The past few days there has been a lot of press around the fact that the Google Wallet Pin was cracked on rooted android phones. Lots of people including computer programmers and technologists (who should frankly know better) have reacted to this by posting messages/comments equivalent to: “rooting is bad”, “rooting causes security holes” etc etc etc… Guess they have forgotten the simple rule of computer security: “physical access is total access”, basically it means that if I have physical access to a device I can get full access to it eventually.
This fact was demonstrated it quite nicely by the news that you don’t really need to root your phone to get your pin hacked, all you need to do is reset the application data.
The problem in both cases is caused by the fact that the Google Wallet’s pin is stored locally on the phone itself instead of online so if you can get access to it you can bruteforce it or if you clear the app data it removes the pin and lets you choose another.
One way of fixing the second issue would be to force the phone to link to the internet after the local cache is cleared to sync the pin with the online secure server instead of just letting a user choose a new one. The fix for the first case is a lot harder because you can’t have a wallet that requires the phone to be connected to the web everytime you use it, and if you store it locally then you are just asking for trouble.
Another way would be for the receiving side to validate the pin sort of line how we do it for credit cards but that doesn’t seem too feasible either. Or we could salt the pin with the user’s account info/do a dual encryption, first one requires the pin to unlock the second one requires the account password.
Now if I can come up with such solutions then I am sure the people at Google and the various banks working on this issue will come up with other more secure options. Its not the end of the world. yet. This is a new technology and like all new tech it has its teething issues and I am looking forward to the final fixed product.
According to Toshiyuki Nakagaki, a professor at Future University Hakodate the lowly slime mold that most of us associate with gym showers and broke college students may be what helps us make the next major breakthrough in Biotechnology and computer algorithms.
Basically, Physarum polycephalum, or grape-cluster slime which looks like mayonnaise when looked at without a microscope has the ability to organize its cells to create the most direct root through a maze to a source of food. During experiments the research team successfully managed to get the molds to form the pattern of a railway system quite similar to the railroad networks of the Kanto region centering Tokyo. If this can be harnessed then we can use the networks in future designs of transport systems. The best part is that the networks created are resistant to unexpected stimulus so if used in real world applications that would make them resilient and fault tolerant.
He says slime molds can create much more effective networks than even the most advanced technology that currently exists.
“Computers are not so good at analysing the best routes that connect many base points because the volume of calculations becomes too large for them,” Tero explained.
“But slime molds, without calculating all the possible options, can flow over areas in an impromptu manner and gradually find the best routes.
“Slime molds that have survived for hundreds of millions of years can flexibly adjust themselves to a change of the environment,” he said. “They can even create networks that are resistant to unexpected stimulus.”
Research has shown slime molds become inactive when subjected to stress such as temperature or humidity changes. They even appear to “remember” the stresses and protectively become inactive when they might expect to experience them.
Sources: Yahoo News & Engadget
I have been using 1and1.com as my hosting provider for a while now (since 2005) and have been happy with the service for the most par, however after their recent pricing change the service is getting to be a bit more expensive than I am comfortable with so I am thinking about changing webhosting providers. What hosting providers do you use and would recommend? I need the following feature sets in the service:
- MySQL DB: Fairly large no of databases with large storage allocations
- Full SSH Shell Access
- Unlimited Bandwidth (Have gotten bit by this a few times)
- Email Accounts: A fairly high no with large quota’s (I never delete mails)
- Perl Support
- Multiple Domains allowed
- High availability/uptime
Thanks in advance.
I typed an entire post while in flight back to Bangalore and then because the wordpress app for Android requires a netconnection to work and doesn’t allow you to work offline, I lost my entire post and now have to type it all again.
Looks like we are about ready for the end of the world and the start of the robot Apocalypse. A virus has infected the US Drone fleet and so far the admins have been unable to remove the infection. Now all we need is for the US military to hand over control of its entire system to a super AI and we are ready to go. To make things even better we also have early prototypes of HK’s (HunterKillers) in testing in various labs around the world.
Its funny how real life follows fiction at times. When I used to tell people that I was interested in Artificial intelligence, the most common reaction I would get was “are you crazy? Haven’t you seen Terminator?” Now if we have a rogue AI running around its actually possible for it to cause a whole lot of damage, maybe not to the tune of ‘end of the world’ but enough to make life miserable for a whole lot of people.
Maybe its time to stock up on my tin-foil hats and MRE’s
Augmented reality, the words bring to mind a science fiction world where people wear glasses hooked up to computers that give additional information on the item being looked at. I have read scores of novels where this technology is in use by humans (both in a positive and negative sense) but till date this technology was still in the realm of Science Fiction.
Now this has changed. ThinkAnApp studio based in Buenos Aries has developed specialized software that allows them to create a tattoo that when viewed through a camera gets transformed into a flying dragon. Or anything else you want. Pretty cool eh?
Here’s what the Tattoo looks like when viewed through a camera:
Check out the video demoing the tattoo in action here.
This is just a prototype and isn’t released for public use yet. But it is a step in the right direction and slowly but surely we are moving closer to the day when the virtual world will overlay the real world and open up all the awesome possibilities that entails.
Source: ThinkAnApp – Augmented Reality (tattoo).
Yesterday I was organizing my system and found log files from an old MSN account I had which I used mainly for chatting with friends. I decided to enable the account in Pidgin and see if the account still worked. When I tried logging in to the account it didn’t let me because I guess the account had gotten locked down due to inactivity.
So I went to the MSN site and tried to login to the account. At first it didn’t let me, so I tried resetting the password for the account. But that didn’t work as I couldn’t remember what information I had initially filled when creating the account so I asked the system to email me the password reset instructions.
Now came the funny part. The system was going to email me the password reset instructions to the same account that I was requesting the password reset for. Below is a screenshot I took of the process.
Weird MSN Password reset logic
How I am supposed to access the account to get the reset instructions is something that they didn’t quite explain. The funny part is that the system finally let me login with the same password I had tried with originally. *shrug* Atleast it worked, though I am surprised that the account wasn’t deleted considering I hadn’t logged in for over 2 years.
Was watching Eureka (Its a TV show, about this town with brilliant scientists) and they had an episode a little while ago where an organic computer got infected with a virus and got transmitted to a person when they used it.
This made me think, this can really happen once organic computers start becoming commonplace. After all human beings are pretty much an organic computer with a pretty face. So it would become possible to send an email attachment to a target group (lets say an enemy country) and infect their bio-computers. Then the virus would copy itself over to the human operator and set itself up as a background process in the human mind (There is more than enough processing power in the human brain for this) and once its set up it could monitor all actions/thoughts etc and keep a log of everything that person does, this data would then be sent back to the creator of the worm/virus to be used as seen fit by them.
The virus could even take over the human and make them do stuff that they wouldn’t normally do (like treason, or espionage) and I don’t think there is an easy way we could detect something like this and prevent it from happening. It reminds me of a novel I read a couple of years ago where humans had chips implanted in their heads to allow them to process/store data and one of the character’s chip got hijacked and they could no longer control their actions. Now the same thing will be possible without any extra hardware implanted in the target.
I guess to counteract this we would have to have an anti-virus program for the human mind: “Scan your brain for virus’s and trojans today”. Before any secret meetings all participents would have to have their brains scanned.
To make things scarier governments could release a worm that let them keep an eye on their subjects and stop any activity they don’t like before it got far. Think “Big Brother” in your head…
think scared doesn’t it?
A lot of must have seen the advertisements on MS Vista where they talk about the wow factor. Well today I used it on a clients machine and it certainly made we go wow. Read on for the details…
I had a 90 MB file that I needed to extract on their system (224 MB uncompressed), so I copied the file to their system,right clicked and chose extract. Then came the wow factor. Vista told me that it out need ~13 hours to extract the file. Waited for a few mins and it didn’t go down. It really was going to take it 13 hours + change to extract it. Certainly made me go wow.
I didn’t take a screen shot of it at the time, but then as I was telling my cousin about it, I decided to blog it so needed to take a screen shot. When I took the following screen shot it was telling me that it would take 5 days to extract. I waited for a couple of mins in case it was just exaggerating like Windows XP and it would show the correct time in a few mins. But alas it kept showing me the same time.
So here goes:
MS Vista WOW!!!
BTW, just as a comparison, my Windows XP system on a 1 GZ system with 512 MB of RAM takes ~2 mins to extract this file. Haven’t timed it on Linux yet. And this vista install is a running on a new machine thats pretty powerful. And i am not the only one who saw this. Another guy was complaining about it on one of the forums that I visited. His file was taking ~15 mins to extract on vista while on Linux it took about 11 secs to extract.
Ah well. I think I can do without the wow in my life. Pretty happy with Debian and XP for my systems. Don’t think I will be upgrading to Vista anytime soon.
Can’t figure out what the big deal is about DRM? Check out the following site, it will give you a visual representation of what DRM is and how it would affect everyday objects/tasks.
Flickr: The DRM is Like… Pool
Thanks to Open… for the link.
Anyone care to explain what exactly this is supposed to do other than annoy fans?
Congress raises broadcast flag for audio