Wednesday, March 6th, 2019 (
No comments yet)
Schneier writes about a recent attack against home routers that takes advantage of the fact that most people never change the default passwords on their equipment.
One of his commenters said it best:
It has long been standard security practice that when logging in to a new system with a default password, the first required step is to have the user create a new password. If routers did this and refused to function until a customized password was set, none of these problems would occur.
Or more simply put, it's a problem that would never exist and would disappear tomorrow if router manufacturers would bother to make a simple and practically free programming change before shipping them out.
Tags:
Bad Design,
Negligence
Wednesday, March 6th, 2019 (
No comments yet)
Here's another case of fielding a new product without fully evaluating it first. A computer programmer played with a "in-flight game system" finding out that due to common programming mistakes, he was able to crash the system. Every seat has a small screen that can be used to play games or watch movies and every screen went blank when he did this.
Most interestingly, he says that he's glad the crash didn't affect the flight system to which a commentor posted:
as an airplane avionics technician, i can tell you that any and all navigation and control electronics are totally isolated into themselves. anything that can work on it's own, does, and anything that needs to share info does it through solid hard-wiring. There are common data busses to reduce weight from too much wiring, but again, totally isolated. Airlines know better than to link everything together in a network.
Tags:
Bad Design
Wednesday, March 6th, 2019 (
No comments yet)
Remember that neat gizmo in Back to the Future II? The one where Doc put some garbage into "Mr. Fusion" to power his time machine? If not, shame on you. Go rent the movie.
Anyway, they've now figured out how to make a machine that turns garbage of almost ANY variety into fuel and electricity. Not only does the start-up process only take a normal household amount of electricity to start, but it's over 100% self sustaining in that it produces more electricity than it uses while destroying anything from dirty diapers to old rusty metal. The only waste it produces is a gas that can be used for fuel.
Wow.
Tags:
Garbage Energy
Wednesday, March 6th, 2019 (
No comments yet)
CASPIAN warns that Verichip, the ones who have brought the human-implant RFID to the market had to publish a report of risks associated with the technology to satisfy the Securities and Exchanges Commission before they could IPO. In almost 20 pages of risks (holly clap!) they still neglected to mention that their RFID chips can be cloned… easily. So much for their claim to "tighten security in facilities like nuclear power plants".
"Potential investors should be told how a hacker can simply walk by a chipped person and clone his or her VeriChip signal, a threatdemonstrated by security researcher Jonathan Westhues months ago," says McIntyre, who is a former federal bank examiner.
And most creepily:
The VeriChip implant is a glass encapsulated RFID tag that is injected into the flesh to uniquely number and identify individuals. The tag can be read by radio waves from a few inches away. The highly controversial device is being marketed as a way to access secure areas, link to medical records, and serve as a payment instrument when associated with a credit card or pre-paid account.
So you get to be tagged like an animal with something you can't get rid of without surgury, and because your credit card information is in it, all someone has to do to steal your identity is stand near you for a few seconds. Wonderful.
Let's be clear about this: Human implantation of RFID is the most dangerous development in technology ever created. I really need to write an article about this sometime…
Tags:
Big Brother,
RFID,
Verichip
Wednesday, March 6th, 2019 (
No comments yet)
Though the RIAA would like you to believe it, it seems that P2P doesn't actually affect music sales at all. That's kind of embarassing for the RIAA who no longer has any justification for their music property crusade.
Of course, I always said that most people who use P2P to get music wouldn't have bought the CDs in the first place. Therefore, the number of people who download music doesn't necessarily equal the number of CDs that would have been sold.
Tags:
P2P,
Pirating,
RIAA
Tuesday, March 5th, 2019 (
No comments yet)
Apparently, there's a company named Powerset that's trying to implement natural language search for Internet searches. Granted, this has been tried before (Ask Jeeves), but never really worked. Ars Technica is listing Powerset as a possible competitor to Google, but cautions that Google will probably also include this technology soon (especially if Powerset shows any measure of success).
Describing natural language search is hard, but here's an example:
Searching for "book by children" and "book about children" should produce greatly different results, but search engines today generally throw out the prepositions and treat both queries the same way
Tags:
Search
Tuesday, March 5th, 2019 (
No comments yet)
According to the newsletter from TrueVoteMD, a consumer rights group in maryland that opposes the auditless e-voting, there are two bills in the state senate that will require paper trails and adequate records of votes for Maryland.
Tags:
Evoting,
Maryland
Tuesday, March 5th, 2019 (
No comments yet)
I found this news on Slashdot today. Basically, a university professor used a powerful free tool that lets him browse the Internet completely anonymously (Tor). Because the utility bypasses university security, they came to him and demanded he stop using it.
From his own description of the event, I found this especially nice, condensed description of why someone would want to use Tor:
Tor can also be useful in e-commerce. For example, Amazon.com knows more about my shopping habits and tastes than my wife does. I appreciate Amazon's ability to make recommendations based on my previous purchases. But in 2000, Amazon admitted experimenting with so-called dynamic pricing, charging different people different prices for the same MP3 player; the prices were presumably based on estimates of what each user would be willing to pay, considering prior purchases. Online merchants could all do that, thanks to traffic analysis. They know who I am when I log on — unless I delete their cookies or use Tor.
Tags:
Amazon,
Data Brokering,
Professor,
University
Tuesday, March 5th, 2019 (
No comments yet)
If you thought it was hype and paranoia, you were wrong. Not only CAN they create a sensor network to track people with RFID, but they're doing it right now. Denmark's Lego Land puts bracelets on kids that lets them be monitored by the park's many sensors.
Says Katherine Albrecht of spychips.com:
On the safety side, we can't help wondering why parents would let children wander off by themselves armed only with only a tracking device, rather than watching them with their own eyes. If a child is so young or irresponsible that his parents want to fit him with an electronic nanny, what he probably really needs is for those parents to hold his hand and pay attention to him instead. Alienating, authoritarian technologies only contribute to an alienated, cowering populace, whether the setting is an amusement park, a school, a
hospital, a birthing center, or a home.
Tags:
Big Brother,
Denmark,
Kids,
RFID
Tuesday, March 5th, 2019 (
No comments yet)
Of the proponents of RFID, one of their strongest defenses was, "but RFID can only be read from a few inches away, so it can't every be a problem…."
CASPAIN's newsletter points to this article showing that one company is using RFID to let drivers change the messages on billboards over 500 feet away! For perspective, an American football field is 300 feet long.
Tags:
Big Brother,
RFID
