Dragan on Security

We Are Sorry to Inform You - about rejected papers of famous researchers.

Also interesting: “Once upon a time there was a little-known patent clerk in Bern who received a disappointing annual performance review in ‘05 - Annual Performance Review: Albert Einstein“.

You’ll probably be surprised when you see this.

WordPress 2.5 has been released. From a security perspective, the new WordPress release 2.5 promises many improvements: secure cookie management, salted passwords, password strength meter and prepared SQL querying functions etc.

It also supports Automatic Upgrade feature and Wordpress Automatic Upgrade Plugin which I needed for long time and wrote about in an earlier post.

This article is… a funny: Asking a Judge to Save the World, and Maybe a Whole Lot More - New York Times. It says:

The world’s physicists have spent 14 years and $8 billion building the Large Hadron Collider, in which the colliding protons will recreate energies and conditions last seen a trillionth of a second after the Big Bang. Researchers will sift the debris from these primordial recreations for clues to the nature of mass and new forces and symmetries of nature.

But Walter L. Wagner and Luis Sancho contend that scientists at the European Center for Nuclear Research, or CERN, have played down the chances that the collider could produce, among other horrors, a tiny black hole, which, they say, could eat the Earth. Or it could spit out something called a “strangelet” that would convert our planet to a shrunken dense dead lump of something called “strange matter.” Their suit also says CERN has failed to provide an environmental impact statement as required under the National Environmental Policy Act.

Although it sounds bizarre, the case touches on a serious issue that has bothered scholars and scientists in recent years — namely how to estimate the risk of new groundbreaking experiments and who gets to decide whether or not to go ahead.

Do you think it is threat to security of the world and do they know some of physics?

This is non security post on my security blog. :)

I have bought an ASUS Eee PC recently. When I saw that subnotebook for the first time, I simply thought it was one of those stupid toys. But after I had talked to Maksa and David, I decided to buy “the toy” and started playing.  The ASUS Eee PC is a subnotebook computer designed by ASUS and Intel. At the time of its introduction, it was noted for its combination of light weight, Linux-based operating system, solid-state drive and low cost. Amidst great expectations, ASUS recently launched the ASUS Eee PC pre-installed with Microsoft Windows XP.

There is also a good source of information, tools and guides here. There is an article about ASUS Eee PC on Wikipedia.

As soon as I finish with some additional tests, I will write more about Asus Eee PC  and its security related topics.

Foreign-born researchers are significant contributors to U.S. science and technology endeavors.  In fact, between 1990 and 2004, more than one-third of all Nobel prizes in the United States have gone to foreign-born recipients.  The success of many U.S. universities and research institutions depends on attracting the best and brightest students both at home and abroad.  After tighter visa restrictions were enforced following the Sept. 11 attacks, international student enrollment decreased dramatically.  Although some visa restrictions have been lifted and foreign enrollment is again on the rise, the visa clearance process should continue to be monitored, the report says. Report: Science and Security in a Post 9/11 World: A Report Based on Regional Discussions Between the Science and Security Communities.

To strengthen the essential role that science and technology play in maintaining national and economic security, the United States should ensure the open exchange of unclassified research despite the small risk that it could be misused for harm by terrorists or rogue nations, says a new report by the National Research Council.  Because science and technology are truly global pursuits, U.S. universities and research institutions must continue to welcome foreign-born science and engineering students, said the committee of former national security leaders and senior university researchers and administrators that wrote the report.

This blog uses WordPress Mobile Plugin by Andy Moore.

 You can subscribe to this blog from your mobile device and it will look much better then earlier. I’ve tested it for 2 or 3 weeks and from different devices. It seems very good. You can check it also from mobile ready web site.

Author of this plugin says:

A plugin to let you post and upload files to your WordPress blog from your mobile phone. It also enables mobile phone users to view your WordPress posts, archives, comments and pages in a mobile friendly environment. Users can even reply via comments. This plugin supports MTLD and W3 best practices plus optional mobile revenue from admob.com. It’s a quick and easy way to make your WordPress posts mobile ready.

If you are blog reader or subscriber, just put blog URL on your phone or subscribe for RSS feed or FeedBurner. If you have own WordPress blog, I recommend to try this plugin.

We-Go | Enhancing Western Balkan e-Government Expertise summit has been held at Belgrade University on October 4th, 2007. It was attended by University deans and professors, government officials and industry representatives from West Balkan countries and also Austria, Germany and Estonia. Rector of Belgrade University gave welcome speech. Serbian key speaker was Prof. Dr. Aleksandra Smiljanic, Minister of Telecommunications and Information Society. I also delivered my short presentation at this summit. Here is agenda at Belgrade University web site.

Recent statistics show that a professional security certification will enable information technology security workers to earn higher salaries. For example, a Foote Partners study released the first week of July concludes that security professionals with security certifications earn up to 15 percent more than their non-certified colleagues. And from October to April, a group of 27 security certifications examined by the Foote study grew in value by an average of 1.7 percent. Foote Partners CEO David Foote says that demand for certified security professionals is growing following a recent downturn. And the demand is being driven not by compliance and government regulation, but by customers who are “demanding more security” from companies. The fallout from major data breaches such as the TJX breach has caused consternation among corporate executives, prompting many executives to make additional commitments to security. A Department of Defense mandate requiring certification from IT security professionals is also increasing demand for certified security professionals, says Foote.

Full article: Salary premiums for security certifications increasing, study shows.

Read press release here.

For the many years the gap between the richest American’s and the rest of the work force continued to grow. US I.R.S numbers for 2003 show that only Americans in the top 1% of the income bracket, or those who make over $327,000 per year saw a significant income increase. The bottom 99% of the workforce only saw their incomes increase by less the 2%, which didn’t even match the overall inflation rate of 2.3%.

Gap between rich and poor people and societies might be one of significant generators of security problems. As this trend continues to grow, we can’t expect security problems to grow. Although this affects and applies to other security areas more, it is also case in computer and Internet security area. Internet, as one of the most important and democratic instruments for spreading news and knowledge, i.e. in media and learning space, shows this trend.

Some authors think that technology progress can help to democratize world and to create means which will help this gap to decrease. Their arguments are based on details such are:
• Availabity of modern technology to wider population
• Media coverage and availability of information
• Education and knowledge availability

This seems as true but only on first site. When we look into more details we can see that truth is different.

Will technology increase the gap between rich and poor? It will certainly increase the gap between the productive and the unproductive. For example, with a tractor an energetic farmer could plow six times as much land in a day as he could with a team of horses. But only if he mastered a new kind of farming.

For example, now high school kids could write software or design web sites. But only some of them will; the rest will still be scooping ice cream.

Improved technology made it possible for many people to buy a computer of their own as student, many years ago. Very soon, some of them were using it to make money as freelance programmers, web site designers etc. A few years before that, they couldn’t have done this. A few years before, there was no such thing as a freelance programmer.

As this example suggests, the rate at which technology increases our productive capacity is probably polynomial, rather than linear. So we should expect to see ever-increasing variation in individual productivity as time goes on. Will that increase the gap between rich and the poor? Depends which gap you mean.

But this gap is potentially dangerous. As in past, when people, armies, states were fighting for natural resources (land, water sources, oil, gas, mineral sources, forests), now people will fight for domination in information and communication world. It also produces more opportunities for those who want to make fraud. Information is important and others’ confidential data are relatively easy if owner of data failed to protect them in right way. Vital communication and information infrastructure can be target and way to harm interests of other groups, organizations and governments. It is also fact that increasing number of people believes that current division of natural resources and richness is not fair. Malcontent united with possibilities that new information and communication technologies give can lead to destructive ideas.

This becomes very important battle field in present time. In future we can foresee growth of this trend. It is probably important to understand that domination of small group of people over majority of others can be dangerous for them also.