Saturday, December 25, 2010

Automating Congress?

December 24, 2010

Proposed U.S. House Rules Pave the Way for iPads and BlackBerrys?

Proposed U.S. House Rules Welcome (Quiet) Mobile Devices to the Floor: "In this last Congress, the 111th, the House operated under a rule that dictated that no one shall "smoke or use a wireless telephone or personal computer on the floor of the House." But, according to copy of the proposed rules just posted to the website of the Committee on Rules, that section has been tweaked for the 112th congress to give the Speaker of the House wide discretion in dictating what sort of mobile technologies members and staffers can bring to and use on the floor of the House.


December 24, 2010

Pew Study: Politics goes mobile

Politics goes mobile, by Aaron Smith, Lee Rainie, Dec 23, 2010: "More than a quarter of American adults – 26% – used their cell phones to learn about or participate in the 2010 mid-term election campaign. In a post-election nationwide survey of adults, the Pew Research Center’s Internet & American Life Project found that 82% of adults have cell phones. Of those cell owners, 71% use their phone for texting and 39% use the phone for accessing the internet. With that as context, the Pew Internet survey found that:

  • 14% of all American adults used their cell phones to tell others that they had voted.

  • 12% of adults used their cell phones to keep up with news about the election or politics.

  • 10% of adults sent text messages relating to the election to friends, family members and others.

  • 6% of adults used their cells to let others know about conditions at their local voting stations on election day, including insights about delays, long lines, low turnout, or other issues.

  • 4% of adults used their phones to monitor results of the election as they occurred.

  • 3% of adults used their cells to shoot and share photos or videos related to the election..."

For my Ethical Hackers

Analyze and Plot Local Wi-Fi Networks With inSSIDer

Here at MUO, we’ve offered a number of good tools to analyze Wi-Fi networks. Jack wrote up a good description of HeatMapper, an app that shows you the Wi-Fi strength in different areas of your home. Guy showed you how to use Xirrus to troubleshoot network issues.

These are both valuable tools, but I recently discovered another amazing Wi-Fi analysis tool that just blew me away and I knew I had to share it with MUO readers. The tool has been reviewed at a number of other tech blogs, so many of you might have heard of it. For those of you that haven’t, I’d like to introduce you to inSSIDer 2.0.

… you get the Mac address of the device, the network name of the router, the signal strength, channel, the router manufacturer and privacy settings (if any). Beyond that, it’ll also show you the latest network activity, and even the GPS coordinates of the router if you’ve configured a GPS device on your PC.

Profits at the interface? How to become a billionaire (and you can reward me with pre-ipo stock...)

Take The Red Pill: The Rise Of The Hybrid Startup

Several years ago, before Gilt, One King’s Lane and Zulily, I argued that some of the most valuable, disruptive tech startups would be in commerce, not advertising, cutting out the middle man rather than adding another one. It’s fair to say that 2010′s fastest-growing technology companies have largely been examples of this trend.

Now there’s a second trend emerging in 2011 that seems at least as important: the hybrid business, with one foot in the virtual world and one foot in the real world. This isn’t the old “clicks-and-mortar” concept from the 1990s, which put web glitter on an old-school business, building for Walmart. A hybrid business is built entirely from scratch, to be innovative in its online technology and its real-world operations.

… We’re in increasingly good company. In the past month, I’ve talked to half a dozen other companies with hybrid business models. These can work on a tiny scale: the developers of an iPhone app for tracking local specials use a Filipino call-center for contacting bars and restaurants across the country. Or hybrids can hit it big: Redfin’s newest board member ran a $7 billion chain of used-car lots based on the idea that a computer-driven system could value a trade-in more precisely than a person.

Friday, December 24, 2010

A small but typical breach. There was no security beyond a password, no security training, and no record of what information had been loaded on the laptop.

Computer with information on 3,100 Mankato Clinic patients stolen

A laptop computer with personal and medical information on more than 3,000 Mankato Clinic patients was stolen nearly two months ago. Randy Farrow, CEO of the Mankato Clinic, said Thursday that while they take the security breach very seriously, it is unlikely that anyone has accessed the password-protected information. [Unless they wanted to... Bob]

And Farrow said patients do not have to take any measures to protect themselves because no financial information, Social Security numbers or home addresses of patients were on the laptop data.

… The laptop contained a spreadsheet which included personal health information of 3,159 patients. The patient information includes: patient¹s full name, date of birth, medical record number, healthcare provider¹s name, encounter date, and diagnosis information.

… He said it took nearly two months to notify the public and patients about the theft as the clinic did it¹s own internal investigation and pieced together what was on the laptop and which and how many patients were affected. [Because they didn't know... Bob]

Farrow said nurses often travel between clinic locations and brings their laptops with them. [I must assume this means the laptops thay have been issued. They couldn't mean the nurses personal computer, could they? Bob]

The breach has prompted the clinic to institute more safeguards, including mandatory security training of all staff, using encryption software on all mobile computers and establishing a more stringent policy on mobile computer devices.

Local It's one thing to be “tough on illegal immigration” but quite another to fish for possible illegals by rummaging through tax records. (Shouldn't they be looking for illegals who DON'T pay their taxes?)

Judge issues permanent injunction against DA, Weld sheriff in Operation Number Games

December 23, 2010 by Dissent

Nate A. Miller reports:

A Larimer District Court judge has put a formal end to efforts on the part of Weld District Attorney Ken Buck and Weld County Sheriff John Cooke to crack down on illegal immigration and identity theft using records from a Greeley tax preparer.

In a decision Tuesday, District Judge Stephen Schapanski made permanent a temporary injunction issued against Buck and Cooke in April. The ruling directs the Weld County court clerk to destroy all copies of information obtained from the search and seizure of tax files from Amalia’s Translation & Tax Service in Greeley in 2008. Weld authorities also are forbidden from using any information learned from the contents of those files.

Read more in the Greeley Tribune. The ACLU’s press release can be found on the Colorado ACLU site.

There must be more to this, right? How did this make air travel safer?

Woman arrested at ABIA after refusing enhanced pat down

… Claire Hirschkind, 56, who says she is a rape victim and who has a pacemaker-type device implanted in her chest, says her constitutional rights were violated. She says she never broke any laws. But the Transportation Security Administration disagrees.

… Hirschkind said because of the device in her body, she was led to a female TSA employee and three Austin police officers. She says she was told she was going to be patted down.

"I turned to the police officer and said, 'I have given no due cause to give up my constitutional rights. You can wand me,'" and they said, 'No, you have to do this,'" she said.

Hirschkind agreed to the pat down, but on one condition.

"I told them, 'No, I'm not going to have my breasts felt,' and she said, 'Yes, you are,'" said Hirschkind.

When Hirschkind refused, she says that "the police actually pushed me to the floor, (and) handcuffed me. I was crying by then. They drug me 25 yards across the floor in front of the whole security."

An ABIA spokesman says it is TSA policy that anyone activating a security alarm has two options. One is to opt out and not fly, and the other option is to subject themselves to an enhanced pat down. Hirschkind refused both and was arrested. [How exactly do you “refuse” to “not fly” if they won't let you past security? Bob]

… The TSA did release a statement Wednesday that said in part, "Our officers are trained to treat all passengers with dignity and respect. Security is not optional." [Apparently it is. If you can refuse to fly... Bob]

(Related) Security Theater...

TSA Investigates Pilot Who Exposed Security Flaws

"The TSA is investigating a TSA deputized pilot who posted videos to YouTube pointing out security flaws. Flaws exposed include ground crew clearing security with just a card swipe while pilots have to go through metal detectors, and a 'medieval-looking rescue ax' being available on the flight deck. Three days after posting the video, 6 government officials arrived at his door to question him and confiscated his federal firearm (and his concealed weapon permit)."

For my Ethical Hackers

Two privacy-related bills signed into law this week

December 23, 2010 by Dissent

This week, President Obama signed several bills into law that have privacy implications. In addition to repealing Don’t Ask Don’t Tell, he signed The Social Security Number Protection Act of 2010 and The Truth in Caller ID Act.

The former bill is intended to help reduce identity theft by restricting the use of full Social Security Numbers on government-issued checks and by preventing prisoners from having access to Social Security Numbers. A number of media stories in the past few years had revealed how government agencies were contracting with prisons, who, in turn, had prisoners doing work that gave them access to SSN.

The second bill prohibits any person within the United States from knowingly transmitting misleading or inaccurate caller identification information “with the intent to defraud, cause harm, or wrongfully obtain anything of value.” Exemptions to the prohibition include law enforcement. People who violate the law may face forfeiture or criminal fines.


U.S. Commerce Department Unveils Online Privacy Framework

December 23, 2010 by Dissent

Richard L. Santalesa writes:

Though overshadowed by the December 1st release of the FTC’s Privacy Framework (see our coverage here, here, here and the report itself here), we wanted to at least give a nod before the year runs out to the Department of Commerce’s own report, entitled Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework, and less formally known as the Internet Policy Task Force Privacy Green Paper (the “Report”), available here.

Read more on InformationLawGroup.

Think of this as a “personal drone” No doubt this will result in laws banning model aircraft in cities (or over Area 51?) but it does show the potential for “Google Drone”

Breath-Taking Aerial Video Footage from New York City – Taken by a RC Plane!

Expert remote control pilot Raphael “Trappy” Pirker recently took his 54 inch Zephyr model plane on a harrowing tour of Manhattan and the surrounding area. The best part: his RC vehicle was fitted with a camera that wirelessly transmitted an amazing recording of everything it saw – Pirker was piloting his craft with this visual feed. As you can see in the video below, the results were spectacular. The plane looks to be flying within a few feet of buildings and whizzing past bridges with ease. You have to check out around 2:01 when he starts to buzz the Statute of Liberty. Phenomenal! First person view (FPV) flying is a growing part of the RC community and watching footage like this I can certainly see why. Could the new era of personal video recording be spreading to the sky?

… Pirker has tested his RC and video electronics to a distance of 27 miles. According to calculations, the maximum range would be 120 miles!

… It’s the extreme nature of Pirker’s flight that has garnered him praise and condemnation. The Academy of Model Aeronautics issued a statement declaring his flight “posed a significant threat to people and property.” In an interview with FliteTest, Pirker explained that he didn’t violate FAA airspace (the Zephyr was a model craft), and that he and his team took precautions to make sure that the plane wouldn’t fall on innocent people in the case of failure.

For my Statistics students

Scientifically, You Are Likely In the Slowest Line

"As you wait in the checkout line for the holidays, your observation is most likely correct. That other line is moving faster than yours. That's what Bill Hammack (the Engineer Guy), from the Department of Chemical and Biomolecular Engineering at the University of Illinois — Urbana proves in this video. Ironically, the most efficient set-up is to have one line feed into several cashiers. This is because if any one line slows because of an issue, the entry queue continues to have customers reach check-out optimally. However, this is also perceived by customers as the least efficient, psychologically."

For the Swiss Army folder...

FreeFileConverter: Various File Format Conversion Tool

There are different online tools that can be used to convert files between formats of certain file types. This means you need to bookmark a separate conversion site for video, audio, and document files. Fortunately “FreeFileConverter” merges all of those conversion tools and presents them on a single dashboard.

The file can be of any type: audio, video, or a document. Using the site is very easy: you select a file from your computer or enter its URL, then select the desired output format, and click on the “Convert” button. The output format options are provided according to the type of file you select.

When the file is converted the output can be downloaded in the desired format or as a ZIP archive; sizes of both download types are provided with the download link. The output file is stored on the site’s servers for 12 hours.

Similar tools: Fileminx, Hamster Video Converter and YouConvertIt.

Also read related articles:

5 Easy-to-use Freeware Video Converters

Top Online File Converters (Video, Audio, Images …).

Thursday, December 23, 2010

Quite well thought out.

UK: ICO welcomes Scottish Government’s new privacy principles

December 23, 2010 by Dissent

A statement from the Information Commissioner’s Office:

The Scottish Government has today published Identity Management and Privacy Principles for public service organisations. The new guidance is designed to help organisations achieve privacy-friendly public services, encouraging good practice and ensuring personal data is always handled with respect. They have been devised by an expert group – including the ICO’s Assistant Information Commissioner for Scotland and Registrar General – and subject to full public consultation. Welcoming today’s announcement Ken Macdonald, Assistant Commissioner for Scotland at the ICO, said:

“Public bodies can no longer afford to get it wrong on protecting people’s personal information. Not only could the organisation’s reputation suffer but so will their bank balance – as the Information Commissioner can now issue a monetary penalty of up to £500,000.

“The new principles that have been developed for the Scottish Government are tailored to help public bodies to get it right first time and I would urge all authorities to ensure they are being put into practice. It needn’t be an arduous task and the pay-off is immeasurable as it will help to maintain the public’s trust in how their information is handled by Scotland’s public services.”

The full guidance – Identity Management and Privacy Principles – can be viewed on the Scottish Government website at:

For more information see:

This answers a couple of questions I had, but leaves others unanswered. What rights/responsibilities do teachers and school administrators have?

Student Punished Over Facebook Rant Settles Lawsuit

December 23, 2010 by Dissent

Matthew Heller writes:

A former Florida high-school student is officially no longer a cyberbully after winning a settlement in her free-speech lawsuit against a principal who disciplined her for venting about a teacher on a Facebook page.

The settlement provides, among other things, that Pembroke Pines Charter High School will expunge Katherine “Katie” Evans’s three-day suspension from her disciplinary record. The principal, Peter Bayer, suspended her for cyberbullying after she used her home computer to write “Ms. Sarah Phelps is the worst teacher I’ve ever met!” in a Facebook posting. [

Read more on OnPoint. While Heller focuses mainly on the protected speech aspects, he notes that challenges concerning speech occurring outside of school and whether the schools have a right to discipline for it is a matter that is before several courts at this point.

The expansion of school’s authority to punish or discipline students for behavior that occurs off-campus is an issue I’ve mentioned a few times on this blog. What types of extra-curricular conduct should schools have some authority over in terms of suspending or expelling students? To the extent that extra-curricular activity may create a hostile or dangerous environment in the school building, what should schools be able to do or be responsible for doing? Is this another “balancing” situation? In my opinion, schools have been too quick to suspend or expel students for speech and sadly, the courts have occasionally backed them in some important cases. But apart from speech, there are other concerns that we could probably agree could pose safety risks in schools that start or occur outside of school. What then? I see this as one of the most important student privacy issues of the next decade and beyond.

[From the OnPoint article:

Bayer argued that Evans's online rant was not protected speech in part because of its “potentially defamatory content.” But a judge denied his motion to dismiss in February, finding that Evans expressed an opinion about a teacher that “was published off-campus, did not cause any disruption on-campus, and was not lewd, vulgar, threatening, or advocating illegal or dangerous behavior.

[But, was it true? Could the school point to a worse teacher she had met? Bob]


The Future of Reputation? Vigilante group wrongly names man as serial killer on Facebook

December 23, 2010 by Dissent

Georgina Robinson reports:

A man who feared for his safety had to be escorted from his home by police after he was wrongly named on Facebook as a wanted serial killer in the United States.

A vigilante group posted the man’s name and photograph on Facebook and labelled him the “Kensington Strangler”, who is wanted in connection with at least three murders and several sexual assaults in Philadelphia, ABC America reported.

The Associated Press reported that residents of Kensington, who once severely beat a suspected rapist based on a police photo, posted hundreds of comments and theories about the case on a Facebook page titled “Catch the Kensington Strangler, before he catches someone you love.”

Read the full article in The Age.

The article also contains some other examples about how reputations are being destroyed on the internet. While the vigilante case above is downright scary, a site that encourages children to post rumors about peers is scary in its own way.

As Daniel Solove wrote in the The Future of Reputation (2007), reputations can be destroyed quickly on the internet. Recent examples such as the posting of nude photos involving the St Kilda players by an upset teenager, the Tyler Clementi case, and other cases in Robinson’s article serve as timely reminders that private individuals can have their reputations and lives destroyed in a heartbeat on the internet. Ideas that Dan proposed in The Future of Reputation were all good ideas, but we are seeing more and more kids or teens as privacy violators or sources of reputational harm. While schools have started to address cyberbullying, where are the programs that really educate children about privacy and the responsibilities that come with free speech?

For my Business Continuity students. “Anything that can go wrong will go wrong.” Murphy

Skype Outage Hits Users Worldwide

"The LA Times reports that millions of Skype phone users worldwide couldn't make calls or were dropped in mid-conversation, because of a network connection failure that began about 9 a.m. Wednesday PST. 'For a communications system this large to go down, it's almost unheard of,' says Charles S. Golvin, a Forrester Research analyst. 'Usually when phone lines are disrupted, the blackout is confined to a specific geographical area. This is worldwide.' In theory, Skype, which is based on peer-to-peer networking technology shouldn't see an outage but that is not really the case — the company has a massive infrastructure that it uses for purposes such as authentication and linking to the traditional phone networks. 'The outage comes at a time when Skype is starting to ask larger corporations for their business,' writes Om Malik. 'If I am a big business, I would be extremely cautious about adopting Skype for business, especially in the light of this current outage.'"

(Related) Accidental

The Year In Downtime

"Lightning, floods, car crashes and coding snafus had starring roles in major Internet outages of 2010. Data Center Knowledge reviews the year's business downtime, including outages for banking and e-commerce sites and several incidents that knocked state government services offline. Meanwhile, Pingdom focuses on downtime for major social media sites and Wikileaks. Then there's the guy who got drunk and shot up a server."

(Related) Deliberate

December 22, 2010

Report: Distributed Denial of Service Attacks Against Independent Media and Human Rights Sites

The Berkman Center for Internet & Society is pleased to share a new report, Distributed Denial of Service Attacks Against Independent Media and Human Rights Sites by Ethan Zuckerman, Hal Roberts, Ryan McGrady, Jillian York, John Palfrey

  • "Distributed Denial of Service (DDoS) is an increasingly common Internet phenomenon capable of silencing Internet speech, usually for a brief interval but occasionally for longer. In this paper, we explore the specific phenomenon of DDoS attacks on independent media and human rights organizations, seeking to understand the nature and frequency of these attacks, their efficacy, and the responses available to sites under attack. Our report offers advice to independent media and human rights sites likely to be targeted by DDoS but comes to the uncomfortable conclusion that there is no easy solution to these attacks for many of these sites, particularly for attacks that exhaust network bandwidth."

For my Swiss Army folder...

Simplebooklet: Easily Create, Share & Print Booklets Online

The way the site works is very simple: you place objects on the provided canvas, resize the objects to match your needs, and once a page is done you move on the next page in the booklet. The objects you can add include images, any type of files, a background image, text, video, embeddable code, a webpage, and audio. Once you are done with your booklet you can publish it online as a webpage or share it via email or on an online social network.

If the booklet comprises of text and images only you can print it out; this way you can use SimpleBooklet to create actually booklets and not only virtual ones.

Similar tool: PrintableFlyerTemplates, Band-Flyers, MyBrochureMaker, BookletCreator and Pocketmod.

Wednesday, December 22, 2010

Google is still denying India access to g-mail, but I wonder if that protection will last long.

RIM buckles on India’s Blackberry encryption pressure

December 21, 2010 by Dissent

Research in Motion has bowed to the Indian government at last. It told the home ministry that it will comply with the 31 January deadline to provide a “final solution” – you what!? – for lawful access to its data services.

This will be done by giving ministers access to the records over a cloud based system which will not involve an “overseas data path.”


Something for my Computer Security students to consider...

The smartphone that spies, and other surprises

The invasion of consumer-oriented smartphones and now tablets into business is old news. But we're beginning to see unintended consequences of the adoption of such devices that users, businesses, and mobile platform providers should pay attention to. For example, the U.S. Army has begun educating soldiers on how to turn off the often automatic location-detection capabilities in their smartphones and digital cameras so that they don't inadvertently reveal their locations to enemy fighters or spies.

The easy reaction would be to ban such devices to eliminate the risks, but of course, that also eliminates the benefits.

… The U.S. Army's measured reaction is a better example of how to address the issue; the Army realizes that letting soldiers stay in touch with loved ones when away from home is good for morale

… Most of the problematic devices are designed primarily for consumer usage, and today that usage is biased toward unfettered sharing.

… More and more social networking apps, such as Foursquare and Facebook, track and publish your current location -- courtesy of your smartphone -- so that your online friends can know where you are,

… The use of mobile management tools can help, as they can disable cameras and so forth on several popular devices. The catch is that the devices have to be actually managed -- a person who brings in a personal device and never accesses the corporate network won't ever get managed by IT's mobile management tool. Plus, even for managed devices, the tools today aren't sophisticated enough to, say, disallow use of the camera within the employer facilities but allow it elsewhere, to prevent only problematic photo-taking.

Mobile device makers should play a stronger role. Although the devices may have been intended for consumer use, the lines between personal and business have all but disappeared, and device makers should design their wares with that merger in mind. Most don't even think about the business implications, as they consider the devices to be consumer electronics.

TX: KISD coaches outed student – lawsuit

December 22, 2010 by Dissent

James Draper reprots:

The mother of a Kilgore High School senior is suing the school and several of its employees in federal court, alleging that her daughter’s right to privacy was violated when she was forced to disclose her sexual orientation.

The Texas Civil Rights Project, based out of Austin, is handling the suit pro bono and filed on behalf of Barbara Wyatt for her daughter, Skye, with the U.S. District Court in Tyler on Monday.


For the complete text of the lawsuit, visit

Read more in the Kilgore News Herald. There seem to be two main issues – how the student was “interrogated” by staff about her sexual orientation and then the fact that the staff disclosed the orientation to the student’s parent.

[From the article:

According to the lawsuit, the coaches questioned the girl about her sexual orientation and her relationship with a girl from another school. Later, the suit claims, the coaches informed Barbara Wyatt that her daughter was a lesbian. They told her, she said, teachers are required by law to notify parents of the sexual orientation of their children [“I am required to inform you that your child is a practicing heterosexual.” Really? Bob]

You don't have to be a teacher...

Grapholite: Free Flowcharting Program Online

Grapholite is a free to use website that helps users create a wide variety of drawings and diagrams. Through its numerous tools you can easily create flowcharts; there are built-in shapes and other objects that particularly assist flowchart creation.

The drawing tools and different color options provided can be used to not only create flowcharts, but other diagrams as well, such as floor plans. You can save the diagrams on your computer in Grapholite’s own GRL file format and load them up later for further editing; alternatively you can export the diagrams to a PNG or JPG file.

Similar tools: Cacoo, SimpleDiagrams, Creately, Diagramo, ModelXtractor, LovelyCharts and Depicter.


Tuesday, December 21, 2010

7 Visually Appealing Ways to Publish Documents Online

Tuesday, December 21, 2010

Perhaps I'll develop a Case Study for my Computer Security students. This breach seems to cover almost every possible error an organization could make.

Memo Details Gawker Security Strategy

"After a hack of systems belonging to online publishing giant Gawker Media that yielded more than one million passwords, the online media company's chief technology officer has announced new defense strategies aimed at placating their users and preventing further humiliating data breaches. Thomas Plunkett issued a company-wide memo on Friday that lays out the new security measures and suggests the company overlooked security concerns in the rush to develop new features."

… A copy of the memo was posted on the Website of the Poynter Institute on Friday, Plunkett confirmed.

[From the memo:

First, we never planned for such an event, and therefore had no systems, or processes in place to adequately respond.

… The tech team should have been better prepared, committed more time to perform thorough audits, and grown our team’s technical expertise to meet our specific business needs.

Worth a read?

Article: The Fourth Amendment and the Brave New World of Online Social Networking

December 20, 2010 by Dissent points us to a new law review article: The Fourth Amendment and the Brave New World of Online Social Networking by Nathan Petrashek, 93 Marq. L. Rev. 1495 (2010). From the introduction:

During a recent visit to the University of Florida Levin College of Law, Associate Justice Clarence Thomas was asked whether he believed the Court has kept pace with rapidly shifting technological changes. According to Justice Thomas, technological change within the Court was less important than that occurring on the outside:

[It‘s] changed the way we work, but it‘s also changed some of the issues. . . . I think you all are in for some interesting times because there used to be these zones of privacy. . . . Things were over here in the private sphere and then the public sphere was over here. Now look how [they‘ve] merged. You put something on your Facebook, [and] it‘s there on somebody‘s hard drive forever. . . . We also see it with respect to how the government can obtain information in the criminal justice context. [The government doesn‘t] actually have to come onto property now, to look into your private affairs. . . . I think you all are in for the brave new world of technology in a way that we, of course, couldn‘t have anticipated.2


This Comment evaluates whether social networking users maintain a reasonable expectation of privacy in their online social networking activity such that police scrutiny is subject to the Fourth Amendment‘s warrant requirement. Part II explores the contours of a social networking web site and describes its operation. This Part considers the origins of the social networking phenomenon and examines two of the largest social networking web sites, Facebook and MySpace, in some detail. Part III explains the social benefits derived from social networking and the risks involved, including the increasing risk of police surveillance. Part IV describes the current state of Fourth Amendment search doctrine and explains why it is a poor lens through which to analyze a user‘s online social networking content. Part V discusses the consequences should courts refuse to protect online user content. Finally, Part VI concludes that courts should recognize, in most circumstances, users‘ asserted privacy expectations in their online social networking content.

You can download the article from Marquette Law Review.

So who is running the Asylum?

DHS Seized Domains Based On Bad Evidence

"Back over Thanksgiving, the Department of Homeland Security's Immigration and Customs Enforcement unit (ICE) made a lot of news by seizing over 80 domain names. While many of these involved sites that sold counterfeit products, five of the domains involved copyright issues. Four of them involved hiphop-related blogs — including ones that hiphop stars like Kanye West and others used to promote their own works, and the last one was a meta search engine that simply aggregated other search engines. Weeks went by without the owners of those sites even being told why their domains were seized, but the affidavit for the seizure of those five sites has recently come out, and it's full of all sorts of problems. Not only was it put together by a recent college graduate, who claimed that merely linking to news and blog posts about file sharing constituted evidence of copyright infringement, it listed as evidence of infringement songs that labels specifically sent these blogs to promote. Also, what becomes clear is that the MPAA was instrumental in 'guiding' ICE's rookie agent in going after these sites, as that appeared to be the only outside expertise relied on in determining if these sites should be seized."

Check my pulse! If I'm agreeing with Al Franken, something must have gone seriously wrong with my brain. (Okay, I don't agree with everything he is saying in the article, but I do agree on the need to separate “Internet access” from the provider's products & services.)

Al Franken Makes a Case For Net Neutrality

"In a post titled 'The Most Important Free Speech Issue of Our Time' this morning on The Huffington Post, Senator Al Franken lays down a powerful case for net neutrality, as well as a grim scenario if the current draft regulations being considered by the FCC are accepted. Quoting: 'The good news is that the Federal Communications Commission has the power to issue regulations that protect net neutrality. The bad news is that draft regulations written by FCC Chairman Julius Genachowski don't do that at all. They're worse than nothing. That's why Tuesday is such an important day. The FCC will be meeting to discuss those regulations, and we must make sure that its members understand that allowing corporations to control the Internet is simply unacceptable. Although Chairman Genachowski's draft Order has not been made public, early reports make clear that it falls far short of protecting net neutrality.'"

The “Internet of Things” is coming...

Microchips Now In Tombstones, Toilets, & Fish Lures

"Steve Johnson writes in the Mercury News that microchips are going into a staggering array of once decidedly low-tech items — from gravestone markers and running shoes to fish lures and writing pens. In the future, 'where won't we find chips?' asks analyst Jordan Selburn. 'The answer is pretty close to nowhere.' For example, one company sells a coin-size, stainless steel-encased microchip for gravestone markers that tells the dead person's story in text, photos, video or audio histories, which visitors can access by pointing their Internet-enabled cell phones at it. The company says it has sold thousands of 'Memory Medallions.' There's AquaOne Technologies, who sell a toilet containing chips that automatically shut off the water when it springs a leak or starts to overflow, but Japanese company Toto goes one better with an intelligent toilet that gathers health-related data from the user's urine. Pro-Troll puts a chip in its fish lures that 'duplicates the electrical nerve discharge of a wounded bait fish,' prompting other fish to bite it."

Perhaps they are more interested in knowing who makes “good fakes?”

Microsoft shelves Office Genuine Advantage tool

In what can be considered a small victory for those who dislike additional security checks after purchasing software, Microsoft has quietly discontinued the use of its Genuine Advantage checker tool for Microsoft Office.

The antipiracy measure, called Office Genuine Advantage (OGA), required that users verify the legitimacy of their Office software before being able to download add-ons and templates from Microsoft, as well as download software updates Microsoft deemed "non-critical."

One program that's not being shelved as part of OGA's end of life is Microsoft's policy of replacing counterfeited software with genuine copies in cases where customers believed they were buying the real thing. That program, which also began in 2006, aimed both at helping people who had accidentally bought good fakes, as well as giving Microsoft leads on where it was coming from.

The removal of OGA does not mean a lapse in the front-line security Microsoft employs to keep software pirates at bay. Users still need to enter in a 25-character activation key when first installing the software in order to unlock its license. Just like in its Windows operating system, users who skip this step are still able to use the software, but with reduced functionality.

An ethical question: If this is a reasonably accurate guide for pedophiles, shouldn't every parent and police officer read it to understand how to protect children and catch the pedophiles? Is it ethical to remain ignorant? (Could you write a book containing the same information without also providing guidance to pedophiles?)

Colo. author who sold guide for pedophiles arrested, extradited to Florida on obscenity charge

Monday, December 20, 2010

If the FBI is correct, I'd look at this as similar to the “zero down” schemes where the bad guys “bought” real estate with no money down, collected rents and never paid the mortgages. Is this the tip of the iceberg? (and is there a less disruptive way to gather evidence?)

FBI Defends Disruptive Raids on Texas Data Centers

The FBI on Tuesday defended its raids on at least two data centers in Texas, in which agents carted out equipment and disrupted service to hundreds of businesses.

The raids were part of an investigation prompted by complaints from AT&T and Verizon about unpaid bills allegedly owed by some data center customers, according to court records. One data center owner charges that the telecoms are using the FBI to collect debts that should be resolved in civil court. But on Tuesday, an FBI spokesman disputed that charge.

"We wouldn’t be looking at it if it was a civil matter," says Mark White, spokesman for the FBI’s Dallas office. "And a judge wouldn’t sign a federal search warrant if there wasn’t probable cause to believe that a fraud took place and that the equipment we asked to seize had evidence pertaining to the criminal violation."

… According to the owner of one co-location facility, Crydon Technology, which was raided on March 12, FBI agents seized about 220 servers belonging to him and his customers, as well as routers, switches, cabinets for storing servers and even power strips. Authorities also raided his home, where they seized eight iPods, some belonging to his three children, five XBoxes, a PlayStation3 system and a Wii gaming console, among other equipment. Agents also seized about $200,000 from the owner’s business accounts, $1,000 from his teenage daughter’s account and more than $10,000 in a personal bank account belonging to the elderly mother of his former comptroller.

… But a 39-page affidavit (.pdf) related to the Crydon raid provides a convoluted account of the investigation. It alleges that a number of conspirators, some of who may have connections to Faulkner, conspired to obtain agreements from AT&T and Verizon to purchase connectivity services with the telecoms. Several documents used to provide proof of business ownership and financial stability were forged, according to the affidavit.

Interesting that no one has raised the Privacy questions. This is new technology replacing the old technology (pen and paper) and making the police job faster and more accurate(?) – that part is a good thing.

Cops track gangsters with licence-plate readers – and store innocent people’s data?!

December 19, 2010 by Dissent

Chad Skelton reports:

The Vancouver police department’s plans to use automatic licence-plate readers to track gangsters’ movements could have a real impact on gang violence, according to one of the first U.S. police departments to deploy the technology.

“It’s been great for us and, looking at what they want to do in Vancouver, I think it’ll help them,” said Lt. Mike Wallace, head of Palm Beach County’s Gang Task Force.


Wallace said Palm Beach County – an area of one million people that includes affluent Palm Beach but also a number of rural areas – got its first plate-reader four years ago. At first, the force used it mainly to find stolen vehicles. “But once we understood the technology we thought: There’s more we can do with this,” Wallace said.

Soon, every time police learned gang members would be congregating, such as at a funeral or party, police simply drove one of their tracking-equipped cruisers to the scene and turned it on.

“We’ll take it out and drive around at a funeral for an hour and we’ll get 3,000 to 4,000 numbers,” Wallace said. [What percentage were “gang related?” Bob]

Almost immediately, Wallace said, the device started paying off, alerting officers to the presence of gangsters with outstanding arrest warrants. It also helped them discover new gang members who weren’t on their radar.


Wallace said his department hasn’t received much push-back from privacy advocates, despite the fact that it permanently stores all plate numbers the device captures – including those of law-abiding citizens.

Read more in the Montreal Gazette.

An interesting examination of the scope of information being gathered on everyone... Many examples of information being gathered with little or no real value and suggests a lack of trained intelligence analysts. But, the data is being gathered and cross-indexed. Some day they will find something, right?

Monitoring America

Nine years after the terrorist attacks of 2001, the United States is assembling a vast domestic intelligence apparatus to collect information about Americans, using the FBI, local police, state homeland security offices and military criminal investigators.

The system, by far the largest and most technologically sophisticated in the nation's history, collects, stores and analyzes information about thousands of U.S. citizens and residents, many of whom have not been accused of any wrongdoing.

… One of the biggest advocates of Memphis's data revolution is John Harvey, the police department's technology specialist, whose computer systems are the civilian equivalent of the fancier special ops equipment used by the military.

Harvey collects any information he can pry out of government and industry. When officers were wasting time knocking on the wrong doors to serve warrants, he persuaded the local utility company to give him a daily update of the names and addresses of customers.

When he wanted more information about phones captured at crime scenes, he programmed a way to store all emergency 911 calls, which often include names and addresses to associate with phone numbers. He created another program to upload new crime reports every five minutes and mine them for the phone numbers of victims, suspects, witnesses and anyone else listed on them.

Now, instead of having to decide which license plate numbers to type into a computer console in the patrol car, an officer can simply drive around, and the automatic license plate reader on his hood captures the numbers on every vehicle nearby. If the officer pulls over a driver, instead of having to wait 20 minutes for someone back at the office to manually check records, he can use a hand-held device to instantly call up a mug shot, a Social Security number, the status of the driver's license and any outstanding warrants.

Face it. Governments don't trust their citizens.

Google won’t share encryption keys with Indian sleuths

December 19, 2010 by Dissent

Google Inc will not share the encryption keys of its email service with Indian security agencies as it would compromise the privacy rights of millions of Gmail users worldwide, a top company executive said.

The Union home ministry, intelligence agencies and the telecom department are collectively exploring mandatory sharing of software by all communication service companies in India, a sensitive issue with global firms. Some firms have already been asked to comply and Canada’s Research In Motion (RIM) is edging closer to January 31, 2011, deadline to hand over the encryption keys for its popular BlackBerry messaging services to intelligence agencies.

Read more in The Economic Times. considers Google’s response somewhat hypocritical.

Ubiquitous Surveillance? How should I read this? Is it another “We can, therefore we must?” or is Google simply matching any application competitors offer that might become popular?

Google PowerMeter tracks home electricity via Wi-Fi

Blue Line Innovations is expected to announce a deal tomorrow to tie its PowerCost Monitor to Google's PowerMeter for monitoring home energy. Combined with a WiFi Gateway sold by Blue Line Innovations, a person can get real-time and historical information on electricity use.

In July, Microsoft and Blue Line Innovations announced a similar deal where people can track electricity data using Microsoft's Hohm Web application, a competitor to Google PowerMeter. Both Web applications are free.

Over time, executives have said Google intends to expand the capabilities of the application beyond electricity monitoring to track water, natural gas, and potentially schedule electric vehicle charging.

Making the courts more transparent. Now we need to write a “bot” to read all the opinions and flag anything dealing with Identity Theft, Privacy, etc.

December 19, 2010 announces 2 yr plan to release opinions of appellate and supreme courts of 50 states and federal government

News release: "Public.Resource.Org will begin providing in 2011 a weekly release of the Report of Current Opinions (RECOP). The Report will initially consist of HTML of all slip and final opinions of the appellate and supreme courts of the 50 states and the federal government. The feed will be available for reuse without restriction under the Creative Commons CC-Zero License and will include full star pagination. This data is being obtained through an agreement with Fastcase, one of the leading legal information publishers. Fastcase will be providing us all opinions in a given week by the end of the following week. We will work with our partners in Law.Gov to perform initial post-processing of the raw HTML data, including such tasks as privacy audits, conversion to XHTML, and tagging for style, content, and metadata."

Sunday, December 19, 2010

NOTE: This is not a solution to the “someone stole a laptop with all of our customer data back to 1847” problem. The data (on the hard drive) remains accessible. It does suggest an avenue for hackers to shut down your computers.

Intel's Sandy Bridge Processor Has a Kill Switch

"Intel's new Sandy Bridge processors have a new feature that the chip giant is calling Anti-Theft 3.0. The processor can be disabled even if the computer has no Internet connection or isn't even turned on, over a 3G network. With Intel anti-theft technology built into Sandy Bridge, David Allen, director of distribution sales at Intel North America, said that users have the option to set up their processor so that if their computer is lost or stolen, it can be shut down remotely."

Something tells me this is going to be wildly popular with ISPs. Does this suggest a “flat rate” business model might provide some real competition?

Look Forward To Per-Service, Per-Page Fees

"[Two] companies, Allot Communications and Openet — suppliers to large wireless companies including AT&T and Verizon — showed off a new product in a web seminar Tuesday, which included a PowerPoint presentation (1.5-MB .pdf) that was sent to Wired by a trusted source. The idea? Make it possible for your wireless provider to monitor everything you do online and charge you extra for using Facebook, Skype or Netflix. For instance, in the seventh slide of the above PowerPoint, a Vodafone user would be charged two cents per MB for using Facebook, three euros a month to use Skype and $0.50 monthly for a speed-limited version of YouTube."

Humor B.C. Shows one way to avoid parental surveillance.

Most users are content with the basic Google commands. Keep these “Cheatsheets” handy to remind yourself that Google can do so much more...

7 Useful Google Cheatsheets – Download for Free!

In case you get a video capable camera/phone/Barbie doll for Christmas,

Vimeo's 'Video School' now in session

Video-sharing site Vimeo has rolled the cameras on its Vimeo Video School, a freely accessible section of the site devoted to movie-making tutorials for beginners and more-advanced videographers alike.

Launched earlier this week, the Video School expands on and organizes user-generated how-to and tips-and-tricks videos.

It features a Video 101 section, made up of Vimeo-produced clips about the basics; a DSLR Basics section, also Vimeo-produced and devoted to shooting video with digital single lens reflex cameras; and a Featured Lessons section, in which Vimeo staffers offer up teachings on a variety of topics, from composition fundamentals to storyboarding basics to how to make a good holiday video.

Aspiring Eisensteins can also search different categories--Editing, Gear, and Do-It-Yourself among them--to find Vimeo-created "lessons" and user-produced "tutorials" on their chosen area of interest.

Handy if you put PDFs online.

PDFProtect: Password Protect Your PDF Files

Add password protection to pdf files online.

Choose a low or high encryption setting.

No registration required.