Tuesday, April 24, 2012
Very polite. “Don't make yourselves look like even bigger idiots.” Signed by a Who's Who of Security Experts.
An Open Letter From Security Experts, Academics and Engineers to the U.S. Congress: Stop Bad Cybersecurity Bills
… . The bills nullify current legal protections against wiretapping and similar civil liberties violations for that kind of broad data sharing. By encouraging the transfer of users’ private communications to US Federal agencies, and lacking good public accountability or transparency, these “cybersecurity” bills unnecessarily trade our civil liberties for the promise of improved network security. As experts in the field, we reject this false trade-off and urge you to oppose any cybersecurity initiative that does not explicitly include appropriate methods to ensure the protection of users’ civil liberties.
Here's my nightmare. Manning yells “Hike!” and the Offensive line breaks into their “Dancing with the Stars” routine... Therefore, from this day forward, you must be a Broncos fan to enroll in the Ethical Hacker program.
The Denver Broncos are tossing out the tradition of printing 500-page playbooks every week for each of the 120 players, coaches, scouts and other personnel.
… Now when Broncos head coach John Fox [Or one of my students Bob] adds a play, the update will be pushed automatically to the playbook app on each player's iPad.
… The Broncos figure the savings from not having to print tens of thousands of playbook pages each season will help offset the cost of purchasing 120 iPads with Verizon Wireless 4G access — many of them the top model featuring 64 gigabytes of data, which retail for $829 each. [Did these guys actually take classes in college? Bob]
This is completely and totally unrelated to my Ethical Hackers. Rumors that it was them are based on a student paper “Using technology to impact the global economy”
"Iran disconnected computer systems at a number of its oil facilities in response to a cyber attack that hit multiple industry targets during the weekend. A source at the National Iranian Oil Company (NIOC) reportedly told Reuters that a virus was detected inside the control systems of Kharg Island oil terminal, which handles the majority of Iran's crude oil exports. In addition, computer systems at Iran's Oil Ministry and its national oil company were hit. There has been no word on the details of the malware found, but computer systems controlling several of Iran's oil facilities were disconnected from the Internet as a precaution. Oil Ministry spokesman Ali Reza Nikzad-Rahbar told Mehr News Agency on Monday that the attack had not caused significant damage and the worm had been detected before it could infect systems."
Clarifying the muddy waters or pouring more ink into the mix?
Information stored under data retention laws can be disclosed to copyright holders to identify illegal file-sharers, ECJ rules
April 24, 2012 by Dissent
The good folks at Out-Law.com spell out a recent European Court of Justice ruling:
The Data Retention Directive does not contain terms that prevent internet protocol (IP) addresses that ISPs must store under the terms of the law from being used by rights holders in civil legal proceedings to identify alleged copyright infringers, the Court said.
It said that other EU laws on privacy and electronic communications (e-Privacy Directive) and the enforcement of intellectual property rights (IPR Directive) read together allow member states to form national laws that provide a means for rights holders to obtain disclosure of personal data about alleged illegal file-sharers subject to the condition that courts in those countries can determine the legitimacy of disclosure on a case-by-case basis.
Read more on Out-Law.com.
If I’m understanding their analysis, a country (member state) can choose not to enact law that would require ISPs to turn over information in such disputes, but if it does enact such legislation permitting it, there has to be protection of the user’s rights so that the court considers the matter on a case-by-case basis. No big John Does 1-2 million type cases there, then? Or have I misunderstood the ruling?
(Related) How it's done in the US
'Hurt Locker' makers file new suit against downloaders
“We have the email and we're not afraid to use it.” (Guess what I would add to my email filter...)
"On Friday, more than 1,300 employees of London-based Aviva Investors walked into their offices, strolled over to their desks, booted up their computers and checked their emails, only to learn the shocking news: They would be leaving the company. The email ordered them to hand over company property and security passes before leaving the building, and left the staff with one final line: 'I would like to take this opportunity to thank you and wish you all the best for the future. 'This email was sent to Aviva's worldwide staff of 1,300 people, with bases in the U.S., UK, France, Spain, Sweden, Canada, Italy, Ireland, Germany, Norway, Poland, Switzerland, Belgium, Austria, Finland and the Netherlands. And it was all one giant mistake: The email was intended for only one individual." [“We typed 'ALL' when we meant to type 'Al'” Bob]
Be careful what you say under your own name. Say all the evil, incriminating stuff under the name of your friendly neighborhood law professor... If my Tweets are “not mine” is that a defense?
Your tweets are not your own, Monday edition
April 23, 2012 by Dissent
More from the Malcolm Harris/Twitter subpoena case. Joseph Ax reports:
An Occupy Wall Street protester has lost his bid to quash a subpoena seeking his Twitter records from last fall, when he was arrested during a mass protest on the Brooklyn Bridge.
Criminal Court Judge Matthew Sciarrino Jr., who is overseeing a special courtroom dedicated to handling nearly 2,000 Occupy-related cases, ruled that Malcolm Harris did not have standing to challenge the third-party subpoena. Prosecutors from the Manhattan District Attorney’s Office served the subpoena on Twitter in January, requesting Harris’ user information and more than three months’ worth of tweets.
The judge compared Harris to a bank account holder who by law cannot challenge a subpoena of his records served on his bank.
“Twitter’s license to use the defendant’s Tweets means that the Tweets the defendant posted were not his,” the judge wrote in a decision filed Friday.
Read more on Thomson Reuters.
You can't take pictures of the police...
DHS’s “appropriate” use of social media?
April 23, 2012 by Dissent
So… does this strike anyone as an appropriate use of social media by DHS?
Eleven hours before I was arrested during the Occupy Miami eviction in January, the Miami-Dade Police Homeland Security Bureau sent an email to various police officers, which was then forwarded to the department’s public information officers – including arresting officer Major Nancy Perez – informing them that I would be documenting the action.
The subject of the email was “Multimedia information/Situational Awareness.” It included my Facebook profile photo where I’m trying my hardest to look like a terrorist thug.
It also included the following statement about me.
Read more of photographer Carlos Miller’s experience on Pixiq
[From the article:
It also included the following statement about me.
Carlos Miller is a Miami multimedia journalist who has been arrested twice for taking pictures of law enforcement. He has publicly posted on social networks that he will be taking pictures today in order to document the eviction.
Perspective. All I get from my users is grief.
You Earn Facebook An Average Of $1.21 Per Quarter
Think of it as “electronic shoulder surfing.”
"TapLogger, a proof-of-concept Trojan for Android developed by resarchers at Pennsylvania State University and IBM, uses information from the phone's motion sensor to deduce what keys the user has tapped (PDF), thus revealing otherwise-hidden information such as passwords and PINs."
If we can use computers to grade essays, why can't we automate document review?
… Rand concluded, as have I, and many others, that the primary problem in e-discovery is the high cost of document review. They found it constitutes 73% of the total cost of e-discovery. For that reason, Rand focused its first report on electronic discovery on this topic, with side comments on the issue of preservation.
… Where The Money Goes: Understanding Litigant Expenditures for Producing Electronic Discovery is a must read that is within everyone’s budget. It can be downloaded for free, both a summary and the full report (131 pages), but I recommend you read the full report.
Lawyers have a sense of humor?
Maybe they are interesting, maybe they are dead for good reason.
Dead Media Beat: Lignin, a website for extinct, important magazines
From Dubai. Okay, maybe they can afford to shelve them, then.
… “Here I have a list of collected ‘old’ magazines, that are no longer circulated, but instead used as objects in galleries, as collectible items, and things to search for in your (or others) grandparents attic. Rather than physically creating a space to collect and archive these magazines, we are using this “webspace” as a repository for once-upon a time publications.
Inevitable. But why evaluate complete textbooks? Each concept could be an independent lesson. A La Khan Academy?
"Minnesota Public Radio is running a story about the University of Minnesota's Open Textbooks project. The goal of the project is to solicit reviews of college-level open source textbooks and collect those that pass muster onto their website. The project will focus first on high-volume introductory classes such as those for Math and Biology, because as David Ernst, director of the project, states in the interview: 'You know the world doesn't need another $150 Algebra One book. Algebra One hasn't changed for centuries, probably.'"
Requirements for inclusion include: Open licensing (Creative Commons Attribution/Share Alike), complete content (no glorified collections of lecture notes), applicability outside of the author's institution, and print availability.
Research, research, research. I'll write the paper when I can remember which room my computer is in...
When I first heard about Instagrok, a new “educational search engine,” I admit, I wasn’t that thrilled with the idea. It’s not that I think Google is the perfect search engine. It’s not that I think the company is unassailable in the area that was once its core product (remember those days?). I’m a huge fan of DuckDuckGo, for example, as I think that it offers high quality, low-spam search results – with major bonus points for caring about users’ privacy.
… This isn’t about finding “the” answer to a search query; rather it’s about, in his words “seeing the topic” and learning more about what you’re researching – concepts, definitions, and connections. “Learning is an exploratory process,” he told me, arguing that the way students move through the Web should encourage that exploration. It shouldn’t just be about clicking on the “first blue link.”
Citations in research. “Wikipedia says” does not cut it.
… Sometimes I think I spend more time working on my bibliography than I spend writing the entire paper. Thankfully, Citelighter exists to make this process easier.
Citelighter is a handy Firefox toolbar that grabs information directly from the source and stores all the bibliographical information for you. You simply need to highlight the information you need and tell the toolbar to capture it. It will pull as much bibliographical information from the webpage as it can find, and you may only have to enter a couple of fields. Once you save it, it will be stored on your account and accessible from anywhere.
Similar tools: Snippin, Sniply, GotProject, Memonic, WebNotes, RoohIt, iCyte, Ibrii, Markkit, AwesomeHightlighter and more.
Research tool you add to your browser...
Cruxbot is an interesting new web tool that helps to summarize web pages. With a simple bookmarklet tool, this tool reads through any site - presumably with a large amount of text - and it summarizes the content. The summary can be lengthened or shortened by the user and users can even identify keywords to focus the learning on a particular issue. Very cool idea which works fairly well.
When you really need to concentrate.
SelfRestraint is a Python-based free to use open-source desktop application currently available for Windows and Linux, with a Mac version coming soon. The app simply lets you enter websites that you find distracting. You can then set a time duration for which these websites should be blocked.
Would probably be handy if all my math classes were not already online...
Using this handy editor you can create mathematical equations of all kinds with little or no coding skill required. Most of the equations are created by simply clicking on an image and filling in the numerals needed.
Free is good (even if you just keep them on your PC)
… The best part of all is that none the Kindle free classics are abridged!
Below, we have six classics that you may or may have not been able to read on the Kindle, so don’t hesitate. Also, for those of you who don’t have a Kindle, you really shouldn’t feel left out. With the Kindle app and the Cloud Reader, you can join right in and read all of these on whatever device you happen to have.
[Other sources of free books:
Ereader News Today Tips, Tricks, And Free Ebooks For Your Kindle
Pixel of Ink http://www.pixelofink.com/
Another “Future of Education” model?
Grovo is a service that offers video lessons on how to use a huge array of web apps and web services. Grovo lessons on the subjects of Internet basics, productivity, business tools, communication, lifestyle, and entertainment. Within each of these subjects you can learn how to use hundreds of different websites and web apps. Not sure how to set up filters in your email? Grovo can teach you. Confused about privacy settings on Facebook? Grovo lessons can clarify them for you. Have an interest in Pinterest, but don't know how to use it? Grovo lessons will help you learn.
Grovo's video lessons aren't just stand-alone videos. There a part of a sequence of video courses. Each course has guiding questions that you can use to check your knowledge along the way.
Before you get too excited about Grovo, you should know that their course offerings a mix of free and paid enrollment courses. The courses marked with a big "G" indicate that they are courses for which you will have to pay to enroll.