Souvislosti - Webtrh.cz

International Search – What’s The Big Deal?

Thu, 09 Sep 2010 13:49:30 +0000

Seattle + London:

Google is the most popular search engine in most countries, Facebook is overtaking all other local networks to lead the way in global social media and Twitter is gaining new followers from all corners of the globe in their droves. [...]

"Kdo bude makat u pásů, když budou všichni vzdělanci?!"

autor Lukáš Kovanda — Wed, 08 Sep 2010 22:01:00 +0000

Čína, země šprtů.

Blekko: The New Way To Search?

Wed, 08 Sep 2010 11:14:51 +0000

Blekko is an interesting new search engine currently in Beta. As there will be plenty of people doing general reviews, I thought I would concentrate on looking at what Blekko can offer in terms of links.

Link builders in particular [...]

Srpnové alokace

Tue, 07 Sep 2010 07:26:48 +0000

Člověk by očekával, že letní měsíce budou z pohledu IP alokací klidnější a že v létě dojde v nějakému posunu data vyčerpání IPv4 adresního prostoru. Ale klid rozhodně není. Alokace pokračovaly i v srpnu poměrně svižným tempem. Pravidelného čtenáře mých příspěvků o IPv4 alokacích už rozhodně nepřekvapí, že nejaktivnější oblastí byl region Asie-Pacific, což ilustruje [...]

Pedály

pkatlarge@gmail.com (akb) — Sun, 05 Sep 2010 14:51:00 +0000

Kam se poděly Saddámovy peníze (John B. Taylor podruhé)

autor Lukáš Kovanda — Sat, 04 Sep 2010 22:01:00 +0000

Co stahuje Spojené státy.

Where’s the Beef?

Sat, 04 Sep 2010 15:43:36 +0000

The Cringely (Not in Silicon Valley) Startup Tour is less than two weeks from being over yet where is all the video? It’s coming, I promise. We have so far visited companies in New York, Massachusetts, Vermont, Pennsylvania, Ohio, Michigan, Indiana, Illinois, Missouri, Minnesota, North Dakota, Colorado, Washington, Oregon, California, Arizona, and are now in [...]

IPv6: Smart Investments and Smart Grids

Sat, 04 Sep 2010 11:53:00 +0000

IPv6 a major catalyst for billions of dollars worth of deals? The Intel announcement of their McAfee purchase for 7.7 billion seems to indicate as much when Dave DeWalt , McAfee CEO is quoted as saying during a conference call; "If we look at the transition from IPv4 to IPv6, we're seeing an explosion of billions of devices and they all need to be secured." Then he continues by saying "The embedded market is a very specific and high-opportunity market for us." His estimate is that the number of connected devices will grow from one billion to 50 billion within 10 years.

In the meantime Baltimore Gas and Electricity (BGE) signed a contract for the provision of IPv6 based smart readers to equip their 1.2 million customers using a 'secure, end-to-end IPv6 platform for BGE to deliver on operational benefits today while also ensuring tomorrow's energy challenges can be met with a scalable and open platform'.

The same day , September 1st, we see Cisco and Itron sign a strategic agreement to 'develop a standards-based, highly secure technology for full IPv6 implementation of field area communications to support smart metering, intelligent distribution automation and interfaces to the customer premise '.

One day later, september 2nd, Cisco announces the purchase of Archrock, a pioneer of IPv6 implementation for sensor network and smart grids , cofounder of IPSO , the alliance promoting IP for small objects, and strong proponent of the IETF 6lowpan recommendation which defines the use of IPv6 for low powered objects.

There is definitely an IPv6 smell in the air these late summer days.

Written by Yves Poppe, Director, Business Development IP Strategy

Yandex: Geo-targeting By City Is Key To Success In Russia

Thu, 02 Sep 2010 12:46:07 +0000

Moscow:

For any organisation targeting a Russian audience, knowing and understanding Yandex is key to success in the country. The homegrown search engine is the clear market leader in Russia, and is showing little sign of relinquishing any of this share [...]

Míří Amerika na dno?

autor Lukáš Kovanda — Wed, 01 Sep 2010 22:01:00 +0000

Platy snižují i zkušeným ekonomům.

It’s a Sony

Wed, 01 Sep 2010 07:45:03 +0000

The machine pictured here is a Sony XDCAM EX, a 1080p tapeless HD camcorder. It is a so-called “prosumer” model that lists for $7800. I bought a pair of these cameras (new in the box) at the beginning of July to use for shooting this summer’s Startup Tour. Many video professionals think these are the [...]

How Do Journalists Search For Material?

Tue, 31 Aug 2010 23:19:24 +0000

In a research done by Nordic eMarketing in cooperation with the eNewsPR network, journalists are found to use less than 2.5 keywords most of the time. In the same research Nordic eMarketing found that French journalists are lazier than the [...]

Trolling for Dollars

Tue, 31 Aug 2010 22:50:45 +0000

Microsoft co-founder Paul Allen filed suit this week against a litany of Internet companies claiming they had violated patents awarded years ago to Allen’s now-defunct Interval Research. Many writers, including one passing himself off as me, claimed this made Allen a so-called “patent troll. ” I don’t think that is the case. Patent trolls are [...]

When IT Fails

Mon, 30 Aug 2010 15:48:19 +0000

A friend of mine has been in an epic struggle with his mortgage processor and his experience tells us a lot about the state of IT. It started in October of last year when my friend met with his loan processor (Bank of America) to inquire about a loan modification. The loan is actually owned [...]

Státní maturity: jak o tom může vůbec jít diskuse?

Mon, 30 Aug 2010 12:58:17 +0000

Téma státních maturit – tedy závěrečných středoškolských zkoušek dle jednotných pravidel a podmínek – je evergreenem snad už několika let a opět, poněkolikáté letí médiemi. Nechápu proč: o otázce státní maturity: ano či ne? vůbec nemůže jít diskuse

New frontiers in social networking

Mon, 30 Aug 2010 07:31:52 +0000

The big news this week is the launch of a National Science Foundation-funded study aimed at "developing the NeuroPhone system, the first Brain-Mobile phone Interface (BMI) that enables neural signals from consumer-level wireless electroencephalography (EEG) headsets worn by people as they go about their everyday lives to be interfaced to mobile phones and combined with existing sensor streams on the phone (e.g., accelerometers, gyroscopes, GPS) to enable new forms of interaction, communications and human behavior modeling." More precisely, the research, being conducted at Dartmouth College, is intended to accomplish several goals, including developing "new energy-efficient techniques and algorithms for low-cost...

Ženy ve vleku hormonů

autor Lukáš Kovanda — Sat, 28 Aug 2010 22:01:00 +0000

I menstruační cykly dělají s ekonomikou divy.

Vyhoďme úředníky. Ty, co se "vezou". Neždímejme ekonomiku

autor Lukáš Kovanda — Wed, 25 Aug 2010 22:01:00 +0000

Jak uzdravit českou ekonomiku.

Omnibus Cybersecurity Bill May Not Go Where Original Authors Intended

Wed, 25 Aug 2010 19:17:00 +0000

In an interview with GovInfoSecurity, Sen. Thomas Carper said that the U.S. Senate is considering attaching cybersecurity legislation to a defense authorizations bill. Though clearly a ploy to be able to say "we did something about those evil hackers" before the elections, CAUCE applauds the attempt. There can be no doubt that the United States (and many other countries) sorely needs better laws to deal with these threats.

Further, Senate Majority Leader Harry Reid has asked that the cybersecurity bills currently in front of various committees be combined into one single, omnibus bill, which would presumably then be attached to the defense authorizations bill. Here's where we start to get worried.

Each of the bills we've seen (and we surely haven't seen them all yet) have some good points, and some...let's just call them unintended consequences. In every case it's obvious that the authors' intentions were good, but they needed some expert advice from people who understand the technical and legal realities of the internet today.

One such expert, a long-time CAUCE supporter who asked to remain anonymous, shares his review of one of those bills: S. 3742, the "Data Security and Breach Notification Act of 2010." You can read the original and check its current status here.

Please note that this is not legal advice. Our expert is not a lawyer, I'm not a lawyer, and CAUCE did not consult with any lawyers before publishing this article.

Our expert says it's going to be difficult to construct a single good omnibus cybersecurity bill. The bigger and more complicated it gets, the less likely it is that anyone will actually read the bill before voting on it—particularly when they're in a hurry to go home and win an election.

He highlights a few specific items which could be troublesome for just about anyone running a mail server, a web site, or other online services which collect or transit any information:

Page 2, Section 2 (a)(2)(A): More or less everyone's going to need to have personally identifiable information (PII) security policies
Page 3, Section 2 (a)(2)(B): ... and an information security officer
Page 3, Section 2 (a)(2)(C): ... and a process for monitoring for PII breaches
Page 3, Section 2 (a)(2)(D): ... and a process for mitigating PII vulnerabilities
Page 3, Section 2 (a)(2)(E): ... and a process for securely deleting electronic records containing PII
Page 4, Section 2 (a)(2)(F): ... and a process for securely destroying paper and other non-electronic records containing PII
Page 4, Section 2 (b): If you're an "information broker" (which would include nearly anyone who collects information and shares it with anyone else), you have additional obligations, including needing to submit policies to the FTC, needing to provide consumer access to information, tracking access to information maintained by the broker, etc.
Page 13, Section 3 (a)(1): Requires notification solely to US citizens and residents in the event of a breach. Of course, that presumes you know the nationality/immigration status of those whose PII data you hold (hmm, I don't think *anyone* I know does, except for HR departments with regard to their own employees). If I were a covered entity, I'd be strongly inclined to begin soliciting that information from everyone I get PII data from, although of course that may trigger a whole different set of issues, particularly in areas where immigration related issues are a hot button topic.
Page 14, Section 3 (b)(2): Notification by a service provider triggers reporting requirements. This is going to make LOTS of friends for service providers, given the affirmative notification and credit protection obligations that customers accrue after being notified.
Page 19, Section 3 (d)(2)(A): Alternative notification is available for incidents involving LESS than 1,000 individuals. This is goofy.
Normally alternative notification is allowed as an option when the number of covered individuals is very LARGE not very small. For example, some state laws permit alternative notification in cases where costs of providing notice would exceed a quarter million dollars, the affected class of consumers to be notified exceeds 350,000, or the notifying party doesn't have sufficient contact information to provide notice.
There's language on page 22 of the draft bill that may allow regulatory additions to expand when substitute notification is permissible, but the basics for when substitute notification should be permissible should be part of the core statute, not an after-the-fact, maybe-yes, maybe-no regulatory add on by the agency.
Page 25, Section 3 (d)(2)(B): imposes compliance burdens on entities for a year before technical compliance guidance is available. Enforcement of the act should be held until the guidance envisioned by 3(d)(2)(B) is available, and realistically it will take probably an additional period after that for sites to deploy the recommended technology (new projects don't happen over night).
Page 26, Section 3 (h): Potentially requires notification in polyglot languages. This can be a huge administrative PITA—consider the "simple" case of the EU, where there are "only" 23 official languages (Bulgarian, Czech, Danish, Dutch, English, Estonian, Finnish, French, German, Greek, Hungarian, Irish, Italian, Latvian, Lithuanian, Maltese, Polish, Portugese, Romanian, Slovak, Slovene, Spanish and Swedish, plus (semi-official) Catalan, Galician, and Basque).
This section could be potentially exceptionally burdensome if the FCC suddenly mandates that sites provide notification in multiple foreign languages (I could see an argument for requiring Spanish as well as English, but there are some communities in the United States where other languages are also very common).
Page 28, Section 4 (b)(1): It seems unnecessarially combative to define all data security incidents as "unfair or deceptive acts or practices." Data security incidents are not typically something which a covered entity intentionally does, neither are such breaches typically "unfair" or "deceptive" in the same way that some TV or Internet huckster's "miracle" product or pyramid sales scheme might be.

The most persuasive argument in the other direction is probably that currently most states already have their own PII breach notification laws, and it can be a pain to try to stay in compliance with 46 different PII information security and breach notification statutes. So again, the intention is clearly good, but in practice...it needs some careful review.

So there are the results from one bill, examined by one expert. He's one of the best minds in the cybersecurity community, yet he may still have missed something. With legislation as important as this, smushing it all together and rushing to attach it to something unrelated is simply a bad idea. This is a topic which requires careful thought, from multiple people who really do know what they're doing—and who can explain it to the Congressional staffers who will write the resulting bill, and then to the Senators and Representatives who will collectively make the decision.

Once that education has occurred, it should quickly become evident that while some of these bills do overlap, others do not. Some will disagree. Some simply contain bad ideas. All of this has to be worked out. Then, finally, it might make sense to combine them—not now, and not just because they all have the prefix "cyber" in the title somewhere.

This article was originally published by CAUCE.

Written by J.D. Falk, Director of Product Strategy at Return Path

Facebook Overtakes Orkut As Most Popular Social Network in India

Wed, 25 Aug 2010 16:39:30 +0000

Mumbai:

Facebook is now the most popular social network in India, having overtaken Orkut for the first time ever. The latest comScore figures show that Facebook has grown by 179% in the past year, and boasted 20.9 million visitors in [...]