Card carrying member of PRKA.
587 stories
·
20 followers

voidbat: mishasassbutt: mishasassbutt: my mom just came to me and ranted about how everyone is...

2 Shares

voidbat:

mishasassbutt:

mishasassbutt:

my mom just came to me and ranted about how everyone is making this facebook status that says, “raising teenagers is like nailing jello to a tree”. she was so baffled by this because she said, “you were pretty easy to raise as teenagers. all you did was sleep and eat.” 

so to prove some point she’s going to nail a small cup of jello to a tree. 

she’s so pleased with her self

image
incredible
image

parents are weird 

yeah but this is about as accurate as it gets.

you say “nail jello to a tree” and most people think jello all by itself.

but if you put any actual thought into what you’re doing and then give it just a little support

well gosh. look what happens.

please tell your mom good job.

Read the whole story
adamcole
1 hour ago
reply
Philadelphia, PA, USA
bibliogrrl
4 hours ago
reply
Chicago!
Share this story
Delete

Robbing a Bank by DNS

2 Comments

Andy Greenberg (via Nick Heer):

Kaspersky believes the attackers compromised the bank’s account at Registro.br. That’s the domain registration service of NIC.br, the registrar for sites ending in the Brazilian .br top-level domain, which they say also managed the DNS for the bank. With that access, the researchers believe, the attackers were able to change the registration simultaneously for all of the bank’s domains, redirecting them to servers the attackers had set up on Google’s Cloud Platform.

With that domain hijacking in place, anyone visiting the bank’s website URLs were redirected to lookalike sites. And those sites even had valid HTTPS certificates issued in the name of the bank, so that visitors’ browsers would show a green lock and the bank’s name, just as they would with the real sites. Kaspersky found that the certificates had been issued six months earlier by Let’s Encrypt, the non-profit certificate authority that’s made obtaining an HTTPS certificate easier in the hopes of increasing HTTPS adoption.

Read the whole story
adamcole
2 days ago
reply
Involving Let's Encrypt is really insidious. ☹️
Philadelphia, PA, USA
superiphi
7 hours ago
you need control of DNS or servers to be able to issue a letsencrypt certificate as they do validate ownership. It's not any more insecure or insidious than any of the paid for instant ssl that exist
MotherHydra
4 days ago
reply
Clever DNS "hack."
Space City, USA
Share this story
Delete

Reply All’s The Russian Passenger

1 Comment

Reply All is one of my favorite podcasts, largely for hosts P.J. Vogt and Alex Goldman’s willingness to dig deep into geeky things that nobody else would ever care to.

The latest two-part episode asks a single question: how did Gimlet CEO Alex Blumberg get his Uber account hacked?

To investigate it, they talk to a number of security experts who address multiple vectors of attack — malware, keyloggers, SIM hacking, social engineering, man-in-the-middle attacks, phishing, and password reuse are all covered. It’s a nice intro to online security, for those who don’t spend their time living in it.

In part one, The Russian Passenger, they all try to figure out what happened, with the help of Alex’s dad and a suspicious Microsoft Surface Pro.

In part two, producer Phia Bennin follows up with listener theories, Google engineers, and Uber’s own security team to finally get a definitive answer, and a very satisfying conclusion.

P.S. If you’re still reusing passwords in 2017, you’re begging to be hacked. I highly, highly recommend 1Password. Yes, it’s a hassle to get started, but you’ll never look back.

Read the whole story
adamcole
10 days ago
reply
I just finished listening to these this morning and they are just as good as Andy says. The whole time I'm wondering wtf Uber is up to and then BAM. The payoff.

Also, yeah, if you're not using a password manager in 2017, shame on you. You are begging to be hacked.
Philadelphia, PA, USA
Share this story
Delete

Saturday Morning Breakfast Cereal - Western Sociology

1 Comment and 6 Shares


Click here to go see the bonus panel!

Hovertext:
Also, for any given view of human nature, some Greek dude probably said it first.

New comic!
Today's News:

Wooh! Another Space Elevator Bonus defeated. Sorry for the regular nags about the book - I try to keep them as unobtrusive as possible. Plus, hey, bonus comic.

Read the whole story
adamcole
10 days ago
reply
Philadelphia, PA, USA
Share this story
Delete
1 public comment
jlvanderzwan
11 days ago
reply
Modern: "YOU are awful, and I just so happen to have something on sale to fix that!"

WHEN PATRONS GET TOO CLOSE

1 Comment and 2 Shares
Read the whole story
adamcole
22 days ago
reply
Eeeeeeevery day.
Philadelphia, PA, USA
MaryEllenCG
22 days ago
And the close-talkers always have breath that could peel paint.
MaryEllenCG
24 days ago
reply
Greater Bostonia
Share this story
Delete

The Web as Performance

1 Comment and 3 Shares

Yesterday the Webrecorder project from Rhizome announced the v1.0.0 release of their project WebrecorderPlayer application:

Maybe I’m just a big nerd but it’s quite an amazing experience to go to Webrecorder, create a collection, download the WARC file for the collection, disconnect from the Internet, and then view and interact with the content as if I was actually online. Go on, try it out. For me it’s up there with using the Web for the first time in a terminal window with Lynx–which (for me) is saying a lot.

For example here’s a screenshot of me viewing a collection I built a few months ago when the @FBIRecordsVault Twitter account tweeted about Hillary Clinton’s emails just over a week before the US Presidential Election:

The tweets are still there on the web, but let’s imagine that they’re not, and that the Internet Archive didn’t get them (gasp), and Webrecorder’s is offline because funding has run out (never!) … but I still have the WARC data, and I can still use it. The ability to easily open a file of web archive content on my workstation and interact with it as if it was a live website is a huge win for usability … and I think it could be a game changer for web archives, scholarship and the viability of the WARC format itself.

Part of the reason why Webrecorder and WebrecorderPlayer are such a feat to me is that they capture the performative nature of the web. The web isn’t so much about data as it is about decisions, actions, interactions, software, hardware and infrastructure. Given all this complexity it’s kind of miraculous any of it works at all. This presents a really severe challenge to digital preservation because you can’t just preserve the data, there is a whole environment that needs preserving. And it’s not just a question of emulating the software because the experience is performative–it’s a particular set of contingencies that has more in common with preserving a dance piece or performance art than what we normally think of as digital preservation. It is a performance that involves many actors, but the primary role is yours. Webrecorder’s approach to web archiving centers the person making decisions about what to archive and what to do with that archive.

Of course WebrecorderPlayer is itself a piece of software. It’s an Electron application, which is essentially the Chromium open source web browser that is at the heart of the most popular web browser in use today, Google Chrome. WebrecorderPlayer also includes a platform specific binary version of the Webrecorder Python application, which itself is a combination of a bunch of different tools. But pushing the application out to the edges of people’s personal computers suddenly means there isn’t just one copy of Webrecorder running–there are many copies of Webrecorder running. This is an important step for the viability of web archiving ecosystem.

It could in fact be a step towards being able to open a WARC file directly in your browser:

But we’re not quite there yet. Till we are, here’s to Rhizome’s Webrecorder team for bringing us one step closer!


Update: I feel like I subconsciously plagiarized Christie Peterson’s Web Archives, Performance & Capture which I’ve definitely read and enjoyed before. Heck I saw her present it! So if you want to read more about this idea of performance with more connections to the archival literature do check it out. Also, Mark Matienzo pointed out that this idea of performance in digital records has roots back to An Approach to the Preservation of Digital Records by Helen Heslop, Simon Davis and Andrew Wilson. There was a point in my career where discovering my ideas were neither new nor original would be disappointing. But luckily those days are past. But I do still believe it’s extremely important to give credit where credit is due!

Read the whole story
adamcole
22 days ago
reply
Philadelphia, PA, USA
acdha
22 days ago
reply
Washington, DC
Share this story
Delete
1 public comment
tingham
22 days ago
reply
saving for later.... (see what I did there?)
Cary, NC
Next Page of Stories