United Arab Emirate Upload Spyware to Blackberries, Research in Motion Posts Removal Tool

I must say my opinion of RIM just went from “I don’t really care” to “Wow talk about rock solid.” A United Arab Emirate telecom company call Etisalat posted an over the air update for its Blackberry users. Emirate said, “upgrades were required for service enhancements”. It turned out the update installed surveillance software produced by SS8 in California…

http://news.bbc.co.uk/2/hi/technology/8161190.stm

From the article…

The update has now been identified as an application developed by American firm SS8. The California-based company describes itself as a provider of “lawful electronic intercept and surveillance solutions”.

Yup I’m sure the freedom loving rulers of the UAE wanted this only for lawful reasons. Wait a minute the UAE isn’t comprised of freedom loving rulers? They probably wanted this software to spy on its citizens? But if you’re not doing anything illegal you have nothing to hide hence why would you be uncomfortable with your government spying on you? Oh that’s right people like privacy.

Research in Motion, the makers of the Blackberry, stated they did not authorize or develop any such update. To alleviate this issue they have released a removal too which can be found here…

http://na.blackberry.com/eng/ataglance/security/regappremover.jsp?CPID=OTC-REGAPPREMOVER

I say good on Research in Motion.

The Pirate Bay has Been Boarded

Rather sad news in my opinion The Pirate Bay has been bought…

http://thepiratebay.org/blog/164

I’m betting the site goes downhill fast from here on our. Anyways it was bought by some company called Global Game Factory for $7.8 million. Until now The Pirate Bay has been as much political as useful.

For those of you who don’t know it was in league with Sweden’s Pirate Party which is an actual governmental party in Sweden who’s platform is based on copyright reform. They actually have a decent base which gained them a seat in the European Union.

Anyways as with most good things that are sold to another company I’m expecting The Pirate Bay to go downhill fast.

Another Company Using Technology B.S. to Push a Product

A post on Bruce Schneier’s blog has lead me to this product release statement by Guidance Software Inc. Apparently they have made a revolutionary new super awesome USB stick that can snoop the hard drive of a computer and my sensitive data…

http://investors.guidancesoftware.com/releasedetail.cfm?ReleaseID=384544

From the article…

Unlike existing computer forensics solutions, EnCase Portable runs on a USB drive, rather than a laptop, and enables the user to easily and rapidly boot a target computer to the USB drive, and run a pre-configured data search and collection job. The ease-of-use and ultra-portability of EnCase Portable creates exciting new possibilities in data acquisition. Even personnel untrained in computer forensics can forensically acquire documents, Internet history and artifacts, images, and other digital evidence, including entire hard drives, with a few simple keyboard clicks.

Well I have some sad news for them. This super awesome data mining drive won’t work on my machines. Why? Because I encrypt all of my drives.

The beauty is almost all modern operating systems have drive encryption technology now. Mac OS X has a feature called FileVault that encrypts your entire home directory. Windows from Vista up have a technology called BitLocker that encrypts your Windows partition. I don’t have much knowledge of BitLocker but FileVault works like a charm. All of your files get encrypted into an AES disk image which can only be decrypted via your password. Good luck with my information Guidance Software.

Source: http://www.schneier.com/blog/archives/2009/06/new_computer_sn.html

Somebody Should have Seen this Coming

Although I’m not a Twitter user I found this story interesting…

http://www.macworld.com/article/141146/2009/06/twitpocalypse_twitter.html

Apparently several Twitter applications are melting down since the count of tweets is exceeding the maximum number a 32-bit integer can hold. This would be 2,147,483,6471 in this case since the software writers were using signed integers.

For those of you who don’t know how computer programming works I’ll give a quick run down. An integer is a standard unit of storing integer numbers. On most platforms an integer is 32-bits in size. This means it can have a range of 0 to 4,294,967,295. In order to store negative numbers one bit must be used to indicate positive and negative. With the removal of this bit to store a value your range of storable numbers becomes −2,147,483,648 to 2,147,483,647.

There were two mistakes made here that I can see. The first one was using a signed integer. Since you never need to store a negative number of tweets there is no reason to waste that single bit to store whether a number is negative or positive, it’ll always be positive. The second issue, although understandable, is using a 32-bit integer. With the popularity of Twitter and number of tweets being made by each person every day it’s easy to see where more than 4,294,967,295 tweets will eventually be made. It would have been much smarter to use a 64-bit integer which unsigned gives a range of 0 to 18,446,744,073,709,551,615. Although not impossible it’s very unlikely there will ever be that many tweets before Twitter falls out of existence.

The first screw up was just poor planning, probably from an inexperienced programmer. The second mistake is understandable since most of the time when programming people simply use a basic integer type to store integer numbers.

But this story is a good example of what goes wrong when something isn’t fully planned out. I would imagine had more people been working on these applications somebody would have pointed this potential issue out. Always have an understanding on the possible maximum values your data may contain.

The Konami Code, Not Just for Games

It’s amazing how versatile the old Konami code is even to this day. Not only does it give you a fighting chance in Contra but apparently it unlocks all the secrets of Palm’s new phone, the Pre…

http://www.engadgetmobile.com/2009/06/10/the-secret-to-palm-pre-dev-mode-lies-in-the-konami-code/

If you type “upupdowndownleftrightleftrightbastar” on the home screen of the Pre it enables the developer mode. What else can the Konami code do?

Proving Once Again the European Union is Anti-Business

It never seems to end with the European Union. They bring up a well deserved anti-trust case against Microsoft. It ends in a fine, which Microsoft pays. The European Union also requires Microsoft to rip out applications in it’s operating system so Microsoft does so releasing special European only versions of it’s operating system. For instance there is going to be an Internet Explorer free version of Windows 7. Well apparently that doesn’t go far enough for the largest socialist coalition on Earth…

http://www.osnews.com/story/21662/EC_To_Pursue_Antitrust_Despite_Microsoft_s_IE_Move

The European Union not only wants Microsoft to remove its own browser they also want Microsoft to include competitors’ browsers. I’m calling bullshit on this right here, right now. I dislike Microsoft as much as many others because of what they have done to the industry through their illegal practices. But why should they not be allowed to include their own web browser? And why in the fuck should they be required to include competitors’ products?

The bottom line every modern operating system includes a web browser. Apple’s Mac OS includes Safari, Ubuntu includes Firefox, Android includes it’s own WebKit based browser, Heck Debian even includes Ice Weasel which is just Firefox with a different name. If no browser was included most people wouldn’t know what to do with their computer. Unlike those of us in the “tech savvy” world most people have no idea how to get a web browser without first having a web browser. If you removed Internet Explorer from Windows what do you think most people would do? Probably call their computer manufacturer’s tech support and as “What the fuck guys?”

As making Microsoft remove the browser is idiotic. But making them include their competition’s products is insane. Yes Microsoft are a convicted monopoly, yes they did illegal practices to get to where they are today, but making them include the competition’s products is about as anti-business as you get. Most people who want to use a different browser just get one. For instance the first thing I do on a new installation of Windows after applying the system updates is download a copy of Firefox, Chrome, or Safari (depending on the day).

The problem with including other companies’ products is that Microsoft has no control over them. Currently when a security hole is found in Internet Explorer (you know just about every day) Microsoft figures out the problem and usually fixes it. They can do this because it’s their product and they have control over it. Now let’s say Firefox is included in Windows. Microsoft has no control over any problems that may occur and would be at Mozilla’s mercy when it came to providing a fix. Granted Mozilla is good about providing fixes but if they stop for some reason that leave Microsoft in a shitty position. Not to mention Microsoft has no way of knowing if their competitors’ products won’t interfere with other software in Windows.

Also who is to say any of Microsoft’s competitors won’t provide a special version of their production to include into Windows which they will refuse to support? I doubt this would happen but if they did it would make Microsoft look bad not them browser’s creator. Not having control over your own product is not only difficult but dangerous.

Finally how will we determine which browsers will be included? There are literally hundreds, if not thousands, of browser out there. Does Microsoft have to include them all? If so that’s probably a few more gigabytes of size that will need to be installed with the operating system. Do only browsers with at least 10% market share get included? Well that would only leave Mozilla. Of course that would be unfair to Chrome, Safari, etc. How do you get clueless users to determine what browser will be best for them? Most people use Internet Explorer because it’s there and as far as they are concerned it is the Internet. Many of these people would have no idea what to do when asked what web browser to install.

Honestly this is just another reason why I hate the European Union. It was a bad idea when it started and it’s only getting worse as it ages.

Damned Integrated Batteries

So Apple announced their new laptops. The plus side is they did a massive price drop, the down side is all the unibody MacBooks have an integrated battery. This means you can easily swap out a dead battery and replace it with a charged one nor replaced a worn out battery without taking apart the entire machine.

All this simple because Steve Jobs hates seems. Seriously the iPods, the iPhones, and now their laptops all have non-removable batteries.

There is no downside to batteries that are easily replaceable. And batteries do wear out. Now most people will have to take their laptop to an Apple store to get the battery replaced instead of being able to easily do it themselves. Thankfully ifixit.com has posted a nice picture filled page covering how to disassemble the unibody MacBook Pros with integrated batteries…

http://www.ifixit.com/Guide/First-Look/MacBook-Pro-17-Inch-Unibody/618/1

I’m doubting this is a deal breaker for myself but bloody Hell is irritates me.

A Court with Common Sense, This is a Rare One

A while back (before I started this blog) there was a rather frightening story…

http://www.eff.org/deeplinks/2009/04/boston-college-prompt-commands-are-suspicious

A computer science student at Boston College was arrested. His room mate accused the student of “hacking” into the school’s computer systems and changing other students’ grades as well as ending out e-mails purporting the room mate was gay. But the reasoning on the warrant from the police is what was the scariest. The warrant for his arrest stated…

uses two different operating systems to hide his illegal activities. One is the regular B. C. operating system and the other is a black screen with white font which he uses prompt commands on.

So the evidence the police has was the fact the student was dual booting Windows and Linux (Linux is specifically mentioned later in the EFF article). Apparently Linux was being used to hide the student’s illegal activities. I mean we all know anything run via a command prompt is an operating system for only the most serious business of the serious business hackers.

Lord knows I could easily be arrested under such justification. Thankfully the Massachusets Supreme Court threw the case out…

http://www.schneier.com/blog/archives/2009/06/update_on_compu.html

It’s nice to see some common sense dealing with potential computer crime still exists. Normally simply accusing somebody is a “hacker” is enough to get a court case. Couple that with a lawyer who can spew enough technical jargon, no matter how incorrect the jargon is used, and it is enough to convict the suspect.

Beware Greeks Bearing Gifts

Especially if those Greeks are a Japanese University…

http://finance.yahoo.com/news/Japan-university-gives-away-apf-15379360.html?.v=3

Aoyama Gakuin University located in the city of Tokyo is giving 550 students free iPhones. Sounds like a great deal huh? Well wait until you see the string attached to this one…

The gadget will work as a tool for studies, but it also comes with GPS, a satellite navigation system that automatically checks on its whereabouts. The university plans to use that as a way check attendance.

By check attendance they mean track the students’ whereabouts. So as long as you’re willing to have your university actively track you everywhere you go (with the phone at least) you to can have a free phone.

Of course I am curious how they are tracking the phones. Because it can’t be with software on the phone since third parties can’t write software that runs in the background on an iPhone. Maybe they are jailbreaking the phones. Either way doing a full reset would take care of either scenario. Granted the school would also notice that any reset phone is no longer reporting tracking information back to them.

The other method is either the government or cell phone carriers must be giving the university access to the tracking information. In a country without freedom like Japan this is of course very possible.

Either way there is an easy solution. If you’re a student with one of these “free” phone just give it to a buddy who’s going to class when you want to skip. The phone can only report back where it is, so if it’s in class so are you.