www.smallman.net.nz - This site renders best at 1280 or wider.
NSF Appoints New Director
Martys Musings - Antarctica
Friday, 01 October 2010 08:22


Subra Suresh Confirmed as NSF Director

Subra Suresh
Credit and Larger Version

September 30, 2010

The U.S. Senate has confirmed Subra Suresh, President Barack Obama's nominee for director of the National Science Foundation (NSF), for a six-year term.

Suresh, 54, served as dean of the engineering school and as Vannevar Bush Professor of Engineering at the Massachusetts Institute of Technology. A mechanical engineer who later became interested in materials science and biology, Suresh has done pioneering work studying the biomechanics of blood cells under the influence of diseases such as malaria.

From 2000 to 2006, Suresh served as the head of the MIT Department of Materials Science and Engineering. He joined MIT in 1993 as the R.P. Simmons Professor of Materials Science and Engineering and held joint faculty appointments in the Departments of Mechanical Engineering and Biological Engineering, as well as the Division of Health Sciences and Technology.

Suresh holds a bachelor's degree from the Indian Institute of Technology in Madras, a master's degree from Iowa State University, and earned his ScD from MIT in 1981.

Suresh was nominated by President Obama to become the new NSF director on June 8. He replaces Arden L. Bement, Jr., who led the agency from 2004 until he resigned in May of this year.

NSF's budget for 2010 is $6.9 billion. The agency's budget request for 2011 is $7.4 billion, an 8-percent increase over 2010, which supports the President's goal of increasing the nation's total public and private investment in research and development to at least 3 percent of the gross domestic product.



Read the full Press Release 10-173   http://www.nsf.gov/news/news_summ.jsp?cntn_id=117780

EQC website is disclosing your claim details to hackers
User Rating: / 1
Martys Musings - InfoSec
Friday, 24 September 2010 08:23

Seems a 7.1 magnitude Earthquake isn't all Christchurch residents affected by the quake have to worry about.

Marty Smallman a Christchurch based IT Security specialist has discovered an easily exploitable vulnerability on the EQC web site which hackers can use to capture all claimants personal information.


Those who have submitted claims online through the EQC's online Internet Claim Form should be worried as the information disclosed includes email addresses, phone numbers, address and contact details, details of damage they received in the earthquake on 4th September 2010. This information along with the best times to contact people could be used to target homes for burglary.


EQC is New Zealands natural disaster insurance company. It is an agency of the New Zealand Government. All home and contents policy holders with private insurers pay a premium on their insurance which goes to EQC to cover natural disasters.


The EQC was established by the Government in 1945 to provide earthquake and war damage cover for purchasers of fire insurance. Later, cover for other natural disasters was included and, later still, cover for war damage dropped. The modern EQC is a Government-owned Crown Entity. For more than 60 years it has been collecting premiums from insured people and during that time a substantial nest egg against damage, called the Natural Disaster Fund, has built up.


There is currently around $5.6 billion in the Fund which is backed up by reinsurance from overseas groups and a Government Guarantee. The Government Guarantee ensures that EQC will always be able to meet its obligations, regardless of the circumstances.


In accordance with responsible disclosure procedures specific details of the vulnerability are not being made public until a fix is implemented by the EQC.


update: 25 September

EQC have advised they have proposed a fix which will close the vulnerability. Their solution partner IBM are working to implement it.


update: 26 September

A fix has been implemented by eqc.


The issue relates to a url which is being generated as part of the claim form submission process. By manipulating the url a malicious person could obtain the information relating to all other claims which had been lodged online. By altering the claim number the details relating to that claim including the pin number were publicly viewable.


Closing the vulnerability consisted of adding a third variable to the view claim page. One which is not echo'd back to the client along with their pin. A more secure solution would be to hash the pin number in the url with an encryption key rather than using a plain text pin.


Anyway its fixed.. in a fashion.

NSF Extends Raytheon's USAP contract
Martys Musings - Antarctica
Tuesday, 21 September 2010 08:10


Raytheon Technical Services / Polar Services Awarded

US Antarctic Program contract extension

The powerful United States government agency the National Science Foundation wields billions of dollars of annual funding.

Their Office of Polar Programs has just announced a one year extension to the incumbent Raytheon Polar Services contract to provide support to the United States Antarctic Program. The extension to the contract is worth approximately $200 million.


The statement from NSF basically states they do not have confidence in any of the other bidders to do the job properly.


The full announcement can be read on the FedBizOpps.gov site

Is This Proof iPhone Users Have More Sex
Martys Musings - Technology
Wednesday, 11 August 2010 08:35

Something I have long known. iPhone users are sex-addicts.

Well maybe thats taking it a bit far but a recent survey by okcupid which analysed of over half a million pictures with a total of over 11 million votes tends to indicate that indeed iPhone users have more sex, take better pictures and have more sexual partners. BlackBerry users come in second place.

The survey wanted to identify the features that make a good profile picture including things like aperture, focus and flash settings.


The good news is that photos with lower f stop settings appeared more intimate and personal.

The bad news is that using a flash generally adds about 7 years to your estimated age.

Read the Full Story (via: blog.okcupid.com)




RANT: Picture Is for Indication Only.. WTF does that mean
Martys Musings - General Stuff
Thursday, 29 July 2010 09:23

Ok, rant time..


I get sick and tired of people on Trademe who hide behind disclaimers like "Picture is for indication only".


What the bejesus does that mean?. Does it mean you can put up any old picture of any old thing and purport it to be what you are selling, which may in fact be something completely different. Then hide behind your so called disclaimer saying, "Well the picture was an indication only, I use the same picture for all of them".

Case in point. I've been scrounging around recently for Ultra320 10,000rpm SCSI hard drives, Compaq ones more specifically. 


Went onto Trademe and saw an auction with a picture of a Compaq drive exactly what I was after. I used the buy-now and purchased the drive. Went to pick it up from the trader. It was dark at the time and I didnt really get much of a look at the drive as it was in an anti-static bag. Got home and then realised I'd been given an IBM drive. Now these two brands have completely different connectors, The IBM one has a standard 68pin SCSI connector and the Compaq drive has an 80pin SCA connector and never the two shall meet. So I contacted the trader and he says, "well the picture was for indication only, sorry". No offer to exchange refund or anything. In this case it wasn't an indication of what I was buying it was an indication of something completely different.


Use this analagy. If you purchased a Mercedes-Benz sight unseen based off a picture and then when you get there it's a toyota would you be happy.

Boat Smacks into well creating another Gulf Oil Spill
Martys Musings - Environment
Wednesday, 28 July 2010 09:35

The Gulf of Mexico isn't having a good run. Breaking news from Department of Homeland Security  indicates a boat has crashed into an oil well near Bayou St Dennis, LA and severed the valve stack. Oil can be seen shooting 100 feet into the air above the water surface. A wild well expert and others are on their way to the site. The oil is currently being boomed off, the area has been evacuated and boats are being told not to enter the area. The cause of the collision is not known at this stage.

Image Credit: Fox News


Image Credit: US Coast Guard

Pictured here is smoke billowing from a wellhead after a towing vessel's dredge barge allided with the structure in the waters of Barataria Bay, La., as the vessel and barge exited Mud Lake, July 27, 2010


Read the Full Story on Fox News

Oh Dear.. Poor Apple..Jailbreaking is Legal rules Copyright Office - It's YOUR phone not Apples
Martys Musings - Technology
Tuesday, 27 July 2010 08:21

Apples bad run seems to be continuing. The U.S Copyright Office, a division of the Library of Congress has just ruled that Unlocking your iPhone to install non-approved apps is a legal exemption to the DCMA.

They go further and say that Apple's practise of locking the iPhone to prevent it running unapproved apps is an "unfair restriction on consumers’ fair use right".

Along with recently being described by security company Secunia as the most vulnerable platform, Apples fall from grace seems to be accelerating.


Read the Full Story on CultOfMac


High Tech Antarctic Tracing
Martys Musings - Antarctica
Friday, 23 July 2010 08:41

A team of scientist from NASA Goddard Space Flight Center have completed a project to create the most accurate outline of the Antarctic continent ever.

Using a mosaic of high resolution satellite imagery from the LandSat 7 satellite research scientists have joined together 3,574,365 points around Antarctica, tracing the most accurate map of the continent's grounding line -- a 56,610-kilometer path that outlines where ice separates from the land. Scientists have found the high-resolution imagery makes the new map more precise than previous assessments of grounding lines, which sometimes mistakenly included shadows and islands as part of the continental landmass. 

Full Story: Antarctica Traced From Space - via: nasa.gov

ATM in Antarctica
Martys Musings - Antarctica
Thursday, 22 July 2010 08:57

Would you believe they have ATM's in Antarctica. 

Wells Fargo bank in conjunction with Raytheon Polar Services arranged to install ATM's in Antarctica at the request of an American University doing experiments down on the ice.


Just like people everywhere else, those deployed in Antarctica need access to cash.

Wells Fargo bank and Raytheon Polar Services have installed the two most southerly ATM machines in the world to complement the existing eftpos infrastructure at the United States Antarctic Programs bases on the ice. Antarctica is one of the most extreme climates on the planet and presents special challenges due to it's remoteness and extreme cold. 


needcoffee.com has an good interview discussing The Worlds Most Southerly ATM machines.

Oh Dear.. Poor Apple.. Consumer won't recommend iPhone 4 due to fault
Martys Musings - Technology
Tuesday, 13 July 2010 08:45

Apples bad run is continuing.

Just  a day after a Federal court judge allowed a monopolistic behaviour suit to proceed to a Class Action, it looks like Consumer New Zealands counterpart the American Consumer Reports Organisation has sucker punched them with some scathing comments and a "not recommended" rating after comprehensive testing all the new models of the iPhone 4.

Their testing has revealed there is a design defect which results in confirmed receptions problems. 


Cutting a long story short, despite rating well in some areas they will NOT be recommending the iPhone 4 until "Apple comes up with a permanent and free fix". They continue to recommend the iPhone 3GS for those wanting a reliable iPhone without having to rely on ugly masking tape fixes.


Click through to consumerreports.org for the full iPhone 4 story 


Photos BP Would Rather You Didn't See
User Rating: / 1
Martys Musings - Environment
Monday, 12 July 2010 15:27

While some of these photos have been widely seen, most have not, and I have never seen them rounded up in a single page before. 

Jonathan Elinoff of Washington's Blog has rounded up rarely-seen videos and pictures of the gulf oil spill. View these now while you still can.


The photo below is not showing asphalt or concrete, but millions of dead fish floating on the surface of the water.

Read the Full Story on Washington's Blog


Page 3 of 54

Recent News