How to take over the computer of any JVM developer
To prove how easy [MITM attacking Mavencentral JARs] is to do, I wrote dilettante, a man-in-the-middle proxy that intercepts JARs from maven central and injects malicious code into them. Proxying HTTP traffic through dilettante will backdoor any JARs downloaded from maven central. The backdoored version will retain their functionality, but display a nice message to the user when they use the library.
(tags: jars dependencies java build clojure security mitm http proxies backdoors scala maven gradle)
Spain pushes for ‘Google tax’ to restrict linking
The government wants to put a tax on linking on the internet. They say that if you want to link to some newspaper’s content, you have to pay a tax. The primary targets of this law are Google News and other aggregators. It would be absurd enough just like that, but the law goes further: they declared it an “inalienable right” so even if I have a blog or a new small digital media publication and I want to let people freely link to my content, I can’t opt-out–they are charging the levy, and giving it to the big press media. It was just the last and only way that the old traditional media companies can get some money from the government, and they strongly lobbied for it. The bill has passed in the Congress where the party in the government has majority (PP, Partido Popular) and it’s headed to the Senate, where they have a majority also.
(tags: spain stupidity law via:boingboing linking links web news google google-news newspapers old-media taxes)
Keyes New Starter Kit for Arduino Fans
$53 for a reasonable-looking Arduino starter kit, from DealExtreme. cheap cheap! In the inimitable DX style:
Keyes new beginner starter kit, pay more attention to beginners learning. Users can get rid of the difficult technological learning, from module used to quick start production.
(tags: learning arduino hardware hacking robotics toys dealextreme tobuy)