Archives
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- January 2006
- December 2005
- November 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- January 2005
- December 2004
- October 2004
- September 2004
- January 2004
- December 2003
- October 2003
- June 2003
- January 2003
- December 2002
- June 2002
- January 2002
- January 2001
- May 2000
- April 2000
Categories
Meta
Monthly Archives: March 2007
Why It's Over for the AntiVirus Industry
You may not have heard the news yet, but there’s a new whitelisting kid on the block – and it’s not a small startup from Nowheresville, in Nova Scotia. It’s one of the top three IT security vendors. The company is CA and the new product goes by the name of CA HIPS. So now there are 5 companies selling whitelisting products. (I will write a detailed article about CA HIPS after I’ve had a technical briefing on the product. It’s capabilities are broad as it does more than whitelisting.)
If you have not been reading this blog regularly then you may be unaware of the AVID (Anti Virus Is Dead) campaign that I’ve been running. The goal of the campaign is simple. It aims to bring down the AV industry which has, for the best part of 20 years, been selling products that are ineffective at stopping viruses.
To summarise: the reason why AV technology fails so frequently is that it takes a wrong and ultimately doomed approach to stopping malware. Mostly AV products use signatures to recognise the bad guys, but this is almost completely useless for new viruses (some well known products let in 80 percent of all new viruses). Where they don’t use signatures, they use heuristics—which means that they try to recognise the bad guys by their behavior. This is ineffective because the virus writers test their viruses against AV products before they release them and only release the ones that will get through. The reality is that the AV companies have been in a technology war with the virus writers and they have lost. The outcome is that PCs still get infected by malware at a dramatic rate.
The whitelisting companies; Savant Protection, AppSense, SecureWave and Bit9 are the heroes of the situation because they have technology which actually does stop malware effectively. They simply keep an inventory of the software that is allowed to run and stop everything else from running or, if the user is trusted, run new software in a sandbox that prevents it from breeding or doing damage, if it is a virus. CA HIPS is a product that also does this, so it now gets to be on the list of heroes.
CA joining the whitelisting companies is, in my view, the beginning of a sea change. Whitelisting is no longer a niche security technology. I have heard a very credible rumour that one of the big three AV companies (Symantec, McAfee and Trend Micro) intends to do the same thing—possibly this year. You know that it’s over for AV if one of the big three turns to whitelisting.
So it is roughly the first anniversary of the AVID campaign and after only a year it looks as though it is starting to work. I guess it was only necessary to get the word out. I have played a pretty constant drum beat to that effect for a year. I will carry on for maybe another year. I have lots more information to publish on this and I’ll not stop until the AV vendors start to melt away and sanity returns to the world of IT security.
Posted in Campaigns
Tagged AntiVirus, AV technology;, AVID, IT Security, McAfee;, Subject, Symantec, technology war;, Trend Micro;, Whitelisting
Leave a comment
Holographs And The Birth of a New Industry
You’ve probably not heard of Zebra Imaging. It is a relatively recent start-up, based in Austin Texas, which leads the world in the practical application of holography. It was founded in 1996 by three Research Scientists from the MIT Media Lab and has recently attracted a swathe of funding which will, in all probability, bring holography into practical and common usage in many areas of application.
There is strong interest from a number of industries. Once you have seen the holographs that Zebra Imaging can produce, it is easy to see why. Unfortunately for the full impact you really do have to see them and “touch” them. You can go to the web site, if you want and you might be able to get a vague idea of what Zebra Imaging can achieve, but there really is no substitute for reaching out and touching a life size holographic image of, well, a car or a brain or Mickey Mouse or whatever.
Holographs as 3D images have been curios with few real applications for several decades now, and most people have seen early examples of them in science museums. or even in gift shops that sell wall-mounted “prints” of them. Such holographs bear no real relation to what Zebra Imaging can produce. Early holographs are severely limited in terms of the viewing angle and level of definition.
The holographs from Zebra Imaging currently have a viewing angle of over 100 degrees in all directions.
The image stands out from the tile on which it is printed into the room as if it were a physical object. You can look under it, or down on it from above. And while the 100 degree angle is a little limiting, Zebra Imaging has managed to widen that angle to almost 180 degrees with its most recent technology.
In case you are wondering “why Zebra?”, the company takes its name from the technology itself.
In holographic terminology, a Zebra is a large hologram made up of many small holographic cells or “hogels”. The hogels are two millimeters square and, in the process that Zebra Imaging uses, a large array of them (each of which is unique) are printed on a flat two-foot-square tile of polymer film. The image itself is created by the reflection through the hogels of whatever light is in the room, so for the best images the appropriate lighting is required. To produce larger images you can simply put related tiles together. The result is that there is no obvious limit to how big the image can actually be.
The source data for a holograph can be any set of data from which a 3D image can be constructed, from a CAD to a video or series of shots of an object from multiple angles. The amount of data that goes into producing a holographic tile is about 1.5 terabytes – no small amount. However, given that it produces a fine grain fully faithful 3D image (think in terms of a large 3D cube of pixels) I guess the volume of data should be no surprise.
It may not be immediately obvious where the application for such holographs is unless you work in related industries that can make use of them. The military possibilities are fairly obvious in that the holograph can provide 3D maps of terrains or the buildings in a town. The automotive industry regularly builds prototype models of cars at various points of the design process, as a new model goes from concept to production. The Zebra Imaging holograph can produce a more accurate model far faster and far less expensively – thus reducing time to market. In oil exploration, detailed holographs of the underground strata and oil deposits can be produced and the model can be used to plan and improve the accuracy of drilling.
These applications are, however, only the tip of the iceberg. Perhaps the most impressive demonstration that Zebra Imaging can provide is the interactive use of a holographic model with a purpose designed workstation. The company is currently able to provide a holographic interface which involves a “stylus” attached to a mechanical arm. The user sits in front of the holograph, interacting with it by moving the stylus to touch the image. (When the stylus touches the image it feels as though an object has been touched). According to how the workstation is programmed, the image can then change to provide a different viewpoint of the same image. In other words what Zebra Imaging has is an early 3-dimensional interface.
The possibilities for this, once the technology advances, are enormous; from new machine interfaces to computer interfaces to game playing. It is a little early to get excited about this because the technology has a few evolutionary steps to take before any such idea becomes reality, but the recent progress of the technology has been impressive. It used to take 3 days to print a single holographic tile, but the time has been reduced to 90 minutes and, according to Robin Curle the CEO of Zebra Imaging, the development target is to bring that latency down quickly until real-time interaction is possible. Although it may be several years in the future, real-time interaction is regarded by the R&D team as a viable target.
The cost of a holographic tile is falling (it is currently in the thousands of dollars but moving towards the hundreds of dollars) and at the moment Zebra Imaging has not geared itself up for industrial production of holographs, which will inevitably bring the price down further. This is a company to watch. It is quite likely that it will see explosive growth as take-up of the technology expands.
It is rare that I get to see a technology which looks as though it will become the foundation for a whole industry, but my guess is that this one will. Holographs are going to be big business in many ways.
Posted in Briefings
Tagged Austin, CAD;, Holographs, MIT Media Lab;, oil deposits;, oil exploration;, Subject, Vendor, Zebra Imaging;
Leave a comment
In Search of Men in Black
A number of correspondents have provided suggestions of further wacky subjects for me to research over the web, so I’ll be continuing my odyssey for quite a few weeks yet (if you have any suggestions then post them – I’ll follow up). Last week was 2012. This week I went out in search of “Men In Black”.
The idea behind this phenomenon is that anyone who discovers any evidence of UFOs or alien visitations is likely to be visited by the Men In Black, who dress conspicuously in black suits and dark glasses, drive around in black cars and generally stick out like a sore thumb – pretty much as depicted in the comic movie of the same name. (They are not, by the way, related to Mr Smith in the Matrix movie, who has a similar taste in suits and sun glasses).
Apparently, these Men In Black put the frighteners on you, steal your UFO evidence and wipe your memory. The last of these tricks, the wiping of memory, is a neat capability which (unless they’ve been keeping it well hidden) is beyond the abilities of the CIA, KGB, or any other agency whose name consists of a mere 3 letters. The Men In Black, therefore, probably do not belong to any such organization. Most likely they are fashion victims from another solar system. But which?
There are multiple candidates, depending on which web site you visit; Alpha Centauri, Betelguise, Arcturus, Vega, Andromeda, Sirius, Sirius B. Unfortunately, apart from vague references to ancient Egyptian temple decorations and such things, there is no real evidence that mitigates in favour of any of these other than, perhaps, their closeness to our sun. Some of the interested web sites imply that the mysterious Men In Black are, of course, aliens – but ones that look like human beings rather than the small silver skinned creatures with big eyes that are popularized elsewhere on the web.
I’m a little confused by the disparity here. These are different looking beings with different taste in clothes. The silver skinned aliens seem to wear tight fitting body stockings, whereas the Men In Black wear well tailored 1950s suits. I personally doubt if they belong to the same species of alien. Maybe there are two species of aliens that regularly visit this planet. One is small, silver-skinned and benign and they are desperately trying to make contact with us. However, all their attempts are foiled by the other humanoid aliens who wear dark glasses, dress badly and want to keep a lid on the whole alien thing.
In my investigations I unexpectedly came across advice on “how not to be abducted by aliens.” Oh, the feeling of relief.
Apparently, according to another authoritative source (The Alien Presence and the Underground City), you are more likely to be abducted by aliens if you are “easily influenced, naïve and gullible”. Those dastardly aliens must have invented a gullibility detector. How cunning of them!
But is it?
Could it be?… that all you need to do to protect yourself against alien abduction is not believe a single word you read about it?
I’m game.
Y2K + 12 (The New End of Days):
I enjoyed the turn of the millennium. As the new year and millennium commenced I was to be found among thousands of others on the banks of the Thames in London watching an awesome firework display and quaffing champagne in large amounts. However, if you were expecting anything more than a drunken evening with fireworks – you were probably disappointed.
There were no earthquakes and tsunamis, not even a minor volcanic eruption. No comets or asteroids collided with planet earth. Although global warming had been happily warming everything up for years, the Antarctic failed to suddenly melt down and wipe out the Maldives and the Netherlands. The year 2000 bug was a damp squid, with far too many computers behaving themselves and there was a complete absence of nuclear war. All in all, it must have been a pretty glum time for any self-respecting millennialist anticipating a spectacular “Hollywood Ending”.
But never mind, roll on 2012 (or December 21st, 2012 to be exact) when we all get another chance at “the end of days”, courtesy of the Mayans. The Mayan civilization collapsed because of climate change, long before Columbus set out on his Caribbean holiday.
Nevertheless quite a lot is known about the Mayans because the archaeological record is fairly rich. In particular, the Mayans are fondly remembered for their astronomical skills. They calculated the length of the year with phenomenal accuracy and they had a calendar which divided the “time of the earth” into ages. According to this calendar, the current “age” comes to an end in 2012. Ostensibly, apart from the mathematics, this is no different to our Christian millennium coming to its end at the close of 1999 – or is it?
The thing is that the Mayans (according to some sources) expected cataclysms to occur when the calendar changed. And this means, if it means nothing else, lots and lots of wacky web sites.
In my on-going web safari (last stop alien abductions) I ran into the 2012 phenomenon – and surfed many alarming predictions of; the second coming, world war 3, earthquake, fire, flood, comets, continents sinking, alien visitations and the dawning of age of Aquarius (by the way, just about nobody seems to agree on when this “astrological age” actually dawns and I advise all astrologists to come into alignment on this, lest people should cease to take astrology seriously.)
Anyway for your edification …
Type: “2012″, “end of days” into Google and you’ll get 32,000 hits. (A few years ago it was 600) Type: “2012″, “cataclysm” and you’ll get 33,700 hits (it used to be 5000). Type: “2012″, “second coming”, and you’ll get 53,900 hits (it used to be 7000). Type: “2012″, “aliens” and you’ll get 314,000 hits (it used to be 67,000). But type: “2012″, “nothing significant happens” into Google and you only get 71 hits (it used to be 6).
Note that the fgures in brackets coem from the first time I made this post. I’m reposting it here and have rechecked. As we approach 2012, more wacky pages appear on the Internet for that date.
Nevertheless, the web page count is still voting strongly in favour of alien visitations for 2012 and gives very little credence to the possibility of “nothing special happening”.
Posted in R&R
Tagged Antarctic;, Entertainment, Google, Maldives;, New Year\'s Day;, Surfing Safari, The Netherlands;, web page count;
Leave a comment
Help Desk Fatigue: How Good is the Help Desk
How good is the service that your Help Desk provides?
If the answer that immediately springs to your mind is “not very good” then don’t worry, that’s the typical response and, I think, the typical service. An interesting stat surfaced in a conversation I had with the CEO of an Infrastructure Management consultancy. Here it is:
Between 70% and 100% of the time, users do not report service problems to the Help Desk. (The stat comes from someone who is doing research in the area).
The range 70% to 100% seems wide, but it masks the difference between different organizations and different groups of users. If the Help Desk is relatively responsive then the figure will be closer to 70%. If not, it will be worse. The 100% figure applies to some groups of users using the Internet to access a company’s applications (potential customers for example). They almost never report faults or poor service.
Why should they? Staff are more likely to call problems in.
So have you, like me, been reading the various marketing chats about IT and SLAs (particularly from Infrastructure Management vendors)?
Mostly this is just noise. Right now IT does not have the technology deployed to deliver genuinely meaningful service levels. And right now, most IT users suffer from Help Desk fatigue.
SOA could change this by the way, but it will only do so if the implementation of it includes the service level measurement of business processes.