billso.com

IS 7010 students who have read the Nokia case in our textbook might chuckle a bit at this news: Nokia has resurrected 2003’s N-GAGE mobile phone/video game console.

The first new model for the US market is the Nokia N81, a WiFi 3G GSM handset that ships with 8 GB of RAM and retails for US$639.

Mistake number one: users must pay a one-time US$10 fee to activate the built-in games on this phone. Hard to believe that Nokia couldn’t provide a free game on a handset that is more expensive than an iPhone.

At least the N81 does not look like a taco.

For my students, here’s a quick summary of some links and materials on copyright and fair use.

The content on this web site is copyrighted and available through an alternative scheme called Creative Commons. I’ve chosen a license that lets anyone share, remix and modify my work, as long as they give me credit for the original work. As this page explains, the CC license allows me to claim “some rights reserved”, which is less restrictive than the “all rights reserved” terms of copyright, but provides me more rights than placing my work into the public domain where no one owns anything. These videos explain the CC system, and there is also a FAQ.

The Creative Commons scheme also works well on the Internet, as the licenses can be attached to electronic documents and files. The Internet works like a copy machine, as Kevin Kelly pointed out in this January 2008 article. I discussed this issue in this 4 February 2008 post.

A couple of times a week, one of my monitoring tools will tell me that an automated script has been scraping my RSS feed and reposting my content on a fake blog. If they give me credit for my work, I leave them alone. After all, I’m not claiming copyright on my this blog.

Fair use lets people post or republish a small portion of someone else’s work, as long as proper attribution or creedit is included. That’s a key reason why I have my students use TurnItIn.com to submit assignments.

Related pages on billso.com

• Copyright and fair use
• Digital music
  

Articles

• 3 June 2008: 100 years of first sale
• 4 February 2008: Better than free
• 5 October 2007: What’s wrong with copyright?
• 17 July 2007: A quick explanation of copyright law

Tags

• copyright
• Creative Commons
• piracy

Videos

• A Fair(y) Use Tale (See the YouTube box below or go to the downloadable version)
• CC+: Creative Commons and Commerce

From BoingBoing comes the most disturbing information security news I have read in a while.

We’ve long assumed that disk encryption is a robust means of storing confidential data on a computer. Disk encryption products work by encrypting all of the data on a drive, including documents, the operating system, swap files and caches. Disk encryption software can start up before the operating system to let the user enter their password or key. Disk encryption software can also be used on USB storage, as well as partitions on an unencrypted drive.

Disk encryption helps travelers keep their data confidential. My post of 5 Janaury 2008 addresses how cryptography works.

Warm RAM, lost key

Princeton University researchers have developed a simple attack that can retrieve the BitLocker disk encryption key from a Windows Vista computer. The user has to have logged into the computer so that the encryption key is then stored in the computer’s RAM. If the computer is in sleep mode, running a screen saver, or still warm, the encryption key can be extracted from RAM. The extracted data can be saved to a USB storage device, so that another computer can take its time to analyze and fix any errors in the extracted key.

The same kind of attack will also work on Apple FileVault, TrueCrypt, PGP Whole Disk Encryption, and other disk encryption products. The research report is available as a PDF file at this web site.

Declan McCullagh has posted his analysis of the report at news.com. he points out that this vulnerability has been used by other researchers to pull data through a FireWire connection to an iPod. It is difficult to harden a computer against this form of attack, but the attack must be carried out in person. It cannot be done across the Internet, at least in the form that the researchers demonstrate. The attacker needs a USB drive preloaded with the attack software. A can of Dust-Off might also be helpful, to chill the RAM.

Watch that drive

The easiest way to harden a computer against this attack is to maintain physical control of the encrypted drive. Don’t leave it alone. Update the encryption software regularly, as the software developers will more than likely develop their own patches to wipe the key from RAM.
This YouTube video produced by the research team is a brief overview of the vulnerability and the attack.

I followed a link on BoingBoing to this Times of India article: Delhi is getting a 45-kilometer monorail system.

The technology panel will announce their selection for Honolulu’s proposed fixed guideway mass transit system tomorrow, according to this article in the Honolulu Advertiser. The five panel members are evaluating four technologies, including:

1. trains (steel wheel on steel rail)
2. buses (rubber tire on concrete)
3. monorail
4. magnetic levitation

The decision will also be announced on the Honolulu High Capacity Transit Corridor’s web site. The video simulation of the proposed Aloha Tower station is pretty good. Most of the site’s content is trapped in PDF files, however.

As I posted on 6 February 2008, I support the bus option. This option could create a two-lane elevated road that can also be used by emergency vehicles. The buses for this system might also be deployed on surface roads as demand warrants. The other three technologies are less flexible and more expensive. City councilmembers Donovan Dela Cruz and Ann Kobayashi appeared on the byline for this article in the Honolulu Star-Builletin on 26 August 2007. The article includes a picture of one bus model. Below is a promotional video for the Eindhoven bus system.