February 24th, 2009


The Fermentarium on full strength beer in Colorado grocery stores.

The main argument against HB 1192 is by allowing grocery stores to sell full strength beer, they will put liquor stores out of business. The thought is if liquor stores lose their beer business, they will no longer be able to keep their employees and will possibly fail. Liquor stores claim beer sales account for as much as 70% of their business. If they can’t sell beer, the store will be forced to close.

This hasn’t happened in the other states which allow grocers and convenience stores to sell full strength alcohol. California and Oregon allow grocers to sell full strength alcohol and liquor stores still exist. According to getRealBeer.com, a survey in Southern California showed "of 292 Vons supermarkets indicates that fully 70 percent of them have at least 2 retail liquor stores within one-half mile – many of them in the same shopping center".

When you point out other states have liquor stores and do just fine, the common argument against this point is "we are not California". Well this is true. We are also not Oregon, Arkansas, Idaho, Iowa, Maine, or any of the other 38 states which allow grocery stores to sell full strength beer. Somehow small brewers and liquor stores survive just fine in these states when grocery stores sell beer. In fact, of the 5 major cities with the most liquor stores per capita, four allow the sale of full strength beer in grocery and convenience stores. Denver is the lone exception.


I find this particularly interesting, because this guy is a small craft brewer in Denver, and he thinks the "full strength beer in grocery stores == craft brewers are screwed!" argument is BS.

Also worth a read is his article on how our current three-tiered alcohol distribution system came to be, and its strong and weak points.

As your lawyer, I advise you to take two minutes and scan your machine for Conficker.

Conficker B++ is somewhat similar to Conficker B, with 294 of 297 sub-routines the same and 39 additional subroutines. The latest variant, first spotted on 16 February, is even more sneaky than its previous incarnations, SRI explains.

Conficker B++ is no longer limited to reinfection by similarly structured Conficker DLLs, but can now push new self-contained Win32 applications. These executables can infiltrate the host using methods that are not detected by the latest anti-Conficker security applications.

The malware also creates an additional backdoor on compromise machines to create an altogether trickier infectious agent, SRI explains:

In Conficker A and B, there appeared only one method to submit Win32 binaries to the digital signature validation path, and ultimately to the CreateProcess API call. This path required the use of the Internet rendezvous point to download the binary through an HTTP transaction.

Under Conficker B++, two new paths to binary validation and execution have been introduced to Conficker drones, both of which bypass the use of Internet Rendezvous points: an extension to the netapi32.dll patch and the new named pipe backdoor. These changes suggest a desire by the Conficker's authors to move away from a reliance on Internet rendezvous points to support binary update, and toward a more direct flash approach.


F-Secure is giving away free quick-scan command line tools to find and kill a Conflicker infection. BTW, Conficker has been known to disable surfing to websites with "f-secure" (among others) in the URL, so if you can't get to that page...