Categories
Bold innovation or terrible idea? Your guide to the experiments that only sound scary-and the lab work you truly should lose sleep over
In labs around the world, scientists are working to expand our understanding of the weird, the unexpected, and the potentially dangerous. Their aim is true, yet, many of these boundary-pushing projects carry serious potential for things to go wrong. Horribly wrong.
Click here to see the five scariest experiments currently underway
submitted by davidrichfield
[link] [comment]
Ã…lesund, Norway Northern Lights Anders Olav Bjorkavag via SpaceWeather.com
If you saw it firsthand then you had no choice but to notice it, but for the rest of us who weren’t so lucky, here’s the deal: yesterday a coronal mass ejection, a.k.a. a CME, a.k.a. a solar storm or a huge burst of solar wind emanating from our sun slammed into our atmosphere at about 2 p.m. EDT. That mass of charged particles compressed Earth’s magnetic field and sparked a pretty intense geomagnetic storm, resulting in what you see here: breathtaking auroras that are usually confined to high latitudes spilled out across North America, reaching as far south as New Mexico and Alabama.
Click to launch the photo gallery
That’s pretty far south. SpaceWeather.com reports this morning that auroras were visible last night in more than half of U.S. states, an extreme rarity. Photographers submitted stunning pics to SpaceWeather from such unlikely locales as Tennessee, Kansas, Arkansas and Oklahoma. In the Deep South–a region unaccustomed to taking in the northern lights–skygazers reported seeing rare deep red auroras that only occur during serious geomagnetic storms and are poorly understood.
All that adds up to a special occasion for most of us in the lower 48 who never get to see even a wisp of an aurora, much less a dazzling display like those that were reported nationwide last night. If you missed it, you can still catch a glimpse of last night’s fireworks via the gallery link above.
Over the years, Armid transitioned from being a full-time developer to a full-time pen tester (as in penetration testing, not pen testing) and he hasn't looked back since. "I did enjoy writing code," he commented, "but there's something really satisfying about demonstrating an XSRF attack to that smug developer who swore up-and-down that his code was perfect." And with things like PCI Compliance to worry about, there are plenty of projects to keep him busy.
"It takes a lot to surprise me anymore," Armid added. "In fact, these days, I'm surprised if I don’t find a SQL Injection vulnerability. That being said, the public-facing operations engine of a large (3,000+ employee) company really surprised me. To say that it was filled with back doors would almost imply that someone thought to install doors — this system has more openings than walls. But there was one vulnerability in particular that trumped them all."
system("chmod 777 " . $_COOKIE["$sessionid"]);
"In fairness, this was one of the more secure lines of code, since most attackers will only mangle their cookies as their fourth… maybe fifth step. Plus, they'd be so distracted by all of the other vulnerabilities that they'd likely overlook this all together."
If you want to stop spam then going after the banks and payment processors that enable their lucrative trade may be your best bet, according to research performed by a team from the University of California-San Diego, the University of California-Berkeley, and the Budapest University of Technology and Economics. After examining millions of spam e-mails and spam Web sites—and making over 100 purchases from the sites advertised by the spammers—the research team found that just three banks were used to clear more than 95 percent of spam funds.
Read the comments on this post
