| |
| Current Topic: Technology |
|
Ditch the remote, get a robot | The Register |
|
|
|---|
| Topic: Technology |
1:26 pm EDT, Jul 14, 2005 |
Both robots understand voice commands as well as recognise faces and gestures. They can select music or movies on an LCD screen, make appointments or read the weather to you. Ok, that's more than a remote can do. Despite all the hoopla, Philips is still fine-tuning the technology, which at this moment fails to invoke an emotional bond with the user and exhibit a "personality". During demonstrations, iCat didn't always listen, or began to repeat itself, all things remotes won't luckily do. For the time being, Philips only sells these platforms to universities and research labs.
Robots are 1337 Ditch the remote, get a robot | The Register |
|
|
|---|
| Topic: Technology |
2:07 pm EDT, Jul 12, 2005 |
After talking with Acidus the other day about Napster's revamped format, it occured to me that some common misgivings are present where their download policy is concerned. I present them for your review because I have found their service to be useful and more content-rich than iTunes in addition to having some interesting features. Background: I skipped downloading more than about 10 songs a quarter because I hardly ever found what I wanted on the "Top 40" flavor of iTunes. I asked around about Napster, and most everyone was under the impression that the monthly fee only allows you to rent songs playable only on your PC, after cessation of which your access to the music ends. This is true, but this is only one method of accessing Napster's motley library and you are actually allowed to access your account and downloaded tracks on up to 3 PCs w/ Napster's software. The Rest of the Story: The other two ways you can access music include a non-monthly fee, $.99 download service similar to iTunes or a slightly higher monthly fee ($14.95 vs $9.95) which allows you all the comforts of regular Napster plus unlimited downloading to a Napster approved player of which my H320 iRiver just happens to be. If you want to burn the songs to CD, however, you have to pay $.99/song no matter which of the three versions you have. It just depends on if you want to listen to full-length tracks before downloading and access downloaded tracks on up to 3 PCs (Napster), that plus transfer to portable players (Napster To Go), or just buy music for your library to keep forever (Napster Light). Cool Stuff: The coolest thing about Napster is the ease of use. The GUI is clean and intuitive and you can easily access other users' libraries and find stuff that "you will like if you like Band X". Also, Napster's built-in recommendation agent seems pretty on target. Unclear: I can't tell yet whether tracks downloaded through Napster To Go and transferred to my iRiver will remain playable after my membership ends. They secretively allude to expiration software built into the tracks, but I'm curious if it goes so far as to expire in a Mission Impossible this-message-will-self-destruct-in-five-seconds takeoff. I also am suspicious that not all songs will be transferrable and that I will have to pay in addition to the higher monthly fee in order to transfer songs to my iRiver. Conclusion: The whole thing is damn well complicated and exaccerbated by the horrible explanation on Napster's FAQ. What few gritty details they provide are on the FAQ which is passably organized at best. I am also angered by the fact that you pay a monthly fee for the priveledge of basically listening to a full track before downloading. Otherwise, to play it on your PC, transfer to MP3 players or CDs, or just to keep the songs forever, you [seemingly] have to pay $.99/song regardless of your membership type. Verdict: Membership on Napster is only really worth it if tracks transferred through Napster To Go are available to you forever on your MP3 player as an unprotected song that you can play in Winamp later on. I'll know soon enough when I cancel my one week free trial tomorrow. Even if they aren't available on your portable player, I may just switch to the $9.95 version if I determine that browsing member's collections turns out to be an efficient way to find stuff I haven't heard before. All in all, membership seems like an awfully expensive way of finding something that hasn't been Clear Channel sanitized. -janelane, fuzzily Napster: A User's Review |
|
Real life Red Alert Tesla Coil? |
|
|
|---|
| Topic: Technology |
9:05 am EDT, Jul 12, 2005 |
Basically, it fires a bolt of lightning. It can be tuned to blow up explosives, possibly to stop vehicles and certainly to buzz people. The strike can be made to feel as gentle as "broom bristles" or cranked up to deliver a paralyzing jolt that "takes a few minutes to wear off." Bitar, who is of Arab descent, believes StunStrike would be particularly intimidating in the Middle East because, he contends, people there are especially afraid of lightning. At present, StunStrike is a 20-foot tower that can zap things up to 28 feet away. The next step is to shrink it so it could be wielded by troops and used in civilian locales like airplane cabins or building entrances.
Sweeeeeeeeeeeeeeeeeet! Real life Red Alert Tesla Coil? |
|
Microsoft/Claria Shenanigans |
|
|
|---|
| Topic: Technology |
9:49 am EDT, Jul 7, 2005 |
A post on BroadBand reports by Eric Howes is reporting that a number of Claria programs are set to a default action of “Ignore” in Microsoft Antispyware. What this means is that while Microsoft Antispyware will still find Claria adware, in most cases, it will have a recommended action of “Ignore” (versus “Quarantine” or “Remove”). I'm not talking cookies, I'm talking the actual adware programs.
How "Soylent Green" is this shit? -Microsoft makes a technology (ActiveX) with a bad/user-confusing security model which fosters spyware/adware installations. -Microsoft makes a rather crappy web browser, whose crufty 1997 era security concepts allows said technology to easily and unsuspectingly be installed in the first place -Microsoft then creates software to find and remove the very adware their products allows to exist! They graciously make this product free (for now?). -Microsoft is in serious talk to *BUY* one of the companies that makes money off *INFECTING* people with said technology. -Microsoft modifies its spyware/adware detection tool so that tool by default *IGNORES* the spyware/adware product of the very company it wants to buy. Microsoft/Claria Shenanigans |
|
Most Significat Bit Labs :: URLParser |
|
|
|---|
| Topic: Technology |
5:16 pm EDT, Jul 1, 2005 |
URLParser is a Java class to parse out the different fields of a URL. The parser included in Java's URL class is painfully bad. Not only does it not allow access to all the different URL fields, but does not return the proper information for getPath() or getFile()!
URLParser allows access to the following fields: * Protocol
* Username
* Password
* Hostname
* Port number
* Path
* Filename
* Query String
* Fragment
Here is a screen shot showing the differences between Java's parser and mine. Most Significat Bit Labs :: URLParser |
|
.tel sTLD RFP Application |
|
|
|---|
| Topic: Technology |
10:20 am EDT, Jul 1, 2005 |
Having spent a good 1/2 hour reading this, I am not convinced we need it. The basic idea is we need a single place to put domain names for all these VoIP and other communications devices. I'm more interested in allocation of address space to these devices instead of domain names. These devices *must* have globally unique addresses. CIDR, NAT and other technologies that have slowed the consumption of IPv4 address won't help you here. .tel sTLD RFP Application |
|
|
|---|
| Topic: Technology |
12:19 am EDT, Jul 1, 2005 |
RFC 1738, 1808, 2396... FUCK! The wording about what are valid or reserved characters in various parts of the URL contradicts itself multiple times across RFCs. Do you have any idea how complex the grammar is to parse a URL? [proto]:[maybe //][user]:[maybe pass but only if user is there][@ and remember empty user,pass is different than no user pass][host]:[maybe port who the hell knows]/[path which can have all sorts of fucked up characters]/[file, or maybe they are just screwing with you]?[doesn't have to have anything even with a ?, regardless these can be completely different reserved characters than those reserved in the path!]#[maybe nothing, maybe something] That man is a sadist! From RFC1738: For resiliency, programs interpreting URLs should treat upper case letters as equivalent to lower case in scheme names (e.g., allow "HTTP" as well as "http").
Yep, schemes are case insensitive, so are hostnames. Then he throws a curveball, because path names are case sensitive (because, as TBL reasons some schemes translate that to a file heirarchy). query strings? Well hell, those can be case insensitive. Can be? WTF is can be? Who would ever want to code an application with case sensitive searches hmmmmmm? Of course, it never says that # isn't a valid path character. But it is! I've got a state machine with 6 states, and that just gets me to the path! [grinds teeth].... happythoughtshappythoughtshappythoughts |
|
Most Significat Bit Labs :: AES-Crypt |
|
|
|---|
| Topic: Technology |
12:05 pm EDT, Jun 29, 2005 |
AES-Crypt aes-crypt is a Java program to encrypt files using the AES algorithm with 128 bit keys. These keys are created by taking the MD5 hash of a word or phrase. It is part of a larger toolkit that will be released soon. aes-crypt requires Java Runtime Enviroment (JRE) 1.5 or greater to be installed. You may download the JRE from Sun's website. aes-crypt is released under the BSD License. See LICENSE for more details.
Fun Java project that I spun out of a Toolkit I'll be releasing at Phreaknic 9. Most Significat Bit Labs :: AES-Crypt |
|
|
|---|
| Topic: Technology |
12:32 pm EDT, Jun 27, 2005 |
Sun Ultra 3 Mobile Workstations deliver all the performance and functionality of a Sun Blade workstation in a mobile form factor.
Key Features * 64-Bit UltraSPARC Processors.
* Solaris Operating Environment.
* 802.11b wireless networking.
* 15-inch and 17-inch TFT LCD displays. Specifications * Processor : 550 MHz or 650 MHz UltraSPARC IIi processor or 1.28 GHz UltraSPARC IIIi processor
* Main Memory : Up to 2 GB DRAM, error correction SDRAM
* Internal disk : 80 GB IDE or 73 GB UltraSCSI internal disk storage
Holy Christ! The battery life must blow! Sun Laptops |
|
Exploitable Dialog Vulnerablity? Not really! |
|
|
|---|
| Topic: Technology |
12:31 pm EDT, Jun 24, 2005 |
Secunia Research has discovered a vulnerability in various browsers, which can be exploited by malicious web sites to spoof dialog boxes. The problem is that JavaScript dialog boxes do not display or include their origin, which allows a new window to open e.g. a prompt dialog box, which appears to be from a trusted site.
Here is a full summary of the attack: -Standard Anchor tag in some original page has http://www.victim.com in HREF attribute. Clicking on it opens link as normal, in tab, new window, whatever. -Anchor tag also has an ONCLICK attribute, that runs some javascript when clicked -Javascript opens a very small attackwindow off the completely off the screen (varies with browsers). -The page opened in attack can be located anywhere on the Internet. It has a reference to original (which called it) gives original focus, thereby hiding attack from user's view. -attack uses timer to wait some specified value. Duringthis time http://www.victim.com finishes loading into normal. attack then opens a dialog box. -If the user hasn't gone crazy switching windows, tabs, etc. normal should be the top most window, with a dialog box from
attack floating on it. attack is hidden off screen or under everything. -Any info user enters into this dialog can be processed by attack, since it spawned the box! Acidus' Assessment: Cool, but not dangerous. You are very limited in Javascript about the types of dialog boxes you can open for the user. None of them even remotely look like an authenication box, and only one input field can be on a dialog. To get a username password you would have to pop 2 windows sequentially. Very suspect. Exploitable Dialog Vulnerablity? Not really! |
|
