bens

28 posts

Mr. Botswana won me in a card game. What you don't know is that I'm a 14 year old Malaysian child, saved from the life of sewing Russel Simmons brand jeans when I was taught computars by Mr Botswana so I could help him with his vision of taking over the world, one blog at a time.

Monday Daytime Open Thread

Good morning! Bots is currently incarcerated by Sherrif Bill Elliott in Dawsonville GA, for reckless endangerment and assault of a police officer. He was doing 110 on a public highway, and got pulled over. When the deputy walked over to him, Bots flicked a Winston in his face and gave him a lil’ of lefty (ATL Ice- his patented left-hand cross.) It took three helicopters, six roadblocks, 18 destroyed Police Interceptors, but Bots finally surrendered.

(Lies, all lies!)

Here’s Brown Paper Bag by Roni Size. Remember 1997?

Have fun today. Don’t do anything I wouldn’t do.

NY Times Paywall Goes Up, 4 Lines of Code Make it Go Down

1 comment

The NYTimes implemented their long-discussed “paywall” today, in an attempt to make some money on online viewers. Unlike proposed paywalls designed by the folks at Fox News and The Guardian, this paywall is “loose by design.” What that means is that you’re still able to view up to 20 stories online per day, and they purposely did not make it hard to circumvent their system.

So why would a newspaper not make their paywall ultra-secure? Quite simply, they’re smart. In independent studies done by organizations not affiliated with content producers (basically any University study and nothing by the MPAA, RIAA, etc) researchers have found that people only pirate things they can’t afford. When products are priced too high, piracy increases, and oftentimes it deters people from purchasing legit versions. Microsoft released Windows Vista in China and priced it at about $180 USD. The Chinese version of XP was priced at about $20. A month after Vista’s release, Microsoft had only sold a total of seven copies of Vista in all of China. Windows XP, being a much more affordable product, sold in the tens of thousands of copies. When Microsoft dropped the price of XP to $20, the number of pirated copies dropped significantly, to the point that it was easier in the long term to purchase a legit version of XP than buy a pirated version (for a tenth of the cost.) The same thing happens with music and movies. Studios have realized that in Asian markets they can’t market legit DVD’s at American prices. They now sell “Region 5 DVD’s” for about $3USD. As a result, Chinese pirates aren’t bootlegging any DVD’s released as a “Region 5.”

The New York times is also pretty much THE place for news online. If they locked down their paywall, sites would stop linking to their stories, and they’d lose readers. Its in their interest to maintain their userbase at the expense of a couple of paywall subscriptions.

The last factor comes down to development cost. The NYTimes would basically have to re-vamp their website to program in serious DRM. By applying a “loose” paywall, they didn’t have to spend millions on re-doing their website.

Even though its pretty cheap, and even though you get 20 free stories, people have released hacks for the NYTimes site. Pay for your digital subscriptions, or better yet pay for home delivery. For those of you who are eating stewed tomatoes every night and stealing wi-fi from your neighbors, you can drag and drop the NYCLEAN bookmarklet to your bookmarks toolbar and read all of the articles for free.

(on programmer’s note, 4 lines of code!)

Organized Hacking Contest: Pwn2Own

Hacking is usually an ‘underground’ sport, something nerdy Eastern Europeans do in their mother’s basements. The only time a hacker would come together to meet another hacker would be on an IRC channel. Not so anymore, with conventions like Defcon, Blackhat, and CanSecWest.

CanSecWest has an interesting contest. A hacking contest. The targets are the most common browsers: IE, Firefox, Chrome, and Safari. A new feature this year is the addition of smartphone hacking: Apple iOS, Windows Phone 7, Google Android, and BlackBerry OS. In total there is $125,000 in cash prizes. Another cool aspect of the competition: if you hack the computer running the target browser, you get to keep the laptop.

Like any good contest, there are the favorites. Charlie Miller, a software analyst from Baltimore has won the contest 3 times before. In 2009 Miller took down Safari running on an Apple in 10 seconds! He scored $10,000 and a laptop for his troubles. “Nils” (The contest allows anonymous entries) – a German computer science student, won last year, cracking Firefox, Safari, and Chrome in less than 10 minutes. In 2009, Nils broke the encryption for IE 8 the day before it was released, netting a new Sony laptop and $5k. George Hotz, the 21 year old who broke the Playstation 3’s copy protection (not to mention being the first person to ever jailbreak the iPhone) will be competing this year.

The biggest challenge this year is Google’s Chrome browser. Chrome runs in a ‘sandbox’ mode in Windows (basically insulating bugs in Chrome from affecting the underlying Windows system.) Google has put up $20,000 if someone can break Chrome’s sandbox mode in the first day.

Contests like this just aren’t cool in the computer security world. They provide vendors with information on how to improve the security of their products. When someone hacks a browser/device they also share technical information on how they did it with the contest organizers, TippingPoint. Details on the hacks aren’t released to the public until the vendor has time to fix the bug.

Pwn2Own runs during the CanSecWest conference, being held in Vancouver CA between March 9-11 2011.

Back up Facebook, simply, for free

Lots of you guys use Facebook. Facebook is notoriously hard to back up. Although I’m not aware of any large server outages, if you post a lot of pictures to Facebook its good to have the important ones saved in a secure place. There are a number of programs you can download that scan through the Facebook directories and download each and every file individually, they’re hard to use. There’s a simple solution.

Backupify will download and save your facebook profile and files on their server, for free. It requires you to sign up for an account with them, but its a very simple solution to a very tricky problem.

(Yeah, click the link above. It should be red.)

Follow the directions for the setup, and you’ll soon be on your way. If you have any problems, contact them!

The DrunkenNES breathalyzer

The 8 bit NES homebrew/modding scene is at it again. Not content at modding an NES to fit in to a Genesis, or modding an NES to fit in to PC, some guy got to hacking a breathalyzer in to an NES cartridge. You’ve been blowing on the cartridges forever (the only way to make them work, duh.) I already know that the only time you feel like playing Zelda is when you’re drunk (or depressed. You want to feel a sense of accomplishment, so you beat Zelda in 3 hours, for the 93rd time. But you’re depressed, so you’re probably drunk too.) So modding a breathalyzer in to an NES cart is actually a good idea. Function and form come together in perfect symmetry, yet again! This is actually sort of impressive because he coded a cartridge to display your score etc. Getting the “party frog” is the equivalent in getting the Soyuz rocketship in Tetris. Hah! Not really! Getting the “party frog” only tells your friends what they know and you’re hopelessly in denial about: You’re a drunk!

Cheatin’s Still Winnin’- The Story of Toyota Racing’s Best Cheat EVER

In motorsports, if you’re not cheating, you’re probably not winning. Safety regulations have really made it so that from F1 to NASCAR, the best cheaters DO win. Cars are so similar that minute changes will oftentimes determine whether or not you’re placing 1st, or 15th. Lots of times these minute changes come from creative interpretation of the rule book. (That’s not to say that sometimes teams will completely chuck the rulebook away. Remember: its not cheating unless you get caught!)

In the early 1990’s Toyota Team Europe, TTE, was winning. They were racing in rallysports and they were winning. They had a pretty decent car, a Celica GT-Four. The GT-4 was a car that had got them through about six years of racing, and was winning more races every year. They had won the manufacturer’s championship and driver’s championship every year since 1990. For a world-wide company like Toyota, this translated in to MAJOR sales for the Celica. There’s an old NASCAR motto: “Race on Sunday, Sell on Monday.” (This only applied up to the 1970’s when NASCAR cars were actually some semblance of being the ‘stock’ models you could purchase at a dealership.) Toyota needed to maintain their edge, at all cost.

Rallying is inherently a dangerous sport. Drivers race around unpaved roads, through treacherous terrain, trying to beat the clock. Rallying fans stand inches away from cars making hairpin turns around blind corners. There’s always a fight between racing governing boards who want cars to be safe, and everyone else who wants them to be fast. Oftentimes this results in cars having their speeds artifically restricted. You can’t tell a racecar driver “Hey man … could you please not drive over 120 mph?” You need a piece of technology (or anti-technology) to artificially limit the speed of the cars.

In 1995 the FIA (Fédération Internationale de l’Automobile, the major governing body for motorsports) decided that cars racing in the upper echelons of WRC would be fitted with “restrictor plates” on the turbo units of cars. All combustion engines produce power when they combine gasoline with oxygen. A spark ignites the gasoline and oxygen mixture which pushes a piston that drives a shaft that drives the wheels. Limiting the amount of oxygen taken in by the engine will limit the theoretical amount of power a car can produce. Thus restrictor plates. They are literally plates, a piece of metal that partially blocks a pipe that draws air in to the turbo part of an engine. A turbo is basically a fan that blows air in to an engine, so it would be like putting your hand in front of a fan … it blocks the air from reaching you. The restrictor plates, in theory would block a standard volume of air from reaching the engine. Restrictor plates were mandated for every car, and after the race officials would take apart certain components to make sure no one was cheating. This in theory would limit the top speed of the cars but do so in a way that every team would have the same exact limitations imposed.

Toyota has some of the best engineers in the world. Every car is inspected before the race by the governing body to make sure that the restrictor plate is installed. Toyota engineers figured out how to allow air in to the turbo intake that completely bypassed the seals around the restrictor! In addition, when the car was moving and the turbo was engaged, the restrictor plate would be moved back a couple of inches completely nullifying the effect of the restrictor plate. Some of the best judges and techs had gone over the car to make sure shenanigans like this weren’t taking place. In fact, the engineering was so good that when the turbo was disassembled post-race for inspection, judges couldn’t find any evidence that extra air had passed through the turbo. Toyota had manufactured special springs and clips that would move the restrictor plate back from the air intake, but when the turbo was disengaged the springs would pop it back in to position making it appear that everything was kosher. Like a sprinter, the more the engine could breathe, the faster it could go.

Max Mosley, the president of the FIA at the time said this: “Inside it was beautifully made. The springs inside the hose had been polished and machined so not to impede the air which passed through. To force the springs open without the special tool would require substantial force. It is the most sophisticated and ingenious device either I or the FIA’s technical experts have seen for a long-time. It was so well made that there was no gap apparent to suggest there was any means of opening it.”

The device gave the car an estimated 25% extra air coming in to the turbos, which added an extra 50 BHP (brake horse power)to the car. The cars raced in WRC at the time had about 300 BHP, an extra 50 BHP gave the car a HUGE advantage. The FIA quickly moved to ban TTE from racing that year. Toyota lawyered up, but they were eventually banned for the rest of the 1995 and 1996 season.

In 1998 TTE placed second in WRC, and in 1999 they won the manufacturer’s championship. That was the end of Toyota’s rallying history, they soon moved on to a pretty lousy F1 team.

With rallysports starting to get big in America, it kinda makes you wonder what cool technology is driving those brutish cars. Companies like Toyota use events like WRC as a testbed for new technologies that eventually make it in to their production cars. When your odometer clicks over to 300,000 miles in your Camry, a lot of that durability comes from testing in extreme conditions. I know that the guy in the Monster energy hat probably doesn’t seem like he’s got anything worthwhile to society, but engineers are going to tear his car apart after the race and find out how to improve upon their existing designs. They may not have anything as mechanically sophisticated as a cheat designed by Toyota engineers, but he’s probably got something if he’s winning! If its as good as their previous hacks though … we may never know …

Snoop Dogg joins the war on cybercrime?

Snoop Dogg, prolific gangsta rapper, crack dealer, pimp, dog fighting breeder, felon, Norton Internet Security spokesman? Yes.

That was the OLD Snoop Dogg. 19 years later, he’s teamed up with Norton to bring you the “Hack is wack” contest, where if you spit the best rhyme on why hacking is “whack” you’ll win a free laptop (Loaded with Norton Internet Security 2011!!!!) a trip to LA to meet Snoop and his management, and tickets to a Snoop Dogg show! (2)

OMG HOW STOKED DOES HE LOOK IN THAT VIDEO?! Really, my life is complete. Snoop Dogg has legitimized heuristic discovery of suspect processes, polymorphic software, and x86 stack overflows. I can now walk through Watts and have street cred!

Creep with me as I crawl through the drive,
Maniac, lunatic, pay the bills to stay alive,

Hey. Its a job.

The Straight Man’s Guide To The Oscars

Lots of people like the Oscars. They REALLY like the Oscars. If you’re the typical American woman and/or gay man, this is basically your Super Bowl, minus the cool commercials and John Madden. You go to the store the day before, stock up on drinks and food (chocolate) and turn on the TV at 3 p.m. to watch all the red carpet special. Because it really fucking matters ~~what~~ who everybody is wearing! Continue reading →

How to abuse Google’s search ranking, for fun and profit

J.C. Penney, one of the oldest and most trusted institutions of commerce, was recently caught bumping up their search rank in Google by using deceptive tactics.

Google has been around since 1998, and ever since they came online, people have been trying to exploit its algorithm to make it so their pages appear first on Google’s listing. Have you ever gone to a website and seen a bunch of terms at the bottom of the page, or sometimes hidden (only visible when you highlight them with the mouse)?

The site was trying to artificially bump its search ranking. Google has “robots” that search the web and extract pertinent words. Loading your site up with descriptive words is one of the oldest tricks to try to get in to Google’s index. Google keeps their search algorithm secret, but they do disclose some information about how their bots work.

J.C. Penney exploited Google’s search algorithm through site links. Lets say you’re selling tires. If a bunch of automotive-related websites link to yours, Google takes that in account and assume that your site’s content is highly relevant and deserves a high rank. The more sites that link to yours, the better.

Google is smart enough to rank sites in terms of overall importance, so a link from someone’s tiny blog might give you +2 points, but if a site like Walmart links to you (they’re big, and get a lot of traffic) – you’ll get +10 points. The more points, coming from relevant sources, means a higher rank. You’re probably thinking “who cares if you’re #1 vs #2 on Google’s search ranking?” but the exact position matters. A lot. Researchers have done studies that say most people are proportionately more likely to click on the #1 link. If you’re a business as big as J.C. Penney, millions of dollars are at stake.

J.C. Penney decided to hire a shady SEO (search engine optimization) company to register thousands of websites whose sole purpose was to link to J.C. Penney. The SEO company would fill these sites with commonly-used search terms, and links. For an example, here’s a link to a Huffington Post “article” that was published before the Super Bowl:

http://www.huffingtonpost.com/2011/02/05/what-time-superbowl-start_n_819173.html

See how most of the “content” is short, simple paragraphs which seem to be factoids (at best)? This site is designed to be indexed by Google so that someone searching for “What time does the Superbowl start?” will be directed to the HuffPo page. This is way more advanced than J.C. Penney’s stunt. (Their pages are so un-interesting they’re not even worth linking to, unless you like looking at lists of household goods.) This HuffPo page isn’t really an article, it’s not really a “listicle” … its a page designed to drive traffic to the site.

Simple tricks like this have been vetted by Google since its inception. Since Google relies on bringing pertinent search terms to people, they really frown on stuff like this. A couple of years ago BMW in Germany decided to post a bunch of invisible text on their website (terms like “cars, auto, which car is the best?” etc) and Google de-listed them. They removed BMW from any and all Google searches! (BMW changed their site and got re-listed.) Every couple of months someone will come up with a “super ninja SEO technique” to drive traffic to websites. Generally any “super ninja SEO technique” will work for a couple of weeks, until Google changes up its algorithm. (Look in the “computer” section of Craigslist, and you’ll find all sorts of ads from people with “super secret SEO techniques.” It’s mostly bullshit.)

In response to J.C. Penney’s deceptive tactics, Google changed its search algorithm. Sites that used techniques like J.C. Penney lost a ton of traffic. In fact, Google came out and said that approximately 12% of their search rankings have changed in the past week. That’s a ton of upheaval!

Here’s another thing: Web users should be aware of how search rankings are calculated. The number one link in Google might not be the best result for you. If you run a website, its really deceptive to get traffic like this. As someone who buys a lot of stuff online, be wary of links!

I believe … we are completely back

5 comments

Minus a day or so of content. I’ll be able to restore that soon though.

I think all of the DNS issues are fixed, as the DNS has propagated out.

BEN