Not that far off, given that mice have a very limited vision (lab mice can be assumed to be practically blind!) and mostly rely on their nose only to navigate the world. A bit like the drug experience when high junkies crash into cars, because they don't "see" them, I would say. Anyway, I did not read the paper (is it out?) to see which strain they used (probably on a blind background, hehe), but from what I read here, this "conclusion" seems vague, at best.
Re:A little knowledge is a dangerous thing...
on
Immunizing the Internet
·
· Score: 2, Interesting
You seem to be the only one to mention this problem: on most systems, an intrusion means that you need to completely reset (at least) the invaded machine. Quite often, although, also possibly compromised passwords, authentication files, etc. must also be reset on a global scale.
This measure of loss is overinclusive, however, because much of the
cost of restoring system integrity is money that one should reasonably
expect users to spend anyway. Whenever security flaws are discovered,
users spend time and money to patch them, regardless of whether
their systems have been attacked. Yet these same costs, when borne
by the actual victim of a breach, count as losses under the current
Guidelines even when the hacked system suffers no damage. It is as
if a mere trespasser who entered a doorway with no lock were held liable
for the cost of installing a lock afterwards.
So this statement indicates that a patch is as expensive as restoring a system? And as others mentioned, this shows how people love to create real-world examples about things those simply do not work in the IT world that way.
Finally, as discussed above, an attack's benefits generally correlate
with its novelty. Exploitation of a known security hole usually offers
little benefit beyond raising awareness. A novel attack, however, reveals
much more valuable information that could preempt a more
damaging surprise attack. Therefore, a redesigned system might punish
attacks that are novel more lightly, and punish attacks that are not
novel more harshly.
Great, any real intruders, who will most likely not rely on old exploits, get less punishment. Nice perspective: hack a few systems, do nothing obvious but set up a backdoor allowing another attack to be even more untraceable, and claim you are a "benevolent hacker". Therefore, you are getting less (or no?) punishment (and possibly making the victims prone to leave the system[s] unchanged apart from patching what you do not care about any longer), and finally complete the real crime later. Great concepts in this work, really. But he (they?) should have asked some security guys first, I guess.
First of all I want to point out, so-called "junk DNA" has proven to be a very bad idea for thinking of introns and other untranslated regions (like UTR's [untranslated regions around protein-coding regions], regions of DNA which are not used to create proteins [in the regular way] via mRNA (messenger RNA), then translated to protein). Most scientists will agree nowadays there is _alot_ of information in these non-exonic regions, the most prominent example up to date being microRNA - small RNA pieces from intronic and UT regions - affecting the cell machinery, like silencing protein translation from existing mRNAs.
Given the figures of 1 billion sequence records, it is by far not as impressive once you start removing redundant entries, and as more than half of these entries originate from so-called EST's (expressed sequence tags) - meaning DNA regions [exonic regions] which do translate to mRNA: Knowing exons only constitute a minoirty of the genomes of higher organisms, thse entries constitute less than 5 % of the complete genome. Also redundancies might not even be discernable because of the high fault-tolerance most "quick-and-dirty" sequencing-methods have - ranging up to several precent of erroneous bases. Also a _big_ problem is sequencing of highly repetitive regions of the genome, as current sequencing proceedures allow to sequence strands up to a length of approx. 1 KB (1000 bases), not much more [this relates to the error-rate growing untolerably high if sequencing anything significantly longer than this]. But repetitive DNA regions can often keep on going for more than this length: so we are still not able to "close the gaps" and can not say where these pieces belong to (although excellent scientists are working exactly on this tough problem using so-called "whole genome assemblers").
Concluding this, I would not be astonished to see that less than 10 % (and even far less) of these billion records do actually contain original information. So, if you want to stick to the hype, you are free to do so, but: it's about hype, not facts.
Slashdot Mirror
Not that far off, given that mice have a very limited vision (lab mice can be assumed to be practically blind!) and mostly rely on their nose only to navigate the world. A bit like the drug experience when high junkies crash into cars, because they don't "see" them, I would say. Anyway, I did not read the paper (is it out?) to see which strain they used (probably on a blind background, hehe), but from what I read here, this "conclusion" seems vague, at best.
This measure of loss is overinclusive, however, because much of the cost of restoring system integrity is money that one should reasonably expect users to spend anyway. Whenever security flaws are discovered, users spend time and money to patch them, regardless of whether their systems have been attacked. Yet these same costs, when borne by the actual victim of a breach, count as losses under the current Guidelines even when the hacked system suffers no damage. It is as if a mere trespasser who entered a doorway with no lock were held liable for the cost of installing a lock afterwards.
So this statement indicates that a patch is as expensive as restoring a system? And as others mentioned, this shows how people love to create real-world examples about things those simply do not work in the IT world that way.
Finally, as discussed above, an attack's benefits generally correlate with its novelty. Exploitation of a known security hole usually offers little benefit beyond raising awareness. A novel attack, however, reveals much more valuable information that could preempt a more damaging surprise attack. Therefore, a redesigned system might punish attacks that are novel more lightly, and punish attacks that are not novel more harshly.
Great, any real intruders, who will most likely not rely on old exploits, get less punishment. Nice perspective: hack a few systems, do nothing obvious but set up a backdoor allowing another attack to be even more untraceable, and claim you are a "benevolent hacker". Therefore, you are getting less (or no?) punishment (and possibly making the victims prone to leave the system[s] unchanged apart from patching what you do not care about any longer), and finally complete the real crime later. Great concepts in this work, really. But he (they?) should have asked some security guys first, I guess.
Given the figures of 1 billion sequence records, it is by far not as impressive once you start removing redundant entries, and as more than half of these entries originate from so-called EST's (expressed sequence tags) - meaning DNA regions [exonic regions] which do translate to mRNA: Knowing exons only constitute a minoirty of the genomes of higher organisms, thse entries constitute less than 5 % of the complete genome. Also redundancies might not even be discernable because of the high fault-tolerance most "quick-and-dirty" sequencing-methods have - ranging up to several precent of erroneous bases. Also a _big_ problem is sequencing of highly repetitive regions of the genome, as current sequencing proceedures allow to sequence strands up to a length of approx. 1 KB (1000 bases), not much more [this relates to the error-rate growing untolerably high if sequencing anything significantly longer than this]. But repetitive DNA regions can often keep on going for more than this length: so we are still not able to "close the gaps" and can not say where these pieces belong to (although excellent scientists are working exactly on this tough problem using so-called "whole genome assemblers").
Concluding this, I would not be astonished to see that less than 10 % (and even far less) of these billion records do actually contain original information. So, if you want to stick to the hype, you are free to do so, but: it's about hype, not facts.