GranneBlog

Windows Metafile vulnerability

security, technology / Scott Granneman / 12 May 2006

From Noam Eppel’s “Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security“:

On Dec. 27, 2005 a Windows Metafile (.WMF) flaw was discovered affecting fully patched versions of XP and Windows 2003 Web Server. Simply by viewing an image on a web site or in an email or sent via instant messenger, code can be injected and run on the target computer. The vulnerability was in the Windows Graphics Rendering Engine which handles WMF files, so all programs such as Internet Explorer, Outlook and Windows Picture and Fax viewer which process this type of file were affected.

Within hours, hundred of sites start to take advantage of the vulnerability to distribute malware. Four days later, the first Internet messenger worm exploiting the .wmf vulnerability was found. Six days later, Panda Software discovers WMFMaker, an easy-to-use tool which allows anyone to easily create a malicious WMF file which exploits the vulnerability.

While it took mere hours for cybercriminals to take advantage of the vulnerability, it took Microsoft nine days to release an out-of-cycle patch to fix the vulnerability. For nine entire days the general public was left with no valid defenses.

The WMF Flaw was a security nightmare and a cybercriminal dream.It was a vulnerability which (a) affected the large majority of Windows computers (b) was easy to exploit as the victim simply had to view an image contained on a web site or in an email, and (c) was a true zero-day with no patch available for nine days. During those nine days, the majority of the general population had no idea how vulnerable they were.

Windows Metafile vulnerability Read More »

IE unsafe 98% of the time

security, technology / Scott Granneman / 12 May 2006

From Noam Eppel’s “Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security“:

The security company Scanit recently conducted a survey which tracked three web browsers (MSIE, Firefox, Opera) in 2004 and counted which days they were “known unsafe.” Their definition of “known unsafe”: a remotely exploitable security vulnerability had been publicly announced and no patch was yet available. Microsoft Internet Explorer, which is the most popular browser in use today and installed by default on most Windows-based computers, was 98% unsafe. Astonishingly, there were only 7 days in 2004 without an unpatched publicly disclosed security hole. Read that last sentence again if you have to.

IE unsafe 98% of the time Read More »

Even worse spam is coming

business, security, technology / Scott Granneman / 12 May 2006

From Spam Daily News’s “Spam zombies from outer space“:

Spammers could soon use zombie computers in a totally new way. Infected computers could run programs that spy into a person’s email, mine it for information, and generate realistic-looking replies.

John Aycock, an assistant professor of computer science at the University of Calgary, and his student Nathan Friess conducted new research that shows it is possible to create a new type of spam that would likely bypass even the best spam filters and trick experienced computer users who would normally delete suspicious email messages.

There are two key reasons why spam is suspicious to anti-spam filters and human targets alike. First, it often comes from an unrecognized source. Second, it doesn’t look right.

The evolution of spam zombies will change this. These new zombies will mine corpora of email they find on infected machines, using this data to automatically forge and send improved, convincing spam to others.

The next generation of spam could be sent from your friends’ and colleagues’ email addresses Ã¢â‚¬â€œ and even mimic patterns that mark their messages as their own (such as common abbreviations, misspellings, capitalization, and personal signatures) Ã¢â‚¬â€œ making you more likely to click on a Web link or open an attachment.

What features can be easily extracted from an email corpus? There are four categories:

1. Email addresses. The victim’s email address and any other email aliases they have can be extracted, as can the email addresses of people with whom the victim corresponds.

2. Information related to the victim’s email program and its configuration. For example, the User-Agent, the message encoding as text and/or HTML, automatically-appended signature file, the quoting style used for replies and forwarded messages, etc.

3. Vocabulary. The normal vocabulary used by the victim and the people with whom they correspond.

4. Email style.

Line length, as some people never break lines;

Capitalization, or lack thereof;

Manually-added signatures, often the victim’s name;

Abbreviations, e.g., “u” for “you”;

Misspellings and typos;

Inappropriate synonyms, e.g., “there” instead of “their”;

Replying above or below quoted text in replies.

Even worse spam is coming Read More »

The Flash Worm, AKA the Warhol Worm

security, technology / Scott Granneman / 12 May 2006

From Noam Eppel’s “Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security“:

In 2001, the infamous Code Red Worm was infecting a remarkable 2,000 new hosts each minute. Nick Weaver at UC Berkeley proposed the possibility of a “Flash Worm” which could spread across the Internet and infect all vulnerable servers in less than 15 minutes. A well engineered flash worm could spread worldwide in a matter of seconds.

The Flash Worm, AKA the Warhol Worm Read More »

A technical look at the Morris Worm of 1988

security, technology / Scott Granneman / 11 May 2006

From Donn Seeley’s “The Internet Worm of 1988: A Tour of the Worm“:

November 3, 1988 is already coming to be known as Black Thursday. System administrators around the country came to work on that day and discovered that their networks of computers were laboring under a huge load. If they were able to log in and generate a system status listing, they saw what appeared to be dozens or hundreds of “shell” (command interpreter) processes. If they tried to kill the processes, they found that new processes appeared faster than they could kill them. Rebooting the computer seemed to have no effect within minutes after starting up again, the machine was overloaded by these mysterious processes.

… The worm had taken advantage of lapses in security on systems that were running 4.2 or 4.3 BSD UNIX or derivatives like SunOS. These lapses allowed it to connect to machines across a network, bypass their login authentication, copy itself and then proceed to attack still more machines. The massive system load was generated by multitudes of worms trying to propagate the epidemic. …

The worm consists of a 99-line bootstrap program written in the C language, plus a large relocatable object file that comes in VAX and Sun-3 flavors. …

The activities of the worm break down into the categories of attack and defense. Attack consists of locating hosts (and accounts) to penetrate, then exploiting security holes on remote systems to pass across a copy of the worm and run it. The worm obtains host addresses by examining the system tables /etc/hosts.equiv and /.rhosts, user files like .forward and. rhosts, dynamic routing information produced by the netstat program, and finally randomly generated host addresses on local networks. It ranks these by order of preference, trying a file like /etc/hosts.equiv first because it contains names of local machines that are likely to permit unauthenticated connections. Penetration of a remote system can be accomplished in any of three ways. The worm can take advantage of a bug in the finger server that allows it to download code in place of a finger request and trick the server into executing it. The worm can use a “trap door” in the sendmail SMTP mail service, exercising a bug in the debugging code that allows it to execute a command interpreter and download code across a mail connection. If the worm can penetrate a local account by guessing its password, it can use the rexec and rsh remote command interpreter services to attack hosts that share that account. In each case the worm arranges to get a remote command interpreter which it can use to copy over, compile and execute the 99-line bootstrap. The bootstrap sets up its own network connection with the local worm and copies over the other files it needs, and using these pieces a remote worm is built and the infection procedure starts over again. …

When studying a tricky program like this, it’s just as important to establish what the program does not do as what it does do. The worm does not delete a system’s files: it only removes files that it created in the process of bootstrapping. The program does not attempt to incapacitate a system by deleting important files, or indeed any files. It does not remove log files or otherwise interfere with normal operation other than by consuming system resources. The worm does not modify existing files: it is not a virus. The worm propagates by copying itself and compiling itself on each system; it does not modify other programs to do its work for it. Due to its method of infection, it can’t count on sufficient privileges to be able to modify programs. The worm does not install trojan horses: its method of attack is strictly active, it never waits for a user to trip over a trap. Part of the reason for this is that the worm can’t afford to waste time waiting for trojan horses-it must reproduce before it is discovered. Finally, the worm does not record or transmit decrypted passwords: except for its own static list of favorite passwords, the worm does not propagate cracked passwords on to new worms nor does it transmit them back to some home base. This is not to say that the accounts that the worm penetrated are secure merely because the worm did not tell anyone what their passwords were, of course-if the worm can guess an account’s password, certainly others can too. The worm does not try to capture superuser privileges: while it does try to break into accounts, it doesn’t depend on having particular privileges to propagate, and never makes special use of such privileges if it somehow gets them. The worm does not propagate over uucp or X.25 or DECNET or BITNET: it specifically requires TCP/IP. The worm does not infect System V systems unless they have been modified to use Berkeley network programs like sendmail, fingerd and rexec.

A technical look at the Morris Worm of 1988 Read More »

A short explanation of moral rights in IP

business, law, politics, tech in changing society / Scott Granneman / 11 May 2006

From Betsy Rosenblatt’s “Moral Rights Basics“:

The term “moral rights” is a translation of the French term “droit moral,” and refers … to the ability of authors to control the eventual fate of their works. An author is said to have the “moral right” to control her work. … Moral rights protect the personal and reputational, rather than purely monetary, value of a work to its creator.

The scope of a creator’s moral rights is unclear, and differs with cultural conceptions of authorship and ownership, but may include the creator’s right to receive or decline credit for her work, to prevent her work from being altered without her permission, to control who owns the work, to dictate whether and in what way the work is displayed, and/or to receive resale royalties. Under American Law, moral rights receive protection through judicial interpretation of several copyright, trademark, privacy, and defamation statues, and through 17 U.S.C. §106A, known as the Visual Artists Rights Act of 1990 (VARA). VARA applies exclusively to visual art. In Europe and elsewhere, moral rights are more broadly protected by ordinary copyright law.

In the United States, the term “moral rights” typically refers to the right of an author to prevent revision, alteration, or distortion of her work, regardless of who owns the work. Moral rights as outlined in VARA also allow an author of a visual work to avoid being associated with works that are not entirely her own, and to prevent the defacement of her works. …

Under VARA, moral rights automatically vest in the author of a “work of visual art.” For the purposes of VARA, visual art includes paintings, drawings, prints, sculptures, and photographs, existing in a single copy or a limited edition of 200 signed and numbered copies or fewer. In order to be protected, a photograph must have been taken for exhibition purposes only. VARA only protects works of “recognized stature;” posters, maps, globes, motion pictures, electronic publications, and applied art are among the categories of visual works explicitly excluded from VARA protection. …

Moral rights are not transferrable, and end only with the life of the author. Even if the author has conveyed away a work or her copyright in it, she retains the moral rghts to the work under VARA. Authors may, however, waive their moral rights if do so in writing.

What constitutes infringement of moral rights?

VARA grants two rights to authors of visual works: the right of attribution, and the right of integrity. The right of attribution allows an author to prevent misattribution of a work, and to require that the authorship of the work not be disclosed (i.e. remain anonymous). The right of integrity bars intentional distortion, mutilation, or other modification of a work if that distortion is likely to harm the author’s reputation, and prevents the destruction of any work of recognized stature.

A short explanation of moral rights in IP Read More »

Paul Graham’s lessons for startups

business, technology / Scott Granneman / 11 May 2006

From Paul Graham’s “The Hardest Lessons for Startups to Learn“:

1. Release Early.

The thing I probably repeat most is this recipe for a startup: get a version 1 out fast, then improve it based on users’ reactions.

By “release early” I don’t mean you should release something full of bugs, but that you should release something minimal. Users hate bugs, but they don’t seem to mind a minimal version 1, if there’s more coming soon. …

I’ve seen a lot of startups die because they were too slow to release stuff, and none because they were too quick. …

Even if you had no users, it would still be important to release quickly, because for a startup the initial release acts as a shakedown cruise. If anything major is broken– if the idea’s no good, for example, or the founders hate one another– the stress of getting that first version out will expose it. And if you have such problems you want to find them early.

Perhaps the most important reason to release early, though, is that it makes you work harder. When you’re working on something that isn’t released, problems are intriguing. In something that’s out there, problems are alarming. There is a lot more urgency once you release. And I think that’s precisely why people put it off. They know they’ll have to work a lot harder once they do.

2. Keep Pumping Out Features.

Of course, “release early” has a second component, without which it would be bad advice. If you’re going to start with something that doesn’t do much, you better improve it fast. …

By “feature” I mean one unit of hacking — one quantum of making users’ lives better.

As with exercise, improvements beget improvements. … You should make your system better at least in some small way every day or two.

… Users love a site that’s constantly improving. In fact, users expect a site to improve. …

They’ll like you even better when you improve in response to their comments, because customers are used to companies ignoring them. If you’re the rare exception — a company that actually listens — you’ll generate fanatical loyalty. You won’t need to advertise, because your users will do it for you. …

If your product seems finished, there are two possible explanations: (a) it is finished, or (b) you lack imagination. Experience suggests (b) is a thousand times more likely.

3. Make Users Happy.

Improving constantly is an instance of a more general rule: make users happy. One thing all startups have in common is that they can’t force anyone to do anything. They can’t force anyone to use their software, and they can’t force anyone to do deals with them. A startup has to sing for its supper. That’s why the successful ones make great things. They have to, or die.

When you’re running a startup you feel like a little bit of debris blown about by powerful winds. The most powerful wind is users. They can either catch you and loft you up into the sky, as they did with Google, or leave you flat on the pavement, as they do with most startups. Users are a fickle wind, but more powerful than any other. If they take you up, no competitor can keep you down. …

The median visitor will arrive with their finger poised on the Back button. …

There are two things you have to do to make people pause. The most important is to explain, as concisely as possible, what the hell your site is about. … A startup should be able to explain in one or two sentences exactly what it does. … You probably shouldn’t even start a company to do something that can’t be described compellingly in one or two sentences.

The other thing I repeat is to give people everything you’ve got, right away. If you have something impressive, try to put it on the front page, because that’s the only one most visitors will see. Though indeed there’s a paradox here: the more you push the good stuff toward the front, the more likely visitors are to explore further. …

The industry term here is “conversion.” The job of your site is to convert casual visitors into users …

4. Fear the Right Things.

Another thing I find myself saying a lot is “don’t worry.” Actually, it’s more often “don’t worry about this; worry about that instead.” Startups are right to be paranoid, but they sometimes fear the wrong things. …

What you should fear, as a startup, is not the established players, but other startups you don’t know exist yet. They’re way more dangerous than Google because, like you, they’re cornered animals.

Looking just at existing competitors can give you a false sense of security. You should compete against what someone else could be doing, not just what you can see people doing. A corollary is that you shouldn’t relax just because you have no visible competitors yet. No matter what your idea, there’s someone else out there working on the same thing. …

And in any case, competitors are not the biggest threat. Way more startups hose themselves than get crushed by competitors. There are a lot of ways to do it, but the three main ones are internal disputes, inertia, and ignoring users. Each is, by itself, enough to kill you. But if I had to pick the worst, it would be ignoring users. If you want a recipe for a startup that’s going to die, here it is: a couple of founders who have some great idea they know everyone is going to love, and that’s what they’re going to build, no matter what.

Almost everyone’s initial plan is broken. If companies stuck to their initial plans, Microsoft would be selling programming languages, and Apple would be selling printed circuit boards. In both cases their customers told them what their business should be — and they were smart enough to listen. …

5. Commitment Is a Self-Fulfilling Prophecy.

I now have enough experience with startups to be able to say what the most important quality is in a startup founder, and it’s not what you might think. The most important quality in a startup founder is determination. Not intelligence — determination. …

Time after time VCs invest in startups founded by eminent professors. This may work in biotech, where a lot of startups simply commercialize existing research, but in software you want to invest in students, not professors. Microsoft, Yahoo, and Google were all founded by people who dropped out of school to do it. What students lack in experience they more than make up in dedication. …

In a startup, there’s always some disaster happening. So if you’re the least bit inclined to find an excuse to quit, there’s always one right there. …

You have to be the right kind of determined, though. I carefully chose the word determined rather than stubborn, because stubbornness is a disastrous quality in a startup. You have to be determined, but flexible …

6. There Is Always Room.

… There is always room for new stuff. At every point in history, even the darkest bits of the dark ages, people were discovering things that made everyone say “why didn’t anyone think of that before?” …

The reason we don’t see the opportunities all around us is that we adjust to however things are, and assume that’s how things have to be. …

So for all practical purposes, there is no limit to the number of startups. Startups make wealth, which means they make things people want, and if there’s a limit on the number of things people want, we are nowhere near it. …

7. Don’t Get Your Hopes Up.

Startup founders are naturally optimistic. They wouldn’t do it otherwise. But you should treat your optimism the way you’d treat the core of a nuclear reactor: as a source of power that’s also very dangerous. You have to build a shield around it, or it will fry you.

The shielding of a reactor is not uniform; the reactor would be useless if it were. It’s pierced in a few places to let pipes in. An optimism shield has to be pierced too. I think the place to draw the line is between what you expect of yourself, and what you expect of other people. It’s ok to be optimistic about what you can do, but assume the worst about machines and other people. …

Shielding your optimism is nowhere more important than with deals. If your startup is doing a deal, just assume it’s not going to happen. The VCs who say they’re going to invest in you aren’t. The company that says they’re going to buy you isn’t. The big customer who wants to use your system in their whole company won’t. Then if things work out you can be pleasantly surprised.

The reason I warn startups not to get their hopes up is not to save them from being disappointed when things fall through. It’s for a more practical reason: to prevent them from leaning their company against something that’s going to fall over, taking them with it.

For example, if someone says they want to invest in you, there’s a natural tendency to stop looking for other investors. That’s why people proposing deals seem so positive: they want you to stop looking. And you want to stop too, because doing deals is a pain. Raising money, in particular, is a huge time sink. So you have to consciously force yourself to keep looking. …

VCs and corp dev guys are professional negotiators. They’re trained to take advantage of weakness. [8] So while they’re often nice guys, they just can’t help it. And as pros they do this more than you. So don’t even try to bluff them. The only way a startup can have any leverage in a deal is genuinely not to need it. And if you don’t believe in a deal, you’ll be less likely to depend on it. …

The way to succeed in a startup is to focus on the goal of getting lots of users, and keep walking swiftly toward it while investors and acquirers scurry alongside trying to wave money in your face. …

Paul Graham’s lessons for startups Read More »

Human life & wasted time

commonplace book / Scott Granneman / 11 May 2006

From Paul Graham’s “The Hardest Lessons for Startups to Learn“:

We take it for granted most of the time, but human life is fairly miraculous. It is also palpably short. You’re given this marvellous thing, and then poof, it’s taken away. You can see why people invent gods to explain it. But even to people who don’t believe in gods, life commands respect. There are times in most of our lives when the days go by in a blur, and almost everyone has a sense, when this happens, of wasting something precious. As Ben Franklin said, if you love life, don’t waste time, because time is what life is made of.

Human life & wasted time Read More »

Brin’s Transparent Society explained, briefly

commonplace book, security, tech in changing society, technology / Scott Granneman / 11 May 2006

From Technology Review‘s “Big Brother Logs On“:

In his 1998 book The Transparent Society, which is well known in the privacy advocacy community, science fiction author and technology watcher David Brin argues that society inevitably will have to choose between two versions of ubiquitous surveillance: in one, only the rich and powerful use and control the system to their own advantage; in the second, more democratic future, the watchers can also be watched. Brin concedes that the latter version would mean everybody’s laundry hung out in public view, but the transparency would at least be mutual. Rent a porn video and your wife knows it; but if she drives to your best buddy’s house four times a week while you’re at the office, you’ll know that also.

Brin’s Transparent Society explained, briefly Read More »

Surveillance tools to detect drowning swimmers

security, tech in changing society, technology / Scott Granneman / 11 May 2006

From Technology Review‘s “Big Brother Logs On“:

Consider the benefits of the “computer-aided drowning detection and prevention” system that Boulogne, France-based Poseidon Technologies has installed in nine swimming pools in France, England, the Netherlands and Canada. In these systems, a collection of overhead and in-pool cameras relentlessly monitors pool activity. The video signals feed into a central processor running a machine perception algorithm that can effectively spot when active nonwater objects, such as swimmers, become still for more than a few seconds. When that happens, a red alarm light flashes at a poolside laptop workstation and lifeguards are alerted via waterproof pagers. Last November, a Poseidon system at the Jean Blanchet Aquatic Center in Ancenis, Loire-Atlantique, France, alerted lifeguards in time to rescue a swimmer on the verge of drowning. Pulled from the water unconscious, the swimmer walked away from a hospital the next day.

Surveillance tools to detect drowning swimmers Read More »

CCTV in the UK deters crime

law, security, tech in changing society, technology / Scott Granneman / 11 May 2006

From Technology Review‘s “Big Brother Logs On“:

In many ways, the drama of pervasive surveillance is being played out first in Orwell’s native land, the United Kingdom, which operates more closed-circuit cameras per capita than any other country in the world. This very public surveillance began in 1986 on an industrial estate near the town of King’s Lynn, approximately 100 kilometers north of London. Prior to the installation of three video cameras, a total of 58 crimes had been reported on the estate. None was reported over the next two years. In 1995, buoyed by that success, the government made matching grants available to other cities and towns that wanted to install public surveillance cameras – and things took off from there. …

And not many argue about surveillance’s ability to deter crime. Recent British government reports cite closed-circuit TV as a major reason for declining crime rates. After these systems were put in place, the town of Berwick reported that burglaries fell by 69 percent; in Northampton overall crime decreased by 57 percent; and in Glasgow, Scotland, crime slumped by 68 percent. Public reaction in England has been mixed, but many embrace the technology. …

CCTV in the UK deters crime Read More »

Tragedy in film

musings / Scott Granneman / 9 May 2006

Modern tragedy in film: one man’s death invites the gaze & sympathy of millions, ignoring the other deaths that occur all around us all the time.

Tragedy in film Read More »

Fundamentalism as limited reading

commonplace book, religion / Scott Granneman / 9 May 2006

From Douglas Rushkoff’s “Faith = Illness: Why I’ve had it with religious tolerance“:

When religions are practiced, as they are by a majority of those in developed nations, today, as a kind of nostalgic little ritual – a community event or an excuse to get together and not work – it doesn’t really screw anything up too badly. But when they radically alter our ability to contend with reality, cope with difference, or implement the most basic ethical provisions, they must be stopped. …

As I’ve always understood them, and as I try to convey them in my comic book, the stories in the Bible are less significant because they happened at some moment in history than because their underlying dynamics seem to be happening in all moments. We are all Cain, struggling with our feelings about a sibling who seems to be more blessed than we are. We are always escaping the enslaved mentality of Egypt and the idolatry we practiced there. We are all Mordechai, bristling against the pressure to bow in subservience to our bosses.

But true believers don’t have this freedom. Whether it’s because they need the Bible to prove a real estate claim in the Middle East, because they don’t know how to relate something that didn’t really happen, or because they require the threat of an angry super-being who sees all in order behave like good children, true believers – what we now call fundamentalists – are not in a position to appreciate the truth and beauty of the Holy Scriptures. No, the multi-dimensional document we call the Bible is not available to them because, for them, all those stories have to be accepted as historical truth.

Fundamentalism as limited reading Read More »

From P2P to social sharing

business, law, social software, tech in changing society, technology / Scott Granneman / 9 May 2006

From Clay Shirky’s “File-sharing Goes Social“:

The RIAA has taken us on a tour of networking strategies in the last few years, by constantly changing the environment file-sharing systems operate in. In hostile environments, organisms often adapt to become less energetic but harder to kill, and so it is now. With the RIAA’s waves of legal attacks driving experimentation with decentralized file-sharing tools, file-sharing networks have progressively traded efficiency for resistance to legal attack. …

There are several activities that are both illegal and popular, and these suffer from what economists call high transaction costs. Buying marijuana involves considerably more work than buying roses, in part because every transaction involves risk for both parties, and in part because neither party can rely on the courts for redress from unfair transactions. As a result, the market for marijuana today (or NYC tattoo artists in the 1980s, or gin in the 1920s, etc) involves trusted intermediaries who broker introductions.

These intermediaries act as a kind of social Visa system; in the same way a credit card issuer has a relationship with both buyer and seller, and an incentive to see that transactions go well, an introducer in an illegal transaction has an incentive to make sure that neither side defects from the transaction. And all parties, of course, have an incentive to avoid detection. …

There are many ways to move to such membrane-bounded systems, of course, including retrofitting existing networks to allow sub-groups with controlled membership (possibly using email white-list or IM buddy-list tools); adopting any of the current peer-to-peer tools designed for secure collaboration (e.g. Groove, Shinkuro, WASTE etc); or even going to physical distribution. As Andrew Odlyzko has pointed out, sending disks through the mail can move enough bits in a 24 hour period to qualify as broadband, and there are now file-sharing networks whose members simply snail mail one another mountable drives of music. …

The disadvantage of social sharing is simple — limited membership means fewer files. The advantage is equally simple — a socially bounded system is more effective than nothing, and safer than Kazaa. …

From P2P to social sharing Read More »

The value of Group-Forming Networks

commonplace book, social software, technology / Scott Granneman / 9 May 2006

From David P. Reed’s “That Sneaky Exponential – Beyond Metcalfe’s Law to the Power of Community Building“:

Bob Metcalfe, inventor of the Ethernet, is known for pointing out that the total value of a communications network grows with the square of the number of devices or people it connects. This scaling law, along with Moore’s Law, is widely credited as the stimulus that has driven the stunning growth of Internet connectivity. Because Metcalfe’s law implies value grows faster than does the (linear) number of a network’s access points, merely interconnecting two independent networks creates value that substantially exceeds the original value of the unconnected networks. …

But many kinds of value are created within networks. While many kinds of value grow proportionally to network size and some grow proportionally to the square of network size, I’ve discovered that some network structures create total value that can scale even faster than that. Networks that support the construction of communicating groups create value that scales exponentially with network size, i.e. much more rapidly than Metcalfe’s square law. I will call such networks Group-Forming Networks, or GFNs. …

What kind of value are we talking about, when we say the value of a network scales as some function of size? The answer is the value of potential connectivity for transactions. That is, for any particular access point (user), what is the number of different access points (users) that can be connected or reached for a transaction when the need arises. …

The value of potential connectivity is the value of the set of optional transactions that are afforded by the system or network. …

Metcalfe’s law, simply derived, says that if you build a network so that any customer can choose to transact with any other customer, the number of potential connections each of the N customers can make is (N-1), giving a total number of potential connections as N(N-1) or N²-N. Assuming each potential connection is worth as much as any other, the value to each user depends on the total size of the network, and the total value of potential connectivity scales much faster than the size of the network, proportional to N². …

In networks like the Internet, Group Forming Networks (GFNs) are an important additional kind of network capability. A GFN has functionality that directly enables and supports affiliations (such as interest groups, clubs, meetings, communities) among subsets of its customers. Group tools and technologies (also called community tools) such as user-defined mailing lists, chat rooms, discussion groups, buddy lists, team rooms, trading rooms, user groups, market makers, and auction hosts, all have a common themeÃ¢â‚¬â€they allow small or large groups of network users to coalesce and to organize their communications around a common interest, issue, or goal. Sadly, the traditional telephone and broadcast/cable network frameworks provide no support for groups. …

What we see, then, is that there are really at least three categories of value that networks can provide: the linear value of services that are aimed at individual users, the “square” value from facilitating transactions, and exponential value from facilitating group affiliations. What’s important is that the dominant value in a typical network tends to shift from one category to another as the scale of the network increases. Whether the growth is by incremental customer additions, or by transparent interconnection, scale growth tends to support new categories of killer apps, and thus new competitive games. …

What’s important in a network changes as the network scale shifts. In a network dominated by linear connectivity value growth, “content is king.” That is, in such networks, there is a small number of sources (publishers or makers) of content that every user selects from. The sources compete for users based on the value of their content (published stories, published images, standardized consumer goods). Where Metcalfe’s Law dominates, transactions become central. The stuff that is traded in transactions (be it email or voice mail, money, securities, contracted services, or whatnot) are king. And where the GFN law dominates, the central role is filled by jointly constructed value (such as specialized newsgroups, joint responses to RFPs, gossip, etc.). …

I’d like to close with a speculative thought. As Francis Fukuyama argues in his book Trust, there is a strong correlation between the prosperity of national economies and social capital, which he defines culturally as the ease with which people in a particular culture can form new associations. There is a clear synergy between the sociability that Fukuyama discusses and the technology and tools that support GFNs-both are structural supports for association. As the scale of interaction grows more global via the Internet, isn’t it possible that a combination of social capital and GFN capital will drive prosperity to those who recognize the value of network structures that support free and responsible association for common purposes?

The value of Group-Forming Networks Read More »

Bruce Schneier on steganography

fiction, non-fiction, security, writing ideas / Scott Granneman / 9 May 2006

From Bruce Schneier’s “Steganography: Truths and Fictions“:

Steganography is the science of hiding messages in messages. … In the computer world, it has come to mean hiding secret messages in graphics, pictures, movies, or sounds. …

The point of steganography is to hide the existence of the message, to hide the fact that the parties are communicating anything other than innocuous photographs. This only works when it can be used within existing communications patterns. I’ve never sent or received a GIF in my life. If someone suddenly sends me one, it won’t take a rocket scientist to realize that there’s a steganographic message hidden somewhere in it. If Alice and Bob already regularly exchange files that are suitable to hide steganographic messages, then an eavesdropper won’t know which messages — if any — contain the messages. If Alice and Bob change their communications patterns to hide the messages, it won’t work. An eavesdropper will figure it out.

… Don’t use the sample image that came with the program when you downloaded it; your eavesdropper will quickly recognize that one. Don’t use the same image over and over again; your eavesdropper will look for the differences between that indicate the hidden message. Don’t use an image that you’ve downloaded from the net; your eavesdropper can easily compare the image you’re sending with the reference image you downloaded.

Bruce Schneier on steganography Read More »

Good description of Fair Use & 1st Sale

business, law, tech in changing society / Scott Granneman / 9 May 2006

From Scott Kleper’s “An Introduction to Copyfighting“:

I think a lot of people incorrectly assume that Copyfighters are people who believe that copyright should be abolished and that everything should be free. Copyfighters arenÃ¢â‚¬â„¢t saying that all media should be freely distributed. We are saying that as consumers of media (film, television, software, literature, etc.) we have certain rights that we would like to protect. One of these rights is Fair Use. Fair Use means that you can reuse copyrighted work without permission as long as you are commenting on it, or copying/parodying the original. Fair Use is what allows you to quote song lyrics when writing a review of a new CD. Another right is First Sale. First Sale means that when you buy something, you own it and are thus entitled to sell it to someone else. First Sale is what allows you to buy a book, read it, then sell it on half.com for someone else to enjoy.

Most of all, we simply want the right to use the products we buy in the way that we see fit. We donÃ¢â‚¬â„¢t want to be sued by a manufacturer for opening up a product to see how it works or sued by a media company for moving a file from one device to another. We believe that when we buy a CD, we should be able to convert it to another format to play on another device. We shouldnÃ¢â‚¬â„¢t have to pay again to turn it into a ring tone. …

Songs bought on the Apple iTunes music store can be played only on a fixed number of devices that you have unlocked with your iTunes ID. Sounds reasonable, but after a few system reinstalls, maybe a replaced motherboard, a change of jobs, etc., all of a sudden, you no longer have access to any of your Ã¢â‚¬Å“authorized computersÃ¢â‚¬Â and you have to get Apple to remove them all so you can start again. You canÃ¢â‚¬â„¢t play iTunes purchased music on your non-Apple portable music player and you canÃ¢â‚¬â„¢t play Windows DRM files on your iPod. Consumers are supposed to understand and care about this?

The worst part is that these schemes end up only hurting the people who are trying to be good. If you use a commercial downloading service, like iTunes Music Store, it means that you have rejected the dubious legality and poor user experience of the Ã¢â‚¬Å“illegalÃ¢â‚¬Â services. You have paid your 99 cents and been handed something that is less valuable than what you could have gotten for free. You get a file with complex and arbitrary restrictions in a proprietary format. Meanwhile, the people who decided to keep on infringing arenÃ¢â‚¬â„¢t suffering Ã¢â‚¬â€ they get unrestricted files.

Good description of Fair Use & 1st Sale Read More »

Developing nations stand up to US/UN bullying on copyright

law, politics, tech in changing society / Scott Granneman / 9 May 2006

From “Statement by India at the Inter-Sessional Intergovernmental Meeting on a Development Agenda For WIPO, April 11-13, 2005” (emphasis added):

“Development”, in WIPO’s terminology means increasing a developing country’s capacity to provide protection to the owners of intellectual property rights. This is quite a the opposite of what developing countries understand when they refer to the ‘development dimension’. The document presented by the Group of Friends of Development corrects this misconception – that development dimension means technical assistance.

The real “development” imperative is ensuring that the interest of Intellectual Property owners is not secured at the expense of the users of IP, of consumers at large, and of public policy in general. …

The legal monopoly granted to IP owners is an exceptional departure from the general principle of competitive markets as the best guarantee for securing the interest of society. The rationale for the exception is not that extraction of monopoly profits by the innovator is, of and in itself, good for society and so needs to be promoted. Rather, that properly controlled, such a monopoly, by providing an incentive for innovation, might produce sufficient benefits for society to compensate for the immediate loss to consumers as a result of the existence of a monopoly market instead of a competitive market. Monopoly rights, then, granted to IP holders is a special incentive that needs to be carefully calibrated by each country, in the light of its own circumstances, taking into account the overall costs and benefits of such protection. …

The current emphasis of Technical Assistance on implementation and enforcement issues is misplaced. IP Law enforcement is embedded in the framework of all law enforcement in the individual countries. It is unrealistic, and even undesirable to expect that the enforcement of IP laws will be privileged over the enforcement of other laws in the country. Society faces a considerable challenge to effectively protect, and resolve disputes over, physical property. To expect that the police, the lawyers and the courts should dedicate a sizable part of society’s enforcement resources for protecting intangible intellectual property, is unrealistic. …

In conclusion, it is important that developed countries and WIPO acknowledge that IP protection is an important policy instrument for developing countries, one that needs to be used carefully. While the claimed benefits of strong IP protection for developing countries are a matter of debate – and nearly always in the distant future – such protection invariably entails substatial real an immediate costs for these countries. In formulating its IP policy, therefore, each country needs to have sufficient flexibility so that the cost of IP protection does not outweigh the benefits.

Developing nations stand up to US/UN bullying on copyright Read More »

Copyright stupidity: arguments & numbers

business, commonplace book, law, politics, tech in changing society / Scott Granneman / 9 May 2006

From Financial Times” “James Boyle: Deconstructing stupidity“:

Thomas Macaulay told us copyright law is a tax on readers for the benefit of writers, a tax that shouldnÃ¢â‚¬â„¢t last a day longer than necessary. …

Since only about 4 per cent of copyrighted works more than 20 years old are commercially available, this locks up 96 per cent of 20th century culture to benefit 4 per cent. The harm to the public is huge, the benefit to authors, tiny. …

We need to deconstruct the culture of IP stupidity, to understand it so we can change it. But this is a rich and complex stupidity, like a fine Margaux. I can only review a few flavours.

Maximalism: The first thing to realize is that many decisions are driven by honest delusion, not corporate corruption. The delusion is maximalism: the more intellectual property rights we create, the more innovation. This is clearly wrong; rights raise the cost of innovation inputs (lines of code, gene sequences, data.) Do their monopolistic and anti-competitive effects outweigh their incentive effects? ThatÃ¢â‚¬â„¢s the central question, but many of our decision makers seem never to have thought of it.

The point was made by an exchange inside the Committee that shaped EuropeÃ¢â‚¬â„¢s ill-starred Database Directive. It was observed that the US, with no significant property rights over unoriginal compilations of data, had a much larger database industry than Europe which already had significant Ã¢â‚¬Å“sweat of the browÃ¢â‚¬Â protection in some countries. Europe has strong rights, the US weak. The US is winning.

Did this lead the committee to wonder for a moment whether Europe should weaken its rights? No. Their response was that this showed we had to make the European rights much stronger. …

Authorial Romance: Part of the delusion depends on the idea that inventors and artists create from nothing. Who needs a public domain of accessible material if one can create out of thin air? But in most cases this simply isnÃ¢â‚¬â„¢t true; artists, scientists and technologists build on the past. …

An Industry Contract: Who are the subjects of IP? They used to be companies. You needed a printing press or a factory to trigger the landmines of IP. The law was set up as a contract between industry groups. This was a cosy arrangement, but it is no longer viable. The citizen-publishers of cyberspace, the makers of free software, the scientists of distributed data-analysis are all now implicated in the IP world. The decision-making structure has yet to adjust. …

Fundamentally, though, the views I have criticised here are not merely stupidity. They constitute an ideology, a worldview, like flat earth-ism. …

The Witty Worm was special

security / Scott Granneman / 9 May 2006

From CAIDA’s “The Spread of the Witty Worm“:

On Friday March 19, 2004 at approximately 8:45pm PST, an Internet worm began to spread, targeting a buffer overflow vulnerability in several Internet Security Systems (ISS) products, including ISS RealSecure Network, RealSecure Server Sensor, RealSecure Desktop, and BlackICE. The worm takes advantage of a security flaw in these firewall applications that was discovered earlier this month by eEye Digital Security. Once the Witty worm infects a computer, it deletes a randomly chosen section of the hard drive, over time rendering the machine unusable. The worm’s payload contained the phrase “(^.^) insert witty message here (^.^)” so it came to be known as the Witty worm.

While the Witty worm is only the latest in a string of self-propagating remote exploits, it distinguishes itself through several interesting features:

Witty was the first widely propagated Internet worm to carry a destructive payload.

Witty was started in an organized manner with an order of magnitude more ground-zero hosts than any previous worm.

Witty represents the shortest known interval between vulnerability disclosure and worm release — it began to spread the day after the ISS vulnerability was publicized.

Witty spread through a host population in which every compromised host was doing something proactive to secure their computers and networks.

Witty spread through a population almost an order of magnitude smaller than that of previous worms, demonstrating the viability of worms as an automated mechanism to rapidly compromise machines on the Internet, even in niches without a software monopoly. …

Once Witty infects a host, the host sends 20,000 packets by generating packets with a random destination IP address, a random size between 796 and 1307 bytes, and a destination port. The worm payload of 637 bytes is padded with data from system memory to fill this random size and a packet is sent out from source port 4000. After sending 20,000 packets, Witty seeks to a random point on the hard disk, writes 65k of data from the beginning of iss-pam1.dll to the disk. After closing the disk, the worm repeats this process until the machine is rebooted or until the worm permanently crashes the machine.

Witty Worm Spread

With previous Internet worms, including Code-Red, Nimda, and SQL Slammer, a few hosts were seeded with the worm and proceeded to spread it to the rest of the vulnerable population. The spread was slow early on and then accelerates dramatically as the number of infected machines spewing worm packets to the rest of the Internet rises. Eventually as the victim population becomes saturated, the spread of the worm slows because there are few vulnerable machines left to compromise. Plotted on a graph, this worm growth appears as an S-shaped exponential growth curve called a sigmoid.

At 8:45:18pm[4] PST on March 19, 2004, the network telescope received its first Witty worm packet. In contrast to previous worms, we observed 110 hosts infected in the first ten seconds, and 160 at the end of 30 seconds. The chances of a single instance of the worm infecting 110 machines so quickly are vanishingly small — worse than 10-607. This rapid onset indicates that the worm used either a hitlist or previously compromised vulnerable hosts to start the worm. …

After the sharp rise in initial coordinated activity, the Witty worm followed a normal exponential growth curve for a pathogen spreading in a fixed population. Witty reached its peak after approximately 45 minutes, at which point the majority of vulnerable hosts had been infected. After that time, the churn caused by dynamic addressing causes the IP address count to inflate without any additional Witty infections. At the peak of the infection, Witty hosts flooded the Internet with more than 90Gbits/second of traffic (more than 11 million packets per second). …

The vulnerable host population pool for the Witty worm was quite different from that of previous virulent worms. Previous worms have lagged several weeks behind publication of details about the remote-exploit bug, and large portions of the victim populations appeared to not know what software was running on their machines, let alone take steps to make sure that software was up to date with security patches. In contrast, the Witty worm infected a population of hosts that were proactive about security — they were running firewall software. The Witty worm also started to spread the day after information about the exploit and the software upgrades to fix the bug were available. …

By infecting firewall devices, Witty proved particularly adept at thwarting security measures and successfully infecting hosts on internal networks. …

The Witty worm incorporates a number of dangerous characteristics. It is the first widely spreading Internet worm to actively damage infected machines. It was started from a large set of machines simultaneously, indicating the use of a hit list or a large number of compromised machines. Witty demonstrated that any minimally deployed piece of software with a remotely exploitable bug can be a vector for wide-scale compromise of host machines without any action on the part of a victim. The practical implications of this are staggering; with minimal skill, a malevolent individual could break into thousands of machines and use them for almost any purpose with little evidence of the perpetrator left on most of the compromised hosts.

The Witty Worm was special Read More »