Friday, July 25, 2008

Airplane Eightball Yin-Yang Glasses

Mailbox! Open Mailbox!

Truthy


Domino's Scientists Test Limits Of What Humans Will Eat

THEMIS Mission results

Aurora and magnetohydrodynamics, two of my all time favorite subjects! What's not to love about THEMIS??

Nothing must be held sacred.

PZ does a surprisingly good job with the communion cracker dealie. I was impressed, in part I suppose because I thought it was silly and irrelevant, but PZ turned this into a "teaching moment". Not for the folks who are complaining, anyone who believes a piece of bread is the literal and absolute incarnation of the Creator of the Universe and can be harmed by *not* eating it, is too far gone to find their way out. It was something for the rest of us to remind us how silly yet powerful the opposition can be.

Thursday, July 24, 2008

The 400

I bought a new car today, a limited edition 2008 RX-8, 40th Anniversary edition. The negotitation was very, very tough and the dealership had a floor which I could not get past. It was higher than I wanted to pay, but not by a lot, and the guy absolutely would not go lower. In the end, we were arguing over increments of $10, so I accepted and wrote a check. I knew that it was a "limited edition" but I had already talked him out of the "premium" for it and a discount for buy a 2008 model car in a 2009 model season (which started last week). What I didn't know was how many cars were in the "special edition".

Celebrating 40 years of rotary engine production, Mazda has revised the suspension and trim levels on just 400 RX-8 coupes.
Bilstein sports suspension replaces the RX-8’s standard set up, while at the front, Mazda has filled the front suspension with foam in a bid to reduce road noise and vibration.
The 40th Anniversary Limited Edition RX-8 will get two exclusive exterior colours – Metropolitan Grey Mica and Crystal White Pearlescent.
Inside, the seats are trimmed in black leather with centre sections swathed in Alcantara, matching the steering wheel, handbrake and gear levers’ trim.
And for the ultimate RX-8 exclusivity, each 40th Anniversary model comes with a stainless-steel scuff plate etched with the car’s individual number – starting from 001/400.


I pick it up on Saturday, so I can find out which one I have then. Looking back on it, I am shocked I got it as cheap as I did. Technically though, it's 400 in the US, 200 in Japan, 100 in Canada and the UK.

Online pictures of my exact model here (its the grey one).

Good review (with pictures of the exact model) here.

I found where a YouTube with Top Gear's opinion.

Annals of Questionable Messaging

LOL!

Wednesday, July 23, 2008

My Little Pwnie

The 2nd Annual Pwnie Award Nominaitons are up.

Some interesting bits:

Pwnie for Best Client-Side Bug Nominees

Safari carpet bomb (CVE-2008-2540)
Discovered by: Laurent GaffiƩ, Nitesh Dhanjani and Aviv Raff
Nitesh Dhanjani discovered a design error in Safari that allows an attacker to automatically download files to the user's configured download directory (~/Downloads on Leopard, the desktop on previous versions of OS X and Windows). This can be used for a variety of attacks. First, you can litter the user's desktop with files or drop malware onto their desktop, hoping that the user will click run it. Or you can just let Internet Explorer load a planted DLL
automatically. This vulnerability also has the dubious distinction of bringing the term "blended threat" into the security vernacular.


Slirpie
Discovered by: Dan Kaminsky, RSnake, Dan Boneh
Presented at Toorcon 2007, this attack used DNS Rebinding to bypass the Same Origin Policy and build a tunnel into a remote network using only a lured web browser (and its associated grab bag of Web 2.0 technologies like Flash, Java, and JavaScript). This vulnerability can best be described as a design bug in the Web 2.0 and we're all waiting for it to be fixed in Web 2.0 Service Pack 1.


Pwnie for Most Epic FAIL Nominee:

Todd Davis, Lifelock CEO for posting his SSN on the web

Todd Davis, CEO of a fraud-prevention company called Lifelock, had publicly posted his Social Security number (
457-55-5462) to show his confidence in the services offered by his company. Of course, a clever marketing stunt does not mean that the protection is actually worth anything. As expected, it did not take long for Davis' identity to get stolen: somebody in Texas got $500 from an online payday loan company using Davis' SSN.

Windows Vista for proving that security does not sell

$100,000,000 invested in security and what does Microsoft have to show for it? Customers are revolting against Windows Vista and nobody who has a choice is choosing to upgrade. It doesn't matter that Vista really is the most secure Microsoft operating system ever made, all customers care about is the annoyance of the UAC prompts, the confusing user interface and the insane hardware requirements.
The good thing about the Vista debacle is that no other vendor will care to do such a security push, which means that we'll be able to easily own any piece of software for the foreseeable future.