Topics

1

DC Gamer Club / Any Magicka Fans Around?

« on: October 20, 2011, 09:50 PM »

Hi all,

Not sure if there are many gamers on DC that would be into Magicka, but I thought I should ask anyway.

For those not familiar, it's a satirical action-adventure game set in a rich fantasy world based on Norse mythology. The player assumes the role of a wizard from a sacred order tasked with stopping an evil sorcerer who has thrown the world into turmoil, his foul creations besieging the forces of good (from Steam). Trailer here. It's written in XNA (.NET) so Windows only except for those brave enough to try running on Wine.

If anyone's interested in duel or co-op, hit me up on the IRC channel (I'm available on the weekends, .AU time)

Ehtyar.

2

General Software Discussion / Recommendations For PHP 5.3 Shared Web Host Please?

« on: October 06, 2011, 06:05 PM »

Hi all.

[Skip if you're not interested in backstory]So I've been a DreamHost customer for a while (I know, I know) and a new project of mine will be using Postgres, which DH doesn't support. I looked around for a while, and the next best thing seemed to be BlueHost (I know, I know, jeez). I signed up yesterday, uploaded my script and started playing around. Out of the blue I got a "function does not exist" error. Turns out that BlueHost hasn't deployed the two-year-old PHP 5.3 (which is kind of understandable), but worse, don't even have the option to use it. In my naivete I didn't check before signing up, and now I'm stuck with a web host that can't run my code (there are workarounds for the functionality I've used, but that just seems silly to me; I'd prefer to be paying a company that meets my needs rather than the other way around).

I'm now in search of recommendations for shared web hosts that aren't living two years in the past and have deployed PHP 5.3 at least as an option. I'll also need Postgres, but that's somewhat out of the scope of this topic so I'll pursue that avenue myself.

I'm aware that a quick solution to my problem would be to host the site on my Linode, but trying to manage the security, stability and up-to-dateness of Linux, Apache/Nginx, Postgres and PHP is an ordeal I could do without.

If anyone has any suggestions I'd be most grateful.

Thanks all,

Ehtyar.

3

Living Room / Tech News Weekly: Edition 5-10

« on: February 07, 2010, 04:40 AM »

The Weekly Tech News

Hi all. Please Read: I'm sorry to say folks that I won't be able to do the weekly news over the coming weeks. Trawling through the news on a daily basis typically happens at work (I have very little free time on weekdays), and my company is currently in the process of being relocated, generating a ton more work than usual. I expect that in the next 2 months or so my free time will pick up again and I'll be able to get back to the regular weekly tech news for you all. In the meantime, I'll be sure to post anything I come across that I think is relevant to the forum and will generate discussion. See you round the forum guys As usual, you can find last week's news here.

1. Facebook’s Project Titan: A Full Featured Webmail Product

Spoiler

http://www.techcrunch.com/2010/02/05/facebooks-project-titan-a-full-featured-webmail-product/
Oh goodie, FB (and Zynga as well no doubt) can watch us in an altogether new way. Joy.

Facebook is completely rewriting their messaging product and is preparing to launch a fully featured webmail product in its place, according to a source with knowledge of the product. Internally it’s known as Project Titan. Or, unofficially and perhaps over-enthusiastically, the Gmail killer.

Facebook messaging has been the bane of users’ existence for years. My first public gripe was in 2008, when I said that urgent changes were needed. The biggest problem is simply deleting old emails. It takes so long that I have thousands of unread and read but not deleted messages in my inbox.

2. Quantum Superclock Will Be Accurate Past End of Life On Earth

Spoiler

http://www.theregister.co.uk/2010/02/05/new_quantum_superclock/
Probably not terribly necessary, but it's very interesting to read how it's done.

US government boffins say they have built a clock so precise that it will still be accurate to within one second when life on Earth has ceased.

The "quantum logic clock" will neither gain nor lose a second over the next 3.7 billion years, according to its makers at the US National Institute of Standards and Technology (NIST). It uses a single aluminium atom to keep time, processing its measurements in the same way as experimental quantum computers do - hence the name.

3. ‘Don’t Be Evil,’ Meet ‘Spy On Everyone’: How the NSA Deal Could Kill Google

Spoiler

http://www.wired.com/dangerroom/2010/02/from-dont-be-evil-to-spy-on-everyone/
Sensationalist headline as you might expect. In the aftermath of the attack on several top tech companies mentioned last week, Google has turned to the NSA for help securing themselves against such attacks.

The company once known for its “don’t be evil” motto is now in bed with the spy agency known for the mass surveillance of American citizens.

The National Security Agency is widely understood to have the government’s biggest and smartest collection of geeks — the guys that are more skilled at network warfare than just about anyone on the planet. So, in a sense, it’s only natural that Google would turn to the NSA after the company was hit by an ultrasophisticated hack attack. After all, the military has basically done the same thing, putting the NSA in charge of its new “Cyber Command.” The Department of Homeland Security is leaning heavily on the NSA to secure .gov networks.

4. H.264 Video Codec Stays Royalty-free for HTML5 Testers

Spoiler

http://www.theregister.co.uk/2010/02/04/mpeg_la_h_264_codec_licence/
Interesting timing, given how publicly Mozilla denounced the codec just a few weeks ago. What will happen at the end of that five-year period I wonder...

Freetards stand down - MPEG LA has decided to slash royalties to zero for anyone wishing to use the H.264 codec for free streaming of internet video until the end of 2016.

The MPEG licensing outfit confirmed earlier this week that its AVC patent portfolio licence won’t charge royalties for internet video that is free to end users.

5. Carbon Trade Phish Scam Disrupts Exchanges

Spoiler

http://www.theregister.co.uk/2010/02/04/carbon_trade_phish_scam/
Having gained  access credentials via a phishing campaign, hackers stole $4m worth of carbon credits from several registries in the EU, then resold them on the legitimate market before an alert was raised. I guess even fabricated currency suffers theft...

Phishing fraudsters have extended their net beyond harvesting e-banking credentials via a scam that resulted in the theft of 250,000 carbon permits worth over €3m.

The outbreak of fraud resulted in the suspension of trading in several EU registries on 2 February. The crooks are thought to have created fake emission registries, promoted via spam emails, before using identity details submitted on these sites to trade rights to blow-off greenhouse gases on the legitimate sites.

6. Wikileaks Finds Cash to Continue

Spoiler

http://www.theregister.co.uk/2010/02/04/wikileaks_pledge_drive/
Well thank Christ for that.

Whistle-blowing site Wikileaks has secured enough money in donations to resume operations.

The site stopped publishing leaked documents in December in order to concentrate on a pledge drive, aimed at raising a minimum of $200,000 to keep the lights on, and $600,000 if staff were to be paid. Wikileaks also canvassed for technical support and legal help.

7. IiNet Wins! Film Industry's Case Torn to Shreds

Spoiler

http://www.itnews.com.au/News/166348,iinet-wins-film-industrys-case-torn-to-shreds.aspx
Australian ISP iiNet has managed to get safe harbour for all Australian ISPs into legal precedence after winning a lawsuit brought by The Australian Federation Against Copyright Theft who were ordered to pay iiNet's legal fees.

The Federal Court of Australia has dismissed the film industry's case against iiNet, finding that Australia's No.3 internet provider did not authorise copyright infringement on its network.

The Australian Federation Against Copyright Theft representing the film industry, has been ordered to pay iiNet's costs. iiNet chief executive Michael Malone estimated that these costs add up to around $4 million.

8. Crystals in Meteorite Harder Than Diamonds

Spoiler

http://www.msnbc.msn.com/id/35198934/ns/technology_and_science-science/
Right out of a not-terribly-interesting sci-fi, carbon crystals found in a meteorite that struck Finland in 1971 have been found to be even more resilient than diamond.

Researchers using a diamond paste to polish a slice of meteorite stumbled onto something remarkable: crystals in the rock that are harder than diamonds.

A closer look with an array of instruments revealed two totally new kinds of naturally occurring carbon, which are harder than the diamonds formed inside the Earth.

9. Comcast Sees End of IPv4 Tunnel, Beginning IPv6 Trial

Spoiler

http://arstechnica.com/tech-policy/news/2010/01/comcast-running-out-of-ipv4-addresses-beginning-ipv6-trial.ars
Following up on the IPv4 exhaustion story from last week, US ISP Comcast is launching an IPv6 trial ahead of a 4-phase rollout on its network. In related news, the YouTube launch of IPv6 support apparently caused a noticable spike in IPv6 traffic across the Internet.

Comcast is asking for volunteers to participate in its upcoming IPv6 trials. The cable ISP has been participating in IPv6 circles for a long time and with its huge subscriber base, it is experiencing the IPv4 address scarcity first-hand. So far, it has been able to get addresses for its customers—but not for those customers' cable modems and set-top-boxes. These also need addresses to function or to be managed. No problem, right? Just use private IPv4 addresses, such as the 10 network, which holds 16.8 million addresses. But with 25 million TV, 15 million ISP, and 6 million Comcast Digital Voice subscribers, 16.8 million private addresses isn't enough for a regular management system in which a management station can directly connect to each managed device. So Comcast needs IPv6 just to run its internal network effectively now.

We're also running out of IPv4 addresses, so at some point in the future, Comcast will be unable to obtain additional addresses to connect new customers. So Comcast also needs to provide IPv6 service to its customers at some point and is looking for willing subjects to give it a try.

10. Oz Banker Caught Porn-surfing On Live TV

Spoiler

http://www.theregister.co.uk/2010/02/02/sydney_banker/
It has come to light that the employee in question was set up by a friend, but it's still hilarious to watch.

Ehtyar.

4

Living Room / Tech News Weekly: Edition 4-10

« on: February 01, 2010, 02:06 PM »

The Weekly Tech News

Hi all. Sorry for the major lateness everyone, lots of stuff going on IRL As usual, you can find last week's news here.

1. Google Mystery Server Runs 13% of Active Websites

Spoiler

http://www.theregister.co.uk/2010/01/29/google_web_server/
You can probably bet it's some Python/Apache mashup, but the Google Web Server is now running 13 million active websites on the Internet, just behind Microsoft IIS with 14 million, miles behind Apache with 44 million.

The Google Web Server - custom-built server software used only by Google - now runs nearly 13 per cent of all active web sites, according to the latest survey data from the web-server-tracking UK research outfit Netcraft.

Netcraft data has the Google Web Server (GWS) running nearly 11 million active sites - i.e., sites with recently updated content. This total includes not only sites run solely by Google, but also sites the company operates on behalf of third parties via services like Blogger, Google Docs, and Google App Engine.

2. Who's the World's Largest Tech Firm?

Spoiler

http://www.theregister.co.uk/2010/01/29/biggest_tech_firm/
Well this was a shocker. Samsung recently beat out HP to be the world's biggest tech business (revenue wise) with a whopping $117.8bn over HP's $114.6bn.

The world's biggest technology company, by revenue, is now Samsung, which has just replaced HP at the top of the pile.

For 2009 Samsung brought in revenue of $117.8bn, beating HP which made $114.6bn for the year ended 31 October. It is on track to beat the ink giant in 2010 too - predicting sales of $127bn versus $120bn at HP.

3. Google Wants to See Client Addresses in DNS Queries

Spoiler

http://arstechnica.com/tech-policy/news/2010/01/google-wants-to-see-client-addresses-in-dns-queries.ars
Certainly no shocker here. Google wants to see the actual client IP address in DNS queries to enable better load balancing. Isn't it enough Google that your local DNS server is typically located in the same friggin' place? Or perhaps you wanna track us some more?

Late Wednesday evening, Google employees posted an "Internet-Draft" outlining proposed changes to the DNS protocol that allow authoritative DNS servers to see the addresses of clients. This way, geographically distributed content delivery networks can tailor their answers to a specific client's network location. So a client from California would talk to a server in California, while a client in the Netherlands would talk to a server in the Netherlands.

Currently, authoritative DNS servers don't see the client address, only the address of the resolving server that is typically operated by the client's ISP. So in the current situation, if our Californian and Dutch clients both use a DNS resolver in New York, a location-optimizing authoritative DNS server would give them both the addresses of servers in or around New York. By including the client's address in the request, the authoritative server can send a better response and improve the subsequent interactions between the client and server because the request/response round-trip times across the network are shorter.

4. Gallery: The Best and Worst Fake Apple Tablets

Spoiler

http://www.wired.com/gadgetlab/2010/01/gallery-the-best-and-worst-fake-apple-tablets/all/1
Everyone knows the Apple Tablet was released last week, but no one wants to hear anymore flapping about it, so here's a gallery or the best and worst photo-shopped imitations.

Right up until the world changed yesterday, and Steve Jobs stepped down from Mount iSinai with the Moses Tablet, we still had no idea what the iPad would look like. But that didn’t stop anyone from guessing, and better, turning to Photoshop to share their visions.

Some we laughed at, others we would have put down money for. But just how accurate were they? Here we look at the worst (and best) of Fake Tablets.

5. Simpsons, Powerpuff Girls Porn Nets Jail Time for Australian

Spoiler

http://arstechnica.com/tech-policy/news/2010/01/simpsons-powerpuff-girls-porn-nets-jail-time-for-australian.ars
Not sure which side I'm on here. Some are arguing that this would only be a precursor to actual child porn, yet I fail to see anyone actually being victimized here (as would be the case with real child porn), so how can you justify punishment? However, he had been sentenced in 2003 after real child porn was found on his computer, so I can understand the judgement itself a little better.

We'll just come right out and say it: some people are into cartoon porn. Heck, even if you're not "into" it, you may have accidentally happened upon it just by running an innocent Google Image Search with SafeSearch turned off (guilty as charged). If you live in Australia, however, you may want to take extra care that your porn stash doesn't contain cartoon imagery of children. A man in Australia was recently convicted for possessing pornographic images depicting characters from The Simpsons and The Powerpuff Girls, and is now a registered sex offender.

Twenty-eight-year-old Kurt James Milner was turned into police for having questionable material on his computer in early 2008, but due to technical difficulties, police were unable to retrieve information from his machine for more than a year. Once they were able to do so, however, they found 64 sexually explicit images depicting characters from the aforementioned TV shows. As many of you Simpsons fans know, there are numerous children who make regular appearances on the show, and they were apparently "not excluded from these images.''

6. Aussie Censor Balks at Bijou Boobs

Spoiler

http://www.theregister.co.uk/2010/01/28/australian_censors/
On the other hand, this is just insane. Those given the right to determine what Australians can and can't see on the Internet have now decreed that films or photos depicting "small" breasts and female ejaculations will be refused clasification as small breats apparently encourage pedophelia. Female ejaculations are a form of golden shower (absurd), which is apparently already banned, not to mention "abhorrent".

The proposed Australian Government clampdown on smut just got a whole lot broader, as news emerged of a ban on small breasts and female ejaculation in adult material.

The end result of this widening of the censor’s net could be the addition of millions of websites to the internet filter now being proposed.

Breasts came under the spotlight a year ago, as Senators Barnaby Joyce and Guy Barnett commenced a campaign against publicly available porn. Rounding up magazines from corner shops and filling stations, Senator Joyce claimed that publications featuring small-breasted women were encouraging paedophilia.

7. Settlement Rejected in ‘Shocking’ RIAA File Sharing Verdict

Spoiler

http://www.wired.com/threatlevel/2010/01/settlement-rejected-in-shocking-riaa-file-sharing-verdict/
The RIAA has offered Jammie Thomas-Rasset a $25,000 settlement in the case against her for sharing music illegally, which she has refused and is continuing her appeal.

The recording industry is demanding Jammie Thomas-Rasset pay $25,000 to settle out of court the nation’s first file sharing case against an individual to have gone to trial –- a settlement offer the Minnesota mother of four is rejecting, lawyers in the case said Wednesday.

The development came days after the federal judge in the case reduced to $54,000 a jury’s June finding that Thomas-Rasset must pay $1.92 million for file sharing 24 songs on Kazaa. Following Friday’s decision by U.S. District Judge Michael Davis, the Recording Industry Association of America proposed that Thomas-Rasset pay $25,000 to close the case.

8. Ubisoft's New DRM Solution: You Have Be Online to Play

Spoiler

http://arstechnica.com/gaming/news/2010/01/ubisofts-new-drm-solution-you-have-be-online-to-play.ars
*sigh* These people will never learn. In fact I think they're getting dumber...

Ubisoft does not have the best history when it comes to invasive—if not downright broken—DRM, but the company's upcoming "solution" to game piracy is much worse than anything we've seen in the past. The gist is simple: every time you want to play your game, it has to phone back to Ubisoft before giving you permission to play. No Internet connection? You're simply out of luck.

Ubisoft of course points out that this move has some benefits for games. Now you can access your saved games anywhere! You don't need the disc in the drive! You can play from any computer that has an Internet connection! Brent Wilkinson, Director, Customer Service and Production Planning at Ubisoft, thinks you'll like this decision. "We think most people are going to be fine with it. Most people are always connected to an Internet connection," he told GameSpy.

9. IPv4 Free Pool Drops Below 10%, 1.0.0.0/8 Allocated

Spoiler

http://tech.slashdot.org/story/10/01/24/2139250/IPv4-Free-Pool-Drops-Below-10-10008-Allocated
I'm not in the habbit of directly linking a Slashdot article here, but this one is a very nice summary. Basically we're still running out of IPv4 IPs, so ICANN is considering allocating some of the more troublesome remaining blocks like 1.0.0.0/8 and 27.0.0.0/8 which have been classified as "reserved" until now, and so have been affected by misuse.

"A total of 16,777,216 IP address numbers were just allocated to the Asian Pacific Network Information Centre IP address registry for assignment to users. Some venerable IP addresses such as 1.1.1.1 and 1.2.3.4 have been officially assigned to the registry itself temporarily, for testing as part of the DEBOGON project. The major address blocks 1.0.0.0/8 and 27.0.0.0/8, are chosen accordance with a decision by ICANN to assign the least-desirable remaining IP address ranges to the largest regional registries first, reserving most more desirable blocks of addresses for the African and Latin American internet users, instead of North America, Europe, or Asia. In other words: of the 256 major networks in IPv4, only 24 network blocks remain unallocated in the global free pool, and many of the remaining networks have been tainted or made less desirable by unofficial users who attempted an end-run around the registration process, and treated 'RESERVED' IP addresses as 'freely available' for their own internal use. This allocation is right on target with projected IPv4 consumption and was predicted by the IPv4 report, which has continuously and reliably estimated global pool IP address exhaustion for late 2011 and regional registry exhaustion by late 2012. So, does your enterprise intranet use any unofficial address ranges for private networks?"

10. Do You Have a Pad I Could Borrow?

Spoiler

http://www.youtube.com/watch?v=YFNQE_TzQNI
Awesome spoof of the iPad, made long before the thing was even announced.

Ehtyar.

5

Living Room / Tech News Weekly: Edition 3-10

« on: January 24, 2010, 04:50 AM »

The Weekly Tech News

Hi all. It's BAAAAACK!! Hope you enjoy The last Tech News was posted a month and a half ago. You can find it here.

1. Judge Slashes "monstrous" P2P Award by 97% to $54,000

Spoiler

http://arstechnica.com/tech-policy/news/2010/01/judge-slashes-monstrous-jammie-thomas-p2p-award-by-35x.ars
Looks like this whole Judges with sense thing is catching on. Jammie Thomas-Rasset has had her outrageous $1.92 million damages charge, brought by big media, dropped to $54,000. A little more reasonable for 24 songs wouldn't you say?

Judge Michael Davis is the senior federal jurist in Minnesota. He presides over the gleaming 15th floor courtroom where, earlier this year, P2P user Jammie Thomas-Rasset was slapped with $1.92 million in damages for sharing 24 songs. Davis made no comment on the amount of the award and showed no emotion as it was read out.

But now we know how he rely feels about the jury's work in that case: it led to a "monstrous and shocking" damage award that veered into "the realm of gross injustice."

2. Tor Software Updated After Hackers Crack Into Systems

Spoiler

http://www.theregister.co.uk/2010/01/22/tor_security_update/
Oops. Doesn't look like their VCS was compromised - seems the hackers had no idea what they were onto.

Privacy-conscious users of the Tor anonymiser network have been urged to upgrade their software, following the discovery of a security breach.

Two of seven directory authorities and a metrics data server were compromised in a hack discovered earlier this month, Tor developer Roger Dingledine explains. The three servers were taken offline and refurbished following the hack.

3. Bumps ahead as Vimeo, YouTube respond to HTML5 video demand

Spoiler

http://arstechnica.com/open-source/news/2010/01/bumps-ahead-as-vimeo-youtube-respond-to-html5-video-demand.ars
Vimeo and YouTube have both deployed opt-in (*sigh*) HTML-5 media players on their site. Unfortunately, both are using the H.264 codec instead of the open Ogg Vorbis alternative. They're also about half a year behind DailyMotion, but still, yay!

When Google began soliciting feedback from users about what features they would most like to see in the next version of YouTube, the response was an overwhelmingly enthusiastic request for standards-based open video: users called for Google to support the HTML5 video element.

Google responded by rolling out an experimental HTML5-based player on YouTube that allows users to watch videos without having to depend on Adobe's Flash plugin. Vimeo, another leading video hosting website, followed suit this afternoon and rolled out an HTML5 beta test of its own. Of course, both of them are lagging behind DailyMotion, which launched its HTML5 beta last year.

4. Analysis of 32 Million Breached Passwords

Spoiler

http://www.net-security.org/secworld.php?id=8742
Hrm...Bahahahaha!

Imperva released a study analyzing 32 million passwords exposed in the Rockyou.com breach. The data provides a unique glimpse into the way that users select passwords and an opportunity to evaluate the true strength of these as a security mechanism.

In the past, password studies have focused mostly on surveys. Never before has there been such a high volume of real-world passwords to examine.

5. Wrists Playing Up? You're Shagging Too Much

Spoiler

http://www.theregister.co.uk/2010/01/21/carpal_tunnel_syndrome/
THink you've got carpal tunnel? Picking a new position apparently helps...

A US researcher has suggested a possible link between dodgy wrists caused by carpal tunnel syndrome and sex, "when the hands become repeatedly extended while under pressure from the weight of the upper body".

The syndrome occurs when "the median nerve, which runs from the forearm into the hand, becomes pressed or squeezed at the wrist", as this handy guide explains. Symptoms range from "frequent burning, tingling, or itching numbness in the palm of the hand and the fingers" to "decreased grip strength" and the inability to tell hot from cold by touch.

6. Virgin Trials P2P Deep Packet Snooping

Spoiler

http://www.theregister.co.uk/2010/01/21/virgin_begins_cview_trials/
The headline should probably be "Virgin to trial P2P deep packet snooping", but whatever. Looks like major UK ISP Virgin Media will start using deep packet inspection to see just how much file sharing is taking place on their network. Though, of course, they won't be retaining any identifying aspects of the data...

The trial will see Virgin monitor about 40 per cent of its customers — none of whom will be informed of their participation. Virgin insists that the system seeks only to determine the amount of file-sharing traffic that infringes on copyright and that it will disregard data that can finger individual users.

The software, called CView, is provided by Detica, a BAE Systems subsidiary that specializes in high volume data collection. The ISP is using Deep Packet Inspection (DPI) to detect peer-to-peer traffic over its customers' broadband connections. P2P files are then matched against a third-party database of songs to determine if they violate copyright.

7. Google Hack Attack Was Ultra Sophisticated, New Details Show

Spoiler

http://www.wired.com/threatlevel/2010/01/operation-aurora/
I imagine everyone has heard about this. It's being called "Aurora", a vulnerability in IE6/XP that allowed suspected Chinese attackers to gain access to over 30 large corporations. The vulnerability was known only to Microsoft prior to the attack, and has since been taken care of with an out-of-band patch. The attackers were apparently very well prepared, and managed to steal a very significant quantity (and quality) of data, including source code from those they breached.

Hackers seeking source code from Google, Adobe and dozens of other high-profile companies used unprecedented tactics that combined encryption, stealth programming and an unknown hole in Internet Explorer, according to new details released by the anti-virus firm McAfee.

“We have never ever, outside of the defense industry, seen commercial industrial companies come under that level of sophisticated attack,” says Dmitri Alperovitch, vice president of threat research for McAfee. “It’s totally changing the threat model.”

8. NASA Extends the World Wide Web Out Into Space

Spoiler

http://www.nasa.gov/home/hqnews/2010/jan/HQ_M10-011_Hawaii221169.html
Took long enough, but it looks like astronauts will be enjoying live Internet from now on

Astronauts aboard the International Space Station received a special software upgrade this week - personal access to the Internet and the World Wide Web via the ultimate wireless connection.

Expedition 22 Flight Engineer T.J. Creamer made first use of the new system Friday, when he posted the first unassisted update to his Twitter account, @Astro_TJ, from the space station. Previous tweets from space had to be e-mailed to the ground where support personnel posted them to the astronaut's Twitter account.

9. No One Gives A Crap How Many Pigs You Have, Jerk!

Spoiler

http://www.youtube.com/watch?v=odBDAcOEKuI
Your friends think your farm is lame...

Ehtyar.

6

Living Room / Pi Calculated To 2.7 Trillion Decimal Places Using Desktop PC

« on: January 07, 2010, 10:37 PM »

Fabrice Bellard has managed to calculate pi to 2.7 trillion decimal places using his Core i7 desktop PC, Fedora 10, 7.5 TB of disk space in a RAID-0 configuration with an ext4 filesystem and 131 days of compute time at a cost of "less than 2000 euros". He beat out the previous record of 2.6 trillion digits calculated on a Japanese supercomputer in 26 hours. He plans to release his code in the near future, for 64-bit architectures only.

Pic from DownloadSquad

Ehtyar.

7

Living Room / Birth of an Avatar

« on: January 07, 2010, 09:39 PM »

Like many people it seems, I thought Avatar was AWESOME (I'm really hoping I get to see it without 3D however, I think the glasses and lower visual quality made the movie slightly less immersive). My boss found this video on Vimeo, and I thought I'd share it with you guys, a really fun watch.

Ehtyar.

8

Living Room / The Diagram of Geek Culture

« on: January 06, 2010, 11:03 PM »

So awesome...it's funny because it's true.

Via Neatorama.

Ehtyar.

9

Adventures of Baby Cody / Baby Cody In Belleville, NJ

« on: December 30, 2009, 02:18 PM »

Hey all!!

April and I are here together in Belleville, NJ soaking up warm Baby Cody huggles!! We also went to breakfast/lunch (I had WAFFLES WITH A STRAWBERRY MILKSHAKE OMG YUM). Here are some pics, enjoy .

My breakfast waffles...YUM!!	Baby cody in baby cherry tree.
Baby cody in baby cherry tree.	Baby cody in baby cherry tree.
app103 with Baby Cody	Ehtyar with Baby Cody
Baby Cody	Baby Cody (baby cody stole a single to show just how big he really is)
Baby Cody	app103 and Ehtyar

Ehtyar.

10

Living Room / The Great Aussie Firewall to Go Ahead

« on: December 15, 2009, 01:46 AM »

And in a final, resounding demonstration of the technical incompetence and complete lack of understanding of the current Australian Government, Crown Senatorial Twitrocket Stephen Conroy gave media outlets an hour and a half notice on Tuesday, December 15^th 2009 that a press conference was to be held to announce that the Great Aussie Firewall will be legislated into existence in the new year.

Despite abysmal results in the the "pilot" program run earlier this year, and the admission that any technically competent individual could easily circumvent the "filters" (among other astounding failures - see the full article), Australian ISPs will be forced to deny access to any overseas website "refused classification" by the Australian Communications and Media Authority at the network level.

All hail Chairman Rudd.

Ehtyar.

11

Living Room / Tech News Hiatus

« on: December 06, 2009, 07:38 PM »

Hi all,

This week marks the start of the Tech News Hiatus as I leave for the USA in two days and I'm afraid I just don't have the time (I've also had food poisoning for the past few days, so my preparation efforts have been hampered).

Mouse Man has asked me to inform you all that you will need to "seek your tech news fix elsewhere" for the coming few weeks, but hopefully we will be up and running again by the weekend of the 9th and 10th of January.

Enjoy the holidays everyone!!

Ehtyar.

12

Living Room / Tech News Weekly: Edition 48-09

« on: November 29, 2009, 05:10 AM »

The Weekly Tech News

Hi all. Enjoy As usual, you can find last week's news here.

1. Mininova Deletes All Infringing Torrents and Goes ‘Legal’

Spoiler

http://torrentfreak.com/mininova-deletes-all-infringing-torrents-and-goes-legal-091126/
Mininova has finally complied with an earlier court decision and deleted all the illegal torrents from their site. There are roughly 8,000 left.

Mininova’s decision to delete all infringing torrents from its index marks the end of an era that started five years ago.

In December 2004, the demise of the mighty Suprnova left a meteor crater in the fledgling BitTorrent landscape. This gaping hole was soon filled by the dozens of new sites that emerged to fulfil the public’s increasing demands for torrents. Mininova became the most successful of all.

2. "Duh" Latest IPhone Worm

Spoiler

http://community.ca.com/blogs/securityadvisor/archive/2009/11/25/duh-latest-iphone-worm.aspx
This is a write-up on the first of the actually harmful "iKee" variants, if you can call them that, that can infect jailbroken iPhones in their default configuration.

“Duh” is the latest iPhone worm that was recently spotted by Dutch ISP XS4All. Unfortunately, the advent of publishing “iKee” source code and its subsequent spread has led to this.

“Please be aware that publishing such malicious code may attract more evil fingers to play around!”

From my previous blog post, I’ve warned about “iKee” and “Iphone Info Stealer” source code being published as it poses serious threat since anyone from wannabe “lamers” to script kiddies could take advantage of it.  

3. Facebook Friend Turns Into Big Brother

Spoiler

http://www.lacrossetribune.com/news/local/article_0ff40f7a-d4d1-11de-afb3-001cc4c002e0.html
I really would have thought this was entrapment, but apparently in the USA cops are well within their rights to send a friend request to you on Facebook, then pillage your profile for evidence of illegal activity should you accept.

University of Wisconsin-La Crosse student Adam Bauer has nearly 400 friends on Facebook. He got an offer for a new one about a month ago. “She was a good-looking girl. I usually don’t accept friends I don’t know, but I randomly accepted this one for some reason,” the 19-year-old said.

He thinks that led to his invitation to come down to the La Crosse police station, where an officer laid out photos from Facebook of Bauer holding a beer — and then ticketed him for underage drinking.

The police report said Bauer admitted drinking, which he denies. But he did plead no contest in municipal court Wednesday and will pay a $227 fine.

4. Superconductor Forcefield to Shield Re-entering Spacecraft?

Spoiler

http://www.theregister.co.uk/2009/11/25/magnetic_re_entry_shield/
Oh. My. God. Cool!! And it looks like a largely international effort as well.

Space boffins have hatched a plan to test their radical new superconductor magnet forcefield re-entry heatshield technology by firing it into space from a Russian submarine.

Flight International reported on the scheme yesterday, describing cooperative efforts by German space agency DLR (Deutschen Zentrums für Luft- und Raumfahrt), the European Space Agency and Euro aerospace megacorp EADS Astrium.

The proposed test module would use a magnetic field generated by superconducting magnets to deflect the superhot plasma which results when a spacecraft re-enters Earth's atmosphere at the tremendously high speeds required by space missions. Normally the heat is resistant by super-tough but troublesome insulating materials, as in the space shuttle, or by one-shot ablative coatings which burn off as a spacecraft descends.

5. Panic Button Plan to Beat Cyber-predators

Spoiler

http://www.smh.com.au/technology/technology-news/panic-button-plan-to-beat-cyberpredators-20091125-jr1k.html
Just when you think those crazy Aussies just can't get any more f**ked in the head, something like this comes along. Imagine a giant red button next to your computer that your child could push if they encountered any correspondence they believed to be inappropriate online. Then imagine, that a bunch of Aussies (being paid by tax payers no less) concocted this idea, and you'd have this story. Why am I funding these people?!?!

Children who feel they are being bullied, harassed or groomed online could call for help instantly using a "panic button" on their PCs under a plan being considered by the Federal Government's cyber-safety working group.

Parents would be offered the ability to download and install the "widget" on their children's computers and, if the kids encounter serious trouble online, pushing the button could connect them instantly to police or child protection groups.

"The decision hasn't been made - it's still in the discussion stage - but I think we're getting pretty close," said Hetty Johnson, chief executive of Bravehearts, which supports survivors of child sexual assault.

6. Two Circulating Beams Bring First Collisions in the LHC

Spoiler

http://press.web.cern.ch/press/PressReleases/Releases2009/PR17.09E.html
The LHC has finally commenced collisions. The first beams were fired at 13:22 on Monday the 23rd.

Today the LHC circulated two beams simultaneously for the first time, allowing the operators to test the synchronization of the beams and giving the experiments their first chance to look for proton-proton collisions. With just one bunch of particles circulating in each direction, the beams can be made to cross in up to two places in the ring. From early in the afternoon, the beams were made to cross at points 1 and 5, home to the ATLAS and CMS detectors, both of which were on the look out for collisions. Later, beams crossed at points 2 and 8, ALICE and LHCb.

“It’s a great achievement to have come this far in so short a time,” said CERN1Director General Rolf Heuer. “But we need to keep a sense of perspective – there’s still much to do before we can start the LHC physics programme.”

7. Hacked Darwin Kernel Available for 10.6.2 On Atom Netbooks

Spoiler

http://arstechnica.com/apple/news/2009/11/hacked-darwin-kernel-out-for-1062-on-atom-netbooks.ars
Since Apple decided to release the 10.6.2 update without support for the Atom CPU, a hacker has released a patched kernel that puts it back in. Anyone see a game of cat-and-mouse coming?

First the 10.6.2 update to Snow Leopard wasn't compatible with Intel Atom processors. Then it was. Then it wasn't again when it was finally released to the masses. Fortunately for the netbook-loving Mac OS X fans out there, the OSx86 scene is only too happy to offer a patched version of mach_kernel to enable booting 10.6.2 on netbooks once more.

The kernel is the deep-down part of Mac OS X that generally handles direct communication between the OS and hardware. Speculation swirled that Apple was actively trying to keep Mac OS X from being installed on inexpensive Atom-based netbooks. However, chances are it was more likely a result of optimizations that didn't take into account Atom processors, since Apple doesn't use them in any shipping products.

8. Emblaze's First Else Unveiled in London, Promises to Be a Game-changer

Spoiler

http://www.engadget.com/2009/11/24/emblazes-first-else-unveiled-in-london-promises-to-be-a-game-c/
The First Else, running the Access Linux Platform, is a new smartphone unveiled by Blame Else this week. This could be very interesting, be sure to check out the videos at the end of the article.

Folks, today might be the day when you start to notice how ancient our smartphones have become, even if they only came out in last few months. Blame Else (formerly Emblaze Mobile) for its confusingly-named First Else, a phone "built from scratch" over the last two years and now powered by Access Linux Platform (ALP) 3.0 -- a mobile OS thought to have quietly died out since our last sighting in February. Until today's London launch event, the last we heard of this Israeli company was from October's Access Day in Japan where it previewed the Else Intuition OS, which we like to think of as inspired by Minority Report. While it's still too early to tell whether the First Else -- launching in Q2 next year -- will dodge the path of doom, we were already overwhelmed by the excellence of the device's user experience, both from its presentation and from our exclusive hands-on opportunity. Do read on to find out how Else is doing it right.

9. Leaked 9/11 Text Messages

Spoiler

http://www.schneier.com/blog/archives/2009/11/leaked_911_text.html
I'm not sure I quite understand their reasons for it, but Wikileaks have leaked 500,000 text pager intercepts from the 24 hour period surrounding the September 11, 2001. Bruce Schneier has some good links and clips of the gems.

WikiLeaks released half a million US national text pager intercepts. The intercepts cover a 24 hour period surrounding the September 11, 2001 attacks in New York and Washington.

Text pagers are usualy carried by persons operating in an official capacity. Messages in the archive range from Pentagon, FBI, FEMA and New York Police Department exchanges, to computers reporting faults at investment banks inside the World Trade Center.

10. Lego Matrix Trinity Help

Spoiler

http://www.youtube.com/watch?v=iDe4v318f64
This is a terrific Lego stop-motion of the rooftop shootout scene between an agent and Neo in the first Matrix film. Enjoy

Ehtyar.

13

Living Room / Tech News Weekly: Edition 47-09

« on: November 22, 2009, 01:33 PM »

The Weekly Tech News

Hi all. I've decided to take a new approach to the news. Instead of going through the week's news of a Sunday and picking out what I consider to be the most relevant headlines, this week's news is a collection of what I found most interesting from news articles I came across throughout the past week. Please let me know what you think over the next few weeks As usual, you can find last week's news here.

1. Want To Try Out Google Chrome OS For Yourself? Here’s How.

Spoiler

http://www.techcrunch.com/2009/11/19/guide-install-google-chrome-os/
TechCrunch has made a guide showing you where to get a copy of a compiled Chrome OS, and how to run it in a VM.

The public debut of Google Chrome OS today has the press abuzz over the potential of the new web-based operating system. And now that it’s open sourced, you have the chance to try it out for yourself. Unfortunately, most people aren’t ready to undertake the daunting task of actually taking Google’s recently open-sourced code and turning that into a bootable computer. So we’ve put together a step-by-step guide to doing this, for free, in around 15 minutes (depending on how long it takes to download the OS itself). No, this won’t get your computer booting Chrome OS natively (and frankly, you probably wouldn’t want to yet anyway). But it will get it up and running in a virtual machine using the free software VirtualBox, which is available for Macs, PCs, and Linux.

2. Hacked Darwin Kernel Available for 10.6.2 On Atom Netbooks

Spoiler

http://arstechnica.com/apple/news/2009/11/hacked-darwin-kernel-out-for-1062-on-atom-netbooks.ars
The final release of the latest version of Mac OS had Atom support removed. An Apple fan took the new Kernel and hacked it to bring back Atom compatibility for those running it on Netbooks.

First the 10.6.2 update to Snow Leopard wasn't compatible with Intel Atom processors. Then it was. Then it wasn't again when it was finally released to the masses. Fortunately for the netbook-loving Mac OS X fans out there, the OSx86 scene is only too happy to offer a patched version of mach_kernel to enable booting 10.6.2 on netbooks once more.

The kernel is the deep-down part of Mac OS X that generally handles direct communication between the OS and hardware. Speculation swirled that Apple was actively trying to keep Mac OS X from being installed on inexpensive Atom-based netbooks. However, chances are it was more likely a result of optimizations that didn't take into account Atom processors, since Apple doesn't use them in any shipping products.

3. The One Instruction Wonder

Spoiler

http://www.ddj.com/embedded/221800122
Really interesting. Describes a new chip architecture called TTA (Transfer Triggered Architecture). The chip has only one instruction, an analog to 'mov', and moving memory around on the chip triggers the remaining functionality.

One of the original "Star Trek" television episodes involves patients at a facility for the criminally insane. One of the inmates quotes some lines from Shakespeare and announces that she wrote it yesterday. Another character tells her that it had been written by the bard in the past. The woman replies, "Which does not alter the fact that I wrote it again yesterday!"

I suppose in the computer industry it is particularly difficult these days to have a truly original idea, even if you arrive at your idea independent of prior work. I had that experience several years ago. I had just finished a 16-bit CPU design based loosely on Caxton Foster's Blue machine in his excellent (albeit dated) book Computer Architecture. (Yes, I do have strange hobbies.) Like Foster's original, my machine has what I think of as a 1970's minicomputer architecture -- its very similar to a DEC or DG or HP machine from that era. I was contemplating starting a new project using some sort of RISC (Reduced Instruction Set Computer) architecture. RISC's advantages are well known. Simplifying the CPU core by reducing the complexity of the instruction set allows faster speeds, more registers, and pipelining to provide the appearance of single cycle execution. RISC has been so popular that even your PC today probably uses a RISC core that is emulating a non-RISC processor!

4. Modern Warfare 2 Breaks Sales Records Across Entertainment Industry

Spoiler

http://www.techspot.com/news/37016-modern-warfare-2-breaks-sales-records-across-entertainment-industry.html
Modern warfare 2 has broken all records for both movies and video games in its first 5 days of availability.

Despite a bit of controversy in Russia, Infinity Ward's Modern Warfare 2 has taken the video game world by storm, and now it is breaking sales records across the entire entertainment industry. The title reportedly generated $550 million in sales during the first five days available, beating all other video game launches and raking in more cash than any movie in the same timeframe.

By comparison, the current worldwide box-office record-holder is Harry Potter and the Half-Blood Prince, which earned $394 million in its first five days. The Dark Knight holds the US box-office record with $203.8 million. The title has even successfully trounced Grand Theft Auto IV, which pulled in $500 million over the first five days of sales.

5. Pirate Bay Says Tracker Tech is So Yesterday, Man

Spoiler

http://www.theregister.co.uk/2009/11/17/pirate_bay_distributed_hash_table/
TPB is no longer running its tracker, instead allowing DHT to track their torrents for them. This alleviates a good portion of TPB's liability in any further court cases.

The Pirate Bay has kyboshed its tracker technology and replaced it with a decentralised peer-to-peer network that all modern clients can hook up to.

The so-called distributed hash table (DHT) allows freeloaders to circumnavigate use of a tracker in order to download torrents. Instead, they connect to a DHT network to find other peers.

The Pirate Bay said today it had adopted the DHT option because a more decentralised system of handling tracking and distributions of torrent files means that "BitTorrent will become less vulnerable to downtime and outages."

6. Civilian Supercomputer Shatters Nuke Simulator’s Speed Record

Spoiler

http://www.wired.com/wiredscience/2009/11/civilian-supercomputer-shatters-nuke-simulators-speed-record/
http://www.wired.com/gadgetlab/2009/11/most-powerful-supercomputer/
And to think my boss couldn't understand why I wanted to run my own datacenter... Be sure to watch the video in link 2, I want his thermal paste applicator, and his screwdriver (in case anyone is considering christmas presents ).

The retooled Jaguar supercomputer blew away the competition on the latest list of the 500 fastest computers in the world, clocking an incredible 1.759 petaflops — 1,759 trillion calculations per second.

The machine, housed at the Department of Energy’s Oak Ridge National Laboratory in Tennessee, added two more cores with the aid of almost $20 million in stimulus spending. With the new processors, the Cray XT5 plowed past the Top500 competition. It’s more than 69 percent faster than the previous record holder, Los Alamos National Laboratory’s IBM Roadrunner, and is more than twice as powerful as the third-fastest computer on the list.

7. Never-before-seen 'Star Trek' Pilot Found

Spoiler

http://www.thrfeed.com/neverbeforeseen-star-trek-pilot-found.html
They've found the second Star Trek pilot and will be releasing it to DVD next month!!!

"Star Trek" fans know there were two pilots for the original series.

The first, "The Cage," was rejected by NBC for being "too cerebral" (ah, some things never change).

The second, "Where No Man Has Gone Before," replaced the actor who played the captain with William Shatner and was more action driven. That pilot had an alternate version which was largely lost and has never aired. Apparently, a film collector in Germany acquired the print and "recently brought it to the attention" of CBS/Paramount. CBS is now releasing this version on Blu-ray Dec. 15. 

8. Early Christmas! DEF CON 17 Video and Audio Now Online!

Spoiler

https://www.defcon.org/
The entire repository of video and audio from this year's DEFCON is now available online.

That's right kids! Whether you've been naughty or nice, all of the audio and video from DEF CON 17 is now available for download! You can get it by heading to the DEF CON 17 Archive Page, and check out all of the awesome talks you want.

9. Grand Theft Auto Vs. Frogger

Spoiler

http://www.youtube.com/watch?v=bZszN2aB-Bo
A short and sweet one this week

Ehtyar.

14

Living Room / Tech News Weekly: Edition 46-09

« on: November 15, 2009, 04:54 AM »

The Weekly Tech News

Hi all. Enjoy As usual, you can find last week's news here.

1. Truly Malicious IPhone Malware Now Out in the Wild

Spoiler

http://arstechnica.com/apple/news/2009/11/truly-malicious-iphone-malware-now-out-in-the-wild.ars
No doubt the first of many. Earlier this last week an Iphone "virus" was tracked in Australia, targeting jailbroken iPhones with ssh enabled using the default root password. It would change the background to a picture of Rick Astley, then shut down sshd to prevent reinfection. Someone apparently cottoned on, and has launched a variant that sends private data (contacts, emails, SMSs etc) back to the machine running the control app.

If you didn't heed previous warnings to secure your jailbroken iPhone, you may be in for some serious trouble. Computer security firm Intego has identified the first known truly malicious code which targets jailbroken iPhones with default root passwords.

The latest in a string of recent attacks, iPhone/Privacy.A uses a technique similar to previous hacks. The malware scans for phones on a given network with an open SSH port, then attempts to log in using the default root password that is the same on all iPhones. Unlike the previous versions, which merely replaced the wallpaper image to alert users that they have been cracked, the new version silently copies personal data—"e-mail, contacts, SMSs, calendars, photos, music files, videos, as well as any data recorded by any iPhone app." It then sends the data back to the machine running the software.

2. SPDY: Google Wants to Speed Up the Web by Ditching HTTP

Spoiler

http://arstechnica.com/web/news/2009/11/spdy-google-wants-to-speed-up-the-web-by-ditching-http.ars
Some really interesting stuff here from Google. In their never-ending quest for improved web performance and security (so that they, and only they, can harvest your dataz), Google has concocted a replacement for HTTP over TCP called SPDY (read: speedy) which will be built into a future version of Chrome and hopefully other browsers.

On the Chromium blog, Mike Belshe and Roberto Peon write about an early-stage research project called SPDY ("speedy"). Unhappy with the performance of the venerable hypertext transfer protocol (HTTP), researchers at Google think they can do better.

The main problem with HTTP is that today, it's used in a way that it wasn't designed to be used. HTTP is very efficient at transferring an individual file. But it wasn't designed to transfer a large number of small files efficiently, and this is exactly what the protocol is called upon to do with today's websites. Pages with 60 or more images, CSS files, and external JavaScript are not unusual for high-profile Web destinations. Loading all those individual files mostly takes time because of all the overhead of separately requesting them and waiting for the TCP sessions HTTP runs over to probe the network capacity and ramp up their transmission speed. Browsers can either send requests to the same server over one session, in which case small files can get stuck behind big ones, or set up parallel HTTP/TCP sessions where each must ramp up from minimum speed individually. With all the extra features and cookies, an HTTP request is often almost a kilobyte in size, and takes precious dozens of milliseconds to transmit.

3. Intel and AMD Bury the Hatchet Under $1.25 Billion in Cash

Spoiler

http://arstechnica.com/business/news/2009/11/intel-and-amd-bury-the-hatchet-under-125-billion-in-cash.ars
Intel and AMD have called it quits on all legal battlefronts, with Intel paying AMD $1.5 billion in cash and agreeing to change unspecified business practices.

Intel and AMD are fierce competitors in the world of chipmaking, but in recent years they've taken the fight to the courtroom. AMD has sued Intel for antitrust violations (allegations that have been picked up by a number of governments), while Intel fired back by claiming that AMD had violated a licensing agreement for x86 technology. This morning, however, the two companies made a surprise announcement: they've reached an agreement that settles all legal issues between them.

The statement is short on information; both companies will flesh out the details during press/analyst calls later this morning. However, it does have a few eye-popping details, first and foremost among them a cash payment: Intel will be handing $1.25 billion over to AMD. The agreement also includes limits on Intel's business practices; these aren't specified in the statement, but undoubtedly limit the rebates and bulk buying agreements that Intel has used in the past to keep OEMs from jumping ship to AMD.

4. Wikipedia Sued for Publishing Convicted Murderer's Name

Spoiler

http://www.theregister.co.uk/2009/11/12/wikipedia_sued_by_convicted_murderer/
A German man is suing Wikipedia in an attempt to have them remove his name from every article pertaining to his murder of a man in 1999. According to German law, he should no longer be associated with the crime 10 years after it was committed. The question is, does this right apply to the entire Internet? The German wikipedia is already in full compliance with the law.

A man who served 15 years for the gruesome murder of a famous German actor is taking legal action against Wikipedia for reporting the conviction.

Attorneys took the action on behalf of Wolfgang Werlé, one of two men to receive a life sentence for the 1990 murder of Walter Sedlmayr. In a letter sent late last month to Wikipedia officials, they didn't dispute their client was found guilty, but they nonetheless demanded Wikipedia's English language biography of the Bavarian star suppress the convicted murder's name because he is considered a private individual under German law.

5. Attackers Conceal Exploit Sites With Twitter API

Spoiler

http://www.theregister.co.uk/2009/11/12/attackers_use_twitter_command/
I loves me a unique virus design!! Malicious scripts being used to cause drive-by downloads on infected websites are generating their destination domain names from the second character of each of the top-30 trending twitter topics. This ensures that the resulting domains cannot be calculated in advance, making it very difficult to lock out the necessary domains, as was the approach with the well known Conficker virus.

Drive-by exploit writers have been spotted using a popular Twitter command to send web surfers to malicious sites, a technique that helps conceal the devious deed.

The microblogging site makes application programming interfaces (APIs) such as this one available so legitimate websites can easily plug into the top topics being tweeted. As the concerns and opinions of Twitter users change over time, so too will the so-called top 30 trending topics.

6. Microsoft Defends Hotmail's Cookie Requirement

Spoiler

http://www.theregister.co.uk/2009/11/13/hotmail_cookies/
Whoops. Microsoft is now requring Hotmail users to accept 3rd-party cookies in order to log out of their accounts. They're claiming it "improves security", though how that is the case is anyone's guess.

Microsoft has said its new policy of requiring users to accept third party cookies to log out of Hotmail improves security.

Some readers who contacted El Reg said it raises the risk that accounts will be compromised on public machines, while others who do not allow third party cookies simply found the error message when they tried to log out irritating.

7. MS Forensics Tool Leaks Onto the Web

Spoiler

http://www.theregister.co.uk/2009/11/10/ms_forensics_tool_leak/
Another whoops. Microsoft's "Computer Online Forensic Evidence Extractor" has leaked onto the Internet via BitTorrent, letting anyone see the innards of a controversial tool designed to automagically extract evidence from computers seized by police.

Microsoft's point-and-click "computer forensics for cops" tool has leaked onto the web.

COFEE (Computer Online Forensic Evidence Extractor) is designed to allow law enforcement officers to collect digital evidence from a suspect's PC without requiring any particular expertise. Using the technology - which recovers a list of processes running on an active computer at the scene of an investigation - involves inserting a specially adapted USB stick into a computer.

Grabbing data from a PC without interfering with the machine is no substitute for a detailed examination by experts where something amiss is discovered, but still attractive to the computer crime authorities. It allows police to search a computer's internet history, analyse systems and data stored and even decrypt passwords, without having to transport the machine to a lab. It does this in a fraction of the time the process would normally require.

8. Using Photosynthesis to Power Hydrogen Production

Spoiler

http://arstechnica.com/science/news/2009/11/photosynthesis-proves-to-be-a-powerful-source-for-hydrogen.ars
This is just too cool!! Why are there no hydrogen cards available to the public!!!

The processes we use to obtain fuel, from pumping fossil fuels up from beneath the ocean to harvesting crops to turn into ethanol, create many environmental and practical concerns. These types of fuel work fine with the current generation of cars, but hydrogen has sometimes been touted as the fuel of the future. A publication in Nature Nanotechnology describes how researchers have found a way to use the photosynthetic machinery of a bacteria to produce the hydrogen equivalent of up to 79 gallons of gas per-acre, per-day. Their technique involved capturing the electrons produced during photosynthesis and binding them to some strategically placed protons.

The production of fuel has accelerated lately, from waiting millions of years for fossil fuels to waiting a few days or weeks for biomass-derived fuels such as ethanol. However, biomass fuels still present some difficulties: the fuel produced relative to the land area required is pretty small (the equivalent of a little more than a gallon of gas per acre), the conversion to ethanol requires a distilling period, and all the materials for making the fuel must be harvested, handled, and transported, all of which requires a significant energy expenditure.

9. Christopher Walken Performs Lady Gaga's Poker Face

Spoiler

http://www.youtube.com/watch?v=A2guQYivZ6w
You just gotta love Christopher Walken. Be sure to check out the awesome mashup with the real song here.

Ehtyar.

15

Developer's Corner / Google Go

« on: November 11, 2009, 07:35 PM »

We'll dispense with the unnecessary "Google is evil, despite what they say" diatribe and get right to the good stuff: Google have opened up a new programming language that they're calling Google 'Go'. It's based heavily on C but it looks to me like it's a little more "functional" in terms of syntax. Their goals were apparently faster compile times (were they thinking of C or C++?) and a more expessive syntax (hence the "functional" bit I guess).

Ars (as usual) has a good write-up here, and the official site is here. I haven't had a chance to try it myself, but if anyone else has please let us know what you thought.

A Google TechTalk has been posted here.



Ehtyar.

16

Living Room / Tech News Weekly: Edition 45-09

« on: November 08, 2009, 04:12 AM »

The Weekly Tech News

Hi all. Enjoy As usual, you can find last week's news here.

1. Dutch Hacker Holds Jailbroken IPhones "hostage" for €5

Spoiler

http://arstechnica.com/apple/news/2009/11/dutch-hacker-holds-jailbroken-iphones-hostage-for-5.ars
We all knew it was gonna happen at some point; a Dutch gentleman has taken advantage of users with jailbroken iPhones who have no changed their root password but left the SSH service active. He changed the home screen background to an image resembling an iPhone message box demanding €5 in exchange for a fix.

Though jailbreaking an iPhone certainly opens up opportunities to add functionality that Apple doesn't approve of, it can also make an iPhone less secure. Several Dutch iPhone users found that out the hard way after a hacker attacked a number of vulnerable phones on T-mobile Netherlands and tried to extort €5 from them.

It appears one enterprising Dutch hacker used port scanning to identify jailbroken iPhones on T-mobile Netherlands with SSH running. Enabling SSH is a common procedure for jailbroken iPhones, allowing a user to log in via Terminal and run standard UNIX commands. Unfortunately, iPhones all have a default root password that many forget to change after jailbreaking, leaving their phone as vulnerable as a Lamborghini parked on a public street with the windows down, the doors unlocked, and the keys in the ignition.

2. Google Gives You A Privacy Dashboard To Show Just How Much It Knows About You

Spoiler

http://www.techcrunch.com/2009/11/05/google-gives-you-a-privacy-dashboard-to-show-just-how-much-it-knows-about-you/
A bit of a cynical headline even for me, but this story is kind of amusing in that respect. Google have made available a "privacy dashboard" that, in addition to showing you how much Google knows about you, lets you manage your Google info. from a central location.

The more Google products you use, the more data it collects about everything you do online—your search history, your emails, the blogs and news sites you read, which videos you watch on YouTube, your news alerts, tasks ,and even shopping lists. For some of these, you need to explicitly grant Google permission to keep track of data associated with your profile.

But it’s hard to keep up with everything Google is tracking.

So now the company is launching a Google Dashboard, which will give you a high-level summary of everything Google knows about you by virtue of the Google products you use. This might include how many emails are in your inbox, recent subject lines, which YouTube video you’ve watched lately (yes, all of them), appointments on your calendar, and more.

3. Bizarre Legal Defense After EMI Sues Over Beatles MP3 Sales

Spoiler

http://arstechnica.com/tech-policy/news/2009/11/about-those-beatles-songs-its-weirder-than-you-thought.ars
A recent addition to the web, BlueBeats.com, was selling Beatles tracks online for a good chunk of this week, claiming it owned the copyright. It caused a big stir across the net, (the tracks in question have never been made available online) as the tracks were available for just 25 cents each.

When the news broke earlier this week that the so-famous-you've-never-heard-of-it BlueBeat.com was both streaming and selling The Beatles remasters—and for 25¢ a track—we speculated that an entertainingly weird legal theory was at the root of this behavior.

We just had no idea how weird it was.

4. Competition is Gouging Phone Users (For the Aussies - Thanks 4wd)

Spoiler

http://www.theage.com.au/opinion/politics/competition-is-gouging-phone-users-20091101-hrjx.html
Normally I wouldn't post an editorial here, but this is a terrific article from the Aussie paper TheAge, discussing the impact the Australian national fiber network (or FUCK - Future Unilateral Countrywide KevNet^{TM 4wd}) will have on Australian consumers.

WE MUST be mad. Telstra is obliged under the universal service obligation to offer telephone customers a basic telephony service for $30 a month. The Rudd Government wants to replace this with a new service - the national broadband network - which on the most favourable assumptions will cost customers $60 to $70 a month for a basic telephone service.

And to ensure customers will take up the new service, the Telstra copper wires that enable the $30 a month service will be ripped up.

This is called levelling the playing field for fair competition. But this is not the end of the gouging of Australian telephone users.

5. TLS Negotiation Flaw Published

Spoiler

http://www.cgisecurity.com/2009/11/steve-dispensa-and-marsh-ray-have-published-a-paper-describing-a-weakness-in-the-tls-negotiation-process-from-the-whitepaper.html
A flaw in the renegotiation procedure of TLS (the successor to SSL) could allow an attacker to inject a certain amount of chosen plaintext into a GET request as part of a MITM attack. Fortunately, that's where the vulnerability ends, however it is easily significant enough to have prompted a rethink of the entire procedure.

"Transport Layer Security (TLS, RFC 5246 and previous, including SSL v3 and previous) is subject to a number of serious man-in-the-middle (MITM) attacks related to renegotiation. In general, these problems allow an MITM to inject an arbitrary amount of chosen plaintext into the beginning of the application protocol stream, leading to a variety of abuse possibilities. In particular, practical attacks against HTTPS client certificate authentication have been demonstrated against recent versions of both Microsoft IIS and Apache httpd on a variety of platforms and in conjunction with a variety of client applications. Cases not involving client certificates have been demonstrated as well. Although this research has focused on the implications specifically for HTTP as the application protocol, the research is ongoing and many of these attacks are expected to generalize well to other protocols layered on TLS.

There are three general attacks against HTTPS discussed here, each with slightly different characteristics, all of which yield the same result: the attacker is able to execute an HTTP transaction of his choice, authenticated by a legitimate user (the victim of the MITM attack). Some attacks result in the attacker-supplied request generating a response document which is then presented to the client without any certificate warning or other indication to the user. Other techniques allow the attacker to forward or re-purpose client certificate authentication credentials."

6. Web Open Font Format Backed by Mozilla, Type Foundries

Spoiler

http://arstechnica.com/web/news/2009/11/web-open-font-format-backed-by-mozilla-type-foundries.ars
Some news web typography awesomeness is making its way into the next version of Firefox in the form of the Web Open Font Format. The format will enable the use of metadata stored in OpenType fonts to modify their appearance. See the video included in the article for more info.

Efforts to bring advanced typography to the Web have reached an important milestone. Type designers Tal Leming and Erik van Blokland, who had been working to developing the .webfont format, combined forces with Mozilla's Jonathan Kew, who had been working independently on a similar format. The result of the collaboration is called Web Open Font Format (WOFF), and it has the backing of a wide array of type designers and type foundries. Mozilla will also include support for it in Firefox 3.6.

WOFF combines the work of Leming and Blokland had done on embedding a variety of useful font metadata with the font resource compression that Kew had developed. The end result is a format that includes optimized compression that reduces the download time needed to load font resources while incorporating information about the font's origin and licensing. The format doesn't include any encryption or DRM, so it should be universally accepted by browser vendors—this should also qualify it for adoption by the W3C.

7. Complete Genomics Produces a Cheap—well, $5,000—human Genome

Spoiler

http://arstechnica.com/science/news/2009/11/complete-genomics-produces-a-cheapwell-5000human-genome.ars
Very awesome (if utterly terrifying); a company called Complete Genomics has managed to repeat a "reasonably complete" human genome for just under $5000, incredibly cheap when compared to the millions it might have cost a few years ago.

With the newest DNA sequencing technology starting to reach the market, we're seeing a bit of a bifurcation. Some of the methods can do long reads, covering hundreds of bases, and provide data that's appropriate for assembling a genome that's never been sequenced before. Others produce lots of shorter reads, which can only be aligned to a genome that we know the sequence of already. What good is repeating a completed genome? Potentially quite a lot, if that genome happens to be human and, more particularly, yours, since it can provide information on medically relevant issues like disease risks and drug efficacy. The goal here is to make this so cheap that sequencing a person's genome could be routine.

A big step in that direction may have been taken by a company called Complete Genomics, which describes the methods it used to sequence three human genomes in a paper that will be released by Science today. The system described in the paper combines some clever variants of well known molecular biology techniques to read massive amounts of DNA fragments that are, in total, about 65 bases long. But, because the materials used for the reactions are so common, even the enzymes can be purchased cheaply. That allows Complete Genomics to bring an entire human genome in while spending less than $5,000 on materials. All that, plus an error rate of less than one base in 100,000.

8. Secret Knock Detecting Lock

Spoiler

http://www.youtube.com/watch?v=zE5PGeh2K9k
We usually have funny videos at the end of the Tech News, I know, but this week we have a video made of pure awesomeness. Details can be found here

Ehtyar.

17

Living Room / Tech News Weekly: Edition 44-09

« on: November 01, 2009, 05:17 AM »

The Weekly Tech News

Hi all. Enjoy As usual, you can find last week's news here.

1. 'We Have Broken Speed of Light'

Spoiler

http://www.telegraph.co.uk/science/science-news/3303699/We-have-broken-speed-of-light.html
Using quantum tunnelling, German researchers are claiming to have propelled particles faster than the speed of light.

A pair of German physicists claim to have broken the speed of light - an achievement that would undermine our entire understanding of space and time.

According to Einstein's special theory of relativity, it would require an infinite amount of energy to propel an object at more than 186,000 miles per second.

2. MI5 Comes Out Against Cutting Off Internet Pirates

Spoiler

http://www.timesonline.co.uk/tol/news/uk/crime/article6885923.ece
This one is just for laughs... British intelligence agency MI5 has come out in opposition of a proposed three-strikes law in the UK because they fear it will induce broader adoption of encryption online.

The police and intelligence services are calling on the Government to drop plans to disconnect persistent internet pirates because they fear that this would make it harder to track criminals online.

Lord Mandelson, the Business Secretary, has vowed to use the Government’s forthcoming Digital Economy Bill to introduce new measures to fight illegal file-sharing of music and films. He has also proposed that persistent pirates should have their internet connections suspended temporarily.

3. Xerox Develops Silver Ink for Wearable Or Throwaway Electronics (Thanks Hertz Man)

Spoiler

http://digital.venturebeat.com/2009/10/26/xerox-developers-a-silver-ink-that-can-be-used-to-wearable-or-throwaway-electronics/
Xerox have developed a conductive "ink" that could be used to "write" circuits onto flexible plastic boards. Etching FTL!!

Xerox researchers have invented a kind of ink that can conduct electricity and be used to put electronic circuits on top of plastics, film, and textiles. That means in the coming years we’ll be able to wear or bend our electronics. You could even print out your electronic gadget on plastic sheets, as if you were printing a document.

Silicon chips have long been too expensive or heavy to use in devices that are extremely lightweight. The Xerox team solved this fundamental problem with lighter materials, and it plans to sell the new materials to other businesses that could make wearable electronics.

4. With, Not Without U2, YouTube Saw 10 Million Streams Sunday Night

Spoiler

http://www.techcrunch.com/2009/10/29/with-not-without-u2-youtube-saw-10-million-streams-sunday-night/
The recent U2 concert, the first by a major music group to streams online, saw 10 million streams on YouTube during the broadcast. The slightly less awesome part: the stream wasn't on YouTube; it was was hosted by Akamai.

Initial reports said that hundreds of thousands of people watched YouTube’s Live U2 concert on Sunday night. Then reports yesterday raised the estimate to 2.5 million. Double that, and then double it again. 10 million is the real number of live streams that YouTube did that night, according to Variety.

That’s massive, and it’s obviously the biggest live streaming event YouTube has ever done. But even more impressive is just how smoothly it went. I watched about half of the two and a half hour show, and if there were any interruptions, I didn’t see any. I didn’t even see any hiccups, it was that good. I had the show running full screen on my desktop computer, and it was pretty great picture quality for live streaming video.

5. Gang Rips Out 1km of Phone Cable

Spoiler

http://news.bbc.co.uk/2/hi/uk_news/england/sussex/8333774.stm
More laughs. An alleged gang of "thieves" "stole" a kilometer of phone cabling right out of the ground in the UK this week, cutting off 800 homes and businesses. The government then managed to spend £45,000 fixing it.

Sussex Police said the 6in to 8in cable was cut and removed from the area near Drusilla's roundabout in Alfriston in the early hours of Wednesday.

BT said telephone services to up 800 homes and businesses in Berwick were restored on Thursday evening.

The estimated cost of repairing and replacing the cable was £45,000.

6. Say Hello to .كوم As Domain Names Go Truly Global

Spoiler

http://arstechnica.com/web/news/2009/10/domain-extensions-go-global-goodbye-com-welcome.ars
ICANN has approved the "Internationalized Domain Name Fast Track Process" which will see TLDs available in Chinese, Korean, Arabic, Hindi, and more next year.

Before now, typing http://clinteckergoa...bonedbyhisnewbicycle.كوم into a Web browser and actually arriving at a working domain was impossible. But thanks to a vote by the Internet Corporation for Assigned Names and Numbers (ICANN) Friday morning, it could become a reality sometime in 2010. The organization approved the "Internationalized Domain Name Fast Track Process," allowing a plethora of non-Latin characters to be used in domain name extensions and opening more doors to Internet users who don't speak Western languages.

The Fast Track Process, which begins in November, will enable countries to apply for new domain name extensions (such as .com or .net) in their own national language. This means that full domains will soon be available in Chinese, Korean, Arabic, Hindi, and more. Previously, ICANN allowed the registration of domain names with non-Latin characters—so, for example, http://clintecker他的新自行车骨骼山羊.com—but the extension had to remain in Latin characters. Now, instead of being limited to the Latin alphabet, domain extensions will utilize some 100,000 new characters.

7. Android 2.0 Phones Get New Google Nav App

Spoiler

http://www.linuxinsider.com/story/68496.html
Google have now added turn-by-turn navigation to their existing map application on Android. You can read more about the implications in a thread by Lash Man here.

Google on Wednesday announced the beta release of a GPS navigation application for Android 2.0 devices.

The application is part of Google Maps for mobile. Android version 2.0 will appear on the upcoming Droid handset from Motorola and Verizon, and other manufacturers also plan to release handsets carrying the updated, Google-backed mobile OS.

8. School Answering Machine

Spoiler

http://www.youtube.com/watch?v=J7eJE6B49M4
Not the longest or most topical vid ever, but hopefully good for a laugh

Ehtyar.

18

Living Room / Tech News Weekly: Edition 43-09

« on: October 25, 2009, 05:04 AM »

The Weekly Tech News

Hi all. Well, either this week was a really sucky news week or I suck at finding it. Either way, I've got two funny videos this week in the hopes you'll all forgive me As usual, you can find last week's news here.

1. Mozilla Disables Vulnerable Microsoft Plugin for Firefox

Spoiler

http://arstechnica.com/open-source/news/2009/10/mozilla-disables-vulnerable-microsoft-plugin-for-firefox.ars
We all knew it was going to happen, sneaking extensions into users' Firefox installations can't be a good thing. Mozilla has had to disable Microsoft's .NET Framework Assistant Firefox extension due to the possibility it would assist users in getting hacked after a vulnerability was disclosed that effected it.

Mozilla has temporarily disabled Microsoft's WPF plugin for Firefox in order to protect users from a security vulnerability that was recently uncovered in the component. The vulnerability can be exploited when users visit malicious Web pages that contain specially crafted XAML content.

Microsoft issued an Internet Explorer patch to fix the vulnerability through its Windows Update mechanism on Tuesday. The IE patch is said to fully resolve the vulnerability for Firefox users in addition to users of Microsoft's own browser. Mozilla is concerned, however, that not all users have performed the Windows update yet. In order to protect users who are not yet patched, Mozilla has added Microsoft's plugin to its add-on blocklist, causing it to be automatically disabled by the browser.

2. Prepare for Disconnection! French "3 Strikes" Law Now Legal

Spoiler

http://arstechnica.com/tech-policy/news/2009/10/french-3-strikes-law-returns-now-with-judicial-oversight.ars
The French authorities now have the least forgiving three-strikes policy in the world at their full disposal.

France's Création et Internet law didn't pass muster the first time around, as the country's Conseil Constitutionnel ruled that major portions of the scheme violated the 1789 Rights of Man. The first draft of the bill tended too much toward "guilty until proven innocent," and it threatened a major sanction (Internet disconnection and a national blacklist on access) without judicial oversight.

The French government, bent on passing the law, retooled it and rammed it through the legislature a second time. It was promptly reported to the Conseil by the Socialists, but the Conseil today ruled (PDF, French) that the bill largely addresses its earlier concerns.

3. PSA: Voyeurs, Encrypt Your Spy Videos!

Spoiler

http://tech.yahoo.com/blogs/null/153661
Ridiculous headline I know, but it's so fun! So...yay Aussies? An Australian man has skipped out on going to prison for surreptitiously recording his flatmates through holes in the wall, because he had full disk encryption on the laptop he was using to make the recordings and refused to give up his password.

Rohan James Wyllie of Australia doesn't sound much different than your average voyeur intent on capturing a little secret video of his female roommate unawares. He drilled holes in the walls and ceilings, installed cameras, and created an elaborate network of surveillance equipment so he could keep tabs on the girl from the comfort of his bedroom.

After his roommates noticed suspicious lights and buzzing in August 2007, Wyllie was arrested. Eventually he pleaded guilty to charges of attempting to visually record the woman in question in a private place without her consent. Open and shut case, right? Not quite: Wyllie is now going free without a jail sentence.

4. Gaping Security Hole Turned 64,000 Time Warner Cable Modems Into Hacker Prey

Spoiler

http://www.networkworld.com/news/2009/102109-security-hole-time-warner-cable.html
Yay for ISP standard-issue equipment. 64,000 Time Warner subscribers's cable modems were open to full remote administrative access, no password required, until earlier this week.

Time Warner says that within the past week it has patched the problem until the manufacturer can provide a permanent fix, but before that it had allowed administrative access to the routers. Attackers could then run a variety of programs against these routers, says David Chen in his blog Chenosaurus.

Because the vulnerability let anyone anywhere on the Internet take over control of the router, they could launch attacks from within Time Warner customers' homes.

5. Metasploit Project Sold To Rapid7

Spoiler

http://www.darkreading.com/vulnerability_management/security/management/showArticle.jhtml?articleID=220800067
Massively popular, open source penetration testing toolkit Metasploit has been sold to Rapid7, an information security company. They will employ the project's founder and primary maintainer, HD Moore, and 5 others to work on the project full time.

Vulnerability management vendor Rapid7 has purchased the popular open-source Metasploit penetration testing tool project and named Metasploit founder HD Moore chief security officer of the company.

Moore, who is synonymous with the Metasploit Project , will continue as chief architect of Metasploit in his new role at Rapid7. He'll have an initial team of five Rapid7 researchers dedicated to the open-source project, some of whom already have been regular contributors to Metasploit. Financial terms of the deal were not disclosed.

6. Random Users Google Voice Mail is Searchable by Anyone?

Spoiler

http://www.boygeniusreport.com/2009/10/19/random-users-google-voice-mail-is-searchable-by-anyone/
Earlier this week it was discovered that Google itself was actually indexing non-private Google Voice voicemails. The issue has since been dealt with, but a few of the funnier ones are still linked to from TechCrunch here.

Holy crap. It seems that Google is going to have some pretty serious explaining to do this morning, as one of our readers has sent us in a tip that reveals a major security flaw involving Google Voice. After entering “site:https://www.google.com/voice/fm/* ” into Google, our reader was shocked and discouraged to be greeted by 31 voice mail messages belonging to random Google Voice accounts. Clicking on each revealed not only the audio file and transcript of the call, but it also listed the callers name and phone number as it would if you were checking your own Google Voice voice mail.  We’re not too sure if this flaw is something new or if it has been around since Google Voice started, and could just be test messages, but needless to say the matter has to be fixed if it’s legit.

7. U.S. Spies Buy Stake in Firm That Monitors Blogs, Tweets

Spoiler

http://www.wired.com/dangerroom/2009/10/exclusive-us-spies-buy-stake-in-twitter-blog-monitoring-firm
Looks like the authories in the US like to have someone else doing the dirty work when it comes to poking around public message archives, sinking investment dollars into a firm that monitors all manner of social media websites including blogs and Twitter.

America’s spy agencies want to read your blog posts, keep track of your Twitter updates — even check out your book reviews on Amazon.

In-Q-Tel, the investment arm of the CIA and the wider intelligence community, is putting cash into Visible Technologies, a software firm that specializes in monitoring social media. It’s part of a larger movement within the spy services to get better at using ”open source intelligence” — information that’s publicly available, but often hidden in the flood of TV shows, newspaper articles, blog posts, online videos and radio reports generated every day.

8. There Goes the TV...

Spoiler

http://www.youtube.com/watch?v=lZGajz8cgi4
Wii sales pitch fail

9. Peter Russell Clarke - Swearing Aussie Chef [NSFW]

Spoiler

http://www.youtube.com/watch?v=VmH9IHJ6ZtQ
Ever wonder what an Aussie TV chef might say if he f**ked up a line ya p**ck?

Ehtyar.

19

Living Room / Tech News Weekly: Edition 42-09

« on: October 18, 2009, 05:50 AM »

The Weekly Tech News

Hi all. Enjoy As usual, you can find last week's news here.

1. Google Shares Malware Samples With Hacked Site Admins

Spoiler

http://www.theregister.co.uk/2009/10/13/google_webmaster_malware_notification/
Hopefully this won't result in too many heart attacks among dc members, but this is a pretty cool move by Google. In order to aid webmasters in the cleanup of infected websites, Google are now providing samples of material they find objectionable on a website.

Google has rolled out a feature that provides webmasters of compromised sites with samples of malicious code and other detailed information to help them clean up.

The search giant has long scanned websites for malware while indexing the world wide web. When it detects outbreaks, it includes language in search results that warns the site may be harmful and passes that information along so the Google Chrome, Mozilla Firefox, and Apple Safari browsers can more prominently warn users. Google also provides administrators a private list of infected pages so they can be cleaned up.

2. EFF Challenges Texas Instruments Over Calculator Mods

Spoiler

http://arstechnica.com/tech-policy/news/2009/10/bloggers-fight-tis-dmca-takedown-over-calculator-hack.ars
Ever since their code signing keys were broken a few months back, TI have been watching out for anyone posting them as the hacking community gets to work. In a spectacular display of misunderstanding, TI have sent DMCA takedown notices to a handful of bloggers linking to the keys. Bad TI, bad!

Texas Instruments has been making programmable calculators for longer than most companies have been making computers, and the company's current line of calculators uses a chip—the Zilog Z80—that once appeared in personal computers. So it's not surprising that a modding community has taken up the task of replacing the OS that runs the calculators. TI isn't pleased by the modders' efforts, though, and the company recently sent DMCA takedown notices to a group of bloggers who linked to information about the encryption keys needed to validate a new OS. But unfortunately for TI, it appears that the DMCA does not apply, since the keys aren't used to protect the existing OS.

3. Wi-Fi Direct Protocol to Ease Peer-to-peer WiFi Connections

Spoiler

http://arstechnica.com/hardware/news/2009/10/wi-fi-direct-protocol-to-ease-peer-to-peer-wifi-connections.ars
I really don't understand what all the fuss is about here, but apparently this is big news. The Wi-Fi Alliance have announced a new standard that will permit devices to communicate between one another to be called "Wi-Fi Direct". Seems to me this space is already covered either by ad-hoc wireless connections or bluetooth (quite effectively I might add), but we'll see.

The Wi-Fi Alliance has announced a new way for WiFi-enabled devices to connect to one another, even in the absence of a WiFi base station. The new protocol, dubbed "Wi-Fi Direct," will allow any device that implements the standard to connect directly to another device to send and receive data.

Previously codenamed "Wi-Fi peer to peer," the technology allows any device with WiFi to easily connect to another, such as a cell phone or camera to a printer, or even a keyboard or mouse to a computer. Devices can connect one-to-one or in a group. According to the Wi-Fi Alliance, devices implementing the new standard will even be able to connect to legacy WiFi devices in most cases.

4. Secret ACTA Treaty Can't Be Shown to Public, Just 42 Lawyers

Spoiler

http://arstechnica.com/tech-policy/news/2009/10/these-42-people-are-shaping-us-internet-enforcement-policy.ars
I actually thought we'd heard the end of the Anti-Counterfeiting Trade Agreement, but apparently not. It seems that the lack of the possibility for public scrutiny of the legislation will be offset by the investigation of the document by 38 corporate and 4 public interest lawyers.

Turns out that the Anti-Counterfeiting Trade Agreement (ACTA) will include a section on Internet "enforcement procedures" after all. And how many people have had input on these procedures? Forty-two.

ACTA has worried outside observers for some time by threatening to delve into issues not normally covered by "trade agreements." Topping the list are concerns about ACTA's possible use as a Trojan horse to shove tough Internet controls onto countries like the US at the behest of Big Content. It's been hard to tell exactly what ACTA will include, though, because the process has taken place in such secrecy and even when information has been released, the section relating to the Internet has been empty.

5. Microsoft's Danger SideKick and Cloud Computing (Thanks 40hz)

Spoiler

https://www.infosecisland.com/articleview/1409-Microsoft%27s-Danger-SideKick-and-cloud-computing.html
CLOUD FAIL! (disclaimer: this statement in no way implies that I give any credence whatsoever to the term "Cloud Computing") A Microsoft subsidiary "Danger" made a whoopsie in the "cloud" this week, losing the address book data (which is apparently stored only in the "cloud") for each and every user of a SideKick mobile device. They've since made some headway in recovery of the data. I found it most interesting how MS was so happy to release details of the faul, blaming Oracle databases and Sun hardware/OS.

Microsoft has demonstrated that the dark side of cloud computing has no
silver linings. After a major server outage occurred on its watch last
weekend, users dependent on the company have just been informed that their
personal data and photos "has almost certainly been lost."

While occasional service outages have hit nearly everyone in the business,
knocking Google's Gmail offline for hours, plunging RIM's BlackBerrys into
the dark, or leaving Apple's MobileMe web apps unreachable to waves of
users, Microsoft's high profile outage has impacted users in the worst
possible way: the company has unrecoverable lost nearly all of its users'
data, and now has no alternative backup plan for recovering any of it a week
later.

6. Illegal Downloads 150x More Profitable Than Legal Sales

Spoiler

http://torrentfreak.com/illegal-downloads-150x-more-profitable-than-legal-sales-091009/
Torrent Freak certainly can't be considered impartial in this arena, but this could be an interesting insight into why the RIAA so readily backpedaled on their "we won't sue" policy.

TorrentFreak has reported before how pirates have been turned into cash cows by the copyright mafia. However, reliable statistics on how much money the entertainment industry and anti-piracy outfits make from illicit downloads have not yet been disclosed, until now.

The German-based anti-piracy outfit DigiRights Solutions (DRS) recently published an interesting PowerPoint presentation (in German) which shows how copyright holders can make millions from pirates. The document reveals some rather shocking statistics that show how illicit downloads are more profitable than legal downloads.

7. Facebook Now Has 30,000 Servers

Spoiler

http://www.datacenterknowledge.com/archives/2009/10/13/facebook-now-has-30000-servers/
Wow, that's some pretty sweet hardware there Facebook.I found it most illuminating where, toward the end, the article mentioned Facebook generated approximately 25 terabytes of logfiles...daily.

How many servers does Facebook have? For some time now, the stock answer has been “more than 10,000 servers,” a number the company began using in April 2008. Facebook has continued to use that number, even as it has soared past 300 million users and dramatically expanded its data center space.

We now have an update: Facebook has 30,000 servers supporting its operations. That number comes from Jeff Rothschild, the vice president of technology at Facebook, who discussed the company’s infrastructure in a presentation last week at UC San Diego.

8. Judge: Ringtones Aren't Performances, So No Royalties

Spoiler

http://arstechnica.com/tech-policy/news/2009/10/judge-ringtones-arent-performances-so-no-royalties.ars
Fortunately we got a judge with half an ounce of sense. So far, at least, ringtones will not be considered a "performance", and thus will not require the player to pay royalty fees.

If you have been blessing everyone around you with cell phone "performances" of Beyoncé's "Single Ladies," rest assured that your cell phone provider won't have to pay royalties on it. A federal court has ruled that ringtones played aloud in public are not infringing on the content owners' copyrights because they don't constitute a true performance. (In other news, children are still allowed to sing songs without paying royalties.)

Joking aside (actually, that's less of a joke than you might think), the ringtone argument was made by the American Society of Composers, Authors, and Publishers (ASCAP) earlier this year when it sued certain mobile carriers in the US in an attempt to force them to fork over royalties every time a customer's ringtone is played. Even though the carriers were already paying for download rights to the songs, ASCAP argued that each ring was a "performance" and therefore those download payments weren't enough.

9. Checking Twitter/Facebook: the New Post-coital Cigarette?

Spoiler

http://arstechnica.com/web/news/2009/10/checking-twitterfacebook-the-new-post-coital-cigarette.ars
This can hardly be called "news", but I thought it might illicit a few LOLs from DC.

That was good for me—was it good for you? Hang on, I need to tweet this.

If you have heard or uttered some variation of the above phrase anytime recently, you might be a social media user under the age of 35. Shopping site Retrevo.com recently investigated the grip that sites like Twitter and Facebook have on Internet users' lives and found that the under-35 crowd in particular is on the verge of needing social media rehab.

Retrevo discovered that those under 35 took the opportunity to tweet, text, and post to Facebook at times that might be considered inappropriate to an older generation. The most amusing statistic from this is, of course, the "after sex" column—36 percent of under-35 users admitted to checking Twitter/Facebook/texts immediately after getting it on, while only 8 percent of those over 35 fell into this category.

10. WarGames: Alternate Ending

Spoiler

http://www.youtube.com/watch?v=vIkfq1kEUBw
A very un-newsy clip to end this week, but good for a laugh I hope

Ehtyar.

20

Living Room / Tech News Weekly: Edition 41-09

« on: October 11, 2009, 06:05 AM »

The Weekly Tech News

Hi all. Enjoy As usual, you can find last week's news here.

1. DRAM Study Turns Assumptions About Errors Upside Down

Spoiler

http://arstechnica.com/business/news/2009/10/dram-study-turns-assumptions-about-errors-upside-down.ars
Google have conducted a pretty sweet real-world study of DRAM over the past couple of years and have published some very interesting results.

The conventional wisdom about DRAM error rates is that errors are rare, and the majority of the errors that do occur are so-called "soft errors"—randomly corrupted bits that have been flipped by incoming cosmic rays. But a recent large-scale study of DRAM errors released by Google turns this wisdom on its head, and in doing so reinforces the importance of error correction coding (ECC) and regular hardware replacement for datacenter machines.

Google's 2.5-year study of DRAM error rates in its datacenters is the largest such real-world study ever released; prior studies have been based on lab tests done under artificially high-stress conditions, with the results then extrapolated to give a picture of real-world conditions. Google engineers tracked errors as they happened, and logged both the errors and relevant data like temperature, CPU utilization, and memory allocated. After analyzing the data, they drew seven main conclusions about the nature, frequency, and causes of DRAM errors.

2. EU, Microsoft Agree On Browser Ballot, Testing to Start Soon

Spoiler

http://arstechnica.com/microsoft/news/2009/10/microsoft-investigation-nears-end-as-eu-oks-browser-ballot.ars
The EU and Microsoft have agreed on a format for the browser ballot that will come with the European version of Windows. Very interesting.

The European Commission's investigation into Microsoft's bundling of Internet Explorer with Windows may be winding down, as the Commission has announced plans to begin testing the browser ballot proposed this past July by Microsoft. Starting Friday, consumers, OEMs, developers, and "other interested parties" will have a chance to speak their mind on the browser ballot.

In deciding to move ahead with the browser ballot, the EC cited improvements made to Microsoft's original proposal. One of those is pictured above: before the ballot actually appears on the screen, users are educated on what, exactly, a browser does. ("It's what you use to surf the Internet.") Once users confirm that they are connected to the Internet, the ballot itself appears.

3. Australian ISP in Court for Not Disconnecting Users

Spoiler

http://arstechnica.com/tech-policy/news/2009/10/australian-isp-in-court-for-not-disconnecting-users.ars
A landmark lawsuit is taking place in Australia, where the big movie studios are taking an ISP to court for taking action against repeat copyright infringers. If the ISP loses, ISPs can no longer claim immunity when confronted with proof of copyright infringement.

Australia's third-largest ISP finally found itself in court this week after film companies last year sued iiNet for not disconnecting Internet users on their say-so. The case will be a major test of Australia's "safe harbor" copyright law that provides immunity to Internet service providers—but only those that "reasonably implement" a user termination policy for "repeat infringers."

The movie studios told Australia's Federal Court yesterday that a one-year investigation had uncovered 97,942 examples of iiNet customers making copyrighted films available on peer-to-peer networks. 29,914 of those cases involved films at issue in the current litigation. The movie Wanted was the most popular offering, while the truly execrable Hancock was second.

4. New Malware Re-Writes Online Bank Statements to Cover Fraud

Spoiler

http://www.wired.com/threatlevel/2009/09/rogue-bank-statements/
Oh I like this one. Seems too many malware writers were getting caught out transferring funds from bank accounts, so they're rewriting your online bank statements to cover their tracks.

New malware being used by cybercrooks does more than let hackers loot a bank account; it hides evidence of a victim’s dwindling balance by rewriting online bank statements on the fly, according to a new report.

The sophisticated hack uses a Trojan horse program installed on the victim’s machine that alters html coding before it’s displayed in the user’s browser, to either erase evidence of a money transfer transaction entirely from a bank statement, or alter the amount of money transfers and balances.

5. It's Official: Software is Owned, Not Licensed

Spoiler

http://www.net-security.org/secworld.php?id=8286
It seems you can now legally resell a second-hand copy of software in the US; you own it.

Autodesk, a California based software company that has been suing one Timothy Vernor for second-hand sale of (legitimate) copies of the company's software via eBay, has lost the suit.

Out-Law News reports that Autodesk tried to prove that the software in question is licensed (not sold), and that Vernor's attempt to sell it constitutes copyright infringement - but the court found that there isn't enough evidence to back that claim.

6. More Transparency Coming to Blog Reviews Under New FTC Rules

Spoiler

http://arstechnica.com/tech-policy/news/2009/10/more-transparency-coming-to-blog-reviews-under-new-ftc-rules.ars
In a superb demonstration of unenforceable legislation, the FTC is now requiring almost any form of provision of goods without compensation to be mentioned in any related blog post. *sigh*

Bloggers will come under the watchful eyes of the Federal Trade Commission for the first time, as the agency has finalized new rules governing bloggers and the products they write about. "Consumer-generated media" outlets (e.g., bloggers) will now have to disclose if they are being compensated by a manufacturer, advertiser, or service provider when they review an item. So if a blogger gets a laptop from a manufacturer to review and gets to keep it, he or she will have to make that fact public.

The new guidelines don't tell bloggers how they need to make the disclosure, but they do lay out the penalties: up to $11,000 per violation with the possibility of injunctions to boot, although the FTC makes it clear that the fines are a last resort. "Worst-case scenario, someone receives a warning, refuses to comply, followed by a serious product defect; we would institute a proceeding with a cease-and-desist order and mandate compliance with the law," FTC assistant director of advertising practices Richard Cleland told Fast Company. The FTC could also order that consumers be reimbursed in cases where a relationship between blogger and advertiser isn't disclosed and they suffer financial harm because of it.

7. Feds Net 100 Phishers in Biggest Cybercrime Case Ever

Spoiler

http://www.theregister.co.uk/2009/10/08/100_phishers_netted/
As far as money goes, this seems like small fries to me, but this is a lot of scumbags behind bars.

US and Egyptian authorities have charged 100 people with conducting a phishing operation that siphoned at least $1.5m from thousands of accounts belonging to Bank of America and Well Fargo customers.

Fifty-three defendants from California, Nevada and North Carolina were named in a federal indictment unsealed Wednesday. Prosecutors said it was the largest number of defendants ever charged in a cybercrime case. Authorities in Egypt charged an additional 47 people.

8. Botnet-hosting Subscribers Soon to Get Warnings from Comcast

Spoiler

http://arstechnica.com/security/news/2009/10/botnet-hosting-subscribers-soon-to-get-warnings-from-comcast.ars
Fun stuff. And just what, exactly, will someone who isn't able to determine they have a bot on their machine going to do with a piece of paper telling them there is a bot on their machine?

Internet users, don't worry—papa Comcast's lookin' out for you. The company announced that it has begun rolling out a service that will warn its broadband customers when they could be infected with malware based on their traffic patterns. The service, dubbed "Constant Guard," is really aimed at reducing botnet traffic on Comcast's network with the spin that the company wants to protect customers, and a trial has already begun in Denver, Colorado.

The warning will come as an in-browser pop-up that will trigger if there's an unusual spike in traffic from a customer's home, or if mass numbers of e-mails suddenly start going out of that user's account. The pop-up will instruct users to go to Comcast's Anti-Virus Center to help diagnosing and fixing the problem (Comcast has partnered with McAfee for virus removal software).

9. Microsoft Mulling 128-bit Versions of Windows 8, Windows 9

Spoiler

http://arstechnica.com/microsoft/news/2009/10/microsoft-mulling-128-bit-versions-of-windows-8-windows-9.ars
Can someone please explain to me how they intend to accomplish this without a shred of architecture spec to work with? Or is this yet another instance of Wintel anti-trust?

Believe it or not, Windows 7's successor(s) have been in the planning and early development stages for a while now. We haven't posted anything about any of them yet, but we've been watching closely to see if anything really interesting turned up. Exactly two weeks ago, it did. A LinkedIn profile, which has already been taken down, for a Robert Morgan, Senior Research & Development at Microsoft, has shone a sliver of light on the possibility of 128-bit support coming to Windows 8.

10. Wesley Crusher Must Die

Spoiler

http://www.youtube.com/watch?v=tVYCbRjhnsE
For all those who wanted to see Wesley Crusher asplode (Wil Wheaton is still awesome though).

Ehtyar.

21

Living Room / Tech News Weekly: Edition 40-09

« on: October 05, 2009, 04:54 AM »

The Weekly Tech News

Hi all. Enjoy As usual, you can find last week's news here.

1. Bank Snafu Gmail Missive Never Opened

Spoiler

http://www.theregister.co.uk/2009/09/30/rocky_mountain_google_case_fini/
You may remember the story involving a mistakenly emails bank document and a suit against Google..well a lot has happened since then. The bank successfully sued Google, and the judge actually ordered Google to close the entire Gmail account (and the fucktard score here is?....anyone?). So anyway, Google closes the account, deletes the offending email, and through an agreement with the bank, reopens the account. Now the bank is shouting from the hilltops that the email was never opened...well hip-hip-hooray for that....

The confidential email at the heart of a roundabout US lawsuit against Google was never opened, according to the bank that accidentally sent the missive to the wrong Gmail account.

This summer, according to court documents, an unnamed employee with the Wyoming-based Rocky Mountain Bank was asked by a customer to send some loan documents to a Gmail account used by a third party. But the employee mistakenly sent them to different Gmail account, along with another confidential file packed with the names, addresses, tax IDs, and loan info for 1,325 of the bank's customers.

2. Next-gen Trojan Rewrites Bank Statements

Spoiler

http://www.theregister.co.uk/2009/10/01/next_gen_bank_trojan/
Now why didn't I think of that...?

Black hat hackers have created a new strain of Trojan that rewrites online bank statements to disguise fraud.

Victims of the URLZone Trojan would only realise their bank account has been looted after they check their balance with a bank branch or via an ATM.

Cybercriminals distribute the malware by booby-trapping websites (many of them legitimate) using the LuckySpoilt toolkit. Malicious pdf files or JavaScripts are used to push the URLZone Trojan onto the vulnerable Windows boxes of visiting surfers.

3. Holographic Storage, Phase-change Memory Coming Soon

Spoiler

http://arstechnica.com/science/news/2009/09/holographic-storage-phase-change-memory-nearing-the-market.ars
Soooo cool, but we need capacity people!!

Last week's EmTech 09 meeting played host to a panel discussion on the future of data storage. All three of the panelists were from companies that have a poorly known product on the market, and each of them discussed improvements that are in the pipeline, which we'll cover towards the end of this article. But they also provided a more general overview of the challenges facing storage technology at a time when data production is beginning to outstrip our ability to cope with it.

Ed Doller, of memory maker Numonyx, put things into perspective by discussing the launch of the iPhone 3GS. The hardware itself doesn't store all that much, but its capabilities led to downstream issues: within a few weeks of its release, mobile uploads of videos to YouTube had shot up by roughly 400 percent, and it's likely that other data-intensive activities will follow personal video before very long.

4. Irate Android Devs Aim to Replace Google's Proprietary Bits

Spoiler

http://arstechnica.com/open-source/news/2009/09/android-community-aims-to-replace-googles-proprietary-bits.ars
Apparently its commonplace to hack at mobile phone roms, redistribute it, and have the manufacturer turn a blind eye. It seems this is not the case with a largely open-source phone firmware.

Google is facing a major backlash from the Android community after sending a cease-and-desist order to the independent developer behind a popular Android mod. The controversy reflects some of the licensing challenges that are raised by mobile platforms that incorporate both open and proprietary components. It also illuminates yet another weak point in Google's commitment to delivering a truly inclusive and open platform.

Developer Steve Kondik, known by his handle Cyanogen, is an independent Android hacker who builds custom ROM images that users can install on their Android-powered handsets. His customizations are well-liked and bring significant improvements to the platform. A growing number of Android enthusiasts contend that the stock platform doesn't live up to expectations and that the custom ROM, particularly its performance optimizations, are essential to having a quality Android user experience. The problem, however, is that the custom ROM ships with Google's proprietary software components, such as the Android Market and Maps applications.

5. ICANN Cuts Cord to US Government, Gets Broader Oversight

Spoiler

http://arstechnica.com/tech-policy/news/2009/09/icann-cuts-cord-to-us-government-gets-broader-oversight.ars
On the heels of the US government considering passing legislation that would permit the President to "shut down the Internet" (we all know that's not possible, but the US could get the furthest), ICANN has significantly lessened its ties to the US, going for a more international approach.

The Internet Corporation for Assigned Names and Numbers (ICANN) is breaking free of the US Department of Commerce. The many-times-amended Memorandum of Understanding between the two groups was replaced today with a new Affirmation of Commitments that gives international stakeholders more say in how ICANN oversees the worldwide domain name system (DNS).

The US government has exerted control over ICANN since the nonprofit group was set up in 1998. Though DNS was a worldwide system, ICANN was answerable only to the Department of Commerce, and it faced significant criticism for being slow to adopt measures useful to Web browsers in other countries—non-English characters in domain names, for instance.

6. $388 Million Patent Verdict Against Microsoft Overturned

Spoiler

http://arstechnica.com/microsoft/news/2009/09/record-388-million-verdict-against-microsoft-overturned.ars
SO who didn't see this one coming? Hands up, you need a spanking....

Judge William Smith of the US District Court for the District of Rhode Island has overturned a $388 million patent-infringement verdict against Microsoft. A jury had found the company had infringed on a patent held by software maker Uniloc, a Singapore-based security company, sticking Microsoft with the largest patent penalty on record, but the court has now ruled in the software giant's favor. "We are pleased that the court has vacated the jury verdict and entered judgment in favor of Microsoft," a Microsoft spokesperson told Ars.

Uniloc now plans to appeal. "We are disappointed by the decision the trial judge has made to overturn the jury's unanimous verdict in Uniloc's patent infringement case against Microsoft," Brad Davis, CEO at Uniloc, told Ars. "We believe that the jury's verdict in April was thoughtful, well reasoned and supported by the evidence presented. Since the patent status remains unchanged, Uniloc will continue to protect its intellectual property and appeal the Judge's decision to override the jury's verdict to the US Court of Appeals. We are confident that Uniloc will ultimately prevail."

7. @fakeaccount You Got Served! Quit the Fake Tweets!

Spoiler

http://arstechnica.com/tech-policy/news/2009/10/fakeaccounts-you-got-served-shut-down-immediately.ars
Not really new since that Facebook incident, but it looks we can consider social networks fair ground when it comes to being served.

What if we all started getting legal notifications via Twitter? It seems like a recipe for disaster, but Britain's High Court believes it's worth a shot in order to reach one anonymous Twitter user who just won't let up on his (or her) impersonation of conservative blogger Donal Blaney.

The Twitter account in question is called "blaneysblarney," after Blaney's own blog of the same name. A quick look at the Twitter page gives no indication that the account is a fake or parody—it uses a real picture of Blaney and merely states "Blaney's Blarney" under the name field with no bio. For those looking to follow the real Donal Blaney on Twitter, there's nothing that would make a casual user suspect that this account wasn't his except perhaps the snarky tone of its tweets.

8. Apple Tries to Patent Method to Lock Down Your Mobile Device

Spoiler

http://arstechnica.com/apple/news/2009/10/apple-tries-to-patent-method-to-lock-down-your-mobile-device.ars
*sigh* So does this mean we don't have to pay for the hardware? I don't need a phone with a compass...

One of the ways Apple's iPhone succeeded where other phones failed is that it doesn't let carriers install custom firmware that locks out features of the phone. However, Apple doesn't appear to be above giving carriers a way to be able to do that, even with the iPhone. The company filed a patent application earlier this year (published yesterday) for "provisioning" services on a mobile device based on a custom carrier profile.

In the patent filling, revealed by Slashdot, Apple describes a unified system for allowing a carrier-defined list of approved and unapproved features and applications to be uploaded to the device during activation, essentially allowing carriers to restrict whatever features or applications it decided not to "allow" on its network. "[M]obile devices often have capabilities that the carriers do not want utilized on their networks," according to the patent application. "For example, a mobile device may be designed with Bluetooth functionality, but the carrier may wish to prevent its users from taking advantage of that capability. Various applications on these devices may also need to be restricted."

9. Terminator 2 Mega Tribute

Spoiler

http://vimeo.com/5376487
A Terminator 2 tribute by the staff at Vimeo. A woman as John and a guy as Sarah? That's my kind of tribute...

Ehtyar.

22

Living Room / Tech News Weekly: Edition 39-09

« on: September 27, 2009, 06:11 AM »

The Weekly Tech News

Hi all. Sorry about all the data breach stories, hopefully some of them will induce a LOL As usual, you can find last week's news here.

1. Demon Splurges Details of 3,600 Customers in Billing Email

Spoiler

http://www.theregister.co.uk/2009/09/23/demon_password_giveaway/
Normally I don't post about data leaks, but I think such gross incompetence is worthy of an exception. Basically, British ISP Demon Internet sent out an email talking up their new electronic billing system, and attached a document containing the private details, including passwords, for their some 3600 customers.

Demon Internet sent thousands of business and government subscribers an email this morning telling them all about a new e-billing system, and tacked on details, including passwords, for 3,600 customers.

The email - supposedly from Simon Blackburn Demon's director of customer service - has been sent to customers opting for e-billing. It includes a guide to the new service along with user names and passwords.

But the email also has a .csv attachment with 3,681 customer records on it. Entries include names, emails, telephone numbers and what looks very like a user name and password.

2. Bank Sues Google for Identity of Gmail User

Spoiler

http://www.theregister.co.uk/2009/09/23/google_sued_for_gmail_user_identity/
This one's even funnier, though on a more serious note this case a lot of potential to create some very nasty case law. A bank clerk has sent loan details of 1300 customers to a Gmail address, and the bank is now suing Gmail for the identity of the account holder.

A US bank is suing Google for the identity of a Gmail user after a bank employee accidentally sent the user a file that included the names, addresses, tax IDs, and loan info for more than 1,300 of the bank's customers.

In mid-August, according to court documents filed in a California federal court, the Wyoming-based Rocky Mountain Bank was asked by a customer to send certain loan documents to a Gmail account belonging to a third party. A bank employee attempted to do so. But a day later, he realized he had sent the documents to the wrong address - along with a file containing confidential information for 1,325 other customers.

3. WebGL in Firefox Nightly Builds, Demoed With 3D Spore Model

Spoiler

http://arstechnica.com/open-source/news/2009/09/webgl-in-firefox-nightly-builds-demoed-with-3d-spore-model.ars
Mozilla, along with Apple, will soon have a 3D graphics framework available in their browsers called WebGL.

The latest Firefox nightly builds now include Mozilla's implementation of WebGL, an emerging standard that aims to bring 3D graphics to the Web. Although the standard is still at a relatively early stage in the draft process, it is rapidly gaining momentum and has strong backing from a growing number of browser vendors. It's yet another sign that standards adoption is accelerating as the need to bring richer content to the Web drives forward browser evolution.

The WebGL working group was formed earlier this year when Mozilla teamed up with the Khronos Group, the organization behind the OpenGL standard, to define an open standard for native browser 3D. The goal is to develop low-level JavaScript APIs that will provide comprehensive support for OpenGL ES 2.0. High-level third-party libraries, such as C3DL, will be built on top to give Web application developers a more expressive and convenient way to leverage WebGL's 3D capabilities. Mozilla believes that the flexibility inherent in this layered approach will be advantageous in the long term and that the trend towards faster JavaScript engines will make it practical for real-world usage.

4. Big GPL Copyright Enforcement Win in Paris Court of Appeals

Spoiler

http://arstechnica.com/open-source/news/2009/09/big-gpl-copyright-enforcement-win-in-paris-court-of-appeals.ars
An interesting bit of case law has just shot up in France, making it possible for GPL enforcement lawsuits to be won by those receiving the software, not just those developing it.

The Free Software Foundation France (FSF France) is jubilant about a recent court ruling that has affirmed the validity of the open source GNU General Public License (GPL) under French copyright law. This successful GPL enforcement effort will send a strong message about the importance of open source license compliance to the French software industry.

The GPL is a copyleft license that mandates reciprocal disclosure of source code. When a company incorporates code that is licensed under the GPL into their software product, they are obligated to make their own code available under the terms of the GPL, which stipulates that source code must be made available for third parties to study, modify, and redistribute. Companies that ship GPL-based products must provide notice to end users and promise to furnish source code upon request.

5. Oracle Won't Unload MySQL, Sun Losing $100 Million Per Month

Spoiler

http://arstechnica.com/open-source/news/2009/09/oracle-wont-unload-mysql-sun-losing-100-million-per-month.ars
Oracle has officially announced that it will be holding on to MySQL when it aquires Sun Microsystems, despite antitrust concerns from the EU.

Oracle's pending acquisition of Sun recently hit a snag when EU regulators decided that Oracle's assimilation of MySQL warranted closer scrutiny. Oracle CEO Larry Ellison responded publicly in a recent address, saying that Oracle will not unload MySQL in order to appease EU regulators.

Sun acquired MySQL last year in a move that aimed to position the company's Solaris operating system as a more appealing choice for Web servers. The honeymoon was short, however, and key people from MySQL fled in the aftermath of the acquisition. MySQL cofounder Monty Widenius left in February after expressing frustration with the 5.1 release. He founded his own company and formed an alliance with other independent companies in the MySQL ecosystem with the intention of providing an alternate path forward for MySQL in the event that Oracle takes steps that are disadvantageous to the community.

6. FCC to Take a Stand On Net Neutrality

Spoiler

http://www.pcworld.com/article/172290/fcc_to_take_a_stand_on_net_neutrality.html
The FCC has announced it intends to legislate a form of Net Neutrality, which would, perhaps most importantly, prevent ISPs from giving preference to, or discriminating against, certain types of traffic on their networks.

Federal Communications Commission (FCC) chairman Julius Genachowski is expected to announce a plan on Monday to formalize the idea of net neutrality. The move, which supports a campaign promise made by President Barack Obama, will prevent the information superhighway from becoming a toll road giving preferential treatment to those who pay for it.

The move would formalize rules the FCC has already been imposing on a case by case basis. Last Fall, under the previous administration and previous FCC chairman, Kevin Martin, the FCC ruled that Comcast could not throttle (or limit) bandwidth for peer-to-peer (P2P) networking traffic. Comcast is challenging that ruling, but formalizing the guidelines being imposed would help support the FCC decision.

7. Facebook Enables Apps to Peek at Mail

Spoiler

http://www.theregister.co.uk/2009/09/23/facebook_mailbox_api_privacy/
Facebook app developers will soon be able to raid a users' message inbox, after the user has provided explicit permission.

Facebook plans to open up members' inboxes and notifications to developers have drawn fire from security experts as an unacceptable privacy risk.

The social network site published plans to release a notification and Mailbox API in a post on a developers' forum last month. The development has received little attention since, despite marking a huge shift in how much confidential data software applications on the social networking might be able to access.

Users who sign up to applications that make use of the feature give the green-light for software to scan the contents of messages sent through the social networking website.

8. Texas Instruments Signing Keys Broken

Spoiler

http://www.schneier.com/blog/archives/2009/09/texas_instrumen.html
A cute cryptography story for the budding cryptologists among us; Texas Instruments' 512-bit code signing keys have been factored, laying bare their firmware update mechanism.

Texas Instruments' calculators use RSA digital signatures to authenticate any updates to their operating system. Unfortunately, their signing keys are too short: 512-bits. Earlier this month, a collaborative effort factored the moduli and published the private keys. Texas Instruments responded by threatening websites that published the keys with the DMCA, but it's too late.

So far, we have the operating-system signing keys for the TI-92+, TI-73, TI-89, TI-83+/TI-83+ Silver Edition, Voyage 200, TI-89 Titanium, and the TI-84+/TI-84 Silver Edition, and the date-stamp signing key for the TI-73, Explorer, TI-83 Plus, TI-83 Silver Edition, TI-84 Plus, TI-84 Silver Edition, TI-89, TI-89 Titanium, TI-92 Plus, and the Voyage 200.

9. Quantum Chip Helps Crack Code

Spoiler

http://www.spectrum.ieee.org/computing/hardware/chip-does-part-of-codecracking-quantum-algorithm
It seems I'm a bit late on this one, but no matter. Researchers have used a quantum integrated circuit to etermine the prime factors of the number 15. THis is a long way from cracking DSA or RSA, but is an incredible breakthrough for Quantum computing nonetheless.

Modern cryptography relies on the extreme difficulty computers have in factoring huge numbers, but an algorithm that works only on a quantum computer finds factors easily. Today in Science, researchers at the University of Bristol, in England, report the first factoring using this method—called Shor’s algorithm—on a chip-scale quantum computer, bringing the field a tiny step closer to realizing practical quantum computation and code cracking.

Quantum computers are based on the quantum bit, or qubit. A bit in an ordinary computer can be either a 1 or a 0, but a qubit can be 1, 0, or a ”superposition” of both at the same time. That makes solving certain problems—like factoring—exponentially faster, because it lets the computer try many more solutions at once. The race is on to find the ideal quantum computer architecture, with qubit contenders that include ions, electrons, superconducting circuits, and in the University of Bristol’s case, photons.

10. Astronaut Mess

Spoiler

http://www.youtube.com/watch?v=gugmvumKU6s
Ha-larious!!

Ehtyar.

23

Living Room / Permanently Delete Your Facebook Account

« on: September 20, 2009, 07:54 PM »

How to permanently delete your facebook account... 2 methods outlined here...

Ehtyar.

24

Living Room / Tech News Weekly: Edition 38-09

« on: September 20, 2009, 05:13 AM »

The Weekly Tech News

Hi all. Enjoy As usual, you can find last week's news here.

1. IE8 Beats Firefox, Chrome, Opera, and Safari in Battery Life

Spoiler

http://arstechnica.com/microsoft/news/2009/09/ie8-beats-firefox-chrome-opera-and-safari-in-battery-life.ars
Finally, a browser comparison with IE on top that sounds remotely believable... IE8 apparently tops all the major browsers in battery usage.

When you think about benchmarking a browser, you typically consider speed, as well as CPU and memory usage. What about battery life, though? Laptop sales are outpacing desktop sales after all, so it only makes sense to choose software based on battery life, in addition to other factors and criteria. AnandTech tested a Gateway laptop with an AMD processor, a Gateway laptop with an Intel processor, and the Asus Eee PC netbook to compare battery life while running Internet Explorer 8, Firefox + AdBlock, Chrome 2, Firefox 3.5.2., Opera 9.64, Opera 10.0b3, and Safari 4. The two Gateways were running Windows Vista, while the Eee PC was running Windows XP SP3. Simple webpages were tested, as well as ones with Flash.

2. France Passes Harsh Anti-P2P Three-strikes Law (again)

Spoiler

http://arstechnica.com/tech-policy/news/2009/09/france-passes-harsh-anti-p2p-three-strikes-law-again.ars
After the first version of the law was struck down by federal courts, a newly modified version of the french 3-strikes law has been passed by parliament.

The French legislature today passed into law a second version of the ultra-controversial HADOPI "three strikes" law that targets illegal Internet file-swappers. The revised proposal does address the concerns of the "Sages" who sit on France's Constitutional Council who objected to the first version of the law, but it does little to mollify critics. Internet disconnections of up to a year can be ordered by a single judge in a "streamlined" proceeding, while Internet users who fail to "secure" their connections can also be punished if other people use those connections to exchange copyrighted material.

The National Assembly passed HADOPI 2 today by a margin of 285-225; the Senate has already passed the legislation.

3. Google Boosts Book Digitization by Capturing ReCAPTCHA

Spoiler

http://arstechnica.com/web/news/2009/09/google-boosts-book-digitization-by-capturing-recaptcha.ars
Google has purchased online service reCAPTCHA in the hopes the service might assist them with their book digitizing effort.

This morning, the Official Google Blog announced that the search giant has acquired reCAPTCHA. The company provides a service that combines two things that Google would be very interested in: it verifies that information provided to a server has been entered by a human and, in the process, helps identify difficult-to-decipher text from book digitization projects. As such, it's a natural fit for Google.

The basic premise of the reCAPTCHA service is based on two related computer science problems. Book digitization efforts rely on the ability of optical character recognition (OCR) software to help extract the text from a scanned image of a page. For a variety of reasons—damage to a book, improperly placed pages, unusual fonts, etc.—this process fails at a certain rate, leaving an incomplete digitization.

4. Disloyal Employees Are Not Hackers, Says Court

Spoiler

http://arstechnica.com/tech-policy/news/2009/09/disloyal-employees-are-not-hackers-says-court.ars
This court decision sets a precedent for far less harsh sentences for employees who steal data from their place of employment.

The "unauthorized access" provision of the Computer Fraud and Abuse Act (CFAA) has turned out to be quite an asset to those looking to prosecute people for all manner of actions involving computers, even though it was originally meant to target hackers. The Ninth Circuit Court of Appeals has ruled, however, that it cannot be used to prosecute someone for being disloyal with company info after quitting—a decision that is being applauded by CFAA critics who want to limit the statute.

The decision came after a company named LVRC Holdings filed a lawsuit against a former employee, Christopher Brekka, his wife, Carolyn Quain, and their independent consulting business. LVRC had accused Brekka of using company computers "without authorization" in order to e-mail himself LVRC client files in order to use that information for his personal business after leaving the company.

5. Google Apps Bug: You've Got (my) Mail

Spoiler

http://news.cnet.com/8301-27080_3-10356803-245.html
A Google Apps snafu saw several university students given access each others' email. Still want your stuff in the cloud people?

As a result of a bug in a Google Apps e-mail migration tool, some students at Brown University found other students' e-mail in their in-box over the weekend as Google was moving their e-mail from Exchange to Gmail, Google confirmed on Friday.

The problem affected a "handful" of organizations that use Google Apps, a spokesman said. He declined to specify how many were affected or how many individual users were affected.

Brown University newspaper the Brown Daily Herald reported that e-mail for 22 students was misdirected starting on Friday, that the university notified Google about it on Saturday, and it was fixed on Tuesday.

6. Microsoft, Cisco Issue Defenses For TCP Denial-Of-Service Attack

Spoiler

http://www.darkreading.com/security/perimeter/showArticle.jhtml?articleID=219700358
Microsoft and Cisco have both released patches for the still as-yet only partially disclosed TCP stack resource exhaustion vulnerability.

A denial-of-service (DoS) attack threat to Transmission Control Protocol (TCP) implementations reported more than a year ago re-emerged yesterday in the form of security updates from Microsoft and Cisco, with the two vendors each issuing protections against the potentially deadly attacks.

Microsoft and Cisco were the first vendors to address the still mostly mysterious flaws in implementations of TCP that were first revealed last fall by researchers from Outpost24. Details of the attack have been kept under wraps for security reasons, but it basically lets an attacker DoS a PC or router using just a few malicious packets, in some cases permanently damaging victim machines.

7. Australia Mulls Botnet Takedown Scheme

Spoiler

http://www.theregister.co.uk/2009/09/15/oz_botnet_takedown_scheme/
Honestly, I'm running out of negative euphemisms for the Australian Government, if it's even worthy of that title anymore... Basically, they've decided that the best way of getting zombie PCs offline is to disconnect their owners from the Internet, an act for which ISPs (of course, who else?) would be responsible.

Australia is considering the adopting of a code that would oblige ISPs to contact, and in extreme cases perhaps even disconnect, customers with malware-infested computers.

The voluntary eSecurity Code is designed to put a squeeze on the estimated 100,000 zombies in Australia, each of which might be capable of kicking out 10,000 junk emails a day.

Pilot data sharing schemes in Australia are praised for resulting in the reduction of malware-infected systems. Around 68 ISPs were involved in a 2007 Australian Internet Security Initiative (AISI) programme credited with reports of 10,000 compromises every day. The scheme cost a relatively modest A$4.7 million over four years.

8. Pirate Bay Buyer Faces Setbacks

Spoiler

http://news.bbc.co.uk/2/hi/technology/8263471.stm
Torrent site The Pirate Bay is facing significant setbacks in the pursuit of its sale to Global Gaming Factory after a creditor claimed to be owed almost $200,000 by GGF.

The document was filed with a Swedish court by a creditor of Global Gaming Factory (GGF), which outlined plans to buy the site in June.

The creditor - Advatar Systems - is claiming more than 1.3m kronor (£116,000) in unpaid debts.

It is the latest in a long series of hold-ups which have stalled the sale.

Trading in GGF's shares were suspended in August after an investigation was launched into financial irregularities.

9. The Incredible, Amazing, Awesome Apple Keynote

Spoiler

http://www.collegehumor.com/video:1921290
For all of you on the verge of just fragging everyone in a 100 foot radius the next time you hear something about Steve Jobs or apple being so incredible, amazing or awesome, I give you the The Incredible, Amazing, Awesome Apple Keynote.

Ehtyar.

25

Living Room / Tech News Weekly: Edition 37-09

« on: September 13, 2009, 05:55 AM »

The Weekly Tech News

Hi all. Apparently next to nothing happened in the world of tech this week...has half the industry disappeared or what? As usual, you can find last week's news here.

1. Oz Government Sites Floored in Firewall Protests

Spoiler

http://www.theregister.co.uk/2009/09/10/oz_filtering_protest/
Sensationalist headline, yet again, but interesting none the less. Though apparently much weaker than their counterparts in other countries, the Australian branch of Anonymous took to the web this past week to show the Australian Government how they felt about the proposed Internet filtering scheme.

Hackers reportedly knocked over the website of Australian prime minister Kevin Rudd for a few minutes on Wednesday in an apparent protest against government plans for compulsory internet content filtering.

The site of the Australian Communications and Media Authority also disappeared for about an hour Wednesday evening local time, The Australian reports. The website of Communications Minister Stephen Conroy, the man behind the plan, also came under attack.

2. Feds Bust World's Most Prolific Music Piracy Ring

Spoiler

http://www.theregister.co.uk/2009/09/10/rabid_neurosis_busted/
http://arstechnica.com/tech-policy/news/2009/09/prerelease-music-pirates-face-4-years-in-prison-250k-fine.ars
They haven't released a thing for years, but it seems that doesn't stop the authorities from tracking down and arresting the members of a music piracy group with over 25K releases under their belts, many of which were pre-retail.

Six men have been accused of running the world's most prolific music piracy ring, an online crew federal prosecutors allege delivered more than 25,000 copyrighted albums, often before they were officially released.

As members of Rabid Neurosis, or RNS as the group was called, they tapped insiders at music retailers, radio stations, and CD manufacturing plants, who were able to get their hands on music titles before their commercial release in the US. In other cases, they turned to affiliates elsewhere in the world, who were able to supply music that was not yet available in America.

3. Google Modifies Europe Book Plans

Spoiler

http://news.bbc.co.uk/2/hi/technology/8242710.stm
In order to appease those opposed to its ditigal library plans, Google has made its agreement slightly less broad.

Material which is out of print in the US, but still available for sale elsewhere, will not be added to Google Books, unless consent is granted.

Google has already digitised millions of out-of-print titles.

The European Commission wants concerted action to allow more books in Europe's national libraries to be scanned.

4. PM Apology After Turing Petition

Spoiler

http://news.bbc.co.uk/2/hi/technology/8249792.stm
Alan Turing has received a posthumous apology for the treatment he endured as a homosexual after a petition was submitted to the British Government.

A petition on the No 10 website had called for a posthumous government apology to the computer pioneer.

In 1952 Turing was prosecuted for gross indecency after admitting a sexual relationship with a man. Two years later he killed himself.

The campaign was the idea of computer scientist John Graham-Cumming.

5. Microsoft: IIS Vulnerability Under Limited Attacks

Spoiler

http://arstechnica.com/microsoft/news/2009/09/microsoft-investigating-possible-vulnerability-in-iis.ars
A nasty, if not easily exploited remote code execution vulnerability exists in the FTP service of Microsofts IIS versions 5 and 6. The vulnerability is yet to be patched, but can only be exploited by thoise with write permissions to the FTP.

A hacker has posted code on his Milw0rm website that could be used to attack a system running Microsoft Internet Information Services (IIS) server and install unauthorized software on it. The good news is that the attack appears to work only on older versions of IIS—versions 7.x are not affected. The flaw resides in the File Transfer Protocol (FTP) software used by IIS to transfer large files, meaning that FTP must be enabled for an attack to be succesful. The risk posed by this vulnerability isn't completely clear yet, but Microsoft says it is looking into the issue.

"Microsoft is investigating new public claims of a possible vulnerability in IIS 5 and IIS 6 File Transfer Protocol (FTP) and are currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," a Microsoft spokesperson told Ars. The software giant will take steps to determine how customers can protect themselves if the vulnerability is confirmed and will take whatever action it determines is appropriate to protect customers once the investigation is complete.

6. 802.11n APPROVED! Official Notification! (Thanks Joshua)

Spoiler

http://s2n.merunetworks.com/2009/09/802-11n-approved-official-notification/
And for the Pièce de résistance this week. As Joshua so eloquently put it, hell has indeed frozen over ladies and gentlemen. Six years on and 802.11n has been approved.

802.11 had two items under consideration during the Standards Board meetings being held this week.

I’m am very pleased to announce that both P802.11w and P802.11n were approved today.

Although this email vehicle falls far short of expressing the sentiment, Thanks to the hundreds of 802.11members that contributed to these efforts, as well as the 802 EC and the IEEE Staff.

7. Universe Exclusive Preview

Spoiler

http://www.youtube.com/watch?v=mUlYsnMoAwk
Seems this was out like two months ago..and somehow i friggin' missed it!! Here it is for those of who were similarly left out in the cold.

Ehtyar.