July 31st, 2010
Google Chrome has been showing me a malware warning page today as I try to visit normally trusted and benign sites. I got this one just now as I tried to got to Planet RDF.
Warning: Visiting this site may harm your computer!
The website at planetrdf.com contains elements from the site bin.clearspring.com, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.
For detailed information about the problems with these elements, visit the Google Safe Browsing diagnostic page for bin.clearspring.com.
Learn more about how to protect yourself from harmful software online.
[ ] I understand that visiting this site may harm my computer. PROCEED
Clearspring claims it’s a technical problem, although they admit they were using a service that was compromised with files redirecting users to a certain malware domain. I’m a bit fuzzy on what clearspring does and where they are being used on the Planet RDF site. I don’t see it in the page source, for example.
update: Maybe the problem stems from flash cookies in blog content being syndicated by Planet RDF that have flash objects mediated by clearspring.
July 22nd, 2010
Apple’s Safari browser has a privacy vulnerability allowing web sites you visit to extract your personal information (e.g., name, address, phone number) from your computer’s address book. The fix is to turn off Safari’s web form autofill feature, which is selected by default (Preferences > AutoFill > AutoFill web form).
July 15th, 2010
Here’s a great resource if you want to come up to speed on ontologies and their importance today.
Professor Barry Smith of the University at Buffalo held a two-day course, An Introduction to Ontology: From Aristotle to the Universal Core, in 2009, to introduce ontologies and their applications to both philosophers and computer scientists. It consisted of of eight lectures for which slides and downloadable videos are available. Paul Alexander has also made the videos available in streaming form here if you want to view them without downloading.
The lectures are all either 60 or 90 minutes. Here are links to the streaming videos, thanks to Paul Alexander:
Ontology as a Branch of Philosophy
Ontology and Logic
The Ontology of Social Reality
Why I Am Not a Philosopher (or: Ontology Leaving the Mother Ship of Philosophy)
Why Computer Science Needs Philosophy
Ontology and the Semantic Web
Towards a Standard Upper Level Ontology
The Universal Core: Ontology and the US Federal Government Data Integration Initiative
July 8th, 2010
The secret message embedded in the USCYBERCOM logo
is what the md5sum function returns when applied to the string that is USCYBERCOM’s official mission statement. Here’s a demonstration of this fact done on a Mac. On linux, use the md5sum command instead of md5.
~> echo -n "USCYBERCOM plans, coordinates, integrates, \
synchronizes and conducts activities to: direct the \
operations and defense of specified Department of \
Defense information networks and; prepare to, and when \
directed, conduct full spectrum military cyberspace \
operations in order to enable actions in all domains, \
ensure US/Allied \ freedom of action in cyberspace and \
deny the same to our adversaries." | md5
md5sum is a standard Unix command that computes a 128 bit “fingerprint” of a string of any length. It is a well designed hashing function that has the property that its very unlikely that any two non-identical strings in the real world will have the same md5sum value. Such functions have many uses in cryptography.
Thanks to Ian Soboroff for spotting the answer on Slashdot and forwarding it.
Someone familiar with md5 would recognize that the secret string has the same length and character mix as an md5 value — 32 hexadecimal characters. Each of the possible hex characters (0123456789abcdef) represents four bits, so 32 of them is a way to represent 128 bits.
We’ll leave it as an exercise for the reader to compute the 128 bit sequence that our secret code corresponds to.
July 7th, 2010
Cyber Command (USCYBERCOM) is the new unit in the US Department of Defense that is responsible for the “defense of specified Department of Defense information networks” and, when needed, to “conduct full-spectrum military cyberspace operations in order to enable actions in all domains, ensure freedom of action in cyberspace for the U.S. and its allies, and deny the same to adversaries.”
Their logo as an encrypted message in its inner gold ring:
An article in Wired quotes a USCYBERCOM source:
“It is not just random numbers and does ‘decode’ to something specific,” a Cyber Command source tells Danger Room. “I believe it is specifically detailed in the official heraldry for the unit symbol.”
“While there a few different proposals during the design phase, in the end the choice was obvious and something necessary for every military unit,” the source adds. “The mission.”
Here’s your chance to use those skills you learned in CMSC 443. Wired is offering a T-shirt to the first person who can crack the code. With that hint in hand, go crack this code open. E-mail us your best guess, or leave it in the comments below. Our Cyber Command source will confirm the right answer. And the first person to get it gets his/her choice of a Danger Room T-shirt. USCYBERCOM might offer you a job.