28 June 2008

WEIS 2008 - Day 3

Wrap-up day for the WEIS 2008 conference. Good overview of the activities and security research at Institute for Information Infrastructure Protection (The I3P) and the Institute for Security Technology Studies (ISTS). Conversations and social events to follow.

A good few days all around.

25 June 2008

WEIS 2008 - Day 0

After many years observing the output from the conference at a distance, I'm finally attending the WEIS conference.

Information security requires not only technology, but a clear understanding of risks, decision-making behaviors and metrics for evaluating business and policy options. How much should we spend on security? What incentives really drive privacy decisions? What are the trade-offs that individuals, firms, and governments face when allocating resources to protect data assets? Are there good ways to distribute risks and align goals when securing information systems?

The 2008 Workshop on the Economics of Information Security, the seventh workshop, will build on a strong and growing interdisciplinary tradition, bringing together information technology academics and practitioners with social scientists and business and legal scholars to better understand security and privacy threats. Until recently, research in security and dependability focused almost exclusively on technical factors, rather than incentives. However, we know that economic, behavioral, and legal factors often contribute as much as technology to the dependability of information and information systems. The application of economic analysis to these problems has proven to be an exciting and fruitful area of research.

This year, WEIS is being hosted by the Center for Digital Strategies at the Tuck School of Business on the beautiful Dartmouth College campus in Hanover, NH.

23 June 2008

Dymaxion Man: The Visions Of Buckminster Fuller

This is a great article by Elizabeth Kolbert and a positively great statement regarding an incredible mind:

"Fuller’s schemes often had the hallucinatory quality associated with science fiction (or mental hospitals). It concerned him not in the least that things had always been done a certain way in the past. In addition to flying cars, he imagined mass-produced bathrooms that could be installed like refrigerators; underwater settlements that would be restocked by submarine; and floating communities that, along with all their inhabitants, would hover among the clouds. Most famously, he dreamed up the geodesic dome."

Will The Big Mac Follow Moore's Law?

This isn't new but is sort of funny in a "does this milk smell funny to you" sort of way. From The Calorie Lab, "From Big Mac to Chici Mac: The future of fast food":

"In January 2002, years before the Mega Mac introduction, Takeshi Fukuda and his friends presciently speculated on what MacDonald’s Japan may have up its sleeves for the future. As they added beef patties they eventually ran out of mathematical prefixes and began to resort to Marx Brothers references."

Original blog post by Takeshi Fukuda in Japanese.

So the question is, does the evolution of the Big Mac to Mega Mac to Tera Mac to Yotta Mac follow an 18-month time period for each burger doubling?

16 June 2008

Challenges and Directions for Monitoring P2P File Sharing Networks –or– Why My Printer Received a DMCA Takedown Notice

This is brilliant:

Q: The title of your paper indicates that you received DMCA complaints for a printer, but printers can't even run P2P software. How is that possible?
Surprisingly, it is possible. We have received DMCA complaints for several printers and even a wireless access point! (Please note that these are printers directly connected to the Internet and have their own IP addresses.) This is possible because some monitoring agencies don't verify that a user reported to be sharing a file actually is sharing that file. This allows a malicious person to frame any device connected to the Internet: whether a printer, a wireless access point, or an innocent user's computer.

I wonder how long it's going to be before some clever people figure out the RIAA, MPAA, MediaSentry, MediaDefender, etc. IP address blocks and "frames" all of them for illegal file sharing?

15 June 2008

It May Be Cliché, But This Post Is About Prof. Randy Pausch

Most of the Internet-speaking world, as well as some of the primarily television-speaking world (thanks to Oprah) are now familiar with Prof. Randy Pausch and his struggle with pancreatic cancer. If for some reason you are not familiar with his story, set aside 90 minutes to view his "Last Lecture" on YouTube (includes personal crying time but allow for more if detailed, introspective analysis and personal priority realignment are things you tend toward):

The Last Lecture Compendium print edition:

and finally his commencement address at CMU last month:

I've never attended CMU, met Pausch or personally dealt with any life-altering situation such as terminal pancreatic cancer. I'm very fortunate, with regard to the last item. I am, however, completely in awe of the way in which he has continued living his life and remaining fully engaged with his family; I can only hope that I would be strong enough to do the same. I feel his love for his three young children everyday with my own kids of similar ages. I hope he is stronger than myself and does not become overcome with grief when imagining life without them - life for the children without a father who so clearly loves them and his spouse.

Randy Pausch may have achieved his childhood dreams but there are so many of us out here who have not done so. Most of us still have the time to do so. Do you remember your dreams? Do they still matter to you? Will you help your children achieve their dreams, knowing that every moment could potentially be your last?

I will.

Space Station Could Beam Secret Quantum Codes by 2014

I've always wanted to open a socket and read from /dev/random on the ISS.

01 June 2008

Delhi (Day 0)

We flew from Newark, NJ to the Indian capital of Delhi. With delays the flight was approximately 16 hours. While the flight was long, the Business/First class seating on Continental Airlines certainly made it bearable.

The New Delhi airport was...interesting. Local temperature was fair at 27° C. Clearing customs was efficient and easy. We were meeting a driver who was to bring us to our hotel in Noida and this is where things got interesting. We found the driver easily enough but then an ever-growing entourage (not the Jeremy Pivin type of Entourage) began "escorting" us and "helping" with out luggage. As the trek to the car attracts more and more helpers and we finally get to the car, everyone suddenly wants to be paid $20 US for their "assistance." This caught us off-guard a bit but we managed to hang onto most of our money (I only had $6 US with me!) and an hour or so later were at our hotel in Noida enjoying a few Kingfisher lagers and unwinding.

Tomorrow is a new day.