Saturday, November 12, 2005

On the Effectiveness of Aluminium [sic] Foil Helmets:

Apparently I've been wrong all these years about foil hats and their effectiveness in blocking mind scanning ;)

A very thorough study on foil hats. A good way to start your Friday :)

Happy Veterans Day to all you veterans, and THANK YOU for your service.


Update: Another person says there are flaws in the original story. ZPi | AFDB Effectiveness What do you think?

Best Introduction to RSS I've seen.

This is a short VideoBlog (Vlog), superbly produced. Amanda does an overview of RSS and what it is, and what it does. Go! Enjoy! :)


Retailers expected to further tighten gift return policies - Nov. 12, 2005

Not that this is really tech related, but as it is the season, its good to make note of it.

CNet's Take on Sony's Withdrawal of Copy Protected CDs

I'm PO'd enough about this that I wonder if it's time for a letter writing campaign or a boycot, or both. Certainly Sony is not getting any more of my money.

People who never, ever care about things like this are up in arms. My wife's parents are afraid and angry! I find that both interesting and quite unique. I've had to remove the thing twice, using the Sophos tool. Even our government, in it's Homeland Security incarnation, tsk, tsk'd at the problem.

I'm not one for this kind of retaliation, but Sony's arrogance angers me so that I think we ought to let them know just how we feel. More on this later, including addresses to write to.


Sony BMG kills daft DRM CD rootkit scheme

This is good news. However, this rootkit incident has left a lingering sour taste in the mouths of many. Yesterday, a US Department of Homeland Security official cautioned rights holders against the kind of security risks that the Sony BMG rootkit created.

On a more personal note, I had the responsibility this week of researching and recommending the purchase of a camcorder. While I have no idea if a Sony camcorder would have done the job, Sony products were out of the running due to their reckless disregard for the security of their customer's computers. Some time will have to pass and a track record will have to be built before I will trust Sony again.

Friday, November 11, 2005

"Pay to drive in Manhattan? Yeah, right."

From the NY Times article: The idea is to charge drivers for entering the most heavily trafficked parts of Manhattan at the busiest times of the day. By creating a financial incentive to carpool or use mass transit, congestion pricing could smooth the flow of traffic, reduce delays, improve air quality and raise the speed of crawling buses."

The reason for posting this? Well, there are some intriguing technical/security issues, "Drivers could be required to prepay traffic fees, either online or at street-level vending machines. Video cameras would capture license plates of vehicles in the payment zones, and allow the city to match cars to accounts, people familiar with the study said. Failure to pay would result in a fine. No toll barriers would be involved."

P.S. Listening to the latest Security Now podcast about WPA encryption. Wanna know more? Check out the podcast, here.
P.P.S. I'm also planning on posting a picture of my motherboard, but have been too busy to take it.

Upgrade the Linksys WRT54G with open source firmware - Engadget

" A couple of years ago, Linksys — under pressure from the open source community — released the firmware under the GPL, and since then, developers have taken it apart and put it back together again, adding new features, including the ability to run the WRT54G as a VPN or VoIP server, a RADIUS server, or even as a full-fledged (albeit very low-end) computer. WiFi Planet has a good rundown of the options available to WRT54G hackers, along with lots of warranty-voiding tips; the site estimates that by upgrading the firmware, you can turn the WRT54G into the equivalent of a $600 workhorse. "
This is neat. Anybody want to experiment on their router, and tell us the results on the show? I have a netgear, so I can't try. But, I thought that we might have some readers that will try it out.


Will the Feds Save Blackberry Service?

On October 27th, I blogged that the U.S. government, a major Blackberry user, might just have to go cold turkey when a court enforces an order that would effectively shut the Blackberry service down pending resolution of RIM's legal problems.

How close I was.

The Wall Street Journal reports this afternoon:

U.S. Government Asks Court To Ensure BlackBerry Service
TORONTO -- The U.S. Government is seeking to ensure BlackBerry emails continue running among its staff if a Virginia court issues an injunction on BlackBerry sales and service in the U.S.

The Department of Justice filed a "statement of interest" in U.S. District Court in Virginia, which is overseeing a patent-infringement battle between BlackBerry maker Research In Motion Ltd., or RIM, and Virginia patent firm NTP Inc. The court plans to examine whether it should enforce a failed $450 million settlement between RIM and NTP. If the failed settlement isn't enforced, NTP plans to ask the court to reissue a previously stayed injunction on U.S. BlackBerry sales and service.

NTP has said any injunction wouldn't apply to U.S. federal, state and local governments. But the filing, submitted by Paul J. McNulty, U.S. Attorney for the Eastern Disctrict of Virigina, said that is easier said than done.

``The U.S. government is a major user of BlackBerry devices and technology to allow its employees to access email, and to send messages, when they are away from their offices,'' the filing said. If there is an injunction ``it is imperative that some mechanism be incorporated that permits continuity of the federal government's use of BlackBerry devices,'' it said.
``There appear to be significant issues with the manner in which any injunction is phrased and implemented,'' the filing said. ``There does not appear to be a simple manner in which RIM can identify which users of BlackBerries are part of the federal government, so that email directed to them can be relayed through the BlackBerry system,'' it said.

In other words, the Justice Department is saying to the federal courts, "Hey, it's OK if you cut off the public but God forbid you should cut us Feds off. Wow, that would be a major inconvenience!"

Ain't democracy grand?

Sony DRM on Macs, Too, But Less Fearsome

Not that I'm sure I'd want RCA (part of Sony) installing kernel extensions on my machine, but the Mac DRM on Sony CDs has been around a while and nothing I have seen makes it a proven threat. In fact; all allegations against it I have encountered have proven false.


Sophos Issues Sony DRM Removal Tool

The link above will take you to an informational page at British Anti-Virus firm Sophos. Read it and use the link to download a tool which disables the Sony DRM, removes at least most of it and prevents it reinstalling.

Sophos is to be congratulated for such swift action on this. I'm sure others will follow.

Windows users are now taken care of on this issue. Word is coming around that Macs are also affected by the Sony rootkit. Details are still sketchy as I've been unable to find enough information in English and machine translations are inadequate. I'll keep looking.


Sunbelt BLOG:Bad Capacitors are still an issue.

I thought this was an old issue, but its apparently not, there's a link to the CNET story, with a picture of bad caps. The degree of leakage is way less than I thought, and I may have had some bad caps on the ASUS board that failed on me 2 weeks, ago, I'll definately have to go back and look at it.


Strange New Products

There's just too much goodness to post all of the links. Go there and check out the following:

Watch Traffic Cameras on your Cell Phone: Traffic Vizzion is available in 20 major metro areas, costs only $5.00 a month.

3-D Wedding Planner: For the control freaks getting married. You can go step-by step through a ceremony in 3-D fashion.

The Memory Maintainer: This little contraption keeps your car's clock and radio presets from getting reset when it's battery gets changed.

A Basketball That Stays Inflated for 365 Days, from Spaulding.


Silicon Valley Sleuth: Yahoo Maps pranks Google

I thought this was amusing, I think this is all in fun. the Dude's site, is bare, though amusing at the layers of the joke. I got there from Google rumors: GoogleRumors ? Yahoo engineers prank Google

btw, beta yahoo maps looks good. Apparently they use Flash versus Google's DHTML but the navigation screen looks great!
Here's a link to Geeks in Anchorage, AK, put your mouse over the map, on the left, it bursts out at you!! Too kewl. If you go to Anchorage's local page you'll notice there's a wireless search, right there ;)

--MissM | Xbox News - Enter to win tickets to the ultimate Midnight Madness event!

There's only a few hours left to register!!

Enter to win two tickets to the biggest gaming event of the year!
Where is It?

It's somewhere in the Mojave Desert. Top secret.


Thursday, November 10, 2005

First Trojan using Sony DRM spotted

The virus writers finally got around to taking advantage of Sony's rootkit, courtesy of Dvorak's blog.


Visual Studio Express

If you have ever wanted to dabble in Microsoft, here is your chance. MS is offering Visual Studio Express for free. Yes, folks, that is "free as in beer" free. The offerings include Visual Web Developer 2005 Express Edtion; Visual Basic 2005 Express Edition; Visual C# 2005 Express Edition; Visual C++ 2005 Express Edition; Visual J# 2005 Express Edition; and SQL Server 2005 Express Edition. Pretty neat, eh?

This offer will only last for one year -- until November 7, 2006 after which time you will have to pay to play. However, you will not have to pay if you downloaded prior to this date. It really is free. So go and have some fun courtesy of the boys and girls in Redmond.

Most questions about this can be answered by the FAQ .

Tuesday, November 08, 2005

New worm targets Linux systems | Tech News on ZDNet

"Lupper blindly attacks Web servers, installing and executing a copy of the worm when a vulnerable server is found, McAfee said in its description of the worm. "

World of Warcraft hackers using Sony BMG rootkit

Want to cheat in your online game and not get caught? Just buy a Sony BMG copy protected CD. Sony BMG's content protection software can make tools made for cheating in the online world impossible to detect. The software--deemed a "rootkit" by many security experts--is shipped with tens of thousands of the record company's music titles. Warcraft's anti- cheating program cannot detect any files that are hidden with Sony BMG's content protection, which only requires that the hacker add the prefix "$sys$" to file names.
Thank you Terry B.

Alice Hill?s Real Tech News - Independent Tech ? USB Port to Replace Car CD Players

"A CD changer is two or three times the cost of the USB interface, said Visteon mobile electronics project leader Ian Randall. Those CDs would have only 70 to 80 tracks. With a 1-gigabyte stick you can get 400 or 500 songs."
Thank you Terry B.

OhGizmo! ? Start Your Car Through The Internet

"So, you should be able to get your car started, unlock your doors or even honk the horn through any WAP enabled device."
Thank you Terry B.

Google Wants to Dominate Madison Avenue, Too - New York Times

Google has created what it says is one of the most sophisticated artificial intelligence systems ever built. In a fraction of a second, it can evaluate millions of variables about its users and advertisers, correlate them with its potential database of billions of ads and deliver the message to which each user is most likely to respond.
Because of this technology, users click ads 50 percent to 100 percent more often on Google than they do on Yahoo.
Thank you Terry B.

Singularity - Home

"Singularity is a research project focused on the construction of dependable systems through innovation in the areas of systems, languages, and tools."

Anonymous Sperm Donor Tracked Down by Son

This is an interesting story on privacy -- or the lack thereof in the Internet age. Using recently available DNA testing kits and some web sleuthing, a young man identified the father whom even his mother did not know. Lots of implications on this one...

Cognitive Dissonance: Buy Your AMD CPU from Dell

No kidding, Folks. Dell, the huge online tech sales machine, will even sell you AMD microprocessors at competitive prices.

Monday, November 07, 2005

Skype explains why security evaluation omitted bug reports

The link is to a short analysis of Skype security.

I long ago removed Skype from all our computers and will not reinstall it until I'm satisfied it is not a risk. They seem to be working on it and hopefully that day will come. Call me skeptical, if you will.

Joe and Riley are using Skype to their satisfaction, as are others we all know. I'm somewhat more paranoid than they are (and quite okay with that).


Lupper Worm Targets Open-Source Software Running on Linux

Don't freak out. SANS rates this one as "low risk", mainly because of the construction of Linux permission structure.

A while back, a buffer overflow flaw was found in XML-RPC for PHP. Most of the affected applications have already been patched. Check the link above for a partial list of affected apps and a link to the SANS report. The cure is to patch your apps and the PHP scripting engine.

As the prominence of Linux increases, there will be more and more of this sort of malware floating around. And by the way; ClamAV detects it.


OnComputers Radio show Podcast 11-06-05

This is the On Computers Radio show podcast for 11-06-2005. If you prefer, you can download the same file here via ftp.

Sunday, November 06, 2005

Sick of automation? Dial 0 for human - The Boston Globe

This is a link to the article in the Boston Globe that was discussed on today's show regarding automated answering systems.

Microsoft's AntiSpyware Rebranded 'Windows Defender'

Apparently, according to eweek, MS new "defender" will include rootkit detection. There are many good links in the article about rootkits and security.

I have a question about MS antispyware, does it run in the background? I've never seen it run explicitly. Help me out, please?


An experimental open thread

In the interest of getting a conversation going. What geeky stuff are y'all interested in or intrigued by?? Let us know.