Avalaan’s New site launched …
August 24, 2008Well after a short delay … http://www.avalaan.com/ is now online and launched. Well not that it is new. But there has been a lot of changes. Its had a complete re-development. Its now pretty interavtive and there should be a lot more fresh content to keep you amused.
BUT the best thing is the fact, you can now buy artwork online from the artists that make up the familia.
You get to look at work from people like Pat Bremer, and Plas. It is all avaliable to buy online though paypal!
Please take a look and let us know what you think,…
Schofie
THE PIONEER DVJ!!!!
August 22, 2008Right i was watching this video the other day … which show’s DJ Voda scratching video – I couldn’t for the life of me work out how this was done … so with a little research – i found out he was “cheating” – well kind of !!!
Any who – someone with some money – buy me two of these !!!
Robert Lepage in Quebec City
August 4, 2008From Ironic Sans:
Bunge Grain complex in Quebec City is made up of 81 individual silos 30 meters tall. In celebration of Quebec’s 400th Anniversary, artist Robert Lepage used the complex as a screen for an incredible site-specific motion picture called The Image Mill. The film tells the story of Quebec’s 400 years through video, pictures, and sound. I expected a cheesy patriotic movie. But what I saw was subtle and elegant. The video, which shows 10 minutes of the 40 minute film, gives a good idea of what the movie was like. It shows how Lepage made innovative use of the contours of the silos, turning them into bullets, candles, a printing press, cigarettes, etc, and how he turned the entire complex into other kinds of buildings completely, such as a factory and an airport.
Trees Are People Too
July 31, 2008
In one of Filthy Lucre’s latest projects, he added eyes to trees and bushes in the public space. They “eyes” are really just dots painted on while balloons. Both of these photos were taken in Salamanca, Spain.
The Golden Ass
July 31, 2008Street artist Mark Jenkins makes, among other things, awesome human sculptures out of tape and then dresses them and puts them in public places. His latest project is The Golden Ass. In an area of Barcelona packed with “golden statue” type street performers, he constructed a sculpture that looked like a human in a horse costume. Everyone who encountered it assumed it was a performer being incredibly still.
He writes:
“…it’s much easier to make pretend people than to pretend to be a sculpture all day.”
addthis_url = ‘http%3A%2F%2Furbanprankster.com%2F2008%2F07%2Fthe-golden-ass%2F’;
addthis_title = ‘The+Golden+Ass’;
addthis_pub = ”;
Human Mirror
July 31, 2008 
For our latest mission, we filled a subway car with identical twins, creating a human mirror. Enjoy the video first and then see below for our report with tons of photos.
(also available on YouTube)
edited by Matt Adams / song by Tyler Walker
Our mailing list has grown so large that we’ve started brainstorming different ways to narrow it down. Last summer, we found out how many redheads we could recruit, and this time around we sent out a request for identical twins. Within a day we heard from over 50 pairs. Most of the twins could not make the day and time of the mission, but we were delighted to have 8 pairs turn out, nearly all of whom had never participated in one of our missions before.
‘Secure’ PayPal page is… you guessed it
May 17, 2008A serious scripting error has been discovered on PayPal that could enable attackers to create convincing spoof pages that steal users’ authentication credentials..
The cross-site scripting bug is made all the more critical because it resides on a page that uses an extended validation secure sockets layer certificate. The new-fangled SSL mechanism is designed to give users a higher degree of confidence that the page they’re visiting is secure by turning their browser address bar green.
But Finnish researcher Harry Sintonen figured out a way to inject his own code into a supposedly protected PayPal page even as the green bar lulled visitors into believing it hadn’t been tampered with. Sintonen’s code simply caused an Internet Explorer alert window to open with the words “Is it safe?” as evidenced by the screenshot below.
During an online interview, he demonstrated a page that prompted users for their account credentials and then sent them to an unauthorized server, and he said it would be possible for him to steal user cookies as well. All the while, the address bar would bear the PayPal URL in green. At time of publication, eBay had not yet removed the buggy code.
A statement from PayPal said the company considers user security a top priority. “As soon as we were informed of this exploit, we began working very quickly to shut it down,” the statement read. “To our knowledge, this exploit was not used in any phishing attacks”. Unauthorized withdrawals or purchases made on PayPal accounts are fully reimbursed.
The discovery is one more reason to remain skeptical of extended validation SSL, which has always struck us as a solution in search of a problem. Yes, we know it’s supposed to close a loophole that’s long existed in SSL by certifying, in this case for example, that it is eBay (the parent company of PayPal) that owns the SSL certificate for the specific PayPal page. But we’ve not yet heard of a single attack involving a forged certificate, so we’re tempted to think the measure is more gimmick designed to generate revenue for VeriSign and its competitors than anything else.
eBay security pros seem to have drunk the EV SSL Kool Aid, however, having announced recently (PDF alert) that browsers that don’t support the new standard aren’t welcome on the PayPal site.
XSS vulnerabilities have emerged as one of the easier and more common ways to subvert website security measures. They use manipulated URLs to get around the so-called same-origin policy, which prevents cookies and other types of content set by one domain from being accessed or manipulated by a different address.
Despite the proliferation of XSS attacks, McAfee’s ScanAlert, which provides daily audits of ecommerce websites to certify them “Hacker Safe,” gives clients the thumbs up even when XSS vulnerabilities are discovered on their pages. ®
