Archive | August, 2008

Blogging is Not a Crime

13 Aug

Data taken from From TechCrunch and Swivel. List from TechCrunch.

Bloggers getting arrested is on the rise. While not large numbers, there is a disturbing trend of citizen journalists increasingly being targeted by law enforcement ( five arrests in 2003 to 35 last year). From Saudi Arabia to Iran to the USA, bloggers are being subjected to pressures to edit and censor information that intrenched orginizations are striving to limit. 

Whether it  is legitimate law enforcement, quaisi-military extremists or in the case of corporations take down notices or civil lawsuits, bloggers are drawing attention to themselves from institutions that have strong incentive to limit their exposure to  the public light.

The full list can be found at http://spreadsheets.google.com/pub?key=pw-ZWbusBKYaNxZ7Gl40MDg by Erick Schonfeld

 http://www.techcrunch.com/2008/08/12/blogging-is-not-a-crime/

DefCon Hackers Hacked

12 Aug

From Yahoo

by Glenn ChapmanTue Aug 12, 4:02 AM ET

“In the end, it was hackers at DefCon that got hacked.

After three days of software cracking duels and hacking seminars, self-described computer ninjas at the infamous gathering in Las Vegas found out Sunday that their online activities were hijacked without them catching on.

A standing-room crowd cheered admiringly as Tony Kapela and Alex Pilosov showed them how they were “pwned” by a simple technique that could be used to “steal the Internet.”

“Pwned” is popular computer and video game culture slang playing off the word “owned” and is used to describe someone being totally dominated or humiliated online or in-game.

“It’s a nearly invisible exploitation,” Kapela said while revealing a hack that exploits fundamental Internet routing procedure to hijack online traffic unnoticed. “A level of invisibility that is unparalled.”

The beauty of the technique presented by Alex Pilosov and Kapela is that hackers don’t need to break into websites or plant malicious computer code to control and tamper with data travelling the Internet, the presentation showed.

Instead, the Internet is duped into sending people’s data to hackers.

“Someone can passively intercept traffic,” Kapela explained. “We can store, drop, filter, mutilate, grope, or modify data heading to you.”

The tens of thousands of networks handling traffic on the Internet are programmed to trust each other for the best routes for data.

The choice of optimal routes is made instantly; decided by a network claiming the longest numerical Internet addresses for data destination.

A hacker can hijack traffic to and from websites of choice by adding enough numbers to computer addresses to have his or her network automatically deemed the best path for the data.

“We construct the man-in-the-middle attack on the Internet,” Kapela said, referring to a classic hack in which someone gets between a computer user and their online destination.

“Internet routing is inherently trust based. We told the route that we know the best way to an address. A hacker could blast a lot of spam or launch a lot of phishing attacks.”

Kapela and Pilosov proved their point by displaying for the rapt audience email, online searches and other online activity conducted that afternoon on the Internet connection used by DefCon attendees.

Hackers could use the attack to block access to websites or send traffic to bogus Web pages crafted to look like legitimate websites such as Twitter or Google, according to Kapela.

“Imagine all the wonderful stuff you could insert,” Kapela said. “You can hijack stuff from China or the opposite. It may already be happening. Who could tell?”

The presentation capped a DefCon gathering attended by more than 8,000 people.

Hackers shared ways to crack everything from mobile telephones, computer games and social networking websites to electronic hospital records and high security locks used at the White House.

One seminar included a way to remotely turn off pacemakers regulating people’s heartbeats.

A cavernous room was devoted to a non-stop “capture the flag” contest in which players hunched over laptop computers battled to seize and keep control of a network set up for the game.

Nightly “Hacker Jeopardy” drinking games required teams of players to correctly answer geeky computer questions with those giving wrong responses punished by having to guzzle beer.

Another contest challenged hackers to slip malicious software code past increasingly sophisticated anti-virus programs.

Hackers also faced off in lock picking contests; Guitar Hero video game competitions, and computer simulated shooting used by police for firearms training.

Hackers also competed in making spy balloons that floated above the casinos.”

I am completely ill equipped to attend, but I really enjoy being around people more clever and interesting than I am.  i’ll have to make it next year. —Jeff the noob

http://news.yahoo.com/s/afp/20080812/tc_afp/usitinternetcrimehackerdefcon

49% Internet Users Search Daily: Everyone reading this does dozens of searches daily

12 Aug

A new high of nearly half (49 percent) of all internet users use search engines on a typical day, up from about one-third in 2002 – and closing in on the use level of email (60 percent of those online use email each day) – according to a new analysis from the Pew Internet & American Life Project.

 

 

 

 

 

 

 

 

 

 Umm…only half the people?  I guess there are a lot of grandparents getting on the interwebs to check their email hoping to hear from their chlidren.  -Jeff

http://www.pewinternet.org/

As Ad networks Bloat Up…Costs Way Down

12 Aug

Adapted from Marketing Vox

Use of ad networks increased form 5% of total ad impressions sold in 2006 to 30 percent in 2007, according to the “Digital Pricing Benchmarking Study” from Bain & Company.  Yet as online publishers see growth rates of 20-30 percent in ad revenue, the advertising opportunities leaves publishers with excess inventory that they sell to ad networks at up to 90 percent discounts versus direct sales rates, Bain said.

That’s because unless you are unkown and simply trying to get eyeballs…they simply don’t work, regardless of the desperation of  marketing managers.–Jeff

http://www.marketingvox.com/ad-networks-surge-cpms-plunge-040343/

Google Responds to Congress: we aren’t NebuAd

12 Aug

Recently Congress has been investigating the user’s privacy with the growingly pervasive ‘opt-out’ advertising programs such as those run by NebuAd. The Congressional Committee on Energy and Commerce sent a letter on August 1 to Microsoft, Google, AOL  and a number of other companies, asking for information on whether or not personal data had been collected, what restrictions were placed on the collection and how the information was used. The companies were given until August 8 to respond.

 

NebuAd’s deep packet inspection was the lightning rod that drew increased congressional scrutiny and Google recognized this and promised to place its answer online for open inspection.

Google has since posted its reply. Google  by categorically stating that it does not engage in deep packet inspection while serving advertising and posits that most other advertisers do not as well.  According to the company, Google’s privacy policy is founded on three principles: providing transparency, choice, and security.

Google goes on  to say that it has been an active participant in the FTC  initiative to develop privacy principles and hopes that these principles “will be adopted widely by the online advertising industry and will serve as a model for industry self-regulation in jurisdictions beyond the United States.” The letter concludes with a  pledge to work with to create a uniform federal privacy law.

 

Other Google points:

 

  • Google’s online search advertising serving while contextual, do not make use of web browser history, and that it maintains no such database. 

 

  • The  DoubleClick merger Google intends to integrate some of that company’s technology into its own products to tailor ads more effectively. Users can opt out of this via a single option which will control a person’s opt-out status for all of the websites within Google’s network. 

 

  • Data retention: Google does not require any personally identifiable information (PII) to be provided and retains only standard server log information and/or cookie ID. Google anonymizes all search log data after 18 months.

 

 

Do no evil? You decide.

%d bloggers like this: