SF: The Chronicles of Thomas Covenant

Posted on December 17, 2011 by wunderbarb

The Chronicles of Thomas Covenant are a set of seven novels written by Stephen Donaldson. The heroe is a writer who had leprosy. Misteriously, he is invocated in a fantasy world, The Land (Le Fief in French). He is expected to be the Savior. Unfortunately, Thomas, due to his disease, is extremely cynical and does not believe in the reality of this world. The key element is the dark psychology of the heroe.

I read the two first novels, and started the third one, and stopped. I did not become addicted to these stories probably for two reasons. Th

Pira(r)te or Art?

Posted on December 5, 2011 by wunderbarb

Appreciation of contemporary modern art is always personal and controversial. Virtual online gallery ART 404 exposes a “piece of art” . whose name is “5 million dollars 1 Terabyte”. The opus displays an external, black, shine, one-terabyte hard drive that is claimed to store for 5 million dollars worth of illegaly downloaded pieces of content and software. The five most costly categories are 133GB of fiction books from 2003 to 2011 ($3,000, 000), 76GB of science text book ($500,000), 26GB of fiction library ($400,000), 39GB of Osprey books ($180,000) and 130GB of PC games from 1979 to 2001 ($150,000). There are no video and the 124GB of musics are only evaluated $46,000.

We knew that piracy was a black art, but here are we really in the field of Art? I’d like to hear your opinion.

Marriage and Virtual Property

Posted on November 30, 2011 by wunderbarb

If you are a married person, as I am luckily, do you know that you may share with your spouse at least four properties you were not aware of? URLs, websites, email accounts, and Facebook profiles. Although they are virtual properties, they are part of your common patrimony. Furthermore, they may have some monetary value.

As with every good, the problem starts to become complex when there is a dispute. Are the revenues of Adsense of your personal blog an earning or a profit? It has its importance when valuing. How much will your Facebook friends be valued in case of divorce?

Sally Richardson studied this classification in “Classifying Virtual Property in Community Property Regimes: Are My Facebook Friends Considered Earnings, Profits, Increases in Value, or Goodwill?” She explains the four different applicable cases:

Earnings are what a spouse brings by his/her direct effort
Profits are what a spouse gets without exerting efforts (for instance rent)
Increase of the value property is what a spouse generates due to tangible efforts such as building a new room.
Goodwill is what a spouse generates due to intangible skills such as reputation or skill.

Is my URL, eric-diehl.com an earning or a profit? There is no straightforward answer. Sally explores the four types of properties and shows the complexity of the issue depending on the context. It is far too complex to summarize here.

The paper is interesting to read if you are curious. It clearly shows that our current legal framework is not yet adapted to virtual properties. I am sure that soon it will have because sooner or later we will see spouses fight over their personal websites, or their common Facebook profile. If these virtual properties are part of their career (for instance celebrities), then it will be juicy.

Open API to Kinect (2)

Posted on November 29, 2011 by wunderbarb

Last year, in November 2010, Microsoft’s Kinect was hacked and its API was illegally published. In an interesting move, Microsoft decided to make the API of Kinect public. Not only was it very positive for Microsoft reputation, but it opened the way to thousands of hobbyists to create astonishing applications using the Kinect.

Microsoft continues to exploit the results of this initial hack. It announced the Kinect Accelerator. This is a contest where ten startups with the best application using Kinect will be supported. The application does not need to use the XBox, it must use the Kinect gear. I believe that it is a smart initiative. It is better to have hobbyists on your side rather than against you.*

Law 2: Know the asset to protect. In that case, the most valuable asset was not the Kinect, it was Microsoft’s relationship with the customers.

Free ride

Posted on November 23, 2011 by wunderbarb

DRM bashing is an Internet well-established sport. Famous web sites, such as TechCrunch, Wired or ZDNet, which are otherwise extremely interesting, have a biased view about copyright, content owner, and copy protection. The position of lobbying groups, such as EFF, are in the same mood. In a nutshell, according to them, copyright laws and content owners are killing the Internet.

“Free ride” from Robert Levine is taking the opposite point of view. He shows that denying copyright on the Internet is actually killing the Internet.

He describes the battle between three giant groups with diverging interests. On one side, the media industry wants its cultural goods to be paid, even on the Internet. On the other side, the Internet companies want information freely to flow. The more information available (even pirated one), the more advertisement revenues for the Internet companies and pirated sites. In the middle, the telecom companies initially benefited from piracy because it was a strong attractor for broadband adoption. Now, piracy is claimed to consume a too large part of the available bandwidth, and starts to hurt these telecom companies.

The book clearly highlights these diverging interests. It also draws a landscape of the current lobbying battlefield (by showing who is financing groups such as EFF, who Google finances…).

Levine’s message is that valuable content is costly to create. He also explains that creation is not sufficient, if not combined with promotion which is also costly (see Should you invest in the long-tail?). Without such investment, valuable content will disappear. Free riders (i.e. companies that use the content without rewarding the creators) and piracy will kill the economical incentive to create. The result would be a free Internet without valuable content to propose. In other words, rather than creating the promised bright cultural future, Internet may create a poor cultural future. The fact that distribution and production has a cost nearing zero on the Internet should not hide the fact that creation has a cost. Dematerialisation often hides this cost. User generated dontent or crowd-sourced content is not necessarily at the same level of quality than professional created content.

He claims that the business models proposed by the Internet companies do not fit the economical constraints of valuable content. As such, he is opposed to Free: the future of a radical price.

This book is refreshing because it gives an argumented position against the widely diffused position of the Internet companies. In a democracy, it is paramount for a sound debate to hear both sides of the story. Thus, read also this book, and only then, make your own opinion.

Conclusion: if you regularly visit my blog, then you should read this book. It is at the heart of our industry.

Security Newsletter 20 is available

Posted on November 17, 2011 by wunderbarb

In this issue, you will find :

An interview of David Naccache
The news of the quarter
Why and how Diginotar Certification Authority failed
Eaves dropping on mobile phones…
Watermarking 3D movies

You may find the issue online or download the pdf. Enjoy!

Ghost in the Wires

Posted on November 1, 2011 by wunderbarb

Or the official biography of Kevin Mitnick. In the 90s, Kevin Mitnick was known as the World Most Wanted Hacker. He is an artist of social engineering. His book “The Art of Deception” is a reference on the topic.

This new opus tells the history of Kevin from his youth till the day he was free. Do you remember the “Free Kevin” protesting movement? Is this new book interesting? I read with pleasure “The Art of Deception”. It is not the case with this book. It could have been a good thriller, but the style is not right to create suspense. It could have been a book on the havcking mindset, but the described introspection is too shallow. It could have been a technical book, but the rare technical descriptions are uninteresti

The main interest of the book is to have an insight of his motivations: “Getting access to things that he was not authorized”. Nevertheless, “The Art of Deception” gives a better view on social engineering. An unanswered question: why did he need to go to jail to become an ethical hacker?

We will keep a good description of ethical hacking.

What I do now fuels the same passion for hacking I felt during all those years of unauthorized access. The difference can be summed up in one word: authorization.
I don’t need authorization to get in.
It’s the word that instantly transforms me from the World’s Most Wanted Hacker to one of the Most Wanted Security Experts in the world. Just like magic.

Conclusion: This book is not mandatory on the shelves of security people. “The Art of Deception” is mandatory.

Reference

[1]

K.D. Mitnick and W.L. Simon, Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker, Little, Brown and Company, 2011

[2]

K.D. Mitnick and W.L. Simon, The Art of Deception: Controlling the Human Element of Security, John Wiley & Sons, 2003.

The blog of content protection

A site managed by Eric Diehl