Tuesday, November 25, 2014

Perfect Virus Score Card: NSA-Brit "Regin" Rains Rancid Reign

In March of this year, I added the Russian "Snake" to my last virus score card (see it here). Thanks to today's New York Times story (read it here) referencing Symantec's paper published Sunday (read it here), following is my best estimate of the new "Regin" virus capability as measured against my criteria for the Perfect Virus (read all 22 Principles of the Perfect Virus here):

The good news? This joint US-British effort appears to be a typical government/state-developed piece of bloat-ware that assumes anything worth stealing can be accessed from a Windows environment. Hence, forget about seamless migration (#5), black box portability (#7), no common denominator (#10), and universalization (#18). Net net, government employees and beltway bandit contractors really aren't the best and brightest.

The bad news, however, continues to snowball:
  1. If you're using Windows in any form, you're basically hosed.
  2. If you attempt any aggressive defense against intruders, you're probably going to get hosed repeatedly by one or more cell mates in prison.
  3. This cyberwar escalation can only prompt Mr. Putin to somehow demonstrate to the world that Russia can trump Regin (heaven forbid the U.S. power grid will be a target on Christmas Eve).
  4. With a formal policy of letting the U.S. "fox" guard the henhouse, there is little hope a modern-day Tony Stark will invoke the U.S. Constitution's Article 1 Section 8 clause to become a licensed/bonded cyber privateer and take a victory lap around the Senate proclaiming, "I have successfully privatized world cyber security!"
  5. You really don't want to be driving a car controlled by a Windows-based computer
Hence, we are the equivalent of Princess Leia in the first Star Wars movie, sending Obi Wan (see the YouTube clip here) an SOS:  "Help us Israel; you're our only hope." 

Yep, Israel—the most attacked country in the world—has nothing to lose and everything to gain by monetizing world-wide Internet security. They could make it extremely risky to attack anybody. Heck, I'd buy a you-hack-me-and-I'll-sic-the-Mossad-on-you insurance policy. Shalom, momma!

Saturday, November 22, 2014

Yo Israel, What's Happening?

I've long contended that Israel would be the ultimate host country for cyber privateering. I even made that premise a major plot element in my novel, Daddy's Little Felons. Imagine my surprise when Web traffic to this blog increased by 1500% last week from Israel alone. This is a piece of "data exhaust" I'll keep my eye on.

In the meantime, anyone interested in the logic behind my assertion that Israel would indeed be the ultimate host for government-sponsored cyber privateering need simply to enter "Israel" in the search box to the left for a curation of my thinking.

Selah.

Friday, November 21, 2014

Federal judge keeps 1-800CONTACTS from hijacking the Internet

In my opinion, this is the most significant Internet legal ruling of the first decade of the new millennium. (Originally posted December 30, 2010 but inadvertently deleted)

I've been following this case since 2009, and Federal Judge Clark Waddoups' ruling makes for some extremely entertaining reading. All I can say is "Thank Heavens this judge got it right, because he just saved commerce on the Internet." You can see his December 16th ruling by clicking on this link.

Let me put my comments into proper context:
  1. I am not an attorney, so my thoughts are an opinion uninformed by professional legal training.
  2. My original interest in the case had to do with SEO (Search Engine Optimization) practices in which every marketeer engages and which would have been outlawed had the plaintiff won his lawsuit.
  3. This is one of the few federal cases that deals with who-owns-what? on the Internet, which means…
  4. This case directly relates to the legality of anyone attacking and trying to gain access to my servers.
Net net:  In my opinion, 1-800CONTACTS, Inc. tried a "hail mary" legal gambit to take over the Internet as it relates to service marks and the purchase of Google ad words. Specifically, 1-800CONTACTS wanted to prevent LENS.COM from buying "1-800CONTACTS" as a search engine keyword because the sponsored links were likely to cause confusion on the part of the buyer. Luckily for all you guerrilla warriors out there, not to mention Google who stood to see their stock valuation plummet deeper than whale dung, the judge beat 1-800CONTACTS and their legal counsel like the proverbial gong. Such a ruling would have prevented a comany like Sybase from buying the keyword "Oracle" so they could compete with them. Likewise, the OpenOffice product couldn't compete with Microsoft Office by buying various Microsoft-specific keywords, thereby effectively giving Microsoft a monopoly on that space. 

Of course, were the average consumer's intelligence on a par with the O. J. Simpson jury, maybe 1-800CONTACTS might have had a case. Luckily, the judge was considerably more Internet savvy than one might have expected. Which is why I find parts of his 65-page ruling to be knee-slappingly funny. For example:
  1. Between 2003 and 2008, 1-800CONTACTS spent $11 million advertising with Google alone [p.2].  Over the same period of time, LENS.COM spent between $3 million and $4.7 million in Internet advertising [p.3]. LENS.COM used 9 keywords contested by 1-800CONTACTS to generate about 1,626 impressions, 25 clicks, and about $20.51 in profits. That's right. 1-800CONTACTS declared war over $20 in profits. Obviously, this sounded ridiculous even to 1-800CONTACTS, so they pulled in LENS.COM affiliates (of which there were over 10,000 [p.11]. I'll talk about that later.
  2. But dig this. While 1-800CONTACTS went to war over $20 in profits, they engaged in buying "1-800-lenses" and similar keywords which generated 91,768 impressions, 8,477 clicks and about $219,314 in profits [p.8] for them! Hummmm. Same behavior. Reminds me of the schizophrenic line out of Blazing Saddles as Cleavon Little holds a gun to his own head and says, "Drop your weapons or I'll shoot the…[African American]."
  3. Not to be daunted, 1-800CONTACTS admitted that their suit was for more than 1,600 impressions generated by LENS.COM, but for the activities of LENS.COM affiliates. Doing the "click-arithmetic" conversion, even the affiliates "haul" was a pittance [p.13]. 480,000 first impressions and 65,183 second and third impressions generated by the affiliates accounted for 3,515 clicks or (using the $25.51 in profits from 25 clicks metric) approximately $3,586.71 in profits. Okay, you could buy a used Yugo for that kind of dough. Sheesh!
  4. Both law firms engaged in the laughable "Hey-let's-crank-up-the-billable-hours" game as illustrated on page 15 of the ruling: "The following day, Plaintiff's counsel sent a return e-mail thanking Defendant's counsel for discussing the matter with him that morning. He further stated, '[w]e appreciate your client's willingness to work towards an amicable solution on this matter.' He then listed twenty terms and asked defendant and its affiliates to implement negative matching for the specified terms." They probably each billed their clients for the used Yugo based on that one call and associated action items.
  5. [p.16] Since 1-800CONTACTS alleged confusion, they had to prove it. While earlier courts [p.25] concluded that "…use of another's mark 'to trigger internet advertisements for itself,' is a use in commerce…", Judge Waddoups said (in effect), "Get serious!" [p.31] "Plaintiff asserts that whenever a Lens.com advertisement appears when a consumer enters the search term '1800Contacts,' it is akin to a consumer asking a pharmacist for Advil and the pharmacist handing the consumer Tylenol. This analogy mischaracterizes how search engines function. A more correct analogy is that when a consumer asks a pharmacist for Advil, the pharmacist directs the consumer to an aisle where the consumer is presented with any number of different pain relievers, including Tylenol. If a consumer truly wants Advil, he or she will not be confused by the fact that a bottle of Tylenol is on the shelf next to Advil because of their different appearances." Good job, Judge! You actually understand how the Internet works.
  6. One of the more amusing last-ditch/desperation moves by 1-800CONTACTS was to assert that telephone conversations between attorneys of the opposing sides constituted a binding contract to which LENS.COM did not live up. Judge Waddoups kills this on two grounds. First, such an agreement between competitors makes "…[the court question] whether it would survive an antitrust challenge." [p. 59] But more entertaining, a very astute Judge Waddops reiterated my point 4 above stating that "…Plaintiff appreciated Defendant being willing to work towards an amicable solution…" doesn't sound at all like a contract, nor does it sound like they had "…reached a meeting of the minds." Hear that gong? BONG!
In my opinion, Judge Waddoups has protected the competitive viability of the Internet. While 1-800CONTACTS will probably appeal this ruling, I can't resist relating a war story almost 30 years ago.

MAYBE THIS IS WHAT LENS.COM SHOULD DO:  In 1982, Stratus Computer said Tandem Computers' slogan "NonStop" was pure baloney. Tandem sued Stratus for false advertising. Stratus CEO and founder Bill Foster, an old friend of mine, said to himself, "Gotcha!" and countersued, accusing Tandem of filing a frivolous lawsuit and demanded treble damages. And as part of the discovery process, Stratus asked for disclosure of every one of Tandem's customer service records. Zowie! Both suits evaporated for "undisclosed reasons" and Tandem CEO Jimmy Trebig told a subsequent users group meeting that "NonStop is a goal, not a promise." In my non-attorney opinion (yeah, jailhouse lawyer extraordinaire), the 1-800CONTACTS lawsuit was so shamefully cynical and such calculated bullying, that LENS.COM could well recover all their attorneys' fees and treble damages by going after 1-800CONTACTS. Sure, to prove this assertion they'd have to show some internal emails between 1-800CONTACTS executives and/or marketing/PR consultants laying out the real plan of attack and the real reasons for the lawsuit, but all they need is one whistle blower to slip them an email or two and they'd be off to the races. Not only would this be a great incentive for 1-800CONTACTS to tube any appeal, but the likely out-of-court settlement could possibly pay for LENS.COM's complete Internet advertising budget for the entire history of the company. Having done the "Vulcan mind meld" over six years with Oracle's Larry Ellison, that's what I predict Larry would do. Gee whiz, look at the hundreds of millions he's beating out of SAP right now! But, maybe they're kinder and gentler in Louisiana, Missouri.  

WHAT DOES THIS HAVE TO DO WITH CYBER PRIVATEERING?  Judge Waddoups did indeed affirm that 1-800CONTACTS owned their name that that any attempt to fool the buyer into thinking that he or she was dealing with them when in fact they were dealing with LENS.COM or an affiliate was illegal. Similarly, hackers trying to break into my Linux box by presenting themselves as someone they are not (trying different usernames/passwords) is yea verily illegal. Period. So what's with the US Law that keeps me from kneecapping the hackers? They're clearly breaking US law, and we should articulate and enforce…The Morgan Doctrine. As is written at the end of The Rubaiyat of Omar Khayyam, "Taman Shud." But this isn't "The End." It's just the beginning. Selah.

APPEALS COURT UPDATE ON AUGUST 9, 2013: 1-800CONTACTS appealed this decision, and got whacked. Again. See posting here.

Wednesday, November 19, 2014

Hacking Wall Street, Again.

How do you break through the clutter of all the social media products out there? One answer is to use the best-kept secret in the advertising industry: the front-page of the Wall Street Journal. A little company—rFactr—with a killer technology and a who's-who client list took my advice. Here's the front page of today's WSJ (or link to it here):