Recent weeks have been exciting for a relatively new kind of currency speculator. In just three weeks, the total value of a unique new digital currency called Bitcoin has jumped four times, to over $40 million.
Bitcoin is underwritten not by a government, but by a clever cryptographic scheme.
For now, little can be bought with bitcoins, and the new currency is still a long way from competing with the dollar. But this explainer lays out what Bitcoin is, why it matters, and what needs to happen for it to succeed.
Where does Bitcoin come from?
In 2008, a programmer known as Satoshi Nakamoto—a name believed to be an alias—posted a paper outlining Bitcoin's design to a cryptography e-mail list. Then, in early 2009, he (or she) released software that can be used to exchange bitcoins using the scheme. That software is now maintained by a volunteer open-source community coordinated by four core developers.
"Satoshi's a bit of a mysterious figure," says Jeff Garzik, a member of that core team and operator of Bitcoin Watch, which tracks the Bitcoin economy. "I and the other core developers have occasionally corresponded with him by e-mail, but it's always a crapshoot as to whether he responds," says Garzik. "That and the forum are the entirety of anyone's experience with him."
How does Bitcoin work?
Nakamoto wanted people to be able to exchange money electronically securely without the need for a third party, such as a bank or a company like PayPal. He based Bitcoin on cryptographic techniques that allow you to be sure the money you receive is genuine, even if you don't trust the sender.
The basics
Once you download and run the Bitcoin client software, it connects over the Internet to the decentralized network of all Bitcoin users and also generates a pair of unique, mathematically linked keys, which you'll need to exchange bitcoins with any other client. One key is private and kept hidden on your computer. The other is public and a version of it dubbed a Bitcoin address is given to other people so they can send you bitcoins. Crucially, it is practically impossible—even with the most powerful supercomputer—to work out someone's private key from their public key. This prevents anyone from impersonating you. Your public and private keys are stored in a file that can be transferred to another computer, for example if you upgrade.
A Bitcoin address looks something like this: 15VjRaDX9zpbA8LVnbrCAFzrVzN7ixHNsC. Stores that accept bitcoins—for example, this one, selling alpaca socks—provide you with their address so you can pay for goods.
Transferring bitcoins
When you perform a transaction, your Bitcoin software performs a mathematical operation to combine the other party's public key and your own private key with the amount of bitcoins that you want to transfer. The result of that operation is then sent out across the distributed Bitcoin network so the transaction can be verified by Bitcoin software clients not involved in the transfer.
Those clients make two checks on a transaction. One verifies the mathematical relationship between the public and private keys to confirm that the true owner of the pair sent the money; the second refers to a public transaction log stored on the computer of every Bitcoin user to confirm that the person has the bitcoins to spend.
When a client verifies a transaction, it forwards the details to others in the network to check for themselves. In this way a transaction quickly reaches and is verified by every Bitcoin client that is online. Some of those clients - "miners" - also try to add the new transfer to the public transaction log, by racing to solve a cryptographic puzzle. Once one of them wins the updated log is passed throughout the Bitcoin network. When your software receives the updated log it knows your payment was successful.
Security
The nature of the mathematics ensures that it is computationally easy to verify a transaction but practically impossible to generate fake transactions and spend bitcoins you don't own. The existence of a public log of all transactions also provides a deterrent to money laundering, says Garzik. "You're looking at a global public transaction register," he says. "You can trace the history of every single Bitcoin through that log, from its creation through every transaction."
How can you obtain bitcoins?
Exchanges like Mt. Gox provide a place for people to trade bitcoins for other types of currency. Some enthusiasts have also started doing work, such as designing websites, in exchange for bitcoins. This jobs board advertises contract work paying in bitcoins.
But bitcoins also need to be generated in the first place. Bitcoins are "mined" when you set your Bitcoin client to a mode that has it compete to update the public log of transactions. All the clients set to this mode race to solve a cryptographic puzzle by completing the next "block" of the shared transaction log. Winning the race to complete the next block wins you a 50-Bitcoin prize. This feature exists as a way to distribute bitcoins in the currency's early years. Eventually, new coins will not be issued this way; instead, mining will be rewarded with a small fee taken from some of the value of a verified transaction.
Mining is very computationally intensive, to the point that any computer without a powerful graphics card is unlikely to mine any bitcoins in less than a few years.
Where to spend your bitcoins
There aren't a lot of places right now. Some Bitcoin enthusiasts with their own businesses have made it possible to swap bitcoins for tea, books, or Web design (see a comprehensive list here). But no major retailers accept the new currency yet.
Where to spend your bitcoins
There aren't a lot of places right now. Some Bitcoin enthusiasts with their own businesses have made it possible to swap bitcoins for tea, books, or Web design (see a comprehensive list here). But no major retailers accept the new currency yet.
If the Federal Reserve controls the dollar, who controls the Bitcoin economy?
No one. The economics of the currency are fixed into the underlying protocol developed by Nakamoto.
Nakamoto's rules specify that the amount of bitcoins in circulation will grow at an ever-decreasing rate toward a maximum of 21 million. Currently there are just over 6 million; in 2030, there will be over 20 million bitcoins.
Nakamoto's scheme includes one loophole, however: if more than half of the Bitcoin network's computing power comes under the control of one entity, then the rules can change. This would prevent, for example, a criminal cartel faking a transaction log in its own favor to dupe the rest of the community.
It is unlikely that anyone will ever obtain this kind of control. "The combined power of the network is currently equal to one of the most powerful supercomputers in the world," says Garzik. "Satoshi's rules are probably set in stone."
Isn't a fixed supply of money dangerous?
It's certainly different. "Elaborate controls to make sure that currency is not produced in greater numbers is not something any other currency, like the dollar or the euro, has," says Russ Roberts, professor of economics at George Mason University. The consequence will likely be slow and steady deflation, as the growth in circulating bitcoins declines and their value rises.
"That is considered very destructive in today's economies, mostly because when it occurs, it is unexpected," says Roberts. But he thinks that won't apply in an economy where deflation is expected. "In a Bitcoin world, everyone would anticipate that, and they know what they got paid would buy more then than it would now."
Does Bitcoin threaten the dollar or other currencies?
That's unlikely. "It might have a niche as a way to pay for certain technical services," says Roberts, adding that even limited success could allow Bitcoin to change the fate of more established currencies. "Competition is good, even between currencies—perhaps the example of Bitcoin could influence the behavior of the Federal Reserve."
Central banks the world over have freely increased the money supply of their currencies in response to the global downturn. Roberts suggests that Bitcoin could set a successful, if smaller scale, example of how economies that forbid such intervention can also succeed.
Wednesday, May 25, 2011
Monday, May 23, 2011
Mac Malware Scare: 7 Questions
It was only a matter of time. Numerous reports from the field leave little doubt that Apple OS X has become the target of its first widespread malware campaign -- in the form of MacDefender (aka, MacSecurity or MacProtector). Mac Defender is classic scareware: You're prompted to download and install an antivirus program to protect your system, when in fact the program itself is malicious.
Because the OS X malware campaign is the first of its kind, both Apple and Apple customers seem confused, with flames flying back and forth in various forums -- aggravated by a recent report that Apple support is refusing to help users remove the malware.
[ Master your security with InfoWorld's interactive Security iGuide. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. | Discover the key Mac, iOS, and Apple tech trends for business users with InfoWorld's Technology: Apple newsletter. ]
To clear the air, we offer some basic questions and answers about the ongoing MacDefender travails:
This isn't a virus or vulnerability within OS X, so how is it Apple's problem?Anytime a company's customers are being exploited, it's the company's problem, especially when that company has made a point of saying these sorts of things hardly ever happen on its platform. Even in the Microsoft Windows world, most successful malicious exploits don't depend on a vulnerability within the Windows operating system.
Microsoft doesn't help customers deal with malware, so why should Apple?The premise is dead wrong. After fighting cyber criminals for over two decades, Microsoft's support staff is fully trained at malware detection and removal. Microsoft has multiple commercial and free antimalware products, and large portions of its security websites are dedicated to malware detection and removal. Check the default Microsoft security page for yourself.
What's the best way to stop scareware scams?Education is the best defense. If you know what real antimalware software looks like, you're less likely to fall for the fake kind. Many companies say they do a good job at computer security education, but fail to include a single screenshot of the legitimate antimalware software they've installed on employee machines. Of course, if you're a Mac user, it's likely you don't have an antimalware program at all, other than the extremely limited one provided in OS X by default. Thus, any antimalware warning is fake.
But isn't that already readily apparent to anyone who isn't running an antimalware program?If that was the case, MacDefender wouldn't be making headlines and ruining the week for many OS X users. Never underestimate users' need to believe everything they read and click on anything they've been told to run.
So installing a real antitmalware program like Norton AntiVirus for the Mac would eliminate the risk, right?Unfortunately not. Antimalware scanning programs can't stop a large percentage of malware, simply because they can't keep up with the volume of new exploits. There are thousands of new scare programs created every day, and before they are released, most get scanned by dozens of popular antivirus scanner engines to prove they don't generate an alert. By the time an antivirus vendor includes a new scareware program in its antimalware definitions, it's often too late.
That said, it's probably time to consider antimalware for the Mac. Keep your antimalware definition files up to date, make sure your operating system has the latest patches, and don't download or install any program unless you know where it came from. Common sense measures cut your risk by a magnitude.
Is Apple's sudo approach better or worse than Microsoft's UAC (User Account Control)?Mac and Windows fans have long argued over whether Apple's sudo approach is better than Windows UAC. Most malware requires elevated privileges and permissions to infect and exploit a system. With both sudo and UAC, the operating system vendors disable the super user account by default and force users to do something extra to gain elevated access to the operating system.
I like sudo because it's been around for decades; it's very simple and hasn't changed much over time. With sudo, there is very little configuration, and when you need it, you're pretty sure how it's going to work and what it's going to do.
UAC actually has a lot more functionality and is far more predictive (in most cases) about when it will be needed. My problem with UAC is its complexity. Because it is more intelligent than sudo, there's more for end-users to learn. For example, UAC doesn't just apply to members of the Administrators group, but also to members of 17 other elevated groups: Power Users, Enterprise Admins, Scheme Admins, Network Configuration Operators, Print Operators, and so on. Microsoft provides literally dozens of ways to customize UAC, when it appears, and when it applies. As a result, few users truly understand UAC.
Both sudo and UAC do their jobs well. But in the long-term security scheme of things, neither will significantly decrease malicious hacking when end-users can simply be tricked into running whatever Trojan executable they are presented.
Is Apple going to leave its users twisting in the wind?Apple will change its support policies in the future and respond better. It has to. When Apple had only a few points of global marketshare, it didn't need to worry about malware or strategize about malware response. Now that the company has grown up, it will need new ways of handling customer issues in order to succeed.
Because the OS X malware campaign is the first of its kind, both Apple and Apple customers seem confused, with flames flying back and forth in various forums -- aggravated by a recent report that Apple support is refusing to help users remove the malware.
[ Master your security with InfoWorld's interactive Security iGuide. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. | Discover the key Mac, iOS, and Apple tech trends for business users with InfoWorld's Technology: Apple newsletter. ]
To clear the air, we offer some basic questions and answers about the ongoing MacDefender travails:
This isn't a virus or vulnerability within OS X, so how is it Apple's problem?Anytime a company's customers are being exploited, it's the company's problem, especially when that company has made a point of saying these sorts of things hardly ever happen on its platform. Even in the Microsoft Windows world, most successful malicious exploits don't depend on a vulnerability within the Windows operating system.
Microsoft doesn't help customers deal with malware, so why should Apple?The premise is dead wrong. After fighting cyber criminals for over two decades, Microsoft's support staff is fully trained at malware detection and removal. Microsoft has multiple commercial and free antimalware products, and large portions of its security websites are dedicated to malware detection and removal. Check the default Microsoft security page for yourself.
What's the best way to stop scareware scams?Education is the best defense. If you know what real antimalware software looks like, you're less likely to fall for the fake kind. Many companies say they do a good job at computer security education, but fail to include a single screenshot of the legitimate antimalware software they've installed on employee machines. Of course, if you're a Mac user, it's likely you don't have an antimalware program at all, other than the extremely limited one provided in OS X by default. Thus, any antimalware warning is fake.
But isn't that already readily apparent to anyone who isn't running an antimalware program?If that was the case, MacDefender wouldn't be making headlines and ruining the week for many OS X users. Never underestimate users' need to believe everything they read and click on anything they've been told to run.
So installing a real antitmalware program like Norton AntiVirus for the Mac would eliminate the risk, right?Unfortunately not. Antimalware scanning programs can't stop a large percentage of malware, simply because they can't keep up with the volume of new exploits. There are thousands of new scare programs created every day, and before they are released, most get scanned by dozens of popular antivirus scanner engines to prove they don't generate an alert. By the time an antivirus vendor includes a new scareware program in its antimalware definitions, it's often too late.
That said, it's probably time to consider antimalware for the Mac. Keep your antimalware definition files up to date, make sure your operating system has the latest patches, and don't download or install any program unless you know where it came from. Common sense measures cut your risk by a magnitude.
Is Apple's sudo approach better or worse than Microsoft's UAC (User Account Control)?Mac and Windows fans have long argued over whether Apple's sudo approach is better than Windows UAC. Most malware requires elevated privileges and permissions to infect and exploit a system. With both sudo and UAC, the operating system vendors disable the super user account by default and force users to do something extra to gain elevated access to the operating system.
I like sudo because it's been around for decades; it's very simple and hasn't changed much over time. With sudo, there is very little configuration, and when you need it, you're pretty sure how it's going to work and what it's going to do.
UAC actually has a lot more functionality and is far more predictive (in most cases) about when it will be needed. My problem with UAC is its complexity. Because it is more intelligent than sudo, there's more for end-users to learn. For example, UAC doesn't just apply to members of the Administrators group, but also to members of 17 other elevated groups: Power Users, Enterprise Admins, Scheme Admins, Network Configuration Operators, Print Operators, and so on. Microsoft provides literally dozens of ways to customize UAC, when it appears, and when it applies. As a result, few users truly understand UAC.
Both sudo and UAC do their jobs well. But in the long-term security scheme of things, neither will significantly decrease malicious hacking when end-users can simply be tricked into running whatever Trojan executable they are presented.
Is Apple going to leave its users twisting in the wind?Apple will change its support policies in the future and respond better. It has to. When Apple had only a few points of global marketshare, it didn't need to worry about malware or strategize about malware response. Now that the company has grown up, it will need new ways of handling customer issues in order to succeed.
Thursday, May 12, 2011
Workplace Robots Need a Better View
A coming wave of industrial robots will be smart enough to work safely alongside humans in many different settings, says Rodney Brooks, a professor emeritus of robotics at MIT and a founder of iRobot.
Industrial robots have evolved little since the first ones appeared in General Motors factories about 50 years ago, Brooks says. Most workplace robots—such as those used in car manufacturing—are designed to perform simple, repetitive tasks. And they lack the sensory smarts to work safely alongside humans.
"I think there's room for a real revolution by putting sensors and computation into industrial robots," says Brooks. "What if the robots were smarter and they could go into smaller companies and be easier for ordinary people to use?"
If manufacturing robots could recognize their human coworkers and interact with them safely Brooks says they could be used in many more manufacturing environments, assisting with repetitive and physically demanding manual tasks.
Advertisement
In 2008, Brooks founded a new company, called Heartland Robotics, to develop robots for manufacturing. The company has said that its robots will be intelligent, adaptable, and inexpensive. But the company is still in stealth mode, and hasn't revealed what technologies these robots will use.
In the last few years, robotics researchers have made progress in machine vision, due in part to the falling cost of computer power, and the photo and image resources that can be pulled from the Web and used to train computer vision systems to recognize different objects. However, Brooks says, giving machines more human-like vision remains one of the biggest challenges to the development of more practical robots.
"Perception is really, really hard. For robots, I think it's largely unsolved," says Brooks. "Image-based recognition has worked surprisingly well, [but] it can't do the recognition that a three-year-old child can do."
Commercial machine vision systems are still usually focused on a narrow task. For example, some cars now come equipped with a system that can identify pedestrians and other vehicles, even in a cluttered scene. The system, developed by Mobileye, based in Israel, is connected to an onboard computer that applies the brakes if a collision seems imminent.
"This is the first wide-scale, highly demanding use of computer vision," says Amnon Shashua, the Sachs professor of computer science at the Hebrew University of Jerusalem, and a cofounder of Mobileye.
Shashua says the company's computer vision system works well because it only has to identify a handful of objects. But he hopes that within the next five years, the system will be able to reliably recognize almost everything within a scene. "There are at least 1,000 object classes you need to know in an image to at least do semi-autonomous driving," including signs, lights, guard rails, poles, bridges, exits, and more, he said during a symposium on artificial intelligence at MIT last week.
Mobileye is developing specialized hardware to support the specific demands of rapid image recognition. "There's still a long way to go to build hardware that is efficient, low cost, low power, that can do very complex computer vision," Shashua adds.
Better machine vision systems might lead to significant advances in robotics. "How we deploy our robots is limited by what we can do with perception, so improvements in perception will lead them to be smarter and have modicums of common sense," says Brooks.
Tuesday, May 10, 2011
The Human Body, Searchable in 3-D
The first online 3-D interactive search tool of the human body was released today. It allows a user to view and navigate the human anatomy, male or female, down to the finest detail—from the muscles and deep muscles to the nerves, arteries, vessels, and bones. This new tool, called BodyMaps, was developed by Healthline Networks, a company that provides medical information to consumers online, and GE Healthyimagination, a Web-based platform that shares and promotes projects that focus on consumer health, such as apps or healthy how-to videos.
BodyMaps is a consumer tool developed to educate the user on health conditions or medical ailments. At the center of the BodyMaps page is a 3-D image of the body; at left is textual information about the body section being shown. As a user mouses over the text, the section of the body in the image is highlighted, and vice versa if a user mouses over the image. At the bottom is a scrubber that lets the user rotate the body 360 degrees. The page also features videos, tips on staying healthy, information on symptoms and conditions, and a definition of the section in view.
The user can select a body region to explore by clicking the text or image, or by using the search tool. Selecting shoulders generated a crisp, high-definition 3-D image of the shoulder section, starting at the skin level, with the option to click through to see the muscles, nerves and vessels, and bone. Choosing the deltoid muscle, a definition popped up and the remaining muscles were shaded out. An option to read more provided a lengthy definition and description of the muscle, including common injuries and their causes and symptoms.
There is also an anatomy list for each body section the user chooses to view—the heart even has a cross-section view and a diagram of blood flow while the knee shows each layer of connective tissues.
Advertisement
BodyMaps is a flash application and can be viewed in any browser; it does not require the user to download any software or special programs to run. "This is not a science experiment," says West Shell, chairman and CEO of Healthline Networks. "We have built this as a search product for consumer education," he says.
Google is working on a similar project called Google Body, which is part of Google Labs. Unlike BodyMaps, it requires a Web 3-D standard called WebGL and can only be used in a Chrome browser. Google Body also lacks the level of detail both in its imagery and information that is available in BodyMaps.
BodyMaps was built using Healthline's taxonomy, a database of health and medical information the company spent 10 years building. It relates the different attributes and facets of a disease or condition to relevant symptoms and treatments, types of doctors, and even insurance billing codes. When a user conducts a search, all the relevant information is displayed. To create the 3-D graphics, Healthline and GE Healthyimagination used over 25 medical illustrators to first make the drawings. They then partnered with Visible Productions to do the 3-D modeling and applied the existing taxonomy and search and navigation technology to the models.
Shell says the most viewed information on Healthline.com is visual data such as images, videos, and animations. "We are enhancing the visual learning experience by making the 3-D body the platform for navigation," he says.
The next phase of development for the new 3-D tool is to make it available on mobile devices and tablets. To do so, Healthline is building the application in HTML 5, a programming language that is supported by most devices. Shell expects BodyMaps to be on mobile platforms in the next six months to a year.
The system, while the first of its kind, still needs some work. Some queries, like "large intestine," produce no results, and certain "read more" sections, such as in the knee region, do not have any additional information. Also, choosing to "read more" about the muscle "biceps brachii," displayed in the shoulder region, makes the user go back to the arm section.
The company expects to introduce additional capabilities by June that will let users explore in 3-D graphics the progression of a disease, how a drug works in the body, a medical procedure, or even an injury. At least 20 different scenarios will be launched initially, and new ones will continue to be released. Further planned improvements will let users upload his or her medical imagery into the system and compare it with the information in BodyMaps.
Shell says Healthline is conducting a pilot study with GE, integrating the imagery from the company's electronic medical record system with BodyMaps. This application will not be available to users "for a while," but should be implemented widely across GE for testing later this year, he says.
the page: http://www.healthline.com/human-body-maps/
Monday, May 9, 2011
How Facebook Killed Your School Reunion
It started in 2007 as idle speculation on a handful of blogs: "Will high school reunions simply become a dreary coffee date for the people of your graduation class who *aren't* on Facebook?"
In 2008 the speculation became a little more mainstream -- Adam Kushner of Newsweek hypothesized that if Facebook hurt reunion attendance, it could also hurt alumni giving. He proposed a test -- in 2009, the class of 2004 would have an opportunity to attend its first reunion. That was the first year that Facebook was more or less ubiquitous on college campuses, so if the speculation were true, the reunions of 2009 would see a drop in attendance.
2009 seemed to prove Kushner right. Jenna Wortham at the New York Times Bits blog declared that Facebook had robbed her of all motivation to attend her five-year college reunion. The class of 2004 was behaving exactly as Kushner predicted.
Wortham reported that she and her colleagues were no longer tantalized by the prospect of finding out what had happened to whom.
In 2009 the Facebook-is-killing-reunions trend story became an official part of the annual journalistic calendar, like stories about the war on Christmas or tips for singles on Valentine's day. Time reported that in some cases Facebook was inspiring reunions that wouldn't otherwise happen, while in others it was killing them off:
By 2010 it was on the Huffington Post of big media, CNN, which declared Facebook's positive and negative effects on reunions a wash. Clearly no one had yet to go beyond studying it anecdotally.
Skip to the present day, and the data have finally arrived. Timothy Davis, co-founder of the reunion-organizing site Classreport.com, tells The Baltimore Sun that he's noticed fewer reunions nationwide, with the trend especially pronounced among people in their mid to late 20's.
What's it all mean? I don't know. Probably that we'll have to endure these stories until the only place that even bothers to report this footnote in the great dematerialization brought about by the web and social media is AARP The Magazine.
In 2008 the speculation became a little more mainstream -- Adam Kushner of Newsweek hypothesized that if Facebook hurt reunion attendance, it could also hurt alumni giving. He proposed a test -- in 2009, the class of 2004 would have an opportunity to attend its first reunion. That was the first year that Facebook was more or less ubiquitous on college campuses, so if the speculation were true, the reunions of 2009 would see a drop in attendance.
2009 seemed to prove Kushner right. Jenna Wortham at the New York Times Bits blog declared that Facebook had robbed her of all motivation to attend her five-year college reunion. The class of 2004 was behaving exactly as Kushner predicted.
As my friend Alexis, a 2004 Harvard graduate who also decided to skip his coming five-year reunion, put it: "The infotech out there has reduced the desire to go 'just to know' what so-and-so is up to. I know what just about everyone is doing."
Wortham reported that she and her colleagues were no longer tantalized by the prospect of finding out what had happened to whom.
In 2009 the Facebook-is-killing-reunions trend story became an official part of the annual journalistic calendar, like stories about the war on Christmas or tips for singles on Valentine's day. Time reported that in some cases Facebook was inspiring reunions that wouldn't otherwise happen, while in others it was killing them off:
"There was a Facebook page for my 20-year college reunion, which took place this May," [says Deborah Dietzler, executive director of alumni relations at the University of Georgia]. "I looked at it a couple of times and it didn't seem like anyone I knew would be there, so I lost interest."
By 2010 it was on the Huffington Post of big media, CNN, which declared Facebook's positive and negative effects on reunions a wash. Clearly no one had yet to go beyond studying it anecdotally.
Skip to the present day, and the data have finally arrived. Timothy Davis, co-founder of the reunion-organizing site Classreport.com, tells The Baltimore Sun that he's noticed fewer reunions nationwide, with the trend especially pronounced among people in their mid to late 20's.
What's it all mean? I don't know. Probably that we'll have to endure these stories until the only place that even bothers to report this footnote in the great dematerialization brought about by the web and social media is AARP The Magazine.
Sunday, May 8, 2011
Facebook: Simply a Spying Machine?
Facebook's an appalling spy machine? That's what WikiLeakers founder (and Martina Navratilova impersonator) Julian Assange is saying. In an interview with Russia Times, the floppy-haired leaker extraordinaire declares:
Facebook in particular is the most appalling spying machine that has ever been invented. Here we have the world's most comprehensive database about people, their relationships, their names, their addresses, their locations and the communications with each other, their relatives, all sitting within the United States, all accessible to US intelligence. Facebook, Google, Yahoo -- all these major US organizations have built-in interfaces for US intelligence. It's not a matter of serving a subpoena. They have an interface that they have developed for US intelligence to use.
Now, is it the case that Facebook is actually run by U.S. intelligence? No, it's not like that. It's simply that U.S. intelligence is able to bring to bear legal and political pressure on them. And it's costly for them to hand out records one by one, so they have automated the process. Everyone should understand that when they add their friends to Facebook, they are doing free work for United States intelligence agencies in building this database for them.
How does Mr. Assange come to be in possession of this knowledge? I suspect he made a few rather large logical leaps, based on the confidential document WikiLeaks just made available on PublicIntelligence.net: Facebook's 2010 Law Enforcement Guidelines.
(Facebook's response follows in the update at the bottom of this post.)
Those guidelines are worth a few words. But first, some reactions to what Assange said.
There's no way Assange can assert that Facebook is "the world's most comprehensive database" about anything, unless his sources at the NSA are much better than I suspect. He'd have to be very intimate with the details of every other large database out there to make that claim. That's extremely unlikely.
True, Facebook is large. Comprehensive? Not so much. If anything, it's extremely incomplete and deeply unreliable. (Think about it: Are all the people in your Friends list really your friends? Do you tell the truth all the time? Is that your real age?)
That bit about Facebook, Google, Yahoo et al having a ‘special interface' just for U.S. spy agencies, no subpoena needed? I think Julian's been huffing the Reddi-Wip again. It's highly doubtful any of these organizations would just hand over non-publically-available data without some kind of legal writ -- a subpoena, search warrant, National Security Letter, etc -- let alone build their own little back door for spies to use. Imagine the outcry if that were true.
In fact, this is what the Facebook legal guidelines are all about -- how to legally request such information, on a case by case basis, which Facebook then provides. Not an automated process, not one-stop shopping for spies.
In fact, Facebook creates one of these guidelines every year (you can see the previous versions at PublicIntelligence as well.) So do Microsoft, Yahoo, Google, Twitter, and so on. Any big tech company that collects information and has a legal department will have confidential written procedures about how to handle information requests from legal authorities. If you've ever read any real privacy policy (and I have read too many of them) you'll always see the exception that allows them to share your data with the authorities when required by law.
What's interesting about Facebook's 2010 Guidelines? A few things.
* Generally speaking, Facebook can produce 90 days' worth of data on every person. That includes your contact info, news feed, status updates, notes, wall posts, friends list, groups list, any events you'd said you'd attend, photos you've posted, photos where others have tagged you, and a list of the videos you've posted.
Facebook may also be able to retrieve any private messages you haven't deleted, and can go back even further than 90 days, if needed, but that apparently requires more effort.
* Facebook makes no guarantees about being able to retrieve IP logs or at least complete records of IP logs. So if the cops want to know every single time and place you logged into Facebook, they're probably out of luck.
* Facebook asks law enforcement for a scosh more documentation with each request (ie, badge numbers) than it used to. And it notes that if law enforcement authorities identify a fake Facebook account, or one that otherwise violates Facebook's terms and conditions, they will nuke that account unless specifically requested otherwise.
If law enforcement creates a fake Facebook account or one that violates the terms - say, to go undercover and befriend a suspected bad guy -- Facebook will nuke that one as well. (Take that, you wannabe Donny Brasco.)
Does that make Facebook a treasure trove for potential investigators? Absolutely. Facebook data has played a part in several well-publicized arrests; at this point I'm sure it's standard operating procedure to look at the Facebook (and other online accounts) of anyone who wanders into the cross hairs of Johnny Law. Just like your cell phone.
If any of this is a surprise to you, maybe you should be paying closer attention (or watching more TV shows about police forensics). Does that make Facebook the most appalling spy machine ever? Only if you're a publicity seeking paranoid.
Update: Facebook spokeshuman Andrew Noyes responded with the following statement:
We don't respond to pressure, we respond to compulsory legal process. There has never been a time we have been pressured to turn over data. We fight every time we believe the legal process is insufficient. The legal standards for compelling a company to turn over data are determined by the laws of the country, and we respect that standard.
So how many legal requests did Facebook receive last year, and how many did it fufill? Noyes responds thusly:
Currently, we don't make those figures public. I can tell you that we do receive a significant volume of third party data requests and we review each request individually for legal sufficiency before responding, and have a dedicated team of CIPP certified professionals responsible for managing requests (and that team is supervised by two former federal cybercrime prosecutors who are experts in the law in this area).
Facebook in particular is the most appalling spying machine that has ever been invented. Here we have the world's most comprehensive database about people, their relationships, their names, their addresses, their locations and the communications with each other, their relatives, all sitting within the United States, all accessible to US intelligence. Facebook, Google, Yahoo -- all these major US organizations have built-in interfaces for US intelligence. It's not a matter of serving a subpoena. They have an interface that they have developed for US intelligence to use.
Now, is it the case that Facebook is actually run by U.S. intelligence? No, it's not like that. It's simply that U.S. intelligence is able to bring to bear legal and political pressure on them. And it's costly for them to hand out records one by one, so they have automated the process. Everyone should understand that when they add their friends to Facebook, they are doing free work for United States intelligence agencies in building this database for them.
How does Mr. Assange come to be in possession of this knowledge? I suspect he made a few rather large logical leaps, based on the confidential document WikiLeaks just made available on PublicIntelligence.net: Facebook's 2010 Law Enforcement Guidelines.
(Facebook's response follows in the update at the bottom of this post.)
Those guidelines are worth a few words. But first, some reactions to what Assange said.
There's no way Assange can assert that Facebook is "the world's most comprehensive database" about anything, unless his sources at the NSA are much better than I suspect. He'd have to be very intimate with the details of every other large database out there to make that claim. That's extremely unlikely.
True, Facebook is large. Comprehensive? Not so much. If anything, it's extremely incomplete and deeply unreliable. (Think about it: Are all the people in your Friends list really your friends? Do you tell the truth all the time? Is that your real age?)
That bit about Facebook, Google, Yahoo et al having a ‘special interface' just for U.S. spy agencies, no subpoena needed? I think Julian's been huffing the Reddi-Wip again. It's highly doubtful any of these organizations would just hand over non-publically-available data without some kind of legal writ -- a subpoena, search warrant, National Security Letter, etc -- let alone build their own little back door for spies to use. Imagine the outcry if that were true.
In fact, this is what the Facebook legal guidelines are all about -- how to legally request such information, on a case by case basis, which Facebook then provides. Not an automated process, not one-stop shopping for spies.
In fact, Facebook creates one of these guidelines every year (you can see the previous versions at PublicIntelligence as well.) So do Microsoft, Yahoo, Google, Twitter, and so on. Any big tech company that collects information and has a legal department will have confidential written procedures about how to handle information requests from legal authorities. If you've ever read any real privacy policy (and I have read too many of them) you'll always see the exception that allows them to share your data with the authorities when required by law.
What's interesting about Facebook's 2010 Guidelines? A few things.
* Generally speaking, Facebook can produce 90 days' worth of data on every person. That includes your contact info, news feed, status updates, notes, wall posts, friends list, groups list, any events you'd said you'd attend, photos you've posted, photos where others have tagged you, and a list of the videos you've posted.
Facebook may also be able to retrieve any private messages you haven't deleted, and can go back even further than 90 days, if needed, but that apparently requires more effort.
* Facebook makes no guarantees about being able to retrieve IP logs or at least complete records of IP logs. So if the cops want to know every single time and place you logged into Facebook, they're probably out of luck.
* Facebook asks law enforcement for a scosh more documentation with each request (ie, badge numbers) than it used to. And it notes that if law enforcement authorities identify a fake Facebook account, or one that otherwise violates Facebook's terms and conditions, they will nuke that account unless specifically requested otherwise.
If law enforcement creates a fake Facebook account or one that violates the terms - say, to go undercover and befriend a suspected bad guy -- Facebook will nuke that one as well. (Take that, you wannabe Donny Brasco.)
Does that make Facebook a treasure trove for potential investigators? Absolutely. Facebook data has played a part in several well-publicized arrests; at this point I'm sure it's standard operating procedure to look at the Facebook (and other online accounts) of anyone who wanders into the cross hairs of Johnny Law. Just like your cell phone.
If any of this is a surprise to you, maybe you should be paying closer attention (or watching more TV shows about police forensics). Does that make Facebook the most appalling spy machine ever? Only if you're a publicity seeking paranoid.
Update: Facebook spokeshuman Andrew Noyes responded with the following statement:
We don't respond to pressure, we respond to compulsory legal process. There has never been a time we have been pressured to turn over data. We fight every time we believe the legal process is insufficient. The legal standards for compelling a company to turn over data are determined by the laws of the country, and we respect that standard.
So how many legal requests did Facebook receive last year, and how many did it fufill? Noyes responds thusly:
Currently, we don't make those figures public. I can tell you that we do receive a significant volume of third party data requests and we review each request individually for legal sufficiency before responding, and have a dedicated team of CIPP certified professionals responsible for managing requests (and that team is supervised by two former federal cybercrime prosecutors who are experts in the law in this area).
Saturday, May 7, 2011
Robots learn to march / spell, still not capable of love
Here's hoping there's more than a few military-style marches standing between us and a complete robotic takeover. If not, we've got some dire news: these are not simply miniature Roombas as they may appear, but 15 so-called Khepera bots capable of spelling out GRITS (for Georgia Robotics and Intelligent Systems) to demonstrate grad student Edward Macdonald's Master's thesis for the department. The diminutive robots aren't told where to go in the letters -- instead, they determine their spots via a control algorithm, positioning themselves relative to their fellow rolling machines, so that if one is removed from the equation, they quickly reform the letter without it. Fortunately, they haven't learned to spell "KILL." Yet. Get to know your new robotic overlords a little bit better in the video after the break.
Friday, May 6, 2011
A Trip Around the Moon: Yours for $150 Million
For just $150 million, Space Adventures, a commercial space company based in Virginia, will give you a seat on a trip around the moon. The company says one customer has already signed up for the mission.
The "round-the-moon" participants will launch in a Russian Soyuz Spacecraft to the International Space Station where they will stay for 8-10 days before taking the 3.5 day trip to slingshot around the moon, coming within 100 kilometers of the surface. It will take a further 3.5 days to return to Earth. The trip could take place as early as 2015.
Space Adventures has already sent seven tourists to the International Space Station on board Soyuz spacecrafts. To reach the moon, a rocket booster (Block-DM upper stage) and an extra habitation module will be sent to the space station to rendezvous and dock with the Soyuz. The module will double the size of the Soyuz on the inside.
Eric Anderson, chairman of Space Adventures, said the customer who is signed up already is planning to do more that just stare out the window, but he would not say what exactly.
Thursday, May 5, 2011
Robots Learn to Share and Help Each Other
Robots have officially learned how to help each other--like animals and humans do--in a laboratory evolution experiment.
The evolving robots measured no more than an inch in length and carted around on wheels in an environment where they foraged for "food" disks. The disks could either be brought to locations scoring them points. When all the disks were placed, the round--or generation--would move on to the next and only the survivors who amassed enough resources, could pass on their “genes” (code).
Creators of the experiment Dario Floreano, EPFL robotics professor, and Laurent Keller, University of Lausanne biologist, found that in each round the robots would share their food; ensuring that the pool of robot “genes” in the next generation would remain large.
That might seem like a small feat but these robots were not programed to share food. They learned to share food on their own, as Hamilton’s Rule states that organism evolve to do good for the continuation of their species over it’s own need for self-preservation.
This is a great day in robotics now that they can help each other. Wait…help each other…as a species…uh, we’ll get back to you.
Wednesday, May 4, 2011
Meet the Robot Ball Catcher of Tomorrow
This robot is made for catching can nab up anything thrown from 5 meters away with 80% accuracy. It even has the pizazz to grab a ball in each of its 4-fingered hands at the same time. To achieve these feats in retrieving, Rollin’ Justin is equipped with a fast image-recognition, and control software that's linked to off-board computers which predict the balls trajectory every 20 milliseconds.
Be sure to check out New Scientist to see a video of Rollin’ Justin in action.
Tuesday, May 3, 2011
Latest Windows 8 leaks reveal cloud-based settings, more app store evidence
We're sure Microsoft is going to announce some more official details about Windows 8 one of these days, but until then we'll just have to make do with the seemingly unending stream of tidbits being unearthed from the leaked version of the OS. Most notably, this latest batch includes the most conclusive evidence yet of a Windows 8 app store, including the logo pictured above, and a slew of other references at the code level -- things like the ability to download a trial app and then unlock the full version (rather than re-download it), for instance, and the existence of things like screenshots and system requirements in the app store listings. Another recent leak has also revealed some new cloud-based settings options that could let you take your desktop profile and other personalizations from one computer to another, and even give you the ability to sync apps from that aforementioned Windows Store between PCs. All that, plus support for 3D displays and WiFi Direct. Hit up the links below for some additional details.
Subscribe to:
Posts (Atom)