|
Ultrasaur Blog
Keeping track of exciting new threats to your digital records. Archive for March, 2009In poor economy, more IT pros could turn to e-crimeMonday, March 30th, 2009KPMG weighs in to remind us that employees do commit fraud
Agenda CampSunday, March 29th, 2009Dave and I were at AgendaCamp today. Some of the sessions were great, Omar from ProductWiki and Joseph from Lewis Media drove some good discussions. Here’s Dave talking with the Minister of Research and Innovation, MPP John Wilkinson: Misc news: March 28thSaturday, March 28th, 2009Fun new data storage error in the Heilbronn DNA Mixup: “It now turns out that the several-hundred-men task force might have really been chasing a phantom… All the swabs used in the forensics works were sourced from the same supplier.” Yup. When the watchers become the watched: “Surveillance cameras have captured the faces of criminal suspects in banks, in elevators and on street corners. But they have also surfaced in an unexpected law enforcement role: as evidence against police officers accused of misconduct or of lying on the witness stand.” UK’s databases contain too much private infoThursday, March 26th, 2009Here’s an interesting claim:
The UK’s over-emphasis on surveillance is common knowledge, but it’s important to realize that data is easy — maybe too easy to generate and that there are laws squeezing your records from the top and the bottom. Blowfish on 24Thursday, March 19th, 2009I spend a lot of my time polishing my explanation of why the algorithms we use are secure (namely that you can’t figure out the file that generated a specific hash from the hash) and it’s always a little saddening when I get responses along the lines of “Can’t you hack it?” Apparently on this week’s episode of 24, there was a particularly bad example of this problem:
The dialogue is ridiculous on so many levels (as it tends to be on 24 for anything technical) but Blowfish is a real algorithm. But what is especially egregious (once you get past the slanderous claim that Bruce Schneier left a back door in the algorithm & that nobody found it) is that 24 frequently uses torture to get information and the only serious threat to modern cryptography is Rubber-Hose Cryptanalysis. The Patent Process (part 1)Thursday, March 12th, 2009Next time I hear an mainframe-era computer scientist complaining about the punch card machines of IT-folklore, I will have a new sense of sympathy. Writing a patent is like trying to write a computer program which takes up to several years to compile – or fail and come back with errors. Naturally, like the punch card programmers of legend, one must painstakingly go over every last inch of verbiage, lest the application come back a year later with “compilation errors”. Without the help of legal professionals, (and possibly even with their help) it could take months of back and forth to get the syntax of the patent right. So in this sense, the towering fees of the patent attorney, which are enough to make anyone cringe, are actually justified. The patent attorney is like a very specialized computer programmer working on very old machines – but it’s worse than that: their code must be compiled by a human – the most capricious computer of all. [Dave's note: To be fair, my first draft had some pretty bad syntax errors; I'm impressed you compiled it at all.] Google finds you thousands more Locksmiths than even exist.Wednesday, March 11th, 2009It seems no good deed goes unpunished, Google Maps now show 1000 results instead of 10 which made it obvious that Locksmiths are spamming Google.
The source of this spam seems to be partially related to a records management issue, in that Google tries to keep their records as up to date as possible (rather than only introducing data that’s been through a thorough vetting process). The spammers can appropriate the authority of more established businesses (steal their googlejuice) by posing as more up-to-date information:
Again the part I find interesting is what to do now that there is false information in the record, Google is somewhat less than helpful:
We at Ultrasaur Records Management would also recommend having one and only one correct, up-to-date, verified record in the unlikely event that you can pull it off — but we’ll still help you prove that your records predate an impostor’s. I sincerely doubt “FakeFlyByNightCo” has the multitudes of documents spanning a decade that “RealGoodLockCo” has (all with the business name mentioned). University of Waterloo WiCS Industry LuncheonWednesday, March 11th, 2009Today I attended the university of Waterloo Women in CS committee’s first industry luncheon, which they hope to make an annual event. The purpose of this event is for female graduate and undergraduate students in CS to meet with women from the industry and ask questions, get advice, network, etc. There were representatives from companies such as Google, Maplesoft, RIM and Open Text. In my opinion, the event was quite successful. The Women in CS committee plans to make this an annual event. Coats relabledSaturday, March 7th, 2009For a fun twist on record falsification from Connecticut:
Fake goods are common enough, but rarely is it the trademark owners selling the fake products. source: Consumerist IT worker set malware at Fannie MaeThursday, March 5th, 2009IT Worker Indicted For Setting Malware Bomb At Fannie Mae: “a malicious script buried in a legitimate script”…. “Industry experts warn that such exploits may become more common”. We’ll be making our beta public as soon as possible. |
| info@ultrasaur.us | Thursday 29th of July 2010 | Contents Copyright 2008-2009 Ultrasaur Records Management Inc. All rights reserved. |
