Saturday, May 18, 2013

Nothing much new, but could serve as a backgrounder
Larry Keating writes:
…. the privacy commissioners hammer down hard on those high profile losses when thousands of records go missing. They want disclosure of the incident and protection for the individuals. The media piles on, always on the hunt for the details, to splay the true extent of the incident for their readers.
But the disclosure of certain details and the sensationalizing of them can possibly ensure just the kind of damage to individuals the privacy commissioners wish to avoid.

Nifty anti-privacy tool! Now we have new ways to stalk our victims! Sounds like this “feature” will provide a complete travel history integrated with every Google “search and click” you make.
May 17, 2013
"Meet the new Google Maps: A map for every person and place"
Google Lat Blog: "What if we told you that during your lifetime, Google could create millions of custom maps...each one just for you? In the past, such a notion would have been unbelievable: a map was just a map, and you got the same one for New York City, whether you were searching for the Empire State Building or the coffee shop down the street. What if, instead, you had a map that’s unique to you, always adapting to the task you want to perform right this minute? This is what you will have with the introduction of the new Google Maps – a mapping experience that helps you find places you never would have thought to search for."
[From the Google map site:
The new Google Maps draws you a tailored map for every search and click you make. So whatever you're trying to find or wherever you're trying to go, you'll always have a map highlighting the things that matter most.
… As you search the map, star places you like and leave reviews, the map starts to adapt and can suggest things like restaurants you might enjoy or the quickest way home. In other words, the more you use the new Google Maps, the more helpful it becomes. [To a stalker... Bob]

No doubt this App will become mandatory so DHS can create a new nationwide bureaucracy dedicated to the one in a billion chance such a bomb is created or stored within detection range. (Rather than created in a safe place and carried to the target by a suicide bomber.)
"The Idaho National Laboratory has built a dirty bomb detection network out of cell phones. Camera phones operate by detecting photons and storing them as a picture. The INL discovered that high energy photons from radiological sources distort the image in ways detectable through image processing. KSL TV reports that the INL's mobile app detects radiation sources and then reports positive 'hits' to a central server. Terrorists deploying a dirty bomb will inevitably pass by people carrying cell phones. By crowdsourcing cell phones, the INL has created a potentially very large, inexpensive, and randomly mobile radiation detection grid."

“We love our customers, particularly the gullible, non-litigious ones...”
"The BBC reports that Nintendo is now using the content ID match feature in YouTube to identify screencap videos of people playing their games. They then take over the advertising that appears with the video, and thus the ad revenue. Nintendo gets it all, and the creators of these videos (which are like extended fan-made commercials for the games) get nothing. Corporate gibberish to justify this: 'In a statement, the firm said the move was part of an "on-going push to ensure Nintendo content is shared across social media."'"

For my Intro to IT class
When using Firefox – or any web browser for that matter – one of the best practices you can develop is to always be mindful of your privacy and security. You never know when someone could be snooping on you or intercepting your data.
… A few months ago, I wrote about Firefox encryption addons aimed to keep your outgoing browser data as safe from prying eyes as possible. Encryption is great but there are other considerations you need to make if you want to be as safe as you can be. The Internet can be an annoying – or even dangerous – place if you don’t watch yourself.

For my Math students
FormulaSheet is a service designed to help facilitate working with and remembering formulas, and is one of the first sites of its kind aimed at this specific use. Registration is free, if slightly intrusive (asking for location, education level and even school at which you studied) and once complete you’ve got your own virtual folder for your formulae.
  • Create, search for or upload formulae to your own personal cloud formula storage service.
  • LaTeX editor makes it easy to add symbols and other characters.
  • Render your finished formulae to .PDF, .TEX or .PNG formats.

For my geeks. They have discovered our plot to rule the world! (More radiation than cell phones?)
"Five 9th graders from Denmark have shown that garden cress won't germinate when placed near a router (Google Translation of Danish original). Article text is in Danish, but the pictures illustrate their results. The exact mechanism is still unknown (Danish original), but experts have shown interest in reproducing[If it blocks germination, it probably won't reproduce either. Bob] the experiment."

Friday, May 17, 2013

“Oh, you noticed that, did you? We've been doing it for years, but apparently no one has ever explained in small words to you so-called lawyers that there might be some legal issues to be addressed here?”
Kim Zetter reports:
In the wake of the AP scandal, in which federal investigators obtained the phone records of journalists using only a subpoena, four lawmakers have introduced legislation in the House that would prevent federal agencies from seizing any phone records without a court order.
Currently, the Telephone Records Act allows the feds to demand phone records from service providers by using only an administrative subpoena to obtain basic subscriber information. Basic subscriber information can include a customer’s name, address, credit card number, and phone records.
The Telephone Records Protection Act consists of just one sentence amending that law (.pdf) and would force federal agencies to seek judicial review to obtain records in order to avoid a situation like the one that recently happened with the Associated Press.
Read more on Threat Level.
[The relevant part of the “Telephone Records Protection Act:
Subparagraph (C) of section 2703(c)(2) of title 18, United States Code, is repealed.

(Related) Were they “just following the law” or not?
Ryan Gallagher reports:
If you are a customer of Verizon Wireless, you might want to consider switching carriers in light of the Associated Press phone snooping scandal.
When the feds came knocking for AP journalists’ call records last year, Verizon apparently turned the data over with no questions asked. The New York Times, citing an AP employee, reported Tuesday that at least two of the reporters’ personal cellphone records “were provided to the government by Verizon Wireless without any attempt to obtain permission to tell them so the reporters could ask a court to quash the subpoena.”
Read more on Slate.

They literally changed only one word. What do they thing this achieves?
May 16, 2013
EPIC - Amendment to Immigration Bill Seeks to Limit Drone Surveillance on Border
EPIC: "The Senate Judiciary Committee has approved an Amendment to the immigration bill to limit the range of drones surveillance in the United States. The immigration bill grants the Bureau of Customs and Border Protection authority to operate surveillance drones continuously within the border region. Senator Dianne Feinstein's (D-CA) Amendment reduces the patrol area of surveillance drones from 100 miles around the border to 25 miles. More than two-thirds of the US population lives within 100 miles of the border. In February 2013, EPIC petitioned the Bureau of Customs and Border Protection to suspend the border drone surveillance program pending the establishment of concrete privacy regulations. The petition followed the production of documents to EPIC under the Freedom of Information Act demonstrating that the border drones had the ability to intercept electronic communications and identify human targets. For more information, see EPIC: Domestic Unmanned Aerial Vehicles (UAVs) and Drones."

Government is confusing. The lab was established in 1978 and only now (2013 – 1978 = ) 35 years later are they considering keeping records? Will this duplicate or replace the FBI fingerprint database?
Notice Of Privacy Act System Of Records.
In accordance with the Privacy Act of 1974, the Department of Homeland Security proposes to establish a new Department of Homeland Security system of records titled, “Department of Homeland Security/U.S. Immigration and Customs Enforcement—014 Homeland Security Investigations Forensic Laboratory System of Records.”
This system of records allows the Department of Homeland Security/U.S. Immigration and Customs Enforcement to collect and maintain records by the Homeland Security Investigations Forensic Laboratory (HSI-FL). The HSI-FL is a U.S. crime laboratory specializing in scientific authentication; forensic examination; research, analysis, and training related to travel and identity documents; latent and patent finger and palm prints; and audio and video files in support of law enforcement investigations and activities by DHS and other agencies. To facilitate forensic examinations and for use in forensic document training, research, and analysis, the HSI-FL maintains case files, a case management system, an electronic library of travel and identity documents (Imaged Documents and Exemplars Library), and a hard copy library referred to as the HSI-FL Library. Additionally, the Department of Homeland Security is issuing a Notice of Proposed Rulemaking elsewhere in theFederal Register to exempt this system of records from certain provisions of the Privacy Act. This newly established system will be included in the Department of Homeland Security’s inventory of record systems.
More information can be found in the Federal Register.

Typical government. Public outrage stopped them from doing this in one fell swoop, so they fell back to doing it bit by bit (mini-swoops)
Ben Grubb reports:
The federal government has been accused of sneaking mandatory web filtering through the back door after one of its agencies inadvertently [??? Bob] blocked 1200 websites using a little-known law.
Technology news website Delimiter this week revealed the Australian Securities and Investments Commission (ASIC) last month used a telco law to ask major internet service providers (ISPs) to block a website it believed was defrauding Australians.
Read more on The Age.

There are already defensive patents with free licenses, aren't there?
"The tactic of patenting open source software to guard against patent trolls and the weaponization of corporate patent portfolios is gaining momentum in the FOSS community. Organizations including the Open Innovation Network, Google and Red Hat have built defensive patent portfolios (the latter two are defending their product lines). This approach has limitations. Penn State law professor Clark Asay writes in an Outercurve Foundation blog examining the trend, 'Patenting FOSS may help in some cases, but the nature of FOSS development itself may mean that patenting some collaboratively developed inventions is inherently more difficult, if not impossible, in many others. Consequently, strategies for mitigating patent risk that rely on FOSS communities patenting their technologies include inherent limitations. It's not entirely clear how best to reform patent law in order to better reconcile it with alternative models of innovation. But in the meantime, FOSS still presents certain advantages that, while dimmed by the prospect of patent suits, remain significant.'"

This is either groundbreaking or evidence of extreme ignorance...
"A young Irish man wrongly accused of jumping from a taxi without paying the fare has secured a judgement from an Irish court ordering the video removed from the entire Internet. Experts from Google, Youtube, Facebook, and others must tell the court in two weeks if this is technically possible. The thing is, the video is accurate, it is only a comment that wrongly identified Eoin McKeogh as the fare-jumper in the video that is inaccurate. It's not clear if the judge has made any orders about the comment."

This is both evidence of extreme greed and fender breaking. Remember, Florida gets a lot of its revenue from estate taxes, so making it easier to die in traffic ensures a revenur boost.
New submitter zlives writes in with news that Florida's DOT changed some language in their yellow light timing regulations, leading to a decrease in the yellow delay. Especially at lights with red light cameras.
"From the article: 'Red light cameras generated more than $100 million in revenue last year in approximately 70 Florida communities, with 52.5 percent of the revenue going to the state. The rest is divided by cities, counties, and the camera companies. In 2013, the cameras are on pace to generate $120 million.' I wonder what the camera company cut is?"
At least one areas has promised to undo the reduction now that they have been caught.

I may pay to have the chairs electrified myself!
Electrical Brain Stimulation Helps People Learn Math Faster
… If only there were an easier way.
Now there may be, suggests a new study in which scientists stimulated volunteers’ brains with mild electric current [would a 220 line do better? Bob] while they learned new arithmetic operations based on made-up symbols. People who received brain stimulation during training sessions on five consecutive days learned two to five times faster than those who received sham stimulation, and they retained a 30 to 40 percent performance edge six months later.

I have some students who don't retain this much. Although I have to say, their summary of Don Quixote is exactly as I remember it.
Sometimes reading a 350-page novel is just too much work. And Cliff Notes can also be a pain, what with all the summaries and indexes and character maps. Geez, why does reading have to be so HARD?! It's like, "just give me the one-minute takeaway." Well, thankfully some geniuses created a Book-A-Minute Classics to quickly summarize all the classics in a minute or less. Sure, most of the details are missing, but the bare essentials are there.
Got a book report to do? Flip through our visual guide for these quick summaries.

New to me...
The … the definitive Internet reference source for urban legends, folklore, myths, rumors, and misinformation.

Thursday, May 16, 2013

Aargh! “Yes we encrypted the data, but then we put the key ON THE SAME SERVER so we wouldn't need to remember it.” Clearly, this one is going in my collection of “Worst Practices.” has obtained more details on the breach affecting almost 10,000 patients of Presbyterian Anesthesia Associates. Apparently the data were encrypted, but the encryption key was acquired by whomever attacked the E-Dreamz server hosting the practice’s database.

The dynamic of a security breach changes a bit when the 'victims' are corporations with deep pockets and a good legal team.
Ryan Nakashima reports:
Lawyers for JPMorgan Chase & Co. are asking financial news and data company Bloomberg LP to turn over any records it has of reporters looking up the log-in and usage data of JPMorgan employees.
A formal letter was sent this week, a person familiar with the matter said. The person wasn’t authorized to speak publicly and spoke on condition of anonymity.
[From the article:
The letter seeks data going back to 2008 as the bank examines whether the seller of ubiquitous trading-data terminals was in breach of contract, the person said.
It comes after the revelation Friday that, until recently, Bloomberg reporters had special access to client usage data and sought to use it to break stories. On Monday, Bloomberg News Editor-in-Chief Matthew Winkler apologized for the practice, which he said had been going on since the 1990s. He said the special access for reporters had been cut off last month after Goldman Sachs complained.
… The Federal Reserve is also looking into whether Bloomberg journalists tracked data about terminal usage by top Fed officials.

So anyone (newspaper, school, police department, individual) could do this.
Today The New Yorker unveiled a project called Strongbox, which aims to let sources share tips and leaks with the news organization in a secure manner. It makes use of the TOR network and encrypts file uploads with PGP. Once the files are uploaded, they're transferred via thumb-drive to a laptop that isn't connected to the internet, which is erased every time it is powered on and booted with a live CD. The publication won't record any details about your visit, so even a government request to look at their records will fail to find any useful information. "There’s a growing technology gap: phone records, e-mail, computer forensics, and outright hacking are valuable weapons for anyone looking to identify a journalist’s source. With some exceptions, the press has done little to keep pace: our information-security efforts tend to gravitate toward the parts of our infrastructure that accept credit cards." Strongbox is actually just The New Yorker's version of a secure information-sharing platform called DeadDrop, built by Aaron Swartz shortly before his death. DeadDrop is free software.

“We designed it so we could and we saw no reason to turn this function off for the App vendors.”
Jaikumar Vijayan reports:
Several users of devices running Google’s Android operating system have filed an amended version of an earlier lawsuit accusing the company of illegally collecting, and allowing others to collect, extensive amounts of mobile user data without proper notice or consent.
The lawsuit, filed last week in the U.S. District Court for the Northern District of California, is an updated version of a consolidated lawsuit from January 2012. It alleged that Google’s actions had harmed the privacy, security and financial interests of the six named plaintiffs in the case.
Read more on Computerworld. Courthouse News previously covered the amended complaint, a copy of which can be found on their site.

An interesting argument.
Long-time readers may remember the case of Nina Yoder, a nursing student who was expelled from the University of Louisville School of Nursing [SON] in 2009 for allegedly breaching the honor code and confidentiality agreements she had signed by her posts on MySpace. A district judge had ordered her reinstatement in August 2009, and Yoder eventually graduated from the program, but it seems the part of her lawsuit dealing with damages and constitutional issues of free speech and due process had not been addressed and remained in the courts.
The question of what nursing or medical students or staff can say online that might be subject to disciplinary action is an important one, as it may pit notions of protected speech against an entity’s or employer’s legitimate concerns about disclosures. The issue also raises questions about whether online speech during off-duty hours on one’s own computer can be subject to disciplinary action. Since the time this case first arose, a number of schools have attempted to regulate off-campus online speech in attempts to deal with cyber-bullying. But what about adults disclosing information learned on the job or in their internships or rotations if they’ve signed a confidentiality agreement?
In an opinion issued by the Sixth Circuit Court of Appeals on the free speech claim, the court notes the absence of relevant precedent:
In addition, both parties rely heavily on Supreme Court cases that govern student speech standards, none of which considers the unique circumstances posed here. Yoder has not identified any case—nor are we aware of any—that undermines a university’s ability to take action against a nursing (or medical) student for making comments off campus that implicate patient privacy concerns. Defendants have legal and ethical obligations to ensure that patient confidentiality is protected, and that nursing students are trained with regard to their ethical obligations. See, e.g., Ky. Rev. Stat. § 314.031(4)(d), (k); id. § 314.111. Yoder gained access to the Patient through the SON’s clinical program, and patients allow SON students to observe their medical treatment in reliance on the students’ agreement not to share information about their medical treatment and personal background. Under such circumstances, Defendants could not “fairly be said to ‘know’ that the law forb[ids] [discharging a student under these circumstances].” Harlow, 457 U.S. at 818.
You can read the full opinion here (pdf). They do not seem to reach the issue of whether Yoder’s speech was protected speech, but analyze whether the university officials had reasonable grounds to believe that Yoder had waived any First Amendment rights because she had signed the confidentiality agreement and other documents.

We just had a decision that continuous monitoring of location data (from cell phones) eventually constituted a search under the 4th Amendment. Purchasing data from a vendor does not. Even if you supplied the initial information (DMV records)
sosadmin writes:
Did you know that a private company which hoards detailed information about your driving habits also has plans to create the largest private sector law enforcement database in the world, by combining plate reads with commercial databases, face recognition technology and more?
Vigilant Video is a private corporation. It maintains a database called the National Vehicle Location Service (NVLS), containing hundreds of millions of data points showing the travel patterns of millions of people in the United States. The data in the system comes from a variety of sources including government agencies, other companies like tow truck and repo firms, and a fleet of company cars that drives around sucking up license plate information on our streets and in our neighborhoods.

(Related) “Our business is based on extracting information about you for our customers, but extracting information about you for you is something else entirely. We don't know how to do that.”
"Contrary to recent reports, data broker Acxiom is not planning to give consumers access to all the information they've collected on us. That would be too great a challenge for the giant company, says spokesperson Alexandra Levy. Privacy blogger Dan Tynan recently spoke with Jennifer Barrett Glasgow, Chief Privacy Officer at Acxiom (she claims to be the very first CPO) about how the company collects information and what they do with it. This should give you some small measure of comfort: 'We don't know that you bought a blue shirt from Lands End. We just know the kinds of products you are interested in. We're trying to get a reasonably complete picture of your household and what the individuals who live there like to do,' says Glasgow."

Cops Should Get Warrants to Read Your E-Mail, Attorney General Says
Attorney General Eric Holder became the White House’s highest ranking official to support sweeping privacy protections requiring the government, for the first time, to get a probable-cause warrant to obtain e-mail and other content stored in the cloud.
“It is something that I think the Department will support,” Holder testified before the House Judiciary Committee, when questioned about the Justice Department’s position.
Last month, the Senate Judiciary Committee approved a package that nullifies a provision of federal law allowing the authorities to acquire a suspect’s e-mail or other stored content from an internet service provider without showing probable cause that a crime was committed if the content is 180 days or older.
Under the current law, the 1986 Electronic Communications Privacy Act, the government can obtain e-mail without a warrant as long as the data has been stored on a third-party server — the cloud — for 180 days or more. The government only needs to show, often via an administrative subpoena, that it has “reasonable grounds to believe” the information would be useful to an investigation.
Holder, who was speaking at a Justice Department oversight hearing, said that warrants are unnecessary for non-criminal investigations. [Should I read that as: “We don't need a warrant if we're going to sue you?” OR “We can't tie you to a crime yet, but we want to look at all your emails to see if we can find a crime.” Bob]

Perhaps being elected Governor makes you stupid or willing to go to rediculous lengths to posture for re-election? If one of the Service Academies asked for a high school transcript, would they be denied?
WRCB reports:
Governor Nathan Deal signed an executive order Wednesday which prohibits the state from collecting or sharing with the federal government any personally identifiable data on students or their families.
The order focuses on multiple areas of education and points out that intrusive data tracking is an invasion of privacy and the federal government has no constitutional right to determine how children in the State of Georgia should be educated.
Read more on WRCB.
The text of the Executive Order reads as follows:
WHEREAS: The federal government has no constitutional right to determine how children in the State of Georgia will be educated; and
[ … ]
ORDERED: That no educational standards shall be imposed on Georgia by the federal government.
[ ... ]
IT IS FURTHER ORDERED: That no personally identifiable data on students and/or their families’ religion, political party affiliation, biometric information, psychometric data and/or voting history shall be collected, tracked, housed, reported or shared with the federal government.
IT IS FURTHER ORDERED: That no student data shall be collected for the purpose of the development of commercial products or services.
This __15th__ day of May, 2013.
While the student privacy aspect is certainly attractive, keeping the federal government out of educational issues totally has some drawbacks, particularly if you, like me, follow cases pursued by the Department of Justice Office of Civil Rights, which has investigated Georgia districts over segregation and discrimination claims. Barring districts from sharing data with the federal government may result in students in special education and minority students having less protections and fewer services than they currently have. The Executive Order would also seemingly permit local districts to decide to teach the Bible and not evolution, and to teach that homosexuality is bad, etc.
So privacy interests notwithstanding, I think this Executive Order is very problematic.

What could possibly go wrong?
"In their ongoing battle against websites said to infringe music copyrights, record labels have initiated a fresh wave of actions aimed at forcing UK ISPs to carry out domain blocking. This third wave is set to be the biggest so far, affecting as many as 25 domains and including some of the world's largest torrent sites and file-hosting search engines. Furthermore, the BPI – the entity coordinating the action – will ask courts to block U.S.-based music streaming operation, Grooveshark."

cluedweasel writes
"A Federal judge in Medford, OR has dismissed a piracy case lodged against 34 Oregonians. Judge Ann Aiken ruled that Voltage Pictures LLC unfairly lumped the defendants into what she called a 'reverse class action suit' to save on legal expenses and possibly to intimidate them into paying thousands of dollars for viewing a movie that could be bought or rented for less than $10."
The judge was not enthused that they offered to settle for $7500 while noting that potential penalties could be as much as $150,000.

Eventually we may be able to take an idea from regulation “A” and a concept from law “B” and come up with some decent guidance.
I’ve been looking for an English language report on the new breach guidelines in Belgium and finally found one. Cédrine Morlière and Ludo Deklerck of Bird & Bird write:
When the data breach results in a “public incident” (when a data breach results in a public leakage of private data), according to the guidance, the Data Protection Commission is to be informed of the causes and consequences of the incident within 48 hours. In addition, a public information campaign should be rolled out within 24-48 hours after notifying the Data Protection Commission.
The Belgian Data Protection Commission also announced its intention to reinforce the present legal framework. There is already a legal obligation for data controllers to put adequate security measures in place pursuant to the Belgian Data Protection Act, however, this obligation is not being implemented seriously enough, according to the Commission. The Commision will now lobby the Belgian legislator in order to be entitled to make its recommendations on security measures legally binding.
Read more about the new guidelines on Bird & Bird. As always, I’m skeptical of the value of certain reporting demands such as notification to the public within 48 hours. Rushing to notify often leads to errors and necessitates revised notifications with more cost and more frustration or anger for those affected by a breach.

Something for the “How that legal stuff works” bookshelf.
May 15, 2013
Updated Edition of Benchbook Now Available
US Courts: "The 6th edition of the Benchbook for U.S. District Court Judges, a publication of the Federal Judicial Center, is now available online. The book, last updated in 2007, is a concise and practical guide to situations federal judges are likely to encounter on the bench. The Benchbook covers procedures that are required by statute, rule or case law, with detailed guidance from experienced trial judges. And although new judges may benefit the most from the Benchbook, even experienced judges may find useful reminders about how to deal with routine matters, suggestions for handling more complex issues, and helpful starting points in new situations. The 6th Edition includes a primer on a prosecutor's duty to disclose favorable information to defendants under Brady v. Maryland. There's a new section on civil pretrial case management focusing on the judge's role as an active case manager, and a completely revised section on sentencing, which contains an extensive colloquy for the sentencing hearing. There also are subsections on handling disruptive or dangerous defendants, and expanded jury instructions on the use of social media. Due to budgetary constraints, this edition of the Benchbook is published in electronic format only."

Something new for the terrorist toolkit? “Computer Assisted Sniping” – Take your shot while sipping a latte at your local Starbucks, immediately post the video to Youtube.
"A story on NPR reports that the TrackingPoint rifle went on sale today, and can enable a 'novice' to hit a target 500 yards away on the first try. The rifle's scope features a sophisticated color graphics display (video). The shooter locks a laser on the target by pushing a small button by the trigger... But here's where it's different: You pull the trigger but the gun decides when to shoot. It fires only when the weapon has been pointed in exactly the right place, taking into account dozens of variables, including wind, shake and distance to the target. The rifle has a built-in laser range finder, a ballistics computer and a Wi-Fi transmitter to stream live video and audio to a nearby iPad. Every shot is recorded so it can be replayed, or posted to YouTube or Facebook."

Global Warming! Global Warming! Another article that I apparently don't understand.
"Global warming is changing the location of Earth's geographic poles, according to a study published this week. Researchers at the University of Texas, Austin, report that increased melting of the Greenland ice sheet — and to a lesser degree, ice loss in other parts of the globe — helped to shift the North Pole several centimeters east [...and here I was taught that the only direction you could go from the North Pole was South. Bob] each year since 2005. From 1982 to 2005, the pole drifted southeast towards northern Labrador, Canada, at a rate of about 2 milliarcseconds — or roughly 6 centimetres — per year. But in 2005, the pole changed course [So Global Warming began to melt the ice in 2005? Bob] and began galloping east towards Greenland at a rate of more than 7 milliarcseconds per year (abstract). The results suggest that tracking polar shifts can serve as a check on current estimates of ice loss. Scientists can locate the north and south poles to within 0.03 milliarcseconds by using Global Positioning System measurements to determine the angle of Earth's spin. When mass is lost in one part of a spinning sphere, its spin axis will tilt directly towards the position of the loss [Clearly a pound of ice weighs more than a pound of melted ice... Bob] — exactly as the team observed for Greenland."

(Related) Global Cooling! Global Cooling! (Next lecture will feature Al Gore in a parka an mukluks.)
May 15, 2013
NOAA - April temperatures were coolest since 1997
  • "The April average temperature for the contiguous U.S. was 49.7°F, which was 1.4°F below the 20th century average. April 2013 ranked as the 23rd coolest such month on record and marked the coolest April since 1997 when the monthly average temperature for the contiguous U.S. was 48.0°F."

Purely for Academic purposes, I will seek a grant to carefully and completely find and measure all the porn on the Internet. Contributions gratefully accepted...
The Internet’s Dirty Secret: Nobody Knows How Much Porn There Is

For my Math students (It can't hurt)
Mad 4 Maths is an addictive and interactive game for kids (and adults) that enhances mental arithmetic abilities of the player. While this game is aimed at kids to get them familiar with basic arithmetic operations (addition, subtraction, multiplication and division) it also can be enjoyable for adults to practice their basic math skills. It is available for free download for Android and Blackberry platforms.

Wednesday, May 15, 2013

Nothing new, other than the debate has come to Colorado.
Will Ripley reports from Colorado:
The private information of nearly 85,000 Jefferson County public school students will soon be available in a single database.
Supporters call it a breakthrough, but opponents call it an invasion of privacy.
Jeffco Public Schools is joining forces with inBloom, a pilot program praised by supporters as a revolutionary way to streamline student information.
Some parents have serious concerns, that student grades, test scores, even health records will be vulnerable to cyber attack.

Another service the requires a Facebook or Twitter account to use...
Christopher Mims writes:
Safe Shepherd is a company that searches the web for all the public records available on Americans, and then presents them in a dashboard. Try it for yourself—it’s free—and the results are almost guaranteed to be unnerving. The information is mostly innocuous, and includes your address, phone number and email, but the fact that it’s public is more than enough to create a healthy stream of business for Safe Shepherd, which, according to founder Robert Leshner, is “lightly profitable.”
Read more on Quartz.

Dealing with “road rage” the tough-love way: Maverick missles up you tailpipe.
"The FAA predicts 30,000 drones will patrol the US skies by 2020, but New Jersey drivers could see these unmanned aerial vehicles hovering above the New Jersey Turnpike and Garden State Parkway much sooner than that. New Jersey lawmakers from both Republican and Democratic parties have introduced a number of bills to tackle the drones issue before the federal government starts issuing the first domestic drone permits in September 2015."

Perspective Note the assumption the everyone now defines “data center” as a place customers house their servers rather than the room a single company keeps its mainframe in.
"When data centers first opened in the 1990s, the tenants paid for space to plug in their servers with a proviso that electricity would be available. As computing power has soared, so has the need for electricity, turning that relationship on its head: electrical capacity is often the central element of lease agreements, and space is secondary. While lease arrangements are often written in the language of real estate, they are essentially power deals. 'Since tenants on average tend to contract for around twice the power they need, Mr. Tazbaz said, those data centers can effectively charge double what they are paying for that power. Generally, the sale or resale of power is subject to a welter of regulations and price controls. For regulated utilities, the average "return on equity" — a rough parallel to profit margins — was 9.25 percent to 9.7 percent for 2010 through 2012.'"

For my Website students (and all the others)
Previously, we beat to death every single excuse/myth/misconception that there is about creating a personal website. You no have no reason not to have one. However, you may still be wondering how making your own website could really benefit you.
In January, I wrote an article about why it’s crucial to have a professional online presence and how to do it, where I mentioned the importance of having a personal website.
Your Website Is Like a Living Resume, But More Dynamic
Comparing your website to your resume, is almost insulting to your website. Although you can create an awesome resume, a website is so much more than that. First, it can be whatever you want it to be. Where a resume is typically supposed to be in a certain format, except for creative types, a website can be in any format, have any theme, and contain any content.
Your Website Is Your Ultimate “Online Profile”
Your Website Helps You Become More Discoverable
Your Website Improves Your Credibility and Helps You Stand Out
Your Website Shows Your Dedication and Career Focus
… Again, I encourage you to look into using WordPress – it’s not difficult (which I used to think so), but if you are set on other options, here’s a list of websites that you might want to consider:

Tuesday, May 14, 2013

...and if a reporter called the home number of a senior CIA official how will the FBI determine if it was to send or receive information?
Mark Sherman of the Associated Press broke the story yesterday:
The Justice Department secretly obtained two months of telephone records of reporters and editors for The Associated Press in what the news cooperative’s top executive called a “massive and unprecedented intrusion” into how news organizations gather the news.
The records obtained by the Justice Department listed outgoing calls for the work and personal phone numbers of individual reporters, for general AP office numbers in New York, Washington and Hartford, Conn., and for the main number for the AP in the House of Representatives press gallery, according to attorneys for the AP.
Read more on AP.
There will be those who reasonably point out that this is not the first time reporters’ records have been acquired without their knowledge during the investigation of a leak. But the breadth of this is raising a lot of questions and concerns as collecting phone numbers and the metadata of calls – even without their content – can be very problematic. It can have a chilling effect on a free press and make people afraid to reach out to the press to expose government corruption. As Chris Soghoian, now with the ACLU, has frequently pointed out, the media needs to enhance the security protocols they use to protect sources and communications. Will this incident lead to that kind of positive change? And as EFF notes:
The DOJ’s decision to dive deep into these call records also shows the growing need to update our privacy laws to eliminate the outmoded Third Party Doctrine and to recognize that datamining has now reached the point where it no longer makes sense to treat calling records and other metadata related to our communications as if they aren’t fully protected by the Constitution.
Update: Orin Kerr sees this as a non-story. Scott Greenfield answers him here. For me, the issue is not whether, but rather, should the DOJ be able to get records that they will use to build a criminal case without having to meet a more stringent standard than “reasonable grounds” without any court oversight? This is not unusual, of course, but it still troubles me.

Perhaps we should start a University Drone Club to prepare students to use this technology.
So This Is How It Begins: Guy Refuses to Stop Drone-Spying on Seattle Woman
Back in October, Alexis wrote a piece asking what rights do we have with regard to the air above our property. Walk onto someone's lawn and you're trespassing; fly over it in a helicopter and you're in the clear -- "the air is a public highway," the Supreme Court declared in 1946. But what about the in-between space? Does the availability of unmanned aerial vehicles (aka drones, aka UAVs) throw a wrench in the old legal understandings?
Well, here's where the rubber meets the road for this abstract line of questioning. The Capitol Hill Seattle Blog is reporting a complaint it received from a resident in the Miller Park neighborhood. She writes:
This afternoon, a stranger set an aerial drone into flight over my yard and beside my house near Miller Playfield. I initially mistook its noisy buzzing for a weed-whacker on this warm spring day. After several minutes, I looked out my third-story window to see a drone hovering a few feet away. My husband went to talk to the man on the sidewalk outside our home who was operating the drone with a remote control, to ask him to not fly his drone near our home. The man insisted that it is legal for him to fly an aerial drone over our yard and adjacent to our windows. He noted that the drone has a camera, which transmits images he viewed through a set of glasses. He purported to be doing "research". We are extremely concerned, as he could very easily be a criminal who plans to break into our house or a peeping-tom.
The site adds, "The woman tells us she called police but they decided not to show up when the man left."
… John Villasenor, author of a recent Harvard Journal of Law and Public Policy article about the laws governing drones and privacy, explained to me over email that it's difficult to analyze the legalities of the case without more information. What kind of drone was it? How was it flown? These questions would be instrumental to determining whether it was operated in accordance with FAA regulations.

Should make for some interesting contract language going forward. “Best Practice” risk analysis would identify the data that is expected to move over any internet connection, and secure it appropriately.
After the story broke about Bloomberg reporters being able to access traders’ use of its terminals, law professor James Grimmelman tweeted:
Bloomberg Law’s privacy policy doesn’t prohibit sharing users’ searches with Bloomberg journalists. That’s a client confidences problem.
— James Grimmelmann (@grimmelm) May 11, 2013
It’s not clear to me that attorneys can use Bloomberg Law without risking disciplinary sanctions for putting client confidences at risk.
— James Grimmelmann (@grimmelm) May 11, 2013
According to Dewey B Strategic, they can rest assured:
No Impact at Bloomberg Law. According to Greg McCaffery, CEO of Bloomberg Law, reporters have no access to the Bloomberg Law user data. Bloomberg Law resides on a separate cloud platform, not on the same platform as the Bloomberg terminal data. Bloomberg law doesn’t even have the same “command” functions which the reporters used to access customer data. He also pointed out that the Bloomberg BNA reporters who write the Bloomberg BNA newsletters have no access to the customer data. McCaffery stated that “Bloomberg Law takes the privacy of its customer data very seriously. To be clear: no journalists at Bloomberg News or BNA have ever had access to customer research activity on Bloomberg Law.”
The fact is that there are law firms which subscribe to Bloomberg business terminals under separate contracts from Bloomberg Law, so presumably reporters were also able to view the limited account activity described above. The Bloomberg business terminals are generally used by researchers and not law firm partners, but we now have assurance that reporters can not access any law firm Bloomberg terminal usage.

Catherine Dunn reports:
Bloomberg LP is looking to repair the ongoing fallout over a controversial breach of client data, and the financial information company is adding a new compliance officer to help.
Bloomberg executive Steve Ross will now lead the company’s client data compliance office as Bloomberg continues to field questions over the division between its newsgathering operation and its core business—the $20,000-per-year data terminals employed by bankers to monitor market conditions.
Last week, after Bloomberg received a complaint from Goldman Sachs, the New York Post revealed that Bloomberg News reporters were able to view certain uses of the terminals by clients, including log-on data. The Federal Reserve and the European Central Bank, also Bloomberg clients, reportedly contacted the company for more information on the issue.

Lawyers who give the profession a bad name. (no joke!)
It appears that Prenda Law, freshly defeated, has formed a new shell company named the "Anti-Piracy Law Group," and has resumed sending threatening letters to supposed porn pirates. But this time, they've expanded their threats (from a letter (PDF) sent to Fight Copyright Trolls):
"The list of possible suspects includes you, members of your household, your neighbors (if you maintain an open wi-fi connection) and anyone who might have visited your house. In the coming days we will contact these individuals to investigate whether they have any knowledge of the acts described in my client’s prior letter"
Naturally, the letter also notes that the recipient can avoid having the list of videos they supposedly copied sent to their neighbors and family if they settle for a few thousand bucks...

Definately not as satisfying as eating UN polititians, but probably tastes better.
PolygamousRanchKid writes in with news about a U.N. plan to get more bugs in your belly.
"The U.N. has new weapons to fight hunger, boost nutrition and reduce pollution, and they might be crawling or flying near you right now: edible insects. The Food and Agriculture Organization on Monday hailed the likes of grasshoppers, ants and other members of the insect world as an underutilized food for people, livestock and pets. Insects are 'extremely efficient' in converting feed into edible meat, the agency said. Most insects are likely to produce fewer environmentally harmful greenhouse gases, and also feed on human and food waste, compost and animal slurry, with the products being used for agricultural feed, the agency said. 'Insects are everywhere and they reproduce quickly,' the agency said, adding they leave a 'low environmental footprint.' The agency noted that its Edible Insect Program is also examining the potential of arachnids, such as spiders and scorpions."

For my students. Remember, all work and no play makes you an “A” student.
Play Breakout on Google Image search
… Head on over to Google and do an image search for "Atari Breakout" (or just click the hyperlink).
We think this might be our new favorite Google Easter egg. Other favorites include:
• The tilted page when you search for "tilt" or "askew"
• The spinning screen when you search "Do a barrel roll"
• The mini-game when you type and enter "Zerg rush"
• Getting walking directions from "The Shire" to "Mordor" in Google Maps.

Monday, May 13, 2013

Apparently no one knows that refusing to say “no” is very similar to saying “yes.”
Feds Won’t Say if NSA Surveilled New York Terror Suspects
Federal authorities prosecuting brothers on allegations they plotted to blow up a high-profile target in New York City are refusing to confirm publicly whether they cracked the case by employing a style of warrantless electronic eavesdropping first introduced by President George W. Bush in the wake of 9/11.
The reason, attorneys affiliated with the defense suggest, is because such a concession would create the nation’s first eligible defendant to challenge the constitutionality of the surveillance tactics, which Congress codified into law in 2008 and then again in December.
… A single acknowledgment could open the floodgates to challenge the surveillance tactic, which Supreme Court Justice Stephen Breyer in February noted that “commonsense” (.pdf) tells us is being employed by federal investigators.

To my Ethical Hackers: I told you the code was upside-down!
"An Australian university appears to be excelling at cultivating some of Australia's best computer hackers. Following the University of NSW's students recently placing first, second and third in a hacking war game (the first place winners also won first place last year), The Sydney Morning Herald reports on what exactly about the NSW institution is breeding some of Australia's best hackers. It finds that a lecturer and mentor to the students with controversial views on responsible disclosure appears to the be the reason for their success."

“It's our job to find or create evidence that people who are wrong (politically) are not paying their fair amount in taxes.”
Reports: IRS targets more groups
The IRS repeatedly changed the criteria it used for singling out nonprofit applications for further review, at one point looking at all groups hoping to make “America a better place to live,” according to new reports Monday morning.
The Wall Street Journal and Reuters both reported that the IRS moved beyond giving a skeptical eye to “tea party” and “patriot” groups. It was also targeting groups focusing on specific issues including “government spending,” “government debt,” “Education of the public via advocacy/lobbying to ‘make America a better place to live,’” and all groups that “criticize[d] how the country is being run.”

For those of us who use Excel a lot!
… Short-Cuts Add-In is a free to use add-in that has been made for Microsoft Excel, which you can use to quickly open the spreadsheets that you regularly access. First, you must place the add-in file in the appropriate Excel directory – a guide on how to do this can be found on the add-in’s website. With the add-in added, you can right click on your open spreadsheets and select “Short-cuts” to open up the add-in’s window. From here you can access and create groups of Excel spreadsheets.

For my Geeks: Told ya...
"In a widely-read WSJ Op-Ed, English major Kirk McDonald, president of online ad optimization service PubMatic, informed college grads that he considers them unemployable unless they can claim familiarity with at least two programming languages. 'Teach yourself just enough of the grammar and the logic of computer languages to be able to see the big picture,' McDonald advises. 'Get acquainted with APIs. Dabble in a bit of Python. For most employers, that would be more than enough.' Over at Typical Programmer, Greg Jorgensen is not impressed. 'I have some complaints about this "everyone must code" movement,' Jorgensen writes, 'and Mr. McDonald's article gives me a starting point because he touched on so many of them.'"

Dilbert shows us what could happen if I combine my love of computers with my wife's dog training equipment,,,