Iranian-Canadian Hossein Derakhshan, 35, was a controversial figure among Iran's blogging community. Writing his blog from Canada, he was initially a critic of Iran's clerical leadership, and in 2006 he visited Israel - Iran's archenemy - saying he wanted to act as a bridge between the two countries' peoples.

But he later became a vocal supporter of hard-line President Mahmoud Ahmadinejad, praising him for standing up to the West and criticizing regime opponents. Derakhshan then visited Iran in 2008 and was arrested. Over the next two years, he was often held without communication with family or lawyers, according to rights groups.

The court sentenced him to 19 1/2 years in prison, the report said, adding that Derakhshan can appeal. It was unclear if he would benefit from time served.

Derakhshan helped ignite blogging in Iran by posting simple instructions online on how to create sites in Farsi in 2001. The flourishing of blogs by Iranians at home and abroad that resulted gave the country's reform movement an online platform that has helped it survive heavy crackdowns at home - though authorities tried to block many, including Derakhshan's.

His later embrace of Ahmadinejad angered many reform bloggers. Before returning to Iran, Derakhshan on his blog dismissed worries he could be arrested for his previous writings.

Rattle writes:

Decius and I sat on a panel with Hoder several years ago. To say some of his positions angered people would be putting it lightly. However, I was still quite dismayed when he was arrested.

19 1/2 years in jail is definitely excessive, but it's way better than the death sentence the prosecution was pushing for. Hopefully the political climate in Iran changes, and he can be freed...

Agree or disagree with Hoder's opinions - the idea that he faced death for expressing them, and that he has been sentenced to 19 years in prison for expressing them, is horrific.

Hoder sentenced to 19 years prison

The WikiLeaks, from what we have seen so far, detail power, interest and reality as we have known it. They do not reveal a new reality. Much will be made about the shocking truth that has been shown, which, as mentioned above, shocks only those who wish to be shocked. The Afghan war is about an insufficient American and allied force fighting a capable enemy on its home ground and a Pakistan positioning itself for the inevitable outcome. The WikiLeaks contain all the details.

Stratfor strongly implies that the US intentionally "leaked" all this information in order to influence the political debate over the war and help build the case for withdrawl.

At some point, the U.S. Government is going to have to sell the American people on withdrawing from Afghanistan without Bin Lauden and letting the Taliban come back into power. I don't know how they hell are going to accomplish that.

This also raises the question of what the hell is going on with Bradley Manning? Its interesting that Manning appears to be responsible for all the leaks *except* this one, which is the important one.

WikiLeaks and the Afghan War | STRATFOR

One of my biggest gripes about the upcoming cybersecurity legislation is the threat of mandatory certification for security professionals.

I didn't get a chance to thank Richard Bejtlich for his kind comments regarding my Blackhat talk, so let me take the time now to thank him for taking a stand on this issue:

There's a widespread myth damaging digital security policy making. As with most security myths it certainly seems "true," until you spend some time outside the policy making world and think at the level where real IT gets done.

The myth is this: "If we just had a better trained and more professional IT corps, digital security would improve."

This myth is the core of the story White House Commission Debates Certification Requirements For Cybersecurity Pros.

My opinion? This is a jobs program for security training and certification companies.

Here's my counter-proposal that will be cheaper, more effective, and still provide a gravy train for the trainers and certifiers:

Train Federal non-IT managers first.

If management truly understood the risks in their environment, they would be reallocating existing budgets to train their workforce to better defend their agencies.

TaoSecurity: "Untrained" or Uncertified IT Workers Are Not the Primary Security Problem

Rattle:

I'm glad to see this is finally getting some attention. As bad as these articles makes the extent of the ongoing Chinese espionage sound, it's actually worse...

Human rights groups as well as Washington-based think tanks that have helped shape the debate in Congress about China were also hit.

sigh...

"Usually it's a group using one type of malicious code per target," said Eli Jellenc, head of international cyber-intelligence for VeriSign's iDefense Labs, a Silicon Valley company helping some firms investigate the attacks. "In this case, they're using multiple types against multiple targets -- but all in the same attack campaign. That's a marked leap in coordination."

The division of labor is what I think stands out the most.

"This is a big espionage program aimed at getting high-tech information and politically sensitive information -- the high-tech information to jump-start China's economy and the political information to ensure the survival of the regime," said James A. Lewis, a cyber and national security expert at the Center for Strategic and International Studies. "This is what China's leadership is after. This reflects China's national priorities."

Google China cyberattack part of vast espionage campaign, experts say - washingtonpost.com

Today I'm launching Zoompf, a new kind of web performance company. We don't deploy sensors, simulate user load, or monitor your application from data centers around the global. We don't try to answer the question "How fast are my web apps?" We answer the next logical and frankly more important question: "How do I make my web applications go faster?"

Zoompf's technology crawls and identifies over 150 specific problems with your web application that impacts web performance. You can learn more by downloading our Optimizing Web Performance presentation. Bu this post is not about what Zoompf does. It's about why I'm doing Zoompf.

Why on earth would I leave an amazing career in a successful industry and resign from an awesome job in a down economy? A lot of close friends have asked whether I'm crazy or not in the last month. But after I've explained the incredible opportunity behind what I'm doing their outlook completely changes and they become very supportive, offering time, funding, and recommendations.

The business case for performance is obvious. Faster apps increase revenue. Using resources more efficiently reduces operational costs. This is why the performance testing market is huge. But there is a gap in this market when it comes to performance testing of modern web applications. Talk to anyone about web performance and they start talking about the usual suspects:

-Refactoring, optimizing, JITing, caching application code and data
-Database tuning, queries, store procedures, indexes, denormalizing tables
-Reverse proxies, memcached, Varnish, load balancers, SSL accelerators, etc.

But recent research has found generating dynamic content accounts for typically less than 10% of page load times. The vast majority of page load time is spent downloading, parsing, and rendering all the components that make up a modern application. It is on the front end, and not on the back end, where optimizations can be made that drop seconds off load times. JavaScript code, CSS, the inner workings of browsers, HTTP voodoo. I am a thought leader in exactly this space.

The majority of widely known web performance optimization practices today focus on the application tier or the database tier. Traditional performance testings tools do no front end optimization testing. And yet the front end has the biggest impact on web application performance in modern applications. Do you see the disconnect yet?

This is an enormous opportunity.

This is why I created Zoompf.

Billy, we wish you the best of luck.

Zoompf: Or, Why Billy Hoffman Left Security To Work On Web Performance

Senator, if I give you a timeframe and don't meet it you will be unhappy with me but let me suggest within the next 45 days.

Its been more than 45 days. I am unhappy.

Obama fails to deliver revisited laptop policy on time.

If you are seeing this message, you are using MemeStreams on the new server.

Enjoy! Let us know if you spot any problems.

(Seems faster to me...)

MemeStreams server move complete

As Nick has decided to air our dispute publicly, a response is obviously in
order. On many levels this makes sense, because the consequences of this
disagreement effect the entire community, and because an external perspective
might be helpful. With that, I thank you for taking the time to read about
something that you shouldn't have to get involved with. I'm sorry that we
have not been able to resolve this between us.

Nick and I are equal partners in Industrial Memetics, the corporate entity
that owns MemeStreams. This is reasonable because we've both contributed
approximately equal amounts of time and code to the project. However, since
the beginning I have born almost all of the financial responsibilities
associated with operating the site. The two primary servers belong to me,
I pay the monthly hosting costs, I pay for most of the domain names, and
I file the tax returns.

At the heart of this disagreement is the fact that I've never bothered to
write off my expenses on our corporate tax return. The reason is that in
order to write them off, I'd have to account for them accurately, and
time and effort associated with doing that isn't worth the money to me.

A couple years ago Nick decided to put advertisements on MemeStreams. I
was opposed to this decision from the outset for two reasons. The first
is that you can directly extrapolate the amount of money you are going
to make from the amount of traffic you get, and we were not going to make
a lot of money. The second is that any money we do make must be reported
on our annual tax return, thus generating the paperwork nightmare that I
have been trying to avoid.

Against my objections, Nick proceeded. At the time he believed, for some
reason, that we were going to make more money than we were going to make.
We concluded that we would not book the revenue until we actually received
money from Google. In some respects it was an experiment - how much would
this bring in? As I predicted, it brought in next to nothing. After several
years we have not generated enough revenue to reach the minimum amount
that prompts Google to cut you a check.

However, we have generated some revenue. Obviously, at some point, we're
going to have to take receipt of it and book it. It would be my preference
that we simply take the money, do the paperwork, and shut the ads off
so that we don't have to deal with this anymore. Nick doesn't agree. He
has recently become very concerned about dealing with this now and
dealing with it in his way.

In April, he started the conversation off by proposing that we take receipt
of the money from Google, and spend it as follows:

Part would go to registering the corporation in the State of Maryland
(where Nick lives).
Part would go to Nick's wife (who is a C... [ Read More (0.3k in body) ]

RE: Decius and Rattle have reached an impass

On the night of March 8, cruising 22,000 miles above the Earth, U.S. Navy communications satellite FLTSAT-8 suddenly erupted with illicit activity. Jubilant voices and anthems crowded the channel on a junkyard's worth of homemade gear from across vast and silent stretches of the Amazon: Ronaldo, a Brazilian soccer idol, had just scored his first goal with the Corinthians.

It was a party that won't soon be forgotten. Ten days later, Brazilian Federal Police swooped in on 39 suspects in six states in the largest crackdown to date on a growing problem here: illegal hijacking of U.S. military satellite transponders. null

This is so ridiculously and awesomely Gibson-esque. Hordes of low tek from The Sprawl hacking military satellites with homebrew gear and hacker know-how.

Unbelievably Excellent!

The Great Brazilian Sat-Hack Crackdown

David Ross and Ed Colbert debate the copyright issues surrounding Shepard Fairey's Obama poster. (06:37)

This segment on the Colbert Report is one of the most clued discussions about a copyright matter I've ever seen on TV. If you follow copyleft issues, this is pure candy.

Obama Poster Debate - David Ross and Ed Colbert | February 12th | ColbertNation.com