Hackers could skim microtime cream from stock markets

Paul Raven @ 07-01-2011

As if I needed more reasons to mistrust the wild and wacky world of high-frequency trading [via SlashDot]:

High-frequency trading networks, which complete stock market transactions in microseconds, are vulnerable to manipulation by hackers who can inject tiny amounts of latency into them. By doing so, they can subtly change the course of trading and pocket profits of millions of dollars in just a few seconds […]

[…] the root of the problem is the increasing speed of networks; as they get faster and faster, our ability to actually understand events taking place within them isn’t keeping up. Network monitoring technology can detect perturbations in network traffic happening in milliseconds, but when changes occur in microseconds, they’re not visible, he says.

Basically, if you can exploit these tiny differences in latency, you can make your trade before your rival, and get a better profit. For doing, y’know, sweet f*ck all.

Given that the above article comes from an IT news source, this problem is being framed as a hack or exploit; I dare say there’s a lot of trading firms who’d see it as more of a “competitive edge”.


The sex Kinection

Paul Raven @ 30-11-2010

We’ve already looked at people with privacy concerns over Microsoft’s freshly open-source-driver’d Kinect controller, but there’s another end to the spectrum of attitudes to new technology: while some folk worry about what the Kinect might do in the wrong hands, others are busily and cheerfully working out what it could do while something more personal is in their own hands… or elsewhere [via grinding.be]. Look away now if geeky people discussing smutty uses of consumer electronics products is likely to offend…

So what can the kinect bring to sex? Well, probably not a good real time rendering of your cock, or strap-on, or really any genitalia a usable way for pornography. Why? Because that’s not really what it was made for.

Microsoft put a ton of work into making the kinect track the human body as a whole, so you can play games by jumping and running and generally acting the fucking fool and feel like you’re in the game instead of just sad. Genitalia, for the most part, are not a major geometric feature of the human body when taken in perspective of physical size (as opposed to say, genitalia perspective in relation to the ego, where they may actually make up more than 100%). Neither are they normally used in the control of video games, be they rated everyone or AO. Not to say that experiment hasn’t been tried, but it didn’t turn out too well, and we’re probably a few years off of the video game market being ready for Mike Tyson’s Super Cockslap-Out. So why even try to track that small part when you’re interested in the whole body? You may be able to see it, but it won’t work well.

[…]

The kinect alliviates the need for having hardware, because now as long as we have a shot of the “action”, as it were, we can use that “gesture” as a control. Not only that, the gesture itself is the toy. Or you could employ a toy under the gesture. The possibilities, they may or may not halt.

With masturbation, however, the kinect does not make this a trivially solved problem. Due to the close contact of the hand with the body, possibly with some inanimate object in between, there will still have to be some calibration and thresholding to figure out exactly where the genitalia versus the hand versus the surrounding body parts are. We’ll have the image and the depth data, but it’s not like the above above video where the hands are being held far out from the body, which is a situation the kinect is made for. Masturbation and general self-manipulation is something that’s out of the kinect’s normal operating procedure, but I’m sure we’ll figure something out. We’re smart and bored, after all.

Bonus: here’s Penny Arcade with some, ah, commentary:

Fundamentally accurate - Penny Arcade

*ahem*

And here’s Jonah Lehrer at Wired talking about the Kinect in terms of less explicit – but arguably more fundamental – unions between the body and the machine:

For most of the 20th century, [William] James’ theory of bodily emotions was ignored. It just seemed too implausible. But in the early 1980s, the neuroscientist Antonio Damasio realized that James was mostly right: Many of our emotions are preceded by changes in our physical body. Damasio came to this conclusion after studying neurological patients who, after suffering damage in their orbitofrontal cortex or somatosensory cortex, were unable to experience any emotion at all. Why not? The tight connection between the mind and body had been broken. Even though these patients could still feel their flesh – they weren’t paraplegic – they could no longer use their body to generate feelings. And if you can’t produce the bodily symptoms of an emotion – the swelling tear ducts of sadness, or the elevated heart rate of fear – then you can’t feel the emotion. As Damasio notes, “The mind is embodied, not just embrained.”

[…]

Although we might look a little foolish flailing around the living room, the game has managed to excite our flesh, and that means our emotions aren’t far behind. As a result, we are more scared by the possibility of virtual death (and more thrilled by the virtual victory) because our body is fully engaged with the game.

For decades, video game designers have been obsessed with visual realism, as if the eyeball was the key to our emotional brain. But accurate graphics have diminishing returns. At a certain point, we don’t need more pixels – we need more physicality. And that’s what’s so exciting about the Kinect (and the Wii before that): For the first time, video games are able to deliver a visceral emotional experience, as our body is tricked into confusing fiction with reality.

The Kinect is admittedly a pretty basic implementation of all this potential, but then the first product to market usually is. Interesting times ahead.


That’s one sweet hack, kids

Paul Raven @ 28-10-2010

Would the assembled congregation please open their prayer-books and recite with me the Futurismic mantra: Everything Can And Will Be Hacked. And, far from being more easily controlled by technology, the kids will be better at hacking it than the people deploying it [via SlashDot]; this is the 21st Century evolution of the way my mother used to ask me to open her “child-proof” medicine containers for her back in the 80s.


Biometric scanners “inherently fallible”

Paul Raven @ 04-10-2010

Regular readers (and other brands of cynic) will find this to be no shock whatsoever: natural changes in the human body due to aging and health issues can render biometric identification systems “inherently fallible”. Sometimes stuff gets hacked without anyone even trying.


Cyberwar that actually deserves the name

Paul Raven @ 24-09-2010

After a few years of grandstanding and chest-thumping about the dangers of cyberwar from the military complexes of the West, especially the US, we finally see something that actually looks like a covert act of digital warfare initiated at nation-state level (as opposed to the petty vandalism and independent street-gang-equivalent activity that has been heretofore labelled as cyberwar). And you know what? It might well have been the US military establishment that did it.

The story in question is the Stuxnet computer worm, which you’ve probably read about somewhere already. But just in case you’ve not, here’s the skinny: Stuxnet takes advantage of four different security holes in Microsoft Windows (which is far from out of the ordinary; if you’re gonna rob houses, go for the ones with no locks on the doors), which means it can spread very fast; it’s controlled and upgraded in a decentralised peer-to-peer fashion (also not new, as we saw the same thing in the big botnet worms of recent times), and has the added ability to jump onto removable media (thumb drives) to expand the infection vectors.

So far, so geeky. The weird bit is what Stuxnet actually does. Rather than setting up spam email farms or harvesting credit card numbers (the traditional remunerative ends of such software), it targets a very specific type of embedded industrial control software developed by Siemens… software that, according to Wired, is “installed in pipelines, nuclear plants, utility companies and manufacturing facilities to manage operations.” Furthermore, the configuration suggests a very specific sort of installation was the intended target, and that sabotage thereof was the intent; a German researcher theorises (admittedly without much in the way of evidence) that one of Iran’s nuclear plants was the target, and that the US or Israel are the likely nation-states-of-origin. It’s a sad thing to admit, but that’s all too believable a theory… which is doubtless why it’s getting so many mentions. Read, and read widely:

Of course, plausibility isn’t probability; perhaps Stuxnet was developed by a rival company wishing to discredit the safety of Siemens’ systems*. The web enables industrial espionage, so why not industrial sabotage? But it seems an odd angle to take; deft marketing does just as effective a job of discrediting market-leading tech without engaging in criminal activity, and a black-ops hacking project would be an odd way to spend an R&D budget that would be better spent on, y’know, building a better mousetrap. Sabotage is a political act, ideological warfare… and that’s a nation-state game, not a corporate one.

It’ll be interesting to see what more we hear about Stuxnet, if anything, but I suspect it marks the start of a new chapter of geopolitics and technologised warfare.

[ * The fact that said systems run on Windows machines should be indictment enough, to be honest. ]


« Previous PageNext Page »