Skip navigation
Help

Megan Geuss

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.
Original author: 
Megan Geuss

The Guardian

The Guardian released an interview today with the man who has been the paper's source for a few now-infamous leaked documents that revealed a vast dragnet maintained by the NSA for gathering information on communications in America. That source is Edward Snowden, 29, an employee of American defense contractor Booz Allen Hamilton and a former technical assistant for the CIA.

When The Guardian published a leaked document on Wednesday of last week that showed a FISA court granting the NSA power to collect the metadata pertaining to phone calls from all of Verizon's customers over a period of three months, it became one of the biggest exposures of privacy invading actions taken by the government without the public's knowledge.

That is, until the next day, when The Guardian and The Washington Post revealed slides pertaining to another NSA project called PRISM, which apparently gathered vast swaths of information on users of Google services, Facebook, Apple, and more. While the companies named in the PRISM slides have all denied participation in such a program, President Obama and a number of senators confirmed the collection of phone call metadata on Friday.

Read 9 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Megan Geuss


List your passwords alphabetically, so it's easy for you and others to find them!

Give three password crackers a list of 16,000 cryptographically hashed passwords and ask them to come up with the plaintext phrases they correspond to. That's what Ars did this week in Dan Goodin's Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331.” Turns out, with just a little skill and some good hardware, three prominent password crackers were able to decode up to 90 percent of the list using common techniques.

The hashes the security experts used were converted using the MD5 cryptographic hash function, something that puzzled our readers a bit. MD5 is seen as a relatively weak hash function compared to hashing functions like bcrypt. flunk wrote, "These articles are interesting but this particular test isn't very relevant. MD5 wasn't considered a secure way to hash passwords 10 years ago, let alone now. Why wasn't this done with bcrypt and salting? That's much more realistic. Giving them a list of passwords that is encrypted in a way that would be considered massively incompetent in today's IT world isn't really a useful test."

To this, Goodin replied that plenty of Web services employ weak security practices: "This exercise was entirely relevant given the huge number of websites that use MD5, SHA1, and other fast functions to hash passwords. Only when MD5 is no longer used will exercises like this be irrelevant." Goodin later went on to cite the recent compromises of "LinkedIn, eHarmony, and LivingSocial," which were all using "fast hashing" techniques similar to MD5.

Read 14 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Megan Geuss


The foc.us headset.

Ars Technica

SAN FRANCISCO, CA—Earlier this week, Ars showed up at a demo day for the painful-to-read HAXLR8R (pronounced hack-celerator), a startup accelerator program that takes ten teams of entrepreneurs, gives them $25,000, and flies them between San Francisco and Shenzhen to work on a hardware-based product of their design.

Most of the products were still in progress, so many teams spent demo day courting VC funders or imploring the crowd to visit their Kickstarter campaign. But Foc.us, a company founded by mechanical engineers Michael Oxley and Martin Skinner, actually had its product launch that day. Its Foc.us headset is a device that is meant to shock your brain with electricity—and make you a better gamer because of it.

The headset is a red or black band that goes around the back of your head, with four disks that are placed on your forehead, just above your eyebrows. The disks contain electrodes beneath small circular sponges soaked in saline solution. When the headset turns on (via a physical button in the back or a companion iOS app), you get a shock to the prefrontal cortex that can range from 0.8 to 2.0 mA. For context, a hearing aid usually runs on about 0.7 mA—but you’re not directing that electricity into your head.

Read 8 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Megan Geuss


The Arduino Yún (Yún means "cloud" in Chinese.)

Arduino

At today’s Bay Area Maker Fair, Arduino announced its newest board—the Arduino Yún. The board is an Arduino Leonardo running Linino, a Linux fork based on OpenWRT. The board is Wi-Fi capable, which Arduino hopes will encourage people to use the boards to make cloud-ready projects.

In an official statement the company explained: “Historically, interfacing Arduino with complex Web services has been quite a challenge due to the limited memory available. Web services tend to use verbose text-based formats like XML that require quite a lot or ram to parse. On the Arduino Yún we have created the Bridge library which delegates all network connections and processing of HTTP transactions to the Linux machine.”

Earlier this week, another company called Spark Devices launched a similar idea on Kickstarter called Spark Core. That initiative puts forward a Wi-Fi capable board for Arduino projects that permits wireless programming and the ability to interface with Web services. The company originally asked for $10,000 and has since raised more than $300,000. (The campaign ends June 1.)

Read 2 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Megan Geuss

A website built by two programmers, Stephen LaPorte and Mahmoud Hashemi, displays recent changes to Wikipedia in real-time on a map of the world. When a new change is saved to the crowd-sourced encyclopedia, the title of the edited article shows up on the map with the editor's location according to his or her IP address.

Not all recent changes are counted, however. Actually, the website only maps the contributions made by unregistered Wikipedia users. When such a user makes an edit, they are identified only by IP address. This is just as well—a similar website called Wikistream logs all changes to Wikipedia (although not in such a graphically-friendly way), and watching the flood of new entries can get overwhelming, fast.

LaPorte and Hashemi said they built their map using the JavaScript library D3, datamaps-world.js, a service for searching the geolocation of IP addresses called freegeoip.net, and Wikimedia's recent changes IRC feed. The two programmers note in their blog that “you may see some users add non-productive or disruptive content to Wikipedia. A survey in 2007 indicated that unregistered users are less likely to make productive edits to the encyclopedia.” Helpfully, when you see a change made to a specific article, you can click on that change to view how the page has been edited (and change it back if it merits more editing).

Read 3 remaining paragraphs | Comments

0
Your rating: None

Eolas Technologies Inc. acted on behalf of the University of California Regents today to sue Facebook, Wal-Mart, and Disney over four patents related to hypermedia display. The University of California has licensed the four patents to Eolas, who is litigating on behalf of the UC Regents. The company gained notoriety several years ago when it sued Microsoft in a lengthy courtroom battle which ended with a settlement in 2007. Eolas was initially founded to litigate on behalf of the UC system's patents, and has earned critics for its aggressive litigation.

The patents, according to the complaint filed against Facebook in the Eastern District of Texas today, include patent No. 5,838,906 which covers a "distributed hypermedia method for automatically invoking an external application providing interaction and display of embedded objects within a hypermedia document," and patents No. 7,599,985; No. 8,082,293; and No. 8,086,662; all of which pertain to a "distributed hypermedia method and system for automatically invoking an external application providing interaction and display of embedded objects within a hypermedia document."

Reuters reported that, "a University of California spokesman said it considered the patents public assets and 'should be paid a fair value when a third party exploits that university asset for profit.'" Meanwhile, Eolas' complaint did not enumerate which parts of Facebook's website and holdings were in violation specifically, but wrote that, "the acts and practices of Facebook in infringing and/or inducing the infringement of one or more claims of each of the patents-in-suit, Plaintiffs have been, are being, and, unless such acts and practices are enjoined by the Court, will continue to suffer injury to their business and property rights."

Read 1 remaining paragraphs | Comments

0
Your rating: None