Archive

Posts Tagged ‘French’

William Bradley: Why The Big Fade for Bruno?

July 20th, 2009 admin No comments

After a smash opening day, Bruno is fading fast.

Bruno, the follow-up to ace comedy star Sacha Baron Cohen’s 2006 smash hit Borat, is one of the most hyped movies of the year. It’s gotten so much publicity it feels like it’s about to come out on DVD. But after a fast start on Friday, July 10th, the mockumentary about a gay Austrian fashionista has been fading badly ever since. This past weekend, it’s down 73% from the opening weekend.

Why the big fade? It’s actually not much of a mystery.

Once you see the movie, the only mystery is why it wasn’t predicted in the first place.

It was striking how quickly Bruno’s big fade began. Last weekend, Hollywood columnist/blogger Nikki Finke’s headlines proclaimed “Bruno Ist Big!” The predicted opening weekend box office gross in the headline was $50 million domestic. Then it was $40 million. Then, finally, the actual $30 million. But nearly half that opening weekend box office came on the first day.

As Ali G, Sacha Baron Cohen interviews Posh Spice and David Beckham for a BBC comedy special. Obviously, they know who he is, and it doesn’t hurt the show a bit.

Word of mouth was bad, spreading fast over its opening weekend and continuing. Why?

Bruno is a very crude movie, much more so than most reviewers suggested. It’s also not all that funny, which is a bit of problem for a comedy. And there is an air of desperation about the enterprise.

The movie plays like the cable version of one of those porn flicks with a plot. A lot funnier, mind you, I laughed a few dozen times, but on that level. It’s not all focused on gay sex, either. There’s an extended sequence in which Bruno goes to a heterosexual swingers party, in which several couples apparently have sex while Bruno touches the men, trying to get one guy to look in his eyes while having sex with his female partner. This part of the movie ends with Bruno in a bedroom with a female dominatrix — a real-life porn starlet, as it turns out — who whips him when he’s slow to strip down and have sex with her.

Borat discusses his life and potential improvements to the United States of America.

A lot’s been made of Bruno supposedly being offensive to the gay and lesbian community. Which, of course, it is.

Bruno, now absent the fashionista journalist part of his persona — more about that in a moment — is the most stereotypically swishy gay guy imaginable. He gives narcissism a bad name, and is so sexually obsessed that he goes through life apparently seeking every day to recreate the ’70s San Francisco bathhouse scene.

But of course much humor plays off of stereotypes. Cohen, a Cambridge graduate in history who is an expert on civil rights movements, can be defended with the argument that he is forcing people to confront the contradictions of their conditioning. Or something like that. Which may be true as far as it goes.

Borat responds to criticism of his views.

Borat was also offensive. To the nation of Kazakhstan, which is nothing like how it was portrayed in the movie. To Russians (the Borat character is actually based on a Russian doctor Cohen met). And I’m sure to other people.

But Bruno is much more crude, and arguable more offensive, than Borat because Cohen has to try a lot harder for effect now. Too many people see him coming now.

On the TV show, a much cleverer Bruno discusses awards show fashion.

I’ve been a fan of his since he did Da Ali G Show on British television. Then the show came to America on HBO, earning a number of Emmy nominations. Along with Borat, I have the complete TV show on DVD. There are the three core characters: Ali G, a young Brit on the dole who fancies himself a hip hop character, and ends up doing some hysterical interviews with VIPs. Borat, the fictional Kazakh TV journalist. And Bruno, the Austrian fashion journalist.

The Bruno of the movie not only looks different from the TV character, he is a significantly different character. On the TV show, he’s pretty smart and clued in to the culture. In the movie, he’s a self-obsessed dolt with no talent whatsoever.

That’s because he’s no longer a fashion journalist.

The fashion folks are all on to Cohen now, so Bruno can no longer do his Funkyzeit TV show. There’s one sequence in the movie in which Cohen crashes a fashion show, makes an ass of himself, and is thrown out. After which he is “fired” by his network.

It’s too bad. While, it may be true that as my old friend Patricia Duff said many years ago — “Fashion is Hollywood without the substance” — it’s also true that it’s an interesting scene. Are the designs brilliant or nonsense? Or brilliant nonsense?

The TV version of Bruno conducts an interview on cardboard fashion.

In any event, stripped, as it were, of his fashionista side, the Bruno character is reduced to a pathetically talent-free, unremittingly crude, flamingly gay exhibitionist.

And the people he does manage to fool into participating in his interviews and skits — and much of it seems staged to me — are easy targets. If you are a white redneck American — thus unlikely to follow British TV and movies with funny foreign names, or remember what was on HBO (assuming you could afford it) at the beginning of the decade — you are now the target of Sacha Baron Cohen’s pranks.

Opposite the Queen of England, Ali G delivers his Christmas message.

This is why, from Ali G to Borat to Bruno, we see an evolution from the relatively sly and quite clever to the increasingly hyperbolic.

Where previous characters conducted amusingly surrealistic interviews with celebrities and figures of state, Bruno comes off as a stalker or comedic drive-by shooter. With some pretense or another, he does manage to get Republican Congressman and presidential candidate Ron Paul into a hotel room for an interview. And then starts coming on to him. Paul is kindly at first, you can see the wheels turning for him that he is a room with some poor unfortunate, until Bruno starts stripping down and dancing. Then he storms out.

Bruno has less success with other, bigger names.

When Bruno supposedly gets CBS to conduct a focus group on the pilot for his celebrity show (and let’s just say that can’t have been real), he keeps hyping an exclusive interview with Harrison Ford. Which in the event turns out to be Ford explosively telling Bruno to “Fuck off!” as he brushes past him leaving a bar or restaurant.

Was Ford acting? Or was he just pissed off at some weirdo stalking him with a camera crew?

An encounter with Governor Arnold Schwarzenegger, who was also apparently not amused, though not as angry as Ford appeared to be, didn’t make it into the movie. Though Bruno makes a point early on, having lost his fashion TV gig, of saying early on that he is coming to Hollywood to be “the biggest gay Austrian movie star since Schwarzenegger.”

The well has clearly run dry for these characters, and probably this concept. Which is why this movie turned out to be so crude and seemingly desperate.

But Sacha Baron Cohen is enormously talented. He can easily be this generation’s Peter Sellers. He was hysterical as a gay French Formula One driver come to take over NASCAR in Talladega Nights. He can use Ali G, Borat, and Bruno in other ways, and obviously invent other characters.

In a hopefully funnier movie next time out.

You can check things during the day on my site, New West Notes … www.newwestnotes.com.

More on Sacha Baron Cohen


Categories: World Tags: , , , , ,

Geithner Has Tough Task In Marketing US Debt

July 20th, 2009 admin No comments

WASHINGTON — Timothy Geithner, architect of bank, auto and economic rescue plans, has another high-stakes job these days: traveling bond salesman.

The recession, financial crisis and two wars have pushed the federal deficit above $1 trillion, a record level that makes the Treasury secretary’s role as chief marketer of U.S. debt tougher than any of his recent predecessors’.

Geithner, who traveled last week to the Middle East and Europe, has to convince foreign investors to keep buying Treasury bills, notes and bonds; they hold nearly half of the government’s roughly $7 trillion in publicly traded debt.

“He’s a smart guy but it’s a very, very big task,” said Dean Baker, co-director of the Center for Economic and Policy Research, a left-leaning Washington think tank.

If foreign demand for U.S. debt sags, that could drive up interest rates and spell big trouble for an economy hobbled by 9.5 percent unemployment. Higher rates would make it more expensive for consumers to buy homes and cars, and for businesses to finance their operations.

In the worst case scenario, a rush by foreigners to sell their U.S. debt could send the dollar crashing and inflation soaring. Because that would also hurt the value of their remaining holdings and the U.S. economy – a key market for their exports – private analysts believe such a scenario is not likely to occur.

With the risks in mind, Geithner last week visited Saudi Arabia and the United Arab Emirates, whose vast oil wealth gets recycled into Treasury holdings.

Last month, he visited China, the largest foreign holder of U.S. Treasuries. That trip was marked by an extra dose of drama. In March, Chinese Premier Wen Jiabao said his country was concerned about the “safety” of the large amounts of money it had lent to the United States.

Throughout these trips, Geithner very much stuck to his sales script, at least in his public pronouncements. He said the Obama administration was committed to guarding the value of the dollar and, once the economy improves, shrinking the deficit.

The deficit has been driven higher in part by the $787 billion economic stimulus package and $700 billion financial system bailout approved by Congress over the past year.

The deficit-cutting proposals the administration has so far revealed would fall far short of what is needed.

“If the Obama administration has a credible plan to bring the deficits down, they are keeping it a deep secret at the moment,” said Michael Mussa, senior fellow at the Peterson Institute and former chief economist at the International Monetary Fund.

With nearly three months left in the budget year, the Obama administration forecasts that this year’s deficit will total $1.84 trillion, more than four times the size of last year’s record tally.

The nonpartisan Congressional Budget Office estimates the annual deficits under the administration’s spending plans will never drop below $633 billion over the next decade. And it forecasts an additional $9.1 trillion added to the debt held by the public – the amount that Geithner has to finance with bond sales.

During a stopover in Paris on Thursday, Geithner acknowledged in an online chat sponsored by the French newspaper Les Echos that “the dollar’s role in the international financial system places special responsibilities on the United States.”

The foreigners Geithner meets with have a keen sense of the pressure he faces.

When Geithner told a packed auditorium at Peking University that Chinese investments in the U.S. were safe, his comment was greeted by laughter. The students appeared to be laughing more at the quickness with which Geithner had responded to a question, not at what he said. Still, the reaction did highlight underlying skepticism.

Officials in the Middle East last week gave no public hint of nervousness.

UAE crown prince Sheik Mohammed bin Zayed Al Nahyan, who met with Geithner last Wednesday, stressed the strength of his country’s relationship with the U.S. in comments carried by state news agency WAM.

“The UAE attaches great significance to further promoting cooperation with the friendly United States in all areas, and in banking, finance, trade, investment and education in particular,” Sheik Mohammed said.

But such easygoing relations could fray if the U.S. isn’t careful about its spending, some economists warned.

That goal is even more urgent with China, Russia and some other countries grumbling that there should be alternatives to having the U.S. dollar serve as the world’s reserve currency.

Publicly traded U.S. debt – which excludes deficits the government owes to itself in Social Security and other trust funds – stood at 41 percent of the total economy in 2008. It is projected to climb to 82 percent of the entire economy by 2019.

“If these trends are not reversed, the world will stop buying our debt and the economy will break,” said Mark Zandi, chief economist at Moody’s Economy.com.

___

Martin Crutsinger has covered economics for The Associated Press for 25 years.

___

AP Business Writer Marcy Gordon contributed to this report.


Categories: World Tags: , , , , , , ,

Laurence Leamer: Return to Shangri-La

July 19th, 2009 admin No comments

When I flew into Kathmandu in a Royal Airlines DC-3 in September of 1964, the old plane wheezed its way across the mountains and into the verdant high valley. I was a member of the fourth group of Peace Corps Volunteers to the mystical mountain kingdom. Nepal had been kept isolated from the rest of the world for hundreds of years, and Kathmandu was a magical, quasi-medieval city, one of the great cultural jewels of the world.

There were few automobiles and the Nepalese generally either walked, rode bicycles or took bicycle rickshaws. Most men of substance wore the Nepali national dress, the daura suruwal, thin cotton pants that while tight against the ankles then billowed out, a dark Nehru-like jacket, and the ubiquitous topi, a pill box hat. The women wore saris similar to Indian dress. There were many bare -footed porters and laborers in virtual rags, Tibetans in their heavy dress, and a rich mix of cultures and peoples.

There was a broad expanse outside the king’s palace where awestruck villagers looked at the great ornate structure where resided the man considered a descendent of God. But most of the city was a narrow warren of streets, many of them with ornate woodwork often of a religious nature. That only increased the sense of mystery.

Most Nepalese are Hindus, although there are Buddhists and Muslims as well, but their spiritual quality transcended any one faith. One could not be here very long without knowing– no matter how severe one’s agnosticism– that there was a God or at least some spiritual being that motivated everyone and everything. Despite the poverty, Kathmandu was close to the mythical world of James Hilton’s Shangri-la.

Was it any wonder that I wanted to return, to drink once again at those spiritual wellsprings? But why had I waited so long, I asked myself as yesterday afternoon the Jet Airlines jet soared into the valley, a quick hour and a half from Delhi. It had been four and a half decades since I first arrived in Nepal, a lifetime. For minutes, I keep looking out the window, but the mountains sat shrouded in clouds, and I saw little as the plane landed on the tarmac.

I had not even gotten my bag before the touts approached me, and I hurried away from them, and got into a battered taxicab to take me to my hotel. Before I saw anything, the stench assaulted me. I reached to shut the windows in the non air-conditioned car, but the smell remained. The foul odors had metastasized into a malevolent stench that penetrated everything and everyone. There was not so much heavy traffic in the sense of an orderly progression of cars proceeding in two directions, but a mindless jumble of vehicles, seemingly each with a separate route, bleating their horns at each other.

Outside was a mindless jumble of slums, substantial, cheaply constructed cement buildings cheek to jowl with shacks. Block after block. Mile after mile. It was endlessly the same. There were a few women in saris, blossoms in the squalor, but for the most part the people dressed in some fashion of western dress, jeans and t-shirts mainly, but as if every closet in the West had been emptied out and dumped here. There were great piles of empty plastic bottles, guarded like the gold they were, and ragged, forlorn children twisting and turning their way through the traffic carrying clumps of sod. At every traffic light a child beat on the window begging for alms. And everyone there was garbage, all the flotsam of urban civilization, scraps of paper, crumpled cans, rotting refuse. Once there had been stray dogs as efficient scavengers, but even they were largely gone.

We finally reached the tourist area of Thamel, and drove along the misnamed Kings Way to my hotel. It is the same narrow street I remembered, but there was generic rock n roll blaring from windows, stores selling Internet services and trekking gear, restaurants serving hamburgers and French fries, tacos and lemon meringue pie, and village girls who had learned enough English words to turn a trick or two with the foreigners. Few westerners have come to Nepal this summer, but the young Nepalese have made Thamel their own, and they paraded up on down what has become the Times Square of Nepal.

Last evening I had dinner in the center of Thamel at the Northfield Café with Rajeev Goyal . I have been working with Rajeev in Washington the past few months trying to double the size of the Peace Corps. Rajeev had also been a Peace Corps volunteer in Nepal from 2001 and 2003 stationed not far from where I had been posted. Since returning to the States, he has been helping the Nepalese in that area in eastern Nepal by building schools and water facilities. He has returned this summer to take a group of these villagers around the country to show them the bad and the good of what “development” has done to their country, and I was accompanying them.

The Northfield Café is a sprawling restaurant, one of the most popular places in Tamel. It serves a large menu of dishes from most cultures except Nepal, but whether it is Southern chicken, salami pizza, tacos, or chocolate cake, the commonality is mediocrity. In the far dark corner a group of three Nepali musicians sat squat legged playing traditional Nepali music on a one-string fiddle, and a drum, but the tourists didn’t notice them and their subtle sounds were overwhelmed by rock music projected from a bar across the street.

The Northfield Café is one of several restaurants and hotels established by Mike Frame, a farm boy from Northfield, Minnesota. Mike was a volunteer in Nepal One. He signed up for a second tour and established a tiny experimental farm in Marek-Kathare, the remote village where I was also stationed. Mike was a peculiar man and he did not want to go home. So he became the father of tourist Thamel. Mike died a few years ago. Thamel is his legacy.

“For years these people have lived under two fears, ” Rajeev said, looking out on a street full of hundreds of young Nepalese men milling aimlessly. “The Maoists on one hand imposing upon them and the government wanting to have their allegiance. Many of the young men left and went to Middle Eastern and South East Asian countries and worked essentially as slaves for a hundred dollars a month. Scrubbing toilets in airports in Dubai or Kuala Lumbar where were hated as being Hindus, hated for not knowing English, hated for being Nepali. Now in Nepal there are millions of young people with nothing to do. They are frustrated and rightfully so. They have no work and yet there is so much work to do.”

Rajeev paused and looked out at this room full of tables of gestilatating westerners enjoying their sojourn in exotic Nepal. ” This bitterness is going to get so bad that this respect for foreigners will go too,” he said biting down intensely on each word. “They will wake up and realize that the westerners have done much of this to them. They will realize worship of westerners is part of the insidious caste system that has caused many of the problems.”

There is already a glitch in Rajeev’s summer project. One of the frequent strikes has shut down the East-West highway and the eight villagers have had to hire a mini-bus to get them to Kathmandu. But the bus has broken down in the jungle and the driver has left the group, saying he has to get what he needs to repair the vehicle. And there is no telling when they will arrive.

I am glad I have come to Nepal, but for far different reasons than I thought. God left Kathmandu long ago, and I know this journey of mine will be far different from what I had anticipated.

More on Poverty


Categories: World Tags: , , , , , ,

The Anatomy Of The Twitter Attack

July 19th, 2009 admin No comments

The Twitter document leak fiasco started with a simple story that personal accounts of Twitter employees were hacked. Twitter CEO Evan Williams commented on that story, saying that Twitter itself was mostly unaffected. No personal accounts were compromised, and “most of the sensitive information was personal rather than company-related,” he said. The individual behind the attacks, known as Hacker Croll, wasn’t happy with that response. Lots of Twitter corporate information was compromised, and he wanted the world to know about it. So he sent us all of the documents that he obtained, some 310 of them, and the story developed from there.

It’s clear that Twitter was completely unaware of how deeply they were affected as a company – when Williams said that most of the information wasn’t company related he believed it. It wasn’t until later that he realized just how much and what kind of information was taken. It included things like financial projections and executive meeting notes that contained highly confidential information.

We’ve already said a lot about all of this and the related “server password = password” story that was discovered by another individual last week. But we’ve got two more stories to tell. The first, this post, is exactly how the hacks took place, based on information gathered from hours of conversations with Hacker Croll. The second is what was happening behind he scenes with Twitter as the story unfolded. We’ll post that later this week.

When the story first broke the true scope of what had taken place and how it occurred was not understood. Various bloggers speculated about the cause of the attack – with some placing the blame on Google while others blaming the rising trend of hosting documents in the cloud.

We immediately informed Twitter of the information we had in our possession (and forwarded it to them), and at the same time reached out to the attacker. With some convincing, the attacker responsible for the intrusion at Twitter began a dialog with us. I spent days communicating with the attacker in an effort to gain insight into how the attack took place, what the true scope of it was and how we could learn from it.

We’ve waited to post exactly what happened until Twitter had time to close all of these security holes.

Some Background

In the security industry there is a generally accepted philosophy that no system or network is completely secure – a competent attacker with enough time, patience and resources will eventually find a way into a target. Some of the more famous information security breaches have relied on nothing more than elementary issues exploited by an attacker with enough time and patience at hand to see their goal through. A classic example is the case of Gary McKinnon, a self-confessed “bumbling PC nerd” who while usually drunk and high on cannabis would spend days randomly dialing or attempting to login to government servers using default passwords. His efforts led to the compromise of almost 100 servers within a number of government departments. After McKinnon spent a number of years trawling through servers looking for evidence of alien life (long story), somebody within the government finally wised up to his activities which lead to not only the arrest and attempted extradition of McKinnon from the United Kingdom, but a massive re-evaluation of the security methods employed to protect government information.

A more recent example is the case of Kendall Myers, who after being recruited to work for the Cuban government by an anonymous stranger they met while on holiday in that country, set out to obtain a high ranking position within the State Department specifically to obtain access to US government secrets. Kendall dedicated his entire life to obtaining state secrets, and up until he was recently caught by the FBI had successfully passed on secret information and internal documents to the Cuban government for 30 years. He relied only on his memory, his education credentials and sheer dedication.

The Twitter Attack: How The Ecosystem Failed

Like other successful attacks, Hacker Croll used the same combination of patience, sheer determination and somewhat elementary methods to gain access to a frightening number of accounts and services related to Twitter and Twitter employees. The list of services affected either directly, or indirectly, are some of the most popular web applications in use today – Gmail, Google Apps, MobileMe, AT&T, Amazon, Hotmail, Paypal and iTunes . Taken individually, most of these services have reasonable security precautions against intrusion. But there are huge weaknesses when they are looked at together, as an ecosystem. Like dominoes, once one fell (Gmail was the first to go), the others all tumbled as well. The end result was chaos, and raises important questions about how private corporate and personal information is managed and secured in a time when the trend is towards more data, applications and entire user identities being hosted on the web and ‘in the cloud’.

“Hacker Croll” is a Frenchman in his early 20’s. He currently resides in a European country and first discovered his interest in web security over two years ago. Currently in between jobs, he has made use of the additional time he now has, along with his acquired skillset, to break into both corporate and personal accounts across the web. His knowledge of web security has been attained through a combination of materials available to the public and from within a tight-knit group of fellow crackers who exchange details of new, and sometimes unknown, techniques and vulnerabilities. Despite the significance and impact a successful attack has, the cracker claims that his primary motivation is a combination of curiosity, exploration and an interest in web security. There is almost a voyeuristic tendency amongst these individuals, as they revel in the thought of gaining privileged access to information about the inner lives of individuals and corporations. The “high” of access and gaining unauthorized knowledge must be big enough to carry a cracker’s motivation through the long hours, days and months of effort it may take to hit the next pot of gold.

For Hacker Croll, his first port of call in setting out to gain access to a target network is to make use of public search engines and public information to build a profile of a company or individual. In the case of the Twitter attacks, this public information allowed him to create a rich catalog of data that included a list of employee names, their associated email addresses and their roles within the company. Information like birth dates, names of pets and other seemingly innocent pieces of data were also found and logged. This dragnet across the millions of pages on the web picked up both work and personal information on each of the names that were discovered. Public information on the web has no concept of, or ability to, distinguish between the work and personal details of a person’s identity – so from the perspective of a cracker on a research mission, having both the business and personal aspects of a target’s digital life intertwined only serves to provide additional potential entry points.

With his target mapped out, Hacker Croll knew that he likely only needed a single entry point in any one of the business or personal accounts in his list in order to penetrate the network and then spread into other accounts and other parts of the business. This is because the web was designed at a time where there was implicit trust between its participants – requiring no central or formal identification mechanism. In order to keep private data private, modern web applications have built out their own systems and policies that require a user to register and then manage their identities separately with each app. The identifier that most applications use is an email address, and it is this common factor that creates a de facto trust relationship between a user’s applications. The second factor is a password: a random string that only the user knows, is unique to each application, and in theory should take even a PC months or years to figure out if it started guessing. These two elements would work well enough for most cases, were it not for what is often the single weakest factor: human habit.

Look at the front page of almost any web application and you will see hints at just how hopeless and helpless we are in managing our digital lives: “forgot my password”, “forgot my username”, “keep me logged in”, “do not keep me logged in”, “forgot my name”, “who am i?”. Features that were designed and built as a compromise since we are often unable to remember and recall a single four-digit PIN number, let alone a unique password for every application we ever sign up for. Each new service that a user signs up for creates a management overhead that collapses quickly into a common dirty habit of using simple passwords, everywhere. At that point, the security of that user’s entire online identity is only as strong as the weakest application they use – which often is to say, very weak.

Now going back to Hacker Croll and his list of Twitter employees and other information. Twitter just happens to be one of a number of a new breed of companies where almost the entire business exists online. Each of these employees, as part of their work, share data with other employees – be it through a feature of a particular application or simply through email. As these users become interwoven, it adds a whole new attack vector whereby the weak point in the chain is no longer just the weakest application – it is the weakest application used by the weakest user. For an attacker such as Hacker Croll looking to exploit the combination of bad user habit, poorly implemented features and users mixing their personal and business data – his chances of success just got exponentially greater. Companies that are heavily web based rely largely on users being able to manage themselves – the odds are not only stacked against Twitter, they are stacked against most companies adopting this model.

Unfortunately for Twitter, Hacker Croll found such a weak point. An employee who has online habits that are probably no different than those of 98% of other web users. It began with the personal Gmail account of this employee. As with most other web applications, the personal edition of Gmail has a password recovery feature that presents a user with a number of challenges to prove their identity so that their password can be reset. It likely wasn’t the first account from a Twitter employee that Hacker Croll had attempted to access – but in the case of this particular account he discovered a kink in the armor that gave him the big first step. On requesting to recover the password, Gmail informed him that an email had been sent to the user’s secondary email account. In an effort to balance usability with security, Gmail offered a hint as to which account the email to reset the password was being sent to, in case the user required a gentle reminder. In this case the obfuscated pointer to the location of the secondary email account was ******@h******.com. The natural best guess was that the secondary email account was hosted at hotmail.com.

At Hotmail, Hacker Croll again attempted the password recovery procedure – making an educated guess of what the username would be based on what he already knew. This is the point where the chain of trust broke down, as the attacker discovered that the account specified as a secondary for Gmail, and hosted at Hotmail was no longer active. This is due to a policy at Hotmail where old and dormant accounts are removed and recycled. He registered the account, re-requested the password recovery feature at Gmail and within a few moments had access to the personal Gmail account of a Twitter employee. The first domino had fallen.

Well designed web applications will never just give a user their password if they forget it, they will force the user to pick a new one. Hacker Croll had access to the account, but with a password he had specified. To not alert the account owner that their account had been compromised, he had to somehow find out what the old Gmail password was and to set it back. He now had a bevy of information at his fingertips, a complete mailbox and control of an email account. It wasn’t long before he found an email that would have looked something like this:

To: Lazy User
From: Super Duper Web Service
Subject: Thank you for signing up to Super Duper Web Service

Dear Lazy User,

Thank you for signing up to Super Duper Web Service. For the benefit of our support department (and anybody else who is reading this), please find your account information below:

username: LazyUser
password: funsticks

To reset your password please follow the link to.. ahh forget it, nobody does this anyway.

Regards,

Super Duper Web Service

Bad human habit #1: Using the same passwords everywhere. We are all guilty of it. Search your own inbox for a password of your own. Hacker Croll reset the password of the Gmail account to the password he found associated with some random web service the user had subscribed to and that sent a confirmation with the password in clear text (and he found the same password more than once). He then waited, to check that the user was still able to access their account. Not too long later there was obvious activity in the email account from the account owner – incoming email read, replies sent and new messages drafted. The account owner never would have noticed that a complete stranger was lurking in the background. The second domino falls.

From here it was easy.

Hacker Croll now sifts through the new set of information he has access to – using the emails from this user’s personal Gmail account to further fill in his information map of his target. He extends his access out to all the other services he finds that this user has signed up for. In some instances, the password is again the same – that led Croll into this user’s work email account, hosted on Google Apps for Domains. It turns out that this employee (and in fact most/all Twitter employees and everyone else) used the same password for their Google Apps email (the Twitter email account) as he did with his personal Gmail account. With other sites, where the original password may not work – he takes advantage of a feature many sites have implemented to help users recover passwords: the notorious “secret question”.

Fork the story here for a moment because there is a real issue here with the “secret question” (from here on abbreviated more appropriately as just “secret ?”). For some strange reason, some sites refer to the “secret ?” as an additional layer of security – when it is often the complete opposite. In the story of Hacker Croll and Twitter, the internal documents that we now all know about were only a few steps away from the first account he gained access to. In addition to that, this attacker, and certainly others just like him, have been able to demonstrate that some of the biggest and most popular applications on the web contain fundamental weaknesses that alone might seem harmless, but in combination with other factors can cause an attacker to completely tear through the accounts of users, even those who maintain good password policy.

This is not the first time that the issue of “secret ?” being used in password recovery systems has been raised. Last September, US Republican Vice Presidential candidate and former governor of Alaska, Sarah Palin, had screenshots of her personal Yahoo mail account published to Wikileaks. A hacker or group known only as ‘Anonymous’ claimed credit for the hack, which was carried out by the attacker making an educated guess in response to the security question used to recover passwords. In early 2005, celebrity Paris Hilton suffered a similar incident when her T-Mobile sidekick account was broken into, and the details of her call log, messages (some with private pictures of Hilton) and contact list were leaked to the media. The culprit, again, was “secret ?”.

Giving the user an option to guess the name of a pet in lieu of actually knowing a password is just dramatically shortening the odds for the attacker. The service is essentially telling the attacker: “we understand that guessing passwords is hard, so let us help you narrow it down from potentially millions of combinations to around a dozen, or even better, if you know how to Google, just one”. The problem is not the concept of having an additional authorization token, such as mothers maiden name, that can be used to authenticate in addition to a password, the problem arises when it is relied on alone, when the answer is stored in the clear in account settings, and when users end up using the same question and answer combination on all of their accounts.

From this point, with a single personal account as a starting point, the intrusion spread like a virus – infecting a number of accounts on a number of different services both inside and outside of Twitter. Once Hacker Croll had access to the employee’s Twitter email account hosted by Google, he was able to download attachments to email that included lots of sensitive information, including more passwords and usernames. He quickly took over the accounts of at least three senior execs, including Evan Williams and Biz Stone. Perusing their email attachments led to lots more sensitive data being downloaded.

He then spidered out and accessed AT&T for phone logs, Amazon for purchasing history, MobileMe for more personal emails and iTunes for full credit card information (iTunes has a security hole that shows credit card information in clear text – we’ve notified Apple but have not heard back, so we won’t publish the still-open exploit now).

Basically, when he was done, Hacker Croll had enough personal and work information on key Twitter executives to make their lives a living hell.

Just to summarize the attack:

  1. HC accessed Gmail for a Twitter employee by using the password recovery feature that sends a reset link to a secondary email. In this case the secondary email was an expired Hotmail account, he simply registered it, clicked the link and reset the password. Gmail was then owned.
  2. HC then read emails to guess what the original Gmail password was successfully and reset the password so the Twitter employee would not notice the account had changed.
  3. HC then used the same password to access the employee’s Twitter email on Google Apps for your domain, getting access to a gold mine of sensitive company information from emails and, particularly, email attachments.
  4. HC then used this information along with additional password guesses and resets to take control of other Twitter employee personal and work emails.
  5. HC then used the same username/password combinations and password reset features to access AT&T, MobileMe, Amazon and iTunes, among other services. A security hole in iTunes gave HC access to full credit card information in clear text.
  6. Even at this point, Twitter had absolutely no idea they had been compromised.

What could have happened next is that Hacker Croll could have used or sold this information for profit. He didn’t do that, and says he never intended to. All he wanted to do, he says, was to highlight the weaknesses in Twitter’s data security policies and get them and other startups to consider more robust security measures.

He also says he’s sorry for causing Twitter so much trouble. We asked Hacker Croll if he had any message he wants to deliver to Twitter, and he sent me the following:

Je tiens à présenter toutes mes excuses au personnel de Twitter. Je trouve que cette société a beaucoup d’avenir devant elle.

J’ai fait cela dans un but non lucratif. La sécurité est un domaine qui me passionne depuis de longues années et je voudrais en faire mon métier. Dans mon quotidien, il m’arrive d’aider des gens à se prémunir contre les dangers de l’internet. Je leur apprend les règles de base.. Par exemple : Faire attention où on clique, les fichiers que l’on télécharge et ce que l’on tape au clavier. S’assurer que l’ordinateur est équipé d’une protection efficace contre les virus, attaques extérieures, spam, phishing… Mettre à jour le système d’exploitation, les logiciels fréquemment utilisés… Penser à utiliser des mots de passe sans aucune similitude entre eux. Penser à les changer régulièrement… Ne jamais stocker d’informations confidentielles sur l’ordinateur…

J’espère que mes interventions répétées auront permis de montrer à quel point il peut être facile à une personne mal intentionnée d’accéder à des informations sensibles sans trop de connaissances.

Hacker Croll.

This roughly translates to:

I would like to offer my personal apology to Twitter. I think this company has a great future ahead of it.

I did not do this to profit from the information. Security is an area that fascinated me for many years and I want to do my job. In my everyday life, I help people to guard against the dangers of the Internet. I learned the basic rules .. For example: Be careful where you click the files that you download and what you type on the keyboard. Ensure that the PC is equipped with effective protection against viruses, external attacks, spam, phishing … Upgrading the operating system, software commonly used … Remember to use passwords without any similarity between them. Remember to change them regularly … Never store confidential information on the PC …

I hope that my intervention will be repeated to show how easy it can be for a malicious person to gain access to sensitive information without too much knowledge.

Croll hacker.

What’s the takeaway from all this? Cloud services are convenient and cheap, and can help a company grow more quickly. But security infrastructure is still nascent. And while any single service can be fairly secure, the important thing is that the ecosystem most certainly is not. Combine the fact that so much personal information about individuals is so easily findable on the web with the reality that most people have merged their work and personal identities and you’ve got the seed of a problem. A single Gmail account falls, and soon the security integrity of an entire startup crumbles. So for a start, reset those passwords and don’t use the same passwords for different services. Don’t use password recovery questions that can easily be answered with a simple web search (an easy solution is to answer those questions falsely). And just in general be paranoid about data security. You may be happy you were.

Crunch Network: MobileCrunch Mobile Gadgets and Applications, Delivered Daily.


Recently on Offworld: insanely twisted shadows, iPhone Portal, Wii-injuries

July 19th, 2009 admin No comments

insanelytwisted.jpgRecently on Offworld we watched what surely must be the game trailer of the month: an extended look at animator Michel Gagne’s upcoming Insanely Twisted Shadow Planet (above), with some of the most striking art direction and animation we’ve seen in games for some time, cut to black metal band Dimmu Borgir’s “Blood Hunger Doctrine”, which shouldn’t work but absolutely fantastically does — it’s a must watch.

Elsewhere we saw one fan’s attempt to recreate Portal on the iPhone and the latest look at tiny-planet shooter Max Blastronaut, found the latest two gorgeously designed official Team Fortress 2 T-shirts, and listened to a wicked live remix of the theme song to The Silver Case — the first PlayStation adventure game from No More Heroes and Killer7 creators Grasshopper Manufacture.

Finally, we found a new on-demand publisher for budding board game designers that lets you piece together your pieces, upload your own artwork, and sell the game directly through the site, spent our first day on the Wii Sports Resort, which ended in broken glass and a trickle of blood, and our ‘one shot’s for the day: the gorgeous girls of Nintendo punk, a Metal Gear packing slip that’s just a box, a fantastic new Darkstalkers montage, and, best of all, beautiful and very French pixels for what we genuinely hope is a new catburglar game.


Categories: World Tags: , , ,

Pope ‘Can’t Pray’ With Wrist In Cast

July 19th, 2009 admin No comments

LES COMBES, Italy — Pope Benedict XVI spent a calm night after breaking his wrist in his Alpine vacation chalet and is learning to cope with the cast on his right arm, the Vatican said Saturday.

Benedict, 82, will stick to his schedule of public appearances, including the traditional Angelus prayer on Sunday, Vatican spokesman the Rev. Federico Lombardi said in a statement.

Benedict had surgery at the hospital of the nearby town of Aosta on Friday to set his right wrist, fractured when he fell overnight in a chalet where he staying in the mountain hamlet of Les Combes, near the French border.

The right-handed pope will have to keep the cast for a month. Lombardi said the toughest part for Benedict was giving up writing by hand, which he intended to do often during his vacation.

The AFP also reported that the Pope couldn’t pray with his hand in a cast:

“Pope Benedict XVI celebrated mass Saturday with his broken wrist in plaster but bemoaned an inability to clasp his hands together in prayer, his closest officials said.”

“He is learning to live with a blocked wrist, this is not very easy,” Lombardi told AP Television News. “The pope cannot write, do handwriting as he desired in these days. But for the other aspects, the day is normal.”

Another pleasure that he is sure to be denied in the near term is playing the piano. The pope is a classical music lover and enjoys playing while on vacation.

The fracture was the first significant medical issue of Benedict’s 4-year-old papacy, and doctors said Friday he would suffer no long-term effects and would be able to return to playing piano and writing once the wrist heals.

Benedict is scheduled to stay until July 29 in Les Combes. On Sunday he will go as planned to Romano Canavese, the hometown of his No. 2 official, Cardinal Tarcisio Bertone, to deliver the Angelus, Lombardi said.

He will celebrate Vespers in Aosta’s cathedral on Friday and deliver the Sunday blessing in Les Combes on July 26.

Benedict has spent two summers at Les Combes in recent years. He said upon arrival that he expected to rest and work during his vacation.

His predecessor, Pope John Paul II, also spent several summers here. While John Paul liked to hike, Benedict spends most of his time inside the chalet, which looks out on Mont Blanc, the highest peak in the Alps.

More on Italy


Categories: World Tags: , ,

Bashir Ahmad Gwakh: Britney Spears’ Ex for President

July 19th, 2009 admin No comments

Why could Adnan Ghalib win the Afghan presidential election?

Adnan Ghalib, an ex-boyfriend of the messed-up US star Britney Spears, is facing the possibility of being deported to his home country, Afghanistan. And no, it’s not because of whipping his famous ex-girlfriend but because he has charged with assault with a deadly weapon, hit-and-run and battery.

Mr. Ghalib is reluctant about going back to Afghanistan but I believe he should change his mind immediately and go for it. After all, back in his ancestral homeland of Afghanistan, a great opportunity is awaiting the former photographer. Brace yourselves and hold your breath. Adnan Ghalib could become our president. Yes, he could. You don’t believe me? Here is why…

I am, of course, aware that the first thing that crosses the reader’s mind is this: Isn’t it too late? After all, the nominations for the presidential race in Afghanistan are done and dusted. But hang on, there’s hope. If he slipped a couple of thousand bucks to the Afghan Election Commission, he would be in, and that in no time.

But what if the Taliban tried to kill him? Relax; there is no chance of that. We all know that Ghalib dumped his infidel ex-girlfriend in a manner most pleasing to the Taliban. He sold her nude pictures, inappropriate text messages and “private memories” and then left her, drowning in dirt. Our guess is that by selling such private souvenirs, Adnan Ghalib tried to unveil to the world Britney’s secret plan to misguide the Muslim youth with tantalizing, nearly-naked appearances in music videos. In other words, Adnan Ghalib was not only making money from washing his dirty linen in public, he was also trying to protect the Muslim youth from Britney. And let’s not forget that he tried his heart out to convert the morally misguided singer to Islam.

As the Taliban believe they are the only followers and protectors of Islam, so Ghalib’s services would be more than adequate to convince the Taliban leader and the commander of the faithful, Mullah Omar, to issue a Fatwa, praising Ghalib’s “good deeds” in the service of Islam. Mullah Omar would go even further, endorsing Ghalib’s candidacy and persuading the pious people of Afghanistan to vote for him. Extremists are known for ignoring limits. Hence, we can expect the Taliban to push the boundaries even further and threaten anyone who dares not vote for Ghalib with a Taliban style nose-job. In other words, if voters fail to vote for Ghalib, they’ll get their noses cut off. The Taliban are not yet known in the world’s cosmetic surgery circles but their talent for cutting noses as a punishment is well-documented in Afghanistan. Sometimes they even offer get two for the price of one, cutting both noses and ears.

Is there any other concern? Oh yes, how would Ghalib get the required number of votes to ensure him Afghanistan’s most indulgent post? Well, thanks to American hoodwinking, futile democracy and Ghalib’s very own filthy relations with the glamorous star, the Afghan youth will vote for him in the mindless, passionate manner for which young people are known worldwide. One problem, though, still remains. What to do with those Afghan villagers who have no idea that Britney is a glamorous world star or that their estranged cousin, Ghalib, has been her boyfriend. The answer is easy: the villagers’ votes could be bought. All you need to do is to bribe their tribal leaders, Afghanistan’s most selfish creatures who cannibalize the innocent people like animals.

So far so good! The only problem left is the support of the so called international community. But that’s not even worth worrying about because our next president, Mr. Adnan Ghalib, already has an Arab and British touch. How come? Don’t ask me. The Wikipedia says so. And then, we could call him the Americans’ son-in-law. Alright, alright, he never married Britney so this description is not working. But how about wanna-be-son-in-law? That’s better? Okay, we are good!

And the female voters? Who cares about them! But I am sure they would eagerly vote for Ghalib just because of Britney. In spite of her having shaved her head a few years ago, Britney is still a woman (no shaving heads for women in Afghanistan) and women are known to vote for other women. By the way, thanks to the Afghans’ famous hospitality, Britney Spears has already registered for voting in Afghanistan. Looking at her ex-boyfriend’s successful march towards the Presidential Palace, Britney would eagerly cast her own vote for him. And so, eventually, they will be together again. We will have a global-Afghan president and an illustrious artist first lady. The Taliban will stop fighting and the people will be satisfied. In short, a Hollywood-style happy ending, beating Slumdog Millionaire hands down!

P.S. With Britney Spears as our first lady, the French will no longer be the only nation with an infamous phony artist acting as the First Lady. And with his Excellency President Adnan Ghalib, we will be able to compete with the US in terms of producing a “global citizen” as our president. Afghanistan will be internationally envied for its talent to catch up with the world’s newest trends in an impressively short time.


Categories: World Tags: , , , ,

Karen Robinovitz: Color Me Pretty!

July 18th, 2009 admin No comments

Before I go into anything, I first have to admit: I have been remissed in posting. I am sorry.

My life is kind of insane. I have been writing about the making of the brand but I’m going back months and months to catch you up on where we are now. At this moment, I’m in the midst of a major deal with potential investors (this close – holding fingers a centimeter apart) and don’t want to jinx it so no details… we’re running out of funds… we’re manufacturing for a ton of reorders (thankfully but you have to lay out serious cash before we get it back!)… marketing and PR is ON… I have five interns, working from my apartment (on the floor, a bridge table in my living room, two in my kitchen (my poor husband is losing it – no quiet and he is the man behind the operations of this gig). I can go on but I will throw up, it’s so much.

Meanwhile, we just launched a fabulous contest online – it’s called Kiss and Tell Your Huge Lips Skinny Hips I.D.!

Here’s the deal – upload a photo of yourself and choose the color that represents your style. You can vote, review, and share. We’re going to choose the ultimate grand prize from the top 250. She’ll get a sexy trip for two to NYC and a personal tour of my inspirations for the shades of Huge Lips Skinny Hips! (You’ll see that below!).

But there will be burlesque with the famous Veronica Varlow – totally hot performer who has danced for Sir Elton John, Marc Jacobs, Heidi Klum!

This is her, below!

2009-07-17-IMG_7374.jpg

Oh, there may be some shopping for Kate Moss pieces at Top Shop… perhaps a little private pole dancing at S-Factor. You’ll shack up at the chic Smyth Hotel in Tribeca. We’ll dine over Lychee Martinis at my favorite spots.

The Most Viral winner will become a Purple Lab brand ambassador and get our products before anyone else for a year. And there is more.

Check it out!

2009-07-17-BrickfishCampaign.JPG

Now, back to where I left off…

We had the packaging look and feel down. I was happy as can be. The mock-up of the component came back from China. C’est parfait! There is nothing quite like the feeling of accomplishment of seeing your vision come to life.

I now needed to figure out the colors of the six-shade gloss line.

I polled my makeup artist friends – I am blessed with having a few fabulous ones! I asked them what colors they would bring to someone’s house if they had no idea what that person looked like or what color their skin tone was. They unanimously came up with the same replies: a light pink or nude, a rich pink, a red, a peach, a color, and clear.

Now, some labs have specific color departments where their sole mission is to create a variety of hues. Mine didn’t. So I did my colors the old fashion way – I spent about $800 at Sephora, buying every key shade I could find. I got empty pots and mixing sticks, rolled up my sleeves, and went to town on my coffee table.

A few hours later, both arms were covered in what appeared to be Indian paint. There was gloss all over the cowhide rug (oops!). My lips were raw from applying and rubbing off and applying and rubbing off and applying… you get the point. But I had six ultra chic, universally-flattering, sheer shades in front of me that I was dying over!

Then the really fun part – naming them! It was like giving birth to six babies at once (call me Angie!). Their monikers came easily – as if they named themselves.

Nude-ish pink was Kitty Poledancer, inspired by my favorite form of exercise. I have been taking pole classes at S-Factor, pole dancing playground where Kate Hudson, Teri Hatcher, Gisele, and Mel B. play. In the studios, large, open mirrorless rooms, lit by LED candles, with multiple poles, no men are allowed.

Meow! The perfect nude-ish pink. Sheer perfection!

2009-07-17-KittyPoledancer.jpg

At S-Factor, the music is always hot. And the teachers encourage you to get in touch with your femininity and sensuality, a part of ourselves society tends to push down. What I love about S-Factor is not necessarily what it has done for my body, but what it has done for my mind.

The girls in class tend to wear little boy shorts. Little and shorts? NOT in my vocabulary! Every week, I attempted to wear them but the minute I saw myself in the mirror – stretch marks, big thighs and all – they came off my body and on went the yoga pants. Now, there were plenty of plus-sized women in class – and for some reason, they seemed to wear the shorts just fine. In fact, they looked absolutely stunning and confident, writhing on the floor, slinking up to the pole, spinning around like delicate ballerinas. Why were they so comfortable in their skin when I couldn’t be?

I felt envy. I wanted to wear shorts and look curvy and beautiful, too. The problem was that I was in my head, not in my body. One day, we were learning to climb. You need skin on the pole to do so or you’ll slip. It was shorts and climb or never get passed level 2! I ran to the lobby to buy the shorts and chose to not change in the bathroom lest I get deterred by an evil mirror. Although it took me about ten minutes to loosen up – and get it through my thick head that no one in the room was looking at me and thinking, “ugh, she is gross!” – the minute some Nine Inch Nails (Download some seriously sexy tracks now!) blasted, I unleashed the poledancer within.

Kitty Poledancer! C’est moi! I find that gate fishnets and lucite stripper shoes make for a great poledancing experience! I was climbing – and loving it. I didn’t care about my legs or my stretch marks or my hips or my bum. I was in the music and in my body. I came home that night with a new energy. “I’m so hot,” I told my husband (you don’t know me but I would NEVER have said that before!). I put on my Lucite heels (gotta love ‘em – they light up when I walk!) and the boy shorts and showed him some moves (sans pole). He was like “Who are you and whatever you’ve done with my wife, don’t bring her back. I like this version of Karen better!”

That was the beauty of S-Factor! I felt liberated and empowered. When I walk down the street and see an awning, held up by two poles, I am known to throw a trick or two. One of my favorite “gay husbands” – you know, the gay friends you live for? – gave me the nickname Kitty Poledancer. And so I hoped that this color would give that sense of sexiness and self confidence to those who brushed it on their lips.

The rich pink had a hint of glitter and a warm mauve-ish hue. Sophisticated yet cool. Kind of like Kate Moss, whose style I love so much that I have a collage of tear sheets where I put my makeup on every day. When I think of what to wear, I look at her for inspiration. The steel sequence gown and cascade of curls for her “Beautiful and the Damned” themed 30th birthday party. Her micro shorts and Hunter boots and McQueen motorcycle jacket for outdoor concerts. The leopard vintage jacket, worn with everything and anything. Lingerie-inspired Dior couture with bedroom hair. No one wears clothes like Miss Kate. Hence, the name Worship Kate. May we all have her wardrobe!

2009-07-17-WorshipKate.jpg

Worship Kate, a chic, rich, sophisticated pink with a hint of mauve-ish glitter. Exactly what I can see my favorite supermodel wearing on her lips!

Sexy, sultry, daring red. When I looked at the red I had created, it immediately reminded me of my favorite place in the world to see red… at the bottom of Christian Louboutin shoes! There is nothing quite like the power of wearing them – when the sidewalk becomes the catwalk. Every girl needs glittery double platform peep-toe slingbacks with five-inch heels. I pray at that cute French man’s altar and developed this shade, Red Sole, in his honor.

2009-07-17-RedSole.jpg

Red Sole pays homage to Christian Louboutin – this shade matches the signature red on the bottom of his shoes. J’adore!

The peachy tone is oh so barely there. It is sweet perfection at its finest and juicy and delicious, sort of like my favorite cocktail, Lychee Martini. The best recipe below:

2 parts U’Luvka Vodka (Have you seen this bottle? The packaging is killer!)

1 part Lychee juice (I can’t say I make my own fruit. I just pour it from the jar of fruit)

A drop of agave to taste (Always good to sweeten the pot)

Two plump Lychee fruits

Mix

Serve in ice cold martini glass

Apply lipgloss to lips before sipping!

2009-07-17-LycheeMartini.jpg

This is Lychee Martini. Sweet, smooth, delish, like the cocktail.

Now… the coral hue… tres exotic. And when I think of exotic, I automatically think of a beautiful beach, maybe St. Tropez. When I think of a beautiful beach in France, I think of frolicking in a bikini, uninhibited, not an ounce of body obsessed women. And when I think of wearing these free, liberated women, I tend to get suicidal. I’m so not that way about my thighs! So in the name of turning all of that bad, self deprecating energy into something positive, I called this gloss Love Your Thighs. All of that time wasted on beating ourselves up for the size of our legs could actually be spent doing something good for the world… with fab lips, of course.

2009-07-17-LoveYourThighs2.jpg

Sexy, exotic coral – and how you’ll feel when you love your thighs!

Lastly, there was clear, the perfect addition to any lipstick or when you just want supple but bare lips. Instead of just naming it “Clear,” I wanted something playful and funny. The thing that came to mind immediately: No Panty Lines. That’s clear, right?

It’s clear – the way your bum should look in pants, sans panty lines! Colors were named! No need to show you clear – just imagine glossy clear perfection, perfect for running errands when you want a little umph or over any other gloss or lipstick.

I then penned a little story to communicate the inspiration behind each shade and decided that the glosses should come with a “love letter” from me, their mother. Nothing like sharing the glamour. You can read all of the stories on our website!

The next step, once you have the colors you want, is to send them to the lab. They will then do the “color matching,” where they send you a submission of their rendition of the colors you desire. It costs a few hundred dollars per color matching – at least that is what it costed us. The lab LOVED our color names. “You’re crazy,” they said when they read Kitty Poledancer, “I don’t believe it.”

“Believe it,” I said, sending them a jpeg of me on the pole, which I see as an art form, more Cirque du Soleil than Scores (for the non-NYers, Scores was a strip club that went out of business due to illicit behavior in the champagne room with some famous athletes… and I’m sure other reasons that weren’t publicized in the news).

I think, in that moment, I became their favorite customer!

It took about three weeks to get the colors back and when I did, it was 100% dead-on. They nailed it. A painless process, thankfully. I was smitten and I signed off on the match.

I was getting ready to pucker up. Little did I know what was ahead…

More to come!

Mwah!

Karen

Purple Lab Creatrix


Categories: World Tags: , , , , , , ,

UBS initiates Valeo with buy

July 17th, 2009 admin No comments

MADRID (MarketWatch) — UBS on Friday initiated coverage of French automotive supplier Valeo with a buy rating and an 18 euro share price target. The investment bank said a cyclical recovery in the industry and repositioning by the company — new

Categories: World Tags: ,

Viadeo Secures $5m More Funding, But How Does It Achieve Breakout?

July 17th, 2009 admin No comments

Viadeo, aLinkedIn and Xing competitor, has secured $5m of funding from French investment houses AGF, Ventech and other investors (including the wealthy Mulliez family) to accelerate growth and prep for potential acquisitions. The business social network is best known in France, but it’s planning to expand its existing foothold in emerging markets like China, India and Mexico. The latest investment takes the total money it has raised since 2006 to $23m. AGF and Ventech were previous investors. Although this market is seeing a lot of “down round” investments right now (a down round is where investors purchase stock from a company at a lower valuation than previously) I am assured by Viadeo that this is not the case here. The question is whether or not this new momentum can deliver traction and a breakout position.

Crunch Network: MobileCrunch Mobile Gadgets and Applications, Delivered Daily.


Categories: Technology Tags: , , , ,