20 February 2010

Ali G Joins Github Team

I was browsing a Github hosted project, Mangos recently and attempted to check out the network graph visualisation of the clones of this open source World of Warcraft server.

Moments later I learned that there are too many branches on the graph for the flash visualisation to render. The following error message is shown:

Sorry, this repository's graph is currently too logical awesome to display. We're working on optimizing it. Check back soon.

Which leaves one wondering just how much is the right amount of logical awesome.

Clearly the only conclusion is that the Github team has been joined by a celebrity error message writer, Ali G:


11 February 2010

A Tale of Three Buzzes

Google's Buzz is causing a stink. It's the third social network which is called "Buzz" to come out recently. All have the Twitter model of microblogging (or multicast chat) with an asymmetric social graph (people decide who they follow but not who follows them).

Yahoo Buzz has been out for at least a year on buzz.yahoo.com and predicatably, Yahoo and their new overlords Microsoft are going batshit insane about this.

Oh really Microsoft? You've got a product and a bigger competitor comes along and uses your idea? And they use the generic term to name it? That must be annoying. The worm has turned.

And the drones at AT&T launched buzz.com about 6 months ago. Less said about that the better. In fact you can probably safely forget them right now.

So now we'll all be looking forward to the shakedown. There are too many players.

I think the winner will be the service that provides enough features (not necessarily the most, Facebook) with the best integration with everything else. Twitter so far has been successful at crowdsourcing the integration work with the massive proliferation of Twitter clients and "tweet this" buttons like Tweetmeme. Can Yahoo/Microsoft get this traction?

Google already has a great integration story. When the hundreds of millions of monthly GMail users hit their inbox now, they will be able to thread together lots of their google software that produces socialisable events. Now the google suite can buzz.

Perhaps it's just me but the one image I have about Buzz is those hotted up cars with the ultra-loud stereo systems and the monsterous bass frequencies causing every bolt in the chassis to loosen and the number plate to buzz.

09 February 2010

China Hackers Update: Arrests and Details

It is inevitable after the Google hacks, as they are known, that China responds by showing its international business partners that they do not condone hacking.

China Daily reports that the biggest hacker training site has been shut down. via RWW

"I could download trojan programs from the site which allowed me to control other people's computers. I did this just for fun but I also know that many other members could make a fortune by attacking other people's accounts," said a 23-year-old member of Black Hawk Safety Net in Nanjing of East China's Jiangsu province, who asked to remain anonymous.

They seized nine Web servers, five computers and one car, and shut down all the sites involved in the case, according to the provincial public security department.

So there you go Google - nothing to worry about. The "provincial public security department" got the baddies. Carry on.

Of course there's no reported link with what is now clearly a much larger and more sophisticated program of industrial espionage than previously thought as reported in detail by wired magazine.

The salient points of the wired article are:

  • The hacks have compromised thousands of companies, not just 37 as previously reported.
  • Most of the compromises are currently still active and law enforcement has been contacting companies to let them know they have been compromised.
  • The exploit was an IE 6 security flaw that was first reported to Microsoft by an Israeli researcher in September 2009 but which remained unpatched for months. ("0-day")
  • The attack profile include multiple-year-long occupation of companies' computer systems and typically involved hidden siphoning of large amounts of private data including email, documents, etc. This is in contrast to the smash and grab techniques more common in the past.
  • Existing security software (like antivirus software) is not able to detect this attack profile or the malware used to initiate it.
  • The full extent of data theft will never be known.
  • The goal of the attacks appears to be coroporate and national espionage.
  • The hackers have levelled up.
  • The trail goes dead in Taiwan where the data was siphoned to and China where the spear phishing attacks were initiated from.

Now it really feels like we're living in a Neal Stephenson novel.