.

__

I do a weekly show called Unsupervised Learning, where I curate the most interesting stories in infosec, technology, and humans, and talk about why they matter. You can subscribe here.

How the U.S. Military Manufactures Consent Using Movies
The World Needs a Federation
If You Believe Nothing You Can Be Convinced of Anything
A vim Tutorial and Primer
I Just Saw a 90 Minute Navy Commercial Starring Tom Hanks