Sunday, January 14, 2007

What's as bad as a local disaster that knocks you off the Internet? (Define power in the Internet age...)

http://slashdot.org/article.pl?sid=07/01/13/2132215&from=rss

When Your Site Ceases To Exist

Posted by kdawson on Saturday January 13, @06:40PM from the without-a-trace dept. Google The Internet

El Lobo writes with a sobering account of how Javalobby dropped off the face of Google last month. The site had been attacked by forum spammers and Google indexed some of their spew before the Javalobby guys could remove it. According to a post in Rich Skrenta's blog, Google is now the de-facto front page for the Internet, accounting for anywhere from 70% to 78% of the search market. The power this conveys is hard to overstate.

From the Javalobby saga: "We had completely disappeared from Google's main index! If you run a website, then you know how serious a problem this is. On any given day over 10,000 visitors arrive at Javalobby as a result of Google searches, and suddenly they stopped coming! ... Suddenly we no longer existed in the eyes of Google."



In military cryptography, the goal is to ensure that encrypted information can not be accessed in time to take appropriate counter-actions. Clearly that isn't the strategy here, so why are they doing it? My guess? Someone sold them on the idea...

http://it.slashdot.org/article.pl?sid=07/01/13/181222&from=rss

Decryption Keys For HD-DVD Found, Confirmed

Posted by kdawson on Saturday January 13, @01:14PM from the house-of-cards dept. Encryption Media Entertainment

kad77 writes "It appears that, despite skepticism, 'muslix64' was the real deal. Starting from a riddle posted on pastebin.com, members on the doom9 forum identified the Title key for the HD-DVD release 'Serenity.' Volume Unique Keys and Title keys for other discs followed within hours, confirming that software HD-DVD players, like any common program, store important run-time data in memory. Here's a link to decryption utility and sleuthing info in the original doom9 forum thread. The Fair Use crowd has won Round One; now how will the industry respond?"



Well worth skimming through...

http://www.digital-copyright.ca/node/2899

The Economic impact of open source software on innovation and the competitiveness of the ICT sector (EU)

The European Commission Study about the Impacts of FLOSS has now been published. (Direct link to PDF of study)

While there are many interesting things that can be seen from the Executive Summary alone, one paragraph stood out from past conversations with policy makers and educators who had misconceptions about FLOSS.

Proprietary packaged software firms account for well below 10% of employment of software developers in the U.S., and "IT user" first account for over 70% of software developers employed with a similar salary (and thus skill) level. This suggests a relatively low potential for cannibalisation of proprietary software jobs by FLOSS, and suggests a relatively high potential for software developers jobs to become increasingly FLOSS-related.

Whether your issue is job creation (governments) or job training (schools), it is clear that the legacy proprietary-only (and sometimes platform specific, such as Microsoft) proposals are ill advised. FLOSS needs to become a core part of job creation and job training strategies.



A lesson for researchers? Don't ignore the obvious.

http://www.technewsworld.com/rsstory/55150.html

Spy vs. Open Source Searcher

By Douglas Raymond and Paula Broadwell The Record 01/14/07 4:00 AM PT

The search abilities of Web sites like Google and Wikipedia have given ordinary citizens intelligence-gathering capabilities [Attention stalkers! Bob] that in some ways rival those of clandestine government agencies. The power of wikis and search engines lie in the massively collaborative effort that the technologies enable.

The U.S. State Department effort last month to issue a travel ban on 12 Iranians suspected of supporting that nation's nuclear program wasn't big news at first. Shortly thereafter, it was revealed that the analysis supporting the ban was provided not by the CIA, but by a single junior analyst using Google.

The lesson? Advanced technology and Web-savvy citizenry now make it possible for open source information gathering to rival, if not surpass, the clandestine intelligence produced by government agencies. [That's going a bit far... Bob]

Indeed, open source methods have already proved their worth in counterterrorism. Shortly after Sept. 11, Valdis Krebs, a security expert, recreated the structure and identities of the core al-Qaeda network using publicly available information accessed from the Internet He started with two Sept. 11 hijackers, Nawaf al-Hazmi and Khalid Almihdhar, who were identified from a photograph taken while they attended a meeting with known terrorists in Malaysia in 2000.

By scanning public sources for information linking these suspects to others, he recreated the social network identifying all 19 hijackers and described their relationships to their co-conspirators, including the identification of Mohammed Atta as the ringleader.

Hacking al Qaeda

A U.S.-based research center, the Search for International Terrorist Entities (SITE) Institute, monitors the public communications of terrorist and extremist Web sites and has successfully penetrated password-protected al-Qaeda-linked sites. SITE has successfully accessed terrorists' propaganda, training manuals, and communications, offering insight into their activities that is difficult to obtain elsewhere.

According to a Marine colleague who just returned from Iraq, information on the SITE Web site was used within hours of posting to prevent a terrorist attack in Iraq, demonstrating that third-party analysis has become a key component of intelligence.

Data on Terrorists

A third example comes from a new database at the Jebsen Center for Counter- Terrorism Studies at Tufts University's Fletcher School in Medford, Mass. Researchers there have collected historical data on the life paths of hundreds of terrorists and analyzed their letters, wills and interviews. This information, based on open source data, is being used to identify the factors that tend to predict terrorist acts.

While motivated citizens and academics have often been able to generate analysis that rivals that of government experts, the difference today is that technology such as wikis and blogs allows thousands to contribute to an analysis. Readers can then "vote" the most accurate and relevant information to the top, giving them enough credibility to be taken seriously.

Take, for example, the Wikipedia entry of Moqtada al-Sadr. Sadr's entry in this free encyclopedia that anyone can edit has been modified approximately 500 times by about 50 people in the past three years. These motivated authors have expanded the entry and corrected hundreds of one another's errors and omissions.

Blogs are another tool for massive parallel analysis and collaboration. A search for blogs dealing with terrorism generates nearly 1 million results.

While most bloggers generate little of value to intelligence analysis, the collaborative nature of the technology gives greater weight to the better analyses, pushing them to the top.

Secret 'Intellipedia'

A disconcerting fact about the Iranian travel-ban event is that the State Department had repeatedly requested that list of names from the CIA, but was refused for reasons of secrecy.

To be fair, the U.S. intelligence community has taken some first steps in adopting collaborative technology by creating an "Intellipedia" a secret, internal version of Wikipedia . However, the strength of Wikipedia is not the technology, but the massively collaborative effort that the technology enables. U.S. intelligence agencies must adopt this collaborative spirit and become more adept at incorporating the increasingly valuable analysis produced in the public domain with their internal efforts.

America will be a more secure country once it discards the notion that secrecy is equal to strength, and begins harnessing the power of 100,000 bloggers.



Given the FBI's skill at computer systems, perhaps they should outsource too...

http://www.thisislondon.co.uk/news/article-23381605-details/MI5%20terror%20alert%20blunder%20sends%20private%20data%20to%20US%20mailshot%20firm/article.do

MI5 terror alert blunder sends private data to US mailshot firm

13.01.07

Confidential details sent to MI5 by thousands of individuals and businesses have ended up with an American company specialising in supermarket mailshots.

The security service's new email early warning system was designed to reassure the public in the wake of the July 7 bombings and the disclosure of a string of failed terror plots.

It was launched by the Home Office last week. The Government said it was part of a long-planned programme to keep the public better informed about the terrorist threat.

People signing up for the alerts were asked to type their name and email details into the MI5 website alongside an assurance their personal information would be protected by the Data Protection Act and the Security Services Act.

They were emailed back by MI5 with the message: "Thank you for your request to subscribe to the MI5/Home Office Threat Level Update email list." Subscribers were led to believe their details were being kept in secure computer files at MI5's Thames House headquarters in Whitehall.

But The Mail on Sunday can reveal the service is not being run by MI5. Instead it has been paying Whatcounts Inc, a US computer firm based in Seattle, to store the details and send terror alerts.

The company specialises in sending advertising emails for retail firms. It has close ties with the US government and runs internet systems for the government-owned Voice of America broadcaster which has historic links to the CIA.

There were also concerns about whether the US firm was vetted by the security service. Conservative Homeland Security spokesman Patrick Mercer said: "I am alarmed and surprised that the Government would outsource this sort of sensitive material to another country."

Data experts said information sent in this way was vulnerable to interception by hackers or even Al Qaeda terrorists.

The boss of Whatcounts, who claims he was never told they were working for MI5, [See! Security! Bob] described the set-up as 'a comedy of errors'. He questioned why MI5 had not chosen to keep the information on its own computers, and could not guarantee all the email messages sent to warn a terrorist attack was imminent would reach the public. David Geller, Whatcounts chief executive, said he was 'surprised to learn' his system was being used by MI5. He said that the firm guaranteed not to use the information for any other purpose or sell it on.

"We are registered with the US government as being a safe harbour for data," he said. "We would never release any data unless we were compelled to do so by a court order from an official government body. This protects that information even from the CIA or the US National Security Agency."

Whitehall sources said the MI5 system had been set up by an unnamed firm which was responsible for running its website. That firm had hired London-based Mailtrack, another direct marketing firm, to run the system. Mailtrack outsourced the work to Whatcounts.

Last night Whitehall sources said MI5's arrangements were now being reviewed and the email data transferred back to the UK.

MI5 is likely to face further questions of the level of vetting it gave computer firms involved after it emerged that David Geller has an Iranian wife.

Cathia Geller, a public relations executive, describes her interests as Iran, travel and cooking and gives her home town as Tehran. There is no suggestion that the Gellers have any links to the Iranian regime which has been named as part of the axis of evil by President Bush for its sponsorship of international terrorism.

The couple live in a $600,000 lakeside home in Sammamish, a middle-class commuter town outside Seattle with their four-year-old daughter.



If we move quickly, we can have this on T-shirts before the competition.

http://science.slashdot.org/article.pl?sid=07/01/13/1821250&from=rss

Formula For Procrastination Found

Posted by kdawson on Saturday January 13, @02:19PM from the putting-it-off dept. Math Science

kandela writes "Science Daily reports that a University of Calgary academic has published a paper titled The Nature of Procrastination: A Meta-Analytic and Theoretical Review of Quintessential Self-Regulatory Failure in the Psychological Bulletin. The research reveals that most people's New Year's resolutions are doomed to failure, most self-help books have it completely wrong when they say perfectionism is at the root of procrastination, and procrastination can be explained by a single mathematical equation. The research is apparently the culmination of 10 years work. However, no indication was given of how much time was spent putting it off before it was begun."

From the article: "Essentially, procrastinators have less confidence in themselves, less expectancy that they can actually complete a task... Perfectionism is not the culprit. In fact, perfectionists actually procrastinate less, but they worry about it more."

No comments: