f1racing

http://f1.gpupdate.net/en/news/2009/07/05/barrichello-aiming-to-win-again/

phdcomic

http://www.phdcomics.com/comics.php?f=1194

Piled Higher & Deeper by Jorge Cham		www.phdcomics.com
title: "Proving a negative" - originally published 7/3/2009 For the latest news in PHD Comics, CLICK HERE!

jacephoto

http://jace.zaiki.in/2009/07/05/seven-and-a-half-years-of-evolution

To prepare our next analysis, I parsed the Evolution page’s entire revision history for individual words added and removed. The first available revision is from December 3, 2001, making that just about seven and a half years worth of revisions.

Here’s the raw data file, 4.8 MB bzipped, expanding to 76.4 MB. Content format: UTC Timestamp, Revision Id, User, Add/AddStems/Del/DelStems, List of words…

The data includes both words and their stems. The stems are calculated using the Porter stemmer, without semantic context (background reading). Letter case has been preserved since I have no means to distinguish between proper nouns and sentence-beginning capitalisation. To get the list of words, I start with the article’s raw text, strip it of HTML tags, tokenise it by alphanumeric characters to get a stream of words, and then diff that against the previous revision’s word stream (the same algorithm as diff -u on the command line). A displaced word will thereby show up as both added and deleted. The tokeniser isn’t perfect: the word “isn’t” will be broken up into “isn” and “t” since the apostrophe doesn’t count as alphanumeric. Suggestions on how to make a better one appreciated.

Here’s the code if you’d like to try this yourself. You’ll need the other modules in the folder, the NLTK library, and the mwclient library.

Analysis to follow.

f1racing

http://f1.gpupdate.net/en/news/2009/07/05/hamilton-unable-to-drive-senna-s-mclaren/

dictionary_wotd

http://feeds.reference.com/click.phdo?i=33b7a0576c94957daa398d2915f85dbf

http://www.dictionary.com/wordoftheday/archive/2009/07/05.html

dictionary_wotd

http://ads.pheedo.com/click.phdo?s=33b7a0576c94957daa398d2915f85dbf&p=4

sboj00
sg_ljers

Help A Child Learn to Read: Donate Children’s Books to the South Africa Mobile Library Project

Show your support for the South Africa Mobile Library Project by donating English books (new or used) for children in remote areas who do not have easy access to learning materials. Come together and help a child in South Africa learn to read today!

As part of Sony's continued commitment towards contributing towards the next generation, Sony is supporting the South Africa Mobile Library Project this year. The purpose of this project is to visit schools in remote areas with books for children and teachers who would otherwise not have access to such learning materials.

The project has been well-received in the poorer regions of South Africa and so far has a fleet of more than 35 mobile libraries in use. Sony Singapore will be conducting a book donation drive from 1 - 31 July 2009, and we encourage you to donate English children's books (new or used) at the new Sony Style store at Orchard Central. So come down to Sony Style and help a child learn to read today!

apod

http://antwrp.gsfc.nasa.gov/apod/ap090704.html

This starry night sky sparkles above the Black Hills

f1racing

http://f1.gpupdate.net/en/news/2009/07/05/updated-double-diffuser-for-bmw/

cad_global

http://cad-comic.com/news.php?i=1901#1902

wilwheaton

http://feedproxy.google.com/~r/wwdn/~3/alnBVL15Okc/from-the-vault-fireworks.html

This was originally written and published on July 5, 2002, which simultaneously feels like years and days ago.

When I was growing up, we always spent Fourth of July with my father's aunt and uncle, at their fabulous house in Toluca Lake.

It was always a grand affair and I looked forward to spending each Independence Day listening to Sousa marches, swimming in their enormous pool and watching a fireworks show on the back patio.

This fireworks display was always exciting because we were in the middle of LA County, where even the most banal of fireworks – the glow worms – are highly illegal and carried severe fines and the threat of imprisonment, should we be discovered by LA's finest. The excitement of watching the beautiful cascade of sparks and color pouring out of a Happy Flower With Report was enhanced  by the knowledge that we were doing something forbidden and subversive.

Yes, even as a child I was already on my way to being a dangerous subversive. Feel free to talk to any of my middle-school teachers if you doubt me.

Each year, the older children, usually teenagers and college-aged, would be chosen to light the fireworks and create the display for the rest of the family.

I was Chosen in 1987, three weeks before my fifteenth birthday.

The younger cousins, with whom I'd sat for so many years, would now watch me the way we'd watched Tommy, Bobby, Richard and Crazy Cousin Bruce, who always brought highly illegal firecrackers up from Mexico.

I was going to be a man in the eyes of my family.

This particular 4th of July was also memorable because it was the first 4th that was celebrated post-Stand By Me and at the time I had become something of a mini-celebrity around the family. Uncles who had never talked to me before were asking me to sign autographs for people at work, older cousins who had bullied me for years were proclaiming me “cool,” and I was the recipient of a lot of unexpected attention.

I was initially excited to get all this newfound attention, because I'd always wanted to impress my dad's family and make my dad proud, but deep down I felt like it was all a sham. I was the same awkward kid I'd always been and they were treating me differently because of celebrity, which I had already realized was fleeting and bullshit.

Looking back on it now, I think the invitation to light fireworks may have had less to do with my age than it had to do with my growing fame . . . but I didn't care. Fame is fleeting . . . but it can get a guy some cool stuff from time to time, you know? I allowed myself to believe that it was just a coincidence.

The day passed as it always did. There were sack races, basket ball games and water balloon tosses, all of which I participated in, but with a certain impatience. These yearly events were always fun, to be sure, but they were standing directly between me and the glorious excitement of pyrotechnic bliss.

Finally, the sun began to set. Lawn chairs were arranged around the patio, wet swimsuits were traded for warm, dry clothes, and I bid my brother and sister farewell as I joined my fellow firework lighters near the corner of the house. I walked casually, like someone who had done this hundreds of times before.

As the sun sank lower and lower, sparklers were passed out to everyone, even the younger children. I politely declined, my mind absolutely focused on the coming display. I wanted to make a big impression on the family. I was going to start out with something amazing, which would really grab their attention. I'd start with some groundflowers, then a Piccolo Pete and a sparkling cone. From then on, I'd just improvise with the older cousins, following their lead as we worked together to weave a spectacular tapestry of burning phosphor and gunpowder for five generations of family.

Dusk arrived, the family was seated, and the great display began. Some of the veteran fireworks lighters went first, setting off some cascading fountains and a pinwheel. The assembled audience cheered and gasped its collective approval, and it was my turn.

I steeled myself and walked to the center of the large patio, casually kicking aside the still-hot remains of just-fired fountains. Casually, like someone who had done this hundreds of times before.

My hands trembled slightly, as I picked up three ground flowers that I'd wound together. My thumb struck flint and released flaming butane. I lit the fuse and became a man. The sparkling fire raced toward the ignition point and rather than following the directions to “LIGHT FUSE, PUT ON GROUND AND GET AWAY,” I did something incredibly stupid: I casually tossed the now-flaming bundle of pyrotechnics on the ground. Casually, like someone who'd done this hundreds of times before.

The bundle of flowers rolled quickly across the patio, toward my captive and appreciative audience.

Two of the flowers ignited and began their magical dance of colorful fire on the cement, while the third continued to roll, coming to rest in the grass beneath the chair of a particularly old and close-to-death great-great-great aunt.

The colored flame which was creating such a beautiful and harmless display on the patio was spraying directly at this particular matriarch, the jet of flame licking obscenely at the bottom of the chair.

The world was instantly reduced to a few sounds: My own heartbeat in my ears, the screams of the children seated near my great-great-great aunt and the unmistakable zip of the now-dying flowers on the patio.

I don't know what happened, but somehow my great-great-great aunt, who'd managed to survive every war of the 20th century, managed to also survive this great mistake of mine. She was helped to her feet and she laughed.

Unfortunately, she was the only one who was laughing. One of my dad's cousins, who was well into his 20s and never attended family gatherings accompanied by the same date, sternly ripped the lighter from my hand and ordered me back to the lawn, to sit with the other children. Maybe I could try again next year, when I was “more responsible and not such a careless idiot."

I was crushed. My moment in the family spotlight was over before it had even begun and not even the glow of pseudocelebrity could save me.

I carefully avoided eye contact, as I walked slowly, humiliated and embarrassed, back to the lawn, where I tried not to cry. I know the rest of the show unfolded before me, but I don't remember it. All I could see was a mental replay of the bundle of ground flowers rolling across the patio. If that one rogue firework hadn't split off from its brothers, I thought, I would still be up there for the finale, which always featured numerous pinwheels and a Chinese lantern.

When the show was over, I was too embarrassed to apologize and I raced away before the patio lights could come on. I spent the rest of the evening in the front yard, waiting to go home.

The following year I was firmly within the grip of sullen teenage angst and spent most of the festivities with my face planted firmly in a book -Foundation or something, most likely- and I watched the fireworks show with the calculated disinterest of a 15-year-old.

That teenage angst held me in its grasp for the next few years and I even skipped a year or two, opting to attend some parties where there were girls who I looked at, but never had the courage to talk to.

By the time I had achieved escape velocity from my petulant teenage years, Aunt Betty and Uncle Dick had sold the house and 4th of July would never happen with them again.

The irony is not lost on me, that I wanted so badly to show them all how grown up I was, only to behave more childishly than ever the following years.

This 4th of July, I sat on the roof of my friend Darin's house with Anne and the boys and watched fireworks from the high school. Nolan held my hand and Ryan leaned against me as we watched the Chamber of Commerce create magic in the sky over La Crescenta.

I thought back to that day, 15 years ago and once again I saw the groundflower roll under that chair and try to ignite great-great-great aunt whatever her name was.

Then I looked down at Nolan's smiling face, illuminated in flashes of color.

"This is so cool, Wil!” he declared, “Thanks for bringing us to watch this."

"Just be glad you're on a roof and not in a lawn chair,” I told him.

"Why?"

"Well . . . ” I began to tell him the story, but we were distracted by a particularly spectacular aerial flower of light and sparks.

In that moment, I realized that no matter how hard I try, I will never get back that day in 1987, nor will I get to relive the sullen years afterward . . . but I do get to sit on the roof with my wife and her boys now and enjoy 4th of July as a step-dad . . . at least until the kids hit the sullen years themselves.

Then I'm going to sit them in lawn chairs and force them to watch me light groundflowers.

torvalds_family

http://torvalds-family.blogspot.com/2009/07/pathetic.html

f1racing

http://f1.gpupdate.net/en/news/2009/07/04/problem-analysis-a-strong-point-says-brawn/

grandprixfeed

http://www.grandprix.com/ns/ns21611.html

f1racing

http://f1.gpupdate.net/en/news/2009/07/04/kovalainen-hails-great-circuit/

dictionary_wotd

http://feeds.reference.com/click.phdo?i=0033193310f0524f74fc89b56179f361

http://www.dictionary.com/wordoftheday/archive/2009/07/04.html

jacephoto

http://jace.zaiki.in/2009/07/04/vapour-and-vacuum

If you release a litre of water into the vacuum of outer space, what will happen to it?

It will vapourise instantly, just as a compressed aerosol at Earth surface pressure, and in the process cool down far below freezing point. What happens to the molecules then?

Do they float away as free molecules, no longer ice? Does the crystalline structure of the ice hold them solid? Or if that is too late or not strong enough, does gravitational attraction pull them back together? Will Earth’s own gravitational pull be strong enough to bring them down?

bruce_schneier

http://www.schneier.com/blog/archives/2009/07/friday-squid-bl-186.html

Office squid.

bruce_schneier

http://www.schneier.com/blog/archives/2009/07/the-pros-and-co.html

Usability guru Jakob Nielsen opened up a can of worms when he made the case for unmasking passwords in his blog. I chimed in that I agreed. Almost 165 comments on my blog (and several articles, essays, and many other blog posts) later, the consensus is that we were wrong.

I was certainly too glib. Like any security countermeasure, password masking has value. But like any countermeasure, password masking is not a panacea. And the costs of password masking need to be balanced with the benefits.

The cost is accuracy. When users don't get visual feedback from what they're typing, they're more prone to make mistakes. This is especially true with character strings that have non-standard characters and capitalization. This has several ancillary costs:

• Users get pissed off.
• Users are more likely to choose easy-to-type passwords, reducing both mistakes and security. Removing password masking will make people more comfortable with complicated passwords: they'll become easier to memorize and easier to use.

The benefits of password masking are more obvious:

• Security from shoulder surfing. If people can't look over your shoulder and see what you're typing, they're much less likely to be able to steal your password. Yes, they can look at your fingers instead, but that's much harder than looking at the screen. Surveillance cameras are also an issue: it's easier to watch someone's fingers on recorded video, but reading a cleartext password off a screen is trivial.

  In some situations, there is a trust dynamic involved. Do you type your password while your boss is standing over your shoulder watching? How about your spouse or partner? Your parent or child? Your teacher or students? At ATMs, there's a social convention of standing away from someone using the machine, but that convention doesn't apply to computers. You might not trust the person standing next to you enough to let him see your password, but don't feel comfortable telling him to look away. Password masking solves that social awkwardness.

• Security from screen scraping malware. This is less of an issue; keyboard loggers are more common and unaffected by password masking. And if you have that kind of malware on your computer, you've got all sorts of problems.

• A security "signal." Password masking alerts users, and I'm thinking users who aren't particularly security savvy, that passwords are a secret.

I believe that shoulder surfing isn't nearly the problem it's made out to be. One, lots of people use their computers in private, with no one looking over their shoulders. Two, personal handheld devices are used very close to the body, making shoulder surfing all that much harder. Three, it's hard to quickly and accurately memorize a random non-alphanumeric string that flashes on the screen for a second or so.

This is not to say that shoulder surfing isn't a threat. It is. And, as many readers pointed out, password masking is one of the reasons it isn't more of a threat. And the threat is greater for those who are not fluent computer users: slow typists and people who are likely to choose bad passwords. But I believe that the risks are overstated.

Password masking is definitely important on public terminals with short PINs. (I'm thinking of ATMs.) The value of the PIN is large, shoulder surfing is more common, and a four-digit PIN is easy to remember in any case.

And lastly, this problem largely disappears on the Internet on your personal computer. Most browsers include the ability to save and then automatically populate password fields, making the usability problem go away at the expense of another security problem (the security of the password becomes the security of the computer). There's a Firefox plugin that gets rid of password masking. And programs like my own Password Safe allow passwords to be cut and pasted into applications, also eliminating the usability problem.

One approach is to make it a configurable option. High-risk banking applications could turn password masking on by default; other applications could turn it off by default. Browsers in public locations could turn it on by default. I like this, but it complicates the user interface.

A reader mentioned BlackBerry's solution, which is to display each character briefly before masking it; that seems like an excellent compromise.

I, for one, would like the option. I cannot type complicated WEP keys into Windows -- twice! what's the deal with that? -- without making mistakes. I cannot type my rarely used and very complicated PGP keys without making a mistake unless I turn off password masking. That's what I was reacting to when I said "I agree."

So was I wrong? Maybe. Okay, probably. Password masking definitely improves security; many readers pointed out that they regularly use their computer in crowded environments, and rely on password masking to protect their passwords. On the other hand, password masking reduces accuracy and makes it less likely that users will choose secure and hard-to-remember passwords, I will concede that the password masking trade-off is more beneficial than I thought in my snap reaction, but also that the answer is not nearly as obvious as we have historically assumed.

bruce_schneier

http://www.schneier.com/blog/archives/2009/07/the-insecurity.html

Good essay -- "The Staggering Cost of Playing it 'Safe'" -- about the political motivations for terrorist security policy.

Senator Barbara Boxer has led an effort to at least put together a public database of ash storage sites so that people can judge the risk to the areas where they live. However, even this effort has been blocked not by coal companies or utilities, but by the DHS. How could it possibly be a national security interest to cover up the location of material that's "not toxic or anything?" It's not. In fact, even if the ash turns out to be as bad as its worst critics fear, blocking the database is far more dangerous than revealing the location of these sites. Not only has there not been any threat against these sites by terrorists, and no workable scenario by which they might cause a problem, coal slurry impoundments are already failing with regularity, dousing parts of America with millions of gallons of this material. It doesn't take terrorists to make this happen.

Blocking the release of this information doesn't protect the citizens of the United States in any way. It's just another example of the same creeping secrecy that makes cities more difficult to manage because of secrecy over facilities. The same creeping secrecy that "blurs" national monuments from images and puts intentional gaps in public information. The same creeping secrecy that increasingly elevates the most unlikely attack -- the shoe bombers of the world -- above our right to know what's going on around us so that we can make informed decisions. The same secrecy that defends torturers.

bruce_schneier

http://www.schneier.com/blog/archives/2009/07/information-lea-1.html

Can anyone guess the entry codes for these door locks?

There are 10,000 possible four-digit codes, but you only have to try 24 on these keypads. The first is most likely 1986 or 1968. The second is almost certainly 1234.

bruce_schneier

http://www.schneier.com/blog/archives/2009/07/more-security-c.html

The plant caladium steudneriifolium pretends to be ill so mining moths won't eat it.

She believes that the plant essentially fakes being ill, producing variegated leaves that mimic those that have already been damaged by mining moth larvae. That deters the moths from laying any further larvae on the leaves, as the insects assume the previous caterpillars have already eaten most of the leaves' nutrients.

Cabbage aphids arm themselves with chemical bombs:

Its body carries two reactive chemicals that only mix when a predator attacks it. The injured aphid dies. But in the process, the chemicals in its body react and trigger an explosion that delivers lethal amounts of poison to the predator, saving the rest of the colony.

The dark-footed ant spider mimics an ant so that it's not eaten by other spiders, and so it can eat spiders itself:

M.melanotarsa is a jumping spider that protects itself from predators (like other jumping spiders) by resembling an ant. Earlier this month, Ximena Nelson and Robert Jackson showed that they bolster this illusion by living in silken apartment complexes and travelling in groups, mimicking not just the bodies of ants but their social lives too.

Now Nelson and Robert are back with another side to the ant-spider's tale - it also uses its impersonation for attack as well as defence. It also feasts on the eggs and youngsters of the very same spiders that its ant-like form protects it from. It is, essentially, a spider that looks like an ant to avoid being eaten by spiders so that it itself can eat spiders.

My previous post about security stories from the insect world.

bruce_schneier

http://www.schneier.com/blog/2009/07/friday_squid_bl_186.html

Office squid.

bruce_schneier

http://www.schneier.com/blog/2009/07/the_pros_and_co.html

Usability guru Jakob Nielsen opened up a can of worms when he made the case for unmasking passwords in his blog. I chimed in that I agreed. Almost 165 comments on my blog (and several articles, essays, and many other blog posts) later, the consensus is that we were wrong.

I was certainly too glib. Like any security countermeasure, password masking has value. But like any countermeasure, password masking is not a panacea. And the costs of password masking need to be balanced with the benefits.

The cost is accuracy. When users don't get visual feedback from what they're typing, they're more prone to make mistakes. This is especially true with character strings that have non-standard characters and capitalization. This has several ancillary costs:

• Users get pissed off.
• Users are more likely to choose easy-to-type passwords, reducing both mistakes and security. Removing password masking will make people more comfortable with complicated passwords: they'll become easier to memorize and easier to use.

The benefits of password masking are more obvious:

• Security from shoulder surfing. If people can't look over your shoulder and see what you're typing, they're much less likely to be able to steal your password. Yes, they can look at your fingers instead, but that's much harder than looking at the screen. Surveillance cameras are also an issue: it's easier to watch someone's fingers on recorded video, but reading a cleartext password off a screen is trivial.

  In some situations, there is a trust dynamic involved. Do you type your password while your boss is standing over your shoulder watching? How about your spouse or partner? Your parent or child? Your teacher or students? At ATMs, there's a social convention of standing away from someone using the machine, but that convention doesn't apply to computers. You might not trust the person standing next to you enough to let him see your password, but don't feel comfortable telling him to look away. Password masking solves that social awkwardness.

• Security from screen scraping malware. This is less of an issue; keyboard loggers are more common and unaffected by password masking. And if you have that kind of malware on your computer, you've got all sorts of problems.

• A security "signal." Password masking alerts users, and I'm thinking users who aren't particularly security savvy, that passwords are a secret.

I believe that shoulder surfing isn't nearly the problem it's made out to be. One, lots of people use their computers in private, with no one looking over their shoulders. Two, personal handheld devices are used very close to the body, making shoulder surfing all that much harder. Three, it's hard to quickly and accurately memorize a random non-alphanumeric string that flashes on the screen for a second or so.

This is not to say that shoulder surfing isn't a threat. It is. And, as many readers pointed out, password masking is one of the reasons it isn't more of a threat. And the threat is greater for those who are not fluent computer users: slow typists and people who are likely to choose bad passwords. But I believe that the risks are overstated.

Password masking is definitely important on public terminals with short PINs. (I'm thinking of ATMs.) The value of the PIN is large, shoulder surfing is more common, and a four-digit PIN is easy to remember in any case.

And lastly, this problem largely disappears on the Internet on your personal computer. Most browsers include the ability to save and then automatically populate password fields, making the usability problem go away at the expense of another security problem (the security of the password becomes the security of the computer). There's a Firefox plugin that gets rid of password masking. And programs like my own Password Safe allow passwords to be cut and pasted into applications, also eliminating the usability problem.

One approach is to make it a configurable option. High-risk banking applications could turn password masking on by default; other applications could turn it off by default. Browsers in public locations could turn it on by default. I like this, but it complicates the user interface.

A reader mentioned BlackBerry's solution, which is to display each character briefly before masking it; that seems like an excellent compromise.

I, for one, would like the option. I cannot type complicated WEP keys into Windows -- twice! what's the deal with that? -- without making mistakes. I cannot type my rarely used and very complicated PGP keys without making a mistake unless I turn off password masking. That's what I was reacting to when I said "I agree."

So was I wrong? Maybe. Okay, probably. Password masking definitely improves security; many readers pointed out that they regularly use their computer in crowded environments, and rely on password masking to protect their passwords. On the other hand, password masking reduces accuracy and makes it less likely that users will choose secure and hard-to-remember passwords, I will concede that the password masking trade-off is more beneficial than I thought in my snap reaction, but also that the answer is not nearly as obvious as we have historically assumed.

bruce_schneier

http://www.schneier.com/blog/2009/07/the_insecurity.html

Good essay -- "The Staggering Cost of Playing it 'Safe'" -- about the political motivations for terrorist security policy.

Senator Barbara Boxer has led an effort to at least put together a public database of ash storage sites so that people can judge the risk to the areas where they live. However, even this effort has been blocked not by coal companies or utilities, but by the DHS. How could it possibly be a national security interest to cover up the location of material that's "not toxic or anything?" It's not. In fact, even if the ash turns out to be as bad as its worst critics fear, blocking the database is far more dangerous than revealing the location of these sites. Not only has there not been any threat against these sites by terrorists, and no workable scenario by which they might cause a problem, coal slurry impoundments are already failing with regularity, dousing parts of America with millions of gallons of this material. It doesn't take terrorists to make this happen.

Blocking the release of this information doesn't protect the citizens of the United States in any way. It's just another example of the same creeping secrecy that makes cities more difficult to manage because of secrecy over facilities. The same creeping secrecy that "blurs" national monuments from images and puts intentional gaps in public information. The same creeping secrecy that increasingly elevates the most unlikely attack -- the shoe bombers of the world -- above our right to know what's going on around us so that we can make informed decisions. The same secrecy that defends torturers.

bruce_schneier

http://www.schneier.com/blog/2009/07/information_lea_1.html

Can anyone guess the entry codes for these door locks?

There are 10,000 possible four-digit codes, but you only have to try 24 on these keypads. The first is most likely 1986 or 1968. The second is almost certainly 1234.

bruce_schneier

http://www.schneier.com/blog/2009/07/more_security_c.html

The plant caladium steudneriifolium pretends to be ill so mining moths won't eat it.

She believes that the plant essentially fakes being ill, producing variegated leaves that mimic those that have already been damaged by mining moth larvae. That deters the moths from laying any further larvae on the leaves, as the insects assume the previous caterpillars have already eaten most of the leaves' nutrients.

Cabbage aphids arm themselves with chemical bombs:

Its body carries two reactive chemicals that only mix when a predator attacks it. The injured aphid dies. But in the process, the chemicals in its body react and trigger an explosion that delivers lethal amounts of poison to the predator, saving the rest of the colony.

The dark-footed ant spider mimics an ant so that it's not eaten by other spiders, and so it can eat spiders itself:

M.melanotarsa is a jumping spider that protects itself from predators (like other jumping spiders) by resembling an ant. Earlier this month, Ximena Nelson and Robert Jackson showed that they bolster this illusion by living in silken apartment complexes and travelling in groups, mimicking not just the bodies of ants but their social lives too.

Now Nelson and Robert are back with another side to the ant-spider's tale - it also uses its impersonation for attack as well as defence. It also feasts on the eggs and youngsters of the very same spiders that its ant-like form protects it from. It is, essentially, a spider that looks like an ant to avoid being eaten by spiders so that it itself can eat spiders.

My previous post about security stories from the insect world.

gentoo_glsa

http://security.gentoo.org/glsa/glsa-200907-03.xml

apod

http://antwrp.gsfc.nasa.gov/apod/ap090703.html

This year Aphelion, the point in Earth's

f1racing

http://f1.gpupdate.net/en/news/2009/07/04/home-grand-prix-looms-for-heidfeld/

gmaps_sights

http://googlesightseeing.com/2009/07/03/the-door-to-hell/

http://googlesightseeing.com/?p=7464

The Darvaza (Darweze) natural gas crater is an endlessly smouldering geological anomaly located in the isolated Karakum Desert of Turkmenistan. Known locally as the “Door to Hell,” this close relative of the “Pool of Fire” and little-known tourist attraction has been on fire for at least three decades.

Above, we see the natural gas crater (barely) as a glowing red spot in an otherwise unremarkable landscape. Given the low quality of the satellite imagery in this area, it is surprising that anyone knows that the “Door to Hell” even exists. This begs the rather existential question: if a crater is burning in the middle of nowhere, does anyone see it?

As a matter of fact, a group of Russian geologists experienced it first hand in 1971¹ when the ground beneath their drilling equipment collapsed creating the abyss. Dispatched to the Karakum desert by the Soviet Union, they were searching for natural gas and found so much of the stuff that harvesting it became unsafe. With noxious gases threatening to harm nearby villages, the geologists set the seeping crater ablaze, unwittingly lighting the largest barbecue known to man.

The “Door to Hell” crater has been on fire ever since and shows no sign of stopping. Visible from a great distance, the glow from this eternal flame can even be seen in Google Earth’s City Lights layer.

Wow, that’s bright! Visitors to Turkmenistan can venture out to see hell first hand, but there aren’t any organised tours so you have to hire your own driver². Now who’s up for toasting the World’s Largest S’more?

Some really awesome photos of both craters can be found on this photography site and an impressive video of the “Door to Hell” is available on YouTube.

Thanks to Cris Diaz and Marc Buma

Locations: Turkmenistan / Categories: Deserts, Weirdness

View in Google Earth

cad_global

http://cad-comic.com/news.php?i=1901#1901

bruce_schneier

http://www.schneier.com/blog/archives/2009/07/friday_squid_bl_186.html

Office squid.

bruce_schneier

http://www.schneier.com/blog/archives/2009/07/the_pros_and_co.html

Usability guru Jakob Nielsen opened up a can of worms when he made the case for unmasking passwords in his blog. I chimed in that I agreed. Almost 165 comments on my blog (and several articles, essays, and many other blog posts) later, the consensus is that we were wrong.

I was certainly too glib. Like any security countermeasure, password masking has value. But like any countermeasure, password masking is not a panacea. And the costs of password masking need to be balanced with the benefits.

The cost is accuracy. When users don't get visual feedback from what they're typing, they're more prone to make mistakes. This is especially true with character strings that have non-standard characters and capitalization. This has several ancillary costs:

• Users get pissed off.
• Users are more likely to choose easy-to-type passwords, reducing both mistakes and security. Removing password masking will make people more comfortable with complicated passwords: they'll become easier to memorize and easier to use.

The benefits of password masking are more obvious:

• Security from shoulder surfing. If people can't look over your shoulder and see what you're typing, they're much less likely to be able to steal your password. Yes, they can look at your fingers instead, but that's much harder than looking at the screen. Surveillance cameras are also an issue: it's easier to watch someone's fingers on recorded video, but reading a cleartext password off a screen is trivial.

  In some situations, there is a trust dynamic involved. Do you type your password while your boss is standing over your shoulder watching? How about your spouse or partner? Your parent or child? Your teacher or students? At ATMs, there's a social convention of standing away from someone using the machine, but that convention doesn't apply to computers. You might not trust the person standing next to you enough to let him see your password, but don't feel comfortable telling him to look away. Password masking solves that social awkwardness.

• Security from screen scraping malware. This is less of an issue; keyboard loggers are more common and unaffected by password masking. And if you have that kind of malware on your computer, you've got all sorts of problems.

• A security "signal." Password masking alerts users, and I'm thinking users who aren't particularly security savvy, that passwords are a secret.

I believe that shoulder surfing isn't nearly the problem it's made out to be. One, lots of people use their computers in private, with no one looking over their shoulders. Two, personal handheld devices are used very close to the body, making shoulder surfing all that much harder. Three, it's hard to quickly and accurately memorize a random non-alphanumeric string that flashes on the screen for a second or so.

This is not to say that shoulder surfing isn't a threat. It is. And, as many readers pointed out, password masking is one of the reasons it isn't more of a threat. And the threat is greater for those who are not fluent computer users: slow typists and people who are likely to choose bad passwords. But I believe that the risks are overstated.

Password masking is definitely important on public terminals with short PINs. (I'm thinking of ATMs.) The value of the PIN is large, shoulder surfing is more common, and a four-digit PIN is easy to remember in any case.

And lastly, this problem largely disappears on the Internet on your personal computer. Most browsers include the ability to save and then automatically populate password fields, making the usability problem go away at the expense of another security problem (the security of the password becomes the security of the computer). There's a Firefox plugin that gets rid of password masking. And programs like my own Password Safe allow passwords to be cut and pasted into applications, also eliminating the usability problem.

One approach is to make it a configurable option. High-risk banking applications could turn password masking on by default; other applications could turn it off by default. Browsers in public locations could turn it on by default. I like this, but it complicates the user interface.

A reader mentioned BlackBerry's solution, which is to display each character briefly before masking it; that seems like an excellent compromise.

I, for one, would like the option. I cannot type complicated WEP keys into Windows -- twice! what's the deal with that? -- without making mistakes. I cannot type my rarely used and very complicated PGP keys without making a mistake unless I turn off password masking. That's what I was reacting to when I said "I agree."

So was I wrong? Maybe. Okay, probably. Password masking definitely improves security; many readers pointed out that they regularly use their computer in crowded environments, and rely on password masking to protect their passwords. On the other hand, password masking reduces accuracy and makes it less likely that users will choose secure and hard-to-remember passwords, I will concede that the password masking trade-off is more beneficial than I thought in my snap reaction, but also that the answer is not nearly as obvious as we have historically assumed.

egotastic_feed

http://www.egotastic.com/entertainment/celebrities/kim-kardashian/kim-kardashian-bikini-pictures-are-alright-i-guess-004763

pennyarcaderss

http://feeds.penny-arcade.com/~r/pa-mainsite/~3/PS-ppd3IYsI/

http://www.penny-arcade.com/comic/2009/7/3/guest-lookouts-part-3/

kuro5hin

http://www.kuro5hin.org/story/2009/6/30/205649/214

jfriedl_rss

http://regex.info/blog/2009-07-03/1249

NOTE: Images with an icon next to them have been artificially shrunk to better fit your screen; click the icon to restore them, in place, to their regular size.

Nikon D700 + Nikkor 24-70mm f/2.8 @ 50 mm — ¹/100 sec, f/3.5, ISO 3200 — full exif & map — nearby photos
Yeah, That'll Do

Continuing with the story about our visit to KidZania in Nishinomiya, Japan the other day, where Anthony started his play by working as a gas-station attendant and then got some banking done before searching for his next job.

It turns out that he got lucky, because as he was showing interest in a construction job, the foreman said that a job was about to start and that they had room for one more, so he didn't have to wait at all.

(Unfortunately, the uniform color is that blinding, pure orange that I have such trouble with, as I discussed in the middle of the first KidZania post. I don't doubt that a skilled photographer could handle this, but I ended up with all kinds of shades of yellow mixed in. Sigh.)

Nikon D700 + Nikkor 24-70mm f/2.8 @ 70 mm — ¹/100 sec, f/3.5, ISO 4000 — full exif & map — nearby photos
Minor Uniform Adjustment
( I just love his face in this one )

Nikon D700 + Nikkor 24-70mm f/2.8 @ 66 mm — ¹/100 sec, f/3.5, ISO 1800 — full exif & map — nearby photos
Heading Off to Work
giving Mommy a (slightly apprehensive, “well, here I go!”) smile

Nikon D700 + Nikkor 24-70mm f/2.8 @ 56 mm — ¹/100 sec, f/3.5, ISO 6400 — full exif & map — nearby photos
Wide Range of Talent

Nikon D700 + Nikkor 24-70mm f/2.8 @ 24 mm — ¹/100 sec, f/2.8, ISO 2500 — full exif & map — nearby photos
Crane (Left) And Partially-Built Tower (Right)

Nikon D700 + Nikkor 24-70mm f/2.8 @ 24 mm — ¹/100 sec, f/2.8, ISO 1000 — full exif & map — nearby photos
Two “Caution: Construction” Signs
(one at white arrow is real; at left arrow is play)

The 10 kids went to the back of the construction zone for some instruction, and to be divided into four groups. After a while, Anthony and some other kids left the construction zone and entered the city, going where I had no idea. I followed....

Nikon D700 + Nikkor 24-70mm f/2.8 @ 24 mm — ¹/100 sec, f/2.8, ISO 1800 — full exif & map — nearby photos
Business Trip?

Turns out that they were moving to the second-story level of the construction zone, via some stairs near the flight-attendant academy. Whatever Anthony's job was involved an extra safety harness and tether....

Nikon D700 + Nikkor 24-70mm f/2.8 @ 70 mm — ¹/80 sec, f/2.8, ISO 6400 — full exif & map — nearby photos
Equipment Instruction

I was happy when we got home to show Anthony photos of workers on a crane wearing the same safety harness.

Anyway, while this was going on, a group down below was working on prepping the top of the tower for installation....

Nikon D700 + Nikkor 24-70mm f/2.8 @ 70 mm — ¹/100 sec, f/2.8, ISO 4500 — full exif & map — nearby photos
Tip Top of the Tower

The crane had already moved the top half of the tower tip from its position in the square box to on top of the hexagonal part, and now the kids were securing it together. The crane was operated by a console on the second level near Anthony, and the two sets of kids (those operating the crane and those at the business end) communicated with hastily-learned voice and hand commands identical to what you'd hear at a Japanese construction site.

Meanwhile, another group of kids was at work constructing a bridge that leads to the base of the tower....

Nikon D700 + Nikkor 24-70mm f/2.8 @ 24 mm — ¹/100 sec, f/3.5, ISO 4500 — full exif & map — nearby photos
Moving the Keystone Pieces Into Place
of a segmented arch bridge

Nikon D700 + Nikkor 24-70mm f/2.8 @ 70 mm — ¹/80 sec, f/3.5, ISO 6400 — full exif & map — nearby photos
Watching The Cranework

Nikon D700 + Nikkor 24-70mm f/2.8 @ 24 mm — ¹/100 sec, f/3.5, ISO 5600 — full exif & map — nearby photos
Hoisting Up the Tower Tip

At this point Anthony's group had to call out instructions to the kids operating the crane, to position the top just above its mount, then let it down. The kids then rotated the tip to lock it into position on the base of the tower.

Nikon D700 + Nikkor 24-70mm f/2.8 @ 60 mm — ¹/100 sec, f/3.2, ISO 6400 — full exif & map — nearby photos
Final Adjustments

Nikon D700 + Nikkor 24-70mm f/2.8 @ 70 mm — ¹/100 sec, f/3.2, ISO 5600 — full exif & map — nearby photos
tongue sticking out,
Releasing the Hoist

Nikon D700 + Nikkor 24-70mm f/2.8 @ 27 mm — ¹/100 sec, f/3.2, ISO 6400 — full exif & map — nearby photos
Final Inspection

Nikon D700 + Nikkor 24-70mm f/2.8 @ 70 mm — ¹/50 sec, f/3.2, ISO 6400 — full exif & map — nearby photos
Putting Safety Equipment Away

Nikon D700 + Nikkor 24-70mm f/2.8 @ 24 mm — ¹/100 sec, f/3.2, ISO 4000 — full exif & map — nearby photos
meanwhile, down below...
Bridge Load-Bearing Structural Test

Nikon D700 + Nikkor 24-70mm f/2.8 @ 32 mm — ¹/100 sec, f/3.2, ISO 3600 — full exif & map — nearby photos
Getting Ready To Flip the Switch
on the lights running up the tower and into the just-installed tip

Nikon D700 + Nikkor 24-70mm f/2.8 @ 70 mm — ¹/100 sec, f/3.2, ISO 1800 — full exif & map — nearby photos
Getting Set Up for a Group Photo

All the kids then got on the bridge, and they snapped a photo, after which the kids lined up to receive their pay. We were told to stop by after an hour, and they'd have free copies for the kids, and indeed they did.

aneeta_04

Pacing slowly towards the office building, I could see, company buses entering normally into the Office Gate. So I called my boss on his mobile, but he didnt pick my call. Then I called my teamie B, and she confirmed the news and told me, they were all made to wait inside the company bus.
 

After I reached the office, I teamed up with few of my colleagues and waited outside the office building with 1000 other employees. Nobody knew the source of the Information. Finally somebody from the MGMT declared that there was one confirmed case of Swine Flu and that they have quarantined that particular floor and people who are comfortable can go in and work. Well, there were some debates and discussions and finally what we heard was that we could take the day off.

Well 2 of my colleagues came back home with me, and we had a Dosa, Sambhar, Pudina Chutney, Breakfast at home. They have been waiting for quite some time for Dosa bfast at my place. We discussed some of the office tales/gossip and then they left for the day. We looked for more information on the Internet for this particular news. But we havent been able to trace any. Also we do not have access to work-email from outside office network, so we havent received any official information from the MGMT yet.

I do not know the impact of this incident on the remaining employees. Some of us are already feeling sick thinking about the possibility of contracting the flu. I have been having hectic schedules for a month now, and my health and well being has been normally low for quite some time. So, I think my sick feeling today is just a temporary phase and things will return to normal very soon. 

 

bruce_schneier

http://www.schneier.com/blog/archives/2009/07/the_insecurity.html

Good essay -- "The Staggering Cost of Playing it 'Safe'" -- about the political motivations for terrorist security policy.

Senator Barbara Boxer has led an effort to at least put together a public database of ash storage sites so that people can judge the risk to the areas where they live. However, even this effort has been blocked not by coal companies or utilities, but by the DHS. How could it possibly be a national security interest to cover up the location of material that's "not toxic or anything?" It's not. In fact, even if the ash turns out to be as bad as its worst critics fear, blocking the database is far more dangerous than revealing the location of these sites. Not only has there not been any threat against these sites by terrorists, and no workable scenario by which they might cause a problem, coal slurry impoundments are already failing with regularity, dousing parts of America with millions of gallons of this material. It doesn't take terrorists to make this happen.

Blocking the release of this information doesn't protect the citizens of the United States in any way. It's just another example of the same creeping secrecy that makes cities more difficult to manage because of secrecy over facilities. The same creeping secrecy that "blurs" national monuments from images and puts intentional gaps in public information. The same creeping secrecy that increasingly elevates the most unlikely attack -- the shoe bombers of the world -- above our right to know what's going on around us so that we can make informed decisions. The same secrecy that defends torturers.