If you come to Troma Night tonight, I’ll explain the above picture (click for a larger version). It’s got something to do with this new account on the web site.
Fucking marvellous.
Year: 2005
The Starling
I have a hard time believing that this story is true: it’s just too crazy – but the photos are good and hard to forge without more resources than your average internet prankster. So, here’s the tale as it was told to me…
There’s a company in the States that sells automatic car washers as a complete solution, including the washing system, cash box, installation of the building, etc. These are completely automated: you drive up, put your money into the machine, then drive through.
In any case; after the installation of a particular one of these machines, the owner noticed that the return from the machine was not so much as should be expected. Diagnostics were run and the cash processor seemed to be okay, so everybody was at a loss. The owner even went so far as to accuse the supplier’s staff of having keys to his cashbox, and returning to the scene to steal the money.
Eventually, at his wits end, the owner set up security cameras to try to catch the thief in the act. Here are some stills from the footage:
The first image. Yes, that’s a starling that’s just landed on the coin return slot.
And there’s the starling, wriggling in to the coin return slot, where, presumably, it’s pushing it’s way up into the cash box through the return chute.
The starling with some coins!
The starling’s dropped a couple of coins, but is still wriggling to get free of the slot with it’s remaining prize.
Apparently, they later determined that it was not one, but several, birds who were robbing the car wash. Following them discovered a cache of loose change on the roof of the car wash and beneath an exposed root of a nearby tree.
So; what do you think – real or fake?
Physical Device Fingerprinting Over TCP
A PhD student in San Deigo has written a fascinating paper which will spook internet anonymity freaks – Remote Physical Device Fingerprinting – which describes how a physical computer can be uniquely identified on the internet, regardless of operating system, IP address, or data sent, just by looking carefully at it’s TCP packets (which contain the data for a large amount – perhaps a majority – of the internet’s traffic, including all web and e-mail traffic).
The technique works by observing the deviation in the timestamps sent (in accordance with the widely-adopted RFC 1323: TCP Extensions for High Performance, specified back in 1992). Each computer’s hardware clock is made from a separate piece of quartz, and each quartz crystal is unique in it’s imperfections. By measuring these imperfections across the internet, it’s possible (with enough sample data) to identify a computer individually, which has implications both good (computer forensics) and bad (anonymity).
The paper itself [PDF] is well worth reading. And, for those that are paranoid about their anonymity online, here’s how to “turn off” this feature of TCP for Windows 2000, Windows XP, and Linux:
- Windows 2000/XP – Run RegEdit; navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters; add (or edit, if already present) the DWORD “Tcp1323Opts” to 1. This disables TCP timestamps, but leaves Window Scaling (a really useful TCP/IP enhancement) enabled.
-
Linux –
echo 0 > /proc/sys/net/ipv4/tcp_timestamps
Of course, the absence of timestamps from your machine may, if you’re in a small enough sample group, single you out even more, but at least you’re not globally unique any more; which from an anonymity perspective is a really good thing.
Settlers Of Catan
Total three to six players wanted for pre-Geek Night rules exploration and playtest of The Settlers Of Catan, this evening. Usual rules apply.
Infinity Games
This is a repost promoting content originally bookmarked via del.icio.us. See more del.icio.us imports or more things Dan's reposted.
World Jump Day
This is a repost promoting content originally bookmarked via del.icio.us. See more del.icio.us imports or more things Dan's reposted.
Bookmarked via del.icio.us: World Jump Day.
If we all jump at the same time, we’ll move the earth: 20th July 2006
Building your own PBX
This is a repost promoting content originally bookmarked via del.icio.us. See more del.icio.us imports or more things Dan's reposted.
Bookmarked via del.icio.us: Building your own PBX.
How To Destroy The Earth
This is a repost promoting content originally bookmarked via del.icio.us. See more del.icio.us imports or more things Dan's reposted.
Bookmarked via del.icio.us: How To Destroy The Earth.
Things Bots Shouldn’t Learn
This afternoon, I’ve taught Iggy, the robot who looks after the RockMonkey ChatRoom:
- How to play The Game. Damn – I’m out. He’s not very good at it, and, by proxy, neither am I.
- Comprehension of facts expressed as “concept ARE fact”, rather than “concept IS fact”, and about knowing “who” people are (ask “Iggy, who is Ava_Work”, for example, or teach him who other people are…).
The by-product of this is that I’ve been learning to program in Tcl. And as a result, discovering why nobody writes in Tcl. Here’s a quote from bash.org, which I found in the bMotion source code:
<Procyan> is there like 1 person on earth that knows tcl/tk and is writing all of the apps?
<unSlider> procyan: no, there are a bunch of people who dont know tcl/tk but are writing apps for it anyway
Opera 8’s Solution To IDN Exploit
I’m sure you’ve all seen the recent Internationalized Domain Name exploit, which affects most web browsers (except for Internet Explorer – shocker! – because it doesn’t yet have the power to support internationalized domain names): if you haven’t, why not visit paypal.com – looks just like the real thing; doesn’t it: the browser bar says you’re at PayPal’s real site, but you’re not. That first ‘a’ in the name is an international character (actually the letter ‘a’ from the Cyrillic character set, which is just slightly different from a Western ‘a’, if you look closely. Of course, this leads to potentially thousands of dangerous phishing exploits, tricking users into exposing their bank account details to random Nigerians.
Opera, makers of a stunning web browser that I’m not quite sure I should be abandoning yet, have announced their solution to this problem (which isn’t actually a web browser problem at all, but a specification problem): IDN domain names from outside of places which are expected to need then (e.g. dot-jp, etc.) will be displayed longhand, and secure sites (https) will display their certificate holder’s name – longhand – alongside the domain name in the address bar.
Of course, unless you’re using Opera 8 beta, the only way to be sure you’re safe from this exploit is to manually type in every link you follow.
This Has GOT To Be Anti-Trust/FUD
This screenshot taken from Microsoft Anti-Spyware:
[screenshot removed – later turned out to be a fake]
MEng Dissertation – Hamster Music
No, I’m not talking about that god-awful de-da-de-da-de-do-do-do de-da-de-do do thingy: I’m talking about this ingenious MEng dissertation project, in which the student hooked up six hamsters to a MIDI device and, with some clever hardware and software, used their movements to compose music. If you look at the site, be sure to download the video clip or at least a sample of the music produced!
Now That’s Customer Service
Do you remember in the middle of last week I finally discovered that I could make Firefox have all the features I loved in Opera, using plugins? Well; I’m honoured to report that my comments haven’t gone un-noticed: I’ve recieved a comment on that post from Jonny Axelsson, dude who does standards-related stuff for Opera. To save you going back there, he writes:
In the meantime we’re getting out Opera 8, so it would be even harder to compete…
Not much to say on the matter, but hey. I tried Opera 8 beta, and it’s fab, but it’ll need to improve on the web developer and adblocking things if I’m to re-adopt it as my browser of choice. That said, I’m still using Opera at home, because I haven’t been bothered yet to download all those Firefox extensions that make it “as good as ” Opera for the things I need in a browser.
Right – Shrink is here – time to break the internet again.
Photopia, Again
I wrote the other day about Photopia, one of the most brilliant and unusual pieces of interactive fiction I’ve ever experienced. Finally, JTA gave it a go, and loved it too – and he and I have been spending the last few days discussing some of the really, really clever bits and putting our own explanations to them. There are so many questions left unanswered, even after having completed the story, and I’m sure we’ll both be going back and playing it again.
Why hasn’t anybody else played yet? Well; it’s possible I just didn’t make it quite accessible enough. So I’ve packaged Photopia into a single-file executable. Just download and run it, and you’ll have it installed on your system. It takes up less than a megabyte of space and it’s brilliant not only as entertainment but also as a work of fiction.
Download Photopia – it’s self-extracting, self-installing. All you have to do it play it. Windows only. Click here and give it a go.
Rejected Crayons
You won’t find these from Crayola…
