Mat Honan on being hacked

Mat Honan was hacked. The nightmare unfolded minute by minute, a sequence of security failures daisy-chaining their way into a disaster. But there was a single point of entry: Apple's willingness to hand over the keys to his account to anyone with the last four digits of his credit card number and home address.

What happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.

It reminds me of how air crashes occur. In isolation from one another, storms, structural flaws and tired or incompetent personnel are rarely enough. But together, in just the right sequence, it all goes horribly wrong.

The worst part: Wired attempted the same social engineering technique today, and it still won them control of iCloud accounts.

How Apple and Amazon Security Flaws Led to My Epic Hacking [Wired]

Previously: Yes, I was hacked. Hard. [] Read the rest

MPAA seeks UK sock-puppets to help them screw over TVShack's likable, innocent owner

Richard O'Dwyer, creator of the legal UK website TVShack, faces extradition to the USA (even though TVShack is probably legal in the USA too). As usual, the MPAA has managed to get lawmakers to do their bidding so well that it has made them look like the villainous corporate scumbags everyone suspects them of being. A freshly leaked memo described by TorrentFreak documents Big Content's strategy for winning hearts and minds:

“The overall media coverage has been and will continue to be challenging,” the MPAA writes.

They mention the petition of Wikipedia founder jimmy Wales, the Demand Progress campaign, and note that a recent survey showed that 95% of the public does not support the extradition. According to the MPAA, public opinion is skewed because people are being led to believe that TVShack was operating perfectly legal in the UK.

“To counter these assertions, the MPAA and its allies need a coordinated effort to focus more on the criminal activity involved in the operation of TVShack and other similar linking sites,” the MPAA notes...

“Ideally, this would be done through third parties – but finding third parties – especially in the United Kingdom – has been very difficult so far, so the MPAA must be prepared to respond to media requests on the issue and set the record straight to counter the misinformation campaign by our opponents.”

MPAA Recruits “Surrogates” to Support Extradition of UK Student Read the rest

Animated GIF of Mars Curiosity descent images

This animated GIF composed of descent images captured by NASA's Mars Curiosity rover as it headed towards landing is better than all the kittens on the internet combined. The video version is here. (via @nasasocial). Read the rest

Curiosity landing removed from YouTube after bogus copyright claim by Scripps

Ten minutes after NASA posted a video of the Curiosity landing on Mars to its official YouTube channel, the video was taken down again, replaced with a message saying it had been removed due to a copyright claim by Scripps Local News. It's not clear whether Scripps actually filed a takedown notice with YouTube or whether YouTube's "content-match" system was triggered automatically because Scripps registered a clip of its own news footage, incorporating the NASA footage, with YouTube.

Either way, it points out the enormous asymmetry in copyright today, a shoot first, ask questions later presumption of guilt that results in the evidence of billions of dollars of uplifting, tax-funded spectacle being removed from public view because of the grasping and depraved indifference of industries that are programmed to deny the idea that copying can be controlled.

Alex_Pasternack writes on Mother Board:

On Monday afternoon, a spokesperson for E.W. Scripps Company, owner of the news service, emailed Motherboard a statement apologizing for the accidental takedown. “We apologize for the temporary inconvenience experienced when trying to upload and view a NASA clip early Monday morning," wrote Michele Roberts. "We made a mistake. We reacted as quickly as possible to make the video viewable again, and we’ve adjusted our workflow processes to remedy the situation in future.”

This isn’t the first time that a claim by the company, Scripps News Service, has grounded a NASA YouTube video: it happened in April, with a video of one of NASA’s Space Shuttles being flown atop a 747.

Read the rest

If Hemingway (and Shakespeare, and co) were coders

Fat XXX's "If Hemingway wrote JavaScript" is a great piece of imaginative writing, speculating about the coding styles that various literary titans (Shakespeare, Hemingway, Dickens, Breton and more) would have employed:

function theSeriesOfFIBONACCI(theSize) {

  //a CALCKULATION in two acts.   //employ'ng the humourous logick of JAVA-SCRIPTE

  //Dramatis Personae   var theResult; //an ARRAY to contain THE NUMBERS   var theCounter; //a NUMBER, serv'nt to the FOR LOOP

  //ACT I: in which a ZERO is added for INITIATION

  //[ENTER: theResult]

  //Upon the noble list bestow a zero   var theResult = [0];

  //ACT II: a LOOP in which the final TWO NUMBERS are QUEREED and SUMM'D

  //[ENTER: theCounter]

  //Commence at one and venture o'er the numbers   for (theCounter = 1; theCounter < theSize; theCounter++) {     //By divination set adjoining members     theResult[theCounter] = (theResult[theCounter-1]||1) + theResult[Math.max(0, theCounter-2)];   }

  //'Tis done, and here's the answer.   return theResult;

  //[Exuent] }

If Hemingway wrote JavaScript (via Wired) Read the rest

Mars Curiosity Rover: Boing Boing's $2.5 billion dollar question about image file types, answered by JPL

Photo: Two of the first images transmitted back by Curiosity, as seen on monitors at JPL 20 minutes after the rover landed on Mars. (Xeni Jardin)

NASA's Jet Propulsion Laboratory was a magical place to be last night, as engineers, flight specialists, NASA administrators, space celebrities, and scientists from many fields gathered to witness the landing of the Mars Science Laboratory (MSL) Curiosity rover. Those seven minutes of terror ended in a picture-perfect landing: an amazing machine went through a crazy Rube Goldbergian descent sequence, and plopped down about two meters away from its planned destination on the Red Planet's surface.

We witnessed history. It seemed impossible. It was awesome.

I sat in on the post-landing press conference, and live-tweeted the evening at @boingboing. During the press conference, after the high-fives and screams of joy subsided, I asked MSL engineer Adam Steltzner a question about those first two all-important thumbnail images Curiosity sent back—critical because the data they contained would tell NASA if the rover had touched down in a safe spot.

[Video of that Q&A moment here.]

Given the great distance and technical challenges involved in transmitting timely data back from Mars, what file type and image compression algorithm(s) did they use for those first "rush" thumbnails? There's a 14 minute delay involved for any signals from Mars to Earth.

A dorky question, perhaps, but I was curious, and figured nobody else would ask. Things like, "Hey how do you guys feel right now," and "What will Curiosity do next," I knew others would tackle. Read the rest

Chavela Vargas, 1919-2012

The great ranchera songstress Chavela Vargas has died. She was born in Costa Rica, and became one of the most timeless interpreters of what was, and is, a predominantly masculine music genre. She came out as a lesbian at age 80. She was 93 when she died. An LA Times obit is here.

Though Vargas experienced her first flush of fame in the mid-20th century — with an outlaw image she cultivated by wearing men's clothing, packing a pistol and knocking back copious quantities of tequila — she enjoyed a second round of admiration that was perhaps even more intense beginning in the 1990s, with a rediscovery fueled in great part by Spanish filmmaker Pedro Almodovar, who championed her music for a new generation and included it in some of his films. It was Almodovar who perhaps best described Vargas' chosen instrument as "la voz aspera de la ternura" — the rough voice of tenderness.

A few radio stories: Tell me More, Morning Edition, The World. Read the rest

Tig Notaro joked about her breast cancer diagnosis during an epic set at Largo -- and killed

Standup comedian Tig Notaro took the stage Friday night at Largo as part of her farewell to Los Angeles as she prepares to move to New York to begin work on Amy Schumer's new show. But that wasn't all she was announcing: she revealed that following a string of personal tragedies (a terrible bout of pneumonia, her mother's death, and a breakup), she had been diagnosed with breast cancer. In both breasts. After starting her set with jokes about her diagnosis (“You have a lump.” “No, doctor, that’s my breast.”), she said she should maybe do some of her more light-hearted material, but someone yelled out: “NO. ABSOLUTELY NOT. THIS IS FUCKING INCREDIBLE.” She was killing it. I wasn't there (Kira Hesser was), but her fellow performers -- Louis C.K., Bill Burr, and Ed Helms -- posted raves on Twitter. Notaro had prefaced her set by saying that "everything is going to be okay," which only goes to show: awesome people are awesome, and cancer sucks. (via Splitsider, Uproxx) Read the rest

Wikipedia's list of infamous software glitches

Worth noting, especially if you read my piece last Friday about problems with America's electric infrastructure: Wikipedia's list of infamous software glitches includes the problems with General Electric Energy's XA/21 monitoring software that helped make the 2003 East Coast Blackout happen. (Via Kyle McDonald) Read the rest

Google Street View goes to Kennedy Space Center

I don't know what the best words ever written in the English language are, but I'm willing to put "Top of Launch Pad 39A, Address is Approximate" up there on the short list.

Among the images you can now explore online with the click of your mouse are the space shuttle launch pad, Vehicle Assembly Building and Launch Firing Room #4. Gaze down from the top of the enormous launch pad, peer up at the towering ceiling of the Vehicle Assembly Building (taller than the Statue of Liberty) and get up close to one of the space shuttle’s main engines, which is powerful enough to generate 400,000 lbs of thrust. And even though they recently entered retirement, you can still get an up-close, immersive experience with two of the Space Shuttle Orbiters—the Atlantis and Endeavour.

I'm not sure when this went live, but it's seriously phenomenal. And it's part of a larger series of special Street View galleries with geeky appeal. There are sets for Antarctica (see Shackleton's shack!), historic Italy (wander around the Colosseum!), and UNESCO World Heritage Sites (includes Pompeii!). In general, discovering this could be a major time-suck for me, if I'm not careful.

See the NASA collection

Check out the other Street View Galleries Read the rest

The teaser trailer for Kathryn Bigelow's controversial Zero Dark Thirty hits the web

Before May 2, 2011, Oscar-winning director Kathryn Bigelow was working on a movie about the manhunt for Osama bin Laden. After May 2, 2011, she had to rework her movie a bit, because that manhunt officially ended when SEAL Team 6 tracked down their target and killed him. Then it was revealed that Bigelow got some help from the CIA, which no one minded at all. And then she was told that her movie, which depicts a successful mission by the current president and the military to find the world's most wanted terrorist -- and was set to be released in October -- might look like propaganda and influence the presidential election in November, so it is now being released in December. But here's an even more interesting piece of information about Zero Dark Thirty: Chris Pratt is in it. Parks and Recreation's Chris Pratt. That Chris Pratt.

'Zero Dark Thirty' trailer: Kathryn Bigelow hunts for Osama bin Laden [/Film] Read the rest

Associated Press: As dozens of Eagle Scouts resign, Boy Scouts of America ignores them

I recently posted a couple of articles featuring heartfelt letters from people who had earned their Eagle Scout awards as boys, but no longer wanted to be associated with the Boy Scouts of America and its rule banning gay scouts and GBLT troop leaders. Instead, they were choosing to return their awards to the BSA, in hopes that scouting's national organization would recognize that this rule isn't something all scouts want. In fact, many wrote about their frustration with what they see as the BSA failing to live up to the values that scouting teaches.

As of August 4, more than 80 former Eagle Scouts have sent photos of their resignation letters to the Eagle Scouts Returning Our Badges Tumblr blog, where the letters and the protest they represent are being archived.

Reading the comments that have turned up here at BoingBoing, I get the sense that there are many more Eagle Scouts—and active Boy Scout troops—that also disagree with the BSA, but don't want to resign from local connections that don't reflect the national organization's bigotry. In fact, the Northern Star Council, which represents 75,000 scouts in Minnesota and Wisconsin, is openly bucking Boy Scouts of America policy, and has been for years.

The Associated Press ran a piece yesterday looking at this dissent and the effect—or, it seems, lack thereof—it is having on BSA policy.

Deron Smith, the Boy Scouts' national spokesman, said there was no official count at his office of how many medals had been returned.

Read the rest

Liquid nitrogen hovers over the surface of a hot pan

The Leidenfrost Effect is a lovely sounding name for some very strange and nifty physics.

When you heat up a liquid, it will, eventually, boil away into a gas. Different liquids have different boiling points. But here's the weird catch: When you suddenly put a liquid in contact with something much, much hotter than its boiling point, the liquid doesn't instantly evaporate. Instead, it forms a little cushion of vapor between itself and the heat source. You can imagine it like a hovercraft moving over the surface of a lake. The cushion doesn't prevent evaporation—and it doesn't last long—but it does slow down evaporation enough that you can see the liquid moving around on the hot surface for little bit like everything is just fine and dandy.

This video was made as a promotional piece for Modernist Cuisine. The Leidenfrost Effect matters for cooking because it allows you to tell when you have successfully heated up a pan. If the temperature of the pan is above the Leidenfrost point, then you can sprinkle it with water and watch the droplets bandy about on the hot metal. In this case, though, they used liquid nitrogen.

Via Geeksaresexy and cafonso

Read the rest

Totally Not Photoshopped photos from Mars (a tumblog of greatness)


(Thanks, Sean Bonner!)

Read the rest

Slicing vegetables with thrown playing cards

This fellow hopes to break a world record throwing playing cards with vegetable-slicing speed and accuracy. If you'd like to learn this useful skill, you might start by reading Ricky Jay's 1977 classic book "Cards As Weapons." Read the rest

Birth of the deodorant industry

In Smithsonian, Sarah Everts traces the deodorant business to Edna Murphey, a high school student from Cincinnati who around 1910 took an antiperspirant her surgeon father invented, meant for his sweaty hands in the operating room, and dabbed it in her armpits. Murphey dubbed the product Odorono and took it to market, but sales were slow. Then she connected with an ad copy writer who successfully made Americans, particularly women, worry that they might stink. From Smithsonian:

Young decided to present perspiration as a social faux pas that nobody would directly tell you was responsible for your unpopularity, but which they were happy to gossip behind your back about.

His advertisement in a 1919 edition of the Ladies Home Journal didn’t beat around the bush. “Within the Curve of a Woman’s arm. A frank discussion of a subject too often avoided,” announced the headline above an image of an imminently romantic situation between a man and a woman.

Reading more like a lyrical public service announcement than an advert, Young continued:

A woman’s arm! Poets have sung of it, great artists have painted its beauty. It should be the daintiest, sweetest thing in the world. And yet, unfortunately, it’s isn’t always.

"How Advertisers Convinced Americans They Smelled Bad" Read the rest

Sponsor shout-out: ShanaLogic

Thanks to our sponsor ShanaLogic, sellers of handmade and independently designed jewelry, apparel, gifts, and other fine products. Above, Deadworry's Octo Owl Messenger Bag emblazoned with an unholy hybrid of an owl and an octopus. It's 100% cotton canvas and hand-screened. Shana is also offering free US shipping on orders over $50! Read the rest

More posts