Your own personal Cray-1
/Chris Fenton shows that you can build a fully functional cycle-accurate Cray-1 with an FPGA. He even built a case that looks like an old Cray-1
Update:
Some quick testing shows my iPad 2 is about 18 times faster than a Cray-1. <grin>
Awesome Fluid Dynamics Physics Demo
/This is a really cool demonstration of the rope coiling effect when a viscous fluid is dispensed onto a flat surface, in this case a moving belt.
Roger Ebert on the Occupy movement
/I am really impressed with the thinking and writing in his blog. I clearly need to read it more often.
Roger Ebert posts really nice video on how PROTECT IP Act works.
/I am probably going to sound like a broken record on this issue, but I feel passionately about copyright, fair use and am very worried about this and related legislation.
DOJ want to criminalize fibbing
/Declan McCullagh in CNET reports that the Justice Department is pushing an absurd over broadening of the CFAA to criminalize violating website terms of service agreements.
The idea would be to treat all website terms of service as contracts fully limiting access to the site, therefor any violation of the TOS would be unauthorized access (A.K.A. Hacking) which is a felony.
Don't lie about your age, weight, height, or job title on that dating site!
I just can't resist good physics jokes
/In this case we have a twist on the old "spherical cow" theme from Abstruse Goose.
Anonymizer Survey: Anti-virus and Firewall popular but ineffective privacy protectors
/Anonymizer just released the results of a new survey of people's use of privacy protecting technologies. The short answer is that the old standards, anti-virus and firewalls, are widely used. Unfortunately they don't actually do much to protect your privacy. They are more about security.
For full details, read the article.
Another fantastic Onion spoof
/This time it is of intelligence community use of Facebook.
DNS based Man in the Middle attacks.
/Schneier on Security: Domain-in-the-Middle Attacks
Bruce Schneier on the real world effectiveness of a very simple domain name based man in the middle attack.
Here is a Wired article on the same issue showing how it was used to steal 20 GB of email from a Fortune 500 company.
Identify speakers of encrypted audio
/Schneier has a post on a paper about discovering the identity of a speaker even when using encrypted VoIP.
Refuse to be terrorized
/Another argument for rationality in the face of terrorism. This time from Spencer Ackerman of Wired.
10 Lessons from 9/11
/A very thoughtful essay on 10 lessons to take and teach from the events of 9/11.
An Interesting analysis of the total cost of the post 9/11 wars
/While coming off a bit partisan, the article makes some good points.
This is a really interesting article on the lack of terrorism against the US.
/This statistic really reinforces a point that I keep making. We are putting effort and treasure into fighting terrorism orders of magnitude out of proportion to its impact.
Why Is It So Hard to Find a Suicide Bomber These Days? - By Charles Kurzman | Foreign Policy:
Out of more than 150,000 murders in the United States since 9/11 -- currently more than 14,000 each year -- Islamist terrorists accounted for fewer than three dozen deaths by the end of 2010. Part of the credit for this is surely due to the law-enforcement officers and community members who have worked to uncover plots before they could be carried out. But fewer than 200 Muslim Americans have been involved in violent plots since 9/11, most of them overseas, so credit for the low level of violence must be due primarily to the millions of Muslims who have refrained from answering the call to terrorism.
Responsibilities of Security / Technology Professionals
/I posted this as a comment over on LinkedIn, but thought it was worth reposting on its own.
Privacy professionals can haggle over whether any given situation requires overwrite, multi-pass overwrite, degaussing, physical destruction or whatever else. The 99% issue is that people treat the trashcan icon on their computers as though it really and completely disposed of the file.
Closely related is the fallacy that your login password will protect your hard drive if your computer is sold / stolen.
I heard something recently at a conference which really struck a chord with me. It was about USB drives as attack vectors, but the argument applies very broadly.
We have spent many years trying to educate our way to computer security. It is very clear that is a failed strategy and given the relative immutability of human nature it is highly unlikely to ever be a successful strategy.
At this point, if I sell my password protected computer and that leads to my identity being stolen, shame on us as engineers who designed such a fragile system with such a huge and foreseeable failure mode.
We can argue about whether it should be a password or pass phrase, if there should be biometrics or other multi-factor authentication schemes, but lets at least make sure there is a door on the house and ensure that it is closed before debating tumbler lock vs. keypad.