Liudvikas Bukys

Disobey.com::

Dave mentions that NetNewsWire has RSS 2.0 <comments> support in the latest downloadable beta. I sometimes forget how easy it is to add new display data to AmphetaDesk – all current versions of AmphetaDesk could have supported display of <comments> the second Dave rolled the idea off his tongue. Here’s how you do it with the default AmphetaDesk templates. First, open AmphetaDesk/templates/default/index.html with a text editor. Then, look for the following line (wrapped here for clarity):

to_browser(qq{ $item->{description} })
   if $item->{description};

Right beneath it, add one line (wrapped here for clarity):

to_browser(qq{ <div align=”right”>[<a href=”$item->{comments}”>Read the Comments!</a>]</div> }) if $item->{comments};

You can do this with AmphetaDesk open already – once you save the file, refresh your page, and any RSS 2.0 feed that uses the <comments> tag will give you a chance to go directly to any posted comments on that entry. Try it out on Brent’s (of NNW fame) RSS feed.

From Dylan Greene dot com – Blog Comments – XML button created via CSS, with one small addition:

<a title=”RSS 2.0″ href=”rss.xml” style=”text-decoration:none”><span style=”border:1px solid; border-color:#ffc8a4 #7d3302 #3f1a01 #ff9a57; padding:0px 3px 0px 3px; font:bold 10px verdana,sans-serif; color:#FFFFFF; background-color:#ff6600; text-decoration:none; margin:0px;”>XML</span></a>

The ‘ style=”text-decoration:none” ’ inside the ‘a’ element is needed to prevent Mozilla 1.0.1 (Linux) from underlining the text.

Polymer Tactile Sensors
“According to a short article
on betterhumans.com, the latest thing in android skin is the polymer
tactile sensor. Also known as “smart skin”, the sensor is an
inexpensive, flexible polymer material that can conform to the shape of
the robot and provides high spatial resolution and sensitivity. Robots
with smart skin will be able to build maps of tactile contact that can
be used to detect slippage of gripped objects and shape recognition when
touching objects. Research on polymer tactile sensors is being carried
out by Jonathan
Engel at the University of Illnois’ Micro Actuators, Sensors,
and Systems Group (MASS).”

Internet2 ListProc-WWW: Archives for I2-NEWS:
Washington, DC–February 21, 2003–The first higher education-focused Information Sharing Analysis Center today was established by Indiana University through an agreement with the National Infrastructure Protection Center (NIPC). The Research and Education Network Information Sharing Analysis Center (REN-ISAC) operated by Indiana University will focus on the high performance network infrastructure dedicated to research and education. The “National Strategy to Secure Cyberspace” announced by President Bush last week calls for establishing ISACs to facilitate communication, develop best practices, and disseminate security-related information.

New tool puts lid on worms:

“With CounterMalice, information technology administrators can divide their organization’s network into cells and prevent worms from spreading from one cell to the next, said Stuart Staniford, Silicon Defense’s president.”

Spammers hiding behind students
“University networks already stressed by file-sharing programs, viruses and hackers now face a new threat: students who sublet their network access to spammers for as little as $20 per month.”

e i g h t – c u b e d . c o m – RSS 2.0 comment links
This is in support of aggregators that can use these links to post comments back to a site without leaving the aggregator.

Ross Anderson:

Citibank is trying to get an order in the High Court today gagging public
disclosure of crypto vulnerabilities:

citibank_gag.pdf

I have written to the judge opposing the order:

citibank_response.pdf

The background is that my student Mike Bond has discovered some really
horrendous vulnerabilities in the cryptographic equipment commonly used
to protect the PINs used to identify customers to cash machines:

UCAM-CL-TR-560.pdf

These vulnerabilities mean that bank insiders can almost trivially find
out the PINs of any or all customers. The discoveries happened while Mike
and I were working as expert witnesses on a `phantom withdrawal’ case.
The vulnerabilities are also scientifically interesting:
http://cryptome.org/pacc.htm

For the last couple of years or so there has been a rising tide of phantoms.
I get emails with increasing frequency from people all over the world whose
banks have debited them for ATM withdrawals that they deny making. Banks in
many countries simply claim that their systems are secure and so the
customers must be responsible. It now looks like some of these
vulnerabilities have also been discovered by the bad guys. Our courts and
regulators should make the banks fix their systems, rather than just lying
about security and dumping the costs  on the customers.
Curiously enough, Citi was also the bank in the case that set US law on
phantom withdrawals from ATMs (Judd v Citibank). They lost. I hope that’s
an omen, if not a precedent …

Security gap found in SSL…(In an upcoming paper, Brice Canvel (EPFL), Alain Hiltgen (UBS), Serge
Vaudenay (EPFL), and Martin Vuagnoux (EPFL, Ilion) describe and
demonstrate a timing-based attack on CBC ciphersuites in SSL and TLS.
Patched in OpenSSL 0.9.6i and OpenSSL 0.9.7a.)

MindJack:

Felten slams self-censoring scientists
Computer science prof and anti-DMCA poster child, Edward Felten, slammed a recent article about scientists considering self-censoring research.

The new editing methods will be voluntary and will differ among the 32 publications and scientific associations that agreed to the effort.

In response, Felten argues:

…the research we would be censoring is often the same research that we would use to defend ourselves.

In the current climate, it’s not surprising that calls for censorship of research are resurfacing. Apparently we need to have a debate on this topic. What we don’t need are slanted arguments that ignore the very real costs of censorship.