Month: August 2008

Black Hat 2008: EFF Coders’ Rights Project Announced

August 6, 2008 by No comments

The EFF has just announce the creation of the Coders’ Rights Project website at the Black Hat conference. The sites’ main goal is to centralize legal information for coders, and to help protect important security work from legal actions that may be taken against them with the DMCA and other legal black holes. While this is in no way a fully comprehensive list of everything you need to know, it looks like a good place to start, and provides a few FAQs for suggestions on how to stay in the legal clear as much as possible. At numerous points the documents suggest you speak with a lawyer, if you have any deeper questions, which you absolutely should. This can be very helpful if a person or group finds a security risk, and wants to publish it, or just wants to start looking into possible security risks.

Hybrid Headphone Amplifier

August 6, 2008 by 4 Comments


[Rogers Gomez] has posted up this hybrid tube based headphone amplifier over at DIY Audio. Being a fan of tube amplifiers, but wanting something with lower voltage and lower cost, he put together this little system out of spare parts he had lying around. He wanted it to have as few parts as possible and be able to power his 32 ohm Grado headphones.

He states that he’d built several YAHA amps, and a Szekeres Mosfet follower and was curious how they’d sound together. He was pleasantly surprised with the resulting quality.

There are less than 30 individual components involved in the project. The complete parts list and schematics are available from the site. He notes at the very end, to unplug your headphones when powering up as there is a surge that could damage them. That might be good to know at the beginning just in case you get eager to test it out.

[Thanks, Gio]

Remote Controlled Pill-bot

August 6, 2008 by 12 Comments


The NanoRobotics Lab at Carnegie Mellon University has come up with a medical robot that can be swallowed, and is then able to be controlled from outside the body. The device has small arms with adhesives that can attach to slippery internal surfaces, which has previously proven difficult. Once inside the body, it can be used to view damaged areas, deliver drugs, as well as biopsy questionable tissues, and possibly even be used to cauterize bleeding wounds with a small laser. The device could be stopped, and even reversed to get a better look at areas that may have gone unnoticed otherwise. This would be a major advancement in diagnosing intestinal problems, and could lead to potentially life saving treatments. Did we mention that it has lasers?

[via Neatorama]

Autonomous SWARM At Large

August 6, 2008 by 9 Comments


SWARM has been showing up at a number of places. Until now, the mysterious spheres have been under human control. However, the SWARM has taken the first steps to autonomous control. The SWARM is a kinetic art project consisting of several large self-propelled metallic spheres that interact with each other and their environment. Each orb in the swarm is fitted out with a processor, GPS, accelerometers, and Zigbee wireless communications. The entire project is open source. Slated to appear at the 2008 Burning Man festival, the orbs will use their GPS to wander within a specified area, keeping themselves “in bounds”.

Continue reading “Autonomous SWARM At Large”

More On GIFAR

August 6, 2008 by 9 Comments


[pdp] provides some perspective on the news regarding the GIFAR attack developed by researchers at NGS Software. As he explains, the idea behind the attack, which basically relies on combining a JAR with other files is not new. Combining JAR/ZIP files with GIF/JPG files will create hybrid files with headers at both the top and bottom of the file and allow them to bypass any image manipulation library as valid files. While tightened security and more stringent file validation practices are advisable, the problem is larger than just a vulnerability in browser security. ZIP is an incredibly generic packing technology used everywhere, from Microsoft files to Open Office documents, and of course, in JAR files. He closes with, “any file format that is based on ZIP, you allow your users to upload on your server, can be used in an attack”

[photo: Jon Jacobsen]

Laptop Containing 33,000 Clear Users Information Stolen

August 6, 2008 by 17 Comments

Security 101: Never put unencrypted sensitive information on a laptop and expect that it’s safe. Especially if you are the TSA. Recently, the TSA announced that a laptop was stolen from San Francisco International Airport containing “pre-enrollment records of approximately 33,000 customers” for the Clear Trusted Traveler Program. For $100 per year, the Clear Program enables travelers to get through airport security faster by showing TSA officers their Clear Registered Traveler Card and going through a special security line. While this program has no doubt saved many people valuable time getting through security, there are about 33,000 people who are now asking the question “Who has my personal information?”

[via schneier on security]

Edit: It looks like the laptop was found, however it is still unclear if the information on the laptop was compromised. In addition to basic personal information (Name, Address, Birthday, etc.), the laptop also contained drivers license, passport, green card information about clear users. You can check out the story here. Credits to [AudioCraz-Z] for the link.

DIY Kidney Machine Saves Girl

August 5, 2008 by 17 Comments


When the tool you need doesn’t exist, you must make one. That’s exactly what [Dr. Malcolm Coulthard] and kidney nurse [Jean Crosier] from Newcastle’s Royal Victoria Infirmary did two years ago.

When a baby too small for the regular dialysis machine (similar to the one pictured above) needed help after her kidneys failed, the kind doctor designed and built a smaller version of the machine in his garage, then used it to save six-pound baby Millie Kelly’s life. Since then the machine has continued to be used in similar emergency situations.

[Photo: NomadicEntrepreneur]