Using web-2.0 to look for missing scientist (Jim Gray)

Computer science icon Jim Gray mysteriously disappeared after a solo trip with his sail boat outside San Francisco Bay. The coast guard has been searching for 4 days but has not been able to locate anything, not even debris. On Thursday 3 private planes searched through the coastal areas and they also returned unsuccessful.

Now, Amazon has created a novel effort to help find him. They have put up satellite images of that area from the appropriate time frame on the into the Amazon S3 storage service. Then, they created tasks on the Amazon Mechanical Turk Service to search for the missing boat in those pictures.

image image image
Examples of the object to look for in various orientations. The size of the boat in the sample images is the size of the object you are looking for, even though the images you are scanning are much larger.

See related post on Werner Vogel’s blog. (Werner is the CTO of Amazon.)

Buying and Selling Software Bugs

The New York Times has an interesting article on how a market exists for software bugs. If you find a new bug in any software (typically a security related issue) you can sell it on the market – either to “legal” buyers like security companies, who do it to plug the holes, or to hackers and other internet criminals who can use the knowledge for identity-theft schemes or spam attacks.

Excerpt:
The Japanese security firm Trend Micro said in December that it had found a Vista flaw for sale on a Romanian Web forum for $50,000. Security experts say that the price is plausible, and that they regularly see hackers on public bulletin boards or private online chat rooms trying to sell the holes they have discovered, and the coding to exploit them.

And also:

“To find a vulnerability, you have to do a lot of hard work,” said Evgeny Legerov, founder of a small security firm, Gleg Ltd., in Moscow. “If you follow what they call responsible disclosure, in most cases all you receive is an ordinary thank you or sometimes nothing at all.”

Gleg sells vulnerability research to a dozen corporate customers around the world, with fees starting at $10,000 for periodic updates. Mr. Legerov says he regularly turns down the criminals who send e-mail messages offering big money for bugs they can use to spread malicious programs like spyware.