Greenway ride to lunch

Today Kelly wanted to take advantage of the beautiful Mother’s Day weather to ride our bikes someplace for lunch. We opted for the Quizno’s sub place on Six Forks Road. Rather than pile our bikes in the van and haul them to the greenway, this time we let our kids ride with us through the neighborhood to the greenway.

It worked like a champ! We got to Quizno’s within 30 minutes and greatly enjoyed the novelty of getting there without a car. We enjoyed a fun lunch on the restaurant deck before moseying over to Borders to browse books. Then it was back home via the greenway. Easy! The kids didn’t even balk at the long, slow climb up Dennis Avenue: the home stretch.
Continue reading →

The compelled certificate creation attack

My friend Jeff has alerted me to a large hole in the SSL encryption problem: that of the compelled certificate creation attack.

Here’s how it works: your web browser comes pre-programmed to trust a number of certificate authorities. A certificate authority is an organization which vouches for an SSL-certificate being presented by a website. An SSL-certificate is designed to positively identify that a website you’re connecting to is who it says it is.

A national government intent on spying could compel one of these certificate authorities (call it ABC Certificates) to create an imposter SSL certificate (for, say, bankofamerica.com) and bless it with ABC Certificates’s stamp of approval. Because your browser trusts ABC Certificates, it will happily trust this fake certificate from bankofamerica.com. The evil national government could then surreptitiously intercept all traffic bound for the real bankofamerica.com and point it to its fake website so as to collect information. Or, it could surreptitiously insert a proxy into the SSL data stream and capture packets, with you or your browser being none the wiser.

You can read the findings of the two Indiana University researchers, Christopher Soghoian and Sid Stamm, here [PDF] on Cryptome.Org. You can also read the discussion of the vulnerability here (scroll to lower 2/3rds of the transcript).

Farmville maker raking in the cash

We were in Borders today chatting with one of the staffers. Somehow the conversation veered to Facebook, when mentioned an amazing statistic about the service. He told us the company that makes the (addicting or annoying, depending on your point of view) games Farmville and Mafia Wars on Facebook is on track to make $450 million this year, selling non-existent livestock and guns.

Sure enough, Business Week has the scoop on this three-year-old company named Zynga. Now where can I find a book on the Facebook API?

S	M	T	W	T	F	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30	31