Other services were also used, two individuals have been jailed for 4 years for attempting to start a riot via Facebook, Twitter has also been called into question with some individuals actually posting images of what they looted from stores.

Whilst the media mainly focused on those aspects, what it only briefly covered was communities coming together to use social networks to set-up groups who were willing to help clean and secure their local area. Images of clean up crews appears on twitter, hundreds of people who gathered with brushes and bags to clean up in the wake of destruction. Flickr has been used by police to host images of those caught on CCTV and need naming as part of an investigation to catch all those involved in the riots. Greater Manchester Police publicly named and shamed individuals on their twitter account, who had been sentenced at magistrate courts.

Overall social media has played many roles in this riot, many accuse its lack of governance therefore helping to spread the riots, but what we really see in the aftermath is how communities come together via social networks to clean up and name & shame those involved. The government recently met to decide whether social media should be switched off in times like these. I assumed the resulting response would be no and it seems like that has been the general concensues.

What was important from these meetings was that social networks guaranteed they will fully co-operate with police investigations. Our information clearly has a price and its good to know that it is in the interest of safety this time and not to be sold to the highest bidder.

If you’re a UK national, or probably not… you’ll today is the last edition of ‘news of the world’, a Sunday news paper which has become a British institution, running some of the biggest UK stories & campaigns over the 168 (1843 – 2011) years of its existence, to one of the largest news paper audiences, 7.5 million people. Many of us know that the paper is closing because of the recent phone hacking scandal, evidence has come to light that NOTW whilst all its campaigning for good causes has betrayed the nation, hacking phones of victims and war heroes in an attempt to get a good scoop.

Now many people hold the individuals who did this to account and I completely agree, but there is one set of people who seem to be getting off lightly here. A group of companies which are a major contributor to a massive security flaw. To explain this requies a small insight into how you hack someones voicemails, quite simply, you dial the victims (the person you want to hack) mobile number, wait for voicemail to kick in then press either * or # depending to enter remote voicemail, you then have to enter a password. By default this is either 0000 or 1234 or some other easy combination, dependant on which mobile carrier and its the same for every person on that network. Now seeing as voicemails usually answer ‘You’re through to the orange answer phone’ we immediately know the key combination and password to try & if the user doesn’t change their password, we are in. We have control to listen and delete messages.

So the biggest group of companies to get off lightly is the mobile phone operators, they are in effect responsible for providing inadequate support to change a voicemail password or setting a default one in the first place. When I get a new bank card, I also receive a 4 digit pin, usually sent separately to the card via post containing a random 4 digit sequence. Now had they just used a default pin, lets say 0000 or 1234 (look familiar) we immediately have access to that bank card, to withdraw cash from a machine or use chip and pin. It would be a complete nightmare. Now how many people would change their bank card pin if this was the default, probably the majority of people wont unless specifically told.

Now I am not trying to say we are at fault, lets face it unless your a security expert you don’t think about things like that, so the banks made it simple and gave us a random 4 digit number, making it a hell of a lot harder for someone to intercept a card and use a ‘default’ pin. When I get sent my new random pin I still don’t change it, there is no need. Someone could eventually guess it, but this would take considerable amount of time and effort, there are 10,000 different sequences made from 4 digits. We all agree that’s hard and not worth the time but then if we were a criminal after money we might, but a fail safe kicks in after 3 wrong attempts (either the card is swallowed by the machine or its somehow blocked out, if you’re that interested I am sure there is a wiki article).

Now consider applying this model to a mobile phone, a random 4 digit pin is assigned. Its now going to take us a maximum of 10,000 attempts to guess that password. If you are that desperate you may try, but for the sake of a voicemail and you’re a journalist you won’t waste your time and effort, there are far easier scoops to get. Still not satisfied, let’s say you are a determined individual, if we add the 3 attempts fail safe with either a remote access block for 15 minutes or until you dial the support number from your device (121 if you’re Vodafone) to unblock it. We have now made it more secure just by randomising a number and adding a fail safe.

This is achieved in a number of ways, at a cost to the mobile operator, but when security of customer data is concerned we expect them to pay for the cost, or we move to someone who will (in this case another carrier). When I first take out my phone contract I could be forced to select a pin whether its in store, online or by phone only I know my pin. Another option, which the banks use, is to randomly set a number and make sure you take a note of it. With any password if we forget it, we call the support line and go through a few security questions and they reset it there and then.

So who is to blame? Firstly the individuals who do it, they should be jailed for illegal activity and secondly the mobile operators for having a massive security flaw and not attempting to inform us to change our pin. But lets not forget to some extent us, for naively assuming a default password was by any means secure in the first place and we should have identified this years ago. Now I don’t expect a single mobile phone company to even bother taking steps to secure voicemails, there is no bad press about them and its not worth the cost of a system upgrade until someone points this out. Oh wait I just did! (But I’m not exactly Sky News).

Moving swiftly back to the technology side, the championships at Wimbledon introduced the technology of Hawk Eye some many years ago now, the system tracks the position of the ball and with precise accuracy can determine exactly where is landed on court. As I mentioned Wimbledon hold on to traditions and still use line umpires to call the ball out, however players can challenge a call and with the use of hawk eye the call could be overturned. Say the ball was called out, player challenges and hawk eye pinpoints the ball was in fact slightly touching the line, therefore in. The point is either then replayed or awarded to the challenging player, the exact specifics of either replay or awarded point is a complete different story, which I wont go into. There are many articles such as Wikipedia which can give you a far more detailed information and the specifics.

This year IBM are trialling new technology which takes hawk eye one step further, its important to mention IBM do not own nor operate hawk eye, this is done by another company, now owned by Sony, IBM are the official technology partner.  Instead of tracking the ball movement the players positions are tracked, this gives more detailed analysis to spectators and players on their game, heat maps show where a player stands the most for example. The technology whilst in trial still has some bugs, for example doubles matches are extremely more difficult to track 2 players on the same side of the court. The system must not get confused between each player. Without doubt another Wimbledon tradition lends its self well here, the all white clothing makes it easy for the system to distinguish between the court (which is green) and the player, this probably also leads to the downside of doubles players, as both where white clothing, if one where red and the other white, the system should be able to easily tell which player is which.

I look forward to seeing more of the technology enhancements brought into the game, the trial took place on court 18, next year we could see it move to a trial on centre court.

More Information

• Wimbledon 2011 IBM Site
• Computer Weekly IBM SecondSight

Although the information was obtained from a government agency (Serious and Organised Crime Agency – Soca) and not via Virgin Media spying on its users, it provides a good discussion point, should ISPs provide a service to alert users if their machines have a potential virus or suspicious activity? Now I can imagine privacy activists having a field day over this, but does this not already exist within our culture in one form already? Banks are a prime example, they monitor your account for suspicious activity where your identity may have been stolen or a card has been cloned and alert you of this fact. They scan every transaction and make a decision, is this normal behaviour for this person?

Without doubt you could argue they are completely different situations, but banks looking over our financial transactions doesn’t seem to bother most people, especially when we talk about money, but when someone starts looking at the websites we visit we cannot help but think this is an invasion of privacy. I am not talking about ISPs recording a detailed history of visited websites, just watching out for a connections made to known problem sites or servers.

I feel that this may be something far off in the future (ISPs watching for suspicious activity), but we may see more government agencies move to work with ISPs to clamp down on this type of activity. I am in favour of external agencies alerting ISPs of problem IPs, they do not have the ability to watch your online movements, they only find out through their investigation of pursuing their investigations. However if my IP was identified I would expect my identity to remain anonymous and only be told discreetly as such with the case of Virgin Media. I only hope Virgin Media also provided guidelines in their communications on how to remove the problem trojan in this case. If the users have no idea they are infected, its often the case they don’t know how to best protect themselves and thus would need extra guidance.

More Information

• Source: Computer Weekly Article
• Symantec SkyEye vs Zeus Bot
• Telegraph Soca & Virgin Media Article

Now I am looking forward to starting at Sky in July!

So I have finally written, printed, bound and handed in my dissertation. So having been fixated to my computer for the last 3 months writing and coding I finally get to have a break! Before project defence which is currently scheduled for Friday 13th 2011. Quite excited to demo all my hard work and defend my choices, hopefully I wont have to defend it too much, my dissertation should explain the reason for my choices.

Just a quick reflection, I said I would blog a bit whilst I was writing and I hope to keep a page updated, but I found the last thing I wanted to do after spending hours of the day writing was then continue writing some more… so I gave it a bit of a miss. But I have breathed some new life into the blog with a new layout, which I hope will last till the end of 2011. This is my first fully own designed layout for a while. I had been cheating and using pre-created ones.

I cannot remember the last time I used “however” and “although” so many times, it seems unending! I suppose I could have picked something like “On the other hand” but thats 4 words compared to 1 and seeing as I have a word count to stick too… I’m certainly not going to start changing them all now. I will just be glad to have this complete within a few days time and handed in!

So I start my new career on 6th July and I am eagerly looking forward to it, I just need to concentrate on my dissertation which is due on the 6th of May. So I get exactly 2 months to relax before starting work, I am sure I will be spending everyday out in the sun (I hope it’s sunny). Even better if I can get down the beach as often as possible, come July I will be working very much inland.

Anyway I started at the beginning as per usual and have managed to get through to the current series in about a month (There are 3 series, currently on a mid season break). Which is slightly longer than usual but I have a massive workload at the moment.

Again I digress, the show stars Amanda Tapping best known for her role in the Stargate Franchise as Sam Carter she plays Dr. Helen Magnu. Amazingly she does a very traditional British language from the Oxford area very well. Better than myself I must say and I live in the country! Along side her stars Robin Dunne who plays Dr. Will Zimmerman brilliantly well. There are a host of other characters but the programme revolves around those two the most.

The show is very SciFi orientated, not usually the type of SciFi I tend to watch. I seem to watch more tech and future related where as this is more current and mystical. Yet I find myself always wanting more. The whole show is pretty much shot on green screen with a few location shots. Its an amazing use and keeps the budget low, but some rooms would be nice if they actually modelled as although green screen has come a long way, it makes the programme look too fake.

I am looking forward to its return in April 2011.

Text Mining

May be possible to run TF/IDF on the corpus collected to attempt to identify.

Bayesian Classifiers

I found a php script which creates a simple Bayesian classifier, however it didn’t perform too well on the test data.

N-Gram

Finding sequence of words which can be used to generate keywords and then identify in a line of text. Keywords could then be identified in the status dependant on proximity of status to keyword time.

I’ll leave this update there for today, I am still working on research and also creating a formal solution.