 |
Wednesday, January 9, 2002 |
|
ZDNet is doing a poll on whether J2EE or .NET is more important for Web
services. Although it's a totally unscientific poll, they've set things up
to try to detect (and stop) ballot stuffing. It seems that Microsoft hasn't
understood the concept, and employees are trying to vote repeatedly,
including automated voting.
http://news.zdnet.co.uk/story/0,,t269-s2102244,00.html
The risk of believing unscientific polls is nothing new, but the combination
of electronic polls that can be stuffed with the herd mentality that may
influence buying greatly increases the risks.
[*The Register* noted that 21.5% of the respondents said they would
use .Net, 46% Java -- until a surge of votes came in from microsoft.com,
some of which were apparently stimulated by internal MS e-mail saying
"PLEASE STOP AND VOTE FOR .NET!". PGN] ["Jeremy Epstein" via risks-digest Volume 21, Issue 87]
0:00
#
G!
| |
|
An article by the ACLU at
http://www.aclu.org/issues/privacy/drawing_blank.pdf reveals that a
highly-publicised facial recognition system has been quietly dropped by law
enforcement officials in Tampa, Florida, following a large number of false
positives (including males identified as females, and vice versa) and a
total of zero matches against known criminals, leading to zero arrests.
Aside from the already-discussed civil liberties RISKs of such systems, it
seems we need to add the possibility that the taxpayers may not be getting
value for money, with or without their knowledge (the withdrawal of this
kind of thing tends to be done with rather less media coverage than its
introduction). One wonders if this will have any effect on plans to
introduce such systems into airports to "detect" terrorists.
Nick Brown, Strasbourg, France [Nick Brown via risks-digest Volume 21, Issue 87]
0:00
#
G!
| |
"A member of w00w00, the security enthusiasts who first reported the AOL
Instant Messenger (AIM) games request vulnerability, has alerted users that
a fix the group recommends has its own backdoor. Apparently, the AIM Filter
by Robbie Saunders which w00w00 had recommended is infected, group member
Jordan Ritter disclosed on the Bugtraq mailing list late Tuesday. "At the
time, Robbie Saunders' AIM Filter seemed like a nice temporary solution.
Unfortunately, it instead produces cash-paid click-throughs over time
intervals and contains backdoor code combined with basic obfuscation to
divulge system information and launch several Web browsers to porn sites,"
Ritter wrote." [...] Thomas C Greene, *The Register*
http://www.theregister.co.uk/content/4/23596.html ["Robert Andrews @ PrivacyExposed.com" via risks-digest Volume 21, Issue 87]
0:00
#
G!
| |
|
Snake oil is on the rise. Latest to join the fray is Zeosync
(www.zeosync.com), which announced on 7 Jan 2002 that they have new
algorithms that can provide 100:1 lossless data compression over
"practically random" data. (What they mean by "practically" isn't defined.)
Lots of criticism and proofs that it's impossible in Slashdot
http://slashdot.org/article.pl?sid=02/01/08/137246&mode=thread
and elsewhere. So far the algorithms haven't been given, except to provide
the single longest stream of buzzwords I've seen in a long time. The one
part that says it might not be 100% snake oil is that they have a Fields'
Prize winner as one of the participants.
The risk here is that they've added enough buzzwords to the announcement
that some people might actually believe it. The media doesn't seem very
skeptical, which they should be. Reuters quoted David Hill, an analyst with
Aberdeen Group as saying "Either this research is the next 'Cold Fusion'
scam that dies away or it's the foundation for a Nobel Prize. I don't have
an answer to which one it is yet." Others have been much more willing to
figure out which way it's going. Remember the 1999 story about the
16-year-old Irish girl whose new form of cryptography would revolutionize
the world? ["Jeremy Epstein" via risks-digest Volume 21, Issue 87]
0:00
#
G!
| |
Maximillian Dornseif, 2002.
|
|
|
