Interesting research: Target prevalence powerfully influences visual search behavior. In most visual search experiments, targets appear on at least 50% of trials. However, when targets are rare (as in medical or airport screening), observers shift response criteria, leading to elevated miss error rates. Observers also speed target-absent responses and may make more motor errors. This could be a speed/accuracy tradeoff…  Read More →

Three weeks ago, Google announced a sophisticated attack against them from China. There have been some interesting technical details since then. And the NSA is helping Google analyze the attack. The rumor that China used a system Google put in place to enable lawful intercepts, which I used as a news hook for this essay, has not been confirmed. At…  Read More →

I was not surprised to read China’s hawks demand cold war on the US in the Times Online. [A]lmost 55% of those [in China] questioned for Global Times, a state-run newspaper, agree that “ a cold war will break out between the US and China ”… An independent survey of Chinese-language media for The Sunday Times has found army and navy officers predicting a military showdown and political leaders calling for China to sell more arms to... 

Some of you may remember me mentioning the 2008 SANS WhatWorks in Incident Response and Forensic Solutions Summit organized by Rob Lee. I provided the keynote and really enjoyed listening to the presentations, which Rob has graciously made available at http://files.sans.org/summit/forensics08/ . One of the presentations, by Mandiant consultant Wendi Rafferty and then-Mandiant consultant (now GE-CIRT incident handler) Ken Bradley, was titled... 

Amazon.com just posted my five star review of The Book of Xen by Chris Takemura and Luke S. Crawford. From the review : The Book of Xen (TBOX) is a great book for Linux system administrators who want to deploy Xen. The authors ground their recommendations in over four years of experience running Xen to support Internet-facing virtual private servers. I found their writing style to be very engaging; it reminded me of reading any one of Michael... 

There’s equal reason to support or object to the proposed Google Books settlement. Creating a digital catalog of the worlds’ words might be the Holy Grail of intellectual empowerment. Yet building that library in the clouds would be allowed without the rights-holders’ consent — which the Justice Department and others contend is a complete and fundamental alteration of copyright law . The Authors Guild is backing the settlement... 

I wonder if it’s tasty….  Read More →

A slide show….  Read More →

This is unconscionable: At Tuesday’s hearing, Senator Dianne Feinstein, Democrat of California and chairwoman of the Senate Intelligence Committee, asked Mr. Blair [the Director of National Intelligence] to assess the possibility of an attempted attack in the United States in the next three to six months. He replied, “The priority is certain, I would say” — a response that was…  Read More →

There’s finally some good reporting on advanced persistent threat appearing in various news sources. A new Christian Science Monitor story, one by Federal Computer Week , and one by Wired are making progress in raising awareness. Unfortunately, there’s plenty of Tweeting and blogging by people who refuse to understand what is happening or are not capable of understanding what is happening. From now on, rather than repeat myself trying... 

Do American students have First Amendment rights beyond the schoolyard gates? The answer is yes and no, according to two conflicting federal appellate decisions Thursday testing student speech in the online world. “Ultimately, the Supreme Court is going to have to decide if there ever is a time students have full-fledged First Amendment rights,” said Frank LoMonte, executive director of Virginia-Based Student Press Law Center. He’s... 

The whistleblowing site Wikileaks has apparently raised the money it needs to continue operating for the time being, according to a message the organization sent out Wednesday night on Twitter. “Achieved min. funraising [sic] goal. ($200k/600k); we’re back fighting for another year, even if we have to eat rice to do it,” read the tweet, …  Read More →

Google is teaming up with the National Security Agency to investigate the recent hack attack against its network in a bid to prevent another assault, according to The Washington Post . The internet search giant is working on an agreement with the controversial agency to determine the attacker’s methods and what Google can do to shore up its network. Sources assured the Post that the deal does not mean the NSA will have access to users’... 

In December 2007 I wrote Predictions for 2008 . They included 2) Expect greater military involvement in defending private sector networks; 3) Expect increased awareness of external threats and less emphasis on insider threats; and 4) Expect greater attention paid to incident response and network forensics, and less on prevention. All three of those predictions are being fulfilled by the Google v China incident as demonstrated by this Washington... 

A leading Australian internet service provider was cleared of copyright allegations Thursday when a federal judge ruled against Hollywood’s lawsuit that iiNet was responsible for infringing BitTorrent data traveling its pipes. The Australian Federal Court decision siding with the country’s third-largest ISP was a legal blow to worldwide efforts to make ISPs liable for the unlawful behavior of their customers. “I find that the...