[funsec] [ blog ] Hacking the Brother KH-930e knitting machine
Useful for all your LOL cats holiday sweaters... http://ladyada.net/learn/electroknit/ ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Home Technical Support
Got one of the email account phish today, and was amused by the attempt to be all technical and official with an IP address and all ... --- Forwarded message follows --- Date sent: Wed, 03 Nov 2010 07:34:40 -0400 From: i...@webmaster.org Subject:Technical Support You have reached the limit of your email quota. You will not be able to send or receive new mail until you boost your mailbox size. Click the below link and fill the form to upgrade your account. http://use.my/system-helpdesksupport/ Technical Support 192.168.0.1 --- End of forwarded message --- Received: from mail.mcsdga.net ([172.16.2.6]) by MCSDSPAM02.muscogee.k12.ga.us with ESMTP id GcvEG4jSqb00pm6h; Wed, 03 Nov 2010 07:34:41 -0400 (EDT) == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Concern for man and his fate must always form the chief interest of all technical endeavors. Never forget this in the midst of your diagrams and equations. - Albert Einstein victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Not quite clear on the concept...
So this Stockholm hotel wants to replace room keys with special cell phones that have an embedded proximity RFID. http://www.msnbc.msn.com/id/39976610/ns/technology_and_science-wireless But once people have the technology in their own phones, he said, it will save them time at check-in and improve security because the access credentials in a lost phone can be revoked remotely. How could this possibly go wrong? :) pgpQrwpzbCudg.pgp Description: PGP signature ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Risk avoidance
http://www.bbc.co.uk/news/world-south-asia-11684382 Officials in the Indian city of Mumbai (Bombay) have taken extraordinary measures to protect US President Barack Obama ahead of his visit. [...] they have removed coconuts which may fall on his head from trees. We told the authorities to remove the dry coconuts from trees near the building. Why take a chance? == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Using encryption on the Internet is the equivalent of arranging an armored car to deliver credit-card information from someone living in a cardboard box to someone living on a park bench. - Eugene Spafford victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Risk acceptance
http://www.bbc.co.uk/news/science-environment-11687912 Researchers at the Large Hadron Collider (LHC) are getting set to create the Big Bang on a miniature scale. == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Ah, this is obviously some strange use of the word `safe' that I wasn't previously aware of. Arthur Dent in `The Hitchhiker's Guide to the Galaxy', Douglas Adams victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Crowdsourcing and gamification
http://www.economist.com/blogs/babbage/2010/11/crowdsourced_science?fsrc=scn/t w/te/bl/weather1914 I have always been sceptical of crowdsourcing because of the integrity issues. Yes, I've seen some interesting examples, such as the use of Twitter reports to map current weather around the US. But, generally, I've wondered if there were any real applications and uses for it. (The digitization of old books is interesting, but I haven't seen any real results on that, yet.) OK, I was wrong, and, choosing the application carefully, I can see how it can work. But, prior to this article, if someone had suggested adding game-playing to the mix, I would have thought that was a deal-breaker. OK, so I was wrong, there, too. Very intriguing application. == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org If God had intended man to fly, He would never have given us the TSA victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Actual razor found in candy, apple ...
(No, not candy apple ...) http://www.cbc.ca/canada/british-columbia/story/2010/11/03/bc-delta-candy-razor- blade.html http://www.cbc.ca/canada/nova-scotia/story/2009/11/01/ns-razor-blade.html OK, up until now, this has been mostly (not solely: http://www.snopes.com/horrors/mayhem/needles.asp ) the stuff of urban legend. However, as a professional paranoid, I cannot help wondering: in this day and age of Hallowe'en candy paranoia, how is it that the candy and apple were not checked prior to consumption? (Pretty much everyone I know throws out everything that isn't seal-packed, and quick-checks the integrity of all sealed goods.) Is it remotely possible, in this day and age of people doing anything for instant celebrity (22 Minutes last night did a spoof on a reality TV show Who's the tallest), that someone put the razors in these items themselves? Or are we getting some *real* weirdos out there? == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Think all you speak, but speak not all you think. Thoughts are your own; your words are so no more.- Patrick Delany victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Risk acceptance
Subject: [funsec] Risk acceptance http://www.bbc.co.uk/news/science-environment-11687912 Researchers at the Large Hadron Collider (LHC) are getting set to create the Big Bang on a miniature scale. More sensationalist reporting. They're trying to recreate in the small (*very* small) some aspects of the conditions very shortly after the Big Bang. Quark-gluon plasmas are interesting, but they're hardly (re)creating the Big Bang, even in miniature, any more than writing to an EEPROM is recreating lightning bolts in miniature. I also don't see what this has to do with risk acceptance (nor security, unless there is a link to risk I'm missing). /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTMLmo...@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] [ blog ] Hacking the Brother KH-930e knitting machine
Date sent: Wed, 03 Nov 2010 09:22:05 -0400 From: Shawn Merdinger shawn...@gmail.com http://ladyada.net/learn/electroknit/ When my wife got a computerized sewing machine, the girls warned her to beware of me trying to network it. They said she'd be sewing away one day and suddenly the stitches would start to spell out You Have New Mail ... == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Le mieux est l'ennemi du bien - The best is the enemy of the good - Voltaire victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] 0-day of the week - MSIE6/7/8 CSS tag vuln (CVE-2010-3962)
MS advisory #2458511: http://www.microsoft.com/technet/security/advisory/2458511.mspx Juha-Matti ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Crowdsourcing and gamification
You start as a lowly cadet, but as you digitise more readings you get steadily promoted. The idea of turning an otherwise mundane process into a game, to give people more of an incentive to do it, has been a hot trend this year, known as gameification; Aren't these Pyramid schemes? Oh wait, they are volunteers On Wed, Nov 3, 2010 at 4:28 PM, Rob, grandpa of Ryan, Trevor, Devon Hannah rmsl...@shaw.ca wrote: http://www.economist.com/blogs/babbage/2010/11/crowdsourced_science?fsrc=scn/t w/te/bl/weather1914 I have always been sceptical of crowdsourcing because of the integrity issues. Yes, I've seen some interesting examples, such as the use of Twitter reports to map current weather around the US. But, generally, I've wondered if there were any real applications and uses for it. (The digitization of old books is interesting, but I haven't seen any real results on that, yet.) OK, I was wrong, and, choosing the application carefully, I can see how it can work. But, prior to this article, if someone had suggested adding game-playing to the mix, I would have thought that was a deal-breaker. OK, so I was wrong, there, too. Very intriguing application. == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org If God had intended man to fly, He would never have given us the TSA victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Risk acceptance
On Wed, 03 Nov 2010 12:11:54 -0800, Rob, grandpa of Ryan, Trevor, Devon Hannah said: http://www.bbc.co.uk/news/science-environment-11687912 Researchers at the Large Hadron Collider (LHC) are getting set to create the Big Bang on a miniature scale. No actual risk here. The very same interactions happen to the Earth many times a *day* - the LHC tops out around 10^13 ev, while cosmic rays have been measured up in the 10^20 ev range. For instance, the 'Oh-My-God particle': http://en.wikipedia.org/wiki/Ultra-high-energy_cosmic_ray The only reason the LHC got built was so we have some control over where the interaction happens - those pesky cosmic rays insist on happening where they want, not where our detectors are... (To calculate how many times a day it happens, find the effective cross section of the detectors, the effective cross section of the earth, and work from there... If nothing has happened in 4.5 billion years, it probably ain't gonna happen this week...) pgpg18AI26igQ.pgp Description: PGP signature ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] [ blog ] Hacking the Brother KH-930e knitting machine
On Wed, 03 Nov 2010 13:19:07 -0800, Rob, grandpa of Ryan, Trevor, Devon Hannah said: When my wife got a computerized sewing machine, the girls warned her to beware of me trying to network it. They said she'd be sewing away one day and suddenly the stitches would start to spell out You Have New Mail ... Zawinski's Law? :) pgpP8gS3xPlQf.pgp Description: PGP signature ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.