I’ve only read parts of Amit Singh’s A Taste of Computer Security (posted on KernelThread.com). However, what I have read is excellent.
This reliance of the world’s infrastructure on computer systems, and the consequent pervasiveness of the latter, makes their “security” an issue of great importance.
I generally haven’t bothered to comment on the SCO vs. IBM stuff at all (we’re an IBM Business Partner at work but I hope IBM wins for a variety of reasons). After reading this, all I can say is “Clearly there is a village somewhere which is missing its idiot.”
Nuff said.
Australian IT has some details on how Coke put GPS in a bottle for a compteition.
Putting satellite tracking in a Coke bottle posed serious technical challenges.
GPS only works outdoors, and the units had to be tough enough to survive weeks in fridges and vending machines, while at the same time looking and feeling like a normal bottle of Coke.
To get around these problems, Coke and local marketing agency Momentum Worldwide placed a Benefon GPS mobile phone inside specially designed Coke bottles that unscrews in the middle. Each half of the bottle is filled with Coke-coloured water, with a hollowed-out centre section carrying the Benefon mobile.
Despite serious flaws being found in the ANZ’s eCommerce payment systems, which could allow someone to obtain goods without paying for them, the ANZ isn’t planning on fixing the problem.
An ANZ spokeswoman confirmed there was an “issue” with the hosted eGate service but said there were no plans to fix it.
Online merchants using the hosted service were being advised to fully reconcile all payments with administration reports provided by ANZ before shipping goods.
Can someone lend the ANZ a clue? They seem to need one.
Paul Graham (of Bayesian Filtering fame) has two followups to his original Plan For Spam. The first, So Far, So Good, examines how Bayesian Filtering has fared against spammers working to get around it.
It’s about a year now since A Plan for Spam. So far, filters are winning. This article analyzes the tricks spammers have tried to beat them, and offers some suggestions for the future.
While the second, Filters that Fight Back, suggests the next step. In border line cases spidering spamvertised sites could lead to a more accurate spam/no spam classification, but if this sort of filter were to become widespread I’d be concerned about it becomming a means of DDoS’ing innocent bystanders (a bit like the Slashdot Effect).
Both make an exelent read.
I’ve linked to HurHQ’s execelent SoBig virus analysis before. Now LurHQ have released a third installment called “Sobig.f Examined“. Interesting reading.
Sobig.f uses “threading” to allow it to send 7 emails at the same time. The overwhelming number of copies of this worm in people’s inboxes showed the improved efficiency. However, many of those copies were likely sent from the same few addresses, so appearances are not always what they seem. In spite of the flood of worm emails, this variant was probably 100% ineffective at achieving its goal.
Researchers at Oxford University have produced a mathematic model which explains why Open Source programs tend to be more stable than their closed source counterparts.
Our model “shows that closed-source projects are always slower to converge to a bug-free state than bazaar open-source projects,” say theoretical physicists Damien Challet and Yann Le Du.
This seems to match my experience pretty well…
Two phases of software development emerge from the model. In the “early, easy stage,” users find and report many bugs, keeping the number of reportedly buggy parts, R(t), much greater than the number of programmers, N(p).
“The vast majority of bugs are fixed during this phase,” claim Challet and Du.
In the second phase, the average number of bugs decreases, but the bug-fixing process also slows — way down. During this phase, open-source trumps closed-source in the debugging process.
From Netcraft’s News.
If you were SCO, where would you host your investor relations site?
Sequent [reported as the owner of the netblock] is an IBM subsiduary, and part of its IP address ranges are used by IBM Global Services for their hosting operations.
% ping ir.sco.com PING client.shareholder.com (170.224.5.43): 56 data bytesir.sco.com is a virtual host on an investor relations system run by shareholder.com and it’s plausible that SCO did not previously know the ultimate hosting location, nor IBM the identity of shareholder.com’s clients.
This was just too funny to not post.
Looks like Lufthansa is planning to provide in flight Internet access.
Connexion’s service requires installing two antennas on each aircraft, one to transmit data to satellites and one to receive data. A server and routing system inside the plane relay signals to and from plug-in ports at the seats or wireless networking cards in passengers’ laptops.
I’d always wondered about this… It in-plane side of things is pretty easy, a single wireless point should cover the entire aircraft, but the uplink side of things must be pretty expensive.
Hot on the heels of our govenment spending $4mil on a web site comes the news that the NZ government spent $NZ1mil on a domain name.
The New Zealand government has come under fire for spending $1 million of tax-payers money on buying the domain NewZealand.com from previous owners Virtual Countries. That’s one million New Zealand dollars, but it still equates to a healthy £350,000.
Wonder if I need a new category for “Government Internet Stupidity”…
Update (5/5): The Register elaborates further on what happened to NewZealand.com.
