Bah, humbug!

Posted on by

Er, from The Register

A new study from AirMagnet has demonstrated that Wi-Fi signal strength can drop by up to 25 per cent when seasonal decorations are in place.

Shiny baubles can reflect wireless networking signals, while flashing lights generate all sorts of interference. Sticking to the traditional holly and ivy won’t do you any good either, as plants are notorious for blocking the 2.4GHz signal Wi-Fi relies upon.

Carrying out a full wireless survey or network analysis might be overkill, but AirMagnet recommends that signal degradation can often be mitigated just by moving decorations away from access points, and remembering that every barrier between access point and user will lead to a weaker signal.

Thanks to Bill Thompson for spotting it.

The Gowers Report

Posted on by

Hmmm. The Gowers Report on Intellectual Property has been published. I haven’t read it through yet (in fact have only read the Press Release). When I started on the Report proper, I was immediately distracted by the Gowers signature:

That doesn’t seem at all safe to me. I mean to say, how do we know that this is the real Andrew Gowers, rather than a cheap counterfeit copy knocked up in Bangkok?

UPDATE: Bill Thompson has been reading the report. His initial impression is one of relieved surprise. Given what could have happened to the document, it seems sensible. And it’s delicious to think that ‘Sir’ Cliff Richard’s er, descendants, will not be able to wax fatly on his royalties after all. Gowers thinks that 50 years is quite enough, thank you very much. Actually, of course, it’s far too much, but we will leave that pass. I’m still trying to work out when Windows 95 comes out of copyright, for example.

What’s in a name?

Posted on by

From the Pew Research Center

A mostly insiders-only debate about whether Iraq is in a state of civil war broke out into the open last week when two major news organizations announced that they would henceforth refer to the conflict as a civil war. According to polling in September by the Pew Research Center, much of the public had already reached that conclusion. By a 50%-to-37% margin, more Americans said the current violence in Iraq was mostly a civil war than said it was mostly an insurgency aimed at the United States and its allies.

Interestingly, whether respondents thought it was a civil war or an insurgency didn’t seem to affect their attitudes towards whether the US should stay in Iraq.

So what’s Plan B then?

Posted on by

The report of the Iraq Study Group is out. (Summary available here.) A couple of thoughts that are prompted by it:

  • Firstly there is the interesting shift in US discourse to blaming the Iraqis, as if, somehow, they had brought all this upon themselves.
  • Then there’s the Report’s central idea — that a timetable should set for the Iraqis to get their house in order, after which the US will go home — in 2008. But there’s no evidence so far that the Iraqi government has a hope in hell of getting a grip on the situation. The chaos and carnage will, in all likelihood, get worse. So will the US then walk away? The Report seems to envisage no Plan B.

    I saw a suggestion recently on a Blog somewhere (can’t remember where, to my chagrin) that one way of rating US presidents is on how long it takes to clear up after them. On that metric, even Ronald Reagan looks reasonable. But Dubya is a catastrophe.

    Another interesting thing: there was a report on the BBC today (also here) that George Bush Snr burst into tears recently at a public event when he was introducing his other boy, Jeb (Governor of California). What can this mean?

    • Spam 2.0

    Posted on by

    From today’s New York Times

    The antispam industry is struggling to keep up with the surge. It is adding computer power and developing new techniques in an effort to avoid losing the battle with the most sophisticated spammers.

    It wasn’t supposed to turn out this way. Three years ago, Bill Gates, Microsoft’s chairman, made an audacious prediction: the problem of junk e-mail, he said, “will be solved by 2006.” And for a time, there were signs that he was going to be proved right.

    Antispam software for companies and individuals became increasingly effective, and many computer users were given hope by the federal Can-Spam Act of 2003, which required spam senders to allow recipients to opt out of receiving future messages and prescribed prison terms for violators.

    According to the Federal Trade Commission, the volume of spam declined in the first eight months of last year.

    But as many technology administrators will testify, the respite was short-lived.

    “At the beginning of the year spam was off our radar,” said Franklin Warlick, senior messaging systems administrator at Cox Communications in Atlanta.

    “Now employees are stopping us in the halls to ask us if we turned off our spam filter,” Mr. Warlick said.

    Mehran Sabbaghian, a network engineer at the Sacramento Web hosting company Lanset America, said that last month a sudden Internet-wide increase in spam clogged his firm’s servers so badly that the delivery of regular e-mail to customers was delayed by hours.

    To relieve the pressure, the company took the drastic step of blocking all messages from several countries in Europe, Latin America and Africa, where much of the spam was originating.

    This week, Lanset America plans to start accepting incoming mail from those countries again, but Mr. Sabbaghian said the problem of junk e-mail was “now out of control.”

    Antispam companies fought the scourge successfully, for a time, with a blend of three filtering strategies. Their software scanned each e-mail and looked at whom the message was coming from, what words it contained and which Web sites it linked to. The new breed of spam — call it Spam 2.0 — poses a serious challenge to each of those three approaches.

    Spammers have effectively foiled the first strategy — analyzing the reputation of the sender — by conscripting vast networks of computers belonging to users who unknowingly downloaded viruses and other rogue programs. The infected computers begin sending out spam without the knowledge of their owners. Secure Computing, an antispam company in San Jose, Calif., reports that 250,000 new computers are captured and added to these spam “botnets” each day.

    The sudden appearance of new sources of spam makes it more difficult for companies to rely on blacklists of known junk e-mail distributors. Also, by using other people’s computers to scatter their e-mail across the Internet, spammers vastly increase the number of messages they can send out, without having to pay for the data traffic they generate.

    “Because they are stealing other people’s computers to send out the bad stuff, their marginal costs are zero,” said Daniel Drucker, a vice president at the antispam company Postini. “The scary part is that the economics are now tilted in their favor.”

    The use of botnets to send spam would not matter as much if e-mail filters could still make effective use of the second spam-fighting strategy: analyzing the content of an incoming message. Traditional antispam software examines the words in a text message and, using statistical techniques, determines if the words are more likely to make up a legitimate message or a piece of spam.

    The explosion of image spam this year has largely thwarted that approach. Spammers have used images in their messages for years, in most cases to offer a peek at a pornographic Web site, or to illustrate the effectiveness of their miracle drugs. But as more of their text-based messages started being blocked, spammers searched for new methods and realized that putting their words inside the image could frustrate text filtering. The use of other people’s computers to send their bandwidth-hogging e-mail made the tactic practical.

    “They moved their message into our blind spot,” said Paul Judge, chief technology officer of Secure Computing…

    Compatability, Microsoft style

    Posted on by

    From Tech News on ZDNet

    Microsoft has pledged to make its new Office 2007 file formats accessible within the company’s other products, but the timeline for that support varies widely.

    Although the company already has converters available for older PC versions of Office, the Mac translation tools are still in development. Microsoft now doesn’t expect to have the tools available until late March or April, the company said Tuesday.

    “We realize this will be an inconvenience for some of you,” Microsoft acknowledged in its Macmojo blog. Folks in the Mac software unit at Microsoft say they have experienced the pain firsthand, now that a good percentage of Microsoft employees are using Office 2007.

    Meanwhile, Microsoft’s Windows Mobile unit said in an e-mail on Tuesday that its PocketPC and Smartphone devices won’t be able to read and edit the new formats until the middle of next year….

    This won’t stop Microsoft executives dissing OpenOffice for its alleged inability to read MS-formatted documents, though. Monopoly isn’t just a social and economic problem; it’s a state of mind.

    News from the other side

    Posted on by

    This just has to be the best opening paragraph in any column in 2006:

    I nearly died last month, but it wasn’t serious. I woke at 1am on a Saturday morning with a pain in my chest; went to the bathroom; the pain increased; I fell over; got up; absurdly, went back to bed with the thought that this should go away; then realised what was happening.

    John Lloyd, the formidable FT columnist, had a cardiac arrest. He was saved by the quick thinking of his Italian wife, and by the National Health Service. At one point, his heart actually stopped. Like the great journalist that he is, he saved up the experience and made a column out of it. (Columnists — and now, bloggers — resemble the old Chicago meat-packing industry, which used to boast that it “used every part of the hog except the grunt”.)

    In the days that followed, in the midst of gratitude for a well of affection and support from friends and family, three main sets of thoughts passed through my jumbled brain. I regretted having no last thoughts worthy of remembering. I did think I was dying — but the thought came and went. I wanted my son to be there. I did feel my sins heavy on my head but, too late to become a Catholic, I could not shrive them — and a self-satisfied, lapsed-Presbyterian self-congratulation that I would not even if I could, passed through my mind.

    Much of the time, though, was spent mentally wandering at random. I worried continually about an email I had not sent. I fretted about what had happened to the car, which my wife had driven almost into the A&E Unit (and which may have accounted for the questions on drunkenness). Nothing to approach Goethe’s “more light”. I might have died worrying about a parking ticket.

    It’s a lovely column — but one that, alas, is hidden behind a paywall. I read it in the paper edition.

    MyTrojan

    Posted on by

    Here’s something from Insecure.org to make Rupert Murdoch choke on his muesli.

    Overview

    ========

    Myspace.com provides a site navigation menu near the top of every page.

    Users generally use this menu to navigate to the various areas of the website. The first link that the menu provides is called “Home” which navigates back to the user’s personalized Myspace page which is essentially the user’s “home base” when using the site. As such this particular link is used quite frequently and is used to return from other areas of the website, most importantly from other user’s profile pages.

    A content-replacement attack coupled with a spoofed Myspace login page can be used to collect victim users’ authentication credentials. By replacing the navigation menu on the attacker’s Myspace profile page, an unsuspecting victim may be redirected to an external site of the attacker’s choice, such as a spoofed Myspace login page. Due to Myspace.com’s seemingly random tendency to expire user sessions or log users out, a user being presented with the Myspace login page is not out of the ordinary and does not raise much suspicion on the part of the victim.

    Impact

    ======

    Users are unexpectedly redirected to a website of the attacker’s choice.

    Users may be tricked into revealing their authentication credentials.

    Affected Systems

    ================

    Myspace.com: http://www.myspace.com

    Here’s GMSV’s account:

    Some MySpace users are getting their first taste of an STD — a socially transmitted disease. Identity thieves are using a vulnerability in the popular social network’s navigation to spread a particularly virulent worm that steals log-in credentials and lures users to phishing sites. Attacks begin with a rigged QuickTime video. “Once a user’s MySpace profile is infected (by viewing a malicious embedded QuickTime video), that profile is modified in two ways,” WebSense explains. “The links in the user’s page are replaced with links to a phishing site, and a copy of the malicious QuickTime video is embedded into the user’s site. Any other users who visit this newly-infected profile may have their own profile infected as well.” MySpace hasn’t revealed the extent of the infection, but an informal scan of 150 user profiles by FaceTime Communications found that close to a third were infected. That same ratio probably doesn’t translate to MySpace’s 73 million registered users — if it did we’d have a Black Death-style Web pestilence on our hands. So in the end this mostly serves as a reminder that everyone needs to pay more attention to security. “We’re continuing to make the same mistakes by putting security last,” Billy Hoffman, lead engineer at Web security specialist SPI Dynamics, recently told News.com. “People are buying into this hype and throwing together ideas for Web applications, but they are not thinking about security, and they are not realizing how badly they are exposing their users.”

    Yeah, but we super-smart folks use the Julian calendar, stoopid

    Posted on by

    From Jon Henley’s diary in today’s Guardian

    Worrying news, now, from Mensa, which in the December issue of its eminently readable magazine advertises a social event for members at the Royal Air Force Club in Piccadilly on Friday December 30. Our calendar, we see, says December 30 is a Saturday. But perhaps they know something we don’t.

    This is delicious. According to Wikipedia Mensa is “a society for bright people, the only qualification for membership being a high IQ”. A more sardonic way of putting it would be to say that it’s a club for people whose aptitude for certain kinds of meaningless puzzles leads them to believe that — to use the venerable Glaswegian phrase — “their shite is marmalade”.