Another bad idea become law

Look like the US Senate made the power to censor the web into a law. The music and movie industry successfully lobbied the US government into work for them as the enforcers of copyright. As I said long time ago, a new business model needs to fill the chasm created by the new technologies between the labels that want to conduct business as usual, the artists and the consumer.

 

del.icio.us Tags: ,,,

Advertisements

The book gets excellent review at Amazon.com

A very nice surprise from the comment pages at Amazon.com, a 5 star rating for the Cryptography book authored by A. Bruen and myself.

The reviewer consider the book a Insightful Interdisciplinary Orientation on the subject, and gave this book the highest rating among similar books.

Thanks.

 

Bonus:

We are in good company too!

image

Beyond Silicon

A breakthrough in material technologies that can extend Moore’s Law for a few more years.

Speaking about the successful creation of a metal-insulator-metal diode, Douglas Keszler a distinguished professor of chemistry at Oregon State University said

“This is a fundamental change in the way you could produce electronic products, at high speed on a huge scale at very low cost, even less than with conventional methods. It’s a basic way to eliminate the current speed limitations of electrons that have to move through materials.”

Read more

Not so quietly…

I have posted before on the increasing threat related to hardware vulnerabilities that are becoming a matter of national security.
Some background information here.
[To be continued…]

Google provides a giggle

Google spinsters could become handy next time you are “mistankenly collecting” wi-fi traffic form your neighbours.  😉

 

UPDATE

The Canadian government concluded today that Google’s collection of fragments of Wi-Fi transmissions violated the law, but also said that the recording was the “result of a careless error” and was not intentional.

Read the whole thing at Cnet

Google Trouble?

Why are you doing this? 

Google has repeatedly shown a “disappointing disregard” for safeguarding private information about its users

Company pays ‘lip service to privacy,’ Canada says

Privacy police take aim at social media giants

Pipes and Bytes

There is another security threat that has being brewing for a long time now. This time is about the computers that control Industrial Processes and Utilities.

In the last few years the trend was to move all these dedicated systems to Windows based system. Windows have a lot of advantages, mainly related to the fact that applications are easier and cheaper to develop than any of the alternative. The availability of inexpensive hardware and thousands of developers, make the platform very competitive. The infrastructure afforded by the Internet bring the additional bonus that all these processes can be managed remotely with very little additional investment, a big incentive for companies to move their connectivity to a Wide Area Network situation.

The problem with this state of affairs (Windows system connected to the internet controlling vital equipment) is security. Although Microsoft have made progress improving the security of their OS’s, you don’t have to search very hard to find a staggering number of security holes still open. Moreover, keeping a Windows system secure requires a lot of vigilance and a proactive approach, not always a concern that has high priority for the operating companies. In many instances, management may not even be aware of the magnitude of the problem.

Because of the criticality of some pieces of equipment, the issue is one of national security. Sabotage by terrorist groups or enemy states would acquire a whole new meaning when somebody has the power to shut-down a significant portion of a country’s electric grid or water supply.

As it is usually the case with widely interconnected systems, the weakest link can be exploited by hackers to gain access to the system, thus, no matter how strong the protection of the important nodes is, failure to protect every possible node could bring the whole system down.

The problem certainly caught the attention of security experts and practitioners since at least a decade ago. Here some references to the problems from the SANS Institute reading room.

The ideas being floated around the concept of bug ridden smart-meters for the distribution grid will add another spin to this issue.

 

 

Open letter to Mr. Phisher

I received a very amusing e-mail today:

Hello,
It is with profound sense of sadness i wrote this email to you. I don’t know how you will find this but you just have to forgive me for not telling you before leaving. I traveled down to United Kingdom Yesterday for a short vacation but unfortunately,i was mugged at a gun point on my way to the hotel i lodged all my money and all other vital documents including my credit card and my cell phone have been stolen by muggers.
I’ve been to the embassy and the Police here but they’re not helping issues at all,Things are difficult here and i don’t know what to do at the moment that why i email to ask if you can lend me £1,500.00 so i can settle the hotel bill and get a returning ticket back home. Please do me this great help and i promise to refund the money as soon as i get back home.
I look forward to your positive response.
Thanks

This coming supposedly coming from the Gmail of a fellow engineer that happens to live in my town and is at 2 degrees of separation from me in the LinkedIn network.

Sorry, Mr. Phisher, I don’t know the guy enough to send the funds, my bad for not being more proactive in extending my network, he was just a step away! (if he really is the one who set the account with his name). It will help your cause if you read the newspapers, for the last few days there have been no flights to or from London, you know, the volcano thing.

I heard stories of people getting similar e-mails from people they know, some of the stories may be more verisimilar even. The would be phishers make good use of the information that can be gathered from social networks to craft these targeted e-mails.

 

Google problems may have bigger problems than people creating accounts to send phishing e-mails.

 

Where can I download an antivirus for my Toyota?

Hacker Disables More Than 100 Cars Remotely

Posted using ShareThis

Ontario privacy commissioner orders ‘strong encryption’ of health records

My prediction is that we are going to see more and more of these privacy commissioner orders as the guys in charge get more serious about not being sued.