2010-06-16 | Andreas Schmidt | research, software | 1 Comment »
Some interesting pieces of software have been developed in recent years that aim at replacing the venerable Word as an authoring tool for large and complex writing projects. On the Mac side, two humbly named applications, Ulysses and Scrivener, have most notably emerged as popular writing tools. While everything is nice and fine as long as you write, sharing your output and delivering well-structured (in a technical sense) and formatted documents is a bit cumbersome and usually requires dreary manual intervention. As I had written a script for Word for Windows back in my, well, teens that did just some of that things I until now had to do manually on the Mac, it should be fairly easy to update and extend that thing and write some code.
Read the rest of this entry »
2010-06-10 | Andreas Schmidt | internet security governance, openness, secrecy | No Comments »
I’ve pointed out earlier some of the research questions for social scientific internet governance research. The main issues I described there are:
- There is a lack of empirical analysis undertaken by social scientists, who are not affiliated with biased agencies engaged in turf-wars or the fear-mongering security industry, about the scale, quality and impact of internet security issues. Furthermore, existing institutions have hardly been researched.
- Ongoing debates in the political sphere often refer to an lack-of-enforceability argument. More often than not, these arguments fail to be backed by scientific findings.
- The geopolitical dimension of internet security is under-researched.
- The potentially disruptive impact of internet-based collaboration on traditional security provisioning processes is to be explored. We can observe these discourses about new forms of distributed collaboration everywhere, but not in the field internet security governance.
The main issue for social sciences however to provide guidance for institutional and organisation design for internet security governance.
Ad-hoc defense system protecting railway embankment against Danube flood
Read the rest of this entry »
2010-06-10 | Andreas Schmidt | internet security governance, research | No Comments »
It’s finally happening. After an abysmally long time of politicians, military, and the security industry coming up with streams of innovative policy tangle in the name of internet security or cybersecurity, a critical mass of social scientists and research interested practitioners has teamed up to start deepening our knowledge of internet security and its governance. While Hungary was having difficult times by floods and economic turmoils, Budapest couldn’t have been a more lovely and welcoming place in the last couple of days.
Read the rest of this entry »
2010-04-21 | Andreas Schmidt | China, conference, global politics, Google, internet politics | 1 Comment »
“Everything that can be thought is thought at some time or another. Now or in the future.”
“Those things which were thought can never be unthought.”
Ralf Bendrath and I gave a presentation on “statehood and internet” at this year’s re:publica conference in Berlin. Re:publica is an annual conference for internet aficionados, bloggers, internet activists and, ever more so, politicians and public authority representatives involved in internet regulation. For the first time organised in 2007, it has by now risen to host some 2500 visitors and has been extensively covered (DE) by old-media outlets.
We used the opportunity of the China-Google/US conflict to discuss basic relationships between states and private actors, a question raised (both links DE) in the blogosphere and media, and some general perspectives of internet politics.
Read the rest of this entry »
2010-04-12 | Andreas Schmidt | internet security, research, workshop | 1 Comment »
It doesn’t happen too often that you read about a conference or a workshop and think: Now, that was about time! Internet governance is about to undergo some fundamental changes, states are getting ever more involved, mostly for addressing internet security problems. A plethora of questions need to be resolved to deal with these problems with well designed institutions. And yet, as far as I can tell, there is no major research programme on internet security governance going on anywhere on this planet. Hence, the workshop “Europe And The Global Information Society Revisited: Developing A Network Of Scholars And Agenda For Social Science Research On ‘Cyber Security’” could not have been launched more timely.
The Center for Media and Communication Studies at the Central European University (Budapest, Hungary), in partnership with the Centre for Global Communications Studies at the Annenberg School of Communications (Philadelphia, USA) will convene 30 selected experts next week at CEU in Budapest for a Strategic Workshop sponsored by the European Science Foundation (ESF). As flattering as rather undeservedly, I will be on a panel discussing the relations between cybersecurity on the one hand and International Relations, governance and institutions on the other. Following, my take on some blind spots in internet security research from a social scientific perspective.
Read the rest of this entry »
2010-02-24 | Andreas Schmidt | General, reviews, software | No Comments »
Writers love having written. Problem is the time, work and brain twisting necessary between an idea to produce something and actually having done it. Well, it’s not that bad, sometimes you love writing, but sometimes you hate it. Or it bores, is cumbersome, and annoyingly laborious. This is why the human species loves to create machines: to enjoy the fruits of life, ransomed from the need to plug, wash and process them. With the field of information production, it’s about the same. The invention of computerized information processing has led to the rise of numerous attempts to create machines supporting human efforts of thinking, understanding, and creating meanings. In a sense and high on the abstraction layers, this is what computing is about in general. More narrowly, the question is how and which kind of software can support individuals in their efforts to gather information, grasp it, recombine it, and create new insights, new meanings, new information, new knowledge. What would be the equivalent of exoskeletons for the brains, which would enable the average brain to easily jump on the notorious shoulders of giants and beyond?
Read the rest of this entry »
2010-01-06 | Andreas Schmidt | filesharing, internet politics, peer production, Wikileaks | 1 Comment »
“It seems like the Crypt is their worst nightmare.”
China spearheads the anything-goes movement of technology-based societal control, authoritarian countries worldwide follow suit, and we yet don’t know whether western democracies will manage to at least remain in their currently mediocre shape if one of the many ongoing global developments and crisis should ever have a major and disruptive societal impact. From the perspective of the freedom and unhindered flow of information, the internet makes a bad expression these days and things haven’t changed for the better in the last year and the naughties.
John Perry Barlow’s “fuck them” Read the rest of this entry »
2009-12-18 | Andreas Schmidt | botnets, Germany, internet security governance | No Comments »
I’ve written a quick analysis of the recent anti-botnet politics in Germany. Kind crew behind netzpolitik.org has published it on this blockbuster blog. It’s written in German, though, but you could alternatively give Google Translator a moment of embarrassment.
2009-12-16 | Andreas Schmidt | botnets, internet security governance | No Comments »
This is going to be an interesting experiment in internet security governance. Scientists have argued for years that internet security problems are as much caused by a misalignment of incentives as they are by technological flaws in software and hardware. One obvious recipe to call ISPs for action against botnets is one that has helped to increase software vendors’ activities in increasing software robustness.
Gathered under the umbrella of the Shadowserver Foundation, a group of engineers and scientists have scrupulously gathered evidence and background information about the activities of the Conficker botnet. They have known for months that millions of machines worldwide had been infected with Conficker malware. Yet, no one reacted, only shoulders were shrugged. At govcert.nl in October, many were contemplating how to proceed with Conficker.
Starting today, Shadowserver let’s everyone know where these Conficker-infected machines are. The move is a valuable contribution to increase global transparency about the somewhat obscure botnet problem.
An interesting example from Germany immediately sticks out. 1&1, a big hosting and medium-sized accessed provider, had initiated an internal initiative against botnet-infected customer systems earlier this year. Today, only ten IP addresses and 0% of their routed space are assigned to infected machines. For customers of Deutsche Telekom, which hasn’t announced a similar program, things look worse: 0.1% of all IP addresses or more than 32,000 IP addresses belong to a Conficker-infected machine.
2009-12-09 | Andreas Schmidt | botnets, Germany, internet security governance | 1 Comment »
Yersterday, press reports about an alleged joint venture of national ISPs and the national IT security agency to build a national botnet center stirred some scepticism and perplexety in Germany. After heise online brougth the news, the hacker association CCC informed that this rather is a hoax.
However, the German national ICT security agency (Bundesamt für Sicherheit in der Informationstechnik, BSI) and the association of the German internet business, eco (Verband der deutschen Internetwirtschaft), have cooperated on botnet issues at least since October 2008.
A workshop on botnets in early February 2009 addressed topics such as data-exchange between ISP regarding information from systems such as honeypots, abuse systems, spam traps (email analysis), DNS analysis, IDS/IAS (anomalie detection) or harmful websites. This information provided by ISPs could then be complemented with external data sources. Given the lack of published data, it is not clear which techniques ISPs actually use to exchange data today.
Another workshop on botnets, obviously organized by eco, took place in early February 2009. One of the speakers was Frank Ackermann, senior legal counsel to eco, who talked about judicial aspects of botnet fighting. According to Ackermann, “ISPs are interested in moderate filtering” of spam. Thus, politics should be discouraged from strict anti-spam regulation.
The programme of another joint eco-BSI workshop, the 7th German Anti Spam Summit mid-September 2009 on conficker, has sessions like “Status Quo central botnet disinfection call center DE” and “Legal Guide on Technical Approaches against Botnets” listed. According to the programme, Dr. Lothar Eßer, Head of Division Internet Security of BSI, also attended this session.
In late November 2009, eco mentioned in a summary of their IGF09 activities that it is going to build a “Botnet Disinfection Center” in a joint effort with BIS and several providers.
So, Germany will get it’s public-private anti-botnet center. According to eco’s press release, eco and BSI will establish a user-support center. ISPs will forward customers with infected machines to a website which provides tools and descriptions for removing malicious software from their machines. In addition, users with infected computers can call a special hotline with experts assisting users in removing harmful software.
—-
Upd. 9.12.; 16.12: changed headline, added the paragraph with eco’s press release; corrected typos
Subscribe to