Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
How Can the Stimulus Plan Help the Internet?
Wired is running an article raising the question of how a US economic stimulus plan could best help broadband adoption and the internet in general. We discussed President-elect Obama's statements about his plan, which would include investments in such areas, but Wired asks how we can avoid the equivalent of the New Deal's "ditches to nowhere" without more data about where the money would actually make a difference. Quoting: "... the problem is that no one knows the best way to make the internet more resilient, accessible and secure, since there's no just no public data. The ISP and backbone internet providers don't tell anyone anything. For instance, the government doesn't know how many people actually have broadband or what they pay for it. ... In September, the FCC found that its data collection on internet broadband was incomplete and thus ruled that AT&T, Qwest and Verizon could stop filing some reports — because the requirements did not extend to cable companies, too." -
RIAA's Request For Appeal Denied In Thomas Case
NewYorkCountryLawyer writes "The RIAA's request for permission to appeal from the decision setting aside its $222,000 jury verdict has been denied by District Court Judge Michael J. Davis. In a brief, 6-page decision (PDF) the Judge dismissed the RIAA's arguments that there is a 'substantial ground for a difference of opinion' on the question of law presented, whether the Judge had erred in accepting the RIAA's proposed jury instruction that merely 'making files available' could constitute an infringement of the plaintiffs' distribution rights. He likewise dismissed their argument that granting permission for the appeal would 'materially advance the ultimate termination of the litigation,' since (a) depending on the outcome of the trial, plaintiffs might not wish to appeal from the judgment, and (b) no matter how the appeals court rules on the 'making available' issue, the case will still have to continue in the lower court, since even if the RIAA wins on the 'making available' issue, the Court will still have to address the constitutionality of the large jury verdict, which may result in a new trial." -
AMD Phenom II Available To Distributors This Week
jdb2 writes "Fudzilla reports that AMD's Phenom II is already available to distributors, and will be available to sell to consumers in the week of the 29th of December. The Phenom II is AMD's consumer version of its 'Shanghai' 45 nanometer SOI process Quad-core Opteron chip and will reportedly ship in 3 and 2.8 gigahertz flavors corresponding to the model numbers '940' and '920' respectively. This first release will be packaged as a Socket AM2+ part which only supports DDR2 memory. The following month AMD is reportedly going to release a new '9x5' series of Socket AM3 versions which support DDR3 memory — these will be backward compatible with Socket AM2+ . This may be an inflection point for AMD if the Shanghai architecture lives up to the performance numbers from preliminary reports and if so it will no doubt also be a welcome belated Christmas present for the already salivating hordes of Tech Junkies." -
Fairpoint Pledges To Violate Net Neutrality
wytcld writes "Fairpoint Communications, which has taken over Verizon's landline business in Maine, New Hampshire and Vermont, has announced that on February 6, 'AOL, Yahoo! and MSN subscribers will continue to have access to content but will no longer be able to access their e-mail through the third-party Web site. Instead, Yahoo! and other third-party e-mail will be accessed directly at the MyFairPoint.net portal.' Since Verizon spun off its lines to Fairpoint in a maneuver that got debt off of Verizon's balance sheets by saddling Fairpoint with it, there was concern by the public service boards of the three states about how Fairpoint would deal with that debt. Fairpoint's profit plan: force all Webmail users through Fairpoint's portal, by blocking all direct access to Webmail portals other than its own. Will Fairpoint's own search engine portal be next? What can stop them?" -
CastleCops Anti-Malware Site Closes Down
Fortran IV writes "Volunteer-powered anti-malware site CastleCops appears to have closed shop. As of Tuesday, December 23, the CastleCops home page notes: 'You have arrived at the CastleCops website, which is currently offline. . . . Unfortunately, all things come to an end.' It was reported back in June that Paul Laudanski, founder of CastleCops and its parent Computer Cops LLC, was taking a full-time job with Microsoft and was 'looking for new management' for CastleCops. The site has also long had problems with funding and with hostile action from spammers. The actual shutdown seems to have taken the security community by surprise; as late as Tuesday evening Brian Krebs was still recommending CastleCops on his Security Fix blog." -
Print News Fading, Still Source of Much News
CNet's Dan Farber took a look, not only at the popular news of how print media is dying a slow death, but also what contribution to the news print journalists are still making. According to research quoted, while the physical publications are quickly becoming a thing of the past much of the news that makes its way into circulation via blogs and other means still originates from the hard work of those print journalists. (We discussed a similar perspective on the news a week back.) "While the Internet is growing as the place where people go for news, the revenue simply isn't catching up fast enough. The less obvious part of the Internet overtaking newspapers as the main source for national and international news is that much of the seed content--the original reporting that breaks national and international news and is subsequently refactored by legions of bloggers--comes from the reporters and editors working at the financially strapped newspapers and national and local television outlets. [...] As the financial pressures mount--the outlook for 2009 is dismal--and the cost cutting continues, we can only hope that the original news reporting by top-flight journalists is not a major casualty." -
Amazon 1-Click Lawyers Make USPTO Work Xmas Eve
theodp writes "In a move that would do pre-makeover Ebenezer proud, Amazon.com's 1-Click lawyers put the USPTO to work on Christmas Eve. On Dec. 24th, the USPTO acknowledged receipt of yet another round of paperwork submitted by Amazon's high-priced legal muscle, the latest salvo in Amazon's 3-year battle to fend off a patent reexamination triggered by the do-it-yourself legal effort of actor Peter Calveley. Amazon CEO Jeff Bezos' 1-Click patent is also under attack on another front — on Dec. 23rd, the USPTO received $810 from Amazon's attorneys together with a request that the agency invalidate Patent Examiner Mark A. Fadok's final rejection of 1-Click patent claims on the grounds of obviousness. On the bright side, patent clerks — unlike Bob Cratchit — get the day after Christmas off!" -
Legal Troubles Continue To Mount For Diebold
dstates writes "The State of Maryland has filed a $8.5M claim against Premier Election Systems (previously known as Diebold), joining Ohio in seeking damages from the company. The claim alleges that election officials were forced to spend millions of dollars to address multiple security flaws in the machines. Previously, Diebold paid millions to settle a California lawsuit over security issues in their machines. The dispute comes as Maryland and Virginia prepare to scrap the touch screen electronic voting systems they bought after the 2000 presidential election. California, Florida, New Mexico, and Iowa have already switched to optical scanners, and voters in Pennsylvania are suing to prevent the use of paperless electronic voting systems in their state. Meanwhile, Artifex Software is suing Diebold for violations of the GPL covering the Ghostscript software technology used in the proprietary voting machines." -
Karl Rove's IT Guru Dies In Small Plane Crash
A dozen readers have submitted the story of the death in a plane crash of Mike Connell, Karl Rove's IT adviser, the man who set up and ran the gwb43.com mail server, and an important figure in GOP tech circles since 1997. The closest thing to straight reporting to be found in a mainstream media outlet is a piece from KDKA in Pittsburgh giving a detailed backgrounder on Connell's work for Rove, two generations of the Bush family, and many GOP congressmen and committees. CBSNews.com is now mirroring the KDKA reporting. Almost all the early media coverage comes from the left and some of it is frankly conspiratorial. Among the milder pieces (although it could not be called balanced) is this interview with Mark Crispin Miller, NYU professor and author of two books about the 2004 election in Ohio. Connell was compelled to testify on the day before the US election in a lawsuit involving Ohio election irregularities in 2004. Connell, an experienced pilot, died on Sunday when his plane crashed two miles short of the runway of Akron-Canton Airport in Ohio. -
Roku Box Adds HD, Grows Beyond Netflix
DeviceGuru writes "Roku has announced two free updates to its Internet-enabled Netflix movie-streaming set-top box. The initial update adds advanced compression capable of streaming HD video over average consumer broadband connections, while the second (expected during the first quarter of 2009) will add A/V streaming from sources other than Netflix (e.g. YouTube, Hulu, Comedy Central, MSNBC, etc.). Roku faces growing competition from other providers of Internet-based video-on-demand STBs, such as Blockbuster's STB, Syabas's Popcorn Hour (aka NMT), AppleTV, and others. Roku hasn't said anything specific, but perhaps it'll partner with Boxee, which already provides a popular AppleTV hack." -
Repair Crews Reach Vicinity of Damaged Cables In Mediterranean
GWMAW writes "A robotic submarine searched beneath the Mediterranean on Sunday for damaged communications cables, two days after Web and telephone access was knocked out for much of the Middle East. Telecommunication providers from Cairo to Dubai continued Sunday to scramble to reroute voice and data traffic through potentially costly detours in Asia and North America after the lines running under the Mediterranean Sea were damaged Friday." According to the article, "Once found, the cable ends will be pulled to the surface and repaired on deck — a process that could take several days." -
The RIAA's Rocky Road Ahead
The RIAA's new plan to enlist ISPs in its war on file sharing, once it announced it was calling a halt to new consumer lawsuits, is running into rough sledding. Wired reports on the continuing legal murkiness of the RIAA's interpretation of copyright law. And one small ISP in Louisiana asks the recording organization, "You want me to police your intellectual property? What's your billing address?" -
Tabula Rasa Goes Free, Brings New Content
Last month we discussed NCSoft's announcement that Tabula Rasa would be closing its doors at the end of February, and their plans to remove the subscription fee for all players in January. Well, they've decided to go completely free a month early, alongside the release of a variety of new content. The game has finally gotten a first-person camera view, something many players have been asking for since launch. A new instance and several other bits of additional content are available as well. NCSoft also previewed player-controlled Mechs and PAUs, which will go live in the next major patch. Ten Ton Hammer has an interview with Net Devil's Scott Brown about the closure of Tabula Rasa. -
Psystar Claims Apple Forgot To Copyright Mac OS
Preedit writes "Mac cloner Psystar is claiming in new court papers that Apple's copyright suit against it should be dismissed, because Apple has never filed for copyright protection on Mac OS X 10.5 with the US Copyright Office. Infoweek is reporting that the claim, if it holds up, could open the door for third-parties to enter the Mac market without fear of legal action from Apple. In its latest set of allegations, Psystar is also accusing Apple of bricking Macs that don't run on genuine Apple hardware." We've been following the Psystar-Apple imbroglio since the beginning. -
Psystar Claims Apple Forgot To Copyright Mac OS
Preedit writes "Mac cloner Psystar is claiming in new court papers that Apple's copyright suit against it should be dismissed, because Apple has never filed for copyright protection on Mac OS X 10.5 with the US Copyright Office. Infoweek is reporting that the claim, if it holds up, could open the door for third-parties to enter the Mac market without fear of legal action from Apple. In its latest set of allegations, Psystar is also accusing Apple of bricking Macs that don't run on genuine Apple hardware." We've been following the Psystar-Apple imbroglio since the beginning. -
As Christmas Bonus, Google Hands Out "Dogfood"
theodp writes "You know times are tough when the best place to work in America replaces holiday bonuses with a request for unpaid labor. Blaming the economic crisis, Google management has canceled the traditional cash holiday bonus — reportedly as much as $20K-$30K per Googler — and substituted an unlocked Google Android cell phone, retail price $400. An accompanying email calls for employees to celebrate the 'chance for us to once again dogfood a product and make it even better!'" Update: 12/23 01:09 GMT by KD : A reader pointed out that comments to the article note a couple of inaccuracies: the Android phone being offered is an unlocked dev model, which goes for $400; and the reporter may have confused holiday bonuses with performance bonuses. The former have traditionally been in the range of $1,000, according to two comments. -
Zoe's Tale
stoolpigeon writes "John Scalzi, the author of Hugo Award-nominated science fiction novel Old Man's War, has built what started as a story serialized in his blog into a series of full novels and short stories. The latest installment in the OMW universe, Zoe's Tale, is quite a departure from the previous three books. It is the first of Scalzi's sci-fi novels written intentionally as young adult fiction. In a move that I am sure will continue to fuel Scalzi/Heinlein comparisons, Zoe is a precocious young woman thrust into a world of adventure and danger. In just three years Scalzi has built an impressive resume as an author of fiction, and Zoe's Tale will be no small part of what looks to be an influential and outstanding career." Keep reading for the rest of JR's review. Zoe's Tale author John Scalzi pages 335 publisher Tor Books rating 9/10 reviewer JR Peck ISBN 978-0-7653-1698-1 summary Scalzi himself rightly credited the influence of Heinlein when Old Man's War was published. Unfortunately I think that some have taken the comparisons too far and tend to view everything that Scalzi writes in terms of how it contrasts or parallels something by Heinlein. I think this is a mistake, not because Scalzi isn't a great writer like Heinlein but because Scalzi has his own voice. His work has a considerably different tone and viewpoint from much of what Heinlein published. It would not be correct to view Scalzi in a vacuum but it seems to me that it is just as much an error to define Scalzi in terms of RAH. For what it is worth, Scalzi has said on his blog that he welcomes the Heinlein comparisons as it helps him to sell books.
I mention this because Heinlein is very well known for his juveniles. Podkayne of Mars is a very well known and in some ways controversial novel that centers around a young woman and her adventures. Zoe's Tale shares a few surface characteristics with Podkayne but is in many ways almost the opposite story. I think this is important to mention because I think some people may dismiss this book as a retread of something else, but this couldn't be further from the truth. This is a fresh tale, and I believe may be one of those stories that years from now will be a fondly remembered first read for many science fiction fans.
Each of the previous Old Man's War universe novels stands well on it's own. There is very little overlap of characters in the first two and while the third brings back major characters from the first two, knowledge of them is not required to follow the story. Zoe's Tale stands on it's own as well but this is because it is a retelling of the third book, The Last Colony from a completely different perspective. Whereas The Last Colony focuses primarily on John Perry and Jane Sagan from Old Man's War, Zoe's Tale as the title informs is told from the perspective of their adopted daughter, Zoe.
Zoe is very much a typical teenager, though she lives in very atypical circumstances; even for a teenager in her time of interplanetary travel and colonization. Humanity lives in a universe shared with a myriad of other intelligent species. Many of them are competing for very rare and valuable real estate, inhabitable planets. The human government has decided to start their first new colony populated by people coming from existing colonies. To this point every new colony has been started by people leaving earth. Zoe's parents John and Jane are asked to lead this endeavor.
I would imagine that a middle aged man writing a teenage character of the opposite sex would be quite a stretch. Scalzi says that he had quite a bit of help from women in his life. However he did it, he pulled it off extremely well. Zoe is smart, sometimes a bit too smart for her own good. She is sarcastic and moody but a much fuller person than some whiney caricature. The reader gets to experience her ups and downs and watch her grow. She's a great kid right from the start but even stronger, more confident and wiser by the end. This is a book for young adults that does not treat the reader or the subject matter in a childish way.
In fact there aren't a ton of differences between this and any other Scalzi book. There is a good bet that this will work just as well for adults as kids. The language is tamer, there is no graphic sexual content (though I can't think of any in the other books). and the violence is toned down. There is still action and there is violence, but the descriptions are not quite as graphic as in the other novels. The emotions and the consequences of actions and words are just as strong and this is important. While this is less graphic, that does not mean content or meaning is filtered out. It truly is a young adult novel with emphasis on young.
Many of the greatest science fiction stories for youth out there were written in the 50's. Scalzi has created a modern tale that incorporates current technology, mores and norms in this story. This is an excellent introduction for any young man or woman who may not already be an avid science fiction fan. Important themes include those of being truthful, transparency in government, the sanctity of life and loyalty. These and more are touched on at various times but the book never feels preachy or heavy handed in its approach.
There is only one real negative with this book and it is only a drawback for those who have already read The Last Colony. The story is told from a completely new perspective, but it is still the same story. There are many new scenes and information brought in that were not revealed in Zoe's predecessor, but the outcomes are the same. This is not a weakness through a failing on the part of the author but rather a natural outcome of writing two books taking place in the same time frame. I still really enjoyed the book and was eager to see how certain events took place but it didn't hold quite the same impact at times as events had when I read The Last Colony. This wont be an issue for anyone who hasn't read that book or any young people who haven't read any of the novels. For me it was the difference between a 9 and a 10.
That is such a small thing though. This is a strong entry in a great series that I believe is destined to be considered a classic. Scalzi's entry into the field is a welcome treatment of classic themes with a fresh new viewpoint that is smart and entertaining.
You can purchase Zoe's Tale from amazon.com. Slashdot welcomes readers' book reviews — to see your own review here, read the book review guidelines, then visit the submission page. -
Zoe's Tale
stoolpigeon writes "John Scalzi, the author of Hugo Award-nominated science fiction novel Old Man's War, has built what started as a story serialized in his blog into a series of full novels and short stories. The latest installment in the OMW universe, Zoe's Tale, is quite a departure from the previous three books. It is the first of Scalzi's sci-fi novels written intentionally as young adult fiction. In a move that I am sure will continue to fuel Scalzi/Heinlein comparisons, Zoe is a precocious young woman thrust into a world of adventure and danger. In just three years Scalzi has built an impressive resume as an author of fiction, and Zoe's Tale will be no small part of what looks to be an influential and outstanding career." Keep reading for the rest of JR's review. Zoe's Tale author John Scalzi pages 335 publisher Tor Books rating 9/10 reviewer JR Peck ISBN 978-0-7653-1698-1 summary Scalzi himself rightly credited the influence of Heinlein when Old Man's War was published. Unfortunately I think that some have taken the comparisons too far and tend to view everything that Scalzi writes in terms of how it contrasts or parallels something by Heinlein. I think this is a mistake, not because Scalzi isn't a great writer like Heinlein but because Scalzi has his own voice. His work has a considerably different tone and viewpoint from much of what Heinlein published. It would not be correct to view Scalzi in a vacuum but it seems to me that it is just as much an error to define Scalzi in terms of RAH. For what it is worth, Scalzi has said on his blog that he welcomes the Heinlein comparisons as it helps him to sell books.
I mention this because Heinlein is very well known for his juveniles. Podkayne of Mars is a very well known and in some ways controversial novel that centers around a young woman and her adventures. Zoe's Tale shares a few surface characteristics with Podkayne but is in many ways almost the opposite story. I think this is important to mention because I think some people may dismiss this book as a retread of something else, but this couldn't be further from the truth. This is a fresh tale, and I believe may be one of those stories that years from now will be a fondly remembered first read for many science fiction fans.
Each of the previous Old Man's War universe novels stands well on it's own. There is very little overlap of characters in the first two and while the third brings back major characters from the first two, knowledge of them is not required to follow the story. Zoe's Tale stands on it's own as well but this is because it is a retelling of the third book, The Last Colony from a completely different perspective. Whereas The Last Colony focuses primarily on John Perry and Jane Sagan from Old Man's War, Zoe's Tale as the title informs is told from the perspective of their adopted daughter, Zoe.
Zoe is very much a typical teenager, though she lives in very atypical circumstances; even for a teenager in her time of interplanetary travel and colonization. Humanity lives in a universe shared with a myriad of other intelligent species. Many of them are competing for very rare and valuable real estate, inhabitable planets. The human government has decided to start their first new colony populated by people coming from existing colonies. To this point every new colony has been started by people leaving earth. Zoe's parents John and Jane are asked to lead this endeavor.
I would imagine that a middle aged man writing a teenage character of the opposite sex would be quite a stretch. Scalzi says that he had quite a bit of help from women in his life. However he did it, he pulled it off extremely well. Zoe is smart, sometimes a bit too smart for her own good. She is sarcastic and moody but a much fuller person than some whiney caricature. The reader gets to experience her ups and downs and watch her grow. She's a great kid right from the start but even stronger, more confident and wiser by the end. This is a book for young adults that does not treat the reader or the subject matter in a childish way.
In fact there aren't a ton of differences between this and any other Scalzi book. There is a good bet that this will work just as well for adults as kids. The language is tamer, there is no graphic sexual content (though I can't think of any in the other books). and the violence is toned down. There is still action and there is violence, but the descriptions are not quite as graphic as in the other novels. The emotions and the consequences of actions and words are just as strong and this is important. While this is less graphic, that does not mean content or meaning is filtered out. It truly is a young adult novel with emphasis on young.
Many of the greatest science fiction stories for youth out there were written in the 50's. Scalzi has created a modern tale that incorporates current technology, mores and norms in this story. This is an excellent introduction for any young man or woman who may not already be an avid science fiction fan. Important themes include those of being truthful, transparency in government, the sanctity of life and loyalty. These and more are touched on at various times but the book never feels preachy or heavy handed in its approach.
There is only one real negative with this book and it is only a drawback for those who have already read The Last Colony. The story is told from a completely new perspective, but it is still the same story. There are many new scenes and information brought in that were not revealed in Zoe's predecessor, but the outcomes are the same. This is not a weakness through a failing on the part of the author but rather a natural outcome of writing two books taking place in the same time frame. I still really enjoyed the book and was eager to see how certain events took place but it didn't hold quite the same impact at times as events had when I read The Last Colony. This wont be an issue for anyone who hasn't read that book or any young people who haven't read any of the novels. For me it was the difference between a 9 and a 10.
That is such a small thing though. This is a strong entry in a great series that I believe is destined to be considered a classic. Scalzi's entry into the field is a welcome treatment of classic themes with a fresh new viewpoint that is smart and entertaining.
You can purchase Zoe's Tale from amazon.com. Slashdot welcomes readers' book reviews — to see your own review here, read the book review guidelines, then visit the submission page. -
EEStor Issued a Patent For Its Supercapacitor
An anonymous reader sends us to GM-volt.com, an electric vehicle enthusiast blog, for the news that last week EEStor was granted a US patent for their electric-energy storage unit, of which no one outside the company (no one who is talking, anyway) has seen so much as a working prototype. We've discussed the company on a number of occasions. The patent (PDF) is a highly information-rich document that offers remarkable insight into the device. EEStor notes "the present invention provides a unique lightweight electric-energy storage unit that has the capability to store ultrahigh amounts of energy." "The core ingredient is an aluminum coated barium titanate powder immersed in a polyethylene terephthalate plastic matrix. The EESU is composed of 31,353 of these components arranged in parallel. It is said to have a total capacitance of 30.693 F and can hold 52.220 kWh of energy. The device is said to have a weight of 281.56 pound including the box and all hardware. Unlike lithium-ion cells, the technology is said not to degrade with cycling and thus has a functionally unlimited lifetime. It is mentioned the device cannot explode when being charge or impacted and is thus safe for vehicles." -
EEStor Issued a Patent For Its Supercapacitor
An anonymous reader sends us to GM-volt.com, an electric vehicle enthusiast blog, for the news that last week EEStor was granted a US patent for their electric-energy storage unit, of which no one outside the company (no one who is talking, anyway) has seen so much as a working prototype. We've discussed the company on a number of occasions. The patent (PDF) is a highly information-rich document that offers remarkable insight into the device. EEStor notes "the present invention provides a unique lightweight electric-energy storage unit that has the capability to store ultrahigh amounts of energy." "The core ingredient is an aluminum coated barium titanate powder immersed in a polyethylene terephthalate plastic matrix. The EESU is composed of 31,353 of these components arranged in parallel. It is said to have a total capacitance of 30.693 F and can hold 52.220 kWh of energy. The device is said to have a weight of 281.56 pound including the box and all hardware. Unlike lithium-ion cells, the technology is said not to degrade with cycling and thus has a functionally unlimited lifetime. It is mentioned the device cannot explode when being charge or impacted and is thus safe for vehicles." -
The Slow Bruteforce Botnet(s) May Be Learning
badger.foo writes "We've seen stories about the slow bruteforcers — we've discussed it here — and based on the data, my colleague Egil Möller was the first to suggest that since we know the attempts are coordinated, it is not too far-fetched to assume that the controlling system measures the rates of success for each of the chosen targets and allocates resources accordingly. (The probes of my systems have slowed in the last month.) If Egil's assumption is right, we are seeing the bad guys adapting. And they're avoiding OpenBSD machines." For fans of raw data, here are all the log entries (3MB) that badger.foo has collected since noticing the slow bruteforce attacks. -
US Government Responds Harshly To ICANN gTLD Plans
ICANN posted its proposal for expanding gTLDs late in October, and now the US government has issued its scathing response (PDF, 11 pp., linked from there), from the departments of Commerce and Justice. The initial criticism is that John Levine sent a note to a policy mailing list and summarized the concerns raised as ranging from "...insufficient attention to monopoly and consumer protection, to lack of capacity to enforce compliance, to overreach into non-technical areas such as adjudication of morality, to what they'll do with all the extra money since they are a non-profit. Their first concern is that in 2006 the ICANN board said they would commission a study on economic issues in TLD registrations such as whether different TLDs are different markets, substitutability between TLDs, and registry market power, issues which are fairly important in any new TLD process. Here it is two years later, they're rushing to set up the new TLD process, but there's no study. 'ICANN needs to complete this economic study and the results should be considered by the community before new gTLDs are introduced.'" -
Warner Music Pulls Videos Off YouTube
iammani writes with this excerpt from Reuters: "Warner Music Group ordered YouTube on Saturday to remove all music videos by its artists from the popular online video-sharing site after contract negotiations broke down. ... The talks fell apart early on Saturday because Warner wants a bigger share of the huge revenue potential of YouTube's massive visitor traffic. There were no reports on what Warner was seeking. 'We simply cannot accept terms that fail to appropriately and fairly compensate recording artists, songwriters, labels and publishers for the value they provide,' Warner said in a statement." Warner's deal with YouTube to make those videos available came just prior to YouTube's acquisition by Google. -
Warner Music Pulls Videos Off YouTube
iammani writes with this excerpt from Reuters: "Warner Music Group ordered YouTube on Saturday to remove all music videos by its artists from the popular online video-sharing site after contract negotiations broke down. ... The talks fell apart early on Saturday because Warner wants a bigger share of the huge revenue potential of YouTube's massive visitor traffic. There were no reports on what Warner was seeking. 'We simply cannot accept terms that fail to appropriately and fairly compensate recording artists, songwriters, labels and publishers for the value they provide,' Warner said in a statement." Warner's deal with YouTube to make those videos available came just prior to YouTube's acquisition by Google. -
NIST Announces Round 1 Candidates For SHA-3 Competition
jd writes "NIST has announced the round 1 candidates for the Cryptographic Hash Algorithm Challenge. Of the 64 who submitted entries, 51 were accepted. Of those, in mere days, one has been definitely broken, and three others are believed to have been. At this rate, it won't take the couple of years NIST was reckoning to whittle down the field to just one or two. (In comparison, the European Union version, NESSIE, received just one cryptographic hash function for its contest. One has to wonder if NIST and the crypto experts are so concerned about being overwhelmed with work for this current contest, why they all but ignored the European effort. A self-inflicted wound might hurt, but it's still self-inflicted.) Popular wisdom has it that no product will have any support for any of these algorithms for years — if ever. Of course, popular wisdom is ignoring all Open Source projects that support cryptography (including the Linux kernel) which could add support for any of these tomorrow. Does it really matter if the algorithm is found to be flawed later on, if most of these packages support algorithms known to be flawed today? Wouldn't it just be geekier to have passwords in Blue Midnight Wish or SANDstorm rather than boring old MD5, even if it makes no practical difference whatsoever?" -
Abit To Close Its Doors Forever On Dec. 31, 2008
ki1obyte writes "Earlier this year the Taiwanese firm Abit, once a leading-edge maker of computer mainboards and other components, was slated to shut down motherboard production by the end of 2008 and focus on consumer electronics devices. Now X-bit labs reports that Abit will cease to exist entirely after midnight on the last day of 2008 because the owner of the brand, Universal Scientific Industrial, is in the process of restructuring and cutting their costs." -
The Post-Bilski Era Gets Underway
bfwebster writes "A set of pharmaceutical process patents for 'evaluating and improving the safety of immunization schedules' (Classen v. Biogen et al.; see US Patents 6,420,139; 6,638,379; 5,728,385; 5,723,283) were held to be invalid due to unpatentability. The decision was appealed to the US Court of Appeals for the Federal Circuit, but was upheld with a terse citation to In re Bilski (which decision we discussed here). Here's the entire text of the appeals decision: 'In light of our decision in In re Bilski, 545 F.3d 943 (Fed. Cir. 2008) (en banc), we affirm the district court's grant of summary judgment that these claims are invalid under 35 U.S.C. 101. Dr. Classen's claims are neither "tied to a particular machine or apparatus" nor do they "transform a particular article into a different state or thing." Bilski, 545 F.3d at 954. Therefore we affirm.' It will be interesting to see what happens when these same standards start getting applied to software-related patents." -
RIAA Claim of Stopping Suits "Months" Ago Is False
NewYorkCountryLawyer writes "According to a report on Wired.com, the RIAA spokesman claimed that the RIAA has not filed any new lawsuits 'for months,' and according to the Wall Street Journal report discussed here yesterday, the RIAA stopped filing mass lawsuits 'early this fall.' Knowing that the RIAA has a problem with telling the truth, I did a little investigating, and found out that the RIAA had, in fact, commenced a wave of lawsuits just last week. Why would anyone believe anything their spokesperson says? This is an organization that has a tendency to misspeak a lot, if you know what I mean, even when under oath." CNet has a copy of the RIAA's new form letter that it will ask ISPs to pass on to alleged copyright-infringing users. It says, in part, "This letter does not constitute a waiver of our members' rights to recover or claim relief for damages incurred by this illegal activity, nor does it waive the right to bring legal action against the user at issue for engaging in music theft." -
Nobel Jurors Facing Bribery Probe
RockDoctor writes "A report is circulating that in the run-up to the selection of prize-winners for 2006 and 2008, some members of the Nobel jury accepted an expenses-paid trip (or trips) to China to 'explain the selection process.' That's not, in itself, an incriminating event ('Is there something that we're doing incorrectly, or not doing?' is a valid question), and if there was dishonorable intent, it doesn't seem to have worked too well (the last Chinese Nobel Laureate was in 1957). There does seem to be embarrassment about falling into an obvious conflict-of-interest mantrap." PhysOrg mentions that a corruption prosecutor is also looking into a Nobel-related sponsorship from a pharmaceutical company that was linked to one of the winners for this year's Medicine prize. -
Mechanical AI Made In LittleBigPlanet
Laurens writes "Despite slow sales of LittleBigPlanet in the USA, you might have heard of the calculator made within the game, but now that has been topped. I found a fully-functioning AI machine which plays Tic-Tac-Toe against the player. Considering that you can't actually program in LBP, this feat is impressive; it is a machine which has mechanical AND and OR ports made of pistons and proximity detectors, a physically moving Program Counter, and hundreds of wires. The level is called 'Tic Tac Toe' and is by author Cristel." Another player created a similarly amazing level that is a recreation of John Conway's Game of Life. -
New York City Street Lights To Go LED
eldavojohn writes "Wired has a short piece on NYC's new street light project. I don't think we need to belabor the many benefits that LEDs hold over traditional light bulbs, but the finishing touches are being addressed, and they will hopefully be put into place sometime next year. This design won a competition back in 2004, and OVI has been whittling down the prototypes. At $1.175 million, this sounds like a pretty cheap deal considering the DOE forked over $21 million to 13 R&D projects along the same lines." -
EA Is Now Officially On Steam, Spore Loses SecuROM
Trevor DeRiza writes "Today, Valve and EA revealed that this week's earlier rumors were true: Spore (and other EA games) are coming to Steam. As of today, Spore, Spore Creepy & Cute Parts Pack, Warhammer Online, Mass Effect, Need for Speed: Undercover, and FIFA Manager 2009 are all available for download on Steam. In the coming weeks, EA will add Mirror's Edge, Dead Space, and Red Alert 3. On the official Steam forums, when asked whether or not Spore would contain the dreaded SecuROM DRM that contributed to it being the most pirated game of 2008, a moderator replied, 'It does not have third party DRM.' EA has also finally launched a 'de-authorization tool' to free up limited installation slots." Several readers have written to point out other news about Steam today: they've begun selling games priced in local currency for European customers. The only problem? Their conversion rate seems to be $1 per €1, somewhat less favorable than the current exchange rate, which is roughly $1.40 per €1. -
Mediterranean Undersea Cables Cut, Again
miller60 writes "Three undersea cables in the Mediterranean Sea have failed within minutes of each other in an incident that is eerily similar to a series of cable cuts in the region in early 2008. The cable cuts are already causing serious service problems in the Middle East and Asia. See coverage at the Internet Storm Center, Data Center Knowledge and Bloomberg. The February 2008 cable cuts triggered rampant speculation about sabotage, but were later attributed to ships that dropped anchor in the wrong place." -
Mediterranean Undersea Cables Cut, Again
miller60 writes "Three undersea cables in the Mediterranean Sea have failed within minutes of each other in an incident that is eerily similar to a series of cable cuts in the region in early 2008. The cable cuts are already causing serious service problems in the Middle East and Asia. See coverage at the Internet Storm Center, Data Center Knowledge and Bloomberg. The February 2008 cable cuts triggered rampant speculation about sabotage, but were later attributed to ships that dropped anchor in the wrong place." -
Trick or Treatment
brothke writes "The recent collapse of financial companies occurred in part because their operations were run like a black box. For many years, alternative medicine has similarly operated in the shadows with its own set of black boxes. In Trick or Treatment: The Undeniable Facts about Alternative Medicine, Simon Singh and Edzard Ernst, MD, break open that box, and show with devastating clarity and accuracy, that the box is for the most part empty." Keep reading for the rest of Ben's review. Trick or Treatment: The Undeniable Facts about Alternative Medicine author Simon Singh and Edzard Ernst pages 352 publisher W. W. Norton rating 9 reviewer Ben Rothke ISBN 978-0393066616 summary Peels away the fallacies of acupuncture, homeopathy, chiropractic and herbal medicine I first encountered co-author Simon Singh at the 2005 RSA Conference. In his presentation, he included a demonstration of the human brains unique capability for pattern matching when specific patterns are expected, and used Led Zeppelins Stairway to Heaven as an example. Stairway has long been rumored to have subliminal satanic messages. When played backwards, it is impossible to decipher any message. But when the message is known in advance, one can then hear the message imploring the listener to go to Satans tool shed. Once Singh put the subliminal lyrics on the overhead, the subliminal message was now clear, not due to a subliminal message, rather via pattern matching.
While no reasonable person can believe in Stairways subliminal lyrics, far too many people do believe in equally implausible things in the realm of alternative medicine. In the book, the authors tackle four main areas: acupuncture, homeopathy, chiropractic and herbal medicine. The books conclusion is that acupuncture, homeopathy, chiropractic are essentially worthless, while herbal medicine has limited value.
Chapter 1 starts with an overview of evidence-based medicine (EBM), of which the authors are staunch believers. EBM applies evidence gained via the scientific method and assesses the quality of the evidence relevant to the risks and benefits of the treatments. The foundation of EBM is the systematic review of evidence for particular treatments via mainly randomized controlled trials. In the chapter, the authors reiterate the concept that the plural of anecdote is not data. Acupuncture, homeopathy, chiropractic have plenty of first-person anecdotes, but a lack of controlled studies with real data to back up their spurious claims.
EBM shows that homeopathy and other bogus cures are of no value, yet the public is oblivious to those facts. In a piece I wrote on this topic, New York News Radio" The voice of bad science, its shows that cheap radio advertising (with its mishmash of pseudo-scientific claims) combined with a public that is ignorant of basic scientific facts, creates a perfect storm for the continuation of homeopathy and other bogus cures.
A recurring theme the book stresses is that acupuncture, homeopathy, chiropractic and other alternative therapies are scientifically impossible, and often will violate fundamental scientific principles. A perfect example of this implausibility is with homeopathy. Contrary to what common sense and basic science, in homeopathy, a solution that is more diluted is considered stronger and as having a higher potency. The issue is that the end result is a product that is so diluted, that its contents when in solid form is pure sugar, and when in liquid form; 100% H20. When a homeopathic liquid is in its most diluted state, there is not a single molecule of the active ingredient. Therein lays the scientific implausibility of homeopathy.
Chapter 1 also asks one of the books fundamental questions: how do you determine the truth? The authors answer that it is via the scientific method. This is determined only after strict and careful analysis of a clinical study, of which the most effective is double-blind and randomized.
In chapter 3, the book jokingly notes that since homeopathic liquid remedies are so diluted that they contain only water; their only use would be for dehydration. And since homeopathy is based on the fact that the strength of a remedy is based on its dilution, one could conceivably overdose on a homeopathic remedy by forgetting to take a dose.
The chapter concludes with perhaps the strongest indictment against homeopathy; namely its content. If one looks at the content of oscillococcinum, a homeopathic alternative marketed to relieve influenza-like symptoms, the packaging states that each gram of medication contains 0.85 grams of sucrose and 0.15 grams of lactose. Sucrose and lactose are simply forms of sugar, of which oscillococcinum is nothing more than am expensive sugar pill.
In chapter 4, the authors write that while homeopathy is nothing more than a placebo, the added danger with it is that patients will often forgo real medications to take a homeopathic one. It reports of a study in Britain, which demonstrated that the most benign alternative medicine can become dangerous if the therapist who administers it advises a patient not to follow an effective conventional medical treatment. The study demonstrated that alternative medical practitioners often recommend homeopathic remedies for malaria, and ignore proven conventional medicines. Such an approach can often mean a death sentence for the person taking the homeopathic remedy.
Chapter 5 deals with herbal medicine. The chapter is somewhat different in that the previous chapters about acupuncture, homeopathy and chiropractic showed them to be useless, herbal medicine does have value. The book notes that herbal medicine has been embraced by science to a far greater extent than acupuncture, homeopathy and chiropractics. The chapter lists over 30 herbal medicines and their levels of efficacy. An irony of herbal medicine is that some exotic ones, such as those with tiger bone or rhino horn are pushing the species to the brink of extinction, due to their level of popularity in certain parts of the world.
Chapter 5 concludes with on why smart people believe such odd things? Alternative medicine has failed to deliver the health benefits that it claims, so why are millions of patients wasting their money and risking their lives by turning towards a snake-oil industry? The authors provide numerous reasons for this, from the concepts such as natural, traditional and holistic, to attacks on the scientific method by the alternative medical community and more.
The appendix is a rapid guide to alternative therapies and lists over 30 new treatments with their benefits and potential dangers. The appendix gives single page summaries of the plethora other alternative therapies, from ear candles, colonic irrigation, reiki, to leech therapy and more. The authors write that most of these are bogus, many violate fundamental laws of sciences, and but a few have real, but limited value.
Alternative medicine operates in the shadows, blithely touting that their products have not been evaluated by the Food and Drug Administration, and that they are not intended to diagnose, treat, cure or prevent any disease. While these products are not intended to diagnose, treat, cure or prevent any disease; consumers nonetheless spends billions of dollars per year on unproven supplements. Consumers can be quite fickle. On one side they are furious at the SEC for their lack of oversight around Madoff Investments Securities. Yet when the FDA requires products use their disclaimer of how ineffective the item is, consumers will throw billions of dollars on ineffective products.
Trick or Treatment: The Undeniable Facts about Alternative Medicine is an incredibly important and eye-opening book. While Singh is a physicist and Ernst a medical doctor, the book is written in a clear and compelling style, avoids technical jargon, and sticks to the facts. In the spirit of the scientific method, the authors scrutinize alternative and complementary cures and the results show that the snake oil is still selling.
Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.
You can purchase Trick or Treatment: The Undeniable Facts about Alternative Medicine from amazon.com. Slashdot welcomes readers' book reviews — to see your own review here, read the book review guidelines, then visit the submission page. -
Trick or Treatment
brothke writes "The recent collapse of financial companies occurred in part because their operations were run like a black box. For many years, alternative medicine has similarly operated in the shadows with its own set of black boxes. In Trick or Treatment: The Undeniable Facts about Alternative Medicine, Simon Singh and Edzard Ernst, MD, break open that box, and show with devastating clarity and accuracy, that the box is for the most part empty." Keep reading for the rest of Ben's review. Trick or Treatment: The Undeniable Facts about Alternative Medicine author Simon Singh and Edzard Ernst pages 352 publisher W. W. Norton rating 9 reviewer Ben Rothke ISBN 978-0393066616 summary Peels away the fallacies of acupuncture, homeopathy, chiropractic and herbal medicine I first encountered co-author Simon Singh at the 2005 RSA Conference. In his presentation, he included a demonstration of the human brains unique capability for pattern matching when specific patterns are expected, and used Led Zeppelins Stairway to Heaven as an example. Stairway has long been rumored to have subliminal satanic messages. When played backwards, it is impossible to decipher any message. But when the message is known in advance, one can then hear the message imploring the listener to go to Satans tool shed. Once Singh put the subliminal lyrics on the overhead, the subliminal message was now clear, not due to a subliminal message, rather via pattern matching.
While no reasonable person can believe in Stairways subliminal lyrics, far too many people do believe in equally implausible things in the realm of alternative medicine. In the book, the authors tackle four main areas: acupuncture, homeopathy, chiropractic and herbal medicine. The books conclusion is that acupuncture, homeopathy, chiropractic are essentially worthless, while herbal medicine has limited value.
Chapter 1 starts with an overview of evidence-based medicine (EBM), of which the authors are staunch believers. EBM applies evidence gained via the scientific method and assesses the quality of the evidence relevant to the risks and benefits of the treatments. The foundation of EBM is the systematic review of evidence for particular treatments via mainly randomized controlled trials. In the chapter, the authors reiterate the concept that the plural of anecdote is not data. Acupuncture, homeopathy, chiropractic have plenty of first-person anecdotes, but a lack of controlled studies with real data to back up their spurious claims.
EBM shows that homeopathy and other bogus cures are of no value, yet the public is oblivious to those facts. In a piece I wrote on this topic, New York News Radio" The voice of bad science, its shows that cheap radio advertising (with its mishmash of pseudo-scientific claims) combined with a public that is ignorant of basic scientific facts, creates a perfect storm for the continuation of homeopathy and other bogus cures.
A recurring theme the book stresses is that acupuncture, homeopathy, chiropractic and other alternative therapies are scientifically impossible, and often will violate fundamental scientific principles. A perfect example of this implausibility is with homeopathy. Contrary to what common sense and basic science, in homeopathy, a solution that is more diluted is considered stronger and as having a higher potency. The issue is that the end result is a product that is so diluted, that its contents when in solid form is pure sugar, and when in liquid form; 100% H20. When a homeopathic liquid is in its most diluted state, there is not a single molecule of the active ingredient. Therein lays the scientific implausibility of homeopathy.
Chapter 1 also asks one of the books fundamental questions: how do you determine the truth? The authors answer that it is via the scientific method. This is determined only after strict and careful analysis of a clinical study, of which the most effective is double-blind and randomized.
In chapter 3, the book jokingly notes that since homeopathic liquid remedies are so diluted that they contain only water; their only use would be for dehydration. And since homeopathy is based on the fact that the strength of a remedy is based on its dilution, one could conceivably overdose on a homeopathic remedy by forgetting to take a dose.
The chapter concludes with perhaps the strongest indictment against homeopathy; namely its content. If one looks at the content of oscillococcinum, a homeopathic alternative marketed to relieve influenza-like symptoms, the packaging states that each gram of medication contains 0.85 grams of sucrose and 0.15 grams of lactose. Sucrose and lactose are simply forms of sugar, of which oscillococcinum is nothing more than am expensive sugar pill.
In chapter 4, the authors write that while homeopathy is nothing more than a placebo, the added danger with it is that patients will often forgo real medications to take a homeopathic one. It reports of a study in Britain, which demonstrated that the most benign alternative medicine can become dangerous if the therapist who administers it advises a patient not to follow an effective conventional medical treatment. The study demonstrated that alternative medical practitioners often recommend homeopathic remedies for malaria, and ignore proven conventional medicines. Such an approach can often mean a death sentence for the person taking the homeopathic remedy.
Chapter 5 deals with herbal medicine. The chapter is somewhat different in that the previous chapters about acupuncture, homeopathy and chiropractic showed them to be useless, herbal medicine does have value. The book notes that herbal medicine has been embraced by science to a far greater extent than acupuncture, homeopathy and chiropractics. The chapter lists over 30 herbal medicines and their levels of efficacy. An irony of herbal medicine is that some exotic ones, such as those with tiger bone or rhino horn are pushing the species to the brink of extinction, due to their level of popularity in certain parts of the world.
Chapter 5 concludes with on why smart people believe such odd things? Alternative medicine has failed to deliver the health benefits that it claims, so why are millions of patients wasting their money and risking their lives by turning towards a snake-oil industry? The authors provide numerous reasons for this, from the concepts such as natural, traditional and holistic, to attacks on the scientific method by the alternative medical community and more.
The appendix is a rapid guide to alternative therapies and lists over 30 new treatments with their benefits and potential dangers. The appendix gives single page summaries of the plethora other alternative therapies, from ear candles, colonic irrigation, reiki, to leech therapy and more. The authors write that most of these are bogus, many violate fundamental laws of sciences, and but a few have real, but limited value.
Alternative medicine operates in the shadows, blithely touting that their products have not been evaluated by the Food and Drug Administration, and that they are not intended to diagnose, treat, cure or prevent any disease. While these products are not intended to diagnose, treat, cure or prevent any disease; consumers nonetheless spends billions of dollars per year on unproven supplements. Consumers can be quite fickle. On one side they are furious at the SEC for their lack of oversight around Madoff Investments Securities. Yet when the FDA requires products use their disclaimer of how ineffective the item is, consumers will throw billions of dollars on ineffective products.
Trick or Treatment: The Undeniable Facts about Alternative Medicine is an incredibly important and eye-opening book. While Singh is a physicist and Ernst a medical doctor, the book is written in a clear and compelling style, avoids technical jargon, and sticks to the facts. In the spirit of the scientific method, the authors scrutinize alternative and complementary cures and the results show that the snake oil is still selling.
Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.
You can purchase Trick or Treatment: The Undeniable Facts about Alternative Medicine from amazon.com. Slashdot welcomes readers' book reviews — to see your own review here, read the book review guidelines, then visit the submission page. -
CSIS Cybersecurity Commission Chairman Jim Langevin Answers Your Questions
Last week we solicited questions for US Representative Jim Langevin (D-RI), one of the chairs of the CSIS Cybersecurity Commission. Here are his answers — along with contact information for him if you want to continue the conversation. 1) Red Teams
by Bananatree3
The NSA has had great success with Red Teams and competitions between security experts in helping learn how to better secure sensitive data and to keep up to date with the latest attack techniques.
What are your plans to utilize this powerful technique? If applied elsewhere, Red Team competitions can help better secure other aspects of the internet and to stay up to date.
Rep. Langevin: I couldn't agree more. I've been an advocate of moving away from the paperwork exercises that have become more prevalent in Federal government IT security towards a more operational-focused testing environment like red/blue teams and penetration testing. In fact, I wrote a bill (HR 5983) this year that would have required the heads of appropriate Federal agencies (DHS, NSA, DOD, etc.) to create security control testing protocols to ensure that the Department of Homeland Security's networks are protected against known attacks and exploits. The bill would have essentially given the DHS Inspector General the ability to red/blue team the Department's networks to determine whether or not the Department's security policies and controls were effective.
The DHS Inspector General does not have the same capabilities as the NSA red team. Unfortunately, there are a limited number of individuals who are members of these elite teams; what I'd like to see happen is groups like NSA red/blue engage with more Federal civilian agency security officers who can perform these functions when the NSA teams are not available.
Of course, the great value in red teaming comes from actually mitigating the vulnerabilities discovered by the red team. This takes time and money, which can sometimes be difficult to come by. So while we have to do more red teaming in the Federal government, we also have to be prepared to spend the money to fix the problems.
I find that red team competitions are a great way to refine offensive and defensive skills, and can also be a good recruiting tool for the Federal government. In the spring I congratulated the college participants in the 2008 National Collegiate Cyber Defense Competition that was held at the campus of UT-San Antonio, and encouraged them to look for Federal jobs when they graduate. We as a nation have to recruit and invest in these students because of their talent and potential.
2) Why run this out of the EOP?
by Animats
Why run this out of the Executive Office of the President? Trying to run operational units directly from the White House seldom works well; the environment is political, not operational. The present cybersecurity office, in Homeland Security, is ineffective because the incumbent is a former lobbyist. When Amit Yoran was in charge there, progress was being made. He quit because he wasn't getting backing from higher in Homeland Security. The office needs a high-level champion in the White House, but that's a liasion job.
Rep. Langevin: You are right - cyber operations should not be run by the White House. We have plenty of agencies that have the skill and capability to run various cyber operations throughout the Federal government. But as you've noted, at the end of the day, cybersecurity requires coordination of activities across agencies, and the CSIS Commission concluded that the White House is the best place to locate this function.
The Commission discovered that the central problems in the current Federal organization for cybersecurity are lack of a strategic focus, overlapping missions, poor coordination and collaboration, and diffuse responsibility. The Commission considered many options for how best to organize for cybersecurity. One particularly useful model was the Intelligence Reform and Terrorist Prevention Act (IRTPA). IRTPA imposed a new, more collaborative structure on the Intelligence Community. It mandated a distributed "intelligence enterprise." Congressional mandates, however, are not enough. It took a Director of National Intelligence with the appropriate authorities to build collaboration. This did not mean that the DNI became a centralized manager of the IC - agencies still have their unique operational functions. The DNI role is to provide the strategy and collaborative networks for the intelligence enterprise. This effort, although it is still a work in progress, helped to guide our thinking.
I hope that the Assistant to the President for Cyberspace will be that high-level champion that you described, a person who can provide programmatic oversight for the many cybersecurity programs that involve multiple agencies, but not take operational control over the agency responsibilities.
3) Re:Why run this out of the EOP?
by gclef (96
To build on this, how are you planning on addressing the credibility gap between what the executive wants to achieve, and what the rest of the internet community (at least in the US) believes you really can/should achieve?
For example, I was at BlackHat this year, and the keynote speaker was one of the Feds, speaking about the federal plans for cyber security. The discussions in the hall after his keynote were scathing. Many of the attendees concluded that he had no clue what he was talking about. This, I think, has to be the first hurdle the executive needs to clear before accomplishing anything. Put simply: the private sector just doesn't believe in government's ability to succeed. How are you going to fix that?
Rep. Langevin: The uncertainty of success should not prevent government from playing a role in securing cyberspace, but its questionable effectiveness means we have to find specific areas or roles where the government can add value. This is the challenge we face today.
I think back to some of the fundamental lessons of the government's efforts in Y2K. John Koskinen, the incredibly effective manager of this effort, asked himself what role the government could or should play with the private sector. His list was short: 1) Government could provide expertise to the private sector; 2) Government could provide a trusted meeting place for the private sector; 3) Government could provide a mix of positive and negative incentives for the private sector to implement security fixes. With this blueprint, Koskinen had his marching orders.
Government alone will not solve the cybersecurity problem because government alone does not own the infrastructure or the technical expertise. But government involvement is the key for success because of its ability to positively and negatively incentivize behavior. Today, just like 10 years ago, there are incentives that the government can provide to ensure better security in the private sector, and, like the government response to Y2K, I think this is where the government should focus its effort.
The trust relationship between the government and the private sector has been damaged over the years, so this will be an area for the next President to try to improve. The CSIS Commission recommends rebuilding the public-private partnership on cybersecurity to focus on key infrastructures and coordinated preventative and responsive activities. The Commission recommends the President direct the creation of three new groups for partnership that provide the basis for both trust and action: 1) A Presidential Advisory Committee organized under the Federal Advisory Committee Act (FACA) with senior representatives from the key cyber infrastructures; 2) A "town hall" style national stakeholders' organization that provides a platform for education and discussion; and 3) A new operational organization, the Center for Cybersecurity Operations (CCSO), where public and private sector entities can collaborate and share information on critical cybersecurity in a trusted environment.
There is one specific area that the government can establish some credibility with the private sector: become the gold standard for network security. Some of you have heard me discuss this vision during my DHS oversight hearings. The security of Federal networks has received attention from the highest principals in government, and I believe the increased attention will lead to better strategies, larger commitment of resources, and greater awareness throughout Federal agencies. Making the Federal government the gold standard demonstrates to the private sector that we are committed to security and we can be a trusted partner.
4) Regulation
by Hatta
The free and open nature of the internet is its biggest asset. How do you plan on enforcing "cybersecurity" without damaging its free and open nature? Are you sure that the cure (government regulation) isn't worse than the disease (cybercrime)? Remember there was no cybercrime before the internet. The internet has brought us both crime and prosperity, so far the prosperity has far exceeded the crime. I benefit far more than I suffer from having an unregulated internet, can you convince me that a regulated internet is even necessary?
What sort of measures can you take to fight cybercrime without affecting my unfettered access to the internet? The phrase "If you have nothing to hide, you have nothing to fear" is not an acceptable response.
Rep. Langevin: I disagree with the premise - neither I nor the CSIS Commission discussed a "regulated Internet". What we did discuss is the need to develop and issue standards and guidance for securing three specific critical cyber infrastructures - telecom, finance, and energy - with the intent of increasing transparency and improving resiliency and reliability in the delivery of services critical to cyberspace.
5)How will this power be controlled?
by Opportunist
I work in IT security and thus I wonder how you plan to deal with two conflicting problems: Rapid change of threat scenarios and ability to supervise and monitor the actions taken by the "cyber police". Threats in IT change rapidly. Over the course of days sometimes. So quick reactions to emerging threats is a necessity. You have to react fast when something emerges, you can't let debates go on forever with weeks passing to give various interest groups a say in the matter.
How do you plan to ensure that civil liberties will not suffer from the necessary fast response when trying to make the internet a safer place?
That whatever organization is supposed to make the "net safer" will have certain powers is a given. Whenever, though, someone who has power has to do something fast (i.e. before someone could complain or interfere), the temptation to abuse this power (claiming "danger in delay", when the only danger would have been that someone could find out that power abuse is afoot) is present as well. How do you plan to address this?
Rep. Langevin: It's a significant challenge to respond to threats that can hit in a matter of milliseconds. Specifically, to address abuses of power or compromises of privacy and civil liberties, we have to insist that privacy and civil liberties protections be built in from the ground floor into our cybersecurity programs.
The E-Government Act requires agencies to conduct Privacy Impact Assessments (PIA) before developing or procuring IT systems or projects that collect, maintain or disseminate information in identifiable form from or about members of the public, or initiating a new electronic collection of information in identifiable form for 10 or more persons. In general, PIAs are required to be performed and updated as necessary where a system change creates new privacy risks. I think this is one way that we can ensure that privacy and civil liberties concerns are addressed at the outset, but I am open to any suggestions from the readers.
6) Hiring Practices And Education
by codepunk
I noticed briefly in the document that it mentions the inability of the Govt. to hire the necessary talent to combat these issues. Namely it mentions the drop in CS student enrollments and attempts to relate it to the .com burst. In reality the American IT profession is under assault by both outsourcing and the current H1B visa program. How do you intend to increase CS enrollment when the job market is being eroded by these two factors?
Rep. Langevin: I am concerned about the drop in computer science students, because it could portend of a decline in American competitiveness in science and technology At the same time, I also know that advanced degrees are not a necessity in operations. Some of the best operational experts I know - both in and out of government - only have high school diplomas.
There are a variety of different skill sets that we are looking for in the Federal government. The goal is to both increase the supply of skilled workers (to benefit both government and the private sector) and to create a career path (including training and advancement) for cyber specialists in the Federal government.
I have long advocated for a comprehensive approach to immigration reform that combines border security, enforcement of immigration laws already on the books, and a humane and common-sense approach to dealing with the millions of immigrants who are already in this country illegally. Reforming the system includes looking at all visa programs such as the one you mention.
The model for increasing the supply of skilled cyber workers is the 1958 National Defense Education Act, which improved national security and strengthened the economy. A larger effort poses complex challenges, however, and a focused program that emphasizes cybersecurity will be easier to obtain. The simplest approach may be to expand Scholarship for Service, a National Science Foundation scholarship program that provides tuition and stipends, in addition to requiring accreditation of schools where scholarships are provided for computer security studies.
The U.S. must also develop a career path for cyber specialists in federal service. Creating this career path entails a number of steps, including minimum entry requirements for cyber positions, training in specialized security skills, and a national cyber skills certification program. The Office of Personnel Management, working with key agencies engaged in cyber defense and offense, needs to establish rewarding career paths and advanced training.
This career path should transcend specific departments or agencies. I believe it should be modeled on the Federal Law Enforcement Training Center (FLETC), which provides training to all Federal employees in the Law Enforcement Officer skills. The program should initially focus on national security related missions (including critical infrastructure), but could later be expanded to other mission areas.
7) Why?
by poetmatt
Why must civil liberties be given up under any circumstance under the guise of "cybersecurity"? Why is there no open public review for people to proclaim that under no circumstance do they plan to give up civil liberties for sake of a bad us government cybersecurity plan? I for one do not plan to give up any form of "rights" just because the government has an inability to secure their own systems. I'm sure we all know the Thomas Jefferson quote for this.
Basically, my question is: why are we focused on balancing rights for security when we could spend more effort securing the existing government computer systems that we use, and it would be more effective? This is like pointing a finger at the washington monument and blaming it for the market collapse, and does not directly address the issue I just mentioned.
Rep. Langevin: No American should give up the liberties granted to him by our Constitution under any circumstances. I do disagree with your premise, however, that the Federal government is sacrificing the liberties of its citizens to ensure greater security of its networks.
Readers of Slashdot who share my concern about protecting privacy and civil liberties may be interested in reading the Privacy Impact Assessments (PIA) prepared by the Federal government for various IT systems that I mentioned in a previous response.
8) Over-reaching
by gclef
A) Are you concerned with biting off more than you can chew with the "Manage Identities" portion of the recommendation? (or, put another way, are you sure the government should really be doing any of those in the first place?)
A number of people are already uncomfortable with the idea of a national identity card (witness the problems that RealID is having these days)...your report goes even farther, though, by proposing a
government-issued identity card that consumers could use for purchases online. If I'm already suspicious of a national ID, why in the world would I want to use a government-issued online ID?
B) Also, your recommendations have some huge loopholes: point 17 says that you want to allow consumers to use strong government-issued credentials for online activities, but point 18 then says that there should be regulation preventing businesses from *requiring* the use of those credentials.In practice, one of these two lines will be pointless (companies will say that it's optional to do business with them, so it's not "required"). By way of example, it's illegal for a company to *require* an SSN for non-banking business, but just try to get water service in Maryland without giving it to them...you can't do it. Doesn't this sort of loophole make your "consumer protection" recommendations pointless?
Rep. Langevin: Government-issued identity sparks a wide range of emotions, but I have to be clear about one thing: the Commission did not recommend that the government issue strong credentials to individuals.
First, we recommended that strong authentication be mandatory for critical cyber infrastructures - energy, finance, and telecommunications. Second, we said that if people want to use their new strong credential (which does not necessarily have to be provided by the government) for commercial purposes, they should be allowed to do so when the other party in a transaction is willing to accept them. Finally, we said that as we are likely to see two classes of consumers emerge (those with strong digital credentials and those who have chosen not to have such credentials), the FTC should ensure that companies can't refuse low-risk online services to those without credentials. FTC rules can move companies to adopt a risk-based approach to authentication - low risk transactions can use weak or no authentication, high risk transaction can require more.
You are essentially already doing this if you use online banking services: you can browse the website without authentication, but you need strong authentication to access your account and engage in transactions. Banks issue the credential (not the government) but it is in a framework of rules and guidance issued by regulatory authorities. The Commission wanted to move the banking model to other critical sectors.
The real issue is how to construct a system that accommodates a minority that is afraid of strong authentication without blocking adoption for critical infrastructure or high value transactions.
9) Single Platform Vulnerability
by codepunk
It is no secret that our nations national security is threatened by the current single platform strategy. The lack of operating system diversity creates a fatal environment in which a single system flaw can expose all govt facilities and networks. As it stands today a single serious vulnerability could be exploited to blackout most if not all of our govt infrastructure. How do you intend to address this serious problem?
Rep. Langevin: We can do our best to build security in. Currently, most vendors deliver software with a very wide set of features and functions enabled including some that can result in less secure operations if not properly configured by the purchaser. However, as software systems become increasingly complex the difficulty of securely configuring these systems and maintaining that secure configuration has become a major technical and operational challenge.
The Federal government, taken as a single organization, is the largest buyer of most information technology products. Federal acquisitions rules provide a large mechanism for the government to shape private sector behavior. The CSIS Commission recommended that the Federal government require that the IT products it buys be securely configured upon delivery. Today, this effort is known as the Federal Desktop Core Configuration (FDCC). The FDCC is an OMB mandate that requires all Federal agencies to standardize the configuration of settings on operating systems and for applications that run on those systems. The FDCC is aimed at strengthening Federal IT security by reducing opportunities for hackers to access and exploit government computer systems.
A carefully crafted acquisitions regime, combined with an expanded FDCC initiative could help drive the market towards more secure configurations. The secure configurations mandated by the Federal government and produced in this collaboration with industry would be available for use by state and local government organizations as well as the private sector. A collaborative effort between government and industry to resolve software vulnerabilities and to deliver secure products could result in lower overall costs over the life of a system, even if secure configurations initially resulted in a higher price.
10) Secure what?
by fuego451
Besides sensitive government computers, which for whatever reason need to be connected to the WWW, exactly what part of the US portion of the Web needs to be secured and why?
Rep. Langevin: I am focused specifically on Federal information networks and critical infrastructure networks, such as infrastructure that is used to operate energy utilities and banking and finance and telecommunications. Ineffective cybersecurity leaves us vulnerable to attacks on our informational infrastructure, and in an increasingly competitive international environment, such attacks undercut America's economy and security and put the nation at risk.
-------------
Thanks to everyone who took the time to participate in this thread. Obviously, we weren't able to cover everything here in one Q&A, but if you would like to contact me with additional thoughts, please send me an email noting your interest in cybersecurity. -
Game Devs Warming Up To More Mature-Rated Games On the Wii
With the success of the Grand Theft Auto franchise responsible for the majority of publisher Take Two Interactive's earnings in the past year, the company's executives are looking more and more at expanding their M-rated products onto the typically family-friendly Wii. Take Two's CEO said, "Even though we think M-rated content is much more appropriate for the PS3 or 360, we have to look at the Wii as a viable platform across all our labels. We have to, because we can't ignore the installed base. You just can't." They're already planning to release GTA: Chinatown Wars for the DS to test the waters on a Nintendo platform, hoping for a better result than the controversy over Manhunt 2 last year. -
Wireless Power Consortium Pushes For Standard
Slatterz writes "We've already heard about wireless power before, but now we're a step closer to throwing away our power cables and chargers. A consortium of eight companies has launched an initiative to develop a wireless power standard. The drive was announced at the first Wireless Power Consortium conference at the Hong Kong Science Park yesterday. Most consumer electronic devices require a different charger, and the resulting tangle of wires and bulky devices is 'ugly, frustrating and inconvenient to use,' the group said. 'Wireless power charging takes away the need for wires and connectors. You simply drop your mobile phone, game device, electric shaver on the charging station and the battery is recharged,' explained Satoru Nishimura, senior manager at Sanyo." -
Indian GPS Cartographers Charged As Terrorists
chrb writes "Following on from the discussion about Apple disabling GPS in Egyptian iPhones, we have a new case of the conflict between the traditional secrecy of government, and the widening availability of cheap, accurate GPS devices around the world. On 5th December, two software engineers employed by Biond Software in India were arrested for mapping highways using vehicle based GPS devices. Further evidence against the pair emerged when it was found that a laptop they had been using in the car contained some photos of the local airforce base. The company claims they had been commissioned by Nokia Navigator to create maps of local roads and terrain. Following an investigation by the Anti Terrorist Squad of Gujarat the cartographers have now been charged with violating the Official Secrets Act and will remain in custody." -
NVIDIA GTX 295 Brings the Pain and Performance
Vigile writes "Dual-GPU graphics cards are all the rage and it was a pair of RV770 cores that AMD had to use in order to best the likes of NVIDIA's GeForce GTX 280. This time NVIDIA has the goal of taking back the performance crown and the GeForce GTX 295 essentially takes two of the GT200 GPUs used on the GTX 280, shrinks them from 65nm to 55nm, and puts them on a single card. The results are pretty impressive and the GTX 295 dominates in the benchmarks with a price tag of $499." -
NVIDIA GTX 295 Brings the Pain and Performance
Vigile writes "Dual-GPU graphics cards are all the rage and it was a pair of RV770 cores that AMD had to use in order to best the likes of NVIDIA's GeForce GTX 280. This time NVIDIA has the goal of taking back the performance crown and the GeForce GTX 295 essentially takes two of the GT200 GPUs used on the GTX 280, shrinks them from 65nm to 55nm, and puts them on a single card. The results are pretty impressive and the GTX 295 dominates in the benchmarks with a price tag of $499." -
Microsoft Rushes Internet Explorer Patch
drquoz writes "Last week, it was reported that a critical security flaw was found in Internet Explorer. On Tuesday, experts were advising users not to use IE until a patch could be released. On Wednesday, Microsoft released the patch. An interesting quote from the article: 'Kandek suggests that Microsoft is at a disadvantage in updating Internet Explorer because its browser doesn't have a built-in update mechanism like other browser makers. Mozilla, for instance, just released Firefox 3.05 to Firefox users through its auto-update system.'" -
Microsoft Rushes Internet Explorer Patch
drquoz writes "Last week, it was reported that a critical security flaw was found in Internet Explorer. On Tuesday, experts were advising users not to use IE until a patch could be released. On Wednesday, Microsoft released the patch. An interesting quote from the article: 'Kandek suggests that Microsoft is at a disadvantage in updating Internet Explorer because its browser doesn't have a built-in update mechanism like other browser makers. Mozilla, for instance, just released Firefox 3.05 to Firefox users through its auto-update system.'" -
Are Micro-Transactions the Future of Online Game Business Models?
Last week we discussed news of Sony Online Entertainment's unveiling of a store that would allow players to purchase in-game Everquest items for real money. Massively spoke with John Smedley, SOE's CEO, about the system and what their goals were. He made the point that they were limiting sales to things that wouldn't unbalance the game. "They're fun and they're convenient. That's all they are. We're not selling power. There are a lot of respectable viewpoints on this, and a lot of reasonable people can disagree on them. Our view is that nothing here is gamebreaking." Edge Magazine has a related piece about Mytheon, an upcoming action-strategy game that will rely on micro-transactions to support its otherwise free-to-play business model. The game's producer suggests that micro-transactions are "a model that really gets us closer to the end user, and that's the way things need to be in the future, online." -
Video Game Trends In 2008
Gamasutra is running a feature looking at some of the most important trends that have cropped up or become popular over last year in the gaming industry. Gamers' outrage over the DRM controversy built up a great deal of steam over the past year, and will likely remain strong in 2009. This year also saw downloadable content being used for new and varied purposes, and many developers are banking more heavily on user-generated content, as in LittleBigPlanet. They point out the increase in retro and neo-retro gaming after the success of Mega Man 9 and anticipation for the new Bionic Commando. What trends do you expect to see more of in the next year? -
Video Game Trends In 2008
Gamasutra is running a feature looking at some of the most important trends that have cropped up or become popular over last year in the gaming industry. Gamers' outrage over the DRM controversy built up a great deal of steam over the past year, and will likely remain strong in 2009. This year also saw downloadable content being used for new and varied purposes, and many developers are banking more heavily on user-generated content, as in LittleBigPlanet. They point out the increase in retro and neo-retro gaming after the success of Mega Man 9 and anticipation for the new Bionic Commando. What trends do you expect to see more of in the next year? -
Video Game Trends In 2008
Gamasutra is running a feature looking at some of the most important trends that have cropped up or become popular over last year in the gaming industry. Gamers' outrage over the DRM controversy built up a great deal of steam over the past year, and will likely remain strong in 2009. This year also saw downloadable content being used for new and varied purposes, and many developers are banking more heavily on user-generated content, as in LittleBigPlanet. They point out the increase in retro and neo-retro gaming after the success of Mega Man 9 and anticipation for the new Bionic Commando. What trends do you expect to see more of in the next year? -
Start Saving To Buy Your Space Shuttle Now
stoolpigeon writes "With the retirement of the shuttle drawing near, NASA has begun to plan for museums that may want a used orbiter of their own. The Orlando Sentinel reports that NASA issued an RFI to US educational institutions, science museums and other organizations to see if they would be interested in the orbiter while also able to cover the estimated $42 million cost of 'safeing' the shuttle and transporting it." -
With Olympics Over, China Re-Censors Internet
eldavojohn writes "We last left the story of Internet censorship in the People's Republic of China when the IOC had reached a deal with the Chinese government whereby some of the press restrictions were lifted. With the 2008 Olympics now but a memory, China has began censoring foreign news sources again. Maybe the West is making too big of a deal over this, as many Chinese citizens seem to like it that way."