software development, security, opinion
The Guardian: Mike May regains his sight after 43 years of blindness: “his remarkable account of seeing for the first time since he was three”
… I can’t fathom how sighted people go around seeing each other’s eyes without being flustered too.
RFID readers can’t talk to more than one tag at a time, so when multiple tags reply to a query, the readers detect a collision and revert to what’s known as a singulation protocol to communicate with each tag individually. To accomplish this, the reader queries each tag for its next bit, which identifies which portion of a binary tree the tag resides on. When queried, a blocker tag responds with a ‘0’ and a ‘1’ bit. This causes the reader to start over and explore the entire tree.
Such a tag could be programmed to block only a certain range of RFID serial numbers. This would still allow for benign uses of RFID tags while enabling users or corporations to control which tags are readable.
Peter Swire: Don’t delete Internet privacy: Porn web sites file DMCA subpoenas to identify visitors.
Flawed Routers Flood University of Wisconsin Internet Time Server:
NetGear equipment (500,000 unique devices observed, 700,000 manufactured) polls at one second intervals until it receives a response from the NTP server, after which it uses a longer poll interval such as one minute, ten minutes, two hours, or 24 hours, depending upon product model and firmware version.
Australian IT – Rogue routers cause havoc for CSIRO (Kate Mackenzie, JULY 08, 2003): about 85,000 SMC brand routers poll the CSIRO time server twice a minute when they don’t receive a response.
The Story of “Nadine” — a Tale of Mailing Lists. It’s been out there for a while, but somehow I’ve missed it until now. A diligent system administrator writes up the story of one misaddressed opt-in and the subsequent sale of that information from one spammer to another. Particularly interesting was the effort one spammer put in, by apparently going to the trouble of looking up the name of a joint tenant in some public records somewhere.
Jon Udell: Acrobat and InfoPath:
The only missing InfoPath ingredient is a forms designer that nonprogrammers can use to map between schema elements and form fields. That’s just what the recently announced Adobe Forms Designer intends to be. I like where Adobe is going. The familiarity of paper forms matters to lots of people. And unless Microsoft’s strategy changes radically, those folks are far likelier to have an Adobe reader than an InfoPath client.
SecurityFocus News: Slammer worm crashed Ohio nuke plant network:
“The reports paint a sobering picture of cybersecurity at FirstEnergy.”
Andrew Odlyzko: Re: East Coast outage?:
Should oodles of money be spent
improving the power generation and transmission grid?
… [follow the link for back-of-the-envelope calculation] …
the true economic cost of suffering a blackout
once every 10 years is probably more like $400 million per year.
That does not buy much generating capacity or transmission lines.
Now we simply will have to build more power plants and transmission
lines, since electricity demand is rising. However, this costs
much more money than putting down fiber, and causes much more political
opposition. Given these constraints, the electric power industry appears
to be doing an excellent job.
Let’s hope that a reasonable analysis ensues,
leading to a sensible expenditure that fixes more problems than it creates. How likely is that?
IT security in energy sector to come under scrutiny:
Officials from the House Committee on Government Reform want to study the security of the national power grid’s cyber-based control systems. The concern is that an equally devastating series of failures could be triggered by relatively minor disruptions to the control systems that manage the power grid.
…
The issue came to the forefront during the California energy crisis in 2001. For 17 days, between 25 April and 11 May, hackers managed to remain undetected after they breached the network of the California Independent System Operator (ISO), which manages that state’s electric grid. Although no damage was reported, officials traced the intrusion back to a system in China.
…
The problem, however, is that electrical grids such as California ISOs are highly integrated and dependent on other regional grids, and all are managed using technology known as Supervisory Control and Data Acquisition (SCADA) systems. Once highly proprietary, SCADA systems are, increasingly, being deployed using commercial off-the-shelf technologies that rely on public internet protocols and connections for ease of management and cost savings, experts said.
