Genral Web Comments
Friday, November 26, 2004
Yahoo! News - China Approves Testing for Potential AIDS Vaccine
Yahoo! News - China Approves Testing for Potential AIDS Vaccine: "BEIJING (Reuters) - China has approved human testing of a locally developed potential AIDS (news - web sites) vaccine, the official Xinhua news agency said Friday, just days before World AIDS Day."
Wired News: Court Documents Not Fit for Web?
Wired News: Court Documents Not Fit for Web?: "And almost all court and legal documents are in electronic format now: Almost all documents start as a word-processor file and are converted to .pdf or other formats for storage. So it's not hard for the documents to find their way to the web somewhere along the court process.
Larson helped draft the Minnesota report (.pdf), which said that a systematic redaction process is needed to ensure that information like Social Security numbers is taken off the web."
Schneier on Security: Behavioral Assessment Profiling
Schneier on Security: Behavioral Assessment Profiling: "Behavioral Assessment Profiling
On Dec. 14, 1999, Ahmed Ressam tried to enter the United States from Canada at Port Angeles, Wash. He had a suitcase bomb in the trunk of his car. A US customs agent, Diana Dean, questioned him at the border. He was fidgeting, sweaty, and jittery. He avoided eye contact. In Dean's own words, he was acting 'hinky.' Ressam's car was eventually searched, and he was arrested.
It wasn't any one thing that tipped Dean off; it was everything encompassed in the slang term 'hinky.' But it worked. The reason there wasn't a bombing at Los Angeles International Airport around Christmas 1999 was because a trained, knowledgeable security person was paying attention."
Sunday, November 21, 2004
Yahoo! News - Sloppy Sysadmins Leave Linux Security Lacking
Yahoo! News - Sloppy Sysadmins Leave Linux Security Lacking: "Linux (news - web sites) has gaping security holes caused by systems administrators who either can't or won't keep up with the latest patches, according to a report from British security firm mi2g."
Yahoo! News - Sneakier Trojan Targets UK Banks
Yahoo! News - Sneakier Trojan Targets UK Banks: "A disturbingly crafty Trojan is targeting banking consumers. This malware does not mimic the standard phishing attacks that attempt to trick a user into logging onto a fake Web site designed to look like the bank's, Sophos security consultant Graham Cluley tells NewsFactor."
Yahoo! News - IT Managers Have False Sense Of Security
Yahoo! News - IT Managers Have False Sense Of Security: "Corporate IT managers are a bit bi-polar when it comes to network security, said a survey released this week at the Computer Security Institute's annual conference in Washington, D.C."
Just as an overwhelming majority of IT execs think that their networks are safer than they were a year ago, an even larger percentage admit in that attacks are on the rise.
The contradictory attitudes came as a shock to Q&A Research, the California-based market research firm which did the polling for security vendor Britestream.
The survey of 300 IT professionals in companies with annual revenues of more than $30 million revealed that a tad more than three out of four (76 percent) believe their networks are more secure today than a year ago. But a whopping 81 percent reported that attacks are on the upswing and 20 percent admitted that a hacker had gotten through their defenses to access their corporate network.
Wired News: Airlines Ordered to Expose Data
Wired News: Airlines Ordered to Expose Data: "Homeland security officials accidentally revealed on Friday that the Transportation Security Administration will soon officially order America's airlines to turn over a month of passenger data to test a new passenger screening system.
The final rule (.pdf) ordering the airlines to provide data on all June 2004 domestic flights will be issued formally on Monday by the Transportation Security Administration. The airlines must comply by Nov. 23."
Saturday, November 20, 2004
Oh My God It Burns!
Oh My God It Burns!
Well the staff here at OMGIB are thrilled with the swell of traffic that this experiment has generated. We’re working on more half assed applications of second rate science for the practical slacker as we speak.
Several questions have popped up on a regular basis in the comment thread, so I’ll try to knock them out here one by one:
Um, why didn’t you guys do the test double-blind?
Scienticians often are forced to take short-cuts to make giant king sized leaps of advancement in the field of boozahology. You’ll also notice that the crackers weren’t sterile, the glasses were barely clean, and there was a conspicuous lack of any saftey gear. Sometimes, you just have to stare down the barrel of progress and hope there’s not one sitting in the chamber.
Isn’t it possible that you just ended up drunk and only thought it tasted better
Our taste tests were only about a quarter of a shot each. It took about 20 minutes to complete an entire filtration cycle and we we had some food during the test. I know I only had about 2 shots worth of vodka during the experiment.
Did you try and use the filter for water after the vodka experiment?
The last thing I need in life is to catch a buzz off my morning coffee. Replacement filters are rather cheap as someone in the comment thread mentioned, but I’m sure that a few pitchers of water would take any vodka soaked into the filter out.
I think you forgot to prime your brita filter with water before you used it.
Actually, we did. It was soaked and a few pitchers of water were run through according to the directions on the package. It was in our notes, but we wrote everything up from the notes at the bar.
Why didn’t you . . .
Well although we plan on revisiting this experiment, we’re on to make other breakthroughs of loose cannon science. We encourage all of the aspiring scienticians reading this to try this for themselves and email us your results. Send them over to ohmygoditburns@gmail.com and share your findings.
Comments Off
Sunday, November 14, 2004
Privaterra : Introduction
Privaterra : Introduction: "Our Mission:
Privaterra's mission is to provide technological education and support for civil society organizations (Human Rights NGOs) in the area of data privacy, secure communications and information security
Our History:
Privaterra was formally established in December 2001. However, members of the group have conducted over a dozen workshops in privacy and security technology since 1999. Privaterra was formed from a group of like-minded individuals devoted to the cause of providing security to human rights workers using modern technology, specifically by ensuring privacy and security of communications and electronic data.
Privaterra is:
* Working with human rights organizations to survey their privacy and security needs
* Soliciting donations to try to meet these needs with hardware and software
* Conducting workshops to teach human rights workers how to improve their privacy and security situation
* Collecting a large pool of resources relating to privacy and security for both public use and to help fulfill our mandate"
PGPHTML: to make PGP or GPG signed web-page
PGPHTML: to make PGP or GPG signed web-page: "PGPHTML: to make PGP or GPG signed web-pages
UNPGPHTML: to return to the originals from PGP or GPG signed web-pages with PGPHTML
by SANFACE Software
version 4.1 2002/06/19
PGP logo After we had read the nice page of Noel Bell PGP signed web-pages We thought nice method but not very simple to use. For this reason we wrote the simple perl tool pgphtml to generate PGP or GPG signed web-pages based on Noel Bell methodology and unpgphtml to return to the originals from PGP or GPG signed web-pages with PGPHTML. Source Code"
Business-PHP.com :: gpg_encrypt() v1.2
Business-PHP.com :: gpg_encrypt() v1.2: "gpg_encrypt() is a PHP function that will allow you to easily use GnuPG to encrypt data to your public PGP key and mail that encrypted data to yourself, where it can be securely decrypted with your private key. This is designed primarily for use with web-based forms but can be used to encrypt any data.
Requires PHP >=4.3.0
Typical usage:
$gpg = gpg_encrypt($secret_message, /usr/local/bin/gpg, /home/www/.gnupg, 0x123456)
The 4 required arguments are:
1. $secret_message The data to be encrypted
2. /path/to/gpg The full path to your gpg program
3. /path/to/.gnupg The full path to the GnuPG home directory (keyring)
4. 0x123456 Key ID to encrypt the message to"
Reuters | Latest Financial News / Full News Coverage
Reuters | Latest Financial News / Full News Coverage: "U.S. Researcher Says Finds Atlantis Off Cyprus
Sun 14 November, 2004 16:35
By Michele Kambas
LIMASSOL, Cyprus (Reuters) - A U.S. researcher on Sunday claimed he had found the lost civilization of Atlantis in the watery deep off Cyprus -- adding his theory to a mystery which has baffled explorers for centuries.
Robert Sarmast says a Mediterranean basin was flooded in a deluge around 9,000 BC which submerged a rectangular land mass he believes was Atlantis, lying about 1 mile beneath sea level between Cyprus and Syria.
'We have definitely found it,' said Sarmast, who led a team of explorers 50 miles off the south-east coast of Cyprus earlier this month.
Deep water sonar scanning had indicated man-made structures on a submerged hill, including a 3-kilometer-long wall, a walled hill summit and deep trenches, he said. But further explorations were needed, he added.
'We cannot yet provide tangible proof in the form of bricks and mortar as the artifacts are still buried under several meters of sediment, but the circumstantial and other evidence is irrefutable,' he claimed."
Sunday, November 07, 2004
Retailers turning to databases to rein in customer returns
Retailers turning to databases to rein in customer returns: "Washington -- Darlene Salerno considers herself a loyal customer of the Express clothing chain, shelling out roughly $2,000 for its trendy outfits each year. On a recent shopping trip, she bought a tank top, a button-down shirt and some khaki pants, but realized when she got home that she had similar items in her closet. So a few days later, she took them back to the store. She presented the items, the receipt and waited for her money.
Instead, the saleswoman handed her a slip of paper that said 'RETURN DECLINED' and told her to call the toll-free number at the bottom for more information. She phoned and was informed her account showed 'excessive' returns."
Is Microsoft Ready to Assert IP Rights over the Internet?
Is Microsoft Ready to Assert IP Rights over the Internet?: "Has Microsoft been trying to retroactively claim IP (intellectual property) rights over many of the Internet's basic protocols? Larry J. Blunk, senior engineer for networking research and development at Merit Network Inc., believes that might be the case.
Blunk expressed these concerns about Microsoft's Royalty Free Protocol License Agreement in a recent note to the IETF's Intellectual Property Rights Working Group. Specifically, Blunk suggested that Microsoft seemed to be claiming IP rights to many vital Internet protocols. And by so doing, 'Microsoft is injecting a significant amount of unwarranted uncertainty and doubt regarding non-Microsoft implementations of these protocols,' Blunk said."
Monday, November 01, 2004
Password Safe
Password Safe: "Password Safe
The security of Blowfish in a password database
Support
The current version of Password Safe is an open source project, which you can download from its Sourceforge page. Please use the Sourceforge tracking system for feature requests and bug reports.
For support of 1.7.1 and earlier versions, see the Password Safe FAQ or e-mail passwordsafe@counterpane.com. You can still download Password Safe 1.7.1 from this web site.
Many computer users today have to keep track of dozens of passwords: for network accounts, online services, premium web sites. Some write their passwords on a piece of paper, leaving their accounts vulnerable to thieves or in-house snoops. Others choose the same password for different applications, which makes life easy for intruders of all kinds.
With Password Safe, a free Windows utility designed by Bruce Schneier, users can keep their passwords securely encrypted on their computers. A single Safe Combination--just one thing to remember--unlocks them all.
Password Safe protects passwords with the Blowfish encryption algorithm, a fast, free alternative to DES. The program's security has been thoroughly verified by Counterpane Labs under the supervision of Bruce Schneier, author of Applied Cryptography and creator of the Blowfish algorithm.
Password Safe features a simple, intuitive interface that lets users set up their password database in minutes. You can copy a password just by double-clicking, and paste it directly into your application. Best of all, Password Safe is completely free: no license requirements, shareware fees, or other strings attached.
See the Blowfish page for more information on the Blowfish algorithm, including links to more than 120 other products that use Blowfish.
Counterpane Internet Security, Inc. Home Page."
Article: Super-tough coating for cellphones and discs�| New Scientist
Article: Super-tough coating for cellphones and discs�| New Scientist: "The colour LCD screens on cellphones and PDAs can get badly scratched in pockets stuffed with loose change and keys. And CDs and DVDs become unplayable in no time when children use them as indoor frisbees. Now a tough, transparent polymer coating developed by chemists in Japan is set to make scratched phone screens and scuffed discs a thing of the past.
In one of the most convincing technology demonstrations this reporter has witnessed, I was handed a CD, a wire-wool pan scourer and some permanent marker pens, and invited to scratch or mark the discs. Hard as I tried, I could not make a single mark on the disc with the scourer. And the ink simply wiped off."
