Tuesday, July 31st, 2007
Darfur Peacekeeping Force of 26,000 Approved by UN
Was it just me or did the United Nations take its sweet time on… no, not taking action in Darfur but just deciding to take action in Darfur. Okay, admittedly, if the Sudanese government wasn't so stubborn, things probably would have moved a lot faster but I just think the UN could have been a bit more influence if they really wanted. I have my doubts that this will solve the problems related to the region but it certainly is a start and most importantly a sign that the world cares.
A month of use, and iPhone's not as cool
I hate to say I told you so but I told you so. To say that the iPhone is revolutionary is simply playing into the hands of a corporation being pushed by shareholders who's only bottom-line is the financial reports. This is not to thrash the genius that is behind the marketing team over in Cupertino, they did an amazing job hyping up a gadget that everyone will shrug off in less than a year. What Apple will (need to) learn is that it may be easy to attract new customers with the 'shininess factor' but the shine and novelty will fade very quickly. As John Dvorak predicted, Apple will not live through the cell phone market without implementing customer demand. Things like modular battery and openness to third-party development will change my outlook on the iPhone but I am guessing Samsung, LG, and Nokia understand all of these already as the outstanding cell phone market leaders so I am curious to learn how Apple will fair.
Taliban Issue Another Hostage Deadline
Anyone surprised that there is yet another deadline? Aside from the fact that these so-called intellectuals just murdered another innocent victim, it just shows how desperate they are to be in the news and try to justify their existence. I still don't know what they are trying to prove or what message they are trying to send across. Every single time they demand that foreigners leave their country but that is counter-productive. Realize this… you've captured 23 pious and innocent people that decided to devote their time in reconstruction of "your" nation. They brought no guns and ill-will against "your" country but you take these unarmed volunteers and hold them hostage? Such cowardice is baffling – if you are going to take someone hostage, at least be brave enough to capture someone who wields a weapon, even if it's a buttering knife. I find it amazing how stupid your group is – to think that your ultimate justification of murdering the innocent will come down to the unrighteous manipulation of a sacred religion into a morphed cult makes me think you need psychiatric help.
To the 21 hostages, my prayers are with you. Regardless of what happens, know that your work will be remembered and treasured by the future… those who aren't even born yet while your killers will be a forgotten as a small antagonistic smear in history.
Posted in Faith/Spirit, News | No Comments »
Monday, February 5th, 2007
I saw an article on Slashdot today which lead me to an NY Times article titled Study Finds Web Antifraud Measure Ineffective. In the article, an experiment was conducted where the researchers brought 67 Bank of America customers in Boston and asked them to conduct day-to-day online banking activities. To give you a background, Bank of America's online banking site uses SiteKey, a simple yet padded layer of authentication for its users. The idea is that you select an image to represent your account as a visual key so that you know the site that you are logging into is the legitimate site and not some phishing site before you enter in your password to log in. Here's a snippet from the article that best summarizes the study:
The premise is that site-authentication images increase security because customers will not enter their passwords if they do not see the correct image,” … “From the study we learned that the premise is right less than 10 percent of the time… He added: “If a bank were to ask me if they should deploy it, I would say no, wait for something better,” he said.
… the study demonstrated that site-authentication images are fundamentally flawed and, worse, might actually detract from security by giving users a false sense of confidence.
The study found that 60 out of the 67 subjects in their experiment still entered in their password even when the experimentation website did not display a sitekey at all. Apparently, from this result, the researchers concluded that features like sitekey only gives everyone a 'false sense of confidence' because their experimental subjects neglected the security layer altogether.
Now, I certainly hope that I am not the only one here that can't make logical sense of how they went from result to conclusion. Not to take any credit away from these researchers but by completely neglecting their conclusion and focusing on the results, the conclusion I make for myself is that people don't understand the risk of neglecting security measures such as this. I think that instead of degrading such features and recommending institutions to "wait for something better," researchers either need to find how best to make people aware of security risks and/or find that "something better" that will resolve this issue altogether (if there is such a thing). It is as if the study was about one problem with two variables but on the other side of the equation, the 'solution' only refers to a single variable. Meaning? It's not a flaw in such systems, it's a flaw of human judgment.
Arguably, let's adopt the conclusion of the experiment. From that, we can generalize that any security scheme that is dependent on a human being is flawed because… well, because of the human inability to make absolutely correct judgments. So for example, PIN numbers and passwords are all flawed because people give them away while being victimized in a phishing scheme. Likewise, the idea of ATM cards is flawed because people get them stolen. A bit far-fetched but theoretically, a 256-bit RSA encryption scheme is flawed because it can be decrypted by an intellect (artificial or not) eventually as time approaches infinity.
I wonder how many man hours and money was spent carrying out and studying this experiment. Certainly, all those resources could have been better spent on research into how security can be improved and not to undermine a measure to thwart phishing. I would consider this experiment incomplete until "something better" comes out of it.
In other news, tomorrow, we're probably going to see the result of a study that concludes that the idea of cars is flawed because humans who drive them cause accidents. So everyone should walk while twiddling their thumbs until "something better" comes along.
Posted in News, Time Out! | No Comments »
