Month: March 2012

Neuroinformatics databases with dia graph software

Posted on Updated on



So I was considering GIMP, LaTeXDraw, Inkscape, Xfig, GraphViz – and in a weak and confused movement FSLView – to draw a graph. Then I saw Dia, installed it, and I found it quite suitable. The arrows attach well to the objects and it has a range of output formats.

The unfinished graph displays neuroinformatics databases and web-linkable identifiers between them: My Brede Wiki and Brede Database along with fMRIDC, OpenfMRI, Cognitive Atlas, CogPO, IBVD, SumsDB, BODB, CoCoMac and the more general PubMed.

There is an arrow from PubMed to the Brede Database. That is because someone (not me) apparently has defined LinkOut for the Brede Database. Thank you.

Poul Thorsen III

Posted on Updated on

Ulla Danielsen seems to be the only one updating on the case of Poul Thorsen and now reports that the tax evasion case against Poul Thorsen has been dismissed. It has been dismissed because of technical deficits in the indictment.

The court case has apparently been postponed multiple times, Danielsen writes.

Jens Ramskov seems to be the only other in Denmark reporting about the case lately. He had an article in December 2011.

If I understand it correctly the tax evasion court case is just one aspect of the Thorsen case.

Mysql-server update on Lenny to Squeeze Debian

Posted on Updated on

By accidentally stubbling over my version of the Mysql-server on a wiki page and comparing that with the CogPO wiki version I found that I was on 5.0 while the newer Debian Squeeze was 5.1.

mysql-server-5.0 is a virtual package in Debian Squeeze relying on mysql-server-5.1 while I seemed to have 5.0.51a-24+lenny5. The distribution upgrade from Lenny to Debian apparently didn’t upgrade the Mysql-server!? So was I off the security updates and with several vulnerabilities in the first part of the year?

One page on the Internet by Wolfgang Karall suggested installing the mysql-server package and purging the mysql-server-5.0 package, and I tried the following.

$ aptitude install mysql-server

$ aptitude purge mysql-server-5.0

$ /etc/init.d/mysql start

And yet my wiki runs.

Prior posterous?

Posted on Updated on

So Posterous has been acquired by Twitter. Great. And Posterous Spaces will remain up and running without disruption. Great.

But then I read Is Twitter About to Ax Your Posterous Account? and Twitter has acquired shortform blogging company Posterous, Spaces will remain up and running for now writing:

“Twitter says that it will give users “ample notice” if it is going to make any changes to the service. We’ll take them at their word on this one, but if I was someone running a personal blog on Posterous, I would think about finding another place to host it soon.”

“So, in other words, Posterous will be available to you now, but we’ll let you know if we plan on shutting it down. That must be a fairly likely scenario to warrant that language being included in the initial announcement of the acquisition.”


Getting rid of Adobe Acrobat plugin

Posted on Updated on

To test an aspect of Adobe Acrobat (PDF to text conversion) I installed the program. Not that good an idea. I downloaded the installation program from the Adobe homepage, did a sudo ./AdbeRdr9.4.7-1_i486linux_enu.bin and now my Firefox was entangled with its plugin.

“sudo rm -r /opt/Adobe” did not help. It apparently installed a .so file in ~/.mozilla/plugins., that is apparently not a part of Debian/Ubuntu. I erased that. If you go to Firefox menu Tools
“Manage Content Plug-ins” I still see four lines of the Adobe issue. One should think that right clicking or deleting would work. No.

“$ rm -r ~/.adobe/” didn’t help.

With “$ egrep -r “Acrobat” ~/.mozilla/*” I tracked down “pluginreg.dat” and erased appropriate lines from “[PLUGINS]” section. Put that didn’t help.

“$ locate” showed a lot of issues, and “$ sudo rm `locate`” apparently helped, as now PDFs open in evince.

Next time I should really try to see if there is a package, so “aptitude purge” or reconfiguration are possible.

BTW: The text conversion in Adobe Acrobat was not that good compared to other programs I tried. It found “fi” and “fl” ligature problem, two-column problem, greek character problem. Python library pyPdf might be promising as you might redefine the ‘extractText()’ method attempting an attack on the ligatures and other strange characters. pdftotext and PDFbox was also interesting. Any comments on this?

Take that, sneezing panda!

Posted on Updated on

With deadpan neo-Victor-Borge’s musical humor Peter Gabriel and Blonde Kimbra clones with rest of Walk off the Earth and artistry yield a new definition of multiinstrumentalism.

I came in late on this – on 11th February 2012. By then the Walk off the Earth‘s cover of Gotye‘s Somebody That I Used to Know already had gained the 51.768.523 YouTube views (or around that number): Almost 50 million views in a month’s time. If the viewing continuous at that rate they will go past the sneezing panda later this year.

The Burlington, Ontario-based Walk off the Earth band has numerous humorous YouTube videos of cover versions, often involving flying instruments and competent playful multiinstrumentalism, such as Adele’s Someone like you, Beatles From me to you cover or some video trick(?) as in Rihanna’s Man Down or loop-soloing by Gianni Luminati in Roll Up, who also plays the the theremin.

Gotye’s original is more than half a year ago, but it wasn’t until Walk off the Earth‘s version that I heard of it, and now it runs on the playlist in radios of Denmark. If you look on its YouTube viewing statistics you will see an increase in slope around the release of the Canadian cover. His bank account probably thanks Burlington.

Wakeup call for Denmark: NemID under attack

Posted on Updated on

Some weeks ago the central Danish online authentication, NemID, which protects Danish Internet Banking, online tax system, health records, etc. got hacked and 700’000 Kroner was taken from 8 customers at Danske Bank.

Here are some issues I find interesting:

  1. The bank did not discover the attack as it had lower the security mechanisms because it trusted NemID.
  2. Apparently, it was the business customer Simon Jonassen, the guy behind Roust IT, that discovered the irregularity and alerted the bank on 6 February 2012. Simon ran as admin user on a Microsoft Windows XP SP2
  3. Nets DanID first alerted the public on the 10 February. Four days after they received the alert from Simon Jonassen
  4. The attack was real-time phishing where a trojan, now termed BankTexeasy, made an extra popup-window during netbanking session that would fool the unsuspecting user to type in the one-time pad an extra time.
  5. The trojan was newly developed running under the radar of antivirus software and it was apparently only distributed to Denmark.
  6. The customers who got the trojan had apparently visited a legitimite web-site that was infected. They did not get it from a suspicious website or from following a link in a spam mail.
  7. The software used three different vulnerabilities. (I think they were not zero-day vulnerabilities)
  8. The trojan emptied the bank account.
  9. The trojan also harvested passwords.
  10. After the attack the trojan would erase files on the computer, essentially breaking the system.
  11. Two months ago a banker told Poul Henning Kamp that “Denmark was all too small for anyone to bother writing a trojan to NemID”. This was utter hubris.
  12. If you get hacked and loose money the bank may not refund you if your account is for business and not a privat account. This probably also applies for zero-day attacks.

In summary: A central Danish IT-system has been attacked by a trojan specifically crafted to attack the system. Your antivirus won’t detect it. You may get it from legitimate websites. It will empty your bank account. It will break your computer. You might not get refunded.

The case shows that Denmark is not a too small country for hackers to care about.

To counter the attack a simple suggestion put forward was to keep you computer system updated. This might have saved the hacked customers in this case, but not for future zero-day attacks, – if the criminals bother to “waste” zero-day attacks on the Danes.

Another suggestion was that the banks shouldn’t allow simultaneous sessions from different computers. It is unclear for me whether this is of any use in future attacks. Might the attacker simply not use the trojaned computer as a proxy?

Another suggestion put forward is never to key in login name, password and one-time pad in a popup-window (as the trojan exposed). This is a good suggestion but it is unclear whether the rule suffices. My guess is that a trojan may be able to attack as the user starts the NemID session by manipulating the DNS, meaning that the user need to be alert on the HTTPS and the certificant. But I suppose that a sufficiently nasty attack could change the browser executable making it impossible for the user to see any difference between a phishing website and the genuine website.

Extra check of transactions by two-way mobil phone text messaging (SMS) may help on the bank transaction security as two systems may be needed to be controlled. However, NemID will get applications for smartphones, meaning that “only” the smartphone needs to be hacked.

Another attack I could imaging is a trojan that watches via the webcam that many people have on their laptops. The trojan would open the webcam once the person uses NemID and try to capture a climpse of the NemID one-time pad sheet. It may be a bit optimistic given the poor resolution on laptop webcams. Try to see if you can read the code shown at around 00:23 in this tv news story. Some superresolution research may come in handy there.