Tuesday, February 12, 2008 2:12 PM/EST
There has been a lot of talk recently about how most computing usage will move into the Internet cloud. In this vision of the future of computing, people won't even carry personal computers around, they'll just access their data from any system that has access to the Internet.
Now, for some people this may not sound all that attractive, but I can think of one group that probably can't wait to use this, namely international travelers.
That's because international travelers are increasingly faced with the risk that their laptops might be taken from them, or almost as bad, all of their personal and business data could be copied and taken somewhere unknown.
Who is perpetrating these thefts? Why, it's U.S. customs agents, who have been given the OK by the government to view information on, copy the data from or even take the personal electronics (including laptops and smart phones) of travelers entering or returning to the United States.
Wednesday, December 19, 2007 7:22 PM/EST
There are plenty of shortages of things in the world today. Right now parents are out there desperately trying to get their hands on the hot gifts like the Nintendo Wii.
But there is one thing that we (unfortunately) aren't running out of. And that's people who don't put any thought into how they use their computers and the Internet, and who through their actions expose themselves and others to potentially dangerous security threats.
These people have been the subject of multiple columns by myself and other security writers. I owe two of my most popular articles to these security dunces: my 2003 column "Idiocy Imperils the Web" and my slide show from early 2007 entitled "12 Ways to Be a Security Idiot".
In some ways, security idiots are the gift that keeps on giving. So in the spirit of the holidays, with the good work of illustrator extraordinaire Brian Moore, we've taken that "12 Ways to Be a Security Idiot" slide show and converted it into a 2008 calendar. It's our gift to you, our readers. Feel free to download the calendar and print it out for personal use in your office or home. And don't be afraid to send it to some of the "security idiots" in your life.
Click here to download eWEEK's 2008 Calendar of 12 Ways to Be a Security Idiot
Tuesday, December 18, 2007 10:02 AM/EST
If you're looking for the download of the calendar of 12 Ways to Be A Security Idiot, I'm still waiting on the final approved copy from our production department. I've been told it should be ready no later than Wednesday morning.
Sorry for the delay.
Wednesday, December 12, 2007 4:22 PM/EST
 All things considered, from a strict technology aspect, 2007 was a pretty good year. We saw the launch of several very good products and technologies and, while there were some negatives, they were outweighed by the positives.
However, there were still plenty of negative forces out there trying to slow or even stop some technology innovations. And, unfortunately, as usual one of the biggest threats are the poorly thought out and overbroad technology laws that seem to get continually proposed by legislators both in the U.S. and around the world.
So let's take a look at a few of the bad laws that have been proposed, and in some cases passed, in 2007.
One potentially killer law that has passed the U.S. House of Representatives is the SPY Act (also known as the Securely Protect Yourself Against Cyber Trespass Act). On first read the SPY Act sounds like a good thing, as it looks like it will take a very hard line against Internet spyware. But like lots of bad bills, the SPY Act is so broad that it brings in lots of other legitimate areas of Internet marketing. And even worse, the law actually prevents states and individuals from taking action against spyware vendors and even legitimizes some forms of corporate spyware.
Wednesday, December 05, 2007 1:24 PM/EST
The holiday season is finally here (though based on some of my neighbors' decorations its actually been here for several weeks now) and for most of us this means it is now time to think about giving and receiving gifts.
Maybe you have some cool new technology gadget that you're hoping to get from a loved one. Or perhaps you'll be heading out to the mall yourself to purchase some presents for the important people in your life.
But while exchanging presents for the holidays between family and friends is a key part of the holidays, there are other ways that many of us can get into the spirit of the holidays, do something good for someone else, and actually still engage in the classic holiday practice of giving and getting. And oh yeah, it will involve one of the most innovative and talked about pieces of technologies launched this year.
How could you do this?
Well one idea for those who love technology and want to also help spread the benefits of technology is to participate in the One Laptop Per Child project's Give One Get One program. The way this program works is that you pay $399 to receive a brand new XO laptop (which has been called by some, OK me, the most innovative laptop seen in years), and along with getting an XO, presumably for a child in your life, you will also be paying for a second XO laptop that will be sent to a child in a developing country.
Monday, October 29, 2007 1:40 PM/EST
Recently the Internet has started to seem like a lighter, happier place. Web pages have been clearer, graphics have looked snappier, Flash advertisements have seemed a tiny bit less annoying. It's almost as if a great darkness has begun to lift.
What has been the cause of all of this good cheer? Why nothing less than the defeat of a great evil that has served as a symbol of all that is wrong with modern technologies and all the negative forces that threaten innovation today.
Yes, the notorious Amazon One-Click patent has finally been dealt a mortal blow and will hopefully soon no longer exist to threaten those who wish to innovate in the field of eCommerce.
Since it first rose from its dark pit in the late 1990's, the Amazon One-Click patent has served as a symbol of all that was wrong with the patent system in the United States.
Even from a purely technological standpoint, the One-Click patent was pretty weak and based on obvious techniques that had been done in earlier electronic shopping models.
But what made the One-Click patent so infamous was that it was one of the first and most egregious examples of the incredibly stupid idea that is business method patents.
Friday, September 21, 2007 12:33 PM/EST
 Everybody loves lists. Magazines love lists, TV shows love lists, websites really like lists. But possibly no one loves lists more than security vendors.
When you break down a lot of the core elements of security products, it often comes down to big lists. Lists of known viruses and spyware, lists of vulnerabilities, lists of access controls, and lists of programs that we want to run and programs that we don't want to run.
This obsession with lists most recently came up in reports from one of the largest security vendors out there, namely Symantec. In interviews related to the most recent release of the Symantec Internet Security Threat report, Symantec executives have said that because of the growing security threats and the increased sophistication of the bad guys, it may be time to move from the classic black list approach to security and go to a white list approach.
This means that instead of determining which programs running on someone's computer might be bad guys, future security tools would instead only let known, "good" programs run and block out all other programs.
Now the idea of white lists isn't a new one, most good security implementations involve some combination of white listing and black listing. And I do think that white listing is a good idea, when done on an individual or company basis (meaning that I as a person or a company choose which applications I want to let run).
But this isn't the kind of white listing that is being talked about. Instead it sure seems that Symantec is talking about managing a centralized white list of good applications and if an application isn't on it, it won't run.
And if this is Symantec's idea, then in my opinion it is a really bad one.
First of all, how would one get an application onto this list? Would it be free and easy for any developer or would there be regular fees and hurdles that would leave many open source and small developers out in the cold?
And what about programs I myself or my company writes? Would I be able to circumvent the Symantec white list controls and easily get these to run or would I have to jump through a series of complex hoops just to run my own applications?
One other thing. Doesn't this whole idea sound an awful lot like Trusted Computing, you know, that great thing where Microsoft would protect us from running bad programs and using our own computers in the way we wanted to? I don't know about you but if I don't trust Microsoft to tell me what I can and can't do with my own computers I really don't trust Symantec to do the same.
Finally, the really big weakness behind the whole white listing idea is that it doesn't really work from a security standpoint. Just because some central authority says that a certain application is safe or trusted, doesn't mean that that application itself can't be used as an attack point by the bad guys. A large number of security problems don't result from some rogue application getting on a system, they come about because an application already on the system has a hole in it than can be abused.
So thanks but no thanks. When it comes to making lists of what can and can't run on my system, I'm going to make the call on what goes on that lists, not some third party security firm.
Hey, here's a new list idea for you! How about bad security ideas? Sounds like we have a candidate for the list.
Monday, September 17, 2007 11:20 AM/EST
Now that the U.S. Congress is in session, we are once again seeing a push by the major technology companies to get an expansion to the H-1B visa program. As always, we are hearing the same complaint that America isn't producing enough qualified engineers and computer scientists to fill the needs of major American companies.
In the past I argued that it seemed crazy to say that there aren't enough technology workers available, when every one of us knows a few highly skilled technology workers who are either unemployed or underemployed.
But I do agree with the technology companies on one point. America isn't producing enough new qualified technology workers. And the main culprit is our failing higher education system.
I personally know a young man who is currently working toward an accelerated bachelor's and master's degree in engineering. An honors student in high school, he is currently in his sophomore year at a state school where he is maintaining grades consistently above a 3.5 average.
So far, so good. Sounds like a perfect future candidate for those desperate tech firms. But this year he seriously considered dropping out of the program and may face a similar decision next year.
What's the problem? As a middle-class kid living at home with his single mom, he can barely afford to continue at the state college he is attending.
Monday, September 10, 2007 9:28 AM/EST
In the world of the Batman comics, one of the more interesting villains that the Caped Crusader has to contend with is Two-Face. You see, Two-Face wasn't always a bad guy. He was originally Batman ally and Gotham District Attorney Harvey Dent but after a criminal disfigures half his face with a vial of acid, Harvey loses his grip on reality and turns into the evil Two-Face.
But the really interesting thing about Two-Face is that he does sometimes do the right thing. That's because he often decides whether he will do good or evil on the flip of a coin. This can make things especially tough for Batman, who must fight to stop the crimes of Two-Face but also occasionally sees his old friend Harvey whenever the coin makes Two-Face do the right thing.
And I'm starting to understand Batman's problem myself. Because there's an enemy out there that I'm often striving against. One who often seems to be dedicated to destroying the freedoms and innovations that technology has brought to us and bring all exciting and disruptive technologies to a stand-still. However, every once and a while this enemy does something helpful and makes me think that maybe it isn't all that bad after all.
The enemy I am talking about is, of course, government.
Thursday, August 30, 2007 1:51 PM/EST
 In the classic song "Radio Radio," Elvis Costello sang the words, "They say you better listen to the voice of reason. But they don't give you any choice because they think that it's treason."
Of course that song is nearly thirty years old so I doubt that Elvis Costello and the Attractions were talking about Web radio. But much of the anger and contempt that Elvis was directing at commercial radio of the time holds true for the controversy raging today over Web radio.
Here's the history of the problem: As the ability to stream quality audio over the Internet has improved over the years, a huge benefit arose in the form of Web radio. By providing the ability to listen to music over the Internet, it enabled many benefits, including the ability to listen to hometown stations after moving to another area, niche music programming that would never occur on standard radio, and, best of all, the ability for independent and unsigned musicians to easily promote their music to wide audiences.
Now to you, me and pretty much everyone else in the world, this all sounds pretty good. But to the Recording Industry Association of America, anything that lets people listen to what they want to listen to rather than what the RIAA tells them they should listen to—especially anything that lets musicians promote themselves without first signing away their souls to RIAA member companies—is very bad and must be destroyed.
|
