Search Polybore

Friday, March 20, 2009

Obama’s three year target to double renewable energy production is unrealistic and will fail.

Wind-turbine-1

Free Photo Bank

 

Ok you can’t fault the sentiment. All countries need to increase the percentage of their energy generated by renewable sources.

Unfortunately, when you do the arithmetic, the three year target for the US is clearly unattainable.

If we take the current the current US percentage of renewable produced power to be 8%. And the us annual electrical consumption to be 4157 million Mega Watt Hours (year) then in order to meet this target of doubling renewable generation to 16% then renewable power production needs to be increased by 332 million Mega Watt Hours (year).

Figures from http://www.eia.doe.gov/

To put this into perspective, Solana (Arizona), the proposed world's largest Solar power plant is estimated to potentially be able to produce 900,000 megawatt hours (year).  http://www.azruco.com/APS_Solar_(08-0106)/APS_Application.pdf

In order to achieve this target the US would be required to build not just one huge solar power plant but about 332 of them plus the substations, pylons and cabling. 

Obviously renewable energy is not just solar power however the example above shows how large (and improbable) the task is within the time frame.

Wednesday, March 18, 2009

Why and how you need to harden your computer security against drive by Malware attack exploits. The danger of third party advertisements.

100_0337

Why?

The problem with a drive by web page attack on your PC is that it is very difficult to avoid. All that needs to happen, for your computer to be at risk, is for you to open a web page with your browser. That’s it, even if you haven’t clicked on anything, if the malware code is on the page, and can run, then your computer’s security is at risk. Malware code is increasingly being placed in advertisements and as we all know ads are pretty much everywhere on the web.

From Google Security Blog. http://googleonlinesecurity.blogspot.com/2008/02/all-your-iframe-are-point-to-us.html

We know not to visit web sites we are not sure about or to click on links we don’t trust. The major problem for us is that web sites we do trust run third party advertisements. Worse still most websites refuse to take any responsibility for the third party ads that they display.

Check out the Terms of Service for your favourite web site and note how it abrogates any responsibility for it’s third party ads. It would be more honest if websites just displayed a banner at the top of every page declaring “You visit this site at your own risk!”.

This arrangement seems all wrong to Polybore. Imagine you bought a brand new car with a disclaimer stating that the brakes were manufactured by a third party so (you) the driver uses them at their own risk. One day the brakes fail but luckily you avoid a serious crash, you complain to the manufacturer they point at the disclaimer, sure they replace the brakes for you but with a new set of third party brakes which, again, they will take no responsibility for. As a customer buying a car you would not stand for it, but as a customer visiting a web site you have to like it or lump it.

So we visit our trusted site like BlogCatalog and thanks to the malware code in a third party ad they have been served, zap our security is compromised. Sure BlogCatalog “solve” the problem by removing the malware infested ads but then they go them with another set of third party ads which, again, they will not take responsibility for.

If Blogcatalog are not taking responsibility for their, potentially malware, ads does that mean they don’t care about the security of their visitors? In a previous post Polybore wrote about contacting Blogcatalog with the suggestion that they inform their members of the time frame  that they were serving the Malware ad and to advise members who visited during that time to scan there PC for virus and spyware. A perfectly reasonable request.

Well three days have passed and no response. Visit this Polybore post to see how the story started. http://polybore.blogspot.com/2009/03/blogcatalog-gets-hit-by-malware-trojan.html

Polybore does not want to give the impression of being down on BlogCatalog, other popular and trusted web sites have been caught out by third party malware ads as well. Polybore visits BlogCatalog regularly (and likes it), so Polybore’s security was put at risk. This makes, for Polybore, the BlogCatalog malware incident rather more real than other incidents that have occurred and therefore the best example that Polybore can use to illustrate this threat.

Polybore is not alone in taking this view. See this post on the IBM security blog that Polybore found while looking for sources to back up this post. (by coincidence it is scarily similar to this post but Polybore’s analogy is better) http://blogs.iss.net/archive/InfectedAdvertising.html

How?

Ok we have established that drive by web attacks are a serious threat to our security and that they are very difficult to avoid (unavoidable?).

Unless websites tighten up their act or are forced to take responsibility for their ads then we have to assume that we can’t trust any website to offer any sort of security guarantees regarding their third party ads in effect, rightly or (Polybore thinks) WRONGLY websites currently leave their customers security against malware distributing third party ads entirely to the customer.

This article at Tweak and Tune also discusses the threat of Malware and details security measures we would all be wise to employ. Peter mentions keeping your software up to date as an important security measure.

Polybore would like to emphasise the importance of keeping your software updated. The criminals who write this malware code are always trying (and sometimes succeeding) to evade detection by anti- spyware/ anti- virus software. To do this they can use code in binaries, which are harder for anti- malware software to spot and intercept, that target specific weaknesses in your software applications. When software makers like Adobe Flash identify these possibilities for exploit they patch or update to remove the threat. Much of the malware out there relies on people not updating their software.

More detail on Flash based Binaries malware attack. http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1341749,00.html#

Because people have so much software on their computer, Java, media players, Flash etc it is difficult to keep tabs on how up to date they all are and sometimes these programs are not that good at automatically updating.

For that reason Polybore strongly suggests you try out the Secunia Online Software Inspector (OSI). http://secunia.com/vulnerability_scanning/online/

This extremely useful tool will highlight software on your PC which needs updating. When Polybore first used it it was an eye-opener how many needed updating on Polybore’s computer, especially as Polybore makes a point in trying to keep updated.

Stay safe and, if you can, put pressure on websites to get their act together regarding the third party ads they display.

Tuesday, March 17, 2009

Google Adsense Advertises Fake UK Driving Licences to Terrorists and Criminals

fake uk

Shocking ad served up by Google adsense on the Polybore blog yesterday. It is disgraceful, a fake UK driving licence is the sort of documentation a terrorist could use.

Polybore is really quite angry and embarrassed about this as they have been complaining or making fun of ads on other websites recently.

http://polybore.blogspot.com/2008/07/danger-of-carrying-ads-on-your-blog.html

http://polybore.blogspot.com/2009/03/blogcatalog-gets-hit-by-malware-trojan.html

Polybore naively thought that Google would screen their ads. If this is likely to happen again will need to think if adsense is worth the risk.

Get a grip Google!

Have you seen any dodgy adsense ads recently. Please let Polybore know.

Monday, March 16, 2009

Heartless Daily Express makes front page Jade Goody Gaffe

2009-03-16
http://www.express.co.uk/ourpaper/view/2009-03-16
What sort of an idiot decides that having a massive headline like that, above a picture of Jade Goody who is in the final stages of terminal cancer, is a good idea.
Credit to Muig for spotting this and giving it to Polybore.

Download Retro Cinema Projector Video Animation .wmv Free (Some rights Reserved.)

 

Preview on YouTube. (download version has logos removed)

 

Polybore created this video using Blender 2.48.

You can download this video and it and use it for your own project (please read the license agreement), like maybe your movie blog/ vlog/ presentation/ website/ promotional video etc. The download version is in .wmv format and has been edited so the logos have been removed. It would be straight forward to add your own logs/ images with Windows Movie Player or equivalent. If you need any help with that just give Polybore a shout. Enjoy.

 

 

Creative Commons License
Retro Cinema by polybore is licensed under a Creative Commons Attribution-Non-Commercial-Share Alike 2.0 UK: England & Wales License.
Permissions beyond the scope of this license may be available at www.polybore.blogspot.com.