Wednesday, May 09, 2012

I'm shocked, shocked I tell you...
Today, Vladimir Putin was inaugurated to his third term as the Russian President after a landslide victory in March elections. Putin has bounced between his roles as Prime Minister and President for 12 years, but many have accused Putin and his United Russia party of rigging elections in the past.
While voter fraud can be hard to detect, a group of researchers has carefully analyzed the official election data for clues and posted their analysis on the arXiv preprint server. The researchers found several questionable anomalies in the data that always seemed to support Putin and his party, casting doubt on the integrity of the recent elections.

A video summary of the entire scandal?
FRONTLINE goes inside the struggle over the future of News Corporation, Rupert Murdoch’s reputation and his family’s fortune.

It takes much longer for reporters to notice...
Cybercrooks bring their schemes to Tumblr and Pinterest
… In one campaign, Twitter was used as bait to take advantage of users on Pinterest. A Twitter account called "Pinterestdep" (which has since been suspended) claimed to offer Visa gift cards to people in exchange for sharing their opinions about Pinterest. But instead, intended victims were directed to a Web site that prompted them to fill out several rewards offers and convince their friends to do the same.
Misspelling the name Tumblr was the trigger for another scam. Users who accidently typed "tublr" would be redirected to a message claiming they had been chosen as a "daily winner," prompting them to fill out surveys and respond to offers to pick up their prize. A check of the URL shows that this scam remains in full bloom.

Local, and disturbing. What else can they shut off?
"Savannah Barry, a Colorado teenager, was returning home from a conference in Salt Lake City. She is a diabetic and wears an insulin pump to control her insulin levels 24/7. She carries documentation of her condition to assist screeners, who usually give her a pat-down search. This time the screeners listened to her story, read her doctor's letter, and forced her to go through a millimeter-wave body scanner anyway. The insulin pump stopped working correctly, and of course, she was subjected to an invasive manual search. 'My life is pretty much in their hands when I go through a body scan with my insulin pump on,' she says. She wants TSA screeners to have more training. Was this a predictable outcome, considering that no one outside TSA has access to millimeter-wave scanners for testing? Would oversight from the FDA or FCC prevent similar incidents from happening in the future?"

I would be more impressed if they had done this “last fall.” Looks like they are about to test the privacy water again, and wanted to avoid at least the obvious hazards...
"Carrier IQ, a startup heavily bruised last fall by harsh criticism of its handset diagnostic software, today announced it's hired a high-profile lawyer as its Chief Privacy Officer. Magnolia Mansourkia Mobley, a CIPP and former Verizon executive, will be tasked with quickly broadening the company's focus on consumer privacy. She also was named the company's General Counsel. The company became the flashpoint in a heated controversy after initial reports its analytics software, embedded in some 150 mobile phones, was capable of gathering a great deal of personal data without the customer's consent."

Interesting question for my students. Can they even list what technology would be unavailable if all wireless was shut off?
"Around nine months ago, BART Police asked to have wireless communications disabled (PDF) between Trans Bay Tube Portal and the Balboa Park Station. That was because they knew a public protest was to take place there — and the service to the underground communication system was disabled. This affected not only cellphone signals, but also the radio systems of Police, Fire and Ambulance crews (PDF) within the underground. This led to an even larger protest at a BART station and many folks filed complaints along with the American Civil Liberties Union and Electronic Frontier Foundation. The FCC responded by launching a probe into the incident. The results were a mixed bag of 'To protect citizens!' and 'Only in extreme cases,' not to mention the classic 'Terrorists use wireless communications!' But even if the probe doesn't lead to a full proceeding and formal order, the findings may well be used as a guide for many years to come."

Can't you buy this information from Visa and MasterCard?
IKEA Must Defend Itself in Consumer Class Action
May 9, 2012 by Dissent
Yet more bad press for IKEA in the privacy department, it seems. Maria Dinzeo reports:
A class can proceed with a lawsuit accusing Ikea of requesting and storing customers’ zip codes when making credit card purchases.
Rita Medellin sued Ikea in February 2011 for violation of the Song-Beverly Credit Card Act after an Ikea cashier took her credit card and asked for her zip code. She gave it, believing the information was necessary for completing the transaction.
Ikea claimed customers often voluntarily provided this information, so they could receive email promotions from Ikea or participate in the retailer’s rewards program. [How does 'just a zip code' help with either of these? Bob]
Read more on Courthouse News.
In recent months, IKEA has also been accused of spying on employees and consumers in France.

Sort of an “anti-mitigating” (exacerbating?) issue... How long should you hold off on updates (to ensure they don't cause problems) before you implement them to upgrade your security?
"Since so many recent exploits have used Java as their attack vector, you might conclude Java should be shown the exit, but the reality is that Java is not the problem, writes Security Advisor's Roger Grimes. 'Sure, I could opt not to use those Java-enabled services or install Java and uninstall when I'm finished. But the core problem isn't necessarily Java's exploitability; nearly all software is exploitable. It's unpatched Java. Few successful Java-related attacks are related to zero-day exploits. Almost all are related to Java security bugs that have been patched for months (or longer),' Grimes writes. 'The bottom line is that we aren't addressing the real problems. It isn't a security bug here and there in a particular piece of software; that's a problem we'll never get rid of. Instead, we allow almost all cyber criminals to get away with their Internet crime without any penalty. They almost never get caught and punished. Until we solve the problem of accountability, we will never get rid of the underlying problem.'"

A bracing dose of reality? Management 101: You can't delegate (or outsource) responsibility.
If offshore cloud compromises your data we’ll sue you, not them: AU privacy commissioner
May 9, 2012 by Dissent
David Braue reports:
Organisations investing in off-shore cloud services could find themselves on the pointy end of legal action should the privacy of Australians be breached as a result, Victoria’s acting privacy commissioner has warned.
“The threat to information privacy from cloud computing largely comes from an organisation’s lack of control,” he said. “Generally speaking, cloud service providers are agents of the client agency or organisation – even if there’s a contract between them.”
“That relationship means that if there’s a data breach, the client agency or organisation remains responsible and the enforcement of the Australian privacy legislation will apply,” he continued. “The cloud provider would need to be contractually bound by the relevant Australian privacy law, or fulfil the requirement that a similar privacy scheme to the Australian regime operates in that jurisdiction. This can be difficult in jurisdictions that have no general privacy laws, such as Singapore or the US.”
The situation gets even more complex if the public cloud provider is found to be moving protected data between jurisdictions; this is common in load-balancing cloud configurations run by the likes of Google and Microsoft, which load-balance customer data between regions to improve reliability and redundancy.
Read more on CSO.

That's for presenting the results, not the search itself... No link to the report, yet.
Google report says search results protected by First Amendment
Do Google and other search engines have a constitutional right to control their own search results?
The answer is yes, at least in the opinion of UCLA law professor and First Amendment scholar Eugene Volokh.
In a report commissioned by the search giant, Volokh asserted that search results are a type of "opinion" based on what information the search engines believe would be most relevant to their users, according to PaidContent. Therefore, the results are protected by the First Amendment.
… Why did Google commission this report?
… The search giant told PaidContent that "we thought these issues were worth exploring in more depth by a noted First Amendment scholar." But the company is also likely looking for some legal ammunition to use in any government showdowns.
Google has been under the microscope of both the U.S. government and the European Union over complaints that it has used its dominant position to tweak its search results to favor its own sites. The U.S. Department of Justice is considering whether to launch an official antitrust suit, while the EU is mulling over a decision in the wake of its own investigation.

A lawsuit ya gotta love... How lonely is this guy...
… Sora, who has more than 333K Twitter followers, is a bit of a Twitter siren it seems. The actress is famous in China, where Twitter is blocked. Sora is so popular that when she launched her Twitter account in April, it caused an "instant online reaction," Chinese news blog Danwei reported. Some questioned whether it really was Sora, and fans reportedly shared software that allowed them to access the blocked site.

That is not how “good cop, bad cop” is supposed to work.
Twitter complies with Va police request, but moves to quash a NY subpoena
May 8, 2012 by Dissent
AP/WAVY report that Twitter has turned over user info on four accounts that authorities suspect may be linked to an April 14 attack in which reporters were assaulted: obtained the police search warrants requesting posts and personal information from the Twitter accounts, including the users’ location and email addresses. The warrants note Twitter has complied with the request and sent the information.
Detectives say several Twitter postings afterward mentioned the incident. The search warrant states that Twitter users @MzDenisee, @Cooke2x, @POTENTDAPLUG, and @PINK_boyshorts posted several comments in reference to a “Caucasian male being assaulted on Church Street.”
Read more on WAVY. More background on the case can be found in yesterday’s Virginian-Pilot. So far, I’ve not found a copy of the warrant online.
In a different case where no warrant was issued, Twitter has filed a memorandum in support of Malcolm Harris’s motion to quash the subpoena for their records him. PrivacySOS has a nice summary of the three points Twitter raises in its memorandum, but basically, one of their points is that if the NY DA’s office is serious about getting the data, they should have provided a warrant or complied with California law. Previous coverage on this blog of the Malcolm Harris/Twitter case linked from here.

So help me with this legal opinion. If at first you don't succeed: no crime? Doesn't that kind of invalidate Attempted Murder, etc.?
Company asks court to reinstate $459 million judgment in junk fax lawsuit
May 8, 2012 by Dissent
Bill Rankin reports:
On Monday, the Georgia Supreme Court heard arguments as to whether that ruling [against American Home Services] should stick. The court is reviewing a decision issued a year ago by the state Court of Appeals that overturned the trial judge’s decision. The appeals court said what mattered was how many faxes were received, not the number of faxes sent on behalf of American Home Services.
Read more on AJC.
I finally got some relief from the junk faxes received at my office. Of course, the downside is that the fax machine no longer works at all, but at least I don’t get junk faxes.

FTC: We claim 'success in retrospect!' (Is this one of those “we used to be in compliance” cases?)
Myspace Settles FTC Charges That It Misled Millions of Users About Sharing Personal Information with Advertisers
May 8, 2012 by Dissent
Social networking service Myspace has agreed to settle Federal Trade Commission charges that it misrepresented its protection of users’ personal information. The settlement, part of the FTC’s ongoing efforts make sure companies live up to the privacy promises they make to consumers, bars Myspace from future privacy misrepresentations, requires it to implement a comprehensive privacy program, and calls for regular, independent privacy assessments for the next 20 years.
The Myspace social network has millions of users who create and customize online profiles containing substantial personalized content. Myspace assigns a persistent unique identifier, called a “Friend ID,” to each profile created on Myspace. A user’s profile publicly discloses his or her age, gender, profile picture (if the user chooses to include one), display name, and, by default, the user’s full name. User profiles also may contain additional information such as pictures, hobbies, interests, and lists of users’ friends.
Myspace’s privacy policy promised it would not share users personally identifiable information, or use such information in a way that was inconsistent with the purpose for which it was submitted, without first giving notice to users and receiving their permission to do so. The privacy policy also promised that the information used to customize ads would not individually identify users to third parties and would not share non-anonymized browsing activity.
Despite the promises contained in its privacy policy, the FTC charged, Myspace provided advertisers with the Friend ID of users who were viewing particular pages on the site. Advertisers could use the Friend ID to locate a user’s Myspace profile to obtain personal information publicly available on the profile and, in most instances, the user’s full name. Advertisers also could combine the user’s real name and other personal information with additional information to link broader web-browsing activity to a specific individual. The agency charged that the deceptive statements in its privacy policy violated federal law.
In addition, Myspace certified that it complied with the U.S.-EU Safe Harbor Framework, which provides a method for U.S. companies to transfer personal data lawfully from the European Union to the United States. As part of its self-certification, Myspace claimed that it complied with the Safe Harbor Principles, including the requirements that consumers be given notice of how their information will be used and the choice to opt out. The FTC alleged that these statements were false.
The proposed settlement order bars Myspace from misrepresenting the extent to which it protects the privacy of users’ personal information or the extent to which it belongs to or complies with any privacy, security or other compliance program, including the U.S.-EU Safe Harbor Framework. The order also requires that Myspace establish a comprehensive privacy program designed to protect consumers’ information, and to obtain biennial assessments of its privacy program by independent, third-party auditors for 20 years.
Source: FTC
Related: In the Matter of Myspace LLC FTC File No. 102 3058

What the smart kids are thinking/talking about?
Memes Are People Too: Meet the Viral-Video Stars of ROFLCon
The "ROFL" in "ROFLCon" is an outdated web acronym -- Rolling on the Floor Laughing -- basically an old-timey way of saying "LOL." ROFLCon uses it ironically. The vintage webspeak is characteristic of the event -- a conference that is equally concerned with the past, present, and future of Internet culture. The two-day event, held at MIT last weekend, combined the best elements of a fan convention with a truly academic conference. Don't let the goofy names of panels, like "Adventures in Aca-meme-ia," fool you; the featured panelists and giddy audience members were all too eager to dive into serious discussion.
… Topics ranged from how people in China use visual humor to evade censorship ("Global Lulzes"), to what to do when a YouTube video of your kid suddenly goes viral ("Honey I Memed the Kids!"). Amid the chaos, a central issue took shape; web video is radically reshaping pop culture.

(Related, possibly redundant)
Are LOLCats Making Us Smart?
What could possibly be said of LOLCats that is of any consequence at all? After all, LOLCats are nothing but pictures of cats with silly captions that defy conventional rules of spelling and grammar. What do they matter?
They don't. Or at least, the content -- the "what" -- of LOLCats doesn't much matter. But the *why* of LOLCats has proved to be rich terrain for Kate Miltner who received her Master's Degree from the London School of Economics for her dissertation on the appeal of LOLCats (pdf) and spoke at ROFLCon ...[When I tried to read her dissertation, I got this message: “This account's public links are generating too much traffic and have been temporarily disabled!” no doubt proving that this is serious academic stuff! Bob]

Think the country will collapse?

Perspective Also consider: Paul David's “The Dynamo and the Computer” Owning a technology does not insure “Best Use” of a technology.
Are Smart Phones Spreading Faster than Any Technology in Human History?
Presented below is the U.S. market penetration achieved by eight technologies since 1876, the year Alexander Graham Bell patented the telephone. Penetration rates have been organized to show three phases of a technology's spread: traction, maturity, and saturation.
… These figures show that smart phones, after a relatively fast start, have also outpaced nearly any comparable technology in the leap to mainstream use. It took landline telephones about 45 years to get from 5 percent to 50 percent penetration among U.S. households, and mobile phones took around seven years to reach a similar proportion of consumers. Smart phones have gone from 5 percent to 40 percent in about four years, despite a recession. In the comparison shown, the only technology that moved as quickly to the U.S. mainstream was television between 1950 and 1953.
… In 1982, there were 4.6 billion people in the world, and not a single mobile-phone subscriber. Today, there are seven billion people in the world—and six billion mobile cellular-phone subscriptions. As with many technologies, the explosion began in the world's most developed countries.
… According to the International Telecommunications Union, in 2001 the developed world had six times as many mobile subscriptions per capita as the developing world. By 2011, that gap had collapsed to just 50 percent more phones per capita, and it continues to narrow substantially. Of the world's six billion mobile-phone subscriptions, 73 percent are now in the developing world, even though those countries account for just 20 percent of the world's GDP.

Probably not an ADA issue, but one my students need to be aware of?
Why you might really, actually be addicted to Facebook
Once a simple place for college friends to connect, Facebook has become the crack of the Internet, beckoning us at all hours of the day to check in on our friends and share the minutia of our daily lives.

Definitely one for my students!
MakeUseOf Answers needs your help to solve all of the tough tech questions we receive! We reward your expertise with prizes of up to $50 for the Best Answer of the Week. Solve one of these questions to enter the contest…

Another student tool...
If you are thinking of starting a study group online then you should try out Thinkbinder. This website builds a social-like platform for study groups to share files, post ideas and status updates, collaborate, and just keeping in touch.
Creating a study group with Thinkbinder takes less than a minute. Then, you will find a dashboard where you can post your news feeds, upload files, and share ideas on a whiteboard. You can invite friends through e-mail and once they are all in, you can collaborate through video chat, private messages, and more. Anyone can join the group as long as they know the code to your study group.
Similar Tools: OpenStudy, P2PU, and Khan Academy.

...and yet another Student tool. I had some trouble getting it to work, but if it selects and categorizes videos, this might be just what I've been looking for.
Last week I received an email from the creators of a service called Zendo that I had reviewed last winter. They wrote to inform me that they have rebranded and changed their product into a new service called Study Egg.
Study Egg is a service that is offering quizzes based on video lessons from Khan Academy, MIT Open Courseware, and TED Ed. The premise is quite simple. Pick a topic that you want to learn about in the library of videos. Each video has a a series of questions attached to it. When you answer a question Study Egg will immediately indicate if you answered correctly or not.

No comments: