This is a ten step program to fight hacking attacks. You may or may not choose to ignore it, laugh at it, or ponder on it.
1) Internet security is a billion dollar business which will only grow in size as cloud computing approaches. Pioneers in providing security will earn considerable revenue like McAffee , Norton did in the PC era. Incidentally it also means the consulting/partner group that is willing to work with virtual workers and virtual payments to offshore consultants.
2) Industrial espionage has existed from the days the West stole Gunpowder and Silk formula from China (and China is now doing the same to its software). The company and country will the best hackers will win. Keep your team motivated mate, or it is very easy for them to defect to the other side of the (cyber) wall.
3) When 2 billion people have access to internet the number of hackers will grow in number and quality much more rapidly than when only 100 million people across the world had access. Thanks to Google Translate, Paypal, Skype video Call, Tor Project, and Google Voice i can and have collaborative with hackers almost in all geographies. You can only imagine what the black hats are doing.
4) Analyzing hackers is like reading Chinese Tea Leaves. If you have experienced analysts, you will slip up. recruit the hackers in the dormitory before China recruits them using Lulz Security as a bogus cover. or USA recruits them as cover for spreading democracy in the Arab countries.
5) get your website audited for security breaches. sponsor a hack my website contest. before someone else does it for you.
6) Fighting hackers was always tough. But now we have part time hackers , people with perfectly respectable jobs who look like Mr Andersen and hack like Neo from the Matrix. Every kid once wanted to be a firefighter. Every geek dreams of the one ultimate hack.
7) if you cant beat hackers, join them.
8) the more machine data is generated, the more you need external experts and newer software interfaces. Investing in open data, datasets is good. Keeping Bradley manning naked in his cell is bad. ignore the bad PR at your own cost.
9) Stop blaming China for every hack attack. You are a techie not a politician
10) Hack hard. Hack well. If someone hacks you, you will need to hack them off offensively unless you just want to be an easy mark for the rest of your lives. Counter -hacking expertise needs to be strengthened and groomed. hacking is an offense not just a defense game.
If you believe someone has created a Gmail address in an attempt to impersonate your identity, you may wish to file a report with the Internet Crime Complaint Center (www.ic3.gov), a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center.
In addition, we recommend contacting your state’s Office of Consumer Protection.
IC3’s mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 gives the victims of cyber crime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, local and international level, IC3 provides a central referral mechanism for complaints involving Internet related crimes. read more >>
Filing a Complaint with IC3
IC3 accepts online Internet crime complaints from either the person who believes they were defrauded or from a third party to the complainant. We can best process your complaint if we receive accurate and complete information from you. Therefore, we request that you provide the following information when filing a complaint:
Your name
Your mailing address
Your telephone number
The name, address, telephone number, and Web address, if available, of the individual or organization you believe defrauded you.
Specific details on how, why, and when you believe you were defrauded.
Any other relevant information you believe is necessary to support your complaint.
okay Julian got hacked by the oldest hack trap in the world but it is still pertinent.
So how the fuck do we control these evil hackers.
Show them money
Show them Jesus
Throw them in Jail
The correct solution to bring talented members of the technical community back into the nice air contioned corporate tent of technology is to-
Sponsor Hack My Website Contests- Winners have to share techniques
Sponsor Hack this Search Engine Rank Contests- Winners have to share technique
General Amnesty for people who have hacked before provided they share techniques and agree to join security teams.
Sponsor hack this login id contests- Winners have to share techniques and work to develop fool proof system.
Unfortunately this will never happen. even the big grand Daddy , Google is willing to define hacking contests only in the narrow frame o technical hacks, rather than a system breach hack. Because system breach hacks generally happen at the people level.
Internal cover your assets mentality prevents technology and media employees from reaching out and helping create a secure online platform, thus harming shareholders.
Destruction testing (even in a controlled sandbox) of online systems would reveal the underbelly of corporate information technology.
I mean who wants to sponsor a hack contest that makes you look bad, when it is much more expensive to have a hacking attacks that decreases share price, but doesnot affect your salary.
We have gone in for crowd sourced coding.
How about incentivizing crowd sourced systems design for secure and free internet.
Note -corelation between making pipe bombs and tattoo art is not the same as causation. corelation is not causation unless google comes out with http://causation.google.com
and we see West Virginia likes to search for “how to make a bomb ” 🙂 yeah, right 😉
(a) Whoever knowingly and willfully deposits for conveyance in the mail or for a delivery from any post office or by any letter carrier any letter, paper, writing, print, missive, or document containing any threat to take the life of, to kidnap, or to inflict bodily harm upon the President of the United States, the President-elect, the Vice President or other officer next in the order of succession to the office of President of the United States, or the Vice President-elect, or knowingly and willfully otherwise makes any such threat against the President, President-elect, Vice President or other officer next in the order of succession to the office of President, or Vice President-elect, shall be fined under this title or imprisoned not more than five years, or both.
(b) The terms “President-elect” and “Vice President-elect” as used in this section shall mean such persons as are the apparent successful candidates for the offices of President and Vice President, respectively, as ascertained from the results of the general elections held to determine the electors of President and Vice President in accordance with title 3, United States Code, sections 1 and 2. The phrase “other officer next in the order of succession to the office of President” as used in this section shall mean the person next in the order of succession to act as President in accordance with title 3, United States Code, sections 19 and 20.
From the new experiment at Google Co Relate (assumptions it will take a long time to actually create a plot or conspiracy to kill the President because of his security cover) this uses the internet to actually find people who are searching for ways to kill the beloved leader of the free world. Includes state by state intensity- and expect these people to be the first to ask for ….MORE privacy (my ass)
If you do a Google search for Data Mining Blog- for the past several years one Blog will come on top. data mining blog – Google Search http://bit.ly/kEdPlE
To honor 5 years of Sandro Saitta’s blog (yes thats 5 years!) , we cover an exclusive interview with him where he reveals his unique sauce for cool techie blogging.
Ajay- Describe your journey as a scientist and data miner, from early experiences, to schooling to your work/research/blogging.
Sandro- My first experience with data mining was my master project. I used decision tree to predict pollen concentration for the following week using input data such as wind, temperature and rain. The fact that an algorithm can make a computer learn from experience was really amazing to me. I found it so interesting that I started a PhD in data mining. This time, the field of application was civil engineering. Civil engineers put a lot of sensors on their structure in order to understand how they behave. With all these sensors they generate a lot of data. To interpret these data, I used data mining techniques such as feature selection and clustering. I started my blog, Data Mining Research, during my PhD, to share with other researchers.
I then started applying data mining in the stock market as my first job in industry. I realized the difference between image recognition, where 99% correct classification rate is state of the art, and stock market, where you’re happy with 55%. However, the company ambiance was not as good as I thought, so I moved to consulting. There, I applied data mining in behavioral targeting to increase click-through rates. When you compare the number of customers who click with the ones who don’t, then you really understand what class imbalance mean. A few months ago, I accepted a very good opportunity at SICPA. I’m looking forward to resolving new challenges there.
Ajay- Your blog is the top ranked blog for “data mining blog”. Could you share some tips on better blogging for analytics and technical people
Sandro- It’s always difficult to start a blog, since at the beginning you have no reader. Writing for nobody may seem stupid, but it is not. By writing my first posts during my PhD I was reorganizing my ideas. I was expressing concepts which were not always clear to me. I thus learned a lot and also improved my English level. Of course, it’s still not perfect, but I hope most people can understand me.
Next come the readers. A few dozen each week first. To increase this number, I then started to learn SEO (Search Engine Optimization) by reading books and blogs. I tested many techniques that increased Data Mining Research visibility in the blogosphere. I think SEO is interesting when you already have some content published (which means not at the very beginning of your blog). After a while, once your blog is nicely ranked, the main task is to work on the content of the blog. To be of interest, your content must be particular: original, informative or provocative for example. I also had the chance to have a good visibility thanks to well-known people in the field like Kevin Hillstrom, Gregory Piatetsky-Shapiro, Will Dwinnell / Dean Abbott, Vincent Granville, Matthew Hurst and many others.
Ajay- Whats your favorite statistical software and what are the various softwares that you have worked with. Could you compare and contrast these software as well.
Sandro- My favorite software at this point is SAS. I worked with it for two years. Once you know the language, you can perform ETL and data mining so easily. It’s also very fast compared to others. There are a lot of tools for data mining, but I cannot think of a tool that is as powerful as SAS and, in the same time, has a high-level programming language behind it.
I also worked with R and Matlab. R is very nice since you have all the up-to-date data mining algorithms implemented. However, working in the memory is not always a good choice, especially for ETL. Matlab is an excellent tool for prototyping. It’s not so fast and certainly not done for ETL, but the price is low regarding all the possibilities for data mining. According to me, SAS is the best choice for ETL and a good choice for data mining. Of course, there is the price.
Ajay- What are your favorite techniques and training resources for learning basics of data mining to say statisticians or business management graduates.
Sandro- I’m the kind of guy who likes to read books. I read data mining books one after the other. The fact that the same concepts are explained differently (and by different people) helps a lot in learning a topic like data mining. Of course, nothing replaces experience in the field. You can read hundreds of books, you will still not be a good practitioner until you really apply data mining in specific fields. My second choice after books is blogs. By reading data mining blogs, you will really see the issues and challenges in the field. It’s still not experience, but we are closer. Finally, web resources and networks such as KDnuggets of course, but also AnalyticBridge and LinkedIn.
Ajay- Describe your hobbies and how they help you ,if at all in your professional life.
Sandro- One of my hobbies is reading. I read a lot of books about data mining, SEO, Google as well as Sci-Fi and Fantasy. I’m a big fan of Asimov by the way. My other hobby is playing tennis. I think I simply use my hobbies as a way to find equilibrium in my life. I always try to find the best balance between work, family, friends and sport.
Ajay- What are your plans for your website for 2011-2012.
Sandro- I will continue to publish guest posts and interviews. I think it is important to let other people express themselves about data mining topics. I will not write about my current applications due to the policies of my current employer. But don’t worry, I still have a lot to write, whether it is technical or not. I will also emphasis more on my experience with data mining, advices for data miners, tips and tricks, and of course book reviews!
Standard Disclosure of Blogging- Sandro awarded me the Peoples Choice award for his blog for 2010 and carried out my interview. There is a lot of love between our respective wordpress blogs, but to reassure our puritan American readers- it is platonic and intellectual.
About Sandro S-
Sandro Saitta is a Data Mining Research Engineer at SICPA Security Solutions. He is also a blogger at Data Mining Research (www.dataminingblog.com). His interests include data mining, machine learning, search engine optimization and website marketing.
DECISION STATS 