Thursday, June 13, 2013
So, does they does or does they doesn't? That is the qustion. (Why take only SOME of the useful stuff?)
NSA chief drops hint about ISP Web, e-mail surveillance
The head of the National Security Agency hinted Wednesday that logs of Americans' e-mails and Web-site visits may be secretly vacuumed up by the world's most powerful intelligence group.
… "It would be odd [for the NSA] to focus entirely on telephony logs and exclude Internet traffic," said Julian Sanchez, a research fellow at the Cato Institute in Washington, D.C., who focuses on electronic surveillance topics. "I would assume they're vacuuming up IP logs and perhaps e-mail headers as well."
It used to be that the National Security Agency and its ilk had to pay through the nose for the latest in spying technology. The supercomputer specialist Cray (CRAY), for example, would receive government funds and come out with a new multimillion-dollar machine specially tuned for “pattern matching” and then sell the system to three-letter agencies. The machines were anything but general purpose and came with a premium price tag. Beyond that, the NSA has been known to run its own chip manufacturing plant and to pay for custom software.
While that type of thing still goes on, the NSA has another, much cheaper avenue for great spy technology at its disposal: open-source software.
(Related) What metadata is available from various sources and what it reveals.
A Guardian guide to your metadata
Not the most flattering picture, but it is worth reading.
The Secret War
Inside Fort Meade, Maryland, a top-secret city bustles. Tens of thousands of people move through more than 50 buildings—the city has its own post office, fire department, and police force. But as if designed by Kafka, it sits among a forest of trees, surrounded by electrified fences and heavily armed guards, protected by antitank barriers, monitored by sensitive motion detectors, and watched by rotating cameras. To block any telltale electromagnetic signals from escaping, the inner walls of the buildings are wrapped in protective copper shielding and the one-way windows are embedded with a fine copper mesh.
This is the undisputed domain of General Keith Alexander, a man few even in Washington would likely recognize. Never before has anyone in America’s intelligence sphere come close to his degree of power, the number of people under his command, the expanse of his rule, the length of his reign, or the depth of his secrecy. A four-star Army general, his authority extends across three domains: He is director of the world’s largest intelligence service, the National Security Agency; chief of the Central Security Service; and commander of the US Cyber Command. As such, he has his own secret military, presiding over the Navy’s 10th Fleet, the 24th Air Force, and the Second Army.
This is why I follow Pogo Was Right!
When Glenn Greenwald of The Guardian published a FISC order requiring Verizon to turn over to the NSA its call records for calls made both within the US and between the US and other countries, I don’t think anyone at the Privacy Law Scholar’s Conference was particularly shocked that this was going on. If anything, we were somewhat pleasantly surprised that we now had some proof that the government couldn’t deny.
The Verizon order was just the first of a number of leaks last week, though, with leaks about PRISM, the President’s cyberwar directive, and Boundless Informant each grabbing the headlines until the next disclosure.
By the end of last week, it was clear that for at least some members of Congress, this was a “We authorized WHAT?” moment. It was also clear that the usual members of Congress would start screaming that Eric Snowden and journalists and publications involved in the leaks should be prosecuted for treason, even though their actions really do not fall under “treason.”
I did not expect to see vast swaths of the public suddenly understand that this has nothing to do with “having nothing to hide,” and was not disappointed to see the usual “the government can surveill me to keep me safe” rhetoric.
And although at least one media source claimed the real story was about the failure of journalism (after the Washington Post did significant silent edits of its original story), I think the real story is the massive failure of Congressional oversight and how the Executive branch has shrouded so much in secrecy and subverted Congress’s oversight obligations. And I think the real story is the government going after leakers and journalists instead of adhering to its promised policy of more transparency.
If the government were more transparent, there would be no issue of charging journalists or leakers with espionage. Yes, I realize that some things may need to be classified but the Bush and Obama administrations have run amok with secrecy and surveillance. It’s time to rein in it. Congress either needs to repeal Section 215 or amend it to make clear that dragnet collection of domestic call records is not permitted and existing databases must be destroyed. They also need to enact legislation that undoes “third party doctrine” and establishes that as citizens, we do have a reasonable expectation of privacy in information held by service providers and telecoms. And they need to protect journalists who, in the best traditions of journalism, inform the public on issues of national significance.
“We have met the enemy and he is us.”
Pogo was right. Our checks and balances failed, subverted by the Executive branch. It’s time to restore the balance and to stop blaming those who tell us what our government should have told us so that we can have had a meaningful national debate. President Barack “I Was Against It Before I Was For It” Obama has said he welcomes a debate. Just tell us when and where, Mr. President, because massive domestic surveillance cannot stand.
One of these days, someone at this hospital will notice that unencrypted files is probably not the smart way to go.
Lucile Packard Children’s Hospital notifying 12,900 after laptop stolen from secured badge-access area
Lucile Packard Children’s Hospital is no stranger to stolen equipment containing PHI. In January, 2010, they self-reported a breach involving a stolen desktop computer with PHI on 532 patients, and as recently as January, they notified 57,000 patients after a laptop was stolen from a physician’s car. Now the hospital is notifying patients about another breach involving the theft of hardware with unencrypted PHI. From a statement on their web site:
Lucile Packard Children’s Hospital at Stanford is notifying patients by mail that a password-protected, non-functional [...but the hard drive still worked? Bob] laptop computer that could potentially contain [We don't know. Bob] limited medical information on pediatric patients was stolen from a secured, badge-access controlled area of the hospital sometime between May 2 and May 8, 2013. This incident was reported to Packard Children’s on May 8. Immediately following discovery of the theft, Packard Children’s launched an aggressive and ongoing investigation with security and law enforcement.
To date, there is no evidence that any pediatric patient data has been accessed by an unauthorized person or otherwise compromised. [Nor do we have any evidence that Aliens have landed in Grover's Mill, New Jersey. Bob]
“We're the government. We don't follow no stinking laws!”
And speaking of outrageous breaches, Elise Viebeck reports:
A top House committee launched another probe of the Internal Revenue Service (IRS) Tuesday after a lawsuit alleged that the agency improperly seized millions of personal medical records in California.
In a letter, Republican leaders on the Energy and Commerce panel asked the IRS to explain how it handles confidential medical information.
“While [federal] privacy rules restrict the ability of a covered entity to release protected health information, those rules appear to impose no restrictions on the IRS’s ability to use such information after it is obtained,” the lawmakers wrote.
Read more on The Hill.
The letter requests a response from the IRS by June 21.
If this is true, shouldn't the judge be a bit angry with the DoJ?
Apple fires back at DOJ with actual e-mail from Jobs
After the Justice Department presented an e-mail Wednesday that appeared to undermine Apple's e-book antitrust defense, the company submitted the actual e-mail as sent by then-CEO Steve Jobs to Eddy Cue, showing content and tone that differed from the draft version.
Get a sample at birth, own the 'citizen' for life.
Joseph Goldstein reports:
Slowly, and largely under the radar, a growing number of local law enforcement agencies across the country have moved into what had previously been the domain of the F.B.I. and state crime labs — amassing their own DNA databases of potential suspects, some collected with the donors’ knowledge, and some without it.
Read more on NYTimes. Note that it is not just suspects whose DNA is being amassed, but crime victims, too. And SCOTUS’s decision in King will only encourage more of this.
Why I'm FROM New Jersey... “He hit me right after he glanced up from his phone, officer. Then he swallowed it. Can I watch while you conduct your cavity search?”
Bill would force you to give police phone after accident
… State legislators in New Jersey would very much like to make it easier for the police to go through your cell phone, should you be in any way involved in an accident.
The wording of their proposal -- Bill S 2783 (PDF) -- is quite precise in its breadth:
Whenever an operator of a motor vehicle has been involved in an accident resulting in death, bodily injury or property damage, a police officer may confiscate the operator's hand-held wireless telephone if the officer has reasonable grounds to believe that the operator was operating a hand-held wireless telephone while driving.
So, does this signal an opportunity to give ASCAP some competition?
Pandora to buy radio station to piggyback onto cheaper costs
… Pandora ... agreed to purchase KXMZ-FM, a Rapid City, S.D., terrestrial radio station. Its first foray into traditional radio broadcasting, the move has little to do with strategic shift and everything to do with royalty costs.
Pandora pays two royalty streams, one for actual sound recordings and another to composers for publishing rights. The sound recording fees make up the lion's share of its content costs. But by buying a terrestrial station, Pandora piggybacks onto a settlement that gives better rates on that smaller fee stream.
… The preferential royalty rates are expected to snag savings worth less than 1 percent of its revenue versus the rates it is currently paying. Based on last year's top line, that equates to less than $5 million.
Perspective: Facts and factoids from PEW
Pew – Understanding the Social Media and Technology Landscape
Data to Live By: Understanding the Social Media and Technology Landscape – “New technologies and social media have had a major impact on the way we communicate and live life. Senior Researcher Mary Madden delivered the keynote address for the Lawlor Symposium’s summer seminar, sharing “data to live by” to aid in understanding this new social media and technology landscape.”
Perspective: Big data is BIG!
WhatsApp sets new record with 27 billion messages in a day
WhatsApp, the mobile service that has established itself as a free alternative to texting, has reached new heights.
The company announced on its Twitter page on Wednesday that in the previous 24-hour period, it had set a new one-day record of handling 27 billion messages. According to the company, its users sent over 10 billion messages during the period, and received 17 billion messages.
For those, “I want to read this, but not now” moments.
If you use Evernote on your iPad or iPhone, you may have found it difficult to get copies of articles, snippets of text, or photos from you device into your Evernote account without having to copy content from one application and paste it into another.
… Thanks to a handful of third-party developers, there are several apps which enable you to export content directly to your Evernote account without having to open the app. If you use Evernote with your iOS device then the apps I am about to recommend could replace your news and RSS feed reader, text editor or notes app and even plain old mobile Safari.
Danny has also shared other useful tools that integrate with Evernote.
Perspective: and a bit depressing. Infographic
For my graduating students (and the rest of them too)
That little sheet of paper that you send off to potential employers? Yeah, it isn’t your resume. Nowadays, your resume is the entirety of your web presence.
… However, with websites like LinkedIn, Facebook, Twitter, Google, WordPress, and more, all an employer really has to do is type in your name. Honest. With LinkedIn, you have endorsements – something that was typically always achieved with references. As for Facebook, employers can get a snapshot of your personality through text updates and photos. With Twitter, they can see what parts of the industry that you are interested in. Meanwhile, Google gives a general history of your work-life, and WordPress serves as a decent portfolio.
For my fellow teachers...
Problem-Attic is a useful resource mainly aimed at teachers and educators to help them in preparing teaching materials such as tests, worksheets and flashcards. Currently it lists over 80,000 questions from different sources, all available for free. Questions are sorted by topic (i.e., Math, Social studies, Science ) and by released exams, meaning that you can look up a past Math exam from the year 2009 etc. To use the service you have to sign up on their website and follow a 4-step process (Select, Arrange, Format, Print) to create your teaching materials.
For my fellow website teachers...
… Running in the browser as a web app, DivShot lets you drag and drop elements, text, boxes and more onto your page as you build your site. Everything you see on the page is HTML and CSS, with the correct markup added as you go. The best thing about DivShot from a coding point of view is the fact that the code comes out looking like it was written by hand, complete with tidy indentations to keep your inner coder happy.
With a responsive and straightforward UI, DivShot immerses you in the process of creating beautiful websites from within your browser. All the tools, element controls and preferences you need are found around the edge of your screen, just as if you were using a desktop editor. DivShot is currently in beta, and free to sign up and use (though the usual “beta beware” advice applies).