Friday, September 14, 2012

Confirmation Bias and the iPhone 5

http://thesocietypages.org/socimages/2012/09/14/cognitive-bias-and-the-iphone-5/
You might expect this from people who don’t have much knowledge of iPhones; they don’t have a clear basis for comparison, so whatever features seem neat, they assume are new. But even people holding their own iPhone 4 up for direct comparison perceive the “iPhone 5″ Kimmel hands them to be superior, noting a range of details — it’s lighter, faster, just clearly better. They think a new version of a gadget must be way more awesome than the previous version, and Apple has an aura of coolness that leads people to expect their new products should be extra amazing. Since people expect a new iPhone to be awesome, they notice, or invent, features that confirm that it is, indeed, awesome.

Wednesday, September 12, 2012

How Apple and Amazon Security Flaws Led to My Epic Hacking

http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all/
After coming across my [Twitter] account, the hackers did some background research. My Twitter account linked to my personal website, where they found my Gmail address. Guessing that this was also the e-mail address I used for Twitter, Phobia went to Google’s account recovery page. He didn’t even have to actually attempt a recovery. This was just a recon mission.

Because I didn’t have Google’s two-factor authentication turned on, when Phobia entered my Gmail address, he could view the alternate e-mail I had set up for account recovery. Google partially obscures that information, starring out many characters, but there were enough characters available, m••••n@me.com. Jackpot.

Since he already had the e-mail, all he needed was my billing address and the last four digits of my credit card number to have Apple’s tech support issue him the keys to my account.
So how did he get this vital information? He began with the easy one. He got the billing address by doing a whois search on my personal web domain. If someone doesn’t have a domain, you can also look up his or her information on Spokeo, WhitePages, and PeopleSmart.

Getting a credit card number is tricker, but it also relies on taking advantage of a company’s back-end systems. … First you call Amazon and tell them you are the account holder, and want to add a credit card number to the account. All you need is the name on the account, an associated e-mail address, and the billing address. Amazon then allows you to input a new credit card. (Wired used a bogus credit card number from a website that generates fake card numbers that conform with the industry’s published self-check algorithm.) Then you hang up.

Next you call back, and tell Amazon that you’ve lost access to your account. Upon providing a name, billing address, and the new credit card number you gave the company on the prior call, Amazon will allow you to add a new e-mail address to the account. From here, you go to the Amazon website, and send a password reset to the new e-mail account. This allows you to see all the credit cards on file for the account — not the complete numbers, just the last four digits. But, as we know, Apple only needs those last four digits.

Sunday, September 2, 2012

Student Gulps Into Medical Literature

http://m.wpi.edu/news/19989/nitro.html
Mazur tells the story: "As tradition dictates, we made our own ice cream, using liquid nitrogen as a refrigerant and aerator. We spilled a little of the nitrogen onto a table and watched tiny little drops of it dance around."

Someone asked, "Why does it do that?" Mazur explained that the nitrogen evaporated when it came in contact with the table, which provided a cushion of air for the drop to sit on, and thermally insulated it to minimize further evaporation-enabling it to do its little dance without scarring the table, boiling away or being "smeared" out. "It's this principle," he said, "that makes it possible for someone to dip his wet hand into molten lead or to put liquid nitrogen in his mouth without injury."

Mazur had worked with the chemical in a cryogenics lab several years before and believed in the principle. To prove it to the doubting ice cream socializers, he poured some into a glass and into his mouth-fully expecting to impress the crowd by blowing smoke rings. But then he swallowed the liquid nitrogen. "Within two seconds I had collapsed on the floor, unable to breathe or feel anything other than intense pain."