Quotulatiousness

August 23, 2012

Crisis malware is particularly capable of damage

Filed under: Technology — Tags: , , — Nicholas @ 00:03

John Leyden in The Register:

Security watchers have discovered a virus strain that compromises VMware virtual machines as well as infecting Mac OS X and Windows computers and Windows Mobile devices. It demonstrates previously unseen capabilities in the process.

The Crisis malware typically arrives in a Java archive file (.jar) and is typically installed by posing as a Flash Player Java applet to trick a victim into opening it.

The archive contains executable files targeting Apple and Microsoft operating systems; the malware is able to detect which platform it is running on and serve up the correct variant.

Once launched, the worm puts in place a rootkit to hide itself from view; installs spyware to record the user’s every move on the computer; and opens a backdoor to the IP address 176.58.100.37, allowing miscreants to gain further access to the machine, according to a write-up of the threat by Kaspersky Lab. The malicious code also, unsurprisingly, survives across reboots.

The Windows variant can kill off antivirus programs, log keypresses, download and upload files, take screengrabs, lift the contents of the user’s clipboard, record from the computer’s webcam and mic, and snoop on these applications: Firefox, Internet Explorer, Chrome, Microsoft Messenger, Skype, Google Talk and Yahoo! Messenger.

August 10, 2012

For you, is no Singularity

Filed under: Science, Technology — Tags: , , , , — Nicholas @ 11:25

Charles Stross linked to this article which points out that we’re not likely to experience the Singularity/Rapture of the Nerds/etc., and for good reasons:

Given that you are tech-savvy, by that point you have almost certainly come across the idea of the Singularity [1] as defended by futurists like Ray Kurzweil and Vernor Vinge. As a reminder, it is the notion that, when we are at last able to compile a smarter-than-human artificial intelligence, this AI will in turn manage to improve its own design, and so on, resulting in an out-of control loop of “intelligence explosion” [2] with unpredictable technological consequences. (singularists go on to predict that after this happens we will merge with machines, live forever, upload our minds into computers, etc).

What’s more, this seemingly far-future revolution would happen within just a few decades (2040 is often mentioned), due to the “exponential” rate of progress of science. That this deadline would arrive just in time to save the proponents of the Singularity from old age is just a weird coincidence that ought to be ignored.

Objection, your honor. As a scientist, I find the claim that scientific progress is exponential to be extremely dubious. If I look at my own field, or at any field that I am vaguely familiar with, I observe roughly linear progress — a rate that has typically been going on since as far back as the field’s foundation. “Exponential progress” claims are usually supported by the most bogus metrics, such as the number of US patents filled per year [3] (essentially a fashion utterly decorrelated from scientific progress).

And as somebody who does AI research, I find the notion of “intelligence explosion” to make exactly zero sense, for reasons reaching back to the very definition of intelligence. But I am not going to argue about that right now, as isn’t even necessary to invalidate the notion of the Singularity.

August 2, 2012

Charles Stross: Where Moore’s Law and Koomey’s Law interact

Filed under: Science, Technology — Tags: , , — Nicholas @ 09:32

On his blog, Charles Stross explores the long-term implications of Moore’s Law (the doubling of computer circuits every two years) and Koomey’s Law (the energy efficiency of computers doubles every eighteen months):

A couple of basic physical rules underly the dizzying progress in electronics that we have seen over the past fifty years. Moore’s Law, attributed to Intel co-founder Gordon Moore, postulates that the number of transistors that can be placed on an integrated circuit of constant size doubles approximately every two years. Originally coined in 1965, Moore’s law has run more or less constantly ever since. It can’t continue indefinitely, if only because we’re getting close to the atomic scale; a silicon atom has a Van der Waals radius of around 200 picometres, and to build circuits that mediate electron transport we need discrete atomic-scale structures. It is not obvious that we can build electronics (or other molecular structures) with a resolution below one nanometre. So it’s possible that Moore’s law will expire within another decade.

Having said that, predictions of the imminent demise of Moore’s Law within a decade go back to the 1970s. And if we can’t increase the two-dimensional structure count on an integrated circuit, we may still be able to increase the number of structures by building vertically.

A newer, and more interesting formulation than mere circuit count is Koomey’s Law, proposed by Jonathan Koomey at Stanford University: that the energy efficiency of computers doubles every 18 months.

This efficiency improvement has held true for a long time; today’s high-end microprocessors require far less power per instruction than those of a decade ago, much less two or three decades ago. A regular ARM-powered smartphone, such as an iPhone 4S, is some 12-13 orders of magnitude more powerful as a computing device than a late 1970s-vintage Cray 1 supercomputer, but consumes milliwatts of power for computing (rather than radio) operations, rather than the 115 kilowatts of the Cray.

Taking them together, what do these two laws imply about the not-too-distant future?

July 12, 2012

What happens when updates don’t

Filed under: Technology — Tags: , , — Nicholas @ 12:13

Over an hour, still no change. I have to assume that the computer has locked up at exactly the worst moment for it to do so: if I power it down, I’m risking it not being able to reboot.

My desktop (the one I’m using to update this blog post) had the same Microsoft patch applied, but took only a few minutes to reboot successfully. Can’t draw any absolute conclusions from this: although both machines are running Windows 7, they’re not the same version. The laptop is on Windows 7 Home Premium, and the desktop is running Windows 7 Professional.

Suggestions are welcome in the comments…

Update: Thanks to some suggestions from a much more technical person than me, I eventually persuaded the laptop to reject the Windows Update changes and revert back to the previous state. Now, of course, Windows Update is all up in my face about needing to apply some urgent patches… I’ll apply them one at a time (which will be a pain as each of them likely requires a reboot) until I find the one that was causing the freeze-up. It’s also possible that applying them one at a time may prevent the lock-up from happening.

July 5, 2012

What do software developers and predatory bankers have in common?

Filed under: Business, Technology — Tags: , , , , , — Nicholas @ 09:02

In his regular column at The Register, Matt Asay points out that using another company’s API can be a quick and easy way to get going, but it carries significant risks:

In tech today, it has become a truism that “if you’re not paying for it, you’re the product”. Somehow we have applied this wisdom to consumers without recognising that the same principle applies to enterprises and their developers. Recently, however, Netflix and LinkedIn have reminded us just how precarious it is to build on someone else’s platform — or API.

Paul Graham, one of the founders of Y Combinator, has described APIs as “self-serve [business development]”. It’s a great story: open and document your API and watch a thousand businesses bloom, bringing you cash and legitimacy. All of which may be true, if done correctly.

But the other side of Graham’s “business development” is the difficulty of predicting the business planning on the other side of the API. Twitter was pretty free with API access in its early days when it was seeking adoption rather than income. Now that the company has grown up and continues to tighten its grip on how and where users interact with tweets, Twitter terminated its tweet syndication partnership with LinkedIn and has promised to clamp down even more tightly on how developers use its API. Twitter is doing this because it can, as professor Joel West points out, but also because it must: its advertising business depends upon it.

So where’s the banking similarity come in?

There’s one other thing to consider, as venture capitalist Bill Davidow opines in The Atlantic, and that is the very real possibility that this API mercantilism is a sign of how the technology world is changing, and not for the better:

    At both Hewlett-Packard and Intel, where I next worked, money was important — but it wasn’t the top priority. The goal was to do the right thing and do it well. If you did that, over time, rewards followed and shareholders supported your efforts…

    Many other things have changed in the valley over the past five decades. I’ve become increasingly concerned about one thing that is seldom discussed: the valley is no longer as concerned about serving the customer, and even sees great opportunity in exploitation. We are beginning to act like the bankers who sold subprime mortgages to naïve consumers…

Or sold developers subprime APIs?

June 23, 2012

The Turing inquest verdict of suicide may not have been consistent with the evidence

Filed under: Britain, History, Law — Tags: , , — Nicholas @ 08:46

Brilliant mathematician Alan Turing died in an apparent suicide after undergoing chemical castration, but the inquest seems to have rushed to a conclusion:

At a conference in Oxford on Saturday, Turing expert Prof Jack Copeland will question the evidence that was presented at the 1954 inquest.

He believes the evidence would not today be accepted as sufficient to establish a suicide verdict.

Indeed, he argues, Turing’s death may equally probably have been an accident.

[. . .]

The motive for suicide is easy to imagine. In 1952, after he had reported a petty burglary, Turing found himself being investigated for “acts of gross indecency” after he revealed he had had a male lover in his house.

Faced with the prospect of imprisonment, and perhaps with it the loss of the mathematics post he held at Manchester University, which gave him access to one of the world’s only computers, Turing accepted the alternative of “chemical castration” — hormone treatment that was supposed to suppress his sexual urges.

It is often repeated that the chemicals caused him to grow breasts, though Turing is only known to have mentioned this once.

[. . .]

In his authoritative biography, Andrew Hodges suggests that the experiment was a ruse to disguise suicide, a scenario Turing had apparently mentioned to a friend in the past.

But Jack Copeland argues the evidence should be taken at face value — that an accidental death is certainly consistent with all the currently known circumstances.

The problem, he complains, is that the investigation was conducted so poorly that even murder cannot be ruled out. An “open verdict”, recognising this degree of ignorance, would be his preferred position.

None of this excuses the treatment of Turing during his final years, says Prof Copeland.

June 22, 2012

Microsoft Surface: “Lacking a physical product to test, all we can do is talk bollocks based on conjecture”

Filed under: Humour, Technology — Tags: , , — Nicholas @ 10:09

While I’ve been avoiding tablet computers, having an actual keyboard that can attach to a tablet makes it more like something I might be able to find a use for. In The Register, Alistair Dabbs explains why he’s already very fond of the announced-but-not-available-yet Microsoft Surface:

I don’t wish to suggest that Microsoft Surface is truly vapourware, but surely it’s suspicious that it’s announcing a product that no one’s going to be able to buy for half a year.

One supposes that Microsoft intends to create a buzz and get us talking about their forthcoming (new) foray into tablet computers. Yet the problem with jumping the gun — apart from the ‘false start’ accusations that lead on from this metaphor — is that commentators are left with a void to fill. Lacking a physical product to test, all we can do is talk bollocks based on conjecture.

This, as you know, is my specialty.

First, let me say that I don’t care a hoot about the provenance of the name ‘Surface’ — ho-ho, it used to be a table, so fucking what? Making fun of a name tells us nothing about the product.

Take ‘Metro’.

“We call it Metro because it’s modern and clean.” Oh, and here’s me thinking they called it Metro because it’s populated by young Algerians brandishing flick-knives and smells of wee. It’s just a word to put on the packaging and its actual meaning has no significance. After all, what does the word ‘pod’ have to do with playing MP3 files?

June 5, 2012

Stuxnet, Duqu, and Flame: joint US-Israeli projects

Filed under: Middle East, Military, Technology, USA — Tags: , , , , , — Nicholas @ 09:02

The US and Israeli governments have admitted that the Stuxnet, Duqu, and Flame malware infections were joint efforts:

American and Israeli officials have finally confirmed that the industrial grade Cyber War weapons (Stuxnet, Duqu and Flame) used against Iran in the last few years were indeed joint U.S.-Israel operations. No other details were released, although many more rumors are now circulating. The U.S. and Israel were long suspected of being responsible for these “weapons grade” computer worms. Both nations had the motive to use, means to build and opportunity to unleash these powerful Cyber War weapons against Iran and other that support terrorism.

The U.S. Department of Defense had long asked for permission to go on the offensive using Cyber War weapons. But the U.S. government regularly and publicly declined to retaliate against constant attack from China, mainly because there were fears that there could be legal repercussions and that weapons used might get out of control and cause lots of damage to innocent parties.

Iran turned out to be another matter. Although not a serious Cyber War threat to the United States, Iran was trying to build nuclear weapons and apparently Israel had already been looking into using a Cyber War weapon to interfere with that. Given the nature of these weapons, which work best if the enemy doesn’t even know they exist, don’t expect many details to be released about this Cyber War program. What is known is that the Cyber War weapons unleashed on Iran were designed to concentrate only on very specific targets. So far, only three weapons that we know of have been used. One (Stuxnet) was designed to do damage to one specific facility, the plant where Iran produced nuclear fuel for power plants, and atomic weapons. That one worked. The other two (Duqu and Flame) were intelligence collection programs. They also apparently succeeded, remaining hidden for years and having lots of opportunity to collect enormous quantities of valuable data.

May 6, 2012

Technology is not the panacea

Filed under: Education, Health, India, Technology — Tags: , , , , — Nicholas @ 10:06

I’m generally very pro-technology, but the One Laptop Per Child (OLPC) effort always struck me as putting the technology cart in front of the educational (and cultural) horse. A report at The Economist has examples of technological fixes that haven’t actually “fixed” the problems they were intended to solve:

The American charity has an ambitious mission — transform the quality of education in the developing world by giving every poor student a laptop. Targeting a $100 laptop, OLPC succeeded in creating a usable computer at a very low price point (the actual number was closer to $200). Unfortunately most of the attention in the project was focused on the technology and not enough on its efficacy. In the first rigorous evaluation of the programme, the Inter-American Development Bank (IDB) found little evidence that the laptops influenced educational outcomes. The study, conducted in Peru four years after the programme was launched, found no improvement in math or language. While the computers did lead to some gains in cognitive skills, the authors concluded that access to a laptop didn’t improve attendance. Neither did it motivate students to spend more time on their homework.

There is similarly disappointing news on cooking stoves. The World Health Organization estimates that indoor pollution from primitive cooking fires contributes to 2m deaths annually. One solution is to use clean cooking stoves. At a cost of $12.50, these stoves are an inexpensive way to reduce respiratory ailments and improve air quality. The Global Alliance for Clean Cookstoves (GACC), a public-private initiative, is making a big push for 100m homes in the developing world to switch to clean stoves by 2020. But a new NBER paper by Rema Hanna from Harvard University and Esther Duflo and Michael Greenstone from MIT, questions the long-term health or environmental benefits from this programme. The authors evaluated a clean-stove programme in eastern India, covering 15,000 households over five years. Their study found that after the initial year, enthusiasm for the stoves waned and households didn’t make the necessary investments to maintain them. As a result, the programme had very little effect on respiratory health or air pollution.

Both these projects highlight some common misconceptions in using technology for development. For one, solving intractable social problems requires fundamental changes in the target population. It also needs a supportive institutional framework to reinforce the right behaviour. Technology can complement this process, but it is no substitute for the human element. In Peru, simply adding laptops to the classroom, without investing in teachers who were proficient in computer-aided education, meant that the academic impact was limited. The IDB paper rightly points out that in poor countries where wages are low, development money may be better spent on labor-intensive education interventions than on expensive tools.

April 28, 2012

Charles Stross analyzes the economic and technical arguments for removing DRM on ebooks

Filed under: Books, Business, Economics, Media — Tags: , , , — Nicholas @ 00:08

A post at Charles Stross’s blog from earlier this week, when Macmillan announced that they were removing DRM from their ebook lines:

After I recommended that the major publishers drop mandatory DRM from their ebook products, I realized that my essay had elided a bunch of steps in my thinking, and needed to reconsider some points. Then I realized that it’s not a simple, straightforward argument to make. Consequently, I ended up writing another essay, although I’ve tried to summarize my conclusions below.

First, my conclusions:

1. The rapid current pace of change in the electronic publishing sector is driven by the consumer electronics and internet industry. It’s impossible to make long term publishing plans (3-10 years) without understanding these other industries and the priorities of their players. It is important to note that the CE industry relies on selling consumers new gadgets every 1-3 years. And it is through their gadgets that readers experience the books we sell them. Where is the CE industry taking us?

2. Dropping DRM across all of Macmillans products will not have immediate, global, positive effects on revenue in the same way that introducing the agency model did …

3. However, relaxing the requirement for DRM across some of Macmillans brands will have very positive public relations consequences among certain customer demographics, notably genre readers who buy large numbers of books (and who, while a minority in absolute numbers, are a disproportionate source of support for the midlist).

4. Longer term, removing the requirement for DRM will lower the barrier to entry in ebook retail, allowing smaller retailers (such as Powells) to compete effectively with the current major incumbents. This will encourage diversity in the retail sector, force the current incumbents to interoperate with other supply sources (or face an exodus of consumers), and undermine the tendency towards oligopoly. This will, in the long term, undermine the leverage the large vendors currently have in negotiating discount terms with publishers while improving the state of midlist sales.

Now the details:

February 10, 2012

Help sponsor a new home for the historic Colossus code-cracking computer

Filed under: Britain, History, Technology, WW2 — Tags: , , — Nicholas @ 11:11

John Leyden at The Register on the fundraising efforts to build a new home for the WW2 cryptographic computer:

The National Museum of Computing (TNMOC) has turned to a tried-and-tested fundraising method to establish a home for the rebuilt Colossus computer at Bletchley Park.

Individuals and firms are invited to buy up pixels of an online picture of the wartime code-breaking machine — at 10 pence per dot with a minimum spend of £10 — pretty much like Alex Tew’s million-dollar homepage effort.

The museum’s curators need the cash to open an exhibition featuring the Colossus in the historic Block H, on the spot where Colossus No 9 stood during the Second World War and where the rebuild took place.

Colossus was the world’s first electronic programmable computer, and was used to crack encrypted messages between Hitler and his generals.

January 21, 2012

Robert Johnson: How to save Economics

Filed under: Economics, Education, History, Media — Tags: , , , — Nicholas @ 11:10

Writing in Time, Robert Johnson has a few recommendations to rescue the field of economics from its current state:

First, economists should resist overstating what they actually know. The quest for certainty, as philosopher John Dewey called it in 1929, is a dangerous temptress. In anxious times like the present, experts can gain great favor in society by offering a false resolution of uncertainty. Of course when the falseness is later unmasked as snake oil, the heroic reputation of the expert is shattered. But that tends to happen only after the damage is done.

Second, economists have to recognize the shortcomings of high-powered mathematical models, which are not substitutes for vigilant observation. Nobel laureate Kenneth Arrow saw this danger years ago when he exclaimed, “The math takes on a life of its own because the mathematics pushed toward a tendency to prove theories of mathematical, rather than scientific, interest.”

[. . .]

The third remedy for repairing economics is to reintroduce context. More research on economic history and evidence-based studies are needed to understand the economy and overcome the mechanistic bare-bones models the students at Harvard objected to being taught.

[. . .]

Fourth, we must acknowledge the intimate, inseparable relationship between politics and economics. Modern debates about who caused the financial crisis — ­government or the private financial sector — are almost ­nonsensical. We are living in an era of money politics and large powerful interests that influence the laws and regulations and their enforcement. In order to catalyze the evolution of economics, research teams would benefit from multidisciplinary interaction with politics, psychology, anthropology, sociology and history.

H/T to Tim Harford for the link.

January 11, 2012

Computers as doctors

Filed under: Health, Technology — Tags: , — Nicholas @ 12:02

An interesting post from Alex Tabarrok at Marginal Revolution:

In 2004 I wrote In Praise of Impersonal Medicine arguing:

    I have nothing against my physician but I would prefer to be diagnosed by a computer. A typical physician spends most of the day playing twenty questions. Where does it hurt? Do you have a cough? How high is the patient’s blood pressure? But an expert system can play twenty questions better than most people. An expert system can use the best knowledge in the field, it can stay current with the journals, and it never forgets.

and in 2006 I noted:

    The practice of modern medicine is surprisingly primitive … My credit card company knows far more about my shopping history than my physician knows about my medical history.

I now believe that we are on the cusp of major changes to medicine. The thousand dollar genome sequence is less than a year away, Ford has just developed a car seat that can monitor your health, many people are already using wrist monitors to measure heart and sleep patterns. All of this data will soon be combined with massive databases to offer predictive and prescriptive health diagnosis.

But my favourite part of the posting was this comment from Joseph Huntington:

Stay clear of Doctors. I am a lifelong physician. Cardiologist, Head Surgeon, UCLA for 17 years. Medicine today is riskier than any casino. I left the zoo when it became a Federal Collection Center for data that will likely be used in population selection. If you’re a model or athlete, you have nothing to fear. If you’re sub-average, or over age 35 … just sleep well, drink water, walk, breathe deeply, eat mostly fresh things, laugh, love, work honorably and again, stay away from guys like me.

November 25, 2011

Ever gone looking for the answer to a technical question online?

Filed under: Humour, Technology — Tags: , , — Nicholas @ 09:07

This xkcd installment is amazingly accurate, at least based on my experiences:

Wisdom of the Ancients

Remember to mouse-over the cartoon: you’re missing at least half the humour if you don’t read the mouse-over text of any xkcd cartoon.

November 19, 2011

Internet users’ password security still hasn’t improved

Filed under: Technology — Tags: , , , , , — Nicholas @ 10:03

Do you use any of the following terms as your password? If so, congratulations, you’re helping keep the rest of us from being as easily hacked as you are:

1. password
2. 123456
3. 12345678
4. qwerty
5. abc123
6. monkey
7. 1234567
8. letmein
9. trustno1
10. dragon
11. baseball
12. 111111
13. iloveyou
14. master
15. sunshine
16. ashley
17. bailey
18. passw0rd
19. shadow
20. 123123
21. 654321
22. superman
23. qazwsx
24. michael
25. football

This list is from SplashData, who produce (among other things) a password-keeper utility. Last year, Gawker published the 50 top passwords in a graphic:

Here’s a word cloud from an earlier post on passwords:

Other posts on this topic: opportunities for humour with your bank’s secret questions, xkcd on the paradox of passwords, Passwords and the average user, More on passwords, And yet more on passwords, and Practically speaking, the end is in sight for passwords.

« Newer PostsOlder Posts »

Powered by WordPress