I was dining the other night with a colleague, enjoying a respectable Russian River Pinot Noir, when he said with a steely firmness: "We'll pour our own wine, thank you."

This declaration of independence was prompted by that quintessential New York restaurant phenomenon: a server reducing a bottle of wine to a seven-minute, four-glass experience through overfilling and topping-up of a fanaticism found rarely outside the Middle East.

I know I'm being elitist here, a terrible thing in this political season, and quite possibly nobody in small-town Pennsylvania gives a damn how wine is poured. But I don't care and, come to think of it, last time I was in small-town Pennsylvania – at Gettysburg – I drank rather well.

Marchons, marchons ! Civilization

Roger Cohen: Of wine, haste and religion - International Herald Tribune

The evidence is now overwhelming that Mark Dowd was, in fact, sent back through time to kill the mother of the person who will grow up to challenge SkyNet. Please direct your attention to Dowd’s 25-page bombshell on a Flash bytecode attack.

Some context. Reliable Flash vulnerabilities are catastrophes. In 2008, we have lots of different browsers. We have different versions of the OS, and we have Mac users. But we’ve only got one Flash vendor, and everyone has Flash installed. Why do you care about Flash exploits? Because in the field, any one of them wins a commanding majority of browser installs for an attacker. It is the Cyberdyne Systems Model 101 of clientsides.

So that’s pretty bad-ass. But that’s not why the fate of humanity demands that we hunt down Dowd and dissolve him in molten steel.

Look at the details of this attack. It’s a weaponized NULL pointer attack that desynchronizes a bytecode verifier to slip malicious ActionScript bytecode into the Flash runtime. If you’re not an exploit writer, think of it this way: you know that crazy version of Super Mario Brothers that Japan refused to ship to the US markets because they thought the difficulty would upset and provoke us? This is the exploit equivalent of that guy who played the perfect game of it on YouTube.

Big upz and mad Respekt for Mark Dowd.

Dowd’s Inhuman Flash Exploit

In an age where JavaScript is so ubiquitous that some websites won't even load if you don't enable in your browser, cross-site scripting hacks are everywhere - letting malicious or merely mischievous hacker create links that have some very unintended consequences on websites that are not careful to keep from executing other people's code.

Most are run-of-the-mill and hardly worth writing about, but reader Harry Sintonen writes in with a vulnerability on the CIA's site that THREAT LEVEL can't resist.

For those of you who don't see it after clicking through, notice that the links lead to the CIA's site, but displays a recent THREAT LEVEL story. Here the CIA search box fails to rip out characters that will run as a script when the site tries to process the search query.

This story went up at 3:26pm, and it's still working at 8:45pm.

This would be great for a prank form...

Update: This is still working today. So much for fast response.. Here is the obligatory memestreams @ cia.gov link.

CIA.gov XSS | Threat Level

A leading contender to replace silicon as the basis for computing has made another step forward.

Transistors one atom thick and ten atoms wide have been made by UK researchers. They were carved from graphene, predicted by some to one day oust silicon as the basis of future computing.

For 40 years computing has been dominated by a rule of thumb named Moore's law, which predicts that the number of transistors on a chip will double roughly every two years.

Yet silicon, the material that has so far been used to keep up with Moore's law cannot form stable structures below 10 nanometres in size. And today's newest chips already have features just 45 nm across. The hunt is on for a replacement for silicon.

Graphene, a material made from flat sheets of carbon in a honeycomb arrangement is a leading contender. A team at the University of Manchester, UK, have now used it to make some of the smallest transistors ever. Devices only 1 nm across that contain just a few carbons rings.

Previous graphene transistors were significantly bigger – ribbons 10 nm across and many times longer.

Atom-thick material runs rings around silicon - tech - 17 April 2008 - New Scientist Tech

Read my lips: Virgin Media are so awful that I'm leaving them and I encourage you to do likewise.

Reasons they're awful? Let me give you a list. To start with, I didn't much pay attention when they announced that they were going to start charging by the minute for telephone support calls. After all, I'm competent to configure my own broadband router; I don't need my hand holding, right? Well, I've changed my mind.

It appears highly likely that Virgin are probing the equipment you attach to your cable modem and dropping packets destined for broadband routers.

Charlie's Diary: Brand Dilution

President Mahmoud Ahmadinejad of Iran made another blustering claim this week: that his scientists are tripling the size of their nuclear fuel program. The fact that it made barely a diplomatic ripple is another reminder that the major powers are adrift on one of the major security challenges of the day.

As Iran works on its bomb, the world drifts - International Herald Tribune

The Monty Hall Problem has struck again, and this time it’s not merely embarrassing mathematicians. If the calculations of a Yale economist are correct, there’s a sneaky logical fallacy in some of the most famous experiments in psychology.

Cognitive Dissonance in Monkeys - The Monty Hall Problem - New York Times

To my horror, I turn out to be a racist.

The University of Chicago offers an on-line psychological test in which you encounter a series of 100 black or white men, holding either guns or cellphones. You’re supposed to shoot the gunmen and holster your gun for the others.
...
Yet racism may also be easier to override than sexism. For example, one experiment found it easy for whites to admire African-American doctors; they just mentally categorized them as “doctors” rather than as “blacks.” Meanwhile, whites categorize black doctors whom they dislike as “blacks.”
...
Alice Eagly, a professor of psychology at Northwestern University, agrees: “In general, gender trumps race. ... Race may be easier to overcome.”

The challenge for women competing in politics or business is less misogyny than unconscious sexism: Americans don’t hate women, but they do frequently stereotype them as warm and friendly, creating a mismatch with the stereotype we hold of leaders as tough and strong. So voters (women as well as men, though a bit less so) may feel that a female candidate is not the right person for the job because of biases they’re not even aware of.
...
But biases are not immutable. Research subjects who were asked to think of a strong woman then showed less implicit bias about men and women. And students exposed to a large number of female professors also experienced a reduction in gender stereotypes.

So maybe the impact of this presidential contest won’t be measured just in national policies, but also in progress in the deepest recesses of our own minds.

Our Racist, Sexist Selves - New York Times

First Human to Fail the Turing Test

Being accepted. Proving loyalty. Navigating the tight space between racial divides. Americans of mixed race say these are issues they have long confronted, and when Senator Barack Obama recently delivered a speech about race in Philadelphia, it rang with a special significance in their ears. They saw parallels between the path trod by Obama and their own.

They recalled the friends, as in Bratter's case, who thought they were not black enough. Or the people who challenged them to label themselves by innocently asking, "What are you?" Or the relatives of different races who can sometimes be insensitive to one another.

Who are we? New dialogue on mixed race - International Herald Tribune