Submit a link Features Reviews Podcasts Video Forums More ▾

Preliminary analysis of Anonymosus-OS: lame, but no obvious malware


On Ars Technica, Sean Gallagher delves into the Anonymosus-OS, an Ubuntu Linux derivative I wrote about yesterday that billed itself as an OS for Anonymous, with a number of security/hacking tools pre-installed. Sean's conclusions is that, contrary to rumor, there's not any malware visible in the package, but there's plenty of dubious "security" tools like the Low Orbit Ion Cannon: "I don't know how much more booby-trapped a tool can get than pointing authorities right back at your IP address as LOIC does without being modified."

As far as I can tell, Sean hasn't compared the package checksums for Anonymosus-OS, which would be an important and easy (though tedious) step for anyone who was worried about the OS hiding malware to take.

Update: Sean's done the checksum comparison and found 143 files that don't match up with the published versions.

Some of the tools are of questionable value, and the attack tools might well be booby-trapped in some way. But I don't know how much more booby-trapped a tool can get than pointing authorities right back at your IP address as LOIC does without being modified.

Most of the stuff in the "Anonymous" menu here is widely available as open source or as Web-based tools—in fact, a number of the tools are just links to websites, such as the MD5 hash cracker MD5Crack Web. But it's clear there are a number of tools here that are in daily use by AnonOps and others, including the encryption tool they've taken to using for passing target information back and forth.

Lame hacker tool or trojan delivery device? Hands on with Anonymous-OS

California is OK

TSA Precheck: $100 application fee to skip the song and dance

The TSA has announced a new program rolling out at a few airports that allows selected customers to skip the security lines by checking in at a kiosk and going through a nominal screening, but only after they've paid a $100 application fee and been approved through a background check. The Wall Street Journal reports:

The Transportation Security Administration is rolling out expedited screening at big airports called "Precheck." It has special lanes for background-checked travelers, who can keep their shoes, belt and jacket on, leave laptops and liquids in carry-on bags and walk through a metal detector rather than a full-body scan. The process, now at two airlines and nine airports, is much like how screenings worked before the Sept. 11 attacks.

To qualify, frequent fliers must meet undisclosed TSA criteria and get invited in by the airlines. There is also a backdoor in. Approved travelers who are in the U.S. Customs and Border Protection's "Global Entry" program can transfer into Precheck using their Global Entry number.

 I can't quite decide whether this is the TSA finally getting their shit together to put things back to normal with some intelligent screening practices that inexplicably can't be covered by the same budget that bought all those scanners, or if it's boldly admitting to the world that it's all been a horrific charade. Let's see what the TSA blog has to say about it:

 

Are you all "rararar why is this gif here i don't understand humor"? Here's a thorough explanation.

Choreography + EL wire = awesome dance party

Here's Japan's Wrecking Crew Orchestra performing some pretty wonderful dance moves made all the better by their electroluminescent wire garments, which cause them to seemingly wink in and out of existence on the dark stage

WRECKING CREW ORCHESTRA 20120208EL (Thanks, Fipi Lele!)

Copyright Math: the best TED Talk you'll watch all year

This may just be the best TED Talk video I've seen: listen.com/Rhapsody founder and extremely funny person (and soon-to-be debut science fiction author) Rob Reid examines the math behind the claims made by the copyright lobby and explains the mindbending awesomeness of the sums used to justify SOPA, PIPA, ACTA and the like. Here's Ars Technica's Ken Fisher discussing Reid's philosophy:

Reid’s goal was to capture and represent some of the rhetoric from that past decade and a half in a way that would fill the hall with laughter, even if some of it came at the expense of some clearly ridiculous industry arguments. “Everyone can laugh at silly infographics,” Reid opined while silently crushing the serious journalism dreams of hacks everywhere. “And who doesn't want to deface a Leave-it-to-Beaver-like Christmas scene with pirate-and-Santa graffiti?”

The brilliance of Reid’s talk is that he thoroughly skewers the content industry’s dubious appeal to quantitative reasoning. We’ve all see the headlines proclaiming huge numbers of dollars, jobs, and patents lost to piracy. The appeal to quantitative measures is supposed to undermine counterarguments by doing two things: slyly stepping into a (pretend) world of objectivity, and raising the alarm with big, scary numbers. It’s hard to look at those kinds of headlines in the same way after Reid’s elegantly hilarious skewering.

Reid’s examination of Copyright Math began when he started working on his soon-to-be published debut science fiction novel, Year Zero, which Random House is publishing in early July (we’ll be reviewing it). Year Zero tells the story of how the toxic legal byproducts of some overly litigious lawyers cause problems that make global warming seem downright cozy. Not to give it away, but could you imagine how pissed off an alien music lover might get if he was sued into bankruptcy for pirating a few lousy Rick Astley songs?

Copyright Math: a quantitative reasoning master class by Rob Reid (video)

Using Kickstarter to make fine art without galleries or grand committees or gazillionaires


Molly Crabapple sez, "While cultural institutions, from record labels to newspapers, are crumbling around us, the fine art world has remained relatively unchanged. Medici is The Crowd is an article about how I decided to create large, elaborate, political art without waiting for permission, and to fund it with the speed and populism of the internet. Shell Game, my art show about the financial crisis, whose Kickstarter inspired this article, is here."

Molly is a brilliant and principled artist, and a Kickstarter genius. She's got something to say.

What I wanted to figure out was a way to create work that was funded neither by rich collectors, nor by grant committees, nor by someone's supportive sugar daddy. I wanted to make giant, fancy, glittering art, paid for by small donors, all of whom, even if they couldn't afford the pieces I was making, got something of value in exchange. I wanted to make and fund art with the democracy and speed of the internet.

I decided to turn to the crowd-funding platform Kickstarter, where I had done three other successful projects.

Kickstarter is run on small backers, with most people donating between $20 and $100 dollars.

Here was my plan to give them something awesome:

I broke my rewards into four categories: "Access," "Artifact," "Art Objects," and "Art." "Access" was livestreams and parties and interactions with my backers. I wanted to hear their thoughts, and give them mine. "Artifact" meant the brushes, drawing scraps and paint battered palates that went into making giant paintings. I got the idea watching baseball players sell their baseballs. For "Art Objects," I made postcards, art-adorned poker chips, and other reasonably-priced reproductions.

Comment: Medici is the Crowd (Thanks, Molly!)

Android screen lock bests FBI

A court filing from an FBI Special Agent reports that the Bureau's forensics teams can't crack the pattern-lock utility on Android devices' screens. This is moderately comforting, given the courts' recent findings that mobile phones can be searched without warrants. David Kravets writes on Wired:

A San Diego federal judge days ago approved the warrant upon a request by FBI Special Agent Jonathan Cupina. The warrant was disclosed Wednesday by security researcher Christopher Soghoian,

In a court filing, Cupina wrote: (.pdf)

Failure to gain access to the cellular telephone’s memory was caused by an electronic ‘pattern lock’ programmed into the cellular telephone. A pattern lock is a modern type of password installed on electronic devices, typically cellular telephones. To unlock the device, a user must move a finger or stylus over the keypad touch screen in a precise pattern so as to trigger the previously coded un-locking mechanism. Entering repeated incorrect patterns will cause a lock-out, requiring a Google e-mail login and password to override. Without the Google e-mail login and password, the cellular telephone’s memory can not be accessed. Obtaining this information from Google, per the issuance of this search warrant, will allow law enforcement to gain access to the contents of the memory of the cellular telephone in question.

Rosenberg, in a telephone interview, suggested the authorities could “dismantle a phone and extract data from the physical components inside if you’re looking to get access.”

However, that runs the risk of damaging the phone’s innards, and preventing any data recovery.

FBI Can’t Crack Android Pattern-Screen Lock

Daily Show's Kristen Schaal on GOP attack on women's reproductive rights

Here's a transcript of some of Kristen Schaal's Daily Show routine on the current mandatory transvaginal ultrasound disgrace and the national attack on women's reproductive rights:

I just flew in from Virginia, and boy is my vagina tired! From the involuntary ultrasound wanding — AM I RIGHT, LADIES? (Beat.) And by the way, why do they call it a ‘wand’? Where are we — Hogwarts? The only thing magically disappearing was my dignity and privacy, BOOM!!!

…What’s the difference between a fertilized egg; a corporation; and a woman? (Beat.) One of them isn’t considered a person in Oklahoma! BOOM!!!

— KRISTEN SCHAAL, on The Daily Show (via Beth Pratt)

Anonymosus-OS: an OS for Anons


A group working under the Anonymous banner has release Anonymosus-OS, a derivative of the Ubuntu GNU/Linux distribution optimized for doing Anonymous-style stuff, with a bunch of "security testing" tools included in the distro. Given recent revelations about the infected version of the Low-Orbit Ion Cannon, it would be prudent to manually verify all the package checksums before using this.

Here some of preinstalled apps on Anonymous-OS:

- ParolaPass Password Generator
- Find Host IP
- Anonymous HOIC
- Ddosim
- Pyloris
- Slowloris
- TorsHammer
- Sqlmap
- Havij
- Sql Poison
- Admin Finder
- John the Ripper
- Hash Identifier
- Tor
- XChat IRC
- Pidgin
- Vidalia
- Polipo
- JonDo
- i2p
- Wireshark
- Zenmap
…and more

Anonymosus-OS

Speech synthesizer in 1K of Javascript

Mathieu 'P01' Henri, a French Web developer, has produced a functional speech synthesizer in 1k of JavaScript. It's an entry in the fourth JS1K competition.

JS1K#4 was colliding with our long awaited family vacation. I had very little time to work. Audio was ON this time and I had this tiny speech synthesizer laying around waiting to be ported to JavaScript and optimized to oblivion.

* Based on Tiny Speech Synth by Stepanov Andrey
* Optimized and minified manually, by yours truly
* Compressed down to 1020 bytes using First Crush by @tpdown

To go under 1K, I had to limit the synthesizer to two formant filters using either a sawtooth or noise and discard plosive sounds. In other words I had to sacrifice quality a bit.

Hope you like this entry.

JSK1K Speech Synthesizer

(via Waxy)

Revealed! Kony 2012's sinister Musical Comedy roots

From the first time I watched "Kony 2012," I always sensed a link with the storyline of Matt Stone and Trey Parker's Book of Mormon musical. But sweet fancy Moses, I did not know how closely linked the two truly were.

Aaron Stewart-Ahn tells us about the video above (which has been taken down by Invisible Children, but mirrored elsewhere):

Here's where the money has been going to: Invisible Children founder Jason Russell's vanity dance musical numbers which start off with exploitative footage of suffering children. How did no one else catch this? It makes the Kony 2012 video look subtle and sane. He's basically using this to fund his desire to make Glee.

This is where the millions are being spent: vanity musicals. Did Trey Parker write this??!! Russell has mentioned repeatedly how his ambitions were to make musicals. He intimated that he was going to make the musical popular again á la Glee, but this didn't work out—so he ended up in advocacy. It was that chat at the evangelical conference. So, here's a direct youtube link to 9m 10secs in the video where he talks about making musicals, and casually talks about his dream of documenting genocide.

That bit with the t-shirt with the African child on it is just... I'm speechless. Wonder why they've removed it from their YouTube channel, since it looks so damn expensive? It's insane, isn't it? I mean, seriously: it makes Scientology videos look charmingly naive.

UK funnyman Charlie Brooker has a bit of fun with Invisible Children and the Kony 2012 viral phenomenon, in the video embedded below.

Bonus round, below. Brooker asks, "Can ANYONE explain how this EPIC visual embarrassment helps Africa? OH GOD THERE'S MORE. Also: how much did this cost, did donations fund it, and what the TWIRLING FUCK does it mean?"

Read the rest

The Snowfield: A game of small mercies

On Play This Thing, Greg Costikyan reviews The Snowfield, a game developed as a student project at the Singapore MIT GAMBIT Game Lab. It sounds like a very odd and compelling experience: in The Snowfield, you're tasked with gathering up the survivors of a brutal battle on the eastern front in WWII and coaxing them to gather at a ruined house where a fire will keep them from freezing to death. Greg calls it "a game of small mercies."

You begin on what was clearly a battlefield not long ago, strewn with corpses, barbed wire, and broken fences, covered in snow. You are huddled and obviously freezing. There are some other soldiers in the area, mostly standing in a daze, shell-shocked; they speak to you (a handful of catch-phrases repeated), in German; evidently, this is the Eastern Front in World War II, though none of the corpses are wearing Russian uniforms. The setting is stark, and emotionally impactful.

Movement is via WASD; some items can be picked up, though only one at a time, and handed to others. In a ruined house nearby is a fire; if you spend too much time away from it, you freeze to death, the view becoming blurry about the edges and what seem like ice cracks appearing in your vision as warning. It's easy to lose your bearings in the snow and freeze to death; the controls are also a bit awkward and you cannot climb even a fairly shallow slope, so you sometimes find it hard to extricate yourself from your current position.

The Snowfield

Synchrotrons explained (with donuts)

Synchrotrons are a type of particle accelerator—a family of machines that includes the famous Large Hadron Collider.

Different synchrotrons do different jobs. The Diamond Light Source synchrotron in the United Kingdom focuses on producing high-energy beams of light, which are used to aid all different kinds of scientific research—from microbiology to archaeology.

In this short video, Harriet Bailey and Alice Lighton of Elements, a British science news page, explain how Diamond produces light to begin with and how synchrotrons work. They do this, using a model built out of donuts.

This is part of a package of stories on the Diamond Light Source synchrotron. Go to Elements to check out the rest of their coverage, and learn about how this synchrotron is being used for tasks like preserving historic ships and fighting cancer!

Video Link

Via Ed Yong

Laser de-printer lifts ink from paper, leaving it ready to be reused

An experimental printer documented by Cambridge University scientists in a paywalled Royal Society paper is capable of laser-ablating the toner off of sheets of previously printed paper, leaving them ready to be reused. The device uses picosecond pulses of a green laser that passes through the cellulose in the paper, but vaporizes the toner.

The primary goal of unprinting is to cut down on the carbon footprint of the paper and printing industries. Manufacturing paper is incredibly messy business that produces millions of tons of CO2 every year. Recycling paper is definitely a step in the right direction, but it’s still a very resource-intensive process. If we could simply delete sheets of paper, rather than re-pulping them, we could cut down on electricity usage, CO2 output, and most importantly fresh water, which is growing more scarce by the year. It would also be rather handy if you never had to buy another ream of paper, too.

In a worst-case scenario, The University of Cambridge unprinting method has half the carbon emissions of recycling; best-case, unprinting is almost 20 times as efficient. It’s now a matter of building the technology into a commercial device, which the team admits is probably a long way off. High-powered picosecond lasers are the reserve of labs… for now!

The laser unprinter (via /.)

Darth Vader wheezing for ten hours straight

Need ten hours of Darth Vader's mechano-asthmatic wheeze? Look no further, for Murdock129's YouTube video has the soundtrack for your days.

10 Hours of Darth Vader Breathing (via IO9)