Signs from the Republican National Convention 2008

…gleaned from Pundit Kitchen:

U.S. Politics Obama McCain
see political pictures

Republicans misspell America
see Sarah Palin pictures


Mathias Rath drops case against Ben Goldacre

Ben Goldacre of Bad Science reports that vitamin-pill pusher Mathias Rath has dropped a libel case against him and the Guardian. Rath has been denouncing AIDS drugs and pushing vitamins in South Africa. The result of his ads is that people stop taking their medications and die. Ben says,

Usefully, it seems that Rath will now be responsible for the Guardian’s legal costs. Interim costs were awarded this afternoon at just shy of a quarter of a million, and we are seeking the full half a million pounds the paper has spent. For my part, I will probably now write a swift book on Rath and South Africa, as a way to make all the fascinating extra information I’ve had to dredge through useful to others, and to try and recoup something so that my time was not wasted. It will be meticulously well referenced and carefully written.

Read Mathias Rath case exposes the difference between science and its imitators.

“CookieMonster” grabs credentials from secure sites

Every ecology has its parasites. Every ecology has its blood-sucking parasites. It’s only natural. There’s no point in being angry. Just as a parasite fools the immune-system defences of an organism, the “Cookie Monster” fools a system into giving up its authentication cookies. Sigh.

Websites used for email, banking, e-commerce and other sensitive applications just got even less secure with the release of a new tool that siphons users’ authentication credentials – even when they’re sent through supposedly secure channels.

Dubbed CookieMonster, the toolkit is used in a variety of man-in-the-middle scenarios to trick a victim’s browser into turning over the authentication cookies used to gain access to user account sections of a website. Unlike an attack method known as sidejacking, it works with vulnerable websites even when a user’s browsing session is encrypted from start to finish using the secure sockets layer (SSL) protocol.

According to Mike Perry, the creator of CookieMonster, websites that appear to be vulnerable to the attack include,,,, and a host of other big-name online destinations. Errata Security’s Rob Graham, who introduced Sidejacking tools a little more than a year ago, says Gmail is not vulnerable as long as a recently implemented https-only option is turned on. But Google Docs, Google’s and Google Finance remain wide open.

The vulnerability stems from website developers’ failure to designate authentication cookies as secure….

…To find out if your bank is susceptible, clear all cookies and then log in to the site. Next, clear all cookies marked as “SECURE” (in Firefox, go to preferences > privacy > show cookies. Delete only the cookies marked as “Encrypted connections only”). Then visit the site again. If you’re logged in, there’s a strong chance the site is wide open.


Every once in a while I run across an article about tardigrades and how unusual, tiny, cute, and common they are. Usually the article is accompanied by a 3D-looking image of a tardigrade. The poor little thing has been freeze-dried and scanned by an electron beam. Here’s an image of living tardigrades. And here are some resources about tardigrades.

Large Hadron Collider needs repairs

A tiny electrical leak between components has caused some damage to the Large Hadron Collider. It will be off for a couple of months while its components are allowed to warm up and then are repaired. The story is at Live Science. “CERN announced Thursday [the 18th] that it had shut down the collider last week.”

Experts have gone into 17-mile (27-kilometer) circular tunnel housing the Large Hadron Collider under the Swiss-French border to examine the damage that halted operations about 36 hours after its Sept. 10 startup, said James Gillies, spokesman for CERN, the European Organization for Nuclear Research.

“It’s too early to say precisely what happened, but it seems to be a faulty electrical connection between two magnets that stopped superconducting, melted and led to a mechanical failure and let the helium out,” Gillies told The Associated Press.

Gillies said the sector that was damaged will have to be warmed up well above the absolute zero temperature used for operations so that repairs can be made — a time-consuming process.

Naturally, it’s not REALLY operating at absolute zero: that would really be science news!

Educational resource: Microbial Life

The Microbial Life Educatonal Resources web site has educational resources for students and teachers of microbiology. It is maintained by Carleton University in Ottawa.

Subject areas include:

  • Extreme environments
  • Marine environments
  • Microbial observatories
  • Research methods
  • Online resources
  • Topics of interest
  • Resources for teachers and students (K-12 teachers and university faculty)
  • Integrating research and education

Ex nihilo…

more funny cats

%d bloggers like this: