Archive for November, 2009

Placebo Effect Isn’t Just In The Head

Monday, November 9th, 2009

DoctorResearchers have shown that there is a physical basis to the placebo effect. They measured pain-related nerve activity in the spinal cord and found that it vanished when a placebo was used.

Link: http://www.newscientist.com/…

Security Vulnerability in Adobe Shockwave Player

Saturday, November 7th, 2009

Computer SecurityA critical security issue has been identified in the free Adobe Shockwave Player used by many web browsers. Adobe recommends installing the latest version (11.5.2.602). Since the Shockwave Player is not something that’s automatically updated or even checked for the need to update, you’ll have to do it manually. Note also that it may be necessary to perform the install multiple times, as there are different installers depending on which browser you use to download the software. Yes, really. But I think you only need to do it twice, once for Internet Explorer and once for everything else (on a Windows system).

Link: http://it.slashdot.org/…

A Thermite Weld in Action

Tuesday, November 3rd, 2009

TrainThe linked videos are parts 1 and 2 of a pseudo-documentary where rail workers perform a “complete thermite weld” to connect train tracks. I was a bit surprised by the lack of safety equipment—the workers were manipulating molten metal in short-sleeve shirts. And the guy was pretty nonplussed when the handle of his sledgehammer caught on fire.

Part 1: http://www.youtube.com/…
Part 2: http://www.youtube.com/…
(via Neatorama)

You Can Disable JavaScript?

Sunday, November 1st, 2009

Computer SecurityLong-term Chad’s News readers may recall this article, where a website was destroyed during a Google scan because the Google crawler doesn’t process JavaScript. And Firefox power users may be aware of the NoScript extension, which disables JavaScript for all websites by default (and which frequently shows up on “Top 10 Essential Add-ons” lists).

With all this in mind, you’d think web developers would know better than to design security measures that rely on JavaScript being enabled. But apparently not. Time Warner Cable distributed 65,000 cable modems that allow users to perform simple administrative functions via a web page interface. Advanced controls are hidden from the user, but they’re hidden via JavaScript. Disable scripting and poof! it’s a few easy steps to get the modem’s login credentials. To make matters worse, all 65,000 modems have the same username and password. Thus, a malicious hacker can reconfigure people’s modems from anywhere on the internet. Stupid, stupid, stupid.

Link: http://www.wired.com/…
(via Kim Komando)