Hacking Hackers

This is a ten step program to fight hacking attacks. You may or may not choose to ignore it, laugh at it, or ponder on it.

1) Internet security is a billion dollar business which will only grow in size as cloud computing approaches. Pioneers in providing security will earn considerable revenue like McAffee , Norton did in the PC era. Incidentally it also means the consulting/partner group that is willing to work with virtual workers and virtual payments to offshore consultants.

2) Industrial espionage has existed from the days the West stole Gunpowder and Silk formula from China (and China is now doing the same to its software). The company and country will the best hackers will win. Keep your team motivated mate, or it is very easy for them to defect to the other side of the (cyber) wall.

3) When 2 billion people have access to internet the number of hackers will grow in number and quality much more rapidly than when only 100 million people across the world had access. Thanks to Google Translate, Paypal, Skype video Call, Tor Project, and Google Voice i can and have collaborative with hackers almost in all geographies. You can only imagine what the black hats are doing.

4) Analyzing hackers is like reading Chinese Tea Leaves. If you have experienced analysts, you will slip up. recruit the hackers in the dormitory before China recruits them using Lulz Security as a bogus cover. or USA recruits them as cover for spreading democracy in the Arab countries.

5) get your website audited for security breaches. sponsor a hack my website contest. before someone else does it for you.

6) Fighting hackers was always tough. But now we have part time hackers , people with perfectly respectable jobs who look like Mr Andersen and hack like Neo from the Matrix. Every kid once wanted to be a firefighter. Every geek dreams of the one ultimate hack.

7) if you cant beat hackers, join them.

8) the more machine data is generated, the more you need external experts and newer software interfaces. Investing in open data, datasets is good. Keeping Bradley manning naked in his cell is bad. ignore the bad PR at your own cost.

9) Stop blaming China for every hack attack. You are a techie not a politician

10) Hack hard. Hack well. If someone hacks you, you will need to hack them off offensively unless you just want to be an easy mark for the rest of your lives. Counter -hacking expertise needs to be strengthened and groomed. hacking is an offense not just a defense game.

Amazon Ec2 goes Red Hat

message from Amazing Amazon’s cloud team- this will also help for #rstats users given that revolution Analytics full versions on RHEL.

—————————————————-

on-demand instances of Amazon EC2 running Red Hat Enterprise Linux (RHEL) for as little as $0.145 per instance hour. The offering combines the cost-effectiveness, scalability and flexibility of running in Amazon EC2 with the proven reliability of Red Hat Enterprise Linux.

Highlights of the offering include:

Support is included through subscription to AWS Premium Support with back-line support by Red Hat
Ongoing maintenance, including security patches and bug fixes, via update repositories available in all Amazon EC2 regions
Amazon EC2 running RHEL currently supports RHEL 5.5, RHEL 5.6, RHEL 6.0 and RHEL 6.1 in both 32 bit and 64 bit formats, and is available in all Regions.
Customers who already own Red Hat licenses will continue to be able to use those licenses at no additional charge.
Like all services offered by AWS, Amazon EC2 running Red Hat Enterprise Linux offers a low-cost, pay-as-you-go model with no long-term commitments and no minimum fees.

For more information, please visit the Amazon EC2 Red Hat Enterprise Linux page.

which is

Amazon EC2 Running Red Hat Enterprise Linux

Amazon EC2 running Red Hat Enterprise Linux provides a dependable platform to deploy a broad range of applications. By running RHEL on EC2, you can leverage the cost effectiveness, scalability and flexibility of Amazon EC2, the proven reliability of Red Hat Enterprise Linux, and AWS premium support with back-line support from Red Hat.. Red Hat Enterprise Linux on EC2 is available in versions 5.5, 5.6, 6.0, and 6.1, both in 32-bit and 64-bit architectures.

Amazon EC2 running Red Hat Enterprise Linux provides seamless integration with existing Amazon EC2 features including Amazon Elastic Block Store (EBS), Amazon CloudWatch, Elastic-Load Balancing, and Elastic IPs. Red Hat Enterprise Linux instances are available in multiple Availability Zones in all Regions.

Pricing

Pay only for what you use with no long-term commitments and no minimum fee.

On-Demand Instances

On-Demand Instances let you pay for compute capacity by the hour with no long-term commitments.

Region:US – N. VirginiaUS – N. CaliforniaEU – IrelandAPAC – SingaporeAPAC – Tokyo

Standard Instances	Red Hat Enterprise Linux
Small (Default)	$0.145 per hour
Large	$0.40 per hour
Extra Large	$0.74 per hour
Micro Instances	Red Hat Enterprise Linux
Micro	$0.08 per hour
High-Memory Instances	Red Hat Enterprise Linux
Extra Large	$0.56 per hour
Double Extra Large	$1.06 per hour
Quadruple Extra Large	$2.10 per hour
High-CPU Instances	Red Hat Enterprise Linux
Medium	$0.23 per hour
Extra Large	$0.78 per hour
Cluster Compute Instances	Red Hat Enterprise Linux
Quadruple Extra Large	$1.70 per hour
Cluster GPU Instances	Red Hat Enterprise Linux
Quadruple Extra Large	$2.20 per hour

Pricing is per instance-hour consumed for each instance type. Partial instance-hours consumed are billed as full hours.

↑ Top

and

Available Instance Types

Standard Instances

Instances of this family are well suited for most applications.

Small Instance – default*

1.7 GB memory
1 EC2 Compute Unit (1 virtual core with 1 EC2 Compute Unit)
160 GB instance storage
32-bit platform
I/O Performance: Moderate
API name: m1.small

Large Instance

7.5 GB memory
4 EC2 Compute Units (2 virtual cores with 2 EC2 Compute Units each)
850 GB instance storage
64-bit platform
I/O Performance: High
API name: m1.large

Extra Large Instance

15 GB memory
8 EC2 Compute Units (4 virtual cores with 2 EC2 Compute Units each)
1,690 GB instance storage
64-bit platform
I/O Performance: High
API name: m1.xlarge

Micro Instances

Instances of this family provide a small amount of consistent CPU resources and allow you to burst CPU capacity when additional cycles are available. They are well suited for lower throughput applications and web sites that consume significant compute cycles periodically.

Micro Instance

613 MB memory
Up to 2 EC2 Compute Units (for short periodic bursts)
EBS storage only
32-bit or 64-bit platform
I/O Performance: Low
API name: t1.micro

High-Memory Instances

Instances of this family offer large memory sizes for high throughput applications, including database and memory caching applications.

High-Memory Extra Large Instance

17.1 GB of memory
6.5 EC2 Compute Units (2 virtual cores with 3.25 EC2 Compute Units each)
420 GB of instance storage
64-bit platform
I/O Performance: Moderate
API name: m2.xlarge

High-Memory Double Extra Large Instance

34.2 GB of memory
13 EC2 Compute Units (4 virtual cores with 3.25 EC2 Compute Units each)
850 GB of instance storage
64-bit platform
I/O Performance: High
API name: m2.2xlarge

High-Memory Quadruple Extra Large Instance

68.4 GB of memory
26 EC2 Compute Units (8 virtual cores with 3.25 EC2 Compute Units each)
1690 GB of instance storage
64-bit platform
I/O Performance: High
API name: m2.4xlarge

High-CPU Instances

Instances of this family have proportionally more CPU resources than memory (RAM) and are well suited for compute-intensive applications.

High-CPU Medium Instance

1.7 GB of memory
5 EC2 Compute Units (2 virtual cores with 2.5 EC2 Compute Units each)
350 GB of instance storage
32-bit platform
I/O Performance: Moderate
API name: c1.medium

High-CPU Extra Large Instance

7 GB of memory
20 EC2 Compute Units (8 virtual cores with 2.5 EC2 Compute Units each)
1690 GB of instance storage
64-bit platform
I/O Performance: High
API name: c1.xlarge

Cluster Compute Instances

Instances of this family provide proportionally high CPU resources with increased network performance and are well suited for High Performance Compute (HPC) applications and other demanding network-bound applications. Learn more about use of this instance type for HPC applications.

Cluster Compute Quadruple Extra Large Instance

23 GB of memory
33.5 EC2 Compute Units (2 x Intel Xeon X5570, quad-core “Nehalem” architecture)
1690 GB of instance storage
64-bit platform
I/O Performance: Very High (10 Gigabit Ethernet)
API name: cc1.4xlarge

Cluster GPU Instances

Instances of this family provide general-purpose graphics processing units (GPUs) with proportionally high CPU and increased network performance for applications benefitting from highly parallelized processing, including HPC, rendering and media processing applications. While Cluster Compute Instances provide the ability to create clusters of instances connected by a low latency, high throughput network, Cluster GPU Instances provide an additional option for applications that can benefit from the efficiency gains of the parallel computing power of GPUs over what can be achieved with traditional processors. Learn more about use of this instance type for HPC applications.

Cluster GPU Quadruple Extra Large Instance

22 GB of memory
33.5 EC2 Compute Units (2 x Intel Xeon X5570, quad-core “Nehalem” architecture)
2 x NVIDIA Tesla “Fermi” M2050 GPUs
1690 GB of instance storage
64-bit platform
I/O Performance: Very High (10 Gigabit Ethernet)
API name: cg1.4xlarge

Getting Started

To get started using Red Hat Enterprise Linux on Amazon EC2, perform the following steps:

Open and log into the AWS Management Console
Click on Launch Instance from the EC2 Dashboard
Select the Red Hat Enterprise Linux AMI from the QuickStart tab
Specify additional details of your instance and click Launch
Additional details can be found on each AMI’s Catalog Entry page

The AWS Management Console is an easy tool to start and manage your instances. If you are looking for more details on launching an instance, a quick video tutorial on how to use Amazon EC2 with the AWS Management Console can be found here .
A full list of Red Hat Enterprise Linux AMIs can be found in the AWS AMI Catalog.

↑ Top

Support

All customers running Red Hat Enterprise Linux on EC2 will receive access to repository updates from Red Hat. Moreover, AWS Premium support customers can contact AWS to get access to a support structure from both Amazon and Red Hat.

↑ Top

Resources

↑ Top

About Red Hat

Red Hat, the world’s leading open source solutions provider, is headquartered in Raleigh, NC with over 50 satellite offices spanning the globe. Red Hat provides high-quality, low-cost technology with its operating system platform, Red Hat Enterprise Linux, together with applications, management and Services Oriented Architecture (SOA) solutions, including the JBoss Enterprise Middleware Suite. Red Hat also offers support, training and consulting services to its customers worldwide.

also from Revolution Analytics- in case you want to #rstats in the cloud and thus kill all that talk of RAM dependency, slow R than other softwares (just increase the RAM above in the instances to keep it simple)

,or Revolution not being open enough

http://www.revolutionanalytics.com/downloads/gpl-sources.php

GPL SOURCES

Revolution Analytics uses an Open-Core Licensing model. We provide open- source R bundled with proprietary modules from Revolution Analytics that provide additional functionality for our users. Open-source R is distributed under the GNU Public License (version 2), and we make our software available under a commercial license.

Revolution Analytics respects the importance of open source licenses and has contributed code to the open source R project and will continue to do so. We have carefully reviewed our compliance with GPLv2 and have worked with Mark Radcliffe of DLA Piper, the outside General Legal Counsel of the Open Source Initiative, to ensure that we fully comply with the obligations of the GPLv2.

For our Revolution R distribution, we may make some minor modifications to the R sources (the ChangeLog file lists all changes made). You can download these modified sources of open-source R under the terms of the GPLv2, using either the links below or those in the email sent to you when you download a specific version of Revolution R.

Download GPL Sources

Product	Version	Platform	Modified R Sources
Revolution R Community	3.2	Windows	R 2.10.1
Revolution R Community	3.2	MacOS	R 2.10.1
Revolution R Enterprise	3.1.1	RHEL	R 2.9.2
Revolution R Enterprise	4.0	Windows	R 2.11.1
Revolution R Enterprise	4.0.1	RHEL	R 2.11.1
Revolution R Enterprise	4.1.0	Windows	R 2.11.1
Revolution R Enterprise	4.2	Windows	R 2.11.1
Revolution R Enterprise	4.2	RHEL	R 2.11.1
Revolution R Enterprise	4.3	Windows & RHEL	R 2.12.2

Hackers for a better world

Well it is summer here in Delhi, India and hacking season has just begun.

Some noteable hacks that have already played-

1) The adventures of Sony Websites and bumbling administrators

http://www.computerworld.com/s/article/9217273/Sony_Pictures_falls_victim_to_major_data_breach?taxonomyId=142

2) The loose passwords of InfraGard as played by Lulz Security

http://www.computerworld.com/s/article/9217320/LulzSec_claims_it_hacked_FBI_linked_organization

3) PBS website hacked to revive Tupac is alive myths.

http://blogs.forbes.com/andygreenberg/2011/05/30/pbs-hacked-after-critical-wikileaks-show/

4) Iranian computers hacked

http://redtape.msnbc.msn.com/_news/2011/06/03/6781474-anonymous-says-it-hacked-iranian-government-email-server

5) Google hacked (not by China)

http://www.zdnet.com/blog/security/google-chrome-hacked-with-sophisticated-exploit/8626

6) Google hacked (again by China)

http://googleblog.blogspot.com/2011/06/ensuring-your-information-is-safe.html

7) US State Department hacked (by you know who)

http://wikileaks.ch/

8) Iranian nuclear reactors hacked (old news but we like this one)

http://www.bbc.co.uk/news/technology-12465688

9) Julian Assange hacked

http://www.guardian.co.uk/media/2011/feb/07/julian-assange-prosecutor

okay Julian got hacked by the oldest hack trap in the world but it is still pertinent.

So how the fuck do we control these evil hackers.

Show them money
Show them Jesus
Throw them in Jail

The correct solution to bring talented members of the technical community back into the nice air contioned corporate tent of technology is to-

Sponsor Hack My Website Contests- Winners have to share techniques
Sponsor Hack this Search Engine Rank Contests- Winners have to share technique
General Amnesty for people who have hacked before provided they share techniques and agree to join security teams.
Sponsor hack this login id contests- Winners have to share techniques and work to develop fool proof system.

Unfortunately this will never happen. even the big grand Daddy , Google is willing to define hacking contests only in the narrow frame o technical hacks, rather than a system breach hack. Because system breach hacks generally happen at the people level.

Internal cover your assets mentality prevents technology and media employees from reaching out and helping create a secure online platform, thus harming shareholders.

Destruction testing (even in a controlled sandbox) of online systems would reveal the underbelly of corporate information technology.

I mean who wants to sponsor a hack contest that makes you look bad, when it is much more expensive to have a hacking attacks that decreases share price, but doesnot affect your salary.

We have gone in for crowd sourced coding.

How about incentivizing crowd sourced systems design for secure and free internet.

http://rewiredstate.org/ does it.

Apparently UK is more open for hackers than the US.

–

Coding a Better Country

Young Rewired State 2011 is locked and loaded for 1st-5th August. Calling every developer in the UK aged 18 or under, sign up here.

May 7th, 2011 sees the first Rewired State ALBA event out in Norfolk. More details here.

http://rewiredstate.org/events/national-hack-the-government-day-2011

——————————————————————————

National Hack the Government Day 2011

March 26, 2011

We are very excited about our THIRD National Hack the Government Day, being held on the 26th March.

1) Apps that save money or time or both for government/citizens/business

2) Best use of crime data (the prize will contain the number 300,000, but it won’t be pounds)

3) Best use of justice data (we’re working to arrange for previously unreleased data to be available on the day)

——————————————————————————

Any takers? Julian, ?

Kill Barack Obama

From

http://www.law.cornell.edu/uscode/718/usc_sec_18_00000871—-000-.html

§ 871. Threats against President and successors to the Presidency

How Current is This?

(a) Whoever knowingly and willfully deposits for conveyance in the mail or for a delivery from any post office or by any letter carrier any letter, paper, writing, print, missive, or document containing any threat to take the life of, to kidnap, or to inflict bodily harm upon the President of the United States, the President-elect, the Vice President or other officer next in the order of succession to the office of President of the United States, or the Vice President-elect, or knowingly and willfully otherwise makes any such threat against the President, President-elect, Vice President or other officer next in the order of succession to the office of President, or Vice President-elect, shall be fined under this title or imprisoned not more than five years, or both.

(b) The terms “President-elect” and “Vice President-elect” as used in this section shall mean such persons as are the apparent successful candidates for the offices of President and Vice President, respectively, as ascertained from the results of the general elections held to determine the electors of President and Vice President in accordance with title 3, United States Code, sections 1 and 2. The phrase “other officer next in the order of succession to the office of President” as used in this section shall mean the person next in the order of succession to act as President in accordance with title 3, United States Code, sections 19 and 20.

From the new experiment at Google Co Relate (assumptions it will take a long time to actually create a plot or conspiracy to kill the President because of his security cover) this uses the internet to actually find people who are searching for ways to kill the beloved leader of the free world. Includes state by state intensity- and expect these people to be the first to ask for ….MORE privacy (my ass)

http://correlate.googlelabs.com/search?e=kill+barack+obama&t=weekly&shift=174

http://correlate.googlelabs.com/search?e=kill+barack+obama&t=weekly#scatter,10

Interview- Top Data Mining Blogger on Earth , Sandro Saitta

If you do a Google search for Data Mining Blog- for the past several years one Blog will come on top. data mining blog – Google Search http://bit.ly/kEdPlE

To honor 5 years of Sandro Saitta’s blog (yes thats 5 years!) , we cover an exclusive interview with him where he reveals his unique sauce for cool techie blogging.

Ajay- Describe your journey as a scientist and data miner, from early experiences, to schooling to your work/research/blogging.

Sandro- My first experience with data mining was my master project. I used decision tree to predict pollen concentration for the following week using input data such as wind, temperature and rain. The fact that an algorithm can make a computer learn from experience was really amazing to me. I found it so interesting that I started a PhD in data mining. This time, the field of application was civil engineering. Civil engineers put a lot of sensors on their structure in order to understand how they behave. With all these sensors they generate a lot of data. To interpret these data, I used data mining techniques such as feature selection and clustering. I started my blog, Data Mining Research, during my PhD, to share with other researchers.

I then started applying data mining in the stock market as my first job in industry. I realized the difference between image recognition, where 99% correct classification rate is state of the art, and stock market, where you’re happy with 55%. However, the company ambiance was not as good as I thought, so I moved to consulting. There, I applied data mining in behavioral targeting to increase click-through rates. When you compare the number of customers who click with the ones who don’t, then you really understand what class imbalance mean. A few months ago, I accepted a very good opportunity at SICPA. I’m looking forward to resolving new challenges there.

Ajay- Your blog is the top ranked blog for “data mining blog”. Could you share some tips on better blogging for analytics and technical people

Sandro- It’s always difficult to start a blog, since at the beginning you have no reader. Writing for nobody may seem stupid, but it is not. By writing my first posts during my PhD I was reorganizing my ideas. I was expressing concepts which were not always clear to me. I thus learned a lot and also improved my English level. Of course, it’s still not perfect, but I hope most people can understand me.

Next come the readers. A few dozen each week first. To increase this number, I then started to learn SEO (Search Engine Optimization) by reading books and blogs. I tested many techniques that increased Data Mining Research visibility in the blogosphere. I think SEO is interesting when you already have some content published (which means not at the very beginning of your blog). After a while, once your blog is nicely ranked, the main task is to work on the content of the blog. To be of interest, your content must be particular: original, informative or provocative for example. I also had the chance to have a good visibility thanks to well-known people in the field like Kevin Hillstrom, Gregory Piatetsky-Shapiro, Will Dwinnell / Dean Abbott, Vincent Granville, Matthew Hurst and many others.

Ajay- Whats your favorite statistical software and what are the various softwares that you have worked with.
Could you compare and contrast these software as well.

Sandro- My favorite software at this point is SAS. I worked with it for two years. Once you know the language, you can perform ETL and data mining so easily. It’s also very fast compared to others. There are a lot of tools for data mining, but I cannot think of a tool that is as powerful as SAS and, in the same time, has a high-level programming language behind it.

I also worked with R and Matlab. R is very nice since you have all the up-to-date data mining algorithms implemented. However, working in the memory is not always a good choice, especially for ETL. Matlab is an excellent tool for prototyping. It’s not so fast and certainly not done for ETL, but the price is low regarding all the possibilities for data mining. According to me, SAS is the best choice for ETL and a good choice for data mining. Of course, there is the price.

Ajay- What are your favorite techniques and training resources for learning basics of data mining to say statisticians or business management graduates.

Sandro- I’m the kind of guy who likes to read books. I read data mining books one after the other. The fact that the same concepts are explained differently (and by different people) helps a lot in learning a topic like data mining. Of course, nothing replaces experience in the field. You can read hundreds of books, you will still not be a good practitioner until you really apply data mining in specific fields. My second choice after books is blogs. By reading data mining blogs, you will really see the issues and challenges in the field. It’s still not experience, but we are closer. Finally, web resources and networks such as KDnuggets of course, but also AnalyticBridge and LinkedIn.

Ajay- Describe your hobbies and how they help you ,if at all in your professional life.

Sandro- One of my hobbies is reading. I read a lot of books about data mining, SEO, Google as well as Sci-Fi and Fantasy. I’m a big fan of Asimov by the way. My other hobby is playing tennis. I think I simply use my hobbies as a way to find equilibrium in my life. I always try to find the best balance between work, family, friends and sport.

Ajay- What are your plans for your website for 2011-2012.

Sandro- I will continue to publish guest posts and interviews. I think it is important to let other people express themselves about data mining topics. I will not write about my current applications due to the policies of my current employer. But don’t worry, I still have a lot to write, whether it is technical or not. I will also emphasis more on my experience with data mining, advices for data miners, tips and tricks, and of course book reviews!

Standard Disclosure of Blogging- Sandro awarded me the Peoples Choice award for his blog for 2010 and carried out my interview. There is a lot of love between our respective wordpress blogs, but to reassure our puritan American readers- it is platonic and intellectual.

About Sandro S-

Sandro Saitta is a Data Mining Research Engineer at SICPA Security Solutions. He is also a blogger at Data Mining Research (www.dataminingblog.com). His interests include data mining, machine learning, search engine optimization and website marketing.

You can contact Mr Saitta at his Twitter address-

https://twitter.com/#!/dataminingblog

HIGHLIGHTS from REXER Survey :R gives best satisfaction (decisionstats.com)
Participate in the 2011 Rexer Data Mining Survey (r-bloggers.com)
KDNuggets Survey on R (decisionstats.com)
New book on BigData Analytics and Data mining using #Rstats with a GUI (decisionstats.com)
Solmentum: Solar Meets Data Mining (gigaom.com)
KDnuggets: R used in 1 in 4 analytics projects (revolutionanalytics.com)

Chromebooks for enterprise BI

From-

http://googleblog.blogspot.com/

Chromebooks will be available online June 15 in the U.S., U.K., France, Germany, Netherlands, Italy and Spain. More countries will follow in the coming months. In the U.S., Chromebooks will be available from Amazon and Best Buy and internationally from leading retailers.

Even with dedicated IT departments, businesses and schools struggle with the same complex, costly and insecure computers as the rest of us. To address this, we’re also announcing Chromebooks for Business and Education.

and

http://www.google.com/chromebook/business-education.html#

Chromebooks: work better.

Crashes, long boot times, application conflicts, endless updates, viruses, security issues and obsolete hardware all frustrate IT managers and end users – and most users don’t need or want the complexity and annoyance of their current PCs.

Increasingly the browser is the only tool users need, making a new and better computing model possible. Chromebooks can instantly run your browser-based apps, whether in the cloud or behind your firewall, and apps virtualized through technologies like Citrix^®. And an entire fleet of Chromebooks can be managed from one web-based console – making life better for users and IT admins alike.

Contact Sales

A new kind of computer: Chromebook (googleblog.blogspot.com)
A new kind of computer: Chromebook (googlecode.blogspot.com)
Google intros $20 per month Chromebook laptop (cbsnews.com)

Browsing update- Dear Decisionstats.com Reader

In view of the recent root level breach of WordPress, which may include viewing source code for hidden hacks or Trojans, as effective immediately, please Decisionstats.com has no responsibility for any viruses, or Trojans that you may inadvertently download while on this website. I will be responsible for any deliberate malicious honey traps I put up , but any body putting an interesting comment with a link on this website , can and may direct you to phishing.

All disputes will be to subject to the jurisdiction of Tis Hazari Court, Delhi, India as already mentioned.

Please share:

Amazon EC2 Running Red Hat Enterprise Linux

Pricing

On-Demand Instances

Available Instance Types

Standard Instances

Micro Instances

High-Memory Instances

High-CPU Instances

Cluster Compute Instances

Cluster GPU Instances

Getting Started

Support

Resources

About Red Hat

GPL SOURCES

Download GPL Sources

Please share:

Please share:

§ 871. Threats against President and successors to the Presidency

Please share:

Related articles

Please share:

Chromebooks: work better.

Related articles

Please share:

Please share: