Computer experts are warning that a dangerous new cyber-worm that works late at night could cost consumers billions of dollars. Apparently, individuals with upcoming bachelor parties or afterwork get-togethers are especially vulnerable to this online threat.
L.A.R.P.: Live Avatar Role Playing
A portrait of the Na’vi people of Hometree Wisconsin.
Homeworkers Event Offers Independence Without Isolation
In this age of broadband, more and more jobs — particularly those of a geeky nature — can be, and are done from home. While homeworking has its benefits, there are also some downsides, most notably the risk of feeling isolated and the potential to procrastinate with daytime television.
One solution is co-working: renting a desk in an office shared with other self-employed people or remote workers. That’s not for everyone though: the costs can be high, and it still involves a regular commute.
Jelly is another solution. Now taking place in more than 100 cities worldwide, it’s a semi-regular event organized by local people. It involves borrowing office space with Wi-Fi for the day where homeworkers can gather to use the facilities and meet other people. If office space can’t be found, other venues can be used: coffee shops are often particularly welcoming given the potential for extra custom. Given the range of jobs of those involved, it often leads to networking and even business tie-ups.
The concept actually began with two home-based workers in New York who decided to ask other people in the same position to come and work at their apartment for the day. (The name, “Jelly”, apparently comes from the theory that the best thinking is done over a bowl of jelly beans.)
I’m writing this article from a Jelly event in my own city, Bristol. Like most Jelly events, it’s free to attend, with a token donation to cover coffee and biscuit supplies.
Though there is plenty of networking going on, I’ve been surprised how much work people are actually doing. That maybe because the situation of working in an open plan office removes potential distractions, and I haven’t caught anyone sneaking a quick game of Bejeweled Blitz yet. But unlike working in a traditional full-time employee office, there’s also very little time being wasted by unnecessary meetings or water-cooler talk about office politics.
There are some strange elements to the process, though: for example, even though the people involved are perfectly sociable, there’s something quite strange about the way we are instinctively engaging in Twitter conversations with others in the same room.
If you do work from home, I’d certainly recommend looking for a Jelly in your area: it’s a great way of trying out the idea of permanent co-working, but even if that proves not to be for you, it’s still a useful experience either as a one-off or an occasional visit.
Blaise Aguera y Arcas demos augmented-reality maps
In a demo that drew gasps at TED2010, Microsoft Live Labs architect Blaise Aguera y Arcas demos a new augmented-reality mapping technology that is being implemented within Bing Maps right now. Check it out:
CubeStormer Robot Solves Heavily Scrambled Rubik’s Cube in Seconds
You’ve probably all seen one of those amazing Rubik’s cube solving robots, but I can guarantee that what you’re about to see is going to completely blow you away.
Built entirely from Lego Mindstorms pieces, the CubeStormer is the world’s fastest speedcubing robot. It can scan and solve any 3x3x3 Rubik’s Cubes, no matter how scrambled they are, in under 12 seconds.
I Love the Whole World (of Warcraft)
You might recall the We Love xkcd version of the Discovery Channel’s I Love the World “boom de yada” song released just last week. Turns out it wasn’t the only spoof of the catchy tune that made its way to YouTube in recent days! This isn’t the first machinima (or even WoW) version I’ve seen, but it’s by far the best.
Fascinating Talk About America’s Obesity Problem
The way we eat in the developed world is causing needless death — and shortening the lives of the next generation of kids. Sharing powerful stories from his anti-obesity project in Huntington, W. Va., Jamie Oliver makes the case for an all-out assault on our ignorance of food.
Introducing Computer Engineer Barbie
Mattel just unveiled Barbie’s 125th and 126th careers – and by popular demand, Winter 2010 will bring us (along with News Anchor Barbie, much less interesting) Computer Engineer Barbie!
The Society of Women Engineers and the National Academy of Engineering worked with Mattel on designing her wardrobe and accessories. It’s a little over-the-top (binary and sparkly pants?) but hey, at least she’s not wearing a mini skirt. The press release gushes about how they’re hoping to inspire a new generation and “show girls that women can turn their ideas into realities that have a direct and positive impact on people’s everyday lives in this exciting and rewarding career.”
This of course is just the latest in a long line of Barbie’s career changes over the years, and it isn’t the first time she’s been a little geeky. So I guess the girls who were wearing out Paleontologist Barbie and Starfleet Officer Barbie now have someone new to play with!
iGotaBigAssPocket: iPad-Ready Pants
The iPad is a game changer, and just because of this, you’ll need a new pair of pants… with a big ass pocket.
Behold the latest in hipster fashion: the iGotaBigAssPocket pants!
[Via Buzzfeed]
Card payment verification has “major” security loophole
The card payment industry has rejected claims by British researchers that a system used for validating in-person payments has a major security flaw.
Computer scientists at Cambridge University have been investigating the “chip and pin” system. That’s a branding name used in the country for EMV (Europay, Mastercard and Visa), a technology used increasingly around the world which combines a microchip on a debit or credit card with a card reading terminal which requires a four-digit PIN code. The idea is that a card can’t be cloned as the microchip can’t be duplicated.
The researchers say the flaw they’ve discovered is arguably the biggest payment system loophole of the past 25 years. While they’ve obviously not revealed the precise details, it takes advantage of the way that, if a card can’t be read, the user is often allowed to sign for the transaction (as was done before chips were introduced).
To carry out the scam, the crook would put the stolen card into a modified card-reader and carry it in a bag. The card-reader is then hooked up wirelessly to a laptop running the software needed for the scam.
The crook then presents a fake card for payment, typing any four-digit number into the keypad. The software and the card-reader in the bag send out signals which cause the shop’s terminal to believe the genuine has been used and verified with a PIN. However, the stolen card receives a signal which makes it believe the card hasn’t been recognized in the card-reader and the user has instead signed for the transaction.
The BBC show Newsnight demonstrated how the attack would work:
http://www.youtube.com/watch?v=JPAX32lgkrw
A spokesman for the UK Cards Association says the attack is technically possible but was too complicated to carry out in practice. He also said such attacks would be detected as fraudulent.
The researchers stand by their claims and say the most worrying aspect of the security flaw is that it could mean genuine claims for a refund by victims of card theft could be dismissed on the grounds that their PIN had been used in the fraudulent transaction.