Geek Chic

These are words you don’t necessarily like to hear together if you work in the software industry.  But some clever hackers at the Hack in the Box Security Conference in Dubai just demonstrated a 3K file that is a permanent, unfixable hack to Windows 7.

Whoops!

Granted, you need physical access to the machine — it can’t be executed remotely.  So while it’s useful for an inside job, it wouldn’t be so useful if someone wanted to, say, crack into a computer at Credite Suisse from their couch.

Still, it’s bad.  Un-fixable, and totally untraceable.

Check it out: Security team shows unfixable Windows 7 hack at Electronista

I’ve never liked Mark Zuckerberg.  He just seems like kind of a jerk (and, most likely, a thief).

I thought maybe he was turning over a new leaf with this whole rollback of Facebook’s Terms of Service (the ones nobody liked — hereafter called the Evil Terms of Service, or ETOS).

PSYCH!

Turns out Facebook is pretty sneaky after all.

Yes.  They put their new Terms of Service to a vote. And if it passes they will adopt the terms.

BUT:

1) FB will not adopt the terms unless at least 30% of active users participate in the vote (which roughly equates to 60 million users).

2) They gave these active users a week to read 1100 lines of legalese in order to make their ‘informed decision’ about which of the terms sounded more appealing.

3) I (and I’m definitely not alone in this) thought that FB had rolled back their Evil TOS (ETOS) when their users revolted back in February.  But if one compares the two documents being voted on, the terms marked as Current include the ETOS language that got everyone mad:

By posting User Content to any part of the Site, you automatically grant, and you represent and warrant that you have the right to grant, to the Company an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense) to use, copy, publicly perform, publicly display, reformat, translate, excerpt (in whole or in part) and distribute such User Content for any purpose, commercial, advertising, or otherwise, on or in connection with the Site or the promotion thereof, to prepare derivative works of, or incorporate into other works, such User Content, and to grant and authorize sublicenses of the foregoing.

Which basically says ‘if you post it, we own it.’

I know a lot of my friends didn’t think to vote because they thought the vote was between the the OLD terms of service (pre-September ’08) and some NEW version — that the offending ETOS version wasn’t even on the table.

It was confusing.  And I think it was deliberately confusing.

Now, I read it.  I read enough of it to know that the ‘current terms’ were the offending ETOS and the ‘new terms’ were less bad, and cast my vote accordingly.  But anyone who believes this is some sort of democratic process, just because Faccebook says it is, might want to read between the lines.  I’m sure Facebook is counting on most of their users either a) voting for the current terms thinking they were the old terms or b) not bothering to vote because they thought the ETOS had been repealed in February.

It is, no doubt, in Facebook’s interest to have their internal ETOS adopted.  If they own all of the content on their service, just think what they could do with it.  The fact that they’re hemorrhaging money wouldn’t seem like quite so much of a problem if they suddenly walked into a worldwide distribution license to ALL OF THE CONTENT on Facebook.

I think Facebook is being manipulative to try to get what they want, cloaking misdirection and miscommunication in user apathy.

But seriously Facebook.  If you want to take away my rights to my own content, just do it — and own up to your users’ wrath.  But don’t try to make it look like I asked you to take away my rights.

For more, check out Chris Dannen’s column at Fast Company

UPDATE: Alright, some of this sounds like conspiracy, but maybe we’ll just call Thursdays ‘Conspiracy Day’ here at Geek Chic and let you decide for yourself:

1) Facebook’s voting closed at noon PDT.  But almost every news source thought it was closing at midnight.  Did the Washington Post not check their facts this morning?  Or did Facebook change the cutoff because the press was starting to pick up the story?

2) Some users claim they didn’t hear there was a vote (to which, we have to say, ignorance is never really a great argument for a re-count, but still…)

This is really weird for a number of reasons:

A Cyber-Attack on an American City

The long and short of it is that an unidentified group of people cut 8 fiber cables in Morgan Hill, CA (my hometown) on April 9th and basically everything went down.  Internet, phone, ATMs, emergency services, burglar alarms…

The most disturbing hing about it, I think, is that this is the first I’d heard of it — 2 weeks after the fact.  I partly paid attention because I’m from there.  But still… shouldn’t this have been reported by someone?  Like, maybe, CNN?  Or at the very least, the fearmongering FOX News?

Equally disturbing is the fact that they don’t know who did it.  It seems like they needed to have been fairly familiar with the city’s communications grid to do it.  But I bet a bright high school kid could get the paperwork he or she needs to do that.  Then all s/he’d have to do is organize a group of friends from Live Oak to all cut the wires around the same time.  It wouldn’t take much.

On the more mildly disturbing front (but still fairly disturbing), one of the casualties of the attack on the city’s fiber cables was the hospital’s local network.  Their local network!  Which is a pretty essential thing to have up and running at a hospital, don’t you think?  Who’s idea was it to make a local network in the hospital that was entirely dependent on its connection to the internet?  Is this the only hospital like that?  Or are there a lot more whose network engineers weren’t looking at the bigger picture?

On a mildly entertaining (and fairly educational) note, what did not fail is CB communication.  In order to relay radio calls for emergency services, they woke up the president of the local ham radio club and he and his buddies basically made up for the missing communication services.  This is a good lesson to learn — that it’s good to have a healthy relationship with a fair number of ham radio folk.  They may be the only way people can communicate in an emergency.

Look.  I’m not one to play into doomsday scenarios.  I don’t believe the premise of the latest Die Hard movie, or Fight Club’s ending, is actually realistic.  But I definitely believe we’ve gotten lazy — relying on technology working flawlessly and very seldom exploring possibilities of selective or total system failure.

I would hope that, with the changing of the guard in Washington, that we’d take a bit of time to explore our telecommunication system’s vulnerabilities and the ways that we can compensate in emergency situations.  I’m not saying that we need armed guards at every manhole, but we should definitely have a plan if someone were to stage an attack like this on a larger scale.  Morgan Hill has a population somewhere around 30K (and, all things considered, they seemed to come out reasonably unscathed).  If someone were to stage a similarly coordinated attack on New York — or New England — it would be a big, big mess.

Once again, I’m not saying we should be cowering in fear.  But we should definitely take a hard look at what happened in Morgan Hill and do some serious thinking — and planning — about what we would do if something like this happened on a larger scale.

It’s obviously a possibility.

UPDATE: As my friend Paul pointed out (also a Morgan Hill native):

a) actually this attack was in South San Jose and its effects stretched as far out as Santa Cruz (where Paul lives)

b) Perens’ characterization of Morgan Hill, with all of its ‘brokerages, and investors in the very wealthy community’ was… to be nice… maybe a little bit off the mark.  Anyone who’s been there will tell you — MH is literally 3 freeway exits between San Jose and Gilroy.  If you’re driving south on 101 and you sneeze, you miss it entirely.  And while it’s a town with a healthy upper-middle class, we’re no Los Altos Hills.

So I don’t imagine the attackers would’ve gotten very far trying to ‘manipulate the stock market’ from Morgan Hill when the wires were cut.  I’m sure they could’ve done more damage with an iPhone and a tethered laptop from an uncomfortable booth at Lyons.

A cool ad campaign using stop-action video mixed with flash menus and pretty people:

via FormFiftyFive

Isn’t Lando a handsome devil?

I’d like to sing the praises of this man for just a minute.  Who else could’ve played Harrison Ford’s old buddy / president of a cloudy oasis planet / Ewok air support commander Lando Calrissian with quite as much flair as this guy.  Certainly not Mark Hamil….

What ever happened to dear old Billy Dee?  He was great as Harvey Dent in Tim Burton’s Batman.  Then POOF!  Nothing.

Maybe it was that after playing Harvey Dent in the first one, he thought he’d get to play Harvey Two-Face in ‘That Horrible Batman Movie We’d All Like to Forget.’  As it turned out, no.  That dubious honor was handed to other three-namer, Tommy Lee Jones, who chewed up the scenery like a termite.

Did that leave him with such a bad taste in his mouth that he left the screen forever?  Did the industry just lose interest and relegate him to various TV and video game appearances (basically, the actor’s graveyard)?  Or is he, as we speak, staging a comeback?  Only time will tell.

In the meantime, here: let Billy Dee sell you some Colt 45.  It’ll make him (and you) feel better.

via FFFFound

From Silicon Alley Insider:

Hulu iPhone App Coming Soon, ‘Badass’

Sweet!!!

Enjoy:

Have a great weekend everyone!

via FailBlog