SDS » Web

Street View at Night!

be3n — Wed, 23 Nov 2011 07:22:31 +0000

Has anyone else noticed that some of Google’s street view is after sundown? Checkout Laurel Canyon between Magnolia and Ventura Blvd in LA. It’s headlights and neon (last I checked).

iCloud migration is more troubling then MobileMe!

be3n — Mon, 17 Oct 2011 00:51:14 +0000

I am already disappointed with apple’s latest change to it’s web service. Apple has never known what it was doing with it’s web services, but people were actually paying for it. Now they switched to a free service that does only half of what many were already relying on.

When i originally signed up for my @mac.com email address it was upon installing a brand new Mac OS 9 on my Performa 6400. Then free service was branded with the tagline “Free eMail for Life!” Just two years later, apple rebranded it dotmac (.Mac), a pay service with all newly designed web hosting and design services so that anyone could create a polished site in minutes. I was cynical of this new pay service, there were cheaper hosting services and seemly nothing more valuable then the continued use of my email. i vowed never to use it. That only lasted about a year or so before apple gifted it to me for free with my APP certificate. If memory serves, i just got one free year and another half price, but by then i was hooked. i was hooked on iSync/iDisk. it kept all my devices and computers in sync. it allowed me to work on my desktop, laptop, or work machine with all the latest and most current data and documents. it was amazing. I used it, loved it, and sold the hell out of it. I setup so many different installs configurations. From the Granny with a bridge club to a Travel Photographer with his portfolio. it was a great system. (this was years before drop box).

iTools -> .mac -> MobileMe -> iCloud

A few years ago with introduction of the iPhone, Apple rebranded the service MobileMe! This time forcing users to migrate their websites and design tools away from the older web based system to the newer iweb. Forcing the people who needed template sites and automated publishing tools to manually move their websites to the new system and to abandon any hope of future updates. Basically saying “Adopt or Cancel.” They were discontinuing the very publishing tools that they had sold these customers on only a few years ago. Outages, lost or duplicated data was a Sword of Damocles looming over any user for over a month. The migration was so bad that apple ended up giving everyone who remained a few months of free service.

Now it comes full circle and returns to being a free service with iOS 5 or Lion. No more syncing keychains, mail settings, smart folders. No more iDisk, so no more Document syncing in ANY application. Its’s as if Apple wants to do away with any user control over the location if their files. Some of us like to be able to browse their files if they want to. It’s great if the application knows where the file is stored. It can be updated to utilize iCloud, but what if i want to save whatever the hell i want in there. What if (heaven forbid) the internet is down!?? Can i copy it to a thumb drive? At least contact and calendar sync reamins uninterrupted. Location services and tracking have been expanded to include computers. iMessages to allow rapid decimation of location data (some privacy issues remain). With any luck, many of these concerns may very will be solved in future updates or by the developers that make this platform so great.

Well, at least we can all quit ponying up $99 to apple each year. We’ll have to wait and see where we go from here. See how it evolves. Photo Stream is pretty cool. gets my pictures from my iPhone to my iPad , and all my computers without any syncing, though i am still unsure if i need all my vacation picts on my office machine. I am generally disappointed with iWork for iPad (but of course mine is still the original iPad). All my custom templates must be updated to look good. Many of my apps are still waiting for iCloud integration before i can take advantage of the new document syncing. Wish they could integrate keychain syncing. What are they if not documents? Lucky for me i have already migrated much of my file sync services away from Apple to cheaper storage with Dreamhost, Dropbox, Box.net, etc. For many of my friends, colleagues, and customers this task lies ahead. Apple certainly didn’t make it easy.

Updates keep the SSL boogiemen at bay.

be3n — Fri, 09 Sep 2011 20:26:09 +0000

all the ssl blacklists are updates. we can return to thinking we are safe. Apple included the patches in a Security Update, Firefox updated to 6.0.2. Jailbroken iOS users can update or install “sslfix” in Cydia to get the protections that apple has yet to release.

After watching Moxie’s BlackHat talk, we seriously need to fix SSL. It is holding up too many technologies to be this insecure.

And the lulz keep coming!

be3n — Sat, 11 Jun 2011 03:36:39 +0000

LulzSec is back at it. Actually they never stopped, but this time they released 26,000 emails and passwords from a pile of porn sites. Again we are reminded of the ills of password reuse as email, facebook, and twitter accounts fall. This is going to reverberate across the net for a while as troublemakers make trouble for some poor porn subscribers. I almost feel bad for them. This is one way to educate the populous. Facebook was quick to block the listed emails, but if email is also compromised, it doesn’t help for long.

At Funny or Die helping out.

be3n — Mon, 06 Jun 2011 03:07:38 +0000

I hope it’s funny, I don’t want to die. I am working with some very funny people. it’s going to be great.

Here is the vid, now that it’s done, careful not to blink, you may miss me. My T-shirts got more play then me. Great work guys, very funny!

MASTERGAMER TAKES ON E3 – watch more funny videos

LulzSec Declares War on Obama’s Hacking Crackdown!

be3n — Sat, 04 Jun 2011 03:49:43 +0000

Their recents exploits include hacking FBI affiliate Infragard (Atlanta Chapter). They defaced the website, stole account information, and messed with their users. Particularly Karim Hijazi of Unveillance. LulzSec alleges that Karim (in a chat on IRC) offered them money and information to hack and his competition in the security industry. This kind hypocritical behavior is specifically deplored by hackers. Hijazi’s company email was posted online and in LulzSec’s official statement they threaten the release of his personal email as well. LulSec started taking donations with BitCoin. They used some of the money to pay for servers and their “lulzsecurity.com” domain which ~~appears at present to be down~~.

lulzsec hacks PBS in support of wikileaks.

be3n — Mon, 30 May 2011 07:04:14 +0000

After PBS’s documentary on wikileaks “Wikisecrets” painted alleged cablegate leaker Bradley Manning in a seemingly negative light some hacktivists have set their sights on PBS. A group going by the name “LulzSec” posted some fake news stories and pages on PBS’s site and published database dumps of usernames, passwords, email, and other confidential information here. Though they claim not to be affiliated with Anonymous, the style is certainly similar. They even included a taunting statement, “Hey Anonymous, we heard you were having trouble!” in reference to the recent anonymous split and anonops.net hack. I suspect these are more 4chan hackers, possibly even the ones responsible for the anonops.net hack.

links:
Oficial Lulzsec Statement:
http://pastebin.com/B3gmw5NS
other press:
Huffington Post
SC Magazine

Vupen broke Google’s Sandbox!

be3n — Tue, 10 May 2011 01:36:29 +0000

http://www.youtube.com/watch?v=c8cQ0yU89sk

After 3 straight years of pwn2own invincibility, someone finally bested all of chrome’s mighty security to downloaded and run code. French security research firm @vupen used two exploits to bypass ASLR, DEP, and leave the sandbox to run a calculator (in this demo). The calculator might be innocuous, but method is quite significant. Impressive work by the good guys.

http://www.youtube.com/watch?v=c8cQ0yU89sk

Making stuff! in order to break stuff.

be3n — Mon, 03 Jan 2011 02:42:25 +0000

I slapped together a possibly useful php wrapper for highly useful open source tools. Now you can strip the passwords from your pdfs with only a web browser. Don’t thank me, thank the guys over at mupdf or maybe my sister for needing my help with pdfs. check it out: http://be3n.com/toybox/breakpdf/

FYI, it only helps with DRM, not encryption. enjoy.

Gawker fiasco and what we’ve learned about password reuse.

be3n — Tue, 14 Dec 2010 01:41:44 +0000

Gawker Media (Lifehacker, Gizmodo, etc.) was hacked by a group calling themselves #gnosis and their entire user database (as well as source code for the sites) was posted to a popular torrent site. Downloaded already no doubt by hundreds or even thousands of would be nar do wells. What does this mean? what can we learn? More then 50,000 users used “password” for their password. Read the oficial statement here. I did enjoy the irony of Facebook connect users being safe from this. If you had an account on any of these sites, your information is compromised and i prey you don’t reuse your password. Change it, change it fast. Millions of user’s Data was exposed (names, emails, passwords). The ramifications of this breach will continue over the next few weeks as users accounts on other services begin to wreak havoc.

here is a humerious comic about password reuse:
http://xkcd.com/792/