Email and Forum Questions Profiles in IT: John T. Draper SQL Injection Tutorial World's Fastest Computer Runs Linux Space News: Many Earth-like Planets Found Website of the Week: Build Your Own Star Toy of the Week: MegaZooka Verizon To Purchase Alltel Corporation Firefox 3 Download Count Over 8 Million Human's Brush With Extinction Food Science: Marinades
Email form James Tankersley: Dear Dr. Richard R. Shurtz, I listened to your radio program, and you correctly repeated what CERN spokespersons are saying. The problem is they are only telling you the "public relations story", to be blunt, it is an extremely misleading story, designed to reduce public concerns. More facts at LHCFacts.org including quote from PHDs of Math, Physics and other theoretical sciences who are very concerned. Sincerely, James Tankersley Jr, Administrator of LHCFacts.org
Tech Talk Responds: This is controverial, but the experiment must go on.
Profiles in IT: John T. Draper
Also known as Captain Crunch, a former phone phreak
Named after Cap’n Crunch, the mascot of a breakfast cereal.
Draper was born in 1944, son of a US Air Force engineer.
Draper himself entered the Air Force in 1964, and while stationed in Alaska helped his fellow servicemen make free phone calls home by devising access to a local telephone switchboard.
He was honorably discharged from the Air Force in 1968 and did military-related work for several employers in the San Francisco Bay Area.
He adopted the counterculture of the times and operated a pirate radio station out of a Volkswagen van.
A blind friend of John Draper’s named Joe Engressia (later known as Joybubbles) informed him that a toy whistle that was packaged in boxes of Cap’n Crunch cereal.
Emitted a tone at precisely 2600 hertz (Listen to 2600 wave file)
Called Cap’n Crunch Bosun whistle
First released in 1971
The same frequency that was used by AT&T long lines to indicate that a trunk line was ready and available to route a new call.
This 2600 Hertz tone would effectively disconnect one end of the trunk, allowing the still connected side to enter an operator mode.
The class of vulnerabilities Draper and others discovered was limited to call-routing switches that employed in-band signaling.
Newer equipment relies almost exclusively on out-of-band signaling; the use of separate circuits to transmit voice and signals.
Though they could no longer serve practical use, the Cap’n Crunch whistles did become valued collector’s items.
Some hackers sometimes go by the handle ?Captain Crunch? even today; 2600: The Hacker Quarterly is named after this whistle frequency.
The 1971 Esquire Magazine article which told the world about phone phreaking got Draper in hot water.
Draper was arrested on toll fraud charges in 1972 and sentenced to five years’ probation.
He forced the phone companies to move from in-band switch control (SS5) to out-of-band switch control (SS6 in 1977 and SS7 in 1980). SS7 is still in use.
The Esquire article also brought him to the attention of Steve Wozniak.
In the mid 1970s he taught his phone phreaking skills to Steve Jobs and Steve Wozniak, who later founded Apple Computer.
He was briefly employed at Apple and created a telephone interface for the Apple II.
Draper wrote EasyWriter, the first word processor for the Apple II, in 1979.
Draper ported EasyWriter to the IBM PC, beating Bill Gates for the IBM contract.
Draper’s company, Capn’ Software, posted less than $1 million revenue over 6 years.
In the 1980s, Draper worked for Autodesk, but was laid off.
Currently he writes computer security software and hosts Crunch TV via the Internet.
He is also portrayed in the movie Pirates of Silicon Valley.
He inspired Kevin Mitnick the first well-known and first-arrested computer hacker.
SQL Injection Tutorial
What is SQL injection?
SQL injection refers to someone inserting an SQL statement to be run on your database without your knowledge.
Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you an SQL statement that you will unknowingly execute.
SQL Injection Example
Below is a sample string that has been gathered from a normal user and a bad user trying to use SQL Injection.
The good user enters: $name = timmy;
The bad user enters: $name_bad = anything’ OR ‘x’ = ‘x
Resultant query is quite different
Normal: SELECT * FROM customers WHERE username = ‘timmy’
Injection: SELECT * FROM customers WHERE username = ‘anything’ OR ‘x’ = ‘x’
The normal query is no problem, as our MySQL statement will just select everything from customers that has a username equal to timmy.
However, the injection attack has actually made our query behave differently than we intended. By using a single quote (‘) they have ended the string part of our MySQL query
username = ‘ ‘ and then added on to our WHERE statement with an OR ‘x’ = ‘x’ (always true).
This OR clause of 1 will always be true and so every single entry in the "customers" table would be selected by this statement!
More Serious SQL Injection Attacks
$name_evil = ‘; DELETE FROM customers WHERE 1 or username = ‘;
$query_evil = SELECT * FROM customers WHERE username = ‘$name_evil’
SELECT * FROM customers WHERE username = ‘ ‘; DELETE FROM customers WHERE 1 or username = ‘ ‘
If you were run this query, then the injected DELETE statement would completely empty your "customers" table.
Now that you know this is a problem, how can you prevent it?
Injection Prevention – mysql_real_escape_string()
Lucky for you, this problem has been known for a while and PHP has a specially-made function to prevent these attacks. All you need to do is use the mouthful of a function mysql_real_escape_string.
What mysql_real_escape_string will replace those troublesome quotes(‘) a user might enter with a MySQL-safe substitute, an escaped quote ‘.
World’s Fastest Computer Runs Linux
IBM announced the completion of a one-petaflop supercomputer that runs Red Hat Linux.
Twice as fast as the previous record-setter, the IBM Blue Gene, the Roadrunner uses a hybrid design that combines 6,948 dual-core AMD Opteron chips with 12,960 Cell processor engines.
The Roadrunner was built for the Department of Energy’s National Nuclear Security Administration and will be soon be shipped to its new home at Los Alamos National Laboratory in New Mexico.
Like Blue Gene and some 75 percent of the world’s supercomputers, the $100 million Roadrunner runs Linux.
As with most of them, the new world record-holder runs multiple instances of Linux over a cluster of interconnected computers.
Each of the 3,456 tri-blade clusters (1 AMD Opteron, 2 Cell IMB Processors) can run at 400 billion operations per second (400 Gigaflops).
Backed up with 80 terabytes of memory, the entire system can achieve "petaflop" performance, or 1,000-trillion operations every second — the equivalent to the processing power of 100,000 laptops.
The Roadrunner boasts power consumption of 3.9 megaWatts.
The Roadrunner is housed in 288 refrigerator-sized BladeCenter racks occupying 6,000 square feet and weighing 500,000 pounds.
Space News: Many Earth-like Planets Found
The most detailed survey yet of planets orbiting nearby stars indicates that a full 30 percent of them may harbor jumbo versions of our own planet.
Astronomers who presented the finding this week at an international conference also announced they had discovered a star system bearing three such super-Earths?potentially rocky planets up to 10 times as massive as our own.
Both results come from the HARPS (High Accuracy Radial velocity Planet Searcher) instrument at the European Southern Observatory on La Silla mountain in Chile, which looks for tiny changes in the color of starlight that indicate the star is wobbling under the sway of an orbiting planet.
The frequency and strength of the wobbles tells researchers the approximate mass of the planet, its distance from the star and the time it takes to complete an orbit.
Past experiments indicated that about 7 percent of stars possess planets.
But those studies had a hard time resolving relatively small color shifts corresponding to subtle changes in a star’s motion.
Thus, the extrasolar planets discovered that way were typically at least as massive as the gas giants Saturn or Jupiter.
HARPS, however, can identify changes in stellar motion as slight as six feet (two meters) per second, or about the speed of someone on a brisk walk.
Four years ago, astronomers began using the instrument to survey a group of about 400 stars within 100 light-years of Earth.
According preliminary results, reported this week in Nantes, France, at a conference on super-Earths, nearly 30 percent of them do have planets after all..
You determine the fate of your star by setting initial characteristics.
The mass of the star?how much stuff there is in it.
The proportion of the star that is made of metal.
Watch as the star ages
Protostar –– A cloud of dust that pulls together due to gravity. It becomes hot enough for fusion to begin and a star is born. Once fusion begins the internally generated heat will balance the gravitational collapse and the star will stabilize.
Main Sequence — Stars spend most of their lives here, gradually growing brighter and hotter and hence moving from lower right to upper left in the HR diagram. They are fueled mainly by hydrogen fusing into helium.
Hertzsprung Gap — In the star’s core, most of the hydrogen has fused into helium. The denser helium forms a core, outside of which a layer of hydrogen continues to burn. At some point the helium core collapses while hydrogen fusion continues in the outer layers. The star begins to expand and the surface cools. It is only the surface temperature that is lower; the actual core temperature is higher when helium is fused than when hydrogen was fused.
Naked Helium Star — This stage occurs for very massive stars after the Hertzsprung Gap when the outer layers of the star are lost to stellar winds. Instead of becoming a giant, the compact helium core is all that is left.
Core Helium Burning — Temperature rises in the collapsing core. Helium fuses into carbon and oxygen.
Asymptotic Giant Branches — As the helium fuel is used up the core again collapses and the outer layers expand and cool. The star becomes a super giant.
Carbon/Oxygen White Dwarf –– The outer layers expand off the star and the core remains as a white dwarf. This is the fate of lower mass stars.
Neutron Star — After several more rounds of fusion in which heavier elements are formed the core collapses further and becomes very dense. Radiative pressure from the core causes the explosive loss of the outer layers. We have a supernova. What is left is a dense neutron star. Some neutron stars are observed as rapidly rotating pulsars.
Black Hole — If the star is very massive, the collapse of the core is so great that it becomes a black hole instead of a neutron star.
Toy of the Week: MegaZooka
Compression Wave Gun Produces Air Balls
Blows a harmless mega-ball of air towards any object or person!
The Megazooka is really a vortex generator.
The ball of air that shoots out is actually a flat vortex of air, similar to smoke rings blown by a cigarette smoker.
Verizon Wireless officially announced an agreement to purchase Alltel Corp. for $28.1 billion, which would make the new company the largest wireless carrier in the U.S. with 80 million subscribers.
The deal may provoke anti-trust scrutiny.
The agreement requires Verizon to acquire $5.9 billion in equity from Alltel, and its net debt of $22.2 billion, for a total of $28.1 billion.
Alltel has 13 million customers in 34 states, while Verizon Wireless has 67.2 million nationwide.
The companies noted that Alltel is serving 57 mostly rural markets that Verizon Wireless does not serve.
Alltel would get access to 4G technology known as Long Term Evolution for fast wireless connections, the companies said.
Some analysts said that if the merger concludes, moving AT&T Inc. to the second place position, that Sprint Nextel Corp., now third, would be hurt.
Firefox 3 Download Count Over 8 Million
Firefox 3, the recently released open source browser from Mozilla, has claimed that over 8 million copies of the software were downloaded on Download Day.
The company stated early that their goal was to surpass the initial release of Firefox 2, at 1.6 million downloads in 24 hours, and hit 5 million downloads.
The goal of the marketing campaign is to set a Guinness World Record for most downloaded software in a single day.
A few days have passed and, barring the server downtime that plagued users for a few hours, the results look promising for Mozilla’s world record attempt.
According to the official Mozilla blog, Firefox 3 easily cruised past 5 million user downloads.
"We exceeded 8 million downloads in our 24 hour period," the blog states.
Downloads were tracked from 11:16am PDT on June 17th to 11:16am PDT on the following day.
The next step in the process is for Firefox 3 to be certified by Guinness World Records.
To help get their audit logs in order, Mozilla has brought on two external judges: Paul Vixie, of the Internet Systems Consortium, and Corey Shields, of Indiana University’s University of Information Technology Services.
For users who want to display pride in their effort to help set a world record, Mozilla is offering certificates. By going to SpreadFirefox.com and clicking on the ‘Flaunt It’ tab, Firefox 3 Download Day participants can print out a personalized certificate.
Human’s Brush With Extinction
Human beings may have had a brush with extinction 70,000 years ago.
The human population at that time was reduced to small isolated groups in Africa, apparently because of drought.
The number of early humans may have shrunk as low as 2,000 before numbers began to expand again in the early Stone Age.
"This study illustrates the extraordinary power of genetics to reveal insights into some of the key events in our species’ history," said Spencer Wells, National Geographic Society explorer in residence.
Wells is director of the Genographic Project, launched in 2005 to study anthropology using genetics. The report was published in the American Journal of Human Genetics.
Studies using mitochondrial DNA, which is passed down through mothers, have traced modern humans to a single "mitochondrial Eve," who lived in Africa about 200,000 years ago.
The migrations of humans out of Africa to populate the rest of the world appear to have begun about 60,000 years ago, but little has been known about humans between Eve and that dispersal.
The new study looks at the mitochondrial DNA of the Khoi and San people in South Africa, who appear to have diverged from other people between 90,000 and 150,000 years ago.
Eastern Africa experienced a series of severe droughts between 135,000 and 90,000 years ago, and researchers said this climatological shift may have contributed to the population changes, dividing into small, isolated groups that developed independently.
Paleontologist Meave Leakey, a Genographic adviser, asked, "Who would have thought that as recently as 70,000 years ago, extremes of climate had reduced our population to such small numbers that we were on the very edge of extinction?"
Today, more than 6.6 billion people inhabit the globe, according to the U.S. Census Bureau.
The research was funded by the National Geographic Society, IBM, the Waitt Family Foundation, the Seaver Family Foundation, Family Tree DNA and Arizona Research Labs.
Food Science: Marinades
There are three main components — Acid, Fat and Flavor.
Acid is the most important element, as its function is to break down muscle proteins and tenderize tough cuts of meat. Its secondary function is to impart flavor; however an acid cannot act alone; it needs fat and additional layers of flavor to achieve balance. Examples include: tomatoes, citrus fruits, pineapple, papaya, vinegar, wine, beer, hard booze, buttermilk and yogurt.
Fat — You don’t need much, but even a few tablespoons of oil helps to keep things lubricated. Solid fats (butter, lard, shortening) are not used because they wouldn’t dissolve until cooking, which defeats the purpose. Certain fats, such as sesame oil, olive oil and walnut oil will impart flavor as well.
Flavor is where you can get creative. Generally speaking, the flavor components includes all or most of the following elements: Sweet, Heat, Salt and Savory.
Sweet: It’s amazing how a little bit of sugar, honey, molasses or any other sweetener can bring out the savory qualities of a dish. Not necessary, but worth a smidge.
Heat: from cayenne to paprika, red pepper flakes, sliced chiles, hot sauce. The goal here is to achieve a multilayered experience, and a small amount of heat from peppers can complement all the other flavor components.
Salt: Maybe this seems obvious, but it cannot be understated. Marinades need salt, at least 1 teaspoon for every 1 1/2 pounds of meat. Salt alternatives are soy sauce, fish sauce, smashed anchovies, and to a lesser degree, olives and capers.
Savory: This comprises the flavor notes you want to stand up and sing. Think spices, including rosemary, thyme and bay leaf. Savory can also include lemon zest, onions, garlic, ginger root and pureed fruit.
Marinade myth: You must marinade for a long time.
The diffusion of marinade into the meat is very slow.
Based on the measurement of penetration as a function of time on actual meat. Puncturing the meat helps penetration, but is also causes loss of moisture during cooking.
Marinade Myth: Marinades tenderize.
Letting meat sit for a day or so lets the meat age so that naturally occurring enzymes can break down the connective tissue. Marinades do not contain those enzymes.
As far back as pre-Columbian Mexico, cooks found that wrapping meats in papaya leaves before cooking made for more tender results. The active enzyme in the papaya leaves is papain, now refined from papayas and commercially available. Connective tissue that comes in direct contact with the protein-digesting enzymes gets broken down.
Marinade Fact: Short times coat the surface and fill the cracks (via capillary effect) immediately. One minute is nearly as good as 1 day.