Monday, May 28, 2007

 

Then What? -- Cyberwarfare Update

As I noted a few days ago (well, about a week ago), some of the mainstream media (but far from all) were reporting on the massive DDoS (distributed denial of service) attacks hitting Estonian institutions for a month. But then what happened? Are the attacks continuing, as they did for a month before they received press coverage? Have they ceased? Where are the updates?



Admittedly, there are difficulties with this type of news story. If the attacks continue, there is something to notice and report; but if they seem to stop, what can you say?  If no enemy surrenders or is captured, can one conclude that the story is over?



The articles keep on coming, and the message is typically: this is bad stuff, and someone should figure out what to do about it before it hits us! This is the case of one in Slate from 22 May, and on 24 May an article in the Economist, Cyberwarefare update, and another in Information Week,Estonian Attacks Raise Concern Over Cyber 'Nuclear Winter'



On the other hand, there are also some interesting tech notes and discoveries. Jose Nazario of ArborSERT, an expert who has published books and articles on this and related subjects, did some data mining on 17 May.
We’ve seen 128 unique DDoS attacks on Estonian websites in the past two weeks through ATLAS. Of these, 115 were ICMP floods, 4 were TCP SYN floods, and 9 were generic traffic floods. Attacks were not distributed uniformly, with some sites seeing more attacks than others:
Largest attacks we measured: 10 attacks measured at 90 Mbps, lasting upwards of 10 hours. All in all, someone is very, very deliberate in putting the hurt on Estonia, and this kind of thing is only going to get more severe in the coming years.


In my first reading, I missed the significance of his attacks by date table: 31 on the 8th, 58 on the 9th, none on the 10th, one last one on the 11th...in the data he mined on the morning of the 17th. There had been no more attacks for a week when the story broke?



Via Technorati I found a couple of blog posts from three days ago ( SecuriTeam Blogs and Credit Union InfoSec which relay info from Prolexic Technologies and Netcraft : Botnets are old-fashioned, P2P networks are the thing now.



Darren Rennick, CEO of Prolexic, a company that provides DDoS mitigation as a service, in Banking Business Review,"we foresaw from the outset that a time would come when there would be big attacks not for extortion but actually to damage the economy and, potentially to destroy the defense system of a country." In the same article, Robert Shaw, head of the ICT applications and cybersecurity division at the International Telecommunication Union in Geneva,
Of particular concern, he went on, is the development of what managed security services provider MessageLabs is calling Spam-Thru Botnets, which as peer-to-peer networks mean there is no absolute master controller as in normal botnets. "Any machine can be the controller, and they even have some software built on the Kaspersky AV technology that actually removes other botnet software from a machine before installing themselves," said Shaw.




In one other article (the reference of which I have lost somehow) there was a discussion of the need to include the physical infrastructure in planning and providing security against such attacks. However, the infrastructure is largely privately owned, and it will likely be difficult to impose regulations which require investment. But never mind that I've lost that article, a note from 22 February 2006, Cybersecurity Demands Physical Security covers it much more thoroughly and professionally:
The economics underlying the telecommunications industry is a major problem today. Governments, militaries, corporations and especially international financial institutions expect to use international telecommunications at virtually no cost. They employ sophisticated groups of experts to manage reduced prices of competing carriers to the point where the network services providers are barely able to provide service. This alone explains to a large degree the aggregation of the cheapest bandwidth into shared facilities at lowest cost and most vulnerable security. This must change. Customers of the system will have to pay a fair price to maintain the security of a distributed telecommunications system. The other option is a catastrophic attack on the international system.
Although the author was primarily addressing risks of physical damage from attacks, sabotage, or natural disaster, he does also state:
Today's technology permits more and more traffic to be carried by fewer and fewer carrier hotels, cable providers and network services suppliers. The cost of an international telecommunications voice and data call per minute is approaching zero. This is putting extreme profit margin pressure on international submarine cable and network operators. Some analysts argue that the total capital value of the undersea cable network is less than the annual costs of maintaining the system in a hostile underwater environment. The system is quite likely bankrupt.



The combined vulnerabilities of the undersea cable networks in conjunction with the nonsecure carrier hotels that feed into them makes apparent the magnitude of the threat from terrorist organizations, natural disasters or the potential for network-based or information warfare among more traditional combatants.




So, I ask again, then what?



Technorati Tags: , , ,



Powered by ScribeFire.


Saturday, May 26, 2007

 

Word of the Week: sferics


After the warmest April ever recorded in France, with a drought in this region from April 4th to May 8th (ignoring 0,6 mm on the 5th), we've been having a real warm month of May, too. For the past week, with temperatures reaching 30° and not dropping below 15° at night, the weather forecast has been "thunderstorms today or tomorrow" every day. I saw some lightning in the distance late in the afternoon a few days ago, but we didn't get our thunderstorm. Yesterday we finally had a little bit of rain and hail (I hate that sound on the skylight above the bathtub! I'm careful not to take a bath during hailstorms).

Le Monde reports thirty departments are on "orange alert" for violent thunderstorms from yesterday until Sunday. Indeed, the observation maps are pretty impressive, and not just today's.

Since I first saw them a few years ago, I've considered the lightning maps from
Wetterstationen, Funkgesteuerte Wetterstation a real treat. But I never thought to wonder what "sferics" is or are. Météo France's glossary (in English, French, German and Spanish) says Electromagnetic wave resulting from an electric discharge (lightning) in the atmosphere. For example:


The animated radar maps of rainfall across Europe at meteox.com are pretty nice, too.


Technorati Tags: , , , ,

Powered by ScribeFire.


Thursday, May 24, 2007

 

A Slice of Internet Activity

A couple of weeks ago, the author of a blog I read regularly (well, I did, but he has decided to pause his posting) mentioned a hit counter he uses to measure the traffic. It is free (gratis) for limited log size (but for his blog's traffic, I suppose he has a paid subscription). I've often wondered who reads this blog (my vanity project), so I signed up: it is statcounter.com, and you can see what info it can provide by clicking on its link in the left hand column on this page. I recommend the "Recent Visitor Map" report, but the others can be interesting, too.



Mostly, it seems, the visits are as I suspected: a few people I know read pretty much whatever I post from time to time; more people arrive by accident (typically via Blogspot's "next blog" navbar button) and don't stay long (sniff! sorry it doesn't grab their attention)--60% of visits last under 30 seconds.



What is more fun is to see what search results bring visitors. This morning, for instance, my attention was grabbed by a visit from someone who had used a Google search on "end of history francis fukuyama"--from Iran! Someone in Mumbai, India, was looking for "complete demonstration of Kamasutra", and left immediately, too. I guess I should diversify my posts more, but should I give a complete demonstration of Kamasutra? Don't hold your breath.





Overall, I like this statcounter: it lets me take my blog-related procrastination to a new level.





Technorati Tags: , ,



Powered by ScribeFire.


Wednesday, May 23, 2007

 

Season's Greetings?

It is late May, and the season is rather in advance: we've had lots of warm weather for weeks in this continental climate zone between the Vosges and the Black Forest, through which flows the Rhine; the birds drop stolen cherries in my garden and neighbors offer to sell cherries. The birds are very noisy out in the back yard; I stopped filling the bird feeder with seed a couple of days ago, because they haven't eaten all the seed on the ground (spoiled brats!), I don't want them on the ground because the cat killed three last week, and they ought to be able to feed without my assistance under the current conditions (I do leave water). The height of the grass, which I didn't mow for a month because there was no rain, enables the cat to sneak up on the birds, but I've cut most of it (by hand) for at least 3 or 4 metres radius from the (empty) feeder.



Despite the birds' racket and the noise I was making in the kitchen, I heard a tune. My radio was off, the tune was soft. But intriguing. "Jingle Bells"! But of course! I went to look out, and sure enough the neighbors' youngest child (about 10 years old) was standing in her open window with her clarinet "practicing". It is the end of the academic year, exams are imminent, so she is "reviewing" what she is supposed to have learned this year. But "Jingle Bells" between Ascension and Pentecost?







Technorati Tags: , , ,



Powered by ScribeFire.


Sunday, May 20, 2007

 

Family Outing to Walbourg

A few days ago, I noticed a couple of posters in a bakery window announcing up-coming local events. One was the local participation in a national (or international, I'm not sure) event : museum night. The other was "Exposition généalogique à Walbourg".

Much like the "heritage days", which are a European event in September (since 1984), access is free of charge to encourage people to go see things they might not otherwise have visited. The "heritage days" have a broad scope, however, and part of their benefit is to allow access to buildings and other sites of interest than just museums: the European palace of human rights, some public buildings with military or administrative functions, the workshop where TGV are repaired, to mention a few. Museum night focuses on a few museums which, for the occasion, open a Saturday night and provide talks, thematic guided tours, and musical events.

The "exposition généalogique" was organized by the "Atelier Généalogique de l'arrondissement de Wissembourg et Environs" (AGAWE), and held in Walbourg Saturday and Sunday. The associations which participated are:
  • Le Cercle Généalogique de Pirmasens
  • Le Cercle Généalogique de Moselle Est
  • Le Cercle Généalogique du Pays de Bitche
  • Le Cercle Généalogique de Mulhouse
  • Le Cercle Généalogique des Pays de Sarrebourg et du Saulnois
  • Der Pfälsisch-Rheinische Familienkunde
  • La Société d'Histoire des Quatre Cantons
  • Le Cercle d'Histoire et d'Archéologie de l'Alsace du Nord
I noted what information I had on a couple of ancestors who might have been from around here, or close enough that research on people around here by the participants in this event might have clues to give me on how to find out more about them. And I refreshed my info with a few more Internet searches. Then I headed up to Walbourg to see what I could learn.

The people I consulted were helpful, or tried to be, but I didn't come away with any revelations. I did come away with their recommendations of resources to try (EllisIsland.org, FamilySearch.org, and several others). I've barely started to use them, and haven't yet much to report.

The exposition also included lots of displays explaining basics, types of source documents and, lots and lots of family trees. A sampling (phone camera quality, with backlight problems in some, but hopefully sufficiently unreadable that there will be no copyright issues) follows. The first one shows both ascending and descending trees (although not to the same extents). The second is a "sculpture": it is metal (bronze, or plated or painted to look so), brazed and engraved with the names and dates on the "shields". The third is a semi-circular format which (I think) nicely keeps the chart dense despite the doubling of the number of entries with each generation. The fourth is like the third, but with husband's and wife's charts fused; as long as they have no common ancestors, it works, but otherwise? Is it always possible by flip-flopping (and not always splitting father/mother in the same direction) to do when there are common ancestors? Hmmm, I sense some research coming on.








Powered by ScribeFire.


Technorati Tags: , , , ,

Saturday, May 19, 2007

 

First Battle in the Cold Cyberwar?

It seems not all major "papers" agree that this story is "fit to print". I've just sampled a few of the leaders in English and in French, then sorted their reports in chronological order. I wonder what would happen if the video of the removal of the statue in Tallinn were top of the charts at YouTube and the DDoS attack were against one of the pillars of cyber-business?



Financial Times Reporters Published: May 17 2007 19:02: US warns cyber-attacks will increase



A top US official on Thursday warned that cyber-attacks against governments and institutions were likely to increase in future following a series of assaults over the past month in Estonia.

The attacks, which Estonian officials say originated in Russia, began after April 27 when Estonia removed a Soviet second world war memorial from its capital, Tallinn.

“We need to prepare ourselves because this is likely only to become more of an issue in the future,” said John Negroponte, deputy US secretary of state and until recently the US director of national intelligence. He did not comment on allegations that the attacks were linked to the Russian government.





Web attackers used a million computers, says Estonia

  • Guardian, Friday May 18 2007
  • Ian Traynor in Brussels
Estonia said yesterday that at least 1m computers had been used to launch an unprecedented wave of cyber-attacks on the small Baltic state over the past few weeks and indicated the damage inflicted had run into tens of millions of euros. Despite earlier explicit accusations that Russia was behind the offensive, however, officials in Tallinn, the Estonian capital, backed away (...)



lemonde.frL'OTAN s'alarme des cyberattaques dont est victime l'Estonie

May 18, 2007 18:43:52 GMT

L'OTAN enquête à la demande de l'Estonie sur les attaques électroniques qui ont mis à mal de nombreux sites. La Russie, pointée indirectement du doigt par Tallinn, a nié avoir participé à ces opérations.





New York Times :Estonia Computers Blitzed, Possibly by the Russians :

Published: May 19, 2007

MOSCOW, May 18 — The computer attacks, apparently originating in Russia, first hit the Web site of Estonia’s prime minister on April 27, the day the country was mired in protest and violence. The president’s site went down, too, and soon so did those of several departments in a wired country that touts its paperless government and likes to call itself E-stonia.

Then the attacks, coming in waves, began to strike newspapers and television stations, then schools and finally banks, raising fears that what was initially a nuisance could have economic consequences.





Los Angeles Times: Search returns nothing on Estonia since 10 May.



Wall Street Journal: nothing that I can find.









Technorati Tags: , , , , , ,



Powered by ScribeFire.


Saturday, May 12, 2007

 

Down Here From Up There



Seeing the map of the Griffith park fire the L.A. Times prepared by annotating GoogleEarth images, I remembered that I did some follow-up (back in December) on Geoportail.fr and haven't gotten around to posting it. Earlier (August) I had read what some courageously anonymous WSJ editorial writer thought of French and European 'vanity projects', which included GeoPortail, an impertinent rival to GoogleEarth it would seem; I was angered, for several reasons.

first, really teed off post

calmer post

Meanwhile, Sochaux just scored and is 1-1 with Marseille with about 20 minutes to go.

I did screen caps of the best view I could get of "where I live" with each of them. Clearly the GeoPortail has some room for improvement:
  • the left-hand column is too narrow, hardly more than half the Google column size. This gives the impression that the larger image is larger.
  • the logo, too, is much too small, and only shows a flag with a national shape: anybody who can read might not get it.
  • the left-hand column only has within-site navigation options, not a single proposition to visit a paid advertiser. Hopefully there will soon be a shop added so one can buy a t-shirt with one's map on it and much, much more!
  • the houses and stuff are much bigger, arguably too big; you can practically tell the trees from the forest: if terrorists out to get me get control of the satellites with the lethal lasers, I would be in more trouble than with the GoogleEarth images.


Technorati Tags: , , , , , ,

Powered by ScribeFire.

Labels: , , , , , ,


Friday, May 11, 2007

 

ESL Woes

ESL, for those who might not know, is (or was in the 1960s) the shorthand expression used in L.A. city schools for "English Second Language" in designating classes that were intended for students for whom English was not the mother tongue. As English spreads to ever more people as a second or third language, thanks to globalisation and the Internet, there are bound to be cases where folk say things using English as they would have said them in their mother tongue but it just doesn't work. One such case is an open source mail client called Claws Mail, which claims:



Claws Mail - the email client that bites!



 "that really bites" or "that bites" is a very negative judgment (like "sucks"). A note on the American Dialect Society mailing list agrees with me, dating the expression to circa 1971.



I asked hakia, "Is 'that bites' a compliment?"



Answer: Brilliant query indeed. How about: The bland, repetitive featurettes are full of boilerplate sound bites complimenting the accomplished cast.



That isn't quite what for which I was hoping. I suppose my query may have been too succinct.



Nevertheless, I think Claws should change its slogan. I also think they should discontinue their
"Sometimes intelligent design is better than Evolution" t-shirts--too few people know that Evolution is an email client developed by the gnome project.





Technorati Tags: , , ,



Powered by ScribeFire.


Thursday, May 10, 2007

 

Really seriously, what gives with Googspot?

The header of their picasa page shows (with a little anonymisation)

miname.lastoo@get-the.net | New Features! | Help | Sign Out | Sign up for Picasa Web Albums




And the same page shows:

Add a comment
Sign in if you have a Google account, or sign up for a free account.



I've signed in three times in short order. If I'm not signed in, why are "miname.lastoo@get-the.net" and Sign Out displayed at the top of the page? But I still can't post a comment. Humbug, back to email.




Powered by ScribeFire.


 

Why?

  • Why is it so hard to control the composition of a post on Blogger?

  • Why, when one adds a photo, is it automatically inserted before, not after, whatever one has already written and added?
  • Why, when one adds block elements in the html (hr and br), do they disappear, or move, or, as happened to some < hr / > I added (hoping to get the following text and photo to fall in the right sequence), get split into nested < hr > and < /hr >?
  • Why don't I feel like finishing the post I started with a sequence of photos I was trying to narrate?





Powered by ScribeFire.


 

May 6th, Afternoon of






Saturday lunch, sitting in the nearby Turkish diner/grill (Kurdish, actually, but shhhhh!), I could see the column at the corner of Grand'rue, the one I photographed post-Hallowe'en. A couple walking a large dog stopped; while she stood holding the leash, he decorated the posters of Sarkozy. Sunday, election day, the column had been "recovered" (literally) by the socialists (MJS is the movement of jeunes=young socialists), but I think we'll see examples of the type of embellishment he was adding. (BTW, somehow the date/time setting in my camera was wrong and I only noticed a bit later...these really were all taken on May 6th).

The first bureau I came upon in the center of town was the one housed in the covered market, a part of the market called the Rotisserie.

for some reason, the photo "above and to the right" is not entirely above...how to make it so without adding a "table" in the html?

This is a now "table" layout. Googspot/Blooger is web 0.9, it seems, so I'll try to cope with it.


Two bureaus further on I was in front of the Ecole Saint Nicolas(!!!). Here, Nicolas the candidate (and now president-elect) received a different, less artistic treatment.

Now I'll save as draft before adding a close-up of one of the bits glued over Sarkozy's poster.

Okay, it seems that with this modern (but gratis) system, the best bet is to use tables for formatting, so I'll continue. But I really don't understand why the picture I added last appeared before the other and had to be moved, nor why the tops of the two (below) are not aligned. And least of all, why I should have to try to figure it out.




This page (close-up on the right) takes a speech by the Maréchal Pétain from 1940 and suggests that there are striking similarities in M. Sarkozy's speeches.

After strolling along the Moder on the north side of town, I arrived at the Place Schumann, named not for the composer of music but for the composer of a political harmony.It looks like our "artiste" has been here, too.In the Museau neighborhood, it is Royal who has been defaced, but only slightly. And here, finally, is a panel that has not been tampered with.



Tags: : :

Labels: , , , ,


 

May 6th Around Here

Results in the French presidential election are available on-line thanks to our regional daily newspaper (in fact, they have been since the morning following the election). This election they are once again gratis; from the next election on, we'll have to pay for this service but, at 1,50€ for two days, it is not going to be too expensive.

Alsace tends to vote "to the right". When, in 2006, the 22 regional councils were elected, the left (mainly Socialist) won everywhere except Corsica and Alsace. This election was little different. In the first round, Bayrou (center) came in second ahead of Royal (socialist), and Le Pen did better than his national average.

In this presidential final, it seems that generally, around here, the smaller the town or village the higher Sarkozy's score: under 1000 ballots cast went 78 to 83 % for him; slightly bigger ( Pfaffenhoffen and La Walck I consider to be a single "place") gave him 70-76 % of their votes. Haguenau gave him a little under 70 (thanks in part to my neighborhood, where he only received about 62 %), and the total department, including the Strasbourg urban zone, drops to "only" 65.58%--still well above the national score.

I was in the polling place (voting bureau) around 11:30, and the counter on the plexiglas box read 368. In this neighborhood, exactly as many turned out for the final as for the first round, although there were a few more who cast a null ballot (16 first round, 27 second round, of 783 votes deposited). After lunch, I went for a walk around town, and took pictures of the candidates' official posters in front of the voting bureaus I past, or what remained visible in place of the posters.


SARKOZY ROYAL Ballots cast
Territory



Bas Rhin 65,58% 34,42% 574 213
Haguenau 69,31% 30,69% 16 889
Haguenau (bur. 22) 61.90 % 38.10 % 756
Pfaffenhoffen 70,03% 29,97% 1368
La Walck 71,69% 28,31% 864
Oberhoffen-sur-Moder 74,08% 25,92% 1802
Weitbruch 75,66% 24,34% 1713
Ohlungen 78,27% 21,73% 911
Niederschaeffolsheim 79,02% 20,98% 853
Berstheim 79,38% 20,62% 257
Dauendorf 79,87% 20,13% 904
Wintershouse 82,67% 17,33%427




Powered by ScribeFire.


Tuesday, May 08, 2007

 

Is That An Air Conditionner?


The Kyocera Solar Europe homepage has a a surprising photo, one that made me smile (the one to the left).

Powered by ScribeFire.


 

How much energy is required to manufacture a photovoltaic cell?

I asked hakia and hakia replied "Wonderful question, hope I have some useful answers for you below."



The first answer was "about four years to payback." The explanation of the assumptions at A-to-Z of Materials notes that "To calculate payback, Dutch researcher Erik Alsema reviewed previous energy analyses and did not “charge” for the energy that originally went into crystalising microelectronics scrap." . Similarly, the calculation for thin-film PV systems includes the substrate, film-deposition process, and facility operation. Obtaining copper indium diselenide, cadmium telluride, or amorphous silicon is not charged.



Another article, from July 2005, claims
The primary variable cost incurred to manufacture photovoltaics is electricity, which is produced by, you guessed it, photovoltaics. Each photovoltaic cell will produce twenty times more energy in its lifetime than the amount of energy required in its manufacture, and this ratio continues to improve.


Inasmuch as the lifetime of service is estimated to be 30 years, "twenty times more energy in its lifetime" would mean a payback of 18 months, even lower than the previous estimates of three to four years which omitted easily identified (if not easily estimated) charges. So no, I don't accept "twenty times more." On the other hand, I was pleased to learn of a clever product: "sunslates", photovoltaic panels that replace roof tiles! "Most of the large-scale PV manufacturers are now making a "roof-shingle" style product, including BP Solar, GE Energy, Sharp, and Kyocera Solar," says Marianne Walpert, Vice President of Marketing and Sales at Pacific Power. The photos are of an Atlantis Energy Systems product.



After lots of non-answers, I finally got to the NREL report of which the first article was an extract. They cite more studies, and have a figure to show the payback time by component (module, frame, balance of system). Paybacks are on the order of 3 to 4 years with current technologies (3.3 years in an empirical study by Knapp and Jester, "including the energy to purify and crystallize the silicon"). The 18-month payback is for the module alone, excluding frame (energy-expensive aluminum) and other parts.



This is good news. With 12v DC I could power my adsl modem-router, charge my mobile phone, and a lamp or two (all of these are particularly useful in case of a blackout). While I fear the calculation does not include the batteries, wire, and regulator, it still seems likely to payback.



Technorati Tags: , , ,



Powered by ScribeFire.


Tuesday, May 01, 2007

 

Linguistic Futureshock

In this age of linguistic futureshock, it is hard to keep up, harder to be bi-lingual, and I don't know how polyglots cope. I suppose they have to be selective, specialising in a subject area, like technical terms of some sort, or slang, or new terms, or archaic terms. Or sticking to a core language, like Basic English in each language--not really keeping up.

I recently consulted an on-line vendor's catalog for dictionaries, and felt distressingly old when I read that, to make room for new words, "pantdress" and "record changer" had been dropped! I didn't feel much better when I looked at the list of terms added:
  • Botox,
  • comb-over,
  • crunch-exercise,
  • dead-cat bounce,
  • dead presidents,
  • dead tree,
  • def,
  • exfoliant,
  • gimme cap,
  • identity theft,
  • phat,
  • and
  • tweener.
Whatever.

Meanwhile, technology and the forces driving futureshock can be friendly. This week I learned of a terminology translation service provided by the European Union, called IATE (Inter Active Terminology for Europe). Enter a term in any EU language, and it provides equivalents (with indications of context-dependence) in whichever of the other EU languages as one chooses (my ability to test this is limited to a small number of languages).

In France, we are in the last stretch of a presidential election, which I have been following closely, both in the French press and in the UK and USA press. It is pretty clear that notions of left and right are very relative, lots of names of parties and ideologies are too, not to mention the likelihood that choices are not binary, or even one-dimensional. What does this have to do with what precedes?

I was about to write to friends in Seattle to ask the label or category name for "altermondialiste", when I realized IATE should be able to answer since there is a French term, "altermondialiste", and it should be in the scope of the vocabulary of a political entity such as the EU. I would not have predicted the answers:
  • globalophobe
  • globaphobe
  • anti-globalist
Looking at the construction of the word, I thought I recognized "alter-" meaning "other" (as in "alternate", or "alter ego"), and "mondialis-" which is generally "globalis-" in American or English. This could well describe those who desire and seek to bring about an equitable and sustainable global economy, but protested because they perceive that there is insufficient or inappropriate global governance for that today.

My grandmother told me, "if you can't say something nice, don't say anything at all." I would tell the EU translators, "if you can't translate a constructive movement's name in positive terms, don't translate at all."


Powered by ScribeFire.

Labels: , , , ,


This page is powered by Blogger. Isn't yours?