"Want more Secure Software?"

SecurityFocus points to a nice short article over at Silicon.com suggests that

Gartner advises that for companies building their own software, developers should be pushed to put security at the head of their list. It’s not just in-house tech makers that need a word in their ears – the analysts suggest end users should give vendors grief about tightening up their security procedures too.

John Pescatore, the analyst in question, nails it. If you want more security from your vendor, you’ve got to make it a buying criteria. If you want more security from your developers, you’ve got to make time for it in the schedule, and you’ve got to give them tools and training to know what to do. Better security isn’t hard, it just costs some money. Do you prefer to spend that up front, or on operations later?

Mathematical Classifications

Mathematicians use a scheme called the Mathematics Subject Classification, (MSC) which includes a “how to use“, as well as a long history of being revised to reflect changes in the field, and I would guess, practice in how to effectively classify things.

It has a General and Miscellaneous Topics section, too.

Articles must be given a primary classification, and may be given arbitrary additional classifications. The first article in the first volume I was published in was 54C40, 14E20 secondary 46E25, 20C20.

That’s (54C40 Algebraic properties of function spaces), (14E20 Birational Geometry:Coverings), (46E25 Rings and algebras of continuous, differentiable or analytic functions {For Banach function algebras, see 46J10, 46J15})*, 20C20 Modular representations and characters).

Google doesn’t seem to be specialized in searching these things. Those 4 numbers as a search don’t return the specific paper, but then, the specific paper isn’t online. There are search engines that are able to search by MSC. (It’s under “Class”) in that link, or try to navigate in Norwegian. I did, before finding the English link.

UPDATE: The * after the {see 46J10, 46J15} was going to be a footnote, explaining that {braces} represent prioritization–you must check to see if 46J10 or 46J15 are better fits.

Canadian Health Care

The New York Times reports on a lack of doctors in Canada, along with a rise in Canadians using emergency rooms to replace family doctors. (Use BugMeNot if you don’t want to register.)

The basic problem is economic. Doctors are much better paid in the US than in Canada, and doctors can easily move. Its also harder for a doctor to be entrepreneurial in Canada, not only because of the extra paperwork, but some things that they may want to do are actually banned. For example, a doctor can’t open a private surgery with the plan to sell overnight stays, even if people want to pay for it. The slur against that is it would ‘create a two-tier system.’ Similarly, the supplemental health insurance I had while working in Montreal would pay for a private hospital room, but there were either none or very few, reserved for senior politicians and the otherwise well-connected. Apparently a private room counts as two-tier.

Of course, there is a two-tier system now. A well-off friend once flew to the US for treatment he needed. It seems that Canada could do a better job of providing base care while still providing the base level of health care which they do. And another friend, just to balance the anecdotes, has gotten good long-term care for an unusual and life-threatening condition. He’d be long bankrupt in the US.

Shih shih…

The great linguist Chao Yuen-Ren once wrote an essay in Chinese using only words which (in Mandarin) would be transliterated as shih (using Wade-Giles; shi in pinyin). You can see the text in characters and two transliterations, read the translation (“A poet by the name of Shih Shih living in a stone den was fond of lions…”), and hear both Mandarin and Cantonese readings here

Via LanguageHat, where you can see the reference chain.

Bluetooth and phone security

Some Singaporean students have figured out how to use Bluetooth to turn off the cameras in Nokia’s phones, according to an article in Gizmodo, via a long chain to a now deleted newspaper article.
I wonder if they turn it back on when you leave the area?
However, Loosewire, the earliest still working link, implies that software is loaded onto the phone.
There have long been rumors that phones can be remotely, and silently activated, to act as bugging devices by law enforcement. Activating the camera remotely is pretty similar. It wouldn’t surprise me if BlueTooth Security vulnerabilities lead to either of these functions being controllable by whoever’s nearby. I wonder how much it would cost to repair every Nokia/Bluetooth/Camera phone in an area after someone with a high powered radio sent them all a message?

Airline "security"

The Webflyer points to a great David Rowell column, including:

An argument ensued. Ms O’Leary not unreasonably thought it unfair to be trapped on the delayed flight when there was another flight due to leave shortly that she could make if allowed to leave the United Express flight. The pilot called the police who arrested her for disorderly behavior. After some three hours of questioning by police and FBI, they eventually released her.

Ms O’Leary is not only a former US Secretary of Energy, but also a current board member of United Airlines, and has been for almost five years.

Now, while I agree that you can’t trust those senior government officials on anything, I can’t see three hours of questioning. The airlines are clearly using the police to threaten passengers who think their service stinks, and are speaking out.

Swire on Disclosure

Peter Swire has a new working draft A Model For When Disclosure Helps Security. Its a great paper which lays out two main camps, which he calls open source and military, and explains why the underlying assumptions cause clashes over disclosure. That would be a useful paper, but he then extends it into a semi-mathematical model of the factors that contribute to the usefulness of hiding information. (Semi-mathematical because there’s no numbers attached, but rather “high/low” rankings.)

Continue reading

"Four More Pretzels?"

Over at American Spectator, Shawn Macomber writes about being arrested in New York this week, and suggests a reality TV show is in order:

It could be called POWDERKEG! Each week, I’ll be arrested without my rights being read to me and held for 14 hours while police refuse to tell me what charges I’m being held on. Meanwhile, the kumbaya squad will talk politics nonstop to see if they can make my head explode.

Taxonomies are hard

Responding to my earlier comments about science being easier at a distance, both Nude Cybot and Justin Mason have offered up substantial and useful comments on the subjects of biological taxonomies. (Justin’s have moved to email.)
“Classification in Biology, or phylogenetics, is fraught with issues that we typically do not face when creating our own systems of classification such as organization of content content on a website.” Is actually the exact opposite of my starting position as I learn about these. I thought that the ‘underlying realities’ of biology, that this descended from that, or in chemistry, there are this many electrons in a shell, lead to ‘natural taxnomies.’ Boy, was I ever wrong. (The periodic table can be read as a taxonomy, and the position of atoms in it predicts certain characteristics of those atoms. For example, the ‘noble gasses’ are off to the far right, and their electron shells are filled.)
It turns out that even with such natural divisions, there are many good ways to classify the kingdoms of nature. Ironically, Nudecybot points to Six Degrees: The Science of a Connected Age as a possible answer. Six degrees is, of course, a reference to a classic Milgram study that I wrote about a few days ago, saying that Milgram was better at the experiments than at the theories around them.
So, there’s no perfect taxonomy, only the question of is a taxonomy useful for the purpose at hand. And the purpose at hand needs a tighter definition than it has today.

Free Wheelchairs for Paraplegic Children

If you ever saw Julia Child or Jacques Pepin take apart a chicken, you’ll remember how easy they made it look. It’s a level of skill that we can all aspire to.
Watching Ed Hasbrouck take apart the latest incarnation of free wheelchairs for paraplegic children is like watching Julia Child take apart a chicken. He does it so well that you don’t even stop to marvel at his skill. Go read what he has to say about the utter lack of sense and lack of legal standing that the TSA has to be implementing these programs.