Philosecurity has an interview with [Matt Knox], a former coder for Direct Revenue, an adware company which was sued in 2006 by New York governor Eliot Spitzer. The interview contains some interesting details of how the adware code worked internally: it created a Browser Helper Object, then ensured that the Browser Helper Object stayed up by creating a poller to check every ten seconds and regenerate the Browser Helper Object if it had stopped running. The poller ingeniously masked itself partly by exploiting Windows’ Create Remote Thread function to run itself as a series of threads instead of as an executable.

The truly fascinating bit of the interview is how [Knox] defies your initial suspicion that he’s a complete scumbag; he started off writing spam filtering software, was hired by Direct Revenue to do traffic analysis, started writing tiny bits of code to improve the adware, and eventually wound up knee-deep in the code.  [Knox] notes that you can get ordinary people to do incredibly distasteful things if you break those things into small enough chunks and introduce them gradually.

[via Waxy]

[photo: xcaballe]

Popular Mechanics has an interview with [Zach Anderson], one of the MIT hackers that was temporarily gagged by the MBTA. The interview is essentially a timeline of the events that led up to the Defcon talk cancellation. [Zach] pointed out a great article by The Tech that covers the vulnerabilities. The mag stripe cards can be easily cloned. The students we’re also able to increase the value of the card by brute forcing the checksum. There are only 64 possible checksum values, so they made a card for each one. It’s not graceful, but it works. The card values aren’t encrypted and there isn’t an auditing system to check what values should be on the card either. The RFID cards use Mifare classic, which we know is broken. It was NXP, Mifare’s manufacturer, that tipped off the MBTA on the actual presentation.

DSPmusic.org has just released the latest version of its homebrew PSP music sequencer PSPSeq 3.0. With PSPSeq you can create songs with up to 16 independent audio tracks, use WAV audio clips of your own and then modify them with a number of settings, or even use some of the built in synthesizers to generate sounds. There are strong looping and recording features as well. If you are into homebrew music apps on the PSP, then this will give you a strong offering of features. We had a chance to catch up with the author, [Ethan Bordeaux], and ask a few questions. You can check out the short interview after the break.

Read the rest of this entry »

Like many of you, growing up Neuromancer played a pivotal role in how we thought about the future and where “cyberspace” was going. Things have turned out very different. Although the underlying mass of data and consciousness is still there, it’s not the fully immersed 3D world some are still clinging to. [William Gibson], author of the seminal novel, has recognized this and readers will find his recent works like Spook Country, are set very firmly in the now, with technology like location sensitive augmented reality. io9 sat down with him during a San Francisco visit to talk about his fondness for Vancouver, the inability of authorities to maintain secrets, if his novels are really dystopian, and whether moving to Canada counts as draft dodging if you never get drafted.

If you missed it, I put up a new podcast yesterday. You can subscribe via the iTunes store or just use the RSS podcast feed. You guys asked for interviews, so here we go. Ben Heckendorn is going to be our first one. He and I are going to put it together later this week, so submit your question in the comments if you want me to ask him. [I'll pick and choose, so make it good]
Ben built the Xbox 360 laptop, the colecovision portable, the PSP analog joystick, and plenty of others.