Saturday, April 21, 2012

Not sure how objective this is. You listen and judge...
National Security Agency Whistleblower William Binney on Growing State Surveillance
April 20, 2012 by Dissent
In his first television interview since he resigned from the National Security Agency over its domestic surveillance program, William Binney discusses the NSA’s massive power to spy on Americans and why the FBI raided his home after he became a whistleblower. Binney was a key source for investigative journalist James Bamford’s recent exposé in Wired Magazine about how the NSA is quietly building the largest spy center in the country in Bluffdale, Utah. The Utah spy center will contain near-bottomless databases to store all forms of communication collected by the agency, including private emails, cell phone calls, Google searches and other personal data.
Watch this segment on Democracy Now! There are also other segments of this series that you will want to watch, but Binney’s revelations are chilling.

Islandwide surveillance looms large in Singapore
April 20, 2012 by Dissent
The China Post reports:
Singapore has begun installing police surveillance cameras that will eventually cover all 10,000 public-housing blocks across the island, officials confirmed Friday.
The move immediately drew mixed reactions in a city-state already famous for being one of the world’s safest societies but now undergoing political transition as citizens demand greater freedom from government control.
Read more on China Post.

(Related) It's called Traffic Analysis. It's what I was trained in many, many years ago...
"The UK government's proposal to separate communications data from content, as part of new plans to allow intelligence services to monitor all internet activity, is infeasible according to a panel of technology experts. Speaking at the 'Scrambling for Safety' conference in London, Ross Anderson, professor of security engineering at the University of Cambridge Computer Laboratory, said that the distinction between traffic data as being harmless and content as being sensitive is becoming less and less relevant. 'Now that people are living more and more of their lives online, the pattern of who you communicate with and in what order gives away pretty well everything,' he said. 'This means that, in data protection terms, traffic data is now very often going to be specially sensitive data.'"

Should not be a problems if you use a reputable Anti-Virus program.
Web could vanish for hordes of people in July, FBI warns
… The problem is related to malware called DNSChanger that was first discovered way back in 2007 and that has infected millions of computers worldwide.
As a U.S attorney said in an FBI press release, the crooks "were international cyberbandits who hijacked millions of computers at will and rerouted them to Internet Web sites and advertisements of their own choosing -- collecting millions in undeserved commissions for all the hijacked computer clicks and Internet ads they fraudulently engineered."
Late last year, however, the FBI disrupted the ring and seized the rogue servers. And since so many infected computers relied on the servers to reach the Internet, the agency opted not to shut them down and instead converted them to legitimate DNS machines.
Running the machines costs the government money, though,so they're being switched off in July. If your computer is infected with DNSChanger then, the Web -- for you -- will no longer exist.

Although we've been seeing this for years, I still doubt that IT is ready to manage it. Probably some interesting legal issues too.
Go ahead, bring your Windows 8 gadgets to work, says Microsoft
… In a blog posted Thursday, "Managing 'BYO' PCs in the enterprise (including WOA)", Mircrosoft's Jeffrey Sutherland, a program manager lead in the company's Management Systems group, addresses the "drive towards consumerization of IT" and how consumer technology is "bleeding into business organizations." In short, employees are bringing their personal laptops, tablets, and smartphones to work rather than using the devices assigned to them by the organization they work for.
WOA refers to Windows-[8]-on-ARM, or what is now called Windows RT. Devices running Windows RT will include tablets, hybrid tablet-laptops, as well as small laptops -- all running on power-efficient ARM chips from Qualcomm, Nvidia, or Texas Instruments.

Forget Harvard (even Yale does) – this is what we're competing with. Many Academics are dismissing this trend, but with some classes enrolling over 100,000 students it's clear there is a market here... (Strange collection of examples they picked...)
Get a great, free education online
Here are some of the best:

Friday, April 20, 2012

The Privacy Foundation ( has the flier for their May 11th Seminar up on their website. Where else can you gain so much wisdom for a mere $20? And they toss in lunch for FREE!

(Related) An exception to every rule...
Judges Drive Truck Through Loophole in Supreme Court GPS Ruling
A federal judge in Iowa has ruled that evidence gathered through the warrantless use of covert GPS vehicle trackers can be used to prosecute a suspected drug trafficker, despite a Supreme Court decision this year that found such tracking unconstitutional without a warrant.
U.S. District Judge Mark Bennett in Sioux City ruled last week (.pdf) that the GPS tracking evidence gathered by federal DEA agents last year against suspected drug trafficker Angel Amaya, prior to the Supreme Court ruling, can be submitted in court because the agents were acting in good faith at the time. The agents, the judge said, were relying on what was then a binding 8th U.S. Circuit Court of Appeals precedent that authorized the use of warrantless GPS trackers for surveillance in Iowa and six other states.

(Related) Wonderful! Now my Ethical Hackers will be able to “PROVE!” they were only going 15 mph when they passed that cop.
"A bill already passed by the Senate and set to be rubber stamped by the House would make it mandatory for all new cars in the United States to be fitted with black box data recorders from 2015 onwards. Section 31406 of Senate Bill 1813 (known as MAP-21), calls for 'Mandatory Event Data Recorders' to be installed in all new automobiles and legislates for civil penalties to be imposed against individuals for failing to do so. 'Not later than 180 days after the date of enactment of this Act, the Secretary shall revise part 563 of title 49, Code of Federal Regulations, to require, beginning with model year 2015, that new passenger motor vehicles sold in the United States be equipped with an event data recorder that meets the requirements under that part,' states the bill."

I'm designing a line of foil lined baseball caps with pictures of my favorite lawyers on top...
When drones start flying over our neighborhoods, what will protect our privacy?
April 20, 2012 by Dissent
Congressmen Ed Markey and Joe Barton, co-chairs of the Congressional Bi-Partisan Privacy Caucus, have sent a letter to the FAA about drones and privacy concerns. They ask the right questions about transparency and privacy protections – questions I wish the FAA had been asked before the law had been passed. A response is requested by May 10.

This could be very informative, but... When this study started, did we even know what sexting was?
"A University of Texas-Dallas developmental psychology professor has used a $3.4 million NIH grant to purchase Blackberries for 175 Texas teens, capturing every text message, email, photo, and IM they've sent over the past 4 years. Half a million new messages pour into the database every month. The researchers don't 'directly ask' the teens about privacy issues because they don't want to remind them they're being monitored. So many legal and ethical issues here. I can't believe this is IRB-approved. Teens sending nude photos alone could make that database legally toxic. And then there's the ethical issue of monitoring those who have not consented to be part of the study, but are friends with those who have. When a friend texted one participant about selling drugs, he responded, 'Hey, be careful, the BlackBerry people are watching, but don't worry, they won't tell anyone.'"
This sounds like an American version of the "Seven Up" series.

Children have no rights! “Go ahead and tell the parents when we're done.”
Cops Take School Kids’ DNA in Murder Case
April 19, 2012 by Dissent
Alyssa Newcomb reports:
Samples of DNA were collected without parental consent from students at a Sacramento, Calif., middle school in connection with the murder of an 8th grade student who was found stabbed, strangled and beaten to death near the dugout of a local park.
The Sacramento Sheriff’s Department, which has been spearheading the investigation into the murder of Jessica Funk-Haslam, 13, said parental consent was not required in the DNA collection and interview of minors, several of whom were taken out of class during the day last week at Albert Einstein Middle School.
These are interviews, not interrogations,” Sheriff’s Deputy Jason Ramos told “They are all consensual. Once it’s done, there is a mechanism in place for school administrators to notify parents.”
There is nothing under California law that prohibits DNA collection of consenting minors, said John Myers, a professor at the McGeorge School of Law in Sacramento.
Say what?? How can minors meaningfully consent? And what happens to the DNA samples after this investigation? Will they be destroyed or will some profile be stored in a state or federal database? And were the students told what would happen to the samples before they were asked for their consent?
“Paging ACLU to Aisle 4….”
Read more on ABC.

It's now a question for the Supremes...
"In a somewhat startling decision, the U.S. Court of Appeals for the Ninth Circuit has ruled that several employees at an executive recruitment firm did not exceed their authorized access to their company's database when they logged into the system and stole confidential data from it. The appellate court's decision affirms a previous ruling made by the U.S. District Court for the Northern District of California. The government must now decide if it wants to take the case all the way to the U.S. Supreme Court. The judge wrote that the Computer Fraud and Abuse Act, under which they were charged, applies primarily to unauthorized access involving external hackers. The definition of 'exceeds authorized access' under the CFAA applies mainly to people who have no authorized access to the computer at all, the judge wrote. The term would also apply to insiders who might have legitimate access to a system but not to specific information or files on the system Applying the language in the CFAA any other way would turn it into a 'sweeping Internet-policing mandate,' he wrote."

Another “suspect” legal interpretation?
Motorcycle Club’s Attorney Scoffs at FBI Assessment
… The FBI assessment, which Threat Level reported Wednesday, concluded that the Vagos Motorcycle Club, which the bureau has declared an outlaw motorcycle gang based in Southern California, has trademarked its jacket patch — replete with the trademark registration symbol — to block “law enforcement agencies from inserting undercover officers” into the club.
“It’s the most ridiculous thing I’ve ever heard in my life,” Joseph Yanny, the group’s attorney, said in a telephone interview from Los Angeles. Yanny quipped that the bureau, in coming to its conclusions, was likely “interviewing clowns in Vegas.”

It used to be “Sport.” “Everything that is not trademarked is copyrighted. We own the rights to all Olympic performances. We own all Olympic venues. In fact, we own the athletes too. ”
"With London's summer 2012 games due to take place in the very near future, you'd think that organizers would make more of an effort and persuade people to show more of an interest — yet it appears the complete opposite has happened, with strict guidelines banning athletes from posting photos of themselves on Twitter with products that aren't official Olympics sponsors, as well as prohibiting videos or photos to be taken from the athlete's village. Oh and just for good measure, fans could find themselves barred from sharing videos and photos on Facebook and YouTube of themselves delighting in said Olympics action."

NBC have just announced that they will be streaming the entire London 2012 Olympic Games online live. All 32 sports featured at the Summer Olympics will be shown live on the NBC Olympics site.

Now TSA can play with even more data.
"The European Parliament has approved the controversial data transfer agreement, the bilateral PNR (passenger name register), with the US which requires European airlines to pass on passenger information, including name, contact details, payment data, itinerary, email and phone numbers to the Department of Homeland Security. Under the new agreement, PNR data will be 'depersonalized' after six months and would be moved into a 'dormant database' after five years. However the information would still be held for a further 15 years before being fully 'anonymized.'"

Now this could be interesting.
EPIC demands full copy of FCC's probe of Google Street View
An Internet privacy advocacy group wants the Federal Communications Commission to release the full report of its investigation of Google's Street View, which collected and stored data from unencrypted wireless networks.
The Electronic Privacy Information Center has filed a Freedom of Information Act request to see the commission's full 25-page report, saying it "raised questions about the scope of the FCC's Street View investigation." A heavily redacted version painted Google as being too busy to respond with alacrity to its request for information and suggested more than slight frustration.

Survey says 1 in 4 organizations have had issues with mobile malware
Getting a virus on your computer is bad enough, but getting one on your phone is a whole other story. All your personal information leaks, and sometimes that includes the login credentials for many of the services you use. But how big of a problem is mobile malware? Goode Intelligence has had a go at quantifying the issue, and what they have to say isn’t pretty: 24% of the organizations they surveyed reported that they had to deal with infected devices during 2011. Back in 2010 that number was just 9%. How many companies enforce the use of some sort of anti-virus software on their smartphones? Less than 1 in 5.

A network without hardware... Once upon a time, “networks” didn't exist at all. If you wanted to send information from point A to point B you needed a direct, dedicated circuit.
Vanishing Webpage Links Google to Network Maverick Nicira
As part of its new-age system for moving traffic between its massive data centers, Google is using a network controller built in tandem with swashbuckling Silicon Valley startup Nicira, according to a Google presentation posted to the web.
On Tuesday, during a speech in Santa Clara, California, Google’s Urs Hölzle — the man who oversees the company’s worldwide network of data centers — revealed that the company is now using an open source protocol known as OpenFlow to completely overhaul the links between the computing facilities that drive its sweeping collection of web services, and a slide presentation that accompanied the speech was posted to the web.
The presentation has now been removed, but an extra slide tacked on to the end of the file indicated that Google is driving its OpenFlow-based network gear using a controller called Onix. (We’ve uploaded a copy of the presentation here.) Onix serves as the basis for the software offered by Nicira, an outfit that recently emerged from stealth mode touting a new breed of network that exists only as software. According to a 2010 research paper, Onix was designed by four Nicira engineers, three Googlers, an NEC employee, and an academic who was among Nicira’s co-founders. The top four contributors to the paper are Nicira employees.

I want copies...
"Two 70-year-old papers by Alan Turing on the theory of code breaking have been released by the government's communications headquarters, GCHQ. It is believed Turing wrote the papers while at Bletchley Park working on breaking German Enigma codes. A GCHQ mathematician said the fact that the contents had been restricted 'shows what a tremendous importance it has in the foundations of our subject.'"
[From the article:
The two papers are now available to view at the National Archives at Kew, west London. [No electronic version? Fire up the jet, Kato. Bob]

e-Discovery, for my Ethical Hackers...
Verifeyed uses a camera’s ‘mathematical fingerprint’ to find manipulated images
Image analysis startup Verifeyed wants to bring a new a sense of legitimacy to the world of digital images.
“Today, digital images are everywhere. But, image editing tools like Adobe Photoshop easily allow the creation of fake images with just a few clicks,” the startup told VentureBeat. “As a result, digital images have lost their trustworthiness. This situation only worsens as products such as Photoshop become more prevalent, sophisticated, and easy to use.”
… it plans solve the problem using its patent pending technology that is able to certify the originality (or absence of modification) for digital images taken from any device. Also, it uses math (a lot of it) — a product of the founders specialty as PhD researchers in the area of applied mathematics.

Thursday, April 19, 2012

Here's what a number of you have been waiting for. The Privacy Foundation ( ) has announced the topic for their May 11th Seminar!
The Fourth Amendment Clash with Technology: Warrantless GPS Tracking and Court Ordered Release of Encryption Codes
Legal and ethical implications will be discussed by some very interesting speakers.
Make your reservations early! Contact: Diane Bales, Sturm College of Law, 303.871.6580

It's obvious Privacy isn't high on the President's list.
Hearing Strains to Revive Addled Privacy Watchdog
April 19, 2012 by Dissent
Adam Klasfeld reports on yesterday’s hearing on nominees to the Privacy and Civil Liberties Oversight Board, a board that has been inactive for years:
… Three years into his term, Obama made his first five nominations: James Dempsey, an executive with the Center for Democracy & Technology; Elisebeth Collins Cook, a former Department of Justice lawyer; Rachel Brand, an attorney for the U.S. Chamber of Commerce; Patricia Wald, a former federal judge for the D.C. Circuit; and David Medine, a WilmerHale partner tapped to chair the board.
Dempsey, Wald and Medine are Democrats. Cook and Brand are Republicans.
All of the candidates seemed reluctant Wednesday to comment on Obama administration policies that most trouble civil libertarians.
Read more on Courthouse News.
The nominees seemed to follow the same strategy as Supreme Court nominees: say nothing controversial or even clear about specific issues.

It's a bad law, but it's all we have?
"The case involves an online game, MapleStory, and some people who set up an alternate server, UMaple, allowing users to play the game with the official game client, but without logging into the official MapleStory servers. In this case, the people behind UMaple apparently ignored the lawsuit, leading to a default judgment. Although annoyed with MapleStory (The Judge knocked down a request for $68,764.23 — in profits made by UMaple — down to just $398.98), the law states a minimum of $200 per infringement. Multiply that by 17,938 users of UMaple... and you get $3.6 million. In fact, it sounds like the court would very much like to decrease the amount, but notes that 'nevertheless, the court is powerless to deviate from the DMCA's statutory minimum.' Eric Goldman also has some further op-ed and information regarding the case and judgement."

Congressman surprised to learn how government works?
"Despite President Obama's recent call for companies to 'insource' jobs sent overseas, it turns out that the federal government itself is spending millions of dollars to train foreign students for employment in some booming career fields--including working in offshore call centers that serve U.S. businesses. The program is called JEEP, which stands for Job Enabling English Proficiency. It's available to college students in the Philippines through USAID. That's the same agency that until a couple of years ago was spending millions of dollars in U.S. taxpayer money to train offshore IT workers in Sri Lanka. Congressman Tim Bishop (D-New York), told about the program on Tuesday, called it 'surprising and distressing.' Bishop recently introduced a bill that would make companies that outsource call centers ineligible for government contracts." [Let's hope he meant “offshoring” rather than “outsourcing” or he's in for another surprise. Bob]

Could be useful for my dual language students...
Sobotong is a free to use search engine that lets you search for items in two different languages. You use the site like any other search engine; the only difference is that you specify two languages to go along your query. A wide list of languages is supported by the site. Your search results are displayed in the first language you select, with the translated query on top.
Similar tools: 2Lingual.

'cause I never seem to have enough.
On Monday I published a list of Seven YouTube Channels Not Named Khan Offering Math Lessons. Thanks to three helpful readers I learned of three more good YouTube channels offering mathematics tutorials. Then I reminded myself that The New Boston which is primarily a channel for computer science lessons also has some good playlists of geometry, algebra, and basic mathematics lessons.
James Gubbins commented on Monday's list with the suggestion of adding Hurley Calculus to the list. Hurley Calculus, as the name implies, provides lessons on calculus. There are currently 73 videos in the Hurley Calculus channel.
Math Doctor Bob's YouTube channel was suggested by a reader using the Disqus ID Npisenti. Math Doctor Bob offers nearly 700 video lessons on statistics, algebra I and II, calculus, geometry, and much more. The lessons feature Doctor Bob giving the lesson in front of a whiteboard so you see him and don't just hear his lessons.
Patrick JMT was suggested by Robert Borgersen who wrote, "Patrick JMT is HUGE, and equally good, if not better in some places, than Khan." Patrick JMT doesn't cover as many topics as Khan or Math Doctor Bob, but the videos are equally solid. I've included one of the Whole Numbers and Place Values lesson video below.


Wednesday, April 18, 2012

The picture comes into focus...
What local cops learn, and carriers earn, from cellphone records
April 18, 2012 by Dissent
Bob Sullivan reports:
The war on drugs has gone digital; but is it also a war on cellphone users?
That’s just one of the questions raised by an investigation into use of cellphone tracking data by local police departments across the nation. built a database of thousands of invoices issued by cell phone network providers to cities after cops asked for caller location and other personal information between 2009-2011. The invoices were first obtained by the American Civil Liberties Union and released to the public earlier this month.
The database offers perhaps the first blow-by-blow accounting of several cities’ use of cellphone tracking as a crime-fighting tool and the potential blow to civil liberties that the requests represent.
Read more on Red Tape. It really gives a sense of what might be going on around the country as well as how carriers bill – or don’t bill – for services and how most requests do not involve warrants.

What happens at school, stays at school?”
FL: Pasco school board to consider limiting student photos on Facebook
April 17, 2012 by Dissent
Ronnie Blair reports:
Pasco County students who use cellphones or other electronic devices to snap photos of classmates, teachers or anyone else at school would need to ask permission under planned revisions to the student code of conduct.
They would also need to ask the person’s permission before posting those photos on social network sites or other Internet sites.
The same prohibitions would apply to video.
Read more on the Pasco Tribune.
So you can’t take a picture of a school concert and upload it without getting every student’s permission just to even take the picture?
You can’t snap photos of a high school football game and upload it without getting every player’s permission before you can even take a picture?
Prohibiting the taking of pictures in some settings such as locker rooms, bathrooms, or the nurses’s office makes some sense, but how far does this prohibition go?
[From the article:
Alfonso said the photography issue raises some questions, especially regarding what constitutes consent.
"Whose consent is it?" he asked. "Is a 10-year-old student going to be able to consent over his parents' consent?"

Ever more knowledgeable and well known people are being ignored...
Tim Berners-Lee speaks out against U.K. surveillance bill
The man credited with inventing the World Wide Web has come out against the British government's contentious plans to monitor all Internet communication.
In an extensive interview with U.K. newspaper the Guardian, Tim Berners-Lee said the type of surveillance that the government was proposing was tantamount to the "destruction of human rights" and "the most important thing to do is to stop the bill as it is at the moment."

I am amazed that a motorcycle gang would stoop so low as to admit an IP Lawyer... (My God! You don't think they're all IP Lawyers, do you?)
FBI: Motorcycle Gang Trademarked Logo to Keep Narcs at Bay
We’ve always considered trademarking as a way to protect a company’s intellectual property and to aid consumers in identifying trusted products and services.
But on Tuesday, we stumbled on a novel use of intellectual-property law put into play by an alleged organized crime syndicate founded in Southern California.
The Vagos Motocrycle Club, which the Federal Bureau of Investigation has declared an outlaw motorcycle gang, has trademarked its jacket patch, replete with the trademark registration symbol, “in an effort to prevent law enforcement agencies from inserting undercover officers into their organization,” according to an FBI memo that surfaced on Tuesday.
The 2011 “law enforcement sensitive” memo (.pdf), unearthed by the Public Intelligence blog, warns infiltrating law enforcement officers that they “may be placing themselves in danger” if they don’t have the registration symbol at the bottom of the 600-member club’s patch, which is an insignia of Lokia, the god of mischief. [The patron saint of lawyers? Bob]

Amazon’s Secretive Cloud Carries 1 Percent of the Internet
Amazon’s cloud computing infrastructure is growing so fast that it’s silently becoming a core piece of the internet.
That’s according to an analysis done by DeepField Networks, a start-up that number-crunched several weeks’ worth of anonymous network traffic provided by internet service providers, mainly in North America.
They found that one-third of the several million users in the study visited a website that uses Amazon’s infrastructure each day.
… It’s popular with companies that see big spikes and drops in computing demand. Netflix uses it to handle the back-end of its streaming service, which is in hot demand on Sunday nights and then gets quiet a few hours later. And a supercomputing company called Cycle Computing even managed to build one of the world’s 50 most powerful supercomputers on the Amazon cloud.
… The company operates several data centers — it calls them “availability zones” — in Virginia, the West Coast, Singapore, Tokyo and Europe and, clearly, they have been growing fast in the past few years.
According to data compiled by Adrian Cockcroft, director of cloud architecture at Netflix, Amazon has increased the number of IP addresses assigned to servers in those data centers more than fivefold in the past two years — from just over a quarter-million IP addresses in February 2010 to more than 1.7 million last month.
That could show that Amazon’s business is growing even faster than most people realize (Gartner pegs its growth rate at about 30 percent year over year) or it could mean that Amazon is simply loading up on IP addresses in anticipation of future growth.

"Yet another move by IBM out of end-user hardware, Toshiba will be buying IBM's retail point-of-sale systems business for $850M. Is it really a good idea for a company defined by good (and in this case, high-margin) hardware to sell it off in favor of nebulous consulting stuff? 'Like IBM's spin-offs of its PC, high-end printer, and disk drive manufacturing businesses to Lenovo, Ricoh, and Hitachi respectively in the past decade, IBM is not just selling off the RSS division but creating a holding company where it will have a stake initially but which it will eventually sell.' Is there really no money in hardware anymore? "

For my “starving students” – worth a look. (Also suggests what the 'missing parts' must cost)
9 Bargain-Bin Gadgets for the Struggling 99 Percent

"A gigabyte here, a gigabyte there, pretty soon, you're talking big data" (with apologies to Everett Dirksen)
If you are an Internet user, it is more than likely that you store some of your content in the cloud be it Facebook, Google Docs, Dropbox or others. ZeroPC allows you to connect all your cloud storage in one single space and navigate through it seamlessly. The services supported are, Dropbox, Facebook, Twitter, Evernote, Flickr, Google Docs, Instagram, Picasa, Sky Drive and Sugar Sync.

The “Fast Food University” model? “Over One Billion educated?”
Last fall, 3 Stanford classes were offered free, online, and open to the general public: Artificial Intelligence, Machine Learning, and Intro to Databases. Their popularity far exceeded the university’s initial expectations from what I can gather – hundreds of thousands of students in a class’ll do that, I suppose.
… And now, two other Stanford professors, on leave but still affiliated with the university, are officially unveiling their startup, Coursera.
… I covered Coursera earlier this year. But today the startup is pulling back the curtain on its plans, announcing that it’s raised $16 million in funding from Kleiner Perkins Caufield & Byers and New Enterprise Associates. It has also secured partnerships with four universities – Princeton, Stanford, the University of Michigan, and the University of Pennsylvania – which will offer open online courses through the Coursera platform.
Over 1 million students have already signed up for the initial courses that Coursera’s had posted on its website.

Tuesday, April 17, 2012

I dare say they don't like it... But then a dumb idea by any name is still just as dumb...
April 16, 2012
EFF FAQ on CISPA Cybersecurity Bill
Follow up to posting on SOPA’s Evil Twin Sister – CISPA, via Electronic Frontier Foundation, Cybersecurity Bill FAQ: The Disturbing Privacy Dangers in CISPA and How To Stop It, by Trevor Timm
This week, EFF—along with a host of other civil liberties groups—are protesting the dangerous new cybersecurity bill known as CISPA that will be voted on in the House on April 23. Here is everything you need to know about the bill and why we are protesting:

Well, it's not like judges actually understand the law...
Contradicting a Federal Judge, FCC Clears Google in Wi-Fi Sniffing Debacle
The Federal Communications Commission is clearing Google of wrongdoing in connection to it secretly intercepting Americans’ data on unencrypted Wi-Fi routers.
The commission concluded Friday, in an order unveiled Monday, that no wiretapping laws were violated when the search giant’s Street View mapping cars eavesdropped on open Wi-Fi networks across America.
… Last year, a federal judge ruled that the search-and-advertising giant could be held liable for violating federal wiretapping law, giving the greenlight to lawsuits seeking damages over Google’s objections.
But the commission, which fined Google $25,000 for stonewalling the investigation, found that legal precedent — and an unnamed Google engineer’s refusal to speak to FCC investigators — meant Google was off the hook for wiretapping.
“Based on careful review of the existing record and applicable law, the bureau will not take enforcement action,” the FCC’s enforcement bureau wrote (.pdf) in a heavily redacted 25-page order. The agency commenced an investigation after the Electronic Privacy Information Center demanded that the government review Google’s behavior

How can you show tremendous improvements in education if you don't start with low-scoring students?
"Robert Krampf, who runs the web site 'The Happy Scientist,' recently wrote in his blog about problems with Florida's Science FCAT. The Florida Comprehensive Assessment Test is an attempt to measure how smart the students are. [So, how well they are educated has nothing to do with it? Bob] Where other states have teachers cheating to help students, Florida decided to grade correct answers as wrong. Mr. Krampf examined the state's science answers and found several that clearly listed right answers as wrong. One question had 3 out of 4 answers that were scientifically true. He wrote to the Florida Department of Education's Test Development center. They admitted he was right about the answers, but said they don't expect 5th graders to realize they were right. For this reason they marked them wrong. As such, they were not changing the tests. Note: they wouldn't let him examine real tests, just the practice tests given out. So we have no idea if FCAT is simply too lazy to provide good practice questions, or too stupid to be allowed to test our children."

Canada has a “tax” on blank CDs and DVDs that pays the music industry for “piracy” – couldn't you argue that this is music they already paid for?
"A number of Canadian media companies have joined forces to try to shut down a free music website recently launched by the Canadian Broadcasting Corp., claiming it threatens to ruin the music business for all of them. The group, which includes Quebecor Inc., Stingray Digital, Cogeco Cable Inc., the Jim Pattison Group and Golden West Radio, believes that will siphon away listeners from their own services, including private radio stations and competing websites that sell streaming music for a fee. The coalition is expected to expand soon to include Rogers Communications Inc. and Corus Entertainment Inc., two of the largest owners of radio stations in Canada. It intends to file a formal complaint with the CRTC, arguing that the broadcaster has no right under its mandate to compete with the private broadcasters in the online music space. ... 'The only music that you can hear for free is when the birds sing,' said Stingray CEO Eric Boyko, whose company runs the Galaxie music app that charges users $4.99 a month for unlimited listening. 'There is a cost to everything, yet CBC does not seem to think that is true.' ... The companies argue they must charge customers to offset royalty costs which are triggered every time a song is played, while the CBC gets around the pay-per-click problem because it is considered a non-profit corporation. ... Media executives aren't the only ones who have expressed concern. When the CBC service was launched in February, the Society of Composers, Authors and Music Publishers said that when it set a flat fees for the more than 100,000 music publishers it represents, it never envisioned a constant stream of free music flooding the Internet."

Think about this one. Does it foreshadow the death of the telephone industry? (Can they compete with unlimited free video chat?)
Microsoft Wants to Put Skype in Your Web Browser
Mozilla recently showed off a demo of a video chat app built entirely from web standards. Now Microsoft’s Skype video calling service appears to be headed to the web browser as well. points out a number of new Microsoft job ads that describe “Skype for Browsers” and say the company is looking for developers with experience building HTML5-based apps.

How else can I know what's cool?
Google Trends is the simplest and most obvious solution to see what’s trending now.
Clicking on or searching for a trend will allow you to see an analytical profile for those keywords. It will scale the “hotness,” give you related searches, show a graph of the search activity, and give you some relevant search and blog results for the term.
What the Trend uses the internet’s most trendy social network, Twitter, to graph out and explain what is trending right now.
My favorite thing about WtT is that it goes in great depth to not only present trends, but to explain why they are trending and show you a history of the trend.
While it doesn’t monitor “topics” in the same way as our previous two websites do, BF does a great job of sharing viral content that will make you say LOL, OMG, or WTF.
Check out these other articles:

More for my Math students...
Monday, April 16, 2012
… here is my short list of YouTube channels not named Khan Academy that offer mathematics lessons. is developed by high school mathematics teacher Bradley Robb. His YouTube channel has more than six hundred videos covering topics in Algebra and Calculus. You can access the videos on a mobile version of WowMath too.
Numberphile is a neat YouTube channel about fun number facts. There are currently thirty-three videos in the Numberphile collection.
Bright Storm is an online tutoring service. On their YouTube channel Bright Storm provides hundreds of videos for Algebra I, Algebra II, Trigonometry, Precalculus, and Calculus.
Ten Marks is another online tutoring service that offers mathematics tutorial videos on their site as well as on their YouTube channel. Some of the lessons in their playlists include lessons on units of measurement, decimals, fractions, probability, area and perimeter, and factoring.
Math Class With Mr. V features seven playlists made by a mathematics teacher teaching lessons on basic mathematics, geometry, and algebra. In all there are more than 300 video lessons. Like most mathematics tutorials on YouTube, Math Class With Mr. V uses a whiteboard to demonstrate how to solve problems.
The Open University is one of my go-to YouTube channel for all things academic. A quick search on The Open University reveals seven playlists that include lessons in mathematics. The lessons that you will find in these playlists are more theoretical than they are "how to" lessons.
Yay Math! features an excited teacher teaching mathematics lessons to his students. The videos capture just the teacher and his whiteboard with some feedback from students. The videos cover topics in Algebra and Geometry. You can check out the Yay Math! companion website to learn more about Robert Ahdoot, the teacher featured in the videos.

Global Warming! Global Warming! Is really Global Climate Change. To say we don't yet have the full picture is a gross understatement.
Some Asian glaciers 'putting on mass'
A French team used satellite data to show that glaciers in part of the Karakoram range, to the west of the Himalayan region, are putting on mass.
The reason is unclear, as glaciers in other parts of the Himalayas are losing mass - which also is the global trend.

Monday, April 16, 2012

My Ethical Hacker students thank you for pointing out a major bank vulnerability! (Postcards from Brazil to follow...) Let's not encourage improved security here, at least until we offer to return all their bank accounts in exchange for an end to weapons development...
Computer specialist who had warned Iranian banks about vulnerability, hacks and dumps 3 million accounts to make his point
April 16, 2012 by admin
Is it just me, or have these folks missed the point? From The Tehran Times:
A computer specialist, who used to work for a PSP (payment service provider) company which offers a number of Iranian banks services for accepting electronic payments, has hacked accounts of three million bank customers to show the vulnerability of the banks to computer security threats, the Persian service of the Fars News Agency reported on Sunday.
According to the report, the hacker had provided the managing directors of the targeted banks with information about the bank accounts of 1000 customers in the previous Iranian calendar year (ended on March 19) to warn them about the susceptibility of their computer systems and networks to cyber threats.
The Central Bank of Iran issued a statement on Saturday advising the bank customers to change the passwords of their bank cards to prevent possible credit card fraud.
An official at the Central Bank of Iran also told the Persian service of IRNA on Sunday that no one has illegally accessed people’s bank accounts.
“It is possible that certain individuals have some information… but they cannot use this information until the bank cards are not in their possession,” Nasser Hakimi said.
The deputy chief of Iran’s cyber police, Mohsen Mirbahresi, also said on Sunday that there is no cause for concern because the hacker has not acquired important financial information, such as bank account numbers.
No statement about improving security? Changing passwords isn’t going to do it if the security problems aren’t addressed.
Radio Free Europe and Kabir News identify the hacker as Khosrow Zare Farid, a former manager at Eniak,the operator of Shetab payment network in Iran. According to Kabir News, Farid had previously warned the banks of the problem but got no response and decided to publish the data of 3 million accounts from ten Iranian banks.
I suspect he’s got their attention now. [Run! Bob]
The Iran Independent News Service reports that ATM’s in the country are no longer dispensing cash and that the only function working is the mode for changing the passwords.

I have a friend whose life goal is to “invent a new sin!” This, he assures me, is a way to guaranteed riches... Cybercrime isn't “a new sin.”
April 15, 2012
Commentary - Experts question validity of cybercrime statistics
New York Times: The Cybercrime Wave That Wasn’t, by Dinei Florêncio, researcher and Cormac Herley, principal researcher at Microsoft Research
  • "In less than 15 years, cybercrime has moved from obscurity to the spotlight of consumer, corporate and national security concerns. Popular accounts suggest that cybercrime is large, rapidly growing, profitable and highly evolved; annual loss estimates range from billions to nearly $1 trillion. While other industries stagger under the weight of recession, in cybercrime, business is apparently booming. Yet in terms of economics, there’s something very wrong with this picture. Generally the demand for easy money outstrips supply. Is cybercrime an exception? If getting rich were as simple as downloading and running software, wouldn’t more people do it, and thus drive down returns? We have examined cybercrime from an economics standpoint and found a story at odds with the conventional wisdom. A few criminals do well, but cybercrime is a relentless, low-profit struggle for the majority. Spamming, stealing passwords or pillaging bank accounts might appear a perfect business. Cybercriminals can be thousands of miles from the scene of the crime, they can download everything they need online, and there’s little training or capital outlay required. Almost anyone can do it. Well, not really. Structurally, the economics of cybercrimes like spam and password-stealing are the same as those of fishing. Economics long ago established that common-access resources make for bad business opportunities. No matter how large the original opportunity, new entrants continue to arrive, driving the average return ever downward. Just as unregulated fish stocks are driven to exhaustion, there is never enough “easy money” to go around. How do we reconcile this view with stories that cybercrime rivals the global drug trade in size? One recent estimate placed annual direct consumer losses at $114 billion worldwide. It turns out, however, that such widely circulated cybercrime estimates are generated using absurdly bad statistical methods, making them wholly unreliable."

This is news? You probably teach torts in the torts class. By the time you reach Privacy Law, you should recognize a tort when you trip over one. You don't teach Class Actions in that class either.
How irrelevant are privacy torts to today’s biggest privacy concerns?
April 16, 2012 by Dissent
Over on Concurring Opinions, Peter Swire explains why he doesn’t teach the privacy torts in his privacy law class. He writes, in part:
Privacy torts aren’t about the data. They usually are individualized revelations in a one-of-a-kind setting. Importantly, the reasonableness test in tort is a lousy match for whether an IT system is well designed. Torts have not done well at building privacy into IT systems, nor have they been of much use in other IT system issues, such as deciding whether an IT system is unreasonably insecure or suing software manufacturers under products liability law. IT systems are complex and evolve rapidly, and are a terrible match with the common sense of a jury trying to decide if the defendant did some particular thing wrong. [That assumes juries would not understand “here is how we protected customer privacy.” Bob]
That certainly helps answer questions I’ve raised repeatedly on this blog, as to which privacy tort might apply in a particular situation that I find disturbing or egregious. It also helps explain why I find myself turning to the FTC more to go after businesses under their authority to address unfair business practices that can harm consumers.
Read more on Concurring Opinions.

Think of this as a 'rant' in graphic form, sort of a rant-o-graphic...
April 15, 2012
LLRX: SOPA’s Evil Twin Sister – CISPA
Via - SOPA’s Evil Twin Sister – CISPA: Well known graphic artists Jake O'Neil and Spencer Belkofer created this infographic out of a sense of urgency to visualize the salient information with as many communities as possible. This bill, the Cyber Intelligence Sharing and Protection Act of 2011, has not garnered the media coverage of the Stop Online Piracy Act (SOPA), but its high impact implications target key legal issues involving privacy and intellectual property.

This is not about reading individual emails. The software described looks at the overall semantic shifts. Are employees whose emails contained invites to local fast food joints now talk about going to the Union meeting? This is like Google scanning your emails to deliver targeted ads, only here employers are looking to see if they are the target.
"In an effort to protect sensitive data from internal security threats, some organizations are 'using new technology to look at the language of their IT staff's emails to determine whether their behavior or mind-set has changed,' the Wall Street Journal reports. Is secretly spying on and linguistically interpreting employee emails going too far in the name of security? from the article: 'I understand the need to be aware of the attitudes of workers with high-level access to data and networks, but this strikes me as creepy. What if an IT employee suddenly has relationship problems or family issues? Will they then be flagged by HR as potentially troublesome or even a data security risk? [and will HR be correct? Bob] And all without them even knowing there's a dossier being created of them and their "suspect" behavior?'"

Think of “Mom” as a codeword for “old fuddy-duddy”
So I'm not actually trying to teach my mom to use Twitter, but it makes for a nice title to this post. Mom, This Is How Twitter Works is an excellent explanation with visuals and text of how Twitter works. The post, written by Jessica Hische, explains everything you need to know about Twitter. Want to know what a reTweet is? That's covered. Do you want to know which things on your timeline can or can't be seen by others? That's explained. And just how does Twitter compare to Facebook? Jessica has that covered too.
Applications for Education
If you have ever tried Twitter, but just didn't "get it" Mom, This Is How Twitter Works is for you. If you're trying to get your colleagues to try Twitter to build their own personal learning networks online, Mom, This Is How Twitter Works could be a good primer to have them read and or reference.

For my future, e-book using students. (In Beta, less than 800 books so far...)
April 15, 2012
Directory of Open Access Books - DOAB
"The primary aim of DOAB is to increase discoverability of Open Access books. Academic publishers are invited to provide metadata of their Open Access books to DOAB. Metadata will be harvestable in order to maximize dissemination, visibility and impact. Aggregators can integrate the records in their commercial services and libraries can integrate the directory into their online catalogues, helping scholars and students to discover the books. The directory will be open to all publishers who publish academic, peer reviewed books in Open Access and should contain as many books as possible, provided that these publications are in Open Access and meet academic standards."

Geeky: So simple, no one thought to try this before? (Axiom: The best is rarely the most heavily advertised.)
Measuring Battery Capacity With an Arduino
Denis Hennessy recently encountered a problem we’ve all faced: he needed some AAs for a battery-eating gizmo, and he was overwhelmed by the choices available. Ignoring the shiny packaging and its marketing jargon, the core question was: which brand offered the best bang-for-the-buck?
Hennessy knew that the cheapest price did not necessarily mean the best value, so he did the only logical thing: pull on his Mad Science labcoat, buy samples of all the batteries, build an Arduino-controlled testing rig, and start generating data.
… Over on his blog, Hennessy has published the results of his tests of 10 different brands of battery. Most of the batteries perform about the same from 1.5V down to about 1.2V, but below that, the results diverge wildly, with about a 9x difference between the best and the worst.
[From the blog:
There’s a difference of over 9X between the best value (RS Power Ultra) and the worst value (Panasonic Evolta).