The Independent's Simon Calder reports that the US Department of Homeland Security has ordered air carriers to hand over the personal information of British people travelling to the Caribbean, Mexico and Canada, even for flights that don't fly over US airspace. What's more, they demand the right to order passengers to be yanked from flights right up to boarding time, without explanation. Essentially, they're extraterritorializing the No-Fly list, a list of thousands and thousands of people who are deemed -- for secret reasons -- to be so dangerous that they're not allowed to fly, but not so dangerous that they can be arrested.

Given that this is April 1, I'm slightly suspicious, as this is so blatantly evil that it's hard to believe that UK carriers would capitulate to it. On the other hand, everyone capitulates to the undemocratic absurdities of the American security-industrial apparatus.

Simon Hughes, the deputy leader of the Liberal Democrats, told The Independent: "The concern by the US for its own security is entirely understandable, but it seems to me it's a whole different issue that American wishes should determine the rights and choices of people travelling between two countries neither of which is the US."

...Any passenger who refuses to comply will be denied boarding. Those who do supply details may find their trip could be abruptly cancelled by the Department of Homeland Security, which says it will "take boarding pass determinations up until the time a flight leaves the gate ... If a passenger successfully obtains a boarding pass, his/her name is not on the No Fly list." In other words, travellers cannot find out whether they will be accepted on board until they reach the airport...

The US will have full details of all British visitors to Cuba, including business travellers, which could potentially be used to identify people suspected of breaking America's draconian sanctions against the Castro regime.

Neil Taylor, a tour operator who pioneered tourism to Cuba, said: "Imagine if the Chinese were to ask for such data on all passengers to Taiwan, and similarly if the Saudis were to ask about flights to Israel – would the US government understand?

"One also has to wonder how an American traveller in Europe would react if he were denied boarding on a flight from London to Rome because the German government had not received sufficient data from him."

Planning a trip to Canada or the Caribbean? US Immigration may have other ideas... (via /.)

(Image: Malleus Maleficarum (title page) by Heinrich Kramer, Wikimedia Commons)

Tomi Ahonen has a really interesting post on how it is that major, top-selling phone companies -- Siemens, Motorola, Palm, Nokia, Windows Mobile, RIM -- can see their sales fall off a cliff as the whole world seems to decide, en masse, that the phones are no longer the bee's knees. Ahonen marks it up to the fast replacement-cycle with phones, the tenuous relationship with dealers, and the concentration of power among the carriers.

I think there are three factors that help create The Cliff. First, there is the replacement cycle. The average replacement cycle for mobile phones in year 2000 was 21 months. By year 2006 it was down to 18 months. Today it is 16 months (all handsets). For smartphones it is even faster, at 11.5 months. A car is replaced something like every 3 or 4 years on average. A TV set once every 7 years. A personal computer every 3 and a half years. But mobile phones are replaced every year and a half, smartphones replaced every year (on average).

So if you have a bad model car, and your sales suffers because of it, you will not lose all your loyal customers in a year or two, because many of your customers have last year's model and are happy with it, and will not even come to your car dealership until two years from now to consider the replacement model, by which time you have had plenty of time to fix the problems with your current car model.

In mobile phones we do not have that luxury. The pace is so fast. And note that the rate of the collapse due to The Cliff is actually accelerating. This also suggests the replacement cycle and The Cliff are related.

A second point is the dealerships. Some technology is kind of 'protected' from rapid market fluctiations, because it is sold by the manufacturer's own stores (like Sony flagship stores for example) or through branded dealerships (like in new car sales) or by registered partners (like many personal computers, sold through 'VARs' Value Add Resellers, who are authorized with given PC brands). In mobile phones, there used to be no branded shops (Apple changed that of course) and Nokia briefly tried its own Nokia branded flagship stores - most of them have been discontinued. So if you have branded dealers, that helps dampen the fluctuation, even if you have a bad model year of your products, the damaging effect is not as severe. Mobile phones are sold whether in operator/carrier stores, or independent handset retailers, with essentially all handset brands and many of their models on display side-by-side in the store. Note, that of current handset makers, only Apple is a little bit immunized but not completely so, as it also operates its own Apple stores.

The third point is the carrier relationship. The operator/carrier has exceptional influence in the mobile phone handset business. If the carrier/operator decides to push a given phone, it can help it succeed, yes, but that is not dramatic gains. But if the the carrier/operator community decides to punish a given brand, it rapidly dies. We heard just now from Finland (of all places) that a survey of major handset stores in the biggest cities of Finland by the commerical TV broadcaster MTV3 - found that in most handset stores (both operator stores and independent stores) - even if the consumer asked for the Nokia Lumia by name - most sales representatives would not show the Nokia Lumia to the customer, and showed Samsung Android handsets instead. This even as the stores had Lumia in stock and the biggest in-store displays were featuring Lumia.

The 'Cliff Theory' ie How Handset Makers Die, why in Mobile Phones do Companies Collapse so Rapidly (Siemens, Motorola, Palm, Nokia, Blackberry and Windows Mobile) (via Beyond the Beyond)

Three times a week I get up early to go lift weights with a colleague. One of the main motivations for getting out of bed is the knowledge that I'll have ample coffee throughout the day to keep me going post-workout. In the past I've carried the previously reviewed Contigo (which is still the best travel cup around) but found it held too little, especially if I share coffee with my work out partner. I've also used my fiancee's grandfather's old Thermos built around an insulated glass bottle which, while larger, is too fragile for daily use that involves rolling around in the trunk of my car. I realized I needed a replacement.

Read the rest

A group of researchers at Drexel University have demonstrated a method of recovering credit card details and other sensitive information from used Xbox 360s, even after they have been "reset to factory defaults." The method is straightforward and uses readily available tools. Ashley Podhradsky, one of the Drexel researchers, says, "Microsoft does a great job of protecting their proprietary information. But they don't do a great job of protecting the user's data."

Which is to say that Microsoft is spending a lot of money and resource in ensuring that your Xbox 360 only runs software that is authorized by Microsoft (like Apple and iOS and Nintendo and the Wii/3DS, Microsoft charges money for the right to sell software that will play on your device). But they don't pay any particular attention to protecting your interests as the owner of the device.

What's more, the Digital Millennium Copyright Act, which regulates the breaking of software locks, makes it illegal to investigate the internal workings of devices like the Xbox 360, and to publish the details of your findings, where those findings might also aid people in choosing to run unauthorized software on their own property.

Podhradsky, along with colleagues Rob D'Ovidio and Cindy Casey at Drexel and Pat Engebretson at Dakota State University, bought a refurbished Xbox 360 from a Microsoft-authorized retailer last year. They downloaded a basic modding tool and used it to crack open the gaming console, giving them access to its files and folders. After some work, they were able to identify and extract the original owner's credit card information.

We reached out to Microsoft for comment on this issue, but as of press time, they have not yet responded.

Podhradsky isn't even a gamer, she says. For seasoned modders and hackers, the process might be even easier.

"A lot of them already know how to do all this," she said. "Anyone can freely download a lot of this software, essentially pick up a discarded game console, and have someone's identity."

..."I think Microsoft has a longstanding pattern of this," Podhradsky said. "When you go and reformat your computer, like a Windows system, it tells you that all of your data will be erased. In actuality that's not accurate—the data is still available... so when Microsoft tells you that you're resetting something, it's not accurate. There's a lot more that needs to be done."

Hackers Can Steal Credit Card Information From Your Old Xbox, Experts Tell Us (via /.)

(Image: Red Ring of Death: RRoD 1 Microsoft Xbox 360, a Creative Commons Attribution (2.0) image from tomasland's photostream)

Designer Christian Annyas has assembled a gallery of "100 logos from American and Canadian railroad companies," dating from 1845 to 2000. They show a microcosm of a century and a half's worth of evolution in design sensibility, but they also show just how lovely and evocative many of the logos of these forgotten railroads once were.

Railroad company logo design evolution (via Kottke)

Deborah sez, "This landlord of an abortion clinic has turned the tables on anti-abortion protesters. His army of volunteers calls the anti-abortion protesters at home and say thanks for your concern but he's just a landlord and can't do anything about it. Very nice turning of the tables on the anti-abortionists."

Jezebel's Cassie Murdoch tells the story in detail, describing how Todd Stave, landlord to Germantown, Maryland's Reproductive Health Services Clinic, has faced systematic harassment, and has fought back by enlisting an army of thousands of telephoners who call back the people who place harassing calls and politely tell them off. The group is called Voice of Choice. They look up the family details of harassers who make references to their victims' families and make a point of dropping the names of their kids and their kids' schools into the conversation.

Predictably and sadly, this has upped the ante, and so now the anti-choice squads are doing things like distributing fliers featuring photoshops of Stave as Hitler, with the personal details of Stave's relatives and in-laws to Stave's neighbors. They picket Stave's kids' school on parent-teacher nights, holding signs with pictures of foetuses and bearing Stave's name and contact details. There's even one guy who pickets the dental office of Stave's brother-in-law (that is, he pickets the brother-in-law of the landlord of a doctor who performs abortions).

When asked if he thought this method of payback was harsh, Stave said no: "We gave them back what they gave us." Actually, not even. You gave back a mild, family-friendly version of what they gave to you. You proved to them that you know where they live and who their children are, but you didn't show up at their homes and schools and threaten them. You didn't come onto their lawn with posters detailing terrible imaginary things that they've done. You're serving up Revenge Lite™: Tastes great, less killing.

What's more, Stave is strict about who Voice of Choice will make calls for. If it's just run-of-the-mill protests outside clinics, he won't help them because he believes in people's First Amendment right to be out there saying what's on their mind. Protestors must be personally harassing doctors or landlords in order for Stave to step in. If only abortion opponents had the same respect for people doing what they were allowed by law to do. Ahem.

So this is the part where the evil bullies who've plagued him (and others) at all hours of the day or night learn their lesson after having a taste of their own medicine, right? Yep, yep. They all realized they were being horrible, and now every anti-abortion protester is treating their pro-choice opponents with the utmost respect. HA. No. Actually this is the part in the story where it gets much worse. Ready?

Payback Is a Bitch for Abortion Clinic Protestors, Thanks to a Brilliant Landlord (Thanks, Deborah!)

BB pal Gareth Branwyn sez, "Just wanted to alert you, in case you were unaware, that my old cyberpal John Shirley's seminal series A Song Called Youth just came out in a new omnibus edition with a new introduction by Richard Kadrey and a biographical note by Chairman Bruce Sterling."

In a near-future dystopia, a limited nuclear strike has destroyed portions of Europe, bringing the remaining nation-cities under control of the Second Alliance, a frighteningly fundamentalist international security corporation with designs on world domination. The only defense against the Alliance's creeping totalitarianism is the New Resistance, a polyglot team of rebels that includes Rick Rickenharp, a retro-rocker whose artistic and political sensibilities intertwine, and John Swenson, a mole who has infiltrated the Alliance. As the fight continues and years progress, so does the technology and brutality of the Alliance... but ordinary people like the damaged visionary Smoke, Claire Rimpler on FirStep, and Dance Torrence and his fellow urban warriors on Earth are bound together by the truth and a single purpose: to keep the darkness from becoming humankind's Total Eclipse - or die trying! John Shirley was cyberpunk's patient zero, first locus of the virus, certifiably virulent."-William Gibson. An omnibus of all three novels-revised by the author-of the prophetic, still frighteningly relevant cyberpunk masterpieces: Eclipse, Eclipse Penumbra, and Eclipse Corona.

A Song Called Youth

Here's Kevin Smith discussing his success as an independent, and rebutting critics who say that his go-it-alone strategy for his Red State (which is, by the way, excellent) was only possible because he'd made a name for himself:

Anyone that tells you "oh he could do it because he's Kevin Smith"—tell 'em horseshit, man. That's somebody who's trying to tell you "don't try, you can't try, he did it, he can do it, you can't do it." Don't listen to that shit man. Think of life and progress as a game—I always think of it in terms of a game of hockey. When you're skating with the puck towards the net there's always a motherfucker trying to hook you from behind, just to slow you up enough, 'cause nobody wants to see anybody succeed. So don't listen to that. When you hear somebody go "well of course he could do it, he's Kevin Smith"—those same assholes, before I did it, were like "it's never gonna work, it's dumb, he crazy". And then when it worked, they didn't go like "you know what? we were wrong"—instead they say "well only he could do it because he's Kevin Smith" and I say horseshit. Kevin Smith wasn't always Kevin Smith, nor was Kevin Smith the little kid that pulled the fucking sword from the stone.

Now am I going to say like, this is the only way it should ever be done forever? No but you're always looking for alternatives, because the old method doesn't so much work anymore. You can't just put a commercial on TV and expect a bunch of people to show up and see it at the movie theatres. They have too many choices. They can just stay home and surf porn on the internet. Why would you want to go see The Avengers when you can watch like three people having sex from the privacy of your own home? You're competing for attention, and in a world where you're competing for attention, you have to figure out ways to make it more interesting for the audience to come out. It's no longer enough to be like "here's the movie, come see it".

Techdirt's Leigh Beadon relates this to Masnick's Law: "in any conversation about musicians doing something different to achieve fame and/or fortune someone will inevitably attempt to make the argument that 'it only worked for them because they are big/small and it will never work for someone who is the opposite,' no matter how much evidence to the contrary might be readily available."

Kevin Smith On Why You Don't Have To Be Kevin Smith To Try Innovative New Things

In this 1945 Mechanix Illustrated article, Harold S. Kahm sets out the facts for any would-be ride-designers looking to hit the jackpot with a new high-speed thrill. Starting with the origin story of the bumper car (a WWI munitions plant worker built a miniature truck for hauling parts, the plant workers went crazy riding it, so he covered it with bumpers and turned it into a carny ride), he moves onto the holy grail of 1945 amusement parks: a portable ride. The best thing about this article are the diagrams on the second and third pages. Woah. Charlie at the Modern Mechanix blog has them up at a generous 1800px wide, perfect for clip-art harvesting.

As a matter of fact, hundreds of new ideas for rides flow into the offices of ride manufacturers in a steady stream, but not one in a hundred is even worth consideration, simply because the average inventor has no understanding of the technical requirements of the industry; he doesn’t, in fact, seem to know anything about anything—if you can believe the expert ride men. So if you think you’d like to try your luck in this fabulously successful field, which is certainly one of the best in the world for the amateur inventor, here are the facts you should know: The average successful ride is easily portable; it can be set up or dismantled in a few hours, and conveniently loaded into one or two trucks. If it is not portable, in this manner, it will be of no use to the richest and biggest ride market—the travelling carnival. A portable ride, on the other hand, is just as saleable to permanent amusement parks. In other words, you can sell a portable ride to any ride operator, but if it isn’t portable your market is limited to parks alone.

If you can figure out a way to make permanent park rides portable—such as the roller coaster—you’ve got yourself a million dollars; every big carnival company in existence would buy one, and wouldn’t hesitate to pay $50,000.00 for it. A coaster in a good location can make that much in a season. But on the other hand, just design a new and better type of coaster for parks and you’ll do all right, too; $5,000.00 royalty per coaster is considered a reasonable payment, and there might be 200 park owners scrambling for the new design.

WANTED – A MILLION-DOLLAR RIDE (Jun, 1945)

Read the rest

Superman can be a real jerk! "Comics Showing Superman Crazy Sociopath WTF Funny" (Happy Place)

UPDATE: Ah! Turns out, this is a dupe of Cory's 2006 dupe of Mark's 2005 post pointing us to Superdickery where it seems this gallery first appeared! A natural classic!

The Electronic Frontier Foundation's Marcia Hoffman writes about security research companies that work to discover "zero day" vulnerabilities in software and operating systems, then sell them to governments and corporations that want to use them as a vector for installing spyware. France's VUPEN is one such firm, and it claims that it only sells to NATO countries and their "partners," a list that includes Belarus, Azerbaijan, Ukraine, and Russia. As Hoffman points out, even this low standard is likely not met, since many of the governments with which VUPEN deals would happily trade with other countries with even worse human rights records -- if Russia will sell guns to Syria, why not software exploits? VUPEN refuses to disclose their discoveries to the software vendors themselves, even for money, because they want to see to it that the vulnerabilities remain unpatched and exploitable for as long as possible.

“We wouldn’t share this with Google for even $1 million,” said VUPEN founder Chaouki Bekrar. “We don’t want to give them any knowledge that can help them in fixing this exploit or other similar exploits. We want to keep this for our customers.” VUPEN, which also “pwned” Microsoft’s Internet Explorer, bragged it had an exploit for “every major browser,” as well as Microsoft Word, Adobe Reader, and the Google Android and Apple iOS operating systems.

While VUPEN might be the most vocal, it is certainly not the only company selling high-tech weaponry on the zero-day exploit market. Established U.S. companies Netragard, Endgame, Northrop Grumman, and Raytheon are also in the business, according to Greenberg. He has also detailed a price list for various zero-day exploits, with attacks for popular browsers selling for well over $100,000 each and an exploit for Apple’s iOS going for a quarter million. But who exactly are these companies selling to? No one seems to really know, at least among people not directly involved in these clandestine exploit dealings. VUPEN claims it only sells to NATO governments and “NATO partners.” The NATO partners list includes such Internet Freedom-loving countries as Belarus, Azerbaijan, Ukraine, and Russia. But it’s a safe bet, as even VUPEN’s founder noted, that the firm’s exploits “could still fall into the wrong hands” of any regime through re-selling or slip-ups, even if VUPEN is careful. Another hacker who goes by the handle “the Grugq” says he acts as a middleman for freelance security researchers and sells their exploits to many agencies in the U.S. government. He implies the only reason he doesn’t sell to Middle Eastern countries is they don’t pay enough.

EFF calls out governments for trafficking in these vulnerabilities, rather than demanding their disclosure and repair. Any unpatched vulnerability puts every user of the affected software at risk. For a government to appropriate a vulnerability to itself and keep it secret in the name of "national security," rather than fixing it for the nation's citizens, is "security for the 1%."

“Zero-day” exploit sales should be key point in cybersecurity debate

Sculptor Christopher Locke makes the most amazing spiders out of scissors -- but not just any scissors. Scissors that the TSA confiscated and auctioned off.

Although the TSA website says scissors with blades less than four inches are allowed on airplanes, the individual officers conducting the screening have the authority to confiscate anything they think could be used as a weapon. As a result, hundreds of pairs of scissors are confiscated daily at American airports.

Scissor Spiders (via Colossal)

In the Boing Boing store, a bubblegum-based label-writer. Feed it with any standard bubblegum tape, and stamp your message into it before you begin your chewy chewing for choosy chewers.

Bubble Roll Message Maker

Romssonson created a single YouTube video displaying a grid of 130 miniature Simpsons episodes:

About the video:

-Top to bottom: each row shows a season (from season 1 to season 10)

-Left to right: each column shows an episode (from episode 1 to episode 13)

A total of 130 episodes is displayed, framerate is 25fps, thumbnails have been captured at 80x60px

Watching +100 The Simpsons episodes at the same time (experiment) (via Kottke)

Here's the 11th episode of MAKE's podcast, Make: Talk! In each episode, I interview one of the makers featured in the magazine.

Our maker this week is Yury Gitman. Yury's a toy inventor and a product designer who teaches physical computing and toy design at Parsons The New School for Design in New York. In the current issue of MAKE, Volume 29, Yury co-wrote an article about his Pulse Sensor, a wearable heart beat sensor that he created with his colleague Joel Murphy.

Before the interview with Andy, I mention a cool project on our makeprojects.com website. It's a guide on how to harvest and use squid ink, which you can use for cooking or printing. It was written by Instrucatables.com cofounder Christy Canida.