* Posts by Franklin

621 publicly visible posts • joined 17 May 2007

Page:

Robot airliner anti-missile escorts proposed

Franklin
Thumb Down

@andrew

That's why I specified "industrialized countries". This sort of kit would only be deployed in places that don't need it. I don't see it getting used in commercial airports in what used to be Yugoslavia, somehow.

Franklin

I'd like to see the numbers...

...on how many people this hairbrained idea will get killed.

Even assuming flawless engineering (HA!), flawless implementation (HA! HA!), and zero probability of collision between a drone and a plane it's escorting (HA! HA! HA!), this plan is going to cause deaths. I guarantee it.

Building and operating flying-drone escorts for passenger planes will raise the price of airline tickets. No way around it; te money has to come from somewhere. Higher ticket prices will mean that fewer people will fly and more people will choose some other form of transportation, such as driving to their destination. Automobiles are statistically far more dangerous than planes, so some of those people who choose to drive instead will crash and die.

Now, given the number of folks in the industrialized world who've been killed when their airliners were shot down by "teh terrerists" (a number that's been holding steady at, oh, about ZERO for the last few decades), and given the nonzero number of folks who die in car wrecks every year, this seems like a losing proposition to me.

Ad hoc malware police besiege net neutrality

Franklin
Unhappy

flawed analogies

Comparing the Internet to the phone company, and comparing asking ISPs to terminate malware sites to asking the phone company to disconnect drug dealers, doesn't work. The analogy would only work if the phone. Ompany were being asked to disconnect miscrea ts who were using their phone line to tap, bug, or mizdirect other people's phone calls... And were that the case, I beg the evildoers would indeed find their phone service terminated.

As for Intercage--I have indeed complained to them, on many occasions, about spam and malware sites. In my experience, expecting them to take action is about like dropping a rose petal in the Grand Canyon a d waiting to hear an echo.

University offers one-day Jedi course

Franklin

So, on this Jedi training...

...do they teach impotent, narcissistic naval-gazing of the sort that allows a galactic coup to take place right under the noses of these new Jedi masters?

Just, y'know, wondering.

The Jedi Knights: the chihuahuas of the galaxy. Lots of noise, no bite.

Boffinry bitchslap brouhaha: Higgs and Hawking head to head

Franklin

@Richard Harris

"Of course, there is the possibility that neither of these two "boffins" are correct. Scientists who treat theory like fact are no better than anyone who believes in a religion. It's not a fact if it's based on faith and flimsy rationalisation."

Which is, of course, why we've built the LHC in the first place--to look for the evidence.

That's the neat thing about science. We actually look for evidence to support our assertions.

BlackBerry redoubles iPhone challenge

Franklin
Dead Vulture

"You now have this rich connection [to MySpace]."

Oh, good! Does that mean folks will now start using MySpace as a platform to launch security attacks on BlackBerry phones, too? Whee!

You'll forgive me if I'm underwhelmed by this new announcement.

Anonymous domain registration nixed amid fraud complaints

Franklin
Flame

About bloody time

I've seen estdomains all over the place--namely, nearly every time I find a new server dropping the W32/Zlob malware. Invariably, the servers actually serving up the malicious payloads are registered through estdomains and protected by PrivacyProtect.

This is good news. Better still would be to make it retroactive, and strip the PrivacyProtect service from sites already registered through estdomains.

Anatomy of a malware scam

Franklin

Web hosting @bruceld

"I'd say, the best way to nip this type of activity in the bud is to go after their web hosts (which themselves are probably involved in the scam), then perhaps even their uplink providers. Doing a traceroute shows exactly where and when data flows throughout the internet and can be followed through IP addresses. It is actually very possible to pull the plug on their web sites anywhere along the traceroute.

Why isn't anyone using this technique to track the criminals?"

Oh, many people are, believe me.

The majority of these sites are hosted in the former Soviet Union, where they're beyond the reach of US law enforcement. I've seen these sites hosted on ISPs in Latvia, Moldova, and other former Soviet-bloc countries.

The political reality is that law enforcement in these places simply does not care. In fact, it's quite likely that law enforcement in these countries, such as it is, is highly corrupt and easily susceptible to influence from these same organized crime gangs. The Storm gang even appears to have allies in the highest levels of Russian government, for instance.

In many cases, these Eastern European ISPs receive their connectivity from an American outfit called WV Fiber (wvfiber dot com). WV Fiber responds to abuse reports by saying "We're not doing anything wrong; it's the ISP in Latvia that has the problem, not us." (When they respond to abuse complaints at all, that is. Mostly, they don't.)

Similarly, the domain registrar of choice, EST Domains, is headquartered in the US but responds to abuse complaints (on those rare occasions when they respond at all) by saying "Take it up with the hosting company, not us. We're not hosting them, we're merely providing registration service. What they do with it isn't our problem."

Franklin
Unhappy

Excellent analysis!

Great analysis of the software itself.

The article only barely touches the tip of the iceberg as far as methods of distribution for this sort of malware, though. The gang responsible for this fake antivirus software appears to be either the same group, or a group working with, the gang responsible for the W32/Zlob Trojan, and they've built quite a sophisticated network for distributing and redirecting surfers to sites that try to download both Zlob and fake antivirus software:

http://tacit.livejournal.com/240750.html

Sites like virus-securityscanner.com are often linked to by the traffic handling sites that are in turn linked to from compromised Web sites, blog spam, and hijacked Web forums, and those same redirection sites also direct visitors to sites that attempt to trick users into downloading W32/Zlob, often disguised as movie player CODECs.

This very, very strongly suggests to me that the same people are responsible for both the fake antivirus software and for the Zlob Trojan.

NASA test rocket explodes

Franklin

Surely...

...the title should read "Alliant Systems test rocket explodes," since it was designed and built by Alliant, not by NASA?

In any event, the rocket parts very well could be hazardous. Alliant builds solid-fuel rockets, not liquid-fuel rockets. Perchlorate compounds, which are key ingredients in solid rocket fuel, are pretty nasty. In addition to being strong oxidizers, they're also toxic, and can be inhaled or absorbed through the skin.

GlobalSign revokes cert of rogue security app

Franklin

Not the first time

Other malware, distributed through sites like xponlinescanner dot com and xpantivirus dot com, has also been digitally signed in the past, with publisher "Mistland Limited". This signed fake antivirus software has been circulating since at least March of this year. (Both these Web sites are still active, though the front page merely redirects to Google; the rogue software is distributed through various PHP scripts hosted on those sites.)

Mac users urged to ditch Safari

Franklin

@blackworx

"You don't need to work backwards. Parse the URL from the beginning to the TLD. If .com etc appear before the penultimate separator, you've got a bogey. Anything after the TLD is irrelevant to such a check."

Sorry, won't work. A lot of URLs have a ".com" before the TLD, particularly URLs leading to non-US sites. A few examples: www.thepeak.com.hk, yahoo.com.cn, harbourcity.com.hk, hotelopera.com.co, doctors.net.uk, and so on.

Once again, the problem here is not technology, and no technological fix will cure it. I'm consistently surprised and disappointed by the number of folks who don't seem to realize that there is no software patch to fix human credulity. Internet scammers prey on ignorance of the basic structure of the Internet, and on human gullibility; neither ignorance nor gullibility will ever be fixed by a Web browser.

Franklin

@Sean Baggaley

"Seriously, how about all you f*cktards and willy-wavers shut the hell up and get on with FIXING THE BLOODY PROBLEM, rather than pointing fingers at anyone who hasn't spent as many decades studying IT as you have?"

Because the problem is ignorance and gullibility, not technology. Ignorance and gullibility don't have technical solutions.

Any "anti-phishing" technology is only as good as the current list of known malicious sites or the current URl scheme being used right now. That is to say, at best it's a stopgap and at worst it creates a false sense of security. The real problem is that people are gullible and naive, and believe without question anything they read in email no matter how outlandish it may be.

And no software patch can fix that.

Apple DNS patch doesn't patch Mac clients

Franklin

sigh...

Mac OS X is not a Linux distri, is not related to Linux, and is not based on the Linux kernel.

Is it too much to ask all the haterz to do a bit of fact-checking before posting their hysterical, overblown emotional screeds? We really need a better class of Mac haterz here.

Exploit code targets Mac OS X, iTunes, Java, Winzip...

Franklin
Flame

Shouldn't be a real threat

"It works only when a man-in-the-middle attack has first been carried out." So there's nothing to fear; all the big, responsible ISPs will surely have fixed their DNS problems by now.

Oh, wait...

eBay auction fraudster jailed for four years

Franklin

So the lesson we can take away from this, then, is...

...make a $400,000 profit, get a $220,000 dollar fine and spend four years in prison. That puts him out of prison in about 1 year and four months, given average time off for good behavior, meaning that, in the end, he nets the equivalent of $138,400 or so a year for sitting in a jail cell.

Not bad. Hell, a jail cell might be more cozy than my office, and I don't make anywhere near $138,400 a year!

NZ judge saves girl from bloody silly name

Franklin
Stop

And on the flip side of the same coin...

...one person, blessed with a sensible name, is attempting of his own volition to change it to "Microsoft Zune."

After having the Zune logo tattooed onto his body, no less.

http://blog.wired.com/gadgets/2007/11/zune-tattoo-guy.html

And people think Apple and Linux fans are extremists... I wonder what his new name will do for his prospects with the opposite sex.

Court defends America's right to online smut

Franklin
Thumb Down

So I think I'm missing something...

When did discussion of sexuality become "harmful" to minors? Exactly what "harm" are we talking about here?

Registrars turn blind eye to sites selling illegal steroids

Franklin

Interesting dilemma...

On the one hand, the comments here do have a point; a registrar can't and shouldn't be held accountable for policing the Web. That way madness lies; should a registrar suspend a domain that details human rights abuses in China? How about a Web site that hosts porn that's legal in some jurisdictions but not others?

On the other hand, though, there are some cases that are clearly not borderline. And even a handful of registrars that appear to have set up a lucrative business specifically aimed at the criminal underworld. I'm looking especially at EST Domains here, the registrar of choice for VXers. Every domain I've seen whose purposes is to distribute computer viruses, most often the W32/Zlob virus--is registered by EST Domains. (I'm not even talking about sites that talk about virus writing, or that distribute sample code or toolkits to other VXers; I'm talking about sites that pretend to be porn sites, which try to trick useers into downloading Zlob masquerading as "movie player software").

Seems to me that in that kind of case, the registrar is acting in bad faith by knowingly and intentionally selling services to criminals which they know will be used in the furtherance of illegal activity. Which puts them, in my opinion, in a different place.

Registrars that engage in these sorts of activity don't even enforce their own terms of service, which is particularly telling.

Tesco causes couple condom catastrophe

Franklin

@ Sarah Bee

"I think most people would have a bit of a moment of paranoia at the very least."

Well, now, that's a rather stunning indictment of the human condition, I must say. Are most people really so insecure that the first thing they leap to is "My mate is cheating on me," rather than something simpler and less damning?

Seems like all the nutjobs that hang around Groom Lake, Nevada: "Hey, check it out! Area 51 is a secret military airbase where they test new prototypes of secret aircraft, and I see something in the sky I can't identify! That means it must be...SPACE ALIENS!"

If it were me, I'd assume any number of things before pitching a fit at my lover about it. I'd like to think I'm in the majority here, but if what you say is true...wow, that's lame.

NASA: The Moon is not enough

Franklin

@ Matthew

"It is worth noting that after the Apollo programme had been cancelled the money was simply absorbed into everything else, no-one had a tax cut or anything beneficial."

Actually, the Apollo program was cancelled--with a couple more missions already slated and the Saturn rockets for them already built--in order to divert money into the Viet Nam war effort.

So, which expenditure would have benefitted us more, do you think? Seems like a no-brainer to me...

Honestly, given the amount of money we're flushing down the toilet fighting an expensive and ultimately pointless war in Iraq, the comparative dribble of change--less than that needed to finance a few weeks' worth of overseas misadventures--that it'll cost to return to the moon seems like a damn good bargain to me.

Review site furious over McAfee SiteAdvisor 'false alert'

Franklin

Same old same old story

My site was erroneously flagged last year by Site Advisor as a "spam source" in spite of the fact that my site sends out no emails whatsoever--not newsletters, not opt-in emails, nothing.

It took six months and threat of legal action to get Site Advisor to change the rating. They have (or had at the time) no formal appeal or review process, and even though they admitted immediately that the rating was flawed (they blamed it on an automated "software glitch), it still took months for the error to be corrected.

Classic McAfee, in my experience. Why this company continues to exist is a mystery to me.

Interestingly, the Wikipedia entry on SiteAdvisor has been sanitized (by a self-identified McAfee employee) to remove all references to problems and false positives. Classic Wikipedia, too, now that I think about it.

ISS expands parking capacity

Franklin
Joke

"I'm sorry, Dave..."

(Insert obligatory reference to recalcitrant sentient computers and pod bay doors here.)

Hackintosh maker gets legal greeting from Apple

Franklin

Minor inaccuracy in the article...

The PsyStar computer isn't "capable of running off-the-shelf copies of Mac OS X." Their Web site is down right now, but last time I checked, it advised buyers not to try to install OS X on their own, because of the complexity of the procedure.

I seem to recall that they'd pirated the firmware they were using in their boxes, as well.

A lot of folks keep saying Apple should release OS X on its own. I suspect these folks have never run a business and never read any computer news over the last few decades. Everyone who has tried to release a commercial, non-open source operating system to compete with Windows--Be, NeXT, *everyone* without exception--has failed.

Be the first millionaire on your block to go Tiltrotor

Franklin
Black Helicopters

Yes, but does the civilian version...

...come with the military version's neat "flip over on landing and kill the pilot and passengers" feature?

Californian boffins find Elixir of Eternal Youth

Franklin

Telomeres and immortality

Telomere shortening is easy to fix. The enzyme telomerase repairs telomeres during cell division, and as Nicholas Thomas pointed out, stem cells already express telomerase. It's easy enough to synthesize, too.

I don't accept the notion that we all have to die to make room for the next generation. We see from history that longer lifespan is generally correlated with lower birth rate; children are more valuable in societies with short life spans. Developed countries have lower birth rates than Third World countries as it is; if life expectancy increases, this trend will doubtless continue.

And I think that's a good thing. Frankly, human lifespan is appallingly short. We don't get the opportunity to learn from our mistakes that we would with longer lifespans, and we don't get the full benefit of the contribution from every member of society that we would with longer lifespans. Figure it takes two decades to turn an infant into an educated, skilled, productive member of society--and then he typically only stays that way for perhaps four decades before he retires.

And where do we get the notion that an infant is worth more than an adult? Why is it that the adult should die to "make room" for the infant, when the adult has the advantage of the skills and education the infant still lacks?

Paypal glitch hits merchants with 12-day headache

Franklin
Thumb Up

Paypal...

...is the service that finally prompted me to say "screw it" and get a full-fledged credit card merchant account of my own, several years ago.

And boy, am I glad I did. Turned out to be easier than I expected it to, I use an online transaction gateway that's never had any problems, and best of all, the various fees and expenses involved in having my own merchant account are actually lower than the fees PayPal had been charging me.

In retrospect, I can't believe I ever bothered with PayPal in the first place.

Mass SQL injection hits English language websites

Franklin

Remember, kids...

This is your brain.

Th15 15 ur br41n 0n M1cr0s0ft SQL S3rv3r.

Boeing raygunship fires first blasts in ground testing

Franklin

No blinding...

According to Boeing's published tech specs, the laser produces a four-inch-wide infrared beam. Nobody on the ground would even see it, and it's unlikely that mirrors would help; gold is one of the few efficient infrared reflectors, and it's hard to imagine Third World countries plating all their gear in gold.

Drive-by download attack compromises 500K websites

Franklin

Been going on for a while

The same guys who hacked (and continue to hack) iPower-hosted Web sites appear to be behind the phpBB and phpNuke attacks. They're also targeting outdated, vulnerable WordPress installations, leaving message board spam and Weblog spam advertising poisoned Google Groups, and leaving links to Zlob droppers in places like Facebook and MySpace.

The compromised PHP forums are merely the tip of the iceberg, and many of them do not rely on JavaScript to download copies of the zlob Trojan. The compromised PHP forums, WordPress installs, iPower Web sites, Facebook profiles, and so on are the inputs to a large and rapidly-changing network of servers, mainly hosted in Eastern Europe, that actually do the dirty work. A user coming in from a PHP forum or a compromised Web site might be redirected straight to a virus downloader, but usually he isn't; instead, he's redirected to a traffic manager site, which then silently redirects him, often through two or three intermediary servers, to the final destination, which hosts the exploit software and the malware it downloads.

A handful of these servers will look at the browser's user agent, and attempt to download the Macintosh DNS changer malware onto Macs as well.

I've documented this underground network, complete with flowchart, extensively at

http://tacit.livejournal.com/240750.html

Yahoo! greenlights search security warnings

Franklin
Pirate

Pfft.

SiteAdvisor is a second-rate service; perfect match for a second-rate search engine. When SiteAdvisor wrongly branded one of my Web sites as "dangerous" last year, took 'em more than six months to fix the problem even after they acknowledged their error. I'm not the only one; SiteAdvisor has a sad history of erroneously flagging all kinds of sites, from PC Magazine to tomcoyote.org to LavaSoft, the makers of Ad-Aware, as "dangerous."

But put in a phishing page or a known RBN-associated malware downloader site like sexlookupworld.com, and you'll see "no info."

It is, in short, shamware, which fails at its most basic purpose. A fitting companion to Yahoo, methinks.

Welsh student exposed to nude webcam operators

Franklin

Degrading and sexist...

...is how I see the people who think that there's something inherently degrading about doing this sort of work.

"Oh, women shouldn't do sex work, it's degrading" essentially translates into English as "Women are not qualified to judge for themselves what they want to do, nor to make their own decisions. Bless their pretty little heads, they're just too fragile and too stupid to see how degrading this is. So we need to protect the little honeys from this sort of work, because, y'know, women just aren't qualified to think for temselves about this kind of thing."

And that's demeaning and sexist.

You can't have it both ways. Women can't simultaneously empowered and be victims. If women are the equal of men, that means they can make decisions for themselves. Including the decision to take their clothes off, or not, as they see fit.

Even of other folks disagree with those decisions.

Would I want someone close to me to do it? Sure. My girlfriend has done exactly this kind of work, in fact.

While she was in college.

Working toward her Ph.D.

In biophysics.

And yes, that is totally hot. I dig brainy women. That aside, though, the sad silly plonkers who shower judgment and condemnation on the women who do this kind of work are revealing more about themselves and their own perceptions of the inferiority of women than perhaps they realize.

Fake subpoenas harpoon 2,100 corporate fat cats

Franklin

Not really a technological problem...

...though it is being exploited technologically. The ultimate problem is gullibility, which is not connected in any way to intelligence or stupidity.

Funny, I just got finished writing about this very type of attack, not half an hour before I read this article.

http://tacit.livejournal.com/239172.html

Biologists track down elusive lungless frog

Franklin

"Backward evolution"

In this context, "backward evolution" means loss of an organ which a previous ancestor had. If this species of frog shares a common ancestor with other frog species, and that common ancestor had lungs, there you go.

Not really great usage of the term, to be sure, as words like "backward" do carry connotations of evolution working in a predefined direction (which it does not), but at least it's possible to see where the author is coming from. Though I think you could say our own loss of the appendix and our tails is also "backward evolution."

Compromised legit sites power hack attacks

Franklin
Flame

Some days you're the grasshopper...

...some days you're the ant.

It's hard to know where to place the blame for this. I see a lot of compromised legitimate Web sites, most of which redirect to the same small list of hostile servers (invariably hosted in Eastern Europe, of course). On a good day, the malware writers can plant upwards of 200,000 malicious redirectors on legitimate Web sites.

Most often, I see these attacks compromising sites run by lazy, careless, ignorant, or indifferent Webmasters. Outdated, insecure versions of phpBB, osCommerce, and phpNuke are used to subvert legitimate Web sites so often I cringe every time I see them, and blame in such cases clearly falls on the Web site owners themselves. (Webmasters who install these scripts: for the love of God, keep on top of security updates!)

In other cases, the ISPs have security problems on their servers that allow attackers to compromise every single Web site hosted on their servers at will (iPower, I'm looking at you here). Hard to know if these ISPs are indifferent, or if some employee on the inside is making money to look away.

And that's not even counting those Web sites--many of whom are run by folks who should know better--that provide places for people to enter information (like guestbooks and that sort of thing) who don't sanitize the input and filter out HTML; those folks are just begging to have their Web sites hijacked.

Poisoned websites staying contaminated longer

Franklin
Alert

The attacks are getting more sophisticated, too

There's an entire underground network of computers and servers behind these attacks; in my experience, a poisoned Web site doesn't usually drop malware itself. Rather, it redirects the hapless visitor to another server, which makes extensive and detailed logs about where the visitor came from, before then choosing one of a list of payload sites to further redirect the user to.

I've made a fairly detailed map of part of this underground network at

http://tacit.livejournal.com/238112.html

And, not surprisingly, iPower, Inc. is still leading the world in the number of compromised, poisoned Web sites being hosted by a single Web host. In fact, almost four months after a major security breach which saw thousands of sites hosted by iPower compromised, the breach has not yet been fixed and hackers can compromise and poison any site hosted on iPower servers at will.

Mozilla CEO blasts Apple for putting security of the internet at risk

Franklin

Use of force

So, lesse. A software update application asks you if you want to install a piece of software. It gives you a little ticky-box thingy so that you can say "no."

Clearly this is a novel new usage of the word "force" I am not acquainted with. You'd think that Steve & Co. Would be showing up at folks' houses, gun in hand, and saying things like "Install Safari or I splatter your brains all over the computer!"

"Force." Christ, people. Perspective.

Mac security site littered with malware

Franklin

Not just this Mac site...

I've noticed this same attack against a very, very large number of forums--primarily those running phpBB and PHP-Nuke in the last four or five weeks. Planting bogus spamvertisements that redirect to malware sites into forums and guestbooks is nothing new, of course, but in the last few weeks, using security holes in badly-secured forum software to plant redirectors to Mac and Windows Trojan downloaders really seems to have skyrocketed.

Most likely, the attacks are automated; many of the redirectors placed in the forums have the same copy. In several cases, they redirect to the same fake codec downloader sites talked about in the Register article at

http://www.theregister.co.uk/2008/03/06/googe_iframe_piggybacking/

The attacks are becoming both increasingly frequent and increasingly sophisticated. In some cases, the redirectors look at a user's referrer and only forward to the virus-dropping sites if the user comes from certain domains (most commonly Google). In other cases, the payload site serves up a fake porn page and then redirects the user to either a Mac or a Windows Trojan download script based on the browser's user agent. Sometimes, the sites won't redirect to the payload dropper script if they're accessed repeatedly from the same IP address, presumably to throw off security researchers and/or ISP abuse teams.

I've seen payload sites that host these Trojans all over the place, but so far every one I've seen without exception is hosted on a domain registered by the same domain registrar--estdomains.com.

The Mac version of the Trojan is still quite rare, but I've seen a few systems that are infected. The Mac version is easy to remove without antivirus software. Mac users who wish to protect themselves with antivirus software can use the free ClamX AV, which has a fairly low footprint (for antivirus software) and does the job nicely. ClamWin on the PC is a free AV program that works as well.

I recommend that Mac users stay away from Norton Antivirus. I've had a large number of clients who've had very serious problems with it, including kernel panics, data-corruption issues, network file copy issues, and problems with poorly-constructed antivirus .dat updates which can falsely flag harmless files as "viruses."

Paranoid partners to get GPS snooper

Franklin

Or, here's another idea...

Get involved with partners you can trust, and save the $400.

Hackers find clever new way to hose Google users

Franklin

Same group that's going after iPower

The attacks which are still ongoing against Web sites hosted by US Web host iPower use the same technique to mask themselves from anything but a Google search, and redirect to the same payload sites.

The basic system is straightforward. Hack into a poorly-secured Web site or inject code into an unsanitized script that redirects to traffloader.info, which is a round-Robin-style redirector that in turn redirects the unfortunate visitor to one of several malware droppers. Some of the more common ones I've seen are scanner.spyshredderscanner.com, xpantivirus.com, or sites masquerading as porn sites which try to drop a Trojan disguised as a movie codec.

In each case, the redirectors or compromised Web sites are protected by an .htaccess file that checks the browser's referrer. If it's "google.com" they redirect, if it isn't they redirect to a 404 error.

iPower has been massively compromised for months, and are still compromised; I've made lists of thousands of Web sites they host which have been hacked and had these redirectors placed on them. The fact that the techniques used are the same and the payload sites are the same strongly suggests that the folks who waltzed into iPower and pwned their servers are the same folks behind this iFrame exploit.

In this day and age, it kind of surprises me that there's still anyone left in the world who is foolish enough not to sanitize any user-supplied input anywhere on their sites--even in search boxes.

US navy electro-cannon test successful

Franklin

Technology marches on...

"Now DARPA have got it to work about as well as the conventional alternative, in a demo. Nothing to see here, move along ..."

The same could have been said for the first gunpowder weapons. Early bombard cannon were a lot more dangerous to their crews than to castle walls, and in any event were scarcely more effective than trebuchet...but people kept developing them anyway, eh?

We're approaching the end of what's possible with chemical explosive weapons, just as the trebuchet was approaching the end of what was possible with muscle, gravity, or spring powered weapons...and new technologies are the way forward. For, y'know, killing people dramatically.

In any event, I want one for my next party...

Is this the world's most expensive desktop PC?

Franklin
Thumb Down

Dear God...

Until this very moment, I thought Dell made the ugliest commodity PCs on the market. Looks like I was wrong.

FBI rings warnings over VoIP phishing cons

Franklin
Flame

Two-way authentication...

...is useless in the face of people so hopelessly ignorant about security, they do not even know how to recognize the padlock icon indicating a secure connection in a Web browser.

Two-way authentication is only valuable to folks already cognizant enough about security that phishing and vishing attacks are unlikely to succeed against them anyway.

Showdown over encryption password in child porn case

Franklin

It's been interesting...

...too see how this has played out in the media.

The first media report I read about this case, about two or three weeks ago, claimed that the border patrol agent had seen the unencrypted files, and that some of the files were of cartoon characters who appeared to be under age. (This brings a lot of questions to my mind: How old does a cartoon need to be in order to be of legal age? Does the law protect cartoons? Do you need to see a cartoon driver's license before you can show a cartoon having sex?)

Then, as time has gone on, the stories I've read have changed in character. The customs agent didn't see the pictures; he only saw the file names. The pictures weren't cartoons; they were actual pictures of real child porn. (There's a contradiction here: if the customs agent only saw file names, how does he know they were real pictures of actual child abuse?) The files weren't encrypted at first; they were stored in an encrypted disk image that was available at the time the computer was first inspected but are not available now. No, no, wait, they were always encrypted.

This makes me extremely suspicious and skeptical of the custom agent's claims.

On top of that, seems to me that the real meat and potatoes of police work is in, you know, finding evidence of a crime. If the police need the suspect's active cooperation in order to build a case, sounds to me like the police aren't, y'know, doing their jobs.

Sears sued for website that leaked customer purchases

Franklin
Joke

Well, that's nice to see!

It's good to see an old-school retailer catching up with the latest Web trends. Perhaps Sears can remake itself into the next Sony!

Secret Crush widget spreads adware on Facebook

Franklin
Joke

Who'd've thunk...

...that we would one day be seeking refuge in the arms of the Russians.

I use LiveJournal. No apps, no gizmos, no widgets, no endless barrage of spam. What's a public outcry or two over net-nannying and censoring compared to getting spammed or infected with adware by your own friends?

Cybercrooks lurk in shadows of big-name websites

Franklin
Dead Vulture

Pfft. That ain't nothin'

The latest trick is hacking Web sites, stuffing them with pages containing popular keywords, then redirecting to virus-infected servers...but only if the referring domain is "google.com". Anything else, and the hacked page redirects to a 404 error.

Ran into this particular trick myself recently, as documented (with technical info) at

http://tacit.livejournal.com/226180.html

Bought some uranium ore? You'll need the anal douche, then

Franklin

But wait! It gets worse!

Amazon customers who bought armored land tanks ALSO bought anal douches!

http://www.amazon.com/JL421-Badonkadonk-Land-Cruiser-Tank/dp/B00067F1CE/ref=pd_sbs_misc_title_1

Quacks probe brain-boosting tech ethics

Franklin
Boffin

"Flowers for Algernon"...

...is a work of fiction. A work of fiction is a story that is not true. You know, a story that someone made up.

Suggesting that we should ban improvements to cognitive function because of a fiction story like "Flowers for Algernon" is a bit like saying we should ban robotics because of Battlestar: Galactica. (Oh noes! Bobby's Lego Mindstorm set is going to turn into a Cylon deathbot! Quick, ban it!)

The fact that people will even make arguments like this shows quite nicely the driving need for enhanced cognitive function, seems to me.

Racist Reg ignores Nigerian helicopter pioneer

Franklin
Alien

I'm a bit skeptical that it's actually a helicopter...

...in any but the most technical sense of the word. Given its size and relative paucity of horsepower, it strikes me as something of a big, ungainly ground-effect craft, like a hovercraft with the propeller on the top instead of the bottom. Wouldn't be surprised to learn it's never cleared more than seven feet because it *can't*.

Page: