The recent research highlighting the alarming practice of Secure Socket Layer (SSL) Certificate Authority (CA) vendors using the MD5 hashing algorithm (which was known to be broken since 2005) has shown a major crack in the foundation of the Web. While the latest research has shown that fake SSL certificates with MD5 hashes can be forged to perfection when the CA (such as VeriSign's RapidSSL) uses predictable certificate fields, the bigger problem is that the web has fundamentally botched secure authentication. more
Jeffrey Rosen has a great article in the New York Times Magazine this weekend titled Google's Gatekeepers. In it he deals with the question of whether we are becoming too overly dependent on a few big web companies like Google – and whether it's wise over the long run for us to trust their team of (currently) very nice, well-meaning people who are trying hard to do the right thing when faced with government censorship demands and surveillance pressures. He writes... more
One of the throwaway remarks I sometimes make at conferences is that "Google knows you're pregnant before you do". I can say this because the things you search for will change as your life changes, and search engine providers may well be able to spot the significance of these changes because they aggregate data from millions of people. Now Google's philanthropic arm, google.org, has shown just what it can do with the data it gathers from us all by offering to predict where 'flu outbreaks will take place in the USA. more
My weekly technology law column discusses the implications of an Internet that never forgets. I note that the most significant Internet effect during the current election campaign in Canada has not been any particular online video, website or Facebook group. Instead, it has been the resignation of eight Canadian candidates based on embarrassing or controversial information unearthed online. more
While Google is as secretive about its internal processes and systems as Apple is about product development, every now and then senior people post articles on the official Google blog and offer their thoughts on the development of the web. In the latest posting, two Google engineers, Alfred Spector and Franz Och, look at how search strategies will benefit from the faster computers, greater volumes of data and better algorithms we are likely to see in the next decade, speculating that "we could train our systems to discern not only the characters or place names in a YouTube video or a book, for example, but also to recognise the plot or the symbolism." more
Rather than blathering on to the blogosphere about the superficial features of Google's new Chrome browser I've spent some time studying the available material and [re]writing a comprehensive Wikipedia article on the subject which I intend for anyone to be free to reuse under a Creative Commons Attribution 3.0 license rather than Wikipedia's usual strong copyleft GNU Free Documentation License (GFDL). This unusual freedom is extended in order to foster learning and critical analysis, particularly in terms of security. more
Historically there has been nothing which gets Microsoft's attention as fast as a platform for applications which threatens Windows dominance. Google's Chrome is obviously such a platform; Google can afford to challenge Microsoft; it's healthy for innovation that it does. Can Microsoft still rise to the challenge? Way back when I was at Microsoft -- 1991 to 1994, Lotus Notes was the threat du jour... Since I was responsible for the development of what was to become Microsoft Exchange, I was in charge of that war for a while... more
Call it outreach, call it propaganda or call it brilliance or even desperate measures, spammers (people) who favour the Georgian side in the recent conflict have been spamming using email, to get their point across. Depending on where in the world you are from, your ideological standpoint on Russia and your beliefs, when it comes to what email should be like, can be different and you may judge the action as you will. I call it spam. An Estonian colleague Viktor Larionov was quoted saying that whether there is a cyber war in Georgia or not, we know there is in fact a media war in play... more
Doing some research on the effects of the Great Depression in the 1930s, I started wondering what happened to advertising during that period. Although I haven't turned up any detailed studies, I took a look at the various archives of advertising that allow Internet access to their exhibits, and noted the general move to less expensive, more localized advertising, and fewer adverts for more expensive goods. It made me wonder what will happen to online advertising if the current credit crunch starts to drive a worldwide recession... more
More than 40 years ago, the FCC was worried about telephone companies using their power over communications to control the then-nascent (and competitive) data processing marketplace. The Bell System at that point was already banned from providing services that weren't common carriage communications services (or "incidental to" those communications services)... In a 1999 article in the Texas Law Review, Steve Bickerstaff pointed out that Computer 1 meant that no one could provide a "computer utility" service... Today, we'd call the "computer utility" something different -- we'd use the term "cloud computing." more