SEO = Search Engine Optimization = slimey scumbag scamming

So I guess Google has struck a nerve and changed their algorithms enough that they're causing pain to the link spamming SEO companies. According to Techdirt, they're even going so far as to nicely ask webmasters to take down their spammed links.  [ "Oh sure, I'd love to do you a favor"... or not! ]

Here's a link to the article  

They also link to an article on the Awl

Ha!

UPDATE:

The HuffPo had an article about SEO, where they quoted the AP:

While the Federal Trade Commission and several state attorney generals have cracked down on fake endorsements or reviews, they have not weighed in on clicks. Meanwhile, hundreds of online businesses sell clicks and social media accounts from around the world.
...
In 2013, the State Department, which has more than 400,000 likes and was recently most popular in Cairo, said it would stop buying Facebook fans after its inspector general criticized the agency for spending $630,000 to boost the numbers. [OMFG - the IG had to tell them that ?!?!]


...In Indonesia, a social media-obsessed country with some of the largest number of Facebook pages and Twitter users, click farms proliferate.

Ali Hanafiah, 40, offers 1,000 Twitter followers for $10 and 1 million for $600. He owns his own server, and pays $1 per month per Internet Protocol address, which he uses to generate thousands of social media accounts.

US Court: "WiFi is not Radio." "Most Radio is Auditory[sic]" "up is down"

The last one I made up.  The rest, by another idiot.

From Techdirt.  Why wifi sniffing is "wiretapping".  Held by a court, and upheld on appeals.

I can't even begin to comment until I read the exact ruling, but it basically starts with the courts ruling that: "... data transmitted over a Wi-Fi network is not an 'electronic communication' that is 'readily accessible to the general public' ", and then goes on to explain that's exactly what it is: " so long as it is not scrambled or encrypted".

http://www.techdirt.com/blog/wireless/articles/20130910/11594924472/appeals-court-upholds-dangerous-ruling-that-wifi-sniffing-is-wiretapping.shtml

Even the US public school system doesn't train people to be this ignorant, they have to genuinely try.

Apple MacBook Bursting Batteries?

Violet Blue ( her blog is NSFW) had her MacBook Battery explode and she wrote about it on ZDNET

Apple's PR Department:  "That's how they work", or the equivalent

Well, I guess now I have a way to replace them.

Twitter removes dumb Direct Message feature a month after release

From TheVerge:
  
Twitter quietly removes feature that lets you receive direct messages from any follower

Only a month after rolling out the feature, Twitter has quietly removed the ability for users to receive direct messages from any follower. For now, the person you want to DM will need to follow you back before you share any private thoughts.
more...

What could possibly go wrong?  I'm glad they realized the problems relatively quickly. How could they do this in the first place?

FireEye gets in on the publication action with a paper linking 11 APT campaigns

From Slashdot:

"FireEye researchers have linked eleven distinct APT cyber espionage campaigns previously believed to be unrelated (PDF), leading them to believe that there is a shared operation that supplies and maintains malware tools and weapons used in them. The eleven campaigns they tied together were detected between July 2011 and September 2013, but it's possible and very likely that some of them were active even before then.

Apple has not necessarily jumped the shark...

But when they delete posts by Lawrence Lessig (Law professor, founder of creative commons) from their tech forum for talking about his rights to get his product repaired, well ?

So this has been a week from Apple hell. Apple did a major upgrade of its suite of software — from the operating system through applications. Stupidly (really, inexcusably stupid), I upgraded immediately. Every Apple-related product I use has been crippled in important ways. ...

http://lessig.tumblr.com/post/65697513808/on-the-pathological-way-apple-deals-with-its-customers

Rep Mike Rogers (R-Mich) actually said this:

"You can't have your privacy violated if you don't know your privacy is violated"

Then he was incredulous when law professor Stephen Vladeck disagreed with him "If a tree falls in the forest, it makes a noise whether you're there to see it or not"

"That's a new interesting standard in the law, we're gonna have this conversation and we're gonna have wine, that's gonna get a lot more interesting"

The possibilities are endless.

There's a really good write-up in Techdirt

A good parody article in Popehat too

4 Places you shouldn't use your debit card

Seems like common sense, and I think their sources are "experts" like consultants, but I agree with it, so that works for me.

According to Bankrate.com, there are 4 places NOT to use your Debit card:

1. Outdoor ATM's (Skimmers)
2. Restaurants (Card out of hand)
3. The web (Data Security)
4. Gas Stations (Skimmers)

Ok they've summarized like 95% of my use of the card.

Add that to the "Walmart scam where the cashier hits the cash advance button without telling you and pockets the money"(about.com) (unlikely, but WTH)

JUST SAY NO TO DEBIT CARDS!

Perry

Slashdot has article about Live DDOS Attacks

The Slashdot article talks about a Live DDOS Attack Map, which gets its data from Arbor Networks ATLAS Threat Hub.

This is really interesting, and might deserve its own Blog?

Perry

Supply chain anyone?

Backdoors are not an option, they're a standard feature!


From Craig's blog, that was tweeted by HD Moore

Lest anyone think that D-Link is the only vendor who puts backdoors in their products, here’s one that can be exploited with a single UDP packet, courtesy of Tenda.
After extracting the latest firmware for Tenda’s W302R wireless router, I started looking at /bin/httpd, which turned out to be the GoAhead webserver:

Updated! Wikipedia Sockpuppets lead to Scam on paid Wikipedia entries

Very interesting article on the DailyDot talks about a huge (apparent) network of fake people editing wikipedia entries.  It seems to lead to a paid wikipedia  editing service.

It gets really interesting when they discuss that:

1. It's forbidden to edit wikipedia entries for money, and hugely frowned on to edit your own
2. Wikipedia admins  (may) work at some/most/all of the services
3. The kicker - potential clients get their pages modified or deleted before sales calls

Read more here 

Update 10/22/2013:  In Ars Technica, Joe Mullin discusses the deletion of 250 PR-firm-linked user accounts

Science Magazine performs sting on Open Access Scientific Journals

I guess there are a lot of problems with this open access model

Who's Afraid of Peer Review?

John Bohannon

A spoof paper concocted by Science reveals little or no scrutiny at many open-access journals. 

On 4 July, good news arrived in the inbox of Ocorrafoo Cobange, a biologist at the Wassee Institute of Medicine in Asmara. It was the official letter of acceptance for a paper he had submitted 2 months earlier to the Journal of Natural Pharmaceuticals, describing the anticancer properties of a chemical that Cobange had extracted from a lichen. 

In fact, it should have been promptly rejected. Any reviewer with more than a high-school knowledge of chemistry and the ability to understand a basic data plot should have spotted the paper's short-comings immediately. Its experiments are so hopelessly flawed that the results are meaningless. 

I know because I wrote the paper. Ocorrafoo Cobange does not exist, nor does the Wassee Institute of Medicine. Over the past 10 months, I have submitted 304 versions of the wonder drug paper to open-access journals. More than half of the journals accepted the paper, failing to notice its fatal flaws. Beyond that headline result, the data from this sting operation reveal the contours of an emerging Wild West in academic publishing.

"This is not good" - A terrifying look at Nuclear weapons

Well, I lived through it, but had no idea.

http://www.motherjones.com/politics/2013/08/eric-schlosser-command-control-excerpt-nuclear-weapons

If I was a grown up in 1980, and aware of what was happening...

I admit, I can't imagine.   Things are pretty screwed up now, but then?  Wow.

Net Neutrality? http://theinternetmustgo.com/

Not totally true, parody actually, but really does show what net neutrality means.

http://theinternetmustgo.com/

Tor Servers crackable, according to ARS

Majority of Tor crypto keys could be broken, researcher says

 Rob Graham, CEO of penetration testing firm Errata Security, arrived at that conclusion by running his own "hostile" exit node on Tor and surveying the encryption algorithms established by incoming connections. About 76 percent of the 22,920 connections he polled used some form of 1024-bit Diffie-Hellman key.

...

He went on to cite official Tor statistics to observe that only 10 percent of Tor servers are using version 2.4 of the software. That's the only Tor release that implements elliptical curve Diffie-Hellman crypto, which cryptographers believe is much harder to break. The remaining versions use keys that are presumed to be weaker.

Ad Blocking Illegal? Well, let me see...

The (bad word) president of the Interactive Advertising Bureau thinks blocking third party cookies and ads might be illegal.  Apparently so does a writer at CNET.

While I'm not a lawyer (IANAL).   I do understand that the the Computer Fraud and Abuse act criminalizes:

" (a) Whoever ... (2) intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains—...(C) information from any protected computer;"

 Can I put a message into my browsing header that creates my own terms of service that states:

"This computer browser is accessing a web site to collect public information and images in HTML format published by the owner of the web server site.  For reasons of data privacy and security, the policy of the owner of the browsing computer prohibits execution of any computer programming code such as, but not limited to, Javascript, Oracle Java, Microsoft ActiveX, and others without explicit permission, and has automated policies set to block execution of this code.  Sites that use technical measures to bypass these protections are considered attackers of the browsing computer, and may be blocked and/or prosecuted under Computer Fraud and Abuse act of the United States of America.

If this policy conflicts with your web site, please block your information from being sent to the browser.  If you would like our policy to change, indicate your own policy, and we will determine whether our policy can be temporarily modified. "

I suspect this is way to long to put in the browser headers, but I could certainly put in a link to my cloud site, and save the logs of the sites that access the policy.  It could certainly be part of the web browser.

An open letter to President Obama from a dedicated Democrat

(Obviously not me)

Letter to President Obama on Surveillance and Freedom

 Excerpt:

"This failure is deep. If you fail to fix it, you will be the President principally responsible for the effective death of the Fourth Amendment and worse."

Well why not, since he's already killed the first?

Graffiti of a bear licking Snowden in Finland

http://www.flickr.com/photos/32368051@N08/9510326553/in/photostream/

Are you wondering what RT is?

I'm seeing it mentioned in various places, including  Twitter and either NECN or Fox.

According to Wikipedia, it's Russia Today!

Glad I asked.

Do you really know what your mobile phone is doing?

From PC Magazine: Android 4.3's New 'Always-On' Wi-Fi Feature Buried in Settings

 "To improve location accuracy and for other purposes, Google and other apps may scan for nearby networks, even when Wi-Fi is off," describes Google. 

...

Fire up the Settings app and tap your finger on the Wireless and Networks option. Tap on the Wi-Fi option, and then tap on the Overflow button on your phone's screen (the triple-dots icon). When this submenu pops up, tap your finger on the Advanced option. From there, you'll want to make sure to check the "Scanning always available" option if you want to participate in the new Android 4.3 feature. Otherwise, if it's checked, you need merely to uncheck it to ensure that "Wi-Fi off" really means "Wi-Fi off."

PS - Even in 4.1.1 and 4.2.2 there's weirdness in connection while asleep - go to wi-fi advanced,  and look at the "Keep Wi-fi on during sleep" - "always" might be checked - using battery like crazy?  Maybe change it to "Only when plugged in"?

 

Secure calls on Android

I have not tested this, use at your own risk

Tor and CSipSimple on Android.  What could possibly go wrong?

https://guardianproject.info/howto/callsecurely/

http://guardianproject.info/

FPGA development kit

 I LOVE living in the future!

 http://www.adafruit.com/products/451 99.95

Altera Cyclone IV FPGA (EP4CE22F17C6N)

• 22,320 Logic elements (LEs)
• 594 Embedded memory (Kbits)
• 66 Embedded 18 x 18 multipliers
• 4 General-purpose PLLs
• 153 Maximum FPGA I/O pins

 That's PLL's, not DSP's

Interesting Trivia about Emacs

From the splash screen:

DESCRIPTION
       GNU  Emacs is a version of Emacs, written by the author of the original
       (PDP-10) Emacs, Richard Stallman.  The user functionality of GNU  Emacs
       encompasses  everything  other  editors do, and it is easily extensible
       since its editing commands are written in Lisp.

Hint for people at airports: Use that cell phone boarding pass

Cory Doctorow at BoingBoing was at Newark Airport on Monday May 27, and found that the TSA screeners wouldn't give the extra "Dreaded 4S security screening" if you put your boarding pass on your cell phone

How cool is that!

Finally, Augmented Reality from someone who knows what they're doing...

Freedom TM by Daniel Suarez sold about a zillion copies, and he describes what Augmented Reality should be.  The glasses should be stylish, continuously network-connected, and have enough understanding of the environment to allow synthetic artifacts, identity recognition ( including floating labels) and full 2 way voice and video communication.

Pretty sure Meta is the first product (well, kickstarter ) to understand this.

It's different than Oculus Rift in that Meta has clear lenses to add to the real environment (AR) vs Oculus Rift which is Virtual Reality (VR).

Let's see what happens.

Umm, wait what!? Your Apple phone, and Android, not safe.

From Cory at Boing Boing:

Apple can decrypt iPhones for cops; Google can remotely "reset password" for Android devices

 If you have something to hide, make sure it's not in your phone, or have a quick wipe app handy.  The good news is that there's quite a backlog, so you have to be important, but that can't last.

  

Awesome! Aereo is allowed to operate and serve free TV, networks are giving up the business!

Since Aereo is allowed by the courts to operate (NYTimes story) - 1 antenna = 1 customer is, by definition, not rebroadcasting, but antenna rental, The Verge reports that the TV networks are apoplectic!

"What!? " they say, "We're not going to be able to double charge, getting fees both from commercials and cable companies?"." It's un-American".  Fox even says that they'll move to a subscription model for their TV.

Buh Bye!

Freedom Dept

Rand Paul is really ticking people off - he thinks America should be the land of the free!

From Reason.com

In fact, isn't Rand Paul a valuable litmus test? I'm not saying that disagreeing with any given politician proves one thing or another about a person, but if you look at the bipartisan list of people who have been screaming themselves purple about the junior senator from Kentucky–Bruni, John McCain, Lawrence O'Donnell, William Kristol, Garrett Epps, Michael Gerson, John Yoo–you quickly detect one important trait in common: They are all reliable apologists for the government exercise of power. While the particular power being championed may vary, and the tenor of the argument will change depending on which political party is exercising it this season, the truism remains that Rand Paul poses a direct challenge to people who get irritated when there's any obstruction between their goals and government's ability to pursue them.

For that and other reasons, Paul is not only the most interesting man in the Senate, but I think the most interesting player in American politics today.

Like I've Been Sayin' - you don't need a full OS in the cloud

From Slashdot 24-Mar-2013:

 "Virtual servers in the future may stop using OSes entirely. As recently demonstrated OS-less platforms may change our understanding of how long does it take to bring a server up. A demo server gets created, booted up, configured, runs an application and shuts down in under 1 second. ... The demo uses a new Erlang runtime system capable of running directly on Xen hypervisor."

In a nutshell, what is Erlang?
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Erlang is available as open source from http://www.erlang.org.

Here is the demo screen for "Zerg", an example of an application the starts an instance of a server in the cloud, using Erlang on Xen, which sends a page and deletes itself, in .6 seconds.  Compare that to 5 minutes for the same thing on Amazon EC2

P

Dumber than a bag of rocks

Berkeley Councilman Proposes Email Tax To Fund Postal Service

Hahahahahaha

Update:  And Ars Technica blame Fox News!

WHAT, you think you can do drone strikes in the US?!

From Eric "Good Prosecutorial Discretion" Holder, US Atty General,  March 2013:

“It is possible, I suppose, to imagine an extraordinary circumstance in which it would be necessary and appropriate under the Constitution and applicable laws of the United States for the President to authorize the military to use lethal force within the territory of the United States,” Holder replied in a letter yesterday to Paul’s question about whether Obama “has the power to authorize lethal force, such as a drone strike, against a U.S. citizen on U.S. soil, and without trial.”

 From Wikipedia:

Posse Comitatus Act

"...Any use of the Armed Forces under either Title 10/Active Duty or Title 10/Reserves at the direction of the President will offend the Constitutional Law also known as Public Law prohibiting such action unless declared by the President of the United States and approved by Congress."

Umm Holder?  HOLDER!  BUELLER?!?!   

Even our president can't authorize drone strikes on US soil against Americans.

(I hope!) 
 

Update:  "It has come to my attention," the letter states "That you have now asked an additional question: 'Does the President have the authority to use a weaponized drone to kill an American not engaged in combat on American soil?' The answer to that question is no." - Love, Atty General Eric Holder.

How much worse do prosecutors have to get?

Quinn Norton is Aaron Swartz's partner, and shows the treatment of Americans by our "justice" system.  Is it any wonder that it drove someone who's sensitive to commit suicide?

Should we put up with this?  Is this the America we want?  Ben Franklin was so right.  What do we deserve?

A quote from her moving and heartfelt article:

"We should understand that any alleged crime can become life-ruining if it catches their eyes. Innocence and goodness are only factored in as risks to their case. This is the system that we, as citizens, have agreed to."

We should remember that Aaron was only accused of downloading scholarly articles, and previously writing that he thought they should be free.  I think this pretty well established as fact.

Is this how we want to appear to the rest of the world?  As monsters?  Deeply sad.

Update:
From Techdirt: Details Come Out On US Attorneys Withholding Evidence In Aaron Swartz Case
Aaron had broken up (amicably) with Quinn Norton by the time he died, and was in a committed relationship with Taren Stinebrickner-Kauffman.  Who has now laid it out in lavendar (huffpo) how awful our justice employees are treating American Citizens ( so it's the IRS, TSA, Customs, Justice, anyone else?).  In case you're not keeping score, in a nutshell:

1. Stephen Heymann (asst attorney - works for "Toxic"Carmen Ortiz ) threatened Aaron with 7(30?) years in prison
2. Plea bargaining down to months
3. Knowing they had withheld exculpatory evidence - was their case falling apart?
4. Our favorite US attorney (Holder) said Aaron Swarz was "never threatened with more then 3-6 months"

Update 2: Here is Cory Doctorow's article on BoingBoing

P

Oh yeah, Mandiant...

So Mandiant published something?

What the frig is APT1?

This video is entertaining

Breaking Terms of Service should *NOT* be a federal crime!

This stream from the Center for Internet and Society at the Stanford Law school is a speech from Jennifer Granick from EFF discussing the CFAA

The discussion gelled when Aaron Swartz committed suicide after being harassed by the Federal DA in Boston, illustrating prosecutorial misconduct against a citizen at its worst, and there are plenty more where this came from.  Zoe Lofgren is introducing Aaron's Law to help fix this

CFAA states, among other things, "... exceeds authorized access is a federal crime" - does this make any sense any more?  Even worse, the federal appeals courts are split on the broad vs narrow interpretation of this statement.

A generation of people who are under 18 and using GMAIL, anyone letting someone log into their facebook account, or on a dating site describing themselves as "tall, dark, and handsome", should not be federal criminals.

This is not an example from an extremist - it's from the 9th federal court of appeals. I think this is it

Support the EFF in their fight to fix the CFAA!

Update:  Awesome - A bill to make cell phone unlocking legal

Newegg Wins against the patent trolls!

Update May 2013

From Ars Technica - Newegg wins again against the trolls!  Take that suckers!
http://arstechnica.com/tech-policy/2013/05/newegg-nukes-corporate-troll-alcatel-in-third-patent-appeal-win-this-year/

W00t!
 

This is really good, and important.  Newegg won an important patent victory against Soverain Software, which said they owned the concept of the online shopping cart.  Their claims said that anything that used online shopping carts needed to pay them 1%.  This is exactly like someone stating that they owned the patent of a real shopping cart, and every store that used one needed to pay them one per cent of the value of its contents.

This is obviously completely bogus, since their earliest patent was filed in 1994, and I worked at Receptive before that.  Not only did we have similar shopping carts, but there were tons of them at the time.

Amazon settled, Victoria's Secret settled, lots of the biggies, maybe all of them, but Newegg stood up.

There's a really good article at Ars Technica where they interview the Chief Legal Officer of Newegg, Lee Cheng, who explains what happened, and also that the founder of Newegg, Fred Chang, "an extremely principled guy, "  and "We have always been willing to sacrifice tactical gain for strategic success."


I'm so happy there's still an American company who says that. 

Hooray!

The software patent system is horribly broken, and companies that  stand up for all of our rights can help expose this problem, get it in front of our legislators, and get it fixed.

There is something we all can do - support Newegg ( in spite of my previous problems, I'm giving them another chance ), and support the EFF.

Costin Raiu at Kaspersky on Red October

Really interesting article and podcast at Digital Underground  discusses Red October and their techniques in analysis.

He states that it's fundamentally different from Flame in that it's 1000 modules instead of Flames one huge one, although it seems to me that it does similar functions.

He also says he believes that it's someone pretending to be Chinese, like a "false flag operation".