Michael Koby

What's the Point of Protecting Twitter Updates?

Posted on February 23, 2008 by Michael Koby

I was randomly searching for people to follow on Twitter. Decided I would type in “Houston, TX” since I live in the Houston area so I could follow some local folks. Start looking through the 21 pages of results and I find at least two or three people on every page have their updates protected.

What’s the point?

I mean a part of me gets it. You don’t want the entire world to read your updates. But at the same time, why sign up for an overly social site if you’re going to basically be anti-social? It seems counter-productive to me. Maybe, I’m just a little more open with my updates, but I also wouldn’t post something that I was not comfortable with the whole world knowing anyway. I guess I’m just careful like that.

Anyone have any thoughts on this matter? Are you someone who has their Twitter updates set to private? If so, why? I would really like to know and understand.

Posted in Internet | Tagged micro-blogging, Twitter | 3 Comments

links for 2008-02-23

Posted on February 22, 2008 by Michael Koby

Posted in Daily Links | Comments Off

Microsoft is a Flip-Flopper

Posted on February 22, 2008 by Michael Koby

Yesterday, Microsoft announced a new strategy in relation to “openness” and made basic proclamations with regards to interoperability. The press release entitled, “Microsoft Makes Strategic Changes in Technology and Business Practices to Expand Interoperability” really just served as a general plan of what Microsoft intends to do with making themselves interoperate better with other projects, specifically in the open source arena.

Microsoft officially flip-flops more than Kerry on the 2004 campaign trail. In the past 3 years Microsoft has made at least 2 other claims to be more open while at the same time threatening open source companies and users with intellectual property lawsuits. This seems contradictory to me, maybe because it is a contradiction in the fullest sense of the word. How can you want openness and interoperability but threaten to sue those that want to connect to you and your products? It just doesn’t make sense.

Now, this time around they have some form of game plan and they publicly state that they will allow non-commercial use of Microsoft patents, while commercial use of these patents will need to acquire a license at low-royalty rate. They mention that they will be releasing documentation on every programming interface for all their high volume products so that people can develop around these technologies. I wonder if this means that we will see better communication on Samba based technologies (Samba is an open-source technology that allows non-windows machines to communicate with Windows file shares). I also wonder if there will be more communication with the Mono project so that there is better integration between .Net and Mono. I would love to see Mono become more complete as a result of this. Somehow though, I doubt that this will occur.

Like I said before, Microsoft continually changes their position on being “open” and this time, I believe, will be no different. I think that we will see another flip to this flop in six to eight months time. While I applaud the general idea behind this initiative, I just don’t see it being fully fruitful. We will just have to wait and see if this time Microsoft actually bears fruit with this round of openness.

Posted in Technology | Tagged Linux, Microsoft, open source | Comments Off

links for 2008-02-22

Posted on February 21, 2008 by Michael Koby

Posted in Daily Links | Comments Off

Security Flaw in Popular Disk Encryption Programs Found

Posted on February 21, 2008 by Michael Koby

The Electronic Frontier Foundation has published an article about a research paper that shows how popular disk encryption software can be defeated. The article (found here) explains that popular disk encryption programs like BitLocker (Windows Vista’s disk encryption program) and open source favorite, TrueCrypt, are not invulnerable to the suggested attacks.

The main issue revolves around data being stored in the computers RAM after a computer has been powered off or is in sleep/hibernation mode. Programs can be written to retrieve data out of RAM once the computer has been turned back on giving a malicious user access to the passwords used to access the encrypted drives. The article or the paper it references do not mention how long a computer needs to be turned off for the memory remnants to fully leave the system. Though they do mention that it can stay in memory up to a full minute at room temperature (even longer the colder it gets). You can read the full paper, at Lest We Remember: Cold Boot Attacks on Encryption Keys.

What does this mean exactly? Well it just further proves that no level of security is full proof. No matter how hard you try, someone can, with enough time and work, get to your data. This does not mean that one should make it easy for the hacker. The general idea behind security, no matter if its disk encryption or strong passwords, is simply to make the hacker’s life more difficult when it comes to getting to your data. The harder it is for someone to get to your data, the more chances you have of them giving up and moving on. There are plenty of people in the world that do not take the extra steps to secure their private data, so they will more often than not, move on to someone that does not take those steps. The general idea here is time spent versus rewards. Chances are, if you are taking those extra steps, you probably are smart enough to not have any data that is really worth having on the computer, or at least not in large quantities.

Security is important and more people should consider the data they store on their hard disks, USB flash drives, or anywhere else in digital format for that matter. If you are going to store sensitive data, take the extra steps to secure it. Even though the disk encryption programs have a flaw does not mean that the hacker is going to go through the trouble. Just because security can be broken does not mean that one should not take proper steps to ensure the security of their sensitive data.

Posted in Security, Technology | Comments Off