Enter SuperTrout.  This transgenic fish contains the same “double muscling” gene.  And it’s a monster!  …At least in muscle mass.  These heavily muscled genetically altered fish themselves seem to generally behave like their natural counterparts.  They just have more lovely flesh for us to eat.  Which is what Professor Bradley wants.  Imagine the amount of people that could be fed by farming these fish!

Only, there’s that little government regulation thing to worry about.  Not to mention, are they actually safe to eat?  And what could happen if they were accidentally introduced into the wild?  It’s food for thought.

That something, was Adobe Reader PDF files.

At least, so says F-Secure.

And the reasoning, besides the obvious of being a cross-platform big target?  Well all of the vulnerabilities, of course!  I mean who in the security world doesn’t know that Adobe = holes.  It’s enough to rival Microsoft.  Apparently.  Which is why 2009 saw 49% of attacks targeting Adobe Reader through its vulns.

Clearly it should go without saying, if you don’t know why someone would send you a file, don’t open it.  And if you’re not sure, ask.  All of the poisoned documents in the world do no harm if you’re smart enough to not open them in the first place.

Though a number of security websites are claiming that this hole in Opera can be used to execute code remotely, Opera officials themselves are playing it down, saying that an exploit really can only be used to cause the web browser to crash; not to actually execute code.  They also say that enabling Data Execution Prevention (DEP) will mitigate any possible damage that an exploit could possibly cause.  (Assuming that you have it turned on.  Which you probably should.)

Time may tell whether the remote execution extremists are right, or whether Opera representatives really are telling the truth when they say it’s a crash-only bug.

And then again, time may not tell.

Because Opera coders are working right now on a fix that should be available shortly.  They have no intention of leaving their web browser insecure.

But also, how many hackers do you really know who target Opera in the first place?  What percentage of net denizens even use the browser?  And what percentage of that percentage use it on an operating system that’s insecure by default?

Yeah.  Kinda puts it all into perspective there, doesn’t it?

Only here’s the catch, it’s done through causing errors by fiddling with the power supply.

So servers, you’re probably pretty safe.  Unless hackers are able to sneak into your building and cause minor variations of voltage to your power supplies, they’re not going to be breaking your keys wide open.

But consumer devices, like Blu-Ray players, that could be a different matter entirely.

The attack basically works like this:  Bob The Hacker fiddles with the power supply of the device running OpenSSL for its security.  He triggers a single-bit error in a multiplication operation.  The bug in the OpenSSL library’s authentication for RSA public keys encryption algorithm is specifically in the fixed window exponentiation algorithm, which results in this one-bit error actually causing OpenSSL to reveal four bits of the private key.  And eventually after collecting enough failed authentication attempts, Bob The Hacker can piece together what all of the bits in the real private key are.

The security researchers who discovered this bug found that using almost 9000 repeated attacks of this method, and then feeding the resulting data into their cluster of 81-machines with 2.4 GHz Pentium-4s running their own custom software, they can eventually determine an entire 1024-bit private key … in 104 hours.

So for cracking a key in a Blu-Ray player, it’s not exactly for the faint of heart then.

There’s an underlying fear that, theoretically, over a very extended period of time, the natural power supply fluctuations may reveal enough errors on their own for a snooper to one day crack a server’s authentication in this manner.  It might take months.  It might even take years.  But theoretically, maybe, it might be possible to almost happen.

And, of course, there is a simple solution, which OpenSSL being open source, is at this moment being worked upon.  And that is, of course, adding an additional level of randomization, in the underlying error-checking algorithm.  It won’t take long at all before this fix is available to the world and private keys are safe once more.

Assuming they were ever in any real danger in the first place.

Further mitigating this remote execution IE vuln is that only versions of Windows which support IE’s Enhanced Security Configuration are affected.  Meaning that Windows 2000 (Win2K), Windows XP (WinXP), and Windows Server 2003 are vulnerable.  Where as Windows Vista, Windows 7, and Windows Server 2008 are not.  At least not typically.  Whether or not the Enhanced Security Configuration can be turned off, and if anyone has actually done this is another matter.

When we’ll ever see a fix, that’s anyone’s guess.  In the mean time, just don’t press F1 while using Internet Explorer.  Especially if a website tells you to.

Aw, heck, who are we kidding?  Just don’t use Internet Explorer!

In an article in the March issue of The Journal of Neuroscience Dr. Contreras-Vidal and colleagues showed that with just an electrode-covered cap and some clear gel they can use an array of 34 electrodes to capture our  brain thinking that it has been typing on a keyboard using good old electroencephalography, or EEG.  Yes, that’s right, once dialed in, no actual key pressing was necessary.  Some of the patients in this study have already managed to communicate to one another through a word processor.  And all of this without any hardware wired directly into anyone’s brain; just a cap worn on the head.

More fascinating is that while the testing right now is being done with a 34 electrode cap, most of the useful data is actually just coming from two points, the primary sensorimotor cortex, and the inferior parietal lobule.  Meaning that theoretically it may be possible in the future to actually reduce the cap to only contain two electrodes.

What’s more, Dr. Contreras-Vidal has no intention of just creating a simple brain-keyboard.  “We hope to show that a person with a stroke or an amputee would be able to control an assistive device, ” says Dr. Contreras-Vidal.  To this end he already has healthy subjects controlling a computer’s cursor on the screen, and controlling an artificial hand.  One day his research could be fundamental in the control of artificial limbs in a safe and affordable way.

Dr. Contreras-Vidal also hopes to one day incorporate some form of sensory feedback into the technology.  His belief is that visual feedback is a slow and imperfect means of confirming that what you think you’re doing is what you’re actually doing.  “We think it’s important to use other types of feedback, too, because vision is a slow signal.”

It’s a fascinating realm of possibilities.  What was once a toy may soon be the future of prosthetics and computer interfacing!

The culprit?  Bad programming.  For some reason the old “fat” PS3s had a bug in their firmware that assumed this year was a leapyear, and so instead of yesterday being the 1st of March for them, they were put into a leapyear 29th of February.  This date/time conflict in turn caused validation to fail when logging in to Sony’s Playstation Network.

The newer “thin” PS3s were not affected.

Reports say that now that the date is such that everyone can at least agree on the month, connections are being allowed once more.  More or less, everything is good again.

If you’re still having problems with your PS3 however, you can set your date manually in your system settings to correct the issue.

A recent auction on eBay saw a rare NES game, Bandai’s Stadium Events, sell for over $41,000, and included free shipping!  Still sealed in shrinkwrap with its original price tag of $29.99 on it, this positively ancient fitness game certainly wracked up the bids.  But the question is, why?

Bandai Stadium Events for NES sells for $41,300 on eBay.

Stadium Events was a lackluster original Nintendo Entertainment System game from Bandai, released in 1986, and based on the use of the Family Fun Fitness Mat (later bought by NES from Bandai and rebranded the Power Pad) in which players literally stomped and hopped around on a big mat on the floor instead of just using a handheld controller.  It was a fad that really didn’t catch on.  And Stadium Events was a game that didn’t really impress even amongst those who enjoyed that fad.  A veritable micro-niche within a disinterested market, Stadium Events was often relegated to the bargain bin if it could be found in any store at all.

But, Stadium Events hit an even harder time.  When Nintendo bought the Family Fun Fitness Mat from Bandai and resold it under the name Power Pad, in the US all of Bandai’s old mats and games for it were recalled (and presumably destroyed) by Nintendo to be replaced by their own rebranded versions.  Making one of the crappiest games ever one of the rarest games ever.

And that, apparently, is why a mint-condition copy of the American release of Stadium Events seems to be worth $41,300 to someone.  There was not a mint copy to be had.  Until now.

Bad Apple - Child labor, hazardous waste, falsified records, etc.

The good news is that this was Apple’s own annual audit.  They caught all of these misdeeds of their own accord, and are taking immediate corrective actions.

But it just goes to show, everyone’s doing it.

“Microsoft believes it is important that all customers take action prior to the end of support date, not only so that they know their options and can prepare, but also to ensure their environments are as secure as possible.”

Obviously, in most cases anyway, simply installing the latest service pack will allow you to continue to enjoy support from Microsoft.  It’s easy.  It’s free.  You really should do it.  For more information from Microsoft on how to upgrade to your latest service pack, look here.