Scientific American's March issue has an intriguing article which explores the efforts of digital activists to circumvent corporate and governmental control over the Internet. The aim of the moment is to configure and build a decentralized mesh network that cannot be blocked, filtered or turned off.
Egypt's Internet shutdown during last year's Arab Spring played a significant inspirational role.
Image: Scientific American Magazine
With a "shadow" network configured, activists would remain able to communicate, even after central hubs have gone dark.
Image: Scientific American Magazine
Here's the online version of the article: The Shadow Web
And here are some supplemental links from the print edition:
Another fascinating addition to all of this is Scientific American's Science Talk podcast: The Coming Entanglement [MP3].
In the podcast, SA editor Fred Guterl talks with Bill Joy and Danny Hillis about the need to build an alternative, hardier network due to the ever increasing complexity of our current Internet (which makes it ever more prone to unexplained failures).
Joy and Hillis envision a simpler, more robust network as a way to shelter some of our critical infrastructure from entanglements.
Nightline, a U.S. news program, will air what's being billed as a special episode this evening on the ABC network. In it, Nightline Co-Anchor Bill Weir will tour Foxconn's factory floor. If you haven't heard of Foxconn, they're the company that manufactures devices such as iPad, iPhone, Kindle, PlayStation 3, Wii, and the Xbox 360.
Weir's invitation to visit "Apple's factory" in China is in part due to growing consumer pressure. Several weeks ago, This American Life, a production of Public Radio International, aired a segment of The Agony and the Ecstasy of Steve Jobs by monologist Mike Daisey. In the story, Daisey, a self-described super fan of Apple, traveled to China to see where his iPhone was made.
After Mr. Daisey and the Apple Factory aired, social activist groups such as change.org and sumofus.org then organized petitions for Apple to make an "ethical" iPhone. The groups recently delivered over 250,000 signatures to Apple's flagship store in New York.
And so now Foxconn has reached its "Nike moment" (a reference to Nike's PR troubles in the 1990's) and has invited Nightline to tour its facilities to provide more transparency. You can read a preview of the report here: A Trip to The iFactory.
Also of note, Foxconn promised a 25% raise to employees yesterday.
So, what's the lesson of the story?
Our thoughts… looks to us like social activism is superior to hacktivism.
Updated to add: Readers outside of the United States will likely see this if they attempt to view full episodes of Nightline.
However, you can listen to the full episode right now via Nightline's podcast feed.
AT&T recently released a film from its archive called "Computer Security: You Make The Difference".
While you might chuckle at the 1990's music and production values – the truth is this – many of basic issues that the video (which is a series of films stitched together) attempts to illustrate are still with us today, 22 years later.
Yesterday, Apple released Mac OS X Mountain Lion Developer Preview. From a security perspective, its most interesting new feature is Gatekeeper, which restricts installation of downloaded applications based on their source.
"Allow applications downloaded from: Mac App Store; Mac App Store and identified developers; Anywhere"
The default setting is reportedly "Mac App Store and identified developers" which means that developers will have to sign up to Apple's Mac Developer Program ($99 annual fee) if they want to reduce friction. Based on the text in the image below, it seems that even if users opt to install from "Anywhere", Mountain Lion may still nag users that the application doesn't have a Developer ID associated with it.
And that certainly is not a bad thing, at least in terms of system security. Developer fees and installation prompts will almost certainly create overhead costs that steer Mac's ecosystem towards security.
Gatekeeper also begins to solidify Mac's walled garden.
In the future, when Apple decides to further close its platform, device drivers could also be required to use Apple Developer IDs. Apple is famous for its focus on user experience, and it isn't really very difficult to imagine it revoking third-party peripheral drivers in order to "secure" that experience.
No matter how many times I view the image below, I keep reading it as: more control – over – you.
But that's how Mac enthusiasts like it, right?
By 2014, I expect somebody out there will be jailbreaking their Mac…
A year ago, we won the AV-Comparatives Product of the Year award. As a result, we blogged about "Taking Poika Out on the Town" where the award found itself in various places around Helsinki.
Well, today we received our trophy for AV-TEST Best Protection Award for our Client Security.
And it's time to go out on the city again.
AV-TEST Poika outside the Helsinki Cathedral
Poika by our HQ
Poika in the snow
Poika by Valtioneuvoston Linna
Poika by the sea
"Poika" is a Finnish hockey term for the champion's trophy. This video will explain this in detail.
Avi Rubin, a Computer Science professor at Johns Hopkins University, recently gave an informative (and quite fun) presentation at TEDxMidAtlantic. Rubin's talk summarized the results of efforts to hack various devices.
Have you every wondered if you could wirelessly brake a car?
Cryptome.org is a website that has focused on publishing information about freedom of speech, cryptography, spying, and surveillance. In many ways, Cryptome is similar to WikiLeaks — except it has been operating since 1996. The site is run by a New York based architect called John Young.
Cryptome has just announced it has been hacked. The hack planted an attack script on every page of Cryptome. This script used the infamous Blackhole toolkit to gain access to vulnerable computers that visited www.cryptome.org.
The attacker is not known. Neither is the mechanism that was used to breach Cryptome.
Updated to add: The post has been modified. The attack script specifically avoids targeting IP addresses from Google, to prevent Google Search from blacklisting the site. Originally this post speculated that the script worked the other way around, and that the attack was targeting Google. It wasn't. Sorry for the confusion.
Author Misha Glenny was interviewed by broadcast journalist Charlie Rose recently. The majority of discussion was based on Misha's current book, DarkMarket: Cyberthieves, Cybercops and You.
The interview is 20 minutes long, a provides an excellent summary of the threats currently facing the Internet.
With a 2-minute video, BBC News program "Click" does a very decent job explaining to the laymen how banking trojans such as ZeuS attempt to avoid detection by antivirus software:
Druckansicht