X-Geek

Extreme geekiness

There are 696 posts filed in X-Geek (this is page 3 of 70).

Opinion | Our Cellphones Aren’t Safe – The New York Times

America’s cellular network is as vital to society as the highway system and power grids. Vulnerabilities in the mobile phone infrastructure threaten not only personal privacy and security, but also the country’s. According to intelligence reports, spies are eavesdropping on President Trump’s cellphone conversations and using fake cellular towers in Washington to intercept phone calls. Cellular communication infrastructure, the system at the heart of modern communication, commerce and governance, is woefully insecure. And we are doing nothing to fix it.

Source: Opinion | Our Cellphones Aren’t Safe – The New York Times

Repair Cafes Aim to Fix Our Throwaway Culture – CityLab

Repair cafes. What a brilliant idea!

We were at a “repair cafe” inside the Elkridge Library in Howard County, Maryland. Instead of silence, we were surrounded by the buzzing of power drills and the whirring of sewing machines. Goedeke was one of the “master fixers” there. He doesn’t like the term, though; he says it should be reserved for the professionals. “We’re all just amateurs at this, and we’re just having fun, mostly,” the 67-year-old retired engineer said.

Around the room, 10 others were helping residents repair everything from tables and lamps to jewelry and clothing. In one corner, a handful of vacuums had begun to accumulate. These were things people normally threw away when they malfunction. “[Our society] has been inculcated in the last 50 years with this disposable concept and to buy the best and the latest,” Goedeke said. “We just don’t expect to keeps things around.”

Source: Repair Cafes Aim to Fix Our Throwaway Culture – CityLab

Hate To Break It To You, But The Amazing Glitter Bomb Package Video Is Pretty Much Staged

Hey there, I’m back. This time with sort of sad but, “welp, obviously because it’s still 2018” news. Like most pure things, the fun, satisfying, viral video of a former NASA engineer pranking package thieves, which made the entire internet feel vindicated, is not what it seems.

Earlier this week, Mark Rober, an inventor-turned-YouTuber who worked on NASA’s Curiosity rover, among other impressive things, published an 11-minute video detailing how he spent six months creating the ultimate revenge contraption after someone stole an Amazon package off his porch. He called it his “Magnum Opus,” and it went mega, mega-viral, garnering more than 38 million views in three days, and elicited a collective “HELL YES” of joy and satisfaction from everyone who has ever had their stuff taken.

But shortly after the ode to all the packages we’ve lost before swept across the media landscape, viewers on the internet did what they do best: pick it apart.

Source: Hate To Break It To You, But The Amazing Glitter Bomb Package Video Is Pretty Much Staged

Private Equity Controls the Gatekeepers of American Democracy – Bloomberg

Here’s yet another reason why we need open-source, fully auditable voting machines.

Millions of Americans will cast votes in Tuesday’s midterm elections, some on machines that experts say use outdated software or are vulnerable to hacking. If there are glitches or some races are too close to call — or evidence emerges of more meddling attempts by Russia — voters may wake up on Wednesday and wonder: Can we trust the outcome?

Meet, then, the gatekeepers of American democracy: Three obscure, private equity-backed companies control an estimated $300 million U.S. voting-machine industry. Though most of their revenue comes from taxpayers, and they play an indispensable role in determining the balance of power in America, the companies largely function in secret.

Source: Private Equity Controls the Gatekeepers of American Democracy – Bloomberg

Red Hat stock pays off again

Back in 1999, I was working at a local, famous IBM/Linux VAR called Indelible Blue as a Linux Specialist. One day I was investigating a customer issue with a CDROM drive and filed a bug in Red Hat’s Bugzilla bug tracking system. Months went by and I didn’t think much of it until later that summer when I received an email from Red Hat telling me I had been awarded a few hundred shares of pre-IPO stock!

I was amazed at Red Hat’s generosity of giving out pre-IPO stock to anyone in their bug tracking system. I sold the majority of the stock before the Dot Bomb era of 2000 but kept some shares around largely for sentimental purposes. With last month’s announcement of IBM buying Red Hat, I decided it was time to cash in the rest of my shares. Thanks to IBM’s purchase of Red Hat, my shares have brought me a welcome chunk of change.

It’s funny to think that my decision to file one bug over 19 years ago is still paying off today, and in a big way!

Breach at ICollectMedia

ICollectMedia has had its passwords stolen


About, oh … six years ago I tried out a CD cataloging service called ICollectMedia (ICM). Didn’t use it beyond the first time I signed up and forgot all about it until I recently began receiving ransom emails from online crooks who populated their emails with the unique password I used for ICM. Since this was a unique password for a service I no longer use, I wasn’t concerned about the breach affecting me, but it did show me that the folks who run ICM didn’t properly hash the passwords of their users. If they had used hashes then there is no way my complex, unique password would have been easily recovered and subsequently shared on the DarkWeb.

The breach-tracking site Hacked-Emails.com indicates that the ICM data hit the Darkweb on March 1st, 2018.

Amazon HQ2: Advanced talks about second headquarters in Northern Virginia – The Washington Post

Looks like Amazon won’t be coming to Raleigh. I know DC has been on the short list for the HQ2 site but as a techie who grew up outside of DC I would steer clear of any jobs that absolutely required me to commute there every day (outside of a ride in Marine One, that is).

Amazon.com has held advanced discussions about the possibility of opening its highly sought-after second headquarters in Crystal City, including how quickly it would move employees there, which buildings it would occupy and how an announcement about the move would be made to the public, according to people close to the process.

The discussions were more detailed than those the company has had regarding other locations in Northern Virginia and some other cities nationally, adding to speculation that the site in Arlington County is a front-runner to land the online retail giant’s second North American headquarters and its 50,000 jobs.

The company is so close to making its choice that Crystal City’s top real estate developer, JBG Smith, has pulled some of its buildings off the leasing market and officials in the area have discussed how to make an announcement to the public this month, following the midterm elections, according to public and private-sector officials who spoke on the condition of anonymity because Amazon has asked that the selection process remain confidential. The company may be having similar discussions with other finalists.

Source: Amazon HQ2: Advanced talks about second headquarters in Northern Virginia – The Washington Post

Russian eBay page

I’d been browsing eBay a few days back, checking out a few items I was considering buying. I left my eBay tab open though I was not logged in. Yesterday morning, I figured I would log into my eBay account and save the item I was viewing to my “wish list.” So, I clicked on the login link and was surprised to see the eBay signin page show up … in Russian!

I cannot for the life of me figure out how this happened. My browser language is not set to Russian, my eBay preferences are not set to Russian, and I did not somehow enter a Russian URL. There was no reported BGP hijack on eBay, nor would eBay necessarily reflect it if there was – the IP would not have changed from the eBay webserver’s point of view. Yet somehow it served me up a Russian page.

So, what could have happened here? Either something big happened to eBay, or something happened on my end. I did a quick nslookup to make sure I was hitting the proper site:

Non-authoritative answer:
signin.ebay.com canonical name = origin-signin.g.ebay.com.
Name: origin-signin.g.ebay.com
Address: 66.211.185.34
Name: origin-signin.g.ebay.com
Address: 66.211.181.81
Name: origin-signin.g.ebay.com
Address: 66.211.181.96
Name: origin-signin.g.ebay.com
Address: 66.211.185.47

Looks good. I checked the SSL certificate I was receiving and it checked out:

What I think happened is that my connection to eBay was rerouted temporarily through Russia, possibly through malware. Time to do some spring cleaning on my network, methinks.

The extraordinary life of Microsoft cofounder Paul Allen – Business Insider

Paul Allen, co-founder of Microsoft, died yesterday at the age of 65. While I dissed him in the past for being a patent troll, Allen was very much an interesting guy and did some great things with his money. I particularly enjoy the Living Computers museum in Seattle, which Allen founded and played an active role in sustaining.

Everybody knows Microsoft cofounder Bill Gates, the second-richest man in the world.But Microsoft’s other cofounder, Paul Allen, only became famous outside of Seattle once he published his memoirs in 2011.

He too was rich, and his net worth was pegged at $20 billion. With his money, he invested in a lot of tech companies, real estate, and art. But he also led an over-the-top life filled with rock and roll parties, collections, yachts, and sports teams.

Allen died on Monday aged 65 after a battle with cancer. Here is a look back at his fabulous life.

Source: The extraordinary life of Microsoft cofounder Paul Allen – Business Insider