ClipIt

Posted on March 11, 2014 by mea

ClipIt is a lightweight, fully featured GTK+ clipboard manager. It was forked from Parcellite (http://parcellite.sourceforge.net), adding additional features and bugfixes to the project. Please also see http://clipit.rspwn.com/

via ClipIt | Free Development software downloads at SourceForge.net.

Clipboard managers can be useful when doing a lot of copy/pastes. I noticed Clipit as part of the standard Fedora 19 install in one of my virtual machines. They had no rpm package for Fedora 14 so I compiled the source and it works great. It’s a nice no nonsense useful tool.

‘What does ISP mean?’ – how government officials are flunking security challenges

Posted on March 10, 2014 by mea

Singer added that another US official about to negotiate cybersecurity with China asked him to explain what “ISP” meant. “That’s like going to negotiate with the Soviets and not knowing what ‘ICBM’ means. And I’ve had similar experiences with officials from the UK, China and Abu Dhabi.

At the G20 conference diplomats were spearfished by an email with a link to nude photos of former French first lady Carla Bruni-Sarkozy, and many clicked – downloading spyware onto their computers.

via ‘What does ISP mean?’ – how government officials are flunking security challenges | Technology | theguardian.com.

Warrantless Cellphone Tracking

Posted on March 9, 2014 by mea

The secretive technology is generically known as a stingray or IMSI catcher, but the Harris device is also specifically called the Stingray. When mobile phones — and other wireless communication devices like air cards — connect to the stingray, it can see and record their unique ID numbers and traffic data, as well as information that points to the device’s location. By moving the stingray around, authorities can triangulate the device’s location with much more precision than they can get through data obtained from a mobile network provider’s fixed tower location.
The government has long asserted that it doesn’t need to obtain a probable-cause warrant to use the devices because they don’t collect the content of phone calls and text messages but rather operate like pen-registers and trap-and-traces, collecting the equivalent of header information.

via Florida Cops’ Secret Weapon: Warrantless Cellphone Tracking | Threat Level | Wired.com.

Is FirstNet Stalled?

Posted on March 8, 2014 by mea

I suspect there is an epic struggle going on within the Beltway for the control of FirstNet and its $7 billion in funding.

via Is FirstNet Stalled?.

New crimeware tool Dendroid makes it easier to create Android malware, researchers warn

Posted on March 7, 2014 by mea

Dendroid’s features include deleting call logs and files; calling phone numbers; opening Web pages; recording calls and audio from the microphone; intercepting text messages; taking and uploading photos and videos; opening applications and launching HTTP flood (denial-of-service) attacks for a period of time specified by the attacker.

Dendroid is not the first Android RAT, but is one of the most sophisticated one seen to date.

via New crimeware tool Dendroid makes it easier to create Android malware, researchers warn | ITworld.

Stanford team tries for zippier Wi-Fi in crowded buildings

Posted on March 7, 2014 by mea

Meanwhile, the underlying tasks of assigning client devices to particular channels and access points are centrally controlled to make the best use of the infrastructure. Where separately owned and managed APs may make poor use of the unlicensed frequencies available in the building, the centrally controlled network can use its universal view to arrange the resources most efficiently.

via Stanford team tries for zippier Wi-Fi in crowded buildings – Network World.

Apple loses bid for U.S. ban on Samsung smartphone sales

Posted on March 6, 2014 by mea

A U.S. judge on Thursday rejected Apple’s request for a permanent sales ban in the United States against some older Samsung smartphones, a key setback for the iPhone maker in its global patent battle.

U.S. District Judge Lucy Koh in San Jose, California, ruled that Apple Inc had not presented enough evidence to show that its patented features were a significant enough driver of consumer demand to warrant an injunction

via Apple loses bid for U.S. ban on Samsung smartphone sales – chicagotribune.com.

No the Internet is not a ‘value tree’

Posted on March 6, 2014 by mea

Projects like Wikipedia, uses such as text and data mining, online access to cultural heritage and educational resources, and transformative use of the Internet do not follow the same logic as the traditional content industry value chains. Here limited user rights and long terms of protection become problematic and increased enforcement translates into chilling effects.

At the same time all of these types of uses are exactly what makes the Internet special and drives its potential to accelerate innovation and to democratize access to knowledge, tools and culture. The Internet is the first mass medium that is simultaneously enabling market driven uses, uses that are driven by public policy objectives (such as education or access to culture), and uses driven by people’s desire to create, collaborate and contribute to the commons.

via Kennisland : No the Internet is not a ‘value tree’.

SSL TLS HTTPS Web Server Certificate Fingerprints

Posted on March 5, 2014 by mea

Public and Private keys form cryptographically matched pairs. It is not feasible to derive one from the other, yet what one encrypts only the matching other can decrypt. Website SSL security certificates provide the site’s Public cryptographic key which is the public side of the server’s secret Private cryptographic key which is never publicly disclosed. Only the certificate’s public key can be used to encrypt data which the remote server can decrypt only using its matching private key. Since the SSL Proxy Appliance does not have the private key of the remote server—because only the remote server has it—the fake & fraudulent certificate the SSL Proxy provides to the user’s web browser is forced to use a different public key for which it does have a matching private key. And that means that no matter how hard any SSL-intercepting Proxy Appliance may try to spoof and fake any other server’s certificate, the certificate’s public key MUST BE DIFFERENT

via GRC | SSL TLS HTTPS Web Server Certificate Fingerprints

The remote server’s REAL certificate and the SSL Appliance’s FAKED certificate MUST HAVE AND WILL HAVE radically different fingerprints. They will not be remotely similar..

A Patent on Seven Simple Lines of Code

Posted on March 3, 2014 by mea

Basically, you look in one person’s account to see if there is enough money to make a transfer, and if there is, you transfer the money. I’ll bet you’ve done that before.

In fact, here’s the whole program:
10 LET account1 = 200.00 20 LET account3 = 300.00 30 INPUT “Value to exchange for transaction”; exchange 40 IF account1 < exchange THEN PRINT “Inadequate value”: STOP 50 account1 = account1 – exchange 60 account3 = account3 + exchange 70 PRINT “Instruction to 1st institution: adjust 2nd account by ”; -exchange
This implementation demonstrates that Alice’s patented invention requires only seven simple lines of code, not complex programming or specially designed hardware.

via A Patent on Seven Simple Lines of Code – Public Knowledge.

Bucktown Bell

Cut to the chase.