The
US military just got a whole lot better. Just because they (got /
will get) this one right does not mean they now have a firm grasp of
the obvious in other areas...
Here’s
How the Military Will Finally Accept (Most) Women in Combat
… As of Thursday afternoon, by act
of Defense Secretary Leon Panetta and Army Gen. Martin Dempsey, the
chairman of the Joint Chiefs of Staff, the 1994 Direct Combat
Exclusion Rule for women is no more. But it won’t be gone
gone until 2016. Between now and then, the services will present
plans for gender integration, due May 15, and then gradually
integrate women into combat occupations — as well as assess which
tasks they’re going to keep all-male.
… “Female servicemembers have
faced the reality of combat,” Panetta recognized in a Thursday
press conference at the Pentagon. [A prime example of
a “Well, DUH!” moment. Bob]
"Never
ascribe to malice that which is adequately explained by incompetence"
Napolean (maybe) Key management is an interesting problem.
"Github has killed
its search function to safeguard users who were caught
out storing keys and passwords in public repositories. 'Users
found that quite a large number of users who had added private keys
to their repositories and then pushed the files up to GitHub.
Searching on id_rsa, a file which contains the private key for SSH
logins, returned over 600 results. Projects had live configuration
files from cloud services such as Amazon Web Services and Azure with
the encryption keys still included. Configuration
and private key files are intended to be kept secret, since if it
falls into wrong hands, that person can impersonate the user (or at
least, the user's machine) and easily connect to that remote
machine.' Search links popped up throughout
Twitter pointing to stored keys,
including what was reportedly account credentials for the Google
Chrome source code repository. The keys can still be found using
search engines, so check your repos."
Others
are echoing my thoughts... Does this mean I got something right?
"The first shot was probably
the release of Stuxnet sometime during or before 2009. Even though
no one has officially claimed responsibility everyone knows who was
behind it. Stuxnet hit with a bang and did a whole lot of damage to
Iran's uranium-enrichment capabilities. We followed up Stuxnet with
Flame — the Ebola virus of spyware. What did the Iranians fire
back with? A series of massive, on-going and ineffective DDoS
attacks on American banks. This is a disproportionate response but
not in the way military experts usually mean that phrase. It's the
equivalent
of someone stealing your car and you throwing an ever-increasing
number of eggs at his house in response.
It's fascinating that Iran continues to do
nothing more despite the fact that U.S. critical infrastructure
currently has the defensive posture of a dog waiting for a belly rub.
Keep that in mind the next time you hear that a 'cyber Pearl Harbor'
is imminent."
[From the article:
“Whenever I'm asked whether this or
that is an act of war my reply is: would it be in our
interests to consider it an act of war,” [Interesting way to phrase
the question Bob] Martin Libicki of the Rand Corp. told
BankInfoSecurity. “Similarly, would it be in
the United States' interests to consider itself at cyber war with
Iran? Could we convince others that our perception is reality?
Would they reply that, with Stuxnet, the United States fired first?
(Related)
Is it a Cyber Pearl Harbor or a Cyber 9/11 or Cyber Sandy or just a
bid for a bigger budget?
'Cyber
9/11' may be on horizon, Homeland Security chief warns
… "A
cyber attack perpetrated by nation states or violent extremist groups
could be as destructive as the terrorist attack of 9/11," he
said during a speech. "Such a destructive cyber terrorist
attack could paralyze the nation."
According to Reuters, Napolitano said
today that a massive cyber attack could cause the same amount of
damage as last year's Superstorm Sandy, which downed electricity and
information networks throughout the Northeastern U.S.
[As big as “9/11”, “Sandy” or “The nation” What to
believe, what to believe... Bob]
We
always have room for an Ethical Hacker. The kid appears to be better
at finding security flaws than the college. Are they sure they want
him on the outside looking in?
"The Security Ledger writes
that the
expulsion of Ahmed Al-Khabaz, a
20-year-old computer sciences major at Dawson College in Montreal,
has exposed a yawning culture gap between academic computer science
programs and the contemporary marketplace for software engineering
talent. In an opinion piece in the Montreal Gazette on Tuesday,
Dawson computer science professor Alex Simonelis said his department
forbids hacking as an 'extreme example' of 'behavior that is
unacceptable in a computing professional.' And, in a news conference
on Tuesday, Dawson's administration stuck to that line, saying that
Al-Khabaz's actions show he is 'no longer suited for the profession.'
In the meantime, Al-Khabaz has received more
than one job offer from technology firms, including
Skytech, the company that makes Omnivox. Chris Wysopal, the CTO of
Veracode, said that the incident shows that 'most computer science
departments are still
living in the pre-Internet era when it
comes to computer security.' 'Computer Science is taught in this
idealized world separate from reality. They're not dealing with the
reality that software has to run in a hostile environment,' he said.
'Teaching students how to write applications without taking into
account the hostile environment of the Internet is like teaching
architects how to make buildings without taking into account
environmental conditions like earthquakes, wind and rain,' Wysopal
said."
Rights is rights!
Sex
Offenders Can’t Be Banned From Facebook, Court Rules
A federal appeals court ruled Wednesday
that a 2008 Indiana law forbidding registered sex offenders from
using instant-messaging and social-networking sites like Facebook is
an unconstitutional infringement of First Amendment-protected speech.
The 7th U.S. Circuit Court of Appeals
said the legislation “broadly prohibits substantial protected
speech rather than specifically targeting the
evil of improper communications to minors.” (.pdf)
(Related) On the other hand...
Twitter
has been criticized in the past for not being as vigilant as other
social networks as far as removing offensive content, and it looks
like a French court is taking matters into their own hands by
ordering
Twitter to hand over the usernames and information of users who
post racist and offensive tweets.
… The
court also ordered Twitter to set up an “easily accessible and
visible” system that would allow users to alert the site of illegal
content specifically for “crimes against humanity and incitement to
racial hatred.” Back in October, Twitter removed
a neo-Nazi group that would post racist tweets on the site, but
only after German police stepped in.
Ubiquitous surveillance – that pretty
much says it all...
Cell phones that can identify you by
how you walk. Fingerprint scanners that work from 25 feet away.
Radars that pick up your heartbeat from behind concrete walls.
Algorithms that can tell identical twins apart. Eyebrows and
earlobes that give you away. A new generation of technologies is
emerging that can identify you by your physiology. And unlike the
old crop of biometric systems, you don't need to be right up close to
the scanner in order to be identified. If they work as advertised,
they may be able to identify you without you ever knowing you've been
spotted.
(Related) ...and when I say
ubiquitous... Think they can tell what kind of newly legalized
plants we are growing here in Colorado?
Timothy
Lord starts this video with these words:
"Sensors are a big deal at CES this year. They are small
devices that track everything from the location of your pets to how
many steps you have taken today." And so he chatted with
Phillip Bolliger, founder of Swiss company Koubachi
AG, which makes Wi-Fi sensors that help you
give your plants the right amount of water and light and to keep them
at the right temperature. As of this writing, the prices on their
online
store are in Euros, not dollars, but the
sensors are now available
through Amazon with U.S. pricing. Koubachi
also has a free
app for your iOS
device, and a Facebook app for your computer or Android device, that
will help you give your plants the right amount of fertilizer and
other love even if you don't buy a Koubachi sensor.
(Related)
Self-surveillance and cheap drones, what's not to like?
There’s a little quad-helicopter
device coming to the market relatively soon known as the MeCam,
developed and manufactured by the friendly folks at Always
Innovating. This little chopper has its own video camera and will
connect to your smartphone as well as follow you around automatically
while otherwise accepting voice-commands galore. This little monster
will also only cost you $49 USD.
“Yes
this is a source of Golden Eggs, but we want roast goose!” Can you
say, Silicon Death Valley?
"Engineers and hackers don't
think much about tax policy, but there's a bizarre development in
California that they should know about, since it could reduce the
pool of angel-investment money available for tech startups. Under a
tax break available since the 1990s, startup founders and other
investors in California were allowed to exclude or defer their gains
when they sold stock in California-based small businesses. Last
year, a California appeals court ruled that the tax break was
unconstitutional, since it discriminated against
investors in out-of-state companies. Now the Franchise Tax Board,
California's version of the IRS, has issued a notice saying how it
intends to implement the ruling — and it's a doozie. Not
only is the tax break gone, but anyone who claimed an exclusion or
deferral on the sale of small-business stock since 2008 is about
to get a big retroactive tax bill.
Investors, entrepreneurs, and even the plaintiffs in the original
lawsuit are up in arms about the FTB's notice, saying that it goes
beyond the court's intent and that it will drive investors out of the
state. This Xconomy article takes an in-depth look at the history of
the court case, the FTB's ruling, and the reaction in the technology
and investing communities."
The time has come... Every survey for
the last 5 years says the same thing.
"Internet
access is as crucial to everyday life as
having a phone connection and the loss of
connectivity is deserving of financial compensation,
the German Federal Court of Justice has ruled. Because having an
internet connection is so significant for a large part of the German
population, a customer whose service provider failed to provide
connectivity between December 2008 and February 2009 is entitled to
compensation, the court ruled today. 'It is the first time the court
ruled that an internet connection is as important a commodity as
having a phone,' said court spokeswoman Dietlind Weinland. The
court, however, denied the plaintiff's request of €50 a day for his
fax machine not working."
(Related)
From
Concerned Privacy Advocates, Internet Activists, Journalists &
Other Organizations:
Skype
Division President Tony Bates
Microsoft Chief Privacy Officer Brendon Lynch
Microsoft General Counsel Brad Smith
Microsoft Chief Privacy Officer Brendon Lynch
Microsoft General Counsel Brad Smith
Dear
Mr. Bates, Mr. Lynch and Mr. Smith,
Skype is a voice,
video and chat communications platform with over 600 million users
worldwide, effectively making it one of the world’s largest
telecommunications companies. Many of its users rely on Skype for
secure communications—whether they are activists operating in
countries governed by authoritarian regimes, journalists
communicating with sensitive sources, or users who wish to talk
privately in confidence with business associates, family, or friends.
It is unfortunate
that these users, and those who advise them on best security
practices, work in the face of persistently unclear and confusing
statements about the confidentiality of Skype conversations, and in
particular the access that governments and other third parties have
to Skype user data and communications.
We understand that
the transition of ownership to Microsoft, and the corresponding
shifts in jurisdiction and management, may have made some questions
of lawful access, user data collection, and the degree of security of
Skype communications temporarily difficult to authoritatively answer.
However, we believe that from the time of the original announcement
of a merger in October 2011, and on the eve of Microsoft’s
integration of Skype into many of its key software and services, the
time has come for Microsoft to publicly document Skype’s security
and privacy practices.
Read the full letter here.
And yes, PogoWasRight.org would have
signed on to this – if someone had thought to let this site know or
asked for a signature.
Who will scream and how loud?
"The Government of Antigua is
planning to launch a website selling movies, music and software,
without
paying U.S. copyright holders. The
Caribbean island is taking the unprecedented step because the
United States refuses to lift a trade 'blockade' preventing the
island from offering Internet gambling services, despite several WTO
decisions in Antigua's favor. The country now hopes to recoup some
of the lost income through a WTO approved 'warez' site."
Well this makes me feel all fuzzy.
Wait, does the fact that the government commissioned the government
to study the government suggest a potential conflict of interest?
“Nope. We got ethics!”
Pentagon
Watchdog Clears Darpa in Ethics Probe
The Pentagon’s far-out research
agency is something of a revolving door. Program managers enter;
defense consultants and academics leave; and then they come back a
few years later. The Pentagon’s watchdog has concluded that’s
completely above board.
Darpa’s ethics training
“appropriately
mitigated the potential for conflicts-of-interest,” concludes
Jacqueline L. Wicecarver, the Pentagon’s assistant inspector
general, in a report released on Thursday.
For
my entrepreneurial students...
"Network World is running a
guest article by Outercurve Foundation's technical director Stephen
Walli discussing how
FOSS license choice can affect a company's business model.
Walli disagrees that a FOSS license dictates
the business model or that the business model dictates the license."
[From the article:
Red Hat packages an
asset that they neither own nor control. They influence
the Linux kernel through participation in the Linux kernel community.
They use the Linux kernel in their Red Hat Enterprise Linux and
Fedora Project operating systems. They surround the kernel with
considerable other software (most of it free and open source
project-based from a collection of other project communities in which
they participate). They support and warrant their product
solution, as well as develop and enable the Fedora project
community. They are the most profitable and
successful Linux vendor and indeed the most successful open source
company to date, finally cracking the US$1B revenue
barrier in 2012.
Interesting
idea. The White House now requires 100,000 “signitures” but what
changes would be possible if petitions started with “I'll vote for
you (your party's candidate) if...”
"Internet activists in Finland,
upset
with the country's strict copyright laws,
are ready to take advantage of the country's promise to vote on any
citizen-proposed bill that reaches 50,000 signatures. Digital rights
group Common Sense in Copyright has proposed sweeping changes to
Finland's Lex Karpela, a 2006 amendment to the Finnish copyright law
that more firmly criminalized digital piracy. Under it, 'countless
youngsters have been found guilty of copyright crimes and sentenced
to pay thousands, in some cases hundreds of thousands, of euros in
punitive damages to the copyright organizations.' The
proposal to fix copyright is the best-rated and most-commented
petition on the Open Ministry site."
Thought so...
January 24, 2013
Columbia
Journalism Report - Post Industrial Journalism
Post
Industrial Journalism by C.W. Anderson, Emily
Bell and Clay Shirky
- "The effect of the current changes in the news ecosystem has already been a reduction in the quality of news in the United States. On present evidence, we are convinced that journalism in this country will get worse before it gets better, and, in some places (principally midsize and small cities with no daily paper) it will get markedly worse. Our hope is to limit the scope, depth and duration of that decay by pointing to ways to create useful journalism using tools, techniques and assumptions that weren’t even possible 10 years ago."
Unlimited free power, version 946.2?
Let's hope they don't fall into the ocean and breed..
"Researchers at the University
of Buffalo have created spherical silicon nanoparticles they claim
could lead to hydrogen
generation on demand becoming a 'just
add water' affair. When the particles are combined with water, they
rapidly form hydrogen and silicic acid, a nontoxic byproduct, in a
reaction that requires no light, heat or electricity.
In experiments, the
hydrogen produced was shown to be
relatively pure by successfully being used to power a small fan via a
small fuel cell."
For my students...
… You may have put a little thought
into your profile at some point and then probably let it stagnate
somewhat between moments of enthusiasm for career-building behaviour.
However, this need not be the case.
There are a number of great hacks you can use with LinkedIn, some of
which will help to keep your profile looking fresh for longer, and
all of which will help to further your career in some way. It’s
well worth taking a quick look at a few of them to see what you can
incorporate into your regular activities.
For my researching students?
The ultimate tablet magazine is ready
for your Android. Long an iPad-only offering, Flipboard
arrived for Android tablets in December – and I’ve barely put my
tablet down since. With the ability to pull in content from
thousands of sites, Flipboard can also access your Google Reader,
YouTube, Twitter, and Facebook accounts, meaning everything
you care about on the web is literally at your fingertips.
Perhaps
we could fit this in to our programming classes?
"Yesterday in a post at the
White House website, the
U.S. government announced that June 1-2
would be the National
Day of Civic Hacking. 'Civic Hacking
Day is an opportunity for software developers, technologists, and
entrepreneurs to unleash their can-do American spirit by
collaboratively harnessing publicly-released data and code
to create innovative solutions for problems that affect Americans.'
It will be a joint project with Random
Hacks of Kindness, Code
for America. Activities are being
planned in many cities across the country, and you can also sign
up to host your own event. It's nice to see the
government use the word 'hacking' in a positive way, since most uses
of the term these days involve malicious activity."
No comments:
Post a Comment