Monday, January 30, 2006
OSS is an easier hack: Mitnick
“Open source would be easier [to hack],” admits ex-hacker turned security consultant Mitnick. “It's less work.”
Mitnick says that open source software is easier to analyse for security holes, since you can see the code. Proprietary software, on the other hand, requires either reverse engineering, getting your hands on illicit copies of the source code, or using a technique called “fuzzing”.Fuzzing means putting fake data – such as really long strings – into portions of the application that allow user input. “You want to make that function call fail. Does it cause an exception? If it does then the programmer probably hasn't validated the input. You could supply your code in a particular manner – thus tricking the application or function into executing your own code. Hackers want to execute their own code – preferably with privileges – and then they gain control.
“On the face of it, open source software is more secure,” says Mitnick. “A lot of eyes are looking at the code. You'd think that with OSS, with more people looking at the code, you're more apt at finding security holes. But are enough people really interested?”
Mitnick does qualify his statement carefully - it's six of one and half-a-dozen of the other. “Then again, a lot of people are really good at reverse engineering. You can obtain illicit copies of [proprietary] source code,” he says diplomatically.
Mitnick was arrested in 1995 by the FBI for hacking. He served five years in prison, including eight months in solitary confinement after it was alleged that he could launch nuclear missiles by whistling into a telephone. He will be in South Africa next month for the ITWeb Security Summit 2006, and will speak about social engineering and wireless security.
He runs Microsoft Windows XP Pro, Microsoft Windows 2003 Server, Debian, Gentoo and Solaris. Currently he's penning an autobiography to clear up some myths about himself. And no, you can't launch a nuclear attack by whistling into a telephone.
source:http://www.tectonic.co.za/view.php?src=rss&id=839
Stark warning over climate change
Rising concentrations of greenhouse gases may have more serious impacts than previously believed, a major scientific report has said. 
The report, published by the UK government, says there is only a small chance of greenhouse gas emissions being kept below "dangerous" levels.
It fears the Greenland ice sheet is likely to melt, leading sea levels to rise by 7m (23ft) over 1,000 years.
The poorest countries will be most vulnerable to these effects, it adds.
The report, Avoiding Dangerous Climate Change, collates evidence presented by scientists at a conference hosted by the UK Meteorological Office in February 2005.
The conference set two principal objectives: to ask what level of greenhouse gases in the atmosphere is too much, and what the options are for avoiding such a level.
It's the irreversibility that I think brings it home to people 
Hear the interviewIn the report's foreword, UK Prime Minister Tony Blair writes that "it is now plain that the emission of greenhouse gases... is causing global warming at a rate that is unsustainable."
Environment Secretary Margaret Beckett said the report's conclusions would be a shock to many people.
"The thing that is perhaps not so familiar to members of the public... is this notion that we could come to a tipping point where change could be irreversible," she told BBC Radio 4's Today programme.
"We're not talking about it happening over five minutes, of course, maybe over a thousand years, but it's the irreversibility that I think brings it home to people."
Vulnerable ecosystems
The report sets out the effects of various levels of temperature increase.
Enlarge ImageThe European Union (EU) has adopted a target of preventing a rise in global average temperature of more than two degrees Celsius.
But that, according to the report, might be too high, with two degrees perhaps enough to trigger melting of the Greenland ice sheet.
This would have a major impact on sea levels globally, though it would take up to 1,000 years to see the full predicted rise of 7m.
Above two degrees, says the report, the risks increase "very substantially", with "potentially large numbers of extinctions" and "major increases in hunger and water shortage risks... particularly in developing countries".
'Without delight'
The report asked scientists to calculate which greenhouse gas concentrations in the atmosphere would be enough to cause these "dangerous" temperature increases.
No country is going to turn off a power station which is providing much-desired energy for its population to tackle this problem
Currently, the atmosphere contains about 380 parts per million (ppm) of carbon dioxide, the principal greenhouse gas, compared to levels before the industrial revolution of about 275ppm.
To have a good chance of achieving the EU's two-degree target, levels should be stabilised at 450ppm or below, the report concludes.
But, speaking on Today, the UK government's chief scientific adviser, Sir David King, said that was unlikely to happen.
"We're going to be at 400 ppm in 10 years' time, I predict that without any delight in saying it," he said.
"But no country is going to turn off a power station which is providing much-desired energy for its population to tackle this problem - we have to accept that.
"To aim for 450 (ppm) would, I am afraid, seem unfeasible."
But Myles Allen, a lecturer on atmospheric physics at Oxford University, said assessing a "safe level" of carbon dioxide in the atmosphere was "a bit like asking a doctor what's a safe number of cigarettes to smoke per day".
"There isn't one, but at the same time people do smoke and live until they're 90," he told Today.
On the other question asked at the 2005 conference - what are the options for avoiding dangerous concentrations of greenhouse gases in the atmosphere? - the report says that technological options to reduce emissions do exist.
It concludes that the biggest obstacles to the take up of technologies such as renewable sources of energy and "clean coal" lie in vested interests, cultural barriers to change and simple lack of awareness.
'I want to build something that grows'
Even though Joshua Schachter was rumoured to be about $30m richer, this was far from his best Christmas. Just nine days after Yahoo bought his company, Delicious (http://del.icio.us), and at a time when all eyes were on it, the power failed - leading to a service outage that meant 31-year-old Schachter had to work all hours to fix the site's technical emergencies.
Small wonder that when I got in touch, the guy who invented one of the hottest new ideas online - and just sold it for a personal fortune - couldn't have sounded more miserable. Online, the gossip was about how much he sold for, and the reach of "user tagging", the idea that Delicious introduced. But Schachter, the site's creator, mainly sounded relieved to have the $57bn corporation taking over.
Why? Because from Delicious's inception in September 2003 until the founding of the actual company last March, he did most of the work himself. At times, it was incredibly stressful. "It would crash occasionally, and it would largely stay down until I could deal with it, but often it would happen while I was trying to get on planes. So I would be sitting on a plane trying to login from my PDA."
Double life
Until last March, Schachter led a double life. By day, he worked for Morgan Stanley, and by night was a key developer in the world of web technology. While most people go to Wall Street for money the way others go to Hollywood for fame, he joined for the geeking. "Working in finance with someone like Morgan Stanley, it's one of the only things you can do in New York that's technical, very creative, and pays enough to pay the rent. There's not a lot of pure tech there, I wanted to live in New York City, [but] I went to college for engineering, not business."
While work was great for Schachter, it didn't occupy him fully. Outside projects such as Delicious always caught his interest. "They were fun - a different community, and a different kind of fun. At the end of financial stuff you either made or lost some money. The stuff I built was the opposite - not with commercial intent, just to solve problems."
In 2001 the first version of what would become Delicious appeared - a web application called Muxway. Schachter explains: "I originally created [Muxway] to manage my own bookmarks. Before there even was a system, I just wrote little coded notes in a flat file I used for links, #wifi or #cs or whatever. And I could just search them out, so tagging significantly predates Delicious itself." What Schachter added next was the social aspect: Delicious is Muxway for everyone. Anyone could add tags to their bookmarks, and see each other's tags. Quickly, del.icio.us went from being a place to stash your own bookmarks to a place where you could quickly browse others's selection. Want to laugh? Look at what people have tagged as "funny".
It was simple compared to the complex website filing systems that companies such as Yahoo spend millions on, but it worked. Delicious was special from the start. "It's something I focused on enough to grow up. None of the other projects took over my life." As to why Delicious and not one of its many predecessors, Schachter says, "it was just so sticky. It was so useful and so compelling". It was the right time in his own personal life, and the right product.
Still, Schachter doesn't see himself as the startup type. "I made a thing, right? So call me a producer. I produce things. I would not say entrepreneur - the enterprise of the thing was always dragged along by the thing itself." In this case, the thing doing the dragging was the idea of tagging.
Others picked up Schachter's approach, and soon tagging became the must-have feature for web startups. Stewart Butterfield, chief executive of photo site Flickr, also a recent purchase by Yahoo, credits Schachter: "Joshua is the one who told me to add tagging to Flickr. I ignored him the first time, but I eventually got the idea."
Clay Shirky, a professor at New York University, studied tagging and advised Delicious. He describes Schachter as "the first person to figure out the social value of labelling. Any one person's labels are messy, inconsistent and partial, and are therefore much less valuable than formal classification systems. However, if there is a way to aggregate those labels, and therefore their value, they become more valuable than formal systems, because they are robust, socially accurate and cheap."
Big plans
It's not what Schachter set out to do, and he's not one to believe the buzz."I still don't know how big of an idea this is." That doesn't stop his dreams for Delicious from growing. He envisages the site becoming something that "stores and categorises and lets you share the digital pieces of your life - a large-scale outboard memory".
Schachter thought carefully about where Delicious would find a good home. "I tried to do the right thing for the developers, the company, and obviously for me. But it was not really about the money." He wanted "a place my employees could be happy, a place that would do the right thing for the product."
Publisher and Delicious investor Tim O'Reilly sees Schachter's work, and tagging itself, as part of a social memory project. "We have a vocabulary for innovation, when people add to the vocabulary the richness of the language allows other people to say new things. A lot of people are using [tagging] now in many ways.
For Schachter, it's all about handing over management to Yahoo and getting back to the code. "I want to build something that grows from large to huge. I don't know if I have another innovation in me, but it would be nice to try."
Curriculum vitae
Age 31
Education Graduated in 1996 with a degree in electrical and computer engineering from Carnegie Mellon University, Pittsburgh
Career Previous to del.icio.us, Schachter worked for Morgan Stanley. He worked in the New York City financial services industry for 10 years
Hobbies Schachter has set up several websites, including GeoURL and memepool.com. He also enjoys browser-based games such as Kingdom of Loathing, Travian and Urban Dead
source:http://technology.guardian.co.uk/weekly/story/0,,1694487,00.html
South Pole Neutrino Detector Could Yield Evidences of String Theory
| |
 |
No more than a dozen high-energy neutrinos have been detected so far. However, the current detection rate and energy range indicate that AMANDA's larger successor, called IceCube, now under construction, could provide the first evidence for string theory and other theories that attempt to build upon our current understanding of the universe.
An article describing this work appears in the current issue of Physical Review Letters. The authors are: Luis Anchordoqui, associate research scientist in the Physics Department at Northeastern University; Haim Goldberg, professor in the Physics Department at Northeastern University; and Jonathan Feng, associate professor in the Department of Physics and Astronomy at University of California, Irvine.
 Credit: NSF |
“To find clues to support string theory and other bold, new theories, we need to study how matter interacts at extreme energies,” said Anchordoqui. “Human-made particle accelerators on Earth cannot yet generate these energies, but nature can in the form of the highest-energy neutrinos.”
In recent decades, new theories have developed – such as string theory, extra dimensions and supersymmetry – to bridge the gap between the two most successful theories of the 20th century, general relativity and quantum mechanics. Quantum mechanics describes three of the fundamental forces of nature: electromagnetism, strong forces (binding atomic nuclei) and weak forces (seen in radioactivity). It is, however, incompatible with Einstein's general relativity, the leading description of the fourth force, gravity. Scientists hope to find one unified theory to provide a quantum description of all four forces.
Clues to unification, scientists say, lie at extreme energies. On Earth, human-made particle accelerators have already produced energies at which electromagnetic forces and weak forces are indistinguishable. Scientists have ideas about how the next generation of accelerators will reveal that strong forces are indistinguishable from the weak and electromagnetic at yet higher energies. Yet to probe deeper to see gravity's connection to the other three forces, still higher energies are needed.
Anchordoqui and his colleagues say that extragalactic sources can serve as the ultimate cosmic accelerator, and that neutrinos from these sources smacking into protons can release energies in the realm where the first clues to string theory could be revealed.
Neutrinos are elementary particles similar to electrons, but they are far less massive, have neutral charge, and hardly interact with matter. They are among the most abundant particles in the universe; untold billions pass through our bodies every second. Most of the neutrinos reaching Earth are lower-energy particles from the sun.
AMANDA, funded by the National Science Foundation, attempts to detect neutrinos raining down from above but also coming "up" through the Earth. Neutrinos are so weakly interacting that some can pass through the entire Earth unscathed. The total number of "down" and "up" neutrinos is uncertain; however, barring exotic effects, the relative detection rates are well known.
AMANDA detectors are positioned deep in the Antarctic ice. The NSF-funded IceCube has a similar design, only it has about six times more detectors covering a volume of one cubic kilometer. A neutrino smashing into atoms in the ice will emit a brief, telltale blue light; and using the detectors, scientists can determine the direction where the neutrino came from and its energy.
 The IceCube telescope and its predecessor, AMANDA, use optical sensors to locate the sources of high energy neutrinos. This picture shows the on-line display of neutrino event recorded by AMANDA. Author: Jodi Lamoureux, Credit: NSF |
“String theory and other possibilities can distort the relative numbers of ‘down’ and ‘up’ neutrinos,” said Jonathan Feng. “For example, extra dimensions may cause neutrinos to create microscopic black holes, which instantly evaporate and create spectacular showers of particles in the Earth's atmosphere and in the Antarctic ice cap. This increases the number of ‘down’ neutrinos detected. At the same time, the creation of black holes causes ‘up’ neutrinos to be caught in the Earth's crust, reducing the number of 'up' neutrinos. The relative ‘up’ and ‘down’ rates provide evidence for distortions in neutrino properties that are predicted by new theories.”
“The neutrinos accelerated in the cosmos to energies unattainable on Earth can detect the ‘footprint’ of new physics,” said Goldberg. “The ‘body’ responsible for the footprint can then emerge through complementary experiments at the new generation of human-made colliders. On all fronts, it is an exciting era in high-energy physics.”
More information about AMANDA and IceCube is available at the IceCube website, http://www.icecube.wisc.edu
source: http://physorg.com/news10295.html
Video captures octopus attack on sub in B.C.
Rare video footage shows a giant octopus attacking a small submarine off the west coast of Vancouver Island.
Salmon researchers working on the Brooks Peninsula were shocked last November when an octopus attacked their expensive and sensitive equipment.
 |
| (courtesy SubOceanic Sciences Canada Ltd ) |
The giant Pacific octopus weighs about 45 kilograms, powerful enough to damage Mike Wood's remote-controlled submarine.
Wood's first reaction was to panic, knowing the marine creature can exert a powerful bite.
"I go full reverse and blast him with all these seabed particles," said Wood, describing the attack shown in the video. "Finally, he lets go and disappears off into the gloom.
"It was desperation. It's a $200,000 machine, and it's not insured," said Wood, who runs SubOceanic Sciences Canada in Duncan, B.C.
The rare footage, which has just been released, is believed to be the first documented attack of an octopus on a sub.
"It was only afterwards when I replayed the video and I thought, 'Oh, yeah, that's pretty neat.' But at the time, it was just scary."
 |
| Mini-sub survived the attack. |
No one knows what caused the octopus to attack. It may have been curious, looking for a meal or a girlfriend, said Jim Cosgrove of the Royal B.C. Museum.
"It's certainly a mature male from what I can see in the video," said Cosgrove. "Old octopuses become what we call senescent, or senile, reaching the end of their life. And sometimes their actions are very inappropriate."
Such large, powerful animals deserve respect, Cosgrove said.
The octopus left unscathed. The submarine's only defence was its thrusters, but the machine survived the attack.
source:http://sympatico.msn.cbc.ca/story/science/national/2006/01/27/octopus060127.html
Jobs vs. Gates: Who's the Star?
Until recently, Bill Gates has been viewed as the villain of the tech world, while his archrival, Steve Jobs, enjoys an almost saintly reputation.
Gates is the cutthroat capitalist. A genius maybe, but one more interested in maximizing profits than perfecting technology. He's the ultimate vengeful nerd. Ostracized at school, he gets the last laugh by bleeding us all dry.
Cult of Mac
But these perceptions are wrong. In fact, the reality is reversed. It's Gates who's making a dent in the universe, and Jobs who's taking on the role of single-minded capitalist, seemingly oblivious to the broader needs of society.
Gates is giving away his fortune with the same gusto he spent acquiring it, throwing billions of dollars at solving global health problems. He has also spoken out on major policy issues, for example, by opposing proposals to cut back the inheritance tax.
In contrast, Jobs does not appear on any charitable contribution lists of note. And Jobs has said nary a word on behalf of important social issues, reserving his talents of persuasion for selling Apple products.
According to Forbes, Jobs was recently worth $3.3 billion which puts him among the 194th richest in the world, and makes him the 67th richest American. But the standings were shuffled on Tuesday with Disney's $7.4 billion acquisition of Pixar Animation -- a deal that makes Jobs' Pixar holdings alone worth some $3.7 billion.
But great wealth does not make a great man.
Giving USA Foundation, a philanthropy research group which publishes an annual charity survey, said Jobs does not appear on lists of gifts of $5 million or more over the last four years. Nor is his name on a list of gifts of $1 million or more compiled by Indiana University's Center on Philanthropy.
Jobs' wife is also absent from these philanthropic lists, although she has made dozens of political donations totaling tens of thousands of dollars to the Democrats, according to the Open Secrets database.
Of course, Jobs and his wife may be giving enormous sums of money to charity anonymously. If they are funneling cash to various causes in private, their names wouldn't show up on any lists, regardless of the size of their gifts.
For a person as private as Jobs, who shuns any publicity about his family life, this seems credible. If so, however, this would make Jobs virtually unique among moguls. Richard Jolly, chairman of Giving USA Foundation, said not all billionaires give their money away, but a lot do, and most do not do it quietly.
"We see it over and over again," he said. "Very wealthy individuals do support the organizations and institutions they believe in."
That's certainly true of Gates, who not only gives vast sums away, but also speaks up in support of the organizations and institutions he believes in.
This is not the case for Jobs. To the best of my knowledge, in the last decade or more, Jobs has not spoken up on any social or political issue he believes in -- with the exception of admitting he's a big Bob Dylan fan.
Rather, he uses social issues to support his own selfish business goals. In the Think Different campaign, Jobs used cultural figures he admired to sell computers -- figures who stuck their necks out to fight racism, poverty, inequality or war.
Jobs once offered to be an advisor to Sen. John Kerry during the 2004 presidential election, and he invited President Clinton over for dinner when Bubba visited Silicon Valley in 1996 -- hardly evidence of deep political convictions.
Jobs can't even get behind causes that would seem to carry deep personal meaning, let alone lasting social importance. Like Lance Armstrong, he is a cancer survivor. But unlike Armstrong, Jobs has so far done little publicly to raise money or awareness for the disease.
Given Jobs' social detachment, I'm confused by the adulation he enjoys. Yes, he has great charisma and his presentations are good theater. But his absence from public discourse makes him a cipher. People project their values onto him, and he skates away from the responsibilities that come with great wealth and power.
On the evidence, he's nothing more than a greedy capitalist who's amassed an obscene fortune. It's shameful. In almost every way, Gates is much more deserving of Jobs' rock star exaltation.
In the same way, I admire Bono over Mick Jagger, and John Lennon over Elvis, because they spoke up about things bigger than their own celebrity.
It's time for Jobs to do the same.
source:http://www.wired.com/news/columns/0,70072-0.html?tw
