So a buddy of mine has the Sprint Hero (Android OS) loaded with the latest Sprint update which is Android OS 2.1 at the time of writing this.. I have the Verizon Eris Rooted with Android OS 2.1.. So 2 different phones.. 2 Different carriers.. 2 different Roms - 1 is over the air updated from Carrier, other is Rooted rom from the Internet.

My buddy was going to check out a website on his phone (url wont be disclosed) when he opened up the default “Internet” app and cleared out the address bar and typed “http://www.re” with no quotes, the auto complete came up as http://www.redtube.com this is not a site he has ever been too on his phone.. To confirm this wasn’t just by chance I grabbed my phone and attempted to recreate the issue.. it did the same thing on mine..

The above picture is of my phone please note the following.. I have never put that url into my phone before.. the restockit urls are from my history cache.. redtube came up even above my phones history cache..

So Google.com Promotes RedTube?  For anyone that does not know.. RedTube is NOT SAFE FOR WORK!! My buddy would have gotten in trouble if someone else at work was looking over his shoulder and saw that popup..

Apple’s iPad, released Saturday, has been scrutinized by hundreds of reviewers, disassembled by iFixIt and others, and fiscally analyzed by Wall Street, but it wasn’t until Monday that the most pressing question about the “magical and revolutionary” device was answered.

That question, of course, is: Will it blend?

Tens of millions of YouTubers have watched Blendtec’s deadpan blendologist Tom Dickson over the years as he has popped a series of devices and ingredients into his company’s voracious Total Blender to answer that pressing question.

Into the maw of that industrial-strength yet designed-for-the-home machine have gone, among many other things, an iPhone, a half-dozen Bic lighters, a gaggle of glow sticks, and a can of Coca-Cola along with a rotisserie chicken - which resulted in the tasty smoothie known as a Cochicken.

Today, it was the iPad’s turn. Of course, you fans of the “Will It Blend?” series know well that the mouth of the Total Blender is too small into which to slip an iPad. But worry not, as Dickson has a straightforward methodology for overcoming that obstacle.

You can observe Dickson’s technique, and discover the fate of the fanbois’ delight here

Somewhere in a corner office at Cupertino’s One Infinite Loop, we can only imagine, a certain “CEO of the Decade” is not amused.

(Source: http://www.theregister.co.uk/2010/04/06/ipad_blend/ )

Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.

The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.

The demonstration is only the latest attack to highlight fundamental security weaknesses in some of the internet’s core protocols. Those protocols were largely developed in the 1970s with the assumption that every node on the then-nascent network would be trustworthy.  The world was reminded of the quaintness of that assumption in July, when researcher Dan Kaminsky disclosed a serious vulnerability in the DNS system. Experts say the new demonstration targets a potentially larger weakness.

"It’s a huge issue. It’s at least as big an issue as the DNS issue, if not bigger," said Peiter "Mudge" Zatko, noted computer security expert and former member of the L0pht hacking group, who testified to Congress in 1998 that he could bring down the internet in 30 minutes using a similar BGP attack, and disclosed privately to government agents how BGP could also be exploited to eavesdrop. "I went around screaming my head about this about ten or twelve years ago…. We described this to intelligence agencies and to the National Security Council, in detail."

The man-in-the-middle attack exploits BGP to fool routers into re-directing data to an eavesdropper’s network.

Anyone with a BGP router (ISPs, large corporations or anyone with space at a carrier hotel ) could intercept data headed to a target IP address or group of addresses. The attack intercepts only traffic headed to target addresses, not from them, and it can’t always vacuum in traffic within a network — say, from one AT&T customer to another.

The method conceivably could be used for corporate espionage, nation-state spying or even by intelligence agencies looking to mine internet data without needing the cooperation of ISPs.

BGP eavesdropping has long been a theoretical weakness, but no one is known to have publicly demonstrated it until Anton "Tony" Kapela, data center and network director at 5Nines Data , and Alex Pilosov, CEO of Pilosoft , showed their technique at the recent DefCon hacker conference. The pair successfully intercepted traffic bound for the conference network and redirected it to a system they controlled in New York before routing it back to DefCon in Las Vegas.

The technique, devised by Pilosov, doesn’t exploit a bug or flaw in BGP. It simply exploits the natural way BGP works.

(Read More )

The executives in charge of online payment system E-gold have pleaded guilty to money-laundering charges, the US Department of Justice said on Tuesday.

Principal E-gold director Douglas Jackson, who is also chief executive of E-gold affiliate Gold & Silver Reserve, pleaded guilty to conspiracy to engage in money laundering and operating an unlicensed money-transmitting business. Jackson now faces up to 25 years in jail and a fine of $750,000 (£376,000).

E-gold senior directors Barry Downey and Reid Jackson each pleaded guilty to charges related to operating a money-transmitting business without a licence. They could each be fined $25,000 and receive a jail sentence of up to five years.

At sentencing in November, E-gold and Gold & Silver Reserve, as organisations, face a maximum fine of $3.7m. Additionally, as part of their plea bargain, E-gold and Gold & Silver Reserve will forfeit $1.75m in the form of a money judgement.

"By failing to comply with money-laundering laws and regulations, the E-gold operation created an environment ripe for exploitation by criminals seeking anonymity in conducting online transactions," said acting assistant attorney general Matthew Friedrich. "This case demonstrates that online payment systems must operate according to the applicable rules and regulations created to ensure lawful monetary transactions."

Security experts and law-enforcement officers have known for years that criminals were using E-gold accounts. ZDNet.co.uk reported in 2006 that a piece of ransomware had instructed users to pay money into an E-gold account to recover hijacked data.

E-gold provides digital currency services over the internet through the sites e-gold.com and omnipay.com. According to the Department of Justice, the E-gold operation was attractive to criminals because it did not require users to provide their true identity, or any specific identity at all.

E-gold continued to allow accounts to be opened without verification of user identity, despite knowing that the operation was being used for criminal activity, including child exploitation, investment scams, credit-card fraud and identity theft, the Department of Justice said.

In addition, E-gold designed a system that expressly encouraged users whose criminal activity had been discovered to transfer crime proceeds to other E-gold accounts. E-gold had assigned employees with no relevant experience to monitor hundreds of thousands of accounts used for criminal activity.

Jackson said the case provided an opportunity for "a new beginning" at E-gold.

"The resolution of the criminal case… provides for a second chance — an opportunity to address the flaws embedded in the E-gold system and to transform the E-gold operation into the institution that I, the other directors, and our long-suffering employees and contractors have always envisioned — one that serves to advance the material welfare of mankind," wrote Jackson in a blog post.

E-gold and Gold & Silver Reserve will continue as organisations, but will now have to comply with US federal and state laws related to operating as a licensed money-transmitting business, and address the issue of money laundering. E-gold will also have to prove its claim that all transactions are backed by physical gold.

(Original Post )

Mr Cerf was interviewed at the Fortune Brainstorm conference in Half Moon Bay. He often speaks about net neutrality. In this interview he says that companies such as Verizon misquoted him in full page adverts in major newspapers.
He says the Telcos are acting like little kids in a tantrum. "I’m not going to build this system unless you give me three scoops of ice cream and a pony. My reaction to this is quite negative. It’s harmful to the national interest to behave in this way."
Mr Cerf wants a split in the way broadband providers operate so that they are not allowed to interfere with any applications on the Internet and that the carriers charge themselvesl, from an acconting point of view, how much bandwidth they use.
He says that carriers should be provided with incentives to make them behave differently or there should be an incentive for competitors to come into the market that can effectively compete with them and to take away their monopoly position.
Here is the 3.45 minute interview, my apologies for the lighting but the audio is very interesting.

(Original Post )

Technorati Profile

Pandora’s internet radio has always been one of those sites that was really cool in concept, but too inconvenient to ever go mainstream. The service was long tied to computers only, and while it eventually expanded to special internet radios and some mobile phones, it still has yet to become a household name. But with the launch of Pandora’s new iPhone app last Friday, it looks like the service is about to hit critical mass. It’s a free, mobile, digital radio station that only plays music you like and lets you skip the stuff you don’t. And it rocks.

The personalized music service employs a small army of 50 musicians to create a “Music Genome” that describes each song according to 600 attributes. Listeners input a few of their favorite artists, and the site analyzes the Genome to serve up an endless stream of recommended music.

We introduced the app last Friday, when we called it our “flat out favorite application so far”, and since then it hasn’t failed to impress. Streamed music plays flawlessly over Edge and 3G networks - during a 40 mile drive I didn’t once run into any kind of skipping or static. Even better, the app currently has no advertisements playing, though we can probably expect that to change.

Unsurprisingly, Pandora’s usage stats are overwhelmingly positive. Pandora is currently the fourth most popular free app on iTunes (behind Apple’s Remote, AIM, and WeatherBug), and has reportedly been seeing a new listener every 2 seconds. Usage over the weekend hit an all-time high for the service, with 3.3 million tracks streamed to iPhone listeners alone. Perhaps more impressive is the retention rate of listeners, who are averaging over an hour of listening per day.

If there’s one thing that could kill the service, it’s ads. Pandora is going to need to monetize the app somehow - let’s hope it allows us to pay an upfront fee (say, $10) to avoid the annoying interruptions that have made listening to traditional radio a painful experience.

(Original Post )