Firesheep: Promoting privacy in a scary way

Often, software hackers are the activists that push software giants towards updating vulnerable applications. In todays example, [Eric Butler] is pushing Facebook, Twitter, Flickr, and more all at the same time. By creating a user script-kiddie friendly extension for Firefox, he has allowed just about anyone to sniff unsecured connections on public Wi-Fi access points and log into these unprotected accounts.

Right now the extension is available for Windows and Mac, with a Linux port coming soon. Temporarily, the best way for a user to avoid getting taken advantage of would be to not use these social networking sites on a public connection, or to implement a secure proxy for these connections that would keep your data safe. Hopefully these websites will have a quick rebuttal that allows for security without workarounds. With all of the bad press they are recieving, they certainly have incentive to.

Are there any software or security buffs out there? We would love to see someone port this to an iPhone or Android app that could check and log open Wi-Fi points. We’ll leave the foot work to the experts out there, but do be sure to give us a heads up if anyone manages to make it happen, okay?

PHP runtime rewritten, by Facebook?

Yes, its true. Facebook has completely rewritten the PHP runtime to make it faster and more efficient, and its completely open source. Named HipHop, its described as a source code transformer, changing PHP into optimized C++ which is then compiled using g++. Thus keeping the best aspects of PHP while taking advantage of the performance of C++. Using HipHop, the Facebook web server CPU usage has been decreased by about fifty percent! And who would have thought that this and many other cool advances in programming, started at a Hackathon.

Twitter remote control

twitter_remote

We’ve already brought you a homemade Twitter-enabled washing machine, and toilet, but now a new innovation is being brought to the table by a bigger player. IBM is working on a tweeting television remote, which would allow the user to inform the world what they are watching. Although unfiltered reporting could create awkward situations, the combination of America’s love for television and Twitter is sure to yield interesting results. They also mentioned that it could be configured to report to other sites, such as Facebook or joost. Any ideas why IBM would have in such a patent are welcome in the comments. More info can be found here and here.

The Cloud Mirror

Cloud Mirror is an interactive art installation that combines you and your easily available online information in real time. Attendees stood in front of the camera and held up their badges. Cloud Mirror then projected them on the wall and displayed a speech bubble containing information from the web. In the example after the break, you can see our very own [Eliot] displayed with his most recent twitter post. To add another layer to it, you could send a text message with someone’s badge ID to the system and it will display your message in that person’s bubble.

[Read more...]

PDF redaction still not working

facebook

Facebook’s internal valuation was revealed this week thanks to shoddy PDF redaction. Court documents from a settlement between Facebook and ConnectU showed that Facebook values itself at $3.7 billion, much less than the $15 billion that was speculated during the Microsoft investment. The AP uncovered this by cutting and pasting from the redacted court document. It’s the same thing we showed in our PDF redaction screencast last summer… and it will never cease to be funny.

[photo: Bryan Veloso]