Security

Air Quality Indicator

Leave a comment

Amy Franceschini and some colleagues started a site based on the belief that “art can be a catalyst for social awareness and positive change”. Hmmm. Or is social awareness and positive change a catalyst for art?

Chicken before egg.

Anyway, I like (some of) their commentary and found this post might be a sign (ha ha) of things to come:

The project intersects with recent public debate in Copenhagen about air pollution in the city. In collaboration with Senior Scientist Jørgen Brandt from The National Environmental Research Institute in Denmark a first prototype is developed for making an indicator that can be placed in the city and display local levels of pollution as well as pollution forecasts on individual streets. The project holds an open source script for displaying data from the Internet in a variety of forms.

I like the information awareness and creative use of technology for health/security, but there also seems to be a whine or similar noise that cuts into the effectiveness of the free-soil signal. I mean how ironic is it that so many of these “back to basics” advocates require you to use Macromedia Flash to get their message? Roll up your pants and stick your toes in the ASCII, as my mother used to say…

                   ,~.
                ,-'__ `-,
               {,-'  `. }              ,')
              ,( a )   `-.__         ,',')~,
             < =.) (         `-.__,==' ' ' '}
               (   )                      /)
                `-'\   ,                    )
                    |  \        `~.        /
                    \   `._        \      /
                     \     `._____,'    ,'
                      `-.             ,'
                         `-._     _,-'
                             77jj'
                            //_||
                         __//--'/`          hjw
                       ,--'/`  '
                          '
Food, Security

The Deadly Blue Ring Octopus

1 Comment

I just found out from The Cephalopod Page that some octopuses have a venom that can quickly kill humans:

Typically, the victim is unaware of the danger and either picks up the innocuous looking octopus or inadvertently contacts it. The bite is slight and produces at most only a small laceration with no more than a tiny drop of blood and little or no discoloration. Bites are usually reported as being painless. Often the victim doesn’t even know that he had been bitten. This can make it difficult for emergency and medical personnel to determine the cause of a patient’s distress. In fact, there is some question as to whether the octopus even needs to bite to envenomate a human. In cases with prolonged contact, the venom might pass directly through the skin. While most severe envenomations appear to involve bites, I can report developing mild local neurological symptoms after immersing my hand in sea water in which a large blue-ring had been shipped.

Seems like powerful stuff. Probably most dangerous if you try to eat or drink the toxin. The damage potential of even a small octopus is impressive:

The toxin was characterized as a low molecular weight, non-protein molecule and was named maculotoxin. It was recognized to be similar to tetrodotoxin (TTX), the extremely deadly toxin found in pufferfishes Experiments with rabbits showed that a single adult blue-ringed octopus weighing just 25 g possessed enough venom to fatally paralyze 10 large humans.

Why so much? And how many rabbits had to die to figure that out? Interesting to note how these octopuses happen to produce and carry the toxin:
Blue Ring

Their salivary glands harbor dense colonies of TTX-producing bacteria. The blue-rings have evolved a symbiotic relationship with the bacteria, providing them ideal living conditions while using the toxin they produce to subdue prey and as part of their highly advertised defense.

There’s a beautiful picture of one available HERE, probably taken just before it killed the photographer, William Tan.

Security

The national security risk of secure software

Leave a comment

Here is a new twist on the Bush Administration’s concern about national security, and their concern about open ports (ha ha). The AP reports that the US government is worried that their intrusion detection system of choice is about to be purchased by an Israeli company:

The contrast between the administration’s handling of the $6.8 billion Dubai ports deal and the Israeli company’s $225 million technology purchase offers an uncommon glimpse into the U.S. government’s choices to permit some deals but raise deep security concerns over others.

[…]

Under the sale, publicly announced Oct. 6, Check Point would own all Sourcefire’s patents, source-code blueprints for its software and the expertise of employees.

One might think this would be less of a problem for national security if Sourcefire were open source; however, the article first suggests that officials are concerned about the fate of Snort, but then that they prefer it because it is open source. Doesn’t that contradict? Here, you figure it out:

The objections by the FBI and Pentagon were partly over specialized intrusion detection software known as “Snort,” which guards some classified U.S. military and intelligence computers.

[…]

Sourcefire’s protection and monitoring technology builds on the popularity of Snort, which was created by its chief technology officer and is distributed free. Unlike Sourcefire’s commercial products, Snort’s blueprints are open for inspection to assure it works as advertised. This makes it popular inside the U.S. intelligence community, even alongside more mainstream security products from Cisco Systems Inc. or Juniper Networks Inc.

The funny thing I’ve noticed with Sourcefire is how annoyingly complex the management console tends to be, which sort of eliminates the value proposition over Snort. Even if you just want to apply the latest patch to a Sourcefire system you have to download the code to one system, then upload that code to the management console, then push the code out to the sensor, then notify the sensor to install the code that you just pushed. It tends to be a terribly slow and clumsy process that I have to explain over and over again when training someone on the system. Don’t get me wrong, I like the technical aspects of Sourcefire (mostly as it is still a derivative of Snort) and appreciate the system’s capabilities, but the GUI can be a real headache.

Anyway, I guess it says a lot that Checkpoint would rather extricate all of its software from the US government than forgoe the acquisition of Sourcefire or allow all of the code to be open, at least to governments.