Saturday, March 24, 2012

This is a joke, right?
AT&T sued after charging the FCC for Nigerian scam calls
On Thursday, the Department of Justice said that they have filed a lawsuit against AT&T for allowing their IP Relay service, which is aimed at helping the speech and hearing impaired, to become a haven for Nigerian scammers.
IP Relay, the DOJ explained in court documents, is a text-based communications service designed to allow hearing and speech impaired individuals to place telephone calls to hearing persons by typing messages over the Internet, which are then relayed by communications assistants (CAs) employed by an IP Relay provider. AT&T, as such a relay provider, would then bill the government about $1.30 per minute for the calls. [My taxes at work? Bob]
It’s alleged that AT&T, despite the mandate that the service be restricted to U.S. customers only, knew that the service was being abused by Nigerian scammers and other criminals overseas, but allowed the calls to take place because they accounted for 95% of AT&T’s IP Relay call volume. [...and they thought this would go unnoticed? Bob]

“Now if you'd like to purchase access...”
Facebook warns employers not to demand passwords
March 24, 2012 by Dissent
Barbara Orutay reports:
Facebook is warning employers not to demand the passwords of job applicants, saying that it’s an invasion of privacy that opens companies to legal liabilities.
The social networking company is also threatening legal action against those who violate its long-standing policy against sharing passwords. [Users? Aren't they the “victims” Facebook is so concerned about? Bob]
Read more on Tampa Bay Online.
I’m glad they will support legislation to prohibit such practices, but I do think it’s hysterically funny that they are yakking about invasion of privacy in light of approved apps invading people’s privacy without direct opt-in consent.  Perhaps they could expand their new-found respect for privacy to include that?

(Related) Now who's a twit?
Twitter: We Won’t Hand Over Data on Occupy Wall Street Protester
March 23, 2012 by Dissent
John Paul Titlow reports:
Barely two weeks after the New York District Attorney asked Twitter to hand over data about an Occupy Wall Street protester, the company says it will not comply with the request.
The D.A.’s office had sent a subpoena to the microblogging service’s headquarters seeking information about the account belonging to Jeffrey Rae, one of several hundred activists arrested during an Occupy Wall Street demonstration in New York on March 1.
Paul Mills, the attorney representing Rae, filed a motion to quash the subpoena on March 15 on the grounds that the request was in violation of California’s requirements for out-of-state subpoenas.
Read more on ReadWriteWeb.

Once a bureaucracy, always a bureaucracy. It's probably too early to start hoping Congress will cut some of the foolishness. (and what's with the Facebook requirement?)
"Transportation Security Administration (TSA) program challenges and failures will be the focus of a joint hearing of the US House of Representatives Committee on Oversight and Government Reform and the Committee on Transportation and Infrastructure, on Monday, March 26, 2012. The Hearing is titled 'TSA Oversight Part III: Effective Security or Security Theater?' Bruce Schneier is scheduled to be a witness at this hearing. Additional information on the hearing is posted on the oversight committee's website. The Congressmen who serve on these committees are soliciting questions from the public to ask TSA officials at the hearing ... provided the public is willing to submit their questions via Facebook."

Vive le French court!
Official: stillborn French biometric ID card scheme not just extra-terrestrial but also unconstitutional, 13 times over
March 23, 2012 by Dissent
Remember France? Remember 6 March 2012 when the French parliament decided to introduce national biometric ID cards? In a scheme reminiscent of Vichy? 60+ members of the National Assembly and 60+ members of the Senate referred the law to the French Constitutional Council. What does the Council make of it?
The Conseil constitutionnel published its Decision no. 2012-652 DC yesterday, 22 March 2012. They’re not pleased.
Read more on DMossEsq.
[From the article:
The Council has 10 objections to the way the scope of a law supposedly concerned with identity fraud has crept into terrorism and many other areas. And three objections to the use of the proposed biometric ID cards for eCommerce.
These 13 counts of unconstitutionality are laid out in the Commentary which accompanies the Decision and summarised in the Council's press release, in which the law is judged to be disproportionate and to infringe people's right to privacy:

Since I'm not a Facebook user, I can say “BOOK” without paying a fee or getting pre-approved by Facebook.
Facebook Asserts Trademark on Word ‘Book’ in New User Agreement
Facebook is trying to expand its trademark rights over the word “book” by adding the claim to a newly revised version of its “Statement of Rights and Responsibilities,” the agreement all users implicitly consent to by using or accessing Facebook.

Technical methods are always amusing.
March 23, 2012
U.S. Intelligence: Hiding of Military Assets by "Rogue Nations" and Other States a Major Security Challenge for 21st Century
Jeffrey T. Richelson: "A central element of the current debate over how to deal with Iran's nuclear program has focused on the possible difficulty of destroying the Qom underground uranium enrichment facility via air strikes. However, documents posted today by the National Security Archive show that Qom is only the latest in a long series of alleged and real underground facilities that for decades have been a high priority challenge for U.S. and allied intelligence collection and analysis efforts, as well as for military planners. The documents featured in this posting describe in detail the agencies and programs the U.S. government has brought to the task of identifying and assessing underground structures in foreign countries since World War II. Internal records indicate there are more than 10,000 such facilities worldwide, many of them in hostile territory, and many presumably intended to hide or protect lethal military equipment and activities, including weapons of mass destruction, that could threaten U.S. or allied interests. The records (and introductory essay by Archive Fellow Jeffrey T. Richelson) also discuss the vast complexities of gathering and analyzing intelligence on these facilities, and detail several of the highly technical methods U.S. agencies have developed for the purpose over time."

I know a librarian (or six) who might find this useful...
March 23, 2012
Links to Some Presentations from Computers in Libraries
Computers in Libraries 2012 - access the presentations online using this link.

For my fellow Firefox users... Two words: Memory Restart

Friday, March 23, 2012

“Senators are just like normal citizens except that none of those silly laws apply to us.” If Martha Steward had been a Senator, she wouldn't have a felony record now.
Senate bans insider trading on Capitol Hill
The Senate on Thursday overwhelmingly passed a bill that makes it illegal for lawmakers and their staffs to make Wall Street trades based on insider information.

Ubiquitous Surveillance. “We can, therefore we must!” As “can” increases, “must” follows.
Yep, Google Just Patented Background Noise
In 2008, Google applied to patent a system that analyzes the environments surrounding mobile phones -- temperature, humidity, sound -- by way of sensors embedded in those phones. The technology would be mainly used, Google said in its filing, for (yes) "advertising based on environmental conditions."
… There are huge privacy concerns here, obviously, one of them being that the ability to track devices' background noises would seem to imply the ability to track all their noises.
… One wonders about the legality of the hypothetical operation in the 12 states that require everyone recorded to consent to that recording. The sound the phone picks up may just be an advertising signal for an algorithm to Google, but the law could see it differently.

(Related) The article made no mention of the rate of successful identification of the faces.
Japanese surveillance system scans 36 million faces in seconds

Does this suggest the Army dos not understand the “Streisand Effect?”
After Massacre, Army Tried to Delete Accused Shooter From the Internet
The military waited six days before releasing the name of U.S. Army Staff Sgt. Robert Bales, accused of killing 16 Afghan civilians earlier this month. One of the reasons for the somewhat unusual delay: to give the military enough time to erase the sergeant from the internet — or at least try to.
That’s according to several Pentagon officials who spoke on the condition of anonymity to McClatchy newspapers about the subject. The scrubbed material included photographs of Bales from the military’s official photo and video distribution website, along with quotes by the 38-year-old sergeant in the Joint Base Lewis-McChord newspaper regarding a 2007 battle in Iraq “which depicts Bales and other soldiers in a glowing light.”
The sergeant’s wife, Karilyn Bales, and their two young children were also moved onto Lewis-McChord, reportedly for their protection. Her blog, titled “The Bales Family” about her life as a mother and military spouse, was removed although it’s not known how, precisely. [Perhaps the Army has perfected the “right to be forgotten?” Bob] The military’s reasoning for the blackout: protecting the privacy of the accused and his family.

Something fishy here. The article makes it seem that the Police send notices to those they find with open WiFi. In fact, they send the notices to everyone in the area. So why bother looking for WiFi?
"As a part of National Consumer Fraud week, the Queensland Police are going war driving in order to identify insecure WiFi setups. From the press release: 'The War Driving Project involves police conducting proactive patrols of residential and commercial areas to identify unprotected connections. Police will follow this up with a letterbox drop in the targeted area with information on how to effectively secure your connection.' While some people may like having an open WiFi AP its interesting to see that the Police also feel that 'Having WEP encryption is like using a closed screen door as your sole means of security at home. The WPA or WPA2 security encryption is certainly what we would recommend as it offers a high degree of protection.'"
[If you would like to do it yourself:

(Related) Perhaps a strongly worded letter from the police is required.
"A group of U.S. federal cybersecurity experts recently said the Defense Department's network is totally compromised by foreign spies. The experts suggest the agency simply accept that its networks are compromised and will probably remain that way, then come up with a way to protect data on infected machines and networks."
[From the article:
James Peery, director of Sandia National Labs’ Information Systems Analysis Center, told the committee. “We’ve got the wrong model here. … I think we’ve got this model for cyber that says, ‘We’re going to develop a system where we’re not attacked.’ I think we have to go to a model where we assume that the adversary is in our networks. It’s on our machines, and we’ve got to operate anyway. We have to protect the data anyway."

I can see the young lawyer saying, “I know how to stop all this fuss about our Privacy Policy. Let's not have a Privacy Policy!”
Facebook strips ‘privacy’ from new ‘data use’ policy
March 23, 2012 by Dissent
Laurie Segall reports:
A Facebook privacy policy revision intended to make the site’s methods more transparent is instead kicking up a fresh firestorm.
Facebook posted a draft version of its revised terms on March 15 and gave the site’s users a one-week comment period to weigh in with questions and suggestions. The changes include many semantic tweaks, like stripping the word “privacy” out of Facebook’s “privacy policy,” which is now called a “data use policy.”
Read more on CNN.
One provision that drew a lot of flak is mentioned in the report:
Facebook’s current policy says: “When you use an application, your content and information is shared with the application.” Its proposed revision amends that line to: “When you or others who can see your content and information use an application, your content and information is shared with the application.”
I had tweeted something the other day about one app, Swaylo, that had that kind of provision: in authorizing the use of their app, you have to basically grant them permission to access your friends’ profiles as well – even without your friends’ consent or authorization to the app. Frankly, if any “friend” of mine ever gave some third party permission to access my information, they wouldn’t be my friend for long. More to the point, such consent or authorization is not acceptable. Heck, I don’t even see how it’s legal. What if people who never authorized an app sued for unauthorized collection of their data? Would the app’s defense in court be, “Well, their friend said it was okay.”?
To the extent that Facebook’s wording changes makes it clearer to people what is going on, that’s a good thing, but it shouldn’t be going on and Facebook should prohibit apps from doing this without direct opt-in consent or authorization. Saying that users can avoid this by granular privacy control settings is not sufficient as the default is still to allow such nonsense and unintended disclosure to apps.
Need any more proof that a “voluntary” code of conduct is not an adequate solution? There ya go.

(Related) We already read your email, so what's the big deal? No doubt they developed the software with the NSA and have it available in all but a few languages. “They look for “bomb” we look for “bargain.”
Google looks to patent tech that listens to calls to promote ads

Must be what makes Napoleonic law different... Or perhaps a diet of frogs and snails poisons the mind?
Idiotic Idea of the Day: Jailing Lurkers of Terror Websites
French President Nicholas Sarkozy means well. In the wake of horrific antisemitic murders reportedly pulled off by a Qaida-trained killer, Sarkozy is proposing to lock up frequent visitors to pro-terrorist websites. However understandable, the move would cripple open source attempts at understanding terrorism trends without stopping terrorists.
Anyone who regularly consults internet sites which promote terror or hatred or violence will be sentenced to prison,” Sarkozy argued to a political rally in France on Thursday. “What is possible for pedophiles should be possible for trainee terrorists and their supporters, too.”

(Related) In Pennsylvania the poison is scrapple.
ACLU of PA Sues Solanco School District Over Student Drug Testing Policies
The American Civil Liberties Union of Pennsylvania and Dechert LLP filed a lawsuit in state court yesterday on behalf of a Solanco School District (Lancaster County) sixth grader and her parents to stop the school district from requiring students who participate in extracurricular activities, including athletics and academic competitions, to submit to suspicionless, random drug testing.
The ACLU of Pennsylvania believes the school’s policy violates a 2003 Pennsylvania Supreme Court ruling requiring schools to justify suspicionless drug testing programs with evidence of a widespread drug problem among students. This is the third lawsuit the ACLU of PA has filed in the past 13 months against school districts with unconstitutional drug testing policies.
… The ACLU of Pennsylvania and Dechert are representing sixth-grader M.M. and her parents, Mika and Christopher McDougall, of Peach Bottom, Pa. Because M.M. and her parents have refused to consent to the school’s drug testing policy, M.M. was removed from orchestra and chorus at the beginning of the 2011-2012 school year and is currently ineligible to join any school athletic or academic teams.
A top math student in her class, eleven-year-old M.M. was also recently asked to join her school’s “MathCounts” academic competition team next year. But because she and her parents will not consent to a policy they feel is invasive and unconstitutional, she will be unable to participate.
… According to the complaint, the Solanco School District has provided no evidence of a drug problem among its students to justify its policy.
Studies have repeatedly shown that random drug testing does not reduce student drug use. The largest national student study conducted by the U.S. government’s own program, Monitoring the Future, found in 2002 that random, mandatory drug testing had no impact on students’ rates of drug use. This study covered three years and included over 76,000 students nationwide in eighth, tenth, and twelfth grades. These researchers confirmed these findings again in 2003.
More information about the case, including a copy of the complaint, is available at:

Combination Search Engine and Pinterest, by people who have read “Stranger in a Strange Land”
instaGrok is a very promising new search service that I learned about from Joyce Valenza during my time at Discovery's Beyond the Textbook forum. At first glance instaGrok appears to be a new version of Google's old Wonder Wheel service. But after investigation you'll see that instaGrok is more than just web of suggested search terms.
You can use instaGrok to search a topic and quickly get lists of facts on that topic, links to information on that topic, videos, images, and quizzes on the topic. If you want to refine or alter your search, just click on another term in the web of search terms. If the results that you are getting are too difficult to comprehend or are too basic, use the difficulty slider to change the results.
When you find materials that are useful for your research you can pin them or add them to your instaGrok journal. You can add notes to those links in your journal as well.

Tools & Techniques
The award winning open source audio recording and editing program, Audacity, which runs on Mac OS X, Microsoft Windows, GNU/Linux and other operating systems, was released last week with a 2.0 upgrade.
Audacity, developed by a group of volunteers and distributed under General Public License, allows you to record audio from your computer’s microphone, CDs, USB turntables/tape decks, streaming audio, and iTunes, as well as the ability to import and edit existing audio files. Audio files can be saved in various formats including MP3, podcast, ringtones, and iTunes.

Now I can reorganize my “Math videos” into “Fraction videos” “Decimal videos” “Log videos”
You can add videos from multiple video sites like YouTube and Vimeo into a single playlist and then embed the playlist anywhere on the web.
The video sites currently supported are YouTube, Vimeo, DailyMotion, PhotoBucket and SlideShare. However, the best part is that you can also use a Yokto Video Collector tool to collect videos from all other video sites or even simple webpages that have a video embedded. Just drag the icon to your favorites bar and then whenever you see a video that you want to add, simply click on the icon and choose the playlist you want to add it to.

“Quotes is good!” Bob
With several hundred websites devoted to quotations, looking for a particular one isn’t too easy. QuoteCoil helps by letting you search for hundreds of thousands of quotes within seconds. Their instant search box lets you search by quote, author or any keyword. The results appear even before you press enter and change as you type.

Back in Ye Olde Days, we only worried about what language the book was written in...
EPUB’s are awesome because they are the most open format for eBooks, but if you use a Kindle, then you will need your books in MOBI format. Some other readers also don’t support EPUB, so if you want to use your DRM-free eBooks on these readers, having an easy way to convert them is crucial.
It is a free, easy to use program that can even batch convert multiple files at once.
Also read related articles:
How to Actually Make Money Selling eBooks

Thursday, March 22, 2012

"What's in a name? That which we call a crook
By any other name would smell as bad." (Sorry Will)
Report: Hacktivists Out-Stole Cybercriminals in 2011
More than 100 million of the 174 million stolen records Verizon tracked in 2011 were stolen by hacktivist groups, according to the authors of Verizon’s 2012 Data Breach Investigations Report (.pdf).

How do you get your data back if the recipient doesn't want to return it? (and would they do the same for a mere citizen?)
Update: Computer seized over Belfast City Hall breach (updated)
March 21, 2012 by admin
Give ‘em back their data – that you didn’t ask for but they sent you anyway – or they’ll seize it from you?
A computer has been seized from a woman who received personal details of every Belfast city councillor in a major security breach, it has been revealed.
Heather M Brown surrendered the computer at her home in England under the terms of a draconian order secured at the High Court in Belfast.
A judge also authorised the recovery of electronic storage devices or any hard copies of the spreadsheet containing elected representatives’ private phone numbers, bank details, national insurance numbers and car registrations. Some passport details were disclosed as well.
Read more on UTV.
Update: Jon Baines kindly pointed me to an earlier article in the Belfast Telegraph that may help clarify why an injunction was needed in this case.
[From the UTV article:
A judge also authorised the recovery of electronic storage devices or any hard copies of the spreadsheet containing elected representatives' private phone numbers, bank details, national insurance numbers and car registrations. Some passport details were disclosed as well.
… It was claimed that a copy has already been sent to Justice Minister David Ford's office, in breach of an injunction against further disclosure granted earlier this month.
… "The council attempted to recover the data on a voluntary basis but was unable to do so," it said.

A simple software tweak that could have significant economic and national security implications?
March 21, 2012
Firefox enables HTTPS safe searching as default setting
"A few days ago, Mozilla's developers quietly enabled Google's HTTPS encrypted search as the default search service for the "nightly" developer trunk of the Firefox browser (it will actually use the SPDY protocol). This change should reach regular users at some point in the next few months... This is a big deal for the 25% or so of Internet users who use Firefox to browse the web, bringing major improvements in privacy and security. First, the search query information from these users will be shielded from their Internet service providers and governments who might be using Deep Packet Inspection (DPI) equipment to monitor the activity of users or censor and filter search results. Second, the search query information will also be shielded from the websites that consumer visit after conducting a search. This information is normally leaked via the "referrer header"."

What we need is a “Right to be left alone” bill.
Maryland and Illinois Introduce Bills to Limit Employer Access to Employees’ Social Networking Accounts
March 21, 2012 by Dissent
Laura Brookover writes:
Lawmakers in Maryland and Illinois have introduced bills that would prohibit employers from requiring job applicants or employees to grant access to their social networking accounts. The bills arose from reports that employers have impliedly or explicitly required access to social networking accounts as a condition of hiring or employment.
A few bills have been proposed in Maryland that would protect the privacy of individuals’ social networking accounts. Bills in the House and Senate have been introduced that would restrict all employers’ access to employee and job applicant accounts. Two separate bills have also been introduced that would prevent university officials from accessing student accounts.
Read more on Covington & Burling Inside Privacy.

What would be so secret (or embarrassing?) that it could not be disclosed?
"Continuing the recent stories on the secret, closed door, FOI blocked talks, the Australian Greens have filed a motion in the Senate requesting that the Government release documents regarding its closed door meetings on Internet piracy which the Attorney-General's Department has blocked from being released under Freedom of Information laws. This morning, Greens Communications Spokesperson Scott Ludlam filed an order in the Senate that the Government disclose details of the most recent meeting. 'The Government refuses to reveal almost any information about the attendees, the substance or the outcomes of the meeting,' he said in a separate statement. 'A Freedom of Information request from a journalist looks like it's been met with maximum resistance.'"

How many lawyers would it take to sue 66.6 million people? Who would pay for this in a smaller (Normal?) case?
MPAA Wants Megaupload User Data Retained for Lawsuits — Updated
Hollywood studios want a federal judge to preserve data on all the 66.6 million users of Megaupload, the file-sharing service that was shuttered in January due to federal indictments targeting its operators.
The Motion Picture Association of America is requesting Carpathia, Megaupload’s Virginia-based server host, to retain the 25 petabytes of Megaupload data on its servers, which includes account information for Megaupload’s millions of users.
… Carpathia said it is spending $9,000 daily to retain the data, and is demanding a federal judge relieve it of that burden. Megaupload, meanwhile, wants the government to free up some of the millions in dollars of seized Megaupload assets to be released to pay Carpathia to retain the data for its defense and possibly to return data to its customers.

(Related) Being a crook is hard!
Kim DotCom to get monthly living expenses of $48,000
… It is unclear whether the court's decision has anything to do with a procedural error made by police when they confiscated his property. They filed for the wrong kind of restraining order and the court ruled last week that the erroneous order was null and void, according to reports. New Zealand legal experts said that as a result, there was a chance authorities would have to return all of DotCom's property.
The money for DotCom's monthly allowance is coming from the interest accrued on the $10 million that DotCom invested in New Zealand government bonds.

For my Ethical Hackers. Their customers are knowledgeable. I think a broader market exists in the “digital forensics” space.
"Forbes profiles Vupen, a French security firm that openly sells secret software exploits to spies and government agencies. Its customers pay a $100,000 annual fee simply for the privilege of paying extra fees for the exploits that Vupen's hackers develop, which the company says can penetrate every major browser, as well as other targets like iOS, Android, Adobe Reader and Microsoft Word. Those individual fees often cost much more than that six-figure subscription, and Vupen sells them non-exclusively to play its customers off each other in an espionage arms race. The company's CEO, Chaouki Bekrar, says Vupen only sells to NATO governments and 'NATO partners' but he admits 'if you sell weapons to someone, there's no way to ensure that they won't sell to another agency.'"

Wednesday, March 21, 2012

Still bloody expensive...
Good news for breached entities: it won’t cost you as much and customers are less likely to leave – Ponemon study
March 20, 2012 by admin
The new Ponemon study, 2011 Cost of a Data Breach Study has some interesting findings. From the executive summary:
  • The cost of a data breach declined. For the first time in seven years, both the organizational cost of data breach and the cost per lost or stolen record have declined. The organizational cost has declined from $7.2 million to $5.5 million and the cost per record has declined from $214 to $194.
  • Negligent insiders and malicious attacks are the main causes of data breach. Thirty- nine percent of organizations say that negligence was the root cause of the data breaches. For the first time, malicious or criminal attacks account for more than a third of the total breaches reported in this study. Since 2007, they also have been the most costly breaches. Accordingly, organizations need to focus on processes, policies and technologies that address threats from the malicious insider or hacker.
  • Certain organizational factors reduce the overall cost. If the organization has a CISO with overall responsibility for enterprise data protection the average cost of a data breach can be reduced as much as $80 per compromised record. Outside consultants assisting with the breach response also can save as much as $41 per record. When considering the average number of records lost or stolen, all of these factors can provide significant and positive financial benefits.
Once again, those who rush to notify before they have completed a thorough assessment wound up spending more than those who complete their assessment before notifying consumers. The difference came to about $33/record. So while the public wants prompt notification, prompt but inaccurate notification may wind up costing entities more.

“If you've go nothing to hide...” Failure to volunteer is awfully suspicious.
Saying No to an Optional Iris Photo Has Its Consequences
As fellow Occupy Wall Street protesters who had been arrested on Saturday were being arraigned, Dallas Pesola remained in a holding cell on Sunday night, essentially being punished for not submitting to what was supposed to be a voluntary photograph of his irises.
Mr. Pesola was released on Monday after spending 48 hours in custody, double the maximum time for arraignments set in 1990 by a state Supreme Court judge.
… In 2010, when the New York Police Department began photographing the irises of people arrested in Manhattan, officials said that the images would prevent one defendant from pretending to be another.

(Related) Not new, but clearly spreading. Corporations are now aware that bad opinions on social media can hurt the bottom line yet they are still unwilling to use social media themselves.
Employers ask job seekers for Facebook passwords
… Bassett, a New York City statistician, had just finished answering a few character questions when the interviewer turned to her computer to search for his Facebook page. But she couldn't see his private profile. She turned back and asked him to hand over his login information.
Bassett refused and withdrew his application, saying he didn't want to work for a company that would seek such personal information
… In their efforts to vet applicants, some companies and government agencies are going beyond merely glancing at a person's social networking profiles and instead asking to log in as the user to have a look around.
… Since the rise of social networking, it has become common for managers to review publically available Facebook profiles, Twitter accounts and other sites to learn more about job candidates. But many users, especially on Facebook, have their profiles set to private, making them available only to selected people or certain networks.
Companies that don't ask for passwords have taken other steps - such as asking applicants to friend human resource managers or to log in to a company computer during an interview. Once employed, some workers have been required to sign non-disparagement agreements that ban them from talking negatively about an employer on social media. [Desn't this change the “employment agreement?” Bob]
Asking for a candidate's password is more prevalent among public agencies, especially those seeking to fill law enforcement positions such as police officers or 911 dispatchers.
… Until last year, the city of Bozeman, Mont., had a long-standing policy of asking job applicants for passwords to their email addresses, social-networking websites and other online accounts.
And since 2006, the McLean County, Ill., sheriff's office has been one of several Illinois sheriff's departments that ask applicants to sign into social media sites to be screened.
Chief Deputy Rusty Thomas defended the practice, saying applicants have a right to refuse. But no one has ever done so. Thomas said that "speaks well of the people we have apply."
… In Spotsylvania County, Va., the sheriff's department asks applicants to friend background investigators for jobs at the 911 dispatch center and for law enforcement positions.
"In the past, we've talked to friends and neighbors, but a lot of times we found that applicants interact more through social media sites than they do with real friends," said Capt. Mike Harvey. "Their virtual friends will know more about them than a person living 30 yards away from them."
… Facebook declined to comment except for issuing a brief statement declaring that the site forbids "anyone from soliciting the login information or accessing an account belonging to someone else."
Giving out Facebook login information also violates the social network's terms of service. But those terms have questionable legal weight, and experts say the legality of asking for such information remains murky.
The Department of Justice regards it as a federal crime to enter a social networking site in violation of the terms of service, but during recent congressional testimony, the agency said such violations would not be prosecuted. [“Another law we choose to ignore...” Bob]
Lori Andrews, a law professor at IIT Chicago-Kent College of Law specializing in Internet privacy, is concerned about the pressure placed on applicants, even if they voluntarily provide access to social sites.
"Volunteering is coercion if you need a job," Andrews said.

Tuesday, March 20, 2012

Hey! It's New Jersey. “Hate the ex-boyfriend” isn't the same as “hate the gay guy.” (“Hate the cop ex-boyfriend” is really really not the same)
Woman accused of creating false Facebook page in ex-boyfriend’s name gets probation
March 19, 2012 by Dissent
Peggy Wright reports:
A 41-year-old woman was admitted today into a special probation program and agreed to undergo a psychological evaluation to resolve a charge of creating a scathing Facebook profile in the name of a Parsippany police detective.
Without admitting to the charge of identity theft, Dana Thornton, formerly of Belleville, was accepted by Superior Court Judge David Ironson into Morris County’s Pre-Trial Intervention program for first-time offenders.
Thornton will be supervised on probation for 12 months. She must perform 50 hours of community service and submit to a psychological evaluation and follow any recommendations for counseling.
Read more on The Daily Record.
I can’t help but compare this case to the Dharun Ravi case. Both this woman and Ravi were first-time offenders. Both engaged in online conduct that could have made people feel embarrassed or harassed – or that could have harmed reputations.
One – the older one, who should presumably know better – gets probation. The younger one risks a 10-year prison term because his motivation wasn’t revenge for a personal break-up but presumably bias.
Does this seem equitable to you?

Well, that clears things up...
How Much Is Your Data Worth? Mmm, Somewhere Between Half a Cent and $1,200
… For buyers, user data is dirt cheap. User profiles -- slices of our digital selves -- are sold in large chunks, i .e. at least 10,000 in a batch. On the high end, they go for $0.005 per profile, according to advertising-industry sources.
… Facebook and Google make roughly $5 and $20 per user, respectively. Without your data in one form or another, their advertising would be mostly worthless, so perhaps your data is worth something in that range.
But let's not forget the rest of the Internet advertising ecosystem either, which the Internet Advertising Bureau says supported $300 billion in economic activity last year. That's more than $1,200 per Internet user and much of the online advertising industry's success is predicated on the use of this kind of targeting data.

The Never-Ending Story.
"Google has once again stood up in court for the rights of users and services online, this time defending Hotfile from copyright infringement accusations. [Quoting the article]: 'Google takes a sort of hard-line approach via the DMCA, telling the court that however the MPAA may try to mislead them, Hotfile is in fact protected under safe harbor provisions. And furthermore, Google suggests that the MPAA's approach is contrary to the language in and precedents surrounding the DMCA. The onus is on copyright holders to alert a service to the nature and location of an infringement, and the service's responsibility is to alert the user if possible and remove the material within a reasonable period of time'"
The full brief has been uploaded to Scribd. The MPAA, naturally, has requested that the amicus brief be rejected by the court:

Also sure to be amusing...
"Word from Ars Technica is that OnLive, a service provided that seems to totally flout Microsoft licensing and offers iPad users a Microsoft Desktop for free (or a beefier one for $5) isn't being sued by Microsoft as this blog quotes: 'We are actively engaged with OnLive with the hope of bringing them into a properly licensed scenario.' The people who are angry include Guise Bule, CEO of tuCloud. He accuses Microsoft of playing favorites with OnLive — whose CEO is a former Microsoft executive — while regularly auditing license compliance for companies like tuCloud that provide legitimate virtual desktop services. Bule is so mad that he says he is forming an entirely new company called DesktopsOnDemand to provide a service identical to OnLive's, complete with licensing violations, and dare Microsoft to take him to court. Bule hopes to force Microsoft into lifting restrictions on virtual desktop licensing that he says inhibit growth in the virtual desktop industry, and seem to apply to everyone except OnLive."
One of the restrictions applied to licensed remote desktop providers is that each user must have his own dedicated machine (pretty onerous in the days of 16+ core servers costing a mere grand or two).

How do news stories differ depending on the media? Winston Churchill wrote long, opinionated articles for “The Times.” It seems that news got shorter (if more colorful), then had to be “entertaining,” and now can simply be “Peyton Manning is a Bronco! Click here for more.”
March 19, 2012
Pew Research Center - State of the News Media 2012
"In 2011, the digital revolution entered a new era. The age of mobile, in which people are connected to the web wherever they are, arrived in earnest. More than four in ten American adults now own a smartphone. One in five owns a tablet. New cars are manufactured with internet built in. With more mobility comes deeper immersion into social networking. For news, the new era brings mixed blessings. New research released in this report, The State of the News Media 2012, finds that mobile devices are adding to people’s news consumption, strengthening the lure of traditional news brands and providing a boost to long-form journalism. Eight in ten who get news on smartphones or tablets, for instance, get news on conventional computers as well. People are taking advantage, in other words, of having easier access to news throughout the day – in their pocket, on their desks and in their laps. At the same time, a more fundamental challenge that we identified in this report last year has intensified — the extent to which technology intermediaries now control the future of news. Two trends in the last year overlap and reinforce the sense that the gap between the news and technology industries is widening. First, the explosion of new mobile platforms and social media channels represents another layer of technology with which news organizations must keep pace. Second, in the last year a small number of technology giants began rapidly moving to consolidate their power by becoming makers of “everything” in our digital lives. Google, Amazon, Facebook, Apple and a few others are maneuvering to make the hardware people use, the operating systems that run those devices, the browsers on which people navigate, the e-mail services on which they communicate, the social networks on which they share and the web platforms on which they shop and play. And all of this will provide these companies with detailed personal data about each consumer."

(Related?) Is communication just communication? Are emoticons an adequate substitute for “tone of voice?” (Do today's teens even recognize tone of voice?)
March 19, 2012
Pew: Teens, Smartphones & Texting
Teens, Smartphones & Texting - "Texting volume is up while the frequency of voice calling is down. About one in four teens say they own smartphones." Amanda Lenhart Senior Research Specialist, Pew Internet Project
  • "Teens are fervent communicators. Straddling childhood and adulthood, they communicate frequently with a variety of important people in their lives: friends and peers, parents, teachers, coaches, bosses, and a myriad of other adults and institutions. This report examines the tools teens use to communicate, with a particular focus on mobile devices, and then places the use of those tools in the broader context of how teens choose to communicate with people in their lives. The volume of texting among teens has risen from 50 texts a day in 2009 to 60 texts for the median teen text user. In addition, smartphones are gaining teenage users. Some 23% of all those ages 12-17 say they have a smartphone and ownership is highest among older teens: 31% of those ages 14-17 have a smartphone, compared with just 8% of youth ages 12-13."

Perspective (Some would say the government is a drag on the economy)
Internet accounts for 4.7% of U.S. economy
The Internet contributes more to the American economy than the entire federal government, according to a new study by the Boston Consulting Group.
The Internet accounted for $684 billion, or 4.7% of all U.S. economic activity in 2010, Boston Consulting Group found. By way of comparison, the federal government, contributed $625 billion, or 4.3%, to the nation's output.

Some of my students don't have room for more ink, but I can see temporary (but long term) tats with the logo of your phone company being the hip new fashion accessory.
Nokia Files Patent for Haptic Feedback Tattoo
… Discovered by Unwired View, Nokia’s Haptic Communication patent describes an electronic device, probably your smartphone, that generates a magnetic field that stimulates ferromagnetic ink that’s been stamped, tattooed, or taped to skin. The ink’s reaction creates perceivable stimuli that responds to digital content on the smartphone.
Translation: Notifications on a smartphone will trigger a vibration in the magnetic ink attached to your body. A text could trigger a specific vibration pattern, while a voicemail could trigger another.

An Infographic for my student Geek Dads (and Geek Moms)
Tech-savvy dads: We're geeks and proud of it
According to a survey sponsored by Cisco Home Networking Business (who knew Cisco was in the business of geek dads?), these self-proclaimed nerds are eager to pass on their high-tech knowledge to their sons and daughters. And get this: instead of retreating to their rooms and slamming their doors in that special way only angst-ridden teens can, the kids are into it, giving both parties an opportunity to spend more time together.

For my “geeks who write?” (Interesting that the Amazon “Used” price is more than the “New” price...)
"The Chicago Manual of Style (CMS), now in its 16th edition, is the de facto style guide for American writers. It deals with aspects of editorial practice, grammar, usage, document preparation and more. It's just one of many style guides for writers. The Microsoft Manual of Style, just released in its 4th edition, attempts to do for the technical writers what the CMS has done for journalists and other writers."

Sometimes you want a tool that is “just like X, but isn't X” fortunately there are probably hundreds of them – unfortunately they are not always easy to find.
If you are looking for a free alternative to Google Docs for your group document editing needs, Substance is a great option for you. The web-based writer is much like Microsoft Word, only a little simpler. It’s easy to use and navigate for users of all levels. Best of all, because it is open source, it’s one hundred percent free!
You can invite an unlimited number of other users to edit the document with you. Users can subscribe to a document to be alerted whenever a change is made. This way, you will always be in the loop with what your collaborators are doing to the document. If you are working with a large document, they will have a convenient table of contents feature.

People still use paper? How Egyptian!
Believe it or not, some people still print documents to physical pieces of paper. Optical Character Recognition (OCR) software takes those printed documents and converts them right back into machine-readable text.
Google Docs
Google Docs has integrated OCR support.
To get started, open the Google Docs website and start uploading a file. You can’t scan directly from your scanner into Google Docs; you’ll have to scan the document as an image or PDF file first. If you don’t have a scanner, you can try scanning a document with your smartphone’s camera.
FreeOCR is a simple, easy-to-use frontend for the open-source Tesseract OCR engine, originally developed by HP Labs.
Cuneiform OpenOCR
Cognitive Technologies developed Cuneiform as a commercial OCR solution, but eventually released it as freeware. Cuneiform OpenOCR has an unpolished interface, but there’s an excellent OCR engine underneath.
The download page is in Russian — scroll down and click the “english version” setup link to download and install Cuneiform.

I might create a “Math bundle” and a “Computer Security bundle” and so forth.
Bundlenut is a simple service for organizing a set of links and sharing them with others. To use the service just visit Bundlenut and start entering the links that you want to include in your bundle. You can include comments about each of the links. When you have added all of links that you want to include in your bundle, Bundlenut will assign a unique url to your bundle. Anyone with access to that url will be able to see all of your links and comments about those links.
You can use the service with or without registering. The advantage of registration is that you can go back and modify your bundle whenever you would like to.
Applications for Education
Bundlenut could be a useful service to use when you want students to read and evaluate a specific set of online resources like primary source documents.

I like #4
Today I had the privilege to participate in Discovery's Beyond the Textbook forum. One of my take-aways from the day's conversation is that most of the technologies that we want to use to make textbooks interactive and meaningful for students already exist, we just need to organize and utilize them in a way that makes sense for teachers and students. I've combined that take-away with a recent request from a reader to delineate some ways that teachers can use Wikispaces to create this list of ideas for using wikis in classrooms. Please feel free to add your suggestions, with links if possible, in the comments below (please note, I'll be on planes for the next 18 hours so there will be a delay between your comment submission and its appearance on the blog).
1. As a digital portfolio of student-created videos.
2. As a place for students to share notes on each unit of study in your courses.
3. As an alternative to textbooks. Work with colleagues in your school or department to create a multimedia reference site for your students. Include YouTube videos that use the "choose your own adventure" model to allow students to pursue areas of interest.
4. As an alternative to textbooks. Have students create reference pages for units of study in your course. When you do this students become responsible to each other for creating accurate and meaningful content that they can refer to when it comes time for assessment.
5. As a place to track, document, and manage on-going community projects. In my district every student is required to complete a community service project before graduation. As a homeroom or "common block" advisor teachers are supposed to help their students take the necessary steps to document that work. By creating a homeroom wiki you create a place where students can make weekly updates about what they have done to complete their projects.

(Related) Even the tweets are interesting.
I've spent the day with a group of educators invited to Discovery HQ in Silver Springs, Maryland to participate in a forum titled "Beyond the Textbook." As with a number of the events I've attended recently, I've opted to storify the notes, Tweets, and blog posts (and I should add here that these don't just come from the participants at the event but from those that participated in the discussions via the Web.

Quick! What's another word for Thesaurus?
Graph Words is a neat little site that provides webs of related words. If you're like me and you tend to use the word "awesome" a lot and want to mix it up, type "awesome" into Graph Words to see a web of alternative word choices. Click on any word in the web to generate a new web of more related words. Give it a try with this web based on the word "awful." Your webs can be downloaded as a PNG image.

Monday, March 19, 2012

Fortunately, Google, Amazon, Facebook, et al collect their data legally, right?
Cn: Police look into firm’s database of private info
March 18, 2012 by Dissent
We may have a new “largest breach ever” if a report out of Shanghai is confirmed. Xu Chi reports:
Shanghai police are investigating a local company that reportedly illegally collected private information of more than 150 million residents that they sell to clients for cold calling and other product promotions.
Shanghai-based Roadway D&B Co caught police and public attention after a video clip filmed by undercover reporters was broadcast nationwide in a news program on Thursday, China’s Consumer Rights Day.
Shanghai police said yesterday that they raided the company’s headquarters on Beijing Road E. after watching the broadcast. [Probable cause is anything they say it is? Bob]
Three senior executives with the company are now under police control.
Officers also confiscated four of the company’s servers for evidence.
The company, which has eight branch offices across the country, was found by undercover reporters to be holding the private information of more than 150 million residents in China, according to the program broadcast by China Central Television.
The information includes name, gender, age, address, phone number, job, monthly income and even the kind of car the person owns.
Now why do I think we’d find the same thing in the U.S.?
[From the article:
They said they gathered the information by exchanging data with other cold call companies.
They also purchased private information from real estate agents and insurance companies.
"Sometimes we get information from the banks," another employee said on the show.

I doubt we'll be luck enough to start a dialog between parents and children.
Verdict in Ravi webcam spying trial becomes ‘a cautionary tale’
March 18, 2012 by Dissent
The New Jersey Star-Ledger, which has been all over the Dharun Ravi case, has a follow-up today on how this case and conviction will be a “game changer:”
“It’s a cautionary tale,” said Jenny Carroll, a professor of criminal law at Seton Hall Law School. “Behavior that used to be considered the norm, or acceptable, has become criminal.” [Behavior that used to be limited to two or three giggling teenagers looking through a keyhole is now available in high-def video to the world in perpetuity... Bob]
The verdict warns us to respect people’s space and their differences, she says, not just because it’s the right thing but because it’s criminal if we don’t.
“This will be the end of the ‘boys will be boys’ defense,” Carroll said. “That’s what makes this verdict more or different than other verdicts. Every mother who is packing the kid up for college will say ‘You put that webcam away. You may think it’s funny, a prank, but you don’t use it because I’m not going to come and bail you out of jail.’ ”
Somehow, I doubt this case will be a game-changer as most people who might engage in bias intimidation will likely not recognize themselves as engaging in such behavior. Some will even correctly argue that some of their conduct or speech is protected speech under the First Amendment. And of course, not all states have laws like New Jersey’s.
I had mixed reactions to the verdict. I think the jurors did a diligent job considering the array of charges before them, especially since they were essentially asked to draw inferences about the intent underlying some of Ravi’s behavior. Would Ravi have used the web cam or stream it if his roommate had brought a girl to the room? Maybe, maybe not. But even if you think that he wouldn’t have done it under those conditions, does that mean he was trying to harass his roommate? Not necessarily. Should he have known that his roommate would feel intimidated by such actions? That’s a difficult one. Did Ravi appreciate that an action that might lead to fear of exposure/embarrassment is intimidation under New Jersey’s law? Should that matter? Suppose he said, “Yes, I knew with reasonable certainty that my roommate would be embarrassed by my invasion of his privacy.” Is embarrassing someone justification for criminal charges?
Calling this a “hate crime” when there was no evidence of any “hate” – a strong emotion – is misleading. Even calling this a bias intimidation crime is a stretch, I think. And there is a real risk that over-sensitivity to insensitive clod-like speech is leading to what is really protected speech being criminalized as “bullying” or “harassment.”
So what could or should the take-home message have been? I would have preferred that it be that we value our privacy and if you invade it, be prepared for criminal charges – regardless of your intention or your awareness of how the individual might feel.
What Dharun Ravi did was despicable. And even if he had no bias against gays, the privacy invasion itself was despicable. What a shame that the focus of the case didn’t stop with that, as we might have had a clearer take-home message for youth.

Was it something evil they were plotting? Or did Dr Evil (the RIAA) do all the talking?
"It looks as if the Australian Government *really* doesn't want the public to know what's going on in its closed doors talks with ISPs and the content industry. The Attorney-General's Department has applied the black marker to almost all of the information contained in documents about the meetings released under Freedom of Information laws. The reason? It wouldn't be in the 'public interest' to release the information. Strange how the public seems to have a high degree of interest in finding out what's being talked about."

I'm always interested (and often amused) by Internet tax plans...
"Downloading music, movies, e-books and Apps could soon cost Connecticut residents more as lawmakers consider a tax on digital downloads. The bill, proposed by the General Assembly's Finance, Review and Bonding Committee, would have consumers pay the 6.35% sales tax on any electronic transfer. Supporters say the bill would level the playing field for brick-and-mortar retailers in the state who are already required to charge Connecticut sales tax to consumers who purchase these products in their stores. About 25 states around the country have already begun taxing digital downloads."

Sometimes hard to tell when these guys are joking, but it raises some interesting “Radio Free Wherever” issues. How would you shut something down that was flying outside the 12 mile limit or passing through your airspace at 30,000 feet, or in Orbit? Remember those Pirate radio stations on abandoned oil platforms off the English coast?
… The Pirate Bay today unveiled their new mission. They’re working on ‘hosting’ parts of their site in GPS-controlled drones, instead of old-fashioned data centers.
“Everyone knows WHAT TPB is. Now they’re going to have to think about WHERE TPB is,” The Pirate Bay team told TorrentFreak. We were further informed that the first drone will probably fly above international waters.

Data Mining / Data Analysis
The Value and Benefits of Text Mining
… This sea of data, predicted to increase at a rate of 40% p.a., has significant potential economic and societal value. Techniques such as text and data mining and analytics are required to exploit this potential.
Direct link to Report (PDF; 6.8 MB)

Would this actually convince anyone? (Well, it can't hurt)

I'm sure MY geeks don't need this...
Linux For The Real World
The recent Linux Foundation report about the Linux jobs market highlighted a need for experienced professionals, but the traditional Linux training and certification programs don’t always impart the kind of skills actually required by employers. In an attempt to bridge this gap, veteran Linux trainer and Linux Journal associate editor Shawn Powers has teamed up with CBT Nuggets to develop a series of Linux training videos entitled “Linux for the Real World.” According to the description, this course “goes beyond the hypotheticals to walk viewers through real-world situations.”

Peanuts. Education Apps must use a lot of digital communications. Business opportunities here? (Might be fun to let my students loose on the idea)
How education apps have become a priority for AT&T
Developers with education app ideas will find a sympathetic ear at AT&T.
The company plans to spur the development of apps that will help improve the state of education, and is planning an education-centric "hackathon" contest in June to find the smartest apps. The idea is to bring the Internet, video, social media, and the concept of "gamification" to the learning process.
… The company said today it plans to invest $250 million over the next five years to improving education. Part of that money will go to its AT&T Foundry, which will look into tapping new ways to teach students.

Add to your business card? Email signature? T-shirt? is a website for creating your own QR code that has nearly anything you want. You can put contact information, a URL, a message and almost anything else your heart desires. You can also change the color of your QR code to an abundance of colors.
… You can save your code as a PNG or EPS file once you are finished. They also offer an embed code to display the result on a website or blog.
Similar tools: QRHacker anf Unitag.

Because free is good.
Also read related articles:

Because my students can't read it when I project it on the wall...
  • Increase font size in Firefox address bar.
  • Also increase the font size in the auto-complete dropdown menu.
  • Simple toggle on and off option.

Another potential tool to help my students create their own textbook... (Possible I've mentioned this one before)
Class Connect is a great free resource that allows teachers and students to build and share lessons. These lessons can include video content, Google Docs, and more. This is a great tool to organize and store the materials and also to share and collaborate with other teachers and colleagues. The site is free, well-organized, and does a great job or allowing teachers to share the best of their lessons with other passionate educators.