You're correct about the wiring closets. How many have additional items, such as janitorial and office supplies stored in the same location? As a result, the staff says it's "too hard" to keep the door locked. Not to mention the risk of social engineering. How many employees would really question anyone appearing on site that looked "official" - in retail locations, not just financial.
Denofgeek wrote in to tell us about their story where "Pixar's supervising animator Angus MacLane gives an interesting interview about the technical challenges in bringing Wall-E to the screen. Plus he squeezes in a bit on his love of Lego, too..."
An anonymous reader writes "Seems like Cuba is working around the US internet embargo by teaming up with Venezuela: A confidential contract released yesterday on Wikileaks reveals Cuba's plan to receive internet upstream via an undersea cable to Venezuela, thus circumventing the enduring embargo of the US, denying Cuba access to nearby American undersea cables and overcoming the current limits of satellite-only connectivity. The connection, to be delivered by CVG Telecom of Venezuela, is to be completed by 2010 and will provide data, video as well as voice service for both the public and governmental services."
unreceivedpacket writes "The public radio stations I listen to have been advertising their conversion to HD Radio format for some time. They advertise multiple channels, their second channel playing all classical, all the time. I am interested in purchasing a receiver so I can listen to this extra content, and was also hoping to find a receiver with a built-in recorder so I could time-shift programs that are not otherwise available as legal pod-casts. My initial queries have returned few models that support any kind of digital recording, and the existing ones seem out of production or sorely lacking features. Is this the state of Digital Radio in the US? Are there any legal recording devices for HD Radio? Any good solutions for recording and time-shifting, perhaps through Linux?"
Cowards Anonymous passes along a PCWorld article that begins, "The robotic arm on the Mars Lander found itself in a tough position over the weekend. After receiving instructions for a movement that would have damaged its wrist, the robotic arm recognized the problem, tried to rectify it and then shut down before it could damage itself, according to Ray Arvidson, a co-investigator for the Mars Lander's robotic arm team and a professor at Washington University in St. Louis."
An anonymous reader recommends Computerworld's look at the rise and fall of CAPTCHAs, and at some of the ways bad guys are leveraging broken CAPTCHAs to ply their evil trade. "CAPTCHA used to be an easy and useful way for Web administrators to authenticate users. Now it's an easy and useful way for malware authors and spammers to do their dirty work. By January 2008, Yahoo Mail's CAPTCHA had been cracked. Gmail was ripped open soon thereafter. Hotmail's top got popped in April. And then things got bad. There are now programs available online (no, we will not tell you where) that automate CAPTCHA attacks. You don't need to have any cracking skills. All you need is a desire to spread spam, make anonymous online attacks against your enemies, propagate malware or, in general, be an online jerk. And it's not just free e-mail sites that can be made to suffer..."
Several readers sent in links on the earthquake that hit 10 hours ago near the Sichuan city of Chengdu in China. The Telegraph focuses on the citizen journalism that got word on the quake out on the Net instantly (the first report was via Twitter). Science magazine speculates that deaths from this event could exceed the 240,000 killed in the Tangshan quake in 1976, though the estimated death toll is below 10,000 at this writing. Hundreds of videos are up on YouTube, including this footage from a security camera — keep your eye on the goldfish.
Fields writes "It's well known that failed hard drives can be recovered, but few people actually use a recovery service because they're expensive and not always successful. Even fewer people ever get any insights into the process, as recovery companies are secretive about their methods and rarely reveal any more information that is necessary for billing. Geek.com has an article walking through a drive recovery handled by DriveSavers. The recovery team did not give away many secrets, but they did reveal a number of insights into the process. From the article, "'[M]y drive failed in about every way you can imagine. It had electro-mechanical failure resulting in severe media damage. Seagate considered it dead, but I didn't give up. It's actually pretty amazing that they were able to recover nearly all of the data. Of course, they had to do some rebuilding, but that's what you expect when you send it to the ER for hard drives.'" Be sure to visit the Museum of Disk-asters, too.
IGnatius T Foobar writes "Microsoft has developed a small plug-in device that investigators can use to quickly extract forensic data from computers that "may have been used in crimes." It basically bypasses all of the Windows security (decrypting passwords, etc.) in order to eliminate all that pesky privacy when the police have physical access to your computer. Just one more reason not to run Windows on your computer."
An anonymous reader writes "About a year ago I found a link on here for a test of inkjet printer inks. The article compared original manufacturer inks against much cheaper third party stuff and the results were surprisingly in favour of third party products. They've now published the final part of this study, examining the prints produced a year ago. This time the printer manufacturers have come out far better, with some third party prints having disappeared completely! Cartridge World ink still seems worth a try though, if you don't want to pay manufacturers' inflated prices."
An anonymous reader writes "The NYTimes is running a front-page story about lawyers for suspects in terrorism-related cases fearing government monitoring of privileged conversations. But instead of talking about the technological solutions, the lawyers fly halfway across the world to meet with their clients. In fact, nowhere in the article is encryption even mentioned. Is it possible that lawyers don't even know about PGP?" The New Yorker has a detailed piece centering on the Oregon terrorism case discussed by the Times.
I Don't Believe in Imaginary Property writes "It probably won't surprise you, but in 2005, the FBI manufactured evidence to get the power to issue National Security Letters under the PATRIOT Act. Unlike normal subpoenas, NSLs do not require probable cause and you're never allowed to talk about having received one, leading to a lack of accountability that caused them to be widely abused. The EFF has discovered via FOIA requests that an FBI field agent was forced by superiors to return papers he got via a lawful subpoena, then demand them again via an NSL (which was rejected for being unlawful at the time), and re-file the original subpoena to get them back. This delay in a supposedly critical anti-terror investigation then became a talking point used by FBI Director Robert Mueller when the FBI wanted to justify their need for the power to issue National Security Letters."
An anonymous reader writes "I am a senior security xxx in a Fortune 300 company and I am very frustrated at what I see. I see our customers turn a blind eye to blatant security issues, in the name of the application or business requirements. I see our own senior officers reduce the risk ratings of internal findings, and even strong-arm 3rd party auditors/testers to reduce their risk ratings on the threat of losing our business. It's truly sad that the fear of losing our jobs and the necessity of supporting our families comes first before the security of highly confidential information. All so executives can look good and make their bonuses? How should people start blowing the whistle on companies like this?"
LinucksGirl writes to share an IBM DeveloperWorks article that shows how to support user verification through keystroke-dynamics processing by modifying the GNOME Display Manager (GDM). You can create and store a one-way encrypted hash of your keystroke patterns when entering your user name. The article shows how to add code to GDM to read current keystroke patterns and permit a user to log in when the characteristics are a match. An interesting idea to be sure but I know I certainly am not that consistent when I type, so I'm skeptical of how well this may work.
In the wake of last week's driver debacle, Creative has finally decided to back down for PR purposes. Modder Daniel_K, author of the offending Vista drivers, has had his posts on the Creative forums reinstated. According to Creative the move was to avoid infringing on other company's IP. "Daniel_K is incensed by Creative. 'They publicly threatened me, just to show their arrogance,' he told El Reg by email. He told us that Creative contacted him on a chat session. 'They were sarcastic, ironic and asked me if I wanted something from them, as if I were expecting something,' he wrote. 'It was my protest against them and would like to see how far it would go.'"