Category Archives: Security

Air Quality Indicator

Amy Franceschini and some colleagues started a site based on the belief that “art can be a catalyst for social awareness and positive change”. Hmmm. Or is social awareness and positive change a catalyst for art?

Chicken before egg.

Anyway, I like (some of) their commentary and found this post might be a sign (ha ha) of things to come:

The project intersects with recent public debate in Copenhagen about air pollution in the city. In collaboration with Senior Scientist Jørgen Brandt from The National Environmental Research Institute in Denmark a first prototype is developed for making an indicator that can be placed in the city and display local levels of pollution as well as pollution forecasts on individual streets. The project holds an open source script for displaying data from the Internet in a variety of forms.

I like the information awareness and creative use of technology for health/security, but there also seems to be a whine or similar noise that cuts into the effectiveness of the free-soil signal. I mean how ironic is it that so many of these “back to basics” advocates require you to use Macromedia Flash to get their message? Roll up your pants and stick your toes in the ASCII, as my mother used to say…

                   ,~.
                ,-'__ `-,
               {,-'  `. }              ,')
              ,( a )   `-.__         ,',')~,
             < =.) (         `-.__,==' ' ' '}
               (   )                      /)
                `-'\   ,                    )
                    |  \        `~.        /
                    \   `._        \      /
                     \     `._____,'    ,'
                      `-.             ,'
                         `-._     _,-'
                             77jj'
                            //_||
                         __//--'/`          hjw
                       ,--'/`  '
                          '

The Deadly Blue Ring Octopus

I just found out from The Cephalopod Page that some octopuses have a venom that can quickly kill humans:

Typically, the victim is unaware of the danger and either picks up the innocuous looking octopus or inadvertently contacts it. The bite is slight and produces at most only a small laceration with no more than a tiny drop of blood and little or no discoloration. Bites are usually reported as being painless. Often the victim doesn’t even know that he had been bitten. This can make it difficult for emergency and medical personnel to determine the cause of a patient’s distress. In fact, there is some question as to whether the octopus even needs to bite to envenomate a human. In cases with prolonged contact, the venom might pass directly through the skin. While most severe envenomations appear to involve bites, I can report developing mild local neurological symptoms after immersing my hand in sea water in which a large blue-ring had been shipped.

Seems like powerful stuff. Probably most dangerous if you try to eat or drink the toxin. The damage potential of even a small octopus is impressive:

The toxin was characterized as a low molecular weight, non-protein molecule and was named maculotoxin. It was recognized to be similar to tetrodotoxin (TTX), the extremely deadly toxin found in pufferfishes Experiments with rabbits showed that a single adult blue-ringed octopus weighing just 25 g possessed enough venom to fatally paralyze 10 large humans.

Why so much? And how many rabbits had to die to figure that out? Interesting to note how these octopuses happen to produce and carry the toxin:
Blue Ring

Their salivary glands harbor dense colonies of TTX-producing bacteria. The blue-rings have evolved a symbiotic relationship with the bacteria, providing them ideal living conditions while using the toxin they produce to subdue prey and as part of their highly advertised defense.

There’s a beautiful picture of one available HERE, probably taken just before it killed the photographer, William Tan.

The national security risk of secure software

Here is a new twist on the Bush Administration’s concern about national security, and their concern about open ports (ha ha). The AP reports that the US government is worried that their intrusion detection system of choice is about to be purchased by an Israeli company:

The contrast between the administration’s handling of the $6.8 billion Dubai ports deal and the Israeli company’s $225 million technology purchase offers an uncommon glimpse into the U.S. government’s choices to permit some deals but raise deep security concerns over others.

[…]

Under the sale, publicly announced Oct. 6, Check Point would own all Sourcefire’s patents, source-code blueprints for its software and the expertise of employees.

One might think this would be less of a problem for national security if Sourcefire were open source; however, the article first suggests that officials are concerned about the fate of Snort, but then that they prefer it because it is open source. Doesn’t that contradict? Here, you figure it out:

The objections by the FBI and Pentagon were partly over specialized intrusion detection software known as “Snort,” which guards some classified U.S. military and intelligence computers.

[…]

Sourcefire’s protection and monitoring technology builds on the popularity of Snort, which was created by its chief technology officer and is distributed free. Unlike Sourcefire’s commercial products, Snort’s blueprints are open for inspection to assure it works as advertised. This makes it popular inside the U.S. intelligence community, even alongside more mainstream security products from Cisco Systems Inc. or Juniper Networks Inc.

The funny thing I’ve noticed with Sourcefire is how annoyingly complex the management console tends to be, which sort of eliminates the value proposition over Snort. Even if you just want to apply the latest patch to a Sourcefire system you have to download the code to one system, then upload that code to the management console, then push the code out to the sensor, then notify the sensor to install the code that you just pushed. It tends to be a terribly slow and clumsy process that I have to explain over and over again when training someone on the system. Don’t get me wrong, I like the technical aspects of Sourcefire (mostly as it is still a derivative of Snort) and appreciate the system’s capabilities, but the GUI can be a real headache.

Anyway, I guess it says a lot that Checkpoint would rather extricate all of its software from the US government than forgoe the acquisition of Sourcefire or allow all of the code to be open, at least to governments.

The DRM sleeps tonight

1939 was the year Solomon Linda recorded “Mbube” with The Evening Birds. 3rd Ear Music Forum has a nice write-up of the man who wrote the song commonly known as “The Lion Sleeps Tonight”:

This one’s for Solomon Linda, then, a Zulu who wrote a melody that earned untold millions for white men but died so poor that his widow couldn’t afford a stone for his grave. Let’s take it from the top, as they say in the trade.

[…]

What might all this represent in songwriter royalties and associated revenues? I put the question to lawyers around the world, and they scratched their heads. Around 160 recordings of three versions? Thirteen movies? Half a dozen TV commercials and a hit play? Number Seven on Val Pak’s semi-authoritative ranking of the most-beloved golden oldies, and ceaseless radio airplay in every corner of the planet? It was impossible to accurately calculate, to be sure, but no one blanched at $15 million. Some said 10, some said 20, but most felt that $15 million was in the ball park.

Which raises an even more interesting question: What happened to all that loot?

The problem with information is the ease of transfer. For example “identity theft” means someone else can profit by taking your identity and using it for their own financial gain without authorization. We all have multiple identities, if you will (e.g. father, brother, friend, son, boss) and an artist’s identity is often their business (singer, writer, comedian, etc.). The difference here seems to be that Solomon Linda was somehow convinced to transfer his identity/creation for only ten shillings.

Part Four: in which a moral is considered Once upon a time, a long time ago, a Zulu man stepped up to a microphone and improvised a melody that earned in the region of $15 million. That Solomon Linda got almost none of it was probably inevitable. He was a black man in white-ruled South Africa, but his American peers fared little better. Robert Johnson’s contribution to the blues went largely unrewarded. Leadbelly lost half of his publishing to his white “patrons.” DJ Alan Freed refused to play Chuck Berry’s “Maybellene” until he was given a songwriter’s cut. Led Zeppelin’s “Whole Lotta Love” was nicked off Willie Dixon. All musicians were minnows in the pop-music food chain, but blacks were most vulnerable, and Solomon Linda, an illiterate tribesman from a wild valley where lions roamed, was totally defenseless against sophisticated predators.