Being "always on" is being always off, to something.
Life: A Gene-Centric View
Topic: Science
11:11 am EST, Feb 9, 2008
Craig Venter & Richard Dawkins: A Conversation in Munich.
When Richard Dawkins, evolutionary biologist and author of The God Illusion, and Craig Venter, first Decoder of the human genome meet, the members of the audience feel privileged to be allowed to listen, while straining to understand the ideas. The two philosophers are united. "Genetics became a part of the information technology", recognizes Dawkins. The increasing understanding of the composition of our genes and their complex interaction is "the largest revolution in the history self realization of humans".
... essential ... superb, tough-minded ... meticulous ... assiduously investigated, brilliantly argued ... usefully horrifying ... devastating ... shattering ... powerful ... sharp, shaming ... grim, yet straightforward ... raises a great many uncomfortable, important questions. Sad, important and very difficult to watch.
Fuzz testing is an effective technique for finding security vulnerabilities in software. Traditionally, fuzz testing tools apply random mutations to well-formed inputs and test the program on the resulting values. We present an alternative whitebox fuzz testing approach inspired by recent advances in symbolic execution and dynamic test generation. Our approach records an actual run of a program under test on a well-formed input, symbolically evaluates the recorded trace, and generates constraints capturing how the program uses its inputs. The generated constraints are used to produce new inputs which cause the program to follow different control paths. This process is repeated with the help of a code-coverage maximizing heuristic designed to find defects as fast as possible. We have implemented this algorithm in SAGE Scalable, Automated, Guided Execution, a new tool employing x86 instruction-level tracing and emulation for whitebox fuzzing of arbitrary file-reading Windows applications. We describe key optimizations needed to make dynamic test generation scale to large input files and long execution traces with hundreds of millions of instructions. We then present detailed experiments with several Windows applications. Notably, without any format-specific knowledge, SAGE detects the MS07-017 ANI vulnerability, which was missed by extensive blackbox fuzzing and static analysis tools. Furthermore, while still in an early stage of development, SAGE has already discovered 20 new bugs in large shipped Windows applications including image processors, media players, and file decoders. Several of these bugs are potentially exploitable memory access violations.
Work by Patrice Godefroid; Michael Y. Levin; David Molnar.
Security researchers are applying software reliability models to vulnerability data, in an attempt to model the vulnerability discovery process. I show that most current work on these vulnerability discovery models (VDMs) is theoretically unsound. I propose a standard set of definitions relevant to measuring characteristics of vulnerabilities and their discovery process. I then describe the theoretical requirements of VDMs and highlight the shortcomings of existing work, particularly the assumption that vulnerability discovery is an independent process.
Governing Lethal Behavior: Embedding Ethics in a Hybrid Deliberative/Reactive Robot Architecture
Topic: Technology
7:07 am EST, Feb 7, 2008
Ronald Arkin, Georgia Tech:
This article provides the basis, motivation, theory, and design recommendations for the implementation of an ethical control and reasoning system potentially suitable for constraining lethal actions in an autonomous robotic system so that they fall within the bounds prescribed by the Laws of War and Rules of Engagement. It is based upon extensions to existing deliberative/reactive autonomous robotic architectures, and includes recommendations for (1) post facto suppression of unethical behavior, (2) behavioral design that incorporates ethical constraints from the onset, (3) the use of affective functions as an adaptive component in the event of unethical action, and (4) a mechanism in support of identifying and advising operators regarding the ultimate responsibility for the deployment of such a system.
Born Digital: Understanding the First Generation of Digital Natives
Topic: Technology
7:07 am EST, Feb 7, 2008
Due out in August.
Two leading experts explain the brave new world inhabited by "digital natives"--the first generation born and raised completely wired.
The most enduring change wrought by the digital revolution is neither the new business models nor the new search algorithms, but rather the massive generation gap between those who were born digital and those who were not. The first generation of "digital natives"--children who were born into and raised in the digital world--is now coming of age, and soon our world will be reshaped in their image. Our economy, our cultural life, even the shape of our family life will be forever transformed.
But who are these digital natives? How are they different from older generations, and what is the world they're creating going to look like? In Born Digital, leading Internet and technology experts John Palfrey and Urs Gasser offer a sociological portrait of this exotic tribe of young people who can seem, even to those merely a generation older, both extraordinarily sophisticated and strangely narrow.
Based on original research and advancing new theories, Born Digital explores a broad range of issues, from the highly philosophical to the purely practical: What does identity mean for young people who have dozens of online profiles and avatars? Should we worry about privacy issues? Or is privacy even a relevant value for digital natives? How does the concept of safety translate into an increasingly virtual world? Is "stranger-danger" a real problem, or a red herring?
A smart, practical guide to a brave new world and its complex inhabitants, Born Digital will be essential reading for parents, teachers, and the myriad of confused adults who want to understand the digital present--and shape the digital future.