You are hereFeed aggregator

Feed aggregator


XKCDblog - 2014, May 30 - 11:17

Back in early March, I posted comic #1337, Hack, about a wayward spacecraft. ISEE-3/ICE was returning to fly past Earth after many decades of wandering through space. It was still operational, and could potentially be sent on a new mission, but NASA no longer had the equipment to talk to it—and announced that reconstructing the equipment would be too difficult and expensive.

ISEE-3 is just a machine, but it’s a machine we sent on an incredible journey; to have it return home to find our door closed seemed sad to me. In my comic, I imagined a group of internet space enthusiasts banding together to find a way to take control of the probe—although I figured this was just a hopeful fantasy.

I wasn’t the only one who liked the idea of “rescuing” ISEE-3. In April, Dennis Wingo and Keith Cowing put up a crowdfunding project on RocketHub to try to learn how the lost communications systems worked, reconstruct working versions of them, obtain use of a powerful enough antenna, and commandeer the spacecraft. It seemed like an awfully long shot, but I contributed anyway.

Well, yesterday, Cowing and his team announced, from the Arecibo radio telescope in Puerto Rico, that they are now in command of the ISEE-3 spacecraft.

Congratulations to the team, and good luck with your new spaceship! Watch out for hackers.

Categories: Blogs

Clarion SF/F writeathon: write, sponsor writers, help a new generation

Cory Doctorow - 2014, May 30 - 08:45

Once again, it's time for the Clarion Writers Workshop writeathon - we need writers and sponsors to help fund the Clarion Workshop, the respected, long-running science fiction writers' bootcamp. A writeathon is just what is sounds like: a fundraiser where writers ask their friends to sponsor their writing. I'm writing 1,000 words a day, five days a week, on UTOPIA (working tile), a novel for adults: you can sponsor me here. (Disclosure: I'm proud to volunteer as a board member for the 501(c)3 nonprofit Clarion Foundation)

Categories: Blogs

An Imagined Letter from the TrueCrypt Developer(s)

Steve Gibson - 2014, May 29 - 07:51

As I wrote yesterday, we know virtually nothing about the developer(s) behind TrueCrypt. So any speculation we entertain about their feelings, motives, or thought processes can only be a reflection of our own. With that acknowledgement, I’ll share the letter I think they might have written:

TrueCrypt is software. Frankly, it’s incredibly great software. It’s large, complex and multi-platform. It has been painstakingly designed and implemented to provide the best security available anywhere. And it does. It is the best and most secure software modern computer science has been able to create. It is a miracle, and a gift, and it has been a labor of love we have toiled away, thanklessly for a decade, to provide to the world… for free.

TrueCrypt is open source. Anyone could verify it, trust it, give back, contribute time, talent or money and help it to flourish. But no one has helped. Most just use it, question it and criticize it, while requiring it to be free, and complaining when it doesn’t work with this or that new system.

After ten years of this mostly thankless and anonymous work, we’re tired. We’ve done our part. We have what we want. And we feel good about what we have created and freely given. Do we use it?  Hell yes.  As far as we know, TrueCrypt is utterly uncrackable, and plenty of real world experience, and ruthlessly still-protected drives, back up that belief.

But hard drives have finally exceeded the traditional MBR partition table’s 32-bit sector count. 2.2 terabytes is not enough. So the world is moving to the GPT. But we’re not. We’re done. You’re on your own now. No more free lunch.

We’re not bitter. Mostly we’re just tired and done with TrueCrypt. Like we wrote above, as far as we know today, it is a flawless expression of cryptographic software art. And we’re very proud of it. But TrueCrypt, which we love, has been an obligation hanging over our heads for so long that we’ve decided to not only shut it down, but to shoot it in the head. If you believe we’re not shooting blanks you may want to switch to something else. Our point is, now, finally, it’s on you, not us.

Good luck with your NSA, CIA, and FBI.

Please also see Brad Kovach’s blog posting about this topic. Very useful.


Categories: Blogs

Whither TrueCrypt?

Steve Gibson - 2014, May 28 - 16:15

My guess is that the TrueCrypt self-takedown
is going to turn out to be legitimate.

We know NOTHING about the developers behind TrueCrypt.

Research Professor Matthew Green, Johns Hopkins Cryptographer who recently helped to launch the TrueCrypt Audit, is currently as clueless as anyone. But his recent tweets indicate that he has come to the same conclusion that I have:

  • I have no idea what’s up with the Truecrypt site, or what ‘security issues’ they’re talking about.
  • I sent an email to our contact at Truecrypt. I’m not holding my breath though.
  • The sad thing is that after all this time I was just starting to like Truecrypt. I hope someone forks it if this is for real.
  • The audit did not find anything — or rather, nothing that we haven’t already published.
  • The anonymous Truecrypt dev team, from their submarine hideout. I emailed. No response. Takes a while for email to reach the sub.
  • I think it unlikely that an unknown hacker (a) identified the Truecrypt devs, (b) stole their signing key, (c) hacked their site.
  • Unlikely is not the same as impossible. So it’s *possible* that this whole thing is a hoax. I just doubt it.
  • But more to the point, if the Truecrypt signing key was stolen & and the TC devs can’t let us know — that’s reason enough to be cautious.
  • Last I heard from Truecrypt: “We are looking forward to results of phase 2 of your audit. Thank you very much for all your efforts again!”

I checked out the cryptographic (Authenticode) certificate used to sign the last known authentic version (v7.1a) of TrueCrypt, signed on Feb. 7th, 2012:

You’ll notice that nine months after being used to sign the v7.1a Windows executable the signing certificate expired (on November 9th of 2012.)

The just-created Windows executable version of TrueCrypt, v7.2, was signed on May 27th, 2014 with THIS certificate:

You’ll notice that the certificate which signed it was minted on August 24th of 2012, a few months before the previous certificate was due to expire, just like we’d expect, and also by the same CA (GlobalSign), though having a longer public key (4096 bits). This all exactly passes the smell test.

In a comment below, Taylor Hornby of Defuse Security noted that “The GPG signatures of the files also check out. The key used to sign them is the same as the one that was used to sign the 7.1a files I downloaded months ago.” So, again, this speaks of either a willful and deliberate act by the developers, or a rather stunning compromise of their own security. While, yes, the latter is possible, it seems much more likely, if also much less welcome, that TrueCrypt has been completely abandoned by its creators.

So, given the scant evidence, I think it’s much more likely that the TrueCrypt team – whomever they are – legitimately created this updated Windows executable and other files which would imply that they also took down their long-running TrueCrypt site.

Which, of course, leaves us asking why?  We don’t know because we don’t know anything about them or their motives. They might be in Russia or China where Windows XP is still a big deal (with a more than 50% share) and personally annoyed with Microsoft for cutting off support for Windows XP.  Or anything else.

What’s creepy is that we may never know.


Categories: Blogs

Talking with APM’s Marketplace about the Disneyland prospectus

Cory Doctorow - 2014, May 27 - 23:53

I was on American Public Media’s Marketplace yesterday talking (MP3) about our posting of a rarer-than-rare Disney treasure, the never-before-seen original prospectus for Disneyland, scanned before it was sold to noted jerkface Glenn Beck, who has squirreled it away in his private Scrooge McDuck vault.

Categories: Blogs

Kakapo chick imminent?

Another Chance to See - 2014, March 2 - 18:12

Sirocco Kakapo (@Spokesbird) tweeted at 1:31 PM on Sun, Mar 02, 2014: Boom! Cheeping can be heard from inside Lisa's crushed-but-taped-up egg! Claws crossed for some good news today: (

--- Originally published at

Categories: Blogs

Kakapo chick hatched!

Another Chance to See - 2014, March 2 - 18:09

Sirocco Kakapo (@Spokesbird) tweeted at 7:43 PM on Sun, Mar 02, 2014:Skraaarrrk! I'm so very pleased to introduce you to the very first kākāpō chick of 2014: (
--- Originally published at

Categories: Blogs

2014 Douglas Adams Memorial Lecture

Another Chance to See - 2014, February 26 - 10:18

This year's lecture is March 11th at 7:30pm. For more information please visit this page at Save The Rhino: The Science of Harry Potter and the Mathematics of The SimpsonsThis year's lecture will explore a theme close to the hearts of many of Douglas' fans. We will be exploring science in fiction, taking a closer look at two popular fictional worlds - Harry Potter and the Simpsons - and exploring the science within.--- Originally published at

Categories: Blogs

NMR Data Evaluation: Review of Covariance Applications

NMR blog - 2014, February 10 - 17:00

Review of an important new NMR technique requiring special data evaluation.

Categories: Blogs

How to investigate soft matter using Variable Field NMR Relaxometry

NMR blog - 2014, February 7 - 17:00

Slides of a Talk presented at a GIDRM Workshop in Bari (Italy).

Categories: Blogs

Kakapo nesting on Codfish Island

Another Chance to See - 2014, February 4 - 14:27

Exciting news from the DOC blog. The first kakapo eggs in three years have been discovered by rangers on Codfish Island/Whenua Hou. The two nests that have been found so far belong to Lisa, an experienced kākāpō mum, and Tumeke who has bred before but had infertile eggs.--- Originally published at

Categories: Blogs

A new paradigm streamlining the analysis of NMR spectra of small molecules

NMR blog - 2014, January 24 - 17:00

Slides of a Talk presented at a Spanish NMR Discussion Group meeting.

Categories: Blogs

Seven Conjectures of NMR Relaxometry

NMR blog - 2014, January 24 - 17:00

Slides of a Talk presented at an FFC NMR Conference.

Categories: Blogs

From Spin Hamiltonian to Spectra

NMR blog - 2014, January 21 - 17:00

Slides for a tutorial on the origins and usage of spin Hamiltonian.

Categories: Blogs

Automatic Structure Verification (ASV) as an AI wizard

NMR blog - 2014, January 21 - 17:00

A poster analyzing the milestones met and the challenges looming ahead.

Categories: Blogs

Toward direct application of multivariate statistical analysis to MRS Datasets

NMR blog - 2014, January 20 - 17:00

A new approach to Magnetic Resonance Spectroscopy in medicine.

Categories: Blogs

Molecular Spins: a new Frontier of Chemical Physics and Magnetic Resonance?

NMR blog - 2014, January 18 - 17:00

A 2012 ENC poster+talk about a physical conjecture is available online.

Categories: Blogs

Metabolomics of Intact Tissues: Discrimination Between Osteolytic Lesion Regions ...

NMR blog - 2014, January 16 - 17:00

A nice and novel application of NMR in clinical medicine (2012 poster).

Categories: Blogs

<a href="">Google<

Another Chance to See - 2014, January 16 - 07:57

Google is honouring Dian Fossey's 82nd birthday with a Google Doodle today.
--- Originally published at

Categories: Blogs

Automated QC with Compound Structure Verification and Quantitation

NMR blog - 2014, January 15 - 17:00

A 2012 ENC poster about quality-control using Mnova software goes online.

Categories: Blogs