Saturday, August 24, 2013

Articles like this make me wonder how many centuries it took humans to realize that closing and locking a door reduced theft? Somewhere these people must have heard about encrypting data or storing it on a more secure server locked in a more secure room. Here's a simple idea. Ask your neighbors, competitors, auditors, even you local police department about security. Hell, you can even Google it!
Peter Frost and Julie Wernau of the Chicago Tribune report than 4 million patients of Advocate Medical Group may be at risk of ID theft after four computers were stolen during a burglary last month at Advocate’s administrative building on West Touhy Avenue in Park Ridge. Advocate Medical Group is part of Advocate Health Care.
In its statement on, a web site it created about the breach, Advocate explains that the burglary, which occurred overnight, was discovered on July 15.
Our investigation confirmed that the computers contained patient information used by Advocate for administrative purposes and may have included patient demographic information (for example, names, addresses, dates of birth, Social Security numbers) and limited clinical information (for example, treating physician and/or departments, diagnoses, medical record numbers, medical service codes, health insurance information). Patient medical records were not on the computers and patient care will not be affected. [Aren't “diagnoses'” and “medical service codes” (tests or treatments they plan to bill for) “medical records?” Bob]
That sounds like more than enough information for ID theft and possibly medical ID theft if the insurance information included policy numbers. Although the burglars may have stolen the hardware for its non-content value, will someone discover what is on it and try to misuse the patient information?
And did Advocate have enough security in place? The Chicago Tribune reports:
The building was not equipped with an alarm, but it had a security camera and a panic button, Golson said. Advocate has since installed continuous security staffing at the office and is re-evaluating its security systems and practices systemwide.
The lack of encryption is probably the most glaring security failure. Did their policies require encryption but the policies weren’t followed or did they not have an encryption policy in place? And will HHS see this as insufficient physical security and insufficient technical security?
What will HHS do? And what will the state attorney general do?
A copy of Advocate’s patient notification letter has been uploaded to the California Attorney General’s breach reporting site, here (pdf).

The early poster boy for illegal surveillance?
New Zealand appears to have used NSA spy network to target Kim Dotcom
A new examination of previously published affidavits from the Government Communications Security Bureau (GCSB)—the New Zealand equivalent of the National Security Agency (NSA)—appears to suggest that the GCSB used the “Five Eyes” international surveillance network to capture the communications of Kim Dotcom, the founder of Megaupload.
The new analysis was posted by New Zealand journalist Keith Ng in a Thursday blog post. If the link proves to be true, it would seem that the NSA’s vast international surveillance capability can be turned against individuals unrelated to the NSA’s stated mission to aid military, counterintelligence, or counterterrorism objectives.
… At the time of the surveillance against Dotcom, the GCSB was only allowed to engage in surveillance of non-resident foreigners. However, earlier this week, the New Zealand parliament voted 61-59 to expand the GCSB’s powers to encompass citizens and legal residents.

What “privacy controls” need to be applied at what points in the surveillance process?
International Principles on the Application of Human Rights to Communications Surveillance
by Sabrina I. Pacifici on August 23, 2013
“As technologies that facilitate State surveillance of communications advance, States are failing to ensure that laws and regulations related to communications surveillance adhere to international human rights and adequately protect the rights to privacy and freedom of expression. This document attempts to explain how international human rights law applies in the current digital environment, particularly in light of the increase in and changes to communications surveillance technologies and techniques. These principles can provide civil society groups, industry, States and others with a framework to evaluate whether current or proposed surveillance laws and practices are consistent with human rights. These principles are the outcome of a global consultation with civil society groups, industry and international experts in communications surveillance law, policy and technology.
Preamble: Privacy is a fundamental human right, and is central to the maintenance of democratic societies. It is essential to human dignity and it reinforces other rights, such as freedom of expression and information, and freedom of association, and is recognised under international human rights law. Activities that restrict the right to privacy, including communications surveillance, can only be justified when they are prescribed by law, they are necessary to achieve a legitimate aim, and are proportionate to the aim pursued.
Before public adoption of the Internet, well-established legal principles and logistical burdens inherent in monitoring communications created limits to State communications surveillance. In recent decades, those logistical barriers to surveillance have decreased and the application of legal principles in new technological contexts has become unclear. The explosion of digital communications content and information about communications, or “communications metadata” — information about an individual’s communications or use of electronic devices — the falling cost of storing and mining large sets of data, and the provision of personal content through third party service providers make State surveillance possible at an unprecedented scale. Meanwhile, conceptualisations of existing human rights law have not kept up with the modern and changing communications surveillance capabilities of the State, the ability of the State to combine and organize information gained from different surveillance techniques, or the increased sensitivity of the information available to be accessed.”

Clearly, I'm not the only one who sees this as a good thing.
Steve Ballmer just made $625 million by firing himself
Since Steve Ballmer’s announcement this morning that he’s stepping down as CEO of Microsoft in the next 12 months, the company’s stock has popped more than 8%. Ballmer is Microsoft’s second-largest individual shareholder, with 333,252,990 shares, which means his $16 billion net worth just appreciated $625 million. Bill Gates, Microsoft’s largest individual shareholder, just added $741 million to his $71.3 billion kitty.

For my website students.
– helps you to test web fonts on any website on the fly. Enter the site URL, and when you click on a font, you will be taken to that website with all of the text changed to the font you chose. This will allow you to see right away what a font would look like on your site without having to actually change anything. You can go back and choose another font until you find one you like.

Something for my website students (who have adequate legal representation)
– is a site that lists, catalogues, and embeds YouTube videos which are full length feature movies, uploaded by other people. You can break down the selection by decade, genre, and movie score, and when you click on a movie poster, that film will be embedded on the page. The site breaks no laws [Always a “red flag” phrase Bob] because it is only listing what others have uploaded, and they give a link if anyone wants to file a copyright violation with YouTube.

What amusements await?
Facebook CEO Mark Zuckerberg asked this week if “connectivity is a human right?” launching, as part of his company’s mission to “make the world more open and connected,” a new organization,, to bring the Internet to those in the world without access to it. UC Berkeley grad student Jen Schradie has a wonderful response in which she thoroughly trounces the “Silicon Valley ideology” driving the announcement, which certainly seems much less about humanitarianism and much more about monetizing a new market.
… It’s the time of year for the Beloit Mindset list, which Beloit College publishes each fall to characterize the “mindset” of incoming freshmen. But even better, I’d say, was the unveiling of the Benoit Mindlessness site this week, “dedicated to the mockery and eventual destruction of the Beloit mindset list.” Also fairly awesome: the #2170BeloitMindset hashtag on Twitter, with such gems as “the planet earth has always been uninhabitable.”
… According to a survey by CarringtonCrisp, “fifty per cent of employers would not consider recruiting someone who had studied for their degree wholly online.” Other findings suggest that students are “suspicious of MOOCs,” although less so about online education in general. The (Pearson-owned) Financial Times, in reporting this “research,” calls it a “blow to MOOCs.”
The Computer Science Teachers Association has released a report about CS teacher certification in the US, which finds only two states (Arizona and Wisconsin) require teachers to be certified or licensed to teach computer science.
… Lots of facts and figures in The Chronicle of Higher Education’s “Almanac of Higher Education 2013”: what professors make, what colleges cost, what students think about digital textbooks, and more.

Friday, August 23, 2013

Are they saying that their current procedures cause harm? They are, aren't they? I would really like to see how this would work. I see the potential for lots of “False Positive” reports requiring (one hour?) reversals.
The Centers for Medicare and Medicaid Services is seeking to fast-track the rollout of a new process that state health insurance exchanges will use to report–within one hour–information security incidents.
With the exchanges expected to open on October 1, CMS has submitted a request for an emergency review of the new reporting system from the Office of Management and Budget “because public harm is reasonably likely to result if the normal clearance procedures are followed,” according to a notice issued on August 20.
Read more on Health Data Management.
[From the article:
In absence of this change, [i.e. If we keep doing what we are doing... Bob] a significant number of incidents will not be detected; therefore causing harm and potential risk to the public’s identity with identity fraud.”

Has anyone (government or corporation) raised concerns like this?
Jasper Hamill writes:
Microsoft’s new touchy Windows 8 operating system is so vulnerable to prying hackers that Germany’s businesses and government should not use it, the country’s authorities have warned in a series of leaked documents.
According to files published in German weekly Die Zeit, the Euro nation’s officials fear Germans’ data is not secure thanks to the OS’s Trusted Computing technology– a set of specifications and protocols that relies on every computer having a unique cryptographic key built into the hardware that’s used to dictate what software can be run.
Read more on The Register.

This was a really good idea until users noticed that non-users thought it was a bad idea?
Associated Press and Catherine Townsend report:
Google Play has been forced to remove a Boyfriend Tracker app from sale in Brazil in response to complaints about privacy abuses, as well as its potential to be used for extortion or stalking.
Brazilians were outraged when they learned their country was a top target of the U.S. National Security Agency’s top secret overseas spying operation, but it seems that all bets are off when it comes to catching cheaters.
Tens of thousands managed to download the software before it was pulled off the market.
Read more on Daily Mail.

An article to stimulate ethical debate?
San Francisco Fire Chief Bans Helmet Cams
… Hayes-White, the San Francisco Chronicle reported, made her decision following the death of 16-year-old Ye Meng Yuan in the Asiana plane crash last month. Footage from a helmet cam filmed during the incident shows that battalion chief Mark Johnson did not know that Ye was lying on the ground near the plane wreck, covered in fire-retardant foam, when she was run over by a fire-department rig.
… But this justification for Hayes-White's decision is, to put it mildly, a bit suspect. Even Ye's family's own lawyer is unimpressed. "Why would anybody not want to know the truth?" he told the Chronicle. "What's wrong with knowing what happened? What's wrong with keeping people honest? That's what the helmet cam did, in effect, in this case."

In California, a Champion for Police Cameras
… Rialto has become the poster city for this high-tech measure intended to police the police since a federal judge last week applauded its officer camera program in the ruling that declared New York’s stop-and-frisk program unconstitutional. Rialto is one of the few places where the impact of the cameras has been studied systematically.
In the first year after the cameras were introduced here in February 2012, the number of complaints filed against officers fell by 88 percent compared with the previous 12 months. Use of force by officers fell by almost 60 percent over the same period.

“This way to the EGRESS.”
Ryan Calo has uploaded a new paper to SSRN. Here’s the abstract:
Jon Hanson and Douglas Kysar coined the term “market manipulation” in 1999 to describe how companies exploit the cognitive limitations of consumers. Everything costs $9.99 because consumers see the price as closer to $9 than $10. Although widely cited by academics, the concept of market manipulation has had only a modest impact on consumer protection law.
This Article demonstrates that the concept of market manipulation is descriptively and theoretically incomplete, and updates the framework for the realities of a marketplace that is mediated by technology. Today’s firms fastidiously study consumers and, increasingly, personalize every aspect of their experience. They can also reach consumers anytime and anywhere, rather than waiting for the consumer to approach the marketplace. These and related trends mean that firms can not only take advantage of a general understanding of cognitive limitations, but can uncover and even trigger consumer frailty at an individual level.
A new theory of digital market manipulation reveals the limits of consumer protection law and exposes concrete economic and privacy harms that regulators will be hard-pressed to ignore. This Article thus both meaningfully advances the behavioral law and economics literature and harnesses that literature to explore and address an impending sea change in the way firms use data to persuade.
You can download the paper from SSRN.

Not what I would have guessed...
Assessing Factors That Affect Patent Infringement Litigation Could Help Improve Patent Quality
This suggests that the focus on the identity of the litigant rather than the type of patent may be misplaced.

Not surprising. I have students come to class in their sleep... (This is actually a joke, right?)
The sleep-texting epidemic
… Earlier this year, Philadelphia nursing professor Elizabeth Dowdell worried that teens were now LOLing while they slept.
But teens do all sorts of crazy things out of which they ultimately grow. However, now a New York doctor, sleep expert Dr. Josh Werber, reveals that sleep-texting is spreading to even those with fully-developed faculties.
In a quite painful report published Wednesday, CBS New York interviewed Werber, as well as a couple of women who sometimes wake in the morning, to see that their sleep has been punctuated by messaging.

Thursday, August 22, 2013

We've heard of this but with few details.
Mark Rumold writes:
For almost two years, EFF has been fighting the government in federal court to force the public release of an 86-page opinion of the secret Foreign Intelligence Surveillance Court (FISC). Issued in October 2011, the secret court’s opinion found that surveillance conducted by the NSA under the FISA Amendments Act was unconstitutional and violated “the spirit of” federal law.
Today, EFF can declare victory: a federal court ordered the government to release records in our litigation, the government has indicated it intends to release the opinion today, and ODNI has called a 3:00 EST press conference to discuss “issues” with FISA Amendments Act surveillance, which we assume will include a discussion of the opinion.
Read more on EFF.
Update 1: The opinion can be found here. The problem seems to have stemmed from “upstream” collection of data which often collected internet transactions that were neither to/from approved target facilities nor about targeted facilities. The upstream collection of Internet transactions accounted for 9% of the collection.
Update 2: FISC wasn’t too happy with appears to be yet another – and significant – misrepresentation in previous submissions by the government:
Update 3: And here we go, from p. 29 of the opinion:
Update 4: Read more about the opinion in Spencer Ackerman’s report and in Marcy Wheeler’s commentary here.

New Zealand has passed a hotly-disputed bill that radically expands the powers of its spying agency. The legislation was passed 61 votes to 59 in a move that was slammed by the opposition as a death knell for privacy rights in New Zealand.
The new amendment bill gives the Government Communications Security Bureau (GCSB) – New Zealand’s version of the NSA – powers to support the New Zealand police, Defense Force and the Security Intelligence Service.
Read more on RT.

A useful summary for my Computer Security students.

A good thing? Do we need new laws everytime we update the hardware? Seems like the law should set strategy and the hardware and software are just tactical variations. Massachusetts Supreme Court Says Wiretap Statute Applies To Cell Phones
Greg McNeal reports:
The Supreme Judicial Court of Massachusetts recently ruled that a judge possesses the authority under the Massachusetts wiretap statute to issue warrants permitting the interception of cell phone calls and text messages, despite the fact that both forms of communication are not mentioned in the Massachusetts wiretap statute.
Read more on Forbes.

Mess with our secrets will you.
Glenn Greenwald’s partner, David Miranda, has put the UK government on notice that he is challenging his detention under Section 7 of the Terrorism Act of 2000 and the seizure of his devices at Heathrow airport this past weekend.
The detention of Greenwald’s domestic partner, who has assisted Greenwald in his work at times, created a storm of protest on the Internet over government’s seizure of “journalistic materials” Miranda was carrying between Laura Poitras in Germany and Greenwald in Brazil. Miranda is a Brazilian citizen.
The files were reportedly encrypted, but Miranda, who was reportedly not permitted to consult with a lawyer of his choosing during his almost-9 hour detention, says he felt coerced into providing the password for fear he’d be jailed. [What would have happened if he didn't know the password? Bob]
Carl Gardner provides his legal analysis of the detention on Head of Legal.
The law firm of Binders LLP is representing Miranda, and a copy of their letter to the Home Office can be found here.
Not everyone found the detention concerning. Former MP Louise Mensch defended the government’s action. At the risk of summarizing her incorrectly, her argument boiled down to: (1) Miranda was not just traveling as an uninvolved spouse or family member – his trip was paid for by The Guardian precisely because he was assisting Greenwald with his work, [How did they know that? Bob] (2) Miranda was transporting encrypted files containing material stolen from the government (but that would be our government, not hers), and (3) Greenwald knew all along that Miranda was carrying files that contained stolen material. What’s not clear to me from her argument, however, is how the UK government has any authority to detain someone carrying stolen files about another government that may not reveal anything about the UK at all. Snowden has been charged with theft here, but no one has been charged with receipt or possession of stolen materials. So what is the real basis for detaining Miranda? And if it had been Greenwald passing through Heathrow, would they have had the right to detain him on the basis that he might be carrying files or work materials?
Frankly, it makes little sense to me that Miranda was carrying any files, encrypted or not. Obviously, they would not be the only copies of the files, but still….

Is this always true? If so, what implications for lawyers or psycologists or doctors? (Isn't this why they invented external storage devices?)
Defendant took his computer to Staples for a computer tech to remove viruses and spyware, giving the tech the password to the computer. The computer tech found child pornography in a folder called “PVT,” and he called the police who saw the files and seized the computer. The court finds that the defendant waived his reasonable expectation of privacy in the computer by his actions.
I wonder what that Tennessee court would say about repair people copying nude photos of a computer owner from a private folder on the drive and then uploading them to the Internet. Would the judge still hold that the computer owner had waived REP by giving the repair people the computer and password?

Arnold Roosendaal has uploaded his doctoral dissertation, conducted at Tilburg University, to SSRN. Here’s the abstract:
Every individual is represented in digital form in numerous data sets. Commercial companies use these digital representations as a basis for making decisions that affect the individual. This has implications for privacy and autonomy of the individual and the ability to construct one’s own identity. This study describes how digital representations are created and for what purposes. An analysis is made of the implications this has for individuals and why privacy, autonomy, and identity construction are at stake. In this context legal protection of individuals is provided by data protection legislation. The current framework, however, appears to be insufficient in relation to the problems identified in this study. Other legal constructs are assessed to see whether alternative approaches could help offer legal protection. Finally, a proposal is presented to embed the concepts of digital personae and profiles (as forms of digital representations) as portraits in data protection law.
You can download his dissertation (312 pp, pdf) from SSRN.

Perspective I doubt Google is doomed, but
Wait, what? Yahoo tops Google in US traffic
For the first time in five years, Google is no longer No. 1 in US Internet traffic, and its top spot was taken by a surprising competitor -- the once lackluster Yahoo.
ComScore released its monthly report on the top 50 US Internet properties Wednesday and it listed Yahoo as the top dog in July with 196,564,000 visits. Google, lagging behind slightly, had 192,251,000.
Marketing Land noted that Google has been No. 1 since April 2008. While Yahoo's numbers fluctuated, reaching the No. 2 or No. 3 position occasionally, but never making it to the top.
… Whether it's some clever number crunching or a real renewed interest from consumers, these latest figures have got to give Yahoo CEO Marissa Mayer, and the company's loyal employees, a good morale boost.

For a few selected individuals...
A Complete Guide to Using Blogger In School - 81 Page Free PDF
Since 2006 I have used Blogger for many blogging projects including this blog and many classroom blogs. Over the years I've introduced many teachers to blogging through Blogger. Blogger is easy to use and flexible enough to support you when you're ready to start using some advanced blogging strategies. I've covered the basics of Blogger and blogging in various blog posts over the years. This week I finally put all of those posts together with a series of annotated screenshots in one cohesive package, A Complete Guide to Using Blogger In School.
A Complete Guide to Using Blogger In School covers everything from blogging terminology to blogging activities to the nuts and bolts of using Blogger. You'll learn where to find media to use in blog posts, how to use media in blog posts, and get ideas for media-based blog posts. You'll also learn how to set-up your blog for multiple authors and how to manage comments.
A Complete Guide to Using Blogger In School is embedded below. (The file is hosted on, if you cannot see the document embedded below make sure that your filter isn't blocking You may also need to be using Chrome or a recent version of Firefox, Safari, or IE as outdated browsers may not support the Box viewer).
I'm going to allow downloading the guide for the rest of the month. Downloads should be for personal, non-commercial use. Please do not redistribute it, including for workshops / faculty training, without my permission. I've used to host the file (81 page pdf). Box does not put advertising on the page while still allowing me to track downloads.

I can has Fair Use?
New Infographic: Good News in Fair Use for Libraries
“A new infographic released today tells the story of library fair use and the Code of Best Practices in a clear and compelling way. There’s an embeddable PNG for your own blogs, and there’s also a print-ready 8.5” x 11” version in case you need hardcopies to hand out at events.”

For all my students. You do remember me saying something similar? Hello? Anyone there? (Number 6: Activate cattle prod!)

Wednesday, August 21, 2013

Inevitable. You do know that there is a tool built into most word processors (Mail Merge) that let's you avoid this by sending individual emails.
Lucy Battersby reports that an email gaffe by auto insurer Australian Associated Motor Insurers (AAMI) has enabled disgruntled consumers to find each other to band together:
The blind carbon copy (BCC) button on emails exists for a very good reason.
Unfortunately one of AAMI’s managers failed to use it the day she sent a message to 110 private addresses.
Even worse than releasing private emails, the message went to all the people with ongoing disputes against AAMI with the Financial Ombudsman Service.
Now the email has accidentally united a group of people, already very unhappy with one of Australia’s largest insurers, and who are now exploring the possibility of launching a class action.
Read more on SMH.

“Anything you can do I can do badder!” Theme song of my Ethical Hackers.
You can now unlock your GM car with your Windows Phone
Tuesday General Motors and Microsoft launched the OnStar RemoteLink app for Windows Phone, three years after the app launched with the Chevy Volt in 2010. The app is also available for iOS, Android, and BlackBerry.
RemoteLink lets you unlock and lock your doors, remotely start your vehicle, and turn off and on your horn and lights, all from your smartphone. You can also view data on your car's oil levels, tire pressure, and fuel levels, which GM says is the most common reason people use the app.

What the Guardian learned about metadata? (Well done interactive)
UK Guardian guide to your metadata
Metadata is information generated as you use technology, and its use has been the subject of controversy since NSA’s secret surveillance program was revealed. Examples include the date and time you called somebody or the location from which you last accessed your email. The data collected generally does not contain personal or content-specific details, but rather transactional information about the user, the device and activities taking place. In some cases you can limit the information that is collected – by turning off location services on your cell phone for instance – but many times you cannot. Below, explore some of the data collected through activities you do every day.” [includes a section on "What metadata looks like"]

Still, worth reading either way.
One of the liveliest discussions at the recent Privacy Law Scholar’s Conference was about a paper by Dan Solove and Woody Hartzog, ”The FTC and the New Common Law of Privacy.” Because of conference rules, I could not blog about it previously, but the authors have now uploaded it to SSRN, where you can download it for free. If you support an expansive view of the FTC’s authority to pursue privacy and data security breaches, you’ll probably like the paper. If you think, as some do, that the FTC has exceeded its authority, particularly with respect to data breaches, you will probably disagree with their arguments.

Is this related to the previous article?
FTC Chairwoman Calls for Transparency in Big Data
Via EPIC: “In a keynote speech at the Technology Policy Institute Aspen Forum, FTC Chairwoman Edith Ramirez called upon companies to “move their data collection and use practices out of the shadow and into the sunlight.” Chairwoman Ramirez highlighted the risks of big data including indiscriminate collection, data breaches, and behind-the-scenes profiling. She stressed the importance of protecting consumers’ privacy and said, “with big data comes big responsibility.” EPIC previously testified before Congress and called for the regulation of data brokers because there is too much secrecy and too little accountability in their business practices. EPIC has also consistently recommended that the FTC enforce Fair Information Practices, such as those contained in the Administration’s Consumer Privacy Bill of Rights, against commercial actors. For more information, see EPIC: Choicepoint and EPIC: Privacy and Consumer Profiling.”

Have these violations become more serious in fact or merely in the minds of this batch of politicians?
New SEC Policy – Violations by financial institutions include admission of guilt
Washington Post Wonkblog: “A few weeks ago, SEC Chairwoman Mary Jo White announced a significant change in policy: For certain violations, the agency would no longer allow financial institutions to simply pay a fine without admitting wrongdoing (also known as a “nolo contendere” plea). And in its latest cases, the SEC has been following through, demanding an admission of guilt from JPMorgan in the case of the London Whale and extracting one from hedge fund adviser Philip Falcone… Here’s why getting an admission of guilt actually matters: Symbolism; Subsequent litigation; Loss of reputation and investor confidence; Possible loss of banking license; Disqualifications; Deterrent effects and bargaining power; Greater potential for internal growth and reform.”

Only when they arrest you?
Timothy B. Lee writes:
If the police arrest you, do they need a warrant to rifle through your cellphone? Courts have been split on the question. Last week the Obama administration asked the Supreme Court to resolve the issue and rule that the Fourth Amendment allows warrantless cellphone searches.
Read more on Washington Post.

I think my students like these too, even if it is targeted to K-12.
Bill Gates pitches in for online education resource Graphite
Microsoft Chairman Bill Gates is putting his money where his mouth is. He is backing a new initiative called Graphite that is a free online resource to help teachers discover and share education technology.

I have been bugging a couple of people to do this...
… if you have a particular expertise in a subject and want to teach others, there is a large variety of online resources you can use to make money by teaching others as well. Udemy is one such example of a popular online teaching and learning site that can be accessed online and from supported mobile devices.
… The site includes a well designed step-by-step process for creating your own course, which you can publish to Udemy’s growing community of nearly 1 million students and about another million monthly site visitors. Creating a professional online course is similar to authoring a book, which once published, can possibly bring you residual income for years to come.
Udemy provides straightforward tools for posting lectures and assignments in video, audio, presentation and document formats. A typical Udemy course contains 1-3 hours of content, with at least 60% video content. Most courses are priced between $29 and $99, but many are free. Instructors earn 70%-80% of course revenue.
Creating a Udemy course is relatively easy, but you do have to actually set aside time and complete the project. If you happen to be reading this article before August 22, you should register for Udemy’s first Create-a-thon, which consists of a weekend (August 24-25) in which you set aside time to complete an aspect of your course—e.g., a course outline, a couple of lectures, or a promo video. The event will include prizes, and each participant will receive a professionally designed course cover image.

For my geeks

Tuesday, August 20, 2013

This is beyond Oops. $5,000,000 / 40 = $125,000 per minute.
Amazon website goes down for 40 minutes, costing the company $5 million
… At 40 minutes, the outage could have cost the company as much as $4.72 million in lost sales, the Puget Sound Business Journal estimated, based on the company’s average sales of $117,882 per minute. Of course, that’s an average rate, and sales at the online retailer might be expected to be much brisker on a Monday afternoon in the summer, when people are shirking work by ordering barbecue tools, Hawaiian shirts, boxes of cheap outdoor drink tumblers, or trashy novels to read on their Kindles.

Well this is a damn shame.
Surveillance concerns bring an end to crusading site Groklaw
Citing concerns about privacy and government surveillance, Pamela Jones is shutting down her site Groklaw that for years took on what she and vocal fans saw as wrongheaded legal action in the tech domain.
"There is now no shield from forced exposure," Jones said in final blog post Tuesday. Groklaw depended on collaboration over e-mail, "and there is now no private way, evidently, to collaborate."
Jones, a paralegal, started her site a decade ago taking on the SCO Group's legal attack on IBM and others involving Linux and Unix intellectual property. She rebutted the company's position, detailed the arcana of the lawsuit proceedings, and shared legal filings on which the case rested. Volunteers attended some hearings in person, and collaborative efforts found just any hole that could be poked in the SCO Group's case. The site archives show hundreds of posts since its start in May 2003.
As the SCO Group's case fizzled, Groklaw directed its righteous indignation toward other legal cases, including the storm of patent infringement cases in the tech world, digital rights management, open-source licensing, and Psystar's Mac clones.
Jones herself is withdrawing from the electronic world, too.
"My personal decision is to get off of the Internet to the degree it's possible. I'm just an ordinary person. But I really know, after all my research and some serious thinking things through, that I can't stay online personally without losing my humanness, now that I know that ensuring privacy online is impossible. I find myself unable to write," she said. "Oddly, if everyone did that, leap off the Internet, the world's economy would collapse, I suppose. I can't really hope for that. But for me, the Internet is over."

(Related) Should we join Pam, even if we have nothing to hide? At minimum, the Privacy Foundation should consider a “Hiding from the NSA” seminar.
Are the NSA Revelations Changing How We Use the Internet?
… A new report from the analytics firm Annalect finds what it calls "substantial" changes in Americans' behavior and attitudes since June. Its survey of 2,100 adults, which was conducted from May to July, found that the percent of people who described themselves as either "concerned" or "very concerned" about online privacy jumped by 20 percent, from 48 percent to 57 percent.
Beyond that, the report found that increasing numbers of Americans are changing their behavior online. When compared with Annalect's earlier first-quarter report, the firm found that the percent of people who manually adjusted their browser's settings had almost doubled (from 22 percent over the entire first quarter, compared with 38 percent in July); 19 percent, compared with 13 percent for the earlier period, had adjust the "location-aware" settings on their phones or other mobile devices; and 21 percent, up from 14 percent, had "deleted and/or opted out of mobile tracking," presumably for individual applications. It's clear that the general picture is one of people being more deliberate, more circumspect, with regard to their behavior online.

(Related) They even provide a handout (if you trust the NSA that far).
Among the NSA's Own Tips for Securing Computers: Remove the Webcam
Seems like everything gets hacked these days. Baby monitors. White House employees' personal email. Toilets.
If it's connected to the Internet, it seems at least a little vulnerable.
… Yesterday, security researchers Steve Glass and Christopher Soghoian were passing around a National Security Administration factsheet with a little bit of advice for Mac users on how to "harden" their computers to attacks.
Among the tips, we find the following suggestion: "Disable Integrated iSight and Sound Input."
"The best way to disable an integrated iSight camera is to have an Apple-certified technician remove it," the NSA writes (emphasis added)
… The built-in microphone comes under scrutiny, too. The NSA suggests setting the mic input level to zero and removing a file that cripples the sound system.
The rest of the tips are available in this handy, seemingly laminateable PDF. They include firewalling instructions, file deletion suggestions, and several other procedures. In fact, the NSA maintains an archive of factsheets on protecting its employees, contractors, and associates, but you can use it to protect yourself from hackers -- inside or outside the government.

Something to dangle in front of my students. (Isn't this obvious?)
The Broad-Based Rise in the Return to Top Talent
The Broad-Based Rise in the Return to Top Talent. Kaplan, Steven N., and Joshua Rauh. 2013. “It’s the Market: The Broad-Based Rise in the Return to Top Talent.” Journal of Economic Perspectives, 27(3): 35-56. DOI: 10.1257/jep.27.3.35
“One explanation that has been proposed for rising inequality is that technical change allows highly talented individuals, or “superstars” to manage or perform on a larger scale, applying their talent to greater pools of resources and reaching larger numbers of people, thus becoming more productive and higher paid. Others argue that managerial power has increased in a way that allows those at the top to receive higher pay, that social norms against higher pay levels have broken down, or that tax policy affects the distribution of surpluses between employers and employees. We offer evidence bearing on the different theories explaining the rise in inequality in the United States over recent decades. First we look the increase in pay at the highest income levels across occupations. We consider the income share of the top 1 percent over time. And we turn to evidence on inequality of wealth at the top. In looking at the wealthiest Americans, we find that those in the Forbes 400 are less likely to have inherited their wealth or to have grown up wealthy. The Forbes 400 of today also are those who were able to access education while young and apply their skills to the most scalable industries: technology, finance, and mass retail. We believe that the US evidence on income and wealth shares for the top 1 percent is most consistent with a “superstar”-style explanation rooted in the importance of scale and skill-biased technological change. It is less consistent with an argument that the gains to the top 1 percent are rooted in greater managerial power or changes in social norms about what managers should earn.”

Perspective. On the other hand...

Tools & Techniques: Security. Check that link before you click.
– is a tool to find out the real link hiding behind a short URL. It could lead to a malware or trojan infected website which could cause damage to your system or fetch important information without you knowing. It checks and scans the website first and makes sure that the website is safe to visit or not. The website has been tested with more than 100 top URL shorteners and all of them work flawlessly.

For all my students. Simplify your research.
FTP, short for File Transfer Protocol, is one of the most common protocols for transferring files. You’ll use HTTP while browsing the web, but FTP while communicating with a file server. Normally, you’d use an FTP client for this. Especially when you work over FTP a lot (e.g. web developers), it pays off to use a specialised client that supports favourites, synchronisation and improved batch transfers. We’ve listed some of these at our top Mac and Linux software pages.
While there are a huge number of good FTP clients out there, sometimes you can get by without installing any third-party software at all. An FTP client like those mentioned above makes sense if you’re an avid user, but you can avoid cluttering your system with another piece of software if you only need FTP access every now and then.
Specialised FTP clients are stronger and more versatile, but the standard file browser on each of the three main operating systems can connect to FTP servers as well!

My students probably don't have enough spare time for these, but their kids might.
Here are four online courses that are giving traditional bricks and mortar institutions a run for their money.
Harvard University is an institution that oozes excellence.
Introduction to Computer Science is a course that looks very familiar to most Computer Science undergraduates. Besides teaching C and PHP – two massively popular and useful programming languages – there is also a massive emphasis on learning how to think algorithmically.
This course is delivered by EdX and takes some serious time commitment. It consists of eight programming assignments, each taking up to 20 hours to complete.
Thankfully, London based artist Rosa Nussbaum took it upon herself to create a complete, comprehensive guide to all things fine art. She aims to teach students about the history and theory behind some of the greatest pieces of artwork and in a manner which is accessible, captivating, and lacks any pretense.
This course is free and you can sign up on The University Of Reddit. Lectures are delivered by video on Vokle, with the slides available to download.
CodeSchool is a Florida based startup which has the lofty goal of teaching people to code. Touting lessons in Ruby, Objective C, and Javascript as well as some lesser known languages such as CoffeeScript, it aims to teach people how to code from the ground up.
… This doesn’t come cheap, however. The free videos offered by CodeSchool are limited. If you want to follow a course to completion, you’re going to have to fork out around $25 per month. It’s not all bad though. For each completed course, you get $5 off your next month, and you can download all videos in DRM free, iPhone friendly MOV format.
Philip John Curie There’s no greater teacher when it comes to dinosaurs, and you can learn from him on “Dino 101: Dinosaur Paleobiology” on Coursera.
Dino 101 is free and upon completion you can earn credit at the University of Alberta.

I still want my students to write their own textbooks. This might be a useful tool.
Active Textbook - Turn PDFs Into Multimedia Documents
Active Textbook is an interesting service that you can use to turn your PDFs into multimedia documents. The basic idea behind the service is that you can upload PDFs and add pictures, links, and videos that are displayed when students read your PDF through the Active Textbook viewer. While reading your PDF through Active Textbook students can highlight, draw, and add comments to the document.
The downside to Active Textbook is that you have to create your PDF outside of Active Textbook. You have to have the layout of your PDF set before uploading it because you can't actually change the content of the PDF, you're simply adding links to it through the Active Textbook service.
Applications for Education
Active Textbook could provide a good way to create your own short multimedia texts for students. The most compelling feature is the option for students to highlight and take notes on the document while they're reading it through Active Textbook. Active Textbook also adds a dictionary tool to your document which could be handy for some students. Active Textbook is free to use for up to 500 pages of material.

I didn't know we were doing this. Are we?
LinkedIn recruiting students with career-minded University Pages
As high school and college kids head back to school this fall, they'll have a new tool, courtesy of LinkedIn, to help them get ahead. The professional site aims to assist young adults with determining the best educational path with "University Pages," a feature launching Monday as LinkedIn simultaneously announces that it will welcome future professionals into its fold.
With University Pages, 200 higher education facilities are setting up the equivalent of all-in-one virtual recruiting kiosks, student centers, and alumni hubs. The pages, operated by university staffers, are meant to serve prospect, current, and past students, as well as parents, but come with a wealth of data that could help point career or major-perplexed kids in the right direction.
… Come September 12, the professional site will make its network of more than 238 million people accessible to high school-aged kids around the world for the first time. In places like the U.S., Canada, and Germany, youngsters 14 and up can will be able to sign up to participate and get a leg up on the college selection process.
LinkedIn worked with the 200 universities launching pages Monday. Allen said that thousands of additional schools will get access to University Pages in the weeks ahead.

Monday, August 19, 2013

Gosh. Won't it be wonderful when we can do the same thing in this country?
More on a government plan to allow private companies to purchase patient data from the NHS without patient knowledge or consent. Stephen Adams reports:
A secret plan to sell confidential medical records to private companies for as little as £1 has been drawn up by officials.
From next month, GPs will start sending detailed NHS patient records to a central database for the first time under the new General Practice Extraction Service (GPES).
Yet doctors do not have to tell patients about the project, described by campaigners as an ‘unprecedented threat’ to medical confidentiality.
The records – held for every person registered with a GP – will contain details of medical conditions, as well as ‘identifiable’ information including a patient’s NHS number, postcode and date of birth.
Private firms such as Bupa can then apply to the Health Service to buy and use data from the records for research.
Read more on Daily Mail.

Tools & Techniques for my Ethical Hackers.
Here’s what you find when you scan the entire Internet in an hour
Until recently, scanning the entire Internet, with its billions of unique addresses, was a slow and labor-intensive process. For example, in 2010 the Electronic Frontier Foundation conducted a scan to gather data on the use of encryption online. The process took two to three months.
A team of researchers at the University of Michigan believed they could do better. A lot better. On Friday, at the Usenix security conference in Washington, they announced ZMap, a tool that allows an ordinary server to scan every address on the Internet in just 44 minutes.
… The ability to rapidly find computers with security vulnerabilities can be a good thing if it allows ethical security researchers and software vendors to find and notify systems administrators about problems before information is released to the general public. But ZMap could also be used for evil. A malicious hacker could use the tool to rapidly identify computers that have unpatched vulnerabilities and compromise them in parallel, creating a million-machine botnet in a matter of hours.

Significant? Teachers and students do this all the time to access “blocked” websites. Any implications for telemarketers who ignore the 'do not call' lists?
Orin Kerr writes:
During the debate over the Aaron Swartz case, one of the legal issues was whether Swartz had committed an unauthorized access under the CFAA when he changed his IP address to circumvent IP address blocking imposed by system administrators trying to keep Swartz off the network. There was significantly more to the CFAA charges than that, to be clear, including circumventing a subsequent MAC address block and (most significantly) entering an MIT storage closet to install his computer directly. But changing IP addresses to get around IP address blocking was at least one of the possible grounds of unauthorized access. On Friday, Judge Breyer of the Northern District of California handed down the first decision directly addressing the issue. Judge Breyer ruled that changing IP addresses to get around a block is an unauthorized access in violation of the CFAA. The decision is here: Craigslist v. 3taps, Inc..
Read more on The Volokh Conspiracy.

Something to toss out in my Ethics class...
There are times when I wish I was still teaching so that I could share an extraordinary case with psychology students and enjoy their reactions as they are challenged to think. Over the decade that I spent teaching undergraduate and graduate students, I had a handful of books that I would use to introduce and put a human face on topics such as the scientific method or psychosurgery. If I was still teaching, I’d add Rebecca Skloot’s book, The Immortal Life of Henrietta Lacks, to my list.

I'm not sure having my car's battery talk to my car computer which then talks to my garage computer which then contacts my house computer which then schedules an appointment with a mechanic (based on my calendar) and notifies the car dealer, manufacturer and part supplier is as good an idea as they seem to think.
Cisco – The Internet of Everything in Motion
In 2012, there were 8.7 billion connected objects globally, constituting 0.6% of the ‘things’ in the world. In 2013, this number is exceeding 10.0 billion. Driven by reducing price per connection and the consequent rapid growth in the number of machine-to-machine (M2M) connections, we expect the number of connected objects to reach 50bn by 2020 (2.7% of things in the world). We expect connectivity costs to reduce at a 25% CAGR during 2012-20, which is approximately equal to the growth in number of connected objects (implying price-elasticity demand of 1). Lastly, we believe that more than 50% of the connected objects added during 2013-20 will be added in the last 3 years of the decade. This also implies that the maximum connected objects are likely to be added when the connectivity costs are the lowest.”

Perspective. For my Business, Accounting and Economics students.
The Real Value of Big Data is Difficult to Measure
Is Big Data an Economic Big Dud? by James Glanz, August 17, 2013 – See related graphic here.
“If pencil marks on some colossal doorjamb could measure the growth of the Internet, they would probably be tracking the amount of data sloshing through the public network that spans the planet. Christened by the World Economic Forum as “the new oil” and “a new asset class,” these vast loads of data have been likened to transformative innovations like the steam locomotive, electricity grids, steel, air-conditioning and the radio. The astounding rate of growth would make any parent proud. There were 30 billion gigabytes of video, e-mails, Web transactions and business-to-business analytics in 2005. The total is expected to reach more than 20 times that figure in 2013, with off-the-charts increases to follow in the years ahead, according to Cisco, the networking giant. How much data is that? Cisco estimates that in 2012, some two trillion minutes of video alone traversed the Internet every month… What is sometimes referred to as the Internet’s first wave — say, from the 1990s until around 2005 — brought completely new services like e-mail, the Web, online search and eventually broadband. For its next act, the industry has pinned its hopes, and its colossal public relations machine, on the power of Big Data itself to supercharge the economy. There is just one tiny problem: the economy is, at best, in the doldrums and has stayed there during the latest surge in Web traffic. The rate of productivity growth, whose steady rise from the 1970s well into the 2000s has been credited to earlier phases in the computer and Internet revolutions, has actually fallen. The overall economic trends are complex, but an argument could be made that the slowdown began around 2005 — just when Big Data began to make its appearance. Those factors have some economists questioning whether Big Data will ever have the impact of the first Internet wave, let alone the industrial revolutions of past centuries. One theory holds that the Big Data industry is thriving more by cannibalizing existing businesses in the competition for customers than by creating fundamentally new opportunities. In some cases, online companies like Amazon and eBay are fighting among themselves for customers. But in others — here is where the cannibals enter — the companies are eating up traditional advertising, media, music and retailing businesses, said Joel Waldfogel, an economist at the University of Minnesota who has studied the phenomenon…”

I know I'll need these soon.
3 Rubric Makers That Will Save You Time And Stress
Rubrics4Teachers offers a LOT of pre-made rubrics covering a variety of subjects that are available for your use. You can search by subject matter or by term.
Rubistar is an easy to use online rubric makers that also offers accounts (so you can store and access the rubrics you make), templates, and pre-made rubrics for a variety of subjects. Everything on the site is free.
IRubric ... offers rubric building tools, and a searchable database of pre-existing rubrics from other teachers.

For my students. If you can't find yourself on this graphic, you can't be in my class.

1997 was a million (Internet) years ago! Interesting how the language has changed.
Revisit the amazing Internet the cool kids used in 1997
Sixteen years ago, the name Netscape was becoming a household name, and if the instructional guide to getting kids online from 1997 in the video below is any indication, horizontal stripes were totally in.
If you have half an hour to spare, check out this amazingly cheesy tour of the early "cybernet," as presented by an enthusiastic and remarkably average American family