After checking your bank account, remember to log out, close your web browser, and throw your computer into the ocean.

[…]

For those of you using a smartphone or tablet, the process for securely closing your banking session is very similar, except that you should find the nearest canyon and throw your device into that canyon. We then recommend simply scaling down the cliff face, locating the shattered remnants of your device, and spending the next few weeks traversing the country burying each individual piece in separate holes of varying depths several hundred miles apart.

{ The Onion | Continue reading | Thanks Tim }

related { As digital data expands, anonymity may become a mathematical impossibility. }

Are all telephone calls recorded and accessible to the US government? A former FBI counterterrorism agent claims that this is the case.

{ Guardian | Continue reading }

images { 1. Dave Willardson, Rolling Stone, 1976) | 2. Bug, 1975 }

Hijacking airplanes with an Android phone

By taking advantage of two new technologies for the discovery, information gathering and exploitation phases of the attack, and by creating an exploit framework (SIMON) and an Android app (PlaneSploit) that delivers attack messages to the airplanes’ Flight Management Systems (computer unit + control display unit), he demonstrated the terrifying ability to take complete control of aircrafts by making virtual planes “dance to his tune.”

{ Net Security | Continue reading }

art { Cy Twombly, Untitled, 1971 }

Paula Broadwell,who had an affair with CIA director David Petraeus, similarly took extensive precautions to hide her identity. She never logged in to her anonymous e-mail service from her home network. Instead, she used hotel and other public networks when she e-mailed him. The FBI correlated hotel registration data from several different hotels — and hers was the common name. […]

The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we’re being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks us on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies tracked his Internet use during one 36-hour period. […]

If the director of the CIA can’t maintain his privacy on the Internet, we’ve got no hope.

{ Bruce Schneier/CNN | Continue reading }

related { We were hacked: Here’s what you should know. }

photo { Adam Broomberg & Oliver Chanarin }

For the last six months, Cody Wilson and his non-profit group Defense Distributed have worked towards a controversial goal: To make as many firearm components as possible into 3D-printable, downloadable files. Now they’re seeking to make those files searchable, too–and to make a profit while they’re at it.

In a talk at the South By Southwest conference in Austin, Texas Monday afternoon, Wilson plans to announce a new, for-profit spinoff of his gun-printing project that will serve as both a repository and search engine for CAD files aimed at allowing anyone to 3D-print gun parts in their own garage.

{ Forbes | Continue reading }

related links posted between april 2012 and today in every day, the same, again:

The world’s first 3D-printed gun.

Airbus designer hopes to see planes roll out of hangar-sized 3D printers by 2050.

MIT students reveal PopFab, a 3D printer that fits inside a briefcase.

Japanese company will 3D print your fetus for $1,275.

PayPal Founder Backs Synthetic Meat Printing Company.

3D print glove is a wearable mobile phone.

Ever wanted a life-like miniature of yourself or loved ones? Now’s your chance, thanks to Omote 3D, which will soon be opening a 3D printing photo booth in Harajuku, Japan.

In October, 3D-printing startup Shapeways opened its New York production facility in Long Island City, Queens, the biggest consumer-focused 3D printing factory in the world.

The Pirate Bay launches crazy Physibles category for printing 3D objects.

Which 3D printers should you buy?

In many ways, today’s 3D printing community resembles the personal computing community of the early 1990s.

China’s first 3D printing museum opens.

“3D pen” can write in the air.

An Artificial Ear Built By a 3D Printer and Living Cartilage Cells.

Click by click, Facebook users are building a surprisingly nuanced picture of themselves, even without filling out their social networking profiles. […] Researchers found that they could, for example, correctly guess a man’s sexual orientation 88 percent of the time by analyzing the kinds of TV shows and movies he liked. It also found that few gay men — less than 5 percent in the study — identify with groups that openly declare their sexual orientation, so a man’s preference for “Britney Spears” or “Desperate Housewives” was more useful in predictions.

Similarly, the researchers also found that they could figure out if a Facebook user used drugs with about 65 percent accuracy based on their expressed public preferences.

The study even included “like” predictors that could tell whether users’ parents had separated when they were young vs. whether they had not.

Researchers told the British paper that they hope this study raises users’ awareness about the kind of information they may not realize they’re sharing with a wider audience.

{ Washington Post | Continue reading }

Designed for Google’s forthcoming Glass headset, it recognises people by the clothes they are wearing. Their name is then overlaid on the headset’s video.

{ NewScientist | Continue reading }

related { A technological singularity is defined as ‘the creation, by technology, of greater-than-human intelligence.’ Is it plausible? }

images { 1 | 2 }

Google Glass comes with yet another, even more important feature: lifebits, the ability to record video of the people, places, and events around you, at all times. […]

“I’m recorded by security cameras all day, it doesn’t bother me, what’s the difference?” […] It’s a Google project. And Google has the capacity to combine Glass with other technologies it owns.

{ Creative Good | Continue reading }

A multinational security firm has secretly developed a software capable of tracking people’s movements and predicting future behaviour by mining data from social networking websites.

{ Guardian | Continue reading }

images { 1 | 2 }

Deloitte predicts that in 2013 more than 90 percent of user-generated passwords, even those considered strong by IT departments, will be vulnerable to hacking. […]

How do passwords get hacked? The problem is not that a hacker discovers a username, goes to a login page and attempts to guess the password. That wouldn’t work: most web sites freeze an account after a limited number of unsuccessful attempts, not nearly enough to guess even the weakest password.

Most organizations keep usernames and passwords in a master file. That file is hashed: a piece of software encrypts both the username and password together. […] However, master files are often stolen or leaked. A hashed file is not immediately useful to a hacker, but various kinds of software and hardware can decrypt the master file and at least some of the usernames and passwords. Decrypted files are then sold, shared or exploited by hackers. […]

An eight-character password chosen from all 94 characters available on a standard keyboard is one of 6.1 quadrillion (6,095,689,385,410,816) possible combinations. It would take about a year for a relatively fast 2011 desktop computer to try every variation. Even gaining access to a credit card would not be worth the computing time.

However, a number of factors, related to human behavior and changes in technology, have combined to render the “strong” password vulnerable.

First, humans struggle to remember more than seven numbers in our short-term memory. Over a longer time span, the average person can remember only five. Adding letters, cases, and odd symbols to the mix makes remembering multiple characters even more challenging.

As a result, people use a variety of tricks to make recalling passwords easier. For example, users often create passwords that reference words and names in our language and experience. […] Although a keyboard has 32 different symbols, humans generally only use half-a-dozen in passwords because they have trouble distinguishing between many of them. These tricks and tendencies combine to make passwords less random, and therefore weaker. […]

But non-random passwords aren’t even the biggest problem. The bigger problem is password re-use. The average user has 26 password-protected accounts, but only five different passwords across those accounts. Because of password re-use, a security breach on a less-secure gaming or social networking site can expose the password that protects a bank account. […]

Longer passwords could make systems more secure. Adding just one or two characters make brute-force attacks almost a thousand times slower. A ten-character password has 8,836 more possible combinations than an eight-character password, and the same password-cracking machine cited above would take more than 5 years to crack it. Truly random passwords would also decrease the threat from hackers.

{ Deloitte | Continue reading }

A number of Instagram’s 90 million active users are in a confused panic after being locked out of their accounts over the weekend, and several seem to believe they’ve been hacked. […]

Your account has been secured and requires account validation. Please login to Instagram.com from your desktop computer to validate your identify.

The desktop validation process then requires the user to upload a photograph of a government-issued photo ID by February 1 — a puzzling requirement for many thread participants, who worried that a hacker was attempting to gain access to their personal information. Which is not the case.

“Instagram occasionally removes accounts due to violation of terms and, depending on the violation, may ask people to upload IDs for verification purposes,” a Facebook spokesperson told CNET. […]

Instagram, like Facebook, requires that its users are at least 13.

{ CNET | Continue reading }

Google agrees. “Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe,” Grosse and Upadhyay write in their paper.
Thus, they’re experimenting with new ways to replace the password, including a tiny Yubico cryptographic card that — when slid into a USB (Universal Serial Bus) reader — can automatically log a web surfer into Google. They’ve had to modify Google’s web browser to work with these cards, but there’s no software download and once the browser support is there, they’re easy to use. You log into the website, plug in the USB stick and then register it with a single mouse click.

They see a future where you authenticate one device — your smartphone or something like a Yubico key — and then use that almost like a car key, to fire up your web mail and online accounts.

In the future, they’d like things to get even easier, perhaps connecting to the computer via wireless technology.

{ Wired | Continue reading }

photo { Yasuhiro Ishimoto, Children at Halloween, Chicago, 1952 }