Math joke
“A great math joke from Joi Ito,” via Ole Eichhorn:
Archive for the ‘LINKS’ Category.
wireless at University of Tennessee
Network Computing:
University of Tennessee Implements 802.11i (and MAC registration to support legacy machines).
[via
Wi-Fi Networking News]
April 1
The funniest spoof I read today was Avi Rubin’s new job as Diebold’s Chief Security Officer.
Also quite entertaining was the announcement of
XCP, the XML-based drop-in replacement for TCP.
The spread of the Witty worm
Shannon and Moore:
The Spread of the Witty Worm:
Witty infected only about a tenth as many hosts than the next smallest widespread Internet worm. Where SQL Slammer infected between 75,000 and 100,000 computers, the vulnerable population of the Witty worm was only about 12,000 computers. Although researchers have long predicted that a fast-probing worm could infect a small population very quickly, Witty is the first worm to demonstrate this capability. While Witty took 30 minutes longer than SQL Slammer to infect its vulnerable population, both worms spread far faster than human intervention could stop them. In the past, users of software that is not ubiquitously deployed have considered themselves relatively safe from most network-based pathogens. Witty demonstrates that a remotely accessible bug in any minimally popular piece of software can be successfully exploited by an automated attack.
DSPAM does noise reduction and bi-grams
I’ve tried CRM114 and know it performs very well.
I’m just catching up on my DSPAM reading.
Bayesian Noise Reduction looks really helpful, and reduces the cost of implementing bi-grams (Chained Tokens in DSPAM terminology).
Author Jonathan A. Zdziarski gives typical storage figures of 0.5MB-1MB for the average user without bigrams, and 10MB-20MB with. Disk is cheap.
Personally I was thinking of experimenting with boosting into longer n-grams as a way of achieving some space and time tradeoffs. I haven’t had time, though.
While I don’t disbelieve the performance numbers,
I do wish for more corpora (larger and more diverse) and standardized oerformance metrics.
UB buys IBM BladeCenter
Keeping track of my colleagues down the street:
ClusterWorld | University at Buffalo Adds IBM Blades:
The new supercomputer, capable of a peak performance of more than 1.32 TeraFlops, will consist of a cluster of 266 IBM eServer� BladeCenter� HS20 systems running Red Hat Advance Server 2.1 Linux, each with two 2.8 GHz Intel Xeon processors and 1.0 GB of memory. Seven IBM xSeries 345 Intel processor-based servers connect to 5 terabytes (TB) of IBM FAStT700 Storage to house large volumes of biological and research data. The supercomputer forms the basis of the IBM eServer Cluster 1350, a pre-packaged and tested supercluster that is ultra-dense and incredibly easy to manage.
Forging S/MIME signatures
Jon Udell tries his hand at S/MIME signature forgery,
revealing that PKI is not a panacea.
A digital signature proves something. The proof is strong but the something is weak (if it just demonstrates that you clicked a few things to get a persona certificate).
So if you need to prove something stronger, then you put limits on what digitally-signed content you’re willing to accept.
This can go in at least two directions (not mutually exclusive):
- higher-class certificates (where certificate authorities demand more proof, and encode that fact in the certificate). But higher quality means harder to get and less actual deployment. And higher quality means more attractive target for theft of keys.
- reputation systems. Of course, building robust reputation systems is not easy. Users may wish to have multiple sources of reputation information to fit their own definitions of good and bad behavior and how fast those judgments are made. It replays the whole DNS blacklist deployment. Some reputation systems may seem arbitrary and capricious. Others may be too slow or too tolerant. They are all lawsuit targets. Will there be too many to choose from?
For message classification, there is a predisposition to disparage machine learning and content inspection as too
probabilistic and uncertain, while viewing signatures as certain and reliable. It is not so, the uncertainty or trust is not eliminated, it’s just at a different level.
unescaped, escaped, double-escaped
Tim Bray explores the mess related to escaping HTML/XML information:
The policy ideally should be, I think, that all data in the Your Code block has to be known to be escaped or known to be unescaped. That is to say, you always do escaping on the data at the pointy end of the input arrows, or you never do it.
I think always-unescaped is a little better, since some of those output arrows might not be XML or HTML, but probably they all are; so always-escaped is certainly viable.
and then it gets worse, as treatment of HTML in RSS aggregators varies.
The same problem presents itself in cross-site scripting and code injection attacks.
It’s the bane of macro language beginners too, whether it’s shell or troff.
