Email and Forum Questions Profiles in IT: Timothy O'Reilly Trojan includes hardware-based anti-piracy control ICANN delays decision on pornography domain Tumbleweed Could Be Next Mars Rover Large Hadron Collider Update New Federal IT security certification March 14 is Pi Day Website of the Week: Escape Motions
Email from Arnie: Dear Dr. Shurtz, Question: Do you still have written summaries of your Saturday morning programs in addition to MP3? For those of us that need more time to copy web sites mentioned on the program and various other info, written summaries are really neat. I copy various parts and send the info to contacts – giving credit to Tech Talk of course.
Also, I tried to listen to Tech Talk on line this morning. The link says to go to WFED. Okay, then where is the Tech Talk on that site to click and listen to the program. Not too intuitive to me, then again, I don’t have a degree in computer science if that’s what’s needed to find TechTalk on line streaming. Thanks, Arnie McKechnie, Davidsonville, MD
Tech Talk Answers: Arnie, we still post the complete show outline, as well as, t e the MP3 each week. Just go to Tech Talk Online (www.techtalkonline.com) and select the month and then the specific show.
As for listening online, go to www.wfed.com. Then click on the Red “Listen Now” button in the upper right hand corner. You can only listen live during the show. If you want to listen to archived shows, go to the Tech Talk homepage.
Email from John: My wife and I once used Eudora where email was downloaded, but right now seem to be happy with the huge amount of space we have available for our web-based email on the ISP’s servers. We do lots of housekeeping, retaining only what we need for as long as we need it. What other things should we consider?
Tech Talk Answers: The two approaches to email both have advantages and disadvantages. Traditional post-office protocol (POP) email clients download the email from the pop account to the local machine. Emails are available for review offline. Web based email account leave all email on the server and can only be viewed while online. If the server data is lost, all your email is gone. With the POP client, you email is stored locally and protected.
Profiles in IT: Timothy O’Reilly
Timothy O’Reilly is the founder of O’Reilly Media and a supporter of the free software and open source movements.
Tim O’Reilly was born June 6, 1954 in Cork, Ireland.
To understand O’Reilly, you must know about his guru, George Simon
George Simon, born in Germany in the mid-1920s, was raised in NYC and wound up in California selling toilet paper.
After studying Zen, semantics, and yoga, Simon came up with the idea of building a language for consciousness.
He was also a scoutmaster and the boys in the Explorer troop became his students.
On camping trips, they would ponder the mathematical consciousness theories.
O’Reilly believes that Simon’s vision of global consciousness is fulfilled by the Web.
Tim graduated from Harvard College in 1975 with a B.A. cum laude in Classics. His honors thesis explored the tension between mysticism and logic in Plato’s dialogues.
O’Reilly got a National Endowment for the Arts grant to translate Zen-like fables of the Greek philosophers. But he needed to make a living.
In 1977, he met Peter Brajer, a Hungarian engineer who was taking a class from Christina on nonverbal communication. Brajer, seeking computer-consulting jobs, asked O’Reilly to assist him with his resume.
Brayer landed a job with Digital Equipment Corporation to write an equipment manual and he proposed that O’Reilly help him.
They completed the project and went into business.
In 1983, he had learned enough about computers to start his own business.
He set up shop in a converted barn in Newton, MA with about a dozen people.
They developed a new way to write manuals….plainly describe what the system did and how you could work around problems.
In 1988, the produces a two volume guide to the library of the X-Windows system.
He made 300 copies of the guide and set up an table at a conference on X-windows.
He sold all 300 volumes and realized that book publishing could be profitable.
His company’s goal: to be a catalyst for technology change by capturing and transmitting the knowledge of "alpha geeks" and other innovators.
His book covers feature woodcuts of creatures from the Dover copyright-free archive.
The tarsier, with its huge eye, long boney digits, and head that can swivel 180 degrees became O’Reilly’s unofficial mascot.
In 1992, he published A Hitchhiker’s Guide to the Internet by Ed Krol.
1993. O’Reilly’s Global Network Navigator site was the first web portal and the first true commercial site on the World Wide Web.
About the same time, he offered Internet in a Box for beginners to get access.
In 1998, the term "open source" was formally adopted at a summit of key free software leaders hosted by O’Reilly.
In 2004, his Web 2.0 Conference was sold out and defined the future of the Internet.
His latest passion is Government 2.0, using the web to make government transparent.
He enjoys hiking, horseback riding, basketball, and growing fruit to make jam.
O’Reilly Radar is his blog, a very worthwhile read. He also has a Twitter feed.
Trojan includes hardware-based anti-piracy control
The latest version of the Zeus do-it-yourself crimeware kit goes to great lengths to thwart would-be pirates by introducing a hardware-based product activation scheme similar to what’s found in Microsoft Windows.
The newest version with bare-bones capabilities starts at $4,000 and additional features can fetch as much as $10,000.
The new feature is designed to prevent what Microsoft refers to as "casual copying" by ensuring that only one computer can run a licensed version of the program. After it is installed, users must obtain a key that’s good for just that one machine.
The hardware-based licensing system isn’t the only page Zeus creators have borrowed from Microsoft. They’ve also pushed out multiple flavors of the package that vary in price depending on the capabilities it offers. Just as Windows users can choose between the lower-priced Windows 7 Starter or the more costly Windows 7 Business, bot masters have multiple options for Zeus.
For a mere $500 more, users can get a Zeus module that will allow them to received pilfered data in real time using the Jabber instant messaging client. A module that grabs data out of fields typed into Firefox fetches an extra $2,000, and a virtual network computing module that allows users to establish a fully functioning connection to an infected computer costs $10,000.
The VNC functionality fetches such a high price because it allows criminals to bypass some of the most advanced security measures, such a smartcards and other pieces of hardware that are used to authenticate high-value victims to a bank or other financial institution.
The latest version of Zeus is 188.8.131.52.
But the authors are already version 1.4, which is being beta tested.
It offers polymorphic encryption that allows the trojan to re-encrypt itself each time it infects a victim, giving each one a unique digital fingerprint.
As a result, anti-virus programs, which already struggle to recognize Zeus infections, have an even harder time detecting the menace.
ICANN delays decision on pornography domain
ICANN has delayed its ruling on the proposed .xxx internet porn domain until this summer.
Today, at its meeting in Nairobi, Kenya, the ICANN board voted to push a decision to its next get-together in Brussels this June, while giving its CEO and chief counsel two weeks to prepare recommendations on how to proceed with the .xxx proposal.
These recommendations will then be open to comment for 45 days.
In 2005, the Internet Corporation for Assigned Names and Numbers – the net’s overseeing body – approved a longstanding proposal for a top-level domain dedicated to pornography.
But after opposition from various governments – including the US- it went on to reject the proposal on three separate occasions.
The last rejection came in 2007, but in recent weeks, an independent panel of judges ruled that the organization was wrong to do so.
The 2007 rejection was "not consistent with the application of neutral, objective, and fair documented policy.”
Under the proposal, porn sites would not be required to use the .xxx domain, and if they did use it, they could continue use other domains as well. The top level porn domain was first proposed by ICM Registry LLC in 2000,
Tumbleweed Could Be Next Mars Rover
The Tumbleweed Mars rover may be the next method to explore the Martian surface.
The current rover is very complicated and not as mobile as scientist would like.
The idea of sending a spherical, wind-propelled vehicle (or "Mars Ball") to the Red Planet was originally conceived in 1977 by Jacques Blamont of NASA’s Jet Propulsion Laboratory (JPL) and the University of Paris.
This was shortly after the Mars Viking Landers discovered that the Martian atmosphere consisted mainly of carbon dioxide and had relatively strong winds.
The modern incarnation of the Tumbleweed was inspired by accident.
In 2000, another JPL team headed by Jack Jones was testing a three-wheeled inflatable rover in the Mojave Desert, Calif., when one of the "wheels" broke off and was blown over the sand dunes.
This inflatable ball bounced over boulders, sped up steep slopes and traveled over coarse vegetation with ease.
As Jones’ team chased after the oversized beach ball (measuring 1.5 meters in diameter), the idea was born: An independent ball that acts like a tumbleweed could have the potential to explore Mars, propelled only by the Martian winds.
A fleet of Tumbleweeds could cover a much greater area using the wind for propulsion.
But before this plan can advance beyond the concept phase, more funding is needed.
There’s also the possibility that a fleet of Tumbleweeds — each with different instruments on board — could "swarm" and act as one unit to carry out a sophisticated array of measurements.
Large Hadron Collider Update
LHC will be brought up to a collision energy of 7.0 TeV (teraelectronvolts) at the end of March or the beginning of April.
The 3.9 billion euro (5.6 billion dollar) Large Hadron Collider (LHC) was restarted two weeks ago at a lower energy level.
The particle collider — inside a 27-kilometre (16.8-mile) tunnel straddling the Franco-Swiss border near Geneva — is aimed at understanding the origins of the universe by recreating the conditions that followed the Big Bang.
"During this first physics run, the LHC experiments will open up the biggest range of potential new discovery that particle physics has seen in over a decade," CERN said in a statement.
Gillies reiterated that the experiments would run for 18 to 24 months before another technical shutdown.
That halt would last for eight to 10 months while the LHC is prepared for the next stage, full power operation with beams running at 14 TeV, he added.
CERN’s engineers decided in January to change the annual cycle they followed with its previous, smaller, accelerator, which used to be shut down for four months in winter for maintenance.
Instead they were aiming for longer period of continued operation with the LHC followed by a longer shutdown when needed, because of the total of two months its takes to heat up then cool down the huge cryogenically cooled colliders before and after maintenance.
The collider was revived from a 14-month breakdown last November, following a technical glitch that put it out of action days after it was launched in September 2008.
New Federal IT security certification
A new certification program specifically designed and tailored to help secure the nation’s Federal information technology systems was unveiled today.
The certification program is called the Federal IT Security Professional (FITSP).
The FITSP certification is managed by the Federal IT Security Institute (FITSI), a nonprofit organization.
The FITSP certification provides a framework within which the holders of other IT security certifications must be able to extend their training and experience to specialize in the Federal IT security space.
The FITSP certification program is role based and documents the qualifications and specialized Federal IT security understanding of managers, designers, operators and auditors of federal IT systems.
By earning the FITSP certification credential, candidates will have demonstrated an in-depth knowledge of Federal IT security management, operational and technical control requirements as measured by the standards and guidelines of the National Institute of Standards and Technology (NIST), as well as other relevant Federal statutes and regulations.
Candidates for the certification program are required to have at least five years of information security experience. The program consists of a three-hour examination, primarily based on NIST content areas, and is good for three years.
March 14 is Pi Day
Pi, the ratio of circumference to diameter of a circle.
Approximately 3.14, the number has its own holiday on March 14, which also happens to be Albert Einstein’s birthday.
Mathematicians, teachers, museum directors, math students of all ages and other aficionados celebrate the number with pi recitations, pie-baking, pie-eating contests and math-related activities.
Pi records of note
Record for calculation: 2.7 trillion digits (by Fabrice Bellard, December 2009)
Record for memorization: 67,890 digits (by Chao Lu, 2005)
How random? There are no occurrences of the sequence 123456 in the first million digits of pi
Marc Umile, for the US, holds 10th place in the world for pi memorization.
He typed out 15,314 digits from memory in 2007.
Umile, a Medicare biller training to be an emergency medical technician, never took advanced math classes in school, not even algebra.
Memorizing pi for him seemed like a good test of memory, and he found that putting the digits in a definite rhythm, which repeated exactly every 1,000 digits, helped him remember them.
The day is even recognized by the U.S. government: Last March, the U.S. House of Representatives passed a resolution supporting Pi Day and encouraging schools to teach children about the number.