Shostack + Friends Blog Archive


New Species Discovered on Flickr

There’s a very cool story on NPR about “A New Species Discovered … On Flickr“. A entomologist was looking at some photos, and saw a bug he’d never seen. Check out the photographer’s site or Flickr pages. The paper is “A charismatic new species of green lacewing discovered in Malaysia (Neuroptera, Chrysopidae): the confluence of […]


Emergent Map: Streets of the US

This is really cool. All Streets is a map of the United States made of nothing but roads. A surprisingly accurate map of the country emerges from the chaos of our roads: All Streets consists of 240 million individual road segments. No other features — no outlines, cities, or types of terrain — are marked, […]


Another personal data invariant that varies

Just about anything a database might store about a person can change. People’s birthdays change (often because they’re incorrectly reported or recorded). People’s gender can change. One thing I thought didn’t change was blood type, but David Molnar pointed out to me that I’m wrong: Donors for allogeneic stem-cell transplantation are selected based on their […]


Congratulations to the CVE team!

The CVE Web site now contains 30,000 unique information security issues with publicly known names. CVE, which began in 1999 with just 321 common names on the CVE List, is considered the international standard for public software vulnerability names. Information security professionals and product vendors from around the world use CVE Identifiers (CVE-IDs) as a […]


From the Heresy Desk

Before Bruce Schneier started using the term, “Security Theatre” was a term I heard from what I call Real Security People. I was designing a security-oriented NOC, and I interviewed people who built secure sites for a couple of governments, banks, and others. They said that what The Adversary thinks you can do is more […]


Must-Read Article: The Ecstasy of Influence

This is in Harpers, “The Ecstasy of Influence.” It is an interesting meditation on the nature of art itself and how art is composed of other art. However, not only must you read this, you must read it all the way through to understand it and why it is important.


Periodic Spiral

The periodic table is under-appreciated as a design masterpiece, and as an iconic representation of science. The table works as a taxonomy, showing someone who knows how to read it a great deal of information about the elements based on their arrangement in space. So it’s pretty audacious to come out with a re-design: The […]


Do Kings Play Chess on Folding Glass Stools?

Over at the OSVDB blog, blogauthor writes: On September 29, Stefan Esser posted an advisory in which he said “While searching for applications that are vulnerable to a new class of vulnerabilities inside PHP applications we took a quick look…“. This lead me to remember an article last year titled Microsoft unveils details of software […]


What’s in a Name?

A rose by any other name might smell as sweet, but it would certainly be confusing to order online. Consistent naming is useful, but requires much effort to get right. In identity management, which I hadn’t thought of as closely related to taxonomies, Zooko has argued that names can be “secure, decentralized or human memorable […]


A Profusion of Taxonomies

In “In the Classification Kingdom, Only the Fittest Survive,” Carol Kaesuk Yoon writes about the profusion of naming schemes for animals: Then there’s uBio, which has sidestepped the question of codes and regulations altogether and instead aims to record every single name ever used for any organism, scientific or common, correct or incorrect, down to […]


A few Typographies of Bloggers

First, a very brief bit of terminology: A typography is a way to organize things, much like a taxonomy. Each item within a typography has clearly distinguishing characteristics, but there’s no hierarchy such as animal, vertebres, mammals, hominids, humans. To be honest, I’m not sure if this is a typography or just some categories. But […]


My Categories Suck

The categories I’ve set for this blog are non-functional. I have 16 categories, of which maybe 4 are ever exclusive. Do you look at my categorization of posts? Do you look at the category archives? Should I create a new set of categories? If so, what? (mmm, Choicepoint! Not.) Should I abandon categories and go […]


Common Vulnerability Scoring System

At RSA, Mike Schiffman presented a Common Vulnerability Scoring System. Brian Erdelyi has taken that, and made a web page to generate numbers. It’s at SecurityHive. (The page requires Javascript be turned on to function.)


A Few Ideas Connected by the Tag "Folksonomy"

Nude Cybot, in an email in which he promises to emerge soon, presumably to be exceptionally cold, mentions that folksonomies have hit Wired News. The Wired article points out that there are more “cat” (16,297) tagged images than “dog” (14,041) in Flickr. But the conclusion they draw from this, “If the photo-sharing site Flickr is […]


Folksonomies, Tested

I’ve just stumbled across this abstract comparing full-test searching to controlled vocabulary searching. The relevance to Clay’s posts on controlled vocabularies is that our intuitive belief that controlled vocabulary helps searching may be wrong. Unfortunately, the full paper is $30–perhaps someone with an academic library can comment. …In this paper, we focus on an experiment […]


Economics of Taxonomies

In his latest post on folksonomies, Clay argues that we have no choice about moving to folksonomies, because of the economics. I’d like to tackle those economics a bit. (Some background: There was recently a fascinating exchange between Clay Shirky and Louis Rosenfeld on the subject of taxonomies versus “folksonomies,” lightwieght, uncontrolled terms that users […]


"Metadata for the masses"

In “Metadata for the masses,” Peter Merholz presents an interesting idea, which is build a classification scheme from free-form data that users apply. He points to Flikr’s “Cameraphone” category, which would probably not exist if there was only a pull-down list. He also points up problems: Many categories for one thing (nyc, NewYork, NewYorkCity), one […]


The Tree of Life, COI-ly

The September 30th issue of the Economist points to an article in PLoS Biology by Hebert, et al, discussing a new technique for identifying species. The technique, which relies on mitochondirial genes for cytochrome c oxidase I (COI), which is a 648 pair gene. [1] This technique helps settle the question of “Is Astraptes fulgerator […]


Taxonomic Software

A small window into a large world, with its own software: biological software, including DELTA, a DEscription Language for TAxonomy, database software, ecology software, morphometric, paleontologic, and phylogentics software. (Hey, I need a taxonomy just to keep the breakdowns straight!) Or DMOZ has a page, but it doesn’t seem as comprehensive. What I want to […]



Biological taxonomy is not fixed, and opinions about the correct status of taxa at all levels, and their correct placement, are constantly revised as a result of new research, and many aspects of classification will always remain a matter of judgement. The ITIS database is updated to take account of new research as it becomes […]


Mathematical Classifications

Mathematicians use a scheme called the Mathematics Subject Classification, (MSC) which includes a “how to use“, as well as a long history of being revised to reflect changes in the field, and I would guess, practice in how to effectively classify things. It has a General and Miscellaneous Topics section, too. Articles must be given […]