Jaap Gorjup

Braindumping online

High volume leakage

The nature of digital data is that it is easily distributable, copyable and very hard to verify since it has no physical counterpart. For years people relied on hardware solutions like usb sticks with sophisticated chips on them for the security of the data. The nature of this data was never part of it. 

It is just impossible to secure data without having a hardware solution backing this up. The hardware platform was already introduced and demonstrated a decade ago and a lot of business machines already have basic support for it. But these were only introduced to secure interest of media producers sing protocols like HDCP which secures the line between screen and computer. And exactly this is were we have to look at for understanding what the consequence could be of escalation of the open data conflict surrounding #wikileaks. The music industry is still hurting due to the consequences of poor and shortsighted choices.

Learning from this the following points could help ease the pain:

  • Accept that a 100% fit solution is not possible.
    The information creation governments need to open up a bit. Especially in diplomatic environments it has been stressed that lack of security hurts confidentiality. Basically this is true, but this has never hurt diplomacy. During the cold war data leaked on both sides in a continuous stream, and this was calculated.
  • Secure the data and not the media.
    Bring down security on the smallest identifyable element. For your eyes only means also the same, and not the secretary or a staffing organisation. A lot of this work is currently handled elsewhere, filtered and reported for handling by the responsible parties. Another positive effect here is that it will need less overhead making it run cheaper or have more people focussed on communication. Use DRM and encryption on the individual documents in a jericho-style manner.
  • Create ‘open’ and ‘private’ channels like a GovCloud version of Twitter.
    Set this up in a distributed manner and do not rely on any for of centralisation. Due to security on message level information is communicated securely between people.
  • Use a clear human - computer security interface.
    The way identification and access are controlled currently are based on centralized control and exactly this is where the problems are. Use a distributed and asynchronous manner of key exchange allowing parties to interact securely one on one. Some crypto’s will only be available on simplified closed platforms like tablets.
  • Revalidate data security regularly
    Don’t expect the security standard of a piece information to be set in stone. Revalidate this, possibly using tools that check if public data is matching this. There is no need to be secret about what’s in the open. 

The effects of clouds of processing power in computer or human for impacts the way we live more every day. We cannot expect technology that is used to play games on mobile phones not to be used for processing leaked data. 

What is needed is a system that works just as the door of your house. You have a key to open it and to lock it down but it somebody drives a car in it, it just opens. Don’t rely on the quality of the key, but bring more enforcement to the door.

On the other hand data security and privacy should be core values that children learn about as soon as they touch a computer….

Missing #aws servicefeatures

Today Amazon (AMZ) announced that the Cloudfront content distribution network supports time-to-live setting on the served objects lower than 24 hours. It can be set as low as one hour which makes this service usable for serving whole websites. This is great news.

Another proposal has been made to support HTTPS which is also needed, but missing is support for welcome pages. These pages are the index.html pages you get shown when you visit a directory or the root of the site with your browser. It shouldn’t be too hard to implement this for the Cloudfront service thus not breaking the S3 rest XML functions.

And while we are updating this service for end-user content-delivery can we also support:

- case-insensitive name mapping, if the user requests foo.html but the filename is Foo.html this could be resolved directly only is not the lowercase foo.html is not also available.

- custom 404 pages which just might be as easy as placing a 404.html in the root of the S3 bucket.

Another killer adjustment to other services would be transparent support of websockets. In the new cloud world enterprises aren’t investing anymore in web infrastructure. As part of the simple notification service support for websockets and HTML5 notifications would be very useful. Developers can start building their HTML5 applications and deliver them to the enterprise users that do not need the specific infrastructure for it.

-:0

Amazon Kindle in the Netherlands

Customers in Netherlands will enjoy:

Books in Under 60 Seconds: Think of a book and you could be reading it in under a minute
Free Wireless: Free 3G wireless lets you download books right from your Kindle. No monthly fees, service plans, or hunting for Wi-Fi hotspots.
Large Selection: Over 290,000 English-language books to choose from; plus U.S. and international newspapers and magazines 
Low Book Prices: New York Times® Best Sellers and New Releases are $11.99 to $13.99 (prices include VAT), unless marked otherwise. You’ll also find many books for less - over 70,000 titles are priced under $5.99

Important Product Information for Your Country

  • Your international shipment is subject to customs duties, import taxes and other fees levied by the destination country. We will show you these fees upon checkout.
  • Kindle ships with a U.S. power adapter and a micro-USB cable for charging your Kindle via a computer USB port. The U.S. power adapter supports voltages between 100V - 240V.
  • You can transfer personal documents to your Kindle via USB for free at anytime. Service fees for transferring personal documents via Whispernet are currently $.99 per megabyte.
  • Wireless download times can vary based on 3G or EDGE/GPRS coverage, signal strength and file size.
  • Kindle books, newspapers, and magazine are currently priced and sold in United States dollars
  • Blogs and the experimental web browser are currently not available for your country

ElasticVapor :: Life in the Cloud: Breaking News: Salesforce.com First Cloud Computing Company to Achieve Fiscal Year Revenue of One Billion Dollars  

Another financial proof that cloud computing is lifting off. This time from a PAAS provider like salesforce. Where are the Chinese and Indian providers?

OpenID for Google Accounts  

Could Google add identity management infrastructure to their google apps offerings? Their seamless integration with for instance Salesforce.com could be an example of what they can do. Using OpenID also other tools and providers can be integrated as well. In order to make this mature, the google engine needs extensions to make enrollment and provisioning possible. 

Estimate: Q3 2009

http://www.innoq.com/blog/st/presentations/2008/2008-11-04-LwSOA--WJAX.pdf 

Aanrader over lightweight SOA implementations.

Virtual environments ease software development, testing  

Finally everybody can create their development environment online! Finally an end to endless discussions with outsourced it departments about server setup and maintenance. 

Home | tikitag 

Ohhh Yes, the RFID for the developer market for everybody to play with. In a couple of years I can go shopping by ‘tagging’ some stuff in the shops and have it delivered home. 

Intel teases shape-shifting programmable matter 

The concept of programmable matter can be thought of as “the ultimate form of digital printing”. Pretty cool if you have your electronics on demand. Or … let your house be one big 3d printer? So, we need something to recycle this on demand as well…

Precipitate - Google Code 

Cloudsurfing will be the next logic step in desktop-internet integration. If the cloud will be semantic-aware in the near future we can always find what we want.

For now it is a mere plugin for the mac desktop-search utility to search your google docs

More Information