The music industry is so out of touch its not even funny

Slotmusic is a collaboration between Universial music, Sony BMG, Warner music and EMI. Basiclly its DRM free music distrubuted on microSD cards. Yes microSD cards, why? I don't know, but it shows how out of touch the music industy really is. Not defending the iphone or ipod but like it or not there the most popular at the moment and they don't support microSD cards. Does the Zune? Don't think so either. I also have no idea whos going to pay for music on MicroSD? I bet the cards are locked to the drive, so that means swapping the · Online and P2P distrubtion is the way forward period. Hell I just bought 12 tunes from Audiojelly.com yesterday. Cost me about 16 pound in total.

Comments [Comments]
Trackbacks [0]

Flights booked and here’s whats getting me excited about the Web 2.0 Expo


Web 2.0 Expo Europe 2008

So I have laid down the money for the flights and I'm going for sure now. I decided to go via Liverpool Airport, because getting to Luton Airport was always going to painful from Manchester. It either ended up with me sleeping at the Airport, Traveling on a Coach for 5 hours or spending time in London then going to Luton early in the morning.

I've also been planning my days through the schedule, here's some of the highlights which I want to attend.

All interesting stuff… but I'm wondering if 15mins is long enough to cover the woman in technology problem? I don't know if there is a girl geekdinner in Berlin? But maybe it might be a good place/chance to really delve into the issues. Tara Hunt ran a session at BarCampNorthEast which went into a lot more depth that anything I've heard before. I got a feeling Suw is certainly look at the issue at that level and deeper. I will try and get as much of it on camera of course.

Comments [Comments]
Trackbacks [0]

SockStress could make every TCP service vulnerable

The Laughing man from ghost in the shell

I found this by listening to Security Now number 164, it sounds very dramatic and most of you will be thinking yeah yeah whatever but…this seems like the real deal. Rather than try and explain it, here's a subset from the notes of Security now. I did look at a couple other places, but Steve Gibson has the best non-packet hacker description of what's really going on.

“SockStress” (not publicly released) reportedly uses several new techniques to create a low-bandwidth (as low as ten packets per second) local resource depletion attack resulting in denial of service /images/emoticons/laugh.gifoS) by TCP servers (www, ftp, smtp, pop, etc.) running Windows, Linux, BSD, undisclosed routers, and other Internet appliances.

Although the researchers plan to demonstrate their techniques on October 17th, at the end of the second day of the forthcoming T2'08 conference in Helsinki, Finland, their 44 minute interview on September 30th, 2008 for the De Beveiligingsupdate site (see original and edited audio links below) provided far too much detail — enough so that any informed packetsmith who understands the TCP protocol would be able to easily recreate their attacks.

As a consequence, they effectively “went public” with their discovery of these vulnerabilities after informing other vendors only a few weeks beforehand

So generally the Finnish guys have found a way to mess with the TCP stack to the extend that you can cause a deinal of service on ANY server which uses TCP including web, ftp, etc. Using a very low amount of hardware and bandwidth. Not even IPv6 escapes this problem.

Comments [Comments]
Trackbacks [0]

Using Hamachi again but on your phone too

In my Windows days I would use Hamachi for my VPN client and server. But when I switched to gnu/linux I attempted to stick with it but got fed up of the weird UI's and lack of stability I was experiencing. So I stopped using it and looked into openswan and other VPN clients/servers solutions. Problem is I never quite got on with those either although I did get as far as having the PTP/OpenSSL option in my networking

Well after months of not using any VPN options at all. I found the ideal Hamachi client for Linux and got Hamachi working on everything including my old download machine and even my phone! Yes you heard me right, I have the same powerful VPN technology on my Windows Mobile phone too. There's not much you can do right now but its working in 0.30 beta form. I found it because I was thinking they've had a Nokia 770 version for ages but why not Windows Mobile? I imagine Android won't be long behind the Symbian and Windows Mobile versions if things go well. Iphone version? Nahh I can't see Steve Jobs allowing that in the Apps store.

Some of you may say why do you need VPN for phones? Well at least with Hamachi, its a direct connection to my machines, so I'm able to for example see how a download is going at home (although to be fair I've also got a XMPP/Jabber bot which does this too). You can't do it yet, but imagine, being able to pull files back and forth over the network, sync and print to the remote printer. Actually these are possible if you've got some web front end on the remote machine right now. I can't even imagine the possibilities if you turn it the other way around and added some core phone API support. VPN into your phone and flip the goodbye forever switch if its stolen? Who knows…

Comments [Comments]
Trackbacks [0]

Just bought a ticket to the official after party for Web 2.0 Expo


Web 2.0 Expo Europe 2008

The official LateCrunch Party to Web 2.0 Expo, costs roughly 12 pounds, starts at 10pm and ends 4am in the morning. Seems perfect if your planning to catch the easyjet flight (Redeye) back to London at 6am. This also means I'm now committed to going now. Yes I'll be going to BarCampBerlin3, yes I'm going to the conference too. But somewhere in between I need to spend some time with my great german friend Carl who's putting me up at his place during the week. Shame I'll be out most of the time. Anyway i'll make it up to him somehow.

Good on Tim Oreilly too…. Stop building crappy apps and build stuff which changes the world. This is certainly why Backstage and myself finds things like scripting enabled, AMEE and Operation Sleeper Cell really important.

Comments [Comments]
Trackbacks [0]