Liudvikas Bukys

SecurityFocus News: Slammer worm crashed Ohio nuke plant network:

“The reports paint a sobering picture of cybersecurity at FirstEnergy.”

Andrew Odlyzko: Re: East Coast outage?:

Should oodles of money be spent
improving the power generation and transmission grid?

… [follow the link for back-of-the-envelope calculation] …

the true economic cost of suffering a blackout
once every 10 years is probably more like $400 million per year.
That does not buy much generating capacity or transmission lines.

Now we simply will have to build more power plants and transmission
lines, since electricity demand is rising. However, this costs
much more money than putting down fiber, and causes much more political
opposition. Given these constraints, the electric power industry appears
to be doing an excellent job.

Let’s hope that a reasonable analysis ensues,
leading to a sensible expenditure that fixes more problems than it creates. How likely is that?

IT security in energy sector to come under scrutiny:

Officials from the House Committee on Government Reform want to study the security of the national power grid’s cyber-based control systems. The concern is that an equally devastating series of failures could be triggered by relatively minor disruptions to the control systems that manage the power grid.

…
The issue came to the forefront during the California energy crisis in 2001. For 17 days, between 25 April and 11 May, hackers managed to remain undetected after they breached the network of the California Independent System Operator (ISO), which manages that state’s electric grid. Although no damage was reported, officials traced the intrusion back to a system in China.

…
The problem, however, is that electrical grids such as California ISOs are highly integrated and dependent on other regional grids, and all are managed using technology known as Supervisory Control and Data Acquisition (SCADA) systems. Once highly proprietary, SCADA systems are, increasingly, being deployed using commercial off-the-shelf technologies that rely on public internet protocols and connections for ease of management and cost savings, experts said.

What are Cognitive Systems:

A “Cognitive System” is one that utilizes psychologically plausible computational representations of human cognitive processes as a basis for system designs that seek to engage the underlying mechanisms of human cognition and augment the cognitive capacities of human users, not unlike a “cognitive prosthesis.”

Office of Civil Rights letter regarding speech codes and the First Amendment:

OCR has consistently maintained that schools in regulating the conduct of students and faculty to prevent or redress discrimination must formulate, interpret, and apply their rules in a manner that respects the legal rights of students and faculty, including those court precedents interpreting the concept of free speech. OCR’s regulations and policies do not require or prescribe speech, conduct or harassment codes that impair the exercise of rights protected under the First Amendment.

See also a deeper analysis of the letter from
Eugene Volokh.

Phil Wolff: “a klog apart: The syndicated blogosphere will reach 300 million feeds in 3 years” covers the basic architectural scaling issues related to widespread adoption of RSS. Polling a single site can’t last forever. New protocols for publish, subscribe, multicast, flood will be invented. Old protocols (NNTP) may even revive.

This page gets rediscovered by the digerati every few years:
SCIENCE HOBBYIST: Traffic Waves, physics for bored commuters, by William Beaty.
It’s got great little animated traffic images, and a continuing intelligent discussion.

EFF: Federal Court Spurns Recording Industry Enforcement Tactics:

“Today’s ruling requires the recording industry to file subpoenas where it alleges that copyright infringement occurs, rather than blanketing the country from one court in D.C.,” said Electronic Frontier Foundation (EFF) Staff Attorney Wendy Seltzer, in a statement.

Grinnell Plans lives! after being shut down by college administrators and their newly-issued Academic Computer Use Policies.
Grinnell faculty include some analysis of
Why Did Osgood and Francis Take Down Plans?

[via Lawrence Lessig]

The inimitable Paul Graham has published his latest installment on anti-spam filters: Filters that Fight Back.

He summarizes today’s state of affairs, then plays out the next ply or so:
Spammers are trying to foil learning filters with chaff of various kinds. Once they get good at it (here’s one I haven’t seen yet: pick up the chaff during your web scraping), the spam text itself will need to try to look more bland and indistinguishable, and the distinguishing features will no longer be embedded but will lie one or two HTTP GETs away instead.

So PG expands on the auto-retrieval of web content as part of filtering.

But, in my view, he enters an area fraught with peril for both technical and legal reaons:

a “punish” mode which, if turned on, would retrieve whatever’s at the end of every URL in a suspected spam n times, where n could be set by the user.

While auto-retrieval will become part of the landscape as part of the machinery of automated personal assistants, it will be tricky to implement without unwanted side-effects. Spammers will try to create new legal cover by including “shrink-wrap consent” triggered by auto-retrievers. The mere suggestion of “hack-back” intent creates a legal vulnerability as well.