Very recently, a new software side-channel attack, called Branch Prediction Analysis (BPA) attack, has been discovered and also demonstrated to be practically feasible on popular commodity PC platforms. While the above recent attack still had the flavor of a classical timing attack against RSA, where one uses many execution-time measurements under the same key in order to statistically amplify some small but key-dependent timing differences, we dramatically improve upon the former result.

[...]

The successful extraction of almost all secret key bits by our SBPA attack against an openSSL RSA implementation proves that the often recommended blinding or so called randomization techniques to protect RSA against side-channel attacks are, in the context of SBPA attacks, totally useless.

Simple Branch Prediction Analysis

This paper examines the problem of surreptitious Internet interception from the eavesdropper’s point of view. We introduce the notion of ‘fidelity” in digital eavesdropping. In particular, we formalize several kinds of “network noise” that might degrade fidelity, most notably “confusion,” and show that reliable network interception may not be as simple as previously thought or even always possible. Finally, we suggest requirements for “high fidelity” network interception, and show how systems that do not meet these requirements can be vulnerable to countermeasures, which in some cases can be performed entirely by a third party without the cooperation or even knowledge of the communicating parties.

The Eavesdropper's Dilema - Matt Blaze et al... [PDF]

As cellular data services and applications are being widely deployed, they become attractive targets for attackers, who could exploit unique vulnerabilities in cellular networks, mobile devices, and the interaction between cellular data networks and the Internet.

In this paper, we demonstrate such an attack, which surreptitiously drains mobile devices’ battery power up to 22 times faster and therefore could render these devices useless before the end of business hours.

This attack targets a unique resource bottleneck in mobile devices (the battery power) by exploiting an insecure cellular data service (MMS) and the insecure interaction between cellular data networks and the Internet (PDP context retention and the paging channel).

The attack proceeds in two stages. In the first stage, the attacker compiles a hit list of mobile devices — including their cellular numbers, IP addresses, and model information — by exploiting MMS notification messages. In the second stage, the attacker drains mobile devices’ battery power by sending periodical UDP packets and exploiting PDP context retention and the paging channel.

This attack is unique not only because it exploits vulnerable cellular services to target mobile devices but also because the victim mobile users are unaware when their batteries are being drained. Furthermore, we identify two key vulnerable components in cellular networks and propose mitigation strategies for protecting cellular devices from such attacks from the Internet.

Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery

LONDON (AFP) - A fully-functioning replica of a secret British codebreaking machine which hastened the end of the Second World War more than 60 years ago was unveiled.

Turing Bombe machines cracked some 3,000 enemy messages in the German Enigma code every day and are said to have shortened the war by two years.

Britain's WWII Enigma codebreaking machines resurrected

This guy runs up 'Lovers Leap' a 400 ft vertical rock face, unaided, no ropes, no harness, no problems at all !

(video) Guys runs up a 400ft vertical wall (amazing)

Geysers spewing sand and dust hundreds of feet into the "air" have been discovered on Mars, scientists say.

Ice geysers discovered on Mars

HANDY ONE-LINERS FOR SED (Unix stream editor) Apr. 26, 2004 compiled by Eric Pement - pemente[at]northpark[dot]edu version 5.4

This puts the K in K-rad.

SED one-liners

Since the UN never deploys observers to an active war zone, logic would suggest these unarmed men should have been pulled out the moment hostilities went beyond minor violations of the ceasefire they were monitoring... For the immediate-ceasefire crowd, the deaths of the UN military observers held the potential to give them a powerful moral argument against Israel's offensive -- beyond the one they were already citing daily: the mounting toll of civilian casualties.

UN post should have been cleared

Or: How I learned how to port scan company intranets using JavaScript!

Imagine visiting a blog on a social site like MySpace.com or checking your email on a portal like Yahoo’s Webmail. While you are reading the Web page JavaScript code is downloaded and executed by your Web browser. It scans your entire home network, detects and determines your Linksys router model number, and then sends commands to the router to turn on wireless networking and turn off all encryption. Now imagine that this happens to 1 million people across the United States in less than 24 hours.

This scenario is no longer one of fiction.

You can visit the proof of concept page I created and test drive it now.

Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript

Now Josef Penninger of the Austrian Institute of Molecular Biotechnology in Vienna and Min Zhao of the University of Aberdeen, UK, have demonstrated that natural electric fields and currents in tissue play a vital role in orchestrating the wound-healing process by attracting repair cells to damaged areas.

The researchers have also identified the genes that control the process. "We were originally sceptical, but then we realised it was a real effect and looked for the genes responsible," Penninger says. "It's not homeopathy, it's biophysics."

I wonder if further research could lead to a reconciliation of sorts between eastern and western medicine?

NewScientist: To heal a wound, turn up the voltage