The Null Device

According to Kyle Wiens, the founder of iFixit (a website who publish repair instructions for gadgets), Apple are using patented screws to make it illegal to change the batteries in their laptops, unless you're an authorised Apple service centre, of course:

They've got this 5 point bit on the MacBook Pro battery now. Torx has a patent on the shape of that bit, and makes it illegal to import without a service license. It's absolutely preposterous; the battery is one of the easiest components to replace in that machine, just about as easy as RAM. They're using lawyers to prevent people from making their computers last longer than 3-400 battery cycles

I wonder if Apple is trying to get to a leasing model with computers, where you have to send it back to them every year or two and pay them $129

¶ apple evil skulduggery tech 0

MySpace's legendary contempt for its users comes to the fore once more: recently, they bought Imeem, an online music service that let users embed streamable playlist widgets in their web sites, allowing users to (legally) stream music. As soon as they did so, Imeem was shut down, replaced with a notice telling people to use MySpace. As for users' embedded playlists? Well, they've been replaced with obnoxiously garish ads for downloadable ringtones.

¶ murdoch myspace skulduggery spam 0

Nestlé, the food corporation whose name has been synonymous with unethical marketing of infant formula in the developing world, has been caught engaging in yet more dubious marketing practices abroad, this time when an ad for Maggi noodles, intended for Bangladesh, was mistakenly aired on a UK-based satellite channel, bringing it under the jurisdiction of the Advertising Standards Authority:

Shown on Nepali TV, the advert suggested that Maggi Noodles helped build strong bones and muscles. A boy playing tug-of-war with his friends ran in to see his mother, who explained to him: "Maggi is the best because it has essential protein and calcium that help to build strong muscles and bones." On-screen graphics depicted a yellow glow over a bicep and a knee, implying that those areas of the body were helped by the product.

In a statement, Nestle said: "We rigorously ensure that all health claims made on Nestle products comply with local legislation. The advert had been approved for broadcast and complied with the necessary legal requirements in Bangladesh, the market the advertisement was intended for. "It was never intended for transmission in the UK."

¶ advertising bangladesh deception ethics nestle skulduggery 0

Several researchers at UIUC have written a paper on how one could insert general-purpose back doors into a CPU, allowing those in the know to pwn any machine running on it, almost undetectably:

We present the design and implementation of Illinois Malicious Processors (IMPs). There is a substantial design space in malicious circuitry; we show that an attacker, rather than designing one specific attack, can instead design hardware to support attacks. Such flexible hardware allows powerful, general purpose attacks, while remaining surprisingly low in the amount of additional hardware. We show two such hardware designs, and implement them in a real system. Further, we show three powerful attacks using this hardware, including login backdoor that gives an attacker complete and highlevel access to the machine. This login attack requires only 1341 additional gates: gates that can be used for other attacks as well. Malicious processors are more practical, more flexible, and harder to detect than an initial analysis would suggest.

Our memory access mechanism provides hardware support for unprivileged malicious software by allowing access to privileged memory regions. Malicious software triggers the attack by forcing a sequence of bytes on the data bus to enable the memory access circuits. This sequence can be arbitrarily long to avoid false positives, and the particular sequence must be agreed upon before deployment. Once the sequence is observed, the MMU in the data cache ignores CPU privilege levels for memory accesses, thus granting unprivileged software access to all memory, including privileged memory regions like the operating system’s internal memory. In other words, loading a magic value on the data bus will disable protection checking. We implement this technique by modifying the data cache of our processor to include a small state machine that looks for the special sequence of bytes, plus some additional logic in the MMU to ignore privilege levels when malicious software enables the attack.

Using the shadow mode mechanism, we implement a malicious service that acts as a permanent backdoor into a system (Figure 2). To initiate the attack, an attacker sends an unsolicited network packet to the target system and the target OS inspects the packet to verify the UDP checksum. The act of inspecting the packet (necessary to decide if it should be dropped) triggers the trojaned hardware, and the malicious service interprets the contents of the packet as new firmware that it loads into the processor invisibly. The target operating system then drops the unsolicited packet and continues operation, oblivious to the attack.

And if civilian security researchers have just discovered this, it's not unlikely that ones in intelligence agencies have had such techniques for a while. I wouldn't be surprised if the NSA had similar back doors in all US-designed CPUs likely to end up on the export market, just in case, or if the Chinese government had similarly altered CPUs (or other strategic components) being manufactured on Chinese production lines, or indeed if other intelligence agencies had managed to get their own hooks into the silicon.

(via Schneier) ¶ hacks security skulduggery tech 1

In Michigan, a swing state in the US elections, the Republican Party is moving to disenfranchise holders of foreclosed mortgages.

(via Boing Boing) ¶ politics rightwingers skulduggery usa 1

The Exclusive Brethren sect, an ultra-conservative Christian separatist group, praised as pillars of the community by the previous right-wing Australian government (with which they had some kinds of dealings), and which, incidentally, also gave the world Aleister Crowley, is facing allegations of high-level criminal activity, including kidnapping, money laundering, fraud and bribery, in Australia, New Zealand and India.

Three sisters, from India, who say they are on the run from the sect, allege they can link it to numerous crimes.

"We've got 3000 pages of evidence … and now we're going to expose this whole thing," one of the sisters told reporters in Canberra.

¶ australia crime cults exclusive brethren fundamentalists religiots rightwingers skulduggery 1

Remember Gracenote, the firm that bought the user-contributed CDDB database and locked it up, locking open-source clients out of it? Well, they've just been bought by Sony. I wonder what this will mean: with Sony BMG being a pillar of the RIAA, will owning a database which receives a notification every time somebody rips a CD be a useful weapon in the War On Copying? And will Apple keep using Gracenote for iTunes now that it's controlled by a rival?

¶ business gracenote riaa skulduggery sony 2

Someone is sending pro-Tibet groups documents infected with keylogging malware, configured to send back keystrokes to a server in China. The documents are sent from addresses forged to resemble human rights groups, and purport to be details of Chinese massacres in Tibet and similar information.

The exploit silently drops and runs a file called C:\Program Files\Update\winkey.exe. This is a keylogger that collects and sends everything typed on the affected machine to a server running at xsz.8800.org. And 8800.org is a Chinese DNS-bouncer system that, while not rogue by itself, has been used over and over again in various targeted attacks.

The exploit inside the PDF file was crafted to evade detection by most antivirus products at the time it was sent.

Somebody is trying to use pro-Tibet themed emails to infect computers of the members of pro-Tibet groups to spy on their actions.

(via Schneier) ¶ china cyberwar deception espionage malware security skulduggery tibet 2

Looks like Microsoft is up to its old tricks: the latest AJAX-enhanced version of Hotmail refuses to work if the web browser identifies itself as Firefox 2; if one reconfigures it to identify itself as Internet Explorer, it works perfectly. What does this mean? Well, given that Microsoft are likely to buy Yahoo! (a lot of analysts now rate Yahoo!'s chances of escaping their clutches as slim), taking control of Flickr and del.icio.us, those who use those sites from non-Windows, non-IE platforms, and with non-Microsoft web applications, have yet more reasons to feel uneasy.

(via /.) ¶ deception hotmail.lock-in microsoft skulduggery 4

The Guardian looks at the question of whether infant-formula villains Nestlé, the subjects of a boycott since 1977, have reformed their act as they claim. The answer, sadly, is no.

"The reps are very aggressive - there are three or four companies, and they come in every two weeks or so," he says. "Their main aim is to recommend their product. Sometimes they bring gifts - Nestlé brought me a big cake at new year. Some companies give things like pens and notebooks, with their brand name on them. They try very hard - even though they know I am not interested, that I always recommend breastfeeding, still they come."

According to Save the Children's report, infant mortality in Bangladesh alone could be cut by almost a third - saving the lives of 314 children every day - if breastfeeding rates were improved. Globally, the organisation believes, 3,800 lives could be saved each day. Given that world leaders are committed to cutting infant mortality by two thirds by 2015 as one of the Millennium Development Goals, protecting and promoting breastfeeding is almost certainly the biggest single thing that could be done to better child survival rates. But the formula companies, despite the international code, continue to undermine campaigners' efforts.

¶ activism boycott business corporations ethics nestlé skulduggery villainy 0

Seeing his fortunes in the opinion polls plummet, Australia's militaristic Prime Minister, John Howard, made an impromptu visit to the troops in Iraq. All was going smoothly, when the Air Force C-130 he was travelling on filled with smoke, it had to make an emergency landing. Cue footage of the PM looking unflappable and heroic, and hopefully bouncing back in the polls. Except that, on closer inspection, the whole thing begins to look rather fishy:

• One cameraman got out of the aircraft before the PM, in sufficient time to capture him exiting the aircraft. Another cameraman was inside the aircraft, near the rear ramp, and panned with the PM's party as they ran from the aircraft. However, cut to the second camera as the PM exits the plane, and the first cameraman inside the plane is nowhere to be seen. Very strange -- or were there several takes of this?
• Camera on ground pans with PM and bodyguard as they run past, and we then see numerous passengers calmly walking away from the aircraft with their baggage -- so they must have exited the aircraft well ahead of the PM and escort. Which, given the apparent emergency, is unlikely.
• If you look at the aircraft's engines in the background, the propellers have almost come to a halt when the PM and bodyguard emerge running down the ramp. As anyone familiar with C-130 aircraft will know, it takes well over a minute from the time that the pilot cuts the engines until the propellers actually stop. So the aircraft was stopped on the ground for some time, and had initiated normal engine shutdown, well before the PM was bundled off.
• Add to that the fact that only the PM and escort are running -- everybody else in shot appears calm and relaxed -- and the odour of rodent becomes overwhelming.

(via M+N) ¶ australia politics skulduggery spin 0

Leo Stoller, self-styled "intellectual property entrepreneur", revolutionised the monetisation of trademarks a few years ago. He did this by registering a large number of words, including "Stealth", "Sentra", and (perhaps appropriately) "Chutzpah", as trademarks and then aggressively going after anyone in any field using them, often extracting substantial settlements. Unfortunately for him, the bonanza came to an end when defendants began fighting back and losing lawsuits, and judges started invalidating his patents. Even worse for him, when he tried to declare bankruptcy, a judge ordered the liquidation of all his assets, and found that his personal and corporate assets were one and the same. Couldn't happen to a nicer guy...

(via Boing Boing) ¶ copyfight intellectual property schadenfreude skulduggery troll 5

Britain's professional recording artists are so angry about their copyrights expiring after 50 years that some even rose from the dead to sign a recording-industry petition for copyright term extension:

If you read the list, you'll see that at least some of these artists are apparently dead (e.g. Lonnie Donegan, died 4th November 2002; Freddie Garrity, died 20th May 2006). I take it the ability of these dead authors to sign a petition asking for their copyright terms to be extended can only mean that even after death, term extension continues to inspire.

(via Boing Boing) ¶ astroturf copyfight copyright skulduggery the recording industry undead villainy zombies 0

The story of how Penguin Books is attempting to steal the katie.com domain. Basically, they published a book about the victim of an internet chatroom paedophile and called it "katie.com" (as "girl.com" was taken by a porn site). Which is all very well, except that katie.com was already owned by someone else (it was the personal domain of a woman named Katie Jones in the UK). Instead of backing down or attempting to resolve this, Penguin are promoting the hell out of their katie.com assets, rendering the actual site unusable as a personal domain, with the hope of pressuring Jones to hand it over; and have even made noises about using the katie.com trademark they own to seize it. Anybody want to start a legal fund for Katie Jones?

¶ david vs. goliath domains penguin skulduggery 15

What happened to the MP3.com archive after the site was torn down? It still exists -- but is now owned by a piped-music company spun off from Vivendi Universal. The MP3s uploaded have apparently become the property of TruSonic, a competitor of Muzak.com, and available only to businesses who subscribe to their service; as for the Internet Archive's proposal to preserve it as a public cultural record, well, there wasn't any money in that. Artists have expressed some concern about whether they will be paid royalties.

¶ business corporatism mp3.com skulduggery the recording industry 1

Microsoft's MSN deliberately sends broken stylesheets to Opera in order to make the third-party web browser appear defective and unusable. This is an old Microsoft tactic; they did similar things to break DR-DOS under Windows 3.x and (even earlier) to prevent Lotus 1-2-3 working with MS-DOS 2.0.

¶ lock-in microsoft monopoly opera skulduggery 0

An article giving details of how recording companies systematically defraud artists. (via rocknerd.org)

Imagine you're an Australian artist. You signed a contract more than 20 years ago when you were under age. You were getting a royalty rate for singles of 5%... but it was only calculated on 8% of what you actually sold because we're talking singles here. Forget about the fact that your music has been used on countless compilations, licensed by your 'parent' record label. Forget about the fact that you have asked for years about the status of your royalties and the executives at the label have constantly rebuffed you.

Imagine that one of the top executives at the label, when confronted with the inequities of this situation and knowing you are owed money, not only refused to deal with you but told staff to ignore you and like other artists seeking royalties, you'd go away. They always do.

Here's another artist. They are owed about $20,000 from their hits in 1968. 34 years ago. The record company knows it. They haven't informed the artist. They know where the artist lives. The attitude of the man in control of this is why tell them if they don't know and if they want to sue us, fine, let them. But they can't sue us if they don't know. And if we don't tell them, how will they know?

¶ fraud scams skulduggery the recording industry 1

Proof that the webcast royalty scheme now adopted in the US was designed to kill small webcasters, securing a monopoly for large, docile mass-market services, and shoring up the RIAA's "turd-in-a-can" business model of homogenising the market and eliminating alternatives to an easily-manufactured mainstream. (via bOING bOING)

¶ riaa skulduggery the recording industry 0

An article looking at why the recording industry hates web radio, and wants to wipe it out with prohibitive royalty rates. It comes down to the classic 'turd-in-a-can' business model: it's cheaper to manufacture Britneys and Limp Bizkits ("blockbuster artists" as they're known) than to provide quality and variety; if there's a varied music ecology, consumers expect to find music to cater to their varying tastes, and the recording racket can't sell everyone the same homogeneous rubbish. So, it makes perfect business sense to do their best to kill off the ecology, close off alternative channels and ensure that consumers are a captive audience conditioned to accept that there's no alternative to what Clear Channel is playing.

The smoking gun comes from testimony of an RIAA-backed economist who told the government fee panel that a dramatic shakeout in Webcasting is "inevitable and desirable because it will bring about market consolidation."

Once they cut off the alternatives, the consumer will have no choice but to buy the turd in the can and tell himself that that's what he wanted. Or so the theory goes; of course, people could just stop buying records altogether, even when their Microsoft Trusted PCs don't allow them to listen to anything they haven't paid for, resulting in the recording racket collapsing, dying in the scorched wasteland it has created. (via Techdirt)

¶ commercialism skulduggery the recording industry 6

mame.dk is dead. It wasn't killed by arcade-machine company copyright lawyers, but screwed out of banner ad revenue by an outfit named eFront. And according to ICQ logs posted by a disgruntled employee (now mostly taken down), eFront have been doing other nasty things, such as harassing sites out of existence and even threatening a webmaster with rape. Lovely folks... (the Slashdot thread)

¶ emulation mame retrocomputing skulduggery 0

Scumbags in action: Remember CDDB? The free online database of CD track listings assembled by volunteers from all over the Net, that was bought by some company who promptly declared it proprietary information? Well, now they have blocked "unlicensed" applications from accessing it. What does an application have to do to be licensed? Well, it needs to show ads for CDDB, prohibit the use of any other CD databases, and not allow the data to be exported to other applications. The Slashdot thread is here.

¶ cddb corporatism gracenote skulduggery 0