Boing Boing 

Usbdriveby: horrifying proof-of-concept USB attack

Samy Kamkar has a proof-of-concept attack through which he plugs a small USB stick into an unlocked Mac OS X machine and then quickly and thoroughly compromises the machine, giving him total, stealthy control over the system in seconds, even reprogramming the built-in firewall to blind it to its actions.

Read the rest

Three ways fearful parents are ruining Hallowe'en

It's the safest night of the year for your kids: no kid has ever been poisoned by a stranger, and the 31st usually has fewer assaults on children than other days of the year (but more kids do get hit by cars!).

Lenore Prepares for Halloween — Heh, Heh, Heh

Vladimir Putin takes the gloves off

In a virulently anti-Western and uncharacteristically blunt speech, Russian spy-turned-president Vladimir Putin set out his agenda for Russia and its relationship to "western elites." The speech wasn't widely reported in the west, but Dmitry Orlov has helpfully translated, transcribed and summarized it.

Read the rest

TSA supervisor confiscates raygun belt buckle -- because terrorism!

A TSA supervisor confiscated Sean Malone's toy ray gun belt buckle at the airport. Malone described the encounter:

"You understand that this is a belt buckle, right? It is not a danger to the safety of anyone nor is it against the law to carry. I have also traveled with this belt buckle all over the country and it's never been a problem. So please explain to me how exactly you would justify taking it."

Her response was to suggest a hypothetical scenario. "What if", she postulated, "you take this object out of your bag and point it - like a gun - at a police officer? He would have no choice to assume that it was a gun, and take action against you."

Now... Let's leave aside for a second that the entire premise behind this argument is that police officers are too dumb and hopped up on their own power that they can't recognize a dangerous weapon from a belt buckle in the shape of a 1950's toy ray gun. I'm glad she recognized this reality, but I don't think she really processed what it says about law enforcement in America. But leaving that aside... Why in the hell would I ever take my belt buckle and point it at a police officer?

To this, she had no answer.

Malone stood his ground, and after insisting that the supervisor talk to *her* supervisor, his belt buckle was returned.

Passengers ebola joke triggers hazmat panic

When a dark-skinned man sneezed on a plane then joked about having ebola, the flight crew took no chances and called a team in hazardous material suits to escort him off the plane.

The passenger had never been in Africa. He did not have Ebola.

Sourcecode for "unpatchable" USB exploit now on Github


Last summer's Black Hat presentation on "Badusb" by Karsten Nohl alerted the world to the possibility that malware could be spread undetectably by exploiting the reprogrammable firmware in USB devices -- now, a second set of researchers have released the code to let anyone try it out for themselves.

Read the rest

OECD predicts collapse of capitalism


The Organization for Economic Cooperation and Development -- a pro-establishment, rock-ribbed bastion of pro-market thinking -- has released a report predicting a collapse in global economic growth rates, a rise in feudal wealth disparity, collapsing tax revenue and huge, migrating bands of migrant laborers roaming from country to country, seeking crumbs of work. They prescribe "flexible" workforces, austerity, and mass privatization.

Read the rest

ZOMGTERRISTSGONNA KILLUSALL tee, now in tote form


My ZOMG­TERRISTS­GONNA­KILL­US­ALL­RUN­HIDE TSA tee-shirt (of Poop Strong fame) is available in tote-bag form, a fact I had somehow missed!

Funding available for makerspaces' open anti-asteroid initiatives


Alex sez, "Spacegambit is a hackerspace space program that funds cool space projects around the world. We're now working with NASA on the Asteroid Grand Challenge, with the aim of getting more makers involved in detecting asteroid threats to human populations and figuring out what to do about them. We're running our open call at the moment (closing on 20 May) and looking to fund open-source projects linked with hackerspaces/makerspaces/fablabs/etc."

Read the rest

Florida nixes concealed carry for the zombpocalypse


Florida state senator Dwight Bullard thought that a proposed bill to legalize carrying concealed firearms during disaster evacuations was an incredibly stupid idea. So he proposed an amendment to rename the bill "An act relating to the zombie apocalypse." Both the bill and the amendment failed to pass the state legislature.

If you're serious about killing zombies, you don't want a gun, anyway. You want one of these.

Read the rest

Hacking the hospital: medical devices have terrible default security


Scott Erven is head of information security for a healthcare provider called Essentia Health, and his Friday presentation at Chicago's Thotcon, "Just What The Doctor Ordered?" is a terrifying tour through the disastrous state of medical device security.

Wired's Kim Zetter summarizes Erven's research, which ranges from the security of implanted insulin pumps and defibrillators to surgical robots and MRIs. Erven and his team discovered that hospitals are full of fundamentally insecure devices, and that these insecurities are not the result of obscure bugs buried deep in their codebase (as was the case with the disastrous Heartbleed vulnerability), but rather these are incredibly stupid, incredibly easy to discover mistakes, such as hardcoded easy default passwords. For example: surgical robots have their own internal firewall. If you run a vulnerability scanner against that firewall, it just crashes, and leaves the robot wide open.

The backups for image repositories for X-rays and other scanning equipment have no passwords. Drug-pumps can be reprogrammed over the Internet with ease. Defibrillators can be made to deliver shocks -- or to withhold them when needed. Doctors' instructions to administer therapies can be intercepted and replayed, adding them to other patients' records. You can turn off the blood fridge, crash life-support equipment and reset it to factory defaults. The devices themselves are all available on the whole hospital network, so once you compromise an employee's laptop with a trojan, you can roam free. You can change CT scanner parameters and cause them to over-irradiate patients.

The one bright spot is that anaesthesia and ventilators are not generally networked and are more secure.

Read the rest

Terrorism experts: evacuating embassies is "crazy pants," "absurd hyperbole"

By an amazing coincidence, the worst terrorist attack that never happened since 9/11 is not happening right now, proving that everyone who was worried about out-of-control NSA spying had lost the plot. Which is ZOMGTERRISM. So 28 US diplomatic posts have been evacuated (that is to say, "experienced an ordered departure"), including ones in places like Mauritius or Madagascar, where al Qaeda has nefariously never operated as part of its devious plan to lure everyone there into a false sense of security.

Well, some people are cynical and just don't believe it, despite all the overwhelming secret evidence that we're not allowed to see or know about or hear about or even have described to us. People like State Department counterterrorism advisor Will McCants, who called the evacuation of the diplomatic posts "Crazy Pants" ("you can quote me"). Loose cannons like Michael Leiter, former director of the National Counterterrorism Center, who called the terrifying and nonspecific warnings "absurd hyperbole that is coming almost entirely from reckless commentators or ill-informed or ill-spoken [Capitol] Hill folks...no one who really knows al Qaeda or its history thinks that this is as huge a deal as portrayed—and certainly nothing remotely close to the worst thing we have seen since 9/11." But what the hell does he know?

Read the rest

Cochliomyia hominivorax thinks you look delicious

Meet Cochliomyia hominivorax — a delightful insect that manages to me more horrifying that even Mark's favorite Central American friend, the botfly. How much more horrific? Check out the name. Roughly translated from Latin, "homnivorax" means "eater of man".

Climate change is increasing the habitat of brain-eating amoebas

Brain-eating amoebas? In my local waterways? It's more likely than you think.

What's big, corrupt, terrifying and worse than ACTA? TPP. Here we go again!


Remember ACTA, the terrifying, secret SOPA-on-steroids copyright treaty that the US government tried to ram down the world's throat? Well, it's back, only this time it's called the Trans-Pacific Partnership, and it's limited (for now) to the Pacific Rim. The TPP negotiators are meeting (in secret, natch) in Peru to twirl their mustaches and cackle, and EFF has posted a great infographic summing up their nefarious plan (see the whole thing after the jump):

The TPP is likely to export some of the worst features of U.S. copyright law to Pacific Rim countries: a broad ban on breaking digital locks on devices and creative works (even for legal purposes), a minimum copyright term of the lifetime of the creator plus seventy years (the current international norm is the lifetime plus fifty years), privatization of enforcement for copyright infringement, ruinous statutory damages with no proof of actual harm, and government seizures of computers and equipment involved in alleged infringement. Moreover, the TPP is worst than U.S. copyright rules: it does not export the many balances and exceptions that favor the public interest and act as safety valves in limiting rightsholders’ protection. Adding insult to injury, the TPP's temporary copies provision will likely create chilling effects on how people and companies behave online and their basic ability to use and create on the Web.

Read the rest

The journal of horrifying science

Science Horrors is a tumblr blog that compiles stories about the discomfiting, disturbing, and just plain terrifying parts of science. From 13th-century bioterrorism to the killer carbon dioxide gas bubbles of central Africa, there's plenty here to amaze you and freak you the frack out.

What are the chances of a large meteor destroying a city?

Good news: This is probably not something you have to worry too much about during your lifetime.

The real end of the world

Once again, Earth has not been destroyed in a fiery apocalypse. But, someday, our luck will run out. Be prepared! At The Guardian, Ian Sample and Alok Jha helpfully explain how our universe will one day (finally) be destroyed. The good news: By the time that happens, you'll already be dead. [Watch Ian Sample demonstrate different scenarios for the destruction of Earth] [Watch Alok Jha describe the ultimate fate of the universe]

Golden eagle snatches kid

One second this eagle is gliding around above a park, majestic, then moments later it swoops down and tries to grab a toddler. It's just so sudden and unexpected: the bird looks small when it's far away, but oh god nope that's one of those Hobbit-carrying guys and little red monkey hat is off to Mordor.

It may not be real, but damn it's a good fake. There's more info here.

Video Link: Golden eagle snatches kid

School freaks out because students making a science video with an umbrella were mistaken for school shooters

A school in Pennsylvania went into full-on lockdown when some children who were making a video about the immune system, which involved some sort of play-fighting with an umbrella, were mistaken for gun-toting lunatics. There is a balance between disaster preparedness and "when in trouble, or in doubt, run in circles, scream and shout," and this isn't it. A deputy chief in the video excuses the exercise because the kids were doing something "suspicious," but of course, there's a difference between being secure and being terrified of anything out-of-the-ordinary. Alerting parents and locking down kids when nothing bad is happening isn't making us more secure, it's making us more scared.

School Goes Into Lockdown — Complete with Kids Crying in Closet — Over Umbrella

Donate to Public Knowledge, avert the Mayapocalypse

Michael sez, "While preparing the PK bunker for the December 21st Mayan Apocalypse, we made a startling discovery: a machine powerful enough to prevent the end of the world. Needless to say, we were excited. The only problem? The machine's only power source is donations to Public Knowledge. And, yes, we shot some video. We are so confident that this device will work that we offer you this UNCONDITIONAL GUARANTEE: if you donate to Public Knowledge before the Mayan Apocalypse, the world will not end on December 21st."

Help Us Stop the Mayan Apocalypse (Thanks, Michael)

Mother Jones ecotastrophe headline generator

"Who Paid Al Gore to Slowly Destroy This Baby Octopus" is a headline that just came up on when I tried out the Mother Jones Eco-Doom Headline Generator, which, in lampooning some of MoJo's real headlines, tends to come up with stuff you might otherwise see on The Onion or (dare I say it?) BoingBoing. It may well be the best waste of five minutes you'll find all day.

Mad Max meets zombies in indie Aussie movie "Wyrmwood"

Here's a seven-minute teaser for "Wyrmwood," an indie zombie movie from Australia that merges zombies with Mad Max. It's really a very, very good little short on its own, and convinced me to kick in $20 towards the production fundraiser on Indiegogo. I want to see this movie get made!

About two years ago my brother and I came up with the idea to meld Mad Max with Dawn of the Dead and make the best zombie film ever produced in Australia. Cut to now and we’re about a third of the way through the film and still going strong.

We’ve assembled a cracking cast & crew of disgustingly talented actors, filmmakers & make-up artists who are all working their guts out in order to deliver a piece of ‘Oz-ploitation’ cult cinema that will sit easily next to the likes of Evil Dead, Bad Taste & 28 Days Later …

WYRMWOOD: An Aussie Zombie Film (Thanks, Sam!)

Caviar vending machines in LA malls


Caviar vending machines have been installed in three upscale malls in LA. In addition to $500/oz caviar, they also dispense blinis, mother of pearl spoons, and other caviar essentials. The vending machines (they're billed as "ATMs for caviar") can be found at Westfield Century City, Westfield Topanga, and the Burbank Towne Center. Apparently, these are old news in Russia, where they are favorites of oligarchs and their entourages.

Finally! Caviar by ATM (via Super Punch)

Artist arrested at Oakland airport for wearing ornate watch

Geoffrey McGann, a southern California artist, was arrested at Oakland airport for wearing an assemblage sculpture/watch he'd made. The TSA were also worried because he had a lot of insoles in his shoes. He was eventually released on $150,000 bail.

OAKLAND, Calif. -- A Southern California man was arrested at Oakland International Airport after security officers found him wearing an unusual watch they said could be used to make a timing device for a bomb, authorities said Friday... McGann told Transportation Security Administration officers that he's an artist and the watch is art, Nelson said.

Geoffrey McGann, Man With Strange Watch, Arrested At Oakland Airport [AP] (Thanks to everyone who suggested this!)

Temper tantrums considered for addition to DSM

The American Psychiatric Association is set to add "disruptive mood dysregulation disorder" to the Diagnostic Statistical Manual (DSM), the bible of psychiatric disorders. A kid has "DMDD" if she or he has "severe recurrent temper outbursts that are grossly out of proportion in intensity or duration to the situation... at least three times a week."

As Wired's David Dobbs notes, this describes basically all kids ("No, I don't want to wear my rain boots!") at some time or another. So why is this being considered? Here's Neuroskeptic's explanation:

DMDD seems to be nothing to do with mood, but instead covers a pattern of misbehavior which is already covered by not one but two labels already. Why add a misleadingly-named third?

Well, the back-story is that in the past ten years, many American kids and even toddlers have got diagnosed with ‘child bipolar disorder‘ – a disease considered extremely rare everywhere else. To stop this, the DSM-5 committee want to introduce DMDD as a replacement. This is the officially stated reason for introducing it. On the evidence of this paper and others it wouldn’t even achieve this dubious goal.

The possibility of just going to back to the days when psychiatrists didn’t diagnose prepubescent children with bipolar (except in very rare cases) seems to not be on the table.

Psychiatry Set to Medicalize Hissy Fits

How a multinational beer giant is making bank by destroying the world's beer and laying off the world's brewers

In "The Plot to Destroy America's Beer," Businessweek's Devin Leonard chronicles the rapacious AB InBev, a multinational, publicly traded giant corporation that is buying up American (and European, South American and Asian) family owned breweries, cutting them to the bone, lowering the quality of the ingredients used, shutting down breweries that have been running for more than a century, laying off thousands of workers who've given their lives to the companies AB InBev acquired, and changing the recipes to make all the different sorts of beer once on offer taste more or less the same.

InBev was never a sentimental company. Shortly after the merger, it shuttered the 227-year-old brewery in Manchester, U.K., where Boddingtons was produced. It encountered more resistance in 2005 when it closed the brewery in the Belgian village of Hoegaarden, from which the popular white beer of the same name flowed. InBev said it could no longer afford to keep the brewery open. After two years of protests by brewery workers and beer aficionados, it reversed itself. Laura Vallis, an AB InBev spokeswoman, says Hoegaarden exports spiked unexpectedly. “The brand’s growth since is positive news for Hoegaarden and for consumers around the world who enjoy it,” she says.

Yet some Hoegaarden drinkers say the flavor of the beer changed. “I think now it’s not as distinctive tasting,” says Iain Loe, spokesman for the Campaign for Real Ale, an advocacy group for pubs and beer drinkers. “You often see when a local brand is taken over by a global brewer, the production is raised a lot. If you’re trying to produce a lot of beer, you don’t want a beer that some people may object to the taste of it, so you may actually make the taste a little blander.” (Vallis’s response: “The brand’s commitment to quality has never changed.”)

Despite occasional setbacks, Brito’s assiduous focus on the bottom line produced the intended results. InBev’s earnings margin (before taxes and depreciation) rose from 24.7 percent in 2004 to 34.6 percent in 2007. Its stock price nearly tripled. Then he started running out of things to cut. In early 2008, InBev’s results plateaued, and its shares stumbled.

Investors hungered for another deal. Brito complied with the takeover of Anheuser-Busch. He had intimate knowledge of his target: America’s largest brewer had distributed InBev’s beers in the U.S. since 2005. Anheuser-Busch’s CEO, August Busch IV, the fifth Busch family member to run the company, was no match for La Máquina and his mentor, Lemann, who was now an InBev director. Anheuser-Busch’s board of directors accepted InBev’s bid of $70 a share on July 14, 2008.

The Plot to Destroy America's Beer (Thanks, Fipi Lele!)

Justin Bieber duct tape


Sign of the end-times part MMMLXVII: Justin Bieber duct-tape is a thing. "Containing four black and white images of the teen idol and incorporating hints of his favorite color -- purple -- the tape is sure to be a number one hit with 'Beliebers' everywhere."

Duck Tape® and Bravado Catch "Bieber Fever" (via Accordion Guy)

High-flying financiers subscribe to high-ticket astrologers


According to Heidi N. Moore's report in Marketwatch, thousands of high-flying Wall Street traders secretly rely on advice from "financial astrologers" who tell them what the stars and planets predict for the market. One trader requests his newsletter in a plain brown wrapper so that his colleagues won't know his secret.

Financial astrologers like Karen Starich say traders know they're up against a lot of rich, smart people.

"They want to have that edge," she says. "They want to know what the future is."

Starich chargest $237 annually for her newsletter, which 300 traders subscribe to for news of what will happen to the stock prices of companies, or even bigger, to the Federal Reserve. She sees dark times ahead in the Fed's horoscope.

"They now have Saturn squared to Neptune, which is really bankruptcy," Starich explains.

Astrology guides some financial traders (via Lowering the Bar)

(Image: Astrological Clock, Torre dell'Orologio, Venice, a Creative Commons Attribution (2.0) image from spencer77's photostream)

Great historical disasters in papercraft form


Here's a series of "Disaster Dioramas" (dioramae?) -- papercraft models of historic disasters to download and print. Included in the set are the Titanic, the Hindenberg, Sir Shackleton's Endurance, Apollo 13, the Boston Molasses Disaster and the Chicago Fire, pictured here.

Spitefuls: [Disaster Dioramas!] (via Making Light)