Saturday, October 06, 2012

Our Math classes come with access to a publisher owned, online MathLab ( where students do homework and take tests. Apparently someone doesn't like it...
Denial Of Service attack on WebAssign
On October 4th, at around 9pm EDT, WebAssign was the target of a Denial Of Service (DOS) attack, in which a website is deliberately flooded with traffic to the point of being unable to respond to its users. Many users could not access WebAssign during this time, or got errors. We were able to stop the attack around 10pm EDT, and we are investigating to find its source.
We apologize for any inconvenience this incident caused.

Does every Twitter user understand how their Tweets move?
OWS lawyer asks court to overturn Twitter order
October 5, 2012 by Dissent
Adam Klasfield reports that Malcolm Harris’s attorney has filed a writ of mandamus, seeking to have the court overturn a ruling that required Twitter to turn over his tweets to the District Attorney.
Read more about this latest development on Courthouse News.
[From the article:
Her 45-page motion argues that her client's subpoena has fateful repercussions in the age of cloud computing, an umbrella term describing the use of remote databases to store users' private information.
"Personal communications, daily schedules and travel itineraries that you once stored in a desk drawer or dedicated directory on a home computer are now stored for you by your ISP or social-networking site, somewhere in the cloud," the motion states. "The information is still yours. You still have control over it, but both technically and technologically someone else is now its custodian.
"The question this case poses to the court is: What, if anything, does the change in architecture and protocols of the Internet mean for the relationship between the individual and the state?

I typically end my involvement after the data has been gathered. This topic is also big in the Dotcom case, where files belonging to (almost certainly) innocent customers were grabbed (not copied) along with everything else.
Hacker Case Could Test Limits on Electronic Searches
October 6, 2012 by Dissent
Vanessa Blum reports on U.S. v. Collins, a case involving Anonymous’s attacks on PayPal in retaliation for not permitting donations to WikiLeaks. One of the interesting – and important – issues that has arisen is the extent to which prosecutors really need to purge and/or return material and files on seized computers that are not necessary to their prosecution. Is it inconvenient and time-consuming to do all that? Yes, but if the approval of a warrant was based on that assurance, then darn it, shouldn’t they do it? Blum reports:
More than a year after federal agents arrested 14 people accused in a cyberattack on PayPal, the high-profile prosecution has ground to a standstill over the handling of computers seized in the investigation.
Searches carried out in a dozen states targeted computers, hard drives and other digital devices, resulting in an avalanche of electronic material for investigators to sift through.
But intermingled with potential evidence of a crime were millions of irrelevant files, like emails, photographs, medical records, downloaded articles, Internet search histories and old tax returns.
Just how far prosecutors must go to segregate and purge such extraneous material is a question that could derail the federal hacking case and test the limits judges place on electronic searches.

“We're ensuring the health of our citizens!” No similar policy for booze or wacky-weed? I propose mandatory IQ testing for elected officials. Anyone testing below average is automatically impeached.
"On October 2, City Commissioners of Delray Beach finalized a policy which prohibits agencies from hiring employees who use tobacco products. Delray Beach isn't alone though; other Florida cities such as Hollywood and Hallandale Beach, require prospective employees to sign affidavits declaring themselves tobacco-free for 12 months prior to the date of application. Throughout the states, both government and businesses are moving to ban tobacco-use beyond working hours. Many medical facilities, e.g. hospitals, have implemented or intend to implement similar policies. In some more-aggressive environments referred to as nicotine-free, employee urine-samples can be taken and tested for any presence of nicotine, not excluding that from gum or patches. Employees testing positive can be terminated. Times do change, and adaptation is often a necessary burden. But have they changed so much that we'd now postpone the Manhattan project for 12 months because Oppenheimer had toked his pipe? Would we confine our vision to the Milky Way or snub the 1373 Cincinnati because Hubble smoked his? Would we shun relativity, or shelve the works of Tolkien because he and C. S. Lewis had done the same? If so, then where will it stop?"

“We didn't read your mail, our computer did. That allowed us to send you ads for those sweet AK47's, Mr. Bin Lauden.”
Gmail and privacy: Could Canadian class action lawsuit threaten anti-spam software?
October 5, 2012 by Dissent
Earlier today I posted a news item from Canada about a lawsuit concerning Gmail and privacy. The complaint deals with the contents of e-mails sent to Gmail users by non-Gmail users being mined to deliver ads to the Gmail user.
If the lawsuit struck you as a good idea, you might want to read Eric Goldman’s comments on this issue. Gillian Shaw cites him in a follow-up news report, also in the Vancouver Sun:
Similar cases have been launched in the United States, where Eric Goldman, a professor at Santa Clara University School of Law and director of the High Tech Law Institute, has characterized them as “are-you-kidding-me,” lawsuits.
“If electronic scrutiny of private email constitutes an interception then all anti-spam software violates that as well…the same probably with virus checkers,” Goldman said when I contacted him about the case filed yesterday in BC Supreme Court.
“In the US I consider similar lawsuits to be dead on arrival,” Goldman said. “They have no merit. I can’t speak to Canadian laws.”
Read more on Vancouver Sun.

Repetition is worthwhile...

With huge revenue streams come huge volumes of lawsuits.
No harm, no foul? Facebook seeks dismissal of $15B tracking lawsuit
October 5, 2012 by Dissent
Joel Rosenblatt reports:
Facebook Inc. (FB) said a $15 billion lawsuit accusing the company of secretly tracking the Internet activity of its users after they log off should be dismissed because the subscribers didn’t specify how they were harmed.
The complaint suffers from an “utter lack of allegations of any injury to these particular named plaintiffs,” Matthew Brown, a lawyer for Facebook, today told U.S. District Judge Edward Davila in San Jose, California.
Read more on Bloomberg.

Useful? Let's submit a FOIA to find out!
October 05, 2012
National Archives Joins Federal Agencies to Launch New Freedom of Information Act (FOIA) Online System
News release: "The National Archives and Records Administration (NARA) and the Environmental Protection Agency (EPA), along with the Department of Commerce (DOC), have partnered to develop an online system aimed at expanding public access to information requested under the Freedom of Information Act (FOIA). FOIAonline, formerly known as the FOIA Module, is available as of today (October 1). It offers the public one place to submit FOIA requests, track their progress, communicate with the processing agency, search other requests, access previously released responsive documents and file appeals with participating agencies. For agencies, FOIAonline provides a secure website to receive and store requests, assign and process requests, post responses, generate metrics, manage records electronically, create management reports and electronically generate the annual report required from each agency by FOIA. EPA began looking at the feasibility of a FOIA portal in 2010 with the idea of leveraging, the Federal rulemaking portal that allows people to comment on Federal regulations and other agency regulatory actions. EPA administers, which launched in 2002 and now has 38 partner agencies that govern and financially support the program. By leveraging the infrastructure of, FOIAonline avoided many start-up costs, resulting in a total of $1.3 million to launch and an estimated cost avoidance of $200 million over the next five years if broadly adopted."

Probably not how they will actually use them...
"A machine learning breakthrough from Google researchers that grabbed headlines this summer is now being put to work improving the company's products. The company revealed in June that it had built neural networks that run on 16,000 processors simultaneously, enough power that they could learn to recognize cats just by watching YouTube. Those neural nets have now made Google's speech recognition for U.S. English 25 percent better, and are set to be used in other products, such as image search."

Probably not related to their new neural network, but I suspect Google searched (incorporating a 'legal influencer' score) for the right people to write this report...
Surprise! Google-Commissioned Antitrust Report Says Google Has No Case To Answer For Search
The best line of defense is attack — and if you can couch your attack in authoritative legal language and attach it to lofty legal principles, so much the better. That’s the underlying message behind a Google-commissioned report (released today) which seeks to undermine the legitimacy of ongoing antitrust probes into Mountain View’s search dominance and practices.
… Specifically, the authors argue that the antitrust claims “contradict real-world experiences in search” and “demonstrate competitors’ efforts to compete not by investing in efficiency, quality, or innovation, but by using antitrust law to punish the successful competitor”.

Law in the cloud?
Public Citizen Raises Alarm (And A Petition) Against eBay’s Updated Policy On Class Action And Litigation
If you are a regular eBay user, chances are that you are not constantly getting burned in your sales transactions, but for those who do run into trouble, it’s good to know that you have options for how to deal with it. That appears to be changing, though. The site in August updated its user agreement and privacy policy, adding in new clauses that change how users can bring lawsuits related to eBay sales — in particular restricting the ability for users to bring class action lawsuits against eBay.
Now the company’s facing the wrath of Public Citizen, the consumer advocacy group, which has written an open letter and started a petition asking eBay to reverse its policy on class action suits and to update other elements of the user agreement that make it more difficult for users to take grievances to court, if they come to that.
Public Citizen is also asking that eBay remove a clause that requires users to mail in written requests to opt out of another provision for forced arbitration — effectively a clause that restricts how users can take legal action against eBay if they have a grievance over company misconduct.
… Public Citizen describes writing a letter and sending it through the mail a “strange requirement for a company whose entire business platform is online.”

Perspective It's on the Internet so it must be true!

You know I have to pass this to my Ethicl Hackers...
"RSA's FraudAction research team has been monitoring underground chatter and has put together various clues to deduce that a cybercrime gang is actively recruiting up to 100 botmasters to participate in a complicated man-in-the-middle hijacking scam using a variant of the proprietary Gozi Trojan. This is the first time a private cybercrime organization has recruited outsiders to participate in a financially motivated attack, said Mor Ahuvia, cybercrime communications specialist for RSA FraudAction. The attackers are promising their recruits a cut of the profits, and are requiring an initial investment in hardware and training in how to deploy the Gozi Prinimalka Trojan, Ahuvia added. Also, the gang will only share executable files with their partners, and will not give up the Trojan's compilers, keeping the recruits dependent on the gang for updates."

I predict another rise in tuition rates.
October 05, 2012
Brooking's Hamilton Project - Regardless of the Cost, College Still Matters
"In this month’s analysis, The Hamilton Project confirms its previous findings that the returns to college attendance are much higher than other investments, such as stocks, bonds, and real estate. We also find that the returns to college have been largely constant over the last 35 years, indicating that the rising tuition costs have been offset by the increased earnings premium for college graduates. Finally, we continue to explore the nation’s “jobs gap,” or the number of jobs that the U.S. economy needs to create in order to return to pre-recession employment levels."

Worth a try. Got to work on my New Jersey accent a bit though. “Great American Novel, here I come...” (Greek Armenian hovel, hair eye come)
Speech to text software is widely available on mobile devices for free. However, you will find less luck in desktop apps as good voice dictation software costs a lot. Of course Apple will be adding voice dictation to Mountain Lion, and Windows probably has some apps that can do the job, but if you need an online solution right now, then Talk Typer is a valuable option.
Talk Typer’s interface cannot be any simpler. Just click on the microphone icon to input your voice then watch as the app translates it into text. You can then copy the text to your clipboard, print it directly, e-mail, or share to Twitter. It also links to Google Translate for quick translations.
Talk Typer is one of the easiest and cheapest (free!) solutions for voice dictation software. It is best used with Google Chrome since this browser has the best support for voice dictation.

A tool for our programing classes? I think it's free...
… The main feature that should get most developers excited is the ability to execute and run code directly from the handy Chrome extension. This allows you test things on the fly, before you put in hours of work only to find out there is a problem when you run it through a compiler later.
Find JustEdit on the Chrome Web Store
Please beware, the code you save will become public on

Another interesting tool. I wonder if it will work on my anti-social network?
A Robot Librarian for the Social Web
There is a very simple question that Little Bird, a service that launches today in private beta, attempts to answer: What community are you interested in? With that as a starting point, the service chugs through Twitter streams, blog posts and LinkedIn pages to find the most influential people, companies and reading material on your chosen topic.
… In a similar way that Google’s Page Rank looks for connections between web pages to determine relevancy, the Little Bird engine analyzes the connections between people to determine who has the most influence in a particular community or on a specific topic. “I like to think of it as a robot librarian that goes out and tackles the social web,” Kirkpatrick says. A Little Bird search will also surface what people are reading and watching, who is the the most active on the social web, and who has the longest track record.

Amusing picture of Big Bird on the bread line...
… Live in Minnesota? Well then I hope you’re not taking classes through Coursera. Doing so violates the startup’s Terms of Service, as Barry Dahl has noted: “If you are a resident of Minnesota, you agree that either (1) you will not take courses on Coursera, or (2) for each class that you take, the majority of work you do for the class will be done from outside the State of Minnesota.” The restriction comes from the Minnesota Office of Higher Education that has informed the startup that under Minnesota Statutes (136A.61 to 136A.71), a university can’t offer online classes to the state’s residents without getting approval from the state. As Dahl quips, those who are looking for an education startup idea might consider setting up a coffee shop with free wifi just across the border where students can do their Coursera homework offline and legally together.
Ginkgotree, a web app that makes it easy for professors to build and share digital course packets with students, launched this week. Read my write-up in Inside Higher Ed.
… Skype’s education initiative, Skype in the Classroom, has added several new partners, including NASA, expanding the sorts of visitors that can virtually visit classes.
… The University of Southern Queensland announced the first OERu course, which will provide a way for learners to achieve formal academic credit for free learning opportunities. [This has been missing from most free courses Bob]

Friday, October 05, 2012

This should be a good seminar. Drones are in the news too often and like all new technologies, there are no “Best Practices” for controlling their use. And where else can you get a seminar and lunch for a mere $20?

I feel left out. I didn't get a warning.
Google Warns Thousands Of Users About Potential State-Sponsored Cyber Attacks
According to the NYTimes, tens of thousands of users have seen the following message pop up on their Gmail, Chrome browser, or Google home page: “Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer.”
To be perfectly clear, this message doesn’t mean that a successful attack was made on your account. It simply means that you likely have messages in your inbox containing malicious links or attachments, that are intended to eventually capture your password and/or information.

Stupidity is a gift that lasts forever (or until the courts are done with you)
Florida AG Confirms PC Surveillance Tool Investigation
October 5, 2012 by Dissent
Mathew J. Schwartz followed up on the FTC action against DesignerWare, LLC, and uncovered some interesting details about the firm’s bankruptcy and legal woes. As this blog was the first to report, DesignerWare filed for bankruptcy in March 2012. Schwartz found out, though, that they are facing problems on multiple fronts:
DesignerWare’s bankruptcy filing listed the following creditors as holding the largest unsecured claims against it: the Florida Office of the Attorney General Economic Crimes Division, Brian and Crystal Byrd, the California Attorney General Office, the California Department of Justice eCrime Unit, the Texas Office of the Attorney General Consumer Protection Division, and the Federal Trade Commission.
In other words, DesignerWare appears to be, or to have been, the subject of multiple states’ investigations, and at least one of those investigations remains ongoing.
Read more on InformationWeek.

Okay, this isn't working. I think what we need is “A Hackers Guide to Privacy” If the combined efforts of DHS, NSA, DoJ, CIA, FBI and M.O.U.S.E. can't find certain hackers, it is likely the advertisers can't either.
Privacy Advocates and Advertisers at Odds Over Web Tracking
October 5, 2012 by Dissent
Kevin J. O’Brien reports:
An effort to develop an easy way for consumers around the world to avoid being tracked and targeted by Internet advertisers appeared to hit an impasse Thursday, as privacy advocates and industry representatives accused each other of scuttling the process.
The closed-door meeting organized by W3C, the global standards group that promotes good governance of the Internet, failed to produce a consensus on how to allow consumers to simply and effectively declare their “do not track” preferences on Web sites. The talks foundered on main issues like the extent and types of data that advertisers could continue to collect even after consumers indicated they no longer wanted to be followed.
Read more on The New York Times.

It's hard for anyone (even a Mark Zuckerberg) to know the global impact of “trivial” changes to your App. Update: Okay, maybe not a problem...
Some more bad news has hit the Facebook front today. It’s being reported that Facebook is scanning its users’ private messages and searching for links to Facebook fan pages. Once it finds these links, Facebook supposedly automatically likes the pages for you without asking for your permission to do so.
UPDATE: Facebook has reached out to us and commented about this issue: “Absolutely no private information has been exposed and Facebook is not automatically Liking any Facebook Pages on a user’s behalf… Many websites that use Facebook’s ‘Like’, ‘Recommend’, or ‘Share’ buttons also carry a counter next to them. This counter reflects the number of times people have clicked those buttons and also the number of times people have shared that page’s link on Facebook. When the count is increased via shares over private messages, no user information is exchanged, and privacy settings of content are unaffected. Links shared through messages do not affect the Like count on Facebook Pages.”

Can you be jailed for a Facebook 'Like' in the Philippines?
… Yet those who fear that this Cybercrime Act might be a nasty piece of work suggest that under it, it's possible for even a Facebook "Like" to be construed as libel and bring on a 12-year jail penalty.

An attempt at “Here's what you should do” is better than “Here's what you didn't do” any time...
European Data Protection Supervisor Issues New Opinion On Proposed European Regulation Of eIDs And Trusted Services
October 5, 2012 by Dissent
Mark Young writes:
In a new opinion on the Commission’s proposal for a Regulation on electronic identification (“eID”) and trusted services, the European Data Protection Supervisor (“EDPS”) has called, amongst other things, for security measures that trust service providers must apply to their services to be specified directly in legislation rather than left to the Commission to define at a later stage. The EDPS has also called for additional data privacy safeguards, higher security controls to apply to authorities that issue eIDs, more detailed mechanisms on how to ensure that eIDs and trust services are interoperable at EU level, and for data breach notification requirements under this proposal to be aligned with requirements under the e-privacy Directive and proposed new data protection Regulation.
Read more on InsidePrivacy.

A paper on ISO27001 (Best Practices for Security Management)
IT Governance Publish Cyber Security White Paper To Coincide With European Cyber Security Month
To coincide with the European Cyber Security Month, IT Governance (the European governance, risk management and compliance experts) have published a white paper on cyber security, which is now available to download from

Looks like they don't want to spend the time and money after all...
Google Says It Won’t ‘Manually’ Review YouTube Vids for Infringement
Google-owned YouTube on Thursday corrected a statement it made the day before, and now says the company will not manually review copyright-infringement claims before its system automatically blocks disputed footage.
The mishap occurred when Thabet Alfishawi, rights management product manager for YouTube, wrote in a YouTube blog post: “We’ve improved the algorithms that identify potentially invalid claims. We stop these claims from automatically affecting user videos and place them in a queue to be manually reviewed.”
But what he meant to say was that some of the automatic matches will be sent to be reviewed “by the content owner” — not by Google, the search giant said Thursday.

...and this continues to amuse me. Apparently this isn't the slam-dunk the RIAA thought it was.
The case against Kim Dotcom and his website Megaupload continues to confuse and astound many people who are following the trial. The New Zealand Herald claims to have obtained details showing that telecom engineers working for a technology services company called Gen-I have found evidence that Dotcom’s Internet connection at his mansion in New Zealand was being monitored weeks before the New Zealand Government Communications Security Bureau admits to.
… During Dotcom’s quest to achieve the number one ranking in the game, staff at Gen-I began an investigation looking into the amount of time it took the Internet signal from the mansion to reach offshore Xbox servers. The amount of time that it took data from Dotcom’s Xbox to reach the Xbox server increased from 30 ms to 180 ms, which is a huge increase for a gamer.
Engineers for the ISP used a Trace Route search and discovered that the Internet signal from Dotcom’s home was being diverted inside New Zealand. During the course of the investigation engineers determined that where the Internet traffic had previously needed two hops to reach the servers, it was now taking five. The indication from the investigation is that authorities in New Zealand may have been spying on Dotcom for longer duration than it has previously admitted to sparking new cries for investigation into the government’s surveillance efforts in the case.

(Related) Please ask: “How much did the RIAA pay you?”
MegaUpload users will get their day in court
U.S. District Judge Liam O'Grady will hold another hearing to help him determine what to do with the digital files owned by MegaUpload users.
… O'Grady has already heard arguments from MegaUpload, the U.S. Attorney, Goodwin, and the Motion Picture Association of America about what should be done with the files. The MPAA and the government have argued that much of what is stored on MegaUpload's servers is pirated movies, music, and other media.
The judge appears to be stumped about what to do with the data.
"Upon thorough review of the arguments before the Court," O'Grady said in court documents, "and careful consideration of the applicable law, the Court finds that it is unable to reach a conclusion as to this matter without an evidentiary hearing."
Ira Rothken, the Silicon Valley attorney in charge of MegaUpload's worldwide defense told CNET that he believes this will present an opportunity for MegaUpload to call select U.S. officials to testify.
"Megaupload will be filing papers with the court to specially intervene," Rothken said, "considering that it is only the Internet service provider that, under applicable privacy laws, is the only party that can access the data and coordinate return to consumers."

Perspective Computers (at least computing) is cheap!
"Readers of Entertainment Weekly might be shocked to find their magazine is a good bit heavier than normal this week. US-based broadcaster CW placed an ad in Entertainment Weekly which uses a fully-functional 3G Android device, a T-Mobile SIM card, and a specialized app to display short video advertisements along with the CW Twitter feed. Writers at Mashable were willing to geek out with a Swiss Army knife and a video camera to give us all the gory details as they tore it down piece-by-piece to discover the inner workings of CW's new ad."

Making the world safe for pancakes!
"Remember the tragic maple syrup heist? Police have seized more than 600 barrels of maple syrup they say are related to the missing syrup. It was transported back to Quebec via a 16 tractor trailer, heavily guarded (and presumably heavily armed) convoy Wednesday."

For my Math (and other) students... But mostly Math...
Friday, October 5, 2012
Backpack TV Adds Video Playlists Matched to Books
Back in May I wrote about a start-up company called Backpack TV. Backpack TV is a video site that is creating libraries of free academic videos arranged according to subject area, topic, and video length. This week they added a bunch of new libraries. Backpack TV now offers videos aligned to commonly used Algebra, Biology, and Calculus textbooks. And according to the email I received from them, there are plans for more topics and textbooks to be added in the future.
If you're looking for some video content to support the textbooks that you have in your mathematics or science department, take a look at Backpack TV.

Might be a useful “handout” creator...
Collect a number of Wikipedia articles and create your own eBook.
… There’s absolutely no need for you to create a Wikipedia account, and in addition to PDF and ODT you can download a reflowable EPUB or a Kiwix file.
The process really couldn’t be easier, so there’s no reason not to try it out. Right now. Open a second browser window and play along at home.

This seems to match my opinions (bias?) so it is not likely to be correct. Still, I'd like to find similar studies...
Union Square Ventures, a New York City-based venture capital firm, announced yesterday that it was opening up its research and sharing some of its hypotheses about tech startup markets and by extension its investment-making decisions.
And most importantly in this case, educators should pay attention here because the first sector that USV has opted to open its research into is education.
USV’s Hypotheses about the Business of Online Education
USV has published both a Google Doc with its “overview of online education” as well as a list of its hypotheses about the sector. These are:
1. We’re skeptical a business model that charges for content will work at scale and in the long run.
2. We expect education platforms that offer vertical content and/or specific education experiences will be more successful than horizontal platforms, though we think credentials and careers offer two opportunities for horizontal aggregation
3. Without credentialing or careers, online education seems aspirational and removed from the day-to-day of many people.

While the US is trying to figure out why Johnny can't pass standardized tests...
Estonia Drives Robotics and Coding Education With Smartlab Hobby Groups, Backed By Microsoft
The Baltic country of Estonia — known as the birthplace of Skype and a go-to market for tech companies in the U.S. and elsewhere needing developers — is making another IT investment so that younger generations can keep growing that reputation. Today, it announced Smartlab, a public/private partnership with companies including Skype’s now-owner Microsoft, which will see the creation of hobby groups for 10-19 year olds to get instruction in robotics, programming and mobile app and web design.
… This follows on from another program announced in September, in which the Estonian government said that it would start teaching students to code from first grade (aged seven).
… Estonia, a country of 1.3 million people, has numbers to back up that programs like this could help its economy. It’s produced stats that indicate that each IT job creates “twice the added value for Estonia compared to the average in other economic spheres.”