Tuesday, July 19, 2005

fyi As Google Grows, How Much Does It Know About You?


Pointer to article: http://www.informationweek.com/story/showArticle.jhtml?articleID=166400224

Kobielus kommentary:
Yeah, Google knows more and more about you and me. But I’m not worried about them violating people’s privacy or leaving themselves open to identity theft in any major way.

Why am I not worried? It’s because Google is such a hugely visible player in the industry, and has so many competitors for all of its offerings, that any major screw-up would be a public relations disaster. More to the point, any negligence or evil on their part would devastate their business, driving customers away faster than a bit over broadband, deep-sixing Google’s stock price and street cred overnight.

Also, Google has a corporate conscience, hence is easily shamed and would quickly remedy any transgression—perceived or real--through substantive action. Should they screw up, they would—I suspect—immediately come public with it, shoring up their reputation before it can sustain major damage.

Competition, litigation, and shame--the chief checks and balances in the corporate world.

But, of course, as the article states, Google’s vulnerability to identity theft and privacy violation is growing. So what else is new? Identity theft has become the tabloid sensationalism-mongering topic of the year. Every company that collects even a shred of personal data on customers is more vulnerable—in the public’s minds, at least—simply because this threat is more salient in the culture now, and more lawyers are salivating at the prospect of initiating class-action lawsuits should any major or minor Internet company slip up.

It’s a fact. Our culture moves through these phases of fear- and greed-mongering, always latching on a new issue to launch the inevitable litigation. Google would be remiss if it didn’t have its people working on legal, PR, and technical counterstrategies in case it too gets swept up in the identity-theft hysteria.


Sunday, July 17, 2005

fyi Blogs Really Aren't So Unique


Pointer to article:

Kobielus kommentary:
I agree with Coursey’s thesis, but that’s beside the point.

I don’t quite care whether the blogging phenomenon goes the way of the CB radio. I don’t care whether blogging is all that different from other media. I don’t care whether my blog is looked upon as a self-indulgent vanity press-cum-diary. I don’t care whether people see my blog as flaky, pretentious, boring, ponderous, verbose, or mysterious. I don’t care whether anybody in particular is reading my blog. I don’t care whether anybody else sees any rhyme or reason to the motley assortment of topics and thoughts I post to this space. I don’t care whether I ever monetize or otherwise make a living from my blog. I don’t care if I get lost and ignored in the vast blogosphere. I don’t care whether blogging makes me hip or more deeply brands me as the nerd I’ve always been. I don’t care whether my blog is successful in any way at shaping or swaying minds and hearts. I don't care if you think I'm blogging to hear myself blog. And I don’t care if my blog posts are too long for the short attention spans out there.

I’m not doing this for out there. I’m doing this for in here. I just need an outlet for my ideas. Anybody who's ever known me should know by now that I live to create and spread ideas drawn from research and continual cogitation. I’ve been so accustomed for so long to having my well-crafted thoughts and words go plop in the void, that blogging for me is just more of the same ol same ol. I'm so used to being misconstrued that I need one place where the construing is all pure me. Where it's all me, only me, all the time, straight and direct, thinking whole thoughts and inscribing them in some sorta persistent medium in the public world.

And that’s fine with me. I blog simply to show that I’m still present and still paying attention. And still disseminating.


imho Don’t think RFID-tagging of humans is inevitable or desirable


A kind reader of this blog e-mailed to ask my opinion on the issue of whether RFID-tagging of human beings (such as prisoners or paroled sex offenders) was an inevitability, or was feasible/desirable and so forth. Here is the gist of my response to his stimulating discussion:

As regarding the possibility of embedding RFID tags in human beings, that's something people can choose to do or not do to themselves. Just another type of prosthetic. Or another type of piercing. Or tattoo. Or cosmetic. Or wardrobe. Or accessory. Or crutch. Ever since humans emerged as self-conscious beings, we've been modifying/extending/enhancing our god(s)-given endowments in all of these ways. But that should purely be left to individual choice. Nobody should be compelled by another--or by law/society--to deface or modify their body in any way. Similarly, RFID is a credential that someone may choose to embed in their being. It's not inevitable that society will some day force us all to do so. Has any society (other than, say, Nazi Germany) ever compelled people to tattoo an identifier into their skin? And that was clearly regarded as an inhuman thing to do.

Would it make sense to "RFID-tattoo" some subset of our society--say, prisoners, or paroled sex offenders--so as to monitor/control their movements? Would the perceived public danger from these individuals outweigh the abhorrence we feel at branding human beings in this way? Open questions.

Yes, anything's possible. But I don't see it as likely anywhere/anytime soon. Society has other means--such as public surveillance cameras--to track these suspect individuals, and also to track others who we don't yet suspect (such as the London subway cameras that were used after the fact to track down the suspected bombers). Public cameras capture a broad range of qualitative relevant to baddies, known and unknown, and seem like society's preferred control mechanism. For good and bad.

Besides, RFID-tagging of humans is unnecessary once everybody has a cellphone and can have their whereabouts tracked through that RF device. That day is fast coming. Yeah, the cellphone leash isn't pierced into your flesh, hence doesn't offer the strong authentication of RFID-tagging. But, in effect, it's just as good a beacon of your location/activities as any RFID tag. And the authorities can tap into your voice and data communications emanating from and to that device, which makes it a richer environment within which they can harvest privacy-sensitive identity-targeted info on people.

DNA fingerprinting is also becoming one of society's main tools for compiling a composite portrait of people's activities---especially those that don't involve any IT-based interaction.

So, between public surveillance cameras, cellphones/Blackberries/etc, and DNA fingerprinting (and wiretapping, subpoenas, etc.), the authorities already have considerable resources for strongly tracking people's every movement. All of those surveillance techniques have the advantage, from authorities' point of view, of being conducted in the background, undetectable by suspects. Mandatory RFID-tagging, by contrast, would be an overt fascistic inhuman approach that would arouse fierce resistance everywhere.

It just wouldn't sail in the real world. Or, more to the point, I hope it doesn’t sail. I hope it sinks into the abyss of dystopic horror scenarios that never come to pass. But further inroads on our privacy from various technologies/techniques are well-nigh inevitable.



Friday, July 15, 2005

fyi IBM, Microsoft to ship another Web services security protocol to standards body


Pointer to article:

Kobielus kommentary:
These critical WS-* security specifications have been in draft stage for so long that it’s easy to forget that they’re not ratified de jure standards.

All of them are important for full-fledged identity and security specifications: the ones being submitted to OASIS (WS-Trust, WS-SecureConversation and WS-SecurityPolicy) and the ones yet to be submitted (WS-Federation and WS-Policy). I anticipate that all of these--except WS-Federation--will have clear sailing through the OASIS standardization process. And that’s because all of them—except WS-Federation—have the “legs”: well-wrought specifications, considerable industry support, and no direct rivals. WS-Federation is a good specification—don’t get me wrong. But it largely competes against well-entrenched rivals—SAML 1.x/2.0 and Liberty ID-FF 1.x/ID-WSF 1.x. And WS-Federation only has a handful of firm (albeit powerful) supporters—principally Microsoft and IBM. It’s quite likely that OASIS—once Microsoft/IBM submit the spec—will be folded into the next major version of SAML (beyond 2.0).

Getting standards ratified by OASIS or whoever is only half the game, where Web services/SOA security is concerned. Ratification is only one step on the roadmap to maturity of these standards. Before we can truly consider identity/security federation a mature, full-feature, mainstream approach to distributed security, the WS-* stack needs to jump the following hurdles:

• OASIS ratification: Dominant standards need to be ratified by OASIS in all of the principal identity/security functional service layers. Clearly, as the article states, that process will still take 2-3 years, at minimum, to complete. So we’re still talking 2008, at the earliest, before a full set of industry-consensus WS-* identity/security standards is ratified.
• Vendor implementation: Vendors don’t always implement OASIS- or whoever-developed standards at the same rate. Considering the wide range of WS-* identity/security standards and the wide range of vendors that will need to implement some or all of them to enable full-fledged federation, it would be quite surprising if the core group of “everybody implements ‘em” standards expands much beyond today’s status quo—WS-Security and SAML—by the end of this decade.
• Implementation profiling: And vendors, even when they say they implement the same standards, often implement them in very different ways, with the obvious impact on interoperability. The Web Services Interoperability (WS-I) Organization is the principal implementation profiling group in the Web services arena. So far, the only security standard that it has profiled is WS-Security (in addition to the core WSDL, SOAP, and UDDI standards). In profiling a standard, WS-I is sending a signal to industry that the profiled standard is mature and widely adopted, hence critically in need of a common implementation framework. Does anybody imagine that WS-I will begin to consider profiling the other WS-* identity/security standards/specs--WS-Trust, WS-SecureConversation WS-SecurityPolicy, WS-Federation and WS-Policy—any time before the end of the decade? They should focus first on SAML 1.1, which is definitely mainstream and badly in need of WS-I profiling. Also, XACML and SPML should be profiled soon, based on the fact that they’ve already been ratified and are being adopted widely.

So, to sum up, identity/security federation won’t truly mature as a full-fledged approach until these milestones—ratification, implementation, and profiling—have been crossed for the core WS-* standards and specifications in the principal functional layers. And that won’t happen till 2010, at the very earliest. More likely, 2011 or 2012.

Of course, enterprises can and should continue to deploy identity/security federation environments before the standards picture shakes out completely. The business benefits from federation are undeniable, and the current products/standards are more than sufficient for lots of federation scenarios.

But submitting a specification to a standards group doesn’t make that specification mature. Plenty of specifications die in committee. Or, if they’re approved/ratified, die in the marketplace. Or are effectively abandoned and ignored by their creators.

So curb your enthusiasm for these WS-* identity/security specs till we see how the marketplace shakes it all out.


Thursday, July 14, 2005

fyi Sun to expand open-source moves into secure ID arena


Pointer to article:

Kobielus kommentary:
This is an important announcement. The underlying IdM federation components are becoming commoditized as the standards stabilize, get profiled and implemented widely, and as vendors distinguish themselves through the deeper IdM product sets. Also, more and more application server, middleware, IdM, and security infrastructure components are going the open-source route, with Sun, Novell, IBM, and pretty much everybody else (except for Microsoft) leaning strongly in that direction. Increasingly, IdM vendors distinguish themselves through professional services, vertical market applications, and IDEs.

It’s becoming possible to build an end-to-end federation IdM environment with standards-based open-source components. SourceID has been the principal purveyors of open-source IdM: SAML, WS-Federation, Liberty, etc. Separately, the OpenSAML (www.opensaml.org) and Shibboleth open-source codebases have been around for a few years. There’s also an open-source implementation of an WS-BPEL orchestration server (www.openbpel.org) that might be used as the workflow component of an account provisioning infrastructure, in conjunction with the open-source SPML implementation (www.openspml.org).

All of those are available under free open-source licenses for orgs that are serious about building federated IdM infrastructure and tailoring that infrastructure to requirements that the commercial vendor tools may not support, or may not support without considerable customization and professional services handholding.

Whether one goes with a commercial federated IdM solution or sundry open-source IdM components, the bottom line is “some assembly required.” And that doesn’t come cheap.


Wednesday, July 13, 2005

fyi Industry looks to unite again to tackle spyware


Pointer to article:

Kobielus kommentary:
The Anti-Spyware Coalition (ASC) has produced a well-written, crisp, authoritative definition of spyware, plus discussion of an industry governance process (“Vendor Dispute Resolution Process”) and user protection guidelines (“Anti-Spyware Safety Tips”).

My only other comment on the draft is that ASC seems to suffer from dynamic scope creep. They seem to lump all malware into the core definition of spyware, thereby diluting their focus. The coalition defines spyware as follows:

• “In its narrow sense, Spyware is a term for Tracking Software deployed without adequate notice, consent, or control for the user. In its broader sense, Spyware is used as a synonym for what the ASC calls ‘Spyware and Other Potentially Unwanted Technologies.’ In technical setting, we use the term Spyware only in its narrower sense. However, we understand that it is impossible to avoid the broader connotations of the term in the colloquial or popular usage, and we do not attempt to do so.”

Further blurring the distinctions between spyware and other malware, they offer this further definition of the former:

• “Spyware and Other Potentially Unwanted Technologies: Technologies implemented in ways that impair users’ control over: material changes that affect their user experience, privacy, or system security; use of their system resources, including what programs are installed on their computers; and collection, use, and distribution of their personal or otherwise sensitive information. These are items that users will want to be informed about, and which the user, with appropriate authority from the owner of the system, should be able to easily remove or disable.”

I have no beef with this broader definition of malware generally. Actually, I think the ASC should rename itself the AMC (Anti-Malware Coalition) and attack the more general problem of which spyware is just one variant. Their core definition of malware highlights what, imho, is the defining feature: unsolicited, remote, persistent third-party tampering with other people’s computing and network resources.

With that as the guiding definition, I would rename malware as “tamperware” and suggest that “tamper-evident computing” should be the principal framework for defining prevention, detection, and remediation approaches.

From the user’s point of view, how can they immediately detect tampering with their computing resources, whether that tampering takes the form of spyware, adware, backdoors, bots, browser helper objects, browser plug-ins, cookies, dialers, DDoS attacks, downloaders, droneware, hijackers, keyloggers, password crackers, rootkits, screen scrapers, tricklers, trojans, viruses, worms, or zombies? How can software publishers ensure that their products are delivered to requesting users in a way that both users and publishers recognize is consent-driven, authorized, legitimate, and doesn’t create the conditions under which those products might be mistakenly tagged as tamperware? How can users reasonably give full consent (and know/accept the consequences of that consent) when they’re dealing with a steady stream of complex software downloadables that issue from various publishers, get installed/configured in sundry complex ways, and interact with local and remote programs in such a way as to open up the gates to still more software that may try to slip nasty stuff down without consent?

The industry governance issues surrounding all of this are daunting. How can software publishers ensure that their products don’t cross the tricky borderzone into apparent tamperware, and how can they make sure that false-positive tamperware identifications get reversed immediately across all anti-tamperware programs so as to not impair their continued ability to do business? How can even the most technically astute users ensure that they’re granting consent only to the most trustworthy software publishers who’ve engineered their download, installation, EULA/registration, and configuration features in such a way as to not cross the nasty divide into tamperware territory?

And how can we make our computer operating environments, like the containers in which over-the-counter medications are dispensed, reliably tamper-evident?


Tuesday, July 12, 2005

fyi Subway Fracas Escalates Into Test Of the Internet's Power to Shame


Pointer to article:

Kobielus kommentary:
Tell you what makes me shudder: this notion of “flash mobs” that materialize out of seemingly nowhere in physical space, focused on some particular place and time, driven by a common communication thread (IM, e-mail, SMS, VoIP, etc.) visible only to themselves. Sounds like a key new strategy of terrorism, guerilla warfare, and bullying everywhere. Though flash mobs, in their initial incarnation, have mostly emerged for benign reasons.

This article points to a related phenomenon: virtual teams on the Internet that emerge to humiliate someone who may or may not deserve it. This South Korean lady’s minor offense apparently was failure to scoop her dog’s poop on the subway. It’s also been said that the lady was recalcitrant and belligerent. She wasn’t without blame.

But some unkind people on her train took their grievance way too far. They took phonepics of her and her offending doggy doo, posted them to the Web, urged others to dig up other doo doo on her personal life, and post that as well. Before long, the public humiliation got out of control, and the lady was so shamed that she had to quit her job.

Do some people have nothing better to do with their time than heap cruel abuse on strangers over extremely petty offenses? It’s clear that many people hide behind anonymity and distance in order to engage in reckless endangerment. That’s why the world’s swarming with viruses, worms, and their ilk. Now this “Dog Poop Girl” incident underlines the human analog of malware: people joining online forces to inflict personal pain on other people.

It’s the evil side of collaboration. Call it mallaboration.


fyi No Dozing, Doughnuts at Office of Future


Pointer to article:

Kobielus kommentary:
No. No. NO! Don’t turn my office into a gym. Keep my gym a gym, my office an office, and my home a home. For my mental hygiene, let me keep each environment entirely separate from the others. I work out in my gym. I work-work in my office. I don’t work in my home—except for the office space in my basement where I do my freelance writing.

I actually enjoy going to the gym. Egidia and I do so most days of the week, and it’s a welcome break from the pressures of our jobs, and also the pressures of our home (we have teenage children, bills to pay, etc.). We’ve been doing it continuously for the past 3 years, and it’s now an established, much-needed, eagerly anticipated habit. When I’m on the treadmill, I am quite deliberately working to melt all the stress from that day into a pool that can be washed down the drain by the gym staff. Putting a treadmill and other gym equipment in my home, or in my office, defeats that whole purpose. Having to interact in the gym with people (such as co-workers, offspring, etc.) from those other environments would simply add stress—not subtract it—from the lactic load on my poor battered nervous system.

Working my body calms me down—bottom line—and centers my spirit somewhere inside my torso. Also, it gives me a chance to compare my body with other people’s. Yeah, snigger and take that statement any way you wish, but I measure my progress toward the desired form by the extent to which my current shape matches those around me with the best biceps, triceps, abs, delts, etc. No, I’m not becoming a preening narcissist. My core payoff from working out is the calming, the easier breathing, and the other internal-focused benefits. But working out gives me a feeling of efficacy in the sense that I actually can—by applying the intensity and work ethic that people have long known defines Jim Kobielus—sculpt my body to something I can be prouder of. No, it hasn’t made me taller, broadened my shoulders, regrown hair on my head, or given me a handsomer face. But I’ve brought my 5-foot-6 body down to my optimal weight—140 lbs.—and kept it there. As my 46-year-old self moves ever further into old-man territory, I can at least look at my aging body with some degree of self-satisfaction. I’m not the pudge I was.

Everything in its right place. My office provides me with plenty of what this article calls “non-exercise activity thermogenesis” (NEAT) to keep my weight under control. What they call NEAT I call work. Or rather, work performed continuously and restlessly with Jim Kobielus style intensity. The same intensity that has been programmed into my very existence by the roll of the genes and my particular life experiences.

I like working. And working my body. And working on keeping those worlds from invading the inner sanctum of my home life.

I like sitting down at work, looking, dressing, and behaving like a professional. Don’t bring running tracks and weightlifting equipment and hockey sticks into my office. I don’t want to have to dodge you or your flying pucks when I’m trying to discuss work.



Monday, July 11, 2005

cartoon Gerald McBoing Boing


Pointer to cartoon:

Kobielus kommentary:
I've been looking for this for years. I've never seen it before. But it didn't disappoint.

Here's the description from the website:

"Gerald McBoing Boing won the Academy Award as best animated short subject for 1950. The competition was an MGM Tom & Jerry cartoon Jerry's Cousin, and another UPA entry Trouble Idemnity with Mr. Magoo. It was a major triumph for UPA--formal recognition of their groundbreaking efforts.
This film--one of the finest ever made--had an impact that was both immeadiate and long-lasting. The concept came from Dr. Seuss, who as Theodore Geisel, had worked with some of the UPA staff on army films during WWII. His story, and rhyming dialogue, was adapted for animation by Phil Eastman and Bill Scott. Director Bobe Cannon and designer Bill Hurtz's concept was--less is more--how few lines could they use. The action was charted, then the music written to that action before it was animated by Bill Melendez, Rudy Larriva, Pat Mathews, Willis Pyle, and Frank Smith. Next Jules Engel and Herb Klynn added the bright, flat colors in the background, broken only by the sparest of "props." Different colors were used to convey different moods thoughout the film."

Now my two cents on it:

This is a wonderful little cartoon, an exquisite and elegant composition from beginning to end (slightly less than 7 minutes). You'll need RealPlayer to watch this stream. Watch it all the way through, then restart it and simply listen to it all the way through. Then watch and listen. Stop the video at any point and marvel at the economy, balance, use of fine line, and richness of color and texturing in every frame. Check out how fluidly one scene gives way to the next. How the action is expertly punctuated by the sound effects and score at every point. How the narrator intones it all in a jaunty script that so totally anticipates the more minimal Dr. Seuss to come later in that decade. It's not really minimalistic--it simply doesn't waste a single compositional element, and pares it all down to the absolutely essential. And it's a fun unpretentious piece of animation. Bright and brilliant no matter how you take it.

Clearly, a cinematic milestone. Boingboing. Bump-bum. Dang dang dang dang. Ah-ooga. Booooooooooooooooooooooooooooooooooom.


fyi TV technology at edge of legal frontier


Pointer to article:

Kobielus kommentary:
Re Slingbox, what struck me about this article was the crux question:

• Does the consumer have the right to place-shift as they do time-shift their content?

Well, duh, time-shifting is also, of necessity, place-shifting. You record a program onto a portable medium—such as videocassette—in order to have the freedom to watch it later and anywhere. Or to have the freedom to give it to someone else so that they can watch it later and anywhere. A more fundamental question is:

• Does the consumer have the right to place-shift without time-shifting, so that someone somewhere else can consume that content in real time as it streams?

Which raises the subsidiary question:

• What if that “someone somewhere else” is in fact simply another device of my own that I’ve designated as my alternate client app for watching it right now, or offsite storage and backup unit for the purpose of allowing myself, or someone in my household, to watch it later at that other site, or to allow myself to retrieve it from that backup site in order to watch it back at the primary site?

Well, I'm not a lawyer, but I'm sure most people will agree that we have the right to be able to consume all content that we pay for in any way we wish. In terms of mass piracy-enabling, the Slingbox doesn’t seem to support multicast or broadcast place-shifting, so the content providers of the world shouldn’t freak out just yet. I seriously doubt that the courts will quash a device that simply operates as a one-to-one relay. But it’s only a matter of time before multicast mode is built into Slingbox and similar mass-market devices. Which raises the further question:

• Why fight a development—consumer multicast--that’s inevitable and of obvious value, even if it makes life a bit trickier for IP defenders?

But the media companies will fight it vigorously. Prepare for several years of screaming headlines and gradual grudging eventually grateful acceptance. Grateful? The media companies will eventually figure out how to profit in unforeseen ways from this new development. And they’ll forget how scared and defensive they were when the technology was first introduced. As they did with TV, videocassettes, etc.


Friday, July 08, 2005

fyi Tsunami warning hits the spam barrier


Pointer to article:

Kobielus kommentary:
Doesn’t surprise me at all. Consider for a moment the provenance and tone of spam. First off, spammers often try to pass themselves off as an “official” this or that in order to phish for your personal info, or to “sell” you some crap, or simply to get you to open the message. Secondly, spammers often use appeals to the basic human emergency/urgency-drivers--fear, uncertainty, anxiety, inadequacy, doubt, (greed, horniness, etc.)—to get your immediate attention. Thirdly, all of these pandering pronouncements are issued in bulk out of the blue, with no warning. Taken together, these are the ingredients of the “sucker born every minute” spamiverse.

These are also the hallmarks of tsunami alerts and other legitimate emergency messages: issuing from on high, appealing to FUD, and blanketing the world with “act now” alarms. I don’t know about you, but almost four years of post-9/11 vigilance and alerts have got me all alerted out. Call it post-traumatic compassion fatigue and fatalism. Sad thing was, when I learned of the terrorism tragedy yesterday in London, I checked out CNN’s website briefly and went back to work, not even recalling the incident till I got home and informed my family. And we all just sort of shrugged. Not that we’re insensitive, but that we’re numbed and our emotions blunted by living under this cultural environment.

Getting back to legitimate tsunami alert messages that get blocked by being falsely tagged as spam, this is another potential tragedy in the making, when a real emergency hits. Spam filters are exquisitely optimized to filter out the “boys who cried wolf” to the point that, when the real wolf pushes his way into our midst in sheep’s clothing, spam will lay us down with the lamb to be eaten alive. Unless we can somehow still detect the real wolf within the steady stream of false wolves.

Or send out the legit alerts through all or most media simultaneously, and not tie every single medium to the same spam filters. In that way, the legit alerts can get to us through some unblocked channels, and then trigger we as human beings to alert each other with more targeted personal messages.

Such as, “Bob: This is Jim. There’s a huge wave crashing over the beach a mile away. It’ll be here in just a few minutes. Looks like a tsunami. Tell everybody in your end of the resort to run like hell to higher ground. This is no f***ing joke. Run!”


Thursday, July 07, 2005

fyi Q&A: An Internet Pioneer Looks Ahead


Pointer to article:

Kobielus kommentary:
Here’s one of the scariest pronouncements I’ve ever read, for reasons both technological and theological:

“The better you design a system, the more likely it is to fail catastrophically. It's designed to perform very well up to some limit, and if you can't tell how close it is to this limit, the collapse will occur suddenly and surprisingly. On the other hand, if a system slowly erodes, you can tell when it's weakening; typically, a well-designed system doesn't expose that.”

I’m not sure if I agree with that grand statement. If Leonard Kleinrock had cited a few examples to bolster this assertion it would have greater credence. Is this supposed to make us swear off structured, top-down, waterfall system development approaches forever? Is that all pure Frankensteinian hubris that will produce monsters destined to run amok and torch the castle wherein they were created? Should we instead let rogue teams of maverick programmers attack any problem they see with any available code they can slap down on a moment’s notice, regardless of whether it duplicates others’ work, or whether it conflicts with or fails to interoperate smoothlessly with legacy systems? Without regard for what high-level architecture, if any, that it figures into? And what do we say to the deists who regard all of creation as figuring into God’s master plan, which, by definition, is the best-designed system of all? That it’s all destined to “fail catastrophically”? That Armageddon is the fate in any God-designed order of things?

Getting back to earth for a moment, and to the interview with Kleinrock, he contradicts himself in the very next paragraph:

“So, how can complex systems be made more safe and reliable? Put the protective control functions in one portion of the design, one portion of the code, so you can see it. People, in an ad hoc fashion, add a little control here, a little protocol there, and they can't see the big picture of how these things interact. When you are willy-nilly patching new controls on top of old ones, that's one way you get unpredictable behavior."

Huh? Follow the train of my puzzlement on this for a moment. The best-designed systems are those that surface their overall structure, behavior, and controls in the most visible, maintainable, monitorable, extensible way. And these are the systems that Kleinrock says are doomed to fail catastrophically. So how does he propose to save them from self-immolation? By surfacing the control code even more saliently! By making them even better designed! In the previous paragraph, he implied that chaotic bottom-up development produces the most stable structure. In this paragraph, he says that chaotic development is to be avoided, in favor of structured top-down development! I don’t get it. He’s trying to have it both ways.

Actually, I think that, in the final analysis, he’s arguing that the Second Law of Thermodynamics is God’s fundamental law, that the best-designed systems are those that hint at grand eternal plans but slowly melt into entropy, accepting the inevitability of a steady stream of localized fixable malfunctions, thereby warding off the “Big Crunch” that some say will reverse the plan burst forth in the “Big Bang.” How else to interpret Kleinrock’s statement: “On the other hand, if a system slowly erodes, you can tell when it's weakening; typically, a well-designed system doesn't expose that.”

Is the Internet—Kleinrock’s Big Bang—eroding around us? Are spyware, spam, viruses, Trojans, DDoS, and other assaults on the matrix a sign of this? From a systemwide point of view, they’re all more or less “localized fixable malfunctions,” and none of them has crashed the Internet as a whole, which keeps, bottom-up, layering new controls over old to keep the rickety structure operating reason ably well. If Kleinrock’s perspective is valid, should we doubt that a localized Armageddon can ever crash the Internet as a whole?

I certainly hope so. My hope is the only certainty I know on this matter. Hope expressed through prayer, secular or otherwise, to the cybergod(s).


Wednesday, July 06, 2005

fyi Phishing Attacks Reach All-Time High


Pointer to article:

Kobielus kommentary:
Identity theft is fast becoming the most ferocious new bete noire of the cyberworld, crowding out spyware, spam, and viruses for that dubious honor. Over the past several months, the mass media have splashed ever scarier cover stories, consumer alerts, and other breaking news on people who’ve had their identities spoofed, credit cards hijacked, and assets looted by unseen strangers lurking out there on the Internet.

Indeed, identity theft is potentially more damaging to people’s lives than spyware, spam, and all the other online threats put together. Amid the growing hysteria, the IdM industry sees a big black eye in the making. Naturally, they’re worried, and they’re beginning to formulate strategies for identity theft prevention, detection, and remediation. In June, for example, Liberty Alliance formed a working group to develop best practices that will help business and consumers to prevent online identity frauds. In a similar vein, Microsoft recently announced a retooled IdM federation strategy—the Identity Metasystem—that underlines the need for identity-theft and privacy protection.

The unspoken subtext behind these initiatives is that trust—the foundation of IdM federation--is in jeopardy if the industry doesn’t proactively address identity theft on many levels. The stakes couldn’t be higher. What’s most worrisome is the growing prevalence of phishing, pharming, and other social-engineering ploys to steal user passwords, credit card numbers, bank account numbers, and other critical information. These frauds strike at the very heart of federation: users’ trust in the authenticity of IdPs. If you can’t trust that the party to whom you’re presenting credentials is in fact who they claim to be, then nothing’s truly secure and people will be much less likely to transact business online.

Likewise, the growing range of well-publicized break-ins to corporate databases, some of which resulted in theft of hundreds of thousands of user credit card numbers, have further shaken people’s trust in IdPs’ ability to safeguard this critical data. Massive theft of passwords, credit cards, and other credentials creates a corresponding trust loss: IdPs who’ve been victimized can no longer trust that the individual presenting these credentials is who they claim to be.

In the face of never-ending identity thefts, the only way out of this downward spiral is to continue reissuing new credentials to the impacted users, but only after those users have been proofed to strong assurance by reputable agents, and only if the new credentials rely on biometrics for strong authentication. Clearly, that theft-unfriendly IdM environment is a long way from being implemented in the real world, and would be quite expensive, complex, and cumbersome to deploy universally.

Some have argued that federated IdM is a fundamentally flawed approach that encourages identity theft. Nothing could be further from the truth. There’s nothing inherently insecure about federation protocols—such as SAML and Liberty Alliance ID-FF—or in the way they’ve been implemented by vendors and enterprises.

Rather, most identity theft has its origins in the massive online market for bulk user personal data of the sort that many consumer-facing businesses collect in normal operations. Identity merchants indiscriminately buy, sell, and resell this information to anybody who can put up the bucks. By the same token, enterprises, carriers, and other IdPs frequently implement lax controls on external access to identity information in their databases and directories, thereby encouraging frequent hack attacks. This is wholesale identity harvesting, as opposed to the low-yield but persistent phishing and pharming attacks that undermine popular confidence in IdM environments but result in relatively few criminal-fraud incidents.

For sure, the federated IdM industry isn’t the only sector of our economy that’s looking for solutions to the multifaceted problem of identity theft. But the federated IdM market realizes that this is a showstopper bread-and-butter issue for them. It threatens to overshadow all of their other efforts to create a universal trust environment for interoperable e-business.

To their credit, the industry realizes that technical standards alone aren't the answer to identity theft and fraud. The threat is so multifaceted, pervasive, and stubborn that it must be addressed with federated IdM best practices that also encompass various business, legal, consumer education, and other considerations. That cross-disciplinary approach to identity theft protection—not purely technical approaches--should be the ongoing focus of work at Liberty Alliance and other industry groups.


Tuesday, July 05, 2005

fyi Microsoft Reportedly in Talks to Buy Adware Developer


Pointer to article:

Kobielus kommentary:

I keep promising myself that I won't blog so frequently on Microsoft topics. And then they hand me more juicy red meat.

Re this Gator/Claria acquisition, I don’t get it. Microsoft recently acquired Sybari to boost its anti-virus portfolio, acquired Giant so it could go all-out on anti-spyware, developed Sender ID and Exchange Edge Services so it can give spam a run for its money, developed IE7 to enable pop-up blocking natively in its browser, and promulgated its Identity Metasystem/InfoCard initiative to address privacy and identity-theft protection more aggressively. Now apparently it wants to negate all of those positive moves with a big foray into the adware arena. As if somehow Microsoft needs to seize even more power over our every keystroke and mouseclick. As if their presence in the cyberworld wasn’t already overwhelming to the point of strangulation.

They need to rethink this move. And right away. I migrated recently to Mozilla Firefox precisely to get away from the IE6 pop-up insanity. What sort of signal does want to send to the market with its overture to Gator/Claria? That pop-ups are now a good thing, as long as they’re Microsoft-sponsored and/or –sanctioned pop-ups?


Friday, July 01, 2005

fyi Microsoft Wants a Piece of the Ajax Action


Pointer to article:

Kobielus kommentary:
A few months ago, I published an opinion in Network World on the growing interest in a standards-based enriched-browsing approach called “AJAX” See http://www.networkworld.com/columnists/2005/042505kobielus.html

Soon thereafter, several rich Internet application (RIA) vendors e-mailed to protest that I had referred to their products/approaches as “partially proprietary.” I dealt with their objections one by one, citing chapter and verse from their various product whitepapers, marketing presentations, and so forth. I still stand by that statement.

One of those vendors also protested that AJAX isn’t on a functional par with his or his rivals’ RIA approaches. And I didn’t disagree with his statement, because I didn’t argue otherwise in my column. At least twice in that column I referred to AJAX as a “common denominator” approach that developers can use to put some rich browser-based interaction into their Web apps. The term “common denominator” should have clued the reader to the fact that they can get richer browsing functionality if they go with RIA products from Macromedia, Laszlo, Nexaweb, and other vendors. And from Microsoft too, whenever they ship Windows “Longhorn” with “Avalon” and “Atlas.”

To the RIA vendor who pointed out that AJAX isn’t up to functional par, I suggested that they might reposition their solutions as “AJAX++” (just as today’s RIA is effectively “DHTML++). He wasn’t too keen on that suggestion.

But it was a serious comment. Just as every MOM, EAI, and BPM vendor is repositioning their products under such nouveau buzzphrase approaches as “SOA” and “ESB,” today’s RIA vendors will increasingly need to position their approaches with respect to AJAX. And that’s for no other reason than the fact that the RIA paradigm has subtly shifted toward reliance on open universally deployed browsing standards and away from proprietary approaches. To the extent that AJAX (er…RIA) vendors can show that they are more standards-based than the next vendor, they’ll be providing developer/customers with reassurance that Web apps developed with their enriched browsing tools and executed on their server runtimes can be deployed out to the widest range of browser clients WITHOUT NEED FOR MUCH OR ANY PLUG-IN BROWSER FOOTPRINT.

Quite frankly, Microsoft will soon be able to demonstrate that it implements Ajax-enabling open standards (especially XAML) and requires no browser plug-in (because AJAX/Avalon/Atlas will be built into the basic OS). Also, they’ll have an embedded AJAX/RIA capability embedded in the world’s predominant OS.

So Microsoft, unless something radically changes the game, will own the AJAX/RIA/enriched browsing space by the end of this decade.