Mystery signal from a helicopter


Oona Räisänen discovers and decodes the exact telemetry data of a news helicopter from a YouTube video. Awesome.

Is Your Compiler Undermining Your Secure Coding?


While this check appears to work with a flat address space, it fails on a segmented architecture. Therefore, the C standard states that an overflowed pointer is undefined, which allows gcc to simply assume that no pointer overflow ever occurs on any architecture.

Under this assumption, buf + len must be larger than buf and thus the “overflow” check always evaluates to false. Consequently, gcc removes the check, paving the way for an attack to the system.

Plugging in a BlackBerry device grants read/write access to %APPDATA% to anyone on your network


Tavis Ormandy:

BlackBerry Link is the synchronization and management software for BlackBerry 10, and I couldn’t help notice it immediately spawns an nginx process after installation.

Locating the nginx configuration, I found it’s being used as a WebDAV server, listening on an IPv6 address I don’t recognise. It appears to be serving my %APPDATA% directory with no access control or authentication.

Don’t Fly During Ramadan


A sad, shocking look at what flying while brown looks like in today’s United States.

The Warplanes – Live at Stubb’s


Luke at Stubb's

My friends (and fantastic band) The Warplanes played a set at the legendary Stubb’s a few weeks ago. See more photos from a great show above.

Do You Have a Right to Remain Silent?


Orin Kerr’s analysis of yesterday’s Salinas v. Texas Supreme Court decision that portends a shaky future for Fifth Amendment protections given the current composition of the court.

Packets of Death


Kristian Kielhofner:

All of a sudden it’s become clear why this issue was so sporadic. I’m amazed I tracked it down at all. I’ve been working with networks for over 15 years and I’ve never seen anything like this. I doubt I’ll ever see anything like it again.

Love this kind of stuff.

Nuns Meet to Weigh Reply to Vatican


The Vatican’s “doctrinal assessment,” issued in April, accused the nuns of a host of transgressions, including featuring speakers at conferences who did not adhere sufficiently to Catholic beliefs, advancing “radical feminist themes,” permitting “corporate dissent” on church teachings against birth control and homosexuality, and being silent in the church’s fight against abortion and same-sex marriage while pouring energy into working for the poor and disenfranchised.

I think it’s clear which of the two is practicing the actual teachings of Christ.

Leon Panetta’s explicitly authoritarian decree


But this is one of the towering, unanswerable hypocrisies of Democratic Party politics. The very same faction that pretended for years to be so distraught by Bush’s mere eavesdropping on and detention of accused Terrorists without due process is now perfectly content to have their own President kill accused Terrorists without due process, even when those targeted are their fellow citizens: obviously a far more Draconian and permanent abuse than eavesdropping or detention (identically, the very same faction that objected to Bush’s radical whole-world-is-a-Battlefield theory now must embrace exactly that theory to justify how someone riding in a car, or sitting at home, or sleeping in his bed, in a country where no war is declared, is “on a battlefield” at the time the CIA ends his life).

Feds Falsely Censor Popular Blog For Over A Year, Deny All Due Process, Hide All Details…


There are so many things about this story that are crazy, it’s difficult to know where to start, so let’s give the most important point first: The US government has effectively admitted that it totally screwed up and falsely seized & censored a non-infringing domain of a popular blog, having falsely claimed that it was taking part in criminal copyright infringement. Then, after trying to hide behind a totally secretive court process with absolutely no due process whatsoever (in fact, not even serving papers on the lawyer for the site or providing timely notifications — or providing any documents at all), for over a year, the government has finally realized it couldn’t hide any more and has given up, and returned the domain name to its original owner. If you ever wanted to understand why ICE’s domain seizures violate the law — and why SOPA and PROTECT IP are almost certainly unconstitutional — look no further than what happened in this case.

Washington Isn’t Broken, the Republican Party Is


Brian Goldsmith:

And so, when a Democratic president, who cares about discretionary spending, and who knows it’s not a significant source of red ink, offers a massive $1 trillion cut to that spending, that is a real compromise. When President Obama also offers $650 billion in entitlement cuts over 10 years — cuts that would hurt his party’s constituents and anger his strongest supporters, that is a real compromise. When the White House offers hundreds of billions less in new revenue than any of the three (rather center-right) bipartisan budget proposals on the table — indeed, offers almost $4 in spending cuts for every $1 in new revenue — that is a real compromise.

Democrats should note that the president was so desperate for a deal he went well to the right of the proposals to which rock-ribbed Republicans like Sen. Tom Coburn and former senator Pete Domenici had agreed. Republicans should note that nobody is talking about higher tax rates, but about eliminating loopholes, subsidies, and deductions, and doing fundamental tax reform in a way that conservative economists have advocated for decades.

When Patents Attack!


A fantastic in-depth examination of the types of patent trolls presently infecting the software industry in this week’s This American Life.

Terrorism Training Casts Pall Over Muslim Employee


A man named John Guandolo, whose career highlights include being fired for having an affair with the government’s star witness against Rep. William Jefferson while undercover, has a new job courtesy of the wingnut welfare program: giving counter-terrorism presentations to local police departments. He does not have any form of accreditation or licensing to do so. He spent an entire “training session” accusing the head of Ohio’s Muslim outreach program, an American citizen, of being a terrorist without a shred of evidence. The FBI and the Joint Terrorism Task Force immediately sent top agents to refute Guandolo’s charges.

NPR reports:

Nearly a dozen sources contacted by NPR in the intelligence community, the FBI and at the Department of Homeland Security said Omari has no links to terrorists or terrorism. They said the accusations against him are unfounded.

The end result? Omar al-Omari lost his job following a six-month witch hunt for submitting a properly edited résumé. Guandolo continues to provide his “services” unabated, including a scheduled session for the CIA next month.

The Rise and Fall of the Independent Developer


Craig Hockenberry:

The scary part is that these infringements can happen with any part of our products or websites: things that you’d never imagine being a violation of someone else’s intellectual property. It feels like coding in a mine field.

From our experience, it’s entirely possible that all the revenue for a product can be eaten up by legal fees. After years of pouring your heart and soul into that product, it’s devastating. It makes you question why the hell you’re in the business: when you can’t pay salaries from product sales, there’s no point in building it in the first place.

Israel Bans Boycotts Against the State


Isabel Kershner:

Mr. Elkin, the sponsor of the legislation [that effectively bans any public call for a boycott against the state of Israel or its West Bank settlements, making such action a punishable offense], said that its principal importance was “the fact that the calls to boycott the State of Israel increasingly have come from within our own midst, and that makes it hard to wage a battle against a boycott in the world.”

What the Inhofe Case Tells Us


Senator James Inhofe endangered the lives of at least a dozen construction workers by “sky-hopping” over them1 on a Cameron County Airport runway that was clearly marked closed with large yellow Xs and NOTAMs2 As a result, he received the absolute lightest possible punishment from the FAA; any other pilot would have had their license revoked immediately. His response? “I did nothing wrong,” as well as some new legislation designed to remove even more regulatory oversight capacity from the FAA.

James Fallows’ reader is right; it’s yet another example of the law simply not applying to those in positions of power. Inhofe is openly flaunting it.

  1. Airport Manager Marshall Reece later told the FAA: “I’ve got over 50 years flying, three tours of Vietnam, and I can assure you I have never seen such a reckless disregard for human life in my life.” Audio from multiple workers in the immediate aftermath of the incident can be found here. []
  2. NOTice to AirMen; public notices that every pilot is required by Federal Aviation Regulations to check for every airport they plan to use. []