Sunday, March 30, 2008

Linux-Based Systems Found to Be "Hacker Proof"!

At this year's CanSecWest, they mounted the second PWN to OWN challenge: given a Sony Vaio running Linux, a MacBook Air running Leopard and a Fujitsu U810 running Vista, the first hacker to exploit the system of their choice would take the device home; in addition, the first to exploit any of the devices would get a check for ten grand.

The MacBook Air went down first in a surprisingly (disturbingly, really) three minutes, thanks to an exploit in the latest version of Safari, v3.1. Disturbing, since Safari 3.1 is the version on the beta 2.0 iPhones as well. Given the lack of a real security model on the iPhone, and the fact that most things run as root, this raises some concerns about the safety of putting third-party software onto that device. No doubt this exploit will be fixed, but this and the similar speed with which the iPhone 2.0 update was jailbroken underscore the fragility of the iPhone.

The Vista device went next, taking a more impressive 55 hours, before it finally fell to a Flash exploit.

The VAIO running Ubuntu was the only device standing at the end of the third day.

Want real security on your mobile device? You want Linux.

Monday, March 3, 2008

The Shiny Report (and Nine-Inch Nails in the iTunes Coffin...?)

One of the things that I seem to value in my friends is their taste and design sense. My good friend in Vancouver, Jonathan "Squink" Blake, has started up The Shiny Report, an excellent blog showcasing some equally excellent examples of form transcending function and function coming to life through form. In other words, a lot of neat, well-designed things. This blog definitely lives up to its name: it's extremely shiny.

I see an awful lot of stuff I'd like to have, or at least play with. Check it out.

Following up on the possible disintegration of the iTunes Music Store's business model over the next year or so, Trent Reznor/Nine Inch Nails just released the new album, Ghosts I-IV, 36 instrumental tracks in all, and is offering free downloads of the first nine tracks. Well, trying to offer:
Unfortunately, the Ghosts I-IV site is down for the next few hours for maintenance. We quietly released this album last night without any warning, and without any press. Because we know how devoted our fans are, we planned for an overwhelming response, and expected heavy traffic. To our surprise, the traffic was more than three times what we anticipated, and has only been getting heavier throughout the day. The response has been absolutely phenomenal, and we couldn't be happier, but our servers have taken a beating, causing numerous problems with the download site. Our developers, who have been working non-stop to combat the surge of traffic, feel that taking the site down for a few hours to fix some crucial issues is the best way to get things running smoothly again. We sincerely apologize for the inconvenience.
However, they helpfully point out:
While the site is down, you can still purchase the complete Ghosts I-IV here from Amazon's MP3 store for only $5. The MP3s are high quality and DRM-free.
Five bucks, thirty-six tracks, no DRM. That's under fourteen cents a track. You can't get it from the iTunes Store, NIN fans. I expect Amazon to sell a bunch of these (one to me, certainly), and I expect to see more of this sort of thing, and more of the business in general going to Amazon, eMusic, and the like.

If you want to scope out the first quarter of the album before you buy, it's on the torrents...

Saturday, March 1, 2008