February 9, 2014

“A car is a mini network … and right now there’s no security implemented”

Filed under: Technology — Tags: , , , — Nicholas @ 11:48

Driving your car anywhere soon? Got anti-hacking gear installed?

Spanish hackers have been showing off their latest car-hacking creation; a circuit board using untraceable, off-the-shelf parts worth $20 that can give wireless access to the car’s controls while it’s on the road.

The device, which will be shown off at next month’s Black Hat Asia hacking conference, uses the Controller Area Network (CAN) ports car manufacturers build into their engines for computer-system checks. Once assembled, the smartphone-sized device can be plugged in under some vehicles, or inside the bonnet of other models, and give the hackers remote access to control systems.

“A car is a mini network,” security researcher Alberto Garcia Illera told Forbes. “And right now there’s no security implemented.”

Illera and fellow security researcher Javier Vazquez-Vidal said that they had tested the CAN Hacking Tool (CHT) successfully on four popular makes of cars and had been able to apply the emergency brakes while the car was in motion, affect the steering, turn off the headlights, or set off the car alarm.

The device currently only works via Bluetooth, but the team says that they will have a GSM version ready by the time the conference starts. This would allow remote control of a target car from much greater distances, and more technical details of the CHT will be given out at the conference.

March 13, 2013

Follow-up on the LAPD’s pickup truck shooting spree

Filed under: Law, Liberty, USA — Tags: , , , , , — Nicholas @ 12:16

Remember this gem of a story from last month? At the time, Jon (my former virtual landlord) strongly suggested I park my Toyota Tacoma in the garage just to avoid being targeted by random police “marksmen”.

Pickup shooting by LAPD

Here’s the follow-up that only makes the story that much more ridiculous:

“LAPD and Galpin Ford wanted [the women] to pose for a photo opportunity and pay income tax on the truck,” the NBC report reads, citing Jonas. “The women no longer want the truck after they were told they needed to fill out a 1099 form for the donation.”

For those of you who don’t know that a 1099 form is, it’s for tax form for “miscellaneous income.”

“You tried to murder the woman, now you’re telling her she can’t have a four-wheel drive, you’re telling her she can’t sell it and you’ve got to be taxed on it?” Jonas said. “How would anyone react to that?”

“Jonas plans on filing a government claim, which is a precursor to any lawsuit filed against a government agency. He said he felt the truck was being touted as a ‘reward or prize’ instead of a sincere gesture by the LAPD,” NBC 4 News notes:

I can’t improve on the comment Jon sent along with this link: “At this rate, I am surprised that the LAPD has not tried to bill the women for the 100+ rounds of ammunition.”

February 11, 2013

“I don’t want to use the word buffoonery but it really is unbridled police lawlessness”

Filed under: Law, Liberty, USA — Tags: , , , , — Nicholas @ 08:57

There’s more than a little bit of “explaining” due from the LAPD over these incidents:

David Perdue was on his way to sneak in some surfing before work Thursday morning when police flagged him down. They asked who he was and where he was headed, then sent him on his way.

Seconds later, Perdue’s attorney said, a Torrance police cruiser slammed into his pickup and officers opened fire; none of the bullets struck Perdue.

His pickup, police later explained, matched the description of the one belonging to Christopher Jordan Dorner — the ex-cop who has evaded authorities after allegedly killing three and wounding two more. But the pickups were different makes and colors. And Perdue looks nothing like Dorner: He’s several inches shorter and about a hundred pounds lighter. And Perdue is white; Dorner is black.

“I don’t want to use the word buffoonery but it really is unbridled police lawlessness,” said Robert Sheahen, Perdue’s attorney. “These people need training and they need restraint.”

That incident is pretty bad, and thank goodness that David Perdue wasn’t shot in the Keystone Kops re-enactment. In this earlier incident, however, the innocent civilians didn’t get off without injury:

As the vehicle approached the house, officers opened fire, unloading a barrage of bullets into the back of the truck. When the shooting stopped, they quickly realized their mistake. The truck was not a Nissan Titan, but a Toyota Tacoma. The color wasn’t gray, but aqua blue. And it wasn’t Dorner inside the truck, but a woman and her mother delivering copies of the Los Angeles Times.

Pickup shooting by LAPD

In an interview with The Times on Friday, LAPD Chief Charlie Beck outlined the most detailed account yet of how the shooting unfolded. Margie Carranza, 47, and her mother, Emma Hernandez, 71, were the victims of “a tragic misinterpretation” by officers working under “incredible tension,” he said. Just hours before, Dorner allegedly shot three police officers, one fatally. And, in an online posting authorities attributed to him, Dorner threatened to kill more police and seemed to take responsibility for the slaying over the weekend of the daughter of a retired LAPD captain and her fiance.

Beck and others stressed that the investigation into the shooting is in its infancy. They declined to say how many officers were involved, what kind of weapons they used, how many bullets were fired and, perhaps most important, what kind of verbal warnings — if any — were given to the women before the shooting began.

H/T to Jon, my former virtual landlord, for the links to both articles and the urgent advice “You might want to park the Tacoma in the garage for awhile”.

August 8, 2012

How British libel laws work (and why Jimmy Wales is wrong about them)

Filed under: Britain, Law, Media — Tags: , , , , — Nicholas @ 09:54

Tim Worstall explains that Jimmy Wales misunderstands what British libel laws really mean for publishers (and bloggers) in other countries:

The libel law of England and Wales is rather different from many other countries, yes. It’s a lot harder to defend against a charge there, damages are higher than in most other jurisdictions and so on. However, that isn’t the important point. What drags you into that jurisdiction is not where your servers are. Nor where the people who prepared the material, where it was uploaded nor where the company is located. What matters is where was the person reading it located?

Please note, this applies to us all. In all jurisdictions the result is the same. It applies to corporate websites, to blogs, to Wikipedia, to everyone. It is a generally accepted legal rule that publication of digital information takes place where it is read, not where it is “published”. The general logic is that at one point there is a copy on the server somewhere. Then, someone downloads it into a browser window in order to read it. At this time there are two copies, on in the browser, one on the server. This creation of a second copy is therefore publication. And that publication takes place in the jurisdiction of the reader, not anywhere else.

[. . .]

Thus Wikipedia not having servers in the UK, not being a UK corporation or charity, does not protect it from English libel laws. None of us are so protected from them, we are liable under them if as and when someone in England and Wales reads our pages.

[. . .]

But as I say, it is still true that jurisdiction on the internet depends upon where the reader is, not the producer or the servers. It’s not a happy thought that we’re now subject to 200 off legal jurisdictions every time we post something but it is true.

July 9, 2012

The Wonderful World of Drones

Filed under: Government, Humour, Military, USA — Tags: , , — Nicholas @ 14:21

A lot of people look at these modern marvels and see automated soulless flying death-dealers that spy on all our private lives. You can trust me when I say, those people are communists.

H/T to Mike Riggs for the link.

May 15, 2012

The Singularity, ruined by lawyers

Filed under: Humour, Law, Liberty, Media — Tags: , , , , — Nicholas @ 00:26

Credit to Tom Scott. H/T to Michael O’Connor Clarke.

November 29, 2011

Megan McArdle: Barney Frank will be missed

Filed under: Economics, Government, USA — Tags: , , — Nicholas @ 09:29

Yeah, read that title again. She’s not kidding at all:

Guess which Democrat now becomes the ranking member on the financial services committee? That’s right, none other than our favorite batty aunt, Maxine Waters. The woman who, during a major hearing with the cameras on her, asked the heads of Goldman Sachs and State Street bizarre questions about how they set the limits on their consumer credit cards*. She asked Ken Lewis, the head of Bank of America, a question about “offshore loss mitigation caps” (a term of which I — and also, clearly, Ken Lewis — had never heard) that was so bizarre — and garbled — that he was flummoxed into silence; he sat there squirming like a third grader being picked on by the teacher.

When he finally got the courage to ask what she meant, it became clear that Maxine Waters had no idea what she meant; I assume she’d either taken hasty and incomplete notes when her staffers briefed her about what to ask, or had flubbed reading the question, and couldn’t bring herself to admit on C-SPAN that she hadn’t really bothered preparing for the hearing to the extent, of, say, familiarizing herself with the institutions whose heads she was grilling, or actually bothering to understand the questions she was going to ask. It was kind of hilarious, until you realized that this was her job, and that she voted on critical financial regulatory questions.

Nor is this an isolated pattern; every time I see Maxine Waters at a hearing I know that the questions are going to be bizarre, and that Congresswoman Waters will make them even stranger with garbled readings and off-topic follow-ups.

* If I actually have to tell you this, these financial institutions do not really deal with consumers, much less their credit cards. I’m not picking on you — you have an excuse. You’re not a member of the financial services committee.

October 29, 2011

The Halloween fun-snatchers

Filed under: Randomness, Religion — Tags: , , , , , — Nicholas @ 11:43

Tristin Hopper has a scary list of all the folks who are out to prevent any fun from happening this October 31st:

This Halloween, some Barrie, Ont., elementary students will not go to school dressed as witches, goblins or zombies — but in simple shades of orange and black. The dress code is “an effort to respect the diverse value of … families,” according to a letter sent out by one school.

Similar ”orange-and-black” days have been decreed around Ottawa schools this year by parents and teachers. In parts of Quebec, costumes are permitted — but junk food restrictions have barred teachers and administrators from distributing candy to students.

[. . .]

Since the 1970s, Halloween fears have mostly involved tainted treats; razor blades in apples and chocolate bars injected with rat poison. Spooked by rumours of sabotaged Halloween candy, dozens of municipal councils enacted trick-or-treating bans, and home-baked treats quickly became a quaint relic. But to date, the only confirmed case of tainted Halloween candy occurred in 1974 when Houston dad Ronald Clark O’Bryan murdered his eight-year-old son as part of a life insurance scam by spiking a package of Pixy Stix with cyanide.

[. . .]

Halloween’s pagan origins have earned it official scorn from most major religions, and when trick-or-treaters come to the door of Calgary-area pastor Paul Ade, they walk away not with candy, but with a Bible.

Mr. Ade is the founder of JesusWeen, a Christian alternative to Halloween gaining traction in Canada, the United States and the U.K. Instead of chocolate bars and lollipops, JesusWeen participants hand out Bibles, pieces of scripture or other Christian-themed gifts. JesusWeen participants can even dress up — although as superheroes and princesses rather than witches or ghosts. “We as Christians believe in life, not death,” Mr. Ade explains.

[. . .]

In the United States, religious calls to ban Halloween reached a boiling in the 1990s as a retaliation to efforts by the American Civil Liberties Union to scrub any mention of religion from the school system. In 1989, a small county in Florida banned Halloween on the grounds that it was a pagan religious holiday. By century’s end, dozens of school boards across the country had followed suit. Anti-Halloween sentiment soon spread to Canada. In 1998, three Thunder Bay Catholic schools banned Halloween for promoting “evil” values.

May 28, 2011

Feeling optimistic about peoples’ common sense?

Filed under: Humour, Media, Technology — Tags: , , — Nicholas @ 00:15

A few visits to this site will quickly disabuse you of that feeling.

It’s how some folks on Facebook react to stories from The Onion as if it was real news.

May 3, 2011

The lawfare threat to bloggers (and anyone else who posts on the web)

Filed under: Law, Liberty, Media, Technology — Tags: , , , — Nicholas @ 18:15

Box Turtle Bulletin lays out the details of a very disturbing development:

By providing blockquotes, we let the source material speak for itself without any inadvertent inaccuracies or biases which may creep in if we were to paraphrase it. And by providing links, we allow you, the reader, to click through for more information. Of course, we cannot copy the source material in its entirety, nor can we copy major portions of it. That would violate copyright laws, which is a very serious issue. But copyright laws do allow us to copy small portions of source material for commentary and discussion purposes.

As I said, copyright laws — or more specifically, copyright lawsuits — are serious business. And now, three newspaper chains have discovered that filing copyright lawsuits can become yet another profit center. The problem is, their definition of copyright infringement not only contradicts copyright law, but also poses a serious threat to bloggers and other online outlets everywhere.

Righthaven LLC is a copyright holding company which acquires “rights” to newspaper content after finding the content published on other web sites without permission, and files lawsuits against those web site. Righthaven was created as a partnership with Stephens Media, publisher of the Las Vegas Review-Journal, and their business model rests entirely on suing web site owners and operators for extravagant “damages” as a shakedown exercise. (“Rights” are in quotes, because, contrary to what is required under copyright law, Righthaven doesn’t actually acquire any legitimate copyright “rights,” which is yet another problem with their business model.) Two other newspaper chains, WEHCO Media and Media News Group have entered into agreements with Righthaven to split the profits from lawsuits stemming from their respective newspapers’ contents.

The three newspaper chains partnering with Righthaven represent some very important voices in the newspaper industry, including the Las Vegas Review-Journal, Denver Post, Salt Lake Tribune, San Jose Mercury News, Oakland Tribune, St. Paul Pioneer Press, Detroit News, El Paso Times, Arkansas Democrat-Gazette, and Charleston Daily Mail.

I had already heard that the Las Vegas Review-Journal had some unusual views on quoting from their website, so I’ve avoided using that site for years. I didn’t know that the St. Paul Pioneer Press had also adopted that highly restrictive view of copyright, and they were one of the newspapers I read regularly for Minnesota Vikings information. I’m going to have to avoid quoting from them, however. Here is how Box Turtle Bulletin will be handling the situation in future:

And so to protect ourselves and this web site, we will no longer cite any content from Denver Post, Las Vegas Review-Journal, Salt Lake Tribune, or any of the other news sources listed no linkhere. There will be no links, no blockquotes, nothing. For the most part, it will be as if these sources simply don’t exist.

But if it happens that, for example, the Denver Post has an exclusive story that no one else has, we will do what the Associated Press does whenever the New York Times breaks a story. We will write about the story by paraphrasing the Post’s article, but we will not quote from it or provide a link to it — just like the Associated Press does. There will be however one tweak from standard AP practice: we will provide a link, but it will be to an explanation as to why there is no link. It will look something like this:

     “The Denver Post (no link) reports blah, blah, blah…”

H/T to Walter Olson for the link.

May 2, 2011

I think I’ll hold off on buying a PlayStation for a little while longer

Filed under: Gaming, Technology — Tags: , , , — Nicholas @ 09:17

I actually was considering buying a PS3 in the near future, as our existing Blu-Ray player doesn’t play nicely with Netflix, while my domestic gaming advisor tells me that PS3’s do. Sony’s security problems are enough to give me pause:

“It’s really scary,” said Marsh Ray, a researcher and software developer at two-factor authentication service PhoneFactor, who fleshed out the doomsday scenario more thoroughly on Monday. “It’s justification for Sony freaking out. They could lose control of their whole PS3 network.”

Ray’s speculation is fueled in part by chat transcripts that appear to show unknown hackers discussing serious weaknesses in the PSN authentication system. In it, purported hackers going by the handles trixter and SKFU discuss how to connect to PSN servers using consoles with older firmware that contain bugs susceptible to jailbreaking exploits, even though Sony takes great pains to prevent that from happening.

“I just finished decrypting 100% of all PSN functions,” SKFU claimed.

There’s no evidence the participants had anything to do with the massive security breach that plundered names, addresses, email addresses, passwords and other sensitive information from some 77 million PSN users. But the log did raise questions about the security of the network, since it claimed it was possible to fool the PSN’s authentication system into permitting rogue consoles.

On this reading, arrogance on the part of Sony executives, and complacency on the part of developers and testers are key elements of the security failure:

“If you can’t jailbreak it, then I can see a developer assuming that they don’t need a particular authorization check on what’s coming across the wire because a user can’t do that,” said WhiteHat Security CTO Jeremiah Grossman, an expert in web application security. “So if somebody managed to jailbreak their device and pop a flaw, I can see something major happening there.”

Hotz, the PS3 jailbreaker who recently settled the copyright lawsuit Sony brought against him, said in a recent blog post that the theory is plausible and that responsibility for the hack lay squarely on the shoulders of Sony executives who placed too much trust in the invulnerability of the PS3.

“Since everyone knows the PS3 is unhackable, why waste money adding pointless security between the client and the server?” Hotz, aka GeoHot, wrote. “This arrogance undermines a basic security principle, never trust the client. Sony needs to accept that they no longer own and control the PS3 when they sell it to you.”

April 14, 2011

From supercar to superscrap

Filed under: Europe, Germany, Technology — Tags: , — Nicholas @ 12:15

This is what it looked like before the owner’s son took it for a drive:

And this is after the drive got stopped a bit early:

The good news is that the driver and passenger were able to walk away from the wreck, leaving £275,000 of scrap metal behind.

February 18, 2011

Red light cameras

Filed under: Government, Law — Tags: , , — Nicholas @ 00:03

Some frightening footage of traffic accidents from a few years ago, posted to one of the mailing lists I’m moderately active on.

Note that most of these accidents would not be prevented by red light cameras: you can’t stop inattentive idiots from being idiots just by taking photos of the license plate on the vehicle. However, several of the accidents could have been avoided if the non-infringing drivers were a bit more attentive. Dennis Lippert responded to this video and the pro-red light camera fans thusly:

As usual, the majority of the crashes on the video probably would have been avoided if the “innocent” driver had been paying attention to his surroundings. Proving, again, that driving is not to be taken lightly… not to be done while texting… or talking… or doing anything else, really…

I’m all for this sort of camera… just a video overview of the intersection… which can be used to let law enforcement see what happened after a crash.

I’m staunchly against red-light-cameras as they’ve been implemented as revenue devices…. from which some 75% of the revenue comes from folks who innocently slipped thru a red-light a second or so after it changed… and before the cross traffic started into the intersection.

It has been proven that lengthening the yellow light by a second
decreases the incidence of red-light-running by something like 50%
per second of extra time…

Red-light-cameras will not stop the folks who simply aren’t paying attention at all… or who are wantonly disobeying. All they do is generate revenue from harmless slight-offenders.

Since they generally sent most of the profits to the company that
installs the system, rather than to the municipality, this makes
perfect sense. More tickets = more money. So the systems are designed for maximum revenue… not optimal safety.

As Dennis points out, red light cameras are like speed traps in that they’re revenue generators first and only public safety enforcement a distant second.

December 6, 2010

Reindeer determined to shed that pesky “child-friendly” reputation

Filed under: Britain, Randomness — Tags: , , — Nicholas @ 09:12

Joe Fay reports on an unpleasant meeting between rambler and reindeer:

Children are advised to hide under the duvet if they hear sleighbells this Christmas Eve, after it emerged that reindeers appear to have developed a taste for human flesh.

The reindeer’s ability to transform from Santa’s little helper to ravening maneater was illustrated by the tale of a 57-year-old woman who was subjected to a terrifying two-hour assault from a juvenile male last month.

Pat Cook was walking in the Cromdale Hills near Grantown-on-Spey when the juvenile bull separated himself from the rest of the UK’s only reindeer herd and began stalking her.

As she reached the summit of the hill, he pounced, knocking her to the ground.

Cook told The Scotsman: “One of my walking poles was thrown into the air. The reindeer kept trying to stick its antlers into me, but I managed to brace my feet on them.”

You’d really better watch out!

November 12, 2010

New book for kids about to fly for the first time

Filed under: Humour, Liberty — Tags: , , , , — Nicholas @ 09:33

Mark Frauenfelder has the book to give to your child before going to the airport:

Got to start ’em early . . . by the time they’re full-grown, they’ll accept any intrusion from government officials as a matter of course.

The original version (in French) is here.

Older Posts »

Powered by WordPress