DIASPORA* Invites (2 left)

I've obtained an invite for Diaspora* Alpha Test.
Comment or E-Mail me to this post to obtain an invitation ticket.

4chan rushes to WikiLeaks' defense, forces Swiss banking site offline

The forces of Anonymous have taken aim at several companies who are refusing to do business with WikiLeaks. 4chan's hordes have launched distributed denial-of-service attacks against PayPal, Swiss bank PostFinance, and other sites that have hindered the whistleblowing site's operations.

A self-styled spokesman for the group calling himself 'Coldblood' has said that any website that's 'bowing down to government pressure' is a target. PayPal ceased processing donations to the site, and PostFinance froze WikiLeaks founder Julian Assange's account. The attacks are being performed under the Operation: Payback banner; Operation: Payback is the name the group is using in its long-running attacks on the RIAA, MPAA, and other organizations involved with anti-piracy lawsuits.

From Ars Technica

Microsoft rolls out free Office Web Apps to 15 additional countries

Microsoft began previewing Office Web Apps (OWA) back in September of 2009, and today the Office team has announced expanded availability of the free-to-use OWA. Originally available in just 11 countries, the total number has been more than doubled and is now open to users in China, Denmark, Finland, Hong Kong, Italy, Japan, The Netherlands, New Zealand, Norway, Portugal, South Korea, Spain, Sweden, and Taiwan.

All you need is a Windows Live account, and it's well worth signing up for one if you haven't already. Office Web Apps are fully compatible with their desktop counterparts, and while they're somewhat feature-limited you can use them in good conscience without having to pay a single cent.

Microsoft rolls out free Office Web Apps to 15 additional countries originally appeared on Download Squad.

Google unveils Cr-48, the first Chrome OS laptop

We've had plenty of pre-knowledge on this, but surprisingly this is our first actual glimpse of Google's new unbranded 'Cr-48,' the very first Chrome OS laptop. Google will distribute the laptop through its Chrome OS Pilot Program, in a sort of public beta. You actually have to apply to join the program, and there are going to be a limited number of the laptops available -- retail Chrome OS models from Acer and Samsung will be available in the middle of 2011 for the masses. Google's doing a number of little promotions to give away the devices to interested users and businesses which will provide feedback, and it looks like there's no way to actually pay money for one right now. Now, for the specs:

• 12.1-inch screen.
• Full size keyboard.
• Oversized clickpad.
• Qualcomm Gobi 3G chip for Verizon data in the US, your carrier of choice internationally.
• 802.11n dual-band WiFi.
• 8+ hours of active use.
• 8+ days of standby.
• Webcam.
• Flash storage.

The keyboard is the one we uncovered last week, with no function keys, but a full row of Apple Keyboard-style actions. The caps lock key has been replaced with a search button, which will enrage internet trolls and screenwriters alike. Branding-wise... there is none. The 'Cr-48' refers to an isotope of the material chromium, there's no logo and no design frills on the laptop itself, and it only comes in black. It seems Google is going out of its way to make it clear that this isn't a mass market device, with Chrome OS still in the beta stage, and no apparent intentions to compete with third parties in the hardware space. Still, we gotta say: we wish more manufacturers would take a page out of this no-frills book. The murdered out Cr-48 looks like pure sex to us.

From Engadget

Windows Tip - Mount folder as Drive

Would you like to "mount" a folder as virtual drive?
Here it is the solution:

subst [drive letter] [path to folder]

To un-mount:

subst [drive letter] /d

Hope it helps.

Google Cloud Print hands-on

Google Cloud Print just launched, and we're glad to announce... it works! At least from the Chrome test page.

Google are expected to launch cloud print-enabled Android apps later today, which will mean you can print from your phone direct to your printer -- or indeed any printer that's connected to Google Cloud Print.
The gallery should walk you through each of the steps. It took a while for the document to be printed (a few minutes) but it did eventually print -- that could merely be a connection issue on my end, however.

Original from DownloadSquad. Read more here.

Nexus S and Gingerbread (2.3) Officially Announced

As expected, today Google announced Android 2.3 Gingerbread and the Nexus S. Android 2.3 is the latest iteration of Google’s popular smartphone platform, and includes a number of immediately apparent graphical changes to the Android 2.2 UI, and a host of under the hood features for developers.

Alongside the Android 2.3 announcement came official confirmation of the Nexus S, which appears to be architecturally very similar to the Galaxy S line of devices, with the notable inclusion of near field communication (NFC) hardware, a 4' curved display, and front facing camera, 16GB of memory. Read more here...

In Wired, they explain what to expect from Android 2.3 (and related devices). The NFC feature will enable new earning paths to Google. In my opinion it will be exploited firstly in US.

If you're feeling brave, dive right into the Android 2.3 Platform Highlights. It's aimed at developers, but most of the main features are spelled out in plain English. Here's a taster:

• Faster, more intuitive text input -- the default keyboard has been significantly improved, and multi-touch 'key-chording' means faster input


• UI refinements for simplicity and speed -- the UI has been simplified, with menus and settings now easier to find. It looks like the whole thing will be quite bold and 'primary colored'


• One-touch word selection and copy/paste -- this one's quite hard to explain, better to look at the two pictures


• Improved power management -- apps will be automatically closed if they steal a lot of CPU time, and users can now see at a glance which phone components and apps are taking up the most power


• More ways to communicate -- Internet calling (VoIP/SIP), Near Field Communication and video calling with the front-facing camera are now possible

There's lots of other low-level changes, but I won't bore you with them. It's safe to say that, as I write this, app developers the world over are drooling on their hairy feet. To put it another way, that Sony PlayStation phone that you've seen on Engadget -- it's only possible because of some big changes in Android 2.3's architecture.
With regards to availability, Gingerbread will be open-sourced in the next few weeks. The Nexus S will be available to buy in the US from December 16, and in the UK from the 20th.
There are videos of the phone itself, and some developers getting their nerd on, after the break.

Continue reading Android 2.3 Gingerbread SDK and the Nexus S announced by Google on Download Squad

NASA discovers arsenic-born organisms, search for life gets broader parameters

If you were hoping NASA was going to announce the very first tweet from an extraterrestrial being, sorry to break your heart -- it is astrobiological, but the findings are actually borne of this rock. Researchers in Mono Lake, California have discovered a microorganism (pictured) that uses aresnic instead of phosphorous to thrive and reproduce. The latter, as far as human life is concerned, is a buildng block of life along with carbon, hydrogen, nitrogen, oxygen, and sulfur, integral to DNA and RNA. Arsenic, meanwhile, is generally considered toxic to life as we know it. In other words, NASA's proven that life can be made with components different than our current assumptions -- both locally and beyond the stars. That sound you hear is a thousand light bulbs popping up as science fiction writers everywhere conjure up brand new super villains. The press conference is still going on, we're listening in and will let ya know what else we hear.

Read more from engadget or wired.

Back To The Future 3 500GB USB HD

Submitted by: tugbote
Posted at: 2010-11-26 14:30:02
See full post and comment: http://9gag.com/gag/52862

[UPDATE] TabJuggler: Chrome Extension

Hi... I've just released TabJuggler extension for Google Chrome (and Chromium).
I wanted to juggle a little with tabs, moving them, etc...
I decided to create an extension to perform some tasks such as grouping, merging, exploding tabs...
Now it allows to:

• collect all tabs in all Chrome windows and move them into a single Window
• move each Tab of the current Window and move it to a separate Window
• group Tabs by Hostname and move each group in a separate Window
• sort Tabs by Title, Hostname or Url
• search for Tabs containing in their Title or Url a string or using a regular expression

Here the Google Chrome Extension Gallery page and the Google Code Project page.
Please give me feedback and/or comments.
Thanks in advance...

[UPDATED] Wikileaks - Italy Executive scared for incoming news

Nice tool for browsing Wikileaks Database from The Guardian.

El-Pais publishes leaks too.
Le Monde starts the information stream.
The Guardian starts publishing leaks, read more here.

Leaks focuses on:

• Grave fears in Washington and London over the security of Pakistan's nuclear weapons programme
• Alleged links between the Russian government and organised crime.
• Devastating criticism of the UK's military operations in Afghanistan.
• Claims of inappropriate behaviour by a member of the British royal family.

Wikileaks website is under attack. Probably a DDoS (more informations here) [UPDATE] Confirmed via Facebook:

We are currently under a mass distributed denial of service attack. (DDoS)
El Pais, Le Monde, Speigel, Guardian & NYT will publish many US embassy cables tonight, even if WikiLeaks goes down

NYT, Le Monde, El Pais, The Guardian will publish contents even if WikiLeaks website goes down.
I expect a DNS redirect for censuring in some countries.
Google Search and Twitter showing increasingly posts, tags on WikiLeaks stuff.

Android on iPhone

All I can say is... Good Job.
I knew it was possibile to set up a Linux Kernel on Apple iPhone...
But I thought it would be difficult to make all devices work.
David Wang reached the objective, doing more or less the same stuff the x86 porting group did a year ago.



I checked Google Groups android-porting section and there are a lot of informations about that achievement.

You can download some shared stuff from Wang here (idroid-release-0.1.tar.bz.tar).

Steve Jobs

Steve Jobs’ 6 Sneakiest Statements

Posted using ShareThis

TED 2010: Reality Is Broken. Game Designers Must Fix It

TED 2010: Reality Is Broken. Game Designers Must Fix It

Posted using ShareThis

Merry Christmas!

Merry Christmas!

Twenty-Two (OMG) Google Wave Invites [UPDATED]

People...
I've got 6 22 invites for Google Wave.
Google Wave is a infrastucture allowing users to communicate and collaborate, in real-time.
Down here a very loooooooooong video of the last Google IO, in which some engineers are showing the wave technology capabilities.

Google Wave is particularly suitable for:

• Organizing events
• Brainstorming with other people
• Sharing photos
• Taking meeting notes (ensuring all people have all the details, for example)
• Playing interactive games

The features can be expanded, writing plug-ins and now supports spell-checking and translation in different languages.

All communications are based on the Google Wave Federation Protocol. This protocol aims to become a standard element to be used by different implementations of "Wave" applications.

For the invites, please leave comment this post.
The first 6 (remember to place your email in the post form, a gmail one is required) users will receive an invite.
Tell me how did you reach my blog and if you were following me in some way (feed, visiting the website, etc...).
As Dr.Google Wave adverts:

Invitations will not be sent immediately. We have a lot of stamps to lick.

Thanks!

Chrome OS - What is Google doing?

Well... Chromium OS is out!
As usual, it has been released by Google in the classic "Beta" style.
As they did with Google Android, but having a different target: trying to get experience in a field  in which the company has never landed.
They're also trying to obtain some percentage of market, to annoy main competitors, getting published in a lot of newspapers and so on (read it as free advertising).
I had no time to test it, but all I can see is an increasingly interest of developers on checking it out, rebuilding and trying it in a virtualized machine.

It surely lacks in hardware support and configuration.
BUT a lot of people are remarking one thing: if the operating system is a safe and secured environment, nowadays all the activities can be performed via browser, in the cloud.
Better if Google switches users in the
Google made ChromiumOS (the correct way to say it should be: "placed together different open source projects and glued them by using their IP and ideas") announcing a secure operating system.
Schneier in this article said it was an "idiotic claim". Well... Maybe they wanted to say that the newborn OS, being Linux derived, will have less problems than Microsoft counterpart.
There's a page in the ChromiumOS Project website, in which Google tries to explain how security is implemented.
I'm quoting a part of it:

The perfect is the enemy of the good.  No security solution is ever perfect.  Mistakes will be made, there will be unforeseen interactions between multiple complex systems that create security holes, and there will be vulnerabilities that aren't caught by pre-release testing.  Thus, we must not allow our search for some mythical perfect system to stop us from shipping something that is still very good.

Deploy defenses in depth.  In light of our first principle, we will deploy a variety of defenses to act as a series of stumbling blocks for the attacker.  We will make it hard to get into the system, but assume that the attacker will.  We'll put another layer of defenses in place to make it difficult to turn a user account compromise into root or a kernel exploit.  Then, we'll also make it difficult for an attacker to persist his presence on the system by preventing him from adding an account, installing services, or re-compromising the system after reboot.

Make it secure by default.  Being safe is not an advanced or optional feature.  Until now, the security community has had to deploy solutions that cope with arbitrary software running on users' machines; as a result, these solutions have often cost the user in terms of system performance or ease-of-use.  Since we have the advantage of knowing which software should be running on the device at all times, we should be better able to deploy solutions that leave the user's machine humming along nicely.

Don't scapegoat our users.  In real life, people assess their risk all the time.  The Web is really a huge set of intertwined, semi-compatible implementations of overlapping standards.  Unsurprisingly, it is difficult to make accurate judgments about one's level of risk in the face of such complexity, and that is not our users' fault.  We're working to figure out the right signals to send our users, so that we can keep them informed, ask fewer questions, require them to make decisions only about things they comprehend, and be sure that we fail-safe if they don't understand a choice and just want to click and make it go away.

They are using sandboxing techniques and they will try to apply it even at lower operating system layers (such as drivers).

MIT Open Course Ware

MIT OpenCourseWare is a web-based repository of MIT university course materials.
It is free, it doesn't require any registration. Obviously, you can't get any certificate or degree!

Others universities all over the world are sharing Course Materials: official ones are those affiliated to the Open Course Ware Consortium.

A great step towards education for all people is to make content and knowledge available for free and the smoothest way possible.

Contents are available as lecture notes, exams, videos, audio files...

It is also possible to contriute on this activity, translating contents in non-english languages or use them (giving the proper attribution to the original MIT Faculty Author/s).
Contents are released in Creative Commons BY-NC-SA License.

Accelerometer-based mouse

A little preview... A full review in few days!

Non-exploitable vulnerabilities at source code level

I am writing a small article describing a kind of vulnerability that can be used against Linux Kernel.
This is due gcc and its optimization procedures, in some cases, make some source code buggy.
Furthermore, in this case, if SELinux is enabled, the system becomes weaker.

The vulnerability is described here (by Brad Spengler) and it can be exploited in Linux Kernel 2.6.30+/RHEL5 2.6.18 in /dev/net/tun.
The implmentation (was, before being fixed):

struct sock *sk = tun->sk;  // initialize sk with tun->sk
…
if (!tun)
return POLLERR;  // if tun is NULL return error

As tun is dereferenced (to use tun->sk) the compiler assumes that tun is non NULL, so it removes the check for tun against NULL.
Avoiding the initial crash caused to bad initialization (using mmap and SELinux), it is possible to exploit the Kernel because there is no check against tun.

I can point You all to this blog, in which are described a lot of vulnerabilities (also silently fixed ones).
Milw0rm is another source of exploit notices.