Patrick O'Neill writes: A common configuration mistake in Apache, the most popular Web server software in the world, can allow anyone to look behind the curtains on a hidden server to see everything from total traffic to active HTTP requests. When an hidden service reveals the HTTP requests, it's revealing every file—a Web page, picture, movie, .zip, anything at all—that's fetched by the server. Tor's developers were aware of the issue as early as last year but decided against sending out an advisory. The problem is common enough that even Tor's own developers have made the exact same mistake. Until October 2015, the machine that welcomed new users to the Tor network and checked if they were running up-to-date software allowed anyone to look at total traffic and watch all the requests.
hypnosec writes: In what has been claimed to be the first use of gene editing technique CRISPR for replacement of a defective gene associated with a sensory disease, researchers have repaired a genetic defect that causes blindness. The research that led to successful editing of defective genes responsible for retinitis pigmentosa (RP) – an inherited condition that causes the retina to degrade and leads to blindness in at least 1.5 million cases worldwide – was carried out using stem cells derived from a patient's tissue. Published in Scientific Reports, the study paves the way for using CRIPSR therapeutically to treat eye diseases.
Jim Henson's Muppet Babies further expanded the Muppet lore and showed us why Kermit, Fozzie, Scooter, Gonzo and the rest of the gang are such close friends.
But there was one cute little Muppet who disappeared right after Muppet Babies went off the air in 1991- Scooter's twin sister Skeeter.
Skeeter was cute, bubbly and much bolder than Scooter, an empowering figure for little girls who was never seen outside of that animated nursery.
So why was Skeeter resigned to the animated realm, denied that signature fleece and foam Muppet body she deserves?
In Duluth, Minnesota on February 13th, a frozen Lake Superior breaks into layers upon layers of ice shards up to three inches thick. This mesmerizing footage was captured from Brighton Beach by Duluth resident Dawn LaPointe of Radiant Spirit Gallery. Via Twisted Sifter
Bell released information about the new Bell Star racing helmet last October, which has some incredible new features that make it the most important helmet to be released in decades. This new video for it explains more of the features and, more importantly, has some insanely beautiful riding shots.
This new music video from the electro-rocker band Saverne is a great blend of Mad Max-style post-apocalyptic stuff with psychedelic strangeness. It reminds me a bit of The Gone Away World by Nick Harkaway.
by Freddy "Tavarish" Hernandez on The Garage, shared by Patrick George to Jalopnik
Having a car designated as a sleeper is no new thing. In fact, there are plenty of factory-made cars that fit the bill, even more so with a quick de-badging. However, the real sleepers out there, the cars you would never expect to be powerful, are some of the most interesting automotive marvels in the world. Here’s possibly the most insane one I’ve ever seen.
by Sean MacDonald on Lanesplitter, shared by Patrick George to Jalopnik
The custom motorcycle scene can often feel not very “custom,” with so many bikes looking like the same versions of one another. But every once in a while, we come across one that is so different or better, it stops us dead in our tracks. Such is the case with this Revival Cycles BMW Landspeeder.
by Patrick George on Black Flag, shared by Patrick George to Jalopnik
Wendell Scott was fast, but nothing came easy for him racing in the 1950s, ‘60s and ‘70s. Scott was the first race-winning black driver at NASCAR’s highest level, which then as now had a tremendous Southern following—but one that made clear that it didn’t want him there at all.
by Sean MacDonald on Lanesplitter, shared by Patrick George to Jalopnik
The funny thing about custom motorcycles is how often they end up looking so similar. When MotoCorsa, the top selling Ducati dealership in the nation, was asked to be a part of Ducati’s Custom Rumble contest, they wanted to put the “custom” back in custom. Meet the Hello Kitty-themed Scrambler, and boy is it... different.
Manhattan's Metropolitan Correctional Center has a special wing, 10-South, in which terrorism suspects who have been kidnapped from foreign territories are imprisoned and tortured in secret, before being given secret trials and lengthy sentences.
(more…)
In January 2015, security researcher and beloved, prolific geek Michael "Hackerjoe" Hamelin died in a head-on collision that also hospitalized his widow, Beth Hamelin.
(more…)
You have to see the Swincar in action to appreciate what we're dealing with here, it's sort of a spider suspension ATV, ... sort of. It has pendulum suspension, which means the main body swings within the wheels. Traveling across a slope the body remains vertical while the wheels adapt to the hill. Turning rapidly, […]
There is gulf between how people believe law to work (from watching TV shows like Law and Order) and how law actually works. You lawyer people know what I'm talking about. It's laughable.
The same is true of cyber: there's a gulf between how people think it works and how it actually works.
This Lawfare blogpost thinks it's come up with a clever method to get their way in the crypto-backdoor debate, by making carriers like AT&T responsible only for the what ("deliver interpretable signal in response to lawful wiretap order") without defining the how (crypto backdoors, etc.). This pressure would come in the form of removing current liability protections they now enjoy for not being responsible for what customers transmit across their network. Or as the post paraphrases the proposal:
Don’t expect us to protect you from liability for third-party conduct if you actively design your systems to frustrate government efforts to monitor that third-party conduct.
The post is proud of its own smarts, as if they've figured out how to outwit mathematicians and redefinepi (π). But their solution is nonsense, based on a hopelessly naive understanding of how the Internet works. It appears all they know about the Internet is what they learned from watching CSI:Cyber. The Internet is end-to-end. End-to-end is the technology shift that made the Internet happen, as compared to alternative directions cyberspace might have taken.
What that means is AT&T doesn't encrypt traffic. Apple's iPhone don't encrypt traffic. Instead, it's the app installed on the phone that does the encryption. Neither AT&T nor Apple can stop encryption from happening.
You think that because most people use iMessage or Snapchat, that all you have to do is turn the screws on them in order to force them to comply with backdoors. That won't work, because the bad guys will stop using those apps and install different encrypted apps, like Signal. You imagine that it's just a game of wack-a-mole, and eventually you'll pressure all apps into compliance. But Signal is open-source. If it disappeared tomorrow, I'd still have a copy of the source, which I can compile into my own app I'll call Xignal. I'll continue making encrypted phone calls with my own app. Even if no source existed today, I could write my own source within a couple months to do this. Indeed, writing an encrypted chat app is typical homework assignment colleges might assign computer science students. (You people still haven't come to grips with the fact that in cyberspace, we are living with the equivalent of physicists able to whip up a-bombs in their basements).
Running arbitrary software is a loose end that will defeat every solution you can come up with. It's math. The only way forward to fix the "going dark" problem is to ban software code. But that you can't do without destroying the economy and converting the country into a dystopic, Orwellian police state.
You think that those of us who oppose crypto backdoors are hippies with a knee-jerk rejection of any government technological mandate. That's not true. The populists at the EFF love technological mandates in their favor, such as NetNeutrality mandates, or bans on exporting viruses to evil regimes (though they've recently walked back on that one).
Instead, we reject this specific technological mandate, because we know cyber. We know it won't work. We can see that you'll never solve your "going dark" problem, but in trying to, you'll cause a constant erosion of both the economic utility of the Internet and our own civil liberties.
I apologize for the tone of this piece, saying you are stupid about cyber, but that's what it always comes down to. The author of that piece has impressive Washington D.C. think-tanky credentials, but misfires on the basic end-to-end problem. And all think-tanky pieces on this debate are going to happen the same way, because as soon as they bring technologists in to consult on the problem, their desired op-eds become stillborn before anybody sees them.
Note: I get the π analogy from a tweet by @quinnorton, I don't know who came up with analogy originally.
In 2013, Ana Biocini called the Oakland police because she'd heard a noise and thought there might be an intruder in the house. When the police arrived, they handcuffed her brother, Hernan Jaramillo, "without any lawful reason or justification," dragged him 20 feet down the sidewalk, threw him facedown into the ground, and three officers knelt on him while he begged for breath. The 51 year old man died at the scene.
Filmmaker Alessandro Bavari's 2010 short "METACHAOS" is a gorgeous and surreal film about "the most tragic aspects of the human nature and of its motion, such as war, madness, social change and hate."
(more…)
The trend of making schools "safe places" to protect students from feeling uncomfortable is a bad idea, says Teller, the silent member of the magic comedy duo Penn and Teller, and a former schoolteacher. Here's a snip from an essay in The Atlantic:
And if Shakespeare (or Catullus or Vergil) makes students uncomfortable? That’s a good thing, Teller said. Learning, like magic, should make people uncomfortable, because neither are passive acts. Elaborating on the analogy, he continued, “Magic doesn’t wash over you like a gentle, reassuring lullaby. In magic, what you see comes into conflict with what you know, and that discomfort creates a kind of energy and a spark that is extremely exciting. That level of participation that magic brings from you by making you uncomfortable is a very good thing.”
As we were on the subject of discomfort I asked Teller what he thinks of schools’ efforts to protect students from discomfort as they learn through censoring teachers’ content and requirements for trigger warnings. For the first time in our conversation, Teller illustrated the power of his trademark silence, and the line went quiet.
Just as I’d begun to think we’d been disconnected, he replied,
“When I go outside at night and look up at the stars, the feeling that I get is not comfort. The feeling that I get is a kind of delicious discomfort at knowing that there is so much out there that I do not understand and the joy in recognizing that there is enormous mystery, which is not a comfortable thing. This, I think, is the principal gift of education.”
Earlier this month, Ben "and Jerry's" Cohen spitballed with an MSNBC reporter about his idea for a Bernie Sanders ice-cream flavor: "Bernie's Yearning," a pint of mint with a disk of solid chocolate on the top, representing the fortunes of the 1%. Before you eat it, you use a spoon to smash the wealth and distribute it evenly through the pint.
(more…)
by Sean MacDonald on Lanesplitter, shared by Patrick George to Jalopnik
Transcontinental speed runs
mean glory for some, but I think they’re terrible ideas. They’re dangerous and expensive, and that’s before factoring in possible trouble with the law. That’s when they’re done with four wheels—to do one on two is ludicrous. But Carl Reese, no stranger to transcontinental records in his Tesla, just did that on a bike. Here’s how.
Take a gander at the updated-for-the-21st-century incarnation of the Scooby-Doo character “Shaggy”, pictured below on the left, and a real-life hipster, pictured below on the right:
He looks just like the guy I buy my artisanal fair trade cold-brew coffee from!
I’m sure a lot of Gen Xers will be crying foul at this development. I, however, don’t mind. There’s nothing wrong with updating a kids’ property like Scooby-Doo to make it relevant to today’s kids (who never knew a world without broadband internet and smartphones), as long as the underlying premise of Scooby-Doo remains intact:
![I searched my .bash_history for the line with the highest ratio of special characters to regular alphanumeric characters, and the winner was: cat out.txt | grep -o "[[(].*[])][^)]]*$" ... I have no memory of this and no idea what I was trying to do, but I sure hope it worked.](http://imgs.xkcd.com/comics/backslashes.png "I searched my .bash_history for the line with the highest ratio of special characters to regular alphanumeric characters, and the winner was: cat out.txt | grep -o \"[[(].*[])][^)]]*$\" ... I have no memory of this and no idea what I was trying to do, but I sure hope it worked.")
