Friday, April 27, 2012


On the “Internet of Things,” who owns the data is going to be an rather important question.
Recommended Reading: The Automotive Black Box Data Dilemma
April 26, 2012 by Dissent
A tweet from the World Privacy Forum pointed out this excellent article by Willie D. Jones on ieee Spectrum. Here’s a snippet:
… “I don’t see how there can be an expectation of [EDR] privacy in a criminal case,” Gillingham insists. “When you’re driving on public land, you give up expectation of privacy.” Challenged on whether that statement conflicts with longstanding U.S. principles of search and seizure, he says, “There’s an expectation of privacy with regard to my body or my home; that’s very much different than the engine of my car.”
But there is a growing cadre of people who disagree with Gillingham, including the Court of Appeals of California, Sixth District, which overturned the manslaughter conviction in February 2011 on the grounds that law enforcement did not secure a search warrant to retrieve the data. (The other convictions were left intact.)
In the first civil lawsuits and criminal cases involving cars equipped with EDRs, auto companies claimed that they owned the data; courts eventually began ruling that it belongs to vehicle owners and lessees. But without federal laws governing who should have access to black box data, the matter was left to the states. Thus far, only 13 states have passed laws governing the ownership of EDR data.
Read more on ieee Spectrum.


What is the opposite of “viral marketing?” Perhaps this is the basis for a new Olympic sport – Copyright Enforcement.
London Olympics To Visitors: Don’t Share What You See
According to the London 2012 Olympic “conditions for ticket holders,” you are not allowed to take pictures or video of the events nor are you allowed to “exploit” any video on social networks.
… This means no Instagrams, no Tweetpics, no Facebooking (“OMG OLYMPICS!!”), and no nothing. In short, you shouldn’t tell anyone you went to the Olympics.
According to Petapixel, UK photographers are already being hassled for taking photos of the Olympic “city” from public places, which suggests perhaps that London should spring for a geodesic dome to cover the proceedings in mystery and smash cameras of errant Tweeters.


Attention stalkers!
Here Are 20 Companies Who Sell Your Data (& How To Stop Them)
April 26, 2012 by Dissent
Jon Mitchell writes:
Meet the data brokers. There’s a whole industry full of companies who make their money buying and selling our personal information. TheFTC is working on busting this dark racket wide open, but in the meantime, they’re out there. Who are they? Can we stop them? Read on to find out.
Read more on ReadWriteWeb.


Would this also apply to random interception of wireless communication?
Victory! Federal Judge Rules Against Drug Testing of Florida’s State Workers
April 26, 2012 by Dissent
Great news from Baylor Johnson of the ACLU of Florida:
Two months ago, I was sitting in a federal courtroom in Miami watching as our staff attorney, Shalini Goel Agarwal, argued for the rights of Florida state workers against invasive, suspicionless mandatory bodily-fluid searches. The ACLU of Florida, on behalf of the American Federation of State, County and Municipal Employees (AFSCME), was challenging an executive order issued by Gov. Rick Scott requiring random drug testing for state employees.
Today, a decision came down in that case affirming the privacy and personal dignity of thousands of state employees by declaring the order a violation of the Fourth Amendment. Without a “compelling need,” a search of your bodily fluids is exactly the kind of unreasonable search and seizure the Constitution clearly bars.
Read more on the ACLU’s web site and congratulations to them or their successful advocacy!

(Related) Just because it's legal doesn't mean we can't use it against you. It is much easier to look at every prescription issued by every doctor to see if anything stands out, than to gather more specific information on the street. (Drug companies won't complain about increased sales and Insurance companies are unlikely to pay for unneeded drugs.)
By Dissent, April 27, 2012
While a federal court ruled Florida’s drug-testing law unconstitutional yesterday, not all news is good news in terms of invasions of health issues. Vermont Public Radio reports:
The Vermont Senate has voted to allow police access without a search warrant to a database of Vermonters’ prescriptions maintained by the Vermont Department of Health.
In an 18-11 vote after more than two hours of debate on Wednesday, the Senate rejected the arguments of some members that allowing police access to the database would violate rights against search and seizure promised by the U.S. and Vermont constitutions.
The majority sided with those saying police access would not be unlimited, and that investigators need to be able to crack down on an epidemic of prescription drug abuse in the state.
The House earlier voted to require a search warrant before police got access to the database. A conference committee likely will have to work out the difference.
As regular readers of this blog know, I’ve been following the state laws on prescription databases and by now, many states do have laws that open up databases to law enforcement in the name of busting prescription abusers (usually pain killer medications). But since these situations are usually not emergency situations with imminent danger involved, why can’t law enforcement be required to show probable cause to obtain a warrant? Inconvenient for law enforcement, perhaps, but if the real issue is that law enforcement doesn’t have enough information to rise to the level of probable cause, do we really want them able to access someone’s prescription records?


“For every law there is a loophole.” Who said that? (Every lawyers ever born?)
The FBI Workaround For Private Companies To Share Information With Law Enforcement Without CISPA
… In 1997, long-time FBI agent Dan Larkin helped set up a non-profit based in Pittsburgh that “functions as a conduit between private industry and law enforcement.” Its industry members, which include banks, ISPs, telcos, credit card companies, pharmaceutical companies, and others can hand over cyberthreat information to the non-profit, called the National Cyber Forensics and Training Alliance (NCFTA), which has a legal agreement with the government that allows it to then hand over info to the FBI. Conveniently, the FBI has a unit, the Cyber Initiative and Resource Fusion Unit, stationed in the NCFTA’s office. Companies can share information with the 501(c)6 non-profit that they would be wary of (or prohibited from) sharing directly with the FBI.


The Congressional version of “Ready, Fire, Aim?” Perhaps, if my Ethical Hackers were to send the 248 Luddites their complete Internet dossier...
House Passes Controversial Cybersecurity Measure CISPA
The Cyber Intelligence Sharing and Protection Act, or CISPA, sponsored by Reps. Mike Rogers (R-Michigan) and Dutch Ruppersberger (D-Maryland), passed on a vote of 248 to 168.


Interesting. I thought for sure Google would pay this out of Petty Cash and move on. But as they say in Calculus, as the Money available approaches infinity, behavior becomes unpredictable.
Google pushes back against FCC fine
April 27, 2012 by Dissent
Andrew Feinberg reports:
Google is pushing back against a Federal Communications Commission proposal to fine the Internet company for snooping on people’s Wi-Fi networks using equipment in its Google Street View cars.
[...]
Google denied it had obstructed the probe by not making personnel available, saying it had let the commission take testimony from “everyone the FCC asked to meet.” The company also argued that “the fact that a certain engineer was legally unavailable did not leave any significant factual questions unanswered.”
Read more on The Hill.
[From the article:
...the engineer who wrote the offending code code would not talk to the FCC


I fall mostly into the “not so fast” crowd...
April 26, 2012
Pew - The Future of Money in a Mobile Age
The Future of Money in a Mobile Age by Aaron Smith, Janna Anderson, Lee Rainie - Apr 17, 2012
  • "Within the next decade, smart-device swiping will have gained mainstream acceptance as a method of payment and could largely replace cash and credit cards for most online and in-store purchases by smartphone and tablet owners, according to a new survey of technology experts and stakeholders. Many of the people surveyed by Elon University’s Imagining the Internet Center and the Pew Research Center’s Internet & American Life Project said that the security, convenience and other benefits of “mobile wallet” systems will lead to widespread adoption of these technologies for everyday purchases by 2020. Others—including some who are generally positive about the future of mobile payments—expect this process to unfold relatively slowly due to a combination of privacy fears, a desire for anonymous payments, demographic inertia, a lack of infrastructure to support widespread adoption, and resistance from those with a financial stake in the existing payment structure."
[Is Square the model for future electronic transactions? Bob]


For my Ethical Hackers. What went wrong? Exactly, he used his own name! And didn't test adequately. (The potential cost of Cloud computing...)
Oops! Amazon Web Services Customer Unleashes ‘Denial of Money’ Attack – on Himself


Kickstarter loves creative projects. I'd get one of these if I had a cell phone.
2-Cans-and-a-String Technology Updated for Age of Mobility


Everything changes
SketchUp Is Google’s First Divestment Ever, And It Made A Profit
Google’s sale of a previously purchased arm of the company this morning, 3D modeling software SketchUp, to Trimble, isn’t just something it does “every now and again”. It’s actually Google’s first divestment ever, according to two sources, and we’re hearing the search giant made a profit, as it sold SketchUp for more than it bought it for back in 2006.
… It wasn’t that SketchUp wasn’t working. It had 30 million activations since joining Google as part of @Last Software in March 2006. But it just didn’t fit with the direction Google is heading in. It’s a relatively niche product for architects and the construction industry, game developers, and filmmakers. It doesn’t fit with last year’s theme of inherently social product that could be tied to Google+, or this year’s plan to simplify everyone’s lives.


An interesting Charlie Rose interview
Jack Dorsey, Chairman of Twitter and CEO of Square


It's a horrible secret. Whatever you do, don't Google the words “zerg rush

No comments: