| |
| "The future masters of technology will have to be lighthearted and intelligent. The machine easily masters the grim and the dumb." -- Marshall McLuhan, 1969 |
|
Reuters | North Korea says will conduct nuclear test |
|
|
|---|
| Topic: Current Events |
11:10 am EDT, Oct 3, 2006 |
An increasingly isolated North Korea said on Tuesday it would conduct its first-ever nuclear test, blaming a U.S. "threat of nuclear war and sanctions" for forcing its hand. The statement by North Korea's foreign ministry, carried on the official KCNA news agency, was condemned by neighboring Japan as "unacceptable" and caused South Korea to increase its security alert. The announcement confirms weeks of rumors the communist state was planning a test and came amid increasingly sour relations with the outside world after it test-fired missiles in July. "The U.S. extreme threat of a nuclear war and sanctions and pressure compel the DPRK (North Korea) to conduct a nuclear test, an essential process for bolstering nuclear deterrent, as a corresponding measure for defense," the statement said. But it added that North Korea would never use nuclear weapons first and would "do its utmost to realize the denuclearization of the peninsula and give impetus to the world-wide nuclear disarmament and the ultimate elimination of nuclear weapons." "Pyongyang has been increasingly controlled by hardliners in the past months and its policies and words have become more and more extreme. The situation is really dangerous," said Shi Yinhong, professor of International Relations at Renmin University in Beijing "North Korea thinks it has no other option but to press the United States to have bilateral negotiations with them. North Korea has nothing to lose by conducting a nuclear test," Chang Myung-soon, an expert on North Korea's military, said.
Other coverage at CNN and New York Times. Reuters | North Korea says will conduct nuclear test |
|
Wired 14.10: How To: Dismantle an Atomic Bomb |
|
|
|---|
| Topic: Humor |
12:24 am EDT, Oct 3, 2006 |
Sure, the odds are slim that you'd ever be faced with an atomic device ticking down to zero. But think of how Jack Bauer it'd be if you were. And then who're you going to trust? Us or some do-gooder rock band?
"Don't worry guys, I read an article about this in Wired!" If these tips don't work, give us a call and let us know what we got wrong.
... and I'm sure they will run a correction. Wired 14.10: How To: Dismantle an Atomic Bomb |
|
|
|---|
| Topic: Politics and Law |
5:08 pm EDT, Oct 2, 2006 |
Name this quote: "I shall give a propagandist reason for starting the war, no matter whether
it is plausible or not. The victor will not be asked afterwards whether
he told the truth or not. When starting and waging war it is not right
that matters, but victory."
Godwin's Guffaw |
|
And if You Liked the Movie, a Netflix Contest May Reward You Handsomely |
|
|
|---|
| Topic: High Tech Developments |
9:02 am EDT, Oct 2, 2006 |
Netflix, the popular online movie rental service, is planning to award $1 million to the first person who can improve the accuracy of movie recommendations based on personal preferences. James Bennett, left, a Netflix vice president, with the company’s chief executive, Reed Hastings, in a headquarters screening room. To win the prize, which is to be announced today, a contestant will have to devise a system that is more accurate than the company’s current recommendation system by at least 10 percent. And to improve the quality of research, Netflix is making available to the public 100 million of its customers’ movie ratings, a database the company says is the largest of its kind ever released. “If we knew how to do it, we’d have already done it,” said Reed Hastings, chief executive of Netflix, based in Los Gatos, Calif. If no one wins within a year, Netflix will award $50,000 to whoever makes the most progress above a 1 percent improvement, and will award the same amount each year until someone wins the grand prize.
And if You Liked the Movie, a Netflix Contest May Reward You Handsomely |
|
Stealing Search Engine Queries with JavaScript |
|
|
|---|
| Topic: Computer Security |
9:27 am EDT, Oct 1, 2006 |
SPI Labs has expanded on existing techniques and discovered a practical method of using JavaScript to detect the search queries a user has entered into arbitrary search engines. As seen with the recent leakage of 36 million search queries made by half a million American Online subscribers, there are enormous privacy concerns when a user’s search queries are made public. All the code needed to steal a user’s search queries is written in JavaScript and uses Cascading Style Sheets (CSS). This code could be embedded into any website either by the website owner or by a malicious third party through a Cross-site Scripting (XSS) attack. There it would harvest information about every visitor to that site. For example, an HMO’s website could check if a visitor has been searching other sites about cancer, cancer treatments, or drug rehab centers. Advertising networks could gather information about which topics someone is interested based on their search history and use that to echance their customer databases. Government websites could see if a visitor has been searching for bomb-making instructions.
Acidus presented another one of his amazing web hacks at ToorCon this weekend. Javascript is loaded with issues... Here is another one. Good job Billy.. I seriously love watching you hack shit up. Update: Unlike the situation in my previous post, there is no vendor involved here. This is a good example of sounding the warning horn. Stealing Search Engine Queries with JavaScript |
|
Hackers claim zero-day flaw in Firefox | CNET News.com |
|
|
|---|
| Topic: Computer Security |
9:17 am EDT, Oct 1, 2006 |
The open-source Firefox Web browser is critically flawed in the way it handles JavaScript, two hackers said Saturday afternoon. An attacker could commandeer a computer running the browser simply by crafting a Web page that contains some malicious JavaScript code, Mischa Spiegelmock and Andrew Wbeelsoi said in a presentation at the ToorCon hacker conference here. The flaw affects Firefox on Windows, Apple Computer's Mac OS X and Linux, they said.
Ok, nothing shocking there.. "Internet Explorer, everybody knows, is not very secure. But Firefox is also fairly insecure," said Spiegelmock, who in everyday life works at blog company SixApart. He detailed the flaw, showing a slide that displayed key parts of the attack code needed to exploit it.
Irresponsible disclosure alarm starting to tingle.. The JavaScript issue appears to be a real vulnerability, Window Snyder, Mozilla's security chief, said after watching a video of the presentation Saturday night. "What they are describing might be a variation on an old attack," she said. "We're going to do some investigating." Snyder said she isn't happy with the disclosure and release of an exploit during the presentation. "It looks like they had enough information in their slide for an attacker to reproduce it," she said. "I think it is unfortunate because it puts users at risk, but that seems to be their goal."
Now the irresponsible disclosure alarm is full on ringing. They didn't give the Mozilla people heads-up on this before presenting? That's _not_ the right way to go about things.. Jesse Ruderman, a Mozilla security staffer, attended the presentation and was called up on the stage with the two hackers. He attempted to persuade the presenters to responsibly disclose flaws via Mozilla's bug bounty program instead of using them for malicious purposes such as creating networks of hijacked PCs, called botnets. "I do hope you guys change your minds and decide to report the holes to us and take away $500 per vulnerability instead of using them for botnets," Ruderman said. The two hackers laughed off the comment. "It is a double-edged sword, but what we're doing is really for the greater good of the Internet, we're setting up communication networks for black hats," Wbeelsoi said.
This is exactly the kind of crap that turns up the heat on everyone.. Vendors should be given a reasonable amount of heads-up when bugs are discovered before they are publicly presented. THAT is for the greater good of the Internet and users. Do any of the folks here in the MemeStreams community who are at ToorCon have any comments on this? Was anyone at the presentation? Hackers claim zero-day flaw in Firefox | CNET News.com |
|
The Blotter (ABC) | The Sexually Explicit Internet Messages That Led to Fla. Rep. Foley's Resignation |
|
|
|---|
| Topic: Current Events |
11:32 pm EDT, Sep 29, 2006 |
Florida Rep. Mark Foley's resignation came just hours after ABC News questioned the congressman about a series of sexually explicit instant messages involving congressional pages, high school students who are under 18 years of age. In Congress, Rep. Foley (R-FL) was part of the Republican leadership and the chairman of the House caucus on missing and exploited children.
Wow. The Blotter (ABC) | The Sexually Explicit Internet Messages That Led to Fla. Rep. Foley's Resignation |
|
Goldwater, Leftist (haw haw haw!) |
|
|
|---|
| Topic: Politics and Law |
3:19 pm EDT, Sep 29, 2006 |
"We can be conquered by bombs or subversion; but we can also be conquered by neglect - by ignoring the Constitution and disregarding the principles of limited government." - Barry Goldwater Goldwater, Leftist (haw haw haw!) |
|
War Room - Salon.com - The intelligence report cites 'leftist' groups as a terror threat |
|
|
|---|
| Topic: Civil Liberties |
1:07 am EDT, Sep 29, 2006 |
Prior to 9/11, the worst terrorist attack on U.S. soil was in Oklahoma City, where Timothy McVeigh blew up a federal building in pursuit of his right-wing, anti-federal-government agenda. But there is nothing in the NIE findings about right-wing or anti-government groups. Instead, there is a rather stark warning about the danger of "leftist" groups using the Internet to engage in terrorist attacks against the United States. Is there any basis at all for that warning? There have been scattered reports over the last several years that the Bush administration's anti-terrorism programs have targeted domestic political groups solely because such groups espouse views contrary to the administration's. That this claim about "leftist" terrorist groups made it into the NIE summary is particularly significant in light of the torture and detention bill that is likely soon to be enacted into law. That bill defines "enemy combatant" very broadly (and the definition may be even broader by the time it is enacted) and could easily encompass domestic groups perceived by the administration to be supporting a "terrorist agenda." Similarly, the administration has claimed previously that it eavesdrops on the conversations of Americans only where there is reasonable grounds (as judged by the administration) to believe that one of the parties is affiliated with a terrorist group. Does that include "leftist" groups that use the Internet to organize? This NIE finding gives rise to this critical question: Are "leftist" groups one of the principal targets on the anti-terrorism agenda of the Bush administration, and if so, aren't the implications rather disturbing?
Disturbing indeed.. 27B Stroke 6 also noted that the Cyber Storm readiness exercise was constructed to deal with a "leftist" threat. War Room - Salon.com - The intelligence report cites 'leftist' groups as a terror threat |
|
