Thursday, November 17, 2005

Schneier: the real SONY DRM story is the failure of McAfee, Symantec and Microsoft to catch it

Schneier, the deity of computer security, doesn't think SONY's malign incompetence is the real story. Rather, the real story is that the big name spyware antiviral software companies missed this intrusion.

Dang. I didn't think of that.

Schneier is right. We pay our XP taxes to Symantec and their kin every year -- and they blew it. Completely. Either they knew this was going on and didn't bother to tell us, or they missed it entirely. Both explanations are damning.

So, sure, boycott SONY. But also look to swith away from Symantec, Microsoft, and McAfee. They've disgraced themselves. F-Secure and Sysinternals, by contrast, deserve new attention. The next time my Norton Tax comes due, I'll switch to F-Secure Home instead.

SONY - "My God, what a fiasco".

SONY's spyware installation catastrophe has moved from merely "jumping the shark" into mad hilarity ...
Good Morning Silicon Valley: Let's see -- Secret installation? Check. Hidden changes? Check. Security breach? Check. Dangerous uninstall? Check. Now what was ... oh, yeah. Stolen code? Check.

...Looks like Sony's little sojourn to the ninth circle of PR hell isn't quite over yet. A pair of programmers who disassembled Sony's now infamous rootkit Digital Rights Management scheme, have found code that appears to have been plagiarized from VideoLAN, an open source media player distributed under the GNU General Public License. Worse, the code in question was written by "DVD" Jon Lech Johansen, author of a number of DRM-busting programs.

My God, what a fiasco...
Emphases mine.

It truly beggars belief. SONY may yet rival the stark raving incompetence of the Bush administration. I can't believe the CEO of SONY Music is still employed; in the SONY of the 1960s he would have died an honorable self-inflicted death by now. How are they ever going to keep track of all the lawsuits pouring in?

Combining PubMed RSS feeds with Bloglines to conveniently survey new developments

A Medlogs entry pointed me to an interesting new PubMed [1] feature -- syndication!
(1) Run your search in PubMed.
(2) Select RSS Feed from the Send to menu.
(3) Click Create Feed and copy the XML icon into your RSS Reader.
I of course had to try this out. Years ago I embedded (now broken) search links in web pages, but one runs into the notification problem. It's very boring to keep clicking on a link and finding nothing has happened. Syndication is a vastly better model.

I tested this out an old search I've long been interested in: the genetics of berry aneurysms and screening for subarachnoid hemorrhage. I logged into PubMed and set up a search, then followed the directions above; I limited the search to Bloglines, my syndication (RSS, Atom) web client, and added this URL as a feed to a new folder called "PubMed searches" (you can copy this URL and try this in your favorite feed client yourself.)

On my first view I got 41 hits. After reviewing those the list was empty (as it should be), but as literature emerges that list should refresh. One wonders how the PubMed server will handle the transactional burden, since these unique searches may not scale well to thousands or millions of users. For now, however, the PubMed RSS and Bloglines combination is the neatest thing I've seen in this domain since Grateful Med.

If you'd like to see how this looks, without doing all of the above work, visit the public view of my bloglines list and click on the PubMed folder. It is very cool. You can also see the searches on my (hidden) blogroll page.

I guess I'll have to update that old, old, page of mine. (11/17/05 - I did. The page was over 6 years old.)

[1] Old dogs remember MEDLINE, MEDLARS, Grateful Med, etc. Really old dogs even remember the vast printed volumes of Index Medicus, and using early terminals to send query strings to Bethesda. Creak, creak ...

Interesting alterantive to mass quarantine -- focus on the high-risk super spreaders ...

Scientific American has a brief note on a fascinating topic. I did some simulation work during my last degree (10 years past now!) and I suspect the simulation community has been exploring this for awhile. Public health, of course, has been thinking about this since 'Typhoid Mary'; more recently one sociable male flight attendant was once considered to have been a sort of "super spreader" early in the HIV epidemic.

It turns out computer modeling of epidemics suggests an alternative strategy to mass quarantine:
Science & Technology at Scientific American.com: Study Assesses Impact of "Superspreaders" of Disease

... There are two ways for a population to protect itself: either everyone can act to reduce their chance of transmission--for example, by staying at home, which can throttle a country’s economy--or authorities can identify those most likely to be superspreaders, and focus their vaccination and isolation efforts on them. --Kaspar Mossman
In Minnesota we have recent experience with a young Amish child who is, due to an immune defect, a "super spreader" of polio [1]. The concept of "super spreader" has thus been in the news here. I suspect the simulation study is looking at more subtle super spreaders however.

If we do find reasonable tests to identify super spreaders, we would be well advised to think about compensating them for the inconveniences (or worse) a selective quarantine would create. As a way to manage the coming wave of epidemics [2], however, this is well worth researching.

[1] The combination of "super spreader", Polio, and unvaccinated community is potentially explosive, but fortunately our republican governor has not quite finished dismantling Minnesota's still excellent public health infrastructure.

[2] As humanity simultaneously travels more, congregates more, expands into Africa, and reproduces more, we become an ever richer petri dish for novel infections.

Wednesday, November 16, 2005

iPod over all -- 10/10 on Amazon

Amazon.com: Early Adopters - computers list has an iPod in each of the top 10 slots.

The audio and video list has in each of its top 10 slots ... iPods.

I think Amazon only sells 10 varieties of iPod.

That's astonishing.

Gordon's Tech: Replicate the experience of 19th century phone service

Gordon's Tech: Replicate the experience of 19th century phone service: "Thanks to the miracle of modern technology, one can combine Skype VOIP, a modern laptop, a wireless LAN and a USB full duplex speakerphone to recreate the turn of the (prior) century experience of yelling 'HELLLLOOOO, CAN YOU HEAR ME??'."

A quick preview on the next thing to blow your world apart

Do it yourself. Almost. ... Dan's Data provides a quick update on the state of the art in 3 dimensional "printing". As in download the specs, run the illegal hacking software, and print yourself an anonymous encrypted cell phone. Ok, so we're not quite there yet. Soon though.

Alvin Toffler didn't know the half of it. (Or did he? Read the wikipedia article ...)

All your bases belong to Google: the beginning of the end

The net shook this morning as Google dropped the hammer:
Official Google Blog: First Base

Right now, there are two ways to submit data items to Google Base. Individuals and small website owners can use an interactive user interface; larger organizations and sites can use the bulk uploads option to send us content using standard XML formats.

Rather than impose specific schemas and structures on the world, Google Base suggests attributes and item types based on popularity, which you can use to define and attach your own labels and attributes to each data item. Then searchers can find information more quickly and effectively by using these labels and attributes to refine their queries on the experimental version of Google Base search.

This beta version of Google Base is another small step toward our goal, creating an online database of easily searchable, structured information...
Meanwhile, in Redmond, insiders are dumping their shares ...

The initial version of Google Base is entirely public. Too bad, I'd have liked to create a private list of contact information for our cub scout troop. There doesn't appear to be any access restriction, it's very much designed to create public knowledge. Some of the templates they provide compete directly with Amazon, eBay, Craig's List and (above all) newspaper classifieds, but they've yet to provide commercial transaction services (that's next week). Other templates are for recipes, reference articles, course catalogs and other shared knowledge. It appears one can use XML structures to create one's own templates (vendors bidding for software projects?). The intersection between formally structured and emergent metadata is intriguing.

Elsewhere, Google writes "content providers who already have RSS feeds can easily submit their content to Google Base without requiring much additional work". This is the original vision of RDF metadata as first presented in Apple's mid-90s "Project X" and the more recent vision of the "Semantic Web".

Google Base is a component of potential web services. Google will use it, so will others.

Now we await the micro-commerce transaction system that will transform Google into a multinational financial powerhouse.

This is fun. Scary, but fun. A bit like inline skating downhill ...

Tuesday, November 15, 2005

The Economist is falling out of love with Bush

The Economist, a once great newspaper lately in decline, rediscovers some ghost of its historic spine. Emphases mine -- they do reveal a certain depth of feeling:
Torture | How to lose friends and alienate people | Economist.com

Nov 10th 2005
From The Economist print edition

The Bush administration's approach to torture beggars belief

THERE are many difficult trade-offs for any president when it comes to diplomacy and the fight against terrorism. Should you, for instance, support an ugly foreign regime because it is the enemy of a still uglier one? Should a superpower submit to the United Nations when it is not in its interests to do so? Amid this fog, you would imagine that George Bush would welcome an issue where America's position should be luminously clear—namely an amendment passed by Congress to ban American soldiers and spies from torturing prisoners. Indeed, after the disastrous stories of prisoner abuse in Abu Ghraib, Guantánamo Bay and Afghanistan, you might imagine that a shrewd president would have sponsored such a law himself to set the record straight.

But you would be wrong. This week saw the sad spectacle of an American president lamely trying to explain to the citizens of Panama that, yes, he would veto any such bill but, no, “We do not torture.” Meanwhile, Mr Bush's increasingly error-prone vice-president, Dick Cheney, has been across on Capitol Hill trying to bully senators to exclude America's spies from any torture ban. To add a note of farce to the tragedy, the administration has had to explain that the CIA is not torturing prisoners at its secret prisons in Asia and Eastern Europe—though of course it cannot confirm that such prisons exist.

... Although Mr Cheney has not had the guts to make his case in public, the argument that torture is sometimes justified is not a negligible one. Khalid Sheik Mohammed, presumed to be in one of the CIA's “black prisons”, is thought to have information about al-Qaeda's future plans. Surely it is vital to extract that information, no matter how? Some people think there should be a system of “torture warrants” for special cases. But where exactly should the line be drawn? And are the gains really so dramatic that it is worth breaking the taboo against civilised democracies condoning torture? For instance, Mr McCain argues that torture is nearly always useless as an interrogation technique, since under it people will say anything to their tormentors.

If the pragmatic gains in terms of information yielded are dubious, the loss to America in terms of public opinion are clear and horrifically large. Abu Ghraib was a gift to the insurgency in Iraq; Guantánamo Bay and its dubious military commissions, now being examined by the Supreme Court, have acted as recruiting sergeants for al-Qaeda around the world. In the cold war, America championed the Helsinki human-rights accords. This time, the world's most magnificent democracy is struggling against vile terrorists who thought nothing of slaughtering thousands of innocent civilians—and yet the administration has somehow contrived to turn America's own human-rights record into a subject of legitimate debate...

A diabolical use of Google Adwords

Dan, of Dan's Data fame, casually tosses this aside into a comment on strange Adwords adorning his site:
Dan's Data letters #154

Actually, of course, some people actually do click ads that contradict what a site is saying, and not always because they agree with the advertiser. If you're reading a page about how reprehensible anti-vaccination activists are, and find an ad-link at the bottom that says FREEMASONS USE VACCINES TO NEUTER CHRISTIAN KIDS, you might feel a strange urge to click it. Not only to revel in the craziness, but also to transfer some money from the crazies to the owner of the page on which the ad appeared.
Ooooohhh. That never occurred to me. I'm so naive. Heh, heh, heh ....

The Ownership Society and the evolution of Social Darwinism

Crooked Timber has some interesting comments on Barak Obama and John Edwards.

The Obama quote that caught my attention was his making the 'social darwinism' to 'ownership society' connection. I'd wondered when this would come up, I'm glad to see it emerge now. Just as Creationism 'evolved' into 'intelligent design', so too has 'social darwinism' evolved into 'the ownership society'. Kudos for Barak Obama for launching this meme.

CT also links to John Edwards. What did you think Edwards was doing? I'll bet you didn't know he's launched a guerilla war on poverty? Hmm. Dean and Edwards in 2008? They might get Jimmy Carter's vote. Four more years of Bush might make economic populism a winning solution.

Kaplan trashes Bush's new mantra: "I was wrong, but so were you."

I Was Wrong, but So Were You - Parsing Bush's new mantra. By Fred Kaplan is well worth the read. Point by point Kaplan walks through a recent Bush speech and exposes the fundamental lies in point by point detail.

Why such a pathetic attempt at deception? My guess is Bush long ago gave up on talking to anyone who might doubt him, now he's just fighting to keep his base intact. Their credulity is well understood.

Monday, November 14, 2005

How to Write a Complaint Letter - eHow.com

Makes sense to me: How to Write a Complaint Letter - eHow.com

Where we learned to torture -- from Maoist China

The NYT details how the US developed its torture methodologies. We took a program called "SERE" that was used to instruct military personnel on how to resist Korean and Vietnamese torture. We then inverted the methods to create our own torture program:
Doing Unto Others as They Did Unto Us - New York Times

...SERE methods are classified, but the program's principles are known. It sought to recreate the brutal conditions American prisoners of war experienced in Korea and Vietnam, where Communist interrogators forced false confessions from some detainees, and broke the spirits of many more, through Pavlovian and other conditioning. Prolonged isolation, sleep deprivation, painful body positions and punitive control over life's most intimate functions produced overwhelming stress in these prisoners. Stress led in turn to despair, uncontrollable anxiety and a collapse of self-esteem. Sometimes hallucinations and delusions ensued. Prisoners who had been through this treatment became pliable and craved companionship, easing the way for captors to obtain the 'confessions' they sought.
It's very American to learn from the best, and Maoist China drew on thousands of years of experience with torture. Our refined techniques are a credit to a long line of historic torturers. The next step will be to define a career path for the most capable torturers, perhaps one that leads to a cabinet level position and a presidential "Medal of Honor". Perhaps someone who will head the "Ministry of Comfort"?

PS. Where's Margaret Atwood these days?

The story of a man who couldn't read

Jacques Demers, a famed figure in hockey and in Quebec, recently revealed he cannot read. Actually, he co-authored a book about it. Reading of his achievements, and his ability to apparently conceal his disability, I wonder if he has some specific neurologic cause of his reading inability - beyond his limited educaton and traumatic childhood. It would be interesting to know of his children have had problems. The NYT article is well written and tells a remarkable tale.