Don’t miss the gorilla

See this interesting article on how “focussed” humans become when they have a specific task at hand.

Excerpt:
Picture yourself watching a one-minute video of two teams of three players each. One team wears white shirts and the other black shirts, and the members move around one another in a small room tossing two basketballs. Your task is to count the number of passes made by the white team – not easy given the weaving movement of the players. Unexpectedly, after 35 seconds a gorilla enteres the room, walks directly through the farrago of bodies, thumps his chest and, nine seconds later, exits. Would you see the gorilla?

Fifty percent of all observers do not see the gorilla.

Buying and Selling Software Bugs

The New York Times has an interesting article on how a market exists for software bugs. If you find a new bug in any software (typically a security related issue) you can sell it on the market – either to “legal” buyers like security companies, who do it to plug the holes, or to hackers and other internet criminals who can use the knowledge for identity-theft schemes or spam attacks.

Excerpt:
The Japanese security firm Trend Micro said in December that it had found a Vista flaw for sale on a Romanian Web forum for $50,000. Security experts say that the price is plausible, and that they regularly see hackers on public bulletin boards or private online chat rooms trying to sell the holes they have discovered, and the coding to exploit them.

And also:

“To find a vulnerability, you have to do a lot of hard work,” said Evgeny Legerov, founder of a small security firm, Gleg Ltd., in Moscow. “If you follow what they call responsible disclosure, in most cases all you receive is an ordinary thank you or sometimes nothing at all.”

Gleg sells vulnerability research to a dozen corporate customers around the world, with fees starting at $10,000 for periodic updates. Mr. Legerov says he regularly turns down the criminals who send e-mail messages offering big money for bugs they can use to spread malicious programs like spyware.

Blogging for Money – A Passive Income?

See this informative article on the various things you need to do to run a successful website. Although the article is about “blogging”, I think pretty much the same considerations apply to running a good website too.

The initial parts of that article has some stuff about passive income – skip over those to the rest of the article where the real meat is.

Excerpts:
Engaging in your Niche – Conversations happen outside of your blog also and most successful bloggers have systems in place to monitor what is happening in their wider niches. This lets them know what is being said about them elsewhere but also helps raise their profile and become valued members of the wider community. Monitoring the niche via RSS and news alert services are half of this equation – engaging in the conversations on other’s blogs is the other half. It all takes time.