XIAM007

Making Unique Observations in a Very Cluttered World

Friday 15 January 2010

Google runs Microsoft's IE, attacks show - 'Why wasn't Google running Chrome?' asks researcher

Reading - Google runs Microsoft's IE, attacks show - 'Why wasn't Google running Chrome?' asks researcher


Google beta services

January 15, 2010 (Computerworld) Google's corporate network was hacked because its workers were running rival Microsoft's Internet Explorer browser, a point that didn't escape the notice of security researchers and Web users.

"More interesting than the IE zero-day, is why wasn't Google running Chrome?" asked Andrew Storms, director of security operations at nCircle Network Security, shortly after Microsoft issued a security advisory that told users of a critical, unpatched bug in Internet Explorer (IE).

Thursday, Microsoft acknowledged that the IE exploit had been used in the attacks against Google and other major corporations. "We have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks," said Mike Reavey, director of Microsoft's Security Response Center (MSRC).

In fact, the malware that Microsoft and others researchers have examined was designed to exploit IE6, the eight-year-old browser that's most often used with Windows XP.

Others, in addition to Storms, questioned why Google wasn't "eating its own dog food," the phrase used to describe software development companies running their own products, often in early editions long before they're made public. "I have to wonder, why the hell is Google using IE, and why IE6?" asked a Computerworldreader in a comment appended to a story on the IE bug. "In fact, why Windows-based servers? Eat your own dog food, Google."

"Actually, it's the norm within companies, especially technology companies, for employees to run multiple browsers," said John Pescatore, Gartner's primary analyst on security subjects, noting that Google's workers may have, say, Chrome and IE on their machines. "But it's almost impossible for IE not to start up at some point during the day."

Sheri McLeish, a Forrester analyst who covers browsers, wasn't surprised by the fact that Google workers run IE, even the aged IE6. "I don't have first-hand knowledge of why Google is using IE6, but what's under the hood at enterprises isn't always best practices," McLeish said. "There are likely business reasons why Google runs IE, because if they were easily able to upgrade [to IE8], they would."

Microsoft said, and independent researchers confirmed, that the exploits which struck Google would be largely deflected by IE7 and IE8, particularly the latter because it enables DEP (data execution prevention) by default.

"What these attacks point to is the fact that a lot of companies are running IE6," McLeish said. "Microsoft wants to kill IE6, a lot of companies want to kill it. But they can't."

As McLeish said, Microsoft has urged customers to upgrade from IE6 to newer editions of its browser. It kicked off a campaign last August when Microsoft's general manager for IE said, "Friends don't let friend use IE6." The efforts haven't been entirely successful. Last year, as users began switching to IE8, they were more likely to desert IE7 than the even older IE6. According to Web metrics company Net Applications, IE6 lost 38% of its usage share during 2009, but IE7 lost even more: It dropped by 56%.

Because of IE's dominance in enterprises -- one recent estimate is that IE runs on 80% of corporate computers -- it remains a prime target, and exploits that leverage its vulnerabilities make ideal vectors for attacks against businesses, Pescatore said.

The attacks that exploited IE's unpatched flaw first came to light Tuesday, when Google announced that Chinese attackers had made off with intellectual property from its corporate network, and also tried to access the Gmail accounts of Chinese human rights activists. Google said the attacks, along with increasing censorship of the Web by China's government, had prompted a reevaluation of its business in the country.

Researchers at McAfee said their investigation showed that the attacks began in mid-December 2009 and stopped Jan. 4, 2010, when the hackers' command-and-control servers were taken offline.

Google did not reply to a request for an explanation of why at least some of the company's workers use Microsoft's IE.

Read more - http://www.computerworld.com/s/article/9145238/Google_runs_Microsoft_s_IE_attacks_show?taxonomyId=82

Astro-Snorts - A BAG of cocaine has been found in a Space Shuttle hangar - sparking a Nasa investigation -

Reading - Astro-Snorts - A BAG of cocaine has been found in a Space Shuttle hangar - sparking a Nasa investigation -

space-shuttle-atlantis-sts-27-in-1972-xl

US space chiefs fear an employee was seeking a different kind of out-of-this-world experience in the restricted area at Kennedy Space Centre, Florida.

About 200 staff and contractors have access to the hangar, which houses the shuttle Discovery.

Six astronauts including Briton Nick Patrick are due to blast off in March. But space chiefs insisted the mission goes ahead as planned.

The US space agency started testing and interviewing all staff on Wednesday.

Drug sniffer dogs were also brought in to find the culprit. Three years ago, Nasa was forced to deny allegations of boozy parties after an official report claimed two astronauts had flown into space while drunk. The discovery of drugs in a hangar before a mission raises safety concerns and will embarrass new Nasa chief Charlie Bolden.

Nasa spokesman Allard Beutel said: "There are no obvious indications of anyone acting oddly or under the influence. People know how serious this is - it's not acceptable."


Read more:http://www.thesun.co.uk/sol/homepage/news/2809281/Nasa-astro-snorts-in-cocaine-probe.html#ixzz0cjmpf96g

Weight Watchers clinic floor collapses under dieters - collapsed beneath a group of 20 gathered for a meeting -

Reading - Weight Watchers clinic floor collapses under dieters - collapsed beneath a group of 20 gathered for a meeting -


Patient Standing on Weight Scale
Photo: CORBIS

As the dieters queued to see how many pounds they had shed, the floor beneath them in the clinic in Växjö, in south-central Sweden, began to rumble, according to a report in The Local, Sweden's English-language newspaper.

"We suddenly heard a huge thud; we almost thought it was an earthquake and everything flew up in the air.

Soon, the fault lines spread around the room, and other sections of the floor gave way."The floor collapsed in one corner of the room and along the walls," one Weight Watchers participant told the Smålandsposten newspaper.

Luckily, all of the dieters escaped uninjured and managed to move the scales to the corridor, which was not damaged in the accident, and were able to complete their weekly weigh in.

The cause of the floor's collapse remains under investigation.

Read more - http://www.telegraph.co.uk/news/worldnews/europe/sweden/6990753/Weight-Watchers-clinic-floor-collapses-under-dieters.html

Among Technophiles, Tesla In and Edison Out - and Teslamania is going increasingly mainstream -

Reading - Among Technophiles, Tesla In and Edison Out - and Teslamania is going increasingly mainstream -

Marc J. Seifer Photo Archives

Inventor Nikola Tesla pictured in Colorado, achieved fame and fortune in the 1880s for figuring out how to make alternating current on a huge scale. A contemporary of Edison, Tesla died in obscurity but is now being rediscovered and hailed by technophiles, such as Google co-founder Larry Page.


Decades after he died penniless, Nikola Tesla is elbowing aside his old adversary Thomas Edison in the pantheon of geek gods.

When California engineers wanted to brand their new $100,000 electric sports car, one name stood out: Tesla. When circuit designers at microchip producer Nvidia Corp. in 2007 launched a new line of advanced processors, they called them Tesla. And when videogame writers at Capcom Entertainment in Silicon Valley needed a character who could understand alien spaceships for their new Dark Void saga, they found him in Nikola Tesla.

Tesla was a scientist and inventor who achieved fame and fortune in the 1880s for figuring out how to make alternating current work on a grand scale, electrifying the world. He created the first major hydroelectric dam, at Niagara Falls. He thrilled packed theaters with presentations in which he ran high voltage through his body to illuminate a fluorescent light in his hand. His inventions helped Guglielmo Marconi develop radio.

And his rivalry with Edison—called the Battle of the Currents because Edison had bet on direct current—was legendary. Tesla won the contest, when his AC equipment powered an unprecedented display of electric light at the 1893 Chicago World's Fair.

Fifty years later, the 86-year-old Serbian emigré died in obscurity at a New York hotel, unmarried, childless and bereft of friends. Meanwhile, Edison was lionized for generations as one of America's greatest inventors.

But Tesla has been rediscovered by technophiles, including Google Inc. co-founder Larry Page, who frequently cites him as an early inspiration. And Teslamania is going increasingly mainstream.

An early hint was "Tesla Girls," a 1984 single from the British technopop band Orchestral Manoeuvres in the Dark. Performance artist Laurie Anderson has said she was fascinated by Tesla. David Bowie played a fictionalized version of him in the 2006 film "The Prestige," alongside Christian Bale and Hugh Jackman. Director Terry Gilliam described Tesla in a recent documentary film as "more of an artist than a scientist in some strange way."

Tesla, in short, is cool.

For more on this story, read The Wall Street Journal.

ACLU Requests Information On Predator Drone Program - Asks For Data On "Targeted Killings" Of Suspected Terrorists And Civilian Casualties

Reading - ACLU Requests Information On Predator Drone Program - Asks For Data On "Targeted Killings" Of Suspected Terrorists And Civilian Casualties

reaper

NEW YORK – In a Freedom of Information Act (FOIA) request filed today, the American Civil Liberties Union asked the government to disclose the legal basis for its use of predator drones to conduct "targeted killings" overseas. In particular, the ACLU seeks to find out when, where and against whom drone strikes can be authorized, and how the United States ensures compliance with international laws relating to extrajudicial killings.

"The American public has a right to know whether the drone program is consistent with international law, and that all efforts are made to minimize the loss of innocent lives," said Jonathan Manes, a legal fellow with the ACLU National Security Project. "The Obama administration has reportedly expanded the drone program, but it has not explained publicly what the legal basis for the program is, what limitations it recognizes on the use of drones outside active theaters of war and what the civilian casualty toll has been thus far. We're hopeful that the request we've filed today will encourage the Obama administration to disclose information about the basis, scope and implementation of the program."

The administration has used unmanned drones to target and kill individuals not only in Afghanistan and Iraq but also in Pakistan and Yemen. The technology allows U.S. personnel to observe targeted individuals and launch missiles intended to kill them from control centers located thousands of miles away.

Today's FOIA request was filed with the Department of Defense, the Department of Justice (including the Office of Legal Counsel), the Department of State and the CIA.

"The use of drones to conduct targeted killings raises complicated questions – not just legal questions but policy and moral questions as well," said Jameel Jaffer, Director of the ACLU National Security Project. "These are not questions that should be decided behind closed doors. They are questions that should be debated openly, and the public should have access to information that would allow it to participate meaningfully in the debate."

The ACLU's request seeks, in addition to information about the legal basis for the drone program, data regarding the number of civilians and non-civilians killed in the strikes. Estimates of civilian casualties from the government and human rights organizations differ dramatically, from the dozens to the hundreds, giving an incomplete and inconsistent picture of the human cost of the program.

The text of the FOIA request can be found here:
www.aclu.org/national-security/predator-drone-foia-request

“The greatest threat to a government is people who think for themselves,” believes US Congressman Ron Paul.

Watching - “The greatest threat to a government is people who think for themselves,” believes US Congressman Ron Paul.

Paul said the billions of dollars spent by the American government on intelligence could not prevent the recent terror attempt in US skies.“If you condition people to everyday, all day, depend on the government to do their thinking for them – they will become more obedient.”

“I think the responsibility has fallen on the $75 billion bureaucracy that has 16 agencies that cannot co-ordinate their work,” he said. “Airlines should be responsible for who gets on their planes,” he added.

According to the congressman, all the efforts of the US government to introduce new technical systems for airport passenger control, such as body scanners, are “just to make us obedient servants of the state, to teach us that they are in charge of us and to tell us what to do, that we are robots and are supposed to obey them.”

“It’s not that individuals are perfect, it’s just that governments are always imperfect, they always make mistakes and when they do – they are very painful and they hurt each and every one of us.”

Paul said that America has made an amazing shift away from traditional values while even former communist regimes are moving in the direction of a free market.

“[The economy] should be micromanaged by the people, by the consumer. In the free market the consumer is king,” Paul said. “But in the US, as in most countries in the world today, it is being micromanaged by the central government and central banks.”

Speaking about the earthquake in Haiti, Paul said, “just handing out money to Haiti is not going to solve their problems.”

According to the outspoken politician, the best thing the US could do for Haiti in the long term would be to introduce the country to sound economic policies so that they would not suffer from poverty.

Commenting on the situation in Yemen, Paul said that the US is “looking for another war” and that it is a“disastrous continuation of the foreign policy of George Bush.”

Read more - http://rt.com/Politics/2010-01-14/ron-paul-mass-control.html