ATMtech is a free Android app that is meant for service and support of ATM machines

Features include:

* Ability to search and view ATM error code definitions.
* Review of ATM Owners Manuals.
* Short ‘how to’ video tutorials.
* Access to manufacturer and supplier tech support contact information.
* Access to ATM programming information.

This may finally put the nail in the coffin of any system still using default username and passwords. No mention of a security and hardening guide.

The National Organization for Marriage (NOM) is a group that aims to ban marriage.

Founded in 2007 in response to the growing need for an organized opposition…

I know, it sounds weird, but it is true.

Apparently they did not go with the more obvious acronym National Organization Against Marriage (NOAM) because it could be associated with some liberal (Chomsky). National Organization in Opposition to Marriage (NOOM) just made everyone hungry for lunch and leave early. So someone must have decided NOM is good enough, even if it gets confused with NOM NOM NOM:

…but I digress.

The NOM blog embedded an image from a cartoonist blog called The Weinerworks. The original cartoon author, Zach Weinersmith, clearly was not impressed to find his work misunderstood and used in a campaign to stop marriage.

My first response was to ask my followers to post some ascii dicks to their comment board. Unfortunately, they moderate their comments there.

Perhaps he meant ASCII wieners.

  _                   _
 ( \                 / )
  \ \.-------------./ /
   \(               )/
     `.___________.'

He then realized he could switch the image they embedded to a different one — to one he thought might express his true feelings and get the attention of their readers.

So the NOM site effectively was defaced by what the cartoonist called “the classy route” attack. He also asked his readers to get screen shots, which created a DoS condition. I think this vector should be called from now on the NOM-bomb, or maybe the Wiener-Snit.

Update: The NOMers, which perhaps should have been named instead the National Enforcers of Marriage Assigned to Organize Around Derisiveness (NEMATOAD), has reacted to the cartoonist’s clever and silent protest. They have copied his artwork so they can host it locally, instead of linking to his site.

Two Congressmen have sent a direct and scathing letter to Facebook’s management regarding privacy failures. The questions come after Facebook mentioned on a blog that application developers would soon have more access than ever before, even to user addresses and phone numbers; and then they abruptly said the plan was postponed.

The letter was announced yesterday on US Representative Edward Markey’s website:

…Reps. Markey and Barton ask Mr. Zuckerberg to respond to questions that include:

* Would any user information in addition to address and mobile phone number be shared with third party application developers under the feature as originally planned, and was any of this information shared prior to Facebook’s announcement that it would suspend implementation of the feature?

* What user information will be shared with third party application developers once the feature is re-enabled?

* What was Facebook’s process for developing and vetting the feature referenced above before the feature was suspended, and what was the process that led Facebook to decide to suspend the rollout of this feature? What is the process Facebook is currently employing to adjust the feature prior to re-enabling it?

* What are the internal policies and procedures for ensuring that new features developed by Facebook comply with Facebook’s own privacy policy, and does the company consider this a material change to its privacy policy?

* What consideration was given to risks to children and teenagers posed by enabling third parties access to their home addresses and mobile phone numbers through Facebook when designing the new feature?

* What are the opt-in and opt-opt option for this new feature?

* Why is Facebook, after previously acknowledging in a letter to Reps. Markey and Barton that sharing a Facebook User ID could raise user concerns, subsequently considering sharing access to even more sensitive personal information such as home addresses and phone numbers to third parties?

No answers so far from Facebook. I did not wait, however. I just deleted my Facebook account.

Hal Pomeranz has announced a new set of tools to help with digital forensics for unallocated space on Linux systems using EXT3 (not compatible with EXT4). Indirect blocks are the areas of a disk that are unlike direct blocks — they are not sequential, nor are they always associated with a start/end to a file:

The problem of indirect blocks in the middle of the file content is addressed by tools like Foremost by simply skipping over the indirect block and ignoring its contents. Actually, Foremost will skip the first indirect block that normally occurs in the 13th data block in the run but fails to remove later indirect blocks (the double and treble indirect block chains) from the recovered image, again leading to file corruption on recovered files larger than 4MB or so.

Simply skipping over or attempting to edit out the indirect block data from the recovered file is probably the wrong thing to do in any event. After all, the block pointer metadata in the indirect blocks provide a map to the location of large chunks of file content from the original file. I have developed a couple of simple command-line tools to find and use the indirect block data to more accurately recover files from unallocated space.