Slashdot Mirror

Burnsy writes "During all the hype of Apple celebrating its 1.5 billion iPhone App Store downloads, some good advice on how to be successful and stand out in the App Store came out. One story describes how developers are increasingly coming up with various strategies to make a splash, employing everything from temporary discounts to guerilla marketing tactics. On the other hand, some successful developers, such as the creator of the Flight Control app, which has been the number one selling app in 20 countries, talk about the pitfalls of Apple's approval process for the App Store. They say it can take a developer up to three months to get an application approved and distributed on the App Store and that maybe the iPhone bubble is soon to burst." A related story at Wired points out that the games category — already crowded with over 13,000 entries — is getting even more competitive as the major game publishers push into the market.

angry tapir writes "The UK was the likely source of a series of attacks last week that took down popular Web sites in the US and South Korea, according to an analysis performed by a Vietnamese computer security researcher. The results contradict assertions made by some in the US and South Korean governments that North Korea was behind the attack. Security analysts had been skeptical of the claims, which were reportedly made in off-the-record briefings and for which proof was never delivered." The Vietnamese security site's blog is linked from the article, but it is very slow even before Slashdotting. The researchers observed 166,908 zombies participating in the attacks — a number far larger than most earlier estimates.
Update: 07/14 21:24 GMT by KD : Wired is reporting that the UK owner of the IP address in question is pointing a finger at a server in Florida, which it says opened a VPN to the UK machine for the attacks. Once again, the attacker could be anywhere.

fysdt writes "A South African bank has outfitted its ATMs with pepper spray to prevent criminals from bombing or tampering with the machines. But the system still has some bugs: One of the machines released its stinging payload on three maintenance workers last week."

Soychemist writes "On the same day that yet another shuttle launch was postponed, SpaceX successfully carried a Malaysian satellite, RazakSAT, into orbit. This is the second successful launch in a row for Elon Musk's space exploration startup. Later this year the company will launch its larger Falcon 9 rocket, which could be used to carry cargo to the International Space Station. RazakSAT was designed by ATSB and carries a high resolution camera. If it is intact, the satellite will take photographs of Earth that could be used to better manage natural resources." Adds xp65: "The satellite was separated from the Falcon 1 about 48 minutes after liftoff at 3:35 GMT (11:35 pm EDT). The orbit is 685 km and 9 degrees inclination. Launch was delayed several times due to a faulty helium valve on the ground and bad weather at the launch site at Kwajalein. This was the fifth flight of the Falcon 1 rocket, with the last two flights being succesful. Later this year the inaugural flight of the larger Falcon 9 rocket is planned from Cape Canaveral."

Soychemist writes "On the same day that yet another shuttle launch was postponed, SpaceX successfully carried a Malaysian satellite, RazakSAT, into orbit. This is the second successful launch in a row for Elon Musk's space exploration startup. Later this year the company will launch its larger Falcon 9 rocket, which could be used to carry cargo to the International Space Station. RazakSAT was designed by ATSB and carries a high resolution camera. If it is intact, the satellite will take photographs of Earth that could be used to better manage natural resources." Adds xp65: "The satellite was separated from the Falcon 1 about 48 minutes after liftoff at 3:35 GMT (11:35 pm EDT). The orbit is 685 km and 9 degrees inclination. Launch was delayed several times due to a faulty helium valve on the ground and bad weather at the launch site at Kwajalein. This was the fifth flight of the Falcon 1 rocket, with the last two flights being succesful. Later this year the inaugural flight of the larger Falcon 9 rocket is planned from Cape Canaveral."

Hugh Pickens writes "Wired reports that as neural devices become more complicated — and go wireless — some scientists say the risks of 'brain hacking' should be taken seriously. '"Neural devices are innovating at an extremely rapid rate and hold tremendous promise for the future," said computer security expert Tadayoshi Kohno of the University of Washington. "But if we don't start paying attention to security, we're worried that we might find ourselves in five or 10 years saying we've made a big mistake."' For example, the next generation of implantable devices to control prosthetic limbs will likely include wireless controls that allow physicians to remotely adjust settings on the machine. If neural engineers don't build in security features such as encryption and access control, an attacker could hijack the device and take over the robotic limb." Relatedly, several users have written to tell us that science may be closer to the science fiction "mind wipe" than previously thought. Put this all together and I welcome the next step in social networking; letting the cloud drive my limbs around town via a live webcam and then wiping the memory from my brain. Who has MyLimb.com parked and is willing to deal?

Hugh Pickens writes "The NY Times reports that more than 40 percent of all smartphone owners and 80 percent of iPhone users use their mobile devices to get turn-by-turn directions driving down sales of traditional standalone GPS units from companies like TomTom, Garmin and Magellan. During the first quarter, TomTom said it shipped 29 percent fewer GPS units compared with the period in 2008 while Garmin's unit sales fell 13 percent from the previous year. While smartphones are susceptible to interruptions from incoming phone calls and using the mapping features for a long time can chew through battery power, the list of the smartphone's shortcomings is dwindling as some of the latest navigation applications offer voice navigation and take advantage of the phone's always-connected state to offer real-time traffic updates, directions to contacts in the phone's address book and more. 'I've not stopped using a GPS because I never bought one in the first place — they are expensive and inconvenient,' says Steve Weller. 'Now with the iPhone, I will actually use GPS — and the 10 other functions it replaces.' The traditional GPS device companies are trying to adapt, seeking to expand their reach into the smartphone market. TomTom recently announced that it would introduce a portable navigation application for the iPhone that would feature turn-by-turn directions and audio prompts. 'The simplicity of having one device and not needing to pull the Garmin out of my glove compartment is enough,' says Andrew DiMarcangelo. 'I want to get into my car and do as few things as possible.'"

BotScout writes "The nation's Social Security numbering scheme has left millions of citizens vulnerable to privacy breaches, according to researchers at Carnegie Mellon University, who for the first time have used statistical techniques to predict Social Security numbers solely from an individual's date and location of birth. The researchers used the information they gleaned to predict, in one try, the first five digits of a person's Social Security number 44 percent of the time for 160,000 people born between 1989 and 2003. A Social Security Administration spokesman said the government has long cautioned the private sector against using a social security number as a personal identifier, even as it insists 'there is no fool-proof method for predicting a person's Social Security Number.'" Update: 07/07 00:01 GMT by T : Reader angrytuna links to Wired's coverage of the SSN deduction system, and links to the researchers' FAQ at Carnegie Mellon, which says that the research paper will be presented at BlackHat Las Vegas later this month.

suraj.sun writes to tell us that the RIAA has asked a federal judge to order the removal of what they are calling "unauthorized and illegal recordings" by Harvard University's Charles Nesson of pretrial hearings and depositions in a file-sharing lawsuit. "The case concerns former Boston University student Joel Tenenbaum, who Nesson is defending in an RIAA civil lawsuit accusing him of file-sharing copyrighted music. Jury selection is scheduled in three weeks, in what is shaping up to be the RIAA's second of about 30,000 cases against individuals to reach trial. The labels, represented by the RIAA, on Monday cited a series of examples in which they accuse Nesson of violating court orders and privacy laws by posting audio to his blog or to the Berkman site."

Wired has an amusing writeup that accurately captures the most recent ridiculous addition to Bugatti's automobile catalog. The $2.1 million Veyron sports over 1,000 horsepower, a 16-cylinder engine, and a top speed of 245 mph. The guilty conscience comes for free. "That same cash-filled briefcase could buy seven Ferrari 599s or every single 2009 model Mercedes. You could snap up a top-shelf Maybach and employ a chauffeur until well past the apocalypse. Hell, in this economy, $2.1 million is probably enough to make you a one-man special-interest group with some serious Washington clout."

The Narrative Fallacy writes "Wired reports that with just a few weeks of training, you can learn to 'see' objects in the dark using echolocation the same way dolphins and bats do. Acoustic expert Juan Antonio Martinez at the University of Alcalá de Henares in Spain has developed a system to teach people how to use echolocation, a skill that could be particularly useful for the blind and for people who work under dark or smoky conditions, like firefighters — or cat burglars. 'Two hours per day for a couple of weeks are enough to distinguish whether you have an object in front of you,' says Martinez. 'Within another couple weeks you can tell the difference between trees and pavement.' To master the art of echolocation, you can begin by making the typical 'sh' sound used to make someone be quiet. Moving a pen in front of the mouth can be noticed right away similar to the phenomenon when traveling in a car with the windows down, which makes it possible to 'hear' gaps in the verge of the road. The next level is to learn how to master 'palate clicks,' special clicks with your tongue and palate that are better than other sounds because they can be made in a uniform way, work at a lower intensity, and don't get drowned out by ambient noise. With the palate click you can learn to recognize slight changes in the way the clicks sound depending on what objects are nearby. 'For all of us in general, this would be a new way of perceiving the world,' says Martinez."

cin62 writes "The number of Internet scammers offering fake versions of the anti-swine flu drug Tamiflu has surpassed those selling counterfeit Viagra, reports CNN. Since the H1N1 virus, also known as swine flu, was declared a global pandemic last month, there has been an increase in the number of Web sites and junk emails offering Tamiflu for sale. 'Every Web site that used to sell Viagra is now selling Tamiflu. We are pretty sure that the same people are making the Tamiflu as are making the Viagra,' said Director of Policy for the UK's Royal Pharmaceutical Society." This news fits in nicely with a report Wired ran a couple weeks ago about the hysteria behind H1N1.

An anonymous reader writes "According to Wired, 'A federal judge on Thursday overturned guilty verdicts against Lori Drew, and issued a directed acquittal on the three misdemeanor charges.'" A similar story in the L.A. Times notes that "The decision by US District Judge George H. Wu will not become final until his written ruling is filed, probably next week." Update: 07/02 21:15 GMT by T : For those not following, Lori Drew's three convictions sprang from charges of online harassment of Megan Meier, a Missouri teenager whose suicide was linked to Drew's actions.

An anonymous reader brings us another bump on the bumpy road of Chris Anderson's new book, Free: The Future of a Radical Price, which we discussed a week ago. Now the Times (UK) is reporting on a dustup between Anderson and Malcolm Gladwell, author of The Tipping Point, Blink, and Outliers. Recently Gladwell reviewed, or rather deconstructed, Anderson's book in the New Yorker. Anderson has responded with a blog post that addresses some, but by no means all, of Gladwell's criticisms, and The Times is inclined to award the match to Gladwell on points. Although their reviewer didn't notice that Gladwell, in setting up the idea of "Free" as a straw man, omitted a critical half of Stewart Brand's seminal quote.

DynaSoar writes "NASA is soliciting ideas from the public on how best to catalog and digitize the collected notes of Wernher von Braun. 'We're looking for creative ways to get it out to the public,' said project manager Jason Crusan. 'We don't always do the best with putting out large sets of data like this.' The PDF notes are those of rocket scientist Wernher von Braun, the first director of NASA's Marshall Spaceflight Center in Huntsville, Alabama and are typed with copious handwritten notes in the margin. According to the official request for information, NASA needs ideas on what format to use (PDF), how to index the notes, and how to create a useful database. The unique nature and historical value of the data, literally discovered in boxes six months ago, is what motivated NASA to ask the public for ideas."

jra writes "For over 5 years, various people both inside and retired from NASA have been engaged in a quest. They were looking for the long-lost original slow-scan video tapes from the Apollo 11 moon landing, which went missing in a record-keeping snafu, covered in unreasonable detail in a Wired article a couple years ago. Well now, according to the UK's Sunday Express newspaper, some tapes may or may not have been found which may or may not be the Apollo video. Apparently — I love the British press — the NASA boffins are a bit put out that it leaked; they were hoping to blow everyone's minds with the scoop themselves."

A story at Wired delves into the ongoing struggle between Google and Facebook to establish their competing visions for the future of the internet. "For the last decade or so, the Web has been defined by Google's algorithms — rigorous and efficient equations that parse practically every byte of online activity to build a dispassionate atlas of the online world. Facebook CEO Mark Zuckerberg envisions a more personalized, humanized Web, where our network of friends, colleagues, peers, and family is our primary source of information, just as it is offline. In Zuckerberg's vision, users will query this 'social graph' to find a doctor, the best camera, or someone to hire — rather than tapping the cold mathematics of a Google search. It is a complete rethinking of how we navigate the online world, one that places Facebook right at the center. In other words, right where Google is now." A related article at ReadWriteWeb suggests that while Facebook's member base is enormous, the company hasn't taken advantage of its influence as well as it should have, though the capability for it to do so still exists.

Xeger writes "University of Chicago researchers have found that streams of sand can behave in a similar manner to liquids, forming water-like droplets when poured from a funnel. To obtain these results, they dropped their expensive high-speed camera from a height of several meters and observed the sand forming into droplets — something that shouldn't happen without surface tension. These findings suggest that conventional engineering wisdom about sand, dirt and other grainy materials needs to be rethought, and that it might be possible to apply fluid dynamics to some solids problems."

MadAnalyst writes "The long-running $1,000,000 competition to improve on the Netflix Cinematch recommendation system by 10% (in terms of the RMSE) may have finally been won. Recent results show a 10.05% improvement from the team called BellKor's Pragmatic Chaos, a merger between some of the teams who were getting close to the contest's goal. We've discussed this competition in the past."

MadAnalyst writes "The long-running $1,000,000 competition to improve on the Netflix Cinematch recommendation system by 10% (in terms of the RMSE) may have finally been won. Recent results show a 10.05% improvement from the team called BellKor's Pragmatic Chaos, a merger between some of the teams who were getting close to the contest's goal. We've discussed this competition in the past."

Virtual_Raider writes "Wired is running a story about a new twist in the never-ending quest to prove P. T. Barnum's adage. Old: Scammers are creating fake news sites that look almost like the real thing. New: They are advertising on real news sites, making it difficult for unwary readers to catch on they are being duped with fake coverage of get-rich-quick scams. Among those running the scam 'news' ads are the Huffington Post and Salon. From the article: 'The story has art, it has a sidebar, there's weather, supposed reader comments — even ads. Steadman is described as "a mother from San Francisco" — at least, when I read the article. Thanks to cutting-edge reporting techniques perfected by News 5, she will automatically move to the geolocation of your internet IP address when you read it. Look, she lives right in your neighborhood!'" Forbes also wrote about the scam news sites a couple of weeks back.

SignalFreq writes "Tesla Motors, based in San Carlos, California, was approved yesterday for $465M in loans from the Department of Energy's Advanced Technology Vehicles Manufacturing program. Tesla plans to use $365M of the money to finance a manufacturing facility for the Model S (review, Letterman video) and $100M for a powertrain manufacturing plant in the SF Bay Area. 'Tesla will use the ATVM loan precisely the way that Congress intended — as the capital needed to build sustainable transport,' said Tesla CEO and Product Architect Elon Musk. Tesla expects the Model S to ship in late 2011 and the base cost to be $57,400 ($49,900 after a federal tax credit). Ford received $5.9B and Nissan received $1.6B under the same program."

Hugh Pickens writes "Watch a video of comedian John Hodgman speak after Barack Obama at the recent Radio and Television Correspondents Association dinner in DC and discuss the central question of our age: "how we can heal the great and shameful division that has plagued our nation for so long — the age old conflict between jocks and nerds" and ask Obama: Are you now, or have you ever been, a nerd?"

David Hume writes "electronicmaji is reporting on the Daily Kos that the individual known as ProtesterHelp (also to be found on twitter) was attacked in Ohio for providing network security for Twitterers in Iran, setting up private networks to provide secure proxies, calling for media networks to remove the Iranians Twitterers' information from their broadcast, and providing counter-intelligence services (including Basiji and Army Locations) within the Twitter community. ProtesterHelp was allegedly attacked by a group of men while walking to class in Ohio. The men, who appeared to ProtesterHelp to be either Iranian or Lebanese, drove up beside him and threw rocks at him while shouting, 'Mousavi Fraud.' ProtesterHelp further reported that his personal information has been leaked, and is currently being spread both online and inside of Iran amongst the government." Relatedly, Wired is also reporting that Google and Facebook have rushed out support for Persian. This move has allowed many pro-democracy groups to connect and translate their message to a broader audience.

snydeq writes "Rather than view it as a game-changer, Fatal Exception's Neil McAllister sees Opera Unite as a Hail Mary bid for Opera to stay in the game. After all, in an era when even vending machines have Web servers on them, a Web server on the Web browser isn't really that groundbreaking. What Opera is attempting is to 'reintermediate' the Internet — 'directly linking people's personal computers together' by making them sign up for an account on Opera's servers and ensuring all of their exchanges pass through Opera's servers first. 'That's an effective way to get around technical difficulties like NAT firewalls, but more important, it makes Opera the intermediary in your social interactions — not Facebook, not MySpace, but Opera,' McAllister writes. In other words, Opera hopes to use social networking as a Trojan horse to put traditional apps back in charge."

narramissic writes "A trifecta of Kindle-related news surfaced this week, with Jeff Bezos speaking at Wired's 'Disruptive by Design' conference on topics including Kindle pricing and business models. And yesterday, reports blogger Peter Smith, 'there was a flurry of blogging activity yesterday stating that Amazon had released the Kindle source code. Once everyone caught their breath, it became apparent that the files in question were just some open source libraries that Amazon had modified (they're being good open source citizens and releasing mods they've made to open source code — good for them!), not the complete source code.' Now, back to the Kindle pricing: According to a post at Wired, Bezos said Amazon opted to sell the Kindle for 'something akin to the actual cost for hardware,' rather than subsidizing the hardware costs and requiring a monthly subscription or requiring the buyer to purchase a certain number of books per month because 'fees and minimum purchase requirements create friction.' Smith has a different take: 'If I'm buying a Kindle from Amazon that enables me to buy books from Amazon, I'm broadcasting a desire to buy Kindle books. I would welcome some subsidization of the hardware since I'm going to be buying content anyway. No, I really think Amazon priced the Kindle the way they did because they thought they could get away with doing so (and they were right, it would seem).' Meanwhile, over at the New York Times, Bezos said 'that he sees Kindle-the-device and Kindle-the-book-format as two separate business models, and that the Kindle iPhone App won't be the last software reader to appear.'"

Hugh Pickens writes "Former CIA counterterrorism analyst Stephen Lee has an interesting article in the Examiner asserting that the National Security Agency is 'a secretive, hidebound culture incapable of keeping up with innovation,' with a history of disregard for privacy and civil liberties. Lee says that for most of its sixty-year history, the NSA has been geared to cracking telecom and crypto gear produced by Soviet and Chinese design bureaus, but at the end of the cold war became 'stymied by new-generation Western-engineered telephone networks and mobile technologies that were then spreading like wildfire in the developing world and former Soviet satellite countries.' When the NSA finally recognized that it needed to get better at innovation, it launched several mega-projects, tagged like 'Trailblazer' and 'Groundbreaker,' that have been spectacular failures, costing US taxpayers billions. More recently, the NY Times reported that the NSA has been breaking rules set by the Obama administration to peer even more aggressively into American citizens' phone traffic and email inboxes. Whistleblower reports portray NSA domestic eavesdropping programs as unprofessional and poorly supervised, with intercept technicians ridiculing and mishandling recordings of citizens' private 'pillow talk' conversations. Lee concludes that 'if the Federal government must play a role, then Congress and President Obama should turn to another agency without a record of creating mistrust — perhaps even a new entity. Meanwhile, NSA should focus on listening in on America's enemies, instead of being an enemy of Americans and their enterprises.'"

eldavojohn writes "In yet another bid to make your life a little more annoying, our DRM overlords at the AACS Licensing Authority have released a new AACS Adopter Agreement. The riveting, 188-page PDF will inform you that — in the name of Digital Rights Management — there will be new limitations set on devices that decrypt Blu-Ray discs. HDMI already has the awesome encryption of HDCP between the device and the display unit. But Blu-Ray still has the Achilles heel of analog players that allow someone to merely re-encode the analog signal back to an unencrypted digital format. So if you have an analog HDTV, hang on to those analog decoders and hope they never break; by 2013 you won't be able to buy a new one. Ars points out the inherent stupidity in this charade: 'Particularly puzzling is the fact that plugging the so-called "analog hole" won't stop direct digital ripping, enabled by software such as AnyDVD HD. And even the MPAA itself recommends using a camcorder pointed at a TV as a way to make fair use copies, creating another analog hole.' And so the cat and mouse game continues. On that subject, DVD Jon's legit company just brought out a billboard ad for his product doubleTwist next to Apple's San Fransisco store. It reads, 'The Cure for iPhone Envy. Your iTunes library on any device. In seconds.' So while he's busy taunting Apple, I'm certain there are others who might have some free time to look at Blu-Ray and the 'uncrackable' AACS."

Soychemist writes "When cancer patients get a heavy dose of chemotherapy and radiation, it can destroy their bone marrow. Umbilical cords contain stem cells that can regenerate the immune systems of young patients, but usually there are not enough of them to heal an adult. Len Zon, a doctor at Children's Hospital in Boston surmised that there must be a chemical that can make the cord blood stem cells divide, so that there will be enough of them to treat adult patients. He tested 2,500 chemicals on zebrafish embryos, and found one that does the trick. It was once on its way to becoming an ulcer medication, and now doctors are testing it on cord blood units that will be given to leukemia patients."

eldavojohn writes "You may be able to argue that a five-thousand-vote error is a small price to pay for a national election, but these errors are certainly inadmissible on a much smaller scale. According to the Rapid City Journal, a software glitch added 4,875 phantom ballots in a South Dakota election for a seat on the city council. It's not a hardware security problem this time; it's a software glitch. Although not unheard of in electronic voting, this bug was about to cause a runoff vote since the incumbent did not hold a high enough percentage of the vote. That is no longer the case after the numbers were corrected. Wired notes it's probably a complex bug as it is not just multiplying the vote count by two. Here's to hoping that AutoMark follows suit and releases the source code for others to scrutinize."

Dave Bullock writes "The National Ignition Facility (NIF) has been discussed several times over the years on Slashdot and just recently fired all of its 192 lasers. LLNL scientists predict NIF will attain ignition (controlled nuclear explosion) in 2010. For now, take a look at the photos I shot of NIF for Wired.com when I toured it earlier this year."

JMcCloy writes "Kevin Poulsen, senior editor at Wired News, asks readers 'Is internet voting safe?' and has a poll at the end of the article. So far, 32% responding actually think that internet voting is worth it, risks and all. It is scary how easily people can be persuaded to trust a system that is so vulnerable." The system described, used in Arizona in last year's election process, isn't just checking a box and clicking a button, but Poulsen lays out some scenarios by which it could be subverted.

Wolfgang Kandek writes "Hacker Jeff Moss, founder of computer security conferences DEFCON and Black Hat, has been sworn in as one of the new members of the Homeland Security Advisory Council (HSAC) of the DHS. Moss, who goes by the handle 'the Dark Tangent' says he was surprised to be asked to join the council and that he was nominated to bring an 'outside perspective' to its meetings. He said, 'I know there is a new-found emphasis on cybersecurity, and they're looking to diversify the members and to have alternative viewpoints. I think they needed a skeptical outsider's view because that has been missing.'"

Now that the industry is winding down after another E3, it's time to reflect on the relative success of the show. Paul Govan reflects with a GeekDad view of the "winners" of this years show. The question is, after the attempts to scale it back to a much more exclusive event, has E3 managed to escape obscurity and defeat at the hands of up-and-comers like PAX? Highlights of the show included Microsoft's new controller-less interface, a sexier PSP, and a myriad of releases from Nintendo.

Dave Bullock writes "The folks at SpaceX are working hard in their Hawthorne labs, cubicles and factory, building rockets that will hopefully bring future astronauts to the International Space Station. At the behest of Wired, I toured the former 747 factory which is now a rocket assembly line. 'Eschewing the traditional startup trappings of two college grads eating ramen, watching Adult Swim and coding until the wee hours of the night, SpaceX instead employs hundreds of brainiacs and builds its rockets in a massive hangar that once housed a 747 assembly line. Started in 2002 by PayPal founder Elon Musk, SpaceX (short for Space Exploration Technologies Corporation) brings a startup mentality to launching rockets into orbit, which until recently was almost exclusively government turf. The hope is that minimal bureaucracy, innovation and in-house manufacturing and testing can be used to put payloads into space at roughly one-tenth the cost of traditional methods.'"

Too Lazy to Login writes "Wired reports that, based on her previous decisions, Sonia Sotomayor will likely affirm high damages (read: RIAA excessive) in cases where copyright claims are at issue. Good thing I'm not a betting man, because I'd have guessed the exact opposite." We discussed the nominee's cyberlaw record in general last week.

Jumping on the completely unconfirmed rumor bandwagon, it seems that there have been photos leaked for the new iPhone, which include things like an auto-focus camera, video capture, and a compass. The photos were originally displayed (and then quickly removed) on a Chinese forum, and quickly spread to many other sites, including a complete human translation on the MacRumors forum. Looks like Apple security may have to break a few more pocket protectors to keep employees in line.

MaizeMan writes "Not for the easily distracted: a Belmont software developer's hand-built CPU was featured in Wired recently. Starting with a $50 wire wrap board, Steve Chamberlin built his CPU with 1253 pieces of wire, each wire wrapped by hand at both ends. Chamberlin salvaged parts from '70s and '80s era computers, and the final result is an 8-bit processor with keyboard input, a USB connection, and VGA graphical output. More details are available on the developer's blog."

Wired is reporting that Palm's new handheld device, the Pre, will be able to sync automagically with Apple's iTunes. Thanks to a team of ex-Apple engineers the Pre will sync everything but iPhone applications and some of the older Fairplay DRM music. "It does it by faking out iTunes, making the jukebox software think that it is connected to a real iPod. Hook it up and you'll be given three options: USB mass storage device, charging only or iTunes sync. This is a ballsy move from Palm, and we totally love it: a big fat middle finger at Apple. Apple will, we are sure, be readying its legal attack dogs as I write, and don't be at all surprised if an iTunes update pops up around June 6th. This fight just got a lot more interesting."

Yehuda writes "Wired reports, 'Yet another breach of sensitive, unencrypted data is making news in the United Kingdom. This time the breach puts Royal Air Force staff at serious risk of being targeted for blackmail by foreign intelligence services or others. The breach involves audio recordings with high-ranking air force officers who were being interviewed in-depth for a security clearance. In the interviews, the officers disclosed information about extra-marital affairs, drug abuse, visits to prostitutes, medical conditions, criminal convictions and debt histories — information the military needed to determine their security risk. The recordings were stored on three unencrypted hard drives that disappeared last year.'"

thanosk sends in a story at Wired Magazine about how online culture is, in many ways, trending toward communal behavior. Sharing and collaboration have become staples of active participation on the Internet, while not necessarily incorporating a particular ideology or involving a government. "Most people in the West, including myself, were indoctrinated with the notion that extending the power of individuals necessarily diminishes the power of the state, and vice versa. In practice, though, most polities socialize some resources and individualize others. Most free-market economies have socialized education, and even extremely socialized societies allow some private property. Rather than viewing technological socialism as one side of a zero-sum trade-off between free-market individualism and centralized authority, it can be seen as a cultural OS that elevates both the individual and the group at once. The largely unarticulated but intuitively understood goal of communitarian technology is this: to maximize both individual autonomy and the power of people working together. Thus, digital socialism can be viewed as a third way that renders irrelevant the old debates."

Wired has an interesting look at the sport of pushing proscribed boundaries in video games. Easter eggs in games have been around for years, but now finding surprises, intended or otherwise, is becoming a driving force behind the enjoyment of games. "In games as diverse as Fallout 3 and Mirror's Edge, players are pushing to find or create unexpected ways to break past the game horizon, and turn the designers' intentions on their heads. It's only a matter of time before someone releases a game where the best version is the one you were never intended to play. That's only to be expected, says David Michicich, CEO and creative director of Robomodo, the developers of Activision's new Tony Hawk: Ride, and a 14-year veteran game designer. 'Today's news gets old quick — we Twitter, blog, pass viral video. We thrive off the sudden excitement of the latest and most buzzworthy,' Michicich says. 'It's exciting to still feel like you can discover something new. It's stimulation, plain and simple.'"

oh-my-god sends word that the Swedish judge assigned to review whether the trial judge in the Pirate Bay trial was biased has now been removed — for bias. Here's a local news account in Swedish, which Google fails to translate. We've discussed the convolutions of this case on more than one occasion.

eldavojohn writes "So you're an aspiring band and you haven't signed with a record label. Maybe you've got a fan base interested in purchasing your stuff but you're not really into accounting? Enter Amazon's partnership with TuneCore, a CD printing and music distribution service. You want to sell a full album on Amazon of you brushing your teeth? $31. And you get about 40% back on sales, so selling nine digital copies of your CD will put you back in the black. There you have it, public availability on one of the largest online commerce sites for $31 — no RIAA involved!" TuneCore's CEO put it this way: "As an artist, you have unlimited physical inventory, made on demand, with no [sic] upfront costs and worldwide distribution to anyone who orders it at Amazon.com."

mikesd81 writes "Wired.com reports that you may not know it, but if you have a wireless router, a cordless phone, remote car-door opener, baby monitor or cellphone in your house, the FCC claims the right to enter your home without a warrant at any time of the day or night in order to inspect it. FCC spokesman David Fiske says 'Anything using RF energy — we have the right to inspect it to make sure it is not causing interference.' The FCC claims it derives its warrantless search power from the Communications Act of 1934, though the constitutionality of the claim has gone untested in the courts. 'It is a major stretch beyond case law to assert that authority with respect to a private home, which is at the heart of the Fourth Amendment's protection against unreasonable search and seizure,' says Electronic Frontier Foundation lawyer Lee Tien. 'When it is a private home and when you are talking about an over-powered Wi-Fi antenna — the idea they could just go in is honestly quite bizarre.'"

Wired is running a story inspired by the level of gore in the recent Wolverine game that wonders: how much is too much? It mentions a study we discussed in February which indicated that violence tended to interest gamers less than other characteristics. "... the longer you play a 'twitch' action game, the less you notice the cultural content — the gushing blood, the shrieks of agony. You're too busy focusing on the gameplay. I noticed this with Wolverine. For the first hour, I found the deranged bloodshed both shocking and exciting; it made me feel like I 'was' Logan, the grunting, killing-machine character from Marvel Comics' X-Men universe. But as I became more expert, the cultural shell of the game boiled away. In a sort of staring-into-the-cascading-numbers-of-the-Matrix way, I found myself looking past the visible aspects of the game and savoring the underlying, invisible mechanics of play. ... The game became pure physics and algorithms: Vectors, speed and collision detection. The gore had become mostly irrelevant."

eldavojohn writes "Wired has a piece on the new City of Heroes content that is created by players — or rather the severe abuse of it. Namely, creating missions for the characters. The problem is that gamers game this system, even though Paragon City has tried to maintain a good risk/reward ratio for experience in these missions. Making the situation even worse is that people who architect highly-rated missions get architect awards, which are redeemable for prizes — almost ensuring experience farming missions. Eric Heimburg (lead engineer and producer of Asheron's Call and the upcoming Star Trek MMO) comments on this: 'It may seem sad that giving the players what they want is detrimental to the player's overall length of enjoyment of the game, but that's the truth. Once you reached that top of the hill, if there's nothing left to do or see, players are likely to move on. Length of enjoyment (equals) amount of money earned, so developers have a strong incentive to keep players from gaining power and levels too quickly.' Matt Miller (lead designer of CoH), addressed the community on this very topic. This is resulting in an unexplained ban/loss of experience if you are determined to be abusing the mission architect, causing an uproar in the community. Is user-generated content a dead end for an MMORPG?" Update: 05/20 20:27 GMT by T : Rather than lead engineer of Asheron's Call or the Star Trek MMO, a correction at Wired says rather that "Heimburg worked as Star Trek Online's systems designer at Perpetual Entertainment, prior to the game's transfer to Cryptic Studio."

ryanguill writes "Wired has an article about expanding your five (maybe six) senses to allow you to sense other things such as direction. It also talks about hijacking other senses to compensate for missing senses, such as using electrodes in your mouth to compensate for lack of eyesight. Another example is a subject wearing a belt with 13 vibrating pads. The pad pointing north would vibrate giving you a sense of direction no matter your orientation: '"It was slightly strange at first," Wächter says, "though on the bike, it was great." He started to become more aware of the peregrinations he had to make while trying to reach a destination. "I finally understood just how much roads actually wind," he says. He learned to deal with the stares he got in the library, his belt humming like a distant chain saw. Deep into the experiment, Wächter says, "I suddenly realized that my perception had shifted. I had some kind of internal map of the city in my head. I could always find my way home. Eventually, I felt I couldn't get lost, even in a completely new place."'"

Frequent Slashdot contributor Bennett Haselton writes "A woman sued Yahoo because they wouldn't remove a page created by her ex-boyfriend pretending to be her and soliciting strangers for sex. What would be an effective system for large companies like Yahoo to handle 'impostor' complaints, without getting bogged down by phony complaints and unrelated disputes? This is a harder problem than it seems because of the several possible cases that have to be considered. One possible solution is given here." Read on for Bennett's analysis.

When I first heard that Yahoo had been sued because they refused to remove a page created by the ex-boyfriend of a woman named Cecilia Barnes to impersonate her -- portraying her as a slut looking for sex with strangers (who obliged by hounding her office with phone calls and e-mails) -- I thought Yahoo's conduct was indefensible. Even though, as the court ruled, they may have been exempt from liability under the Communication Decency Act of 1996, what possible excuse could Yahoo have had for the way they handled the situation, exposing Barnes to months of harassment, when it would have taken them only seconds to review the page, see that it was obviously causing harm, and remove it?

Then I thought more about the consequences of the rule that I was implicitly advocating by making that argument. Obviously, if an ISP has a policy of removing a user's page if some third party merely complains that the page is impersonating them, then one of your enemies could get your page removed by filing a complaint saying that they were really "you", and that your page was impersonating them. But if the ISP has a policy of not acting on such complaints, then someone could create a user account pretending to be you, and you wouldn't be able to get it removed.

In both cases, there are two problems. One is the fact that the ISP has to have a way to figure out who is telling the truth. The second is that the solution has to scale well, even for a company like Yahoo that probably gets so many complaints about user conduct every day that it would be impossible to read them all. It should be possible for genuine complaints about impostors, to reach the attention of the right people and get an account closed, without accounts being shut down because of (a) people who file complaints about 'rude behavior' that get unintentionally mixed in with 'impostor' complaints by someone who is too overworked to read them all very carefully; or (b) people who file outright false complaints that a given account is an 'impostor', just to get it shut down; or (c) people who are really sneaky, and file complaints about things like rude behavior, but who craft the complaints in a way that is deliberately designed to get them mixed in with the 'impostor' reports, in order to get the account shut down (this way, if the complainer ever sued or otherwise confronted about the complaint that they filed, they can say that they "didn't lie"!).

It's hard to think of a solution that covers all of these bases. For example, John Morris of the Center for Democracy and Technology explained how many ISPs use faxed driver's licenses to decide impersonation complaints:

In many cases involving real people, the challenged site (whether it is a legit site or a bogus site) contains one or more photographs of the person involved. What service providers do in this case is to get the person to submit a copy of their driver's license, and the provider decides whether the person submitting the license is the same person depicted in the photos. And if so, that person is the one who can control whether the site stays up or not. This works in lots of cases (because pictures are often, but certainly not always, involved).

The problem is that even this could be abused when used against a company like Yahoo that handles an extremely high volume of complaints. Suppose that Yahoo publishes a standard procedure for submitting complaints about impersonation, that includes the requirement of a faxed driver's license. Abusers of the system would figure this out, and they could start filing "complaints" against users and websites by faxing in complaint letters along with a copy of their driver's license, where the letters were not complaints about impersonation at all, but just bogus complaints about other things like "This guy was mean to me". Because the driver's license accompanying the letter is real and the statements in the letter are true (or at least a matter of opinion), the complainer can't be accused of lying or forging government documents. And if anyone ever challenged them and asked, "Why did you send your driver's license with the complaint letter? Weren't you trying to trick the ISP into thinking that this was an impersonation complaint so they would take it seriously?", the complainer could play dumb and say, "Well, I heard that if you file a complaint against someone, you're supposed to fax your driver's license with it." But if Yahoo is still getting too many messages to sort through them carefully, some of these crank complaints could still get users' accounts shut down.

So now you have an interesting, non-trivial problem. Before reading further, it's worth thinking about how you would solve this. What's a good policy that would honor legitimate complaints, without giving cranks a way to get their enemies' pages shut down for no reason, and that would scale well for large companies like Yahoo? There are really two questions here: (1) What would you do if you were drafting an ISP policy and trying to balance the interests of all parties? and (2) What would you do if you were drafting a law requiring ISPs to implement certain policies, also while balancing the interests of all parties? (The best solution may be no law at all, but I think you would have to argue that position, rather than taking the default libertarian stance and simply assuming that. After all, the "no law" status quo didn't do much good for people like Cecilia Barnes who had a legitimate grievance and couldn't get anybody to listen.)

The non-verifiability of complaints is the same problem that I've posed to hard-core anti-spam advocates who have said that ISPs should have a zero-tolerance policy towards spam and cancel any account that is generating spam complaints. The problem with that is that unless the ISP has logs of all mail sent out by a customer (and if the customer is leasing a dedicated server, this would usually not be the case), the ISP can't tell for sure if a spam complaint is real or not. If they adopt a policy of removing a site in response to a complaint (or three or ten complaints), then someone could easily get one of their enemies' sites shut down by filing phony spam complaints sent from multiple Hotmail or Gmail accounts. (You would have to forge some e-mail headers to make it look convincingly like the spam came from the site in question, but this is not very difficult.) If the hosting company has a policy of kicking customers off in response to some threshold number of spam complaints, then a dedicated adversary could just file that many complaints until the customer was terminated. On the other hand, if the hosting company won't kick off customers for any number of spam complaints, then they have no deterrent against their customers spamming. (This is mostly an academic question, because I tried filing complaints against all the dozens of spammers who spammed me in a given one-day period a few years ago, and none of the hosting companies terminated any of the sites I complained about. I wouldn't have expected any of them to terminate a customer based on one complaint, but I assume that some of the hosting companies were getting spam complaints about those customers from other people as well.)

The big difference between spam incidents and impersonation incidents, is that while there may be no reliable record of whether a piece of mail was sent in the past or not, the fact of whether the Yahoo user "bennetthaselton" really is Bennett Haselton is something that can be determined with evidence that still exists in the present day. Some kinds of evidence are more readily available than others. If I were drafting an internal policy for an ISP on when to remove pages in response to an impersonation complaint, I would take care of the low-hanging-fruit cases first:

• If the page directs people to contact the page owner at an e-mail address or phone number (as the page created by Barnes' ex-boyfriend did), and you e-mail the address or call the number and someone answers by saying, "No, I didn't create that page, it's a fake", then you don't need to do any checking of the real-world identities of the parties involved -- all you need to know is that the page purports to be created by the owner of that phone number, but it isn't, so it's a fake and should be removed. This would take care of the most vicious cases of goading visitors into harassing someone directly.

  (Although I'd make clear in the policy that this wouldn't apply to consumer pages about companies, telling visitors to call such-and-such a company to complain about their conduct. Encouraging people to air their grievances is legitimate as long as the page owner isn't claiming to actually represent the company. I'm ducking the question of whether this should apply to pages about individuals -- if I make a page saying, "My ex is a skank, call her at this number for a 'good time'," am I infringing on her rights? But since I'm not claiming to be her, the situation wouldn't be covered by a policy about impersonation pages.)

• If the page is created by a paid user, then you can check if the real name on file with their credit card information, matches the name on the site. If it doesn't, that doesn't necessarily mean the page is a fake (possibly one person paid for the account while another one created the content), but if it does match, the page owner is probably not guilty of impersonating anyone. (Here I'm ducking the question of what to do if someone shares their name with a celebrity -- for example, if your name really is Julia Roberts and you create a page saying "Hi, I'm Julia Roberts", that's probably not enough to count as impersonation. But what if you talk about your interest in film and your exploits as an actress in local community theater, how much are you allowed to let people think that you might be "the Julia Roberts?)

• If the page violates the hosting company's Terms of Service in other ways, then it can be removed without determining whether the page owner is guilty of impersonation or not. The Yahoo Terms of Service doesn't actually mention sexual content (they used to allow users to post "adult profiles" in their Yahoo Profiles accounts as long as the profile owner flagged them as such), but the document prohibits content that is "vulgar" or "...otherwise objectionable". I haven't seen the page created by Barnes's ex-boyfriend soliciting strangers for sex, but it probably violated the Terms of Service in itself.

And there may be other low-hanging-fruit options that I'm not thinking of. But what if there is no easy call, because none of these simplifying factors apply? A user creates a profile on a free site claiming to be Mr. X. A third party complains that they are the real Mr. X and that the profile is fake. What should the ISP do, if they don't want to spend money verifying the real-world identities of the parties involved, every time they get a crank complaint about any users on their system?

This is essentially an economics problem. Cecilia Barnes wasn't asking Yahoo to do anything that would have been too burdensome for them -- the "labor" required to look at a faxed copy of her driver's license probably wouldn't have cost more than $5, at which point Yahoo could have initiated the process of shutting the page down, which they already have built-in procedures for. The benefit to her of getting the page shut down could have been valued in the hundreds or thousands of dollars. Normally, when you need someone else to do something that costs them $5 worth of effort and brings you $1,000 worth of benefit, the natural arrangement is to pay them, but Yahoo doesn't offer this as an option.

In fact, I assume the real cost to Yahoo here would not have been actually reviewing Barnes's complaint, but actually finding it buried among all the bogus complaints that they receive, and noticing that it had real merit. Again, including a $5 payment would be one way to ensure that your complaint gets taken more seriously than all the others. But while the $5 fee might have helped in this specific situation, it's easy to imagine how that could set a bad precedent -- ISPs charging exhorbitant fees for users to submit abuse complaints to them, or users not filing complaints because they didn't want to share their payment information or pay money at all.

So, rather than paying a small fee directly, a better approach might be to require complainants to post some sort of "bond" -- which may not be something financial, as some examples will show -- in order to get their complaint to the front of the queue. Recall the example of submitting your driver's license along with an impersonation complaint. It's important to understand the subtle reason why this procedure actually works. It's not because someone couldn't still file a bogus complaint with a phony ID. (While it's somewhat hard to create a fake driver's license that you can hold in your hand, creating a fake faxed driver's license would be easy.) It's because if the complainant is lying, now they can be prosecuting for forging government documents. Essentially the complainant is posting their freedom as a "bond", going out on a limb and saying: "I can't prove to you that I'm telling the truth. But now you know that if I'm lying, I'll go to jail. Bet you the other guy won't be willing to make a binding promise like that."

So naturally I'd put that in the ISP's policy as well: If someone sends in a complaint about our user impersonating them, and they're willing to fax in a copy of their government ID proving that they are who they say they are, and we can verify that the page owner is claiming to actually be that person (and not merely complaining about that person or their business), then we would remove the page unless the account owner can submit even more compelling evidence that they are who they say they are.

This addresses the problem of the impersonation complaints that are completely fake. However, you still have the problem of what to do about people who fax in their driver's license along with letters saying "This guy is a jerk", hoping to get someone's account closed down. If a company like Yahoo is too big to read through all the complaints carefully, then it becomes hard to sort through the complaints to see which ones are really about impersonation and which ones are about other behavior that doesn't violate their TOS.

What might be a solution would be to borrow some of the non-terrible aspects of the Digital Millenium Copyright Act. The two most controversial provision of the DMCA are (1) a ban on software that enables the user to circumvent copyright restrictions, and (2) a requirement that ISPs have to respond to copyright-violation "takedown" notices in a certain manner. As I've said before about the DMCA, I'm opposed to #1 in principle because I think software should be protected by the First Amendment; I'm not against #2 in principle, but just concerned about how it could be abused in practice.

But one thing the DMCA does is solve the "sorting problem" -- how to get complaints about copyright violations to the top of the pile. Service provides often have a procedure for handling DMCA complaints that is separate from the regular complaint channels. The DMCA also provides protection for users against phony complaints, by stipulating that anyone who files a false complaint can be sued for statutory damages and attorney's fees, as in a case where Diebold, Inc. agreed to pay $125,000 as a penalty for sending false "takedown" notices. In other words, the DMCA solves the "bonding" problem too -- by sending a DMCA complaint, a user is effectively saying, "I agree to pay big money if I'm lying. So, I'm probably telling the truth."

So, a law addressing how ISPs should handle "impersonation" pages, modeled after the DMCA to solve the "top of the pile" problem and the "binding promise" problem, might go something like this:

• For a user to file a complaint, the complaint should cite the name of the anti-impersonation law, as in, "This complaint is being filed under the Anti-Impersonation Act of 2009". This gives ISPs an easy way to sort these complaints to the top of the pile, the same way that they have specialized channels for handling DMCA complaints.
• In the complaint, the user has to assert unambiguously that the page they are complaining about is impersonating them, and is not merely posting gripes about them or their business.
• The complaint should include a copy of a government-issued ID. (Again, this is not because this is hard to forge, but because now the complainant is promising, "If this is fake, I'll go to jail.")
• If the impersonation page is directing visitors to call a phone number or e-mail an e-mail address, and the takedown notification to the ISP includes a request to call that number or e-mail that address to verify that it doesn't actually belong to the page owner, then the ISP should follow up on that within a given time period of receiving the complaint. (And once they call that number or e-mail that address and get a response saying, "No, that page is definitely not mine", then the ISP should shut the page down.)
• Anyone who files a phony complaint citing that statute, can be held liable for statutory damages and attorney's fees, and if they faxed a phony government ID, then they can be prosecuted for that as well.

The problem-solver in me says that this is one way to ensure that legitimate complaints will be acted on, while making phony complaints much harder and riskier. It also seems to me that this is a minimal solution, in the sense that if you remove any part of it, it no longer solves the problem. For example, if you remove the part about complaints having to cite the anti-impersonation law, then you no longer have an effective means for these complaints to get to the top of the pile. And if you remove the part about civil penalties for filing phony complaints, then you no longer have any disincentive for people to tie up the system with crank complaints trying to get their enemies' accounts cancelled. Perhaps others can come up with an alternative solution that meets the logical requirements of enabling real complaints while discouraging fake ones. Meanwhile, the civil libertarian in me doesn't get a queasy feeling from it right away. It seems that it could only be used to stop cases of actual impersonation, and even as a free speech advocate I don't think that you have the moral right to impersonate someone else in a non-satirical manner for the purpose of actually deceiving or harassing people.

But even the absence of such a law is hardly an excuse for what Yahoo did. All they had to do is go to the page, look at the phone number, call the number and hear her say, "Yes, this is me and no that's not my page", and shut it down. The fact that they couldn't do this, shows a contempt for the process of handling legitimate complaints. Apart from the harm caused to Cecilia Barnes directly, incidents such as these might lead to Congress narrowing the scope of the immunity given to providers for hosting content posted by their users. Of course I'm technically suggesting a law that would narrow the scope of that immunity too, but only in a very narrowly prescribed way. If, on the other hand, Congress or the courts ever adopt the vague principle that providers can be held "jointly responsible" for whatever their users say once they've been "made aware" of it, it's going to get a lot harder for people to find Web hosting who have anything controversial to say.

Death Metal suggests we peruse a piece up at Wired on how the Obama administration's draft guidelines for stem cell research could invalidate hundreds of cell lines. "Under the Obama administration's proposed rules for funding embryonic stem cell research, hundreds of existing cell lines could be ineligible, even those that qualified under President Bush. The guidelines were written by the National Institutes of Health and are currently in draft form and expected to be finalized in July. But in their current state, they restrict funding to stem cell lines produced according to new rules that are only now being established. Few existing cell lines will meet those requirements. 'The so-called Presidential lines aren't suitable for actual medical application,' said Patrick Taylor, deputy counsel at Children's Hospital Boston, who criticized the NIH guidelines in a paper published Thursday in Cell Stem Cell. 'But we're talking about many, many more lines. The new lines were created with extensive ethical oversight. They're at stake here.'"