Quick Security Alerts for Week Ending 6/29/2008
Posted by cmdln on 29th June 2008
Posted in Links | No Comments »
Archive for the 'Links' Category
Quick News Links for Week Ending 6/29/2008
Posted by cmdln on 29th June 2008
- Pirate Bay offering crypto tools to foil Swedish surveillance law
The surveillance law is nominally not targeting piracy, per se, but this does remind us of the group’s stance on privacy. Their offerings will include SSL on their tracker, some how-to’s for easy end user encryption, and dropping fees for their commercial VPN offering. - Undoing statutory compromise on performance, composition radio royalties
The exemption from royalties was a regulated compromise to begin with. Radio still thinks it works as it still has promotional value. Does it, though, really, in the wake of media consolidation and online competition? Not that those are the arguments of the labels which are desperate for any revenue other than having to actually innovate. - Turing’s birthday
His birthday would have been June 24th and he would have been 96. If you don’t know Turing’s contribution to computing, read the Wikipedia article at the link. - Online forum for algorithm geeks
Contrast this to academic research into algorithmic complexity. It is a discussion group more informed by practical problems but still pretty deeply geeky stuff. Worth a bookmark against future need for a more efficient solution for thorny computing problems. I wonder if they have anything that could keep Twitter up for longer than a day? - Charter calls a halt to deploying NebuAd
The good news is that a risky, invasive effort has stalled. The bad news it is another point in a disturbing trend in online advertising that begs what is next. And it is merely stalled, not stopped outright. - Nokia to buy Symbian and open the source
This seems to be largely a response to LiMo, another popular open platform, and of course Google’s Android platform. It is encouraging to see open source as a competitive alternative but remains to be seen if the benefits extend to customers in the form of more open, hackable devices. - FCC wants to impose onerous conditions on next spectrum block
This is consistent with other legislative noise tying free access to the internet with porn and other content filters. Worse, this goes beyond filters and could result in truly crippled access, block any sort of free speech protecting technologies, like encryption, and other technologies used as much if not more for other applications than morally questionable content delivery. - Amie Street inks deal that will add over 1MM new songs
Further validation of a very consumer friendly business model. I am heartened to see the catalog continuing to grow on top of last years investment news. - Encoding qubits in a vapor
Some very basic ground work, in optical quantum properties, that could lead to solving the problem of storing, retrieving and manipulating a large amount of qubits. - Rebutting the death of the scientific method
Anderson of Wired suggested with enough data, theory can be skipped. This article does a good job of showing how Anderson misunderstand this idea about limited applications of some classes of mass data correlations, that make sense for Google’s page ranking but not to our general understanding of science and the universe. - Data shows Canadian carrier doesn’t have P2P congestion problems
Bell Canada is desperately trying to spin the low numbers, stating it is all about context and suggests that minimal congestion at one link can apparently multiply non-locally into the kinds of problems it thinks justifies throttling P2P traffic. - MPAA lands first P2P jury conviction
Arguably the defendant, Dove, is in a different class than those in civil cases. Some may see it as borderline but it definitely makes more sense in the light of a criminal conviction to consider home a commercial scale pirate, not a casual home user of P2P for occasional infringing downloads. - Should security vulnerabilities be treated as product defects
Pretty obvious when you think about it, both the should do and the actually do side of it. A bit disturbing to read an anecdote based around a high profile company, though, shrugging off vulnerability reports like feature requests.
Posted in Links | No Comments »
Quick Follow Up Links for Week Ending 6/22/2008
Posted by cmdln on 22nd June 2008
Posted in Links | No Comments »
Quick Security Alerts for Week Ending 6/22/2008
Posted by cmdln on 22nd June 2008
Posted in Links | No Comments »
Quick News Links for Week Ending 6/22/2008
Posted by cmdln on 22nd June 2008
- Good advice on collaborating openly versus coding alone then contributing
Good advice for professional and open source development alike. The trick is maintaining a sustainable granularity of tasks so contributions can get reviewed in the small, rather than the impossibility of reading a monolithic and huge contribution. - Potentially invasive email services
The core problem seems reasonable, especially given the clear explanation of the limitations of SMTP. The real problem seems to be one of norms, that anything other than a clear protocol based solution, which is available, is seen as invasive. - Nokia guru wonders if open source and device restrictions can coexist
Director of open source at Nokia claims that while device makers are trying to work better with open source projects, there needs to be some equal consideration for the state of the industry on closed aspects like IP and DRM. - More questioning of multithreading as a valid model
More empirical data from design automation as an industry, driven by the density of gates on the modern 45nm integrated circuit. Suggested increasing number of cores are going to make the problems with threading worse. - Revisiting the idea of the browser as the OS
Cites the adoption of local storage, think the file system for an OS, as one of the last needed pieces. Ties it all the way back to Netscape’s original idea for “middleware”, the threat that lead Microsoft to crushing them. - Judge rules White House not subject to FOIA
There are other suits ongoing but this one seems at an end based on a characterization of the executive bodies being tasked as not agencies as defined under FOIA, so the judge has ruled them exempt. - Apple’s open source JavaScript framework
This is the framework Apple used for its new MobileMe applications and seems to have a flavor very similar to Cocoa. It also may be the specific driver for the adoption of Squirrelfish, a faster JS interpreter, for WebKit. - Apple submits OpenCL as an ad hoc standard
OpenCL is part of Apple’s forthcoming parallel enhancements on Snow Leopard. It competes with NVidia’s CUDA and is meant for utilizing the GPU alongside the CPU, not parallelism within a multicore CPU itself. - Clever pirate album to protest blank media, “pirate” tax
An artist is using his take from his country’s levy to fund a remix album to highlight the problems with blank media levies, mostly in that they perpetuate aging business models, penalize honest citizens. - Inside the internet archive
Some good technical insight, if you are curious, as well as a background on the lead techie. - Malware nets child porn charge against innocent civil servant
The employee in question was exonerated after the fact but was originally railroad on just the appearance on the porn on his system without any in depth investigation as to how it got there. - Reddit goes open source, makes operations transparent
Founder cites the service’s content as being key, not its technology. Will keep some of the anti-gaming, anti-cheating stuff closed but looking for good input from the community based on the 95% that will be shared. - Big brother law defeated, then passed, in Sweden
Apparently defeat was snatched from the jaws of victory as the bill was reformed, minimally, and resubmitted. Critics are still not happy with the reformed bill. - DARPA struggling to recruit
DARPA is now apparently losing funding because key positions are going unfilled. Means they will be unlikely to recruit at all as this equates to an elimination of those positions. - Intrusive advertising now forging packets
NebuAd has been unable to refute the technical findings of Topolski’s analysis though they tried to allay privacy concerns. This is clearly an escalation over Phorm’s approach and paints a disturbing trend, an arms race in targeted advertising which is frightening to extrapolate. - IcedTea’s OpenJDK passes the JCK
Fulfills the long held promise of opening the platform, though details are scant. What is clear is this is a complete JDK, not a partial implementation and the JCK is what Sun has used for its own and commercial offerings to date. - MPAA says it doesn’t need to prove infringement
This is the industry’s first response to the all from comments from Judge Davis on the Thomas case. It appears to be a rebuttal of the legal scholars saying proof of infringement is required. The MPAA comments seem very self contradictory, to me. - Leaked powerpoint paints poor picture of Comcast
Turns out the DirecTV ad campaign may not be too far off the mark in how they depict at least one cable company. It still boggles my mind that companies don’t exercise more care over internal communications given how easily such documents may turn up in unexpected places. - O’Reilly to release DRM-free e-books
The books will be available in the three most common formats and for less than the print copy. I am surprised O’Reilly didn’t do this sooner, though this is a pilot, much like No Starch’s similar project earlier in the year. They cite the reason for the delay being time invested on tools for publishing these open formats.
Posted in Links | 1 Comment »
Quick Security Alerts for Week Ending 6/15/2008
Posted by cmdln on 15th June 2008
- Defending against drive by download attacks
- Was Amazon outage result of bot induced DDoS attack?
- Drastic proof of concept exploit for Safari on Windows flaw
- Update on cramming
- Alternatives to traditional anti virus software
- Security hole opens up utilities to attack
- New trojan targets wireless routers
Posted in Links | No Comments »
Quick News Links for Week Ending 6/15/2008
Posted by cmdln on 15th June 2008
- Britannica experimenting with user contributed content
Their announced system will be non-anonymous and favor experts. It will be tightly controlled, with editorial review. It looks like mostly they are trying to address criticism of not being able to update as quickly as Wikipedia without giving up their professional review and credentials. - Columbia prof, Tim Wu, to take over chair of media reform organization
Wu is a progressive thinker, speaking out on issues I care about. He makes a good case for why media reform is just as important and touches on many of the same concerns. - Virgin Media to start filtering
This is at the behest of a trade association, BPI. The ISP will send threatening letters but may eventually start disconnecting users. BPI, among others, wants a three strikes rule, with a permanent disconnect after three incidents. - Inside the RIAA and MediaSentry
Some of the highlights are they appear to target only the most popular songs, I am guessing because the RIAA thinks these have the most value. MediaSentry does download songs, at least on LimeWire, which muddies the question of whether that download is authorized and/or the sole basis for an infringement complaint. - A year of the Copyright Alliance
Not much to comment on other than their own propaganda and slippery use of membership numbers. - The effect of open source on the market for developer tools
This is mostly an extended ad for a Java IDE. The only interesting aspect is that the company made the non-collaborative version free because it is little better than all of the free source code editors out there. They have a non-free version they feel offers more than free tools, which gives the lie, a little, to the interviewee’s claim that the tool market is dead. - New service activation impinges on iPhone unlockers
It’s not a technical measure, its procedural. Resellers will be forcing consumers to buy contracts or pay more for pay as you go versions. It doesn’t mean that those not considering cost but just free as in speech concerns will be left out in the cold. It just raises a monetary barrier. - Renewed push against child porn may resuscitate CDA’s corpse
This is not a bill, but an accord with the NY state AG. It goes directly against the safe harbor established under the CDA. Some ISPs are going further than asked and other forms of scope creep are the real danger against other forms of speech that are protected. Child porn enjoys no free speech protections. - Google supports privacy bill
Privacy advocates are still critical. Many states are considering more aggressive laws that could be gutted by a federal bill. Google has repeatedly faced criticism for its privacy practices, so this may be a make nice move rather than genuine support of consumer privacy. - Spyware in meat space
The problem comparing digital billboards to Nielsen and the like is that the boards are in public spaces. This is also why the question about their ability, whether they use it or not, to store faces is so hotly debated. - Instilling devices with digital manners
The article states the issue well. Focusing on norms is a better way to accomplish what the patent hints at. Having technology react to location by altering device function is too easily abused on one hand and too easily circumvented on the other to be genuinely useful for anything. - Examining LifeLock more closely
Not surprisingly, Schneier’s analysis is clear and helps identify where some of the other coverage about LifeLock may have gotten it wrong. Regardless, he is suggesting that their service is moot more because the genuine risk is so small. - Interview with Douglas Hofstadter on the future
Given the recent links to discussion of the singularity, this is an interesting counter point. As the man puts it himself, he is more an optimist about the complexity of the human mind than a pessimist about our ability to mimic or translate it. - Another attack on quantum crypto
The research mentioned apparently shows how an imperfect, non-descructive quantum copy can be useful, punching a hole in the assumed unassailability of quantum crypto based on the thinking that only a perfect, destructive copy would be useful.
Posted in Links | No Comments »
Quick Security Alerts for Week Ending 6/6/2008
Posted by cmdln on 8th June 2008
Posted in Links | No Comments »
Quick News Links for Week Ending 6/6/2008
Posted by cmdln on 8th June 2008
- Command line interface to Google, Wikipedia
I love the idea and the implementation is wonderful. Make sure you add to your Firefox search field. Also a good way to check whether Google has picked up latest updates in your feeds. - Lawyers assessing risk of GPL3
I don’t entirely agree with the authors interpretation of GPL, especially that freedom of the software trumps freedom of the user as that contradicts freedom zero. But advising businesses to do their best to understand the license before choosing to use it is a good idea, regardless. - Vinge’s latest ideas about the Singularity
Vinge remains optimistic though realistic enough to still consider Singularity as not inevitable. His article is an interesting survey of the other articles in the themed issue and a good overview of the state of the subject. - Revisiting Wikia, Wales’ human powered search
The promised editing tools have shown up, including rating and the ability to update or revise the description associated with results. It is still early days so remains to be seen if the model that worked so well for Wikipedia will work here. It will also be interesting to compare Wikia’s evolution from here on out with Mahalo which has a limited set of editors and appears more dedicated to search quality than total open-ness. - x86 turns 30 years old
Love it or hate it, it is hard to argue that the x86 architecture dominates many markets. The linked article is a good history of the technology’s success to date. - Bletchley Park taking online donations
Donations are via credit card and in British pounds. Still, I view this site as part of world computing heritage. Consider helping the trust maintain the site for posterity. I’d love to visit it myself, some day. - First programmer meets Babbage this week 175 years ago
Ada Lovelace was history’s first programmer, credited also with conceiving of the loop, all based on her love of mathematics and first meeting with Babbage who conceived of the first general purpose computer. Not surprising, she was also apparently instrumental in popularizing Babbage’s work. - SCOTUS judge contributes to legal simulation video game
The game in question is aimed at junior high school students and is meant to teach civics. The announcement was part of an event, Games for Change, intended to explore how gaming can help deal with social issues. - Downside of laptops in education, developing nations
The core of the linked paper is about the decision to try to foil theft of XO laptops by welding user identities unsafely to the machines. Much of the social and political impacts stem from this initial priority decision. Since the OLPC security chief who wrote Bitfrost left, it is unclear what affect this paper will have. - Candidates on five big tech issues
Most of the answers are predictable. In some cases, Obama is a bit more progressive. All three are more alike than not on IP reform, which is worrisome, and only Clinton seems very interested in consumer privacy. The article also provides more information on all five issues for those not as well informed who might want some background, further reading. - Little Brother inspired Linux distro under development
It looks like the project just started and is mostly in the discussion phase. If it approaches the goal Cory described in my recent interview of a very simple end user experience and only re-uses technologies like Tor, that would be worthwhile of itself. - Using diamonds for quantum computing
This takes advantage of natural or induced nitrogen vacancies in diamond’s otherwise uniform carbon lattice. Researchers have already achieved durable entangled states, showing promising for scaling up and entangling multiple vacancies in a more reliable fashion. - Microsoft adding Ruby to Silverlight
Since Silverlight is more like Flash, using Ruby is not so different from ActionScript/FLEX. It is surprising that Microsoft is including a language not their own but may be a move to try to capitalize on Ruby’s popularity and momentum to jump start their own “me too” technology. - AT&T trying to embrace BitTorrent, adjust pricing
CTO claims the telco has never interfered with any specific application. This is offset by his discussion of plans to introduce usage based pricing on claims that a minority of users are soaking up the majority of capacity and should essentially be taxed for doing so. - Software updated shuts down nuclear power plant
At its core, the problem was a connection between the business and control network that should not have been there. The shutdown was apparently a fail safe. This story is hardly reassuring about our ability to handle every more complex systems safely. - Story behind the Zac Browser for autistic children
This particular story, out of all the mentions I’ve seen about this project, captures more of the human element, that this is about a grandfather helping his grandson, first, and serving the broader community second. The browser is free to use, though, so it is a pretty close second. - Wiki supporting legitimate uses of P2P technology
The more clear information about the technology, the better. This would appear to be a good complementary effort to the UW study that I’ll talk about in the podcast. - Full body scanners now live in 10 US airports
The privacy abuses are obvious and the citizen confusion is telling. How much money has been sunk into this technology that could be spent on training more air marshals or other more effective measures? And where is the data on whether prior uses of the technology has made a difference? - OS X 10.5.3 regression bites Mozilla
I am most concerned by the suggested that this may not be a limited issue, that the low level function in question could interfere not just with other aspects of Mozilla but even cause problems for other 3rd party software.
Posted in Links | No Comments »