Liudvikas Bukys

Andrew Odlyzko: Pricing and architecture of the Internet: Historical perspectives from telecommunications and transportation:

The general conclusion then is that the historical record of the transportation industry does demonstrate the importance and prevalence of disciminatory policies that are incompatible with the basic architecture of the current Internet. This probably accounts for much of the push to build new networks, or modify the current ones so as to provide more control for service providers over what customers do. However, the Internet is special, in its importance as an enabler for the rest of the economy, in its migration of costs and capabilities to the edges, in its primary value being in connectivity and low transaction latency, and in its pervasiveness and frequency of use. Hence in spite of the strong push from the industry, there are good prospects that the open architecture of the Internet will survive.

Take a look at Dana Epp’s succinct exhortation on The Eight Rules of Security: least privilege, change management, trust, weakest link, separation, three-fold process, preventative action, and immediate and proper response.

Micah Dubinko, author of XForms Essentials, lists his XML.com: Ten Favorite XForms Engines

It turned out that progress on XForms technology was happening so rapidly anything in print would have been quickly outdated. An online approach seemed more sensible.

[via Slashdot]

Insights into Information Security: VLAN Insecurity & The Principle of Compartmentalization: pointers to recent SANS and GIAC publications on the topic

IBM: Build a grid application with Python (tutorials):

• Introduction

• Communication

• Security

Appeals Court Reverses Decision on Music Download Case:

In a major setback for the recording industry, a federal appeals court on Friday struck down a ruling ordering Internet service providers to identify customers using the Internet to share copyrighted music.

Thanks to TechDirt here is the text of the full decision (PDF).

News @ Cisco: Cisco, Anti-Virus Vendors Discuss Milestone Initiative for Network Security:

The Cisco Self-Defending Network Initiative aims to dramatically improve the ability of networks to identify, defend against, and adapt to growing security threats. As part of this strategic initiative, Cisco is working in conjunction with Network Associates, Symantec and Trend Micro to launch the Cisco Network Admission Control (NAC) program.

…

NAC is an automated identity and security assessment mechanism that leverages partnerships with the anti-virus vendors. When a device connects to a network, it is checked to see if it is compliant with corporate security policy. NAC prevents non-compliant end points from joining the larger network and possibly infecting other machines.

Network Associates, Symantec and Trend Micro will license the Cisco Trust Agent, which communicates the current policy state of an end point to a policy server. Non-compliant machines can then be quickly brought into compliance with automated downloads of anti-virus software. NAC may also be implemented with the Cisco Security Agent, a new behavioral-based intrusion prevention technology that prevents malicious activity while permitting activity compliant with established security policies.

Tim Bray: Insecurity by Obscurity: A legal department’s weblog is open to the world, and easily discovered via referer logs.

Two more scam victims tell their tales - theage.com.au:

“They transferred $20,000 to my bank account and then sent me details to transfer money via Western Union to some place in Russia,” he said. “I told them that it would take five working days to take the money out, as I wanted to make sure this money weren’t stolen.

One must note that, having given account information to a stranger, it’s amazing that these dolts have any money left at all.

Clay Shirky:The RIAA Succeeds Where the Cypherpunks Failed:

In response to the RIAA’s suits, users who want to share music files are adopting tools like WINW and BadBlue, that allow them to create encrypted spaces where they can share files and converse with one another. As a result, all their communications in these spaces, even messages with no more commercial content than “BRITN3Y SUX!!!1!” are hidden from prying eyes. This is not because such messages are sensitive, but rather because once a user starts encrypting messages and files, it’s often easier to encrypt everything than to pick and choose. Note that the broadening adoption of encryption is not because users have become libertarians, but because they have become criminals; to a first approximation, every PC owner under the age of 35 is now a felon.