Day: 28 August 2013

Gone Phishing latimes.com

Remember how I said that the attacks on the New York Times and Twitter were likely caused by human — not technical — error? Paresh Dave, Los Angeles Times:

The U.S.-based sales partner’s credentials ended up in the hackers’ hands after a targeted phishing attack was directed at the firm’s staff, Melbourne IT Chief Technology Officer Bruce Tonkin said early Wednesday. Essentially, several people at the U.S. firm were duped by emails that coaxed them into giving up log-in credentials.

Google Hangouts Switches to VP8 gigaom.com

Janko Roettgers, GigaOm:

To enable HD, and prepare for this plugin-free future, Google quietly started to transition Hangouts from the H.264 video codec to VP8, an open and royalty-free video codec the company released back in 2010.

VP8 is still being used almost exclusively by Google. Skype is the only other major player using VP8, and they were doing so in 2011; why has it taken this long for Google to switch their own product to their own codec?

Also, why aren’t they using their newer VP9 format?

Details Behind Today’s Internet Hacks blog.cloudflare.com

Matthew Prince, writing on the CloudFare blog:

You purchase and manage domains through organizations known as registrars. NYTimes.com is managed by a registrar known as MelbourneIT. MelbourneIT has traditionally been known as one of the more secure registrars. In addition to the New York Times, they are also used by large web organizations including Twitter and the Huffington Post. […]

An email that MelbourneIT just sent to all its customers appears to indicate that the hackers somehow used a reseller account as part of the hack. While we are only speculating at this point, it’s possible that there was a security vulnerability in the reseller interface that allowed a privilege escalation to take over control of other MelbourneIT customers.

It’s spooky just how simple this attack apparently was. Every so often, I have to help move a client’s website or mess around with their registrar; occasionally, they have lost their domain registration details. It’s crazy what I can do simply by contacting customer support for their registrar. I wouldn’t be surprised if this were an error of the more human than technical nature.

(Also, this is yet another example of why it’s bad to put all your trust in one company.)

Two Different Masters nineinchnails.tumblr.com

Tom Baker explains why there are two different versions of “Hesitation Marks”:

The standard version is “loud” and more aggressive and has more of a bite or edge to the sound with a tighter low end.

The Audiophile Mastered Version highlights the mixes as they are without compromising the dynamics and low end, and not being concerned about how “loud” the album would be. The goal was to simply allow the mixes to retain the spatial relationship between instruments and the robust, grandiose sound.

I couldn’t resist — I grabbed the leaked version last night and have been listening to it nonstop (I’ve preordered it; stop whinging). It’s one of the best albums of the year, but I was dismayed at the extent to which the record is clipped; Baker and Alan Moulder are usually much more careful with their mix. I’m very glad to hear that I’ll have the opportunity to hear it in a more pristine format.