Bring A Hack at World Maker Faire 2014

After a hard Saturday at World Maker Faire, some of the best and brightest in the Hacker/Maker community descended on The Holiday Inn for “Bring A Hack”. Created by [Jeri Ellsworth] several years ago at the Bay Area Maker Faire, Bring A Hack (BAH) is an informal gathering. Sometimes a dinner, sometimes a group getting together at a local bar, BAH is has just one rule: You have to bring a hack!

[Sophi Kravitz] has become the unofficial event organizer for BAH in New York. This year she did a bit of live hacking, as she converted her Wobble Wonder headgear from wired to wireless control.

[Chris Gammell] brought his original Bench BudEE from Contextual Electronics. He showed off a few of his board customizations, including making a TSSOP part fit on the wrong footprint.

[Windell and Lenore] from Evil Mad Scientist Laboratories brought a few hacks along. They picked up an old Radio Shack music player chip at the Electronics Flea Market and built it up on a breadboard. Also on display was their new EggBot Pro. The Pro is a beautifully machined version of the eggbot. Everything is built strong to withstand the sort of duty an EggBot would see at a hackerspace or public library. [Windell] was full of surprises, as he also gave everyone chunks of Sal Ammoniac, which is a great way to bring the tin back to a tired soldering iron tip. The hack was that he found his Sal Ammoniac at a local Indian grocery in the Bay Area. Check out [Windell's] blog entry for more information.

[Cal Howard] brought his DIY VR goggles. [Cal] converted a Kindle Fire into an Oculus Rift style head mounted display by adding a couple of magnifying lenses, some bamboo kebab sticks to hold the lenses in place. Judicious use of cardboard and duct tape completed the project. His current hurdle is getting past the Fire’s lack of an accelerometer. [Cal] planned to spend Sunday at Maker Faire adding one of his own!

As the hour grew late, everyone started to trickle out. Tired but happy from a long day at Maker Faire, the Bring A Hacker partygoers headed back to their hotels to get some sleep before World Maker Faire’s final day.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Reanimating a Philips HDD 1420 MP3 Player

[OiD] had a dusty, old, forgotten Philips HDD1420 GoGear mp3 player kicking around his place. As you can imagine, the battery was dead. He had no charger or connector for the thing, but decided to try to resurrect it anyway.

He thought it would simply be a matter of providing alternative power, but the GoGear wasn’t having it and insisted on being connected to a computer. He had some luck consulting Pinouts.ru and found Philips’ own device manager software, but it still wasn’t easy. The device manager doesn’t work on Windows 7. He tried an XP box, but it didn’t detect the device.

Finally, he discovered that the hard drive was kaput and replaced it with an 8GB Microdrive. That helped, but he still had a hard row to hoe. [OiD] formatted the new HD and gave it the official firmware, but still had to replace some system files according to the Philips manual. He ended up using RockBox to reanimate it and decided to keep it on the device.

There was still an issue with charging, though. It has an IC that handles selection of either the proprietary external adapter or USB power, but the RockBox firmware doesn’t implement switching and defaults to the adapter. Several tweaks and a hacked-in mini USB later, the patient is in stable condition and cranking out the tunes.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Hacklet 17 – Keyboards

This week on The Hacklet we’re featuring some of the best keyboard hacks from Hackaday.io!

Hackers are really into their keyboards. Everyone has a favorite, and those favorites vary wildly. Mechanical, soft touch, ergonomic, QWERTY, DVORAK, chorded, you name it, there is a hacker, maker, or engineer who loves it, or absolutely hates it. For some, no commercial product is perfect. All is not lost though, as a custom keyboard is just a hack away!

[Warren Janssens] gets things rolling with Ergo60, his 60 key ergonomic keyboard. [Warren's] layout is a pair of 25 key hand clusters, each with a matching 5 key thumb cluster. This layout minimizes lateral wrist movement. With the reduced key count and stacked keys, the user’s hands never move from the home row. [Warren] rolled his own PCBs for Ergo60. A Teensy 2.0 running a fork of TMK serves as Ergo60’s controller. [Warren's] is running Cherry Black switches and his keycaps are from Signature Plastics. [Warren] is using Ergo60 as his daily driver these days, so it’s no surprise that he’s set the “Completed Project” tag.

Some say he needs no keyboard at all, and that his heartbeat sounds just like an IBM Model M. All we know is he’s called [Brian Benchoff]. [Brian's] created a pair of minimalist keyboard projects. The Unhappy Hacking Keyboard takes us back to basics. After all, computers run on 1’s and 0’s, right? What more could a person need? Apparently just a space and return. Unhappy Hacking Keyboard uses an ATtiny85 with V-USB as the controller and the interface. Keys are cherry MX blues. The keycaps are [Brian's] own Hackaday Cherry MX Keycaps printed by Shapeways.

An entire generation of hackers don’t know the joy of typing on a tiny rubber keyboard. [Alistair MacDonald] aimed to fix that, so he turned an old computer into a keyboard with his ZX Keyboard. [Alistair] started with a broken ZX Spectrum. He gutted the original electronics and added an Ardunio Pro Mini running the V-USB library. [Alistair] directly wired the row and column I/O lines from the keyboard to his Arduino. The result is a keyboard which is the perfect size for cell phones, Raspberry Pi’s and the like.

[Servo] teaches us new ways to type with Chordy KEY, his chording keyboard project. Chordy Key is meant to be used in the left hand. Five finger buttons and three thumb buttons are all that is needed to chord out 64 different letters and symbols. [Servo] utilized an ATmega32U4 powered Sparkfun pro micro to control his keyboard. Chordy Key is a proof of concept, but with [Servos's] use of 3D printed parts, Chordy Key looks like it’s ready for your next wearable computing project!

[jmptable] is also working on a chorded keyboard design. Chord Keyboard uses only 7 keys to send the entire ASCII character set and a few control combinations. [jmptable] used an ATmega328P as his processor. Chord keyboard isn’t wired though. An RN-42-HID module provides bluetooth connectivity to the world.

[jmptable] has provided an amazing amount of detail on his research, including one of his goals of adding a chorded keyboard to the Gameboy Advance. They keyboard itself would be mounted on the spine of a game cartridge. We would love to see that idea come to fruition, [Servo]!

Finally we have [Gertlex], who just wanted a scroll wheel embedded in his keyboard. He got there with the help of an Apple Mighty Mouse. Keyboard with Apple Mouse Scroll Ball is one of those hacks that looks like it original equipment. [Gertlex] took a drill to a Targus slim USB keyboard, putting a small hole right between the ESC and F1 keys. He fit the scroll ball from his Apple Mighty Mouse in the hole. Electronics are as simple as plugging the mouse and keyboard into the same USB hub. The only downside to the design is that [Gertlex's] keyboard doesn’t recognize fast enough to send key presses during the boot process.

That’s just about enough keystrokes for this episode of The Hacklet. As always, see you next week. Same hack time, same hack channel, bringing you the best of Hackaday.io!

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

ESP8266 Distance Testing

With progress slowly being made on turning the ESP8266 UART to WiFi module into something great, there is still the question of what the range is for the radio in this tiny IoT wonder. [CNLohr] has some test results for you, and the results are surprisingly good.

Connecting to the WiFi module through a TPLink WR841N router, [CN] as able to ping the module at 479 meters with a huge rubber duck antenna soldered on, or 366 meters with the PCB antenna. Wanting to test out the maximum range, [CN] and his friends dug out a Ubiquiti M2 dish and were able to drive 4.28 kilometers away from the module and still ping it.

Using a dish and a rubber duck antenna is an exercise in excess, though: no one is going to use a dish for an Internet of Things thing, but if you want to carry this experiment to its logical conclusion, there’s no reason to think an ESP8266 won’t connect, so long as you have line of sight and a huge antenna.

There’s still a lot of work to be done on this module. It’s capable of running custom code, and since you can pick this module up for less than $5 USD, it’s an interesting platform for whatever WiFi project you have in mind.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

We’re at Maker Faire Atlanta, Oct 4-5

If you live in the southeastern US, mark your calenders for next weekend—October 4th and 5th—and head out to the fourth annual Maker Faire Atlanta in downtown Decatur, GA. You can find a complete list of participants here.

I’ll be around all weekend to talk to makers about their projects and to hand out some Hackaday stickers. As [Brian] said with the HaD crew at the NY Faire, don’t be afraid to introduce yourself if you see me walking around or lurking at the Hackyard booth. See you there!

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Countdown to Finals

There can be only 5.

This Sunday Night we will snapshot the state of the final 50 entries for The Hackaday Prize. Our panel of Launch Judges will then begin the difficult task of choosing the five projects which best exemplify the virtues of the challenge: Openness, Connectedness, Innovation, Wow Factor, Reproducibility, and User Experience.

Want to help your favorite project make the finals? Get in there and take a look at their write-ups. Leave a polite comment on the project page that mentions the parts that are unclear or things you think should be added to the description.

The five who do move on are up for some huge prizes: A trip to space, Milling Machine, a 3D Printer, a trip to Akihabara, and Team Skydiving. Of course we won’t know the order of the finalists or who the Grand Prize Winner is until the final judging round happens at the end of October.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

The internet has changed everything and nothing | Deborah Orr

How did we get here? … Teh Internet Is Serious at the Royal Court in London. Photograph: Tristram Kenton for the Guardian

Who saw it coming – a future that reanimated a dystopian past? Who could have believed, in the 1960s, that half a century on from Harold Wilson’s speech about the “white heat of technology”, young men in Britain would be looking at public beheadings on their laptops and, liking what they saw, resolving to join a crusade in the Middle East, a jihad against the infidel? Not me, that’s for sure.

In the 1960s, in our family, a telephone was something possessed by pathetic show-offs with more money than sense. We got along just fine without one. Now, I am indignant when my iPhone says “No service” or “Not delivered”. I am contemptuous of patches of retrograde air, air that is not crammed with all the information in the world, all of it sitting there patiently waiting for the few keystrokes that might summon it.

How did I get from there to here? I have only the vaguest idea. It all happened so fast – so fast that I do not know which of two things to be amazed at. Should I be amazed that information technology has changed the world so much? Or should I be amazed that it has changed the world so little?

I went to the theatre this week. Lots of people do. It has never been more popular. This play, Teh Internet Is Serious Business, was at the Royal Court. Its author, Tim Price, told the story of the defunct hacking group LulzSec and offered a dramatic interpretation of cyberspace in the process. What a strange thing – that this ancient artform should be recruited to animate life behind a screen. What a strange thing anyway, that in a world full of people with phones clamped to their ears, there are flocks of folk turning up at one of the increasingly few places where using a phone is seen as an inexcusable solecism. At the theatre, in the 21st century, one stands astride the old Elizabethans and the new.

We new Elizabethans talk all the time about internet communities. But I do not suppose I am the only one who, when I picture an “internet community” in my head, sees a beaten male in a mucky old chair, grim face illuminated by the flickering light of the tool that drives his fantasies. New technology – new prejudices.

No such people appeared in Price’s play, only their fantasy selves. Online, the people from LulzSec lived in an anarchic land of non-stop festival protest, where wayward cleverness was harnessed to mock and damage a corporate world too arrogant to see how pathetic its own defences were. The play is set in a garish, metaphorical playground full of frustrated children, angry at a world that seems indifferent to their views, desperate to wield power themselves.

If only these smart kids had been adult and mature, the play invites one to think, what great lives they could have had in our sophisticated modern world. Instead, presumably, the people who were identified and convicted as members of Lulzsec are in their mucky old chairs right now, their faces in harsh shadow because they are banned from using the internet.

Except that perhaps the trouble with the guys from LulzSec was that they were not quite childish enough. Visit Digital Revolution, the Barbican Centre’s exhibition that boasts of being “the most comprehensive presentation of digital creativity ever to be staged in the UK” and you can quite easily form the impression that games and play are all that technology has to offer.

If the Lulzsec guys had been content to spend their time playing Call of Duty, exchanging videos of kittens or binge-watching dramas on Netflix, they would presumably have been considered normal, productive members of society. Their big problem was that they wanted to be active, not passive. They were not happy simply to be consumers, because they did not think much of what they were being asked to consume or why they were being asked to consume it. Their idea of “digital revolution” was rather more radical than assembling a collection of gaming consoles through the ages, of which there is quite a bit in the Barbican’s show.

Not, of course, that play really is all the internet has to offer. One can sit at home all day, gathering news of a world in crisis, then hotly debating whether there should be “boots on the ground in Iraq” or whether it is OK to bomb Syria without Syria’s permission. It is easy to feel involved in such debates. It is easy to feel like your opinion matters. It is easy to feel that, with your band of online conspirators, you are changing the world. Except that there is truth in the contemptuous word “clicktivism”. Once it was said that knowledge was power. Now that knowledge is there for anyone’s taking, it has become clear that only power is power, and that it is still acquired by humans in the way that humans have always acquired it – through violence.

Maybe technology allows human beings to know much, much more about their fellow human beings than is wise. Our vanities, our prejudices, our foibles, our failures of understanding, our anger, our hatreds – the internet seethes with it all. Does all that in itself shake our faith in our idea of humans as developed, refined and civilised? What is civilisation, after all, but the collective and settled expression of our ability to move away from savagery?

Yet it is obvious, on the internet, that collective and settled is in short supply. One person’s idealism is another person’s stupidity. One person’s concept of responsible behaviour is another person’s concept of cowardice. One person’s notion of sophistication is another person’s notion of ignorance.

If you are looking for someone to despise, someone to perceive as different to you in all the wrong ways, then the internet is a good place to look. Only one place beats it for that – the real world, where people hurt, torture and kill other people like they always have, then do one thing that is new – post it proudly on the web.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Added: Breaking Bad Alchemist (from 2013.09.29)

To pay homage to the season finale of Breaking Bad, hackers transformed the Alchemist into Breaking Bad's Walter White.

Additionally, banners were hung outside and inside lobby 7.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Hack Madness

Interesting Hacks To Fascinate People: The MIT Gallery of Hacks Sorry, I could not read the content fromt this page.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Added: Thanksgivukkah Dreidel on Building 10 (from 2013.12.03)

To celebrate the confluence of Thanksgiving and Hanukkah, which occurs only once roughly every 70,000 years, hackers decorated Building 10 with a banner "Happy Thanksgivukkah!" and a decorated dreidel.

Rather than the typical American lettering -- ? (Nun) (Gimel) ? (Hei) ? (Shin), an abbreviation of "A great miracle happened there" -- the dreidel was lettered in the Israeli fashion -- ? (Nun) ? (Gimel) ? (Hei) ? (Pei), an abbreviation of "A great miracle happened here," perhaps also a nod to the MIT Architecht I.M. Pei.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Added: Portal Themed Newton's Cradle (from 2012.04.18)

During CPW, a five-piece Newton's Cradle appeared underneath the skybridge connecting buildings 18 and 56. The heads of the cradle resembled the personality spheres from the Valve game, Portal 2 , and glowed at night. The installation included a button to play sounds and actuate the cradle by pulling back a ball and setting it into motion.

Watch the cradle swing on Youtube.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Added: Medical Mask on the Alchemist (from 2013.01.15)

Hackers placed a medical mask on the Alchemist statue outside the Student Center (W20) to help keep him healthy during a bad flu outbreak.

Additional Information and Photo Credits

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Added: Olympic Rings Over Briggs (from 2014.02.08)

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Added: Pacman and Blinky on the Great Dome (from 2013.01.10)

Pacman and one of his arch nemeses, Blinky the ghost, appeared on the construction scaffolding on the Great Dome on January 10. At night, the lights from the scaffolding illuminated a trail of "power pellets," the white dots Pacman eats to earn points.

Press coverage:

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Added: Sean Collier Memorial (from 2013.04.22)

On Thursday, April 18th, MIT Police Officer Sean Collier's life was taken from him while he was on traffic duty on Vassar Street near the Stata Center. To honor Sean's commitment to protecting MIT, hackers erected memorials across campus.

A banner was hung in Lobby 7.

Another banner was hung on the front of Building 10.

Origami cranes and flowers were placed on the MIT Campus Police car located in the Stata Center hack gallery.

More information about the Boston Marathon Bombings can be found here.

More information about this hack and the hack that occurred on the anniversary of Officer Sean Collier's death, can be found at cranes.mit.edu .

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Home Depot: 56 million credit cards compromised

News of the breach emerged on September 2, but was not admitted by Home Depot until September 8. Photograph: Justin Sullivan/Getty Images

The world's largest DIY retailer has admitted that 56m credit and debit card numbers were compromised over a five-month period in one of the worst breaches of customer data ever recorded. Home Depot said on Thursday night that although the data theft began in April, the malware used by the hackers had only been completely removed from its systems this month.

The breach was revealed on 2 September by the security website Krebs on Security, which said that all 2,200 of Home Depot's US stores could have been affected. The chain, which did not confirm the data breach until 8 September, said that security groups Symantec and FishNet Security were brought in to investigate the possible hacking as soon it became known.

The criminals used "unique, custom-built malware" that had not been seen in similar attacks, which helped them to avoid detection for so long, Home Depot said. It had completed a major payment security upgrade to ensure better encryption of customers' card numbers.

US retailers have been slower to adopt the chip-and-Pin technology found in Britain and most European countries as many American credit cards still lacked the appropriate chips. The US payments industry has set a deadline of October 2015 to switch to chip and Pin.

Frank Blake, chairman and chief executive of Home Depot, apologised to customers for the "inconvenience and anxiety" of the breach and said they would not be liable for any fraudulent charges.

"From the time this investigation began, our guiding principle has been to put our customers first and we will continue to do so," he said.

Many banks have begun replacing credit cards affected by the theft.

The data theft eclipses the 40m card numbers stolen from Target customers last year and is second only to the 90m stolen from TJX, the owner of the TK Maxx clothing store chain, in 2007.

The company said investigating the incident had cost $62m, $27m of which would be covered by insurance payments. It was also facing a lawsuit in Canada, where as many as 4 million customers could have been affected.

Tony Merchant, a retired lawyer, who has filed a claim, told the Globe and Mail: "They weren't telling people until [security blogger] Brian Krebs broke the story at the beginning of September. An awful lot of people have spent [money] at Home Depot in the last six months, and every one of them is at risk."

The incident, while highly embarrassing for the Atlanta-based company, does not appear to have had the same impact as the breach suffered by Target. Both its chief executive and chief information officer quit in the months following the hacking.

However, Home Depot said last month that Blake would step down as chief executive on 1 November and be replaced by Craig Menear, head of the company's US retail operations.

Shares in the retailer closed up 1%, or 87 cents, at $92.09 in New York on Thursday. The stock has risen 10% in the past month.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Musician rebels embrace darknet to explore uncensored internet frontiers

Aphex Twin used a .onion web page to announce the release of his latest album, Syro.

You could view the internet a little like the Earth’s surface. The bits of the web everyone knows about and uses are the land masses, but surrounding them are the vast expanses of ocean that represent the much publicised “deep web” – the uncharted depths that are the areas not indexed by standard commercial search engines, because they’re meaningless to the average internet user. However, within this abyss of uncharted waters, there is a place that undertakes groundbreaking technological advancements just to keep itself both separate and efficient. This relatively small area has been labelled the “darknet”, and it can only be browsed using services like Tor (The Onion Router) or Freenet, which are based on multilayered concepts of anonymity designed to make both the visitors and the web pages (styled as .onion) incredibly difficult to trace.

The darknet has been around since the 70s, but the rise and fall of the Silk Road darknet marketplace empire (now Silk Road 2.0) in 2013, and the advent of cryptocurrencies, notably Bitcoin, saw it truly break into the mainstream press. Ever since it has enjoyed sporadic news mentions, usually relating to drug and gun markets, political activism, child pornography, fraud, fetishism, murder, terrorism and Tesco clubcard vouchers. To many, unsurprisingly, the darknet is an incomprehensible sin city.

With all that in mind, Aphex Twin’s decision to release details of Syro, his first album in 13 years, via an elusive .onion web page left a wider community of music lovers trying to decipher why electronic music’s prodigal son had chosen such a platform. Hackers immediately booted up their Tor browsers and pounced on the page to search for any hidden surprises, but reported back via Reddit that there was no hidden content and no secret messages. “If anything, the site is a little sloppy,” said one commenter.

As I tried to explore the thought processes of Aphex Twin’s Richard D James (a daunting task in itself), I became sidetracked by a much wider issue, which involves a growing scatter of artists who are exploring the outer limits of the internet for inspiration, adventure, anonymity and rebellion, in search of a truer and uncensored reflection of the society we live in.

It began with Lee Bannon, a Sacramento based experimental hip-hop producer. Bannon has spent the last year working on an album subtly inspired by the darknet. In contrast to his production work for rappers like Joey Bada$$ and Souls of Mischief, Bannon’s solo work is a distinct brand of atmospheric jungle which nods as much to digital culture as it does to the early years sounds of Goldie’s Metalheadz label. His first experience with the internet’s peripheries came when he started to find his music being discussed on different types of internet forum. “My original hip-hop fan base was somehow evolving into a more intellectual hacker crowd,” he says. “They lived a certain lifestyle, and I wanted to dive into that vibe.”

Musician Lee Bannon: ‘For me, the fascination is about social justice and this new frontier of possibilities.’ Photograph: Josh Wehle

A combination of watching the Anonymous network join in the Ferguson protests and witnessing a friend smoothly buy drugs off the darknet made Bannon obsessed with both the potential and the awe-inspiring absurdity of it all. “For me, the fascination is about social justice and this new frontier of possibilities. I think it’s like a sword. A good guy could pick it up to protect people, and a bad guy could pick it up to cut someone’s head off.”

It turns out Bannon wasn’t the only one in California’s state capital who had embraced internet subculture. Two years ago, the now defunct group Death Grips launched an ARG (alternate reality game) on the darknet to promote their albums The Money Store and No Love Deep Web, by seeding various clues on the bulletin board site 4Chan. “Silicon Valley is only an hour away, so a lot of that hacker culture winds up in Sacramento, because it’s cheaper to live there, and you can commute back and forth,” Bannon says of the attraction of the darknet for the city’s musicians.

Explorations into strange parts of the web aren’t restricted to Sacramento, naturally. “One of the few sublime experiences I have today,” explains the Canadian artist and essayist Jon Rafman, “is discovering a new community online that I didn’t even know existed. It reveals a whole world within a world. It’s like thinking you know what reality is and then discovering an entire universe within an atom.” Rafman’s warped video collage Mainsqueeze was collated entirely from footage found on the deep web, and this latest discovery has him even more fascinated. “Wizardchan,” he says, “is an online community of male virgins over the age of 30. It comes from a Japanese saying that if you reach the age of 30 and you are still a virgin, you become a wizard. It is a community of supportive self-deprecation and self-loathing with a very internet sense of humour. They are often trying to one up each other in levels of patheticness and a lot of the time discourage any attempts at becoming ‘normies’. I see this image of the basement-dwelling wizard who rejects societal conventions to such an extreme degree as one of the tragic heroes of our times.”

The above video features some footage that readers may find disturbing

Mainsqueeze, by Canadian artist Jon Rafman is a compilation of footage posted on the deep web

Part of what Rafman admits to loving about the darker corner of the internet is how it allows people to take on new roles and identities. Yet, one of the key features of the darknet – the anonymity – is largely highlighted as its most dangerous component, with the “what have you got to hide?” card being thrown into most debates about encryption systems such as Tor, despite the dangers posed by the absolute lack of anonymity forced on internet users by sites that harvest their data.

The fear of the sites which see their users as a resource from which to make money drives Alec Empire, the founder of Berlin-based digital hardcore band Atari Teenage Riot. “You fear that a corporation is taking your stuff and monetising it,” he says. “Facebook, Twitter, all these things that helped independent artists in the beginning are now working against them. Putting a Pringles ad next to them. Even putting a video up on YouTube screws up the whole experience of watching it. The viewer is bombarded with bullshit. Using the deep web is a way to do things differently. I feel a new enthusiasm, [like] I witnessed when the original internet became big in the 90s.”

This idea, that the darknet harks back to a “golden era” of the internet – before legislation, surveillance and monopolisation took control – is a recurring theme. “The early internet was this alternate, separate place that was meant to transcend all the problems and censorship of real world society,” says the journalist Jamie Bartlett, a specialist on internet culture and author of the book The Dark Net. “As a result, it would be dangerous, liberal, uncensored, and it would be a great place for freedom fighters, democratic dissidents and whistleblowers to go, as well as criminals, child pornographers and terrorists. And that’s exactly what the darknet is. It’s seen as somewhere new, free and open, for those increasingly worried by the idea that the internet is becoming colonised by commercial purposes.”

Of all the artistic interactions with the darknet, Aphex Twin’s link may actually have been the least sophisticated. But what he has done is place the notion of the darknet, and the Tor project, in a new perspective both to the mainstream press and to an enormous fanbase, given his status as one of the most influential artists in electronic music.

Perhaps, the darknet – which Bannon describes as being like “Paris in the 20s” and Empire as “discovering America again” – has the potential to be a bastion of free speech and creativity, where art can escape surveillance and commercialism, to blend with new technology and hard truths in a way that is no longer possible on the surface internet. As Jamie Bartlett concluded in his book: “Outsiders, radicals and pariahs are often the first to find and use technology in shrewd ways, and the rest of us have much to learn from them.”

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Metal Gear Online brought back to life by professional hackers

The problem with games designed to be played online is that they can be shut down by their publishers. Decisions that often make commercial sense for the publishers a few years down the line, but which still have an impact on any remaining players.

One such game was Metal Gear Online (MGO), which shut down in 2012, four years after it launched. Yet in 2014, the game has been brought back to life by a group of ethical hackers, working under the SaveMGO banner.

Later this week one of the researchers, Joseph Tartaro from security consultancy IOActive, will detail the techniques his crew used to get Metal Gear Online back online for its fans to enjoy.

Tartaro, who will deliver his ‘Cyber Necromancy’ talk at the Brucon conference alongside fellow security technician Matthew Halchyshak, told the Guardian that as many as 80 people are playing MGO every day thanks to the group’s work. And he predicted that other games will be resurrected in the same way.

The group’s aim was to create a server that would effectively trick PlayStation 2 and PlayStation 3 consoles into believing they were speaking with the old official server. In the case of the PS3, the researcher believes this could be the first private server to host multiplayer melees on the console.

The team started with the PlayStation discs themselves, taking a look at the executable files that make the game run.

They figured out how the code worked – reverse engineering it, and then did something similar with the network protocol determining how the consoles communicated with each other, and the now-defunct remote server that once hosted the multiplayer games.

The process was rather tedious because the original online server was no longer available, said Tartaro. The team had to use educated guesses in pushing various pieces of fake data to their consoles, and then using the responses to craft adequate private servers.

This, Metal Gear Online came back to life, initially for PS2 last year, and then for PS3 just over a month ago. In a gaming context, “cracking” is often discussed in the context of piracy, but in this case, the encryption was being cracked in order to help fans of the game play it once more.

“We broke the encryption for the network protocol, as well as the file encryption, but the network protocol was the only one necessary to get it back online,” said Tartaro.

There are a few caveats to this project. Anyone wanting to play MGO again on PS3 needs to be running a hacked console, although for the PS2, a cheat device like Code Breaker will suffice, as well as a rooted console.

The SaveMGO group is providing information about how to modify consoles on its website, but Tartaro recommends that people don’t tinker with the hardware themselves, but rather acquire a downgraded console to install the necessary custom firmware.

These issues arose largely because the SaveMGO project involved altering or patching the game files, with unsigned code unable to run on non-jailbroken consoles.

The team is hoping to find a vulnerability in the game which they could exploit to make hacked consoles unnecessary. “There’s no easy security bypass or vulnerability that I’ve found so far,” said Tartaro.

He also suggested that many other older online games could be brought back to life using similar tactics. “In the end, you’d be able to do this to any game,” he said, pointing to similar work on Pro Evolution Soccer 6 and Resident Evil Outbreak.

The obvious question: what will the original games’ publishers make of these efforts? The SaveMGO group has sent tweets to MGO publisher Konami to make them aware of the not-for-profit project, and are hopeful of avoiding a copyright fracas.

• Replica of Nintendo’s classic NES console goes on sale

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

The Emma Watson nude photos threat was a hoax but it was still a threat | Jessica Valenti

Emma Watson is disappointed in you people. Photograph: DVT/Star Max/GC Images

When we thought 4chan had threatened to leak nude pictures of Emma Watson as retaliation for her United Nations speech on feminism last week, it was outrage-on-internet-business as usual. After all, women being verbally attacked and sexually threatened for speaking up is nothing new. Finding out that it was all part of a hoax, however, means He-for-She-gate is a full-blown meta-misogynist clusterfuck.

Rantic Media (also known as Social VEVO), the supposed marketering bros behind the threat – hoax or no, it was still a threat – swears that the goal was to bring attention to the sexism of 4chan and the recent celebrity photo leaks. But sexually threatening an outspoken woman to shine a light on how outspoken women are sexually threatened – well, that’s idiotic at best. The Emma Watson hoax was a cravenly opportunistic move to gin up attention using a real issue, a real woman and real fear that women and marginalized groups across the internet face constantly. That’s not marketing or consciousness-raising: it’s harassment.

And what was this intended to prove (other than, perhaps, some nebulous point about the media’s gullibility)? We all already know that 4chan is a cesspool. Using their tactics is like throwing a bag of garbage into the dump: you’re just adding to the stink.

The Rantic “firm” of men didn’t actually believe that women would be grateful, or that they were doing anything to further the conversation about misogyny online, nor about social media threats or celebrity privacy. The supposed hoaxers just wanted their 15 minutes, their 140 characters. The only thing Emma Watson’s harassers achieved was to remind women that our bodies and the sexual fear with which we’ve been instilled since childhood are usable as a joke. As a way to drum up traffic.

The takeaway from their “funny” hoax is supposed to be Everyone loves a sex scandal! – but that’s only true if you’re not the one being attacked, or you’ll never be the one being attacked.

Sexual harassment and online threats against women aren’t something to joke about or try out in service of some imagined greater good: believe me, no good came of this.

The one maybe-bright spot in this week-long Watson scandal is that clearly vitriolic sexism is finally seen as an outrage, and it might finally provoke action. Though, if the threat had been directed at a woman other than the squeaky-clean young, white, former-Hermione, I’m not sure that would have inevitably been the case.

But to the men who decided Watson’s sense of safety was worth throwing to the internet wolves so long as it meant making a splash: Why not try to reclaim that part of your humanity about which Watson spoke so eloquently in her UN speech? Instead of using women’s bodies and fear and sexuality to make money, get attention and feel like men, consider becoming a more “true and complete version” of yourself. And if that completed guy is still an asshole, do us all a favor and back away from the computer. Permanently.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Game of Thrones actor to play cyber-stalking victim for Channel 4

Maisie Williams, who plays Arya Stark, has a feisty, likeable screen presence, according to Ben Chanan, who will direct Cyber Bully, the docu-drama's working title. Photograph: Nick Briggs

Maisie Williams, the young Game of Thrones star who plays Arya Stark, is to play a victim of cyber stalking in a Channel 4 drama-documentary.

Williams will star in Cyber Bully, a working title, as a teenage girl facing an anonymous online stalker and dealing with peer-to-peer bullying and advanced computer hacking, and eventually fighting back.

While what happens to Williams’ character is extreme and presented in a dramatic format, the programme is based on dozens of real-life cases of cyber bullying.

Cyber Bully, due to be broadcast in early 2015, focuses largely on Williams’ character and takes place in a single location, with a supporting cast including Ella Purnell (Maleficent) and Jake Davies (X+Y).

It will be presented in the form of a real-time thriller, directed by Ben Chanan, who was also responsible for Channel 4 drama-doc Blackout, which imagined the catastrophic aftermath of the collapse of the UK’s electricity supply.

Chanan said: “The audience will be trapped with Casey for a full screen hour and we need an exceptional actress to play her. I couldn’t imagine anyone else in the role. Maisie Williams is not only remarkably talented, she also has an immediately likeable, feisty screen presence which makes you root for her instinctively.”

Channel 4’s head of documentaries, Nick Mirsky, said: “It is one of the most important purposes of Channel 4 to find new ways of engaging young audiences with the cyber world and the stories that play out on the internet. This film does exactly that in a way that is gripping, relevant and fiercely public service.”

Cyber Bully is being made by independent producer Raw TV, the company responsible for Blackout, with Richard Bond executive producing.

• To contact the MediaGuardian news desk email media@theguardian.com or phone 020 3353 3857. For all other inquiries please call the main Guardian switchboard on 020 3353 2000. If you are writing a comment for publication, please mark clearly “for publication”.

• To get the latest media news to your desktop or mobile, follow MediaGuardian on Twitter and Facebook.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Feminists rally round Emma Watson after nude photos threats online

Supporters have rallied round the actor Emma Watson after a threat emerged online to release nude photos of her in response to a speech about gender equality she made at the United Nations over the weekend.

Watson, the newly appointed UN Women’s goodwill ambassador, spoke on Saturday about her journey to call herself a feminist in a speech to launch the HeForShe campaign, a solidarity movement that seeks to have men and women work together for gender equality.

“I want men to take up this mantle,” Watson said. “So their daughters, sisters and mothers can be free from prejudice but also so that their sons have permission to be vulnerable and human too – reclaim those parts of themselves they abandoned, and in doing so be a more true and complete version of themselves.”

In response, users on the anarchic message board 4chan, where leaked celebrity photographs first appeared last month, posted a link to “emmayouarenext.com” with a picture of Watson and a countdown, which ends just after midnight ET on Friday night. A caption at the bottom of the screen says “never forget, the biggest to come so far”. Users also posted fake reports of Watson’s death on Twitter.

The weight of that threat is in question for a number of reasons, including that none of the other recent leaks have been trailed in this style. “If anyone from 4chan had the skill to do this,” one anonymous poster said, “there’d be no threats, only nudes.”

On 4chan, it is near impossible to tell what is real and what is “trolling” – misdirection and mischief. The Watson threat bears all the hallmarks of the latter, and the general consensus among commenters is that this is a prank. “Spoiler: it’s not true,” one anonymous 4chan poster said.

Either way, feminists are railing against the threat against Watson. “Emma Watson, like so many other women online, is being silenced and kept in her place with misogyny as a weapon,” said PolicyMic senior editor Elizabeth Plank.

“So go ahead and add this response to Watson’s argument for why we need feminism,” wrote Maya Dusenbery, executive director of Feministing. “Misogynists do have a tendency of proving your point for you – they can be helpful like that.”

Watson, surely aware of the threat, is still posting support for the campaign on Twitter.

Her speech, and the HeForShe campaign, have received support from celebrities including comedian Simon Pegg, author Neil Gaiman and actor Joseph Gordon-Levitt, who is working on a film project asking people to define what feminism means to them.

Commenters on Reddit concurred that the threat of a leak is likely a hoax. “This is a masterwork of trolling,” said a user with the handle JS945. A popular theory is that this is an elaborate version of a classic internet prank known as “Rickrolling,” in which people are tricked into clicking a link that leads to a video of ‘80s star Rick Astley’s Never Gonna Give You Up.

“Mark my words. Rickroll,” said one Redditor whose username was Forceblade. “The biggest Rickroll in internet history” another agreed.

A few 4chan users had a different theory: that this was an elaborate “false flag” by the government to turn public opinion against internet freedom. “These leaks are definitely false flags targeting 4chan,” said one user. “Guys, guys, guys. Listen guys,” said another. “What if the hacker was NSA? What if the NSA did this to sway the public for censoring the internet? You think they would do something like that?”

“All I can say Emma, is: fuck them,” wrote Rhiannon Lucy Cosslett in a letter to Emma Watson posted in the New Statesman. “It makes me furious that these men, these boys, are attempting to grind you down, in the same way that similar men have tirelessly attempted to grind down the emergence of our gender as a viable political threat for generations now.”

• This article was updated on 24 September to make it clear that the original threat against Watson did not originate on 4chan. While users there shared the link to the threat, its source is currently unclear.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Apple's Tim Cook attacks Google and Facebook over privacy flaws

Apple chief executive Tim Cook has fired a new salvo against Google and Facebook, emphasising in an open letter to customers that Apple doesn’t build profiles of its users from their email content or web browsing habits “to sell to advertisers”.

While not mentioning either of its two main rivals, Cook’s letter marks a clear effort by Apple to play on rising concerns around privacy and the use made of peoples’ personal data.

“Our business model is very straightforward: we sell great products,” Cook writes. “We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t ‘monetise’ the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you.”

He says Apple’s iAd system, used by some developers to monetise ads, and to provide adverts in the free US-based iTunes Radio service, “sticks to the same privacy policy that applies to every other Apple product. It doesn’t get data from Health and HomeKit, Maps, Siri, iMessage, your call history, or any iCloud service like Contacts or Mail, and you can always just opt out altogether.”

Cook’s letter comes as Facebook has launched a low-key campaign to reassure users about privacy, following controversy about the access demanded to users’ phones by its Facebook Messenger app, which the social network’s users employ to send private messages.

The social network has also had to fend off criticism after it revealed that it had tweaked some users’ news feeds as part of an experiment to see if their emotions were affected.

Google meanwhile is still being investigated in Europe by privacy commissioners from a number of countries over the changes that it made in 2012 to its privacy policy, in which it unified information about how individuals used its different products, such as search, mail and the YouTube video service.

Security experts meanwhile welcomed a statement from Apple in which it said that it will no longer hold encryption keys for customers’ devices running its new iOS 8 software, meaning that it will be unable to decrypt them for governments or law enforcement - even if demanded to.

Chris Soghoian, principal technologist at the American Civil Liberties Union (ACLU), commented that “The public has said they want companies to put their privacy first, and Apple has listened.” He called on Google to match Apple’s lead in end-to-end security for user messages in its built-in messaging product iMessage and FaceTime video calling service.

“Google has 300+ people on their security team, some of the best in the industry. Google could make amazing, surveillance-resistant products,” he commented. “Google should be called out for failing to deliver secure IM [instant messaging]. It isn’t that hard.”

Responding to Heather Adkins, a Google security team member who replied that “I chat securely on Google’s [Android] platform every day”, Soghoian responded: “I carry two smartphones. My iPhone sends end-to-end encrypted IMs by default. My Android device doesn’t.”

The Android platform, Soghoian said, has no device encryption by default, “rarely” gets security updates, and has no end-to-end encrypted IM or video chat facility.

Apple’s declaration that it will be unable to help government agencies in any country decrypt devices applies only to those running iOS 8. There are an estimated 500m iOS devices in use worldwide, and iOS 8 is available as a free update for every device since the iPad 2, released in April 2011.

Some analysts have wondered whether the delay in sales approval for the iPhone 6 and iPhone 6 Plus in China is due to this element of the operating system, which comes as part of the phones. Apple was previously required to move some servers to China to conform to government regulations there about the storage of nationals’ data - though Apple says it encrypts data on its servers and does not hold a key for them.

The extra encryption protection measures on iOS 8 will also apply to iCloud backups - which are believed to have been the source of intimate pictures of celebrities that were spread online earlier this month from the 4chan and reddit discussion boards.

Normally, Apple devices and iCloud backups are encrypted by default using a four-digit passcode on setup, though the user can subsequently change that for a longer one. Apple says that attempts at a brute-force cracking of the passcode are resisted by an “iteration count” to slow down repeated attempts.

However even with those measures a four-digit passcode can be cracked in less than seven minutes, according to one security researcher’s calculations. A six-character passcode with letters and numbers would take more than five years to crack through brute force methods, Apple says.

Security advisers suggest changing from the four-digit passcode to a more complex one to guard against brute force attacks, and Apple says users should turn on “two-factor authentication”, which would provide notification when a backup was downloaded.

Cook says that “I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.” That does not however preclude the possibility that Apple hands over specific account data under the US’s secret FISA court orders.

Google has repeatedly and vehemently denied that any government has had access to its servers.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Trolling in the aisles with LulzSec: Teh Internet is Serious Business

The assorted hackers – most of whom have never met in real life – in Teh Internet is Serious Business. Photograph: Johan Persson

The story of LulzSec is one of trust and betrayal, justice and lawlessness, authority and subversion. In the winter of 2010, six geographically disparate people came together online to form a hacking group that delighted some, infuriated others and quickly came to the attention of law enforcement on both sides of the Atlantic.

The crux of the drama – in which one of the six must decide whether to stay faithful to family or unseen friends – has a Shakespearean depth, but there’s the problem of how you introduce an audience to the idea of online chatrooms, where thousands of people are “present” anonymously, yet in the real world are sat at a keyboard with a real name and real life attached to everything they do.

Tim Price, who has previously written plays about Chelsea Manning and the Occupy Movement, took on the task of bringing LulzSec’s rise and fall to the stage, with Teh Internet is Serious Business, now showing at the Royal Court in London. His first challenge was to convey the peculiar world of online chatrooms, particularly the culture of trolling, or aggressively aiming to outrage. This isn’t occasional, it’s de rigueur. “The use of misogynyistic, homophobic language on those boards is designed to get people to censor them,” Price says. “It’s used as a political device. It’s not the actual opinions people hold.”

Everything LulzSec did happened online – hacking everyone from Sony to the CIA – on that implausible stage known as the internet. None of them met while they were active. Most still haven’t. Jake Davis (aka Topiary, a Shetlander) and Mustafa al-Bassam (aka TFlow, a Londoner of Arabic extraction) only met for the first time when they were in the dock in London, accused of various hacking crimes.

“Or was it just outside?” says the naturally gregarious Davis to the quieter Al-Bassam, as we wait to go in and see the show. “We went to a Wetherspoons.” Davis was the voice of LulzSec, its public face, the one who loved to taunt and tease and troll. Al-Bassam was a hacker, making computers dance to his demands. For the staging, Price eschewed screens: though the characters do speak in the gobbledegook of code, the computers they command are represented by dancers.

Watch a trailer for the Royal Court show.

Meanwhile, the panoply of people online is depicted through a multitude of forms – a penguin, a bear, a dog – and the members of the group through their self-representations. These include LulzSec’s “Kayla”, depicted as a Japanese woman dressed in a child’s clothing riding a girl’s bicycle. Online, Kayla insisted that the real-world Kayla was a girl; the question of whether that was true exercised many, though not the members of LulzSec.

Davis’s progress, starting in a dressing gown, echoes that of Arthur Dent in The Hitchhiker’s Guide to the Galaxy. He’s plucked from the ruins of his family by the discovery of the boards, making his experience at first look like The Hitchhiker’s Guide to Cyberspace. But as his influence grows, he casts that off to become clothed, and then besuited, the spokesman for an unseen throng. “Jake is a child of the trolling culture,” says Price. “Mustafa is a child of the hacking culture. They’re the yin and yang.”

Yet LulzSec’s story is hard to tell, not because it isn’t compelling, but because it looks so different to every observer and participant. Its downfall hinged on one hacker’s choice when confronted by the police: betray the people you care for and see every day, or those with whom you spend “20 hours a day together online”. If you think that’s an easy choice, you haven’t experienced the intimacy of an online group.

I was, in a minor way, more than an observer. In covering the rise of the Anonymous hacking network, I communicated with Topiary before he was part of LulzSec, and later became entangled in a Twitter exchange with Sabu, LulzSec’s nominal leader, as they were being hunted on two continents. LulzSec published my mobile phone number on their Twitter feed, which led to my receiving 100 or so voicemails in short order. As injuries go, it was minimal – as I realised on seeing Davis in court, facing years in jail if convicted.

Hamza Jeetooa plays the teenage Mustafa al-Bassam in Teh Internet Is Serious Business. Photograph: Tristram Kenton/Guardian

After watching the show, Al-Bassam, now studying computer science at university, says he didn’t find watching the depiction of himself surreal. “It’s a play based on things that happened in a chatroom. It was text typed on a keyboard. I feel like this is something new – something I never experienced.”

The hardest thing for most people unfamiliar with 4chan, trolling or Anonymous to grasp is that the worst fate that can befall participants is to have their real name attached to their online handle. People strive never to give away personal details. “Doxxing”, publishing documents to identify people, is the closest thing there is to crime in those chatrooms, yet also the stock-in-trade of many.

Why does this matter so much? Because, says Price, pseudonyms allow people to speak out, regardless of their apparent position in society. “Mustafa had a lot of ideas,” he says. “If he was identified as just a 15-year-old, he couldn’t get them across. But as Tflow, he could organise a political movement. That’s the lesson of the story.”

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Shellshock just 'a blip' says Richard Stallman as Bash bug attacks increase

First it was Heartbleed, now it’s Shellshock. Two vulnerabilities affecting many of the planet’s web users have hit widely deployed free and open source software in a matter of months.

Heartbleed brought about distrust in OpenSSL, which was designed to make websites more secure but instead opened them up to attack.

Earlier this week, Shellshock landed, allowing hackers to easily exploit many web servers that used the free and open source Bash command line shell, managed by the GNU Project.

Malicious types are now trying to exploit the flaw en masse as attempts to close off the vulnerability have failed and critics have called for greater controls over open source software, though GNU Project founder Richard Stallman told the Guardian that Shellshock will soon be deemed by the world as only “a blip”.

Bash exploits have thus far tried to place at least two different kinds of malware on vulnerable web servers, both of which seem to be creating armies of bots for future Distributed Denial of Service attacks, which typically flood website networks with traffic to take them offline, security experts have warned.

As many as 715 users, most likely victims, connected to a server controlling one of the malware variants, noted Jaime Blasco, director of AlienVault Labs. Romanian cybercriminals appear to be in control of that server, he added.

There are indications Shellshock is considerably more prevalent than initially predicted too. “Right now people are pretty much falling over themselves trying to come up with the craziest attack vector possible,” said security expert Andreas Lindh, who successfully exploited his own Buffalo Linkstation Network Attached Storage (NAS) device using the Bash bug.

The vulnerability was supposed to only affect those machines that ran Bash as their default command line interface, but mounting evidence has hinted even those using related interpreters could be exploited.

Lindh’s NAS ran Bash alternative Dash by default and a tweet from security researcher Dragos Ruiu appeared to back up Lindh’s early research. If derivatives of Bash are also vulnerable to Shellshock, this would widen the number of potential targets massively.

“We should probably not make big a fuss about that just yet, but if it turns out that some old Dash shells are also vulnerable, then consumer appliances will definitely be at risk,” Lindh added.

Bashing the Bash creator

Fingers have now pointed to the GNU Project, which spawned Bash. Critics have noted only one person has been given the job of maintaining and updating Bash, though all developers are invited to contribute to the code.

More controls are now needed to ensure future Heartbleeds and Shellshocks don’t send the world into a frenzy, they’ve argued.

“The open source fans all say that it is the best approach as anyone can check the code. Sadly it doesn’t happen like that it practice as it gets forgotten about (this problem could be 25 years old) and a lot of the older code is written in opaque languages like C, not to mention not being well structured,” said Professor Alan Woodward, security expert from the Department of Computing at the University of Surrey.

“It’s like trying to untangle 25-year-old spaghetti so not surprising it is never checked that often. These flaws are being found most often when someone notices an effect, not because they are trawling through the code.

“It is a problem and needs to be addressed or there will be more of these legacy issues come back to bite us.”

But Richard Stallman, founder of the GNU Project and the Free Software Foundation, disagrees. He believes that whilst Shellshock is evidently a big deal, like any vulnerability it will simply be a “blip” in the long-term.

Free software (don’t call it open source, there’s a difference, according to Stallman’s GNU crew) is still going to keep people safer than proprietary code, which comes with purposeful vulnerabilities, known as backdoors, he added.

“In the long term, this will be a blip, it’s patched, people will install. It will be one of thousands bugs that people will exploit,” Stallman told the Guardian. “When users control the program, they can add features and fix bugs.

“Any program can have a bug. But a proprietary program is likely to have intentional bugs, malicious functionality.”

He said the GNU Project always had just “barely enough” resources, but only because the more backing it received, the more it tried to do.

• What is the Shellshock bug? Is it worse than Heartbleed?

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Isis in duel with Twitter and YouTube to spread extremist propaganda

Propaganda operatives from Islamic State (Isis) are piggybacking on popular internet hashtags and forums to secure the widest distribution of their videos, in an increasingly devious game of cat and mouse with police and internet companies, the Guardian can reveal.

An analysis of one of the most recent Isis video distributions shows the variety of techniques being used – including latching on to the huge interest in the Scottish independence referendum – to boost distribution of their extremist material on Twitter and YouTube.

The sophisticated strategies have prompted law enforcement agencies to work closer than ever with the world’s largest tech and social media companies to try to win the propaganda war. A specialist British police squad is working with companies including Twitter and YouTube to block and delete about 1,100 pieces of gruesome content a week, which they say contravene UK terror laws. The vast majority of the material – 800 items a week – relate to Syria and Iraq.

Officers from the UK’s counter-terrorism internet referral unit (CTIRU) acknowledge they are up against a slick and fast-moving dissemination of propaganda and much of the counter-attack involves suspending Twitter accounts or taking down videos of murder, torture, combat scenes, sniper attacks and suicide missions.

Last week provided a good example of what they are up against. One of Isis’s media production units, al-Furqan, released its first video in what it described as a series of “programmes”, showing the kidnapped British photojournalist John Cantlie wearing an orange jumpsuit and addressing multiple cameras from behind a desk.

Al-Furqan is also responsible for videos of Cantlie’s fellow captives, James Foley, Steven Sotloff and David Haines, whose grisly executions were all filmed and broadcast on the internet. On Tuesday, the group released a second video of Cantlie within hours of US bombing raids on Isis territory in Iraq and Syria.

Using little-known content uploading services, anonymous text-pasting sites and multiple backup Twitter accounts, a select group of Isis operatives managed to evade administrators’ controls to spread the Cantlie video, titled Lend Me Your Ears, around the web within a few hours.

In the minutes before its launch, operatives issued tweets giving supporters a signal that something was about to be released. One account using the handle @with_baghdadi advised having at least two backup accounts in case of suspension and added: “Are you ready?”

While being uploaded to YouTube, links to the film were also put on the justpaste.it service. Run by a 26-year-old Polish graduate, the site has become a vital part of the Isis publicity machine because it allows users to post pictures and text anonymously. From there, people could go on to download Cantlie’s video message from three other websites, gulfup.com, sendspace.com and directmirror.com after typing in a long password chain, also provided by Isis members on the justpaste.it page.

Jihadi groups have realised they must reach a certain level of distribution very quickly. If their content is not spread in time and deposited in hundreds of places, they know they can be more easily controlled by staff at Twitter and YouTube.

Another propaganda operative called Abdulrahman al-Hamid asked his 4,000 followers on Twitter for the highest trending topics in the UK and popular account names they could jump on to get the required uplift. Writing in Arabic under the now-suspended handle @Abu_Laila, he wrote: “We need those who can supply us with the most active hashtags in the UK. And also the accounts of the most famous celebrities. I believe that the hashtag of Scotland’s separation from Britain should be the first.”

Replies from followers advised using #andymurray, #scotland, #scotlandindependence, #VoteNo and #VoteYes and linking to David Cameron’s twitter handle. “Please work hard to publish all the links,” Hamid urged. At the same time @With_baghdadi told Isis supporters to “invade” the #voteno hashtags “with the video of the british prisoner”.

Another Isis operative, Abu Omar al-Fateh, goaded YouTube administrators: “YouTube has started to delete some of the links for the new video. We’d like to tell you YouTube administrators that we will send you a new batch of links soon!”

In an online battle of wits, CTIRU is actively seeking out extremist material and also asking members of the public to refer any material that concerns them. Last year, the unit instigated the removal of more than 45,000 pieces of material.

YouTube, which is owned by Google, has given a number of government agencies “trusted” flagger status to prioritise their reporting of dangerous or illegal material. Twitter is not believed to have developed any official fast-track process but reporting from recognised law enforcement accounts are understood to be dealt with more seriously. During a Lords’ committee hearing in July, Twitter’s Sinéad McSweeney said it had “in excess of 100 people” working 24/7 to examine reports across a range of issues. During the same hearing, Facebook’s Simon Milner said the company’s safety team in Dublin was “consumed” by dealing with content emanating from the Syrian civil war.

A spokeswoman said the police had good working relationships with the relevant internet companies but where necessary would also use appropriate legislation in a host country in order to counter the spread of violent messages and videos.

The hashtag: a new symbol of terror? Photograph: Alamy

Counter-measures by police and security agencies appear to be having an impact. Following another of the increasingly frequent purges of scores of jihadi accounts by Twitter last week, Hamid described the action as a disaster. Tweeting on 14 September, he said: “We talked a lot about the deletion of accounts and the means of staying steadfast and to push people to continue if their accounts were deleted or suspended … We have to admit that this is a disaster and we have to be patient.”

During the operation to get the Cantlie video trending, Hamid admonished his followers for being afraid of having their accounts terminated. “The one who is worried about his account [being suspended] I say to him, ‘I swear to god there are other people willing to sacrifice themselves for their religion … You should be ashamed of yourself that your account might be attacked even 10 times.’”

Responding to Guardian questions, Fateh, who was congratulated online for uploading the Cantlie video 10 times on YouTube, refused to go into details about al-Furqan’s methods. Speaking via Twitter, he added that al-Furqan staff had “long years of experience”. He did not confirm or deny he was part of the group.

In some cases, Twitter staff appear to be suspending backup accounts as soon as they are activated, even though the new accounts have not breached rules in any obvious way. One account run by Rayat al-Tawheed, who speaks on behalf of mainly UK-origin pro-Isis fighters, had a replacement account taken down by Twitter within just a few minutes of its relaunch last Tuesday. By that point it had only issued three non-offensive tweets.

A source within the social media industry said there was a danger that relying on a policy of making content “disappear” would fail to tackle the rhetoric from global jihadis. “Just closing down an account doesn’t address the underlying narrative,” they said.

Twitter declined to reveal specific details about its operation publicly, saying: “We review all reported accounts against our rules, which prohibit unlawful use and violent threats.”

Police and security agencies are in an online game of cat and mouse with Isis. Photograph: Osman Orsal/Reuters

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

Reddit bans groups behind sharing of leaked celebrity photos

The social news platform Reddit has banned pages which allowed users to view, post and share stolen images of celebrities.

The noticeboard late Saturday took down the r/TheFappening page, and related groups, which had become major outlets for last week’s hack of hundreds of private images, many of them explicit.

The banning followed six days of huge traffic – reportedly more than 250m views – and mounting criticism that Reddit was facilitating the humiliation of Jennifer Lawrence, Kate Upton and Kirsten Dunst, among other celebrities.

The leak began on 4chan but online traffic swiftly funnelled to r/TheFappening page, which a user named Johnsmcjohn set up in response to the leak.

Reddit said it shut down the pages, sub-forums known as subreddits, to comply with requests made under the Digital Millennium Copyright Act (DMCA).

Initially moderators removed individual photos, based on each request, but users swiftly reposted images in an impossible “game of whack-a-mole”, obliging Reddit to ban the pages, it said in a statement.

“We’d execute a takedown, someone would adjust, reupload, and then repeat. This same practice was occurring with the underage photos, requiring our constant intervention … it became obvious that we were either going to have to watch these subreddits constantly, or shut them down. We chose the latter.”

Some of the leaked images, obtained when hackers broke into the cloud-based storage systems of more than 100 celebrities, include the Olympic gymnast McKayla Maroney, which would be classified as child pornography.

“Many nefarious parties recognized the popularity of these images, and started spamming them in various ways and attempting to infect or scam users viewing them,” the statement said.

It said a ban would not not solve the problem entirely but mitigate the crisis. “This was an extreme circumstance, and we used the best judgement we could in response.”

Johnsmcjohn, the user who claims to have created r/TheFappening – fap is a slang term for masturbation – lamented the halting of what he called the fastest growing subreddit in history, saying it had recorded more than 250m page views.

His team of moderators “worked their asses off” to remove images which broke Reddit’s rules, he said. “I know we aren’t going to be considered the good guys, but we worked hard to ensure reddit’s rules were followed.”

He said he believed lawyers representing Reddit’s owner, Advance Publications, which also owns Vogue publisher Condé Nast, pushed the decision.

The ban drew mixed responses. Some users questioned why the platform left other pages with offensive content, such as sex with dogs, or racist rants against African Americans in Ferguson, or calls for the massacre of Palestinians. Others accused the noticeboard of waiting until it reaped huge traffic before taking action.

Around the time the celebrity-leak pages were taken down Reddit’s CEO, Yishan Wong, fuelled confusion by posting a blog explaining why the platform would not, in fact, ban questionable subreddits.

Wong said he sympathised with the victims of the stolen images but that Reddit would not change existing site content policies.

“The reason is because we consider ourselves not just a company running a website where one can post links and discuss them, but the government of a new type of community. The role and responsibility of a government differs from that of a private corporation, in that it exercises restraint in the usage of its powers.”

Individuals, he added, were responsible for their own moral actions. “You choose what to post. You choose what to read. You choose what kind of subreddit to create and what kind of rules you will enforce. We will try not to interfere - not because we don’t care, but because we care that you make your choices between right and wrong.”

Because of the timing and vagueness Wong’s statement, many initially considered it to be a defence of the ban.

In a subsequent clarification, Reddit said circumstances changed around the time it posted the blog. “At approximately the same time, activity in that subreddit starting violating other rules we have which do trigger a ban, so we banned it.”

It apologised for the disarray. “The confusion which was generated in the community was obvious, immediate, and massive, and we even had internal team members surprised by the combination.”

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

PayPal ribs Apple Pay: 'We want our money safer than our selfies'

PayPal has taken a swipe at Apple Pay. Photograph: Frederic Sierakowski / Rex Featu/Frederic Sierakowski / Rex Featu

PayPal has struck out at new payments rival Apple Pay, the NFC-operated payment system announced during last week’s keynote speech in Cupertino, California.

The eBay-owned electronic payment platform took out a full-page advert in a number of US publications on Monday, including the New York Times, San Francisco Chronicle and USA Today.

“We the people want our money safer than our selfies. PayPal, protecting the people economy”, the advert declares.

Let's enjoy our money, not worry about it. #paypalit for a safer and more secure way to pay: http://t.co/DFAH3bqniS. pic.twitter.com/e5udR8zGBJ

— PayPal (@PayPal) September 15, 2014

While Apple is not referenced directly, PayPal is referring to the recent nude celebrity photo leak, for which security lapses in Apple’s iCloud technology were blamed.

Despite Apple’s denials that iCloud was breached, the scandal was bad timing for the company, occurring just a week before its iPhone 6 and Apple Watch launch.

The advert isn’t the first punch thrown at Apple. PayPal’s senior director of communications, Rob Skinner, told TechRadar after the Apple Pay announcement: “Nobody can dispute Apple’s strong track record, but payments is a difficult area. It’s much more difficult to do payments than to keep a live stream working!”

Jennifer Lawrence, one of the celebrities whose photos were hacked. Photograph: FREDERIC J. BROWN/AFP/Getty Images

“We’re quite surprised that Apple Pay has limited functionality. You can’t expect people just to swap their leather wallets for digital ones, you have to offer more and there is nothing to reward loyalty or provide offers or anything built in with Apple Pay”, Skinner added.

One might question the wisdom of PayPal’s attack on Apple, given its own security wobbles. Not long ago the company’s two-step verification proved fallible, and it was caught up in a phishing scam in November 2013. Parent company eBay was hacked in May this year.

PayPal is said to be frustrated at being left off Apple Pay’s list of recommended payment partners, which includes Stripe, Authorize.net, and Chase Paymentech, FirstData, TSYS – but not Braintree, the subsidiary PayPal uses. However, PayPal does allow customers to make transactions with Apple iTunes store.

• Paypal to accept bitcoin through subsidiary Braintree

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.

My sex tapes are everywhere. But I just cant bear to watch | David Mitchell

David Mitchell in Peep Show.

I notice my sex tapes are all over the internet as usual. And my premature ejaculation tape. And my shitting tape. And of course my jumping nude into a lake tape. It’s very embarrassing. One minute I upload them to 4oD for safekeeping and then suddenly they’re everywhere.

At least I’m not the only one. The last few weeks have shown how common this problem is, particularly among famous young actresses. It seems everyone gets videoed having sex these days – and then is scrupulous about backing up all the footage to the cloud. Which means that, if something happens to their computer, the data is safe and they won’t need to go through the laborious process of having sex all over again.

Or maybe they know they couldn’t recreate those images to their own satisfaction anyway. Maybe it’s footage of their younger selves shagging that they’re keen to preserve. Maybe these lays are being laid down, like port – to be appreciated decades later, perhaps to momentarily alleviate the agony of a sexless, arthritis-ridden dotage.

I suppose videoing yourself having sex is only the natural extension of everyone’s current mania for recording everything that happens to them – as if a memory is no longer adequate evidence that an event took place. The perpetual snapping and sharing which the internet and the cameraphone have colluded to bring us is much criticised. And it’s certainly annoying: millions of people online banging on about what they’re doing, endlessly illustrating their unremarkable exploits with selfies. It’s infuriating when looking at a picturesque view to see other people experience their surroundings entirely though their phones – to take something amazing and present, and reduce it, with barely a glance, to a tiny image on a screen.

It irritates me because it seems such a self-conscious way to live. But, to be fair, it’s almost always completely unselfconsciously done. It’s people like me, carping at the camcordsters, who are overthinking how life should be experienced. We’re the ones who are trying to impose our opinion of how things should be enjoyed. “Why can’t you just look at a view!?” we fume, but we never ask ourselves: “Why can’t you just let people enjoy the view in the way they want!?” Exasperated by people staring at their phones instead of the world around them, we end up staring at people staring at their phones, miss the sunset, fireworks display or penguin feeding time, and don’t even walk away with a video to watch later.

And it strikes me as odd that those complaining about the constant videoing, photographing and sharing – those shaking their heads at people’s need electronically to document their existences – are often doing so on TV, radio or in newspapers. The complainers are usually people like me, whose job gives them ample opportunities for self-expression. It seems to be people who are blessed with a superfluity of attention who are first to disparage attention-seekers.

Is this caused by a lack of empathy for those who might want to document their holiday even if a newspaper travel desk isn’t paying them to do so? Have the overly photographed forgotten how gratified they felt the first time a stranger took their picture? Or is it worse than that? Is it arrogance? Do they consider it impertinent of people who haven’t broken through into the mainstream media to attempt to leave their mark on the world? “Just because you’ve got a smartphone and Facebook account, you needn’t think you suddenly matter!”

It’s a natural human urge to assert the fact that you exist. Unless you have dangerously low self-esteem, you’ll want some people to be aware of you. That’s why schoolchildren carve their names on their desks and prisoners on their cell walls. And there’s nothing new about the selfie. It’s only technology that makes it any different from a formal Victorian photograph of an industrialist’s family, or a medieval portrait of a lord: the photographer and the artist didn’t pick their subjects, they were just the technology via which the industrialist and the lord took pictures of themselves.

While I understand and share these inclinations, my understanding runs out when it comes to attempts to immortalise a sex act. Because, as I say, I’ve done that several times and found the experience, and indeed the subsequent experience of viewing the footage, mortifying. I suppose I should clarify that, in order to make the several videos of me having sex which are available online, I did not actually have sex. They were shot as part of a TV sitcom, so there were legal obstacles to the production company requiring me and a fellow cast member to copulate. And I believe there are further legal restrictions on the televising of human genitals. Also, on a practical note, in order to shoot something to a professional standard, it is necessary to repeat the action many, many times so that it can be covered from different angles. And I’m only a normal man.

But it does look like I’m having sex. And it also looks like I’ve ejaculated in my trousers while undergoing some heavy petting in a stationery cupboard. And it completely looks like I’m experiencing epic diarrhoea. (These were separate scenes, I might add.) In general, I enjoy acting but the mornings I woke up knowing that I had to pretend to do those things, and that my physical and facial reactions might betray what I’m like when such things happen to me in real life, were not happy ones.

Then again, any of the real-life shagging I’ve been lucky enough to do has not been self-conscious. So I can cling to the hope that I make different faces, then, than I do while faking it on Peep Show. (My wife refuses to be drawn.) (So that was the end of my attempt at a medieval-style record of our wedding night.)

If you film yourself doing it for real, wouldn’t it be impossible to forget yourself in the act? Never mind actually looking at it afterwards. It would have all the horror and disappointment of hearing your own voice on an answerphone message, but to a mind-shatteringly greater extent. Everything’s trickier when you’ve observed yourself at it; how easy do you think Ed Miliband now finds it to relax while eating a bacon sandwich?

I would never condemn anyone for sticking a camcorder up before leaping aboard whoever they just met in a nightclub. But I do wonder if, having watched the tape back, they can ever do anything unselfconsciously again.

View the original article here

This post was made using the Auto Blogging Software from WebMagnates.org This line will not appear when posts are made after activating the software to full version.