Posts

Showing posts from February, 2015

RIP Leonard Nimoy, Our Favorite Logical Alien

Image
Leonard Nimoy brought us a truly memorable character in Commander (later Ambassador) Spock, the half-Vulcan first office of the USS Enterprise in the Star Trek TV show and later movies. Star Trek was the creation of Gene Roddenberry, and strove to show a multicultural starship crew of the future in action, even including non-human crew members such as Spock.



The Lenovo Superfish Clusterf*ck

Wow, Lenovo sure got caught with their pants down over that whole Superfish thing, didn't they? A stupid, money-grubbing idea that was poorly conceived and executed and allegedly put user's SSL connections at risk. Well Lenovo are now in the process of zipping up, and are removing this crap from user's laptops. They were also quick (a little too quick) to point out that this did not affect business models of their laptops - just you poor schmucks who spent your own money on one of their laptops.
What is "Superfish? In short, a piece of software installed on some new Lenovo laptops used to inject ads into webpages, and because of the way it was set up the effect was that of a man-in-the-middle attack, potentially compromising the laptop users secure web connections. Both skeevy and dumb.
Here are some links to give the whole, scummy tale in roughly chronological order:
Superfish Compromises All SSL Connections On Lenovo Gear
Superfish Site Downed After Lenovo Debacle
Mic…

Spark Plugs? Pfftt. Lasers, Man. LASERS!

Image
The internal combustion engine has been around for quite a while, and yet we still find ways to tweak and cajole it into better performance and efficiently. The spark plugs in a gasoline engine do just that - provide a spark at the correct time to cause the fuel/air mixture to combust, expand the gas rapidly and drive the piston, which rotates the camshaft. 
But suppose you used a laser instead of a spark plug? It should be more controllable, more precise, etc. This is not strictly a new concept, but it's the first it's been shown to work in a real engine, thanks to Princeton Optronics.
The problem is that spark plugs can only ignite the fuel at one end of the chamber, says Chuni Ghosh, CEO of New Jersey-based Princeton Optronics, the firm that developed the new ignition system.

In Ghosh's engine, a laser ignites the fuel in the middle of the chamber instead, burning more of the fuel and improving combustion efficiency by 27 per cent. Laser ignition could boost the fuel ef…

Limited Time: Free Adware With Your Lenovo Laptop

Image
Lenovo has apparently been installing some questionable adware on their new consumer laptops. While most PC makers are guilty of shoveling all kinds of "value add" software (read: crap) on their new PCs, this seems more egregious than most, in that it runs a type of man-in-the-middle attack using a self-signed certificate. Not cool.

*update* Lifehacker has a nice article on how to check for this and how to remove it if present. The adware, named Superfish, is reportedly installed on a number of Lenovo’s consumer laptops out of the box. The software injects third-party ads on Google searches and websites without the user’s permission. TheNextWeb

For The Gentleman Farmer: A Rolls-Royce SUV

Image
The folks at Rolls Royce have finally thrown up their hands and decided to pander to the masses a little and bring us a Rolls-Royce SUV. Of course, I can agree the world does not really need such a thing, but then we don't really need the Bugatti Veyron or exorbitantly-priced Swiss watches either. We should get to see this new addition at the forthcoming 2015 Geneva Auto Show. Not that Rolls would ever deign to call this vehicle, which is as yet unnamed, an SUV. This should come as no surprise when you remember what that term stands for: sport utility vehicle. These three words are anathema to everything Rolls Royce Motor Cars stands for. Wired


More Woeful IoT Security

Image
This is the kind of thing that hurts my heart about our headlong plunge into connecting every flippin' thing to the Internet. There seems to be a real lack of serious thought about security, sometimes of even the most (one would think) basic kind. Do we not believe that the bad guys will quickly figure these out and create mischief/havoc/disaster accordingly (because that's why they are called "bad guys" y'know). Netatmo is the latest vendor to be exposed as having weak security to protect user information. The Internet of things (IoT) vendor has several products, including a set of Internet-enabled weather monitoring devices that connect via a user's WiFi network to communicate with the cloud.

The problem is that the Netatmo was storing user WiFi network passwords, then transmitting them in the clear, without any encryption, as part of a data debug dump. The debug information was sent to the Netatmo cloud service, which enables users to track and monitor weat…

When HDCP Messes Up

Image
High-bandwidth Digital Content Protection or HDCP is a Digital Rights Management system used in devices with HDMI connections, among others. As with many DRM or "copy protection" schemes it can break and interfere with legitimate use, rather than just work in the background as it should. For example, if you have an older HDTV set that is not HDCP compliant then you cannot watch any  HDCP compliant content on it. If you plug in your Blu-ray player, a Chromecast, or any other device that follows HDCP standards you’ll either see a blank screen or you’ll see an error message like “ERROR: NON-HDCP OUTPUT” or simply “HDCP ERROR.” There is an inexpensive solution to this kind of problem - even though it should not be necessary for legitimate users. HowToGeek has the skinny.