Week 5 Blog 3: Automatic Analyzing Songs Using Machine Learning Algorithms

Automatic analyzing songs
Computers have made big changes in musical industry. Right now, people can find music by their title, type of genre, name of artist, but they are not able to recommend a good tune. There are plenty of recommendation systems for music listener. For example iTunes recommends songs to the user based on comparing the collection of other user. Now researchers are using machine learning algorithms, “in combination with a Facebook game, to classify music based on the automated analysis of the songs.” The researchers want their system to be able to not only tag songs with title or artist but they will be able to tag by genre, instrument, and descriptive words. Researchers are gathering information by using a game called Herd It. I believe in order to encourage people to play this game, they will award users points when they tag songs in a similar way to other user’s tagging. Using most of machine learning algorithms, in order to give the satisfy results, required lots of sample data. Once the data is collected, first they group the songs, it’s given the same tag by users and then applies a statistical analysis to the waveform patterns, and they will look for common feature between the songs with same tag. The researchers believe that the system has commercial potential. The system expected to take an unfamiliar song, from anywhere, and suggest appropriate tag and similar music. Lots of companies who were even trying to reach to this goal long time ago, before this research like Pandora, the Internet radio site, has done this but 100% manually by getting help of their users. Other company like the Echo Nest is working on automatic analysis of music. They are transforming the waveform patterns of songs based on what is familiar to human ear and then combining that information with tagging information gleaned from blogs and other posted on the Internet. Then they apply machine learning algorithm to identify feature of songs that are associated with specific tags. As researchers expect the automatic analyzing the song will increase as the demand for song is going up and sites will encourage users to tag and find new music in order for the researchers get the better results in their field of research by using machine learning algorithms. I as one of the user who do not listen to music that often or not looking for any special or new music that are coming out because of not being familiar with singer’s name or the albums. I believe this research and the system that are coming up with will encourage me to look for music and listen to it. Because I believe this system even help the user to save the time and make decision much faster. The usage of this algorithms will make searching much faster and gives more accurate recommendation.

Source:
http://www.technologyreview.com/computing/22894/page2/

Other Sources:
http://webhome.cs.uvic.ca/~gtzan/mir_course/papers/FXPAL-PR-02-171.pdf

Week 5 Blog 2: Installation of Windows Update Without User Permission

Windows surprised lots of their users by downloading windows updates without asking any permission. The people who are get surprised are the ones who had set up the operating system to ask them for permission before installing any updates or patches. Lots of users who have mentioned above noticed after June 9th, their computers start windows updates and set of security patches when they are rebooting or turning on their computers. This will happen when windows determine new patches, then sometimes it will show update icons in the task bar. That’s the case when you are rebooting or turning on, those update will be installed without caring about the permission part. I believe this bug should be solved and windows should not be able to decide to install the updates. One of the reason, that I agree with, is that Microsoft released numerous versions of patches on the same date. And in one of the article mentioned, the extra demand for downloading patches and updates, may have caused some downloads to be incomplete. Also Microsoft Support Document admits that “incompletes downloads are known to disable the notification icon and possibly the approval dialog that's supposed to appear during shutdown.” Microsoft manager denied the updates issues were a bug. Paul Pottorff, a senior product manager with the Windows Update team, said "[But] If there is only a throttled update, they shouldn't be notified. If there are any other available updates, they should be notified. The presence of a throttled update does not prevent Automatic Updates from notifying users about other not-throttled updates. Furthermore, this behavior has been the same for a long time and hasn't even been touched for more than 9 months." This problem of updating without permission is not something new and the same kind of problem had happened on 2007. In the article there are some notes on how to control windows updates. I believe since windows had that update, their teams should be familiar with this kind of bug and try to avoid having that bug in the patches.

Source:
http://www.pcworld.com/article/167352/is_windows_installing_updates_without_permission.html

Other Sources:
http://windowssecrets.com/2009/06/25/01-Windows-may-install-updates-without-asking
http://blogs.pcmag.com/securitywatch/2009/06/is_windows_installing_updates.php

Week 5 Blog 1: Speeding Genome Sequencing by Using Sudoku Method

Scientists at the Cold Spring Harbor Laboratory have discovered a new method of pooling a multitude of DNA samples for sequencing. DNA sequencing is the process of deterring the exact order of the billions of chemical building blocks called bases that make up DNA. The new method, scientists come up with, called DNA Sudoku. This method named like this because of the math game; also, it is using the same algorithm to speed up sequencing DNA. The DNA Sudoku method allows short combinations of polynucleotide with bases, T, C, A, G, to be combined and sequenced simultaneously. The sequencing is done by comparing the letter order to the correct order of known human genome. The last methods, algorithms, were not able to analyze genome sequences in a short amount of time and actually they were only able to do one sequence of DNA at a time. The Sudoku method is a big improvement on current techniques and algorithms that can ideally only combine hundreds of samples. Hannon, a genomic expert and leader of the team for Sudoku approach, said that “the technique can be used to analyze specific regions of genomes form a large population to identify those who carry genetic mutations that may cause genetic disease.” These days, the new methods that are coming out are concerning two approaches for genome sequencing speed and the cost. This method as the team leader, Hannon mentioned is cost effective. He exampled a project for other researchers that cost $10 million, for his researcher group the same size of project will cost between $50,000 to $80,000. One of the reasons that are getting done faster and cheaper is that each pool of samples needs to be tagged with barcode versus the traditional method for sequencing high number of DNA samples, each sample had to be first tagged with a barcode. “The Sudoku method is currently ideally used on genotype analyses that need only short segments of an individual's genome. Clinical applications for the new method could be for HLA typing, which is a diagnostic tool for predicting the risk of organ transplant, cancer, and autoimmune disease.” As the other article mentioned, researcher’s competition are based on how to analyze human genomes faster and cheaper. Therefore, this group of researcher made a lot of competitions for themselves. If the researchers use this method, Sudoku, to sequence genomes, I believe the number of gene sequences, that has been discovered till now, will be increased much faster.

Source:
http://www.dailytech.com/Scientists+Use+Sudoku+to+Speed+Genome+Sequencing/article15526.htm

Other Source:
http://venturebeat.com/2008/02/10/pacific-bio-lifts-the-veil-on-its-high-speed-genome-sequencing-effort/
http://www.ornl.gov/sci/techresources/Human_Genome/faq/seqfacts.shtml

Week 4 Blog 3: New patch for webOS released

Palm Pre, or the iPhone killer is it is known by the media these days, it’s a very intuitive and easy to use device. The operating system that it uses is webOS, a new operating system for Palm. When it was released, Palm promised customers that it would release free product updates for its operating system. This was met with skepticism due primarily to the fact that Palm’s updates were very far apart and very infrequent. However, Palm seems to be keeping its promise, release the second update in 2 weeks. That’s right, Palm Pre has been out now for about 2 weeks and webOS is on version 10.0.3, after being updated twice. The new update does not contain anything major, such as new software, but it contains a couple of reconfigurations as to how the Smartphone synchronizes with the Exchange mail server and Google’s web services. Some minor bug issues that were opened were also addressed with this patch. This updated was pushed to Palm Pre users Friday so the next few days everyone will be able to have this installed in their Palm Pre. One of the interesting features of webOS seems to be the way that the updates work, you can double click on an application called Updates and it retrieves the new patches automatically. Because Pre is Wi-Fi enabled, even for those who do not have a data plan with the carrier is possible to get the patches. One of the major progressions for Palm as a company with this new operating system is the way that they handle updates. Before webOS, Palm’s updates would require that the user lose everything they had store on the phone. With webOS, upgrades are easy, the new binaries install over the old ones without erasing any user data. One thing is for sure, the more I read about Palm Pre, and the more I can’t wait until my contract expires so that I can get one.

Source:
http://www.brighthand.com/default.asp?newsID=15360

Other sources:
http://www.palm.com/us/products/phones/pre/
http://en.wikipedia.org/wiki/WebOS

Week 4 Blog 2: New Patch for Java flaw on Mac OS X After a Long Time!

On May, apple give a new patch for updating java just for Mac users, but this had some java flaws in it, which lots of the hackers and security researchers start posting blogs and the data over the Internet. Also the security firm Intego, which makes security software for Macs, warned “users of a java flaw in OS X Java distribution which could allow java applets to execute malicious code.” The vulnerability also affected any other products or programs like java development kit, Sun’s JRE, and all the application that share the same core classes as Java SE and the J2SE. This was the big issue for the ones who were using the java applications every day. These days most of the websites include java features, especially applets, which could place the Mac user’s in dangerous of spyware. Therefore, for the solution at that time before the update version came out, security companies are suggesting Mac users to disable java on their browsers. As in one of the article mentioned “Security vendor SecureMac also advises Mac users to disable Java in their Web browser until Apple fixes the issue. “This vulnerability could be exploited to perform 'drive-by-downloads' commonly used as a means to infect computers with spyware, or any arbitrary command with the permissions of the executing user,” a company note on the SecureMac site reads. “All a user has to do is visit a web page hosting a malicious Java applet to be exploited.”” When programmer didn’t find any update to solve this issue, they have started to complain about that, Mac OS X security issues are ignored if the severity of the issue is not adequately demonstrated. Finally, one month later, apple release a patch for Java on OS X 10.5 and 10.4. Also Apple described that Mac OS X in update version 4 has improved “its reliability, security and compatibility for Java SE 6, J2SE 5.0 and J2SE 1.4.2 on Mac OS X 10.5.” This wasn’t the only time that Apple gave the update after a very long time and place user’s security in danger. There have been some flaw in QuickTime video player and DNS which after months these issues had been solved. Comparing all the big companies like Microsoft, Adobe, and Apples which are competing with each other, they have given dozens of patches or updates within last month. So we expect these companies to have a delay in giving the updates out but six months for this kind of vulnerability that had mentioned earlier is not acceptable.

Source:

http://news.softpedia.com/news/Apple-Fails-to-Patch-Java-Vulnerability-112185.shtml

Other Sources:

http://news.softpedia.com/news/Apple-Fails-to-Patch-Java-Vulnerability-112185.shtml

http://www.securityfocus.com/brief/971

Week 4 Blog 1: Microsoft Security Essential

Microsoft is scheduled to get launch its new free antimalware service beta version on Tuesday. This version is going to be available for US, Brazil and Israel in English. The complete version of Microsoft Security Essentials is going to be available later this year. The service will protect user’s PC on Windows XP, Vista and Windows 7. This product will be replaced with the current antivirus that Microsoft is offering called Windows Live OneCare. Currently Windows Live OneCare cost $49.99 a year for limited download on three computers but the free version of antivirus is going to be replaced with that one. Therefore it is estimated that to stop Live OneCare on June 30th. Symantec and McAfee, one of the most popular ones which are covering all the materials we have to care regarding the security of our PC and even ourselves over the Internet, are contending that Microsoft Security Essential , free product, will likely not provide the quality of technologies that they offer in the security suites. Some applications such as firewalls, data loss prevention, backup and recovery, and encryption technologies are not going to be offered on Microsoft Security Essential. I believe that this free version cannot compete with other security vendors. This version is going to be for the ones who are able to afford having antivirus and save their computers from viruses, Trojans, worms, and so on. I think if these security vendors have fear of Microsoft, they should have the fear of any other companies that they are offering free version of antivirus like AVG. I personally had tried the AVG free, and I was really happy with it. It almost provides the necessary features that I need in order to protect my computer. Also “executives at AVG, a security company with a free antivirus offering, maintained that Microsoft's impending release of Security Essentials would not threaten their core business.” Because as in the articles mentioned, AVG first tries to attract customers by offering free version. Then it starts to convince their customer that they need more than the basic version. Overall I think as soon as the complete version of Microsoft Security Essentials came out, I will start using it since I don’t have any antivirus because of some internet issues that I had when I was protecting my computer with Symantec.

Source:
http://www.crn.com/security/218100201;jsessionid=ZR4V2F5HHO0MUQSNDLPSKH0CJUNN2JVN

Other source:
http://news.cnet.com/8301-1009_3-10268040-83.html

Week 3 Blog 3: iPhone Hacking

The organizers of a computer security conference called CanSecWest challenged attendees to break into any one of five smart phones, among them iPhone. Few researchers attempt to hack the devices, especially iPhone, but there was no succeed. Two researchers who have previously found vulnerabilities in the security of the iPhone. And Apple disclosed and issued a patch for dozen such security holes in the device last November. Those two researchers will present a way to run no approved code on Apple’s mobile device at the Black Hat Security Conference. Many of the researchers simply refuse to work on that simply because the flaw has been exploited. Charles Miller, a principal analyst at Independent Security Evaluators who is one of those two researchers, said that “"If you want to attack iPhones, you have to be able to run code to do whatever it is you want to do," Maybe that is grabbing credentials, maybe it is listening into phone calls, maybe it is turning on the microphone. Who knows? But this all requires that you be able to run code.” Miller had found the places where changing permission is allowed on the factory iPhones. These parts give the hacker or researcher more freedom to code generic and reliable second stage attacks. Apple is restricting the data that can be executed in the memory; also requires the program to be cryptographically signed by Apple. One of the security features of code signing is to provide security when deploying. Also every code signing implementation will provide some sort of digital signature mechanism to verify the identity of the author or build system, and a checksum to verify that the object has not been modified. Even though Miller found that how to solve this problem for the programmers or users. “Apple failed to prevent unauthorized data from executing. This means that a program can be loaded into memory as a non executable block of data, after which the attacker can essentially flip a programmatic switch and make the data executable.” The result of the research is not going to be given to outside environment after he was sure that the issues have not been solved in the new iPhone 3.0. He is going to mention the strengths and weaknesses of the security, so cell phone user can make decision to what device we should use and how we should use them. Also his research could make the way for the developer to skip the signature part and distribute the program to the users. I personally as one of the cell phone users will not chose iPhone, because of this issue. I as the programmer will find it much easier to use Windows Mobile.

Source:
http://www.technologyreview.com/communications/22782/page2/

Other Sources:
http://www.macworld.com/article/132675/2008/03/iphone_sdk_jailbreak.html
http://www.windowsecurity.com/articles/Code-Signing.html