X-Geek

Extreme geekiness

There are 699 posts filed in X-Geek (this is page 23 of 70).

The Problem with Facebook


Larry Lessig shared a video from Derek Muller of Veritasium about one of the biggest problems with Facebook: the intentional throttling of shared content.

It’s easy to take it for granted that what you post on Facebook is seen by all of your Facebook friends but that is actually far from the truth. Facebook’s business model actually requires the service to limit what people see, and to sell you the opportunity to promote your content for a fee. This video is a well-thought-out examination of what your role is as a Facebook user (hint: you’re being manipulated).

I wrote about this activity last year but it’s good to have a video which explains it so much better.

Target and data breaches

Target_logo

As you are most probably aware, the Target department store suffered a data breach which exposed 110 million of its customers’ credit cards to hackers. It’s not news that these commerce juggernauts are targeted (pardon the pun) by thieves, but what is news is that you heard about it.

Companies get hacked every day. Most handle their data breaches quietly, afraid that the news of the breach would hurt their company’s reputation. Target has been refreshingly upfront about its data breach, with a full-page message from Target’s CEO running in today’s paper. This is outstanding public relations. Being a bit of a network security wonk and an observer of public relations, I applaud how Target has taken ownership of this problem. What’s more, I hope other affected companies will follow Target’s lead and be more willing to own up to their security breaches.

We can’t pretend that hacking doesn’t take place; we all know security-through-obscurity doesn’t work. A better approach would be to acknowledge the scope of the problem and to collaborate on ways to strengthen the tools we all use to keep our networks secure.

Cheap Thoughts: Parking meter app

Dinosaur

Dinosaur


Paying for parking? There’s an app for that. Or at least there should be.

Walking down a downtown sidewalk this week, I pondered a sawed-off pipe near the curb where an old-fashioned parking meter once stood. A few years ago, the City of Raleigh got rid of all the traditional coin-based parking meters and put up new electronic parking kiosks instead. Drivers simply note the painted number for their parking space and enter that into the kiosk along with their payment.

Simple, right? Instead of collecting coins from hundreds of meters, parking staff simply empty the money from kiosks, which take credit cards and paper bills in addition to coins. Drivers can also refresh their parking time from nearby kiosks, avoiding a trip back to the kiosk nearest the car.
Continue reading

STEM night at Conn Elementary

An N.C. State student demonstrates a plasma tube at Conn Elementary

An N.C. State student demonstrates a Crooke’s Tube at Conn Elementary


Tonight Conn Elementary hosted a STEM night with the help of students from N.C. State’s College of Engineering. STEM of course stands for Science, Technology, Engineering, and Math.

Multiple stations were set up around the school cafeteria where Conn’s students could perform experiments and learn more about science and engineering. I took Travis and Kelly volunteered. We all had a blast!

Jacob Appelbaum explains why the NSA’s spying concerns us all

Cory at BoingBoing puts it best:

Sunday’s Snowden leaks detailing the Tailored Access Operations group — the NSA’s exploit-farming, computer-attacking “plumbers” — and the ANT’s catalog of attacks on common computer equipment and software — were accompanied by a lecture by Jacob Appelbaum at the 30th Chaos Communications Congress. I have seen Jake speak many times, but this talk is extraordinary, even by his standards, and should by watched by anyone who’s said, “Well, they’re probably not spying on me, personally;” or “What’s the big deal about spies figuring out how to attack computers used by bad guys?” or “It’s OK if spies discover back-doors and keep them secret, because no one else will ever find them.”

Also, see Der Spiegel’s sidebar feature for a look at the source documents.

A Guide to Bitcoin Mining: Why Someone Bought a $1,500 Bitcoin Miner on eBay for $20,600 | Motherboard

I’m late to the Bitcoin party so this is probably already out of my reach, but this is fascinating stuff from a geek point of view.

With the price of bitcoins skyrocketing, mining is suddenly big business, so enticingly big that one wannabe miner was willing to pay a 1,333 percent premium to get his or her foot in the door of this wildly lucrative bitcoin bonanza. Ladies and gentlemen, welcome to the bitcoin gold rush.The craziest part? This wasn’t an auction for a physical, working, ready-to-ship bitcoin mining machine from Avalon, which claims to be the first to develop turnkey, bitcoin-specific mining computers for sale. For $20,600 bidding started at a reasonable $500, the lucky winner only received a place in line and the promise that an actual pre-ordered miner will be delivered sometime next month. If that sounds ridiculous, well, it’s because it quite possibly is.

But clearly there are bitcoin-savvy folks betting that paying 13 times the price of a machine will actually pay off. How did we arrive at this maniacal juncture? Was it greed? Stupidity? Or simple mathematics? For the full story, we’ll have to start from the top.

via A Guide to Bitcoin Mining: Why Someone Bought a $1,500 Bitcoin Miner on eBay for $20,600 | Motherboard.

Stolen Target Credit Cards and the Black Market: How the Digital Underground Works | The State of Security

This is a fascinating account of what’s happening with those 40 million credit cards that were recently stolen from Target.

With the Target data breach, many are wondering how criminals can profit from the use of the stolen credit cards. The card holders themselves will not be responsible for any of the charges, so how is it that criminals are able to make money from stolen credit cards?I have been involved with several cases where organized crime rings have been unveiled, many of these have had connections to Russian and Eastern European groups. These groups generate a significant profit through stolen property acquired through burglaries, shoplifting, identity theft, credit card skimming and carding. Many underestimate the complexity of some of these networks and the revenue they generate.

via Stolen Target Credit Cards and the Black Market: How the Digital Underground Works | The State of Security.

Exclusive: Secret contract tied NSA and security industry pioneer | Reuters

I have no problem with NSA working to crack every commercial cypher out there. That’s what they’re supposed to do. However, I cringe when I read of yet another backdoor put in at the behest of the NSA to weaken data security.

Once upon a time the NSA held a near-monopoly on the ability to exploit data security. Those days are gone. Every backdoor the NSA finagles into the technology that keeps us secure in the hopes of exploiting it against our foes, our foes (and potential foes) exploit it, too. The result turns us all into sitting ducks (witness the Target data breach of 40 million credit card numbers).

As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.

Documents leaked by former NSA contractor Edward Snowden show that the NSA created and promulgated a flawed formula for generating random numbers to create a “back door” in encryption products, the New York Times reported in September. Reuters later reported that RSA became the most important distributor of that formula by rolling it into a software tool called Bsafe that is used to enhance security in personal computers and many other products.

via Exclusive: Secret contract tied NSA and security industry pioneer | Reuters.

Facebook Tests Silent Auto-Play For User Videos In Mobile Feed

I’m not too keen about Facebook automatically starting videos in my Timeline. I love all of my friends but self-starting videos is a bit like coming over to my home uninvited.

In a test that could make News Feed more engaging and pave the way for video ads, Facebook’s mobile feed will start auto-playing user-uploaded videos in-line when they’re scrolled over for a small subset of US iOS and Android users. Videos play silently until tapped to full-screen, which feels slick. Facebook is expected to soon launch a new video ad unit, which might draw on this test’s feedback.

via Facebook Tests Silent Auto-Play For User Videos In Mobile Feed, Foreshadowing Video Ads | TechCrunch.