|“Massachusetts is taking data encryption regulation to the next level by actually defining what is meant by encryption, and this definition includes all data that is in transition, in storage and on portable devices.”
Mark Wright, The Evolution of Data
From 201 CMR 17.00: STANDARDS FOR THE PROTECTION OF PERSONAL INFORMATION OF RESIDENTS OF THE COMMONWEALTH / Definitions section
“Encrypted,” transformation of data through the use of a 128-bit or higher algorithmic process, or other means or process approved by the office of consumer affairs and business regulation that is at least as secure as such algorithmic process, into a form in which there is a low probability of assigning meaning without use of a confidential process or key.
|“Until now, common wisdom has been that the large variety of BIOS implementations means it is unfeasible for attackers to create portable, widespread BIOS malware. Core’s researchers proved this wrong.”
Sherri Davidoff, BIOS can become a source of malware
According to Core’s CTO, Ivan Arce, the researchers identified a specific section of BIOS code — a decompression routine — used in the majority of motherboards. BIOS code is stored compressed so that it takes up less space, and code must be decompressed before it runs. The decompression routine is exactly the same in many different motherboards. This gives attackers a single snippet of code that they can target in order to compromise many different BIOSes. The result? For the first time, researchers showed that BIOS-level malware can practically infect a wide variety of hardware.
|There are a lot of statements being made by people who are not involved in analyzing these attacks, and a lot of inappropriate rhetoric about ‘cyberwar.’
Dave Dittrich as quoted in Latest DDoS attacks extremely unsophisticated, experts say
DDoS attacks were aimed at several U.S. government sites this past week, including sites for the Federal Trade Commission and the U.S. Department of Transportation. The New York Stock Exchange, the Nasdaq electronic exchange, the Washington Post and South Korean government sites were also attacked.
Researchers from the U.S. Computer Emergency Readiness Team (CERT) and the Korea Internet Security Center are busy analyzing the traffic packets and it looks like there might be a “command and control server” out there giving orders to a zombie army. If that’s true, it should be easier to catch whoever is behind the attacks. Hopefully.
|“Ubuntu 9.10, codenamed Karmic Koala, is the next major release of the popular Ubuntu Linux distribution…The alpha 2 release ships with GRUB 2, the next-generation of GNU’s GRUB bootloader.”|
There are still some aspects of GRUB 2 that are not yet working properly in this alpha release, the most notable of which is support for booting other operating systems. Users with multiboot configurations are encouraged to wait for alpha 3 or use a workaround to install GRUB 1. The Ubuntu developers are seeking help from the community to test the new version of GRUB on a wide range of hardware configurations. Testing instructions and a growing list of results can be found at the Ubuntu wiki.
If you want to test alpha 2 yourself, you can download a CD image from the Ubuntu website.
|The Computer History Museum is celebrating the 50th anniversary of the integrated circuit with a multimedia exhibit called “The Silicon Engine.”|
How can you resist stopping to read about the Traitorous Eight?
Using oral histories from those who experienced the creation and development of the integrated circuit, the Computer History Museum compiled a documentary on this invention that irrefutably changed the world. The year-long exhibit will feature examples of early transistors, the vacuum tubes they replaced, and early integrated circuits, as well as explaining who was behind the inventions, especially the so-called “Traitorous Eight” engineers that largely developed the IC back in 1959.
|“We in the software community are new to kanban, and it is easy to get a bit too enthusiastic, and unintentionally change the meaning of kanban when we discuss it.”
Henrik Mårtensson, Defining Kanba
Kanban is used by in both lean and agile software development methodologies. Henrik explains that the kanban boards filled with sticky notes used by software developers are work-in-progress (WIP) kanban cards.
Scott Miller says
Each sticker or card represents a task at a small level – design login screen, develop reservation stored procedure, test login (the smaller the task the better). The stickers/cards may also be agile user stories. In addition, there are usually columns for “To Do”, “Active”, “Failed Test”, and “Complete”. There may also be columns for the different teams that are touching the task.
The task is moved along from one column to the next and everyone on the team can see what the status is and what task is due next, without everyone needing a copy of Microsoft Project on their PC’s (not that there’s anything wrong with that…). This also empowers the development team to be a “pull” system. A developer can pull a card from the “To Do” column and work on it. The project manager can see what the status is at any moment.
|CDP is like video and snapshots are like photos.
Lauren Whitehouse, as quoted in How continuous data protection is used today
As a result, CDP minimizes the loss of data in case of a failure. With snapshots, all data between a failure and the latest snapshot is lost.
|Autonomous, intelligent robots are great, but when they look like classic Transformers characters they’re even better.|
The handiwork of Mellon University’s Tekkotsu lab, the Chiara Robot has six independent legs, a claw arm with six degrees of freedom, and a combination of webcam and IR rangefinder for spotting objects and obstacles. Even better, this is no simple lab project: the Chiara Robot will actually be manufactured and sold by RoPro Design.
I admit, Chiara is cool, but I don’t think it’s got the beat when it comes to looking like a classic Transformer character. The WR-07, created by Nakamura san at Himeji Soft Works, is a robot that morphs from car to humanoid and back.
[kml_flashembed movie="http://www.youtube.com/v/STQ3nhXuuEM" width="425" height="350" wmode="transparent" /]
|Google intern Scott Suiter went to Times Square and asked 50 random people three simple questions:
“What is a browser?”
“Do you know the difference between a browser and a search engine?”
“What browser do you use?”
JayWalking, if you’re not a Tonight Show fan, was a popular man-on-the-street interview segment where former host Jay Leno would stop pedestrians and ask them questions about American history, current events and other things a fifth grader would probably know. The more stupid the answers, the funnier the segment.
It’s pretty clear just from this little micro-survey that people were confused about the difference between a browser and a search engine.
The question is, does it really matter?
I don’t type in “http://” anymore. I rarely type in “www.” What I do instead sets my husband’s teeth right on edge because it’s so lazy. You see, sometimes I’ll search right from my browser window.
If you’re still pulling up the Google home page to begin your search, try skipping that step. Open IE or Firefox and in the browser toolbar where it says “address,” type in your query —
And then imagine a whole generation of kids growing up doing the same thing. They don’t care if they’re using the right window or the right word. Would you be embarrassed because you called a generic bathroom tissue a “Kleenex?” Or feel stupid if you called the HP office machine that copies and collates a “Xerox machine” instead of a photocopier? Nah. And that’s about how important any of this stuff is going to be to the next generation.
[kml_flashembed movie="http://www.youtube.com/v/o4MwTvtyrUQ" width="425" height="350" wmode="transparent" /]
The video ends by saying “Less than 8% of the people who were interviewed on this day knew what a browser was.”
|Hewlett-Packard Co. admitted several years ago to using Web bugs to spy on reporters during an internal investigation of news media leaks by board members.|
There’s some buzz right now about whether or not HTML email is so insecure that it’s never a good idea. That means that Web bugs are back in the news. If you missed the HP story the first time around, a company rep testified in front of a House of Representatives subcommittee about bugging emails to find corporate leaks to the press. They used a service called readnotify.com
ReadNotify’s service makes bugging e-mail a matter of pointing and clicking. The ReadNotify Web page will generate a document with an image. This image, a green check mark, can simply be dragged and dropped into the document that needs to be traced. The check mark becomes transparent after being dropped.
Web bugs aren’t illegal. Marketers use them to track email blasts to see how many emails were actually opened and synchronize browser cookies so a returning visitor gets served relevant ads.