Month: November 2014


  • Kung och 5lot hackar Bredbandsbolagets modem

    Information om de omtalade sårbarheterna i Bredbandsbolagets modem har nu släppts till allmänheten. Det är dags att bli mörkrädd…

    Apart from the “user” account previously mentioned, the router turns out to have three additional accounts; “root”, “Kundservice” and “Kung”. Since these are ordinary Linux level users, the hashes for these accounts are present in /etc/shadow.

    While the “root” and “Kundservice” accounts appear to have passwords of decent quality (i.e. we have not yet been able to crack them), the “Kung” account turns out to have the password “5lot”.

    Using the “Kung” account, one can access privileged settings in the web interface, and it is also possible to access a CLI configuration interface via telnet.

    It is quite remarkable that a hidden privileged account has an extremely weak, four-letter password.

    Skrämmande.


  • Notebook wars

    I love notebooks almost as much as I love keyboards. No, that’s not quite right, I love them equally, just in different ways… Nevermind, the purpose of this is to link Toby’s notebook showdown post, where the utility style (aka cahier) notebooks fight each other to the death. Something like that, there’s a winner at the end at least.


  • Tech bubble bursting

    Katie Benner on the tech bubble bursting:

    I’ve watched two crashes now – the end of the dotcom boom in 2000 and the credit collapse of 2008 – and one thing that was true of both is that a chorus of observers and analysts and Smart Money spent years saying that the tech sector was overinflated before anything actually burst.

    Sure, but the elephant in the room is that tech companies are making money this time around. It’s not all smoke and mirrors, there’s actual revenue, success stories, and sensible products within the tech bubble. It’s not even remotely the same, comparing dotcom with today’s tech scene is like comparing the first car with a spaceship. That said, it’s hard to deny the inflated valuations, and there’s always cycles. Neither of those two things mean that the tech bubble is about to burst anytime soon.


  • The get rid of stuff box

    Got too much stuff? Here’s some good advice from Dave Paola on cutting down on the unnecessary things.

    The hardest part is getting rid of stuff once you’ve accumulated it. For that, I recommend starting small and taking baby steps: keep an open box somewhere in your house or apartment, and whenever you come across something that you haven’t touched in awhile, put it in the box. At the end of every month, casually look through the box and ask yourself if you really need any of the stuff.

    Sell, or give away, the things you feel you don’t need anymore. A sensible way to cut down on the stuff in your life.


  • Twitter to start snooping in your phone

    Twitter will start snooping in your phone to see what apps you have installed, to be able to send more tailored ads your way. From their very own support document:

    To help build a more personal Twitter experience for you, we are collecting and occasionally updating the list of apps installed on your mobile device so we can deliver tailored content that you might be interested in. If you’re not interested in a tailored experience you can adjust your preferences at any time (read below). Additionally, if you have previously opted out of interest-based ads by turning on “Limit Ad Tracking” on your iOS device or by adjusting your Android device settings to “Opt out of interest-based ads,” we will not collect your apps unless you adjust your device settings.

    First of all: fuck no! Turn this off, at the vey least.

    Second, if this isn’t incentive to limit ad tracking in your mobile device’s settings, I don’t know what is. Go and do that now if you haven’t already.

    And finally, third, this is just the official Twitter app snooping around, third-party apps won’t necessarily do this. Granted, the market for third-party Twitter app is strained at best, with Twitter slowly killing it off while trying to limit the backlash of their actions. If snooping around is in their business model (which it is, since ads are their way of making money), you should probably stay clear of their apps.

    These are not the actions of a company that means well.


  • Facebook pushing for their updated terms

    On January 1st, 2015, the new terms and conditions for Facebook takes effect. If you visit the social network today, you’ll get a notification of this.

    Facebook terms

    Facebook users should definitely read this one, and figure out where they stand and what they’re OK with. Don’t miss the Privacy Basics site from Facebook, it might be enlightening. Personally, I’m not big on Facebook, but I do try to peek in every now and then, since some people just haven’t figured out that I’m @tdh on Twitter and that’s way faster.


  • Making conferences work

    Making conferences work

    The past two years I’ve had this rule to not attend conferences where I’m not speaking. I decided to try it for a year, found that it worked for me, and now I’m sticking to it, more or less.

    Conferences are fundamentally broken. The sessions are almost always too long, the speakers are almost always poorly chosen, and the diversity is almost always nonexistent. This makes for long days where you come out tired and worn, instead of energized and enlightened. Whatever great talk or insight that were hiding in there, it’ll probably drown in the noise.

    (more…)


  • The first object 3D printed in space

    The first 3D printed thing in space is, fittingly, a part for a 3D printer. The faceplate was printed on November 24 on the International Space Station.

    “We chose this part to print first because, after all, if we are going to have 3-D printers make spare and replacement parts for critical items in space, we have to be able to make spare parts for the printers,” Werkheiser said. “If a printer is critical for explorers, it must be capable of replicating its own parts, so that it can keep working during longer journeys to places like Mars or an asteroid. Ultimately, one day, a printer may even be able to print another printer.”

    3D printers are deemed crucial for space exploration, since the logistics of carrying all the possible spare parts alone are staggering. Aptly named company Made In Space is betting on this, and it was they who worked with NASA on this experiment. There were issues though, and it’s a learning mission for now, because it would seem that 3D printing in micro-gravity offers makes the plastic material behave differently.


  • Google Contributor

    Wired on Google Contributor:

    Launched on Thursday, the service is called Google Contributor, and it asks you to pay $1, $2, or $3 a month to back the websites you particularly like. In exchange for your support, you’ll see “thank you” messages where ads used to be—at least on the websites that participate in the program. At the moment, Google is testing the idea with ten online publishers, including The Onion, ScienceDaily, Urban Dictionary, and Mashable.

    The thank-you notes are served up through Google’s existing advertising channels, and Google still takes a cut of each contribution. According to Google, the $1 to $3 users pay essentially covers the cost of that ad space. But all of this is subject to change, she says, as the platform develops. “At this point, what we’ve rolled out is very much an experiment,” a Google spokesperson tells us. “We’re getting the publishers on board today. We’ll see not just how it works but also the public interest level.”

    There are several alternatives to advertising today, ranging from member sites to Patreon and donation driven publications. Google Contributor is off the mark in its current form, because it’s based on Google’s ad platform. The purpose of Patreon, Flattr, or even just a donate button, is to get out of the advertisement game. Google is targeting, and monetizing, the same publications that are their (trusted, obviously) customers today. This’ll be dead in the water, unless they’ve got something groundbreaking up their sleeve.


  • Humiliated

    Stewart Butterfield, co-founder of Flickr, on how they think of changing their service at Slack:

    Oh, God, yeah. I try to instill this into the rest of the team but certainly I feel that what we have right now is just a giant piece of shit. Like, it’s just terrible and we should be humiliated that we offer this to the public. Not everyone finds that motivational, though.

    I’ll say. I can’t see how this sort of management is positive in the long run. Then again, Slack is incredibly popular (we’re fans at Odd Alice), so what do I know?


  • Recode cans comments

    Recode turns off comments, their biggest change to the site yet.

    The biggest change for some of you, however, will be that we have decided to remove the commenting function from the site. We thought about this decision long and hard, since we do value reader opinion. But we concluded that, as social media has continued its robust growth, the bulk of discussion of our stories is increasingly taking place there, making onsite comments less and less used and less and less useful.

    Here’s why there are no comments on TDH.me.


  • WordPress 4.0.1

    WordPress 4.0.1 finns ute nu, och täpper till ett par tämligen allvarliga säkerhetshål. Om du har automatiska uppdateringar påslaget så har du säkert uppdaterats redan, men dubbelkolla för säkerhets skull. Har du inte automatiska uppdateringar påslaget så är det hög tid att uppdatera nu.

    Även äldre versioner av WordPress har nämnda säkerhetshål, så om du av någon anledning inte uppdaterat WordPress så är det hög tid nu.


  • WordPress 4.0.1 is an important security release

    WordPress 4.0.1 is out, and you shouldn’t wait to install the update. This is an important security release that addresses serious issues. If you’ve got automatic updates on, you’re probably already rolling 4.0.1, but if you don’t, or if the automatic install failed for some reason, then now’s the time to update.

    Older versions of WordPress are affected by the vulnerabilities as well, so make sure you update to 4.0.1 as soon as possible.


  • Fake Steve Jobs to head up Valleywag

    Love it or hate it, but Silicon Valley rag Valleywag is something of an online institution. Come January next year, it has a new captain at the helm, none other than Dan “Fake Steve Jobs” Lyons, who had this to say regarding his plans, in an interview with Recode’s Peter Kafka.

    I think, at least for now, it’s going to be a two-person blog [with writer Kevin Montgomery]. I feel like Valleywag has been different things with different writers over the years. Up and down. I think it’s at their best when they get a legitimate scoop, like when someone leaks them documents. I feel like we could do more of that, breaking stories.

    Valleywag was on the map way back when I was the editor of The Blog Herald. A lot of people enjoyed Fake Steve Jobs, Lyons’s claim to fame (nevermind that he was a Forbes journalist), and when that blog was at its best, it was quite entertaining. A Valleywag with tongue in cheek commentary, and breaking some stories, would be swell.


  • Firefox dumps Google for Yahoo

    Firefox dumps Google for Yahoo in USA, and for Yandex in Russia.

    Today we are announcing a change to our strategy for Firefox search partnerships. We are ending our practice of having a single global default search provider. We are adopting a more local and flexible approach to increase choice and innovation on the Web, with new and expanded search partnerships by country.

    China keeps Baidu, no word on Europe yet. You can still pick either search engine, just like in any other web browser. There’s also talk about more integrated Yahoo products, which brings back horrible memories of toolbars of the 90s.