GeekSpeak for 2006-09-23

Hacktivismo, BrowserCache and VistaDisca

Microsoft’s Vista all versions on one disk, browser cache clearing, Hacktivismo anonymous web browsing and much more covered by Sean, Lyle, Drew and Miles.


! Week in Geek

!! Hacktivismo Enables Anonymous Web Surfing with Firefox-based Browser
[Hactivismo|http://www.hacktivismo.com/], an international group of computer security experts and human rights workers, just released Torpark, an anonymous, fully portable Web browser based on Mozilla Firefox. Torpark comes pre-configured, requires no installation, can run off a USB memory stick, and leaves no tracks behind in the browser or computer. Torpark is a highly modified variant of Portable Firefox, that uses the TOR (The Onion Router) network to anonymize the connection between the user and the website that is being visited.

When a user logs onto the Internet, a unique IP address is assigned to manage the computerís identity. Each website the user visits can see and log the userís IP address. Hostile governments and data thieves can easily monitor this interaction to correlate activity and pinpoint a userís identity.

Torpark causes the IP address seen by the website to change every few minutes to frustrate eavesdropping and mask the requesting source. For example, a user could be surfing the Internet from a home computer in Ghana, and it might appear to websites that the user was coming from a university computer in Germany or any other country with servers in the TOR network.

It is important to note that the data passing from the userís computer into the TOR network is encrypted. Therefore, the userís Internet Service Provider (ISP) cannot see the information that is passing through the Torpark browser, such as the websites visited, or posts the user might have made to a forum. The ISP can only see an encrypted connection to the TOR network.

However, users must understand that there are limitations to the anonymity. Torpark anonymizes the userís connection but not the data. Data traveling between the client and the TOR network is encrypted, but the data between the TOR network and websites is unencrypted. Therefore, the user should not use his/her username or password on websites that do not offer a secure login and session (noted by a golden padlock at the bottom of the Torpark browser screen).

[DOWNLOAD TORPARK|http://torpark.nfshost.com/download.html]

!! Warner Engineers Patent DVD/HD DVD/Blu-ray Hybrid Multilayer Dual Optical Disc

[Dailytech ran a story|http://www.dailytech.com/article.aspx?newsid=4201] about two Warner engineers, Alan Bell and Lewis Ostrover, who came up with an idea for a hybrid disc that could hold DVD content, HD DVD content, and Blu-ray content on the same disc!

the invention pertains to an optical disc that includes one data layer having a standard CD or DVD format and a second data layer having a high-capacity format, and/or having two high capacity formats on one disc. For example, HD DVD discs embed data in 0.6mm deep pits while Blu-ray stores data in 0.1mm deep pits, which means the two layers can co-exist on the same side of a disc.

By using reflective films, the inventors say their disc would enable drive lasers to read through the underlying HD DVD layer to the Blu-ray data. Additional information also could be stored on the other side of the disc.

The Patent Abstract: A data disc consists of several layers, including at least one layer conforming to a first format, and a second layer conforming to a second format. The formats can include CD, DVD, HD and BD formats and the layers may be physical, logic or application layers.

[Here is the actual patent application|http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220060179448%22.PGNR.&OS=DN/20060179448&RS=DN/20060179448]

!! Windows Vista DVDs to include ALL versions of Vista

Microsoft has confirmed that all versions of Windows Vista will ship on a single DVD disc, using a feature called Windows Anytime Upgrade. This means all six or seven flavors of Windows Vista (Starter Edition, Home Basic Edition, Home Premium Edition, Professional Edition, Small Business Edition, Enterprise Edition, Ultimate Edition) will be bundled on a single DVD disc, making it easy to upgrade Windows Vista to any version on the fly.

Microsoft did not give pricing details and it is unclear whether the reduced production and retail costs would be passed onto the consumer in the form of cheaper upgrades. Microsoft denied that Windows Anytime Upgrade would prove an attractive target for hackers, saying Vista was “the most secure version of Windows yet.”

Ken “Caesar” Fisher of Ars Technica has a [detailed blog entry about Vista on one disc|http://arstechnica.com/news.ars/post/20060301-6295.html] with some interesting points.

!! The San Jose Semephore, in the Adobe building

[San Jose Semephore|http://www.sanjosesemaphore.org/] a visual apparatus for communicating messages over distance.

San Jose Semaphore, by artist Ben Rubin, is a permanent public artwork commissioned by Adobe Systems Incorporated in collaboration with the City of San Joseís Office of Cultural Affairís Public Art Program.

Located within the top floors of Adobe’s Almaden Tower headquarters in San Jose, California, San Jose Semaphore is a multi-sensory kinetic artwork that illuminates the San Jose skyline with the transmission of a coded message. Cracking the coded message is posed as a challenge for the public.

San Jose Semaphore’s four ten-foot wide illuminated disks rotate every 7.2 seconds, engaging viewers with a steady, glowing, and purposefully moving presence. The artwork’s illuminated disks perform a kind of mechanical dance as a method of communication. A low-power radio broadcast provides a soundtrack that is audible within 2-3 blocks of the Almaden Tower on AM 1680. An online simulcast provides a way to see and hear the piece remotely.

!! New BOINC project, SpinHenge, launched Sept 2

In the research-field “nano-technology”, in the zone “Molecular Magnets: Controlled Nanoscale Magnetism”, promoted by the American energy ministry (DOE) of interdisciplinary main research project, physicists, chemists, mathematicians and engineers are assigned to make molecular magnetic materials technologically appropriable. Thereby mathematical calculations need to be performed. Because these calculations are very time-consuming, a synchronized execution on numerous computers is obvious. Read more about [SpinHenge|http://spin.fh-bielefeld.de/].

!! Zero-Day Team Launches with Emergency IE Patch

A dark horse security group formed after the WMF attacks in late 2005, the [ZERT|http://isotf.org/zert/] (Zero Day Emergency Response Team) has released a patch to attempt to slow the malware attacks on Windows.

!! Tech Manufacturers Rally Against Net Neutrality

Producers of networking hardware such as Motorola, Corning, and Tyco have come out against Net Neutrality. They support the current senate communications bill, and urge immediate action. ’Don’t be confused by these spurious complaints about Net neutrality,’ Tim Regan, a vice president with fiber optic cable manufacturer Corning Inc., said. ‘Net neutrality is a solution in search of a problem’. [Full Article|
http://news.com.com/Tech+manufacturers+rally+against+Net+neutrality/2100-1028_3-6117241.html?tag=nefd.lede]

!! Hotel Minibar Key Opens Diebold Voting Machines

As if Diebold doesn’t have enough to worry about! On the [Freedom To Tinker blog|http://www.freedom-to-tinker.com/?p=1064], Ed Felten, one of the co-authors of the recent report ‘Security Analysis of the Diebold AccuVote-TS Voting Machine’, reveals an even more bizarre finding related to the initial report. It turns out that you can gain access to an AccuVote-TS machine using a hotel minibar key. In fact, the key in question is a utilitarian type used to open office furniture, electronic equipment, jukeboxes, and the like. They might as well hand them out like candy.

!! Tracking Users Via the Browser’s Cache

A method of tracking using the browser cache instead of cookies. A demonstration shows that tracking can remain continuous if you clear only cookies or only the cache, but not both. (Firefox’s Clear Private Data tool can be set to clear both when closing the browser.) [Slashdot has an interesting article on tracking users via the browser’s cache|
http://yro.slashdot.org/article.pl?sid=06/09/17/2126210]