![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1361161,00.html?track=NL-102&ad=713930&asrc=EM_NLN_8630517&uid=608727
Are we really surprised about this? o.O We've always known that SSNs are allocated by states:
http://genealogy.about.com/od/social_security/a/numbers.htm
http://www.ssa.gov/history/ssn/geocard.html - hell, the government tells us what the next two numbers are likely to be.
And if you know the order that the last four digits are assigned, then knowledge of their birthday and birth time, along with the knowledge of the number of surrounding birth times could give you a good guess as to what someone's SSN might be. :P
Are we really surprised about this? o.O We've always known that SSNs are allocated by states:
http://genealogy.about.com/od/social_security/a/numbers.htm
http://www.ssa.gov/history/ssn/geocard.html - hell, the government tells us what the next two numbers are likely to be.
And if you know the order that the last four digits are assigned, then knowledge of their birthday and birth time, along with the knowledge of the number of surrounding birth times could give you a good guess as to what someone's SSN might be. :P
W00t! Nokia LD-1W GPS!
Jun. 13th, 2009 12:23 pmSo I wandered over to Goodwill yesterday, because they have a 50% off all non-barcode items and picked up a Nokia LD-1W. That's a bluetooth GPS unit. Checking Amazon, prices are at $60-something. I got it for $2. Probably because no one knew how to test it.. or even what it was.
Took me a while to adapt a car Nokia charger to a 12V AC-DC unit to charge the poor thing, but it charged overnight and I got it working this morning.
Got it to sync with my macbook pro:
1) Ran the bluetooth setup assistant
2) added it as "Any Device"
3) Passkey was 0000. The normal.
4) Then I configured it's serial ports, with "RS-232" as the Protocol and "SPP-GPS" (the only choice) as the Service.
Ran Kismac. It recognized it immediately and showed pretty graphs of what satelites the GPS unit had found.
Then I downloaded, compiled, and installed GPSd. And grabbed Google Earth and gps2geX (a gps to google earth tool). Started up GPSd: sudo /usr/local/sbin/gpsd -b -n -N -D 1 /dev/tty.NokiaLD-1W-SPP-GPS-1
and started gps2geX. Opened Google Earth and hit the "open in google earth" button in gps2geX and saw my location. Yay!
Only problem: I don't really have a use for this, unless I go wardriving or geocache hunting... :\
Took me a while to adapt a car Nokia charger to a 12V AC-DC unit to charge the poor thing, but it charged overnight and I got it working this morning.
Got it to sync with my macbook pro:
1) Ran the bluetooth setup assistant
2) added it as "Any Device"
3) Passkey was 0000. The normal.
4) Then I configured it's serial ports, with "RS-232" as the Protocol and "SPP-GPS" (the only choice) as the Service.
Ran Kismac. It recognized it immediately and showed pretty graphs of what satelites the GPS unit had found.
Then I downloaded, compiled, and installed GPSd. And grabbed Google Earth and gps2geX (a gps to google earth tool). Started up GPSd: sudo /usr/local/sbin/gpsd -b -n -N -D 1 /dev/tty.NokiaLD-1W-SPP-GPS-1
and started gps2geX. Opened Google Earth and hit the "open in google earth" button in gps2geX and saw my location. Yay!
Only problem: I don't really have a use for this, unless I go wardriving or geocache hunting... :\
Re: Projector awesomeness.
Feb. 9th, 2009 12:02 amhttp://pics.livejournal.com/ibneko/gallery/0001rsb8
So I decided to see how big of an image I could throw. There's the result.
It's about 8 feet wide. That means it's the equivalent of a good 110+ inch TV. There is a Canada Dry can set against the wall, on the lower-left corner of the image. When I took this picture, my computer wasn't set up correctly at the time, so actual coverage area is probably wider by a foot.
The problem with this setup? If I really want to use it, I'll need to either arrange a more comfortable chair next to the microwave... or.... I dunno. Also, my DVI to HDMI cable is short. And the positioning of the projector (and lack of nearby table space) makes picking a permanent laptop placement position difficult.
I'm going to pick up Halo 3 tomorrow and see how/if image quality changes when I plug in the XBox (using Component Video, I guess? I don't think it comes with the HDMI plug... I might have to invest in the adaptor/cable?).
So I decided to see how big of an image I could throw. There's the result.
It's about 8 feet wide. That means it's the equivalent of a good 110+ inch TV. There is a Canada Dry can set against the wall, on the lower-left corner of the image. When I took this picture, my computer wasn't set up correctly at the time, so actual coverage area is probably wider by a foot.
The problem with this setup? If I really want to use it, I'll need to either arrange a more comfortable chair next to the microwave... or.... I dunno. Also, my DVI to HDMI cable is short. And the positioning of the projector (and lack of nearby table space) makes picking a permanent laptop placement position difficult.
I'm going to pick up Halo 3 tomorrow and see how/if image quality changes when I plug in the XBox (using Component Video, I guess? I don't think it comes with the HDMI plug... I might have to invest in the adaptor/cable?).
http://blogs.law.harvard.edu/zeroday/2008/11/28/federal-judge-holds-that-people-can-not-be-identified-by-ip-address/
HAH! Take that, you stupid... ::mutters off::
-----
Also, this is interesting:
http://blog.plover.com/misc/license-plates.html
Essentially, if you use a combination of 1 (one), I (upper case i), l (lower case L), you could theoretically make it kinda hard to positively identify your car by license plate. Similarily, 0 (zero) and O (upper case o) would do the same. It's a little harder, but 2 and Z may also do the same.
HAH! Take that, you stupid... ::mutters off::
-----
Also, this is interesting:
http://blog.plover.com/misc/license-plates.html
Essentially, if you use a combination of 1 (one), I (upper case i), l (lower case L), you could theoretically make it kinda hard to positively identify your car by license plate. Similarily, 0 (zero) and O (upper case o) would do the same. It's a little harder, but 2 and Z may also do the same.
Amusements
Jun. 19th, 2008 02:01 amUnix Express: Split into three operating companies.
Linux Cooperative:
All passengers bring a piece of the aeroplane and a box of tools with them to the airport. They gather on the tarmac, arguing constantly about what kind of plane they want to build and how to put it together. Eventually, the passengers split into groups and build several different aircraft, but give them all the same name. Some passengers actually reach their destinations. All passengers believe they got there.
Apple Airlines:
The terminal is neat and clean, the attendants are attractive, the pilots very capable, the planes are beautiful, and you always reach the correct destination... unfortunately they have a fairly small fleet, most planes have no baggage compartment or overhead storage, and the seats aren't adjustable. Frequent Apple fliers are known to attack anyone who suggests that these are important features.
Legacy Express:
The terminal is neat and clean, albeit in an "industrial" style. You have to choose your plane ahead of time, because different planes only fly to different cities, and if your luggage doesn't match your plane you need to hire a baggage consultant to adjust it to fit. But the planes are fast, efficient, and always arrive on time or even ahead of schedule.
Windows Airlines:
The terminal is very neat and clean, with security barriers every few meters. The attendants are attractive, even if it's kind of creepy how much they want to "help" (especially in the restrooms). The pilots are allegedly very capable, though nobody ever sees them and there's an armed guard by the cockpit door. The fleet of jets it operates are immense. Your jet takes off without a hitch, pushing above the clouds, and at 20,000 feet a message pops up on the seat back in front of you asking "Should this plane explode now?".
Some idiot always answers "Yes"
-http://scarydevil.com/~peter/io/airlines.html
Leopard/10.5.2 A2DP bluetooth support!
May. 19th, 2008 09:11 pmAwesomeness!
I've just discovered that at some point, Apple added A2DP bluetooth support.
That means I can use my Logitech bluetooth headset (comes with a 3.5" jack -> bluetooth "wireless").
Mmmm, there's some audio pops and crackles... :\ Still, much coolness.
Now if only I could sync my iPhone with bluetooth.
I've just discovered that at some point, Apple added A2DP bluetooth support.
That means I can use my Logitech bluetooth headset (comes with a 3.5" jack -> bluetooth "wireless").
Mmmm, there's some audio pops and crackles... :\ Still, much coolness.
Now if only I could sync my iPhone with bluetooth.
http://www.eff.org/action/bordersearch
There's links that'll help you send a generic e-mail to your local congressperson, and/or help you locate their phone number.
So go, e-mail. Help keep our deep dark secrets private.
There's links that'll help you send a generic e-mail to your local congressperson, and/or help you locate their phone number.
So go, e-mail. Help keep our deep dark secrets private.
...and encrypting+hiding data too large to store online.
-http://www.theregister.co.uk/2008/05/01/electronic_searches_at_us_borders/
I need to get TrueCrypt working. But I've heard some questionable, "things will crash and data will get lost" things about the initial mac release.
TrueCrypt, from what I've read, is supposed to let you encrypt things as well as hide them in harmless looking files. Pain in the ass though... At least I don't think I'm crossing the border anytime soon...
Now that US customs agents have unfettered access to laptops and other electronic devices at borders, a coalition of travel groups, civil liberties advocates and technologists is calling on Congress to rein in the Department of Homeland Security's search and seizure practices. They're also providing practical advice on how to prevent trade secrets and other sensitive data from being breached.
In a letter dated Thursday, the group, which includes the Electronic Frontier Foundation (EFF), the American Civil Liberties Union and the Business Travel Coalition, called on the House Committee on Homeland Security to ensure searches aren't arbitrary or overly invasive. They also urged the passage of legislation outlawing abusive searches.
The letter comes 10 days after a US appeals court ruled Customs and Border Protection (CBP) agents have the right to rummage through electronic devices even if they have no reason to suspect the hardware holds illegal contents. Not only are they free to view the files during passage; they are also permitted to copy the entire contents of a device. There are no stated policies about what can and can't be done with the data.
-http://www.theregister.co.uk/2008/05/01/electronic_searches_at_us_borders/
I need to get TrueCrypt working. But I've heard some questionable, "things will crash and data will get lost" things about the initial mac release.
TrueCrypt, from what I've read, is supposed to let you encrypt things as well as hide them in harmless looking files. Pain in the ass though... At least I don't think I'm crossing the border anytime soon...
Grrr... stupid movie companies...
Apr. 24th, 2008 08:54 pmApparently my MacBook Pro has a LG GSA-S10N running firmware AP09.
And there's no region free firmware patch for it yet.
Damnit.
I've got... 4 region changes left, according to DVD Info X.
Going to explore my other options first though*. And grrr, rpc1.org site is offline / down / otherwise unavailable.
*
-class computer lab has a few external DVD drives, 'cause we needed to install linux, and the distro came as a DVD, and the blade servers we got to play with only had CD drives.
-homebuilt desktop computer. Don't know if it's region free right now. :\ Disadvantage of that is that I'll need to find good DVD ripping software for windows. Anyone have any suggestions?
W00t, lab external usb DVD drive appears to work.
===
http://www.google.com/search?num=100&hl=en&client=safari&rls=en-us&q=site%3Arpc1.org+GSA-S10N&btnG=Search
From what I'm reading, there's some sort of RPC2 Auto Reset patch. And maybe there's a RPC1 patch, but I'm not sure about that.
And there's no region free firmware patch for it yet.
Damnit.
I've got... 4 region changes left, according to DVD Info X.
Going to explore my other options first though*. And grrr, rpc1.org site is offline / down / otherwise unavailable.
*
-class computer lab has a few external DVD drives, 'cause we needed to install linux, and the distro came as a DVD, and the blade servers we got to play with only had CD drives.
-homebuilt desktop computer. Don't know if it's region free right now. :\ Disadvantage of that is that I'll need to find good DVD ripping software for windows. Anyone have any suggestions?
W00t, lab external usb DVD drive appears to work.
===
http://www.google.com/search?num=100&hl=en&client=safari&rls=en-us&q=site%3Arpc1.org+GSA-S10N&btnG=Search
From what I'm reading, there's some sort of RPC2 Auto Reset patch. And maybe there's a RPC1 patch, but I'm not sure about that.
FBI trapping downloaders of illegal porn
Mar. 21st, 2008 01:49 amThis is slightly disturbing. Apparently, the FBI posted fake links advertising child pornography and recorded all of the IP addresses that access those links. And then when around raiding houses.
slashdot link:
http://yro.slashdot.org/article.pl?sid=08/03/20/2323247&from=rss
Responses by some security guys:
http://www.grumpysecurityguy.com/fbi-csrf-and-jail-how-to-get-someone-raided/
Original news article:
http://www.news.com/8301-13578_3-9899151-38.html?tag=nefd.lede
Why is it disturbing? As the article states: "The implications of the FBI's hyperlink-enticement technique are sweeping. Using the same logic and legal arguments, federal agents could send unsolicited e-mail messages to millions of Americans advertising illegal narcotics or child pornography--and raid people who click on the links embedded in the spam messages. The bureau could register the "unlawfulimages.com" domain name and prosecute intentional visitors. And so on."
And also, there are ways to trick a browser into loading images and links. If I can control content on a page, I can easily use all sorts of ways to force your browser to load another site. http://en.wikipedia.org/wiki/Cross-site_request_forgery, http://en.wikipedia.org/wiki/Cross-site_scripting, and basic head/meta-redirects would work. So essentially, if I knew about the FBI site, and I had an enemy, I could make a webpage that would automatically redirect their browser to load from the FBI honeypot link. And then said enemy would get a lovely visit from the FBI. So while said target did not intentionally click the link, they still get into trouble . . . .
===
In other tech news:
http://hardware.slashdot.org/article.pl?sid=08/03/20/1620204&from=rss
MD wants to make it a crime carrying up to 3 years imprisonment and a $1000 fine for using someone else's wireless connection.
The best slashdot comment is as follows:
slashdot link:
http://yro.slashdot.org/article.pl?sid=08/03/20/2323247&from=rss
Responses by some security guys:
http://www.grumpysecurityguy.com/fbi-csrf-and-jail-how-to-get-someone-raided/
Original news article:
http://www.news.com/8301-13578_3-9899151-38.html?tag=nefd.lede
Why is it disturbing? As the article states: "The implications of the FBI's hyperlink-enticement technique are sweeping. Using the same logic and legal arguments, federal agents could send unsolicited e-mail messages to millions of Americans advertising illegal narcotics or child pornography--and raid people who click on the links embedded in the spam messages. The bureau could register the "unlawfulimages.com" domain name and prosecute intentional visitors. And so on."
And also, there are ways to trick a browser into loading images and links. If I can control content on a page, I can easily use all sorts of ways to force your browser to load another site. http://en.wikipedia.org/wiki/Cross-site_request_forgery, http://en.wikipedia.org/wiki/Cross-site_scripting, and basic head/meta-redirects would work. So essentially, if I knew about the FBI site, and I had an enemy, I could make a webpage that would automatically redirect their browser to load from the FBI honeypot link. And then said enemy would get a lovely visit from the FBI. So while said target did not intentionally click the link, they still get into trouble . . . .
===
In other tech news:
http://hardware.slashdot.org/article.pl?sid=08/03/20/1620204&from=rss
MD wants to make it a crime carrying up to 3 years imprisonment and a $1000 fine for using someone else's wireless connection.
The best slashdot comment is as follows:
I will never, EVER understand how the following counts as "stealing wireless access":
1) I broadcast my SSID. (Here's a wireless connection world! LOOK OVER HERE FOR IT!!!)
2) User asks, "Can I connect?" (IP address requested.)
3) I say, "Sure you can connect." (IP address loaned.)
4) YOU STEAL MY WIRELESS!!!!!!!
Ok, I guess I should do it as a car analogy:
1) I put out a sign, "I will let you borrow my car."
2) You ask, "Can I borrow your car?"
3) I say, "Yes, and here are the keys."
4) YOU STOLE MY CAR!!!!!
Oooh, toys! (RF jammer and TV-B-Gone kit)
Nov. 26th, 2007 06:03 pmA self-tuning portable RF (cellphone) jammer:
http://www.ladyada.net/make/wavebubble/
And they're opening up TV-B-Gone as "open source" and selling kits now. (presale)
http://www.tvbgone.com/cfe_tvbg_buy.tvbgkit.php
http://www.ladyada.net/make/wavebubble/
And they're opening up TV-B-Gone as "open source" and selling kits now. (presale)
http://www.tvbgone.com/cfe_tvbg_buy.tvbgkit.php
A whole different "Day of Silence"
Jun. 24th, 2007 01:04 amhttp://www.savenetradio.org/
There will be a whole different "Day of Silence" this 26th of June, 2007.
Due to planned increase in royalty rates, many internet radio stations (or, streaming music stations... whatever you wish to call them), like DI.FM, Japan-a-radio (whee, streaming anime music and J-pop!) may get shut down.
To quote:
Source article
There will be a whole different "Day of Silence" this 26th of June, 2007.
Due to planned increase in royalty rates, many internet radio stations (or, streaming music stations... whatever you wish to call them), like DI.FM, Japan-a-radio (whee, streaming anime music and J-pop!) may get shut down.
To quote:
If the rates are left unchanged, virtually all independent webcasters will be bankrupted and most larger parent companies would logically shut down their Internet radio divisions through the end of the 2005-10 period.
Source article
Woah. That's spiffy...
May. 14th, 2007 12:35 amI can center-click (third mouse button) on a youtube video, which brings up a "Save FLV to download folder" option. o.O Quite spiffy. Not too sure what I installed to give me that option, but it beats keepvid.
::nudges![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif)
porsupah:: Do you have it too? (that is, if you have a mouse with a clickable middle button/third button/whatnot)
::nudges
porsupah:: Do you have it too? (that is, if you have a mouse with a clickable middle button/third button/whatnot)I'm still some 2-3 weeks behind in my readings. 50 pages. And each page goes rather slowly. Damn material for being so difficult. Stupid P/N junctions. At least stuff does makes sense. Mostly.
Back to the apartment now to finish ECE410 homework. ::whimpers:: Maybe I should just conveniently forget about the J-net barcrawl tomorrow. I'm supposed to go though, being an officer and all that. And it does still leave me with enough time to finish the reading. I'm just scared. (ECE440 exam's on thusday, 4 PM. ECE410 homework's due at 5 tomorrow, biweekly quiz at 7 PM on thusday.) Ugh. Then the rest of the time thursday night/friday morning will go towards the draft due friday... oh, wait, that's been pushed back to "e-mail TA by 5 PM". :\ Still would rather get it done before then, so I can sleep and work on Highbrow for the remainder of the afternoon. I like that plan.
Meditation is helping. Kinda. Not absurdly stressed. We think.
--
On a whole other note, I've come to the conclusion that I failed when I put my PC together - I have an AMD Athelon 3700+, and idle temps around 60ÂșC, which, from what I can tell, seems to be pretty high. I'm pretty sure I put way too much thermal conductive stuff when I first put it together... So I've gone and purchased Arcticlean and Arctic Silver, with plans to clean and reapply the conductive stuff between the processor and the heatsink. May also lap the heatsink (following http://www.techpowerup.com/articles/cooling/air/39), although that would mean an extra trip somewhere to pick up sandpaper.
So question for the people who are more familiar with systems building: What do I need to remember/keep an eye on when I redo the thermal stuff?
Back to the apartment now to finish ECE410 homework. ::whimpers:: Maybe I should just conveniently forget about the J-net barcrawl tomorrow. I'm supposed to go though, being an officer and all that. And it does still leave me with enough time to finish the reading. I'm just scared. (ECE440 exam's on thusday, 4 PM. ECE410 homework's due at 5 tomorrow, biweekly quiz at 7 PM on thusday.) Ugh. Then the rest of the time thursday night/friday morning will go towards the draft due friday... oh, wait, that's been pushed back to "e-mail TA by 5 PM". :\ Still would rather get it done before then, so I can sleep and work on Highbrow for the remainder of the afternoon. I like that plan.
Meditation is helping. Kinda. Not absurdly stressed. We think.
--
On a whole other note, I've come to the conclusion that I failed when I put my PC together - I have an AMD Athelon 3700+, and idle temps around 60ÂșC, which, from what I can tell, seems to be pretty high. I'm pretty sure I put way too much thermal conductive stuff when I first put it together... So I've gone and purchased Arcticlean and Arctic Silver, with plans to clean and reapply the conductive stuff between the processor and the heatsink. May also lap the heatsink (following http://www.techpowerup.com/articles/cooling/air/39), although that would mean an extra trip somewhere to pick up sandpaper.
So question for the people who are more familiar with systems building: What do I need to remember/keep an eye on when I redo the thermal stuff?
HD DVD encryption hacked?
Feb. 14th, 2007 02:25 amProcessing Key?
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
http://forum.doom9.org/showthread.php?p=952954#post952954 / http://forum.doom9.org/showthread.php?p=952968#post952968
[ top of the thread ]
News post on the Register: http://www.theregister.com/2007/02/14/aacs_hack/ ...
--
Yeah, uh, I haven't been following the news/details on how the encryption works, so uh... don't ask me. (That's why things have "?" after them - I'm not entirely sure of my terminology or if things really are hacked...)
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
http://forum.doom9.org/showthread.php?p=952954#post952954 / http://forum.doom9.org/showthread.php?p=952968#post952968
[ top of the thread ]
News post on the Register: http://www.theregister.com/2007/02/14/aacs_hack/ ...
Forum participants continue to debate the implications of arnezami's handiwork. What's known for sure is that his hack unlocks the encryption used to protect content on every Blu-ray and HD DVD disc released to date. Several participants have downplayed the significance of the discovery, reasoning that it could be undermined in the future if the keys are changed or revoked.
--
Yeah, uh, I haven't been following the news/details on how the encryption works, so uh... don't ask me. (That's why things have "?" after them - I'm not entirely sure of my terminology or if things really are hacked...)
Canadian developers will next month release a tool to bypass government-enforced restrictions on web browsing in countries like China, Syria and Iran.
The University of Toronto has developed the Citizens Lab software in the hope that government internet censorship can be effectively circumnavigated.
-http://www.theregister.com/2006/11/28/psiphon_bypass_censors/
http://psiphon.civisec.org/
I'm in favor of the idea. And it's open source. Hurrah!
The University of Toronto has developed the Citizens Lab software in the hope that government internet censorship can be effectively circumnavigated.
-http://www.theregister.com/2006/11/28/psiphon_bypass_censors/
http://psiphon.civisec.org/
I'm in favor of the idea. And it's open source. Hurrah!
spam, The Rainstorm(s) of 2006.
Jun. 27th, 2006 02:54 amSpammers launched a huge number of directory harvesting emails over recent days in an apparent attempt to update their email databases. The attack, which lasted several days, peaked on Sunday, 18 June when web security firm BlackSpider intercepted 109 times more of these malicious emails than it normally intercepts.
The flood of emails, used by spammers to collect valid email addresses, originated from a botnet of more than 90,000 compromised PCs, or 'spambots'. Directory harvesting emails are continuing to circulate but in far fewer numbers. Emails that formed part of the attack contained little or no text and were simply used to verify that email address were valid in cases where email servers didn't reject emails. Junk mail lowlifes then used the addresses in their own campaigns or sold verified lists on at a premium to other spammers.
...(more: http://www.theregister.com/2006/06/26/directory_harvest_attack/)
---
I've forgotten about this song. :: purrs::
---
Washington Post has pictures of the effects of our insane (and awesome) rain storms as of late: http://www.washingtonpost.com/wp-dyn/content/gallery/2006/06/26/GA2006062600733_index_frames.htm?startat=undefined (link may not work. If it doesn't, check the Washington Post homepage.)
[append]
Huh, looking at those pictures, I guess we were lucky. We didn't see anything that bad, although we certainly did see our backyard turn into a river of sorts, water at least 4 inches deep in places. A similar river formed in the common area behind our backyard. And both rivers merged into our neighbor's backyard to form a lake. The water flowing past our driveway in the front of the house splashed up possibly a foot, as it hit the other curb of our driveway. Kinda sucks that I just realized that I should have taken picture ^^;; Won't see this again, probably. Unless the weather system really does stay stuck over our area. I wouldn't mind that all too much, honestly, but it would be annoying for others. We'll see.
