WINDING DOWN
An idiosyncratic look at, and comment on, the week's net and technology news
by Alan Lenton
A fanfare of trumpets sounds as this, the 300th edition of Winding Down hits the digital equivalent of the streets. Yes - I really have written 300 editions of this superbly informative and glossy missive in the last seven years.
The first issue started, 'Well, this is (hopefully) the first in a series of columns looking back at the week's net and technology related news.' There nearly wasn't a second issue, since the dateline on the first issue was 8 September 2001 - the day before 9/11.
Like New York, though, we survived, and came back to get on with living, working and playing (not to mention writing).
Hopefully, you will all be duly appreciate of the effort involved, and I'd like to take this opportunity to say thanks to Fi Craig for proof reading the newsletter every week (not a pleasant task, I'm given to understand!), and to Barb Lenton for reading it over and pointing out the odd factual error (factual features, I prefer to call them...). I'd also like to thank the people who over the years have mailed in comments (both of them) and pointed me to stories they thought should be covered.
At this stage, following journalistic tradition, I should regale you with a number of fine examples of past scoops, exclusives, and awards garnered by this prestigious newsletter. However, there are enough things going on that I want to tell you about, without resorting to the cheap trick of recycling old material!
And so...
Shorts:
Good news, for once, on the spam front. The US authorities have managed to shut down a spam ring that produced up to one third of all spam. The ring, known as Herbal King, used a botnet of around 35,000 compromised computers to send out up to 10 billion e-mail messages a day. According to FCC investigators the group was clearing $400,000 in Visa charges alone in a month.
The ring extended over Australia, New Zealand, India, China, and the United States. Most of whom are taking simultaneous action against members of the group. This week a Federal judge in Chicago froze the group's assets and ordered the spam network shut down. Hopefully, this will make a tiny dent in the quantity of spam sloshing around in the Internet (the spam I'm getting has gone down by about 100 a day), but don't hold your breath. More on the trial as it unfolds.
http://www.nytimes.com/2008/10/15/technology/internet/15spam.html?hp
Most of the rest, as they say, is not good. Here in the UK a member of staff at computer consultants Deloitte managed to have her laptop stolen. The machine contained, among other things, the details of 150,000 railway workers' pension details, the entire pension details for Vodaphone staff, and a load of other companies' pension details.
On the bright side, the laptop's hard drive was encrypted. Of course there are no details about how well it was encrypted. What I fail to understand is why people are allowed to take this sort of information out of the office on a laptop...
http://www.theregister.co.uk/2008/10/13/deloitte_data_loss_vodafone/
Things are no better in Germany, where Deutsche Telekom managed to screw up so badly that confidential data on no less than 30 million German phone users was available on the Internet. They've fixed it now, but this comes on top of the revelation a week earlier that in 2006 Deutsche Telekom managed to lose confidential data belonging to no less than 17 million T-mobile customers.
The T-mobile theft is the subject of a judicial enquiry, so no doubt we will be hearing more about it in the future. However, we do already know that it involved telephone numbers, dates of birth, addresses, and e-mail addresses. Doesn't sound too good, does it?
http://www.physorg.com/news142961941.html
OK, before I go on to more miserable stuff, here is something to cheer up the programmers amongst you. It's a set of programmers' favourite cartoons. I'm sorry, but you do have to have a knowledge of programming to understand some of them. I think my fav is the one about the SQL injection attack!
http://stackoverflow.com/questions/84556/whats-your-favorite-programmer-cartoon
The financial chaos going on at the moment has bred a new generation of phishing spam. The new e-mails are taking advantage of the widely publicised bank mergers to ask the recipients to 'revalidate' their bank information for the new merged banks. The e-mails ask the recipient to log on to a plausible sounding web site and provide the crooks with all the information necessary to steal identities.
A recent statistic gives some idea of the scale of this activity. In the first half of this year more than 20,000 of these fraudulent web sites were established - that's triple the number for the same period in 2007. What the final figure for the year will be, hardly bears thinking about. I wish I could say that your bank will never ask you to divulge this sort of information on line or on the phone, but my own experience is that sometimes they do. My advice it to refuse to give the information anyway, and write to the bank and complain about their dodgy security.
http://www.theregister.co.uk/2008/10/12/bank_turmoil_scam_spam_spree/
Of course, we Brits, or at least our hi-tech worshiping government, have had to go one better in the losing lotsa data stakes. This time, not content with losing mere ones and zeros, the Department for Environment, Food and Rural Affairs (Defra) has managed to mislay no less than 20,979 cows.
Yes really.
It seems that Defra log all bovine livestock in their Cattle Tracing System, and the cows have vanished from the system. In addition another 1,039 are believed to have been loaded onto cattle trucks and never heard of again (cue sound of sinister music). This may sound like the plot for a Pixar movie, but it really happened! I wonder what they are going to lose next?
http://www.ananova.com/news/story/sm_3046633.html
http://www.telegraph.co.uk/news/newstopics/howaboutthat/3182720/Defra-admits-losing-
20000-cows-in-Britain.html
Meanwhile in the US it turns out that the Internal Revenue Service (IRS) managed to put a new computer system into use even though they knew that it had serious security and privacy vulnerabilities. It seems that the bits of the IRS responsible for giving the go ahead were aware of the problems, but didn't consider them significant! Well, I guess the way things are going, pretty soon no one will have any income left to declare to the IRS!
http://www.physorg.com/news143383656.html
One good thing that happened this week was that a major fraudsters' website was shut down in an international swoop involving police in the UK, Germany, Turkey and the US. It followed a two year covert investigation by the FBI, who discovered the Darkmarket web site used by criminals to buy and sell credit card details and bank log-ins.
The secret, invitation only site ran for three years, and was responsible for millions of dollars worth of fraud. The deputy director of the UK's Serious Organised Crime Agency said that 'Darkmarket is a one-stop shop for the online criminal.' No doubt new versions will spring up to replace it in the not too distant future. None the less, I think congratulations are in order to the combined forces of the countries involved for a fine piece of coordinated work. Definitely a gold star and ten house points each.
http://news.bbc.co.uk/1/hi/uk/7675191.stm
I see that Apple's MobileMe mail and Google's Gmail went down during the week. The users don't seem to be very happy about this, since Google, and particularly Apple, took several hours to bring the servers back up. Apple users, who suffered a seven hour outage, were particularly unhappy, since they are paying Apple for the priviledge of using the service. I think the time is fast approaching when people are going to start seriously questioning whether they really want to trust their data and emails to third parties.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&
articleId=9112378
Ok, enough of the bad stuff, here's something that sounds really interesting. After three years working with the Chinese government (an achievement in its own right, I'm reliably informed), IBM has opened its online doors to a virtual world version of Beijing's Forbidden City.
The Forbidden City was built in the 14th Century to be the home of the Emperor and the centre of government. After China became a republic it was opened to the public as a cultural site of great interest, and recently celebrated its 83rd anniversary of that event. Visitors to the virtual version can take tours and explore the huge gardens, as well as examining the artifacts, try their hand at archery, cricket, and a board game called Weiqi. Hang on a minute, CRICKET?? I thought that was invented by Brits. Is this yet another thing, like gunpowder that the Chinese invented first, I wonder?
Well, anyway, I think it's a wonderful idea. In general I'm against the 'multi-media-hands-on' plague that's afflicting our museum and cultural sites, which represents a dumbing down of knowledge. But a project like this that allows people to experience something of the original site which is inaccessible to most people, is a completely different matter.
Congratulations to IBM and China's Palace Museum for creating this one!
http://www.beyondspaceandtime.org
http://www.physorg.com/news142874414.html
Homework:
There's an interesting piece in the current issue of The Edge magazine about the origins of modern financial instruments. George Dyson takes a look at the use in twelfth century England of Exchequer tally sticks as receipts for money deposited with the king. The idea behind tally sticks was ingenious. The stick, made of hazel, willow or alder wood, was cut with notches representing the amount loaned to the Exchequer. The stick was then split lengthways to produce two identical sticks one of which was retained by the Exchequer, and one was given to the creditor. Any tampering with the notches was detectable by putting the sticks back together.
The creditor could then use the stick as proof of creditworthiness to carry out further financial transactions or investment in trade, manufacturing and the like. Thus the humble tally stick, use of which survived into the 19th century, is the forbearer of the derivatives that are the cause of so much grief in the financial markets today. It's a fascinating little piece of history.
[Trivia Question: What happened to the tally sticks when they switched to written receipts in 1826? Answer: In 1834 they decided to have a bonfire with them. It was wildly successful. So successful in fact that it got completely out of control, and burned down the Houses of Parliament!]
http://edge.org/3rd_culture/dysong08.1/dysong08.1_index.html
The EETimes reports an interesting breakthrough, that will probable affect all electronic devices in the long run. It's a nanotube based dry adhesive with very high electrical and thermal conductivity, which can be used instead of solder for assembling components on circuit boards. If it is possible to produce the glue economically, then this could be an important breakthrough.
For many years solder has been an alloy of tin (60%) and lead (40%). The lead is there to prevent the formation of 'whiskers' in the tin. Whiskers are tiny threads of metal formed by tin, zinc and cadmium when they are subject to stress. They are very thin, and grow slowly to a few millimetres over a period of months. Unfortunate, with the density of modern electronics, those few millimetres are enough to cause short circuits.
In 2003 the EU issued a directive called the Reduction of Hazardous Substances, which laid down strict limits on the use of toxic chemicals, among them lead in electronic devices. One of the side effects of this was to make it impossible to use lead to prevent the formation of whiskers. So, any breakthrough which could allow the elimination of tin based solder is going to be looked at very closely by the electronics manufacturing industry.
http://newsletter.eetimes.com/cgi-bin4/DM/y/eBMfO0FypUC0FrK0GvGW0Ea
http://engineeringethicsblog.blogspot.com/2007/10/losing-by-whisker-lead-free-solder-and.html
This week saw the 18th Loebner Prize contest.
And what, do I hear you ask, is that for? It's for artificial intelligence programs, and it's based on the Turing Test. The Turing Test was proposed by computer pioneer Alan Turning in the 1930s. Basically it says that an machine could be considered to be 'thinking' if it was impossible to distinguish its text-based responses from those of a human being during a five minute conversation. He suggested that there was a 30% chance of this happening by the year 2000.
As it happens, computers didn't become thinking machines before 2000, and they haven't done so yet. However, in this year's competition they came close, very close. The winner, a program called Elbot managed to fool about 25% of the judges into thinking it was a human after a five minute conversation. The thirty percent level is now beginning to look as though it will be broken in the next couple of years, inaugurating a new era of thinking machines...
http://technology.timesonline.co.uk/tol/news/tech_and_web/article4934858.ece
Security guru Bruce Schneier has a short piece in Wired magazine suggesting that research into Quantum Cryptography is expensive and pointless. I suspect he is both right and wrong. His essential reason - that cryptography is already the strongest link in the security chain - is correct. There are very few, if any, security failures due to correctly used and properly implemented cryptography. The weaknesses are all elsewhere.
However, I think the possible spin offs from the research could be worth a lot - especially quantum communications over significant distances. And as long as the research is directed towards cryptography, there will be no shortage of funds from the military and intelligence communities!
http://www.wired.com/politics/security/commentary/securitymatters/2008/10/
securitymatters_1016
Scanner: Other Stories
Drop that DVD copying software and put your hands in the air!
http://cwflyris.computerworld.com/t/3744684/121542019/144331/0/
Google Gmail, and other apps, vulnerable to attack
http://update.techweb.com/cgi-bin4/DM/y/eBMed0HiOOq0G4S0GvCN0Eh
Verizon to charge for message termination
http://www.theregister.co.uk/2008/10/10/verizon_message_terminations/
FBI warns of sweeping global threat to US cybersecurity
http://www.nextgov.com/nextgov/ng_20081015_7578.php
Adobe redirects web surfers to nefarious links
http://www.theregister.co.uk/2008/10/16/hijacked_abobe_page/
Acknowledgements
Thanks to readers Barb and Fi, and to Slashdot's daily newsletter for drawing my attention to material used in this issue.
Please send suggestions for stories to alan@ibgames.com and include the words Winding Down in the subject line, unless you want your deathless prose gobbled up by my voracious Spamato spam filter...
Alan Lenton
alan@ibgames.com
19 October 2008
Alan Lenton is an on-line games designer, programmer and sociologist. His web site is at http://www.ibgames.net/alan.
Past issues of Winding Down can be found at http://www.ibgames.net/alan/winding/index.html
|
