Monday, November 01, 2004

On eve of election, Kerry camp content. As John Kerry heads to Cleveland tonight for a rally with John Edwards and Bruce Springsteen, his campaign staff is keeping a close watch on polling, get-out-the-vote efforts and early voting. So far, they like what they're seeing "I feel as good as I've felt at any point in the campaign," a Kerry aide told us as the candidate spoke in Detroit tonight. Democrats scarred by the 2000 race may have a hard time getting their minds around the idea that Kerry can take Florida from Bush, and the aide said that she, too, feels that "mental block." But the polls suggest that Florida may fall for Kerry, and the campaign staff is now believing it. [Salon.com] 10:22:55 PM    comment []

TV makes us smarter. Steven Johnson is working on a book I can't wait to read (and will soon) because it echoes a screed I've been shouting for years: TV and popular culture are the best proof of our taste and intelligence. For the first time, he writes about what he's writing here. It's just me trying to marshal all the evidence I can to persuade the reader of a single long-term trend: that popular culture on average has been steadily growing more complex and cognitively challenging over the past thirty years. The dumbing-down, instant gratification society assumption has it completely wrong. Popular entertainment is making us smarter and more engaged, not catering to our base instincts. [unmediated] 10:22:54 PM    comment []

Can it really be this close, again?. Four years after a disputed election, voters go to polls Tuesday in one of the most intense races in a half century. Winner's tough task: governing. The race has left Americans even more polarized, creating a daunting challenge for the next president. [Christian Science Monitor | Top Stories] 10:12:30 PM    comment []

Boxes and Arrows: Use of Narrative in Interactive Design. An account of using narrative to structure the design of a website. Interesting.bibliography. [unmediated] 10:06:37 PM    comment []

Same as it ever was . . .   Old con tricks pose the 'greatest security risk'. Villains are more likely to get into computer systems by manipulating people, not machines, analyst firm Gartner says. [CNET News.com] 10:01:37 PM    comment []

Capturing dirty deeds: Filmmaker Michael Moore has video cameras poised in Florida and Ohio to document any incidents of voter suppression. By Oliver Burkeman, in Salon 11:25:18 AM    comment []

Security hole found in Gmail, by Nitzan Weidenfeld, Nana NetLife Magazine [via ISN]. So you've got a Gmail mail account? Or maybe you've just received an invitation? Well, we have some bad news for you: Your mail box is exposed. A major security hole in Google's mail service, allows full access to user accounts, without the need of a password. Everything could get publicly exposed - your received mails might be readable, as well as all of your sent mail, and furthermore - anyone could send and receive mail under your name, thus reveals Nir Goldshlagger, an Israeli hacker, on an exclusive interview with Nana NetLife Magazine. Even more alarming, he explains, is the fact that the hack itself is quite simple. All that is needed of the malicious hacker, beside knowledge of the specific technique, is quite basic computer knowledge, the victim's username - and that's it, he's inside. When approached, Google admitted to the security flaw. Google also assured us that this matter is being resolved, and that the company will go to any length to protect its users. The flaw which was discovered by Goldshlagger and was tested many times by Nana's editorial board had shown an alarming success rate. In order not to further jeopardize mail boxes' owners, we will only disclose that the process is based upon a security breach in the service's identity authentication. It allows the hacker to "snatch" the victims cookie file (a file planted in the victim's computer used to identify him) using a seemingly innocent link (which directs to Gmail's site itself). Once stolen, this cookie file allows the hacker to identify himself as the victim, without the need of a password. Even if the victim does change his password afterwards, it will be to no avail. The system authenticates the hacker as the victim, using the stolen cookie file. Thus no password is involved in the authentication process. The victim can change his password as many times as he pleases, and it still won't stop the hacker from using his box, explains Goldshlagger. Whether hackers have already used this method to compromise users' accounts is unclear at the moment. Uh, yeah. Right. On the mailing list, William Knowles adds This was covered on Full Disclosure here... http://seclists.org/lists/fulldisclosure/2004/Oct/1155.html http://seclists.org/lists/fulldisclosure/2004/Oct/1159.html 10:25:15 AM    comment []