All Things Techie With Huge, Unstructured, Intuitive Leaps

Nokia Site Hacked

I am a registered Nokia Mobile Developer. I got this email from them late last night informing me that my information has been compromised:

You may have seen reports or received an email from us regarding a recent security breach on our developer.nokia.com/community discussion forum.

During our ongoing investigation of the incident we have discovered that a database table containing developer forum members' email addresses has been accessed, by exploiting a vulnerability in the bulletin board software that allowed an SQL Injection attack. Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger.

The database table records includes members’ email addresses and, for fewer than 7% who chose to include them in their public profile, either birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo. However, they do not contain sensitive information such as passwords or credit card details and so we do not believe the security of forum members’ accounts is at risk. Other Nokia accounts are not affected.

We are not aware of any misuse of the accessed data, but we have identified that your email address was in one of the records accessed, though it contained none of the optional information, so we believe that the only potential impact to you may be unsolicited email. Nokia apologizes for this incident.

Though the initial vulnerability was addressed immediately, we have now taken the developer community website offline as a precautionary measure, while we conduct further investigations and security assessments. We hope to get the site back online as soon as possible and will post developments there in the meantime.

If you have any questions on this, please contact Nokia.developer-discussions-support@nokia.com.

The Nokia Developer website team.


Somebody has to do something about security. There has got to be a better way for authentication.

Classmates.com -- Another MySpace in the Making?


A few years ago, I signed up on Classmates.com. I did it out of pure curiosity to find out where my peers in high school ended up. I enrolled in the free registration and had my name posted on my school page and my year of graduation.

They had all sorts of features such as someone coming by and signing your guestbook, or sending you a message. Of course to read who signed your guestbook, or to open your messages, you had to pay a monthly premium. I never did pay the monthly premium. I was never that curious.

Then along came Facebook. It was easy to find your classmates with a recent picture, and if their privacy settings were low, you could find out who they were married to, who they were working for, and in general determine that they didn't surpass you in the game of Life. However in my case, my classmates are respected members of the Mayo Clinic, top universities, have played professional sports and made my resume look like I was an under-achieving failure.

Linked-In is even better at connecting with people from the past. I've noticed that Linked-In suggests possible connections of people that I have never emailed, but have Googled. How does that happen?

Anyway, Linked-In has enabled me to connect with a family member who didn't want to be found. It is superb at finding out degrees of separation between you and anybody.

So where does that leave Classmates.com. I regularly get spam from them, begging me to pay to read to see who signed my guestbook four years ago. The spam sounds more and more desperate.

In addition, Classmates.com is now trying to suck me into a "Memory Lane" thing where it matches movies, music and trivia to the year that I graduated. That isn't going to induce me. I don't need reminders of how old I am, and thanks to iTunes and others, I already have all of the music from that era that I would ever want.

So I am thinking that Classmates.com is another MySpace in the making. It can't be sustainable when Facebook and Linked-In do the job of connecting people much more efficiently with a bigger information load. If there is such a think as stock in Classmates.com, now is the time to sell short, if you haven't already!

How A Geek Would Write A Gossip Column

using package.urination;

public No_Class
{

public void BladderinPublic(String name)
{
if (name.EqualsIgnoreCase"Gerard Depardieu")
{
if (context==Integer.Parse(flight_Number))
{
try
{
_P = onTheFloor
}
catch (Exception stewardessYelling)
{
System.Out.Printline("Drunken Pig");
}
}
}
}
}

The End of the Line for the Business Intelligence Cube?

I was deep in conversation with a tech-savvy epidemiologist at a dinner party. He is a physician who is the head of an NGO (non-government organization) with offices in various countries on a few continents. He happened to mention that he had over a million record sets that needed data-mining in a very specific way.

His organization had ascertained that the easiest way to convey epidemic data to policy makers was via a 'weather map' where the geographic areas that were in the greatest danger would progress from green to yellow to red when a full blown epidemic developed. To that end they created a data-mining tool for reports. However there was one major flaw with the tool. It could only show results after the fact and didn't perform predictions. Predictions are important for epidemiologists.

I suggested that what his data mining gizmo needed was a Bayesian Inference Engine. Bayesian Inference principles are used for logical inference and prediction on imperfect data sets. A Bayesian operation takes historical data, and calculates the probabilities of a number of events of happening when their predecessor events have taken place. Bayesian inference is a tool in the arsenal of artificial intelligence. It is the perfect tool for running predictions on evolving data. In an epidemic situation, data evolves rapidly. One cannot wait until it is all said and done to run the analysis.

I described to my medical friend how one would make a real time inference engine. Before any row of data is inserted into a database, an inference factory instantiates an inference object. The inference object is used to either look up the probabilistic meta-data for the permutations and combinations of the columns in the row of data (it examines each data dimension) and recalculates the inferential probability with the input of the new data. The output is filtered and deposited into a results table.

Then the thought struck me, that if this function was built into the database engine, there wouldn't be a lot of need for business intelligence cubes that require vast amounts of ETL (Extract Transfer and Load) data dimensioning, data marts and obscure SQL statements the size of a novel.

All of the data would be digested in real time, and mined and refined in one shot. The inferential factory in the database engine would calculate in real time on every data insert, and various filters would be defined for reporting.

With the exabytes and exabytes of data that we are generating, this could be one way of handling the tsunami of data without being overwhelmed by it. And IBM would be awfully sorry that they bought Cognos Business Intelligence Cube software.

What the Chinese Are Looking To Invest In

It is interesting to see what the Chinese where to place investments in terms of technology.

I belong to a Mobile Technology group online, and today, the following advertisement was posted:


Looking for possible acquisition targets in US & Europe

A large Chinese investment company is looking for possible acquisition targets in mobile applications, games, internet, eCommerce, mobile & online advertising, 3D technology, animation, comics and traditional media such as newspaper and magazines. The company must be profitable. Targets size between $10m - $100m.




What I find interesting is that they want to invest in newspapers and magazines as well as technology media -- these are instruments for spheres of influence. This has the potential of being frightening to Americans, considering that the Chinese state probably owns this investment company.

It's Time -- A New Plug-in Filter for Browsers Needed

I am starting to get a little ticked off at how much data is being collected on me when I surf the internet. Websites often ask for authentication data including name and birth date, which they match to an IP address and can get a geographic location. For websites that I deem do not need that information, I always give them an alias, fake birthday and I use a throw-away free email address.

However, through various means, many companies collect browsing data, referrers and all sorts of meta-data, browser information etc. that can be used to pinpoint you. I say that it is time to stop the madness. It is time for us software geeks to take back the internet. I don't want to have to use a proxy server to browse the internet. I say that it is time for a new privacy plug-in for the browsers.

This privacy browser, first of all, would effectively filter out the ads as efficiently as the old incarnations of Firefox did. But it would do much more.

It would deny all http calls to third party sites not in the visiting domain. It would filter out third party cookie information. It would filter out browser information. It would prevent the reading of browsing history. It would deny any app from reading my email address or my contacts. It would not send any data to any domain not in the visiting domain.

Certainly it is not in the best interest for any organized company to write this browser filter, so it would have to come from the community of programmers who are concerned about online privacy. It is certainly time to take this privacy issue into our own hands.