Submit a link Features Reviews Podcasts Video Forums More ▾

Mat Honan on being hacked

Mat Honan was hacked. The nightmare unfolded minute by minute, a sequence of security failures daisy-chaining their way into a disaster. But there was a single point of entry: Apple's willingness to hand over the keys to his account to anyone with the last four digits of his credit card number and home address.

What happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.

It reminds me of how air crashes occur. In isolation from one another, storms, structural flaws and tired or incompetent personnel are rarely enough. But together, in just the right sequence, it all goes horribly wrong.

The worst part: Wired attempted the same social engineering technique today, and it still won them control of iCloud accounts.

How Apple and Amazon Security Flaws Led to My Epic Hacking [Wired]

Previously: Yes, I was hacked. Hard. [Emptyage.com]

MPAA seeks UK sock-puppets to help them screw over TVShack's likable, innocent owner

Richard O'Dwyer, creator of the legal UK website TVShack, faces extradition to the USA (even though TVShack is probably legal in the USA too). As usual, the MPAA has managed to get lawmakers to do their bidding so well that it has made them look like the villainous corporate scumbags everyone suspects them of being. A freshly leaked memo described by TorrentFreak documents Big Content's strategy for winning hearts and minds:

“The overall media coverage has been and will continue to be challenging,” the MPAA writes.

They mention the petition of Wikipedia founder jimmy Wales, the Demand Progress campaign, and note that a recent survey showed that 95% of the public does not support the extradition. According to the MPAA, public opinion is skewed because people are being led to believe that TVShack was operating perfectly legal in the UK.

“To counter these assertions, the MPAA and its allies need a coordinated effort to focus more on the criminal activity involved in the operation of TVShack and other similar linking sites,” the MPAA notes...

“Ideally, this would be done through third parties – but finding third parties – especially in the United Kingdom – has been very difficult so far, so the MPAA must be prepared to respond to media requests on the issue and set the record straight to counter the misinformation campaign by our opponents.”

MPAA Recruits “Surrogates” to Support Extradition of UK Student

Animated GIF of Mars Curiosity descent images

This animated GIF composed of descent images captured by NASA's Mars Curiosity rover as it headed towards landing is better than all the kittens on the internet combined. The video version is here. (via @nasasocial). Xeni

Curiosity landing removed from YouTube after bogus copyright claim by Scripps


Ten minutes after NASA posted a video of the Curiosity landing on Mars to its official YouTube channel, the video was taken down again, replaced with a message saying it had been removed due to a copyright claim by Scripps Local News. It's not clear whether Scripps actually filed a takedown notice with YouTube or whether YouTube's "content-match" system was triggered automatically because Scripps registered a clip of its own news footage, incorporating the NASA footage, with YouTube.

Either way, it points out the enormous asymmetry in copyright today, a shoot first, ask questions later presumption of guilt that results in the evidence of billions of dollars of uplifting, tax-funded spectacle being removed from public view because of the grasping and depraved indifference of industries that are programmed to deny the idea that copying can be controlled.

Alex_Pasternack writes on Mother Board:

On Monday afternoon, a spokesperson for E.W. Scripps Company, owner of the news service, emailed Motherboard a statement apologizing for the accidental takedown. “We apologize for the temporary inconvenience experienced when trying to upload and view a NASA clip early Monday morning," wrote Michele Roberts. "We made a mistake. We reacted as quickly as possible to make the video viewable again, and we’ve adjusted our workflow processes to remedy the situation in future.”

This isn’t the first time that a claim by the company, Scripps News Service, has grounded a NASA YouTube video: it happened in April, with a video of one of NASA’s Space Shuttles being flown atop a 747. According to Bob Jacobs, NASA’s Deputy Associate Administrator for Communications, such blocks happen once a month, and tend to be more common with popular videos.

“Everything from imagery to music gets flagged,” Jacobs told me this morning. "We’ve been working with You Tube in an effort to stop the automatic disabling of videos. So far, it hasn’t helped much.

“The good thing about automation is that you don’t have to involve real people to make decisions. The bad thing about automation is that you don’t have to involve real people to make decisions.”

NASA's Mars Rover Crashed Into a DMCA Takedown (via /.)

If Hemingway (and Shakespeare, and co) were coders

Fat XXX's "If Hemingway wrote JavaScript" is a great piece of imaginative writing, speculating about the coding styles that various literary titans (Shakespeare, Hemingway, Dickens, Breton and more) would have employed:

function theSeriesOfFIBONACCI(theSize) {

  //a CALCKULATION in two acts.
  //employ'ng the humourous logick of JAVA-SCRIPTE

  //Dramatis Personae   var theResult; //an ARRAY to contain THE NUMBERS
  var theCounter; //a NUMBER, serv'nt to the FOR LOOP

  //ACT I: in which a ZERO is added for INITIATION

  //[ENTER: theResult]

  //Upon the noble list bestow a zero   var theResult = [0];

  //ACT II: a LOOP in which the final TWO NUMBERS are QUEREED and SUMM'D

  //[ENTER: theCounter]

  //Commence at one and venture o'er the numbers
  for (theCounter = 1; theCounter < theSize; theCounter++) {
    //By divination set adjoining members
    theResult[theCounter] = (theResult[theCounter-1]||1) + theResult[Math.max(0, theCounter-2)];   }

  //'Tis done, and here's the answer.
  return theResult;

  //[Exuent] }

If Hemingway wrote JavaScript (via Wired)

Mars Curiosity Rover: Boing Boing's $2.5 billion dollar question about image file types, answered by JPL

Photo: Two of the first images transmitted back by Curiosity, as seen on monitors at JPL 20 minutes after the rover landed on Mars. (Xeni Jardin)


NASA's Jet Propulsion Laboratory was a magical place to be last night, as engineers, flight specialists, NASA administrators, space celebrities, and scientists from many fields gathered to witness the landing of the Mars Science Laboratory (MSL) Curiosity rover. Those seven minutes of terror ended in a picture-perfect landing: an amazing machine went through a crazy Rube Goldbergian descent sequence, and plopped down about two meters away from its planned destination on the Red Planet's surface.

We witnessed history. It seemed impossible. It was awesome.

I sat in on the post-landing press conference, and live-tweeted the evening at @boingboing. During the press conference, after the high-fives and screams of joy subsided, I asked MSL engineer Adam Steltzner a question about those first two all-important thumbnail images Curiosity sent back—critical because the data they contained would tell NASA if the rover had touched down in a safe spot.

[Video of that Q&A moment here.]

Given the great distance and technical challenges involved in transmitting timely data back from Mars, what file type and image compression algorithm(s) did they use for those first "rush" thumbnails? There's a 14 minute delay involved for any signals from Mars to Earth.

A dorky question, perhaps, but I was curious, and figured nobody else would ask. Things like, "Hey how do you guys feel right now," and "What will Curiosity do next," I knew others would tackle.

Mr. Steltzner didn't have details handy about the image file types used, and he referred me to Mars mission image specialist Justin Maki. Today I checked in with Mr. Maki and his JPL colleagues whose work focuses on data compression and interplanetary data transmission. Here's what I learned.

Read the rest

Chavela Vargas, 1919-2012

The great ranchera songstress Chavela Vargas has died. She was born in Costa Rica, and became one of the most timeless interpreters of what was, and is, a predominantly masculine music genre. She came out as a lesbian at age 80. She was 93 when she died. An LA Times obit is here.

Though Vargas experienced her first flush of fame in the mid-20th century — with an outlaw image she cultivated by wearing men's clothing, packing a pistol and knocking back copious quantities of tequila — she enjoyed a second round of admiration that was perhaps even more intense beginning in the 1990s, with a rediscovery fueled in great part by Spanish filmmaker Pedro Almodovar, who championed her music for a new generation and included it in some of his films. It was Almodovar who perhaps best described Vargas' chosen instrument as "la voz aspera de la ternura" — the rough voice of tenderness.

A few radio stories: Tell me More, Morning Edition, The World.

Tig Notaro joked about her breast cancer diagnosis during an epic set at Largo -- and killed

Standup comedian Tig Notaro took the stage Friday night at Largo as part of her farewell to Los Angeles as she prepares to move to New York to begin work on Amy Schumer's new show. But that wasn't all she was announcing: she revealed that following a string of personal tragedies (a terrible bout of pneumonia, her mother's death, and a breakup), she had been diagnosed with breast cancer. In both breasts. After starting her set with jokes about her diagnosis (“You have a lump.” “No, doctor, that’s my breast.”), she said she should maybe do some of her more light-hearted material, but someone yelled out: “NO. ABSOLUTELY NOT. THIS IS FUCKING INCREDIBLE.” She was killing it. I wasn't there (Kira Hesser was), but her fellow performers -- Louis C.K., Bill Burr, and Ed Helms -- posted raves on Twitter. Notaro had prefaced her set by saying that "everything is going to be okay," which only goes to show: awesome people are awesome, and cancer sucks. (via Splitsider, Uproxx) Jamie

Wikipedia's list of infamous software glitches

Worth noting, especially if you read my piece last Friday about problems with America's electric infrastructure: Wikipedia's list of infamous software glitches includes the problems with General Electric Energy's XA/21 monitoring software that helped make the 2003 East Coast Blackout happen. (Via Kyle McDonald) Maggie

Google Street View goes to Kennedy Space Center

I don't know what the best words ever written in the English language are, but I'm willing to put "Top of Launch Pad 39A, Address is Approximate" up there on the short list.

Among the images you can now explore online with the click of your mouse are the space shuttle launch pad, Vehicle Assembly Building and Launch Firing Room #4. Gaze down from the top of the enormous launch pad, peer up at the towering ceiling of the Vehicle Assembly Building (taller than the Statue of Liberty) and get up close to one of the space shuttle’s main engines, which is powerful enough to generate 400,000 lbs of thrust. And even though they recently entered retirement, you can still get an up-close, immersive experience with two of the Space Shuttle Orbiters—the Atlantis and Endeavour.

I'm not sure when this went live, but it's seriously phenomenal. And it's part of a larger series of special Street View galleries with geeky appeal. There are sets for Antarctica (see Shackleton's shack!), historic Italy (wander around the Colosseum!), and UNESCO World Heritage Sites (includes Pompeii!). In general, discovering this could be a major time-suck for me, if I'm not careful.

See the NASA collection

Check out the other Street View Galleries

The teaser trailer for Kathryn Bigelow's controversial Zero Dark Thirty hits the web

Before May 2, 2011, Oscar-winning director Kathryn Bigelow was working on a movie about the manhunt for Osama bin Laden. After May 2, 2011, she had to rework her movie a bit, because that manhunt officially ended when SEAL Team 6 tracked down their target and killed him. Then it was revealed that Bigelow got some help from the CIA, which no one minded at all. And then she was told that her movie, which depicts a successful mission by the current president and the military to find the world's most wanted terrorist -- and was set to be released in October -- might look like propaganda and influence the presidential election in November, so it is now being released in December. But here's an even more interesting piece of information about Zero Dark Thirty: Chris Pratt is in it. Parks and Recreation's Chris Pratt. That Chris Pratt.

'Zero Dark Thirty' trailer: Kathryn Bigelow hunts for Osama bin Laden [/Film]

Associated Press: As dozens of Eagle Scouts resign, Boy Scouts of America ignores them

I recently posted a couple of articles featuring heartfelt letters from people who had earned their Eagle Scout awards as boys, but no longer wanted to be associated with the Boy Scouts of America and its rule banning gay scouts and GBLT troop leaders. Instead, they were choosing to return their awards to the BSA, in hopes that scouting's national organization would recognize that this rule isn't something all scouts want. In fact, many wrote about their frustration with what they see as the BSA failing to live up to the values that scouting teaches.

As of August 4, more than 80 former Eagle Scouts have sent photos of their resignation letters to the Eagle Scouts Returning Our Badges Tumblr blog, where the letters and the protest they represent are being archived.

Reading the comments that have turned up here at BoingBoing, I get the sense that there are many more Eagle Scouts—and active Boy Scout troops—that also disagree with the BSA, but don't want to resign from local connections that don't reflect the national organization's bigotry. In fact, the Northern Star Council, which represents 75,000 scouts in Minnesota and Wisconsin, is openly bucking Boy Scouts of America policy, and has been for years.

The Associated Press ran a piece yesterday looking at this dissent and the effect—or, it seems, lack thereof—it is having on BSA policy.

Deron Smith, the Boy Scouts' national spokesman, said there was no official count at his office of how many medals had been returned. He also noted that about 50,000 of the medals are awarded each year.

Beyond the Eagle Scout protests, the Boy Scouts' reaffirmation of the no-gays policy has drawn condemnation from liberal advocacy groups, newspaper editorialists and others. In Washington state, Republican gubernatorial candidate Rob McKenna, an Eagle Scout, joined his Democratic opponent, Jay Inslee, in suggesting the policy be changed.

But overall there has been little evidence of any new form of outside pressure that might prompt the Scouts to reconsider.

The leadership of the Scouts' most influential religious partners - notably the Mormons, Roman Catholics and Southern Baptists - appears to support the policy. And even liberal politicians seem reluctant to press the issue amid a tense national election campaign.

Read the rest of the Associated Press story

Liquid nitrogen hovers over the surface of a hot pan

The Leidenfrost Effect is a lovely sounding name for some very strange and nifty physics.

When you heat up a liquid, it will, eventually, boil away into a gas. Different liquids have different boiling points. But here's the weird catch: When you suddenly put a liquid in contact with something much, much hotter than its boiling point, the liquid doesn't instantly evaporate. Instead, it forms a little cushion of vapor between itself and the heat source. You can imagine it like a hovercraft moving over the surface of a lake. The cushion doesn't prevent evaporation—and it doesn't last long—but it does slow down evaporation enough that you can see the liquid moving around on the hot surface for little bit like everything is just fine and dandy.

This video was made as a promotional piece for Modernist Cuisine. The Leidenfrost Effect matters for cooking because it allows you to tell when you have successfully heated up a pan. If the temperature of the pan is above the Leidenfrost point, then you can sprinkle it with water and watch the droplets bandy about on the hot metal. In this case, though, they used liquid nitrogen.

Via Geeksaresexy and cafonso

Totally Not Photoshopped photos from Mars (a tumblog of greatness)

More like this: "TOTALLY NOT 'SHOPPED PICS FROM MARS"

(Thanks, Sean Bonner!)

Read the rest

Slicing vegetables with thrown playing cards

This fellow hopes to break a world record throwing playing cards with vegetable-slicing speed and accuracy. If you'd like to learn this useful skill, you might start by reading Ricky Jay's 1977 classic book "Cards As Weapons."