Sailing, Security

U.S. Navy Supercomputers Predict Weather Threats

Leave a comment

Calm waters mean greater chance of attack, as I mentioned recently, so weather forecasts can give a major advantage. CNet reports on the latest technology:

[The Fleet Numerical Meteorology & Oceanography Center] benefits from its immediate proximity to weather and supercomputing experts at the Naval Research Laboratory, the National Weather Service, and the Naval Postgraduate School, all of which are in Monterey. That allows Fleet Numerical’s team of just 13 officers, 13 enlisted, and 128 civilians to do a job that the National Weather Service’s own forecasting center needs at least three times the resources to do, while the U.S. Air Force’s needs twice as much, Sauer explained.

[…]

Fleet Numerical’s most powerful supercomputer is a Dell Linux cluster system known as A2 Emerald with 27.3 peak teraflops. But that runs the center’s unclassified global modeling, which brings in giant amounts of data from countries all around the world. Its classified and Top Secret computers are smaller, and are geared towards much finer resolution regional and local modeling.

Security

Bromium and the Bad Guys

2 Comments

Here’s a a very amusing quote from Simon Crosby of Bromium.

“Any approach that says we can stop the bad guys is basically a lie,” Crosby says. With Bromium, he hopes to turn a $20 billion enterprise security market on its head by proving we don’t have to stop them. We just have to keep them from getting to our sensitive data when we inevitably click that infected link.”

Is it just me or does the phrase “we just have to keep them from getting to our sensitve data” actually mean the same thing as stop the bad guys? I don’t see the distinction between keeping someone out and stopping them from getting in.

He and I traded perspectives on this topic last year on a roundtable called “Security in the Cloud: Data Sovereignty, Open Source and Multi-Tenancy” (MP3 Recording)

Perhaps this Wednesday he will clarify at the GigaOm conference in SF.

Security

Active Defense in Nature: Lions Forced into “Landscapes of Fear”

Leave a comment

The Journal of Applied Ecology has featured a study of predator behavior based on perceived risk.

…it is now well recognized that predators can impose strong top-down controls on ecosystems. What is less recognized is that even top predators live in landscapes of fear too…

Photo of Lion and Human PrintsLion and Human Prints by jit bag on Flickr, CC

The conclusion seems to be that people could be more effective managing risk if they better learn how to influence their threats. The following gives an interesting perspective on hack back (or active defense, etc.). Not only can the Lions be trained to avert and avoid humans and their assets but the humans have to also adjust (e.g. reduce their attack surface).

…if the behavior of the predators can be manipulated then the same should apply to the herders and their livestock. Herders need incentives to be more diligent during periods when depredation is most likely and keep their livestock within the zones that predators are induced to avoid. Livestock need to be allowed to develop their own landscapes of fear, which is impossible for the continually mixed and moved herds on public rangelands in the western USA, for example, where depredation by wolves is an increasingly contentious issue. Finally, the indigenous prey base has to be conserved or else large predators will have no future anyway.

The Human-Lion Conflict Toolkit, available from the Central Kalahari Lion Research (CKLR), will have to be updated. The CKLR also mentions “until beef-farming Africans and later Europeans moved in, humans were able to live quite well alongside the massive predator”.

Security

How Intelligence Makes You Vulnerable

Leave a comment

At the RSA SF Conference in 2010 my mother and I presented a talk called “There’s No Patch for Social Engineering“.

One of the key findings revealed in the talk (also explained in other blog posts and our 2006 paper) is that intelligence is not a reliable defense for social engineering. A press-release put it this way:

For seven years, Harriet Ottenheimer, a K-State professor emeritus of anthropology and a Fulbright scholar to the Czech Republic, and her son, Davi Ottenheimer, president of security consultancy flyingpenguin, collected and analyzed Nigerian 419 e-mails for clues that could be used to block these messages. These spam e-mails are called Nigerian 419 messages, or 419 for short. The number “419” refers to an article of the Nigerian Criminal Code concerning fraud.

[…]

Ottenheimer used her linguistic skills to decode the discourse of the scam e-mails and how they work on their victims. Primarily, she said, the victims have been well-educated westerners, such as such university professors, doctors, lawyers, financial planners and bankers.

The New Yorker just ran a story that provides similar results from a new study.

When people face an uncertain situation, they don’t carefully evaluate the information or look up relevant statistics. Instead, their decisions depend on a long list of mental shortcuts, which often lead them to make foolish decisions. These shortcuts aren’t a faster way of doing the math; they’re a way of skipping the math altogether.

[…]

A new study in the Journal of Personality and Social Psychology led by Richard West at James Madison University and Keith Stanovich at the University of Toronto suggests that, in many instances, smarter people are more vulnerable to these thinking errors. Although we assume that intelligence is a buffer against bias — ”that’s why those with higher S.A.T. scores think they are less prone to these universal thinking mistakes” — it can actually be a subtle curse.

This appears to me further proof of our conclusions in 2006 and presentation at RSA in 2010; the Advanced Fee Fraud (AFF) or 419 scam uses a bias attack vector that reveals smarter people can be more vulnerable.