Don’t Be Fodder for China’s ‘Great Cannon’

Posted on April 10, 2015 by mea

“It only intercepts traffic to a certain set of Internet addresses, and then only looks for specific script requests. About 98 percent of the time it sends the Web request straight on to Baidu, but about two percent of the time it says, ‘Okay, I’m going to drop the request going to Baidu,’ and instead it directly provides the malicious reply, replying with a bit of Javascript which causes the user’s browser to participate in a DOS attack, Weaver said.

via Don’t Be Fodder for China’s ‘Great Cannon’ — Krebs on Security.

Interestingly, this type of attack is not unprecedented. According to documents leaked by National Security Agency whistleblower Edward Snowden, the NSA and British intelligence services used a system dubbed “QUANTUM” to inject content and modify Web results for individual targets that appeared to be coming from a pre-selected range of Internet addresses.

IoT Hubs Expose Connected Homes to Hackers

Posted on April 7, 2015 by mea

Many of the most serious flaws revealed a kind of sloppiness in the design and production of the devices, Brandon Creighton, Veracode’s research architect, told The Security Ledger. For example: both the Ubi and Wink Relay devices left debugging interfaces exposed and unsecured in their shipped product. That could provide an avenue for attackers who had access to the same network as the device to steal information or bypass other security controls.

Exposed debugging interfaces are useful during product testing, but have little or no utility to consumers. That suggests that the companies merely forgot to restrict access to them before shipping, Creighton said.

via Research: IoT Hubs Expose Connected Homes to Hackers | The Security Ledger.

10 Years of Git: An Interview with Git Creator Linus Torvalds

Posted on April 6, 2015 by mea

Ten years ago this week, the Linux kernel community faced a daunting challenge: They could no longer use their revision control system BitKeeper and no other Software Configuration Management (SCMs) met their needs for a distributed system. Linus Torvalds, the creator of Linux, took the challenge into his own hands and disappeared over the weekend to emerge the following week with Git. Today Git is used for thousands of projects and has ushered in a new level of social coding among programmers.

via 10 Years of Git: An Interview with Git Creator Linus Torvalds | Linux.com.

So git was basically designed and written for my requirements, and it shows.

AT&T’s plan to watch your Web browsing—and what you can do about it

Posted on April 4, 2015 by mea

If you have AT&T’s gigabit Internet service and wonder why it seems so affordable, here’s the reason—AT&T is boosting profits by rerouting all your Web browsing to an in-house traffic scanning platform, analyzing your Internet habits, then using the results to deliver personalized ads to the websites you visit, e-mail to your inbox, and junk mail to your front door.

via AT&T’s plan to watch your Web browsing—and what you can do about it | Ars Technica.

Use https. They may know which sites you visit but they won’t know any of the http fields because that is all encrypted. Most big sites like Google and Facebook use https by default nowadays.

TrueCrypt doesn’t contain NSA backdoors

Posted on April 3, 2015 by mea

A security audit of TrueCrypt has determined that the disk encryption software does not contain any backdoors that could be used by the NSA or other surveillance agencies. A report prepared by the NCC Group for Open Crypto Audit Project found that the encryption tool is not vulnerable to being compromised.

via TrueCrypt doesn’t contain NSA backdoors.

Graphics from the command line

Posted on March 31, 2015 by mea

This article shows how to perform image manipulation using command-line tools. I do this job quite often, since I’ve picked up a some digital cameras and now manage a library of several thousand happy snaps. For Web developers and administrators who frequently have to batch-process large numbers of images, command line tools are an especially attractive option, because the developer can incorporate them into scripts. But even if you only want to perform a manipulation once or twice, a command-line alternative can save time.

The command line tools discussed in this article are part of the excellent ImageMagick suite, which ships with Red Hat Linux and is freely available online (see Resources). ImageMagick can also be accessed via C, C++, Perl, Python, Java, and several other languages, which Linux programmers will appreciate.

via Graphics from the command line.

Rockets Shake And Rattle, So SpaceX Rolls Homegrown CFD

Posted on March 29, 2015 by mea

Lichtl says that people have tried to use wavelet compression before, and these particular simulations are based on work done by Jonathan Regele, a professor at the department of aerospace engineering at Iowa State University.

“The difference is that without GPU acceleration, and without the architecture and the techniques that we just described, it takes months on thousands of cores to run even the simplest of simulations. It is a very interesting approach but it doesn’t have industrial application without the hardware and the correct algorithms behind it. What the GPUs are doing here is enabling tremendous acceleration.

via Rockets Shake And Rattle, So SpaceX Rolls Homegrown CFD.

To be more precise, if you get the temperature wrong in the simulation by a little, you get the kinetic energy of the gas wrong by a lot because there is an exponential relationship there. If you get the pressure or viscosity of the fluid wrong by a little bit, you will see different effects in the nozzle than will happen in the real motor.

New Homeowner Has To Sell House Because Of Comcast’s Incompetence, Lack Of Competition

Posted on March 25, 2015 by mea

According to the latest Broadband Progress Report from the FCC, 4% of all Americans — and only 2% of people in Washington state — lack access to even the most basic non-mobile broadband service. But Seth’s story makes us wonder how many consumers are being counted as having access to these services when in fact the service providers refuse to make them available?

That’s why it’s in the best interest of Comcast, CenturyLink and others to assume an address is serviceable just because it falls within a certain ZIP code or municipal boundary — because it gives the illusion that they are providing service to more customers.

via New Homeowner Has To Sell House Because Of Comcast’s Incompetence, Lack Of Competition – Consumerist.

The FTC’s internal memo on Google teaches companies a terrible lesson

Posted on March 23, 2015 by mea

FTC staffers spent enormous time pouring through Google’s business practices and documents as well as interviewing executives and rivals. They came to the conclusion that Google was acting in anti-competitive ways, such as restricting advertisers’ from working with rival search engines. But commissioners balked at the prospect of a lengthy and protracted legal fight, former FTC officials said.

via The FTC’s internal memo on Google teaches companies a terrible lesson – The Washington Post.

Rosetta Spacecraft Makes Nitrogen Discovery on Comet

Posted on March 22, 2015 by mea

The Rosetta spacecraft detected the molecular nitrogen using the probe’s ROSINA instrument (Rosetta Orbiter Spectrometer for Ion and Neutral Analysis) between Oct. 17 and 23, 2014. At the time, Rosetta was orbiting just 6.2 miles (10 kilometers) from Comet 67P’s center.

via Rosetta Spacecraft Makes Nitrogen Discovery on Comet.

Bucktown Bell

Cut to the chase.