WallPosting [unconditional consequences] Project/archive

• Detox. En modell for hobbykuratoriet?
• Further Erosion of Civil Liberties, this time Beyond US Borders
• Quoting Two War-Criminals
• Lydspor / Soundtracks
• This week's sign of the Apocalypse
• RealPlayer vulnerability
• LYDMUR av Maia Urstad
• Perfect identity design. This is why people come to us.
• Common Problems Facing Software Development
• Google: A Hacker's Best Friend [Re: webeditor]
• The Public DNS Service

November 26. 2004 - Detox. En modell for hobbykuratoriet?

I dag ankommer Detox Bergen, men med tom pengesekk, og uten penger til å lage avisen som skulle følge utstillingen. De lokale arrangørene av vandreutstillingen har tatt saken i egne hender og laget fanzinen TOX. Er vi tjent med en kuratormodell som overlater initiativet til dugnad- og hobbyvirksomhet spør Grethe Melby i denne artikkelen, sakset fra TOX.

October 11. 2004 - Further Erosion of Civil Liberties, this time Beyond US Borders

http://www.indymedia.org/ servers seized by FBI

Thursday morning, US authorities issued a federal order to Rackspace ordering them to hand over Indymedia web servers to the requesting agency. Rackspace, which provides hosting services for more that 20 Indymedia sites at its London facility, complied and turned over the requested servers, effectively removing those sites from the internet.

Since the subpoena was issued to Rackspace and not to Indymedia, the reasons for this action are still unknown to Indymedia. Talking to Indymedia volunteers, Rackspace stated that "they cannot provide Indymedia with any information regarding the order." ISPs have received gag orders in similar situations which prevent them from updating the concerned parties on what is happening.

It is unclear to Indymedia how and why a server that is outside the US jurisdiction can be seized by US authorities.

At the same time an additional server was taken down at Rackspace which provided streaming radio to several radio stations, BLAG (linux distro), and a handful of miscellanous things.

The last few months have seen numerous attacks on independent media by the US Federal Government. In August the Secret Service used a subpoena in an attempt to disrupt the NYC IMC before the RNC by trying to get IP logs from an ISP in the US and the Netherlands. Last month the FCC shut down community radio stations around the US. Two weeks ago the FBI requested that Indymedia takes down a post on the Nantes IMC that had a photo of some undercover Swiss police and IMC volunteers in Seattle were visited by the FBI on the same issue. On the other hand, Indymedia and other independent media organisations were successfull with their victories for example against Diebold and the Patroit Act. Today however, the US authorities shut down IMCs around the world.

The list of affected local media collectives includes Ambazonia, Uruguay, Andorra, Poland, Western Massachusetts, Nice, Nantes, Lilles, Marseille (all France), Euskal Herria (Basque Country), Liege, East and West Vlaanderen, Antwerpen (all Belgium), Belgrade, Portugal, Prague, Galiza, Italy, Brazil, UK, part of the Germany site, and the global Indymedia Radio site.

October 10. 2004 - Quoting Two War-Criminals

"Naturally, the common people don't want war, but after all, it is the leaders of a country who determine the policy, and it is always a simple matter to drag the people along whether it is a democracy, or a fascist dictatorship, or a parliament, or a communist dictatorship. Voice or no voice, the people can always be brought to the bidding of the leaders. That is easy. All you have to do is to tell them they are being attacked, and denounce the pacifists for lack of patriotism and exposing the country to danger. It works the same in every country".
Hermann W. Göring

"People that are really very weird can get into sensitive positions and have a tremendous impact on history".
George W. Bush

October 9. 2004 - Lydspor / Soundtracks

Det blir sagt at ensomheten er størst i storbyen. Om "helvete er de andre" forvandles storbyen til det beste tilfluktssted. Dyresporene, eller sporet etter gjesten i snø eller søle, vitner om hvem som har vært der, utenfor et hjem på landet. I storbyen viskes sporene ut hurtig - og identiteten til den som satte sitt avtrykk skjules effektivt. De umiddelbare sporene som mennesker legger fra seg, avfall, tags, enkle gester og høflighetsfraser, blod og svette, oppfattes på den ene side som blott irrelevante for betrakteren - på den annen side som irrelevante og dessuten avskyelige og uønskede. En trafikkulykke står ikke for noe sørgelig, men for noe grisete. En voldsepisode utløser ikke alarm for bistand, men trussel. Man vender ansiktet bort for å slippe å involvere seg. Lydspor - skrik, verbale trusler, hvinende dekk under bremsing, sirener - kan man ikke uten videre snu seg bort fra. Så lenge man holder for ørene er man fremdeles bundet av situasjonen, idet man utelukker også hverdagens lydspor i storbyen. De må være tilstede - stemmer, populærmusikk og trafikk - "som mumlingen under en gravferd." Det er hverdagens lydspor som tematiseres i installasjonen. Men også fenomener som ikke tilhører lydriket er fortolket og overført til en representasjon i lyd. Verket tar utgangspunkt i føttene. De står for vandringene som har bragt mennesket rundt hele jorden og tillatt oss å sette spor på overflaten. De står også for den organiske kroppen med lydspor i form av skritt mot asfalt og betong - kontrastert til bilhjulenes friksjon mot veien.

Lydspor / Soundtracks er en interaktiv lydinstallasjon som utforsker teknologiske feil som materiale. Det auditive universet består av digitale hakk, maskiner som krasjer og ødelagte billig-høytalere som pines til bristepunktet. Disse avspilles på et 40 kanals høytalergulv i stål. Et spesialskrevet dataprogram styrer dette og komponerer musikken i sanntid.

Musikk, programmering og teknisk konstruksjon: Trond Lossius og Asbjørn Blokkum Flø

Grunnkkonsept: Asbjørn Blokkum Flø

Sted: Norsk Form, Kongens Gate 4 (kjelleren), Oslo     7. - 17. oktober

Sponsor: Burmeister AS     Produsert av NOTAM

Takk til: BEK (Bergen senter for elektronisk kunst), Kunsthøgskolen i Bergen, Kunsthochschule für Medien -Køln, NOTAM, Ultimafestivalen, Norges Musikkhøgskole, Henrik Sundt, Ståle Stenslie, Astrid Midtbøe, Odd Magnus Nilsen, Andreas Mork, Cato Langnes

October 8. 2004 - This week's sign of the Apocalypse

With apologies to Sports Illustrated (the print edition): The BBC reported Friday that the Internet Explorer vulnerability to JPG files has finally been exploited, in a particularly predictable manner: infected images were posted to an indiscrete (we use that word so this newsletter will get by all the censoring software) newsgroup last week. Though technically not a virus (because it doesn't replicate), Symantec and other antivirus companies say it's only a matter of time. Also predictably, the pictures are already beginning to be reported by AOL users. Not that there's anything wrong with that...

October 7. 2004 - RealPlayer vulnerability

The digital security website eEye released an advisory Friday that says that a wide range of RealPlayer media players have security flaws that not only affect computers with Microsoft operating systems, but those with Linux and Macintosh operating systems as well. According to eEye, the "vulnerability allows a remote attacker to reliably overwrite heap memory with arbitrary data and execute arbitrary code in the context of the user who executed the player." A patch is expected in a couple of weeks.

October 5. 2004 - LYDMUR av Maia Urstad

STENERSENMUSEET 7. -17. oktober 2004

Velkommen til åpning av lydinstallasjonen LYDMUR av Maia Urstad torsdag 7. oktober kl. 19:30!

Er 1980-tallet våre dagers Egypt? I Maia Urstads installasjon Lydmur utforskes forholdet mellom nær og fjern fortid og mellom teknologi og historie. Lydmuren er satt sammen av nærmere 120 CD/kassettradioer som spiller bearbeidede opptak fra radio. I Stenersenmuseet møter tilskueren en flere meter lang vegg formet av lyd og lydkilde på samme tid, en ruin der byggesteinene ikke er antikke steinblokker men gårsdagens tekniske vidundere.

Akkurat som støyen som omgir oss er murer noe vi alltid er omsluttet av, men sjelden stanser opp for å betrakte. Først når muren blir et historisk monument blir den interessant å se på. I Lydmur er det vår nære fortid som stilles opp foran oss og blir gjenstand for betraktning. Installasjonen skyver den inn i historien og minner oss om det flyktige ved det aller nyeste. Lydene vi hører er brokker av nyhetssendinger, interferens og sus, bakgrunnsstøyen fra eteren som vanligvis forsvinner i samme øyeblikk som den oppstår, men som her fryses og plasseres i forgrunnen. Dermed problematiseres forestillingen om historisk utvikling og grensen mellom nytt og gammelt viskes ut. For er ikke kassettradioen, ett av de mest slående symboler på 80-tallets glorete jappeestetikk og absurde fremskrittsoptimisme, noe av det mest utdaterte vi har i dag? Teknikken er fullt brukbar, men apparatene er likevel henvist til skraphauger og brukthandler, utsatt for en altfor tidlig alderdom. Installasjonen Lydmur studerer forbindelseslinjer, fabulerer rundt sammenstillingen, og stiller bl.a. spørsmålet hvordan blir ruinene etter oss?

Lydmur bygger videre på tidligere arbeid som STASJONER, en lydinstallasjon der visuell inspirasjon er hentet fra den romanske bue, og KLEOPATRAS NÅLER, et musikkdramatisk verk inspirert av egyptiske byggverk fra faraoisk tid. Lydmur ble vist under BOREALISFESTIVALEN i Bergen 2004, og skal videre til ELECTROHYPE BIENNALEN i Malmö Konsthall november/desember 2004.

MAIA URSTAD  http://www.maia.no

Ref.: My own Sound Panel

October 4. 2004 - Perfect identity design. This is why people come to us.

Have you ever been jealous for your competitors' business identity? Have you ever thought how people recognize their favorite trade marks among the thousands of others at the market? Psychology says that the majority of population perceives information through visual channel. It is the fastest, the most capacious and effective way to convey not only the idea, but also your company spirit. So why not to give your customers the opportunity to recognize your company, feel your business approach and remember you?

Every logo, corporate identity, print ad, website or TV commercial we create is a powerful tool supporting your business. That's why we steadily achieve impressive results improving image and marketing effort of our clients. We suggest top-quality business identity design at a good price. Unlimited designs, changes & colors, fast turn-around, copyright transfer, 100% satisfaction guarantee: this is not an advertising puff - this is the way we work. To make sure, that it is just what you need, have a look at our portfolio.

http://www.malai.org/7236.jsp

Sincerely,
Annabel Preston

September 22. 2004 - Common Problems Facing Software Development

I was talking to a friend today about common problems facing software development. A major issue that seems to be common to many I talk to is finding developers who can not only code, but can plan before they code and test the code once it's written. Most of us work on tight schedules - or possibly even no schedule and no sleep - so planning is done as you type and testing is done after you go live. That's just reality. An unpleasant and unfortunate one but but often there's not much we can do about it.

However, one thing you can do if you find yourself in this situation is arm yourself with some knowledge and tools. MArc Clifton, Kalutha Sarma, Matt Gullett, Jonathan de Halleux and a bunch of other great authors have written a ton of articles in our Program Design and Methodologies section (http://www.codeproject.com/gen/design/) that guide you through Application design patterns, methodologies and testing. If you're just starting out and wondering why things keep breaking then please take some time to browse these articles. You will definitely find it an advantage come interview time.

Chris Maunder
The Code Project
www.codeproject.com

September 21. 2004 - Google: A Hacker's Best Friend [Re: webeditor]

A short while back, while working on this article [Google: A Hacker's Best Friend], I [Paris2K] ran into this website:

http://neworder.box.sk/redirect.php?http://wacker-welt.de/webadmin/

The website explains that "webadmin" is a small piece of software that allows one to remotely edit parts of a website, upload files, etc. The main page for the webadmin control centre is called 'webeditor.php". So obviously, my next step was to visit google and use the inurl tag to find webeditor.php pages that I could reach. I used the following search string: inurl:webeditor.php
and I found the following results:

http://neworder.box.sk/redirect.php?http://orbyonline.com/php/webeditor.php
http://neworder.box.sk/redirect.php?http://www-user.tu-chemnitz.de/~hkri/Neuer%20Ordner/webeditor.php
***http://neworder.box.sk/redirect.php?http://artematrix.org/webeditor/webeditor.php*** [now removed]
http://neworder.box.sk/redirect.php?http://www.directinfo.hu/kapu/webeditor.php

All these webeditor.php files were reachable by anyone, merely because the owners failed to (correctly) protect these pages by using .htacces. This mistake allows whomever to change the webpages on the server and thus defacing the site, uploading files and thus possible gaining full access to the server.

In browsing through these sites I noticed that the file that allows one to upload files is called "file_upload.php", which I could then search for at google and find more examples.

http://neworder.box.sk/redirect.php?http://www.hvcc.edu/~kantopet/ciss_225/examples/begphp/ch10/file_upload.php

A good example:

http://neworder.box.sk/redirect.php?http://www.pelicandecals.com/admin/webeditor.php

The script allows you to change files, like in the above examples, including the index.php. In theory one could write or download whatever malicious script one wants, paste this code into an existing file or just upload it and well, the consequences are obvious.

there was also a link "Return Administration" and clicking on it took me to:

http://neworder.box.sk/redirect.php?http://www.pelicandecals.com/admin/administration.html

Where there were customer addresses, where one could change pricing, etc.

READ THE ENTIRE ARTICLE HERE

September 13. 2004 - The Public DNS Service

The Public DNS Service is a public service provided by Granite Canyon Group, LLC. The Service offers both primary and secondary DNS free of charge to anyone who asks. The Service maintains UPS protected FreeBSD servers that satisfy DNS queries. The servers are geographically separated and all are connected to the Internet via 7x24 dedicated lines with disjoint routes to the Internet's North American backbones.

For me, this DNS service has been impossible to maintain as my password to access it did not work, and nobody answered my e-mail when I asked for help. I therefore do not any longer recommend their services to anybody. Ref.: http://www.granitecanyon.com/.

This DNS trouble, and the fact that my main server has been tampered with, is the main reasons why I have not being able to maintain, write new stuff, or update my webpage. I hope things will change within the next week or so, as all my stuff is being transferred to new servers... and best of all: even the DNS servers are new.