blackstoneharness.com

Monday, September 4, 2017

Experts in Frankfurt, Germany defused a World War II-era bomb yesterday, after more than 60,000 people, the most since World War II, evacuated from the area.

The HC 4000 blockbuster bomb, dropped by the United Kingdom’s Royal Air Force, was discovered days ago near the Goethe University Frankfurt campus in a construction site. Fire chiefs warned its reportedly 1.4 tons of explosives could have destroyed an entire city block.

Residents of the Westend neighborhood, including those of two nearby hospitals, were asked to evacuate by 8 a.m. local time (0600 UTC), though the bomb removal process only began around 2:30 p.m., as the evacuation drew on. Just after 8 a.m., Markus Röck, a spokesman for the Frankfurt fire brigade, said: “The situation is relaxed which is a good sign and everything so far is going according to plan. We will now assess if everybody has left voluntarily and go from house to house and remove people if necessary.”

About 1,100 workers assisted with the evacuation, according to the fire brigade, and helicopters and heat-detection technology were used to check everyone within 1.5 kilometers, about 1 mile, had left. A convention center and concert hall opened to house people, and at museums and the airport, other activities were offered for free.

When the area near the bomb was evaluated, other parts of the city became more populated. Peter Cachola Schmal, director of the German Architecture Museum, remarked, “It’s a different atmosphere here today, because people are settling for a longer time[…] People are coming here to sit with their laptop and work, for example, or read the newspaper for hours.”

Fire brigade director Reinhard Ries said, “the scale of this bomb is overwhelming. I have never seen anything like it.”

Likely thousands of unexploded bombs from the era remain across Germany, and reportedly eleven bomb defusal technicians have been killed there since 2000. Devices may become more unstable as time wears on and their fuses age.

Tuesday, November 15, 2005

People rallied in 300 locations across Australia today to protest the Federal Government’s proposed changes to industrial relations laws, WorkChoices. According to police, around 150,000 people congregated in Melbourne, from where speeches were broadcast throughout the country. In Sydney, thirty thousand gathered in Belmore Park and Martin Place to watch the broadcast before marching to Chifley Square.

Sharan Burrow, President of the Australian Council of Trade Unions (ACTU), said that under the changes many working conditions would be under threat, including “penalty rates, public holidays, overtime pay, control over rostered hours, shift penalties, even 4 weeks annual leave.” The government has claimed, despite various expert assesment to the contrary, and opposition from major Australian religious and charity organisations and some concern from its own backbench, that the IR changes will improve the economy and ultimately benefit workers, and dismissed the protests as having “little effect”.

Saturday, July 9, 2005

Today The Walt Disney Company issued a joint statement with business partners Roy E. Disney and Stanley Gold to the media, as a show of reunion between the two camps after nearly three years of hostility.

Roy E. Disney, son of company co-founder Roy O. Disney and nephew of the company namesake Walt Disney, had resigned from his job as chairman of Feature Animation at the company after experiencing difficulty with the company’s board of directors, many of whom were biased towards company CEO Michael Eisner‘s view of what direction the company should take.

Eisner is due to retire from the company this September, and the talks with Disney and Gold are believed to have been led by Eisner’s successor, Bob Iger, who is currently President and COO of the company. Iger has shown great interest in building relationships back up with many companies who have refused to work with Disney until Eisner leaves, such as Pixar Animation and George Lucas.

Large scores of Disney fans had hoped Roy would read the Disneyland Dedication Speech on the theme park’s fiftieth birthday next week, which was originally read by Walt on the park’s opening day, but Roy had already entered an annual sailing race from Los Angeles to Honolulu.

Friday, May 16, 2008

A major security hole was discovered in the pseudo-random number generator (PRNG) of the Debian version of OpenSSL. OpenSSL is one of the most used cryptographic software, that allows the creation of secure network connections with the protocols called SSL and TLS. It is included in many popular computer programs, like the Mozilla Firefox web browser and the Apache web server. Debian is one of the most used GNU/Linux distributions, on which are based other distributions, like Ubuntu and Knoppix. The problem affects all the Debian-based distributions that were used to create cryptographic keys since the September 17, 2006. The bug was discovered by Luciano Bello, an argentine Debian package maintainer, and was announced on May 13, 2008.

This vulnerability was caused by the removal of two lines of code from the original version of the OpenSSL library. These lines were used to gather some entropy data by the library, needed to seed the PRNG used to create private keys, on which the secure connections are based. Without this entropy, the only dynamic data used was the PID of the software. Under Linux the PID can be a number between 1 and 32,768, that is a too small range of values if used to seed the PRNG and will cause the generation of predictable numbers. Therefore any key generated can be predictable, with only 32,767 possible keys for a given architecture and key length, and the secrecy of the network connections created with those keys is fully compromised.

These lines were removed as “suggested” by two audit tools (Valgrind and Purify) used to find vulnerabilities in the software distributed by Debian. These tools warned the Debian maintainers that some data was used before its initialization, that normally can lead to a security bug, but this time it was not the case, as the OpenSSL developers wrote on March 13, 2003. Anyway this change was erroneously applied on September 17, 2006, when the OpenSSL Debian version 0.9.8c-1 was released to the public.

Even though the Debian maintainer responsible for this software released a patch to fix this bug on May 8, 2008, the impact may be severe. In fact OpenSSL is commonly used in software to protect the passwords, to offer privacy and security. Any private key created with this version of OpenSSL is weak and must be replaced, included the session keys that are created and used only temporary. This means that any data encrypted with these keys can be decrypted without a big deal, even if these keys are used (but not created) with a version of the library not affected, like the ones included in other operating systems.

For example any web server running under any operating system may use a weak key created on a vulnerable Debian-based system. Any encrypted connection (HTTPS) to this web server established by any browser can be decrypted. This may be a serious problem for sites that requires a secure connection, like banks or private web sites. Also, if some encrypted connection was recorded in the past, it can be decrypted in the same way.

Another serious problem is for the network security software, like OpenSSH and OpenVPN, that are used to encrypt the traffic to protect passwords and grant the access to an administrative console or a private network protected by firewalls. This may allows hackers to gain unwanted access to private computers, networks or data traveled over the network, even if a not affected version of OpenSSL was used.

The same behavior can be applied to any software or protocol that use SSL, like POP3S, SSMTP, FTPS, if used with a weak key. This is the case of Tor, software used to offer strong anonymity on the TCP/IP, where about 300 of 1,500-2,000 nodes used a weak key. With 15-20% of weak Tor nodes, there is a probability of 0.34-0.8% circa to build a circuit that has all tree nodes weak, resulting in a full loss of anonymity. Also the case of only one weak node begin used may facilitate some types of attack to the anonymity. The Tor hidden services, a sort of anonymous public servers, are affected too. However the issue was speedly addressed on May 14, 2008.

The same problem also interested anonymous remailers like Mixmaster and Mixminion, that use OpenSSL to create the remailer keys for the servers and the nym keys for the clients. Although currently there is no official announcement, at least two remailer changed their keys because were weak.

Sunday, July 30, 2017

Robert Anker, a British dancer and member of troupe Diversity when they won the 2009 season of Britain’s Got Talent, died in a car accident in Canada on Thursday. Anker died after a collision between his Chevrolet Cobalt and a Ford pick-up truck. The accident occurred in Vaughan, Ontario at around 6:00 AM Thursday morning, local time. Anker, who moved to Canada last year, was 27 years old.

York Regional Police confirmed the accident had occurred and the driver of the pick-up truck was not injured. A spokesman for the British Foreign Office said “We are aware of the death of a British man in Canada. We are providing assistance to his family at this sad time”.

Anker’s cousin Rochelle Hanson set up a JustGiving page, by yesterday already past its target of £5,000, to raise funds for his family to travel to the funeral in Canada. Hanson said “The family are devastated. He was an amazing and talented dancer. We would love to ensure that his family don’t worry or stress about money at this time.”

Diversity, Anker’s former dance crew, tweeted “A former member of our group has tragically passed away. He inspired so many with his talent and was taken far too soon. R.I.P Rob.” The Twitter account for Britain’s Got Talent said “We are so sorry to hear of the loss of Robert Anker, our thoughts and condolences go out to his friends, family and the whole of Diversity.”

Dean Lee, a choreographer on talent show The X Factor, tweeted, “Rob Anker. I have no words to speak after hearing of your passing. This is truly heart breaking. Thanks for the memories. Shine bright.”

After winning the 2009 series of Britain’s Got Talent, Anker performed in music videos of singers Jessie J and Paloma Faith, and in the production of Thriller Live in the West End. Anker and his girlfriend Cyndi married in September.

Tuesday, November 13, 2007

This week in Taiwan Intel and other technology companies showcased server and computer hardware with processors built using “Penryn” technology, the second generation of quad core technology that is produced with the high-k metal Hafnium that has come to replace halogen and lead components, which are not environmentally safe.

This new 45 nanometer (45nm) process technology included features on Intel Streaming SIMD Extensions 4 (SSE4) compatible with video decoding (encoding) software, “Radix 16” which increased computing efficiency, and “deep power down” technology for energy efficiency. For the SSE4 feature, this will benefit makers of high-definition and AV-media, as both HDMI and 1080p are supported.

Companies that will participate in the Taiwan Informonth exhibition next month, announced that some products with “Penryn” processors will be on the market by then. Some companies like Tyan and Supermicro will provide small business solutions as well as enterprises solutions. This launch will be tied to other unveilings by the IT and AV-media industries in Taiwan.

Tuesday, April 5, 2005 Terry Vo, the 10-year old Australian boy who had two hands and a foot reattached by surgeons after losing them in an accident, has had to have the foot re-amputated. He will be given a prosthetic foot in its place.

The operation to re-attach three limbs was thought to have been a first – but was ultimately unsuccessful, with the foot having died inside, and receiving insufficient blood supply following the surgery to reattach it.

“That would lead to the small muscles in the foot actually constricting, the toes bending over and a deformed …. foot that is sort of clawed over and doesn’t have good sensation,” said plastic surgeon, Mr Robert Love today, on Australia’s ABC Radio.

“Even if you can get all of that to survive, he [would be] worse off than having had an amputation.”

“What is very disappointing is that for the first two days after [the operation] the foot looked absolutely magnificent,” he said.

Terry’s hands were healing well, said the surgeon. The prosthetic foot would allow him to walk normally, since his knee was intact.

Tuesday, January 24, 2006

Following the return of the Stardust space capsule from its encounter with the Comet Wild 2, NASA scientists have come up with a novel approach to dealing with the samples of “interstellar dust” that have been collected; they want help from the public.

The Stardust spacecraft carried an aerogel-based dust collector, which was exposed to space in varying orientations during different phases of the mission.

Only one side of the collector was exposed towards the stream of particles coming off the Comet Wild 2 during the encounter in 2004, while the other side was used to collect interstellar dust at an earlier point in the spacecraft’s journey.

Although scientists have seen the particles captured from comet Wild 2 when they examined the aerogel, they have not examined any of the particles expected on the other side of the collector due to their smallness. They will be examined after they are found with the help of Stardust@home. It is believed that on the order of 50 interstellar dust particles impacted the aerogel, each now resting inside a tiny crater.

Stardust traveled nearly three billion miles and its mission lasted seven years. At times it was traveling at 8 miles a second. Thats fast enough to go from San Francisco to Los Angeles in one minute.

Stardust set a new all-time record for being the fastest spacecraft to return to Earth, breaking the previous record set in May of 1969 during the return of the Apollo X(10) command module. Don Brownlee of the University of Washington, Seattle said “our spacecraft has traveled further than anything from Earth ever has – and came back. We went half-way to Jupiter to meet the comet and collect samples from it. But the comet actually came in from the outer edge of the solar system, out beyond the orbit of Neptune, out by Pluto.”

In a move similar to some distributed computing projects, the analysis work for the project will be spread among volunteers on the Internet, who are being asked to participate in this scientific undertaking.

Wikinews reporter Jason Safoutin investigated the Stardust@home project, and discussed its goals with one of its founders. Via email, he interviewed David P. Anderson, a founder of the SETI@home project, and one of the creators of the Virtual Microscope which will be used to search for captured particles from interstellar space.

I was wondering If I could get some questions answered or if you could give me some “insider” info for the project. I am aware that you are taking place in the development of the VM (Virtual Microscope)…Could I know more about that? The ‘virtual microscope’ lets you scan through a set of images as if you were turning the focus knob on a microscope. The images are fairly large (about 100 KB each) so it’s important to pre-load the images. While you’re looking through one set of images, the VM is busy downloading the JPEG files for the next set.

At first we thought we’d have to do this with a Java applet or Flash program – something tricky and complicated. My contribution was to point out that it could be done fairly easily using Javascript, and I wrote a prototype of this.

Will this project use the BOINC Platform/Program?

No. We thought about using some parts of BOINC (like the database and web pages for creating “accounts”) but it was easier just to do this from scratch.

How long will the project take?

It depends how many volunteers participate, and how fast they look at the ‘focus movies’. It will probably be just a month or two.

Anyone can join but they have to take a test before they can participate. What will the test include?

Looking at some focus movies and deciding whether they contain a dust particle. Participants see a lot of training examples before they take the test. It’s easy, not like a test in school.

How many will be allowed to participate?

No limit as of now.

When will the project start?

I think in about 2 months. It will take that long to transport the aerogel to the laboratory, and photograph it with the microscope. The software is ready to go.

Will the VM project analyze any of the particles or just look for them?

Stardust@home will only locate the particles. When they are located, they will be cut out of the aerogel and physically analyzed.

Thank you for your time David. And great work on the upcoming project and SETI@home.