Tuesday, September 13, 2011

Physicists reaches milestone towards optical computing

Physicists at Aarhus University, Denmark have proven that the methods for slow light can be used for creating optical transistors, an important milestone they say.

The scientists use a method known as electromagnetically induced transparency, which is the same that Danish physicist Lene Vestergaard Hau from Harvard University uses in her experiments concerning slow light.

A crystal of cold calcium ions can be utilized as an optical transistor, where the photons (light) can check and control the amount of other photons that can escape the crystal - the same way that the voltage of a gate-electrode in a transistor can control the current running through the transistor, writes physicists at Aarhus University in a new article in Nature Photonics.

Professor Michael Drewsen and two of his coworkers from Aarhus University have taken this research a step further by controlling the transmission of photons through a Coulomb crystal. A Coulomb crystal is a collection of ions, in this case calcium ions that are cooled down to only a thousands of a degree above absolute zero.

The typical distance between these ions is 10 micrometers, which is 100.000 times longer than the distance between atoms in a normal solid. That means that the Coulomb crystal is both a solid and a collection of free particles at the same time, which gives the crystal a bunch of special properties.
  One of which is that the transmission of photons through the crystal can be adjusted with the principle of electromagnetically induced transparency by tuning the properties of photons and ions in the crystal in relation to each other.

Through an experiment, the scientists have shown that they can turn on and off for a passage of light with a wavelength of 866 nano meters through the crystal by sending a switching signal consisting of photons with a wavelength of 850 nano meters.

In a purely optical quantum computer they would have to be able to control the passage of a single photon by using another single photon. Currently they use 150.000 controlled photons for their experiment, but they say that they are already working on ideas to decrease the amount of photons needed by a factor of 100.

Sunday, September 11, 2011

Angry Birds, now a theme park attraction

The popular game Angry Birds for smartphones, such as the iPhone and Android phones, have been turning out profit of everything from t-shirts and teddy bears to board games and is now also a theme park attraction.

The goal of the Angry Birds stall is to shoot down balloon pigs with the use of a giant slingshot and those well known little birds as ammunition. So far the idea is a huge success and has attracted a lot of visitors since it's opening last Wednesday, and it has also made it to one of the theme parks more popular attractions.
   But just as with many other Chinese products the people behind this stall have not gotten permission to use the Angry Birds name or idea from Finnish Rovio who created Angry Birds.

A spokesperson from the amusement park said,
This is just a way for people to have fun and let off steam.
Usually when the Chinese copies Western products the procedure is to sue them and close down the copyright infringement, but instead the Finnish company has chosen not to. According to Rovio's Chinese spokeswoman Daisy Chang, the company will examine if they can cooperate with the amusement park. She states,
We would welcome a partnership, but Rovio would need to give them permission to use the Angry Birds game.
Rovio currently has a goal of reaching a 100 million downloads in China before the end of this year and the attraction could help them achieve this goal so it is also in their interest to spread awareness of their game.

Friday, September 9, 2011

Google arms HTC for Apple patent war

Google's latest buy of Motorola brought with it some very interesting patents. Among those there is the patent for running software on mobile hardware and also a patent for hidden antennas on mobile phones.

HTC has brought up a bunch of patents and is currently suing Apple for multiple infringements. It's a total of 9 patents that HTC has bought from Google during the last two weeks that are being used to fend of Apple, which currently has been dominating the courtroom in many different countries, namely the world wide cases against Samsung's phones and tablets. But also in their attempts to bring the Android OS down.

Google has been criticized before for not taking action against Apples attacks on several Android phone manufacturers, but Google have not had a very threatening patent catalog in the past. In the last year Google has been working hard to get as many patents as possible by buying companies like Openwave Systems, Palm and as mentioned earlier, Motorola.

According to All Things Digital HTC has paid an unknown amount to Google for the patents that will help them in the battle against Apple.

Thursday, September 8, 2011

Privacy Policy

I have added a privacy policy to the blog, since in the very near future such a policy might be a requirement by the European Union (EU).

The EU introduced a bill earlier this year as an effect of the privacy debate concerning tracking cookies placed by companies like Google and other similar services that track a users actions and pages they visit. Later it evolved into that all cookies should be included by the bill which suggested that websites that used cookies should actively get a users permission to every cookie that would be set in the users browser.
This bill was under massive critique since many websites use cookies for common functionality such as a cart on a webshop or simple login systems.
The law was supposed to take effect this year, but because of disagreement on how this law was supposed to be upheld and interpreted many countries in the EU has just chosen to wait until all the confusion has settled and a more reasonable law negotiated.
Following other websites footsteps, I have chosen to add a privacy policy that will explain what cookies are, what specific cookies are used by this blog, and just in case, how to disable them.

The policy can be found in the bottom of the page, and also here.

Tuesday, September 6, 2011

Audit of hacked Certificate Authority reveals poor security

Recently, the Dutch Certificate Authority (CA) DigiNotar was hacked and brought with it a huge scandal since it was proven that hackers had successfully created fake Google SSL certificates.


It began with a fake Google certificate that had been used by someone to impersonate Google. SSL certificates are used to verify a domains ownership but are also used to encrypt the data sent between the client and the certificate holder. The fake certificate caused some stir within the IT community and raised the question whether or not to trust CA's since this is a second CA that has been hacked in the past year. The false certificate was traced back to DigiNotar and was discussed on the web and also in news stories but DigiNotar first admitted they have had a security breach a couple of days after this was revealed.

DigiNotar stated that the attack happened on July 19th and all the affected certificates had been withdrawn. But clearly their own audit of the security breach had not been thorough enough since the faked Google certificate suddenly appeared. And later there had been found more certificates in the wild and it quickly revealed that more serious certificates had been compromised including CIA, MI6 and Mossad. All major browsers have stated that they will issue an update blocking all of DigiNotar's certificates.

With the scandal that hit the CA the Dutch government chose to do an external audit of the breach to determine how this could have happened. The security auditors Fox-IT who where hired to examine the compromised servers revealed that the level of security within DigiNotar's system had been ridiculously low and pointed out such insecurities as,

  1. A single administrator account on a windows machine owned all the certificates.
  2. The administrator account was protected by a weak password that was easily brute-forced.
  3. The tools used by the hacker would have been detected by anti-virus, had it been present.
  4. The software running on the server was outdated and unpatched.

Those are some of the problems listed by Fox-IT and it really shows the lack of DigiNotar's responsibility and common sense. A Certificate Authority provides a service of security that is used to verify a website is what it claims to be and is used to encrypt credit card information on payments and to encrypt the data sent between citizens and public institutions and much more. I only ask, how can there be such an insecure system to govern the certificates? One would expect such companies to at least know common practices when guarding data you don't want to be compromised.

As of now almost 99% of the queries to the false certificates have originated from Iran which make the Iranian government prime suspect of this attack. Iran was also one of the suspects when Comodo (a South-American CA) was hacked earlier this year.

Filth - Requiem For A Dream (Dubstep Remix)

Awesome dubstep track I found today. The Original song is the theme song of the movie Requiem For A Dream - also an awesome movie that I would recommend everyone to watch.

But listen to this masterpiece!

Saturday, September 3, 2011

Dutch journalist hacks transit card

In Netherlands, a reporter has been trying to stress out the outrageously insecure card software that the Dutch subway system uses for their transit cards. The transit card is designed as a kind of debit card where one can add money to the card and then travel with the subway system by paying with the card.

The card is delivered by the company Trans Link Systems that also oversees the transit card system. It functions by using a RFID chip that you wave in front of a proximity sensor that registers a travels start and stop, and then withdraws the amount of money according to the distance traveled. The main security issue exists in the encryption that the card is protected by, namely the Crypto-1 algorithm which was cracked in 2008, for more information see this.
   Now, armed with a cheap RFID reader/writer, which you can get for less than $40, you can easily access the information stored on the card and edit it as you wish. Moreover, the software that is used for monitoring the cards is not designed to detect unusual activity or even tampering with the card. That was exactly what the reporter/hacker Brenno de Winter proved by using a hacked card for 3 weeks without being detected even though he intentionally tried to get caught by inserting mutliple check-outs from the same airport with a 3-minute interval, which is practically impossible without some sort of teleportation. And that's not even the worst part. The technique not only allows you to insert checkouts but you could also add an unlimited amount of money to the card which means one could travel for free within the Dutch subway system with a hacked card. A potential exploiter could also use a portable RFID reader that would steal the information on other peoples cards just by walking past them and then print the information to his own card.
   You don't even have to be a hacker, let alone a techsavvy person,  to successfully hack your card since the tools needed only includes the cheap RFID reader/writer and software that easily can be downloaded from the internet.

Now the reporter Brenno de Winter, is being sued by the transportation companies for fraud, and his goal of getting the vulnerabilities fixed is being draned down the toilet. The company only stated that it is illegal to hack your card and that there will be taken legal actions against exploiters.

Even though the cards security flaws are well known, the same solution is being implemented into the bus and subway system in Denmark, which already is many years behind schedule and many millions of dollars over budget because of adjustments that needed to be made so it would adapt to the already established systems in Denmark.

At time of writing, there still hasn't been taken any action nor is there any information available that they intend to fix the vulnerabilities in the current card software.

Tuesday, August 30, 2011

Facebook pays $40.000 in 3 weeks for bug-reports

Since Facebook launched it's program that pays hackers to report errors and security bugs, there has been a lot of reports during the 3 weeks the program has been running.
   Developers from 16 different countries has contributed their work to the social media and has paid a single hacker $7000 for a total of 6 contributions.

Facebook pays out rewards ranging from $500 to $5000, estimated by the severity of the bug, and up until now there has been some confusion where rumors had said that the maximum payout was $500. There has only been paid a single reward of $5000 but a lot of the $500 payouts, Facebook has announced that even though they are very satisfied with the program there still are many people who contribute useless reports just to get publicity.

This type of initiative is not uncommon for big IT corporations, companies like Microsoft, Mozilla and Google each has their similar program, where Google has paid out more than $300,000 during the lifespan of their program and Microsoft who has promised $250,000 for those who can develop security tools that will protect Windows users against attacks that exploit software.

Saturday, August 27, 2011

Danish ISPs mislead and cheat their customers

It has been known for quite some time that the majority of Danish ISPs (Internet Service Provider) promise more bandwidth than they deliver, and of course that irritates people a lot. Moreover the ISPs are acting like brutes against their customers when the poor people try to understand why they don't get the bandwidth as promised and why suddenly huge bills arrive in their mail which seemingly can be canceled in less than 2 minutes with a single phone call. Yes, this is a story of a close friend of mine who has been toyed with by the big bad phone company "3", their website is located here.

My friend moved into a new apartment almost half a year ago, and as many other people he needed to buy some internet access. He got a 3G modem from the company "3" and a subscription for 20 mbit/s for 250 DKK a month (roughly $50 USD).
   Then 2 months ago he receives a bill saying he has to pay 1200 DKK ($240) for downloading more than the 20GB his connection is limited to, except that when he looked through his logs he could see that he had only downloaded 6.5GB of data and when he called to ask about the bill, the woman who was just in customer service said: "Oh right, that must just be a mistake." and voided the invoice immediately. There was no need to talk to a "higher ranking" employee and when he asked how this mistake could have happened she said she didn't know and sadly there was no one around to tell him, he could just call again another time.

Let's take this one first. My questions are now:
  • How can there mistakenly be sent an invoice for overuse when their own software shows that there hasn't been downloaded more than allowed?
  • How is it that there isn't any confusion or surprise when a person calls about a bill he shouldn't have received? Are they used to such phone calls? Do they send unsolicited bills often?
  • Why can't she explain to him what has gone wrong?
  • If he hadn't reacted on the bill and just paid it (as some people just might have) would they have made any effort to cancel the payment or make sure he would be refunded?
This of course made him very angry, but I could just tell him that this wasn't unusual, there are many more such stories of people who have received huge bills they shouldn't have got in the first place. I asked him what connection he had, since I know for a fact that the 3G network in Copenhagen (Danish capital) can't deliver more than 2 mbit/s, and he told me he had this 20 mbit/s subscription. I went online and found 3's speed test and checked his download speed. No surprise: 2.12 mbit/s. He tested it a couple of times during the week but didn't get a higher result.

Feeling mislead and angry he went down to the store where he bought his modem and subscription and asked how come he is paying for a 20 mbit connection but only gets 2. The salesman answers that when buying a 20 mbit subscription one can expect speeds between 2 to 32 mbit/s, my friend politely says that he isn't paying for a connection which range is predominantly slower than what was promised when he bought it. So then he asks for the 2 mbit subscription that costs 50 DKK ($10) a month. The salesman tells him that then my friend won't have the possibility of the 20 mbit as his current subscription "theoretically" can achieve and my friend says he don't want to pay 5 times the price for something he don't think he'll ever get and insists that he wants his subscription changed immediately. After some discussing back and forth, the salesman finally gives up and tells him: "I'm sorry, but it is a breach of my contract if I downgrade your subscription."

I don't feel like I have to say anything, but I will just list what I get from all of this.
  1. They intentionally sell people connections that are much lower than what is promised.
  2. They are used to get complaints about the connection and there are many such stories if you do a simple google search (Danish).
  3. And a question: in what other business is it legal to promise a product or service for a fee and then not deliver what has been agreed? That is like going to the store paying for a 500-page-book and then receive the first two chapters? Isn't this called fraud?
As a last comment I just wan't to warn anyone who has considered buying any service with them since they obviously just try to take your money from you and they are being quite blunt about it.

That was all for now. See you later.

Wednesday, August 24, 2011

Samsung strikes back!

The patent war between Apple and Samsung rages on!

Earlier this year Apple successfully blocked all sales of the Galaxy Tab by suing Samsung, claiming that their Tab was a direct copy of their iPad. The block was eventually revoked because Apple had included false documentation, read this. Apple was also discredited by their patent registration certificate because the design specification was a generic description of almost any tablet computer.

Now Samsung, which has stated that the specification of the iPad was too generic, claims that Apple stole the iPad design from he movie "2001: A Space Odyssey". It is a science fiction movie from 1968 and in their accusation Samsung has provided a picture of two engineers eating breakfast with the tablet besides them.

They presented this evidence to a city court and I quote:
Attached hereto as Exhibit D is a true and correct copy of a still image taken from Stanley Kubrick's 1968 film "2001: A Space Odyssey." In a clip from that film lasting about one minute, two astronauts are eating and at the same time using personal tablet computers. The clip can be downloaded online at http://www.youtube.com/watch?v=JQ8pQVDyaLo. As with the design claimed by the D’889 Patent, the tablet disclosed in the clip has an overall rectangular shape with a dominant display screen, narrow borders, a predominately flat front surface, a flat back surface (which is evident because the tablets are lying flat on the table's surface), and a thin form factor.
You can watch the video here.
Additional iPad look-alike here.

Tuesday, August 23, 2011

µTorrent reaches a 100 million active users

Torrents are no doubt the most common way of sharing files, and has been that for quite some time now. But when it comes to torrent clients, µTorrent is undoubtedly the best client, or that's what it seemingly looks like.

Since µTorrent was released 6 years ago, it has gone through major changes. It went from being an all technical application for the it-skilled to being the most user-friendly torrent client around. And apparently the public thinks so to. Now µTorrent currently has 100 million active users a month which is   4 times more than for just 3 years ago and also the same amount of users as Twitter has.

That is quite the accomplishment, and even though the people behind µTorrent are overly excited, they are already taking a look at their next goal. Analysis shows that many of the users that download the software don't become regular users and that they want to change.

Monday, August 22, 2011

Microsoft giving away free phones!

Now that HP had announced they would stop developing WebOS, their shot at a mobile operating system, the app developers who have had their app published to the store can now contact Microsoft and get their very own, very free Windows Phone.

That is a very special offer and many developers were quick to claim their piece of the cake. Microsoft got almost 600 requests in the first 24 hours after releasing the message on twitter.

The reason for WebOS developers can get free phones is that WP 7 (Windows Phone) doesn't have a lot of apps and stuff as the android market and appstore has, and if Microsoft is to have any chance at all for getting into the smartphone market they need to appeal to the consumers with a lot of functionality and techie-stuff, they think. Therefore they have made this little offer to get the old WebOS developers to make apps for WP 7...

I believe it's the number of users that attract developers, but it's not the number of apps that attracts users, it is the product itself, in this case the phone.

Friday, August 19, 2011

Apple on the offensive

Since Apple successfully banned all of Samsung's Galaxy Tab, by claiming it was a breach of their patented design of the iPad, their has been a lot of discussion about how the EU's laws about design-copyright.

This has all been a huge matter in Europe and I think it's about time to take a look at how Apple has been presenting their accusations and the validity of the information they have come up with.

First of all there is a law in EU that covers design-copyright which is used to protect against copying the looks of a product such as chairs, lamps, furniture and such. Then when Apple they submitted their design specification, you might expect them to send in a description of the iPad.
   Instead they just submitted a piece of paper with a drawing that could describe most tablets ever made and probably a lot more in the future. The specification is barely more than a square with screen and rounded corners. See this.

Then they misled the German court by manipulating evidence. In the about 70-pages-long document there is an image where the Galaxy Tab is compared to the iPad. And it's commonly known that the iPad has a screen dimension of 4:3 and the Tab 16:10, but in the document they have been presented to be exactly the same size, see this. This should be considered illegal and Apple should lose the case. But as a big and powerful corporation the ban was just reduced to just cover Germany.

Now Apple decided to just try again and do it in the Netherlands and now they require a ban of all the Galaxy products including the phones in all of Europe.

Should a company like Apple be allowed to manipulate and cheat respected courts? Or should they be reviewed for there behavior and another review for monopoly?

Thursday, August 18, 2011

McAfee's iPhone App

A new app for iPhone has emerged from McAfee, with functions such as remote wipe and locking it through their website.

This sounds all good and clingy but the two functions and more yet which the App ships with, are already built-in within the iPhone software and the service iCloud. Moreover the built-in functions have been available for over a year, so what was McAfee thinking when they put time and money into developing an app which there is no need for but costs a little more than 20$?

Apparently McAfee has some trouble developing good and useful security software, since it not only the iPhone software that is useless, but also their desktop anti-virus only detects about half of all infections on your computer. This clearly shows that McAfee isn't a leading security-software-developing company but just another Computer related firm with a useless product and too high prices... But isn't that just the standard nowadays?