Saturday, February 18, 2012
They really really don't like these guys... The hype is going to make it hard to use this as a case study... How many babies are being tossed out with the bathwater?
Feds Seize $50 Million in Megaupload Assets, Lodge New Charges
The authorities said Friday they have seized $50 million in Megaupload-related assets and added additional charges in one of the United States’ largest criminal copyright infringement prosecutions.
… The government said the site, which generated millions in user fees and advertising, facilitated copyright infringement of movies “often before their theatrical release, music, television programs, electronic books, and business and entertainment software on a massive scale.” The government said Megaupload’s “estimated harm” to copyright holders was “well in excess of $500 million.”
Megaupload was on the recording and movie industries’ most-hated lists, [Ah! That explains it! Bob] often being accused of facilitating wanton infringement of their members’ copyrights. The indictment claims Megaupload induced users to upload copyrighted works for others to download, and that it often failed to comply with removal notices from rights holders under the Digital Millennium Copyright Act.
New charges (.pdf) levied Friday allege that Megaupload falsely represented to rights holders that it had removed infringing works from its servers.
… The government, meanwhile, also said Friday that, despite claims of having 180 million registered users, the site had 66.6 million. The authorities said that 5.86 million of these registered users uploaded files, “demonstrating that more than 90 percent of their registered users only used the defendant’s system to download.”
Still, anyone who used Megaupload as a way to share and store legitimate files is now likely never going to be able to get them back.
"The federal government has been paying lip service to the idea that it wants to encourage new businesses and startups in the U.S. And this is truly important to the economy, as studies have shown that almost all of the net job growth in this country is coming from internet startups. ... With the JotForm situation unfolding, where the U.S. government shut down an entire website with no notice or explanation, people are beginning to recognize that the U.S is not safe for internet startups. Lots of folks have been passing around [a] rather reasonable list of activities for U.S.-based websites."
Was there any evidence of a crime before the warrants were issued? My little non-lawyer mind thought that you had to assert or show the judge some evidence in order to get the warrant. Is the DA saying he can't prove fraud without the laptop?
Feds Urge Court to Reject Laptop Decryption Appeal
The government is urging a federal appeals court not to entertain an appeal from a bank-fraud defendant who has been ordered to decrypt her laptop so its contents can be used in her criminal case.
Colorado federal authorities seized the encrypted Toshiba laptop from defendant Ramona Fricosu in 2010 with valid court warrants while investigating alleged mortgage fraud, and demanded she decrypt it.
Ruling that the woman’s Fifth Amendment rights against compelled self-incrimination would not be breached, [If in fact the decryption provides evidence of another crime, does this mean she has immunity? Bob] U.S. District Judge Robert Blackburn ordered the woman in January to decrypt the laptop by the end of February. The judge refused to stay his decision to allow Fricosu time to appeal.
The Colorado woman’s attorney appealed anyway, and the government on Thursday asked the 10th U.S. Circuit Court of Appeals to reject the petition that asserts the woman’s constitutional rights would be breached by being forced to hand over evidence against herself.
The government argued the same reasons that Judge Blackburn gave when he denied staying his decision: The issue, however novel, was not ripe for appeal.
Generally, appellate courts frown on taking cases until after there’s been a verdict. So the woman, the government said, should unlock the drive and appeal if she gets convicted of the financial fraud charges, which theoretically carry decades in prison.
Fricosu, prosecutor Patricia Davies wrote, “can appeal her conviction — just as defendants do when compelled to produce documents pursuant to subpoena or when denied suppression of evidence or statements pre-trial.”
Davies also said Fricosu’s reasons for appealing are legally baseless.
“Fricosu argues that the order is appealable because of its novelty, and the fact that it is of public interest and importance,” Davies wrote (.pdf) “But courts have properly rejected the claim that otherwise non-final orders should be reviewed on such grounds.”
A “real world” example for my Statistics students.
"For decades, Target has collected vast amounts of data on every person who regularly walks into one of its stores. Now the NY Times Magazine reports on how companies like Target identify those unique moments in consumers' lives when their shopping habits become particularly flexible and the right advertisement or coupon can cause them to begin spending in new ways. Among life events, none are more important than the arrival of a baby, and new parents are a retailer's holy grail. In 2002, marketers at Target asked statisticians to answer an odd question: 'If we wanted to figure out if a customer is pregnant, even if she didn't want us to know, can you do that?' Specifically, the marketers said they wanted to send specially designed ads to women in their second trimester, which is when most expectant mothers begin buying all sorts of new things, like prenatal vitamins and maternity clothing. 'We knew that if we could identify them in their second trimester, there's a good chance we could capture them for years,' says statistician Andrew Pole. 'As soon as we get them buying diapers from us, they're going to start buying everything else too.' As Pole's computers crawled through the data, he was able to identify about 25 products that, when analyzed together, allowed him to assign each shopper a 'pregnancy prediction' score and he soon had a list of tens of thousands of women who were most likely pregnant. About a year after Pole created his pregnancy-prediction model, a man walked into a Target outside Minneapolis and demanded to see the manager. He was clutching coupons that had been sent to his daughter, and he was angry. 'My daughter got this in the mail!' he said. 'She's still in high school, and you're sending her coupons for baby clothes and cribs? Are you trying to encourage her to get pregnant?' The manager apologized and then called a few days later to apologize again but the father was somewhat abashed. 'It turns out there's been some activities in my house I haven't been completely aware of. She's due in August. I owe you an apology.'"
"In order to protest the government's new Internet snooping legislation, some Canadians have started a somewhat unorthodox protest. Vic Toews, the minister responsible for tabling the legislation, has had his twitter account bombarded with tweets regarding the boring, banal aspects of regular Canadians' lives. The idea is that since Toews wants to know everything about your personal life, we should oblige him and #TellVicEverything."
Ethical Hackers Be careful what you say. But, don't get too excited, until we figure out what is going on...
Goldman Sachs Code-Theft Conviction Reversed
A federal appeals court on Friday reversed the conviction of a former Goldman Sachs programmer sentenced to eight years for stealing the bank’s high-speed trading software.
Sergey Aleynikov, 41, was convicted in 2010 of theft of trade secrets under the Economic Espionage Act.
… The 2nd U.S. Circuit Court of Appeals heard his appeal on Thursday, and hours later and without explanation, reversed the 2010 conviction and ordered him acquitted, which usually forbids a retrial. On Friday, however, the court issued an amended order. It reversed the conviction, and ordered him free on $750,000 bond but removed the acquittal language. The appeals court said it would issue an opinion explaining the order in “due course.” (.pdf)
The New York Times summed up the court’s concerns during Thursday’s oral arguments. The paper noted that a critical issue was whether what he did was actually a crime under the Economic Espionage Act, which requires the theft to be from a “product designed for interstate commerce.” [Perhaps they told the court that the software was not intended to be used anywhere but on their NY trading desk? Bob] Aleynikov’s lawyers took the position that the software wasn’t used in interstate commerce, while the feds argued that it clearly was.
Is this removing laws intended for a monopoly industry?
"There is a bill pending in the Kentucky State Senate that would eliminate almost all Public Service Commission oversight over local phone companies. Written by AT&T lobbyists, SB135 is being pushed by the phone companies as a 'modernization' of rules. It would keep the PSC from investigating phone service on its own and eliminate rules concerning price discrimination, price increases, required published rates, and performance objectives. It also will prevent any state agency from imposing net neutrality, and will enable phone companies to use the fact that there are cell phones to refuse to run a land line. The text of the bill is available online."
I still think this is a bad idea. “When information is outlawed only outlaws will have information”
"A spokesman for the World Health Organization announced that an agreement had been reached, after a debate, to keep details secret of the controversial work about the highly pathogenic H5N1 avian flu virus until deeper risk analyses have been carried out. The scientists who made the study, led by Ron Fouchier, still want to release the full paper at some future date for public viewing, but for the time being, the NSABB got what it wanted."
The moratorium will be extended "probably for several months."
Now this is a great idea for my Computer Security students! (This was part of a Doctoral student's research)
"Students at the University of Twente have stolen thirty laptops from various members of the university's staff. They were not prosecuted for this, so they could just get on with their studies. Indeed, these students even received ECTS credits for these thefts. UT researcher Trajce Dimkov asked the students to steal the machines as part of a scientific experiment. Stealing these laptops turned out to be a pretty simple matter."
Friday, February 17, 2012
They seem to have noticed that the “operators of online services” are not doing what they are required by law to do, so think of this as a sort of heads up that the FTC is thinking about considering a timetable to start planning future research into possibly doing their job!
FTC Report Raises Privacy Questions About Mobile Applications for Children
From the FTC:
The Federal Trade Commission today issued a staff report showing the results of a survey of mobile apps for children. The survey shows that neither the app stores nor the app developers provide the information parents need to determine what data is being collected from their children, how it is being shared, or who will have access to it.
… According to the FTC report, Mobile Apps for Kids: Current Privacy Disclosures Are Disappointing, in 2008, smartphone users could choose from about 600 available apps. Today there are more than 500,000 apps in the Apple App Store and 380,000 in the Android Market. “Consumers have downloaded these apps more than 28 billion times, and young children and teens are increasingly embracing smartphone technology for entertainment and educational purposes.”
… The report notes that mobile apps can capture a broad range of user information from a mobile device automatically, including the user’s precise geolocation, phone number, list of contacts, call logs, unique identifiers, and other information stored on the device.
… “In most instances, staff was unable to determine from the information on the app store page or the developer’s landing page whether an app collected any data, let alone the type of data collected, the purpose for such collection, and who . . . obtained access to such data.”
… The report notes that more should be done to identify the best way to convey data practices in plain language and in easily accessible ways on the small screens of mobile devices.
… The FTC enforces the Children’s Online Privacy Protection Rule. The Rule requires operators of online services, including interactive mobile apps, to provide notice and get parental consent prior to collecting information from children under 13. The report says in the next 6 months, FTC staff will conduct an additional review to determine whether some mobile apps were violating COPPA.
(Related) Think of the information gathered as e-Gold and ask yourself if you would throw it back into the stream...
Google Circumvents Safari Privacy Protections – This is Why We Need Do Not Track
Peter Eckersley, Rainey Reitman, and Lee Tien and write:
Earlier today, the Wall Street Journal published evidence that Google has been circumventing the privacy settings of Safari and iPhone users, tracking them on non-Google sites despite Apple’s default settings, which were intended to prevent such tracking.
This tracking, discovered by Stanford researcher Jonathan Mayer, was a technical side-effect—probably an unintended side-effect—of a system that Google built to pass social personalization information (like, “your friend Suzy +1′ed this ad about candy”) from the google.com domain to the doubleclick.net domain. Further technical explanation can be found below.
Coming on the heels of Google’s controversial decision to tear down the privacy-protective walls between some of its other services, this is bad news for the company. It’s time for Google to acknowledge that it can do a better job of respecting the privacy of Web users.
Read more on EFF.
Apparently an Industry Best (most profitable?) Practice
Twitter stores full iPhone contact list for 18 months, after scan
David Sarno reports:
Twitter Inc. has acknowledged that after mobile users tap the “Find friends” feature on its smartphone app, the company downloads users’ entire address book, including email addresses and phone numbers, and keeps the data on its servers for 18 months. The company also said it plans to update its apps to clarify that user contacts are being transmitted and stored.
Of course, I have been advocating for a long time that Twitter (and other companies) should not retain PII for so long. They are setting themselves up as a more desirable resource for law enforcement and putting our privacy at greater risk of government intrusion or hacking.
I suspect the Police are getting software tools, training and even manpower from the Copyright Corps. (Or they have been training the cops to make up facts to support their assertions.)
"Following its takedown earlier this week of the music blog RnBXclusive, the UK's Serious Organised Crime Agency (SOCA) has claimed that "a number of site users have deleted their download histories" in response. Given that the site didn't host copyright-infringing files itself, how do they know? We've asked, but SOCA refuses to discuss its methods. A security expert has pointed out that, if they were hacking using Trojans, the police would themselves have been breaking the law. Added fun fact: SOCA readily admits that the scare message it showed visitors to the taken-down site was written 'with input from industry.'"
I was impressed, until I realized...
Lawmaker Demands DHS Cease Monitoring of Blogs, Social Media
Rep. Jackie Speier (D-California) said Thursday she wants the Department of Homeland Security to cease its social-media and news-monitoring operation.
Speaking at a Homeland Security subcommittee hearing, the California lawmaker said she was “outraged” that the agency has hired a contractor to review a variety of social networking sites, including Facebook and Twitter, and that General Dynamics is being tasked with reviewing news sources, blogs and their bylines for all types of articles, including those containing anti-American sentiment and reaction to policy proposals.
“This should not be a political operation,” she said.
(Related) ...they were just changing agencies. DHS attracts bad publicity, NSA is better at keeping covert.
McCain: Cybersecurity Bill Ineffective Without NSA Monitoring the Net
After three years of haggling to produce bipartisan cybersecurity legislation that addresses the security of the nation’s critical infrastructure systems, the Senate finally got a bill this week that seemed destined to actually pass.
That is, until a hearing on Thursday to discuss the bill in which Sen. John McCain (R-Arizona) sideswiped lawmakers behind the proposed legislation and announced that he, and seven other Senate ranking members, were opposed to the bill and would be introducing a competing bill in two weeks to address failings they see in the legislation.
McCain and his colleagues oppose the current bill on the grounds that it would give the Department of Homeland Security regulatory authority over private businesses that own and operate critical infrastructure systems and that it doesn’t grant the National Security Agency, a branch of the Defense Department, any authority to monitor networks in real-time to thwart cyberattacks
This can't be true, can it? Can the Teacher Gestapo search your child's Roy Rogers lunch box and force her to eat something your dietician didn't prescribe? Could they force the child to skip a meal?
Parents are ignorant serfs. Only the government knows what is best. “Ja, ve have rules und they must be enforced!”
"A North Carolina mom is irate after her four-year-old daughter returned home late last month with an uneaten lunch the mother had packed for the girl earlier that day. But she wasn't mad because the daughter decided to go on a hunger strike. Instead, the reason the daughter didn't eat her lunch is because someone at the school determined the lunch wasn't healthy enough and sent it back home. What was wrong with the lunch? That's still a head-scratcher because it didn't contain anything egregious: a turkey and cheese sandwich, banana, potato chips, and apple juice. But for the inspector on hand that day, it didn't meet the healthy requirements."
[From the article:
See, in North Carolina, all pre-Kindergarten programs are required to evaluate the lunches being provided and determine if they meet USDA nutrition guidelines. If not, they must provide an alternative.
But that’s not the worst of it. Instead of being given a salad or something really healthy, the girl was given chicken nuggets instead. On top of it, her mother was then sent a bill for the cafeteria food.
… But what was so wrong with the lunch the mother provided? Nothing apparently. A spokesowman for the Division of Child Development explained that the mother’s meal should have been okay.
… The school denied knowledge of the incident and said it’s looking into it.
Interesting question for debate with absolutely no help from the comments... How do you value digital assets? (Are they worth the paper they're not printed on?)
"I am a long time Slashdotter and currently find myself in the beginning of a divorce process. How have you dealt with dispersing of shared data, accounts and things online in such a situation? Domains, hosting, email, sensitive data backups and social media are just a few examples."
Chart: In Four Years, Apple Sold More iPhones Than All Macs Ever
Play in the Cloud!
Free OpenStack Time: What Gives?
How does free cloud compute time on a virtual machine with an available 156 cores, 1040GB memory and 59.1 TB of disk storage running the latest OpenStack release, Del PowerEdge C6100 and C6105 servers and libvirt/KVM sound?
You guessed it: There’s a catch. With the new OpenStack promo service TryStack, free time is limited like on-demand movie from the cloud — that’s 24 hours to watch this feature film before a script wipes out your TryStack existence.
So who and what is this for?
Rule No. 1: Remember that TryStack is designed exclusively as a testing sandbox. We wanted a fast, easy way for developers to test code against a real OpenStack environment, without having to stand up hardware themselves. It probably goes without saying that this is not the place for production code – you should host only test code and test servers here. In fact, your account on TryStack will be periodically wiped to help make sure no one account tries to rule tyrannically over our democracy. Play nice in the sandbox!
More eBook publishing options surface...
Online blogging platforms do a wonderful job of letting you write an online diary. But what if you are an aspiring author looking for a way to write an entire book online? What you will need is a web service that organizes the chapters in your books and lets visitors comfortably go through them. This is precisely what Pandamian offers.
… Your book is published under a unique URL that you can share with others. Visitors to your book’s pages and chapters can leave their comments. The stats about your books, chapters, and comments appear under your Dashboard.
Also read related articles:
Try a search for your favorite topic...
Aspdf.com is a website where you can find every kind of PDF files to download or view online. The site contains mainly user guides, owner manuals, tutorials and other "how tos". If you need instructions on how to perform some technical activity, whether it is building a desk for your garden or installing some computer software, you will probably find a related instruction booklet to help you out.
What technology should I teach?
BuiltWith Reveals The Tech Used By The 130 Million Web Sites That Matter Most
Search engines like Google scour the web to figure out how to rank content. Measurement firms like comScore sample users to estimate traffic to web sites. But what if you want to know which of some 2000 technologies a web site is using? And, what if you want to know what the tech trends are across the 130 million largest sites on the web today?
You could just dig through the source code for each site you’re interested in to answer these questions piecemeal, or you could repurpose other web site profilers designed for search engine optimization or other jobs.
Or, you could use BuiltWith.
The five year-old bootstrapped startup, built by one-man team Gary Brewer in Australia, looks at the publicly available code for each site, and figures out each piece of technology that it’s using.
Thursday, February 16, 2012
“We need to prepare the next generation to submit to authority anywhere at any time! i.e. prepare them for their lives as second class citizens.”
Student sues Ga. school district over strip search
February 15, 2012 by Dissent
Greg Bluestein of Associated Press reports:
A Georgia middle school student claimed in a lawsuit Wednesday he was humiliated and traumatized when he was brought to a vice principal’s office and forced to strip in front of classmates who said he had marijuana.
The student, then in the seventh-grade, said he still suffers from emotional distress because his classmates taunted him by calling him Superman, the underwear he was wearing when he was strip-searched. The student is suing the Clayton County school district for unspecified punitive and compensatory damages.
Read more on WTOP.
This is the second strip search case in the news this week. On Monday, the North Carolina Supreme Court heard oral arguments in another such case, although there are significant differences. In the North Carolina case, there was no specific suspicion of the student and all female students had to hook their thumb under their bras to pull the bra away from their bodies to see if pills fell out. In this case, a student was strip-searched in front of peers. In both cases, though, schools will argue that they are entitled to search students because they have a duty to keep schools safe and students have less expectation of privacy.
But is this really what we want to teach our children – that they have to strip on the say-so of any authority figure? I don’t think so. And I wish the courts were more inclined to recognize that students do have a right to privacy and that schools have gone too far.
Will this thinking ever come to America?
EU court: Social networks can't be forced to monitor users
The European Court of Justice ruled today that forcing social networks to install monitoring systems just to see if users are illegally downloading copyrighted material creates a "complicated" and "costly" burden on the sites for little or no upside. It was also concerned about the privacy of user data.
(Related) This almost certainly will come to America.
asto21 writes with this excerpt from The Indian Express:
"As per amendments made to operators' licences, beginning May 31, operators would have to provide the Department of Telecommunications real-time details of users' locations in latitudes and longitudes. Documents obtained by The Indian Express show that details shall initially be provided for mobile numbers specified by the government. Within three years, service providers will have to provide information on locations of all users. The information will have some margin of error at first. But by 2013, at least 60 per cent of the calls in urban areas would have to be accurately tracked when made 100 metres away from the nearest cell tower. By 2014, the government will seek to increase the proportion to 75 per cent in cities and 50 per cent in suburban and rural areas."
No push-back? (Monsanto caused my crops to mutate into Franken-food!)
"Monsanto went after hundreds of farmers for infringing on their patented seed after audits revealed that their farms had contained their product — as a result of routine pollination by animals and acts of nature. Unable to afford a proper defense, competing small farms have been bought out by the company in droves. As a result, Monsanto saw their profits increase by the hundreds of millions over the last few years as a result. Between 1997 and 2010, Monsanto tackled 144 organic farms with lawsuits and investigated roughly 500 plantations annually during that span with a so-called 'seed police.'"
Will the “resolutions” be worded neutrally?
suraj.sun writes with a link about a SEC decision that telecommunications companies must give shareholders an annual vote on wireless net-neutrality resolutions.
"The U.S. Securities and Exchange Commission has told AT&T and other telecommunications companies they must include a resolution supporting wireless net-neutrality in annual shareholder votes. In a letter posted on the SEC website, the agency asserted that net neutrality — the idea that Internet service providers must treat traffic equally — has become a significant policy consideration and can no longer be excluded from shareholder ballots. AT&T, Verizon and Sprint Nextel must now grant shareholder requests for votes this year on resolutions that would support net neutrality. In view of the sustained public debate over the last several years concerning net neutrality and the Internet and the increasing recognition that the issue raises significant policy considerations, we do not believe that AT&T may omit the proposal from its proxy materials, the SEC said in the Feb. 10 letter."
This is interesting...
"HP reversed its decision to spin off its PC business, but it's still left with the question of how to make money in a commodity business selling standard-issue machines manufactured overseas. One idea they're contemplating: improved customer service. If you buy an HP 'Elite' PC and have problems, you won't have to phone into a tech support call center where an entry-level drone reads off a script and tells you to reboot the machine; you'll have access to a specific support tech who will work with you as long as you own the computer."
A rather laid back, but interesting talk...
The Future of Reading, From Avant-Garde Poetry to Sportscenter
On Tuesday, I gave a keynote address at the O’Reilly Tools of Change (TOC) conference on the future of publishing.
Another e-textbook vision...
Nature Publishing Group Officially Launches New Interactive Textbook
Last spring I wrote about Nature Publishing Group’s plan for a $49 electronic textbook packed with interactivity and unlimited content updates for life. The original publication date was scheduled for September 1, 2011, but for a variety of reasons the release was pushed back. Today marks the official launch of “Principles of Biology”.
This book is “born digital”, according to Vikram Savkar, SVP & Publishing Director at Nature Publishing Group, and is the first in a line of texts that NPG plans to release for the life and physical sciences. It’s not an e-book or fancy PDF, but a dynamic interactive website that can be customized by the instructor, contains built-in assessments that students can take, and works appropriately on any device that can access it: desktop, tablet, or phone.
Perhaps I should file this under “Tools for Teaching when you are Hungover?”
Chill is a free service for creating and sharing collections of your favorite videos from YouTube, Vimeo, VEVO, and Hulu. Chill is kind of like Pinterest for videos. Using Chill you can add videos with your comments to categories that you create. Your videos appear like sticky notes on a wall. Chill allows you to follow other Chill users to discover and share new videos.
Applications for Education
For teachers looking for new video content to use in their classroom, Chill could be a place to find that content. Or if you're just looking for a better way to organize the videos that you find online, Chill could be the solution for you.
Wednesday, February 15, 2012
“Here at the Fulla Bologna Institute we asked many (Okay, two) interns to carefully consider the question: Are we wrong, or would you like to keep working here? They assured us we were never wrong.”
FBI says social media monitoring won’t infringe privacy rights
Jaikumar Vijayan reports:
The FBI today said that its proposed plans to monitor social media sites as part of a broader strategy to improve real-time situation awareness will be fully vetted by the agency’s Privacy and Civil Liberties Unit.
The unit will review the legal implications of the monitoring application and ensure that it meets all privacy and civil rights obligations before it is implemented, the agency said in a statement emailed to Computerworld “Although the FBI has always adapted to meet changes in technology, the rule of law, civil liberties, and civil rights, will remain our guiding principles,” the agency said.
Read more on Computerworld.
Oh, well then, I’m totally reassured. I mean, it’s not like the FBI ever violated civil liberties while adhering to those same guiding principles, right?
(Related) “We're an agency guided by the motto: 'What Would J Edgar Do?'”
Feds Argue Using a Fake Name Can Deprive You of Rights
Jennifer Valentino-DeVries reports:
Does using a fake name when you sign up for a cellphone plan mean the government can get information from your phone without a warrant?
That’s one argument the Department of Justice is making in an Arizona case – that using a false name is fraud and means you don’t have a reasonable expectation of privacy.
Such a stance might raise questions about the widespread practice of using pseudonyms to sign up for services online. But legal experts said it’s unlikely a court would take the argument that far.
Read more on Wall Street Journal.
So let’s review. The government generally maintains that you have no reasonable expectation of privacy when you give your information to a third party. But if you try to protect your privacy by using a pseudonym, then you definitely have no reasonable expectation of privacy? I see….
(Related) The finest investigative agency in the world took months to find some of these inaccuracies? Have they tried Wikipedia? “Of course, we have backups...”
FBI Purges Hundreds of Terrorism Documents in Islamophobia Probe
… The bureau disclosed initial findings from its months-long review during a meeting at FBI headquarters on Wednesday with several Arab and Muslim advocacy groups, attended by Director Robert Mueller. So far, the inquiry has uncovered and purged over 700 pages of documentation from approximately 300 presentations given to agents since 9/11 — some of which were similar to briefings published by Danger Room last year describing “mainstream” Muslims as “violent.” And more discoveries may be forthcoming, as the FBI continues its inquiry and responds to Freedom of Information Act requests for the documents themselves.
I'm sure they'll say they don't check for “privacy”
"In the wake of news that the iPhone app Path uploads users' entire contact lists without permission, Forbes dug up a study from a group of researchers at the University of California at Santa Barbara and the International Security Systems Lab that aimed to analyze how and where iPhone apps transmit users' private data. Not only did the researchers find that one in five of the free apps in Apple's app store upload private data back to the apps' creators that could potentially identify users and allow profiles to be built of their activities; they also discovered that programs in Cydia, the most popular platform for unauthorized apps that run only on 'jailbroken' iPhones, tend to leak private data far less frequently than Apple's approved apps. The researchers ran their analysis on 1,407 free apps (PDF) on the two platforms. Of those tested apps, 21 percent of official App Store apps uploaded the user's Unique Device Identifier, for instance, compared with only four percent of unauthorized apps."
See? It's not as simple as it sounds...
Facebook have been under pressure in recent years from all angles to make privacy options simpler and quick to change. They’ve actually done quite well at this, considering how complicated the Facebook privacy system is overall. However, for those of us who understand the privacy controls well, there are a number of things Facebook could implement to improve the effect of privacy controls.
… Current Situation: One Tag Privacy Setting For All Posts
At the moment, Facebook allows you to limit who can see posts and photos you’re tagged in on your timeline using friends lists (if you go into Privacy > How Tags Work and change your maximum visibility – Read the Facebook Privacy Guide to learn about friends lists). It also allows you to veto the tags before other people see them. So most sensible people use a combination of these tools to ensure workmates and grandparents don’t see drunken party photos.
But this is still very limited, since that tag privacy setting is set just once for everything you’re tagged in, including photos and location posts (once enabled). Any other privacy controls on those photos are controlled by other people.
In American politics, only the minority (loser) party is allowed to propose changes hat will never be adopted.
February 14, 2012
Pew Report - Evidence That America’s Voter Registration System Needs an Upgrade
"Approximately 24 million active voter registrations in the United States are no longer valid or have significant inaccuracies, according to the Pew Center on the States. Research in Pew's report, Inaccurate, Costly, and Inefficient, underscores the need for registration systems that better maintain voter records, save money, and streamline processes. This is an effort that eight states are spearheading with Pew’s support."
Faster, cleaner reading on the Internet.
The market for clutter-free reading on the web seems to be growing by leaps and bounds. Instapaper and Readability are already fighting for dominance and suddenly we see Evernote jumping into the fray out of nowhere. It has launched a Chrome extension called Clearly that basically does the same thing – clearing the clutter from a webpage and presenting only the main text and images – albeit with more options. It allows you to select smaller or larger fonts, has three themes (grey background, white background etc) and of course, the clip to Evernote option which could steal the show.
Similar tools: TextOnly, Links In Text-Only Mode, NotForest, Readmeo, TidyRead, Readability, Readable, and AllTextPaper.
Yes, it's shameless self-promotion, and it works! (I got my free copy...)
How to profit from the social-media 'Storyteller Uprising'
His 2011 book, Storyteller Uprising: Trust & Persuasion in the Digital Age," is a must-read for anyone trying to understand the changing world around us, especially anyone who's got an idea, product or service to sell--which is anyone in any kind of business.
Having great content or a high-quality product isn't enough. You have to know how to use digital and social media to get it in front of people and then get them to share it with others.
Even the way Hosein reached out to me is part of a smart digital strategy. Amazon is offering a short window in which the Kindle version is available at no charge, and he's using old-fashioned email, in addition to Facebook, Twitter, etc, to reach people who can get the word out for him.
The book is available, free, until 11:59 p.m. PT on Wednesday, Feb. 15 in the Kindle Store--and goes back to $8.99 after that.
'cause any of my readers can write a book. Think of a University-wide textbook collaboration...
At O'Reilly Media's Tools of Change for Publishing conference today in New York, the digital textbook app-maker Inkling unveiled Habitat, a platform whereby other publishers can tap into the Inkling technology and production infrastructure in order to create their own interactive e-books. Techcrunch's Rip Emerson has a good write-up of the news, something that he describes -- not surprisingly -- in light of Apple's recent textbook announcement.
… "To reinvent the book, you have to reinvent the printing press," he argued. Desktop publishing was the first step in doing just that, but even the shiniest of high-end software there hasn't really addressed some of the inefficiencies in the publishing system (handwritten comments on drafts, emailing massive files back and forth, and so on). The Habitat platform, which is just open to a few early adopters and should be open to more publishers later in the year, deals with both the production and the human processes that go into book-making -- managing the production team in a better cloud-based, collaborative environment.
But this isn't a DIY, self-publishing platform like iBooks Author, it's worth pointing out (although I suppose eventually Inkling could open it up to everyone).
… To learn more about Inkling Habitat and register for our Early Adopter Program, check out www.inkling.com/habitat.
Get Steven Hawking to narrate your slideshow?
Slides are the medium that most people default to when they need to give a presentation in person or over the web. When used correctly, slides are useful in helping you convey a message. The problem with most slide presentations is that there needs to be a speaker's voice attached to them to make them meaningful. Hello Slide is a tool that you can use to add voice narration to slides that you display online.
Hello Slide is different from services like Slideshare's Zipcast because instead of recording your voice you type what you want the narrator to say. Where you might type "speakers notes" in other slide programs, in Hello Slide you type out the narration. Hello Slide creates the audio and narrates your slides for you. While the voice is slightly robotic, it is much much better than most text to speech services.
To get started using Hello Slide, register for a free account, upload a PDF of your slides, then start typing your narration. It's very easy to use Hello Slide.
Tuesday, February 14, 2012
I suspect many companies will find they have been helping the competition...
Nortel hacked for years but failed to protect itself, report says
Citing an internal investigation by former Nortel systems security adviser Brian Shields, the Journal (subscription required) found that hackers apparently based in China carried on a decade-long campaign of stealing technical papers, R&D reports, employee e-mails, and other sensitive documents from the network company.
By grabbing just seven passwords from top Nortel execs back in 2000, the hackers managed to gain access to the company's network and remotely control personal computers by flooding them with spyware.
“We'll delete them long enough for them to check and assume we've deleted them permanently.”
Abine Files FTC Complaint Against BeenVerified For Not Keeping Deleted Profiles Deleted and Misusing Opt-Out Info
From the press release:
Abine, Inc., a leader in online privacy solutions for consumers announced today that is has filed a Federal Trade Commission (FTC) complaint against BeenVerified.com, one of the largest background check websites and data brokers. Abine has found that consumers who stated their preference to be removed using BeenVerified’s own opt-out system in fact showed up again in its online databases. Abine’s DeleteMe service, which is now fully available at Abine.com, provides consumers with a service to ensure their personal info stays off online databases. In the process of delivering this service, Abine verified these findings and sent them to the FTC.
For consumers to remove their information from BeenVerified, they must email BeenVerified their name (as shown on the site), age, current and previous addresses, and listed relatives. Abine’s subscription service, DeleteMe, sends this email on behalf of consumers to ensure their information is deleted and stays unavailable. In the process of delivering its DeleteMe service, Abine found that although BeenVerified temporarily deleted the consumer’s personal information from its database, they later republished it and sometimes included the updated information provided in the opt-out.
Abine estimates that there are more than 180 websites like BeenVerified, and most have different deletion procedures. These websites sell consumers’ personal information for employee background checks, marketing and advertising, personal uses (such as looking up an ex-spouse’s whereabouts), targeted advertising, and credit reporting, among other uses. Once this information is available, it can lead to identity theft, lost job opportunities, and physical safety threats, making it imperative that consumers have the ability to remove their own data if they choose to do so.
“Similar to the Do Not Call Registry, consumers should have the ability to request their personal information, like address, phone number, email address and more, be unlisted online, and they should be able to trust that their request is respected and fulfilled,” said Bill Kerrigan, CEO of Abine. “Our FTC complaint was filed on behalf of all consumers because we believe that they deserve control over their personal information online.”
BeenVerified states that it obtains its information from various government sources, including birth certificates, marriage licenses, divorce proceedings, child support orders, voter registrations, census questionnaires, credit cards, default student loans, corporate filings, lawsuits, mortgages, liens, other real estate transactions, criminal court records, speeding tickets, and immigration documents. It also sends people, referred to as “court runners,” to obtain information directly from courthouses.
“Approximately 40% of online searches are people-related searches,” said Kerrigan. “Data brokers have an immense amount of information on each of us and there need to be tools that give power back to consumers.”
Abine’s tools are designed to do just that. Specifically DeleteMe, currently available at Abine.com, deletes customers’ personal information from many of the largest people search websites that list it, including BeenVerified. The service then monitors the information online to ensure that it doesn’t return, and compiles the information found online in custom reports sent to customers every three months.
With recent funding from leading venture capital firms Atlas Ventures and General Catalyst Partners and an experienced executive team from the fields of online security and privacy, Abine is putting the most high-powered, yet consumer friendly, technology in the hands of consumers. Abine expects the number of consumers using privacy tools to better control the sharing of their personal information to increase by more than 100% in 2012.
A Grave New Threat to Free Speech From Europe
Jeffrey Rosen writes:
At the end of January, Viviane Reding, the European Commissioner for Justice, Fundamental Rights, and Citizenship, announced a sweeping new privacy right: the “right to be forgotten.” The proposed right would require companies like Facebook and Google to remove information that people post about themselves and later regret—even if that information has already been widely distributed. The right is designed to address a real and urgent problem in the digital age: It’s very hard to escape your past on the Internet now that every photo, status update, and tweet lives forever in the digital cloud. But the right to be forgotten takes a dangerously broad approach to solving the problem. In fact, it represents the biggest threat to Internet free speech in our time.
Read more on The New Republic.
[From the article:
In a widely cited blog post last March, Peter Fleischer, chief privacy counsel of Google, noted that the right to be forgotten, as discussed in Europe, can apply in three situations, each of which proposes progressively greater threats to free speech. The regulations that the European Commission proposed in January are troubling because they extend to all three.
The first category is the narrowest: “If I post something online, do I have the right to delete it again?”
… But the right to delete data becomes far more controversial when it involves the second category: “If I post something, and someone else copies it and re-posts it on their own site, do I have the right to delete it?”
… But the most serious concerns about free expression are raised by the third category of takedown requests: things other people post about us. The proposed European regulation treats takedown requests for truthful information posted by others identically to takedown requests for photos I’ve posted myself that have then been copied by others: Both are included in the definition of personal data as “any information relating” to me, regardless of its source. I can demand takedown, and the burden, once again, is on the social networking site or search engine to prove that it falls within the journalistic, artistic, or literary exception. This could transform Google, Yahoo, and other hosts of third party content into censors-in-chief for the European Union, rather than neutral platforms.
Does TSA have any incentive to install equipment like this? Banning liquids is cheap, testing them costs money.
"Besides having to remove our shoes, the volume limitations regarding liquids and gels in carry-on baggage has become a major hassle in the world of post 9-11 airport security. Hopefully, however, we may soon be able to once again bring our big bottles of water and tubes of toothpaste aboard airliners in our overnight bags. Britain's Cobalt Light Systems has developed a scanner called the INSIGHT100, that uses laser light to assess the liquid contents of containers, even if those containers are opaque."
Just like TSA only local? Back in ye olde days, anal probing was only done on UFOs.
NYC: Stop-and-Frisks Hit Record in 2011
Sean Gardiner reports:
New York City police officers stopped and questioned 684,330 people last year, a record number since the department started producing yearly tallies of the tactic.
The total marked a 14% increase over 2010, according to statistics viewed by The Wall Street Journal on Monday.
Read more on Wall Street Journal. The report/stats do not indicate whether the increase was across the board throughout the year or is in any way related to the Occupy movement.
Lawyers is nutz! “You can block this attempt to breach your anonymity but only if you give up your anonymity.”
The Curious Case of the D.C. District’s Anonymity Orders
Courts have generally been reluctant to allow parties to file anonymously – even when it might seem reasonable to us to allow them to do. As a recent example: the actress who tried to anonymously sue IMDB and Amazon for “outing” her real age was told she could either file non-anonymously or drop her suit.
When “Does” are being sued, you’d think – or hope – that the court would allow them to move to quash subpoenas anonymously to protect their anonymity – at least in the early stages. And that’s how one case started out. But D.C. District Court magistrate John M. Facciola apparently had second thoughts and issued an order saying that if defendants wanted to move to quash, they’d have to do so under their names, which would be available in the public docket.
Citizen Media Law Project has more on the case, Hard Drive Production v. DOES 1-1,495.
Did I ever mention how much I detest Third Party Doctrine and why Congress really really really needs to recognize the privacy interests of those who provide subscriber information to sites and ISPs?
So if we stream our seminars do we get rich or just famous?
BitTorrent Live: Cheap, Real-Time P2P Video Streaming That Will Kill TV
Television is going the way of the dinosaur, and the deadly comet is called BitTorrent Live. Today, Bram Cohen, the author of the BitTorrent peer-to-peer sharing protocol, demoed his latest creation at the SF MusicTech Summit.
BitTorrent Live lets any content owner or publisher stream video to millions of people at good quality and with just a few seconds of latency…for free or cheap.
… Essentially, people love what they see on television, but want it accessible from the web.
The shift to online streaming has been stalled, though, because of the cost of set up, bandwidth, and servers compared to television infrastructure like cable wires and satellites that are already bought and paid for.
With BitTorrent Live, soon it won’t just be The White House and the Super Bowl streaming their content.
This disruptive P2P tech could blow the doors of streaming open to publishers of any scale.
BitTorrent Live sidesteps the infrastructure cost by having viewers stream the content to each other like they’d torrent a download instead of pulling video from a central source
… An SDK to work with the proprietary protocol is in the works.BitTorrent is now asking content publishers to contact them at email@example.com to help test their tech. Cohen says he’s already been approached by TV studios who want BitTorrent Live to bring their shows online cheaply.
Work on your home computer, from anywhere... Without an Internet connection!
It would appear Dropbox is building a pretty wide ecosystem around its service and the latest today is an integration with WorldDesk. Who are they? Well they provide desktop virtualisation software, and they’ve just launched a beta cloud-based desktop delivery platform leveraging Dropbox.
Right now WorldDesk lets you access your “desktop” (whatever that is these days) from any device,allowing access to your applications and personalised desktop from your physical machine. Using WorldDesk, you could use a simple USB drive, or access your desktop from a smartphone, for instance.
[on Youtube: http://www.youtube.com/user/WorldDesk/feed
Online bookstore browsing with your browser?
… By default the display shows Amazon’s list of bestsellers. The book titles are displayed without any rankings or numbers against a reader-friendly white background. You can switch from Amazon’s bestsellers to the New York Times bestsellers list anytime.
Clicking on a book title takes you to its Bookflavor page. Here you can read the book’s synopsis along with its reviews. The book reviews are fetched from Amazon as well as GoodReads. The Amazon purchasing link for each book can also be found on this page.
Similar tool: Zoomii,
One possible future of education?
MIT opens registration today for the first of its online courses offered as part of its new MITx initiative. The university announced MITx late last year as the next step not just in informal online learning but in alternative certification. Registration for MITx is free and open to anyone, and for this first "prototype" class, there is no additional charge to receive the certification upon successful completion of the class. [This is both the challenge and the money making opportunity for online education Bob]
(Related) I'll taste-test and certify your beer...
How cool is this?
… One of the most useful ways that ifttt is leveraged is in finding free deals, discounts, and sales. Let me share a few of my favorite tech-related recipes that deal in saving you more money online.
Monday, February 13, 2012
Eventually, the pain goes away. How long “eventually” is remains undetermined.
Update: Texas pays for data breach
February 13, 2012 by admin
Kelley Shannon provides an update on one of the biggest breaches in 2011:
The taxpayer tab for individual credit monitoring after a data breach in Comptroller Susan Combs’ office has topped $600,000, and Combs’ campaign is paying extra to resolve routine credit glitches in some cases.
Though investigations continue into the data exposure revealed in April 2011, there is no evidence of misuse of any personal information [Imagine what that would cost! Bob] belonging to 3.5 million Texans, state officials said.
Read more on ReporterNews.
It makes little difference if this was a hack through Microsoft's best corporate security or the misguided efforts of an under-trained new guy – the word is out that Microsoft's security stinks. What will that cost to repair?
Microsoft Store hacked in India, passwords stored in plain text
February 12, 2012 by admin
Sean Buckley reports:
Frequenters of India’s online Microsoft Store were briefly greeted with the suspicious visage of a Guy Fawkes mask this morning, following a hack that compromised the site’s user database. According toWPSauce, Microsoft Store India’s landing page was briefly taken over by a hacker group called Evil Shadow Team, who, in addition to putting a new face on Windows products, revealed that user passwords were saved in plain text.
Read more on Engadget.
That's a bit harsh, isn't it?
The Only Reason Companies Delete Emails Is To Destroy Evidence
The News Corp. phone-hacking scandal continues to spiral out of control, sweeping up more and more of the companies employees and executives. In the UK, 8 people were arrested, including five News Corp journalists, in the broadening scandal, which may embroil deputy COO James Murdoch—Rupert’s son and heir-apparent. A paper copy of a deleted email found in a crate ties James Murdoch directly to the events under investigation, which involved the routine and illegal hacking of phone voicemails on behalf of a News Corp publication.
This email evidence would never have been found if it wasn’t printed out because News Corp, like many corporations, regularly deletes archived emails. It is standard practice, but the technical reasons given for deleting emails are usually not the real reason they are eliminated. The only real reason to destroy old emails is to avoid liability and future lawsuits.
Is the same information available elsewhere?
Ie: Insurance companies admit data law breach
How many times have we talked about the risks of information being used against us by insurance carriers? Here’s a case where it reportedly happened in Ireland:
Three insurance companies have pleaded guilty to breaching the Data Protection laws by using social welfare information obtained by a private investigator.
The Office of the Data Protection Commissioner said the breaches by Zurich, FBD and Travellers were “very serious” and sent a message to the industry that information needed to be obtained lawfully.
In December 2010 the office of the Data Protection Commissioners was notified of a possible breach of the act by the Department of Social Protection.
As part of the investigation they visited the office of Reliance Private Investigators in Kildare.
They found evidence of social welfare data being passed onto three insurance companies.
Read more on RTÉ.
[From the article:
He said the three companies had pleaded guilty at an early stage and co-operated fully with the inquiry. [Couldn't they foresee this outcome? Or was no one looking forward? Bob]
(Related) Not exactly the same, but definitely of interest...
By Dissent, February 13, 2012
A German company which studies drug prescription habits for the pharma industry is accused of selling raw data to drug companies, in what magazine Der Spiegel said on Monday could be a huge data protection scandal.
A former member of staff at the data processing firm Pharmafakt GFD told the magazine under oath that data from millions of pharmacy prescriptions had been saved and analysed then sold to pharma firms.
Read more on The Local. So far, GFD has denied the allegations. GFD counts some large pharmaceuticals among its clients: Pfizer, Sanofi, Bayer, Novartis, Roche and GlaxoSmithKline, but it’s not yet clear how far and wide this scandal might reach if the former employee’s allegations are true.
It also confuses the heck out of TSA when you try to re-enter the US.
"What may once have sounded like the behavior of a raving paranoid [I resemble that remark Bob] is now considered standard operating procedure for officials at American government agencies, research groups and companies as the NY Times reports how businesses sending representatives to China give them a loaner laptop and cellphone that they wipe clean before they leave and wipe again when they return. 'If a company has significant intellectual property that the Chinese and Russians are interested in, and you go over there with mobile devices, your devices will get penetrated,' says Joel F. Brenner, formerly the top counterintelligence official in the office of the director of national intelligence. The scope of the problem is illustrated by an incident at the United States Chamber of Commerce in 2010 when the chamber learned that servers in China were stealing information from four of its Asia policy experts who frequently visited China. After their trips, even the office printer and a thermostat in one of the chamber's corporate offices were communicating with an internet address in China. The chamber did not disclose how hackers had infiltrated its systems, but its first step after the attack was to bar employees from taking devices with them 'to certain countries,' notably China. 'Everybody knows that if you are doing business in China, in the 21st century, you don't bring anything with you,' says Jacob Olcott, a cybersecurity expert at Good Harbor Consulting. 'That's "Business 101" — at least it should be.'"
Is this sufficient?
February 12, 2012
FAQ - What is a privacyscore?
"A privacyscore is a way to assess the privacy risk of using a website. Privacy risk is the chance that data about you will be used or shared in ways that you probably don't expect. Privacyscores cover two kinds of data:
- We estimate privacy risk to personal data (such as your name or email address) based on the published policies of the website.
- We estimate privacy risk to anonymous data (such as your interests and preferences) based on the privacy qualifications of the other companies who collect this kind of data across websites.
- You can see privacyscores of the sites as you visit by using the privacyscore add-on for Firefox and Chrome."
If we can establish a price, can I flag my information as “not for sale?”
Start-Ups Seek to Help Users Put a Price on Their Personal Data
Joshua Brustein reports:
… People have been willing to give away their data while the companies make money. But there is some momentum for the idea that personal data could function as a kind of online currency, to be cashed in directly or exchanged for other items of value. A number of start-ups allow people to take control — and perhaps profit from — the digital trails that they leave on the Internet.
“That marketplace does not exist right now, because consumers are not in on the game,” said Shane Green, who founded a company called Personal in 2009.
Read more on The New York Times.
"It's somewhat hard to imagine that NASA doesn't need the computing power of an IBM mainframe any more, but NASA's CIO posted on her blog today that at the end of the month, the Big Iron will be no more at the space agency. NASA CIO Linda Cureton wrote: 'This month marks the end of an era in NASA computing. Marshall Space Flight Center powered down NASA's last mainframe, the IBM Z9 Mainframe.'"
(Related) Get the T-shirt: “I for one welcome our robot overlords”
One year later, IBM Watson goes to work (and the cloud)
… IBM is taking Watson to the next level, having created a commercial business unit working to offer Watson both on-premise and as a hosted cloud service.
Always worth reading... Something for my Techie students? More for the Professors.
February 12, 2012
Deloitte’s 3rd Annual Tech Trends Report: Top 10 Trends to Help Elevate Information Technology for Digital Business
"The unique convergence of five emerging technology forces – analytics, mobility, social, cloud and cyber security – provide the opportunity for businesses to accelerate performance in 2012, according to Deloitte’s 3rd annual Tech Trends report Elevate IT for Digital Business, released February 6, 2012. The Deloitte report identifies the top 10 technology trends that will have the most potential to impact businesses over the next 18-24 months, grouping the trends into two categories: Disruptors and Enablers.
- Disruptors – Social Business, Gamification, Enterprise Mobility Unleashed, User Empowerment and Hyper-hybrid Cloud – are technologies that can create sustainable positive disruption in IT capabilities, business operations and sometimes even business models.
- Enablers – Big Data Goes to Work, Geospatial Visualization, Digital Identities, Measured Innovation and Outside-in Architecture – are technologies in which many CIOs have already invested time and effort, but which may warrant another look this year because of new developments."
Cyber-security: The vexed question of global rules
By Peggy Garvin Source: Security and Defence Agenda Sunday, 12th February 2012
From the report:
This report is made up of a survey of some 250 leading authorities worldwide and of interviews carried out in late 2011 and early 2012 with over 80 cyber-security experts in government, companies, international organisations and academia. It offers a global snapshot of current thinking about the cyber-threat and the measures that should be taken to defend against it, and assesses the way ahead. It is aimed at the influential layperson, and deliberately avoids specialised language.
For the moment, the "bad guys" have the upper hand – whether they are attacking systems for industrial or political espionage reasons, or simply to steal money – because the lack of international agreements allows them to operate swiftly and mostly with impunity. Protecting data and systems against cyber-attack has so far been about dousing the flames, although recently the focus has been shifting towards more assertive self-protection. [Armed drones? Bob]
+ Link to full report (PDF; 2.48 MB)
An idea for funding seminars? How much to start a series of seminars or keep one going? (There are several similar websites)
"Crowd-funding website Crowdtilt officially launched last week, expanding upon the collective fundraising model pioneered by Kickstarter to enable raising money for any project — even a beer blitz. Like Kickstarter, Crowdtilt allows users to create a fundraising campaign with a tipping point. If the effort falls short of the set amount, would-be donors are not charged. However, unlike Kickstarter, the platform allows users to "group fund anything." Users can initiate campaigns without first getting the approval of service administrators, which they must do on Kickstarter."