Saturday, June 20, 2009

Statistically, this had to happen.

http://news.bbc.co.uk/2/hi/europe/8110363.stm

Google helps net Dutch 'muggers'

Police in the Netherlands have arrested two men after a boy they are alleged to have mugged saw a picture of them on Google's internet map service.

… It began last year when the boy, 14, claimed he had been attacked and robbed of 165 euros ($230,£140).

Months later he contacted police again, saying he had seen himself and the alleged assailants in a Google image.

… "The picture was taken just a moment before the crime."

Because the faces of the people in the Street View photo were blurred, the police contacted Google, seeking the original image.

The company complied, and the alleged attackers - twin brothers - were arrested.



Another tool for tapping into the crowd?

http://www.killerstartups.com/Social-Networking/twicsy-com-search-pictures-shared-on-twitter

Twicsy.com - Search Pictures Shared On Twitter

http://twicsy.com/

As you already know Twitter is a service that allows users to communicate with each other through the exchange of messages with information about what they are doing. That is a good service when it comes to giving you the possibility to send messages online. There are many types of messages that can be shared by Tweeters and Twicsy.com is a clear example of that.



This is strange. Not just because the developers are based in Washington DC.

http://www.killerstartups.com/Web20/euraeka-com-the-news-that-is-fit-to-read

Euraeka.com - The News That Is Fit To Read

http://www.euraeka.com/news/public

Euraeka is an artificial intelligence engine for search discovery and personalized recommendation of news that ranks news in the same Google and Yahoo do. This site has a few features like a powerful natural language processing engine that can not only rank news just like a human would but it is also capable of detecting political bias in news (liberal/conservative). In this way it avoids all deception in news. Yes, Euraeka has the capabilities of a linguistic polygraph that can sniff out and expose propaganda, manipulation and deceptive intent in news media.

This online solution is based on machine learning (AI) techniques and has the capability to track and learn the unique news consumption preferences of every single one of its users. You can turn Euraeka into your digital twin, which sifts through a wide assortment of news articles daily, and brings you only the news that are likely to be interesting to you. [Should be popular with politicians who see things only one way. Bob]

In short, Euraeka finds and brings you all the news that is fit to read. In case you are interested in getting only unbiased information through a solution that was created to measure deceptiveness in online content, just visit the site at Euraeka.com and you will not regret it.



Many “what were they thinking” questions arrise.

http://news.slashdot.org/story/09/06/20/0146252/Bozeman-MT-Drops-Password-Info-Requirement?from=rss

Bozeman, MT Drops Password Info Requirement

Posted by Soulskill on Saturday June 20, @05:12AM from the backlashed-into-submission dept. government

mcmoodle writes

"Bozeman, Montana has decided that they don't want applicant personal information after all, citing a worldwide backlash on the issue: '"Effective at noon today the city of Bozeman permanently ceased the practice of requesting that candidates selected for positions under a provisional job offer to provide their usernames or passwords for candidates' internet sites," said Chris Kukulski, Bozeman City Manager. ... Kukulski says after a 90 minute staff meeting [Who held out? Bob] held earlier today, officials decided asking applicants to provide their passwords to sites such as Facebook or MySpace, "exceeded that which is acceptable to our community." Kukulski apologized for the negative impact the issue has generated from news organizations and blogs around the world.' I didn't have any doubt this would be immediately squashed. Now I'm just curious as to how many personal accounts they actually went through!"

[From the article:

He says this information was never required at the time of application.

"This was a question that was asked after you were conditionally offered the job."

He says the city also is suspending the practice of viewing any password protected information.



A cautionary tale.

http://www.bespacific.com/mt/archives/021628.html

June 19, 2009

Declassified Documents Reveal the Inner Workings and Intelligence Gathering Operations of the National Security Agency

News release: "...Matthew M. Aid today posted a collection of declassified documents obtained for his new book The Secret Sentry on the [National Security] Archive’s Web site...disclos[ing] that the U.S. invasion of Iraq in 2003 was far from the first time when U.S. government officials, including senior military commanders and the White House, “cherry picked” intelligence information to fit preconceived notions or policies and ignored intelligence which ran contrary to their expectations. The Secret Sentry and the documents posted today show that widespread manipulation of intelligence also occurred during the Korean and Vietnam Wars for example, when Washington ignored intelligence on Chinese intervention in Korea, resulting in catastrophic consequences."



Imagine making the phone system working for you, instead of just working.

http://tech.slashdot.org/story/09/06/19/143203/Google-Voice-Grabs-1-Million-Phone-Numbers?from=rss

Google Voice Grabs 1 Million Phone Numbers

Posted by kdawson on Friday June 19, @12:34PM from the is-this-the-party-to-whom-I-am-speaking dept. google communications

alphadogg writes

"Google has reserved 1 million phone numbers with Level 3, signaling that it may finally be ready to roll out its long-anticipated Google Voice service. The free service, announced in March, lets users unify their phone numbers, allowing them to have a single number through Google Voice that rings a call through to all their phones. Sources could not say when the 1 million numbers may be assigned. Level 3 has been supplying Google with phone numbers since the introduction of Google Voice, so the 1 million numbers are an indication Google is close to adding a significant number of users. A public launch has been anticipated since Google said in March the service would be 'open to new users soon.' One early user said: 'I've only been using Google Voice for a few months, but it's completely changed the way I use voicemail and communicate... When it goes public, I think the rush to grab Google Voice numbers is going to be stunning. I know some of my friends check the Google Voice page almost every day to see when they can grab a number and get started using it.'"



Sort of a “shoot the messenger” issue?

http://www.pogowasright.org/?p=357

118 800 answers privacy issues: ‘We’ll tell you where we got your data from’

You’ve no doubt heard of 118 800: the directory inquiries service for mobile phones prompted predictable howls of outrage when it was announced last week. The 15 million-strong database was gleaned from buying mailing lists, among other things. We’re going to stick our necks out here and say we’re not bothered. We met with 118 800’s marketing director Shona Forster, who outlined the extensive safeguards for our information, including the option to track where your data came from.

While we’re not happy about our details being out there, we’re not going to knock 118 800 over it. The fact is, our details are bought and sold by marketing shysters all the time. Forster reckons 118 800 is copping flak because it’s a visible target, unlike faceless marketing types. If anything, 118 800 is reclaiming our details by actually making the data work for us, the Great British consumer.

Read more on Cnet.

Friday, June 19, 2009

Lots of 'breach' follow-ups today. Funny how articles come in clumps...


Also a good lesson for my programming students.

http://www.databreaches.net/?p=5625

Pointer: TJX Hacker Was Awash in Cash; His Penniless Coder Faces Prison

June 18, 2009 @ 3:59 pm by admin

Kim Zetter has a nice human-interest piece over on Threat Level about those involved in the TJX hack:

Accused TJX hacker kingpin Albert Gonzalez called his credit card theft ring “Operation Get Rich or Die Tryin.”

He spent $75,000 on a birthday party for himself and once complained that he had to manually count $340,000 in pilfered $20 bills because his counting machine broke. But while Gonzalez apparently lived high off ill-gotten gains, a programmer who claims he earned nothing from the scheme sits broke and unemployed, his career in shambles, while awaiting sentencing for a piece of software he crafted for his friend.

Read more on Threat Level.



“Old breaches never die, they just fraud away...”

http://www.databreaches.net/?p=5613

Breach exposes debit card accounts at Suncoast Federal Credit Union to fraud

June 18, 2009 @ 7:07 am by admin

This story was first reported earlier this week, but I waited until there was confirmation that it was linked to the Heartland Payment Systems breach. This newest story provides more detail but still leaves some questions unanswered.

Nicole Norfleet of the St. Petersburg Times reports:

About 56,000 members of Suncoast Schools Federal Credit Union have been notified that their debit card accounts were exposed to fraud.

It is the latest casualty of last year’s breach of Heartland Payment Systems, one of the country’s largest credit card processors, where information from more than 100 million credit and debit card transactions was exposed.

Not until the end of May did Suncoast discover that some of its customers who use Visa Check Cards could be in danger. [How could they not know? Heartland's records were less complete than the hackers? Bob] The Tampa credit union is issuing new cards to all members whose accounts were compromised.

[...]

Suncoast, which has more than 450,000 members, has determined that less than 1,000 members were actually affected by fraud as of Wednesday, McKay-Bass said. …. The credit union began notifying affected members by letter in the first week of June, McKay-Bass said.

Comment:

What do they mean that they discovered “at the end of the May?” Is that when they were first notified by Visa? Visa had informed this site that all notifications were made prior to that. Or does SunCoast mean that they had had the list of card numbers, but didn’t notify their customers because they didn’t see any evidence of misuse until the end of the May?

A number of institutions first started reporting fraud and card replacement after Visa’s May 19th deadline to submit claims for partial recovery of costs.

SunCoast did not reply to a request for clarification about the incident.



Will this cause Heartland to be hated by other card processors? It will if they can turn it into a competitive advantage.

http://www.pogowasright.org/?p=245

Heartland Gets Religion on Security

Heartland Payment Systems CEO Bob Carr is an unlikely spokesman for tech security. But that’s what he’s emerging as.

The credit-card processor suffered one of the largest data breaches ever disclosed last year. But rather than taking the time-honored approach of staying quiet and hoping that the negative publicity goes away, Carr is talking openly about what went wrong, the problems with the industry’s security standards, and a new product his company developed to help merchants protect customer data.

[...]

Carr also believes that the vast majority of breaches go unreported. He says that around 300 companies were victimized by the same hacker as Heartland, but that most have never come forward. He points to loopholes in the state laws meant to protect consumers in the event of a data breach as the reason.

Read more in Forbes.



Sounds like more than a “traffic stop.”

http://www.databreaches.net/?p=5627

Sensitive documents found inside vehicle owned by Clayton County sheriff’s employee

June 18, 2009 @ 4:10 pm by admin

Kathy Jefcoats of the Atlanta Journal-Constitution reports that Genevieve Prejean, a Clayton County sheriff’s employee, is under investigation after local police found a stack of sensitive material inside her car during a traffic stop. A convicted felon, Brandyn Keith Mathis, was driving her car at the time of the stop:

Prejean told police she took home the stack of documents generated from Georgia Crime Information Center. Prejean told police she left the documents in a bag inside the car but officers found the papers inside her glove compartment, Sanchez said. …. Sanchez said Prejean could be charged with unlawfully disseminating the sensitive materials, which contain names, phone numbers, dates of birth and Social Security numbers.

“Those documents are not supposed to even leave the building,” Sanchez said. “She could be fined $50,000 and possibly receive up to 15 years in prison. The Sheriff’s Office can also be sanctioned for allowing the documents out in public.”



Employers should check job applicants, but sometimes they go a bit too far... I wouldn't give my passwords, but perhaps the HR guy would accept a list of his passwords? … the Mayor's passwords?

http://www.pogowasright.org/?p=331

Would you trade your online passwords for a chance at a job?

I’ve long since given up trying to understand things like who thought up Pet Rocks or why people eat sweetbreads. I’m pretty sure, though, something I read today will have me scratching my head for a long time to come.

ReadWriteWeb is reporting that applicants for jobs with the City of Bozeman, Montana, are expected to provide information about any social networking sites they’re a part of, complete with passwords. Let me say right off the bat that I understand new pre-employment policies that request pointers to a personal Web site, Facebook or MySpace page. Personally, I think teasing out information from the vast Internet about prospective employees ought to be the responsibility of Human Resources, but I can also argue that it’s more efficient to just ask people to provide it. But passwords? You have to be kidding me.

Read more on Computerworld.


(Related) Employer overreach?

http://www.pogowasright.org/?p=340

Employee Privacy Violated?

If you join an invite-only forum and post about work from your own home computer on your own time, can your employer fire you for joining the forum? Fox News interviews an employee who is suing over that issue:



Ethics? People still have ethics these days?

http://www.pogowasright.org/?p=313

Draft Paper: “But the Data is Already Public”: On the Ethics of Research in Facebook

I haven’t had a chance to read this yet, but Michael Zimmer has a draft paper available based on his critique of the “Taste, Ties, and Time” Facebook data release that is sure to be thought-provoking. Michael notes on his blog that he will be presenting his paper at the 8th International Conference of Computer Ethics Philosophical Enquiry in Corfu, Greece:

Recall that last fall, a group of researchers affiliated with the Berkman Center for Internet & Society at Harvard University released a dataset of Facebook profile information from an entire cohort (the class of 2009) of college students from “an anonymous, northeastern American university.” While the researchers took good faith steps to preserve the anonymity of the source of the data (and, presumably, the privacy of the subjects), I quickly narrowed it down to 7 possible universities, and then with only a little more effort, identified the source (with some confidence) as Harvard College. All this without ever even downloading or looking at the actual data.

The researchers have since pulled the data out of circulation, and plan to make it available again this month, presumably with some of the anonymity and privacy concerns addressed.

The draft paper I am presenting, “But the Data is Already Public”: On the Ethics of Research in Facebook (PDF of draft), retells the circumstances around the T3 project and my partial re-identification of the dataset. It also describes some of the good faith efforts made by the T3 researchers to try to ensure the anonymity of the data, but exposes the limitations and errors in their procedures. Finally, it highlights the broader challenges for engaging in research on/in social networking sites that this case brings to light.



I seem to remember a certain DU Law professor who went to Korea and taught them about Privacy. I hope YouTube never finds out who he was...

http://www.pogowasright.org/?p=82

Korea vs YouTube - The Battle over Real Name Verification

Nicole Wong, Deputy General Counsel at Google, discusses the challenges of protecting human rights online in a global context. Wong describes YouTube’s recent clash with Korea over real name verification and user anonymity. The complete presentation can be viewed at http://fora.tv/2009/05/04/Corporate_Responsibility_and_Complicity.



First, pass a “secret” law that says “We can do whatever we want.” Second... Well, there is no second.

http://www.pogowasright.org/?p=334

ACLU, Ron Paul’s Campaign for Liberty sue TSA over ‘illegal’ detention

The American Civil Liberties Union may have just earned itself a few more Republican admirers.

Announcing a lawsuit against the Transportation Security Administration for the “illegal” detention of the Campaign for Liberty’s treasurer in April at a St. Louis airport, the ACLU damned what it called a “troubling pattern” of aggressive invasions of privacy by the TSA.

Steve Bierfeldt, the man at the center of the controversy, recorded his confrontation with the airport security agents on his phone. The audio caused waves of indignation across the Internet, as he was seemingly harassed merely for carrying cash and Ron Paul campaign material.

Read more on PrisonPlanet. You can listen to the audio of Bierfeldt’s detention here.



'cause people who read might be terrorists!

https://aspen.ald.lib.co.us/patroninfo~S0/1136119/items?renewsome=TRUE&renew0=i2296005&renew1=i2578834

Notice to AOL Email Users

Recently, some library patrons have not been receiving Arapahoe Library District's courtesy reminder emails. After analyzing the problem, it became clear that almost all of the people affected have AOL email addresses.

If you are currently using AOL for email, and would like to receive courtesy reminder emails, we suggest you use an alternate email account. There are a number of reliable providers of free email: Gmail, Yahoo! Mail, and others.



How do you distinguish between “can't get it” and “don't give a damn?”

http://www.bespacific.com/mt/archives/021626.html

June 18, 2009

Pew: As Broadband Expands Rapidly, America's Poor Lag

Pew Internet & American Life Project: Home Broadband Adoption 2009, by John Horrigan, June 17, 2009

  • "An April 2009 survey by the Pew Research Center’s Internet & American Life Project shows 63% of adult Americans now have broadband internet connections at home, a 15% increases from a year earlier. April’s level of high-speed adoption represents a significant jump from figures gathered by the Project since the end of 2007 (54%)."



“It's not about the law, it's about “fair” [Translation: “I think I should get anything I want for free.”]

http://dallasmorningviewsblog.dallasnews.com/archives/2009/06/should-att-be-a.html

Should AT&T be allowed to be the iPhone's exclusive carrier?

11:37 AM Wed, Jun 17, 2009 Jarrett Rush

This is an interesting question raised by the folks over at BoingBoing, and prompted by a letter from four senators to the head of the FCC. They ask whether it's fair to consumers that phone manufacturers can enter into exclusive contracts with certain cellular providers.



I wonder if the State Department asked them to do this too?

http://news.cnet.com/8301-13578_3-10268577-38.html?part=rss&subj=news&tag=2547-1_3-0-5

Google, Facebook rush Iranian language support

by Stephen Shankland June 18, 2009 11:18 PM PDT

Twitter has the starring role as opening up Net communications about Iran's turbulent politics, but Google and Facebook are jumping in with their its own hasty efforts.

Google is adding Farsi, or Persian, language support to its translation service, the company announced Thursday night. Google rushed out the support specifically because of events in Iran, said Principal Scientist Franz Och in a blog posting.



Perhaps this is part of the new “Newspaper business model?”

http://news.slashdot.org/story/09/06/19/0152259/Newspaper-Crowdsources-700000-Page-Investigation-of-MP-Expenses?from=rss

Newspaper Crowdsources 700,000-Page Investigation of MP Expenses

Posted by timothy on Friday June 19, @04:50AM from the would-like-to-see-this-for-the-us-federal-budget dept.

projector writes with an interesting project from the UK:

"The Guardian are crowd-sourcing the investigation of 700,000 pages of UK MPs' expenses data. Readers are being invited to categorize each document, transcribe the handwritten expenses details into an online form and alert the newspaper if any claims merit further investigation. 'Some pages will be covering letters, or claim forms for office stationery. But somewhere in here is the receipt for a duck island. And who knows what else may turn up. If you find something which you think needs further attention, simply hit the button marked "investigate this!" and we'll take a closer look.'"


(Related)

http://www.hollywoodreporter.com/hr/content_display/technology/news/e3i149b78bd4728016537e2ca0d21bae958

Internet still the leading source for news

Survey: More than half would select Web for sole source

Reuters June 17, 2009, 01:29 PM ET

NEW YORK -- The Internet is by far the most popular source of information and the preferred choice for news ahead of television, newspapers and radio, according to a new poll in the U.S.

But just a small fraction of U.S. adults considered social Web sites such as Facebook and MySpace as a good source of news and even fewer would opt for Twitter.



If you aren't comfortable with “free software” would free software from IBM make a difference?

http://hothardware.com/News/IBM-takes-a-swipe-at-Microsoft-Offices-market/

IBM takes a swipe at Microsoft Office's market

Thursday, June 18, 2009 - by Amy Vernon

In a bold swipe at Microsoft's share of the office (both the office as in location and Office as in program) software market, IBM today announced the newest version of its Lotus Symphony could fully support any files from Office 2007.

The kicker: Lotus Symphony is a free business productivity software suite. In this economy, companies looking to shave pennies anywhere and everywhere might look closer than usual at freeware, especially freeware developed and supported by IBM.



This could be fun for my website students...

http://www.labnol.org/internet/turn-home-computer-into-web-server/9111/

June 16, 2009

Turn Your Home Computer into a Web Server in 2 Minutes

You may find this technique useful even if you are not a very tech-savvy user.

… Now if any of the above reasons look convincing enough, here’s how you can convert your Windows, Mac or Linux PC into a web server in less than two minutes - no technical knowledge required.

Go to labs.opera.com, download the Opera Unite software and install it. Congratulations, you are now running a web server on your machine and just need another minute to configure local file folders that you want to share with others over the internet.



It's real simple. Make using the Internet (any technology) part of the class and students will avoid it like the plague.

http://news.cnet.com/8301-1035_3-10267489-94.html?part=rss&subj=news&tag=2547-1_3-0-5

Teen cheating morphs with new tech, poll shows

by Lance Whitney June 18, 2009 7:30 AM PDT

Parents have yet another reason for a long, hard talk with their kids. More than half of teens admit to using the Internet to cheat, a new poll shows, while 35 percent say they've used their cell phones.

The results were released Thursday by Common Sense Media, which commissioned research firm Benenson Strategy Group to conduct the poll.

The report (PDF) uncovered several alarming trends. More than 38 percent of teens say they've copied content from the Internet and presented it as their own work, while 21 percent have downloaded an actual paper to turn in as their own. Around 65 percent say they've seen other students cheat on tests using their cell phones.

Thursday, June 18, 2009

This is (at least partially) a failure of Risk Analysis. Protection levels were based on the value of a used laptop, not on the costs of dealing with 75,000 irate customers.

http://www.databreaches.net/?p=5598

IE: Bord Gáis customer details on stolen laptops

June 17, 2009 @ 2:05 pm by admin

A laptop computer containing bank account details of 75,000 Bord Gáis customers has been stolen in Dublin.

It is understood the confidential information was held on one of four laptops stolen from the offices of Bord Gáis nearly two weeks ago.

[...]

The computer was not encrypted. [Not required if no sensitive data is on the laptop. Bob]

The incident occurred early on Friday 5 June when the Bord Gáis offices in Dublin and a number of adjacent offices were burgled.

Read more on RTÉ.


(Related) “We're secure as long as the hackers are under 12-years old.”

http://www.databreaches.net/?p=5602

JFY Networks reports security breach

June 17, 2009 @ 2:16 pm by admin

A Boston-based non-profit organization that provides job training, JFYNetWorks, has notified (pdf) the New Hampshire Attorney General’s Office last week of a recent incident:

We recently learned of the possible unauthorized access as part of what appears to have been part of a larger attack [??? Bob] on our organization, which occurred on June 3, 2009. The attacker gained access to one of our website applications, which was inadvertently accessible over the Internet, and proceeded to post obscene and inaccurate messages on our website (www.jfynetworks.org) and alter archived JFY press releases. That same day, the attacker sent email messages to three (3) of our program applicants (none of whom were New Hampshire residents) claiming that he had been able to acquire their personal information, including Social Security number, mailing address, email address, and in some cases, telephone number.

Information applicants would submit via the web site included names Social Security numbers, mailing addresses, and in some cases, telephone numbers and email addresses.



The other side of Identity Theft – once you have the information you have to ensure the data is valid, then you can turn it into serious cash.

http://voices.washingtonpost.com/securityfix/2009/06/an_odyssey_of_fraud.html

An Odyssey of Fraud

Andy Kordopatis is the proprietor of Odyssey Bar, a modest watering hole in Pocatello, Idaho, a few blocks away from Idaho State University. Most of his customers pay for their drinks with cash, but about three times a day he receives a phone call from someone he's never served -- in most cases someone who's never even been to Idaho -- asking why their credit or debit card has been charged a small amount by his establishment.

Kordopatis says he can usually tell what's coming next when the caller immediately asks to speak with the manager or owner.

"That's when I start telling them that I know why they're calling, and about the Russian hackers who are using my business," Kordopatis said.

The Odyssey Bar is but one of dozens of small establishments throughout the United States seemingly picked at random by organized cyber criminals to serve as unwitting pawns in a high-stakes game of chess against the U.S. financial system. This daily pattern of phone calls and complaints has been going on for more than a year now. Kordopatis said he has talked to the company that processes his bar's credit card payments about fixing the problem, but says they can't do anything because he hasn't actually lost any money from the scam.


(Related) It's an industry. (I should have jumped on this business model years ago.)

http://www.databreaches.net/?p=5590

Security experts uncover one-stop botnet marketplace

June 17, 2009 @ 10:52 am by admin

Researchers have uncovered a fully-functional marketplace for the building and selling of botnets.

Security firm Finjan said that the site allows criminals to obtain everything from malware and data, to networks of infected PCs.

Yuval Ben-Itzhak, chief technology officer at Finjan, described the new site an “eBay for stolen data”.

“It is basically a hacker-to-hacker platform to provide everything you want, ” he said. “You do not need to go elsewhere. You get everything you need to do the business.”

Read more on vnunet.com. The Finjan report can be found here (pdf).



Another article for the 'Sex & Power' class.

http://www.wired.com/threatlevel/2009/06/email-obscenity/

Appeals Court Backs Prison for E-Mail Obscenity

By David Kravets June 17, 2009 8:30 pm

Sharing an obscene sexual fantasy over e-mail is a federal crime that enjoys no protection under the First Amendment, a federal appeals court said Monday, in a decision that drew sharp dissent from one judge and potentially set the stage for a Supreme Court appeal.

In a 10-1 decision, the 4th U.S. Circuit Court of Appeals declined to rehear the case of Dwight Whorley, a Virginia man whose criminal trial marked two firsts for the American justice system:

the first conviction for possession of obscene Japanese manga, and

the first for authoring pornographic fiction and sending it over e-mail.

“Whorley violated criminal statues regulating obscenity,” Judge Paul Niemeyer wrote for the majority, “and his convictions may not be forgiven because his conduct was prompted by his sexual fantasies.”

But in a lengthy dissent, Judge Roger Gregory urged the Supreme Court to take up the case and reverse it.

“I am hard-pressed to think of a better modern day example of government regulation of private thoughts than what we have before us in this case: convicting a man for the victimless crime of privately communicating his personal fantasies to other consenting adults,” Gregory wrote.



Why does Harvard hate the RIAA? Or are these the bare facts?

http://yro.slashdot.org/story/09/06/18/0311216/Harvard-Study-Says-Weak-Copyright-Benefits-Society?from=rss

Harvard Study Says Weak Copyright Benefits Society

Posted by samzenpus on Thursday June 18, @04:56AM from the free-is-good dept. internet

An anonymous reader writes

"Michael Geist summarizes an important new study on file sharing from economists Felix Oberholzer-Gee and Koleman Strumpf. The Harvard Business School working paper finds that given the increase in artistic production along with the greater public access conclude that "weaker copyright protection, it seems, has benefited society." The authors' point out that file sharing may not result in reduced incentives to create if the willingness to pay for "complements" such as concerts or author speaking tours increases."



Another TED talk. How media works today?

http://www.ted.com/talks/clay_shirky_how_cellphones_twitter_facebook_can_make_history.html#top

Talks Clay Shirky: How Twitter can make history

While news from Iran streams to the world, Clay Shirky shows how Facebook, Twitter and TXTs help citizens in repressive regimes to report on real news, bypassing censors (however briefly). The end of top-down control of news is changing the nature of politics.



“We're your Congress. We listen to you and we love you. We know you really, really hate Real ID, so we're gonna change the name! There! All better now.”

http://www.pogowasright.org/?p=218

Is the REAL ID Revival Bill, “PASS ID,” a National ID?

Although CDT and others were quick to praise S. 1261, “PASS ID,” Jim Harper of Cato Institute is not enthused:

On balance, REAL ID and PASS ID are peas in a pod. They are both aimed at being practically required. The plan under both is for everyone who has a driver’s license to have a nationally standardized, REAL-ID-type license.



This interest me. I've long suggested that the Internet, with it's suggestion of anonymity, would be fertile ground for Psych research. This appears to be a tech approach to that end. I went to http://monitter.com/#, typed in a topic and randomly selected a 'test subject' With a bit more work, this could be very dangerous... (Attention NSA?)

http://news.cnet.com/8301-17939_109-10266918-2.html

TweetPsych: This is your brain on Twitter

by Josh Lowensohn June 17, 2009 5:51 PM PDT

We've covered several utilities that have found fun and creative ways to analyze Twitter messages, but TweetPsych takes the cake. This one looks at your past 1,000 Twitter posts and gives you a "psychological" profile, including how much you talk about yourself, work, money, and "negative emotions."

… In an introductory blog post about the tool, creator Dan Zarrella says the it works by cross-referencing the words and phrases you use in your tweets to two different dictionaries that are sorted into various psychological profiles. It then scores you in each category based on the results of other TweetPsych users. This makes it less about psychology and more about your personal lexicon, but the results are still quite fun.



Spare time eliminator.

http://www.wired.com/culture/culturereviews/magazine/17-06/st_tubes

Wired Guide to the Tubiverse, From SimTube to PotTube

By Steven Leckart 05.22.09

Turns out the Internet really is a mess of tubes. This summer marks the third anniversary of the YouTube explosion, [Seems like forever... Bob] and since the site's epic takeover of all things video, a server-farm-load of specialized copycats has swiped its sobriquet. Got time to waste? Go tubing. Here's a sample of what you'll find. Warning: Some of these sites show a lot more than adorable puppies.



Tools & Techniques

http://www.makeuseof.com/tag/fix-unreadable-cds-or-dvds-in-windows/

How To Read Scratched CDs or DVDs In Windows

Jun. 17th, 2009 By Karl L. Gechlik

… That’s right, kiddies! I have an awesome free program that attempts to get your data back for you lickity split! Here’s how you can read and retrieve all the data from scratched CDs and DVDs.

To start my testings, I whipped out an old spindle of CDs circa 2003. These things were scratched to high hell and they worked (a little) in my CD-ROM but not reliably.

Next, I downloaded Roadkil’s Unstoppable Copier version 3.56 from here: http://www.roadkil.net/program.php?ProgramID=29 and simply ran it without installation.

… If your disc is broken beyond repair, or at least, that’s what you think — then read Varun’s post on How To Repair Damaged CD’s Or DVD’s & Recover Data. You’re bound to learn something new.



Tools & Techniques Because no one uses Google to its fullest

http://www.makeuseof.com/dir/googleguide-how-to-really-use-google/

GoogleGuide: Learn How To Really Use Google

GoogleGuide is an online interactive tutorial site that can show you how to really use Google. It provides tips, tricks and tutorials on making Google search easier and effective for novices, experts and everyone else.

Wednesday, June 17, 2009

Confirmation of the obvious?

http://www.pogowasright.org/?p=115

Data Breaches Undeterred by Laws or Common Sense

The Identity Theft Resource Center (ITRC) has released a press release with some mid-year statistics on U.S. breaches this year based on the 250 incidents (pdf) they have recorded through June 15.

One of their key findings is that both malicious attacks on databases and incidents involving paper breaches represent proportionally greater percentages of breaches than in past years. Malicious attacks, which they define as “insider theft” or hacking incidents, accounted for 36% of the 250 incidents, while incidents involving paper records accounted for more than 25% of the incidents this year.

The lack of encryption is still evident. ITRC reports that only 0.4% of the 250 incidents involved encrypted data or data that were protected by other strong methods. That figure may be an underestimate, however, since some laws specifically provide safe harbor from reporting and notification if data are encrypted. Another 7.2% of the 250 incidents reportedly used password protection, which often seems to be just basic user login/pass. Over 92% of the incidents reported no password or encryption protection at all.

ITRC’s complete press release can be found on their web site.



Another tool against censorship or a reaction to the RIAA?

http://it.slashdot.org/story/09/06/16/205232/Researchers-Build-a-Browser-Based-Darknet?from=rss

Researchers Build a Browser-Based Darknet

Posted by kdawson on Tuesday June 16, @05:48PM from the easy-come-easy-go dept. security internet

ancientribe writes

"At Black Hat USA next month, researchers will demonstrate a way to use modern browsers to more easily build darknets — underground private Internet communities where users can share content and ideas securely and anonymously. HP's Billy Hoffman and Matt Wood have created Veiled, a proof-of-concept darknet that only requires participants have an HTML 5-based browser to join. No special software or configuration is necessary, unlike with darknets such as Tor. Veiled is basically a 'zero footprint' network, in which groups can rapidly form and disappear without a trace. The researchers admit darknets are attractive to bad guys, too, but they say they think these more easily set-up and dismantled nets will be more popular for mainstream (and legit) users."

In somewhat related news, reader cheesethegreat informs us that version 0.7.5 of FreeNet has hit the tubes.



If there was any doubt that technology was important to entire societies, this should put it to rest. It is also probable that this is their best source of intelligence at the moment.

http://mashable.com/2009/06/16/twitter-iran/

U.S. Government Asks Twitter to Stay Up for #IranElection Crisis

June 16th, 2009 by Ben Parr

A short while from now, Twitter will go down for maintenance due to extraordinary circumstances: The #IranElection Controversy. Originally scheduled to perform maintenance last night, the work was moved to 2 PM PT today so that Iranians could tweet about the crisis.

… Well, it looks like Twitter may have had someone pushing for it not to go down last night, during peak Iranian hours: the U.S. State Department


(Related) A reminder of how competitive the e-world is...

http://www.latimes.com/business/la-fi-facebook16-2009jun16,0,2582307.story

Facebook dethrones MySpace in the U.S.

The social networking website had 70.28 million users in May, topping its rival's 70.26 million, according to research firm ComScore.

Bloomberg News June 16, 2009


(Related) ...and how fragile.

http://mashable.com/2009/06/16/myspace-layoffs/

MySpace Slashes 30% of Staff: Is the End Nigh?

June 16th, 2009 by Pete Cashmore



Governments giveth...

http://news.slashdot.org/story/09/06/17/0114251/IRS-Now-Wants-To-Repeal-Cell-Phone-Tax?from=rss

IRS Now Wants To Repeal Cell Phone Tax

Posted by kdawson on Wednesday June 17, @08:07AM from the talk-amongst-yourselves dept. cellphones government usa

narramissic writes

"Last week the IRS caused an uproar when it requested public comments on ways to clarify a decades-old law, seldom enforced, that would tax personal usage of business cell phones. But IRS Commissioner Doug Shulman said that the request for comments did not mean that the largely ignored rule would now be enforced. 'Some have incorrectly implied that the IRS is "cracking down" on employee use of employer-provided cell phones,' Shulman wrote. 'To the contrary, the IRS is attempting to simplify the rules and eliminate uncertainty for businesses and individuals.' And in fact, the IRS is now recommending that the law be repealed, saying that 'the passage of time, advances in technology, and the nature of communication in the modern workplace have rendered this law obsolete.'"


...and governments taketh away.

http://yro.slashdot.org/story/09/06/16/1657255/A-Black-Day-For-Internet-Freedom-In-Germany?from=rss

A Black Day For Internet Freedom In Germany

Posted by kdawson on Tuesday June 16, @01:50PM from the sun-going-down dept.

Several readers including erlehmann and tmk wrote to inform us about the dawning of Internet censorship in Germany under the usual guise of protecting the children.

"This week, the two big political parties ruling Germany in a coalition held the final talks on their proposed Internet censorship scheme. DNS queries for sites on a list will be given fake answers that lead to a page with a stop sign. The list itself is maintained by the German federal police (Bundeskriminalamt). A protest movement has formed over the course of the last several months, and over 130K citizens have signed a petition protesting the law. Despite this, and despite criticism from all sides, the two parties sped up the process for the law to be signed on Thursday, June 18, 2009."


...and taketh away.

http://tech.slashdot.org/story/09/06/16/2049224/UK-Government-Announces-Broadband-Tax?from=rss

UK Government Announces Broadband Tax

Posted by kdawson on Wednesday June 17, @05:02AM from the one-hand-giveth dept. internet communications government money

Barence writes

"The UK Government is planning a 50p-per-month levy on fixed-line connections to pay for next-generation broadband. The Government claims that market forces alone will bring fiber connections to only two thirds of the country, [Sounds like they are relying on the communications industry rather that their own economists... Bob] so it plans to use the 'broadband tax' to pay for the final third by 2017. The plans form part of the Government's Digital Britain report, which also see the UK guarantee connections of 2Mbits/sec for every citizen by 2012."

The report also threatens legal action and bandwidth restriction for repeat file sharers.



Vague as far as strategy, but it seems to cover most areas.

http://www.bespacific.com/mt/archives/021610.html

June 16, 2009

The Digital Britain Report

"On 16 June the Government published The Digital Britain Report, its strategic vision for ensuring that the UK is at the leading edge of the global digital economy. The report provides actions and recommendations to promote and protect talent and innovation in our creative industries, to modernise TV and radio frameworks and support local news, and introduces policies to maximise the social and economic benefits from digital technologies."



Likely to have the other browsers scrambling.

http://www.opera.com/press/releases/2009/06/16/

Opera Unite reinvents the Web

Cloud computing and Web-based applications will never be the same

June 16, 2009 — Oslo, Norway

Opera today unveiled Opera Unite, a new technology that shakes up the old client-server computing model of the Web. Opera Unite turns any computer into both a client and a server, allowing it to interact with and serve content to other computers directly across the Web, without the need for third-party servers.

… For Web developers, Opera Unite services are based on the same open Web standards as Web sites today. This dramatically simplifies the complexity of authoring cutting-edge Web services. With Opera Unite, creating a full Web service is now as easy as coding a Web page.

Tuesday, June 16, 2009

Asymmetric revolution? The lessons learned in Estonia.

http://www.wired.com/dangerroom/2009/06/activists-launch-hack-attacks-on-tehran-regime/

Activists Launch Hack Attacks on Tehran Regime

By Noah Shachtman Email Author June 15, 2009 11:07 am

While demonstrators gather in the streets to contest Iran’s rigged election, online backers of the so-called “Green Revolution” are looking to strike back at the Tehran regime — by attacking the government’s websites.

Pro-democracy activists on the web are asking supporters to use relatively simple hacking tools to flood the regime’s propaganda sites with junk traffic. “NOTE to HACKERS - attack www.farhang.gov.ir - pls try to hack all iran gov wesites [sic]. very difficult for us,” Tweets one activist. The impact of these distributed denial of service (DDOS) attacks isn’t clear. But official online outlets like leader.ir, ahmadinejad.ir, and iribnews.ir are currently inaccessible. “There are calls to use an even more sophisticated tool called BWraep, which seems to exhaust the target website out of bandwidth by creating bogus requests for serving images,” notes Open Society Institute fellow Evgeny Morozov.


Related

http://www.wired.com/threatlevel/2009/06/iran_numbers/

Crunching Iranian Election Numbers For Evidence of Fraud

By Kim Zetter Email Author June 15, 2009 3:59 pm

… Despite the fact that Iran uses paper ballots nationwide that have to be counted by hand, only two hours after the polls closed the state-run news agency was already claiming that Ahmadinejad won 69 percent of the vote to Moussavi’s 28 percent.

The speed with which the results were certified and the wide margin of victory, coupled with some statistical anomalies, have led many to believe the vote was rigged.

Experts say the results are suspicious but not conclusive.



Computer Law figure 20 years for the technology to spread then add another 20 for the courts to understand how people use technology. The timing on these rulings sound about right.

http://torrentfreak.com/court-rules-that-ip-address-alone-insufficient-to-identify-infringer-090615/

IP Address Alone Insufficient To Identify Pirate, Court Rules

Written by enigmax on June 15, 2009

… Although anyone with a basic knowledge of the Internet could come to the same conclusion given 30 seconds in a quiet room, the Tribunale Ordinario di Roma has now ruled that an IP address alone does not identify an infringer. According to a Punto Informatico report, on this basis the court kicked out a complaint against an individual accused of copyright infringement.

The District Attorney and judge said that the mere ownership of a connection from where an infringement took place is not sufficient to establish the identity of an infringer or liability of a defendant, especially since other people could have committed the alleged infringement.


Related. WWND (What Would Napoleon Do?)

http://www.foxnews.com/story/0,2933,525993,00.html

Top French Court Declares Internet Access 'Basic Human Right'

Friday, June 12, 2009

The Constitutional Council declared access to the internet to be a basic human right, directly opposing the key points of Mr Sarkozy's law, passed in April, which created the first internet police agency in the democratic world



A very impressive collection of free and paid Excel templates and add-ins. Great for heavy users and may even come in handy when I teach Spreadsheets.

http://www.makeuseof.com/dir/vertex42-download-free-excel-templates/

Vertex42: Download Free Excel Templates, Calculators & Calendars

… The site has variety of free calculators, calenders and excel templates such as timesheets, budgets, dashboard reports, games and more for personal use.

www.vertex42.com

Similar websites: DocStoc and some other in earlier published article about websites offering free document templates.



Many sites like this are coming online. Quality (and quantity) varies greatly but that will change over time. Right now, you have to hunt for good videos.

http://www.makeuseof.com/dir/lectr-educational-video-sharing/

Lectr: Educational Video Sharing Website

Lectr.com is a new educational video sharing site that focuses primarily on educational content. It provides videos of lectures given by various teachers and professors on a variety of topics and subjects that could prove helpful for college students.

www.lectr.com

Similar website: AcademicEarth and MBAvid.



Of course I'll warn my students not to hack. Specifically they shouldn't:

http://www.makeuseof.com/tag/how-to-strip-mobi-and-prc-ebooks-of-encryption/

How To Strip MOBI and PRC eBooks Of Encryption

Jun. 16th, 2009 By Simon Slangen


...and they should never, ever:

http://it.slashdot.org/story/09/06/16/0017221/Hackers-Find-Remote-iPhone-Crack?from=rss

Hackers Find Remote iPhone Crack

Posted by kdawson on Tuesday June 16, @08:13AM from the jailbreaking-via-mortar dept. security cellphones apple

Al writes

"Two researchers have found a way to run unauthorized code on an iPhone remotely. This is different than 'jailbreaking,' which requires physical access to the device. Normally applications have to be signed cryptographically by Apple in order to run. But Charles Miller of Independent Security Evaluators and Vincenzo Iozzo from the University of Milan found more than one instance in which Apple failed to prevent unauthorized data from executing. This means that a program can be loaded into memory as a non-executable block of data, after which the attacker can essentially flip a programmatic switch and make the data executable. The trick is significant, say Miller and Iozzo, because it provides a way to do something on a device after making use of a remote exploit. Details will be presented next month at the Black Hat Conference in Las Vegas."

The attack was developed on version 2.0 of the iPhone software, and the researchers don't know if it will work when 3.0 is released.



Everything you expect from weird Al (unfortunately)

http://news.cnet.com/8301-13577_3-10265362-36.html?part=rss&subj=news&tag=2547-1_3-0-5

Weird Al takes on Craigslist, the Doors

by Caroline McCarthy June 16, 2009 5:55 AM PDT

Monday, June 15, 2009

Apparently, nothing happened over the weekend.


Every new President is challenged. “Let's see how [insert name of president here] reacts.” Unfortunately, there are more potential challengers that ever.
http://www.washingtonpost.com/wp-dyn/content/article/2009/06/15/AR2009061500944.html
S. Korea Expected to Seek Reaffirmation of U.S. Nuclear Protection
By Blaine Harden Washington Post Foreign Service Monday, June 15, 2009; 8:03 AM
SEOUL, June 15 -- As state media in North Korea continue to warn of possible nuclear war, South Korean President Lee Myung-bak flew to Washington for talks with President Barack Obama at which Lee is expected to seek a written promise of continued U.S. nuclear protection


This is one possible explanation, another might be: “Oh look, Microsoft has done something interesting for the first time in a long, long while – let's see if we can figure out why.”
http://tech.slashdot.org/story/09/06/14/2040209/Does-Bing-Have-Google-Running-Scared?from=rss
Does Bing Have Google Running Scared?
Posted by kdawson on Sunday June 14, @08:22PM from the or-perhaps-maraschino dept.
suraj.sun alerts us to an anonymous-source story up at the NY Post, not what we would normally consider a leading source of tech news, claiming that Microsoft's introduction of Bing has alarmed Google.
"...co-founder Sergey Brin is so rattled by the launch of Microsoft's rival search engine that he has assembled a team of top engineers to work on urgent upgrades to his Web service, The Post has learned. Brin, according to sources..., is himself leading the team of search-engine specialists in an effort to determine how Bing's crucial search algorithm differs from that used by [Google]. 'New search engines have come and gone in the past 10 years, but Bing seems to be of particular interest to Sergey,' said one insider, who spoke on the condition of anonymity. The move by Brin is unusual, as it is rare these days for the Google founders to have such hands-on involvement in day-to-day operations at the company, the source added."
CNet's coverage of the rumor begins with the NY Post and adds in Search Engine Land's speculation on what the world of search would look like if Yahoo exited the field.

Related? Oy gevalt!
http://www.reuters.com/article/internetNews/idUSTRE55D0UQ20090614?feedType=RSS&feedName=internetNews&rpc=69
Orthodox Jews launch "kosher" search engine
Sun Jun 14, 2009 12:45pm EDT
JERUSALEM (Reuters) - Religiously devout Jews barred by rabbis from surfing the Internet may now "Koogle" it on a new "kosher" search engine, the site manager said on Sunday.
Yossi Altman said Koogle, a play on the names of a Jewish noodle pudding and the ubiquitous Google, appears to meet the standards of Orthodox rabbis, who restrict use of the Web to ensure followers avoid viewing sexually explicit material.
The site, at www.koogle.co.il, omits religiously objectionable material, such as most photographs of women which Orthodox rabbis view as immodest, Altman said.
… Nothing can be posted on the Jewish Sabbath, when religious law bans all types of work and business, Altman said. "If you try to buy something on the Sabbath, it gets stuck and won't let you."

Sunday, June 14, 2009

Why we teach Ethics.

http://www.bespacific.com/mt/archives/021583.html

June 13, 2009

Cyber-Ark 2009 Trust, Security & Passwords Survey Research Brief

2009 Trust, Security & Passwords Survey Research Brief: "This global "snooping" survey is the third in a series of benchmark studies focused on identifying security and privacy trends among IT workers. Results are intended to raise awareness about the risks associated with powerful, and often unmanaged, privileged users and passwords. While seemingly innocuous, these accounts provide workers with "keys to the kingdom," allowing them to access critically sensitive information, no matter where it resides."

[From the report:

While most employees claim that access to privileged accounts is currently monitored and an overwhelming majority support additional monitoring practices, employee snooping on sensitive information continues unabated. In fact, 74 percent of respondents stated that they could circumvent the controls currently in place to prevent access to internal information.



It used to be exciting to spot the Goodyear blimp. Now you recognize it as Big Brother's 'eye in the sky.' I wonder if there is a program to fund these with 'economic stimulus' grants?

http://yro.slashdot.org/story/09/06/13/1610203/Blimps-Monitor-Crowds-At-Sporting-Events?from=rss

Blimps Monitor Crowds At Sporting Events

Posted by Soulskill on Saturday June 13, @01:59PM from the inflatable-rights-violation dept.

Death Metal tips news about how defense contractor Raytheon is adapting military-style surveillance packages for use aboard blimps at public events like the Indy 500. "Until recently, Raytheon's eye-in-the-sky technology was used in Afghanistan and Iraq to guard American military bases, working as airborne guards against any oncoming desert threat. Using infrared sensors and a map overlay not unlike Google Earth, the technology scans a large area, setting important landmarks (say, the perimeter of a military base), and constantly relays video clips back to a command center. If a gun fires or a bomb is detonated, the airships can detect the noise and focus the camera — all from a mighty-high 500 feet." Though the technology is expensive, Raytheon is shopping it around to police departments and other organizations that might want to keep an eye on large gatherings of people.



I never specify content in my website classes. I do specify the functions to perform (links, music, pictures, videos) and the tools to be used. Yes, it is harder to grade, but always amusing. (And I frequently learn from my students.)

http://news.slashdot.org/story/09/06/13/123211/Student-Who-Released-Code-From-Assignments-Accused-of-Cheating?from=rss

Student Who Released Code From Assignments Accused of Cheating

Posted by Soulskill on Saturday June 13, @09:29AM from the mights-and-maybes dept

Death Metal sends in a story about Kyle Brady, a computer science major at San Jose State University, who recently ran into trouble over publishing the source code to his programming assignments after their due dates. One of Brady's professors contacted him and threatened to fail him if he did not take down the code. Brady took the matter to the Computer Science Department Chair, who consulted with others and decided that releasing the code was not an ethical violation. Quoting Cory Doctorow at Boing Boing:

"There's a lot of meat on the bones of this story. The most important lesson from it for me is that students want to produce meaningful output from their course-assignments, things that have intrinsic value apart from their usefulness for assessing their progress in the course. Profs — including me, at times — fall into the lazy trap of wanting to assign rotework that can be endlessly recycled as work for new students, a model that fails when the students treat their work as useful in and of itself and therefore worthy of making public for their peers and other interested parties who find them through search results, links, etc. But the convenience of profs must be secondary to the pedagogical value of the university experience — especially now, with universities ratcheting up their tuition fees and trying to justify an education that can put students into debt for the majority of their working lives."



For my Computer Security class. (“So, Mini-Me, why were you browsing the “joy of Porn” website?”)

http://it.slashdot.org/story/09/06/13/2125211/Sniffing-Browser-History-Without-Javascript?from=rss

Sniffing Browser History Without Javascript

Posted by kdawson on Saturday June 13, @08:32PM from the hole-in-css dept.

Ergasiophobia alerts us to a somewhat alarming technology demonstration, in which a Web site you visit generates a pretty good list of sites you have visited — without requiring JavaScript. NoScript will not protect you here. The only obvious drawbacks to this method are that it puts a load on your browser, and that it requires a list of Web sites to check against.

"It actually works pretty simply — it is simpler than the JavaScript implementation. All it does is load a page (in a hidden iframe) which contains lots of links. If a link is visited, a background (which isn't really a background) is loaded as defined in the CSS. The 'background' image will log the information, and then store it (and, in this case, it is displayed to you)."



Students who don't learn the subjects I teach will soon be learning how to ask, “Do you want fries with that?” These websites are for them.

http://www.makeuseof.com/tag/top-10-most-effective-job-search-websites/

Top 10 Most Effective Job Search Websites

Jun. 13th, 2009 By Ryan Dube