| |
| Current Topic: Technology |
|
Question on SIP Security considerations for future extensions |
|
|
|---|
| Topic: Technology |
11:50 am EDT, Aug 25, 2007 |
I'm having quite an interesting conversation with Sandy Murphy (cc'd) who was tasked by sec-dir to review one of our drafts (draft-ietf-sip-answermode). This draft has some rather interesting security issues, since if implemented incorrectly and then abused it could allow an attacker to "bug your phone" -- that is, turn it into a remote listening device. Similar attacks could also be used to run up the victim's connectivity bill, run down the device's battery, aggravate the "voice hammer" DOS attack, and so on. This lead us into a discussion of the SIP security model in general. Most SIP practitioners who have been at it for awhile know that if the proxies we have decided to trust suddenly decide to get malicious, then we're very much at their mercy. They can do all sorts of things, including routing our media through interceptors, mangling SDP payloads, injecting (or blocking) instant messages, altering presence information, and so on. But this aspect of SIP is not obvious to naive implementors, or even to less naive security types. Maybe every SIP extension document should include a boiler-plate reminder about the sensitivity of proxies, then go on to enumerate and describe the new ways that malicious proxies (should there be such a thing) can wreak havoc using the extension being documented. What do you folks think? 1) Could a reasonable "How you could be violated by trusted proxies that turn rogue" boilerplate be drafted?
2) Would the practice of repeating this in drafts help or hurt us?
3) Would it be useful for us to document how each extension could be used by a rogue proxy?
Question on SIP Security considerations for future extensions |
|
Brad's Thoughts on the Social Graph |
|
|
|---|
| Topic: Technology |
11:50 am EDT, Aug 25, 2007 |
I've been thinking a lot about the social graph for awhile now: aggregating the graph, decentralization, social network portability, etc. If you've seen me at any conference recently, I probably talked your ear off about it. It's time I braindump this, so here goes ... Problem: People are getting sick of registering and re-declaring their friends on every site, but also: Developing "Social Applications" is too much work. Goal: Ultimately make the social graph a community asset.
Brad's Thoughts on the Social Graph |
|
|
|---|
| Topic: Technology |
6:41 am EDT, Aug 22, 2007 |
Teeming with chatrooms, online discussion groups, and blogs, the Internet offers previously unimagined opportunities for personal expression and communication. But there’s a dark side to the story. A trail of information fragments about us is forever preserved on the Internet, instantly available in a Google search. A permanent chronicle of our private lives—often of dubious reliability and sometimes totally false—will follow us wherever we go, accessible to friends, strangers, dates, employers, neighbors, relatives, and anyone else who cares to look. This engrossing book, brimming with amazing examples of gossip, slander, and rumor on the Internet, explores the profound implications of the online collision between free speech and privacy. Daniel Solove, an authority on information privacy law, offers a fascinating account of how the Internet is transforming gossip, the way we shame others, and our ability to protect our own reputations. Focusing on blogs, Internet communities, cybermobs, and other current trends, he shows that, ironically, the unconstrained flow of information on the Internet may impede opportunities for self-development and freedom. Long-standing notions of privacy need review, the author contends: unless we establish a balance between privacy and free speech, we may discover that the freedom of the Internet makes us less free.
Order at Amazon. Solove's co-bloggers called WikiScanner this week's killer app. Another comment: It probably shouldn't be surprising that Wikipedia entries are being manipulated in this way. If anything, it's more surprising that people seem to believe that Wikipedia entries can give them easy truth on complicated questions that require judgment, reflection, interpretation, and thought.
The Future of Reputation |
|
User Participation in Social Media: Digg Study |
|
|
|---|
| Topic: Technology |
6:28 am EDT, Aug 21, 2007 |
The social news aggregator Digg allows users to submit and moderate stories by voting on (digging) them. As is true of most social sites, user participation on Digg is non-uniformly distributed, with few users contributing a disproportionate fraction of content. We studied user participation on Digg, to see whether it is motivated by competition, fueled by user ranking, or social factors, such as community acceptance.
For our study we collected activity data of the top users weekly over the course of a year. We computed the number of stories users submitted, dugg or commented on weekly. We report a spike in user activity in September 2006, followed by a gradual decline, which seems unaffected by the elimination of user ranking. The spike can be explained by a controversy that broke out at the beginning of September 2006. We believe that the lasting acrimony that this incident has created led to a decline of top user participation on Digg.
The incident? On September 5, 2006, a user posted an analysis of the user activity statistics that, similar to our findings, showed that the top 30 users were responsible for a disproportionate fraction of the front page stories. This analysis meant to support the claim that top users conspired to automatically promote each other’s stories, or as a blogger Michael Arrington put the next day, “a small group of powerful Digg users, acting together, control a large percentage of total home page stories”. Needless to say, these accusations incensed both sides: the general Digg population, who felt that Digg’s democratic ideal was compromised by a ’cabal’ of top users, and the top users, who received the brunt of the anger. The escalating war of words was fought on blogs, Digg’s pages (as evidenced by the spike in activity in early September 2006), and it even attracted the attention of mainstream media. Within days, Digg’s management announced changes to the promotion algorithm that devalued “bloc voting” or votes coming from friends. Top users saw this as a repudiation of their contributions to Digg, and at least one top user, who held the No. 1 position at the time, publicly resigned.
User Participation in Social Media: Digg Study |
|
The Design of Browsing and Berrypicking Techniques |
|
|
|---|
| Topic: Technology |
6:06 am EDT, Aug 21, 2007 |
First, a new model of searching in online and other information systems, called "berrypicking," is discussed. This model, it is argued, is much closer to the real behavior of information searchers than the traditional model of information retrieval is, and, consequently, will guide our thinking better in the design of effective interfaces. Second, the research literature of manual information seeking behavior is drawn on for suggestions of capabilities that users might like to have in online systems. Third, based on the new model and the research on information seeking, suggestions are made for how new search capabilities could be incorporated into the design of search interfaces. Particular attention is given to the nature and types of browsing that can be facilitated.
(from 1989) The Design of Browsing and Berrypicking Techniques |
|
'Spacewar': Welcome to the 'Post-Human' Era |
|
|
|---|
| Topic: Technology |
11:02 pm EDT, Aug 8, 2007 |
These are not merely colorful concoctions springing forth from fertile imaginations of mad scientists and pedagogues of calamity. This is a heinous attempt to create, from among the ranks of this emerging generation, a class of desensitized drones who will conform to the absurdity of a society in which nothing is held to be true, and everything is permitted. Reminiscent of the dark ages in science, where knowledge was suppressed, today it is not a question of annihilating science, but of controlling it. These are, and always have been the preconditions to control a society. From the pits of the aforementioned nexus, have sprung the seeds that were necessary predecessors to the modern-day Darwinian globalized market and cyberculture that have spawned a population on the verge of willingly surrendering that which renders them superior to apes, bacteria, and computers—their humanity.
I don't endorse this article, and the publication may be questionable, but the author articulates a distinct perspective. I notice that the August 3 issue of EIR includes a story on the Cramer tip, Big Bank Failure Could Turn Credit Crunch Into Global Crash: Big international banks will be left holding the bag, with hundreds of billions of dollars of unsellable junk-bond debt, because the collapse of the world credit markets promises to abruptly end the era of "leveraged takeover" scams.
'Spacewar': Welcome to the 'Post-Human' Era |
|
Learning from bridge failure |
|
|
|---|
| Topic: Technology |
8:23 pm EDT, Aug 6, 2007 |
Henry Petroski :In bridge design, as in all structural engineering, success can breed hubris and catastrophe, while failure nurtures humility and caution. Unfortunately, it does seem to take a collapse to re-sensitize inspectors and operators to the real dangers that lurk among rusting steel and cracking concrete. Let us hope that the lessons learned in Minneapolis are not forgotten once more.
Learning from bridge failure |
|
The Netflix Prize: 300 Days Later |
|
|
|---|
| Topic: Technology |
10:28 pm EDT, Jul 31, 2007 |
In partial response to the observation by Decius that "The end of the reign of mass media means the end of the reign of mass culture", I offer this: There is a danger that recommender systems may simply magnify the popularity of whatever is currently hot - that they may just amplify the voice of marketing machines rather than reveal previously-hidden gems. Even worse, their presence may drive out other sources of cultural diversity (small bookstores, independent music labels, libraries) concentrating the rewards of cultural production in fewer hands than ever and leading us to a more homogeneous, winner-take-all culture. I'm no futurist, but I see little evidence from the first 300 days of the Netflix Prize that recommender systems are the magic ingredient that will reveal the wisdom of crowds.
You may recall that I recently wrote: Obscure people, bring us your good arguments!
Tyler Cohen, "cult hero" and author of the recently published "Discover Your Inner Economist", notes that "recommender systems work best when combined with non-articulable knowledge." (Does MemeStreams some of have that?) Incidentally, for those of you in the DC area, Cohen will be at the 18th St. Lounge tomorrow for a Reason happy hour: ... come out and meet everyone. They also (seriously) have lots of beautiful women at these events, not like when I was a young libertarian.
The Netflix Prize: 300 Days Later |
|
