Mar 28, 2010

Smart phones get smarter and leave Apple behind

Companies from across the globe have been showcasing their latest offerings to the ever-expanding but increasingly crowded smart-phone market at the International CTIA Wireless Convention in Las Vegas this week.

Many countries in Asia, such as Thailand and the Philippines, are still struggling with the adoption of third-generation connectivity services (3G) largely due to government red tape. This hasn't stopped Sprint and Taiwanese handset manufacturer HTC pressing on with their latest smart phone, which has 4G capabilities, due for release in the United States at middle of this year. A 4G Apple phone may also be available in South Korea this summer, according to reports in the Korean press.

The HTC Evo 4G will be powered by Google's Android version 2.1 with Chrome and all the latest bells and whistles from the Google-sphere of ever-increasing software applications to make your life easier and them richer. The unit also comes armed with an eight megapixel camera with high-definition (HD) video, 4.3 inch screen, 1 gigahertz Snapdragon processor, and built in WiFi hotspot.

It will run on CDMA and WiMax networks, offering data transfer speeds up to 10 times those currently available on 3G networks. It's just a shame that the governments of many Asian countries still can't get their act together with the general adoption of 3G services as they remain preoccupied with squabbling over slices of the telecommunications pie.

South Korean electronics giant Samsung have also been busy launching new smart phones; the Galaxy S, which also runs on Google's Android, will use advanced-screen technology, which will enable it to run HD video and display brighter out in the open. The unit has a similar specification to HTC's Evo and will be suitable for 4G networks. It is not expected to hit the shelves until later this year. It is likely that the company will make deals for content such as movies and e-books to be use with its new phone.

American tech titans Dell and AT&T have teamed up to produce yet another Android-powered smart phone. The Aero has a number of features for social-network addicts, including Facebook integration and a built-in GPS. It also boasts a 5 megapixel camera and a custom designed user interface and “PC like” web browsing.

Not to be left out, Motorola has introduced what it claims to be the world's first "push to talk" one-touch handset. The i1 comes with the usual array of gadgetry to compete with its rivals, including touch screen, video, flash capabilities, geo-tagging and of course the Android operating system.

All that is without mentioning the market leaders - Nokia, Apple's iconic iPhone, which may well have spurned the surge, or Google's much-hyped Nexus One. The world's "do no evil" search company does seem to be getting the lion's share of the exposure with its mobile operating system, which is good news for Google, but maybe not so for data privacy activists and a wary public convinced the company is taking over the planet.

The mobile phone has come a long way since the brick-type devices of the 1980s, and it seems that there is no limit to what technology companies are trying to squeeze out of them these days.

Google this week defied the Chinese government with an attempt to clamber over its great firewall. Contrary to previously agreeing to filter its search results in China, Google re-routed all traffic from its Chinese mainland search portal to servers in Hong Kong, which are uncensored. The move followed the company's threat to pull out of the mainland due to the government's Internet censorship policies.

Mainland government spokespeople condemned the move, stating that it was totally wrong and against the law. Google claimed it was meaningfully increasing access to information for people in China.

Users of were redirected to from Tuesday. The estimated 30,000-strong Internet police force in China wasted no time in censoring websites with sensitive content, so that only the search results showed up - the websites in question remained inaccessible from the mainland. At the time of writing they have yet to block Google's Hong Kong search portal.

It is unlikely that China's almost 400,000 Internet users will lose a lot of sleep if the American corporate giant does pull out of the country, although academics, journalists, researchers and students are likely to be affected. They will have less of a choice and are likely to be stuck with Chinese search site Baidu, which does toe the line and self-censor.

Using a proxy or virtual private network (VPN) to bypass web filters is likely to become the norm in a country that continues to tighten its grip on the free flow of information. There is even a term for it now fan qiang, which loosely translated means "circumventing the firewall".

Small businesses have also expressed concern about the continuation of Google's other services, such as Gmail and Docs. Without them, many enterprises will need to restructure their business practices and seek local alternatives, which may also come under the ever-watchful eye of the information censors.

Another company following the anti-China sentiment is one of the world’s biggest domain name registrars, GoDaddy, which this week followed bigger rival Network Solutions in calling a halt to registering domain names in China. Company spokesperson Christine Jones stated: "We believe that many of the current abuses of the Internet originating in China are due to a lack of enforcement against criminal activities by the Chinese government" - a reference to dozens of cyber-attacks that GoDaddy has repelled this year.

GoDaddy said it would continue to maintain .cn domain names for existing customers but would no longer be registering new ones as new government legislation in China required extensive information about registrants, which includes a photograph and business license.

Network Solutions said this week it had stopped registering domain names in China last December, when the new legislation came into force.

GoDaddy, which has been registering domain names since 2000 and reportedly has more than 40 million domain names under management, said its experience had been that China was focused on using the Internet to monitor and control the legitimate activities of its citizens, rather than penalizing those who committed Internet-related crimes.

If the soured sentiment continues, as no doubt the censorship will, and more large global Internet companies stop working with China, the country could be on the way to having its own closed-door "Chinternet".

Chinese city is world’s hacker hub

A CITY in eastern China has been identified as the world capital of cyber-espionage by an American internet security company.  The firm traced 12 billion emails in a study which showed that a higher number of “targeted attacks” on computers come from China than previously thought.  Researchers for Symantec found almost 30% of “malicious” emails were sent from China and that 21.3% came from the city of Shaoxing alone. They were able to identify key targets for the hackers as experts in Asian defence policy and human rights activists, strongly suggesting state involvement.

Symantec is assisting the investigation into suspected hacking attacks on Google, which closed its website in China last week rather than censor itself on behalf of the ministry of state security.  Cyber-espionage uses emails sent in small volumes with legitimate-looking attachments or documents to fool the user into letting a malicious code infect their computer. “The ultimate aim ... is to gain access to sensitive data or internal systems by targeting specific individuals or companies,” the report said. Symantec succeeded in tracing individual computer registration numbers, known as IPs, to find the true source of the attacks. Previously, hackers in China had been able to camouflage themselves behind servers in Taiwan.

The findings show China was the source of 28.2% of global targeted attacks. It was followed by Romania, with 21.1%, presumed to be mostly attempts at commercial fraud. The United States came third, followed by Taiwan and then Britain, with 12% of attacks. 

Facebook linked to rise in syphilis

A British public health expert has blamed Facebook for a resurgence of the sexually-transmitted disease syphilis, but Australian STI researchers have called the claim "far fetched".

Data published by several British newspapers this week indicated that cases of syphilis had increased fourfold in Sunderland, Durham and Teesside - the areas of Britain where Facebook is most popular.

Professor Peter Kelly, director of public health in Teesside, told The Sun newspaper that "social networking sites are making it easier for people to meet up for casual sex".

"I don't get the names of people affected, just figures, and I saw that several of the people had met sexual partners through these sites," he said.

But Shailendra Sawleshwarkar, a research fellow in the University of Sydney's STI research centre at Westmead Hospital, said the same could be said about any communications technology - even the telephone - and instead of blaming social networking sites we should harness them to spread preventative messages.

"It's allowing people to meet more frequently, now that doesn't actually directly mean that it's going to increase the rates of syphilis but it does mean that there's more chance for people to meet and have sex," he said in a phone interview.

"At the moment it seems really far-fetched to link them [Facebook and syphilis] together without looking at the actual behaviour of the people involved. You need to not use a condom to spread these infections, so it boils down to the basic message that's not getting across."

Dr Sawleshwarkar cited figures from the National Centre in HIV Epidemiology & Clinical Research showing the rate of diagnosis of infectious syphilis in Australia increased by 37 per cent in younger people (15-19) and 70 per cent in those aged 20-29 between 2004 and 2008.

Mar 27, 2010

TENS of thousands leave hospital emergency departments untreated

TENS of thousands of Victorians a year leave hospital emergency departments without care because they're sick of waiting.

One in 15 seeking treatment at Melbourne's ERs leaves before seeing a doctor, according to the latest figures released under Freedom of Information.

Sunshine Hospital has the worst walkout rate of one in nine; at the Austin, one in 11 leaves.

Records from 10 Melbourne hospitals, obtained by the Opposition, show 6675 patients walked out between July and September.

The figures do not include data from The Alfred and Northern hospitals, so the true extent of walkouts could be greater. The situation is almost as bad in other areas of the state: one in 18 patients walked out of Goulburn Valley Health and one in 20 out of Geelong Hospital.

Opposition health spokesman David Davis said Victoria had the lowest ratio of beds per head of population of any state.

"So it's no wonder there are literally tens of thousands of patients being forced to wait for hours for a bed that then walk out in desperation," he said.

"Walkouts in regional centres are potentially very serious, as there is no nearby alternative emergency department. Where do these patients go?"

In 2006, 5 per cent of patients walked out of Melbourne emergency departments without treatment. The rate rose to 6.9 per cent in 2007-08; the latest sample indicates 6.5 per cent last year.

Health Minister Daniel Andrews's spokesman, Jason Frenkel, said walkout rates had dropped slightly in the past year and were continuing to fall.

He said some of those leaving went to GPs; some of the busiest hospitals had after-hours clinics.

Australian Medical Association state president Dr Harry Hemley said the figures showed how much pressure emergency departments were under.

"No one should feel they have to walk out of an emergency department," he said.

"Nurses and doctors are working flat-out, but the pressure has been growing and growing.

"Without enough serviced hospital beds available, doctors have been spending too much time on the phone looking for a bed rather than treating patients," he said.

"This is another example why (we are) so disappointed that the (federal) hospital plan does not have one extra dollar for patient care for at least four years."

Mar 22, 2010

Obama's healthcare a time bomb

As I wrote this column, and as you read it, the United States had reached the climax of the most contentious and sweeping attempt at social engineering in more than 40 years, a process that has degenerated into the abattoir of politics: bribery, chicanery and bloody-mindedness.   A deeply divided Congress mirrors a divided nation. The majority of Americans are opposed to the changes. Bipartisanship has become roadkill.

Even Australia has been a casualty of the long and tortuous battle over President Barack Obama's proposal for a significant increase in the role of government in delivering healthcare. Instead of addressing the Australian Parliament this week, Obama has cancelled his trip to Australia and Indonesia. He remains in Washington seeking to break a deadlock in the US House of Representatives which, at the time of writing, was locked at 212 intended votes for his health bill and 212 intended votes against. A handful of wavering Democrats will decide the outcome.

The presidential trip has been postponed rather than cancelled, and for a compelling reason, which avoids monumental slights to America's staunchest ally and to the world's largest Muslim nation.   At home, the President has created a domestic political gamble of the highest order. In contrast to the soaring rhetoric and uplifting symbolism that carried him to the White House, Obama has engaged in old-school, bare-knuckle, divisive politics wrapped in an impossibly complex 2700-page bill loaded with accounting tricks and dirty deals.

It has been presented to Congress with the barest 72 hours' notice before it is supposed to vote (today, local time).

Thirty states, fearful of being burdened with excessive costs and resentful of the compulsory imposition of healthcare costs on individuals, have threatened constitutional legal action against the legislation if it passes.

This is definitely not change you can believe in. The opinion polls are saying so. Obama's approval ratings have plunged while the Republicans have rebounded from dispirited defeat in 2008, re-energised over what they regard as a threat to the US economy.

There is a threat. The shadow looming over America is debt, greater than any time in the nation's history. The current federal budget deficit, $US1.4 trillion ($1.52 trillion), is unprecedented. So, too, is the accumulated budget deficit of $US7.5 trillion, and rising. Total US debt, public and private, is equal to about 380 per cent of GDP. It is creating a pervading unease.

Debt and healthcare are interwoven. The latest issue of America's most prestigious medical journal, The New England Journal of Medicine, contains an article ominously titled, ''The Spectre of Financial Armageddon - Health Care and Federal Debt in the United States''.

It says: ''The United States has a substantial, growing structural deficit, much of which reflects current and projected increases in federal spending on Medicare and Medicaid. This federal healthcare spending amounted to 5 per cent of the gross domestic product (GDP) and 20 per cent of federal outlays in 2009 and is forecast to reach 12 per cent of the GDP by 2050.

''Healthcare spending is thus a key driver of long-term debt … [and] our structural deficits place us on a path of debt growth that is unsustainable, largely because of healthcare programs. The sooner we start to rein in healthcare spending, the less painful the changes may be … ''

Far from curbing America's spending, Obama, having inherited grossly undisciplined deficits and banking oversight from the Bush administration, is exacerbating the trend. About two-thirds of the increase in the federal deficit is attributed to increased spending.

This is creating a credibility chasm for the President, the growing gap between the healing rhetoric of his campaign and the bruising realities of his presidency.

America's Darwinian healthcare system does need reform. (It was one reason why I left the US after living there for 10 years.) But the process of reform has been unedifying, and dangerous for the Democrats.

In the past six months, the Republicans have won a series of stunning routs in three special elections, the races for governor in New Jersey and Virginia and the special election in Massachusetts to replace the late Senator Ted Kennedy. Obama won all three states comfortably in the 2008 presidential election.

That was then. If he does win on healthcare and introduces almost universal healthcare coverage for the first time, he may be blamed for the inevitable triage in health spending as American seeks to curb its federal deficit.

Middle-class America may also decide they have been milked by the President to pay for a historic transfer of wealth through the healthcare system. Either way, the Democrats could pay with heavy losses in the midterm Congressional elections on November 2.

If, on the other hand, Obama loses this battle, he will have expended an immense amount of political capital in a damaged cause.

Although Obama will not be present in Canberra this week, his spirit will linger tomorrow as the Prime Minister and the Leader of the Opposition hold a special debate over healthcare reform.

The President, for all his charisma, his ''audacity of hope'', has been battered by staking his reputation on healthcare reform.

Kevin Rudd, who gets no charisma dividend, is offering his own form of audacity through sweeping reform of the hospital system. He has made similarly grand promises on education, energy, consumer protection and border integrity.

Once again, Rudd is offering big rhetoric and even bigger government, despite the parade of gold-plated debacles delivered so far via his unique penchant for conflating bureaucracy with grandiosity.

Mar 21, 2010

It's not easy being green and greedy

Ethical consumers are more likely than non-ethical consumers to lie and steal, a study has found. This will come as no surprise to those of us who have turned to a life of crime to subsidise an expensive eco-friendly dishwasher tablet habit.

Anyone who has sunk so low as to raid a child's piggy bank or hock the family television set to pay for those perfect little tablets in their clever dissolvable sachets knows only too well the price of keeping glasses sparkly clean without destroying the environment.

I've seen the best minds of my generation destroyed by madness, starving, hysterical, naked, dragging themselves through Woolies aisles at dawn in search of a phosphate-free fix.

Fortunately, as soon as they get around to hocking the dishwasher, there's no more need for the tablets and it's problem solved. Until the next green addiction rears its ugly head.

People perceive green consumers to be morally upstanding, Nina Mazar and Chen-Bo Zhong from the University of Toronto reported in the journal Psychological Science.

And people exposed to green products act more morally than people not exposed to green products. The thought of being good is good for us. Maybe advertising has a purpose after all.

However, the act of actually buying green products turns people bad. Real bad.

Researchers found that people who wore what they called the "halo of green consumerism" were less likely to be kind to others, and more likely to cheat and steal, The Guardian reported last week.

Study participants who chose to buy green products in a test let themselves down in a number of subsequent tests. First, they were less willing to share money with others than those who had bought conventional products.

Second, when the green consumers were given the chance to boost their money by cheating on a computer game and then got the opportunity to lie about it, they did so to a greater extent than conventional consumers did.

Finally, when participants were asked to take a certain amount of money from an envelope to pay themselves, green consumers were more likely to take more than their fair share.

And it wasn't because they needed the cash; in the initial test, the green products had cost no more than the conventional ones.

It would be fair to conclude that green consumers are, in scientific psychoanalytical terminology, a right bunch of tosspots.

And I say that as a dedicated green consumer and tosspot myself.

But before we judge, and start throwing rotten vegetables at people in the health food aisle (especially not conventionally grown rotten vegetables covered in pesticides – please), it appears the green consumers' behaviour is perfectly normal. It is the result of a phenomenon called "moral balancing" or "compensatory ethics".

"Virtuous acts can license subsequent asocial and unethical behaviours," the researchers wrote.

In other words, humans believe doing one good turn gives us the right to do a bad one.

After a jog, we deserve a beer; after giving to charity, we feel entitled to splurge on ourselves; and after sitting through The 7.30 Report we feel justified in switching over to watch So You Think You Can Dance.

I'm sorry if that last example shocked anyone but it's true: humans are capable of all manner of terrible things and it's best we face our demons.

"This was not done to point the finger at consumers who buy green products," Mazar, a marketing professor and a green consumer, told Science Daily.

"The message is bigger. At the end of the day, if we do one moral thing, it doesn't necessarily mean we will be morally better in other things as well."

Anti-greenies will still be convinced that the study proves greenies are hypocrites.

What those anti-greenies don't realise is that consuming ethically is a very stressful business.

Reading all those labels; weighing up free range versus organic; calculating the environmental impact of plastic, glass and Tetra Paks; pondering whether a baked bean feels pain – saving the world in a supermarket isn't easy, you know.

I've spent entire weekends in the meat aisle and still left with nothing but lentils. That kind of devotion to duty can play havoc with your family life. Especially when you finally get home and everyone's staring at the space where the TV used to be.

In other news . . .

A surfing alpaca is making waves in Peru. Domingo Pianezzi, 44, takes his pet alpaca, Pisco, surfing in the village of San Bartolo, Reuters reported last week.

The alpaca (a relative of the llama) looks somewhat bedraggled in the Reuters footage and appears to jump off the board frequently but, to be fair, it is only a beginner. Pianezzi provides cotton for the animal's ears and a flotation vest.

"I have travelled to Australia and have seen a kangaroo surf, a koala, a monkey, a small pig, a cockatoo, and something like 10 or 15 dogs," Pianezzi said. "What caught my attention the most was a surfing cat and the kangaroo. So I thought, if they do it in Australia, a developed nation, why can't I do it here in Peru, with an alpaca?"

Who knew we had so much animal surfing talent in this country? Can they make it an Olympic sport?f

Huge 'Botnet' Amputated, But Criminals Reconnect

Authorities took down an Internet provider spreading a type of malware known as "ZeuS," which is mostly used to steal online banking usernames and passwords. But instead of a slam-dunk victory, this wound up highlighting the whiplash pace at which criminals resurrect their illicit businesses after what should have been a setback.      The sudden takedown of an Internet provider thought to be helping spread one of the most promiscuous pieces of malicious software out there appears to have cut off criminals from potentially millions of personal computers under their control.

But the victory was short-lived. Less than a day after a service known as "AS Troyak" was unplugged from the Internet, security Relevant Products/Services researchers said Wednesday it apparently had found a way to get back online, and criminals were reconnecting with their unmoored machines.  The drama initially raised hopes of a sharp drop-off in fraud, because criminals could no longer communicate with many computers infected with a type of malware known as "ZeuS," which is mostly used to steal online banking usernames and passwords. Hundreds of criminal operations around the world use the malware.

It's unknown how many computers are infected with ZeuS, but it's estimated to be in the millions. Cisco Systems Inc. said as many as 25 percent of the world's ZeuS-infected machines were unplugged from the massive "botnet" overnight with the takedown of AS Troyak.  Botnets are networks of infected PCs that behave like criminals' remote-control robots. They steal identities en masse and are used to attack Web sites.

But instead of a slam-dunk victory, the incident wound up highlighting the whiplash pace at which criminals can resurrect their illicit businesses after what should have been a devastating setback. RSA, the security division of EMC Corp., said dozens of malicious servers that criminals used to spread ZeuS were connected to the Internet by AS Troyak. The service inexplicably went dark Tuesday, severing the ties between criminals and ZeuS-infected machines under their control.

It's not publicly known who pulled the plug. It could have been law enforcement, security researchers, or even the criminals themselves if they decided to move their operations to other servers.  Shutting down malware operations is a constant cat-and-mouse game. Some services exist solely to host malicious content, and when their connections to the Internet are severed, it's often relatively easy to find another provider willing to sell them a new connection.

RSA researchers wrote in a note to clients that their experience shows that "these kinds of drastic changes are usually short-lived, as in the long run, criminals tend to restructure their criminal activity and relaunch their online attacks."  That apparently happened -- and quickly. By Wednesday, researchers said the servers appeared to be back online, through a new Internet provider.  Cisco researchers said a total of 68 command-and-control servers were brought down, but that it's unknown how many infected computers were connected to each of those.

But they added that the criminals may have known the servers were going to be brought down, because traffic to those servers spiked over the weekend, suggesting they were directing infected computers to point to new servers.  One of the most high-profile takedowns of a malicious Web site hosting service involved a company called McColo Corp. whose Internet service was severed in the winter of 2008 after researchers amassed evidence of the company's wrongdoing.  Worldwide spam volumes almost instantly dropped by half, but within days started climbing again.

Mar 16, 2010

Achieving two-factor authentication with digital certificates.

It is widely accepted that one of the best things you can do to secure your sslvpn infrastructure is implementing a two-factor authentication scheme. Typically, this has been accomplished using a one-time password token technology. But what about using digital certificates that are tied to usernames instead of an OTP token approach? The idea being that the certificate is the something you have and the username/pwd is the something you know. This is a newly supported feature on the Cisco ASA, but not new to the industry, so I thought it might be interesting to examine it.
The common reasons given for choosing a certificate approach are cost savings, ease of use, standards based, and lower total cost of ownership. I’m not completely sold on the idea yet but think it is worth discussing and analyzing. This approach is relatively new but gaining in popularity.
So here is the user experience and behind the scenes flow of the solution:

  • User gets authorized to use the sslvpn service at their company. The sslvpn administrator creates the new user account on the authentication server and in the certificate database. Admin makes sure the subject field in the user cert includes a username attribute whose value is equal to the account he created in the authentication server.
  • User receives an email to enroll with the PKI and install their unique digital certificate. User completes the steps, a unique cert is now on their PC.
  • User browses to the url of the sslvpn device. Behind the scenes the sslvpn device will query the user’s PC for their unique digital certificate. It will check it’s validity and extract the value of the username attribute it is looking for.
  • If the cert if valid the sslvpn headend will prompt the user for authentication. However, the username field will be pre-filled in using the value from the certificate. The end user then enters their password and login completes.

Let’s dig into the details of how this certificate approach works. As is typical, to use validated digital certificates you must have a Public Key Infrastructure (PKI) that is available to your SSLVPN users. As with any PKI, you can either build your own PKI or outsource it to someone like VeriSign. As a rule of thumb, it is easiest to outsource it to a trusted Certificate Authority (CA). This eliminates the need to install trusted root certificates in every sslvpn user’s browser. The well known trusted root CA companies are already in there. The downside of outsourcing PKI is cost, it can get expensive. But even this expense should be considerably cheaper than implementing a hardware token solution for two factor authentication.
Ok, so you have your PKI in place. Now you need to issue certificates to all sslvpn users. This process varies, but can be as simple as sending users an email that contains their username, a one-time password, and a digital certificate enrollment url. The user must then go through the certificate enrollment process which will install a unique, per user, digital certificate onto their PC. Other methods of installing a certificate on each user’s PC exist so do your homework.
Now, you need to establish a typical username/password authentication mechanism for the sslvpn headend device to use to authenticate users. Popular choices are RADIUS and Active Directory LDAP.
Tying the user’s digital certificate together with their username/password is the next step to creating our two-factor authentication solution. The two must be paired together for this to work properly. This is accomplished by using the value of an attribute, found in the certificate, as the enforced username of the sslvpn user. Typically, it is a value in the subject field of the digital cert. For example, OU=jamey. The cert field chosen is determined by the headend sslvpn device administrator and can vary from tunnel group to tunnel group. The headend sslvpn device will query the certificate for this value. It will also take the value and pre-fill the username field of the typical authentication window the user sees at the client side. The user must then input the correct password for that username into the login box.
Trying to hack, change, or modify the pre-filled username field on the client side is largely irrelevant because the ASA sslvpn device effectively ignores it anyway. It only trusted the value that it received directly from its query of the certificate itself. So the hacker would have to be able to modify the certificate while maintaining its validity. A non-trivial task to say the least.
So there you have it, a two factor solution using digital certificates and username/passwords. The Cisco ASA devices support this feature starting in code. I think this approach is very interesting but I am still biased towards the traditional OTP token solutions. Would you consider this solution truly two-factor? What pros and cons do you see? Could this approach kill the costly OTP hardware tokens, I think not, but what say you?

Mar 15, 2010

Batten down the hatches, the waters are still treacherous

The ominous word ''boom'' appeared last week, in large type, on the front page of the local newspaper. Given the nature of this paper, the word could only refer to one thing: property. While the signals from the property market are mixed, it appears we are springing back to normalcy without absorbing the reality: the global financial crisis is far from over. All the elements are in place for a second crash.

The world has become an economically unstable place, with enormous unresolved issues. Australia's economy is fundamentally sound, but the global economy is fundamentally unsound. Even a good boat can be swamped by a bad sea and Australia, as a middling economy, will be buffeted by forces beyond its control unfolding in the United States, the European Community and Asia.

The Bank for International Settlements, the central bank for central banks, is warning of ''unstable dynamics''. Ominous language. The International Monetary Fund estimates the world's 20 largest economies, the G20, will have a combined debt equal to 118 per cent of their combined gross domestic product by 2014, meaning debt will have exploded by 50 per cent in just seven years. To fund what? In Australia, debt is being used for expansion of the mining sector, which is good, but also for the ill-disciplined spending of the Rudd government and the chronically overpriced housing sector. As a result, Australia's economy is more vulnerable to economic stress from abroad.

The US is running out of time to avoid another crisis. The federal government's Troubled Asset Relief Program is the biggest financial program the US has undertaken, by far, dwarfing all previous government intervention except full-scale war in 1941. Half a dozen large states are technically insolvent. Unemployment remains close to 10 per cent. The housing sector is moribund.

Robert Carling, a former senior official at the NSW Treasury and now a fellow with the Centre for Independent Studies, offers a warning about the scale of American instability: ''The legacy of four consecutive years of inflated deficits will be a level of debt more than 50 per cent higher, as a proportion of GDP, than before the [financial] crisis, and nominal debt of almost $US10 trillion ($10.9 trillion) … debt burden higher than at any time since the early post-World War II years. The difference then was that debt was in steep decline; in the current episode, it is soaring to a new plateau from which there is no prospect of a steep decline.''

Worse, two-thirds of this increased debt is coming from increased spending by the Obama administration, and Congress seems overmatched by the problem. The longer it postpones the painful spending adjustments needed, the bigger the problem becomes because the cost of debt servicing is already beginning to snowball.

''The current fiscal policies contain the seeds of the next global financial crisis with its epicentre in Washington rather than New York,'' says Carling. ''The problem of excessive indebtedness is in the process of being transferred to the public sector. It is not clear how simply passing the problem between sectors can be a solution to anything.''

In the euro zone, another crisis is unfolding. The public debt of Greece is equal to 120 per cent of its GDP. This is much higher than the level of debt when Russia defaulted in 1998.

Greece is only the start of the problem. Britain is running a budget deficit of 13 per cent of GDP, even bigger than Greece, and Britain's largest budget deficit outside wartime, all caused by excessive spending, lending and speculation.
An assault on the pound appears inevitable. It is foreshadowed by the bond market, where the yields on British 10-year gilts are 4.14 per cent, even higher than Italian bonds. Italy is one of the high-debt, high-unemployment economies once dismissed as ''Club Med'' but, now, as their problem infects the entire euro zone, are referred to brutally as the ''PIGS'' (Portugal, Italy, Greece, Spain). The market anticipates social discord in Greece.

The world economy is counting on China, with its billion consumers and hunger for economic growth, to maintain both demand and liquidity to keep the global economy growing. Australia is rapidly becoming an economic colony of Beijing.  But China has its own problems. It is creating an unsustainable asset bubble. It is also going to hit the second great wall of China - water shortages. China will stumble at some point.

Meanwhile, the advanced Western economies, including Australia, are engaged in a massive social experiment which must fail. We have sought to replace the primary economic unit, the extended family, with state spending. This will impose an unsustainable cost on future generations.

While the obvious and prudent response of government in a financial crisis is to provide social and economic shock absorbers by increased spending and borrowing, it is also important not to overreact. If you believe the global financial crisis is still unfolding, the key is not to overshoot, but to conserve resources and policy options.

The Rudd government, as it has proved in every area of major policy, overspent. It threw money around with undisciplined panic when faced with the global economic crisis. We said the same thing at the peak of the storm. In May, when the next federal budget is presented, a debt-reduction and stimulus-reduction program would be the prudent course and help bolster the government's credibility in an election year.

Prostate test creator labels it a 'public health disaster'

THE creator of the blood test used to detect prostate cancer has admitted it has become a ''hugely expensive public health disaster'' and should be abandoned.

Richard Ablin, who developed the prostate-specific antigen test 40 years ago, used by about 1 million Australians a year, yesterday agreed it had been proven inaccurate and was ''hardly more effective than a coin toss''.

''PSA testing can't detect prostate cancer, and more important, it can't distinguish between the two types of prostate cancer - the one that will kill you and the one that won't,'' Dr Ablin wrote in a column in the The New York Times.

But many doctors fear his comments will frighten men and put them off getting tested for a condition that kills more than 3000 a year.

''The PSA test does save lives and it does pick up cancers in their early stages,'' the director of Sydney's St Vincent's Prostate Cancer Clinic, Phillip Stricker, said.

''It hasn't been the blockbuster we thought it might, but there is evidence that it does good.''

He agreed that the test had wrongly been given to older men with late-stage cancers and limited life spans, pushing up costs, and often picked up cancers that did not need treatment, but said ''if used intelligently'' it was still worthwhile.

Dr Ablin said simple over-the-counter pain medications such as ibuprofen could elevate prostate antigen levels, giving a false indication of cancer. Men with low readings could be harbouring dangerous cancers and those with high readings could be completely healthy.

But the chief executive of the Prostate Cancer Foundation of Australia, Andrew Giles, said Dr Ablin's comments would confuse men and their GPs.

''Yes, an elevated PSA reading could be an infection, but it could also be cancer, so obviously it is better to be aware than not.''

Dr Albin said the test should ''absolutely not be deployed'' as a mass screening tool.

''I never dreamed that my discovery four decades ago would lead to such a profit-driven public health disaster. The medical community must confront reality and stop the inappropriate use of PSA screening. Doing so would save billions of dollars and rescue millions of men from unnecessary, debilitating treatments.''

Two studies published in the New England Journal of Medicine last year found the test was inaccurate and costly.

An American survey of 77,000 men concluded there was no decrease in the death rate in those who had yearly tests compared with those who were not offered testing. In the European trial, involving 182,000 men, it was found the death rate did decline slightly, but 48 men would need to be treated to save one life.

''We now have a situation where there is overdiagnosis and overtreatment,'' the chief executive of the Cancer Council Australia, Ian Olver, said.

Mar 14, 2010

IVF doctors to raffle human egg

A FERTILITY clinic is raffling a human egg in London to promote its new “baby profiling” service, which circumvents British IVF (in vitro fertilisation) laws.

The winner will be able to pick the egg donor by racial background, upbringing and education. Payment for profit is illegal in Britain, but the £13,000 of free IVF treatment will be provided in America.

The raffle, to be held on Wednesday, is to promote a tie-up between the Bridge Centre, a fertility clinic in London, and the Genetics and IVF Institute (GIVF) in Fairfax, Virginia.

The Anglo-American commercial venture was set up last autumn and is aimed principally at women in their forties and fifties who have little prospect of a successful pregnancy with fertility treatment using their own eggs.

SQL Injections Top Attack Statistics

SQL injections top plenty of lists as the most prevalent means of attacking front-end Web applications and back-end databases to compromise data.

According to recent published reports, analysis of the Web Hacking Incidents Database (WHID) shows SQL injections as the top attack vector, making up 19 percent of all security breaches examined by WHID. Similarly, in the "Breach Report for 2010" (PDF) released by 7Safe earlier this month, a whopping 60 percent of all breach incidents examined involved SQL injections.

"One of the reasons we're seeing such an increase in SQL injections is actually sort of what we've dubbed the 'industrialization' of hacking," says Brian Contos, chief security strategist for Imperva. "It's this notion of smart SQL injections leveraging things like Google searches, automation through bots, and various other technologies to carry out sophisticated, automated attacks."

SQL injection attacks are generally carried out by typing malformed SQL commands into front-end Web application input boxes that are tied to database accounts in order to trick the database into offering more access to information than the developer intended.

Part of the reason for such a huge rise in SQL injection during the past year to 18 months is the fact that criminals are increasingly using automated SQL injection attacks powered by botnets to hit vulnerable systems, Contos says. They use the attacks to both steal information from databases and to inject malicious code into these databases as a means to perpetrate further attacks.

"It doesn't really matter who you are or how big your company is or how sensitive the data may or may not be within the database," he says. "It really is a function of the fact that you just happen to be online, and if you have these vulnerabilities, [the bots] will find you."

Tom Cross, a vulnerability researcher for IBM ISS X-Force, says his team also has seen SQL injection attacks increase via automated attacks. "[SQL injection] automated attacks ... are being launched across the Internet, and the purpose of those attacks is really to inject JavaScript redirectors into Web pages so that legitimate Web pages end up redirecting their users to exploit toolkits that end up exploiting vulnerabilities in the victims' browsers and taking over their PCs," Cross says.

Because SQL injection attacks have become so prevalent and often come via automated attacks, Imperva's Contos suggests organizations add another layer of protection between the database and the application accessing it during authentication. By utilizing CAPTCHA technology and requiring users to enter a random series of letters displayed in an image into a text box, organizations can go a long way toward thwarting automated attacks.

Then, of course, a lot of SQL injection prevention on the database side comes down to the basics, Contos says.

First, he recommends DBAs and developers not allow such robust error messages to be displayed when a user enters something weird into an input box. "If I'm an attacker, I'm probably not going to be able to get into the database on the first shot, but what I am going to do is some recon," he explains. "If I can get that database to respond with an error message and tell me all sorts of good stuff, like, 'Hey, I'm Oracle 9i, I'm this, I'm that,' that helps attackers carry out future attacks."

Organizations should also avoid leaving detailed comments and old copies of the database on the same system. While comments might help considerably during development troubleshoots, if left on production systems, they can only help aid attackers.

Finally, and perhaps most important, when it comes to SQL injection attack prevention, be sure to do input and output validation. "Have filters so you're validating exactly what's coming in, and then you can do output validation, too, out up and through the Web application," he says. "If you're expecting an integer, only allow integers."

Mar 13, 2010

Men do help in the home (say men)

Men say they do far more housework than they are given credit for - but women don't notice because men "don't make a fuss".  A survey of men said they spent 13 hours a week on household chores including cleaning the lavatory, taking out the rubbish and changing the bed linen.

But 60% of the 1,000 men questioned said their efforts were unnoticed by the woman in their lives because they did not like to make a fuss. Almost half said they felt women were more prone to showing off about the amount of housework they take on, reports the Daily Telegraph.
  1. The task most men said they did was taking out the rubbish - with 85% claiming credit.
  2. Carrying the shopping bags was the second most popular chore among men, with 80% saying they take the weight.
  3. Food shopping came in third place, with 78% saying they are responsible for restocking the fridge each week.
  4. The research by beauty brand Dove found men spend 4.7 hours a week on housework, as well as 1.5 hours on DIY and 6.9 hours on childcare.
Paul Connell, of Dove Men Care, said: "Our research shows modern men are becoming more vocal about the contribution they make in the home, and the popular stereotype of men doing nothing around the house is no longer accurate."

Brain scan can read people's thoughts: researchers

A scan of brain activity can effectively read a person's mind, researchers said Thursday.

British scientists from University College London found they could differentiate brain activity linked to different memories and thereby identify thought patterns by using functional magnetic resonance imaging (fMRI).

The evidence suggests researchers can tell which memory of a past event a person is recalling from the pattern of their brain activity alone.

"We've been able to look at brain activity for a specific episodic memory -- to look at actual memory traces," said senior author of the study, Eleanor Maguire.

"We found that our memories are definitely represented in the hippocampus. Now that we've seen where they are, we have an opportunity to understand how memories are stored and how they may change through time."

The results, reported in the March 11 online edition of Current Biology, follow an earlier discovery by the same team that they could tell where a person was standing within a virtual reality room in the same way.

The researchers say the new results move this line of research along because episodic memories -- recollections of everyday events -- are expected to be more complex, and thus more difficult to crack than spatial memory.

In the study, Maguire and her colleagues Martin Chadwick, Demis Hassabis, and Nikolaus Weiskopf showed 10 people each three very short films before brain scanning. Each movie featured a different actress and a fairly similar everyday scenario.

The researchers scanned the participants' brains while the participants were asked to recall each of the films. The researchers then ran the imaging data through a computer algorithm designed to identify patterns in the brain activity associated with memories for each of the films.

Finally, they showed that those patterns could be identified to accurately predict which film a given person was thinking about when he or she was scanned.

The results imply that the traces of episodic memories are found in the brain, and are identifiable, even over many re-activations, the researchers said.

The results reinforce the findings of a 2008 US study that showed similar scans can determine what images people are seeing based on brain activity.

5 Alternatives to the iPad

You say you’re not impressed that the “magic” iPad went on sale today because you want a “real” OS powering your slate device. We’ve got your back as we’re your source for information about all things tablet. As interesting as the iPad is, no matter what Apple wants us to think it’s by no means the first tablet. I’ve been using them for almost a decade, matter of fact. What better way to share the tablet love than to give you 5 alternatives to the iPad. Note that I am currently using or have used every slate on this list, so you know I’m serious about it.

  1. Viliv S5. We’ll start out with the smallest slate on the list. The 5-inch S5 with its near pocketable form can be just the ticket for something to take along when space is a concern. It runs full Windows and the screen resolution is as high as most netbooks (1024×600) even though the screen is so small. It’s a real computer too, not a watered-down gadget by any means. The touchscreen works wonderfully, and it can even handle inking in a pinch if you’re careful where you put your hand.
  2. Viliv X70. Now we move up in size a little to the 7-inch slate. The X70 has a touchscreen that is the same resolution as the smaller S5, so things are easier to see. Surfing the web on the X70 is a joy, with the full web available due to the Windows platform. Like every other slate on this list, the X70 does indeed do Flash. It will fit in most any gear bag, and is easy to use in the hands as a slate should be.
  3. Viliv S7. Now we move into territory the iPad can only dream about, as the S7 is a full convertible. You don’t put the top down on this baby, but you can lift the slate up to expose a full QWERTY keyboard. No onscreen keyboard to frustrate you — you’re too much of a power user. The S7 has the same 7-inch screen as the X70, but adds that keyboard and a full trackpad for full power use. Don’t fret, it can still function as a full slate when put in that configuration. Amazingly, the Viliv folks added the keyboard to the 7-inch slate in a package that is thinner and lighter than the X70.
  4. Viliv S10 Blade. If you’re the type for whom a namby-pamby little screen just won’t do, the S10 steps up the game with its 10-inch high resolution screen. That big (1366×768) display adds full 3-point multitouch to the mix, turning it into a full featured tablet. Swivel the screen around and you expose a keyboard that supports full touch typing;  you’ll be off to the races getting stuff done.  To top things off, the S10 (like the S7 and X70) has a webcam, unlike that iPad thing. You’ll be video calling like crazy, getting things done no matter where you might be. Or maybe you’ll be on Chatroulette, it’s your call.
  5. 5. ThinkPad x200t. This is the cream of the tablet crop, the device for those who need everything. The x200t is a convertible notebook with a 12-inch multitouch screen, that also has full inking support to tap into the full Tablet PC technology in Windows. Need to get data into your computer? Consider the many options on the x200t: handwriting, typing on a real keyboard, typing on a virtual keyboard (slate mode) or simply by speaking the text. No compromises, no excuses. Just getting work done, no matter what. The way you want to do it.

Bored to death

You know the scene: you arrive at work and you see the same people, you’ve heard the conversations so many times before. It’s like the same song playing over and over again, caught in a loop. You sit down at your desk and check your emails from the same people writing in. Same old, same old. You start working and then you have to attend a meeting which seems to go forever. And so your day drags on. How often do you get bored at work? And what are the most boring jobs?

It’s an important question for two reasons. First, because boredom might be a health hazard. According to Psychology Today, scientists reckon you can die of boredom, quite literally. The report cites a study in the 1980s when 7500 British civil servants were interviewed. During that conversation, they were asked whether they got bored at work over the past month. The researchers then tracked them down last year and found that those who reported being bored were 2.5 times more likely to have died of a heart attack. So boredom at work is a problem. How bored are you?

Roxon folds and releases draft health identifier rules

FEDERAL Health Minister Nicola Roxon has buckled and released proposed draft regulations for the Healthcare Identifiers service, after privacy and security experts told a Senate inquiry the HI Bill could not rationally be considered without the accompanying rules that underpin the legislation.

A consultation paper prepared by the Australian Health Ministers’ Advisory Council was also released late Friday afternoon.

But it may be a case of too little, too late, with the regulations providing little new detail, and failing to address problems with the bill including the compulsory nature of the scheme, under which every Australian will be issued a 16-digit unique healthcare identifier from July 1 for improved medical information-sharing across the health sector.
Liberty Victoria's spokesman Tim Warner described the release as another "stunning performance by those guiding the e-health initiatives".
"To release documents that give at least a skeletal outline of what is actually going to happen - 24 hours after the last testimony was given to the inquiry (into the governing bill) and one week after the close of public comment - is a bravura performance in the theatre of transparency," Mr Warner said.
"Yes, they have released the regulations before the Senate committee reports its findings (on Monday) and the Senate votes. But after all of the lodged submissions and testimony had to be made blind."
Law Professor Graham Greenleaf, co-director of the Cyberspace Law and Policy Centre, University of NSW, this week told the inquiry the bill "shares a surprisingly large number of elements with both the Australia Card scheme of a couple of decades ago, and the (previous government's) Access Card proposals of 2006-07".
"There has been inadequate consultation and inadequate time for all concerned to really deal with the real details," he said. "Even now, none of us are in a position to know what this is about, because we do not have the rest of the legislative scheme (the regulations)."
Professor Greenleaf said the healthcare identifiers database, to be initially operated by Medicare, would become "the key national information system for just about the most sensitive thing that there is in the community - medical information".
"There is always the potential (for the system to be hacked)," he said. "Given how many databases these health identifiers will be the key to, with many other systems based around this number as the primary access key, there may well be very attractive illegal uses from access to that set of numbers.
"So yes, it becomes a very attractive location for unauthorised access. That increases the dangers that are involved."

Mar 12, 2010

Billions gouged by the big banks

The Reserve Bank has indirectly accused Australia's major banks of profiteering on interest rates, saying the recent series of ''super-sized'' rate rises had outpaced increases in the banks' funding costs.

In an analysis of rate movements, the RBA said the major banks were the worst offenders on excess pricing, with lending rates outpacing rises in funding costs by as much as 25 basis points - or a quarter of 1 per cent - since the onset of the credit crisis. This had translated into billions of dollars in additional revenue.

The comments by the RBA appear to contradict the claims of big bank executives that they have had to lift rates by more than official increases to cover their funding costs.

The comments come amid signs that households are again starting to feel the squeeze on loan payments, new figures showing ''mortgage stress'' on the rise following a string of interest rate rises.

Mar 11, 2010

The price of data leakage

THE Victorian Government staffer at the centre of a damaging leaked email scandal has been subpoenaed to appear before a Parliamentary inquiry.  Peta Duke, who authored a media plan for Planning Minister Justin Madden that she accidentally emailed to the ABC, has been ordered to give evidence when the inquiry begins formal hearings tomorrow. If she fails to appear, the demoted staffer risks being found in contempt of Parliament.

The opposition-dominated Finance and Public Administration Committee is investigating the circumstances surrounding the leaked email and the integrity of the planning department. The internal memo outlined a media strategy for dealing with the redevelopment of Melbourne's historic Windsor Hotel.  It proposed that a sham consultation process be used as an excuse to reject the $260 million project.

Killer Gorilla health plan threatens the PM

HEALTH and hospitals policy is Kevin Rudd's King Kong and it could cause him as much damage as Kong did to the Empire State Building. This is a half-pregnant set of proposals, so expect ongoing changes in the health system's structure and funding. These complex health changes will be a slow burn politically. The electorate has at least six months to pore over them and uncover any defects. The dearth of new money up-front will not help the medicine go down. When does the system start to improve? Paradise postponed yet again.
The opposition can take pot shots at Rudd's package but he can say, "I have a plan, where's your plan?" Tony Abbott can build on his local board concept but he does not need to propose anything on the broad architecture until the smoke clears from the April Council of Australian Governments meeting. His health package for the election can then focus on bite-size achievables, practical measures that have an early pay-off and that voters can understand, notwithstanding support for a bigger commonwealth role in funding health.
Rudd needed a circuit-breaker. His handlers would have said: pick a fight with someone the public likes even less than you, and preferably on traditional Labor territory. Right on cue, in front of the cameras, Rudd has not missed an opportunity to bag the premiers and their health departments. These are his negotiating partners in four weeks. Health is Rudd's equivalent of the Howard government's Northern Territory intervention in 2007 and the takeover offer for the Mersey hospital, albeit on a much bigger scale.
Swapping roles and responsibilities is no longer canvassed as a way to rebalance the federation. The traffic is now one way: to Canberra, underwritten by Canberra's deep pockets. The next cab off the rank may be cities policy.

Jeff Kennett once offered John Howard a swap: the states would take on all of education if the feds took over health. Howard said no thanks; he wanted to retain commonwealth influence over education to promote better outcomes and effective choice between public and private sectors. He also knew his cabinet colleagues were not keen to take the blame every time someone died in an emergency department.
They would have been bemused by the Rudd commitment to establish maximum waiting times for surgery under his new health plan. Remember Bob Carr's promise in 1995 to resign if waiting lists were not reduced after one year in office? He went on to serve for 10 glorious years.

The Liberals lost a lot of skin over Medicare in opposition and learned to love it. One of the promises Howard made in 1995 was not to rip up Medicare. Through time the Coalition added significantly to Medicare, particularly through its extension of the safety net.
As health minister, Abbott boasted in parliament that the Coalition had become Medicare's best friend. Contrary to recent Labor claims of ripping money out of the system, the Coalition put health spending on steroids.

Smart Card Readers Guard Multifunction Printers

One device administrators haven't secured with a smart card is the lowly, yet hardworking, multifunction printer. Even for the admittedly smart-card-savvy DOD, "Imaging and printing are the biggest security holes," says Enrique Barkey, Worldwide Director, Public Sector, at HP.

"The DOD realized a person could take a document and put it on a multifunction printer and send it by email straight out of an institution without any control," adds Simon Wakely, who is vice president of business development at smart card middleware provider, ActivIdentity.

"It goes beyond the DOD: Even in commercial space, the weakest link is imaging and printing," says Barkey, who is HP's worldwide director, public sector. "A lot of damage can be done because multifunction printers are connected to the network environment—they are the On and Off ramp to the digital world."

Which is why HP teamed up with ActivIdentity, creator of ActivClient smart card enablement software, to build a solution. The result: An HP multifunction printer that can read Common Access Card (CAC) smartcards and, via ActivIdentity middleware, communicate with Active Directory (AD) to authenticate employees to allow them to scan documents and email them.

The user sends a print job, which is encrypted, compressed, locked, and stored on a print server. Or the user goes to the printer to start a scan job. He or she inserts the CAC smart card in a reader at the multifunction printer. The printer prompts for a PIN, which the user enters. The middleware uses the PIN to unlock a secret area on the smart card, then, using public key infrastructure (PKI) to provide a certificate, and AD to provide the info on the user, a credential is released and compared, and the response comes back—the user is approved.

Although the DOD requires authentication only for scanning documents, other organizations require authentication for printing documents—not only for security reasons but for cost-saving measures, especially in paper-intensive offices. "Printing costs can be a significant part of some organizations’ budgets. A way to start controlling the printing environment is through security," says HP's Barkey.

"ActivIdentity and HP have positioned this strong authentication solution into the private sector too," adds Wakeley. "Smart cards are becoming ubiquitous as a strong form of authentication."

To learn more see Active Identity's web site at and HP's web site at

Mar 9, 2010

Cyberwar declared as China hunts for the West’s intelligence secrets

Urgent warnings have been circulated throughout Nato and the European Union for secret intelligence material to be protected from a recent surge in cyberwar attacks originating in China.  The attacks have also hit government and military institutions in the United States, where analysts said that the West had no effective response and that EU systems were especially vulnerable because most cyber security efforts were left to member states.

Nato diplomatic sources told The Times: “Everyone has been made aware that the Chinese have become very active with cyber-attacks and we’re now getting regular warnings from the office for internal security.” The sources said that the number of attacks had increased significantly over the past 12 months, with China among the most active players.  In the US, an official report released on Friday said the number of attacks on Congress and other government agencies had risen exponentially in the past year to an estimated 1.6 billion every month.

The Chinese cyber-penetration of key offices in both Nato and the EU has led to restrictions in the normal flow of intelligence because there are concerns that secret intelligence reports might be vulnerable.

Sources at the Office for Cyber Security at the Cabinet Office in London, set up last year, said there were two forms of attack: those focusing on disrupting computer systems and others involving “fishing trips” for sensitive information. A special team has been set up at GCHQ, the government communications headquarters in Gloucestershire, to counter the growing cyber-threat affecting intelligence material. The team becomes operational this month.

British and American cyber defences are among the most sophisticated in the world, but “the EU is less competent”, James Lewis, of the Centre for Strategic and International Studies, said. “The porousness of the European institutions makes them a good target for penetration. They are of interest to the Chinese on issues from arms sales and nuclear non-proliferation to Tibet and energy.”

The lack of routine intelligence sharing between the US and the EU also contributes to the vulnerability of European systems, another analyst said. “Because of Britain’s intelligence-sharing relationship with America our systems have to be up to their standards in a way that some of the European systems don’t,” he explained.

Jonathan Evans, Director-General of MI5, warned in 2007 that several states were actively involved in large-scale cyber-attacks. Although he did not specify which states were involved, security officials have indicated that China now poses the gravest threat. Beijing has denied making such attacks.

Robert Mueller, FBI Director, has warned that, in addition to the danger of foreign states making cyber-attacks, al-Qaeda could in the future pose a similar threat. In a speech to a security conference last week, Mr Mueller said terrorist groups had used the internet to recruit members and to plan attacks, but added: “Terrorists have \ shown a clear interest in pursuing hacking skills and they will either train their own recruits or hire outsiders with an eye towards combining physical attacks with cyber-attacks.”

He said that a cyber-attack could have the same impact as a “well-placed bomb”. Mr Mueller also accused “nation-state hackers” of seeking out US technology, intelligence, intellectual property and even military weapons and strategies.To help to fight the growing threat, the Office of Cyber Security, set up last year as part of the Government’s national security strategy, liaises with America’s so-called cyber czar, Howard Schmidt, who was appointed by President Obama to protect sensitive government computers.

British officials said that everyone in sensitive jobs had been warned to be especially cautious about disseminating intelligence and other classified information. Whether British intelligence is involved in retaliatory attacks is never confirmed. However, officials said that there was a significant difference between being part of an information war and indulging in aggressive attacks to disrupt another country’s computer systems.

Dr Lewis said that neither the US nor any of its Western allies had formed an effective response to the Chinese threat, which has its origins in a massive boost to Chinese technology ordered by Deng Xiaoping, the late Chinese leader, in 1986. The West’s own cyber offensives have so far been directed largely at terrorists rather than nation states, giving China virtually free rein to penetrate Western systems with its own world-class hackers and increasingly popular Chinese-made components. “You almost have to admire them,” Dr Lewis said. “They have been very consistent in their goals.”

Mar 7, 2010

Global botnet smashed

SPANISH police said they had arrested three men suspected of building the world's biggest network of virus-infected computers which hijacked more than 13 million PCs.

The "botnet" of infected computers affected machines in almost every country in the world in homes, universities, banks, government agencies and companies, including more than half of the largest US companies on the Fortune 1000 list.

It was designed to steal credit card data, online banking passwords, account information for social networking sites and other sensitive information.

"This is the biggest network of zombie computers ever discovered," the head of a Spanish police unit specialised in tech crimes, Jose Antonio Berrocal, told a Madrid news conference, using the term for PCs that can be controlled remotely by outsiders.

The authorities provided no estimate for how much money could have been stolen from owners of infected computers but security experts said removing the virus from the affected PCs could cost tens of millions of dollars.

The "botnet" network was shut down at the end of December in a joint operation carried out by Spanish police, the FBI and two private information security firms, Canada's Defence Intelligence and Spain's Panda Security.

Spanish police said it was so big it could have been used to "carry out a cyberterrorism attack which would be much greater than those staged against Estonia or Georgia."

Estonia suffered massive denial-of-service attacks in 2007 while Georgian websites suffered similar attacks a year later. In both cases the attacks coincided with diplomatic tensions between the two nations and Russia.

All three arrested suspects are Spanish nationals. They are between the ages of 25 and 31.

The authorities believe the suspected ringleader of the operation and his two alleged partners earned a living by renting out the botnet computer network they created to third parties who used them for criminal purposes.

"We were lucky that this network was in the hands of someone who was not conscious of the (full) extent of its potential for crime," lead investigator Juan Salom said.

Police are looking for a fourth suspect who might be Venezuelan, he added.

While the authorities have dismantled major zombie computer networks in the past, arrests of the masterminds of such networks are rare.

Police found personal data from more than 800,000 computer users on the PC belonging to the 31-year-old suspected ringleader of the operation that was taken from his home in Spain's northern Basque region.

They described him as a "petty criminal" who lived "modestly" from his hacking activities.

His two alleged partners, aged 30 and 25, are from Murcia in southeastern Spain and Galicia in the northwest.

The Mariposa network they created, named after the Spanish word for butterfly, was first detected in May 2009 by Defence Intelligence which then alerted the FBI.

"Our preliminary analysis indicates that the botmasters did not have advanced hacking skills," said Pedro Bustamante, a senior research advisor at Panda Security.

"This is very alarming because it proves how sophisticated and effective malware distribution software has become, empowering relatively unskilled cyber criminals to inflict major damage and financial loss."

Malware is the software designed to infiltrate computers without the owners' knowledge.

Shortly before the network was shut down, Defence Intelligence suffered a cyber attack which Spanish police believe was retalia

Mind-reading computers turn heads at CeBIT high-tech fair

DEVICES that let people write letters or play pinball using just the power of their brains have become a major draw at the world's biggest high-tech fair.

Huge crowds at the CeBIT fair in Hanover, Germany, gathered round a man sitting at a pinball table, wearing a cap covered in electrodes attached to his head, who controlled the flippers with great proficiency without using hands.

"He thinks: left-hand or right-hand and the electrodes monitor the brain waves associated with that thought, send the information to a computer, which then moves the flippers," said Michael Tangermann from the Berlin Brain Computer Interface.

But the technology is much more than a fun gadget, it could one day save your life.

Scientists are researching ways to monitor motorists' brain waves to improve reaction times in a crash.

Start of sidebar. Skip to end of sidebar.
Related Coverage

    * Brainwaves - November 21, 2009 Adelaide Now, 20 Nov 2009
    * Brainwaves - November 7, 2009 Adelaide Now, 6 Nov 2009
    * Brainwaves - October 24, 2009 Adelaide Now, 23 Oct 2009
    * Brainwaves - September 19, 2009 Adelaide Now, 18 Sep 2009
    * Brainwaves - August 15, 2009 Adelaide Now, 14 Aug 2009

End of sidebar. Return to start of sidebar.

In an emergency stop situation, the brain activity kicks in on average around 200 milliseconds before even an alert driver can hit the brake.

There is no question of braking automatically for a driver - "we would never take away that kind of control," Mr Tangermann said.

"However, there are various things the car can do in that crucial time, tighten the seat belt, for example," he said.

Using this brain-wave monitoring technology, a car can also tell whether the driver is drowsy or not, potentially warning him or her to take a break.

At the g.tec stall, visitors watched a man with a similar "electrode cap" sat in front of a screen with a large keyboard, with the letters flashing in an ordered sequence.

The user concentrates hard when the chosen letter flashes and the brain waves stimulated at this exact moment are registered by the computer and the letter appears on the screen.

The technology takes a long time at present - it took the man around four minutes to write a five-lettered word - but researchers hope to speed it up in the near future.

Another device allows users to control robots by brain power. The small box has lights flashing at different frequencies at the four points of the compass.

The user concentrates on the corresponding light, depending on whether he wants the robot to move up, down, left or right and the brainwaves generated by viewing that frequency are monitored and the robot is controlled.

The technology is being perfected for physically disabled people, who can communicate and operate other devices using their brain.

Mar 5, 2010

Passengers tell of WA Qantas plunge

QANTAS passengers have revealed the horrific moment they thought they would die in a terrifying plunge that sent travellers hurtling through the air, smashing teeth and bones and tearing ligaments.

"All of a sudden the plane dropped like a brick," one passenger said. "It was like a hurricane inside the plane, like a war zone."  "The plane fell again," said another. "I thought: 'I didn't think I was going to die in a plane crash, but obviously I am'".

These traumatic descriptions form part of a class action filed in the US against defendants including airline giant Airbus, maker of the ill-fated A330-300 that plummeted twice in quick succession during the flight from Singapore to Perth in October 2008.

More than 100 of the 301 aboard were hurt when a computer glitch caused the plane to nosedive first 650, then 400 feet (320m in total) over Western Australia.

Passengers suffered spinal, head, neck and chest injuries from being catapulted into the overhead lockers. Others lost teeth, tore knee ligaments and suffered serious cuts and broken ribs, feet, ankles and hands in the incident.

Eighteen Australians have so far joined the product liability case being run by Wisner Law in Illinois where the potential damages could significantly exceed a similar case run her

Top five gadgets from Microsoft's research labs

In five laboratories dotted around the globe hundreds of Microsoft researchers are slaving away on the complex task of doing whatever they want to.

Although Microsoft hopes that their labours will one day translate into commercial products, company executives insist their primary goal is experimentation and innovation, with researchers left to get on with the task of inventing tomorrow's technology while the rest of the company works on selling the stuff that is around today.

The TechFest science fair is the point at which these two worlds collide, where developers get to peek into the future, and researchers get to hear about the kind of challenges they face out there in the real world.
Microsoft developed an air guitar app that lets people play Guitar Hero with nothing but a wrist band to detect arm and finger movements.

Microsoft developed an air guitar app that lets people play Guitar Hero with nothing but a wrist band to detect arm and finger movements.

    * Microsoft developed an air guitar app that lets people play Guitar Hero with nothing but a wrist band to detect arm and finger movements.
    * The technology isn't especially high-tech and could easily be recreated as wrist bands, says Microsoft.
    * Microsoft is trying to reinvent the mouse for the modern world with it's
    * The cloud mouse looks pretty much like any other sort of mouse but without the flat bottom.
    * Microsoft has taken the concept of a touch screen and applied it to any surface you can imagine, from a coffee table in the living room to the skin on your hand.
    * Microsoft's Surface tabletop touch-screen computer, which launched in Australia this year, can also be used in health care.
    * Project Gustav reinterprets the art of oil painting into a touch sensitive application that creates a very realistic painting experience.
    * The Translation Telephone is a software tool designed to let you have a realtime chat with someone in another language.

But not every research team gets to strut its stuff in Redmond. Out of about 300 demo proposals only 150 make the cut. And Microsoft has trimmed that list down even further for the handful of journalists given a glimpse into this year's TechFest fair. So here is the future according to Microsoft:

Air guitar for everyone

Wearable movement sensors have many possible applications - most notable of which must be the ability to play air guitar with nothing but a wrist band to detect arm and finger movements.

Kidding aside, this demo looked pretty sci fi with wires and sensors hanging out all over the place. The researchers, however, explained that the sensors they wore on their arms and wrists were not especially high-tech, and could easily be recreated as wrist bands. Their main mission was to map the data captured to games such as the very popular Guitar Hero where the fine motor movements are translated on screen.

They also demonstrated the use of skin as a computing interface using sensors that pick up tapping motions.

Surfaces everywhere

Take the concept of a touch screen and apply it to any surface you can imagine from a coffee table in the loungeroom to the skin on your hand. This is the the mission of Mobile Surface which combines a camera, projector and mobile device to beam out an interactive image field.

In the TechFest demo, we are invited to beat the image of drums that had been projected onto a table and were rewarded with drumming sounds that corresponded exactly to our actions.

Navigating the clouds

The online cloud is here for keeps, and when we start accessing data from our 3D flatscreen, Microsoft reckons we will need a whole new navigation device that we wave around in the air instead of sliding along a table.

Its solution to this is the Cloud Mouse which looks pretty much like any other sort of mouse but without the flat bottom. More than just a dumb peripheral, however, this one has six degrees of freedom and tactile feedback.

Not only could the Cloud Mouse act as a wireless controller for drilling through 3D screen menus, but it would also serve as a key for personal cloud data on various online services.

Art meets computer

Project Gustav is an art-based program that has reinterpreted the art of oil painting into a touch sensitive application that creates a very realistic painting experience.

The point of this program is to give artists a new medium (digital) for their work and Microsoft's TechFest artist in residence (seconded from the design department) was having quite a lot of fun with this program. I had a go too, and was surprised by how natural those brush strokes looked, and the level of skill required.

To get this project off the ground, Microsoft researchers combined multitouch and tablet input technology with built in media-modeling and brush-simulation algorithms.

Telephone talk

The Translation Telephone is a software tool designed to let you have a realtime chat with someone in another language. Demonstrated in a live phone call between German and English speaking developers, the system was not flawless, but we did nearly always get a good sense of what the German developer was trying to say. He would speak his entire sentence, and then the machine would translate his sentence in English speech and a text version would also appear on screen.

What researchers are developing is the ability for the translator to deal with language spoken at conversational speed and the system attempts to intelligently adapt sentences rather than offering a literal translation. It is also able to learn different accents and patterns of speech.

Apple’s Lawsuit Against HTC is very Bad for Consumers!

Apple's lawsuit against Taiwanese handset manufacturer HTC is meant to prevent smartphones that resemble the iPhone from competing in the U.S. market, limiting consumer choice, but protecting Apple's incentive to innovate, legal experts say.

Yesterday, news broke that Apple had filed suit against HTC with the U.S. International Trade Commission (ITC) and U.S. District Court in Delaware for allegedly violating a slew of iPhone related patents. HTC derives nearly half of its annual smartphone sales from the U.S. market, and the majority sold are Android phones, including Google's Nexus One, according to UBS.

Any one of those patents could be enough to prompt the ITC to ask U.S. Customs and Border Protection to stop the shipment of imports, said Richard Field, a past chair of the American Bar Association's section of science and technology law. "It's like in Casablanca: "some of these reasons may be insignificant, but there's so many of them," he said. "Apple went to town figuring out the infringement."

Apple appears that it is not interested in the usual patent "horse trade" where one company sues another to receive licensing royalties then drops the suit, he said. "My gut feeling is that there's more to why Apple is pushing this one," he said.

"Apple wants to prevent anyone else from making smartphones that compete directly with the iPhone," said James Grimmelmann, an associate professor at New York Law School. "It will raise prices and lower quality in the smartphone market." He refused to speculate on the validity of the patents without a very detailed examination.

Field suggested that Apple might be attempting to eliminate a source of "generics" from the market in order to protect its iPhone revenue stream, which he said may be critical to the company. Apple sold 8.7 iPhones last quarter. "If you eliminate generics it affects the market"

"Apple is known for its creativity. If Apple cannot protect the creativity side of [the market] it also isn't good for consumers," Field said. When molded together, it could be argued that the patents are the essence of the Apple machine, he explained.

Grimmelmann saw it another way. "Overall, the move strikes me as a sign of weakness on Apple's part; it fears the competition. Then again, Apple is an irrationally litigious company. For every reasonable lawsuit (Psystar), it brings an ill-advised one (Apple v. Does)," he concluded.

Apple v. Does is a lawsuit that Apple filed in 2004 against unnamed defendants that it accused of leaking information to news sites including AppleInsider and PowerPage.

My take is that Apple is waging a proxy war against Google while firing buckshot at so-called "generics" (I am hesitant to use that term). It might risk alienating customers, but, as Fields told me, there cannot be a backlash unless you can understand whether the suit has merit. I eagerly await more

Mar 4, 2010

Handheld PCs bags West Yorkshire Police deal

Mobility specialist Handheld PCs is celebrating winning a deal with West Yorkshire Police to provide 3,500 officers with its hand-e-pix software. Skip related content

The Slough-based firm will deploy the image capture software on the force's fleet of BlackBerrys. West Yorkshire Police will use hand-e-pix to gather crime scene evidence. Officers will be able to share photos which are stamped with time, date and geographical location information.

West Yorkshire has the fourth largest police force in England and Wales, serving more than two million people over a 780 square mile area. The force's mobile data manager Phil Short claimed the Handheld PCs software could help save crucial crime-solving minutes.

We had such great feedback from the first 500 officers issued with hand-e-pix that it soon became clear that the entire force would benefit from the system," he said.

"We find that officers do not need to return to the police station to book out a digital camera or wait for a specialist scenes-of-crime officer (SOCO) unit to attend a scene in order to take a picture. This is invaluable in situations where evidence has a short life.

Pierre Lams, director of Handheld PCs, added: We have been convinced for some time that the UK police forces would benefit from using hand-e-pix. Handheld PCs is delighted that West Yorkshire Police is one of the first forces to adopt the system.

"We believe that the ability to capture and share multimedia from mobile devices, such as the BlackBerry, will continue to drive significant benefits in the public sector

Microsoft exec pitches Internet usage tax to pay for cybersecurity programs

A top Microsoft executive on Tuesday suggested a broad Internet tax to help defray the costs associated with computer security breaches and vast Internet attacks, according to reports.

Speaking at a security conference in San Francisco, Microsoft Vice President for Trustworthy Computing Scott Charney pitched the Web usage fee as one way to subsidize efforts to combat emerging cyber threats -- a costly venture, he said, but one that had vast community benefits.

"You could say it's a public safety issue and do it with general taxation," Charney noted.

Ultimately, Charney was only offering one suggestion during the RSA security conference; not a precise policy prescription.

But his idea has already riled many in the computer world, some of whom have since charged Microsoft and its historically vulnerable Windows operating system are responsible for countless, worldwide cybersecurity problems.

Still, Charney implored those in his own industry to focus more on "social solutions" to growing Internet security concerns. He described the importance of cybersecurity in terms of national healthcare, noting that computer ailments and hacks, like preventable diseases, travel to and incapacitate other, connected units -- not just the infected user's home computer.

"Just like we do defense in depth in IT, we have to do defense in depth in... response," he later added.

Mar 3, 2010

Topeka, Kansas, changes its name to Google

A US city seeking to be a test hub for a high-speed broadband network being built by Google has temporarily changed its name to Google. Topeka Mayor William Bunten issued a proclamation declaring that, for the month of March, the Kansas capital would be known as "Google, Kansas - the capital city of fibre optics".

The official city website,, welcomes visitors to "The City of Google" - written in the large colourful letters the internet search giant is known for - and includes a link to the mayor's proclamation.

Google announced last month that it planned to build experimental, ultra high-speed broadband networks that would deliver internet speeds 100 times faster than those of today. The web search and advertising giant said the envisioned one-gigabit-per-second networks would be built in "a small number of trial locations" in the United States.

Cyber fraud soaring: ACCC

CYBER criminals fleeced more than $70 million from Australians last year.  The Australian Competition and Consumer Commission yesterday said reports of online fraud had surged by 16 per cent last year to more than 20,000.  A separate report reveals the amount of time Australians spend using the net has hit an all time high.

ACCC deputy chair Peter Kell said the 20,000 reported instances of online fraud barely scratched the surface.  "Realistically, this figure is likely to be the tip of the iceberg, given people can be embarrassed about reporting that they have fallen victim to scams and lost money in the process," he said.  The report on fraud activity revealed:

  • REPORTS of online shopping fraud have doubled.
  • FALSE billing rip-offs increased almost 60 per cent.
  • CASES of Australians duped by online banking fraud rose 40 per cent.

Mr Kell said most complaints related to mass marketed advance-fee fraud. Complaints in this area, which include the infamous Nigerian style up-front payment requests, dating and romance traps, sweepstakes and unexpected prize frauds, increased 54 per cent.

"Nearly 70 per cent of consumers who contacted the ACCC about scams during 2009 said they were contacted via the internet," Mr Kell said. Online fraud is the focus of the Australian Consumer Fraud Taskforce's Fraud Week awareness campaign, which began yesterday. Telstra Office of Internet Trust and Safety spokesman Darren Kane said con artists preyed on all age groups, so it was important to think smart when online.  This was particularly true of online shopping. "If it seems too good to be true, then it probably is," he said.

Senator 'abused' review process

SCIENCE Minister Kim Carr has defended himself against an accusation that he abused the system of peer review.

Clive Spash, an environmental economist who left the CSIRO after a dispute over a

paper on the politically charged subject of carbon trading, said Senator Carr had used a reviewer's report in parliament to "pour derision" on his work.

"For a senator to make excerpts of a confidential academic journal referee's report public is a clear abuse and violation of the scientific peer review process," he said.

Yesterday, Senator Carr dismissed Dr Spash's objections, saying: "I make no apology for doing my duty as Minister and reassuring myself of the integrity of CSIRO processes."

In November, Dr Spash complained the CSIRO was trying to suppress his paper, The Brave New World of Carbon Trading. The agency denies this.

The paper was critical of emission trading systems trading at a time when the government was proposing just such a system.

Mar 2, 2010

Turning peer review into modern-day holy scripture

Suddenly, the esoteric system of peer review has hit the headlines.

The Lancet, a leading British medical journal, has acknowledged that it made a serious error in publishing a study suggesting a link between the MMR vaccine and autism and bowel disease. Earlier this month, a group of leading stem cell researchers wrote an open letter pointing out the systematic abuse of peer review by a small cabal of scientists, whom they accuse of using their position to slow down the publication of the findings of their competitors.

Then there is the scandal surrounding the leaked emails of the Climatic Research Unit at the University of East Anglia (UEA) in England, and the dubious data published by the Intergovernmental Panel on Climate Change (IPCC), which further exposes a worrying trend towards the corruption of peer review.

Peer review is a system that subjects scientific and scholarly work to the scrutiny of other experts in the field. Ideally it ensures that research is only approved or published when it meets the standards of scientific rigour and its findings are sound. At its best, peer review guarantees that it is disinterested science which informs public discussion and debate. When established through peer review, the authority of science helps to clarify disputes and injects into public discussion the latest findings and research. Peer reviewing depends on a community of experts who are competent and committed to impartiality. It depends on the commitment and collaboration of scientists and scholars in a given field.

However, the individuals who constitute a ‘community of experts’ also tend to be preoccupied with their own personal position and status. Often, the colleagues they are reviewing and refereeing are their competitors and sometimes even their bitter rivals. The contradiction between working as a member of an expert community and one’s own personal interests cannot always be satisfactorily resolved.

Unfortunately, even with the best will in the world, peer reviewing is rarely an entirely disinterested process. All too often the system of peer review is infused with vested interests. As many of my colleagues in academia know, peer reviewing is frequently carried out through a kind of mates’ club, between friends and acquaintances, and all too often the question of who gets published and who gets rejected is determined by who you know and where you stand in a particular academic debate.

Peer reviewing cannot remain immune to the preoccupations, agenda and interests of the individuals who carry it out. Even when they have the best intentions, academics and scientists can overlook errors and become blind to the importance of a new but maverick contribution. They are ordinary mortals who have their fair share of prejudices, and are often no less petty or self-centred than other people can sometimes be. Nevertheless, peer reviewing has traditionally, at least, been the most effective way of exercising quality control over the proposals and output of the scholarly and scientific communities.

[get spiked by email]

The experience of the past few months indicates that there are at least three different ways that the system of peer review can be undermined.

First, there is the genuine mistake. One example of this was the failure of the Lancet’s refereeing process to spot the flaws in the study associating the MMR vaccine with autism and bowel disease. Now that the Lancet has retracted this flawed study, questions need to be asked as to whether in this instance the desire to gain publicity for the Lancet influenced the decision to rush into print.

Second, there is the damaging influence of nepotism and professional jealousy. Academics and researchers are all too conscious of how their prestige and career opportunities can be enhanced by getting their work published in a major journal. Sometimes, reviewers regard the research they are refereeing as the work of a competitor and adopt the tactic of either delaying or preventing its publication. This is the accusation made by 14 stem cell researchers in a letter to several major journals in their field. The researchers claim that the peer-review process was corrupted by reviewers who deliberately stalled, and even prevented, the publication of new results so that they or their associates could publish the breakthrough first. They also accused the journals of not doing enough to prevent this stalling from taking place.

The third, and in recent years the most disturbing, threat to the integrity of the peer-review system has been the growing influence of advocacy science. In numerous areas, most notably in climate science, research has become a cause and is increasingly both politicised and moralised. Consequently, in climate research, peer review is sometimes looked upon as a moral project, where decisions are influenced not simply by science but by a higher cause. The scandal surrounding ‘Climategate’ is as much about the abuse of the system of peer review as it is about the rights and wrongs of the various claims made by advocacy researchers in and around the IPCC and the UEA.
Turning peer review into a dogma

The usual problems associated with peer review, as outlined above, have been exacerbated through the transformation of peer review into a form of authorisation. Increasingly, peer review is cited as kind of unquestioned and unquestionable authority for settling what are in fact political disputes. Consequently, the findings of peer review are looked upon, not simply as statements about the quality of research or of a scientific finding, but as the foundation for far-reaching policies that affect everything from the global economy to our individual lifestyles.

Increasingly, peer review has been turned into a quasi-holy institution, which apparently signifies that a certain claim is legitimate or sacred. And from this perspective, voices which lack the authority of peer review are, by definition, illegitimate. Peer review provides a warrant to be heard – those who speak without this warrant deserve only our scorn.

You can almost visualise peer-review dogmatists waving their warrant and demanding that their opponents be silenced. For someone like George Monbiot, the British climate-change alarmist, peer review is the equivalent of a holy scripture. Boasting of his encounter with an opponent, who challenged him to a debate on speed cameras, Monbiot wrote: ‘I accepted and floored him with a simple question.’ Predictably, the question was: ‘Has he published his analysis in a peer-reviewed journal?’

In a world where opponents can be ‘floored’ simply because they lack the authority provided by the ritual of peer review, it is not surprising that there is considerable incentive to manipulate the system of peer review, to bend it to one’s own will and needs. Andrew Dessler, a climate-change researcher, also sought to floor an opponent, who apparently wrote a ‘denier op-ed’ in the Wall Street Journal, by dismissing its value on the grounds that that newspaper is not peer reviewed. Dessler argued that, since ‘the only place’ where this ‘denier’ can present his views is in ‘non-peer-reviewed venues like conferences and press releases’, he is worthy only of censorious contempt.

Climate alarmists do not simply boast of their monopoly over peer-reviewed outlets – they also do their best to call into question peer-reviewed outlets that dare to publish research that challenges any aspect of their moral crusade. When Cambridge University Press published Bjorn Lomborg’s The Skeptical Environmentalist, it faced bitter criticism from campaigners who hinted that something had gone wrong with the publisher’s system of review. Stephen Schneider, a professor in environmental studies, asked why ‘a publisher with so excellent a reputation in natural sciences (it even published the IPCC reports) publish[ed] a polemic under its imprimatur’, and demanded to know if Cambridge University Press had ‘the book completely reviewed?’ It seems that as far as Schneider is concerned, it is simply unthinkable that a publication that questions the prevailing consensus could have been properly reviewed.

The zealous policing of peer review by campaigners is directly encouraged by the IPCC itself. As Reiner Grundman argued in (the peer-reviewed journal) Environmental Politics, the IPCC ‘characterises outside critics as unscientific as they do not publish in peer-reviewed literature’. With so many moral resources invested in the authority of peer review, it is not surprising that some supporters of the IPCC consensus adopt an almost casual attitude towards the violation of academic protocols. The leaked ‘Climategate’ emails show how one UEA scientist, Dr Keith Briffa, wrote to a colleague to ask for help in keeping a paper that he did not like out of an academic journal that he edits. US climate scientist Michael Mann has proposed that a journal should be ostracised for daring to publish a paper criticising his work. ‘I think we have to stop considering Climate Research as a legitimate peer-reviewed journal’, he argued. Phil Jones, the central figure in the Climategate scandal, promised to keep two research papers out of the IPCC report. ‘I will keep them out somehow – even if we have to redefine what the peer-review literature is’, he said.
Another dodgy dossier

Sadly today, there are far too many researchers for whom science has become an instrument for the realisation of a higher cause. As a result they are scientists in name, but moralisers in practice. The manipulative exploitation of peer review is underwritten by a culture where campaigners are permitted to have a cavalier attitude towards facts.

While the IPCC insists that its critics should be judged by the most rigorous standards of peer review, it has a more relaxed attitude towards its own publications. In recent weeks there have been a series of damaging revelations about how conclusions drawn by the IPCC’s 2007 report were based on speculation and anecdotes. So claims made about disappearing mountain ice were cobbled together from information drawn from a student’s dissertation and an article published in a mountaineering magazine. Other claims were based on information from newsletters, press releases and reports produced by environmentalist advocacy groups.

There is a powerful double standard at work here: the IPCC attacks its critics for relying on ‘grey literature’ – that is, non-peer-reviewed literature – and yet it has relied on anecdotes and speculation in its reports. We shouldn’t be too surprised about this double standard, because, fundamentally, the IPCC is not simply concerned with presenting the facts but with interpreting them, giving them meaning, giving them momentum. It continually makes conceptual leaps from facts to meaning, from findings to politics. Of course there is nothing wrong with being in the meaning business, just so long as you are honest about it and do not present yourself as the pure, impartial voice of science.

It shouldn’t be surprising that those involved in the corruption of peer review should also be happy to use anecdotes and speculation as the moral equivalent of hard scientific data. However, it is important to understand that these people fervently believe in their cause and are convinced that, far from deceiving the public, they are preserving and protecting a higher truth. Like the authors of the British government’s dodgy dossier on Iraq, they are convinced they are absolutely right. And it is this sense of righteousness that allows them not to let the absence of a few facts stand in the way of promoting their arguments as either hard intelligence or peer-reviewed science. It was the moral conviction of former US defence secretary Donald Rumsfeld that allowed him to respond to a question about the existence of weapons of mass destruction in Iraq by stating that ‘the absence of evidence is not evidence of absence’. And in a similar manner, the absence of evidence does not deter climate alarmists from practising their art.

The philosophy of the Noble Lie – revealing a ‘higher truth’ with little regard for meaningful facts – allows people to stretch the truth in good conscience. One apologist for the sordid Climategate affair has reminded the public to ‘not forget the context in which many of these emails were sent’. Apparently, ‘this is a saga that goes back to a time before the current political and media concern about climate change’. He reminds us that this was before Al Gore got his Nobel Prize and when ‘well-funded climate sceptics routinely spread disinformation’. From this perspective, the ‘context’ lightens the burden of moral reproach. Climategate is an understandable if not 100 per cent justified response to the ‘context’. Which is precisely how Noble Lies are hatched.

Today, many people can count on the authority enjoyed by climate science to avoid having to engage with the criticisms or concerns of the public. That is why, even when the emperor, that is the IPCC, is caught without his proper peer reviews, it can still carry on by blaming the little boy for being too sceptical.