I’ve set up a Delicious feed for stuff that I want to point to, but don’t have either anything to add, or time to add it. I feel sort of bad doing this; I’d like to discuss John Gilmore on the New York Times, but all I have to say is bravo!
During the final call he asked for the names of her six richest customers. When she revealed them, he said that one was involved in financing terrorism and was about to withdraw a large sum.
Gilbert then demanded all the cash at the bank so he could mark the notes with microchips and keep track of the terrorist. A total of €358,000 was to be put in an briefcase and slipped under the door of a brasserie lavatory. The manager did as she was told. The money disappeared.
I think they’ll be sued shortly by Experian, for copyright infringement.
But as with many Chinese news stories, the conclusion is less interesting than the debate raging within the body of the article. And what the article reveals is that there is a lot of pushing back and forth amongst the various players when it comes to the future of Chinese cyberspace. Internet entrepreneurs like the CEO of Bokee.com Fang Xingdong come out against proposals that Chinese internet users must register their real idenities at all times. The internet portal sites conducted surveys showing that their customers (not surprisingly) favor online anonymity…
“Unlike X-ray machines or radar instruments, the sensor doesn’t have to generate a signal to detect objects ¬ it spots them based on how brightly they reflect the natural radiation that is all around us every day.”
“It’s basically just a really bad tunnel diode,” he explained. “I thought, heck, we can make a bad diode! We made lots of them back when we were figuring out how to make good ones.”
Interestingly, the usability issues are _exactly_ the same as they were ~5 years ago! It’s sometimes s-l-o-w!
While I agree with this, I think there’s an interesting twist: Tor, having no visible user interface, is less likely to become associated with slowness. The Freedom client, in contrast, told you it was doing stuff, and, in hindsight, I think this may have been a problem.
(PS: Mario, you need an RSS feed.)
Carl Ellison has a blog. There’s other bloggers listed, but no recent posts by them.
The title, of course, is a reference to Carl’s long-used signature file, of “Officer, arrest that man, he’s whistling a dirty tune!“
His post about Too Many Security Startups? is fascinating:
The night I closed our investment in my 12th data security deal, Cyota, my wife Nathalie took me to see the Bourne Supremacy in Mountain View. On the way, she asked why I seem to keep investing in what sounds like the same company over and over.
His answer goes beyond the obvious “Because people keep buying them!” and explains why that is, and why it will continue to be that way.
(Via Brad Feld.)
A German diplomat told me: “Nobody thinks about it, nobody questions it… if you’re in trouble, you just show it… we don’t mind giving information if it’s necessary.”
the independent Information Commissioner, Richard Thomas…said the phenomenon had “a strong continental European flavour”, citing the example of communist east Europe and fascist Spain in the 20th century.
What is clear, though, is that for Tony Blair the introduction of identity cards is a key part of establishing his political legacy before he steps down as prime minister. Cynics might say that is the real business requirement.
No one really appreciates what Bolton tried to do to the NIO for Latin America (NIO/LA). I have been privileged to know the NIO/LA for almost 19 years. He was my predecessor as the Honduran analyst and helped me learn the ropes and set the standard for doing good analysis. He is one of the best and brightest within the analytical community. Yet he has been vilified by some. I never cease to be amazed that a man like the NIO/LA, who started off in Washington working for Republican Congressman can be vilified by Republicans as some sort of liberal, Democratic activist.
So, how do we solve the problem? I’ll tell you how. Congress must pass federal legislation, giving consumers 100% control over the use of their name and personal information. Don’t you think your own privacy is something that should be solidly under your jurisdiction? And don’t you believe you should share in the $4 billion junk mailers make annually from the sale of your name and private data? Your answer should be a resounding YES to both questions.
“Lurking behind chartjunk is contempt both for information and for the audience. Clarity and simplicity are the complete opposite of simple-mindedness. Data-thin, forgetful displays move viewers toward ignorance and passivity.”
The fine folks over at NCircle seem to have been given a directive from on high: Let there be blogs! And there were. And ncircle saw, and they were good. And someone said, let the bloggers be prolific, and behold, they were, with 18 or more posts in 5 days.
Great coverage of CanSecWest, and oooh, look, mmurray was in my talk at Security Leadership. (I agree with his summary. I was trying to deliver common sense, not anything earth-shattering. I’d love your thoughts on the second half, about pushing for more secure code, mmurray? Again, I was aiming for common-sensical, but was it effective?)
And where’s my man TK? If I don’t get some TK blogging, the little clock man gets it.
I’m very excited to discover that my friend Zach Brown is blogging again. Zach was one of a group of friends who introduced me to blogs in, maybe late ’99? Early 2000? He’d been on haitus, and I’m glad he’s back. But I realized that my excitement felt a little odd, and so I’ve been thinking about it.
About a year ago, I actually read Alvin Toffler’s Future Shock, which is a classic in the sense that everyone pretends to have read it. One of the themes that resonates with me is the psychological impact of of repeatedly changing jobs and cities, in leaving people with a lack of grounding in the place they live. Toffler discusses professionals who are more in touch with, and at home with, a distributed network of professional colleagues who they see at conferences than they are with their neighbors.
He also discusses the difficulties involved in staying in touch with increasingly scattered groups of friends, when the things we do to stay friends are harder to accomplish as it becomes hard to coordinate a group of friends to be in the same place at the same time.
I suspect that deep down, the psychological benefits of physical proximity for relationship management help people trump the awful commutes, taxes, and other disadvantages of living in Silicon Valley.
I can’t help but mention that Chris Allen has been writing quite insightfully about these issues in posts like “Dunbar Triage: Too Many Connections”
Arriving here, I’m forced to examine my excitement that Zach is blogging again. On the one hand, I am genuinely happy to have insight, however small, into his life. At the same time, I miss having dinner with him and others whose company I enjoyed in Montreal.
PS: I’ve discovered that an acquaintance has set up an Amazon Associates account to contribute to my Alma Mater. Does anyone know how I can construct book URLs so that they take advantage of that account?
Speaking of distributed innovation, the Open Source Vulnerability Database is a great project, dedicated to accumulating deep technical knowledge about computer security vulnerabilities, and making it freely available. And now it turns out, they have a blog! Mark Ward has an interesting article, “Predicting Vulnerabilities, Quotes and more.”
When the patch comes out, many people will reverse engineer it to figure out the vulnerability as most of us know. On the same note, like the exploits, IDS signatures follow the exploits that follow the patches. So if an unpatched ‘0-day vulnerability’ is being exploited, how do we know? There will be a significantly lower chance of detecting such an attack to know this statement is true.
I’ve added Screendiscussion to the blogroll. I don’t always agree with Geoff, but he seems insightful, interesting, and genuinely willing to grapple with the questions that his profession raises. He also posts actual posts, rather than a clipblog.
They also say the checks went above and beyond federal security requirements, and they admit the county had no written guidelines for what information would disqualify a person from doing business at the airport.
Also, I’ve removed Abusable Tech, for inactivity. I think I’m going to aim to emulate Kip Esquire’s Elite Eleven. I like the idea of a short blogroll. Maybe the security score?