Monthly Archives: September 2006

Darknet v. Botnet

In Moving Ahead in the War Against Botnets, 12 Sep 2006, the blogger Darknet comments on an article that says that Gadi Evron, manager of the Israeli CERT, started a public mailing list back in March:
Over the last year, the group has done its work quietly on closed, invite-only mailing lists. Now, Evron has launched a public, open mailing list to enlist the general public to help report botnet C&C servers.

The new mailing list will serve as a place to discuss detection techniques, report botnets, pass information to the relevant private groups and automatically notify the relevant ISPs of command-and-control sightings.

Hunt Intensifies for Botnet Command & Controls By Ryan Naraine, EWeek March 2, 2006

This is a good example of collective action against aggregate damage.

The same article quotes Dan Hubbard about Websense’s botnet-spotting features in its products. This is a good example of how commercial products can complement for-free collective activities such as mailing lists.

-jsq

PS: Thanks to Wendy Nather for this one.

Criminals, Old Folks

Brian Krebs reports on a study by AARP about data breaches over the past 16 months.

The study attributes about a third of breaches to deliberate software breakins, slightly less (29%) to theft of laptops, and most of the rest (23%) to improper display of sensitive information. Employee theft came in at 7%, and lost backup tapes at 2%. Of course, some of the actual individual lost tape incidents have lost millions of identities.

Continue reading

Costs Less, Works Better!

Another confusopoly, the very agent of confusion used by other confusopolies, is being affected by the Internet:

What Wanamaker [the inventor of modern mass-market advertising] could not have foreseen, however, was the internet. A bevy of entrepreneurial firms—from Google, the world’s most valuable online advertising agency disguised as a web-search engine, to tiny Silicon Valley upstarts, many of them only months old—are now selling advertisers new tools to reduce waste. These come in many exotic forms, but they have one thing in common: a desire to replace the old approach to advertising, in which advertisers pay for the privilege of “exposing” a theoretical audience to their message, with one in which advertisers pay only for real and measurable actions by consumers, such as clicking on a web link, sharing a video, placing a call, printing a coupon or buying something.

Internet advertising: The ultimate marketing machine Jul 6th 2006, From The Economist print edition

For example, Google made $6.1 billion last year on online contextual advertising, which pays google only when the ad reader clicks on the ad.

Continue reading

Does HP Have Any Pretext?

The HP self-spying story seems to have legs. Some of the stories are spinning it as a personal story about HP’s chair:

Now Dunn faces a furor over her handling of the board. Critics say she could take a fall, possibly losing her role as board chair, for spurring an investigation that spied on her fellow board members and reporters to find out who was leaking information to the press. The outside investigators called telephone companies pretending to be board members and reporters to get telephone records — actions that could be illegal.

California Attorney General Bill Lockyer is investigating and said Thursday that laws have been broken, although it’s unclear by whom. The Securities and Exchange Commission is looking into the matter as well.

HP board chair’s leadership in question, By Michelle Quinn and Therese Poletti, Mercury News, Posted on Fri, Sep. 08, 2006

Easy enough to do, given all the colorful characters: the board member who was the target of the spying refused to resign; one of the most famous and influential venture capitalists resigned instead and took the story public after HP refused to; everybody from ethicists to the California Attorney General is weighing in.

Let’s look at a few perhaps less obvious angles.

Continue reading

Mozilla Security Czar

Mozilla has hired Window Snyder to help organize their security efforts. The article, Ex-Microsoft Security Strategist Joins Mozilla By Ryan Naraine, September 6, 2006, doesn’t say what her title will be. It does say she used to work for Microsoft and before that for @Stake. Hm, maybe she’ll have a more steerable employer this time….

-jsq

PS: Seen on Financial Cryptography, which points out that this could help Mozilla deal with longterm threats like phishing.

Bad Broadcast Treaty

In the world of the Long Tail, blogs, podcasting, and online video, you’d think copyright would be getting more flexible and diversified, right? Not if the U.S. government has its way:
Under the Broadcast Treaty, fair use, Creative Commons and the public domain would be trumped by the “broadcast right,” which would be owned by the broadcaster of works. If you got a copy of a work over the air or over the Web that copyright would let you use (because it was in the public domain, because it was factual, or even because the creator had granted you permission), you’d still need to seek permission from the “caster,” who would get a 50-year monopoly over the re-use of copies of the works it transmitted.

America to US gov’t: kill the Broadcast Treaty! Cory Doctorow, BoingBoing, Tuesday, September 5, 2006

For this treaty: Yahoo! and Microsoft. Continue reading

Another Confusopoly Disintermediated

Adam Shostack blogs a New York Times article, The Last Stand of the 6-Percenters? that describes how online real estate listings such as RedFin, ZipRealty, and BuySideInc.com, are letting home buyers find houses to buy without using real estate agents; needless to say, said agents are not happy about likely losing their traditional 6% commission. So yet another confusopoly, as Scott Adams calls companies that deliberately use secrecy and confusion to hide differences in products so customers have to use experts to purchase, bites the dust, like traditional stock trading, car sales, and even to some extent telephone services and insurance.

I predict the agents who learn how to use such listings to do more volume at lower commissions will thrive and prosper; I can think of a few specific examples. Those who stonewall against the new paradigm won’t do so well.

-jsq

The Street’s New Paradigm

Recently I posted about hammering wasps, in which I cited Bill Gibson’s post on the same subject, in which he used one of his favorite phrases:

I’ve heard that Kuhn fiercely lamented the application of SSR to anything other than the structure of scientific revolutions, but that’s how it usually is, when the street finds its own uses for things.

Indeed it does, as also noted by someone who kept finding the street using all sorts of theories in unpredicted ways:

Taken together the theorems associated with Godel, Lowenheim & Skolem, Tarski, Church, Turing, Chaitin, and others reveal that: Not only do the statements representing a theoretical system for explaining some aspect of reality explain that reality inadequately or incompletely but, like it or not, these statements spill out beyond any one system and do so in unpredictable ways.

–John R. Boyd, "Conceptual Spiral," July/August 1992, p. 14

Could this mean the street thus has an advantage over those who stick only to the intended uses of a theory?

Continue reading

Google as AI

For a while now I’ve been hearing that Moore’s Law will eventually produce real artificial intelligence, which many people expect will result in the Singularity. Nevermind that last part for now; I claim that the first part has already happened. I call it google. Whenever I say this in conversation or when speaking, most people go “pshaw” and change the subject. Maybe they’re thinking about AI like Asimov’s robots, autonomous and independent. Google isn’t that.

But look at this:

A crossword-solving computer program yesterday triumphed in a competition against humans. Two versions of the program, called WebCrow, finished first and second in a competition that gave bilingual entrants 90 minutes to work on five different crosswords in Italian and English.

Crossword software thrashes human challengers Tom Simonite, NewScientist.com news service, 31 August 2006

WebCrow uses a dictionary and looks in a database of known solutions, as well as using some heuristics. But it has a special sauce:
WebCrow performs a search using key words extracted from the clue. It can usually find the answer by looking at the small previews that appear with the search engine results, but it can scan whole pages if necessary. Words of the right length that crop up most often in the results are taken to be possible answers.
When DeepBlue beat chess grandmasters, that was considered a form of artificial intelligence. How is this different? Continue reading