Bin Laden Unit downsided?

The New York Times reports:

he Central Intelligence Agency has fewer experienced case officers assigned to its headquarters unit dealing with Osama bin Laden than it did at the time of the attacks, despite repeated pleas from the unit’s leaders for reinforcements, a senior C.I.A. officer with extensive counterterrorism experience has told Congress.

A senior official disputes this:

A senior intelligence official who asked not to be identified strenuously disputed Mr. Scheuer’s criticism about the resources assigned to the war against Al Qaeda. “The assertions are off the mark,” the official said. “There are far more D.O. officers working against the Al Qaeda target both at C.I.A. headquarters and overseas than there were before Sept. 11,” the official said, using the abbreviation for the Directorate of Operations, the C.I.A.’s clandestine arm. “Our knowledge of and substantive expertise on Al Qaeda has increased enormously since 9/11. The overall size of the counterterrorism center has more than doubled, and its analytic capabilities have increased dramatically.”

But are the claims really incompatible? One official refers to the Bin Laden unit, the other to Al Qaeda and counter-terrorism. It seems to me that all the claims may be true.

Bin Laden may be effectively isolated. His communications need to go through chains of couriers, and thats slow and difficult. So focusing on more active players may make some sense.

Then there’s the question of what you do if you find him. If you kill him, you risk making him a martyr. If you capture him, do you bring him to trial? Recall that he’s already been indicted over the first set of World Trade Center attacks.

(Ecto seems to be losing parts of posts on me. Feh!)

Microsoft JPG Bug, Patch, Tool

Microsoft has released a critical advisory (or, less-technical version) regarding a problem with the way JPEG files are parsed. Microsoft has released patches for their applications, and also a tool to scan for vulnerable apps.

I’m not sure what to think about the tool. On the one hand, good for them! Helping customers secure their systems by finding problems is a good, even if some people don’t think so. On the other hand, Microsoft could have sent a note to all their MSDN (Developer Network) customers about the problem. So why the effort for a tool? A tool, I think, is in line with what John Pescatore was suggesting, which is customer pressure on vendors to release more secure code.

Microsoft has something of a head start on this, having trained their entire staff. Is this the start of an “Unbreakable” campaign from Microsoft, or perhaps something more subtle? Either way, nicely done.
[Update: Fixed OIS link. Thanks, Max!]

Apple Security Updates

Apple has released an updated Security Advisory, to fix two problems introduced in the previous rev. Not a big deal, unless you happened to be trying to deal with their ftpd. As we’ve pointed out (PDF) in the past, security updates are a race between attacks and defense, and there are trade-offs you can make.

I’m still trying to find out what’s in Apple Remote Desktop security update, to make a good decision about if I should install it.

Holy Lousy Security, Batman!

Britons seemed startled by the ease with which palace security was overrun by two men in super hero costumes carrying an extension ladder….Police used a crane to extract him from the ledge as his supporters chanted “free Batman” from behind a police cordon.

From the New York Times story. Or, Google News has more. The men were protesting for more father’s visitation rights after divorces, and the right to carry ladders in public, which will shortly be banned in England. An exception will be made for those who have a builder’s license, pass a background check, and pay an annual fee.

"Want more Secure Software?"

SecurityFocus points to a nice short article over at Silicon.com suggests that

Gartner advises that for companies building their own software, developers should be pushed to put security at the head of their list. It’s not just in-house tech makers that need a word in their ears – the analysts suggest end users should give vendors grief about tightening up their security procedures too.

John Pescatore, the analyst in question, nails it. If you want more security from your vendor, you’ve got to make it a buying criteria. If you want more security from your developers, you’ve got to make time for it in the schedule, and you’ve got to give them tools and training to know what to do. Better security isn’t hard, it just costs some money. Do you prefer to spend that up front, or on operations later?

Mathematical Classifications

Mathematicians use a scheme called the Mathematics Subject Classification, (MSC) which includes a “how to use“, as well as a long history of being revised to reflect changes in the field, and I would guess, practice in how to effectively classify things.

It has a General and Miscellaneous Topics section, too.

Articles must be given a primary classification, and may be given arbitrary additional classifications. The first article in the first volume I was published in was 54C40, 14E20 secondary 46E25, 20C20.

That’s (54C40 Algebraic properties of function spaces), (14E20 Birational Geometry:Coverings), (46E25 Rings and algebras of continuous, differentiable or analytic functions {For Banach function algebras, see 46J10, 46J15})*, 20C20 Modular representations and characters).

Google doesn’t seem to be specialized in searching these things. Those 4 numbers as a search don’t return the specific paper, but then, the specific paper isn’t online. There are search engines that are able to search by MSC. (It’s under “Class”) in that link, or try to navigate in Norwegian. I did, before finding the English link.

UPDATE: The * after the {see 46J10, 46J15} was going to be a footnote, explaining that {braces} represent prioritization–you must check to see if 46J10 or 46J15 are better fits.

Canadian Health Care

The New York Times reports on a lack of doctors in Canada, along with a rise in Canadians using emergency rooms to replace family doctors. (Use BugMeNot if you don’t want to register.)

The basic problem is economic. Doctors are much better paid in the US than in Canada, and doctors can easily move. Its also harder for a doctor to be entrepreneurial in Canada, not only because of the extra paperwork, but some things that they may want to do are actually banned. For example, a doctor can’t open a private surgery with the plan to sell overnight stays, even if people want to pay for it. The slur against that is it would ‘create a two-tier system.’ Similarly, the supplemental health insurance I had while working in Montreal would pay for a private hospital room, but there were either none or very few, reserved for senior politicians and the otherwise well-connected. Apparently a private room counts as two-tier.

Of course, there is a two-tier system now. A well-off friend once flew to the US for treatment he needed. It seems that Canada could do a better job of providing base care while still providing the base level of health care which they do. And another friend, just to balance the anecdotes, has gotten good long-term care for an unusual and life-threatening condition. He’d be long bankrupt in the US.

Shih shih…

The great linguist Chao Yuen-Ren once wrote an essay in Chinese using only words which (in Mandarin) would be transliterated as shih (using Wade-Giles; shi in pinyin). You can see the text in characters and two transliterations, read the translation (“A poet by the name of Shih Shih living in a stone den was fond of lions…”), and hear both Mandarin and Cantonese readings here

Via LanguageHat, where you can see the reference chain.