The Surveillance System About to Get Overloaded

I wounder would they later on publicly announce "Hall of Fame/Shame" of the most regular drinkers, and actually use to data to fuel growth in local anti-drinking initiatives based on the most "affected" regions? Beer fingerprints to go UK-wide :

"The government is funding the roll out of fingerprint security at the doors of pubs and clubs in major English cities. Funding is being offered to councils that want to have their pubs keep a regional black list of known trouble makers. The fingerprint network installed in February by South Somerset District Council in Yeovil drinking holes is being used as the showcase."

Use a public WC - Big Brother's peeping, have a beer - it's on Big Brother's bill, and if this isn't a total abuse of technology and tax payer's money to spy on them, what is? A system like this would be useless to local bartenders, to be honest their experience for spotting the drunken monkeys or knowing them would prove invaluable in this case. From another perspective, these trouble makers, given they don't trash the place, are actually among the major consumers there.

The article makes a good point through - if pubs and clubs get extra monitoring, domestic violance increases, so would you install CCTVs at home to prevent it through the "psychological effect" as well?

China's Information Security Market

China's information security market is very much into the introduction stage, with perimeter based defenses acting as the main security solutions purchased there :

"Statistics shows that the size of China information security market arrived at RMB 1080 million Yuan in Q2 2006, 21.35% higher than the same period of last year, and 6.93% more than Q1. In Q2 2006, sales revenue of firewall products was RMB 474 million Yuan, and anti-virus software is RMB 305 million Yuan. Figure2 demonstrates different security products market shares. Figure3 and Figure 4 list major vendors of firewall software and anti-virus software, respectively."

It's perhaps the perfect timing for you to find reliable channel partners and position yourself on the local market that's about to attract even more government attention with the ongoing networking of China, thus a more foreign-business-friendly security market than it is today. Among the most recent, and free of course, research on the security market in China I often find myself coming back to is Yan Liu's thesis on the current and future market trends. From an investor's or analyst's point of view, you may also find The Global State of Information Security in 2006 a very informative and rich on visual materials survey.

Detecting Malware Time Bombs with Virtual Machines

Back in June, details on an event that happened during 2002 started emerging, namely UBS bank's employee use of a logic bomb on the internal network that naturally had the type of insider empowerment it needed to spread :

"According to prosecutors, shortly after Duronio created the code in late 2001, he quit his job and banked thousands in "put" options against UBS, in which he would profit if the company's stock price declined by March 15, 2002, as a result of the attack he had allegedly set to launch against computer systems on March 4. Prosecutors said that "within an hour or so" of walking out the door from UBS, Duronio was at a securities office buying "puts" against UBS. The mail fraud charges relate to confirmation of purchases of the puts that were sent through the U.S. Postal Service. The damage caused by the malicious code impaired trading at the firm that day, hampering more than 1,000 servers and 17,000 individual work stations. The attack cost UBS about $3 million to assess and repair, said Assistant U.S. Attorney V. Grady O'Malley. "It took hundreds of people, thousands of man hours and millions of dollars to correct," O'Malley told jurors."

And while this isn't the last time logic bombs are used -- examples during the 80's -- it's important to note how flexible that type of malware could be, going way beyond the most common trigger - a specific date and time.

The authors of "Detecting Malware Timebombs with Virtual Machines" conducted research on automated early warning system to shorten the time necessary to estimate the exact timetable of a malware in question :

"Worms, viruses, and other malware can be ticking bombs counting down to a specific time, when they might, for example, delete files or download new instructions from a public web server. We propose a novel virtual-machine-based analysis technique to automatically discover the timetable of a piece of malware, or when events will be triggered, so that other types of analysis can discern what those events are. This information can be invaluable for responding to rapid malware, and automating its discovery can provide more accurate information with less delay than careful human analysis."

It successfully analyses Code Red, Klez, MyParty, Blaster, CME-24 and speculates on the future of the automated process. Worth reading and rethinking is the Internet's infected population actually the zombies, or aren't they the ones who still haven't been awakened?