Technology

How long before Google adds output from an American Science & Engineering Z Backscatter Van to Google Maps? See the demonstration video here. (Hat tip to Dave Palmer on the SKEPTIC list.)

Yesterday, the Washington Post reported on the FBI’s “Operation Bot Roast,” which busted several criminal users of botnets: _James C. Brewer, of Arlington, Texas. He was indicted Tuesday on charges of infecting more than 10,000 computers globally, including two Chicago-area hospitals operated by the Bureau of Health Services in Cook County, Ill. The computers at the two hospitals were linked to the health care bureau’s mainframe system. They repeatedly froze or rebooted from October to December last year, resulting in delayed medical services, according to the indictment. Brewer was released on a $4,500 bond, court records show. ...

Cog at The Abstract Factory has put together a proposal to replace software patents with a superior system. (Hat tip to Tim Lee at The Technology Liberation Front.)

Microsoft Research has partnered with Petfinder.com to come up with a new test for determining whether there’s a live human behind the keyboard or just a computer program. It’s called Asirra, Animal Species Image Recognition for Restricting Access. The method presents twelve photographs of dogs and cats from Petfinder.com (each of which has an “adopt me” link associated with it) and asks the viewer to select all of the cats. Historical Comments Einzige (2007-06-12): I definitely prefer looking at cute pictures to deciphering those frustrating CAPTCHA thingies! ...

Which Programming Language are You?

From jwz’s blog: The Art of Wikigroaning The premise is quite simple. First, find a useful Wikipedia article that normal people might read. For example, the article called “Knight." Then, find a somehow similar article that is longer, but at the same time, useless to a very large fraction of the population. In this case, we’ll go with “Jedi Knight." Open both of the links and compare the lengths of the two articles. Compare not only that, but how well concepts are explored, and the greater professionalism with which the longer article was likely created. Are you looking yet? Get a good, long look. Yeah. Yeeaaah, we know, but that is just the tip of the iceberg. (We’re calling it Wikigroaning for a reason.) The next step is to find your own article pair and share it with your friends, who will usually look for their own pairs and you end up spending a good hour or two in a groaning arms race. The game ends after that, usually without any clear winners… but hey, it beats doing work. ...

My two-part appearance on “The Security Catalyst” podcast last year has resulted in some media coverage of botnets this week at IT World Canada. The article, “The botnet menace–and what you can do about it,” by Joaquim P. Menezes, is more detailed than most media coverage of bots has been. He draws on both my Security Catalyst interview and my colleague Bob Hagen’s blog post on bots.

Tomorrow night on PBS’s Frontline is “Spying on the Homefront”: FRONTLINE addresses an issue of major consequence for all Americans: Is the Bush administration’s domestic war on terrorism jeopardizing our civil liberties? Reporter Hedrick Smith presents new material on how the National Security Agency’s domestic surveillance program works and examines clashing viewpoints on whether the president has violated the Foreign Intelligence Surveillance Act (FISA) and infringed on constitutional protections. In another dramatic story, the program shows how the FBI vacuumed up records on 250,000 ordinary Americans who chose Las Vegas as the destination for their Christmas-New Year’s holiday, and the subsequent revelation that the FBI has misused National Security Letters to gather information. Probing such projects as Total Information Awareness, and its little known successors, Smith discloses that even former government intelligence officials now worry that the combination of new security threats, advances in communications technologies, and radical interpretations of presidential authority may be threatening the privacy of Americans.(Via the Electronic Frontier Foundation.)

Today’s the day that providers of VoIP and broadband Internet in the United States must comply with CALEA, mandating that they supply a way for law enforcement to eavesdrop on any communications carried over those mechanisms. I suspect many VoIP providers are in compliance but that fewer broadband Internet providers are, since the draft standard for CALEA for data over broadband Internet only came out in March. (And if you’d like to read the standard, it will cost you $164 for the PDF or $185 for a paper copy.) Bob Hagen at the Global Crossing blog points out some free tools that can be used to protect your privacy.

AACS keys are used to encrypt the content of HD-DVDs (this is an oversimplification; see Ed Felten’s Freedom-to-Tinker blog for more detail). A particular “processing key” for AACS has recently been distributed on the Internet, with the AACS Licensing Authority issuing cease and desist orders to try to stop it. This has led to new and creative ways of distributing this 128-bit number, just as occurred with the DeCSS code for decrypting DVDs. When a cease-and-desist order went to digg, digg’s users proceeded to give diggs to many different sites, at one point leading to the entire front page of digg being full of nothing but links to pages with the AACS key. A couple of the more interesting methods include making the number into a song and displaying it with satellite photos of buildings that resemble hex digits. One individual appears to have had it tattooed on his chest. This is exactly what we saw with DeCSS, which is memorialized in Dave Touretzky’s Gallery of CSS Descramblers. This case is even more absurd, in that AACS LA is claiming ownership of a number–and a relatively short one–not because it encodes any content or algorithm, but because it’s one of potentially millions of keys assigned for use with its system. UPDATE (May 11, 2007): As this t-shirt makes clear, trying to protect against the distribution of a 128-bit number is futile when knowledge of the number can be easily distributed without using the number itself. I’d love to see AACS LA try to make a case against the marketing and sale of this shirt.