Category: News

I’ve talked a few times before about the Vision Industries Tyrano Truck that is a combination of a hydrogen fuel cell vehicle and a plug-in hybrid electric vehicle (HFCV-PHEV). A month ago I talked about how the hydrogen powered Tyrano was making a public appearance before California Governor Arnold Schwarzenegger in Sacramento.

Well, now there will be a high profile test of the H2 Tyrano Truck drivetrain technology by FedEx Freight. Of course, FedEx Freight is a well-known brand for regional and long-haul less-than-truckload (LTL) services. And LTL simply means the smaller trucks, not the long-haul tractor trailers one sees occasionally upon the highways.

Vision Industries will reconfigure a FedEx Freight LTL truck with its Tyrano technology and the vehicle will be tested for one year and then evaluated for the operational sustainability of the HFCV-PHEV technology.

According to FedEx Freight CEO Douglas G. Duncan, “It is our goal to be involved in projects such as this to further the advancement of alternative fuels that both reduce our dependence on foreign oil and are good for the environment. We are excited about technological advancements we see today in transportation and look forward to what the future holds in this arena.”

Of course FedEx is no stranger to testing hydrogen vehicles. In June 2005, FedEx partnered with General Motors to test the HydroGen3 fuel cell vehicle. Fleet testing of alternative fuel vehicles is common since the infrastructure needed is minimal. For the Tyrano fuel cell truck the testing by FedEx will closely simulate real world conditions as this hydrogen truck will also be used in a fleet setting at the Ports of Los Angeles and Long Beach, CA.

Here is a quick chart showing the data exposure when considering GET vs POST and also HTTP vs HTTPS.

• URL arguments refer to arguments in the URL for GET or POST (e.g. foo.com?arg1=something).
• Body arguments refer to data communicated via POST paramaters in the HTTP request body.

NOTE: This chart does not address client side caching of temporary files. Caching is a separate issue from the protocol selection and should be addressed with appropriate cache-control headers.

A quick conclusion: The secure choice for transmission of any sensitive data is to use POST statements over SSL/TLS. Any other option will expose data at some point in the communication.

This is a guest post by Michael Coates, a senior application security consultant with extensive experience in application security, security code review and penetration assessments. He has conducted numerous security assessments for financial, enterprise and cellular customers world-wide.

The original text is published on …Application Security…

Talkback and comments are most welcome

Related posts
OWASP Publishes Top 10 Web App Security Risks for 2010
Creating Your Own Web Server
Web Site that is not Easy to hack – Part 2 HOWTO
Web Site that is not that easy to hack – Part 1 HOWTO
Tutorial – Secure Web Based Job Application

There are some rumors going around that the BlackBerry Curve 8530 will be launching December 10th. Barring some unforeseen testing issues, this date will probably stick. With an 8530 on the way to Verizon as well, this device is going to get a decent spotlight. Remember, this is the same 8530 that we discovered will feature OpenGL, so there is some awesome app potential. It will be interesting to see if the carriers even mention it.

© BlackBerry Cool for BlackBerry Cool, 2009

This could be an outstanding news by its significance. The next version of Ubuntu (Lucid Lynx or Ubuntu 10.04) won’t include GIMP (GNU Image Manipulation Program) by default due to its user interface that is too complex… What a #@^*?

Actually complex UI is not the only decision why GIMP should be vanished from Ubuntu so here is the full list:

• the general user doesn’t use it
• its user-interface is too complex
• it’s an application for professionals
• desktop users just want to edit photos and they can do that in F-Spot
• it’s a photoshop replacement and photoshop isn’t included by default in Windows…
• it takes up room on the disc

(taken from here)

Still sounds like fresh nonsense? What about F-Spot as a replacement? Well, an average user most probably claim that above mentioned reasons are true. Maybe that’s why GIMP already dropped from latest Fedora 12. But what should do people who use GIMP every day and loves Ubuntu???

Just execute ‘sudo aptitude install gimp‘

If you thought that the entertainment industry would stop at having the ability to force ISPs to kick people they accuse (not convict) of file sharing offline, you might want to pay attention to what’s happening in South Korea. South Korea, of course, is home to very high broadband penetration, with exceptionally high speeds. And, not surprisingly, there’s a lot of unauthorized file sharing going on there. Of course, if you looked at the Korean cultural world, you’d immediately learn that smart entrepreneurs and entertainers quickly learned to adapt and take advantage of this new world. Entrepreneurs like JY Park recognized the changing marketplace, and adapted — and the massive success he’s had with artists like Rain and Wonder Girls, suggests that perhaps “piracy” wasn’t a big deal. All you need is some smart business people who can adapt.

But, of course, we’ve all seen what sorts of companies are afraid to adapt. The big record labels and the big movie studios couldn’t be bothered with the tricky proposition of actually understanding the new marketplace and adjusting their business model. So, they went to the US government and said “something must be done.” That “something” turned out to be a new “free trade” (ha ha!) agreement with South Korea, that had little to do with free trade, but plenty to do with pushing ridiculously draconian copyright laws on South Korea (i.e., protectionism for the entertainment industry, not free trade). Of course, these new laws went way beyond what any other country had, and included getting the government to shut down file sharing sites while restricting how user-generated content sites could work as well. Not surprisingly, once the law passed, various sites began restricting how they could be used, even limiting the uploading of any songs, even ones that users themselves had created. And, of course, with all that, a “three strikes” plan to kick people off the internet was also included.

You would think that the industry would be happy and leave well enough alone, right?

Of course not. Reader Dan alerts us to the news that some entertainment industry lobbyists are now demanding that all file sharing services must use content filters. Otherwise, they plan to sue. Just another reminder that for some of these folks, enough will never be enough. They will keep pushing for more and more, just as consumers keep pushing back on having their own rights stripped away.

And, don’t think this is limited to South Korea. Many of the “leaked” points about the needlessly secretive ACTA deal are supposedly “based on” the trade agreement that was done with South Korea. So take a look at what’s happening there and see if that’s how you think copyright law should work in the US.

Permalink | Comments | Email This Story

By Tim Conneally, Betanews

As Time Warner continues the process of spinning AOL off into a separate, independent company, AOL will lose a third of its workforce. The spinoff is expected to be completed on December 9. In filings with the Securities and Exchange commission earlier this month, Time Warner said the split will cost more than $200 million in restructuring charges.

Today, AOL has reportedly instituted a voluntary layoff program, asking for 2,500 employees to give up their jobs in exchange for severance packages. If this number cannot be reached, AOL will begin laying off people anyway. The soon-to-be spun off company is looking to reduce its operating expenses by $300 million.

AOL CEO Tim Armstrong will reportedly be giving up his 2009 bonus, which would have been more than $1.5 million.

“As a member of our team and the person who takes accountability for the results of the company, I am making the decision to forego my 2009 bonus,” Armstrong wrote to employees. “That decision is a personal one and is not a sign for the future payout of the overall bonus plan for employees.”

Copyright Betanews, Inc. 2009

We can file this one under rumor of a rumor — you’ve been warned — so please, proceed with caution. DigiTimes is reporting that Apple’s yet to be announced tablet device will be delayed until the second half of 2010 due to a last minute design change, specifically, the use of a 9.7″ OLED LG display. The report goes onto say that the delay is a strategic move by Apple due to the current cost of the OLED panels, which currently wholesale for around $500 a pop. The price of LG’s panels are expected to drop significantly in late 2010 as they revamp their production line with newer equipment. The report is oozing with speculation on release dates, price, manufacturer, and potential future models, so we’ll let you check out the dirt for yourself.

[Via Gizmodo]

Read

The rumors that MySpace is acquiring music streaming service iMeem for a bargain-basement price have gotten some more weight behind them and a deal looks pretty much certain at this point. The deal doesn’t paint a pretty picture for the music streaming business and it remains to be seen if MySpace has better luck with the teams of talented people it has been amassing lately. In any case, it now looks like MySpace will pay just $1 million in cash, though on the whole, the deal is worth at about $8 million plus considerable earnouts for the employees that stay with MySpace.

There still isn’t anything official from any of the companies, but multiple sources confirm that the two sides have reached an agreement and that the negotiations are over for now. It isn’t exactly a done deal yet, but it’s very close to it. MySpace won’t completely assimilate iMeem – the company – but the social network turned media hub will get its hands on most of iMeem’s assets.

Some assets along with the good chunk of the money involved in the deal will be used to pay off some of iMeem’s debt which amounts to as much as $10 million. MySpace will also lose the licensing deals iMeem has signed with music labels as they become void as soon as the company changes hands. What the social network will be getting, though, is the service i… (read more)

Caught the Resident Evil 5: Alternative Edition details yesterday? For today, we’ve got a few screens so you can see what those new costumes and gam…

Yesterday Harry Reid emerged from the Senate with a 2,074-page health care bill, which covers everything from Sarah's family life in Alaska to her conflicts with the McCain campaign in- oh, sorry, reflex.

Anyway, the Senate has a health care bill, it runs 2,074 pages, and that is a source of great consternation. Why is this bill so long? Look at it! Why does it have all those words and numbers? Can't they just overhaul the American health care system with a Facebook note, like normal people? What outrageous things are the Democrats trying to hide with their writing and publishing?

How about this?

To raise money for the health overhaul, Democrats are proposing a new 5% tax on elective cosmetic procedures. The tax was a surprise addition to the sweeping 2,074-page bill that Senate Majority Leader Harry Reid unveiled late Wednesday. It generates $5 billion over a decade for the plan, which is expected to cost $849 billion over a decade.

The tax would fall on the individuals who undergo the procedures. If they don't pay it when they’re billed for their surgery, then it falls to the provider who performed the procedure.

Outrage-o-meter says… 3. Maybe 4, max. Fun fact: since 2004, New Jersey has been the only state with its own cosmetic surgery tax law on the books.

Yet if you've ever gone down the shore in July, you'll notice that it's had zero impact in terms of putting bureaucracy, or even common sense, between patients and their plastic surgeons.

^{Aww, NJ, you know I love you. Next time I'm in Belmar, the pork roll-egg-and-cheese is on me.}

In an area outside Hyderabad, India, between the suburbs and the countryside, a young woman—we’ll call her Shanti—fetches water daily from the always-open local borehole that is about 300 feet from her home. She uses a 3-gallon plastic container that she can easily carry on her head. Shanti and her husband rely on the free water for their drinking and washing, and though they’ve heard that it’s not as safe as water from the Naandi Foundation-run community treatment plant, they still use it. Shanti’s family has been drinking the local water for generations, and although it periodically makes her and her family sick, she has no plans to stop using it. Shanti has many reasons not to use the water from the Naandi treatment center, but they’re not the reasons one might think. The center is within easy walking distance of her home—roughly a third of a mile. It is also well known and affordable (roughly 10 rupees, or 20 cents, for 5 gallons). Being able to pay the small fee has even become a status symbol for some villagers. Habit isn’t a factor, either. Shanti is forgoing the safer water because of a series of flaws in the overall…

As wealthier nations age, nonprofits are retooling their operations to accommodate an older volunteer workforce. But they would be remiss if they didn’t also look for help at the other end of the life span, reports Charlene S. Shannon, an expert in recreation and leisure studies at the University of New Brunswick in Canada. She documents how “younger youth”—children between the ages of 8 and 12—are an energetic, useful, yet largely overlooked pool of volunteer labor. Interviewing younger youth and executive directors at Boys & Girls Clubs in Atlantic Canada, Shannon finds that the younger set’s needs and strengths are different from those of their slightly older counterparts. For instance, the difficulty that these small volunteers most frequently cite is that their assigned tasks are physically challenging. Dealing with rude people—both peers and older people—is also particularly taxing for them. But as legions of cookie-peddling Girls Scouts can attest, younger youth are particularly adept at fundraising. They are also well suited for assisting adults in tasks that require minimal responsibility, such as stuffing envelopes and tidying up after events. Helping seniors is also a younger-youth bailiwick. Recruiting 8- to 12-year-olds may be easier than coaxing adolescents and adults to volunteer,…

The Dow Chemical Co. and Exxon Mobil Corp. got theirs. So did ConocoPhillips Co., International Paper Co., Weyerhaeuser Co., and Monsanto Co. Between 2004 and 2006, these companies received resolutions from shareholders pressing them to take better care of the environment. And then between 2006 and 2007, these businesses indeed made at least one eco-friendly move: They shared data with the Carbon Disclosure Project (CDP), a London-based NGO that compiles and publicizes the largest database of corporate greenhouse gas emissions in the world. These corporations’ tales are part of a larger trend, report Erin M. Reid and Michael W. Toff el of Harvard Business School. “We find that if a [Standard & Poor’s (S&P)] 500 company had a shareholder resolution in its recent past,” says Toffel, “it was more likely to disclose to the CDP.” The researchers also find that shareholder resolutions have a spillover effect: If one firm gets an environmental proposal from a stockholder, the rest of the firms in its industry become more likely to comply with the CDP. “Most of these resolutions initially lose, and lose big,” notes Toff el. “Managers don’t like to be told how to behave by shareholder activists.” But within a few…

To paraphrase Leo Tolstoy: Every polluting city pollutes in its own way. Yet until recently, just how and whence Los Angeles, Bangkok, and eight other global cities exhaled their climatec-hanging vapors was a topic shrouded in mystery. Now, a 10- city comparison of greenhouse gas emissions per capita is showing metropolises “exactly where their emissions are coming from,” says Christopher Kennedy, an associate professor of civil engineering at the University of Toronto and the study’s lead author. The research “could also help cities learn from each other,” he adds. Aside from the usual finding that North American cities are the heaviest breathers, Kennedy and his team reveal that each urban area has a distinct emissions profi e. (See these profiles on the graph below.) Mile-high Denver and temperate Toronto burn lots of fossil fuels to generate electricity for their businesses and industries, as well as to stay warm during their frostier months. At the same time, hydropower keeps Geneva’s electricity- related emissions low. Yet cold winters drive up Geneva’s heating oil-induced effluvia, as they do for New York and Prague. But New York spares the air many of its transportation-related fumes with high population density and good public transit, as…

During our time on this planet, we humans haven’t lent a hand to just anyone. Instead, we have usually saved our solicitousness for our own kind. And although over millennia the boundaries separating “us” from “them” have widened—from only kith and kin to entire neighborhoods and nations—the tendency has stayed the same: We help our own. Yet a surprising new experiment shows just how easily this human bias can be transformed into altruism. “The connections between affiliation to the group and prosocial behavior are so fundamental that, even in infancy, a mere hint of affiliation is sufficient to increase helping,” write coauthors Harriet Over, a doctoral student in psychology at Cardiff University in Wales, and Malinda Carpenter, a senior scientist at the Max Planck Institute for Evolutionary Anthropology in Leipzig, Germany. For the study, a research assistant first showed each 18- month-old infant one of four possible sets of eight photographs. The photographs in all four sets featured a common household object (e.g., a teapot, book, or shoe) in the foreground. But each set had a different cue—a prime—in its background: two dolls facing each other (the affiliation prime), two dolls facing apart, one doll alone, or an inanimate object.…

Police and military checkpoints are a familiar sight on many roadways in poor countries. Although some of the officers are legitimately keeping the peace, others are out to line their pockets with baksheesh. Despite their apparent banditry, though, these extortionists respond to market forces in much the same way as do lawful businesspeople, finds a new study from Indonesia. “My research question was, Are corrupt officials just like any other economic actor?” says Benjamin A. Olken, an associate professor of economics at the Massachusetts Institute of Technology and the study’s lead author. “If they are, then we have a wealth of economic tools to help us analyze how bribes are going to behave. And we also have to think about the market structure of bribe-takers before designing reforms.” Olken found that the corrupted officials on Aceh and North Sumatra’s highways indeed act like uncoordinated business monopolies–a situation that is bad for consumers because it raises the price of each bribe. It would be better to consolidate bribe-takers under the umbrella of a single monopolist who sets prices and coordinates activities. For instance, the “one-stop shop” reforms of many governments—which allow citizens to get, say, six permits from one office, rather…

Why do some nations, such as the United States and Sweden, have booming nonprofit sectors, whereas other economically similar countries, such as Japan and Italy, do not? A new study uncovers a surprising answer: It’s the women. The more empowered a country’s women, the more vibrant its nonprofit sector. “Other research shows that women tend to be more altruistic, more prosocial, and less corrupt [than men],” explains study author Nuno S. Themudo, an assistant professor at the University of Pittsburgh’s Graduate School of Public and International Affairs. “Yet in many parts of the world, women cannot actively participate in civil society.” In countries where women can take their talents into the public sphere, he observes, the nonprofit sector employs more people, retains more members, and attracts more volunteers. For his research, Themudo uses the United Nations Development Programme’s Gender Empowerment Measure (GEM), which reflects how many parliamentary, management, and professional positions the women of a country hold, as well as the percentage of income they earn. Then with data for 40 countries from the Johns Hopkins Comparative Nonprofit Sector Project, he finds that the higher a country’s gem score, the greater its percentage of working-age full-time employees in the nonprofit…