Just gorgeous photos that show just how much you can actually do with an iPhone’s camera.
Category: Links
Can we medicalize our relationships that much more? Perhaps. Should we? Probably not. Will that stop us? Unlikely.
By setting up honeypots in the Tor network, Guevara Noubir, a professor from the College of Computer and Information Science at Northeastern University, and Amirali Sanatinia, a PhD candidate also from Northeastern, discovered an armada of Tor hidden service directories that are spying on dark web sites. These modified nodes allow whoever is behind them—perhaps law enforcement, hackers or other researchers—to find the addresses of sites that are supposed to be secret. The pair will be presenting their research at the Def Con hacking conference in August.
People who want to hunt out dark web sites “go through the code and do the modifications to be able to log the .onions, and then visit them,” Noubir told Motherboard in a phone call.
Cops could do this to find new child pornography sites, or hackers to hunt fresh targets. Noubir pointed out that there are plenty of companies that sell dark web intelligence too, so perhaps they could be setting up HSDirs.
The Tor network is amongst the most secure ways of browsing the Internet anonymously. But this research demonstrates that using the service doesn’t guarantee your anonymity.
Overwatch is, without a doubt, the spiritual successor to Team Fortress 2. And part of what makes the new game so much fun is how aggressive Blizzard is toward cheating: if you’re caught you’re banned for life.
Apparently a glitch has been found that lets players crash servers, and they are crashing them when they or their team are losing badly. Blizzard’s response has been to identify the persons responsible and ban their accounts, thus meaning that the rest of us can happily play to win or lose without worrying that the session is going to drop because of some hyper-competitive spoilsport.
According to researcher Dmytro Oleksiuk aka Cr4sh, the erroneous code exploits the 0day privileges escalation vulnerability in Lenovo’s BIOS. This bug allows users to exploit the flash write protection, disabling of UEFI Secure Boot, Virtual Secure Mode and Credential Guard on most Windows Enterprise powered Lenovo PCs. And this is just a small list of possible evil things that can be executed using this vulnerability.
Another serious vulnerability. I wonder: how many of the vulnerable BIOSes will actually be updated versus those that will remain permanently vulnerable to this kind of attack? And doesn’t the persistence of new vulnerabilities speak the failure of manufacturers to secure end point devices, thus obviating some government concerns surrounding the encryption of communications?
But researchers from two-factor authentication service Duo Security told Ars that an estimated 37 percent of all the Android phones that use the Duo app remain susceptible to the attack because they have yet to receive the patches. The lack of updates is the result of restrictions imposed by manufacturers or carriers that prevent end users from installing updates released by Google.
Beyond hacks, Beniamini said the design makes it possible for phone manufacturers to assist law enforcement agencies in unlocking an encrypted device. Since the key is available to TrustZone, the hardware makers can simply create and sign a TrustZone image that extracts what are known as the keymaster keys. Those keys can then be flashed to the target device.
And double yikes: do we now need to get phone manufacturers to release transparency reports that indicate whether they’ve compromised devices after receiving requests to do so from law enforcement agencies?
Following the passage of Canada’s Bill C-51 which, amongst other things, was intended to heighten information sharing amongst federal agencies, CSIS apparently expected to receive more information from Canadian diplomats abroad. Government Affairs Canada (GAC), however, has largely refused to share information with the security intelligence on grounds that CSIS’ actions could lead to the abuse of Canadians or those with whom Canada has a significant relationship. Moreover, the current Liberal government’s assertions it will be modifying C-51 has meant that GAC is unwilling to significantly share information until further clarity is provided with regards to the legislation.
Articles like this are helpful in reminding people that government is composed of competing institutions. And these institutions tend to focus on their own interests, first, which can promote significant conflict between the different parts of government. The reporting also showcases that even after bad legislation is passed that there are a host of ways in which authorizing legislation may be stopped or inhibited.
Mark Bylok has done a real service for the world. He investigated the quality of the Crown Royal Northern Harvest Rye. He’s concluded that while some bottles are of exceptional quality there are production problems, meaning that bottles can vary significantly in taste and quality.
The variation in taste is so significant that some bottles don’t even taste like they came from the same distillery. While this isn’t necessarily surprising given the cost of the bottle it does indicate that the bottle on which the ‘best whiskey of the year’ article was written is unlikely to like the bottle that you have resting on a shelf at home.
Categories
Obama After Dark: The Precious Hours Alone
Obama’s style of presidency has been the focus of many, many articles over the years. This piece by the New York Times does an exceptional job revealing just how important it is for him to have time set aside for himself: unlike other presidents who often relied on human contact to keep them energized it seems that President Obama needs to retreat and just be let alone to work or relax. And it’s a credit to the people he keeps close to him that this time is carved out, while also showcasing that even when you’re the most powerful person in the world it is possible to have a work tempo fit to your style, as opposed to one that is driven purely by the work itself.
This is a terrific project. I look forward to seeing it develop further, assuming that there is more location information to be added. I seriously wish that WotC would get their acts together and produce equivalent maps for their paying customers; I’d kill for a map like this for Faêrun!
Excited Pixels 