Total lunar eclipse on March 3rd. Next Sat. We should be able to see it as the moon rises. I hope it isn't cloudy.

NASA - Eclipses During 2007

Bluetooth devices detected towards each end of London Bridge will appear as coloured pixels on the corresponding end of the Tower Bridge upper walkway, and if they are subsequently detected at the other end, the pixel will move across at a speed proportional to the speed of movement (walking/running/driving etc.). The colour and initial position is derived from the Bluetooth address, and so will always be the same for any given device.

Tower Bridge is Watching You

That didn't take long. On Feb. 8, I posted to YouTube a clip taken from the Super Bowl: not the football, but the copyright warning the NFL stuck into the middle of it, wherein they tell you it's forbidden even to share "accounts of the game" without the NFL's consent.

Their copyright bot didn't seem to see the fair use in my educational excerpt, so YouTube just sent me their boilerplate takedown. Time to break out that DMCA counter-notification.

Wendy's Blog: Legal Tags: My First DMCA Takedown

Welcome to Startupping

Startupping is a one-of-a-kind community resource created for Internet entrepreneurs by Internet entrepreneurs. It is a place to share information, ask questions, and tap into the experience of others who have built and are building web businesses. Read blog posts about startup issues, participate in our discussion forums, and view our wiki resources, including sample term sheets and a glossary. For more information about the Startupping site, see our about page.

Most cool!

Startupping - A Community for Entrepreneurs

A scheme to steal customers' credit and debit card information at a New England supermarket chain highlights a little-understood fact about credit card security: Customers still think that the credit-card companies have to eat fraudulent charges, but since the PCI DSS standards were adopted, it's actually the merchant banks and merchants who have to pay up. And, according to the blogger writing in the latter article, it's a good thing."

I don't agree with that blogger. Credit Card numbers get stolen because they can be. The only people who are in a position to rearchitect this system are the Credit Card companies, who, of course, have no economic incentive to do so, because they don't bare any of the costs associated with the fraud. This is market failure, and instead of pouring buckets of money at law enforcement in this context the government ought to fix the glitch.

Slashdot | Who Pays For Credit Card Breaches?

Christopher Soghoian posted the following simple idea in response to one of a myriad of proposals floating in Government this year to turn the Internet into an architecture of control.

Declan reports that Senators McCain and Schumer have proposed the SAFE act, which would create a national database of child porn images - or I'm guessing, simply require that the FBI make their own database public. ISPs would be given access to this database, and would be required to screen traffic and alert the authorities of any user who transmits/hosts an image that matches a fingerprint in this database.

Once the infrastructure is in place for them to compare hashes of child porn, it won't be too difficult for them to start comparing hashes of music, copies of dissident literature, photographs of dead soldiers in Iraq, anti-Scientology documentation, or anything else that someone with their hand in a Senator's pocket doesn't like.

To combat against this evil intrusion into our private Internet behavior, I now introduce 'broken glass'. It is a perl script that when given an image file, will change 1 pixel's red component by /- 1. It's not enough for the human eye to see, but it will make the MD5/SHA1 hash fingerprint of the image be completely different.

Then he pulled the code, fearing that he'll be accused of aiding and abetting child pornographers.

Source code pulled until I chat with a couple legal minds.

Its worth noting that the law doesn't require ISPs to screen traffic. It merely authorizes the sharing of child porn images for this purpose. Presumably there are ISPs lined up who want to do this but presently its illegal. Soghoian's perl script is a simple example of a myriad different things that can be done to data to make it invisible to this sort of screen. But Soghoian, having already had the FBI break into his house in the middle of the night for pointing out naked emperors, thought better of publishing the code.

Consider this in light of the recent Mooninite fiasco. What is deterred by the fact that the people who were hired to hang the signs are facing years in prison? Certainly not terrorism of any sort, or any kind of behavior that might reasonably be considered malicious, but a great deal is deterred. Are those things valuable? Of course. Are they worth the cost of not throwing the book at anything you mistake for an attack after it becomes clear that its not an attack? Of course. Do I expect authority to get that? No, I don't.

Neither Terrorism nor Child Porn need create these fissures in our society. It is our failure to avoid embracing fear and sensationalism that will be our undoing. We're still our own greatest threat.

Thought Crime

A set of long exposures that were taken while playing video war games of the 80's, created by Atari, Centuri & Taito. The photographs were shot from video game screens while playing the games. By recording each second of an entire game on 1 frame of film, captured complex patterns were captured not normally seen by the naked eye.
Fantastic! Where can I get prints?

Long Video War Game Exposures

possibly noteworthy wrote:
Read books. I doubt you'll ever find yourself associating a YouTube video with a place and time in your life.

Well, if for no other reason than a book requires such a large investment of time while also failing to fully consume the senses that it becomes associated with the time and place in which it was read, regardless of how good it was. The most important events of this century are those for which everyone recalls exactly where they were when the news reached them because the emotional impact of the event was so extreme that the memories are burned brightly into everyone's cortext... some mechansim in the mind designed to learn how to avoid bad experiences is triggered by the worst national tragedies... The Kennedy Assasination, the Challenger Explosion, September 11th... It is inevitable with the poliferation of citizen journalism that some future historical event will reach you first as a short video on the Internet. You'll have just a few minutes to view it before the servers become overloaded. You'll tell your grandchildren where you were when you got the link.

RE: A Traveler's Library

The picture on the left shows Hitachi's infamous mu chip, once heralded as the world's smallest RFID tag. Back in 2003, it was touted as the perfect size for embedding into currency, slipping into bullets, and even tagging humans. The siren song of this dot-sized tracker even lured the Malaysian government into buying rights to it.

These are interesting but the range on them is probably very small unless you've got a huge antenna coil in your reader or a very powerful amplifier. That reduces the threat that they could be abused.

'Weaponized' RFID

Tsudohnimh wrote:
I clicked a link for hot judicial action and I got 0wn3d. I'd like to thank the academy, my parents for warping me, Tom and Nick for letting me do this, and my hero Acidus.

OK, let me explain what the story is with this. Its possible to embed a link in a MemeStreams page to /recommend. When people who are logged in click on it, it will automatically post a message to their MemeStream, and then redirect them back to the page they were looking at. Ironically, this tends to result in lots of clicking, as it seems like the browser has done something wrong. If Acidus had really wanted to be nasty he could have included a redundant link in the posts he was adding to your pages to that people who read your MemeStreams would also spread the post. Its like a meme worm.

This is actually a problem that Rattle and I anticipated when we first built this website. We used to have protection in place that prevented this. It worked by checking to make sure that when you submitted a post the referer header in your http request came from /recommend and not some other page. Unfortunately, we ran into trouble with this feature. Some Internet privacy software screens referer headers out of http requests, and so people who used such software were unable to post. After struggling through the process of explaining to a few users how to fix this problem we decided to disable the security feature for /recommend until we had time to revisit the problem. The security feature is still present in /delete and /edit, because we decided that a self propagating MemeStreams Meme was only a bit of an annoyance, but if someone wrote a javascript that wiped out your whole blog that would be a serious problem. This explains why a few of you have trouble editing or deleting posts sometimes.

We have a fix for this problem which is unlikely to cause problems for people running Internet privacy software. Its checked into subversion. However, we haven't shipped it yet because it is boiled in with a bunch of other changes to the UI that aren't quite ready for release yet. We decided it might be fun to go ahead and let Acidus propagate one of these Memes as he uncovered this issue a few weeks back and advised us on how to implement a better fix. I'd like to say that we're shipping this weekend, but I don't think its going to happen. I'm skiing and Rattle is attending Outerz0ne. Acidus is actually giving a talk at Outerz0ne which includes a discussion of this issue, so its not out of the question that you might see a few more people screwing around with it. Fortunately I don't think you can do anything terribly malicious with this. Its all in good fun.

Hopefully we'll have our update out soon.

RE: I like it old-school! - An Explanation