links for 2007-07-04

Ready to Switch?

I was disappointed the only IE competitor mentioned was Firefox. Opera, Safari, and Netscape are well known enough that it would behoove a more balanced view to mention them as well.

My only use of IE lately is replicating a user problem I can’t replicate in Firefox and the very, very infrequent case a web site site doesn’t work in Firefox or Netscape. 🙁 Quite frankly, it scares me to surf with IE. Of course, I am the person my friends call about cleaning up their computer when it runs slow because it is a computer virus, spyware, and adware infested mess. So my fears are based on the horror of cleaning up the after effects of using IE.

Internet Explorer Unsafe for 284 Days in 2006 – Security Fix

For a total 284 days in 2006 (or more than nine months out of the year), exploit code for known, unpatched critical flaws in pre-IE7 versions of the browser was publicly available on the Internet. Likewise, there were at least 98 days last year in which no software fixes from Microsoft were available to fix IE flaws that criminals were actively using to steal personal and financial data from users.

In a total of ten cases last year, instructions detailing how to leverage “critical” vulnerabilities in IE were published online before Microsoft had a patch to fix them.

Microsoft labels software vulnerabilities “critical” — its most severe rating — if the flaws could be exploited to criminal advantage
without any action on the part of the user, or by merely convincing an IE user to click on a link, visit a malicious Web site, or open a
specially crafted e-mail or e-mail attachment.

The small mention of competitors:

In contrast, Internet Explorer’s closest competitor in terms of market share — Mozilla’s Firefox browser — experienced a single period lasting just nine days last year in which exploit code for a serious security hole was posted online before Mozilla shipped a patch to remedy the problem.

Technorati Tags: , , , , , , , ,


Sorry I’ve neglected this site.

  1. Work has keep me pretty occupied.
  2. TiVo rules my life.
  3. New city and things to do have kept me out of the house more than normal.
  4. I’ve found some pretty good places to blog.
  5. People read blogs now.


Some suggestion:

  1. Visit my Flickr photos.
  2. Visit my Livejournal blog (mostly Friends only)
  3. Visit my bookmarks.

The above are social web sites, so you will have a chance to interact with me. Though, I am sure my stalkers will continue to study and lurk. I’m all over the Internet. If you can’t find me, then you are not looking!

Circle of Friends

Americans’ circle of friends is shrinking, new study shows | Science Blog:

Americans’ circle of close confidants has shrunk dramatically in the past two decades and the number of people who say they have no one with whom to discuss important matters has more than doubled, according to a new study by sociologists at Duke University and the University of Arizona.

“The evidence shows that Americans have fewer confidants and those ties are also more family-based than they used to be,” said Lynn Smith-Lovin, Robert L. Wilson Professor of Sociology at Duke University and one of the study’s authors.

“This change indicates something that’s not good for our society. Ties with a close network of people create a safety net. These ties also lead to civic engagement and local political action,” she said.

My confidants seem very distant lately. Yes, they are generally hundreds of miles away. However, as I am a techie, miles don’t mean anything. Between IM and phone, we can still discuss things. Its just that lately we seem to have other things happening that take away the opportunities.

Better work on correcting it.

Anger and computers don’t mix

Ex-Boss Describes Sys Admin’s Anger During PaineWebber Sabotage Trial | June 8, 2006:

On the day a system administrator at UBS PaineWebber learned his annual bonus had fallen short by about $15,000, he leveled an ultimatum at his boss: give him a written contract for more money or he was walking out the door, according to testimony Thursday in the federal criminal computer sabotage trial.

But prosecutors charge that quitting his job wasn’t the only thing on his mind in late February of 2002. They say Roger Duronio, a three-year employee in the financial giant’s IT department, had already hatched a plan to plant malicious code on the network that would wipe out critical data across the country and drive down the company’s stock price.

Once Duronio packed up and was escorted out the building that day, he headed straight to a broker’s office to buy stock options that would pay out if UBS suffered a setback. And that, the government contends, put the final stages of Duronio’s plot into action.

C’mon people… I know we can all quote Kahn from Star Trek II, “Revenge is dish best served cold.” We also have seen the fraction of a penny scam in Office Space. Look at the end results. Kahn died suicide bomber style killing only himself and others on his ship. The Enterprise escaped. Everyone lost their job at Innatech.

This goes even for you non-technical people who think you can do something in the heat of the moment and the system administrators will never know. Believe me, all too often I have had to give to a boss a report of what people did in terms of deleting data. Computers leave a trail which we can follow. Maybe there are people who get away with it? Is it worth jail time that you might be the one who does?

FIFA vs. the hackers

C’mon people. Don’t do anything that will make me miss the biggest sporting event in the past 4 years! Maybe I need to go back and set TiVo to record both showings?

World Cup matchup: FIFA vs. the hackers | CNET

Roger Jones, Avaya’s business development manager for Europe, the Middle East and Africa, said he expected malicious computer users to reprise the to-date unsuccessful denial-of-service attacks against the networks servicing the 2002 World Cup, the 2003 Women’s World Cup and the Confederations Cup, the warm-up tournament for Germany 2006.


This is an interesting opinion piece. I kind of think of the Bank of America commercial where the CTO or CIO says their goal is not to get right almost every time but to get it right once and replicate it every time.

Wired News: Why Data Mining Won’t Stop Terror

Let’s look at some numbers. We’ll be optimistic — we’ll assume the system has a one in 100 false-positive rate (99 percent accurate), and a one in 1,000 false-negative rate (99.9 percent accurate). Assume 1 trillion possible indicators to sift through: that’s about 10 events — e-mails, phone calls, purchases, web destinations, whatever — per person in the United States per day. Also assume that 10 of them are actually terrorists plotting.

This unrealistically accurate system will generate 1 billion false alarms for every real terrorist plot it uncovers. Every day of every year, the police will have to investigate 27 million potential plots in order to find the one real terrorist plot per month. Raise that false-positive accuracy to an absurd 99.9999 percent and you’re still chasing 2,750 false alarms per day — but that will inevitably raise your false negatives, and you’re going to miss some of those 10 real plots.

This is exactly the sort of thing we saw with the NSA’s eavesdropping program: the New York Times reported that the computers spat out thousands of tips per month. Every one of them turned out to be a false alarm.

Finding terrorism plots is not a problem that lends itself to data mining. It’s a needle-in-a-haystack problem, and throwing more hay on the pile doesn’t make that problem any easier. We’d be far better off putting people in charge of investigating potential plots and letting them direct the computers, instead of putting the computers in charge and letting them decide who should be investigated.

The Value of a Few Extra Clicks

Google Agrees to Settle ‘Click Fraud’ Case – Yahoo! News

Mountain View, Calif.-based Google makes virtually all of its money from text-based advertising links that trigger commissions each time they are clicked on. Besides enriching Google, the system has been a boon for advertisers, whose sales have been boosted by an increased traffic from prospective buyers.

But sometimes mischief makers and scam artists repeatedly click on specific advertising links even though they have no intentions of buying anything. The motives for the malicious activity known as click fraud vary widely, but the net effect is the same: advertisers end up paying for fruitless Web traffic.

The lawsuit alleged Google had conspired with its advertising partners to conceal the magnitude of click fraud to avoid making refunds.

The frequency of click fraud hasn’t been quantified, causing some stock market analysts to worry Google’s profits will falter if it turns out to be a huge problem.

Google executives have repeatedly said the level of click fraud on its ad network is minuscule — a contention that the proposed settlement amount seems to support.

The $90 million translates into less than 1 percent of Google’s $11.2 billion in revenue during the past four years.