Exploiting Twitter

Dave Farquhar net.culture , , ,

It’s interesting that I read two things about buying Twitter publicity today: John C Dvorak’s experiment for PC Magazine and an interview with my classmate and friend Ken. The idea is that people buy Twitter followers to make themselves look bigger than they are, whether they’re celebrities trying to make themselves look like they’re on their way up rather than down, or, like the scam my friend discovered, indie book authors trying to build a following.

Read more

A collection of old photographs to help your model-making

Dave Farquhar Model Building, model railroading, Toy trains

It’s hard to make models of old buildings without knowing what they looked like in the past. Over a period of about 30 years, Charles Cushman, an exceptionally gifted amateur photographer, took about 14,000 slides of everyday life, mostly in color. After his death in 1972, his family donated the slides to Indiana University, which digitized the collection and put it online. Key in what you’re looking for–buildings, automobiles, people, whatever–and you can study photos taken from 1939 to 1969. Then you can make your people, buildings, or cars look like they did during the time period you’re after. If you like a particular city, you may even be able to find pictures of that city in the collection.

I love driving through the older parts of St. Louis and imagining what the city looked like in the past, but sometimes it’s not easy to imagine what’s behind the boarded-up windows, and what the streets and sidewalks would look like with people milling around. Seeing the Cushman photos makes it easier to imagine what the buildings that survive today looked like in their glory days.

If you use a Linksys router, you need to drop everything now and upgrade it

Dave Farquhar security , , ,

If you own a Linksys WRT54GL or EA2700 router, both devices have serious security vulnerabilities. Serious enough that the only way to continue using them safely is to load an alternative firmware such as DD-WRT on them. That’s not entirely a bad thing; DD-WRT is more capable, and unlike most consumer-oriented firmware, allows you to disable WPS.

The EA2700, in particular, is so trivially easy to hack it’s laughable–all it takes is entering a predictable URL into a web browser. That’s it.

Read more

The AMI BIOS breach of 2013

Dave Farquhar security , , , , ,

A security professional’s nightmare happened to AMI this week. Tons of confidential data, including the source code for the UEFI BIOS for Intel Ivy Bridge-based systems and an AMI-owned private key for digital signatures, turned up on a wide-open FTP server for all comers to download anonymously. This AMI BIOS breach has numerous implications.

The implications are nearly limitless. To a malware author, this is like finding a hollowed-out book at a garage sale stuffed with $100 bills with a 25-cent price sticker on the front. If you’re a budding security professional, count on being asked in job interviews why you need to protect confidential information. The next time you get that question, here’s a story you can cite.

Read more