GeekSpeak for 2011-09-03

Security and Super Novas

Haystack Passwords baby- full paper encryption, UPnP router problems, Macintosh Lion woes and security problems, AT&T mobile deal a no-go and more GeekNews.

UPnP-enabled routers allow attacks on LANs

Routers from various manufacturers support [UPnP|http://en.wikipedia.org/wiki/Universal_Plug_and_Play] (Universal Plug and Play) on their WAN interfaces, which apparently makes it possible for attackers to reconfigure them remotely via the internet and, for example, misuse them as surfing proxies or to infiltrate internal LANs. The problem was discovered by IT security specialist Daniel Garcia, who has developed the Umap tool to demonstrate the problem; the [tool is available to download|http://www.toor.do/] free of charge.

Off The Grid, Haystack Paper Encryption

This was the key breakthrough I had when I was working to invent a means for creating “memory” and “state” for a domain name to password encryption system: If every row and column has exactly one of each character, then it is possible to move throughout the grid, alternating between movement along rows and columns. In each case, moving to the next character that occurs in the domain name. In this fashion our location depends upon the history of all previous characters, and where we end up is determined by every character.

Mac Lion blindly accepts any LDAP password

Apple’s latest version of Mac OS X is creating serious security risks for businesses that use it to interact with a popular form of centralized networks.

People logging in to Macs running OS X 10.7, aka Lion, can access restricted resources using any password they want when the machines use a popular technology known as LDAP for authentication. Short for Lightweight Directory Access Protocol, LDAP servers frequently contain repositories of highly sensitive enterprise data, making them a goldmine to attackers trying to burrow their way in to sensitive networks.

Justice Department blocks AT&T-T-Mobile merger

The Justice Department is blocking AT&T’s $39 billion deal to buy T-Mobile USA, saying the acquisition of the No. 4 wireless carrier in the country by No. 2 AT&T would reduce competition and raise prices.

The deal has faced tough opposition from consumer groups and No. 3 carrier Sprint since it was announced in March.

Apple aims to keep Tim Cook until 2021

Apple’s board, led by chairman Steve Jobs, just signaled its long-term confidence in Tim Cook as the company’s new leader — disclosing in a regulatory filing that it’s awarding the CEO 1 million restricted stock units that won’t fully vest until 2021.
Yes, as in a full decade from now.
The key details from the filing: “In connection with Mr. Cook’s appointment as Chief Executive Officer, the Board awarded Mr. Cook 1,000,000 restricted stock units. Fifty percent of the restricted stock units are scheduled to vest on each of August 24, 2016 and August 24, 2021, subject to Mr. Cook’s continued employment with Apple through each such date.”

Mac Lion blindly accepts any LDAP password

Apple’s latest version of Mac OS X is creating serious security risks for businesses that use it to interact with a popular form of centralized networks.

People logging in to Macs running OS X 10.7, aka Lion, can access restricted resources using any password they want when the machines use a popular technology known as LDAP for authentication. Short for Lightweight Directory Access Protocol, LDAP servers frequently contain repositories of highly sensitive enterprise data, making them a goldmine to attackers trying to burrow their way in to sensitive networks.

Mac OS X Lion: In-Depth Review With Pictures

The release of Apple’s next revision of Mac OSX, version 10.7 – called “Lion” – brings a number of big and small changes, from the direction of scrolling to the colour of buttons to ad-hoc Wi-Fi sharing. Here to guide you through them and tell you what’s good, what’s less so, and what to avoid, is Matt Gemmell.

Supernova in M101 could be visible with binoculars

Astronomers at the Palomar Transient Factory project on California’s Palomar Mountain discovered the supernova using the Oschin Schmidt telescope at Palomar Mountain Observatory. The supernova is designated SN 2011fe and lies 58.6 arcseconds west and 270.7 arcseconds south of the center of M101, which lies some 21 million light-years away. The supernova’s equinox 2000.0 coordinates are 14h03m, 54°16’25". At discovery, the supernova glowed feebly at magnitude 17.2 but is brightening rapidly, reaching magnitude 13.8 on Thursday. The star may reach 11th magnitude or better at its peak. M101 itself is a beautiful object, a face-on “pinwheel” type spiral with fairly low surface brightness arms, but a stunning form. Visibility of the galaxy and its supernova will be best in the evening sky over the next few days, before the Big Dipper sinks too far and before early September brings the Moon into the equation.

Star Walk - iphone astronomy application

Star Walk is an award-winning Education app that allows users to easily locate and identify 20,000+ objects in the night sky. The 360-degree, touch control star map displays constellations, stars, planets, satellites, and galaxies currently overhead from anywhere on Earth. Highly praised and the winner of a 2010 Apple Design Award, the latest update adds a Spectrum Bar to view frequencies other than visible light. No Internet connection required

Google Sky Map for Android

Point your phone at the sky, and Google Sky Map will show the stars, planets, constellations, and more to help you identify the celestial objects in view. You can also browse the skies in manual mode.

Search the night sky for your favorite planet, Messier object, and more. Then move the phone in the direction of the arrow to find it in the sky around you.


! Other Notes and Such

Lyle mentioned the [bit about AT&T breaking up and coming back together|http://www.youtube.com/watch?v=rsCp-1hgfxI] which was from Colbert Report.

!! Router Solutions

For the news stories on making your router safer, if you have a Linksys router, you could install [Tomato|http://www.polarcloud.com/tomato] or [DD-WRT|http://www.dd-wrt.com/]. And [UBiQUiTi|http://www.ubnt.com/] makes great gear as well.

Lyle freaks out about PDF forms and how much of a pain they are!

! The Hear After Here Contest

Ben is working on a [Tandy Beal production|http://www.tandybeal.com/], [Here After Here|http://www.tandybeal.com/projects-hereafterhere.html], the contest question was “how far away is M101?” The answer, given by many, was “21 Million Light Years”.