Friday, April 09, 2004

Adrian Lamo sentencing postponed. BOSTON - A planned sentencing hearing Thursday for noted computer hacker Adrian Lamo has been postponed, a spokeswoman for the U.S. Attorney's Office for the Southern District of New York said. [InfoWorld: Top News] 10:25:23 PM    comment []

Unpaid internships 'despicable' (Publishing News Online -- unsigned) Andrew Franklin, MD and Publisher of Profile Books, named Small Publisher of the Year at the Nibbies Trade Awards, has slammed the system of unpaid internships and work experience in the publishing industry, calling it an abuse of the minimum wage laws. Franklin made the point almost as an aside at last month’s SYP meeting. I think it’s despicable to try and pay anybody less than the minimum wage, Franklin told PN later. Salaries at the top of publishing are not too bad now, and, when people are paying themselves more than £100,000 a year, it’s awful that they would try to pay people less than £150 a week. He also attacked the system’s effect on publishing recruitment, saying, it's like the debate about tuition fees: it creates a barrier to entry, and people whose parents can’t afford to support them can’t go into publishing. That’s why you have so many people in publishing with names like Rowena and Belinda. Profile never pays less than the minimum wage. (The piece goes on to review the practices of a variety of publishers contacted for the article.) 1:26:52 PM    comment []

Tracking the Blackout bug, by Kevin Poulsen, SecurityFocus. To nobody's surprise, the final report on the blackout released by a US-Canadian task force Monday puts most of blame for the outage on Ohio-based FirstEnergy Corp., faulting poor communications, inadequate training, and the company's failure to trim back trees encroaching on high-voltage power lines. But over a dozen of task force's 46 recommendations for preventing future outages across North America are focused squarely on cyberspace. That may have something to do with the timing of the blackout, which came three days after the relentless Blaster worm began wreaking havoc around the Internet - a coincidence that prompted speculation at the time that the worm, or the traffic it was generating in its efforts to spread, might have triggered or exacerbated the event. When US and Canadian authorities assembled their investigative teams, they included a computer security contingent tasked with looking specifically at any cybersecurity angle on the outage. In the end, it turned out that a computer snafu actually played a significant role in the cascading blackout - though it had nothing to do with viruses or cyber terrorists. A silent failure of the alarm function in FirstEnergy's computerized Energy Management System (EMS) is listed in the final report as one of the direct causes of a blackout that eventually cut off electricity to 50 million people in eight states and Canada. The alarm system failed at the worst possible time: in the early afternoon of August 14th, at the critical moment of the blackout's earliest events. The glitch kept FirstEnergy's control room operators in the dark while three of the company's high voltage lines sagged into unkempt trees and "tripped" off. Because the computerized alarm failed silently, control room operators didn't know they were relying on outdated information; trusting their systems, they even discounted phone calls warning them about worsening conditions on their grid, according to the blackout report. Without a functioning alarm system, the [FirstEnergy] control area operators failed to detect the tripping of electrical facilities essential to maintain the security of their control area, reads the report. Unaware of the loss of alarms and a limited EMS, they made no alternate arrangements to monitor the system. With the FirstEnergy control room blind to events, operators failed to take actions that could have prevented the blackout from cascading out of control. In the aftermath, investigators quickly zeroed in on the Ohio line-tripping as a root cause. But the reason for the alarm failure remained a mystery. Solving that mystery fell squarely on the corporate shoulders of GE Energy, makers of the XA/21 EMS in use at FirstEnergy's control center. According to interviews, a half-a-dozen workers at GE Energy began working feverishly with the utility and with energy consultants from KEMA Inc. to figure out what went wrong. The XA/21 isn't based on Windows, so it couldn't have been infected by Blaster, but the company didn't immediately rule out the possibility that the worm somehow played a role in the alarm failure. In the initial stages, nobody really knew what the root cause was, says Mike Unum, manager of commercial solutions at GE Energy. We spent a considerable amount of time analyzing that, trying to understand if it was a software problem, or if - like some had speculated - something different had happened. 10:26:25 AM    comment []

Proposal Raises Issue of Who Should Pay What for College. If a change in the rules prevents students from consolidating college loans at low fixed rates, the average graduate will pay thousands more in interest over the life of the loans. By Greg Winter. [New York Times: Education] 7:06:27 AM    comment []

Arianna Huffington loves blogs. [Scripting News] 6:57:46 AM    comment []

The shocking history of copyrights, by Eliot Van Buskirk, in ZDNet AnchorDesk. Technological advances have dogged content owners ever since a caveman first got conked on the head for ripping off the other guy's yawp. We think these issues are new to our generation, but that's just not the case. Now is a good time to take a trip down memory lane to keep things in perspective. The piece jumps off from Bootleg : The Secret History of the Other Recording Industry, by Clinton Heylin, to review the clash from the 16th century on. Yeah, good for perspective, and bite-sized. 6:57:17 AM    comment []

Journals Survey. I occasionally get asked by graduate students for my opinion on the relative quality of various journals. The context is usually that they are interested in finding out which journals would be good to publish in, especially if they are looking to boost their job market credentials. And sometimes the context is that they just like looking at rankings. As I do, from time to time. So I was interested in a survey Manuel Vargas was running on the quality of various journals. And I decided, with Manuel's help, to post a web version of it. There's a link to the survey below. Journals Survey Obviously this is meant as a bit of fun, not as a serious investigation. And obviously there's a lot more to choosing which journals to publish in than just the journal quality. (Turnaround time is important, for instance.) But it might be interesting to get a snapshot of what people think. I'll post the results, and as much of the raw data as is possible without compromising the confidentiality of survey participants, in a week or so. [Thoughts Arguments and Rants] 6:52:26 AM    comment []

Phantom editors. Frodo and Jar Jar are now fair game for hackers. An excerpt from Siva Vaidhyanathan's "The Anarchist in the Library: How the Clash Between Freedom and Control is Hacking the Real World and Crashing the System." [Salon.com] 6:51:38 AM    comment []

Educators Flocking to Finland, Land of Literate Children. If one trait sets Finland apart from many other countries, it is the quality and social standing of its teachers. By Lizette Alvarez. [New York Times: Education] 6:48:56 AM    comment []

Try your hand at balancing the federal budget. (thanks, Mark!) 6:43:56 AM    comment []

Trojan Horse Attacks Mac OS X. A security company warns of malicious code that targets the operating system. It could be the start of a whole new world of pain for blithe Mac users. By Leander Kahney. [Wired News] 6:38:23 AM    comment []