| |
| "The future masters of technology will have to be lighthearted and intelligent. The machine easily masters the grim and the dumb." -- Marshall McLuhan, 1969 |
|
GoDaddy outage impacts MemeStreams |
|
|
|---|
| Topic: MemeStreams |
8:09 pm EDT, Mar 11, 2007 |
When I woke up this morning none of my domains were resolving. My websites, including MemeStreams, and email, were down. Ironically, GoDaddy told IDG on Friday that they don't need to apply DST patches to their machines because they are located in Arizona. I'm not sure why lack of DST patches would cause such a total outage. Its possible that there is another explanation, but regardless, this outage adds to other concerns about the reliability of GoDaddy has an operator of critical infrastructure.
The above are Decius's comments. I am now fed-up^2 with GoDaddy. What registrars are people currently switching to? The time is now 1:16 PM Eastern Daylight Savings Time (newly adjusted), on Sunday, March 11, 2007 - and it appears to me that none of my dozens of domain names registered and/or served at GoDaddy.com are working.I strongly suspect the problem is related to today's change to Daylight Savings Time. A recent story in PCWorld described some concerns that had been raised about GoDaddy.com's readiness for the time switch.
Slashdot coverage of the outage. Update: It appears this was a DoS attack.. Not an outage related to the time switch. GoDaddy outage impacts MemeStreams |
|
|
|---|
| Topic: Society |
8:06 pm EDT, Mar 11, 2007 |
This is a great collection of quotes assembled by noteworthy. "A nation can be maintained only if, between the state and the individual, there is interposed a whole series of secondary groups near enough to the individuals to attract them strongly in their sphere of action and drag them, in this way, into the general torment of civil life." -- Emile Durkheim
. "The art of association then becomes, as I have said before, the mother of action, studied and applied by all." -- Alexis de Tocqueville, Democracy in America
. "Modernity in its essence means an enormous change in the human condition, from fate to choice." -- Peter Berger
. Learning history isn't mostly about "a-ha moments." It's about laboring through a lot of information and ideas that are often less than magical. Therein lies the real trouble. Learning is labor. We're selling the fantasy that technology can change that. It can't. No technology ever has. Gutenberg's press only made it easier to print books, not easier to read and understand them. -- Peter Berger, The land of iPods and honey
. "I like English history. I have volumes of it, but I never read anything but the first volume. Even at that, I only read the first three or four chapters. My purpose is to read Volume Zero, which has not been written." -- Louis Kahn, What Will Be Has Always Been
Quotes |
|
Are We Slowly Losing Control of the Internet? |
|
|
|---|
| Topic: Technology |
6:35 pm EST, Mar 10, 2007 |
My mailbox is being filled with IETF announcements for the upcoming meeting in Prague. I see internet draft after internet draft making proposals that are going to cause implementation errors, security holes, and ultimately service outages. Take for example the prime candidate protocol for VOIP - SIP... SIP is far too complex. Consider how long it has taken to deploy IPv6 - a technology that celebrated its 10th anniversary a few years ago. And IPv6 has the luxury of being an alternative to IPv4 rather than a transparently compatible upgrade. Consider how much longer it will take to deploy VOIP protocol redesigns when the old protocol is embedded in telephones around the world? I have great concern that our approach to the internet resembles a high pillar of round stones piled on top of other round stones - we should not be surprised when it begins to wobble and then falls to the ground.
Are We Slowly Losing Control of the Internet? |
|
Counterterrorism Blog | Treasury's Message About Iran: 'Be Afraid' |
|
|
|---|
| Topic: International Relations |
10:08 pm EST, Mar 9, 2007 |
 Dubai is a significant location for Under Secretary of the Treasury Stuart Levey to deliver his March 7 message to the world about the risks of doing business in Iran. On the one hand, Dubai is literally across the water from Iran, a logical, nearby, natural trade partner for Iran on practically everything. On the other hand, Dubai is also a jurisdiction that has put into place a sophisticated anti-money laundering regime and increasingly capable financial regulatory regimes across the board, including for its capital markets. Counter terrorism cooperation between the U.S. and the government of the UAE of which Dubai is a part is extensive. In light of close U.S.-UAE cooperation on a wide range of securitty issues, it was notable but not surprising that Under Secretary Levey's comments focused solely on the need of the private sector to adjust its behavior towards Iran. Under Secretary Levey told about 200 bankers at a Eurofinance conference in Dubai "to consider whether it is wise for your company to focus its efforts on doing business with Iran. . . The world's top financial institutions and corporations are re-evaluating their business with Iran because they are worried about the risk and their reputations. You should worry too and be especially cautious when it comes to doing business with Iran." He went on to commend the cancellation of a planned conference in Dubai entitled "Doing Business in Iran." The Under Secretary then made explicit what was implied in his formal remarks, stating that "those who are tempted to deal with targeted high-risk actors are put on notice: if they continue this relationship, they may be next to be targeted for action." Will Treasury move forward with sanctions under Section 319 of the Patriot Act, freezing funds in the U.S. at a financial institution that is holding assets of a sanctioned Iranian entity outside the U.S.? As Wednesday Addams might say, "be afraid. Be very afraid."
Counterterrorism Blog | Treasury's Message About Iran: 'Be Afraid' |
|
|
|---|
| Topic: Technology |
3:04 pm EST, Mar 9, 2007 |
This is, without doubt, the best disguised bullet/stab-proof jacket we have ever come across. You won't find it anywhere else and you will never find a protective jacket as smart as this one. The protection levels it offers are quite unheard of in such a light,3 kilo, and discreet jacket. This jacket offers a protection level to NIJ STD 0101.04 level 11A and European Police Standard for tactical vests RPS B (1999). The armour protects against 9mm Full Metal Jacket Round Nose (FMJRN) projectiles, with a weight of 8gm (124gr) at 430 m/s. Full Metal Jacket Round Nose (FMJRN) type DM11A1B2 (DN or MEN) projectiles with a weight of 8gm (124gr) at 415m/s. 44 Magnum jacketed Soft Point (JSP) type Norma 11103/61103 projectiles with a weight of 15.6gm (158gr) at 390 m/s. 44 Magnum Jacketed Hollow Point (JHP) projectiles with a weight of 15.6gm (240gr) at 430 m/s. Eastern European Tokarev LC 7.62 x 25mm steel core projectile with a weight of 5.5gm at 455 m/s. This jacket also protects against stabs, cuts, slashes with sharp and blunt edged weapons like hypodermic needles, ice picks, knives and broken bottles up to 25 Joules according PSDB (2003).
Now that's my kinda fashion... I wonder if they sell the ballistic inserts separately... My flowing black leather trench coat badly needs a new liner. It's starting to fall apart. I was thinking earlier this week that it would be the pinnacle of utilitarian hacker fashion to have the liner replaced with a ballistic insert capable of stopping handgun rounds and knives.. Bullet/Stab Proof Jacket |
|
Audit: FBI snooping did not follow rules - CNN.com |
|
|
|---|
| Topic: Politics and Law |
1:34 pm EST, Mar 9, 2007 |
The FBI is guilty of "serious misuse" of the power to secretly obtain private information under the Patriot Act, a government audit said Friday. The Justice Department's inspector general looked at the FBI's use of national security letters (NSLs), in which agents demand personal and business information about individuals -- such as financial, phone, and Internet records -- without court orders. The audit found the letters were issued without proper authority, cited incorrect statutes or obtained information they weren't supposed to. As many as 22 percent of national security letters were not recorded, the audit said. "We concluded that many of the problems we identified constituted serious misuse of the FBI's national security letter authorities," Inspector General Glenn A. Fine said in the report. The audit said there were no indications that the FBI's use of the letters "constituted criminal misconduct." The FBI has made as many as 56,000 requests a year for information using the letters since the Patriot Act was passed in October, 2001, the audit found. A single letter can contain multiple information requests, and multiple letters may target one individual. The audit found that in 2004 and 2005, more than half of the targets of the national security letters were U.S. citizens.
At the very least, those of us that had been assuming these powers were being abused no longer look like lunatics. 27B Stroke 6 has good coverage of this. Audit: FBI snooping did not follow rules - CNN.com |
|
Rhythms of Social Interaction: Messaging within a Massive Online Network |
|
|
|---|
| Topic: Cyber-Culture |
1:30 pm EST, Mar 9, 2007 |
We have analyzed the fully anonymized headers of 362 million messages exchanged by 4.2 million users of Facebook, an online social network of college students, during a 26 month interval. The data reveal a number of strong daily and weekly regularities which provide insights into the time use of college students and their social lives, including seasonal variations. We also examined how factors such as school affiliation and informal online "friend" lists affect the observed behavior and temporal patterns. Finally, we show that Facebook users appear to be clustered by school with respect to their temporal messaging patterns.
Rhythms of Social Interaction: Messaging within a Massive Online Network |
|
Super-Close Google Maps Zooms hack |
|
|
|---|
| Topic: Technology |
2:42 am EST, Mar 9, 2007 |
Holy moly that is a close up zoom of a camel (see my screenshot above) – and it works for other place on Google Maps too! Yes, it turns out that you can zoom in much more deeply onto Google Maps by doing this: 1. Select a location and switch to satellite view
2. Zoom in as far as you can, and click “link to this page” at the top right
3. Now replace the “z” parameter in the URL with a higher value, e.g. 20, 22, or 23, and wait. Some locations will now show more detailed imagery
Interesting. I have not found any area of interest yet that goes deeper than advertised. It appears this will only be useful in areas that Google already intends it to be useful. Super-Close Google Maps Zooms hack |
|
Hacker builds tracking system to nab Tor pedophiles | Zero Day | ZDNet.com |
|
|
|---|
| Topic: Computer Security |
12:43 am EST, Mar 9, 2007 |
Amidst concerns that pedophiles are using public Tor (the Onion Router) servers to trade in child pornography, �ber-hacker HD Moore is building a tracking system capable of pinpointing specific workstations that searched for and downloaded sexual images and videos of kids. Moore, the brains behind the Metasploit Project, has come up with a series of countermeasures that include using patched Tor servers and a decloaking engine to detect the exact location of a pedophile within an organization or residence. HD Moore first discussed his "countermeasures" at a meeting of the Austin Hackers Association (AHA) last summer when it became clear that the EFF-backed anonymity/privacy network was being used for the most nefarious purposes. Further confirmation came last September when German authorities cracked down on Tor node operators because of the proliferation of child porn. As to whether this is enough for law enforcement authorities to make an arrest and build a case, Moore's answer: "No idea."
Decius's analysis of this: He is embedding a web bug in certain tor requests that implements a javascript based check for local IP address and a udp query to get an external IP. This raises some interesting questions: 1. People running anti-tor servers can undermine the anonymity provided by tor unless users are serious enough not to have their DNS going out in the clear, and serious enough to have browser extensions disabled. None of these ideas are new. 2. This seems to suggest the idea that someone would go to the trouble of running a tor server because they want to protect anonymity but decide to run this because they are uncomfortable with some of the uses of that anonymity. 3. In this case the anonymity they are providing is undermined based on a keyword match which is unreliable at best. 4. H.D. Moore is pro full disclosure of exploit code but against anonymous web browsing? 5. Why go to a lot of trouble undermining your anonymity system in order to target people downloading child porn through your proxy when you can use the same filter script to identify the server if you are running an exit node? Servers are worse than users, targetting them doesn't undermine the purpose of the service you are running, and you don't need any javascript tricks to target them. Bottom line: The goal here is to educate tor users, not to track them.
Hacker builds tracking system to nab Tor pedophiles | Zero Day | ZDNet.com |
|
