My apologies to the anonymous visitor whose off-topic comment I initially rejected. Let me answer your question.
By social media, let me define it by example to be services like Google Wave, Facebook, Orkut, Linkedin, Twitter, Digg, Reddit, Slashdot, and others. Let me consider blogs separately from these.
By SEO, we mean Search Engine Optimization, or the art and science (yes, both) of crafting ones content and metadata in a search-engine friendly way so that one's website is most accurately represented (not misrepresented) and, thus, can be found by those likely visitors who, in the absence of good SEO, would not have found the site.
SEO works brilliantly on static websites (those composed of .html pages, which are updated "manually" or with the help of half-way automated tools). The content is prepared, so it is easy to provide SEO for that content at the time of preparation. For dynamic content, on the other hand, while it is not difficult to provide SEO at the time of the content's creation, it is unpredictable how to access the content (a permanent link) or it is the mere dynamic nature that can result in omissions of content (content was posted and then changed before it could be indexed), or the information on the site is dependent, somehow, upon various characteristics of the viewer, especially geography - search engines must be able to pose as each combination of characteristics the site responds to and thereby make a complete index of the content.
To this end, search engines have now adopted the Sitemap idea, which provides (possibly dynamically) a list of the pages on a site, along with how frequently they are updated, in an easy-to-parse and flexible XML format (see http://www.sitemaps.org/). This helps search engines to find the pages that are generated dynamically, and to which there may not be obvious links elsewhere on the site.
Social media (let's take Twitter, for example) can only kill SEO if it is the only place that content is created on the web. This is because it would be exclusively within the control of the social media service to index and provide searchability of its collective content (within appropriate access permissions). Twitter and Facebook news feeds are "live," meaning that as soon as matching or "relevant" content is available within the system, it will be added to your feed, as you watch. This is a nightmare for public search engines, but within a corporation, especially with a cloud-based functional engine driving it (like MapReduce), queries can be performed on practically up-to-the-second fresh content. In this regard, SEO would not be needed.
So it seems that the art and science of optimizing the content available on a website in order to ensure that search engines out there can detect and index that content for the public to search is far from endangered, but rather will remain in demand for quite some time. SEO, as a business or professional service will certainly continue to change its practice to accommodate new technology and maintain its place in the midst of the automated tools that support it, but SEO is most certainly not going to be killed by social media.
Registered Linux User #370740 (http://counter.li.org)
Society of Women Engineers
This weekend is the Society of Women Engineers National Conference. It happens to be in my hometown. It is shockingly different to attend an incredibly technical event and be completely surrounded by women - we are talking a 95% constitution of those human beings producing more estrogen than testosterone. This is the complementary circumstance to that which I experience daily - namely, a vast majority of men at incredibly technical functions, especially Engineering classes.
The purpose of the Society of Women Engineers is best stated by the expanded title "Society for the Advancement of Women in Engineering" - after all, I am a national member, and I am male. Just as the National Society of Black Engineers encompasses all who promote the advancement of engineers of African descent, and the Society of Hispanic Professional Engineers and the Society of Mexican American Engineers and Scientists similarly encourage all who promote those who fall under those specific ethnic categories to succeed in Engineering, SWE is comprised of individuals who encourage women to excel and advance in the profession.
I was given the tag "I blog about SWE" and since that was not the case previously, it is now justified! Many women helped to pioneer earth-shattering breakthroughs in various engineering and technical disciplines, and their successes proved that it is not necessarily a male-dominated field, but it is so de facto.
Go SWE!
Registered Linux User #370740 (http://counter.li.org)
The purpose of the Society of Women Engineers is best stated by the expanded title "Society for the Advancement of Women in Engineering" - after all, I am a national member, and I am male. Just as the National Society of Black Engineers encompasses all who promote the advancement of engineers of African descent, and the Society of Hispanic Professional Engineers and the Society of Mexican American Engineers and Scientists similarly encourage all who promote those who fall under those specific ethnic categories to succeed in Engineering, SWE is comprised of individuals who encourage women to excel and advance in the profession.
I was given the tag "I blog about SWE" and since that was not the case previously, it is now justified! Many women helped to pioneer earth-shattering breakthroughs in various engineering and technical disciplines, and their successes proved that it is not necessarily a male-dominated field, but it is so de facto.
Go SWE!
Registered Linux User #370740 (http://counter.li.org)
Contributing to Open Source
This semester, I attack my senior project in Computer Science. We have been given the opportunity to contribute to Open Source as our senior project; of course, our experience will be well documented.
My team of four has taken on an altogether greater opportunity to work with IBM to encourage compatibility for Moodle with IBM's DB2 relational database management system (RDBMS). Moodle is an online course management system, written in PHP. Presently, Moodle's code supports Oracle, MS SQL, MySQL, and PostgreSQL. Their framework is flexible enough to allow an extension to support DB2, so that is our endeavor.
We have found, so far, that it is not a trivial task to work together on such a project; we are presently one month into the project and are just finishing up our preliminary research, defining the scope of our contributions, and establishing our development and testing environments.
And so it begins - I transition from just using Open Source to contributing to it!
Registered Linux User #370740 (http://counter.li.org)
My team of four has taken on an altogether greater opportunity to work with IBM to encourage compatibility for Moodle with IBM's DB2 relational database management system (RDBMS). Moodle is an online course management system, written in PHP. Presently, Moodle's code supports Oracle, MS SQL, MySQL, and PostgreSQL. Their framework is flexible enough to allow an extension to support DB2, so that is our endeavor.
We have found, so far, that it is not a trivial task to work together on such a project; we are presently one month into the project and are just finishing up our preliminary research, defining the scope of our contributions, and establishing our development and testing environments.
And so it begins - I transition from just using Open Source to contributing to it!
Registered Linux User #370740 (http://counter.li.org)
WikiTrust - Accountability in the Open Encyclopedia
This article from MIT's Technology Review gives a succinct overview of the WikiTrust project, an effort at the University of California at Santa Cruz (UCSC) to add accountability to open knowledge bases, like Wikipedia, in order to make the content contained therein more useful. The project takes into consideration several aspects of each author's credentials and how their contributions are received by the editing community on that knowledge base; color coding is used for easy identification of the reliability indices that are provided.
This sort of construct, that requires human intervention to certify the authenticity or reliability of other humans on particular topics, is badly needed in most parts of the Internet - browsers are, at the present time, left mostly to their own devices to prove the validity of content they see online, conducting their own investigation of related material and researching the backgrounds of each "author" of online content.
This issue (of identifying experts) is, in fact, opposed to some aspects of the online privacy and anonymity movements for obvious reasons - the identity of the author must be guaranteed in order to certify that the information provided is valid; someone may simply impersonate a reputable expert in a field, posting erroneous information in their trusted name. This can only be avoided by using the web of trust identity system (thawte, wikipedia), which currently exists, but is not widely used. Web of trust works by providing a framework and workflow by which individuals may certify the identity of others, and through the web, someone may be trusted through any number of first-hand trusted connections. The framework, at its core, relies on digital cryptography. A wiki-like environment using the web of trust for certification should present some sort of a revision hash, uniquely identifying a particular revision, and experts trusted through the web of trust should then cryptographically sign that revision only, certifying that the contents of the article through that revision are accurate, and then be notified to likewise certify subsequent revisions. The more trusted signatures a document has, the more reliable it can be said to be, without further investigation.
These systems, however, require that users at large become familiar with their high-level architecture, and understand the implications of various actions taken with respect to them. This education phase is necessary to understand fully how to operate in the information age. Security and identity online can be compared to rudimentary physical security and human legal identity - it is highly uncommon that individuals broadcast their social security numbers or leave their vehicles or homes unlocked when leaving them. Likewise, it ought to be uncommon for Internet users to leave their sessions unattended or unsecured. This, however, requires that users understand the workings of this more complex system; a home or auto lock is quite simple to understand and use, still without knowing its inner workings, but the equivalent constructs in the computing world are a bit more difficult to understand and use.
Registered Linux User #370740 (http://counter.li.org)
This sort of construct, that requires human intervention to certify the authenticity or reliability of other humans on particular topics, is badly needed in most parts of the Internet - browsers are, at the present time, left mostly to their own devices to prove the validity of content they see online, conducting their own investigation of related material and researching the backgrounds of each "author" of online content.
This issue (of identifying experts) is, in fact, opposed to some aspects of the online privacy and anonymity movements for obvious reasons - the identity of the author must be guaranteed in order to certify that the information provided is valid; someone may simply impersonate a reputable expert in a field, posting erroneous information in their trusted name. This can only be avoided by using the web of trust identity system (thawte, wikipedia), which currently exists, but is not widely used. Web of trust works by providing a framework and workflow by which individuals may certify the identity of others, and through the web, someone may be trusted through any number of first-hand trusted connections. The framework, at its core, relies on digital cryptography. A wiki-like environment using the web of trust for certification should present some sort of a revision hash, uniquely identifying a particular revision, and experts trusted through the web of trust should then cryptographically sign that revision only, certifying that the contents of the article through that revision are accurate, and then be notified to likewise certify subsequent revisions. The more trusted signatures a document has, the more reliable it can be said to be, without further investigation.
These systems, however, require that users at large become familiar with their high-level architecture, and understand the implications of various actions taken with respect to them. This education phase is necessary to understand fully how to operate in the information age. Security and identity online can be compared to rudimentary physical security and human legal identity - it is highly uncommon that individuals broadcast their social security numbers or leave their vehicles or homes unlocked when leaving them. Likewise, it ought to be uncommon for Internet users to leave their sessions unattended or unsecured. This, however, requires that users understand the workings of this more complex system; a home or auto lock is quite simple to understand and use, still without knowing its inner workings, but the equivalent constructs in the computing world are a bit more difficult to understand and use.
Registered Linux User #370740 (http://counter.li.org)
Monotone DVCS
I was surprised to see that I have not posted about revision control systems yet. I began using Subversion about a year ago for personal projects; it was a nice start, and I had my beloved server under my bed hosting my repositories for local access.
Since then, I have switched to Mercurial, which is so much more painless than Subversion, being distributed in nature, and the TortoiseHg Windows shell extension made it even more useful for me and my colleagues at the University.
Today, and for the past week or so, I have been watching the Pidgin Instant Messenger project, which uses the Monotone distributed version control system (DVCS). Monotone uses RSA keys (like SSH) to determine the identity of remote peers, and keeps its data in sqlite structures. It seems to be a very idealistic system, when it comes to version control, which is what I am always looking for.
Cruise over and have a look!
Registered Linux User #370740 (http://counter.li.org)
Since then, I have switched to Mercurial, which is so much more painless than Subversion, being distributed in nature, and the TortoiseHg Windows shell extension made it even more useful for me and my colleagues at the University.
Today, and for the past week or so, I have been watching the Pidgin Instant Messenger project, which uses the Monotone distributed version control system (DVCS). Monotone uses RSA keys (like SSH) to determine the identity of remote peers, and keeps its data in sqlite structures. It seems to be a very idealistic system, when it comes to version control, which is what I am always looking for.
Cruise over and have a look!
Registered Linux User #370740 (http://counter.li.org)
StackOverflow and ServerFault
I cannot believe I did not jump into these communities earlier - StackOverflow and ServerFault are two amazing community websites in question-answer forum fashion about programming and software development, and IT administration, respectively. I have occasionally landed on StackOverflow doing Google searches for programming-related problems, but from now on, I will be starting there and moving outward as needed. A nice feature about both sites (which use the same custom framework) is the "interesting tags" feature, which allows you to fine-tune your preferences and tailor the homepage to your interests. Both sites integrate with each other and use OpenID for authentication.
Have a look!
Registered Linux User #370740 (http://counter.li.org)
Have a look!
Registered Linux User #370740 (http://counter.li.org)
California State University Woes
Today, the California State University Board of Trustees voted to institute an additional 20% fee increase, over and above the standard 10% fee increase approved in May. This is to counter the gaping $584 million hole that the California legislature left for us. During today's meeting of the Committee on Finance, to which the fee proposal was referred, the Lieutenant Governor John Garamendi recommended that the proposal be amended with the stipulation that the Board lobby the CA state legislature to adopt AB656, which would impose an oil severance tax, in the State of California, yielding $1 billion to higher education in this state (the Community Colleges, the California State University, and the University of California), with the additional provision that upon successfully achieving this tax, the Board would consequently reduce the tuition and furlough policies that had been instituted for immediate relief from the present crisis. This proposal was seconded during the committee meeting, but summarily opposed; it was not heard by the entire Board. Please see the full text of the resolution.
Arguments in support of the fee increase cited the State as having the lowest fees in the country, while these claims were countered with the cost of living in this State. The fourth strongest economy in the world, as the State was cited, was then recommended to reduce the affordability of its (arguably) most effective educational institution to solve a problem inherited by the CSU from the state legislature. The final challenge to the new policy rested on the simple fact that it seemed that the decision-makers had not exercised sufficient innovation and creativity in arriving at this conclusion, and that, given the resources (if only intellectual), students, faculty, and staff from the CSU would take action to lobby Sacramento of their own means.
Education is the most idealistic institution of our modern society; politics does not come close; medicine demands perfection, which can only be achieved by an equally thorough practical and theoretical education. It seems quite bleak to hope that these ideals can still be sought after, given the additional burden imposed today upon the 450,000 students who currently attend the 23 CSU campuses statewide.
Then we wonder how Open Source could help alleviate the budget burden... most likely not in the short run, and not without changes in staff to accommodate the transition.
Registered Linux User #370740 (http://counter.li.org)
Arguments in support of the fee increase cited the State as having the lowest fees in the country, while these claims were countered with the cost of living in this State. The fourth strongest economy in the world, as the State was cited, was then recommended to reduce the affordability of its (arguably) most effective educational institution to solve a problem inherited by the CSU from the state legislature. The final challenge to the new policy rested on the simple fact that it seemed that the decision-makers had not exercised sufficient innovation and creativity in arriving at this conclusion, and that, given the resources (if only intellectual), students, faculty, and staff from the CSU would take action to lobby Sacramento of their own means.
Education is the most idealistic institution of our modern society; politics does not come close; medicine demands perfection, which can only be achieved by an equally thorough practical and theoretical education. It seems quite bleak to hope that these ideals can still be sought after, given the additional burden imposed today upon the 450,000 students who currently attend the 23 CSU campuses statewide.
Then we wonder how Open Source could help alleviate the budget burden... most likely not in the short run, and not without changes in staff to accommodate the transition.
Registered Linux User #370740 (http://counter.li.org)
Tiny Footprint Mode
Microsoft did it again! I pulled up the Windows Task Manager on my slow laptop to diagnose its problem, only to find that even after several seconds of waiting, it was still not showing its status bar, menu bar, or title bar. I let it go. Then today I was on it again, and saw the same thing, even after rebooting the system (something that Microsoft Windows seems to be addicted to). That led me to Google the symptom: "windows xp borderless task manager." I landed on this result. Windows Task Manager was running in Tiny Footprint Mode! Seriously - Tiny Footprint Mode. What was Microsoft thinking? Other products have mini mode, or slim mode, or they use a cute permutation of some "small" term and their product's name or role, like "mini player" or Windows Media Player's toolbar mode, where it embeds basic playback controls in the Windows taskbar.
Tiny Footprint Mode.
Registered Linux User #370740 (http://counter.li.org)
Tiny Footprint Mode.
Registered Linux User #370740 (http://counter.li.org)
Search Engines, Web Browsers, and Operating Systems
Things are getting quite heated with IE8 being tested by the community since being released through Windows Update, the imminent release of Firefox 3.5, and the whole Bing vs. Google hype. Tech news is littered with arguments for and against, studies conducted under very close scrutiny of the vendors themselves, and propaganda released by each vendor, desperately trying to get a leg up over the competition. Behind the scenes, the magma is heating up over Windows 7 and Apple's Snow Leopard.
What do you see in common? Microsoft vs. Everybody! It's Microsoft against Google, Firefox (Mozilla foundation; open source community), and Apple. The others do not put themselves up against everybody else so strongly - they surely, and justifiably so, promote their own products and services, and when they need to, keep the facts straight (IE8; Google), but they all play clean, while Microsoft seems to be a giant finally unseated in many respects.
Reading news in general, we can see a trend toward more awareness of alternatives, contrasted with the view that Microsoft, Windows, and Microsoft Office were synonymous for their functional roles - Software, Operating System, and Office Productivity Suite (see NY Times malware). People are starting to wonder and ask about switching to other vendors - Linux or Mac, OpenOffice.org, etc. Microsoft still remains the giant for the enterprise tier of users, but it is not uncommon to find Mac offices, or offices that are comprised of a heterogeneous set of computing technology, each individual pooling what he feels the best for each aspect of his workflow. We find Linux-based print servers, firewalls, web and database servers; these are connected to Windows and Mac clients, as well as the occasional Windows client. Then you will also see Windows solutions deployed in the infrastructure of the office for specialized applications that only support Windows for their purposes. Especially with the advent of cloud computing, these lines only grow fuzzier.
It is quite fascinating to watch the explosion of technology these days, everything attempting to achieve a niche, play into the social network and interconnectedness, and ride the tide into the cloud. There are all kinds of web sites/services set up to share various types of information in a categorized or tagged community setting - which ones will survive as leaders in their respective niche? Time will tell, as it always has.
Registered Linux User #370740 (http://counter.li.org)
What do you see in common? Microsoft vs. Everybody! It's Microsoft against Google, Firefox (Mozilla foundation; open source community), and Apple. The others do not put themselves up against everybody else so strongly - they surely, and justifiably so, promote their own products and services, and when they need to, keep the facts straight (IE8; Google), but they all play clean, while Microsoft seems to be a giant finally unseated in many respects.
Reading news in general, we can see a trend toward more awareness of alternatives, contrasted with the view that Microsoft, Windows, and Microsoft Office were synonymous for their functional roles - Software, Operating System, and Office Productivity Suite (see NY Times malware). People are starting to wonder and ask about switching to other vendors - Linux or Mac, OpenOffice.org, etc. Microsoft still remains the giant for the enterprise tier of users, but it is not uncommon to find Mac offices, or offices that are comprised of a heterogeneous set of computing technology, each individual pooling what he feels the best for each aspect of his workflow. We find Linux-based print servers, firewalls, web and database servers; these are connected to Windows and Mac clients, as well as the occasional Windows client. Then you will also see Windows solutions deployed in the infrastructure of the office for specialized applications that only support Windows for their purposes. Especially with the advent of cloud computing, these lines only grow fuzzier.
It is quite fascinating to watch the explosion of technology these days, everything attempting to achieve a niche, play into the social network and interconnectedness, and ride the tide into the cloud. There are all kinds of web sites/services set up to share various types of information in a categorized or tagged community setting - which ones will survive as leaders in their respective niche? Time will tell, as it always has.
Registered Linux User #370740 (http://counter.li.org)
Facebook Spam
Facebook members have been hard-hit recently by hackers and spammers who send messages through someone's Facebook account to all their friends - the message typically contains a single link, which generally points to a phishing attack with a page that looks like the Facebook login page that you get when you follow an internal Facebook link before logging in, like the ones that are sent in official Facebook notification emails. We can guess that people who follow those links and enter and submit their information should expect their accounts to be similarly compromised.
The recommendation I received when I reported one of these many incidents to the Facebook abuse team was to inform my friends to change their passwords and contact privacy@facebook.com to verify the security of their accounts.
Wishing you the safest Internet experience!
Registered Linux User #370740 (http://counter.li.org)
The recommendation I received when I reported one of these many incidents to the Facebook abuse team was to inform my friends to change their passwords and contact privacy@facebook.com to verify the security of their accounts.
Wishing you the safest Internet experience!
Registered Linux User #370740 (http://counter.li.org)
Pope Benedict XVI on Hi-Tech Evangelization
Several news agencies recently published articles including Pope Calls for Internet Evangelists and Bearing Witness to the Faith through the Digital World, both referring to Wednesday's General Audience, at which the Pope did, indeed, speak on these matters.
It seems only appropriate that Open Source technologies be employed to meet this need - they are easy for the public to obtain, and therefore the best vehicle for introducing a message by way of a product that is entering the consumer market. Furthermore, the nature of Open Source software provides for customization and re-theming of applications, which could also be very effective at communicating the Good News via fully-functional software applications.
In addition to these aspects of technology, the Pope is particularly encouraging the use of prevalent social networks and the vast and diverse array of communication tools that today's young people have at their fingertips, and at which most are keenly proficient.
Registered Linux User #370740 (http://counter.li.org)
It seems only appropriate that Open Source technologies be employed to meet this need - they are easy for the public to obtain, and therefore the best vehicle for introducing a message by way of a product that is entering the consumer market. Furthermore, the nature of Open Source software provides for customization and re-theming of applications, which could also be very effective at communicating the Good News via fully-functional software applications.
In addition to these aspects of technology, the Pope is particularly encouraging the use of prevalent social networks and the vast and diverse array of communication tools that today's young people have at their fingertips, and at which most are keenly proficient.
Registered Linux User #370740 (http://counter.li.org)
Oracle and Sun
Everybody is talking about it. The top-of-the-line enterprise database vendor is acquiring the leader in portable application development, dynamic web applications, and, by transitivity, the top-of-the-line open source database. Oracle Corporation acquired Sun Microsystems, which recently acquired MySQL.
Java, Sun's software platform, has always had a good MySQL interface, and the open source community saw Sun's move as one that would strengthen the relationship between the two, though they were wary of Sun close-sourcing MySQL. Now that two levels of database are consolidated into a single company, we wonder where it will go.
A similar relationship exists between Solaris, Sun's Java-friendly operating system, and the Oracle database system - namely that the pair is the most popular implementation of an Oracle database server. We can only imagine the optimizations that may be possible now that intellectual property restrictions between the two entities are lifted.
The Linux Foundation seems to support the move and see great strides in the future of Linux and open source software. What do you think?
Registered Linux User #370740 (http://counter.li.org)
Java, Sun's software platform, has always had a good MySQL interface, and the open source community saw Sun's move as one that would strengthen the relationship between the two, though they were wary of Sun close-sourcing MySQL. Now that two levels of database are consolidated into a single company, we wonder where it will go.
A similar relationship exists between Solaris, Sun's Java-friendly operating system, and the Oracle database system - namely that the pair is the most popular implementation of an Oracle database server. We can only imagine the optimizations that may be possible now that intellectual property restrictions between the two entities are lifted.
The Linux Foundation seems to support the move and see great strides in the future of Linux and open source software. What do you think?
Registered Linux User #370740 (http://counter.li.org)
Facelift!
I was browsing my own blog the other day and really started to feel that itch - time for a new theme! I chose one that was not too far from the previous one, except for the decline in the obviousness of the RED color. This theme still uses red for highlights, but has a more modern, cleaner finish than the previous one. This is still a system theme - I have not broken down to write my own theme for Blogger. Hope you enjoy it!
Registered Linux User #370740 (http://counter.li.org)
Registered Linux User #370740 (http://counter.li.org)
Surprise!
Just celebrated my 21st birthday yesterday. I had changed my Facebook status to include 21 in the three alternate number systems used in computing: hexadecimal, binary, and octal. My only problem is that I frequently use the hex representation of 23, the date on which I was born; I mistakenly put down 21 = 0x17 = 0001 0111 = 027. Later in the day I was thinking about it and so changed it to the correct 21 = 0x15 = 0001 0101 = 025.
Even better, I was anticipating having a meeting with the Vice President on campus; I was invited by the Director of Student Life & Development, who was supposed to take me to the meeting. Upon arrival at his office, I found a note directing me to meet him at the pub on campus. When I got there, I was looking for him, but started recognizing familiar people, and then they all shouted, "Surprise!" It was an incredible feat, especially because I had spoken with everyone who attended earlier in the day or last week, letting them know about the big party this coming Saturday, and also seeing if anyone wanted to go out for drinks last night after my meeting - nobody gave it away! It was an awesome party, and quite unexpected.
If you were there or wanted to be - thanks!
Registered Linux User #370740 (http://counter.li.org)
Even better, I was anticipating having a meeting with the Vice President on campus; I was invited by the Director of Student Life & Development, who was supposed to take me to the meeting. Upon arrival at his office, I found a note directing me to meet him at the pub on campus. When I got there, I was looking for him, but started recognizing familiar people, and then they all shouted, "Surprise!" It was an incredible feat, especially because I had spoken with everyone who attended earlier in the day or last week, letting them know about the big party this coming Saturday, and also seeing if anyone wanted to go out for drinks last night after my meeting - nobody gave it away! It was an awesome party, and quite unexpected.
If you were there or wanted to be - thanks!
Registered Linux User #370740 (http://counter.li.org)
Atrocities
The United Nations proposed 8 Millennium Development Goals, toward which they challenged the world to work. Microsoft's Imagine Cup student competition requires entries to contribute a tech solution that works toward achieving one or more of these goals, at least partially. Numerous charities try to make assisting the neediest in the world an easy part of our daily lives, such as practicing vocabulary or math on the Free Rice website.
Amidst all of this positive development, we still have atrocities committed in what are commonly referred to, passively, as "the most troubled areas of the world." The point is that there is a natural, human right to life and, to a great extent, peace. The current Israeli offensive in Gaza is one of those uses of excessive force that is condemned internationally, and constitutes a tremendous crime against the dignity and natural rights of the people who live there.
The most that most of us can do it raise awareness, to make it known that these actions are not tolerated by the rest of the world, and if enough people are talking about it, the government which we have put in place and empowered for ourselves will take notice and respond in the power it has at the international level.Registered Linux User #370740 (http://counter.li.org)
Modern Information Security
I recently read about the FireGPG extension for Firefox. This extension allows one to interact with encrypted or digitally-signed data included on web pages, using a separately-installed GnuPG installation on the local machine. It also provides tight integration with Gmail, adding a drop-down box that provides digital signature and encryption options for email messages and automatically verifying any signatures that it encounters in viewed messages.
Presently, this extension is a great step toward ease of use for the GPG tool set to allow ordinary computing users to add some security to their communications. It is possible to sign or encrypt a message on the side, and then copy or attach that secured message to the email, but this is a very clumsy process and requires knowledge of many different tools, which is often impractical for the masses.
It is always a concern to look for security leaks in this type of software, but since FireGPG basically provides a parameterized interface to the GPG installed on the user's system, and uses the system keyrings, and prompts the user for the key's passphrase, there is really very little room for a breach of this kind. Personally, I do not let FireGPG cache my passphrase, even for the session, because that is one piece of data in memory that should not see the light of day, and I would prefer it to be overwritten and discarded immediately after it is no longer needed by the encrypting or signing function.
The other element of security in this particular application is open source. FireGPG is open source; the developers provide Subversion repository access to it directly, and provide snapshot tarballs, all cryptographically signed, of course. The point is that you can verify that FireGPG only references the system utilities and does not leak any information back to its creators or other hackers. The possibility of a utility such as this one doing that is reason enough to verify with absolute certainty that the version one installs is authentic, which is why it is imperative that the download be re-hashed on the end-user's system to check it against its md5sum and also the digital signature; any alteration can be fatal.
What the world needs now, with regard to information technology, is strong and easy-to-use security solutions. It turns out that security is never something we can take lightly. The user is the weakest link in the developer-marketer-user chain, and unless the user is strengthened (average people know about how their security works), no method of security will ever be good enough. Currently, the AES encryption algorithms, the GnuPG encryption and digital signature algorithms (RSA/DSA), and the United States National Security Agency's SHA-256/384/512 hashes make the technology strong enough, though it will take some very careful planning to integrate security based on these technologies into the daily lives of individuals.
See Wikipedia for more information on any topic listed here; the information there is very accurate and current.
Registered Linux User #370740 (http://counter.li.org)
Presently, this extension is a great step toward ease of use for the GPG tool set to allow ordinary computing users to add some security to their communications. It is possible to sign or encrypt a message on the side, and then copy or attach that secured message to the email, but this is a very clumsy process and requires knowledge of many different tools, which is often impractical for the masses.
It is always a concern to look for security leaks in this type of software, but since FireGPG basically provides a parameterized interface to the GPG installed on the user's system, and uses the system keyrings, and prompts the user for the key's passphrase, there is really very little room for a breach of this kind. Personally, I do not let FireGPG cache my passphrase, even for the session, because that is one piece of data in memory that should not see the light of day, and I would prefer it to be overwritten and discarded immediately after it is no longer needed by the encrypting or signing function.
The other element of security in this particular application is open source. FireGPG is open source; the developers provide Subversion repository access to it directly, and provide snapshot tarballs, all cryptographically signed, of course. The point is that you can verify that FireGPG only references the system utilities and does not leak any information back to its creators or other hackers. The possibility of a utility such as this one doing that is reason enough to verify with absolute certainty that the version one installs is authentic, which is why it is imperative that the download be re-hashed on the end-user's system to check it against its md5sum and also the digital signature; any alteration can be fatal.
What the world needs now, with regard to information technology, is strong and easy-to-use security solutions. It turns out that security is never something we can take lightly. The user is the weakest link in the developer-marketer-user chain, and unless the user is strengthened (average people know about how their security works), no method of security will ever be good enough. Currently, the AES encryption algorithms, the GnuPG encryption and digital signature algorithms (RSA/DSA), and the United States National Security Agency's SHA-256/384/512 hashes make the technology strong enough, though it will take some very careful planning to integrate security based on these technologies into the daily lives of individuals.
See Wikipedia for more information on any topic listed here; the information there is very accurate and current.
Registered Linux User #370740 (http://counter.li.org)
Subscribe to:
Posts (Atom)
Nerd Test
v1.0:
 |
v2.0:
|
Bloggers' Rights
