PassingNotes.com

sometimes shit just slips through the cracks, huh? like the amazingly overlooked little gem that ran at wired’s blog the other day: the newbie’s guide to detecting the nsa, posted by kevin poulsen on his 27b stroke 6 blog…he was discussing the overall nsa related wiretap issues, att’s involvement etc…actually, wired’s own ryan singel has written an excellent piece about this entire issue: stumbling into a spy scandal

so yeah, the real meat in that blog bit was kevin’s instruction set for windows users explaining how to find out if the nsa is in fact sniffing your data packets using the tracert command…it’s a fairly simple instruction set, suggesting that any traffic routed to “att.net” is a bad sign, but you should really worry if you see the string “sffca.ip.att.net” which would suggest that your data is being copied directly into room 641a at att, and from there to the nsa….

…oh, but how will you be able to even run the scan test? you’ll need to go into your ms dos prompt (windows users only, duh, because the nsa already knows that all radical left wing mac users are suspect) and type (at the prompt): “C:\> tracert nsa.gov” …this will return a string following your data packet’s route, but i strongly suggest that you visit the entire blog post which explains this because it offers a very detailed example run by the author to show you how it works, including a full return on the query detailing the path and the occurrence of the highly suspect room 641a string…

btw, if you’re like “tracert? wintergreen or spearmint?” tracert is the command title for ‘traceroute’ - per wikipedia, “traceroute is a TCP/IP utility which allows the user to determine the route packets take to reach a particular host. traceroute works by increasing the “time to live” value of each successive packet sent. The first packet has a time to live (TTL) value of one, the second two, and so on. When a packet passes through a host, the host decrements the TTL value by one and forwards the packet to the next host.”

Share This

hey, remember nearly 2 years ago when some dudes started writing about searching for unsecured webcams using a basic query on elgoog? a little while later, a whole site emerged to this pathetic voyeuristic hobby over at opentopia’s hidden cams site…but the problem i have with opentopia is that they don’t explain how to do it yourself, instead they just say, “These webcams were found automatically through a variety of clever search techniques“…clever my ass.

so a coupla things: first, i hate this bullshit when people won’t just say, ‘here’s what i typed in to get these to show up‘ and force me to go unearth it myself and 3) what are the implications for intelligence gathering? this is some scary shit dudes (and dudettes) - each camera represents an IP address, and using one of many free online IP lookup utilities (use your own fingers people, though i prefer domaintools) i might quickly figure out exactly where the broadcast is coming from (parking lots, security cameras, homes, beaches, these cams run the gamut), and what corporation is behind the imagery…ouch.

…oh, so back to that query…it was discussed in detail at graffe, and here’s the skinny: just go to elgoog, and type in inurl:”ViewerFrame?Mode=” and up comes a long list, hundreds of unsecured webcams (or if you’re a lazy shit, then let me do it for you)..to really make your browsing efficient, i strongly suggest that you install the googlepreview firefox extension, lest you should find yourself clicking and loading as much crap as i did in the first go-around…

…and of course, if you’re interested in revisiting (as i did) the amazing amount of crap you can dig up with elgoog (from vulnerable servers to files containing passwords), then stop on by johnny lang’s web site…he got a great writeup by networkworld last year, certainly worth a quick read as well, because if you’re reading this right now then you are obviously not working, right?

Share This

hey, do you know much about DOPA? it’s the “deleting online predators act” - federal legislation from pennsylvania congressman michael fitzpatrick that would “require schools and libraries that receive federal aid ‘to protect minors from commercial social networking websites and chat rooms.” this is obviously all about targeting myspace, but in reality this proposition presents a terrifying world beyond ‘content filters’ …it aims to give schools and libraries a new type of social engineering power, abilities of brobdingnagian proportions that might turn our own kids (or your neighbor’s kids) into unwilling participants in an old ‘aol-style closed internet‘ of the future…this legislation could cut off blogs, online groups of all kinds, video and photo sharing sites and much, much more…

this is really the kind of concept that chills my shit - sites like ‘mycrimespace.com‘ go up, making it easy to understand the dangers of social networking sites - even though the crime rate is disproportionately low relative to the real world (”Less than .01% of all youth abductions nationwide are stranger abductions and as far as we know, no stranger abduction has occurred because of social network services.” - Danah Boyd) - and then shitloads of media junkets jump all over concepts like ‘15 year old girl sleeps with 19 year old she met on myspace!’ - (forgetting completely that we celebrated elvis for doing the same thing without any computers at all) …next thing you know, the government wants to step in and make it generally more difficult for kids to do much of anything online, liberating parents and educators from the oh-so-tiresome process of actively parenting and monitoring their own children/students (really, with so much great cable programming who has the time to watch those future-voters after the ritalin wears off?)

…but if you really want to get into the meat of the issue, and i mean really truly understand the dynamics behind opposition and support, with a very peter-rabbit like explanation of the technologies at hand, the social and technological trends at stake and the people touching this third-rail of the internet, then please - i implore you - take the time to read the full interview transcript available online in which henry jenkins and danah boyd were interviewed by the mit news office….

why? they explain it all - and after reading it, the whole thing will be as clear as an unmuddied lake, as clear as an azure sky of deepest summer (yes, from clockwork orange)…their credentials? “Henry Jenkins is a co-director of the MIT Comparative Media Studies program. His current research, commissioned by the MacArthur Foundation, seeks to identify the core social skills and cultural competencies young people need in order to become full participants in the cultural, political, economic and social life of the 21st century….Danah Boyd is a Ph.D. student at the University of California at Berkeley in the School of Information. Her doctoral dissertation focuses on how youth negotiate identity formation through digital publics like MySpace. Her work is part of a broader project on Kids’ Informal Learning with Digital Media, funded by the MacArthur Foundation.”

…just fucking read it, okay? if you aren’t following DOPA already, you’re gonna be hearing all about this year….

…hopefully, because the largest media and technology companies in the world are so very, very invested in a future built around online services and online interactivity, we’ll see an issue that galvanizes the politickin’ resources of the entire landscape of competitors (as in, ‘elgoog, microsoft, apple, aol, barry diller and yahoo unite in the space between diller’s front teeth‘) - plus i just can’t imagine who (beyond 700 club viewers) will be casting bedroom eyes toward fitzpatrick

Share This

i got an email over the weekend from kailash nadh telling me about a new tool that he’s created called (quite appropriately) Krun.ch….from kailash, “Krun.ch is a simple tool that simplifies the process of compressing and sending your files online. Krun.ch isn’t a replacement for the traditional desktop compression tools, but its just a tool that makes things easier by cutting down all the ‘krunching’ hassles!”

the basic idea: you hit the krun.ch site, then upload a file to compress (through a browser interface) and specify a recipient address to download the compressed file, that’s about it…if you register, you can specify more than one recipient, but registration ain’t required…right now it handles zip, rar and gzip compression formats… the file stays up for 24 hours and then goes away, period…

cool idea? shit yeah, especially if you perhaps wish to use gmail for online backups but just want to compress and email over tons of stuff to archive without any sort of plugin or extension that turns gmail into a file server (particulary if you only use IE)…

if the name kailash sounds slightly familiar, it’s because he’s already developed several tools that kick ass and several of which have already been acquired…these include:

pinggoat (the massive ping service that got equally massive coverage when it launched, acquired)
newzpile (also acquired)
splogspot (fucking brilliant, also acquired, and rather timely given the ridiculous number of spam blogs)
boastmachine (an open source lightweight blogging application)

…kailash is in the UK for the next few years finishing up his undergrad in cs, and i suspect that with his caliber of inventiveness he won’t be looking long for a job…but if you want to hire him on contract, he’ll do work in between classes…

Share This

remember a while ago when i was telling you about these pigeons that were actually blogging? did you also know that pigeons think in logarithms? well, this is another bird-themed blogging bit, but a much more sophisticated take on how information gets organized…and as usual, this is something that the search engine troika could learn from (along with technorati and the other blog engines)

the problem: my blind dog keeps shitting in my neighbor’s yard…no, i’m kidding, lemme start over: the problem: too many blogs and news sources out there, too many rss feeds to manage and track, too many stupid and primitive ways to rank and sort the blogs (tagging, credibility, reliability, etc)…if you’re like “what’s rss? does it look like a mole but hurts?” then please call customer support…

…in a bit by the new scientist (best mag ev-ah) called “a little bird told me” (got it in print, can’t find the online link), there’s a summary describing the work of xiaohui cui and his chums at the oak ridge national lab in tennessee. they’ve got this system full of ‘virtual birds‘ and per the article, “each bird carries a document, which is assigned a string of numbers…docs with a lot of similar words have numbers strings of the same length and a virtual bird will only fly with others of it’s own ’species’ (same string lengths)…so when a new article appears, software scans it for words similar to those in existing articles and it files it into a flock (or creates a new one)”

…and yeah, it’s already working, and the next big thing is allowing users to click on birds to see its content (document)…hypothetically, this could allow for a user to discover associations through a machine process that would never have come to our normal brains without the flocky algorithm, all of which could beat the absolute hell out of services like all of the news alerts out there and turn us all into superior analysts, liberating us from some of the underlying research tedium…the whole group behind this is part of the ornl’s sw group

you can view a demo of cui’s flock based clustering algorithm by visiting his research summary site, but i can’t find the interactive demo for rss processing…in fact, call me paranoid but it seems to have vanished or something - and then consider that it’s under the auspices of the same bright mind who created vipar for osint application, and you have to wonder if maybe this kind of information processing power is more useful for government application than consumer…hmmmm...am i just being paranoid? why else would ornl make it so difficult to find the demo that new scientist got to view when writing up the summary? (there’s a whole swarm algorithm conference coming up, maybe this kinda stuff will be on display there - anybody going?)

Share This