The “new atheism” (I don’t like that phrase, either) is about taking a core set of principles that have proven themselves powerful and useful in the scientific world — you’ve probably noticed that many of these uppity atheists are coming out of a scientific background — and insisting that they also apply to everything else people do. These principles are a reliance on natural causes and demanding explanations in terms of the real world, with a documentary chain of evidence, that anyone can examine. The virtues are critical thinking, flexibility, openness, verification, and evidence. The sins are dogma, faith, tradition, revelation, superstition, and the supernatural. There is no holy writ, and a central idea is that everything must be open to rational, evidence-based criticism — it’s the opposite of fundamentalism.

I‘m interested in how people personally decide to refuse a technology. I’m interested in that process, because I think that will happen more and more as the number of technologies keep increasing. The only way we can sort our identity is by not using technology. We’re used to be that you define yourself by what you use now. You define yourself by what you don’t use. So I’m interested in that process.

Even before they respond to a tickle, most babies will laugh at peekaboo. It’s their first “joke.” They are reacting to a sequence of events that begins with the presence of a familiar, comforting face. Then, suddenly, the face disappears, and you can read in the baby’s expression momentary puzzlement and alarm. When the face suddenly reappears, everything is orderly in the baby’s world again. Anxiety is banished, and the baby reacts with her very first laugh.

At its heart, laughter is a tool to triumph over fear. As we grow older, our senses of humor become more demanding and refined, but that basic, hard-wired reflex remains. We need it, because life is scary. Nature is heartless, people can be cruel, and death and suffering are inevitable and arbitrary. We learn to tame our terror by laughing at the absurdity of it all.

This point has been made by experts ranging from Richard Pryor to doctoral candidates writing tedious theses on the ontol-ogical basis of humor. Any joke, any amusing observation, can be deconstructed to fit. The seemingly benign Henny Youngman one-liner, “Take my wife . . . please!” relies in its heart on an understanding that love can become a straitjacket. By laughing at that recognition, you are rising above it, and blunting its power to disturb.

After the peekaboo age, but before the age of such sophisticated understanding, dwells the preschooler. His sense of humor is more than infantile but less than truly perceptive. He comprehends irony but not sarcasm. He lacks knowledge but not feeling. The central fact of his world — and the central terror to be overcome — is his own powerlessness.

In essence, Facebook users didn’t think they wanted constant, up-to-the-minute updates on what other people are doing. Yet when they experienced this sort of omnipresent knowledge, they found it intriguing and addictive. Why?

Social scientists have a name for this sort of incessant online contact. They call it “ambient awareness.” It is, they say, very much like being physically near someone and picking up on his mood through the little things he does — body language, sighs, stray comments — out of the corner of your eye. Facebook is no longer alone in offering this sort of interaction online. In the last year, there has been a boom in tools for “microblogging”: posting frequent tiny updates on what you’re doing. The phenomenon is quite different from what we normally think of as blogging, because a blog post is usually a written piece, sometimes quite long: a statement of opinion, a story, an analysis. But these new updates are something different. They’re far shorter, far more frequent and less carefully considered. One of the most popular new tools is Twitter, a Web site and messaging service that allows its two-million-plus users to broadcast to their friends haiku-length updates — limited to 140 characters, as brief as a mobile-phone text message — on what they’re doing. There are other services for reporting where you’re traveling (Dopplr) or for quickly tossing online a stream of the pictures, videos or Web sites you’re looking at (Tumblr). And there are even tools that give your location. When the new iPhone, with built-in tracking, was introduced in July, one million people began using Loopt, a piece of software that automatically tells all your friends exactly where you are.

…

This is the paradox of ambient awareness. Each little update — each individual bit of social information — is insignificant on its own, even supremely mundane. But taken together, over time, the little snippets coalesce into a surprisingly sophisticated portrait of your friends’ and family members’ lives, like thousands of dots making a pointillist painting. This was never before possible, because in the real world, no friend would bother to call you up and detail the sandwiches she was eating. The ambient information becomes like “a type of E.S.P.,” as Haley described it to me, an invisible dimension floating over everyday life.

“It’s like I can distantly read everyone’s mind,” Haley went on to say. “I love that. I feel like I’m getting to something raw about my friends. It’s like I’ve got this heads-up display for them.” It can also lead to more real-life contact, because when one member of Haley’s group decides to go out to a bar or see a band and Twitters about his plans, the others see it, and some decide to drop by — ad hoc, self-organizing socializing. And when they do socialize face to face, it feels oddly as if they’ve never actually been apart. They don’t need to ask, “So, what have you been up to?” because they already know. Instead, they’ll begin discussing something that one of the friends Twittered that afternoon, as if picking up a conversation in the middle.

…

You could also regard the growing popularity of online awareness as a reaction to social isolation, the modern American disconnectedness that Robert Putnam explored in his book “Bowling Alone.” The mobile workforce requires people to travel more frequently for work, leaving friends and family behind, and members of the growing army of the self-employed often spend their days in solitude. Ambient intimacy becomes a way to “feel less alone,” as more than one Facebook and Twitter user told me.

Do you think religions share certain core principles?

Not many. People in the modern world, certainly in America, think of religion as being largely about prescribing moral behavior. But religion wasn’t originally about that at all. To judge by hunter-gatherer religions, religion was not fundamentally about morality before the invention of agriculture. It was trying to figure out why bad things happen and increasing the frequency with which good things happen. Why do you sometimes get earthquakes, storms, disease and get slaughtered? But then sometimes you get nice weather, abundant game and you get to do the slaughtering. Those were the religious questions in the beginning.

And bad things happened because the gods were against you or certain spirits had it out for you?

Yes, you had done something to offend a god or spirit. However, it was not originally a moral lapse. That’s an idea you see as societies get more complex. When you have a small group of hunter-gatherers, a robust moral system is not a big challenge. Everyone knows everybody, so it’s hard to conceal anything you steal. If you mess with somebody too much, there will be payback. Moral regulation is not a big problem in a simple society. But as society got more complex with the invention of agriculture and writing, morality did become a challenge. Religion filled that gap.

…

For people who claim that Israel was monotheistic from the get-go and its flirtations with polytheism were rare aberrations, it’s interesting that the Jerusalem temple, according to the Bible’s account, had all these other gods being worshiped in it. Asherah was in the temple. She seemed to be a consort or wife of Yahweh. And there were vessels devoted to Baal, the reviled Canaanite god. So Israel was fundamentally polytheistic at this point. Then King Josiah goes on a rampage as he tries to consolidate his own power by wiping out the other gods.

…

You make the point that the Quran is a different kind of sacred text than the Bible. It was probably written over the course of two decades, while the stories collected in the Bible were written over centuries. That’s why the Bible is such a diverse document.

We think of the Bible as a book, but in ancient times it would have been thought of as a library. There were books written by lots of different people, including a lot of cosmopolitan elites. You also see elements of Greek philosophy. The Quran is just one guy talking. In the Muslim view, he’s mediating the word of God. He’s not especially cosmopolitan. He is, according to Islamic tradition, illiterate. So it’s not surprising that the Quran didn’t have the intellectual diversity and, in some cases, the philosophical depth that you find in the Bible. I do think he was actually a very modern thinker. Muhammad’s argument for why you should be devoted exclusively to this one God is very modern.

…

Are you also saying we can be religious without believing in God?

By some definitions, yes. It’s hard to find a definition of religion that encompasses everything we call religion. The definition I like comes from William James. He said, “Religious belief consists of the belief that there is an unseen order and that our supreme good lies in harmoniously adjusting to that order.” In that sense, you can be religious without believing in God. In that sense, I’m religious. On the God question, I’m not sure.

New malware being used by cybercrooks does more than let hackers loot a bank account; it hides evidence of a victim’s dwindling balance by rewriting online bank statements on the fly, according to a new report.

The sophisticated hack uses a Trojan horse program installed on the victim’s machine that alters html coding before it’s displayed in the user’s browser, to either erase evidence of a money transfer transaction entirely from a bank statement, or alter the amount of money transfers and balances.

The ruse buys the crooks time before a victim discovers the fraud, though won’t work if a victim uses an uninfected machine to check his or her bank balance.

The novel technique was employed in August by a gang who targeted customers of leading German banks and stole Euro 300,000 in three weeks, according to Yuval Ben-Itzhak, chief technology officer of computer security firm Finjan.

…

The victims’ computers are infected with the Trojan, known as URLZone, after visiting compromised legitimate web sites or rogue sites set up by the hackers.

Once a victim is infected, the malware grabs the consumer’s log in credentials to their bank account, then contacts a control center hosted on a machine in Ukraine for further instructions. The control center tells the Trojan how much money to wire transfer, and where to send it. To avoid tripping a bank’s automated anti-fraud detectors, the malware will withdraw random amounts, and check to make sure the withdrawal doesn’t exceed the victim’s balance.

The money gets transferred to the legitimate accounts of unsuspecting money mules who’ve been recruited online for work-at-home gigs, never suspecting that the money they’re allowing to flow through their account is being laundered. The mule transfers the money to the crook’s chosen account. The cyber gang Finjan tracked used each mule only twice, to avoid fraud pattern detection.

…

The researchers also found statistics in the command tool showing that out of 90,000 visitors to the gang’s rogue and compromised websites, 6,400 were infected with the URLZone trojan. Most of the attacks Finjan observed affected people using Internet Explorer browsers …

Finjan provided law enforcement officials with details about the gang’s activities and says the hosting company for the Ukraine server has since suspended the domain for the command and control center. But Finjan estimates that a gang using the scheme unimpeded could rake in about $7.3 million annually.

From Wikipedia’s “Gruen transfer” (28 September 2009):

In shopping mall design, the Gruen transfer refers to the moment when consumers respond to “scripted disorientation” cues in the environment. It is named for Austrian architect Victor Gruen (who disavowed such manipulative techniques) …

The Gruen transfer refers to the moment when a consumer enters a shopping mall, and, surrounded by an intentionally confusing layout, loses track of their original intentions. Spatial awareness of their surroundings play a key role, as does the surrounding sound and music. The effect of the transfer is marked by a slower walking pace and glazed eyes.

photo credit: Oude School

From John Cloud’s “Why Girls Have BFFs and Boys Hang Out in Packs” (TIME: 17 July 2009):

For the better part of the past half-century, feminists, their opponents and armies of academics have debated the differences between men and women. Only in the past few years have scientists been able to use imaging technology to look inside men’s and women’s heads to investigate whether those stereotypical gender differences have roots in the brain. No concrete results have emerged from these studies yet, but now a new functional magnetic resonance imaging (fMRI) study of children offers at least one explanation for some common tween social behaviors: girls are hardwired to care about one-on-one relationships with their BFFs (best friends forever), while the brains of boys are more attuned to group dynamics and competition with other boys.

The study, conducted by researchers at the National Institute of Mental Health (NIMH) and Georgia State University, begins with a premise that every parent of a tween knows: as kids emerge into puberty, their focus changes dramatically. They care less about their families and more about their peers.

So what’s actually going on inside these young brains?

…

The results suggest that as girls progress from early puberty to late adolescence, certain regions of their brains become more active when they face a potential social interaction. Specifically, when an older girl anticipates meeting someone new — someone she believes will be interested in her — her nucleus accumbens (which is associated with reward and motivation), hypothalamus (associated with hormone secretion), hippocampus (associated with social learning) and insula (associated with subjective feelings) all become more active. By contrast, boys in the same situation show no such increase in activity in these areas. In fact, the activity in their insula actually declines.

Boys, it seems, aren’t as interested in one-on-one interactions as girls are. Previous research has shown that male adolescents instead become more focused on competition within larger groups (like between sports teams). Perhaps it’s evidence that evolution has programmed boys to compete within large groups, so they can learn to eliminate rivals for women — and that girls have been programmed to judge, one-on-one, who would be the most protective father for offspring.

From David Becker’s “Hitachi Develops RFID Powder” (Wired: 15 February 2007):

[Hitachi] recently showed a prototype of an RFID chip measuring a .05 millimeters square and 5 microns thick, about the size of a grain of sand. They expect to have ‘em on the market in two or three years.

The chips are packed with 128 bits of static memory, enough to hold a 38-digit ID number.

The size make the new chips ideal for embedding in paper, where they could verify the legitimacy of currency or event tickets. Implantation under the skin would be trivial…

photo credit: sleepymyf

2005

From Brian Krebs’ “Leaving Las Vegas: So Long DefCon and Blackhat” (The Washington Post: 1 August 2005):

DefCon 13 also was notable for being the location where two new world records were set — both involved shooting certain electronic signals unprecedented distances. Los Angeles-based Flexilis set the world record for transmitting data to and from a “passive” radio frequency identification (RFID) card — covering a distance of more than 69 feet. (Active RFID — the kind being integrated into foreign passports, for example — differs from passive RFID in that it emits its own magnetic signal and can only be detected from a much shorter distance.)

…

The second record set this year at DefCon was pulled off by some teens from Cincinnati, who broke the world record they set last year by building a device capable of maintaining an unamplified, 11-megabit 802.11b wireless Internet connection over a distance of 125 miles (the network actually spanned from Utah into Nevada).

From Andrew Brandt’s “Black Hat, Lynn Settle with Cisco, ISS” (PC World: 29 July 2005):

Security researcher Kevin Mahaffey makes a final adjustment to a series of radio antennas; Mahaffey used the directional antennas in a demonstration during his presentation, “Long Range RFID and its Security Implications.” Mahaffey and two of his colleagues demonstrated how he could increase the “read range” of radio frequency identification (RF) tags from the typical four to six inches to approximately 50 feet. Mahaffey said the tags could be read at a longer distance, but he wanted to perform the demonstration in the room where he gave the presentation, and that was the greatest distance within the room that he could demonstrate. RFID tags such as the one Mahaffey tested will begin to appear in U.S. passports later this year or next year.

2006

From Joris Evers and Declan McCullagh’s “Researchers: E-passports pose security risk” (CNET: 5 August 2006):

At a pair of security conferences here, researchers demonstrated that passports equipped with radio frequency identification (RFID) tags can be cloned with a laptop equipped with a $200 RFID reader and a similarly inexpensive smart card writer. In addition, they suggested that RFID tags embedded in travel documents could identify U.S. passports from a distance, possibly letting terrorists use them as a trigger for explosives.

At the Black Hat conference, Lukas Grunwald, a researcher with DN-Systems in Hildesheim, Germany, demonstrated that he could copy data stored in an RFID tag from his passport and write the data to a smart card equipped with an RFID chip.

From Kim Zetter’s “Hackers Clone E-Passports” (Wired: 3 August 2006):

In a demonstration for Wired News, Grunwald placed his passport on top of an official passport-inspection RFID reader used for border control. He obtained the reader by ordering it from the maker — Walluf, Germany-based ACG Identification Technologies — but says someone could easily make their own for about $200 just by adding an antenna to a standard RFID reader.

He then launched a program that border patrol stations use to read the passports — called Golden Reader Tool and made by secunet Security Networks — and within four seconds, the data from the passport chip appeared on screen in the Golden Reader template.

Grunwald then prepared a sample blank passport page embedded with an RFID tag by placing it on the reader — which can also act as a writer — and burning in the ICAO layout, so that the basic structure of the chip matched that of an official passport.

As the final step, he used a program that he and a partner designed two years ago, called RFDump, to program the new chip with the copied information.

The result was a blank document that looks, to electronic passport readers, like the original passport.

Although he can clone the tag, Grunwald says it’s not possible, as far as he can tell, to change data on the chip, such as the name or birth date, without being detected. That’s because the passport uses cryptographic hashes to authenticate the data.

…

Grunwald’s technique requires a counterfeiter to have physical possession of the original passport for a time. A forger could not surreptitiously clone a passport in a traveler’s pocket or purse because of a built-in privacy feature called Basic Access Control that requires officials to unlock a passport’s RFID chip before reading it. The chip can only be unlocked with a unique key derived from the machine-readable data printed on the passport’s page.

To produce a clone, Grunwald has to program his copycat chip to answer to the key printed on the new passport. Alternatively, he can program the clone to dispense with Basic Access Control, which is an optional feature in the specification.

…

As planned, U.S. e-passports will contain a web of metal fiber embedded in the front cover of the documents to shield them from unauthorized readers. Though Basic Access Control would keep the chip from yielding useful information to attackers, it would still announce its presence to anyone with the right equipment. The government added the shielding after privacy activists expressed worries that a terrorist could simply point a reader at a crowd and identify foreign travelers.

In theory, with metal fibers in the front cover, nobody can sniff out the presence of an e-passport that’s closed. But [Kevin Mahaffey and John Hering of Flexilis] demonstrated in their video how even if a passport opens only half an inch — such as it might if placed in a purse or backpack — it can reveal itself to a reader at least two feet away.

…

In addition to cloning passport chips, Grunwald has been able to clone RFID ticket cards used by students at universities to buy cafeteria meals and add money to the balance on the cards.

He and his partners were also able to crash RFID-enabled alarm systems designed to sound when an intruder breaks a window or door to gain entry. Such systems require workers to pass an RFID card over a reader to turn the system on and off. Grunwald found that by manipulating data on the RFID chip he could crash the system, opening the way for a thief to break into the building through a window or door.

And they were able to clone and manipulate RFID tags used in hotel room key cards and corporate access cards and create a master key card to open every room in a hotel, office or other facility. He was able, for example, to clone Mifare, the most commonly used key-access system, designed by Philips Electronics. To create a master key he simply needed two or three key cards for different rooms to determine the structure of the cards. Of the 10 different types of RFID systems he examined that were being used in hotels, none used encryption.

Many of the card systems that did use encryption failed to change the default key that manufacturers program into the access card system before shipping, or they used sample keys that the manufacturer includes in instructions sent with the cards. Grunwald and his partners created a dictionary database of all the sample keys they found in such literature (much of which they found accidentally published on purchasers’ websites) to conduct what’s known as a dictionary attack. When attacking a new access card system, their RFDump program would search the list until it found the key that unlocked a card’s encryption.

“I was really surprised we were able to open about 75 percent of all the cards we collected,” he says.

2009

From Thomas Ricker’s “Video: Hacker war drives San Francisco cloning RFID passports” (Engadget: 2 February 2009):

Using a $250 Motorola RFID reader and antenna connected to his laptop, Chris recently drove around San Francisco reading RFID tags from passports, driver licenses, and other identity documents. In just 20 minutes, he found and cloned the passports of two very unaware US citizens.