1. How to move your /boot partition onto removable media.

    19 April 2014

    Part of every traveler's threat model today should include the following scenario:

    When you're trying to fly into or out of an airport en route to someplace else, it is entirely possible that the airport's security staff will take you aside for a more thorough search and questioning while your stuff is taken someplace out of your control and analyzed. We know that there are malware packages available today that boobytrap the boot device of laptop computers to install various forms of surveillance malware which run the next time you start your machine up and compromise the OS even though …

    Read more...

  2. Mass producing custom stem cells and advances in desktop testing.

    19 April 2014

    Let's cut through some FUD: Human stem cells are pretty easy to come by. Embryos have not been involved in the process for well over ten years that I can recall off the top of my head, and probably closer to twenty. Every human body has stockpiles of them that can be extracted with minor surgical procedures. The procedures in question usually involves scarily long needles that reach deeply enough inside the body to extract them, which might be why research into re-embryonization of other kinds of cells has proceeded at a good clip. To summarize, medical science has been …

    Read more...

  3. Someone in the community needs help.

    16 April 2014

    I don't have a whole lot of time right now, but this came to me via several channels that I trust. Robert Mathis-Friedman suffered a massive stroke in December of 2013. Following major brain surgery and months of occupational and physical therapy, he's home from the hospital but his family are asking for donations to help modify his house so that he can lead a more active life.

    If you can donate some money, please do so to help him.

    Read more...

  4. Ubuntu Linux and the Heartbleed OpenSSL vulnerability.

    07 April 2014

    If you're in the mad scramble to patch the Heartbleed vulnerability in OpenSSL on your Ubuntu servers but you need to see some documentation, look in your /usr/share/doc/openssl/changelog.Debian.gz file. If you see the following at the very top of the file, you're patched:


    openssl (1.0.1-4ubuntu5.12) precise-security; urgency=medium

    * SECURITY UPDATE: side-channel attack on Montgomery ladder implementation
    - debian/patches/CVE-2014-0076.patch: add and use constant time swap in
    crypto/bn/bn.h, crypto/bn/bn_lib.c, crypto/ec/ec2_mult.c,
    util/libeay.num.
    - CVE-2014-0076
    * SECURITY UPDATE: memory disclosure in TLS heartbeat extension …

    Read more...

  5. There's wearable computing, and then there's wearable computing.

    03 April 2014

    Just last year around this time the company MC10 figured out how to fabricate small networks of sensors built out of flexible circuitry that stick to the skin of the wearer and collect biotelemetry. By sticking a single square of wavy, flexible circuitry someplace on your person you could keep a medical team appraised of certain aspects of your health. The tech curve, as always, moves like a roller coaster gone out of control... in the journal Nature Nanotechnology a research team at the Swiss Federal Institute of Technology improved upon the design and created flexible circuitry tattoos that can …

    Read more...

  6. Prosthetic synaesthesia and cortical implants.

    01 April 2014

    The human brain is a remarkably complex and flexible organ, with as many possible failure modes and glitches as there are emergent and surprising properties. Take something away, and sometimes you can coax another part of the brain to take up the slack in some other way. Case in point, artist Neil Harbisson. Harbisson was born with a condition called achromatopsia, which is the name for a group of disorders which collectively result in the same phenomenon - he cannot see colors, only shades of greyscale. Sometimes it's a neurological dysfunction, sometimes it's a defect in the retina, and sometimes it's …

    Read more...

  7. Turtles All the Way Down: So, does anyone actually operate this way?

    28 March 2014

    So, after all everything's said and done, you're probably asking yourself "Why would somebody go through all this trouble to build a computer from the ground up? It's never going to be as fast as one that you can buy, so what's the point?"

    Ultimately, it comes down to what you're trying to accomplish. If you want the fastest possible CPU, tens of gigabytes of RAM, and four monitors so you can go raiding more efficiently chances are you have a threat model that doesn't approach the level of concern, paranoia, or security requirements that we assumed through the other …

    Read more...

  8. Turtles All the Way Down: Applications

    24 March 2014

    Now our hypothetical trusted and open computing platform needs applications so you can get real work done. Text editors, scripting languages, officeware, and probably a desktop of some kind. To stick with our security practice of keeping systems as spare as possible, I recommend only installing applications and their dependencies as you need them. In the last post I suggested picking a package management system of some kind if one isn't already a core component of the OS that we recompiled and installed. If you get in the habit of building and using packages now you'll save yourself a lot …

    Read more...

58 / 206