Monthly Archives: December 2003

Booming concepts for 2003 that will do well in 2004 (initial list):
  1. RSS 2.0 aggregators and feeds:  Wow, what a year!  More feeds than any of us can keep up with!
  2. Cameraphones:  More cameraphones were sold than digital cameras earlier this year.  This will become ubiquitous.
  3. Guerrilla warfare (IEDs, RPGs, and suicide cars):  Watch what happens to Iraqi infrastructure over the next year.  Will the US stay in Iraq through the year with 2-3 casualties a day?
  4. Political weblogs (and political social software):  Dean has the oppportunity to build a third party based on his campaign's Internet efforts.  Nuff said.
  5. Personal hard-drives (multimedia players with attachments):  Storage is on a roll, step aside if you are in the way.  Watch for screens, TiVo like functionality, and more to take off.
  6. Second Superpower movements:  All over the global map.  Challenging nation-states and corporations everywhere.  Powered by social technology.
  7. Professional virus developers.  Watch 2004 to see where many of the world's most talented software developers are spending their time.  This isn't for teenagers anymore.  A virus with a professional development cycle is an amazing thing to watch.
  8. Skype and VoIP software.  On a roll.  Simple and effective.

Bust concepts for 2003 that will continue to decline in 2004 (initial list):

  1. Personal privacy and fair use rights.  Thank you MPAA and the RIAA!
  2. The Bill of Rights.  Thank you Bush and the Patriot Act II!
  3. Cures for currently incurable diseases.  Thank you to the Religious Right and the Bush Administration! 
  4. Social networking software (it will take another year to work out how to use it correctly).  Friendster et. al. in retreat.
  5. Most wanted lists.  It takes more than eliminating certain despised individuals to change the world.
  6. Prosecution of corporate and financial bad behavior.  Not in my lifetime.  Steal $1,000 from the house of the guy down the street and he will chase you with a gun.  Steal $1,000 from him via abuse of his pension fund and he doesn't have a clue, nor do the authorities have a clue how to prosecute the perps. 
  7. P2P software.  The lawsuits have done their work to slow adoption.  Adware and spyware included with P2P systems have finished the job.
  8. The UN.  On the run in 2003.  Will continue in 2004.  Without US support, the UN is useless.
[
John Robb's Weblog

Booming concepts for 2003 that will do well in 2004 (initial list):

  1. RSS 2.0 aggregators and feeds:  Wow, what a year!  More feeds than any of us can keep up with!
  2. Cameraphones:  More cameraphones were sold than digital cameras earlier this year.  This will become ubiquitous.
  3. Guerrilla warfare (IEDs, RPGs, and suicide cars):  Watch what happens to Iraqi infrastructure over the next year.  Will the US stay in Iraq through the year with 2-3 casualties a day?
  4. Political weblogs (and political social software):  Dean has the oppportunity to build a third party based on his campaign's Internet efforts.  Nuff said.
  5. Personal hard-drives (multimedia players with attachments):  Storage is on a roll, step aside if you are in the way.  Watch for screens, TiVo like functionality, and more to take off.
  6. Second Superpower movements:  All over the global map.  Challenging nation-states and corporations everywhere.  Powered by social technology.
  7. Professional virus developers.  Watch 2004 to see where many of the world's most talented software developers are spending their time.  This isn't for teenagers anymore.  A virus with a professional development cycle is an amazing thing to watch.
  8. Skype and VoIP software.  On a roll.  Simple and effective.

Bust concepts for 2003 that will continue to decline in 2004 (initial list):

  1. Personal privacy and fair use rights.  Thank you MPAA and the RIAA!
  2. The Bill of Rights.  Thank you Bush and the Patriot Act II!
  3. Cures for currently incurable diseases.  Thank you to the Religious Right and the Bush Administration! 
  4. Social networking software (it will take another year to work out how to use it correctly).  Friendster et. al. in retreat.
  5. Most wanted lists.  It takes more than eliminating certain despised individuals to change the world.
  6. Prosecution of corporate and financial bad behavior.  Not in my lifetime.  Steal $1,000 from the house of the guy down the street and he will chase you with a gun.  Steal $1,000 from him via abuse of his pension fund and he doesn't have a clue, nor do the authorities have a clue how to prosecute the perps. 
  7. P2P software.  The lawsuits have done their work to slow adoption.  Adware and spyware included with P2P systems have finished the job.
  8. The UN.  On the run in 2003.  Will continue in 2004.  Without US support, the UN is useless.

[John Robb's Weblog]

Next Gen Terrorism: Virtual operations. Do network-centric cells of terrorists need to plan and coordinate moderate to large operations along traditional lines?  Probably not.  Here's why.

The traditional approach (at least the way I used to do it in special ops) is to first gather a team of specialists to develop an operations plan.  The plan is then built, either over hours or days, with a limited amount of flexibility built in.  Time is closely managed.  Targets are precisely defined.  Unit operations are tightly coupled to ensure economy of force.  In execution, the plan is overseen by specialist team managers and senior staff.   Decision makers on the ground typically have little flexiblity other than to abort the mission.

In the emerging world of next generation terrorism, enabled by rapid communications  and plentiful targets of opportunity, the traditional approach is counterproductive.  A loose approach composed of ad hoc communications and individual initiative can provide much greater levels of security and higher probabilities of success.

In this approach cells would develop a range of targets within general guidelines (a section of a city) based on their capabilities (a type of attack).  The time schedule would be fluid.  The date for an op would be set within a general time frame without specifics.  Coordinated action would be done in an ad hoc manner.  For example: “once your cell begins operations, my cell will begins too.”  “Your cell just hit this target, my cell will hit this complimentary target.”  Abort points would be determined based on what each cell sees on the ground or what other cells communicate to each other on the fly (ie.  “flash me an SMS message to abort and throw away the phone”).  Ops could continue indefinitely using this method until local conditions are too difficult to ensure success.

The benefits of this approach would be as follows:

  • Difficult to disrupt.  The loss of any one cell would not necessarily imperil the operation since there are few co-dependencies.  For example: if a single cell was shut down, other cells could continue operations since no one cell would have another cell's list of targets, an overarching mission plan, or require the other cell's support to continue operations. 
  • Hard to defend against.  The time period of the op could be sufficiently large to make a high level readiness difficult to maintain (could you imagine months of Orange alert?). 
  • Nearly impossible to detect.  Decision cycles would be slow and communications would only be made when security was assured.  Target selection would be wide ranging and independently authored.

The real power of a framework like this is in its ability to disrupt systems.  More on that later. [John Robb's Weblog

Next Gen Terrorism: Virtual operations. Do network-centric cells of terrorists need to plan and coordinate moderate to large operations along traditional lines?  Probably not.  Here's why.

The traditional approach (at least the way I used to do it in special ops) is to first gather a team of specialists to develop an operations plan.  The plan is then built, either over hours or days, with a limited amount of flexibility built in.  Time is closely managed.  Targets are precisely defined.  Unit operations are tightly coupled to ensure economy of force.  In execution, the plan is overseen by specialist team managers and senior staff.   Decision makers on the ground typically have little flexiblity other than to abort the mission.

In the emerging world of next generation terrorism, enabled by rapid communications  and plentiful targets of opportunity, the traditional approach is counterproductive.  A loose approach composed of ad hoc communications and individual initiative can provide much greater levels of security and higher probabilities of success.

In this approach cells would develop a range of targets within general guidelines (a section of a city) based on their capabilities (a type of attack).  The time schedule would be fluid.  The date for an op would be set within a general time frame without specifics.  Coordinated action would be done in an ad hoc manner.  For example: “once your cell begins operations, my cell will begins too.”  “Your cell just hit this target, my cell will hit this complimentary target.”  Abort points would be determined based on what each cell sees on the ground or what other cells communicate to each other on the fly (ie.  “flash me an SMS message to abort and throw away the phone”).  Ops could continue indefinitely using this method until local conditions are too difficult to ensure success.

The benefits of this approach would be as follows:

  • Difficult to disrupt.  The loss of any one cell would not necessarily imperil the operation since there are few co-dependencies.  For example: if a single cell was shut down, other cells could continue operations since no one cell would have another cell's list of targets, an overarching mission plan, or require the other cell's support to continue operations. 
  • Hard to defend against.  The time period of the op could be sufficiently large to make a high level readiness difficult to maintain (could you imagine months of Orange alert?). 
  • Nearly impossible to detect.  Decision cycles would be slow and communications would only be made when security was assured.  Target selection would be wide ranging and independently authored.

The real power of a framework like this is in its ability to disrupt systems.  More on that later. [John Robb's Weblog]

Technology: Professional Virus developers target P2P

Technology: Professional Virus developers target P2P. Professional development has finally come to virus development.  The growth path of SoBig and Blaster shows that there are smart developers driving their development cycles and not idle teenagers.  New research on this concurs and puts KaZaA in the crosshairs of the next big wave of attacks:

Hughes predicted that these so-called 'zero day' attacks–called that because of the ability of an exploit to appear before a vulnerability is even known, much less patched–will increase in 2004.

Other threats which will plague users in 2004, he predicted, will come from peer-to-peer (P2P) file sharing software, and spyware, utilities for tracking Web usage that often piggyback on free-for-the-downloading software.  Hughes sees peer-to-peer software, such as KaZaA, as being particularly troublesome in 2004. After analyzing hundreds of the most popular files shared on KaZaA–including 'cracks' that allow users to break copy protection on commercial software–he discovered that 45 percent actually contained viruses, worms, or Trojan horses. [John Robb's Weblog]

“Flash Virtual Machine”

“Flash Virtual Machine”“Flash Virtual Machine”: Steven Webster starts a good discussion here on the parallels between the Macromedia Flash Player, the various Java Virtual Machines, and Microsoft's larger Common Language Runtime. I agree that the “VM” term could be appropriate now… although the CLR has more access to the system and dependencies than the other two, each is now essentially a way to process instructions on an unanticipated machine. For “Why 'Player' and not 'VM'?” I think there are a few reasons — historically, the Macromedia Flash Player was named 'long before it developed its current abilities, for instance. But the name isn't aimed at potential clients as much as the name is for the general public — Flash's unique advantage is in its rapid and widespread consumer adoption, version after version, platform across platform. The term “virtual machine” could work better for a technologist, true, but I'm not certain what its impact would be on the people who have to agree to actually install the thing. (If you use the term when talking with a client, though, then the point is moot, I guess. 8) (Historical trivia: the Macromedia Flash Advertising Alliance has been around for a few years now.)  [JD on MX]

Arise Sir Tim

Arise Sir Tim.  The BBC reports (Web's inventor gets a knighthood) Mr Tim Berners-Lee has been awarded a knighthood. Recently he told the BBC World Service's Go Digital programme that his invention was “just another program”, and he originally wanted it to help achieve understanding.” The original idea of the web was that it should be a collaborative space where you can communicate through sharing information. The idea was that by writing something together, and as people worked on it, they could iron out misunderstanding.” he said. Currently Mr Berners-Lee heads up the World Wide Web Consortium (W3C) at the Massachusetts Institute of Technology.  [Smart Mobs]