Tried to catch up on the Prison Break highlights and came across the Amex Only previews. Well since I don’t have an AMEX there’s only one choice. Google American Express support numbers.
Enter any one of these phone number numbers:
then enter anything longer than 5 letters in the name field and any expiration date to access the American Express “exclusive” Prison Break promo.
Leading security researcher and co-creator of the Off-the-Record Messaging (OTR) protocol discusses why you should use OTR to make sure your instant messages remain private. This is especially important given the NSA’s recent wiretapping activities and the increasing prominence of Big Brother.
Off-the-Record Messaging, commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR uses a combination of the AES symmetric-key algorithm, the Diffie-Hellman key exchange, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides perfect forward secrecy and deniable encryption. This is not to be confused with the “off the record” setting in Google Talk, which merely disables logging.
The redeeming thing about OTR is that there is pretty much no configuration after its installed. You don’t have to worry about managing keys, trust databases, or any of that crap. You just click the button and it encrypts. When you “authenticate” someone, you don’t have to memorize their public key. Instead, you type in a shared secret (any string) and if the other party types in the same string, their public key is marked as trusted. Of course, it uses an algorithm that doesn’t reveal the secret to the other party. Pure genius. Great article and video.
At 2:58pm, PST, on Wednesday, November 24, 1971, the day before Thanksgiving in the United States, a man traveling under the name Dan Cooper hijacked a Boeing 727-051, Northwest Orient Airlines Flight 305, flying from Portland International Airport (PDX) in Portland, Oregon to Seattle, Washington, with the threat of a bomb (he had a briefcase containing wires, a large battery and “red sticks”).
Cooper boarded the plane of only 36 passengers and 6 crew. He wore a black raincoat and loafers, a dark suit, a neatly pressed white shirt, a black necktie, and a mother-of-pearl tie pin. He also had black sunglasses.
I realize this is somewhat old news, but after sitting around Calculus class playing with my TI-84 Plus graphing calculator, I decided to look around to see what has been hacked onto these things. I thought for sure some tiny distro of linux has been ported to it. I stumbled upon an open-source project called usb8x. This is very cool.
“Ever since Texas Instruments added a USB link port to the TI-84 line, people have been trying to write drivers for almost any device. Here’s an example of a Lexar Jumpdrive playing a black-and-white short – it’s the lobby scene from The Matrix! Check out the article’s comments for users’ takes on this development.”
In an open letter to Internet service providers published earlier this week, billionaire entrepreneur Mark Cuban calls for telecoms to put an end to peer-to-peer (P2P) file-sharing. Cuban expresses concerns that P2P “freeloaders” are clogging the tubes with commercial content. His letter doesn’t focus on piracy, however, and instead primarily attacks companies that use P2P for legitimate commercial applications. Being from the same hometown, we’re always interested to read the musings of Mr. Cuban, but this time we’re pretty sure he’s missed the point.
“If I was a Comcast customer, I would tell them, as I am now telling all the services I am a customer of: BLOCK P2P TRAFFIC, PLEASE. As a consumer, I want my Internet experience to be as fast as possible. The last thing I want slowing my Internet service down are P2P freeloaders,” says Cuban. “Thats right, P2P content distributors are nothing more than freeloaders. The only person/organization that benefits from P2P usage are those that are trying to distribute content and want to distribute it on someone else’s bandwidth dime… When consumers provide their bandwidth to assist commercial applications, they are subsidizing those commercial applications which if it isn’t already, should be against an ISPs terms of service.”
A group of researchers has described Microsoft’s upcoming Windows Vista Service Pack 1 as a “performance dud”.
Researchers from the EXO Performance Network claimed that a series of in-house benchmark tests showed that users hoping to receive a speed boost from the update will be disappointed.
“After extensive testing of Release To Manufacture and SP1-patched versions of Vista it seems clear that the hoped-for performance fixes that Microsoft has been hinting at have not materialised,” the group said in a company blog.
The tests were run using tools from Devil Mountain Software, which also hosts the group’s site. The researchers used a Dell notebook with 1GB of Ram for the tests.
The benchmark tests measured performance in Microsoft Office 2007, multitasking and streaming media.
The results from the SP1-patched system were nearly identical to those from the version of Vista released to manufacturers, according to the researchers.
“The thinking goes that SP1 will address all of these early performance issues and somehow bring Vista on par with, or at least closer to, XP in terms of runtime performance,” said the report. “Unfortunately, this is simply not the case.”
The researchers concluded that users waiting for the update to fix pokey performance will not get any respite in the short term.
“If you have been disappointed with the performance of Windows Vista to date, get used to it,” they wrote. “SP1 is simply not the panacea that many predicted.”
Apple finally released their new OS called Leopard about a month ago. One of the things I like the most with Apple, and probably everybody loves too, is that they always release tons of beautiful stuff. From the package box to the t-shirt. Yeah there is a very cool t-shirt as well. And now itâ€™s not different. I loved the space feeling of the new wallpaper with that sort of aurora borealis effect.
Besides that, this week the new version of GIMP was released. The 2.4 version has a renewed interface, with new icons, and much more stable, at least running on my mac it has not crashed yet.
Anyways, what I want to show on this tutorial is how to create that Aurora Borealis effect using the new GIMP. Basically I used the Leopardâ€™s wallpaper as my reference. I have to say it was easier than I thought. Follow the link below for the amazing write up.
An old friend emailed me over the weekend and asked for some help reducing the size of a MP3 file so he could load it on his wireless phone. Seems he wanted the ringer to sound like a sheep when one certain person called (don’t ask), but the MP3 he found was too big for the phone to accept.
I did a little research and found a cool little utility called FreeRIP that will convert between .WAV, .MP3 and .OGG formats with ease. You can also convert a MP3 file to the same format, but with a different bit-rate, which allowed my friend to reduce the file size as needed, and duly embarrass his friend in public.
XSS is Cross Site Scripting. If you don’t know how XSS (Cross Site Scripting) works, this page probably won’t help you. This page is for people who already understand the basics of XSS attacks but want a deep understanding of the nuances regarding filter evasion. This page will also not show you how to mitigate XSS vectors or how to write the actual cookie/credential stealing/replay/session riding portion of the attack. It will simply show the underlying methodology and you can infer the rest. Also, please note this XSS page has been replicated by the OWASP 2.0 Guide in the Appendix section. However, because this is a living document I suggest you continue to use the site below to stay up to date.
And neither is your girlfriend, but in order to stomach the prospect of a long-term relationship, you delude yourself into believing she’s better looking than she really is. (This has been suspected for so long that even the Greeks had a euphemism for it.)
To see if men (and women) really deceive themselves in this manner, a group of researchers obtained data from the popular physical attractiveness ratings site Hot or Not and studied users’ behaviors.
We may be required to disclose user information pursuant to lawful requests, such as subpoenas or court orders, or in compliance with applicable laws. We do not reveal information until we have a good faith belief that an information request by law enforcement or private litigants meets applicable legal standards. Additionally, we may share account or other information when we believe it is necessary to comply with law, to protect our interests or property, to prevent fraud or other illegal activity perpetrated through the Facebook service or using the Facebook name, or to prevent imminent bodily harm. This may include sharing information with other companies, lawyers, agents or government agencies.
The poster had pictures of himself with his firearms — which, though legal and taken on the employee’s own time, the company was concerned about. Perhaps Facebook was trying to “prevent imminent bodily harm?”
Think Facebook might be helping your employer out with a glimpse of your private profile? Leave us a post below.
Big surprise. Appleâ€™s much loved iPhone has a hidden feature, and itâ€™s not going to be welcomed by everyone: it phones home.According to 9 to 5 Mac, the iPhone sends the users IMEI number, IP address and stock quote preferences amongst a number of things via a hidden string to Apple via the Weather and Stock apps. The information could be used by Apple to build user profiles that includes data on travel, financial and banking preferences, work detailsâ€¦even personal browsing information (if youâ€™re using your iPhone to surf porn be warned).
Hackers are now apparently working on a way to block this functionality. In the mean time the only way of stopping data being sent to Apple is to delete the stock and weather applications via jailbreak.
Snagged this off a forum I frequently browse…
[Originally Posted by porksoda]
So let me start by saying I work at Sears and here are a few of the geniuses we have that bring their car in here.
Also I work in the store not in the automotive section. I like to work on cars but only on my own time, not as a full time job. But I am good friends with the guys there and since they are car guys they call me when this stuff happens. I apologize for the camera phone pics but that all i have on me at work.
This idiot brought in his car today and said “My brakes are squeeking”. Well gee theres your problem!
According to security experts, an algorithm for generating random numbers that is included in an official standard documented by the National Institute of Standards and Technology (NIST) could potentially include a backdoor planted by the NSA.
In a recent blog entry, cryptographer Bruce Schneier describes research that was presented by his colleagues Niels Ferguson and Dan Shumow at the CRYPTO 2007 conference this past August. The security researchers have raised concerns about a potential backdoor in the Dual_EC_DRBG algorithm, which is documented in NIST’s 800-90 publication about deterministic random bit generators. Dual_EC_DRBG, which is based on elliptic curves, is said to be significantly slower to compute than the other algorithms in the standard and was supposedly only included at all because it has the strong support of the NSA.
A friend of mine was compiling census data for a project. They sent me these visual census charts, which are pretty informative… especially if you’ve ever lived/visited The Big Apple. More data after the jump
One of the steps used by the attacker who compromised a friend’s Blog a few weeks ago was to create an account (which he promoted to administrator). I quickly disabled the account, but while doing forensics, I thought it would be interesting to find out the account password. WordPress stores raw MD5 hashes in the user database (despite many recommendations to use salting). As with any respectable hash function, it is believed to be computationally infeasible to discover the input of MD5 from an output. Instead, someone would have to try out all possible inputs until the correct output is discovered.
Flickr user musely gets a gold star today for both effort and execution, for this clever series of shots lining up currency with the D.C. buildings depicted on them. We suspect this is one of those things that seems simple, but in practice is a lot more difficult than it looks to get everything in focus and lined up perfectly. The nice thing about our city? You can tour all those landmarks and plenty more without ever having to take any of that $85 out of your own pocket.
The Vice Fund is an investment strategy that is defensive in nature, where investors are banking that growth in the industries will take place independent of any economic conditions.
They invest in companies, both domestic and foreign, engaged in the aerospace and defense industries, owners and operators of casinos and gaming facilities, manufacturers of gaming equipment such as slot machines, manufacturers of cigarettes and other tobacco products, and brewers, distillers, and producers of other alcoholic beverages. They believe that there are numerous investment opportunities in these sectors which have been largely overlooked by other funds. While many of the most widely held and well-known mutual funds invest in companies doing business in these sectors, no other mutual fund concentrates solely on these four sectors.
“People will see the fund and think it’s one thing that it’s really not. We’re not doing this to make any sort of political statement or a social commentary, and we’re not advocating these behaviors in any way. Our job is to study the fundamentals behind these industries and these businesses and try to make money for our investors.”
The Altria Group, which controls cigarette giants Philip Morris USA and Philip Morris International, is traded on the New York Stock Exchange and is the largest holding in the Vice Fund, making up more than 7 percent of the assets. Phillip Morris International recently signed a deal with China to distribute Marlboro cigarettes in the country.
“Tobacco is still a great investment because the cigarette companies have tremendous pricing power,” Norton said.
Gaming, alcohol, tobacco and the defense sectors are all tied together by five common threads according to Norton. Those are high demand regardless of economic conditions, the global nature of the businesses, high barriers to entry, large profits, and having the government as the largest beneficiary because of high tax rates.
Red Tape Chronicles has a good guide for how to set up a credit report freeze at each of the three major credit bureaus.
A freeze means no one can access your credit report unless you “thaw” your report. This means no new credit cards, loans, or mortgages, either by you, or by a potential identity thief. You will need to freeze the report with each bureaus. Not surprisingly, after fighting with Congress for four years against allowing for consumer freezes, the bureaus have made it difficult, requiring the mailing of certified letters, utility bills, different kinds of personal information, and charging fees. Here’s the step by step:
List all the drivers you’ve installed on your Windows machine by typing driverquery from the command line (start->Run->cmd->OK). This works under Windows XP, 2003, and Vista systems; WindowsVistaPlace states that there is even more information to glean from this simple program: remote system direction, output, and information about signed drivers, among others. Loving the power of that little black box? Get to know your friendly neighborhood command line.