Java takes a regular beating for its frequent exploits , and it's not uncommon for people to complain Java is inherently insecure , or an unacceptable risk for secure computing platforms. Well, good thing there's Microsoft Silverlight to lend a hand, then! Recent investigation now shows a rise in drive-by attacks exploiting Microsoft Silverlight . From the article:

The number of drive-by malware attacks that exploit vulnerabilities in Microsoft's Silverlight application framework may be surpassing those that abuse Oracle's Java framework, according to a recent analysis of one popular hack-by-numbers tool kit. Since April 23, the Angler exploit kit has shown a significant uptick in attacks that target Silverlight users, according to a blog post published Monday by Levi Gundert, technical lead in Cisco Systems' threat research group.

The original Cisco piece can be read here .

[Ed. note: I for one propose a framework that will eliminate all such attacks: how about we eliminate graphics and video formats totally, and go back to green screen ASCII text over a serial connection ?]

I've got Captain Obvious on the line, and he'd like you to know: the data you store in the cloud isn't private. You might be thinking, "I knew that." But it's news to some, like this guy, who got busted for possession of illegal pornographic images (child porn) , after backing up his computer to a Verizon cloud backup service. Bonus: he was the deacon of a Catholic school in Baltimore county: oops.
Turns out, cloud storage providers routinely sweep stored data, using hashes for known illegal images or media files. If they find one, you're toast.

From Ars Technica:

When Congress passed the PROTECT Our Children Act of 2008 mandating that service providers report suspected child pornography in the content that their customers surf and store, the law gave providers an out: if they couldn't check, they wouldn't know, and they wouldn't have to report it. But while checking is still voluntary, the National Center for Missing and Exploited Children has been pushing providers to use image-matching technology to help stop the spread of child pornography.

This isn't breaking news: the articles date back to March. But it's still relevant in the framework of the ongoing discussion of cloud-versus-local and the rights of authorities to revise your computing habits.

It was only a year or two ago when every journalist on earth suddenly went into fits, calling it the new age of tablet/mobile computing and assuring us the desktop would soon be a niche industry for has-beens and old fashioned losers. Lenovo would beg to differ. In fact, they've sold 55 million computers in the year ending March 2014 . They also sold 50 million smartphones and 9 million tablets, so there's no doubt mobile computing is increasingly going to take a huge chunk of the market. From the article:

Looking at the numbers by product line, Lenovo's worldwide laptop PC business increased in the fourth fiscal quarter by 16 percent to $4.8bn, accounting for 51 percent of the company's overall sales. Despite the general market declining, its desktop PC sales for the same period increased 14 percent to $2.7bn, or 29 percent of the company's overall sales worldwide. The company's sales of smartphones and digital home products jumped to $1.3bn, or 13 percent of the company's overall sales, and Lenovo said its worldwide smartphone shipments grew 59.4 percent in the fourth quarter.

But the world's largest PC maker would like you to know the age of the desktop computer has absolutely not come to an end.

The Colorado River Delta is typically a vast expanse of cracked, dry earth. The Colorado River itself comes to its end at the Morelos Dam on the US-Mexico border, and its outflow has been managed (poorly) by both nations ever since the dam was built. That means the river has been providing lots of drinking water and water for irrigated agriculture, but not much for any other reason.

That has suddenly changed, as both nations agreed to permit a flow of 1% of the water to be released for purposes of restoring parts of the ecosystem. From the article:

"We were able to persuade decision-makers in both countries that it was really time to turn the corner in the relationship and really try something different," [Environmental Defense Fund representative Jennifer] Pitt said. "That instead of unilateral actions on either side of the border with no particular concern for impacts on the other side of the border it would be better to have a collaborative approach." In 2012, the Mexican and American governments signed Minute 319, and the pulse flow was one of the provisions it contained. ... "During the months of late March and April, with the snow melt in the upper basin, a lot of water will come in a short period of time," he said. "So the pulse flow is mimicking that on a smaller scale." During the eight-week project, which ended on Sunday, just less than 1 percent of the river's annual average flow was released into the delta. Teams of scientists from environmental groups and universities have been closely monitoring the impact that the restored flow has had on this desiccated region.

[Ed. note: Glad to have some good environmental news for a change.]

Ladar Levinson has given an exclusive interview to the Guardian, discussing the saga that led to his decision to shut down Lavabit , the encrypted email provider that shut operations rather than betray the contents of users' inboxes to federal agents.

Metafilter provides some interesting, ensuing commentary . In particular, there's an interesting assertion in the comments, by "jacobian":

"The lesson we've learned, over and over again, from the Snowden revelations is that the NSA hasn't been able to actually break cryptography: choose a good algorithm and a strong key, and no amount of technical work will break that crypto. What does break a cryptosystem are people. People choose bad passwords. People practice bad computer hygiene."

Is that really all it takes? Because I get the distinct impression the NSA has broken Internet encryption protocols and is busy getting all up in your stuff. Is that just what they want you to think? What's the real deal on encryption on the Internet?

Cool news from NASA:

All systems are go for construction of a new Mars lander .

NASA and its international partners now have the go-ahead to begin construction on a new Mars lander, after it completed a successful Mission Critical Design Review on Friday. NASA's Interior Exploration Using Seismic Investigations, Geodesy and Heat Transport (InSight) mission will pierce beneath the Martian surface to study its interior. The mission will investigate how Earth-like planets formed and developed their layered inner structure of core, mantle and crust, and will collect information about those interior zones using instruments never before used on Mars.

I'm happy to have some good news related to space exploration, since the US-Russia space cooperation relationship is such a mess .

Interesting article at the BBC about improvements in quantum computing, plus a Canadian company by the name of D-Wave, who claims to have built working models of quantum computers .

Quantum computing exploits the weird physics of quantum mechanics, which takes hold at tiny (atomic or sub-atomic) scales. Computers that tap the quantum realm could carry out complex calculations much faster than their conventional - or classical - counterparts. While the basic units of information in classical computers are called "bits" and are stored as a string of 1s and 0s, their equivalents in a quantum system - qubits - can be both 1s and 0s at the same time. ... Scientists have struggled to entangle more than a handful of qubits, and to maintain them in their quantum state. Lab devices suffer from drop-out, or decoherence, where the qubits lose their ambiguity and become straightforward 1s and 0s. This has ensured that quantum computers remain confined to the lab - proofs of principle capable of solving only elementary problems.

Sounds interesting, as long as I can theme it. </joke>

Listen, do you hear something? It's " waaa, waaaa, waaa, waaaa ." It's the sound of Cisco executives crying to the Whitehouse that their business is being ruined now that the public knows their hardware is being sabotaged by the NSA with listening devices .

I'd feel sympathetic for them, but I'm too busy buying other manufacturers' hardware. This PDF is the letter Cisco executives have sent to President Obama. Or have a look here. The Washington Post reports Cisco John Chandler wrote :

Absent a new approach where industry plays a role, but in which you, Mr. President, can lead, we are concerned that our country's global technological leadership will be impaired. Moreover, the result could be a fragmented Internet, where the promise of the next Internet is never fully realized.

More interesting than the complaint is this graph showing the difference between what Cisco's predicted and actual growth, potentially due to this revelation . Who needs a diaper change and a nice bottle of warmed milk?

[Ed note 2014-05-20 12:10: update with a new, interesting link: http://www.infowars.com/cisco-ceo-sends-letter-to-obama-complaining-about-nsa-surveillance/ ]
Ed note: 2014-05-20 16:20 Link in the first ed note has been fixed.

Bad news: you're still rooted six ways to Sunday. This article comes from September 2013, but before you complain it's not breaking news, note that nothing has been done about it . In sum, Intel Core vPro processors contain a secret 3G chip that allows remote disabling and backdoor access to any computer even when it is turned off .

From the article:

"Intel actually embedded the 3G radio chip in order to enable its Anti Theft 3.0 technology. And since that technology is found on every Core i3/i5/i7 CPU after Sandy Bridge, that means a lot of CPUs, not just new vPro, might have a secret 3G connection nobody knew about until now,"reports Softpedia ... Core vPro processors contain a second physical processor embedded within the main processor which has it's own operating system embedded on the chip itself," writes Jim Stone. "As long as the power supply is available and and in working condition, it can be woken up by the Core vPro processor, which runs on the system's phantom power and is able to quietly turn individual hardware components on and access anything on them."

Curious? Outraged? Here are some more links so you can catch up on your new, pw0ned lifestyle.

http://www.intel.com/content/www/us/en/enterprise-security/what-is-vpro-technology-video.html
http://news.softpedia.com/news/Secret-3G-Radio-in-Every-Intel-vPro-CPU-Could-Steal-Your-Ideas-at-Any-Time-385194.shtml
http://www.popularresistance.org/new-intel-based-pcs-permanently-hackable/
http://www.tgdaily.com/hardware-opinion/39455-big-brother-potentially-exists-right-now-in-our-pcs-compliments-of-intels-vpr
http://infowars.com/
http://prisonplanet.com/

Happy websurfing, suckers. Remember, Intel knows if you're posting anonymously ;)

Henry Petroski writes about the pocket protector in his latest article on the history of industrial design, following an earlier web article from Jeanette Medea . While inventors had tackled the vexing problems of ink-stained shirts and misplaced pencils going back to the nineteenth century, an engineer named Hurley Smith patented what could be considered the modern article in 1947, describing a lightweight strip of plastic folded twice to fit into a shirt pocket : one at the bottom of the pocket, to hold the pens or tools, and one at the top front of the pocket, to form a flap that writing instruments could be clipped onto. The strip was extended above the pocket in the back to provide extra protection for the shirt. Curiously, Smith's main drawing did not illustrate an enclosed pocket-within-a-pocket, but rather a folded-over strip open at the sides. Realizing the potential demand for side seam protection, however, Smith included a drawing for an alternative implementation that is recognizably the pocket protector that became a badge of professional engineers over the next several decades, roughly corresponding to the era of the mainframe computer.

Competition sprung up almost immediately, from so many small manufacturers dispersed around the country that Smith decided against suing to enforce his patent. Gerson Strassberg marketed a pocket protector of his own design for a half century, although he later exaggerated his role in its invention , as Petroski points out. Strassberg didn't patent his design; "the best patent in the world is to make a million of them and sell them quickly", he explained. While pocket protectors are still being sold , most of today's engineers have moved on... perhaps, to clip-on security badges.

[Ed. note: In the 21st century, the pocket protector has become iconified as an object of ridicule, a signal for permitted scorn. In 2014, what's the equivalent? What object does everyone agree justifies merciless ridicule of the wearer?]