Monthly Archives: February 2015

An evidence-based approach to an ancient pursuit: systematic review on converting online contact into a first date

Posted on by
Reply

a description of personal traits increased likeability when it: showed who the dater was and what they were looking for in a 70:30 ratio; stayed close to reality; and employed simple language with humour added. Invitations were most successful in obtaining a response from the potential date when they: were short personalised messages addressing a trait in their profile; rhymed with their screen name or headline message; and extended genuine compliments. Online communication was most effective in leading to an in-person meeting if there were: a genuine interest; a rapid turnaround; reciprocity in self-disclosure; mimicry of body movements on the webcam; avoidance of criticism; humour; uncertainty about whether there was likeability; and an early move from electronic chat to a date.

Conclusions Attraction and persuasion research provides an evidence-based approach to online dating.

via An evidence-based approach to an ancient pursuit: systematic review on converting online contact into a first date — Khan and Chaudhry — Evidence-Based Medicine.

Lenovo ships laptops with man in the middle spyware on it

Posted on by
Reply

The superfish software shipped with Lenovo laptops can intercept and redirect your secure browsing sessions (eg to your bank) so that third parties can hijack them.

You can test to see if your Lenovo product is infected, how to do so is included in the link below. It can also be removed, again instructions in the link.

Lenovo for years has been known as (one of) the best laptop makers out there. I use one and have recommended them to many of my friends. This brand is hugely popular with IT professionals. This changes everything. Any company that allows spyware to be shipped on their systems and then denies it goes onto my boycott list – just like Sony is. This is a real disaster.

So long, Lenovo, and no thanks for all the super-creepy Superfish • The Register.

HTTP/2 Released

Posted on by
Reply

Why revise HTTP?

HTTP/1.1 has served the Web well for more than fifteen years, but its age is starting to show.

Loading a Web page is more resource intensive than ever (see the HTTP Archive’s page size statistics), and loading all of those assets efficiently is difficult, because HTTP practically only allows one outstanding request per TCP connection.

In the past, browsers have used multiple TCP connections to issue parallel requests. However, there are limits to this; if too many connections are used, it’s both counter-productive (TCP congestion control is effectively negated, leading to congestion events that hurt performance and the network), and it’s fundamentally unfair (because browsers are taking more than their share of network resources).

At the same time, the large number of requests means a lot of duplicated data “on the wire”.

via HTTP/2 Frequently Asked Questions.

EU air passenger surveillance system could be ready for take-off by year end

Posted on by
Reply

Despite privacy concerns and doubts over its usefulness, a plan to track passengers entering or leaving the European Union in a series of national databases is likely to become reality by the end of the year.

The call to build national databases of so-called passenger name records (PNRs) has become louder since the recent terror attacks in Paris in which 17 people were killed.

via EU air passenger surveillance system could be ready for take-off by year end | ITworld.

Because centralised databases are a really great idea, as we’ve seen from all the times they have been abused and lost on USB sticks.

Of course it’s hardly surprising that the Chalie Hebdo affair would be used to limit our freedom of movement.

Hackers fear arms control pact makes exporting flaws illegal

Posted on by
Reply

The Wassenaar Arrangement, signed by 42 nations, can be implemented differently by each of these nations. Hackers are worried that exploits are controlled by these arms controls and will be punishable.

Leaving 0-day exploits in the wild or unpublished is not good for IT security, as only the people who have them can use them and there is no incentive to report them to the makers of the software, or for the makers to fix them (if they know about them)

Hackers fear arms control pact makes exporting flaws illegal • The Register.

Hackers steal 1 billions dollars over 2 years time in greatest heist ever

Posted on by
Reply

By learning about the habits of co-workers in over 100 financial institutions, mainly in Russia, the hackers infected computers using spear fishing techniques. They upped the balance of accounts and transferred away the excess money. They also programmed PIN machines to spit out money at specified times.
Hackers stelen 1 miljard dollar bij 'grootste bankroof ooit' – UPDATE 2 – Webwereld.

BMW finally fixes 1/2 year old flaw that lets anyone open windows and doors

Posted on by
Reply

Luxury car manufacturer BMW has rolled out a patch for a security flaw that could have allowed hackers to open the doors of some 2.2 million vehicles.

The issue affects BMW, Mini and Rolls Royce models that come equipped with ConnectedDrive – a technology that allows car owners to access internet, navigation and other services via a SIM card installed directly into vehicles.

As Reuters explains, security researchers were able to create a fake cellphone base station to intercept network traffic from the car, and use th

http://grahamcluley.com/2015/02/bmw-security-patch/

Anthem, America’s second biggest health insurer, HACKED: Millions hit by breach • The Register

Posted on by
Reply

Anthem, the US’s second biggest health insurer with about 70 million people on its books across the country, admitted late on Wednesday, Pacific time, that it has been comprehensively ransacked by criminals. Tens of millions of records are likely to have been obtained illegally as a result of the hack, Anthem warned

http://www.theregister.co.uk/2015/02/05/anthem_hacked/

Samsung TVs listen to you and send your words far away

Posted on by
Reply

“If you do not enable Voice Recognition, you will not be able to use interactive voice recognition features, although you may be able to control your TV using certain predefined voice commands. While Samsung will not collect your spoken word, Samsung may still collect associated texts and other usage data so that we can evaluate the performance of the feature and improve it.”

http://www.theregister.co.uk/2015/02/09/samsung_listens_in_to_everything_you_say_to_your_smart_tellie/

Where is the microphone so we can put a sticker over it?

EU politicians use outlook in the cloud, surprised all their base belongs to USA

Posted on by
Reply

How is it possible these muffheads running Europe didn’t realise this? If you put stuff in American cloud it is giving it away to the NSA FBI and any other 3 letter US acronym you can think of. And these dozy fuckers are surprised it’s going badly with the economy? And that people don’t like politicians?
Glad someone cottoned on to this, even if it is a few years late.
go install Kolab please.

http://webwereld.nl/overheid/85329-outlook-app-europese-politici-lekt-data-naar-fbi–nsa

FSF certify Libreboot X200 laptop

Posted on by
Reply

The Free Software Foundation (FSF) has certified another laptop by the UK based supplier The Gnulug. This is the second laptop by the company to get FSF certification.
[…]
They also had to replace Intel’s Management Engine (ME) system and Intel’s Active Management Technology (AMT) firmware which are proprietary.

FSF have previously addresses ME and AMT as back doors into a person’s machine as the computers can be remotely accessed over a network and allows the remotely connected user to power the computer on and off, configure and upgrade the BIOS, wipe hard drives, re-install the OS and more.
via FSF certify Libreboot X200 laptop – Linux Veda.

Scary stuff, laptops being sold with huge backdoors

Twine is an open-source tool for telling interactive, nonlinear stories.

Posted on by
Reply

Twine is an open-source tool for telling interactive, nonlinear stories.

You don’t need to write any code to create a simple story with Twine, but you can extend your stories with variables, conditional logic, images, CSS, and JavaScript when you’re ready.

Twine publishes directly to HTML, so you can post your work nearly anywhere. Anything you create with it is completely free to use any way you like, including for commercial purposes.

http://twinery.org/