Date a girl who reads. Date a girl who spends her money on books instead of clothes. She has problems with closet space because she has too many books. Date a girl who has a list of books she wants to read, who has had a library card since she was twelve. Find a girl who reads. You’ll know that she does because she will always have an unread book in her bag. She’s the one lovingly looking over the shelves in the bookstore, the one who quietly cries out when she finds the book she wants. You see the weird chick sniffing the pages of an old book in a second hand book shop? That’s the reader. They can never resist smelling the pages, especially when they are yellow.

Less than a year from the presidential election, the harrowing television graphics, tired sports metaphor and end-of-the-world fundraising pitches are once again upon us. You know the script — Democrats versus Republicans, good versus evil, with-us-or-against-us. Whichever team you happen to be on, you are encouraged to see it as your side’s phalanx lining up on the battlefield against the other’s, in hopes that this time, your troop offensive will finally vanquish the despised opponent once and for all. But while so much of our culture asks us to rely on this vapid red-versus-blue analysis to understand American society, the truth is there are other binary constructs that better explain the very real chasms separating us.

I had originally intended on spending a lot more time on this, but as ever perfection is the enemy of good enough, so will just cut to the chase and reiterate the main points I made last week. I’m finding it infuriating trying to get this out cohesively, so please feel free to flag stuff for more discussion. In particular I’m going to try ignoring speculation and “gut feelings”, or suggestions for a future design here[-1], there’s just too much to explain. The crux of what I was talking about centres around the apparent shifts that are likely to occur in the ‘user’ software space in the coming 2-5 years, driven by public evidence mainly from Mozilla, Google, and W3C, but also from acquisitions e.g. by Adobe[6]. Google quietly shipped an “ActiveX killer” by the name of Native Client[0,2] sometime in 2008. As of now it is enabled in Chrome for all users. This is a sandboxing technology that allows running untrusted native code directly on a user’s CPU with almost optimal virtualisation overhead (<1% on i386, ~7% on amd64 and ARM). Initially billed as a “research experiment”, the stated aim was to allow writing fast code in C that can augment a JavaScript application, e.g. for the renderer of a 3D browser based game.

Even if Facebook CEO Mark Zuckerberg hadn’t been introduced to Spotify two years ago, it was probably inevitable that the two companies would hook up. The European music service had already won millions of fans, thanks to a business model that allowed music nuts to stream any song, instantly, for free. More important, it made it easy for people to share music with one another. This vision—of music as a social experience—fit perfectly with Facebook’s view of the world, which values sharing over all else. And that’s why, when former Facebook president and Napster cofounder Sean Parker discovered Spotify in 2009, he made a point of telling Zuckerberg about it.

A federal judge on Thursday ruled that Twitter, the popular microblogging platform, must reveal information about three of its account holders who are under investigation for their possible links to the WikiLeaks whistle-blower site.

So far, Occupy has thrived as a prototype rather than a program: an open-source laboratory for activism. What follows is a collection of research notes on how #Occupy collectives have evolved media teams, with a special focus on the original group in Zuccotti Park, NYC. Apologies to the authors pilfered here, but no repentance…after all, this is for Science.

ny more records the band used to sell in the past. And he keeps building up steam until it’s a full on rant, complete with falsely claiming it’s “theft” (over and over and over again) and comparing it to drunk driving… including claiming that if you’re caught downloading unauthorized music, you should lose your internet access completely:

One of the staff at my school (King’s College, London) recently published a paper that used Clausewitzian definitions of war to declaim that there has been no cyberwar, cyberwar is not happening now, and cyberwar is unlikely to occur in the future. Of course it is easy to prove a point if you control the definitions and I will stipulate that the idea of two nations engaging in purely network and computer based attacks would result in nothing but fodder for cyber pundits and tech journalists.

After conducting an experiment, a team of researchers at the University of British Columbia in Canada has concluded that a fifth of all Facebook users are careless when accepting friend requests and automatically disclose their private information in the process. The researchers used 102 virtual Facebook profiles to harvest gigabytes worth of user data. To collect the data, they used “social bots” to send friend requests to more than 5,000 randomly selected users.

The EFF, through the use of its SSL Observatory, has taken a look at the data from certificate revocation lists for SSL certificates in recent months, and found that there were four separate CAs compromised in the last four months. The data that the EFF looked at was a summary of the reasons that specific certificates were revoked by CAs, as reported by the CAs themselves in CRLs. When a certificate is revoked, the CA specifies a reason for the action, and the EFF looked through the data collected in its SSL Observatory database and found that a scan of CRLs in June showed that 10 individual CAs reported that they were revoking 55 total certificates because of a CA compromise. Another scan in mid-October showed that 14 separate CAs had revoked 248 certificates because of a compromise.

2011 has been called the year of the data breach, with hacker groups publishing huge troves of stolen data online almost daily. Now a new site called pwnedlist.com lets users check to see if their email address or username and associated information may have been compromised. Pwnedlist.com is the creation of Alen Puzic and Jasiel Spelman, two security researchers from DVLabs, a division of HP/TippingPoint. Enter a username or email address into the site’s search box, and it will check to see if the information was found in any of these recent public data dumps.

Net users angry at the introduction of the Stop Online Piracy Act, also known as the “E-Parasites Act,” are attempting to force the White House to oppose the bill, which would boost the government’s authority to disrupt and shutter alleged trademark- and copyright-infringing websites. And by the early results, it looks like they might at least force the administration to respond. The petitioners are taking advantage of the newly created White House petition site, which promises Americans it will respond to grievances if the government gets 25,000 signatures in a month’s time. Though it was created only Monday, the petition has been signed by more than 4,400 citizens as of 11 a.m. Tuesday morning Pacific Standard Time. The “Stop the E-Parasites Act” petition has until Nov. 30 to get the necessary support.

A newly discovered installer for the Duqu malware includes an exploit for a previously unknown vulnerability in the Windows kernel that allows remote code execution. Microsoft is working on a fix for the kernel vulnerability right now. The exact location and nature of the flaw isn’t clear right now.

Attackers used an off-the-shelf Trojan horse to sniff out secrets from nearly 50 companies, many of them in the chemical and defense industries, Symantec researchers said today. The attack campaign — which Symantec tagged as “Nitro” — started no later than last July and continued until mid-September, targeting an unknown number of companies and infecting at least 48 firms with the “Poison Ivy” remote-access Trojan (RAT).

Social networking giant Facebook said on Thursday that it is testing a feature that will allow users to designate certain friends as ‘guardian angels’ entrusted with helping the user to recover a locked or hijacked account. The company, which has already experimented with forms of “social authentication,” such as using photos of Facebook friends to help users prove they are the rightful owners of locked accounts, said in a blog post that it is testing a feature allowing users to designate “three to five” of their Facebook friends to receive a recovery code in the event that they are locked out of their account. Friends who receive the code can pass it along to the account holder, providing a way for them to get back into their account.