Monday, June 20, 2011

Land War in Asia (aka, CS undergraduate education)

Today on Scientopia I get involved in a land war in Asia.

Friday, June 17, 2011

Achoo !

I feel strange not blogging much, like I didn't brush my teeth or something.

Life has been incredibly busy, though all for good reasons which I'll discuss here soon.

I think we need a panel not on work-life balance, but on blog-life balance. After housework, the blog is the first thing to go.

Anyway, it seems my first blog-a-versary is on Sunday, which is neat. I've enjoyed meeting so many of you online and interacting with you, reading your blogs, and learning from you. It's fun when people in meatspace mention some of your blogs at work, and I have to silently giggle under my thin veil of pseudo-anonymity.

Thanks for reading!

Monday, June 13, 2011

Secure your networks, this time with feeling!

I know I've said that my research area is not security, but you'd think I was lying with all my recent posts on these topics.

The IMF has now been hacked. (Apparently by a foreign government). I read this in the NY Times article -
Because the fund has been at the center of economic bailout programs for Portugal, Greece and Ireland — and possesses sensitive data on other countries that may be on the brink of crisis — its database contains potentially market-moving information. It also includes communications with national leaders as they negotiate, often behind the scenes, on the terms of international bailouts. Those agreements are, in the words of one fund official, “political dynamite in many countries.” It was unclear what information the attackers were able to access.
- and had two immediate thoughts:

1) How could it be unclear what information the attackers were able to access? Don't they have logs? And if the logs were vaporized, don't they have clever digital forensics experts who can figure out what happened?  This is the IMF for pete's sake.

2) All the data stored in these databases was encrypted with strong encryption, right? Oh, and all the traffic from client computers to the database was encrypted, right? And they keep a tight access control list, right? Right?

If you follow good practice to begin with, you don't have to worry quite as much when you're hacked. But so few organizations do, which is really depressing.

I used to bemoan the lack of good practice to friends who do work in this field, and they would chuckle and said, "Look, FCS, if you want to protect your data, write it on a slip of paper, burn the paper, dig a hole 10 feet deep, and put the ashes in the hole. Or better yet, don't write it down in the first place."

Yeah.

Tuesday, June 7, 2011

Why I'm glad Computer Scientists invented the internet -

- and not politicians. (No offense, Al).

Apparently after Sarah Palin's recent gaffe claiming a revisionist American history regarding Paul Revere's ride (and then doubling down about it), inspired a group of her supporters to rewrite the Revere wikipedia page to support her statements. As it happens, an interview with Sarah Palin does not exactly constitute a valid source, so Wikipedia said, "uh, no," and that was that.

Not that Wikipedia was exactly a bastion of valid historical data to begin with (and people are easily fooled by citation-looking-things), but this was a pretty weird thing for Palin-fans to do in my not particularly humble opinion. (Twitter is much better for spreading misinformation, doncha know?)

Anyway - Pedantic Wikipedia editors: 1, Wignuts: 0.

Also:

Image description: Paul Revere holds his head in his hand
whilst holding a teapot.

Credit: From Charles Johnson, from Boing Boing.

Monday, June 6, 2011

2010 ACM Awards - A Glance at Gender

I've posted today in Scientopia about a glance at gender for the 2010 Association for Computing Machinery (ACM) Awards. The ACM is our major professional organization in Computer Science.

Friday, June 3, 2011

Female Computer Scientists FTW

In other security news this week, Google is claiming China orchestrated some major attacks against gmail users. No shock, but what I found interesting is that they were discovered by blogger and fellow female computer scientist Mila Parkour.

Kudos, Mila!

And this just in - apparently Sony! Soni! Soné! has been hacked again. With script kiddie SQL injection attacks. The PC World article says, "Sony seems to ignore compliance requirements and basic security best practices".

For shame, Soné, for shame. You should totally hire Mila to fix you up. After China I suspect a gaming network will be child's play.