On the always-excellent Search Engine podcast from TVOntario, host Jesse Brown interviews Alan Borovoy, general counsel of the Canadian Civil Liberties Association. Borovoy in one of Canada's most respected free speech and privacy activists, and he describes the state of Canada on the eve of the introduction of a sweeping spy-bill that will require ISPs to log and retain enormous amounts of our private communications, and then give police access to that material without a warrant. This is a stirring call-to-arms and an important historical context to understand the history of free speech and privacy in Canada.
Audio Podcast #124: Alan Borovoy | Search Engine (MP3)
Read the rest
The Electronic Frontier Foundation's SSL Observatory is a research project that gathers and analyzes the cryptographic certificates used to secure Internet connections, systematically cataloging them and exposing their database for other scientists, researchers and cryptographers to consult.
Now Arjen Lenstra of École polytechnique fédérale de Lausanne has used the SSL Observatory dataset to show that tens of thousands of SSL certificates "offer effectively no security due to weak random number generation algorithms." Lenstra's research means that much of what we think of as gold-standard, rock-solid network security is deeply flawed, but it also means that users and website operators can detect and repair these vulnerabilities.
Read the rest
While we have observed and warned about vulnerabilities due to insufficient randomness in the past, Lenstra's group was able to discover more subtle RNG bugs by searching not only for keys that were unexpectedly shared by multiple certificates, but for prime factors that were unexpectedly shared by multiple publicly visible public keys. This application of the 2,400-year-old Euclidean algorithm turned out to produce spectacular results.
In addition to TLS, the transport layer security mechanism underlying HTTPS, other types of public keys were investigated that did not use EFF's Observatory data set, most notably PGP. The cryptosystems that underlay the full set of public keys in the study included RSA (which is the most common class of cryptosystem behind TLS), ElGamal (which is the most common class of cryptosystem behind PGP), and several others in smaller quantities. Within each cryptosystem, various key strengths were also observed and investigated, for instance RSA 2048 bit as well as RSA 1024 bit keys.
Ford's Theater's Center for Education and Leadership sports a 6,800 volume, 34-foot-tall tower of (aluminum replica) books about Abraham Lincoln.
The majority of the titles are histories and biographies about Abraham Lincoln. Also included are books of Lincoln’s speeches, books of quotations or quips and one or two travel titles (i.e.: Indiana’s Lincolnland by Mike Capps and Jane Ammenson). Several children’s titles also are included, though not much in the way of adult historical fiction.
(Many sites report that there are 15,000 books in the pile, but that's not correct).
Skyscraping Tower of Abraham Lincoln Books
Read the rest
On my way to Dallas-Fort Worth airport today, I snapped this picture of the sticker on the inside of the back-seat passenger-side window of my taxi. It warns "The method used to authenticate credit card transactions for approval is not secure and personal information is subject to being intercepted by unauthorized personnel." There's some history there, I'm guessing. Consumer warnings are very nice, but I'm left wondering why they don't just update the firmware on the credit-card box with some decent crypto (unless this is because they use a CB radio to call in card numbers, which is pretty danged foolish).
Read the rest
Wired Science's Dave Mosher investigates elastomeric soft robots -- air-powered origami creepers that can go places that challenge their rigid metallic kin.
Getting the soft robots to perform a particular action is a feat of origami: Folded in just the right way and glued in the right spots, for example, the researchers showed how a crinkled clump of silicone-soaked paper lifted a 2-pound weight. The force of the air required to drive it was roughly twice that of a human exhalation.
The team has also cylinders that blow into spheres, tubes that act like springs and compact stacks that turn into rigid rings or pipes.
Avi Solomon notes the similarity between these eerie things and the robots in Ted Chiang's brilliant science fiction story Exhalation.
Origami Robots Run Only on Air
Read the rest
Absolut has commissioned Jamie Hewlitt (co-creator of Tank Girl and Gorillaz) to do a limited edition vodka bottle celebrating London's public drunkenness. It's a rather nice piece of work, too -- suitably grotesque. All it's missing is the grimy, mutilated pigeons squabbling over puddles of last night's binge-drinking lad and ladette vom.
Read the rest
Kader Arif is the former EU rapporteur on ACTA (the secretive copyright treaty pushed by the US Trade Rep) on Europe's behalf. He made headlines when he handed in his report on ACTA and his resignation as rapporteur, which damned ACTA as an undemocratic, overly broad and ill-conceived trainwreck. In this WSJ interview, Arif goes into detail on the problems that made ACTA utterly irredeemable, and Mike Masnick despairs at how Arif's successor in the EU is seemingly unwilling to stand up for the democratic principles that ACTA tramples.
Read the rest
First is the article 11 of the agreement, which states that the right holder has the right to ask for information “regarding any person involved in any aspect of the infringement or alleged infringement”. This article is worded in such wide and unclear terms that it leaves a great deal of room for interpretation. In practice, almost anyone could be linked to an infringement of intellectual property rights and face criminal sanctions under such a vague definition. It is our responsibility as legislators and people’s representatives not to leave it to a judicial authority to decide of the scope of an agreement which could affect people’s civil liberties.
The second is the issue of having travelers’ personal luggage searched at borders. ACTA foresees that the use of counterfeited goods on a commercial scale can lead to criminal sanctions. But here again no definition of “commercial scale” is given. Article 14 of the agreement clearly states that, unless contrary action is taken by one of the parties, it is possible to search people’s personal luggage, including small consignments.
Several years ago, I read Brian Aldiss's Billion Year Spree -- his "true history of science fiction" from Mary Shelley to the early 1970s. I found Aldiss's account of the genre's development entertaining and informative... but something bothered me, long after I'd finished reading it. So much so that I've since spent hundreds of dollars on forgotten, out-of-print books; I've written dozens of long, scholarly posts about the thing that bothered me so much, for io9 and my own blog, HiLobrow; and this year I've even launched a money-losing publishing imprint in a quixotic effort to set the record straight.
Aldiss's book is terrific on the topic of science fiction from Frankenstein through the "scientific romances" of Verne, Poe, and Wells -- and also terrific on science fiction's so-called Golden Age, the start of which he, like every other sf exegete, dates to John W. Campbell's 1937 assumption of the editorship of the pulp magazine Astounding. However, regarding science fiction published between the beginning of the Golden Age and the end of the Verne-Poe-Wells "scientific romance" era, Aldiss (who rightly laments that Wells's 20th century fiction after, perhaps, 1904's The Food of the Gods, fails to recapture "that darkly beautiful quality of imagination, or that instinctive-seeming unity of construction, which lives in his early novels") has very little to say. "Hm," I thought, when I noticed that. "That's an awfully long stretch of science fiction history to overlook, isn't it?"
Aldiss seems to feel that authors of science fiction after Wells and before the Golden Age weren't very talented. Read the rest
My friend Vann Hall received the following email from the FBI. Apparently, they caught him through their, er, track light monitoring device. Vann, I hope you can clear this up quickly!
-------- Original Message --------
Subject: ISSUES OF FRAUD CRIME AGAINST YOU
Date: Fri, 20 Jan 2012 08:25:36 +0200
From: Mr Ronald Anthony (email@example.com)
To: undisclosed-recipients:; Read the rest
THIS IS THE (F.B.I)
FBI Headquarters in Washington, D.C.
Federal Bureau of Investigation
J. Edgar Hoover Building
935 Pennsylvania Avenue,
NW Washington, D.C. 20535-0001
FEDERAL BUREAU OF INVESTIGATION (FBI)
This the Federal Bureau Of Investigation (FBI) We are writing in response to our track light monitoring device which we received today in our office about the illegal transactions that you have been involve in for a long time now.
We understand from our general investigations that some con men from Australia has been ripping a man off him hard earned money with the pretense of dealing with birds Company that will deliver a pet to him and the proposed amount which was to be transferred to you is the sum of $5,000,000 Usd as stated in our record here.
We also got a complain from our Australia man counterpart stating that your identity/information's was used to dupe a Australia business man to the tune of $4 Billion Usd by some Australia Fraudsters which you have been in contact with for some time now.
The German Government has ordered for your urgent arrest regarding the crimes that was committed with your name,after all the series of investigations conducted here in our office we tracked your record and we found out that you have never been jailed or had any fraudulent case that may jeopardize your image and personality.
Brian Jewett makes various kinds of sculptural housewares, including ticket bowls ("Made by winding multiple rolls of tickets into one disc, shaping and sealing"). He made this ticket-bowl teapot as a commission for teapot collectors Gloria and Sonny Kamm.
Read the rest
VeriSign Inc., the company responsible for assuring that more than half the world’s websites are authentic, was hacked multiple times in 2010, and the thieves succeeded in stealing information, reports Christopher Maag in Credit.com
When users click on a website, or on a hyperlink that would carry them to a website, their browser automatically checks the site’s security certificate to make sure that it’s authentic. If there’s a problem with the certificate, the browser may present a warning screen advising the user of possible security threats, or it may block access altogether.
If hackers gain access to those certificates however, they can make their own copy that looks exactly like the real thing. That would enable them to run a virtually fool-proof phishing scheme, diverting users to a fake website in order to steal account passwords, Social Security numbers and other valuable private data.
VeriSign, pillar of Internet security, hacked Read the rest
Shane Speal says:
The Speal’s Tavern Cigar Box Guitar Museum near Pittsburgh, PA has been expanded and improved for 2012. The museum now sports over 40 handmade instruments, cigar box amplifiers, antique photos and artwork along with historical facts and discoveries. The 2012 exhibit will be unveiled this Saturday, February 18 at 6pm followed by a special Mardi Gras blues concerty by museum creator and cigar box guitarist, Shane Speal.
The centerpiece of the museum is a 92 year old cigar box guitar from 1910. It’s crude form features only a single string and is very similar to instruments performed in Vaudeville theatre at the turn of the Century. The museum is free and open to the public during Speal’s Tavern regular business hours.
See photos of the entire collection Read the rest
Here's a trailer for Tim Burton's forthcoming adaptation of the satirical horror novel Abraham Lincoln: Vampire Hunter. Hard to tell how Burton will play it -- it will be tricky to maintain the relevance of the fact that the action hero is also Honest Abe without obliterating suspension of disbelief, since each reminder of this fact is a bit jarring in the context of a fun/funny horror romp.
Here's the Onion's Sean O'Neal's thoughts:
Adapted from the monster mash-up novel from Seth Grahame-Smith, the forthcoming film from Wanted director Timur Bekmambetov and producer Tim Burton obviously gets fairly tongue-in-cheek with its alternate U.S. history—the kind the liberal-run schools are too afraid to teach you—but it's not like you’d necessarily know it from this teaser.
Abraham Lincoln: Vampire Hunter
(Thanks, Fipi Lele!)
Read the rest
Over at Submitterator, anelson sends us this surreal video of a child playing with a huge pack of Saint Bernards in a temperate rainforest in British Columbia. I love the idea of being surrounded by these panting, gallumphing beasts.
Thanks anelson! [Video Link] Check out more wonderful submissions here Read the rest
Buzzblog sez, "Ten years ago today, at 9:25 a.m., Slashdot founder Rob 'CmdrTaco' Malda, used his insider access to the homepage of one of the tech world’s most popular forums to send a very public Valentine’s Day marriage proposal to Kathleen Fent. Fifteen minutes later she said yes -- and then called him a dork -- an exchange that would generate more than 2,000 comments and make news on other tech sites. As the 10th anniversary of the proposal approached, Network World asked the couple to share their memories of that day and thoughts about it since, as a kind of case study on how this type of public proposal – be it on Slashdot or the stadium Jumbotron – holds up over the years. Would they recommend it? … Seems there is disagreement on that score."
Read the rest
Kathleen, what was your reaction the moment you read your name in that headline and realized what was happening?
I knew something was afoot when I left for work and Rob said "See you soon!" I decided to check Slashdot right away when I got to work to see what was going on. When I saw my name in the proposal, I slammed my hand down on the desk and screamed, "Oh my god!" before I could even read the entire article. I started to hyperventilate.
Everyone rushed back to my cubicle to see what was the matter. I had to resist the urge to phone Rob at home, knowing that an email reply was much more fitting for the eventual story we'd tell.