Liudvikas Bukys

Marty Roesch (Snort) dismisses the

“IDS is dead” message of Gartner analysts. Here’s the middle ground: Making the transition from potentially useful to really useful is hard, and requires lots of dedicated effort and talent. Most IDS deployments are fig leaves, buying some product because it
seemed like the right thing to do, but without committing the resources to keep it alive. Failure to actually make use of the data spewing out of it makes it a bad investment. Yes, the technology is improving, producing data that is more to-the-point. However, non-serious deployers are likely to maintain equilibrium by putting even less work into using the system.

Ed Felten illustrates the persistence-of-information issues raised by Memex, DARPA’s LifeLog, journalists, bloggers, expectations of privacy, and the incentives of individuals, in
Freedom to Tinker: Privacy, Blogging, and Conflict of Interest

Alan Kay’s talk at O’Reilly Emerging Technology Conference 2003

Richards J Heuer, Jr.:
Psychology of Intelligence Analysis
«We tend to perceive what we expect to perceive.»

konspire2b is
a sender-oriented push P2P content distribution system.
Blogs will need to do something like this to scale distribution of RSS files; polling for RSS updates is not sustainable.
The authors recently posted
comparisons to Gnutella, Freenet, and BitTorrent (received-oriented pull content distributioin systems).

[via Slashdot | A Blog With Unlimited Bandwidth (Beta 1.2)]

Phil Wainewright:

• Tale of Two ITs:
  

  The problem here is that there are two separate information technologies today, just as in the early years of the last century there were two forms of transportation. In making that assertion, I am of course alluding to another HBR article, Marketing Myopia, by Theodore Levitt, which first appeared in July 1960. Levitt’s article made the seminal observation that the railroad companies declined “because they assumed themselves to be in the railroad business rather than in the transportation business.”

  Today, the IT industry is led, and has its agenda set, by companies who believe themselves to be in the enterprise-scale software business. What they don’t yet realize (or perhaps are helpless to do anything about — see Disruptive Technologies: Catching the Wave, by Bower and Christensen, HBR January 1995) is that actually they’re in the distributed process automation business. If they and their customers don’t adjust rapidly to their new market environment, their destiny will be to end up as a minor footnote in a future article in HBR about the astonishing decline of the one-time giants of our present-day IT industry.

• The end of software:

  Consolidation means contraction. When five leading firms propose mergers in the same week, the prognosis for the enterprise software industry looks dire. Especially when in the same week, the most vocal exponent of their nemesis took a bold new step into their universe.

CoVirt Project Home Page (University of Michigan):

The CoVirt project is investigating how to use virtual machines to provide security in an operating-system-independent manner. Virtual-machine security services can work even if an attacker gains complete control over the guest operating system….

Another potential challenge of using virtual machines is that running all applications above the virtual machine hurts performance due to virtualization overhead…
We modified a host OS (Linux) to enable it to better support a virtual-machine monitor. The resulting virtual-machine monitor and modified guest OS (based on UMLinux) runs even kernel-intensive applications at about 14-35% overhead…

We have designed and implemented a replay service for virtual machines called ReVirt. ReVirt logs enough information to replay a long-term execution of a virtual machine instruction-by-instruction. This enables it to provide arbitrarily detailed observations about what transpired on the system, even in the presence of non-deterministic attacks and executions…
We designed and implemented a system called BackTracker that will help system administrators understand (and thereby recover from) an intrusion. BackTracker automatically identifies potential sequences of steps that occurred in an intrusion. Starting with a single detection point (e.g. a suspicious file), BackTracker identifies files and processes that could have affected that detection point and displays chains of events in a dependency graph.

George Ziemann:

• The Dawn of Recorded Music and the First Pirates
• Music, Movies and Monopoly
• The Industry Evolves
• Copyright and the Grand Illusion
• Bringing the Past Into the Present

Lawrence Baldwin:
Distributed Delivery of SPAM, the next DDOS attack

Lee Maguire: webslog – 2003-05-22

[via
Justin Mason:
‘Shooting The Messenger’]