August 2008 Archives

Adam Savage's talk at The Last HOPE: Fascination with the Dodo Bird
parts:  1  2  3  4  5  6  7  8  9  A  B  C
(YouTube with a great audience Q&A session)

Legendary British comedy producer Geoffrey Perkins died in a freak accident yesterday. Chances are if you watched some British comedy over the last 20 years, and liked it, Geoffrey Perkins had a hand in it.

The worst comic strip ever? Thrill to the stilted, unfunny adventures of Uncle Funny Bunny and Chumpy, brought to you by Jerry Beck, of Cartoon Research fame.

As I sent my friends home bathed in the warm glow of hog grease, I felt sure that our generation would pass the test of lard. We might not cook with it every night--natural lard is expensive and (all right, I'll admit it) deep-fried foods are often loaded with calories, no matter which fat you use. But we won't live in fear of it, either. When we want deep-fried excellence, we'll reach for the best fat for the job: lard.

MythBuster Adam Savage: 3 ways to fix U.S. science education.

Waffle Bike is a fully weaponized waffle-making machine.

Boombot.

As the health of the Dalai Lama seems uncertain, the question remains: will he be reborn this time? and, if so, where?

Facil, an open-source community based in Québec, is suing the Québec government for buying Microsoft software when free alternatives are available. Facil's press release says, in part, "From February to June 2008, FACIL has noticed sales of proprietary software for more than 25 million dollars. These purchases were made for products offered by large multinational enterprises, with no regard to suppliers in Quebec. ... While most of the developed countries have started, a few years back, migrating their technological infrastructures to Free Software, Quebec's public administration is far behind." Some applaud Facil's move. Others, not so much.

A Serbian village erecting a statue to reggae superstar Bob Marley? Sure, why not? A Bosnian town with a statue of kung-fu legend Bruce Lee? Hell, yeah! And how 'bout, say, a Serbian monument to Rocky? Er, well.. ok. But the British Museum displaying what they say is the largest gold statue built since ancient Egypt, of... Kate Moss? Um... I dunno. I prefer the Russian monument to the enema.

The aim of Self-Portrait Challenge is to create an online community of people participating in a continuous artistic self-expressive art project; self-portraiture. (images in the nude category obviously NSFW) They also participate in the Flickr: self portrait tuesday group.

Your Gmail account isn't secure. Announced at Defcon 16, Jay Beale's tool, The Middler (man-in-the-middle) to steal session ID from not only Gmail users, but LinkedIn, LiveJournal, Facebook, and presumably any site that uses a session-based cookie. Enable https permanently.

Rat Sound Systems is the original punk rock sound company. Started in LA in the early 80s, it was a stalwart of the early LA punk scene (posters: it did happen). Starting in the 1990s, Rat Sound has been supplying sound for some of rock's biggest acts. They even went corporate, with a client list including Paris Hilton. Since May 2006, founder Dave Rat, who mixes the Red Hot Chili Peppers for the audience, has been keeping a tour blog.
Those of you who (like me) are interested in audio nerdery may be interested in the Sound nerd speak section of Dave's blog. (e.g. drum fills, subs, input lists, amplifiers, the Grateful Dead's wall of sound)

You may also read about the technical evolution of sound systems, from humble beginning to the Rat Trap 5 cabinet of the 1990s and the L-Acoustics V-DOSC and Microwedge of today. Also of interest: Dave's Roadiepedia.

Steve Jobs hangs on.

They're everywhere; languishing on doorsteps, hanging out in the middle of the road, dangling off street signs, peeking out of piles of garbage, reclining in the middle of the sidewalk, riding the bus for free. London Bananas.

Mythbusters hosts Adam Savage and Jamie Hyneman demonstrate the difference between CPU and GPU by painting the Mona Lisa in 275 milliseconds using a 1100 barrel paint ball gun earlier this week at NVIDIA's NVISION 08 show.

A Comcast tech showed up at a Consumerist reader's grandad's house and totally failed to understand how their cable was set up and billed. So he called them thieves, cursed at them, and disconnected their cable. Naturally.

I come outside to witness my grandpa and the Comcast guy in a screaming match. The Comcast tech is threatening to leave and I ask "What the heck is going on?!" Well, my Grandpa starts telling me that he disconnected his cable and says we do not have a cable account with Comcast and basically accuses my Grandpa of hijacking cable. Okay, last time I checked, most 74 years old probably don't know how to hijack cable. So my Grandpa gets really upset and starts back for the house. I'm trying to find out from the Comcast tech what is going on and my Grandpa comes back out 2 seconds later with a Comcast bill in his hand. He goes to hand it to the Comcast tech and he rudely replies "Sir, I don't want to see your fucking bill. If you don't go back in your house and quit disrespecting me, I'm going to just leave."

Meanwhile, I ask my Grandpa to try and let me straighten it out and go inside for a minute because I could tell at this point he was getting really upset. So I continue to ask the guy what the hell is going on all the while he is telling me he isn't going back in the house to hook up my internet because he doesn't appreciate my Grandpa "disrespecting him". Well, from what I saw, my Grandpa didn't really deserve to get his cable turned off and treated in such a way. I finally talk him into hooking up the internet (I needed it for school as my homework is submitted online). But the issue still remains with my Grandpa's service. So I ask the tech why he thinks we don't have cable. He replies "When I look up the phone number on the account, it only shows internet, no cable television. That's a red flag mam."

It was a mass protest held outside the halls of Washington. Led, or at least it was supposed to be, by Martin Luther King Jr. (before he was assassinated) it was going to show the world the glaring divide that existed between the Rich and the Poor of America. Black, White, Red, Yellow--they all gathered from all over the US, to stay together for six weeks, outside the Capitol, and inform the public about what life in America could sometimes mean, if you were not considered economically, socially or racially acceptable. Unfortunately, the problem still persists, even today.

levelHead is a spacial memory game by artist Julian Oliver, using a hand-held solid-plastic cube as its only interface. On-screen each face of the cube contains a little room, each of which are logically connected by doors through which you guide your character. Take a look at a demonstration or build your own levelHead setup.

"In the US, there are 2,270 prisoners [report, news release, with testimonies] who were sentenced as children to life without parole. They will die behind bars. Ed Pilkington asks five of them - from a 21-year-old to a 70-year-old - how do they cope?"
Related: as of 2005, executions of prisoners for crimes committed as children is no longer permissible in the United States.

Wall Arch in Utah's Arches National Park has collapsed.

Other notable collapses in recent years:

• London Bridge, Victoria, Australia (collapsed January 1990)
• Old Man of the Mountain, Franconia Notch State Park, New Hampshire (collapsed May 2003)
• One of the Twelve Apostles, Victoria, Australia (collapsed July 2005)
• Natural Bridge in Aruba (collapsed September 2005)
• El Dedo de Dios, Gran Canaria, Canary Islands (collapsed November 2005)
• Turret of Miner's Castle, Pictured Rocks National Lakeshore, Michigan (collapsed April 2006)

Known for many musical hits such as Shaft to being the voice of Chef on South Park, Isaac Hayes has died. Let them enjoy his "Chocolate Salty Balls" in Heaven.

Yes, its political, but its funny.

Here are some of my favorite posts from the CRAFT blog this week:

• Knitting Mario Level One
• HOW TO - Bleach Stencil Placemats
• HOW TO - Bake a Guitar Hero Cake
• Felt Knobs
• Pictorial Gocco Tutorial

Dildo, just up the shore from my home town.

Bluetooth technology is great. No doubt. It provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires. However, despite its obvious benefits, it can also be a potential threat for the privacy and security of Bluetooth users.

If you are planning to gain a deeper understanding of Bluetooth security, you will need a good set of tools with which to work. By familiarizing yourself with the following tools, you will not only gain a knowledge of the vulnerabilities inherent in Bluetooth-enabled devices, but you will also get a glimpse at how an attacker might exploit them.

This hack highlights the essential tools, mostly for the Linux platform, that can be used to search out and hack Bluetooth-enabled devices.

Discovering Bluetooth Devices

BlueScanner - BlueScanner searches out for Bluetooth-enabled devices. It will try to extract as much information as possible for each newly discovered device. Download BlueScan.

BlueSniff - BlueSniff is a GUI-based utility for finding discoverable and hidden Bluetooth-enabled devices. Download BlueSniff.

BTBrowser - Bluetooth Browser is a J2ME application that can browse and explore the technical specification of surrounding Bluetooth-enabled devices. You can browse device information and all supported profiles and service records of each device. BTBrowser works on phones that supports JSR-82 - the Java Bluetooth specification. Download BTBrowser.

BTCrawler -BTCrawler is a scanner for Windows Mobile based devices. It scans for other devices in range and performs service query. It implements the BlueJacking and BlueSnarfing attacks. Download BTCrawler.

Hacking Bluetooth Devices

BlueBugger -BlueBugger exploits the BlueBug vulnerability. BlueBug is the name of a set of Bluetooth security holes found in some Bluetooth-enabled mobile phones. By exploiting those vulnerabilities, one can gain an unauthorized access to the phone-book, calls lists and other private information. Download BlueBugger.

CIHWB - Can I Hack With Bluetooth (CIHWB) is a Bluetooth security auditing framework for Windows Mobile 2005. Currently it only support some Bluetooth exploits and tools like BlueSnarf, BlueJack, and some DoS attacks. Should work on any PocketPC with the Microsoft Bluetooth stack. Download CIHWB.

Bluediving - Bluediving is a Bluetooth penetration testing suite. It implements attacks like Bluebug, BlueSnarf, BlueSnarf++, BlueSmack, has features such as Bluetooth address spoofing, an AT and a RFCOMM socket shell and implements tools like carwhisperer, bss, L2CAP packetgenerator, L2CAP connection resetter, RFCOMM scanner and greenplaque scanning mode. Download Bluediving.

Transient Bluetooth Environment Auditor - T-BEAR is a security-auditing platform for Bluetooth-enabled devices. The platform consists of Bluetooth discovery tools, sniffing tools and various cracking tools. Download T-BEAR.

Bluesnarfer - Bluesnarfer will download the phone-book of any mobile device vulnerable to Bluesnarfing. Bluesnarfing is a serious security flow discovered in several Bluetooth-enabled mobile phones. If a mobile phone is vulnerable, it is possible to connect to the phone without alerting the owner, and gain access to restricted portions of the stored data. Download Bluesnarfer.

BTcrack - BTCrack is a Bluetooth Pass phrase (PIN) cracking tool. BTCrack aims to reconstruct the Passkey and the Link key from captured Pairing exchanges. Download BTcrack.

Blooover II - Blooover II is a J2ME-based auditing tool. It is intended to serve as an auditing tool to check whether a mobile phone is vulnerable. Download Blooover II.

BlueTest - BlueTest is a Perl script designed to do data extraction from vulnerable Bluetooth-enabled devices. Download BlueTest.

BTAudit - BTAudit is a set of programs and scripts for auditing Bluetooth-enabled devices. Download BTAuding.

What's next? Let everyone know to disable Bluetooth until they really need it. Additionally, make sure to update your phone software on a regular basis.