The researchers demonstrated how easy it was to track down a cellular device within a 10-block area in Minneapolis using a T-Mobile G1 smartphone and open source technology. They never contacted the service provider to conduct the test.
via Attackers have all they need from leaky cellphone networks to track you down.
PDF can be had here.
Groupware – The Horde Project.
Horde Groupware is a free, enterprise ready, browser based collaboration suite. Users can manage and share calendars, contacts, tasks and notes with the standards compliant components from the Horde Project. Horde Groupware bundles the separately available applications Kronolith, Turba, Nag and Mnemo.
For almost three months, versions of three widely distributed open-source applications from Horde.org contained a backdoor that allowed attackers to remotely execute malicious PHP code on systems that ran the programs.
via Malicious backdoor in open-source messaging apps not spotted for 3 months.
This is interesting…
“The impact through Linux distribution should be not so important,” Wednesday’s post went on to say. “Only users who have download the source code from FTP are mainly affected.”
Horde’s advisory said the releases were altered after unidentified hackers breached an FTP server used to distribute the installation packages.
Trend Micro today announced that is has open sourced the code to its popular free security tool, HijackThis. The tool scans systems to find settings that may have been modified by spyware, malware or other programs that have wiggled their way onto a system and caused problems.
via Trend Micro Migrates Security Tool HijackThis to Open Source | SecurityWeek.Com.
“As new malicious code is released faster than ever before, the need for analyzing log data to identify new malicious code is more important than ever,” the company said in a statement. “Through this offer to the open source community, the product has the opportunity to develop and become an even better solution to quickly identify new malicious code.”
Download HijackThis.exe here. (sourceforge)
Official website here.
In contrast to conventional computers that are based on transistors with distinct “on” and “off” or “1” and “0” states, quantum computers are built from devices called qubits that exploit the quirky properties of quantum mechanics. Unlike a transistor, a qubit can represent a multiplicity of values simultaneously.
via Physicists Create a Working Transistor From a Single Atom – NYTimes.com.
Interest-based social networks have a markedly different focus and approach than Facebook. The Pinterest, Thumb and Foodspottings of the world enable users to focus and organize around their interests first, whereas Facebook focuses on a user’s personal relationships. Facebook offers us a social utility to deepen social connectivity with our existing social graphs, while these new interest-based social networks enable users to express their interests in new, engaging ways and offer authentic, high value connectivity with new people we don’t already know. The different approaches of these interest-based services are distinct from Facebook, and they are powering the massive growth and engagement we are seeing in these new services.
via Beyond Facebook: The Rise Of Interest-Based Social Networks | TechCrunch.
Release Notes: VLC 2.0.0 “Twoflower” is a major new release of VLC. It has faster decoding using multi-core, GPU, and mobile hardware, and the ability to open more formats, notably professional,..
via VLC media player – Freecode.
Download it at http://www.videolan.org/vlc/
The shutdown of his entire domain, without notice, for something a user had done even after protections were in place against it, seemed hugely unfair to Tank; he made his public case in terms that would also apply to other user-generated sites like YouTube. “We have 2 millions user generated forms,” he wrote. “It is not possible for us to manually review all forms. This can happen to any Web site that allows user-generated content.”
via Takedowns run amok? The strange Secret Service/GoDaddy assault on JotForm (updated).
Jotform.com is back up and it seems like an interesting idea. Creating a form on that site is very easy but creating one locally in WordPress is easy too. They seem to have a lot of users however. It will also be interesting to see what happens with dns should the government abuse its authority (or lack thereof) in taking down sites capriciously and without due process. The Internet was designed to route around damage. Also this …
JotForm today moved its domains away from GoDaddy to registrars NameCheap and Hover. Tank still doesn’t know why his domain was suspended or when it might be returned; however, a WHOIS search this afternoon revealed that GoDaddy has at last removed the domain from its penalty box.
It is however the viewpoint of this article that the Megaupload indictment will likely be seen in the long run as having a more significant impact on Internet business models and innovation than the withdrawal of PIPA and SOPA — and this would be the case even if those bills had been enacted in some combined form.
That is because those bills, problematic as they were, created new forms of civil copyright enforcement — blocking of infringing foreign websites by both search engines and ISPs, and termination of third party payment and ad services for both foreign and domestic infringing websites. Such remedies might of course curtail a website’s income and even lead to its demise, as well as to executive and worker unemployment and investor monetary losses. But they would not threaten executives and investors with involuntary, decades-long incarceration in Club Fed.
via MegaBust’s MegaQuestions Cloud the Net’s Future.
This opinion piece makes some important points but it’s clearly biased in favour of megaupload.
Online Certificate Status Protocol – Wikipedia, the free encyclopedia.
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 2560 and is on the Internet standards track. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). Messages communicated via OCSP are encoded in ASN.1 and are usually communicated over HTTP. The “request/response” nature of these messages leads to OCSP servers being termed OCSP responders.