An Indian certificate authority in the Microsoft root of trust has been caught issuing fake Google subdomain certificates that would allow nearly undetectable eavesdropping on “secure” connections to services like Google Docs. Read the rest
See the original post:
Fake Google subdomain certificates found in the wild
Allison writes, “The Barcelona Supercomputing Center is not only gorgeous with its soaring ceilings, it also was an instrumental site for developing modern microchip technology.” Read the rest
View post:
Supercomputing center in a beautiful, deconsecrated church
How do you package a protein bar made from cricket flour? Here’s how . Exo raised $54.9K on Kickstarter last summer, as a pair of Brown roommates took their senior year project to the next level, trying to come up with a sustainable protein source, along with help from molecular gastronomy superstar Heston Blumenthal. The packaging was designed by New York’s Tag Collective .
In Post-Industrious Society: Why Work Time will not Disappear for our Grandchildren , researchers from Oxford’s Centre for Time Use Research argue that there has been a radical shift in the relationship between leisure, work and income. Where once leisure time was a mark of affluence, now it is a marker for poverty. The richer you are, the more likely you are to work long hours; while the poorer you are, the fewer hours you are likely to work every week. The researchers theorise multiple causes for this. Poor people are more likely to be underemployed and unable to get the work-hours they want (and need) to support themselves. Rich people are likely to work in jobs that disproportionately advance and reward workers who put in overtime, so a 10% increase in hours worked generates more than 10% in expected career-gains. They also claim that rich workers are more likely to be satisfied with their jobs, but I’m skeptical of this — I think that relative to unskilled workers doing at-will 0-hours temp work whose every move is constrained and scripted by their employers, this is probably true, but I don’t think that the white-collar world is producing a lot of people who think that their work is meaningful and rewarding. In today’s advanced economies things are different. Overall working hours have fallen over the past century. But the rich have begun to work longer hours than the poor. In 1965 men with a college degree, who tend to be richer, had a bit more leisure time than men who had only completed high school. But by 2005 the college-educated had eight hours less of it a week than the high-school grads. Figures from the American Time Use Survey, released last year, show that Americans with a bachelor’s degree or above work two hours more each day than those without a high-school diploma. Other research shows that the share of college-educated American men regularly working more than 50 hours a week rose from 24% in 1979 to 28% in 2006, but fell for high-school dropouts. The rich, it seems, are no longer the class of leisure. There are a number of explanations. One has to do with what economists call the “substitution effect”. Higher wages make leisure more expensive: if people take time off they give up more money. Since the 1980s the salaries of those at the top have risen strongly, while those below the median have stagnated or fallen. Thus rising inequality encourages the rich to work more and the poor to work less. Nice work if you can get out [The Economist] ( via /. ) ( Image: Lonely Hammock , Micky Zlimen, CC-BY-SA )
Taken from:
Having leisure time is now a marker for poverty, not riches
Alan sez, “According to various media reports ( e.g. BBC ) the technology subreddit has scrubbed its moderator team after users discovered that the sub was holding a secret censorship list of banned words that included ‘National Security Agency’, ‘GCHQ’, ‘Anonymous’, ‘anti-piracy’, ‘Bitcoin’, ‘Snowden’, ‘net neutrality’, ‘EU Court’, ‘startup’ and ‘Assange’. On its face, this looks like a list of politicized terms, and blocking them looks like a highly political and partisan act — for example, by blocking “net neutrality,” then stories that are critical of network discrimination would be blocked, while straight news stories that overwhelmingly quoted corporate spokespeople using uncritical terms would make the front door. More charitably, it may have been the act of overworked (and ultimately irresponsible) moderators to simply ban hot-button topics altogether. Here’s the Reddit post that outed /r/technology’s moderators. Once the news got publicized, the moderator team did a ‘U turn’ and removed the auto-deletion software, as well as booting the mods responsible for it in the first place. Still, as the BBC story notes, the technology sub is no longer “featured”, meaning it doesn’t appear in the subreddits that are promoted to new users and appear on the front page. Reddit downgrades technology community after censorship [BBC] ( Thanks, Alan ! )
Excerpt from:
Reddit’s /r/technology demoted over scandal of secret censorship that blocked Internet freedom stories
Zentai (short for “zenshintaitsu,” Japanese for “full body suit”) is a largely obscure Japanese subculture whose adherents go out wearing full-body patterned spandex suits that cover their faces. In a relatively unsensational article in the Japan Times, Harumi Ozawa talks to a few zentais about their hobby, and learns that for some proponents, being completely covered is a liberating experience. The zentais in the article describe the suit as an anonymizer that frees them from the judging gaze of society, which is a fascinating study in contradictions, since the suits undoubtably attract lots of judgmental looks, but these seem to adhere to the suit without penetrating to the wearer within. Some zentais wear their suits in superhero fashion, and do good deeds in public, while others wear the suits for sexual kicks. They are often mocked in Japanese pop culture. One academic cited in the article believes that the wearers use the suits to hide their appearance in order to force others to deal with their “true” underlying identity. By night, she dresses in a skin-tight, all-in-one Spandex body suit that covers everything — including her eyes — and sits in bars, alone but liberated, she believes, from the judgment of others. “With my face covered, I cannot eat or drink like other customers,” said the woman, who is in her 20s and says her name is Hokkyoku Nigo (North Pole No. 2). “I have led my life always worrying about what other people think of me. They say I look cute, gentle, childish or naive,” she said, her lips ruffling the tight, red shiny material. “I always felt suffocated by that. But wearing this, I am just a person in a full body suit.” ‘Zentai’ fans search for identity in fetish suits [Harumi Ozawa/Japan Times] ( via JWZ ) ( Image: Zentai.jpg , MonkeyMyshkin, CC-BY )
View original post here:
Zentai: full-body masked spandex subculture from Japan
Once again, the “piracy-stricken” motion picture association has had a banner year , with box office revenue breaking all records (as they’ve done in most recent years). The biggest gains this year come from China — a market condemned by the studios as a hive of piracy. Some of the best news in the report is that American movies are seeing success in China, which has become the first international market to reach more than $3 billion in movie sales. The Chinese enthusiasm for US-produced movies comes despite the fact that China continues to restrict the number of foreign-made films that can be released in theaters to 34 imports a year. But the country at the top of the MPAA’s sales charts is also at the top of its piracy target list. Last year, the MPAA placed China on the list of the “most notorious” markets for distributing pirated movies and TV shows. As reported by the LA Times , MPAA spokesperson Michael O’Leary has explained: The criminals who profit from the most notorious markets through the world threaten the very heart of our industry and in doing so threaten the livelihoods of the people who give it life. These markets are an immediate threat to legitimate commerce, impairing legitimate markets’ viability and curbing US competitiveness. Despite prolific piracy, China’s increase in sales has been positively “meteoric,” MPAA chief Chris Dodd said at a press conference yesterday , noting a 27 percent increase. Piracy notwithstanding, MPAA enjoys a “very strong year”—again [Joe Silver/Ars Technica]
More:
Motion picture industry continues to stagger under piracy with mere record-breaking income
Developers from the Replicant project (a free Android offshoot) have documented a serious software back-door in Samsung’s Android phones , which “provides remote access to the data stored on the device.” They believe it is “likely” that the backdoor could provide “over-the-air remote control” to “access the phone’s file system.” At issue is Samsung’s proprietary IPC protocol, used in its modems. This protocol implements a set of commands called “RFS commands.” The Replicant team says that it can’t find “any particular legitimacy nor relevant use-case” for adding these commands, but adds that “it is possible that these were added for legitimate purposes, without the intent of doing harm by providing a back-door. Nevertheless, the result is the same and it allows the modem to access the phone’s storage.” The Replicant site includes proof-of-concept sourcecode for a program that will access the file-system over the modem. Replicant has created a replacement for the relevant Samsung software that does not allow for back-door access. Samsung Galaxy devices running proprietary Android versions come with a back-door that provides remote access to the data stored on the device. In particular, the proprietary software that is in charge of handling the communications with the modem, using the Samsung IPC protocol, implements a class of requests known as RFS commands, that allows the modem to perform remote I/O operations on the phone’s storage. As the modem is running proprietary software, it is likely that it offers over-the-air remote control, that could then be used to issue the incriminated RFS messages and access the phone’s file system. …The incriminated RFS messages of the Samsung IPC protocol were not found to have any particular legitimacy nor relevant use-case. However, it is possible that these were added for legitimate purposes, without the intent of doing harm by providing a back-door. Nevertheless, the result is the same and it allows the modem to access the phone’s storage. However, some RFS messages of the Samsung IPC protocol are legitimate (IPC_RFS_NV_READ_ITEM and IPC_RFS_NV_WRITE_ITEM) as they target a very precise file, known as the modem’s NV data. There should be no particular security concern about these as both the proprietary implementation and its free software replacement strictly limit actions to that particular file. Samsung Galaxy Back-door
See more here:
Samsung Galaxy back-door allows for over-the-air filesystem access
To clarify, the @HSCIC story that’s coming is, I believe, infinitely worse than patient hospital records being uploaded to Google BigQuery — ben goldacre (@bengoldacre) March 3, 2014 PA Consulting, a management consulting firm, obtained the entire English and Welsh hospital episode statistics database and uploaded it to Google’s Bigquery service . The stats filled 27 DVDs and took “a couple of weeks” to transfer to Google’s service, which is hosted in non-EU data centres. This is spectacularly illegal. The NHS dataset includes each patient’s NHS number, post code, address, date of birth and gender, as well as all their inpatient, outpatient and emergency hospital records. Google’s Bigquery service allows for full data-set sharing with one click. The news of the breach comes after the collapse of a scheme under which the NHS would sell patient records to pharma companies, insurers and others (there was no easy way to opt out of the scheme, until members of the public created the independent Fax Your GP service ). According to researcher and epidemiologist Ben Goldacre, this story is just the beginning: there’s an “infinitely worse” story that is coming shortly. Sarah Wollaston, who is also a family doctor and Conservative backbencher, tweeted: “So HES [hospital episode statistics] data uploaded to ‘google’s immense army of servers’, who consented to that?” The patient information had been obtained by PA Consulting, which claimed to have secured the “entire start-to-finish HES dataset across all three areas of collection – inpatient, outpatient and A&E”. The data set was so large it took up 27 DVDs and took a couple of weeks to upload. The management consultants said: “Within two weeks of starting to use the Google tools we were able to produce interactive maps directly from HES queries in seconds.” The revelations alarmed campaigners and privacy experts, who queried how Google maps could have been used unless some location data had been provided in the patient information files. NHS England patient data ‘uploaded to Google servers’, Tory MP says [Randeep Ramesh/The Guardian] ( via Charlie Stross )
Read this article:
Full NHS hospital records uploaded to Google servers, "infinitely worse" story to come
The Medieval Unicode Font Initiative has a collection of glyphs and type elements that they’d like to see added to Unicode to make it simpler to represent medieval writing on the Web. ( via O’Reilly Radar )
View the original here:
Medieval Unicode