Saturday, October 19, 2013

Another small event here in Colorado. My statistics students are suggesting that we should turn the bell curve upside down since we only seem to see very large breaches or very small ones. Something I'll need to think about.
CBS in Denver reports that a suitcase containing a thumb drive with approximately 100 students’ unencrypted medical information was stolen from a school nurse’s car on October 5. The car had been left in a parking lot.
The drive reportedly contained confidential health information for students from Eagleton, Castro and Munroe Schools. That information included medications, health-related letters and medical histories.
And of course, this would be covered by FERPA, not HIPAA.
This is not the first time we’ve seen student health info stolen from a school nurse’s or employee’s unattended vehicle. And this is going to keep happening until the federal government or states really crack down and impose meaningful consequences on districts that do not have policies in place that they monitor and enforce to protect students’ personal information. [Amen Bob]

You have to call this a management failure. Either they failed to detect that the software had not been updated or did know and failed to give a damn.
NSA site where Snowden worked hadn't updated anti-leak software, says report
The NSA facility where Edward Snowden worked when he walked off with a hoard of secret documents had failed to update its anti-leak software, according to a report.
The computer network at the National Security Agency site in Hawaii didn't yet have the bandwidth to effectively run the updated program, an unnamed US official told news agency Reuters.
Other US government facilities had begun installing the updated software in accord with a presidential directive made in response to the WikiLeaks-Bradley Manning document dump. The "insider threat" monitoring software is reportedly made by Raytheon.

Always useful (even if it doesn't say “Don't leave an unencrypted thumb drive in your car.”) and not just in California.
Attorney General Kamala D. Harris today released guidelines on preventing and remedying medical identity theft, including best practice recommendations for the health care industry and tips for consumers. The guidelines are part of a report, Medical Identity Theft: Recommendations for the Age of Electronic Medical Records, which frames the escalated migration to electronic medical records as an opportunity for the healthcare industry to address this problem.
“Medical identity theft has been called the privacy crime that can kill,” said Attorney General Harris. “As the Affordable Care Act encourages the move to electronic medical records, the health care industry has an opportunity to improve public health and combat medical identity theft with forward-looking policies and the strategic use of technology.”
Medical identity theft occurs when an individual uses someone else’s personal information to obtain medical goods or services. For example, a thief may use stolen information to submit fraudulent bills, a doctor or provider may use patient information to write fraudulent prescriptions or an individual may use someone else’s information to obtain treatment.
The report focuses on the impact of identity theft on the accuracy of medical records and argues that the serious risk that inaccuracies pose is not always adequately addressed by existing healthcare industry procedures.
A companion information sheet for consumers, First Aid for Medical Identity Theft, describes the signs of medical identity theft and provides tips on what to do in response. The signs of possible medical identity theft include notice of a data breach from a health care provider, an unknown item in an Explanation of Benefits from a health insurer, a call from a debt collector about an unfamiliar medical bill and questions about your identity or health conditions at intake in a doctor’s office or hospital.
SOURCE: Attorney General Kamala D. Harris, October 17, 2013

Obvious, but difficult to solve.
MeriTalk, a public-private partnership focused on improving the outcomes of government IT, today announced the results of its new report, “Cyber Security Experience: Cyber Security Pros from Mars; Users from Mercury.” The study, underwritten by Akamai Technologies, Inc. , compares what cyber security professionals report about their agency’s security with what end users – Federal workers – actually experience. According to the report, agencies often fail to take the user experience into account when deploying cyber security solutions. As a direct result, end users often circumvent security measures and open their agencies up to data theft, data loss, and denial-of-service attacks.
Read more of their press release on Dark Reading.

PR speak? Note that they never say “The doctor did not take patient records,” because he did. But they did fire the security guard who caught him doing it. Well done, VA.
Lois Henry reports:
Responding to allegations that a doctor had taken confidential patient records out of the Bakersfield Veterans Administration clinic, the VA announced Thursday that three separate investigations over the course of seven months showed that no such patient information had been “released into the community or abused in any way.”
“We are confident that these results confirm that veterans in Bakersfield and Kern County did not have their personal information compromised,” said David Holt, the VA Los Angeles associate director who was in Bakersfield Thursday to talk to the media and meet with veterans at the clinic just west of downtown Bakersfield.
He praised clinic staff for being vigilant and reporting their suspicions, but repeated several times that veterans had no cause for concern about their personal information.
Some of the original tipsters weren’t convinced.
Read more on the Bakersfield Californian.
[From the article:
While the doctor was not found to have compromised patient information, Holt said, he did violate VA policies.
"Excessive use of a copy machine," Holt said. "It was a minor violation."
Holt confirmed the doctor is no longer with the VA but refused to say whether he was fired. The security guard, meanwhile, employed by a private contractor, was let go.

Interesting. Does your policy address situations like these? (How would you clean up your records?)
A firm can have a great policy of not storing credit card numbers, but if the policy isn’t followed by staff, trouble can result. learned this lesson the hard way. They discovered that despite their non-storage policy, credit card information of some customers had been stored. In some cases, the storage was due to the customer providing their credit card number in an email to the firm. In other cases, it was because customer service personnel entered the customer’s credit card number in the “order comments” field.
In any event, some credit card information was on their server when it got hacked on February 5, but the firm didn’t discover the presence of credit card numbers until September 26. did not offer those affected any free services, but notes that they have no evidence that any one individual’s credit card information was viewed or accessed – only that it resided on a server that was accessed.
You can read their notification to New Hampshire and affected customers here.

Not gonna work, unless you can confirm that user “Dude#4” who logs on from San Francisco, is in fact a citizen of the EU?
James Kanter reports:
Lawmakers here have introduced a measure in the European Parliament that could require American companies like Google and Yahoo to seek clearance from European officials before complying with United States warrants seeking private data.
Read more on The New York Times.

This is interesting. It won't last. There's too much money on the table to just walk away.
Illinois court throws out 'Amazon tax' online sales law
The Illinois Supreme Court struck down a state law Friday that required online retailers, like Amazon, to collect sales tax if they have in-state Web affiliates, according to Associated Press.
The court decided the law violated federal rules, which prohibits putting a discriminatory tax on digital sales. It's the first time a high court has thrown out a law like this -- 18 other states have similar laws. In New York, the court upheld the law, spurring Amazon and to petition the Supreme Court.
Amazon ended its affiliates program in Illinois when the law was adopted in 2011.

It is coming to Denver this year!
Aereo to motor into Detroit on October 28
The upstart service, which provides cloud-based broadcast TV service to consumers for a starting price of $8 per month, is heading to Detroit on October 28. The offering will be available across nine counties around the Motor City.
Aereo has ambitious plans to land in 22 cities this year, building out from its initial turf in New York. So far, it's also reached Boston, Atlanta, Salt Lake City, Miami, Houston, and Dallas, while its arrival in Chicago ran into a delay.

35% of Americans now own a tablet, Pew says
Thirty-five percent of Americans own a tablet and 24 percent own an e-reader, according to the latest study from Pew Internet Research.
Pew documented a big jump in tablet ownership. In November 2012, 25 percent of Americans owned a tablet. The findings illustrate the democratization of tablet computing and the impact on lower-cost models beyond the larger version of the iPad.

Interesting to see that Privacy is popular in Europe...
The Coursera Of Europe: iversity Opens With 24 Free Courses And 100K Students
Berlin based has planted its footprint in the ever-expanding MOOC (Massively Open Online Course) universe. It starts with a fresh bouquet of free courses and a strong student base of 115,000. For the present moment, 24 courses are on the catalog with more expected soon. The open courses have been designed by the top professors from Europe and the US according to the press release.
iversity has started with free open courses at launch; the course catalog has a total of 24 for now (15 of which are in English, with the rest in German). The other courses will begin later this year and spill over to 2014. Three courses have seen the largest enrollments:

Free is good!
Students Can Get Microsoft Office 365 For Free
Starting on December 1st, Universities that license Office Education for their faculty and staff can offer students Office 365 ProPlus for free thanks to a new program called Student Advantage. For students at these institutions, that means free access to Word, PowerPoint, Excel, OneNote, Outlook, Access, Publisher, and Lync. While many cheaper alternatives to Office have sprung up, many students still rely on Redmond’s good ol’ productivity tools.
Office 365 University typically costs $80 for a 4-year subscription for students,
… If you’re lucky enough to be enrolled in one of the eligible Universities, you should check out our Office 2013 guide to to be able to fully utilize the productivity suite.

For my Math students.
PBS Math Club - Short Interactive Math Videos
PBS Math Club is a new YouTube channel in which students can watch and interact with math videos. Each of the videos contains a series of math lessons and challenge activities. To complete a challenge students click on the video to answer questions. If they answer correctly, they move on to the next question. If they answer incorrectly students are shown another video clip that explains the correct answer. Watch one of the videos below.
PBS Math Club is just getting started. As more content is added to it, it could become a good source of flipped lesson materials. The videos utilize the YouTube annotations tool which you could also use to create your own series of interactive video lessons.

(Related) I may make my own videos...
How to Create a Linked Series of YouTube Videos
In my previous post about PBS Math Club I mentioned that you could create similar videos by using the annotations tool in the YouTube video editor. If you would like to try this yourself, I have directions that will walk you through the process. Keep in mind that you can only annotate videos that you own and upload to your YouTube account.

Something nice for my students (just before we raise tuition)
Where the Software Engineer Money Is: Juniper
The company currently paying the most on average for software engineers in the U.S. might not be the one you'd expect.
Although tech firms that have sparred publicly for talent -- such as Apple, Facebook, Google and Microsoft -- rank high on Glassdoor's 2013 list of the 25 Highest Paying Companies for Software Engineers, the company that has opened its wallet widest for software engineers turns out to be networking equipment maker Juniper Networks.

Friday, October 18, 2013

Small, but local. Was someone stealing office supplies and selling them at a yard sale?
Student records from Pueblo Community College, including Social Security numbers, were found by a Pueblo woman in a box of office supplies purchased at a South Side yard sale last summer in Pueblo.
Read more on Pueblo Chieftain (sub. req. for full access).

For my Ethical Hackers. This is NOT how you do it. When researching, always have a document in process that starts, “Once upon a time, there was a bank robber.” Interesting that the narcs were looking at bank robbery video...
Alleged bank robbers' Google search: 'What happens if you rob bank?'
[From the article:
Narcotics detectives who viewed surveillance footage believed they recognized McLoud, a suspect in the ongoing investigation of a heroin ring based at 51 Torrey St., just around the corner from the bank, police said.

When you look up “naiveté” in the dictionary, guess whose picture you find. If indeed he was “uniquely qualified” why did he give the files to journalists.
Edward Snowden: Zero chance Russia, China nabbed files
NSA leaker Edward Snowden says he didn't take top-secret agency files with him when he fled to Moscow and that he was also able to protect the documents from Chinese spies.
… "As part of Snowden's flight from American justice, he went to two of the most repressive and technologically sophisticated countries on Earth. (Hong Kong is, of course, part of China)," Toobin wrote, continuing later with: "An American citizen walks into their countries bearing the keys to our most secret programs, and both -- both! -- China and Russia decline to take even a peek. That is a preposterous proposition."
In the interview with Risen, however, Snowden claims he was uniquely qualified to foil any attempts by China to access his cache of documents. As an NSA contractor, he says, he was well-versed in Chinese cyberspying programs and even taught a course on Chinese cybercounterintelligence.
As for Russia, Snowden said he gave his entire cache of classified materials to journalists before he left Hong Kong -- and kept no copies for himself -- "because it wouldn't serve the public interest" for him to hang onto the files.

And then there are the merely delusional... Too bad he didn't realize it wasn't 1955 until after the election.
Anthony Weiner: I'd probably be mayor if it wasn't for the Web
The still disappointed candidate says that if this was still 1955, he would have been elected mayor.

A TED talk for my students who don't have time to read... (and how Big Data defeats privacy)
Alessandro Acquisti: Why privacy matters
The line between public and private has blurred in the past decade, both online and in real life, and Alessandro Acquisti is here to explain what this means and why it matters. In this thought-provoking, slightly chilling talk, he shares details of recent and ongoing research -- including a project that shows how easy it is to match a photograph of a stranger with their sensitive personal information.

Of course they can. Perhaps reporters should read at least a summary of how instant messaging and email systems work.
Dan Goodin reports:
Contrary to public claims, Apple employees can read communications sent with its iMessage service, according to researchers who have reverse engineered it.
The finding, delivered Thursday at a Hack in the Box presentation titled How Apple Can Read Your iMessages and How You Can Prevent It, largely echoes the conclusion Ars reached in June.
Read more on Ars Technica.

What's in it for Facebook? Does this give them more ammunition for the advertising? “Hey teenage guys! Need a beer? Here's a picture of Tony Teenager drinking Budweiser! You should drink Budweiser too!”
Vindu Goel reports:
Facebook has loosened its privacy rules for teenagers as a debate swirls over online threats to children from bullies and sexual predators.
The move, announced on Wednesday, allows teenagers to post status updates, videos and images that can be seen by anyone, not just their friends or people who know their friends.
Read more on New York Times.
Right, because letting teens increase their digital footprints that can come back to bite them is such a great marketing strategy. Gah….

These websites must be rather profitable if you can pay out $110 million and still smile...
Isohunt to permanently shutter after settlement with MPAA
… After years of court battles over copyright infringement with the Motion Picture Association of America, Isohunt has agreed to settle.
Under the terms of the settlement (PDF), which was issued on Thursday, Isohunt's founder Gary Fung has seven days to shut down the site, as well as close three other sites that redirect to Isohunt -- Podtropolis, TorrentBox, and Fung has also agreed to pay $110 million in damages.

For my students. I'll use this next 'Constitution Day'
Constitution Annotated – Online and Searchable
“The Constitution of the United States of America: Analysis and Interpretation (popularly known as the Constitution Annotated) contains legal analysis and interpretation of the United States Constitution, based primarily on Supreme Court case law. This regularly updated resource is especially useful when researching the constitutional implications of a specific issue or topic. The Featured Topics and Cases page highlights recent U.S. Supreme Court decisions that demonstrate pivotal interpretations of the Constitution’s provisions.” The complete PDF version, which is large and loads slowly, is here.
The Index and Tables From the Constitution Annotated

Interesting in an “I wonder what's going on” kind of way.
Indonesia tops China as source of Internet attacks
… Akamai noted in the report that its "methodology captures the source IP address of an observed attack and cannot determine attribution of an attacker." Which basically means, the actual attackers aren't always in the country where their attack traffic is originating.

For my students, who need to write persuasively.
The Supreme Court Has Solved the Angry-Email Problem: Justices Only Send Each Other Memos on Paper
Speaking during an interview at the Fortune Most Powerful Women Summit at the Mandarin Oriental Hotel in Washington, D.C., Wednesday night, Supreme Court Associate Justice Kagan elaborated on remarks she'd made in August about how Supreme Court justices don't use email.
"We don't to each other. I obviously do to my clerks," said Kagan about the decades-old communications technology. "But the justices themselves do not communicate by email."
"So how do you communicate?" senior editor at large Pattie Sellers of Fortune asked.
"Well, we either talk to each other, which is not a bad thing," said Kagan, to applause from the well-heeled audience of female CEOs and business leaders.
"Or we write memos to each other," she continued.
"And you know, you have to remember that the Court is an institution where...we're not horse trading. We're not bargaining. We're reasoning. And we're trying to persuade people. And often the best way to do that is by putting things down on paper in a kind of careful and deliberate way and saying this is what I think and, and giving people an opportunity to read a memo and to think about it and to reflect on it," she said.

I tell my students that reading Dilbert every day is like taking MBA classes... (Scott has an MBA)
Scott Adams on Whether Management Really Matters
The Dilbert creator talks with HBR senior editor Dan McGinn. For more, read his book How to Fail at Almost Everything and Still Win Big: Kind of the Story of My Life.
A written transcript will be available by October 25.

For all my Math students, but mostly my Statistics students. (Some nifty graphics)
Math Proves Bacon Is a Miracle Food
… Everything is always better with bacon, right? But if so, how much? And are any foods actually worse with bacon?
We calculated the answer, following a simple methodology that made the most of the 906,539 ratings on First, we searched out all the recipes that fit a certain description-—sandwiches, for example. Then, we calculated the average rating for those foods if they did not include the word “bacon.” We ran the numbers again using only recipes that did include bacon. The results were pretty great. Of all the foods we analyzed, bacon lends the most improvement to sandwiches. Many other foods also benefitted. In fact, we found that when you crunch the data for all recipes, those with bacon do in fact rate higher.

For my students (none of whom live in Australia)
Australian textbook delivery, care of drones
Zookal has partnered with aerial-technology startup Flirtey (a joint venture between Zookal and Vimbra) to start delivering its packages to customers via unmanned aerial vehicle (UAV) as of next year.
… As of March 2014, customers within 3 kilometers (1.8 miles) of Sydney's central business district will be able to arrange free delivery by air from one of six hexacopters. They will have to order delivery to an outdoor area, and the drone will find the customer based on GPS coordinates sent from an Android app (an iOS app will be built after the program is launched). The UAV will hover over the location and lower the textbooks on a retractable cable, [Too complicated. They must be worrying that students will steal the 'copters Bob] allowing the customer to detach the parcel and the drone to be on its way. The entire process could take as little as two or three minutes.

Thursday, October 17, 2013

Think of it as a research project collecting “Strategies for Effective Data Breach Lawsuits?”
You won’t find it on their home page, but if you dig into the U. of Arizona‘s web site, you’ll find this notice, posted today:
Personal information of certain former law students and applicants to the University of Arizona James E. Rogers College of Law may have been exposed after being stored on a server in error. The University has attempted to notify all those affected by personal letter and set up a toll-free number to answer questions.
The University of Arizona is informing certain former law students and applicants to the James E. Rogers College of Law that an unauthorized intruder may have had access to their personally identifiable information.
An intruder accessed a server hosting the College of Law public website on July 29. Analysis of the server showed that the intruder may have accessed old class rosters and applicant lists that were stored on the server in error. The investigation identified 9,080 individuals whose names and social security numbers were potentially accessible.
The University no longer uses social security numbers as personal identifiers except where required by law. Instead, all students, alumni, faculty and staff, and others whose records are kept for business reasons are assigned a personal University identification number. The files stored on the compromised web server predated this policy by several years.
The Arizona Daily Star reported this incident earlier today.

For my Computer Security students – this is how you get hired.
How to Design — And Defend Against — The Perfect Security Backdoor
… Having lost that public battle, the NSA decided to get its backdoors through subterfuge: by asking nicely, pressuring, threatening, bribing, or mandating through secret order. The general name for this program is BULLRUN.

Sliding down that slippery slope like an Olympic Luge. This seems to be “Wouldn't it be nice” data rather than “We can significantly reduce our risk” data.
A reader kindly sent along this link to a post by Michael Geist:
The Royal Bank of Canada updated its mobile application for Android users earlier this month. Like many banking apps, the RBC version allows users to view account balances, pay bills, and find bank branches from their smartphone. Yet when users tried to install the app, they were advised that the bank would gain access to a wide range of personal data.
The long list of personal data – far longer than that found in comparable applications from banks such as TD Canada Trust or Bank of Montreal – included permission to use the device’s camera, to read the user’s call history, to access the user’s Internet browsing habits, and to even check out their browser bookmarks. After users took to Twitter and the Google app review section to complain, RBC advised that it would update the app and that users should “stay tuned” about the permission requirements.
My weekly technology law column (Toronto Star version, homepage version) notes that RBC is not alone in requiring users to disclose more personal information in order to access services. Aeroplan, the loyalty program linked to Air Canada, sent an email last week to hundreds of thousands of Canadians notifying them that it too was changing its data collection practices.
The company disclosed that holders of its popular financial credit cards (which can be used to earn Aeroplan points based on total spending) will soon be required to grant it access to detailed financial activity. Starting next year, Aeroplan will be privy to all cardholder transactions, including merchant names, transaction amounts, and dates of the transactions.
Read more on Michael’s blog. I guess I won’t be using Aeroplan any more!

Clearly, Congress hasn't seen this yet. My Statistics students could have explained it to them.
Poll – The New American Center
“An exclusive Esquire-NBC News survey [rendered in a series of infographics that accompany the data for each respective question/answer] shows us that everything we are told about politics in America today—that there is no middle ground between left and right, blue and red, us and them—is wrong. The data, compiled by the Benenson Strategy Group (pollster for Obama for America ’08 and ’12) and Neil Newhouse of Public Opinion Strategies (lead pollster for Romney for President), show us there is a large group of American voters—even a majority—who make up a New American Center that is passionate, persuadable, and very real. They are merely waiting for Washington to find them.” ["The Benenson Strategy Group and Public Opinion Strategies conducted a nationwide survey from August 5 through 11, 2013, with 2,410 registered voters. They applied a k-means clustering technique to group respondents into "segments" based on attitudinal and demographic commonalities and like-mindedness. They conducted eight iterations of the clustering to optimize the differentiating variables that feed into the segmentation methodology. The segments were formed based on commonalities across their demographics; psychographics; political, social, and economic values; and lifestyles. The pollsters selected the segmentation solution that yielded the most unique and differentiated clusters."] Esquire, November 2013 issue.

For my “starving students” (Unfortunately, a series of infographics. )
200 Ways To Make Money Online

Wednesday, October 16, 2013

Surveillance sneaks in on little cat's feet... What happens when the police run out of “It's for the children,” “We gotta catch terrorists,” and “These guys are criminals!” justifications?
Florida police use cameras to track cars in red-light districts

I guess I missed this (guess I should read the Intelligence Act more carefully) Could be interesting if the volume is a great as I think it is.
Congressional Notification for Authorized Public Disclosure of Intelligence Information
Steven Aftergood/Secrecy News: “A new Department of Defense directive requires the Pentagon to notify Congress whenever a DoD official discloses classified intelligence to a reporter on an authorized basis, or declassifies the information specifically for release to the press. The new directive on “Congressional Notification for Authorized Public Disclosure of Intelligence Information” applies to all components of the Department of Defense. It was issued last week — despite the government shutdown — in response to a provision in the FY2013 Intelligence Authorization Act (section 504) that was passed by Congress last year as part of an effort to stem leaks of classified information.”

Perspective. Looks like a bright future for my Computer Forensics students!
More than half of all Koreans have become victims of identity theft since September 2011, when laws were tightened to prevent the practice.
According to a report submitted to Saenuri Party lawmaker Kim Young-joo by the Ministry of Security and Public Administration, 29.26 million people reported being victims of identity theft every year since 2011. Supposing there were not too many repeat reports, that boils down to 57.4 percent of Korea’s total population of 50.9 million.
SOURCE: Chosun

Interesting. Will we learn and implement?
India’s Secret to Low-Cost Health Care
… The ultra-low-cost position of Indian hospitals may not seem surprising — after all, wages in India are significantly lower than in the U.S. However, the health care available in Indian hospitals is cheaper even when you adjust for wages: For example, even if Indian heart hospitals paid their doctors and staff U.S.-level salaries, their costs of open-heart surgery would still be one-fifth of those in the U.S.

(Related) IBM wants a piece of that Health Care money/
IBM's Watson wants to fix America's doctor shortage

Isn't there a “Fund” to ensure remote communities are connected to the telephone network? Is that no longer a strategic goal? (Or has it been lobbied away?)
On a New Jersey Islet, Twilight of the Landline
Hurricane Sandy devastated this barrier island community of multimillion-dollar homes, but in Peter Flihan’s view, Verizon Communications has delivered a second blow: the telecommunications giant did not rebuild the landlines destroyed in the storm, and traditional telephone service here has now gone the way of the telegraph.

I can probably adapt, or I could offer an offline “How to learn online” class.
Gallup – In U.S., Online Education Rated Best for Value and Options
Viewed as weakest in terms of trusted grading and acceptance by employers by Lydia Saad, Brandon Busteed, and Mitchell Ogisi
“Still something of a novelty, online education is seen relatively positively by Americans for giving students a wide range of curricula options and for providing good value for the money. However, Americans tend to think it provides less rigorous testing and grading, less qualified instructors, and has less credence with employers compared with traditional, classroom-based education. Public perceptions about online education’s ability to deliver education in a format most students can succeed in, as well as its ability to tailor instruction to the individual, are more mixed, but tilt negatively. In line with these views, Americans’ overall assessment of Internet-based college programs is tepid at best. One-third of Americans, 34%, rate such online programs as “excellent” or “good.” The majority calls them “only fair” or “poor.” In contrast, two-thirds of Americans (68%) rate four-year colleges and universities as excellent or good, and nearly as many (64%) rate community colleges this highly.”

Amusing. In Colorado the colors could change 50 times per day!
Mood cars: Paint reacts to temperature changes

Useful, because I know there are millions of you out there looking for ways to send me money!
Square Cash lets anyone send money by e-mail -- for free
Square launched a free service Tuesday that lets anyone send money via email to anyone else.
The service, known as Square Cash, was previously available only in an invite-only beta. For now, at least, it is only available in the United States.
Square Cash doesn't require either person in a transaction to have a Square account, and there are no fees, said product manager Brian Grassadonia. In order to send money, all that's required is for the sender to address an e-mail to the recipient, with a CC: to, and the amount in the e-mail's subject line. The body of the email can contain any information the sender wants.
Although users don't need a Square Cash account, both the sender and the recipient must link their e-mail address to a debit card, Grassadonia explained. That step takes place after the e-mail is sent. Once a recipient has gone through that process, that person can then send someone else money without having to re-enter their debit card number. The funds are deposited directly in the recipient's bank account, and not in a stored balance account.

Might be useful...
– , as the name suggests, converts whatever units of measurement you can think of, on your Android phone. These include things like angles, oven temperature, metric unit, clothing sizes, text conversions, digital image resolution, temperature, currency, and more.

Tuesday, October 15, 2013

Redundantly defining “Everything” Perhaps it would be quicker to list the bits NSA doesn't bother with. Oh wait, they collect “Everything!!”
Barton Gellman and Ashkan Soltani report:
The National Security Agency is harvesting hundreds of millions of contact lists from personal e-mail and instant messaging accounts around the world, many of them belonging to Americans, according to senior intelligence officials and top secret documents provided by former NSA contractor Edward Snowden.
The collection program, which has not been disclosed before, intercepts e-mail address books and “buddy lists” from instant messaging services as they move across global data links. Online services often transmit those contacts when a user logs on, composes a message, or synchronizes a computer or mobile device with information stored on remote servers.
Read more on Washington Post.

(Related) We actually did mean “Everything” but if it will cost us votes, we'll pretend we didn't.
Government Responds to EPIC’s Supreme Court Challenge of NSA Telephone Record Program
“The Solicitor General has filed a response to EPIC’s challenge to the NSA’s telephone record collection program. In July, EPIC petitioned the Supreme Court to vacate the order of the Foreign Intelligence Surveillance Court that requires Verizon to turn over all telephone records to the NSA. EPIC argued that the Intelligence Court exceeded its legal authority and could not compel a telephone company to disclose so much personal information unrelated to a foreign intelligence investigation. Legal scholars and former Members of Congress filed briefs in support of EPIC’s petition, including privacy and national security scholars, constitutional scholars, federal courts scholars, and members of the Church Committee. Congressman James Sensenbrenner, the primary author of the Patriot Act, has said that the telephone records collection program was never authorized by Section 215. For more information, see In re EPIC.”

Some background for the Big Data Privacy: Business & Government seminar on Friday, October 25, 2013 (shameless plug, I know) This article includes Abstracts.
Some recent articles on privacy and surveillance, available on SSRN, that you may want to add to your to-read list:

With DNA and a 3D Printer I can print a copy of the Playmate of the Month!
New on LLRX – DNA Evidence: Brave New World, Same Old Problems
Criminal law expert Ken Strutin guides us through the critical facets that comprise the backbone of investigative forensics in the 21st Century – the database. Ken states that of all information gathering techniques, genetic databanking has become the holy grail of prosecutions and the last resort for exonerations. It is both the cause of and solution to many problems in the administration of justice. Thus, DNA forensics highlights the longstanding tension between scientific understanding and legal reasoning. While DNA’s scientific reputation is very near to magic, its forensic applications are subject to the faults and limitations of every kind of evidence offered as proof in a court of law. Ken’s article collects research on the law and science of genetic evidence at the pre-conviction stage. It focuses on the role of DNA in identification, investigation and prosecution of crime, social and privacy issues, and to some degree exculpation or evidence of third party culpability.

Important when we're talking history but in most computer fields, a few months is as good as “Never.”
New university consortium service allows users to create citation links that will never break is a service [Built and Run by Libraries], currently in beta, that allows users to create citation links that will never break. When a user creates a link, archives a copy of the referenced content, and generates a link to an unalterable hosted instance of the site. Regardless of what may happen to the original source, if the link is later published by a journal using the service, the archived version will always be available through the link. Readers who click on a link are taken to a page that lets them choose to go to the original site (which may have changed since the link was created) or see the archived copy of the site in its original state. is an online preservation service developed by the Harvard Law School Library in conjunction with university law libraries across the country and other organizations in the “forever” business. Why use In a sample of several legal journals, approximately 70% of all links in citations published between 1999 and 2011 no longer point to the same material. Broken links in journal articles undermine the citation-based system of legal scholarship by obscuring the evidence underlying authors’ ideas. As Internet usage becomes more widespread and web citations in legal scholarship become more common, the problem of link rot will become increasingly important. Using ensures that material cited by authors will always be accessible to readers, preserving the foundation of legal scholarship online.”

When Mr. Zillman creates a list, he creates a VERY BIG list. And usually very useful.
New on LLRX – Education and Academic Resources on the Internet
Marcus P. Zillman’s guide links researchers to a wide range of reliable resources for all professions and skill levels. Marcus covers topics including: education, chemistry, economics, mathematics, philosophy, engineering, MBA and PhD/Dissertation/Thesis/Academic Writing resources, as well as increasingly popular MOOCS/Open Courseware (OCW) resources.

For my student minions in my Website class...
– when designing websites, it helps the designer to have placeholder texts which can be placed where the real text is going to go. Normally this text is called Lorum Ipsum. But now you can have Minions Ipsum, based on the upcoming movie, with the text coming from what the characters say. It’s Lorum Ipsum with a twist.

Something for the student Bike Club?
How to Make Your Own Dashcam For Your Car or Bike

I was thinking “Ethical Hacker Blog” but maybe we want to toss in a few Tweets before the data gets stale.
How to Write Tweets That Your Followers Will Want To Retweet

Monday, October 14, 2013

Mark your calendars. Drop by for details. Register. Learn!
The Privacy Foundation at the University of Denver Sturm College of Law presents:
Big Data Privacy: Business & Government
Friday, October 25, 2013 10:00 AM—1:00 PM
Contact Privacy Foundation Administrator Cindy Goldberg at
or Anne Beblavi at, or call 303-871-6303

Generating and using Big Data...
Paper – The Massive Metadata Machine
The Massive Metadata Machine: Liberty, Power, and Secret Mass Surveillance in the U.S. and Europe, Bryce Clayton Newell, University of Washington – The Information School, October 11, 2013. I/S: A Journal of Law and Policy for the Information Society (ISJLP), 10, 2014
“This paper explores the relationship between liberty and security implicated by secret government mass surveillance programs. It includes both doctrinal and theoretical analysis. Methodologically, the paper examines judicial reasoning in cases where parties have challenged secret government surveillance programs on Constitutional or human rights grounds in both United States’ Courts and at the European Court of Human Rights (EctHR). Theoretically, this paper will draw on theories in the fields of law, surveillance studies, and political theory to question how greater recognition of citizen rights to conduct reciprocal surveillance of government activity (for example, through expanded rights to freedom of information) might properly balance power relations between governments and their people. Specifically, the paper will question how liberal and neo-republican conceptions of liberty, defined as the absence of actual interference and the possibility of arbitrary domination, respectively, and the jurisprudence of the ECtHR can inform the way we think about the proper relationship between security and liberty in the post-9/11, post-Snowden United States of America.”

Now that's an interesting idea. Is this like saying banks are too big to fail, only backwards? (Plaintiffs are too big for Google to survive?)
Scott Graham writes:
Plaintiffs appear to be in the driver’s seat in two big privacy class actions against Google. The suits over Gmail and Street View have survived motions to dismiss, and the Ninth Circuit has emphatically rejected Google’s appeal in the Street View case.
This is a point where settlement discussions would typically intensify. But is it possible plaintiffs now have too much leverage?
With potential classes of many millions of people and statutory damages ranging as high as $10,000 per violation under the Wiretap Act, the parties could confront a scenario where the case is simply too expensive to strike a deal.
Read more on (sub. req.).

Always an amusing area. How about laws based on what the average cop could observe in the course of a normal day? If he sees me speeding, I get a ticket. If he uses a 'red light' camera to catch me running the light, I get a ticket. If he uses infrared detectors on a drone to determine I keep one room of my house at 95 degrees, the judge should refuse to issue a warrant to check for a marijuana greenhouse and destroy any record of that “observation.”
D. Parvaz interviewed Woodrow Hartzog during the recent Drones and Aerial Robotics conference. Here’s a snippet from the interview:
Woodrow Hartzog: There’s a fair amount of hand-wringing over drones and privacy, but I think in many instances it’s often dismissed because drones fly in public and they fly in public spaces and the law, as it’s traditionally been conceived, does not protect privacy when you’re walking out in the middle of the street. But I don’t think that’s entirely true.
I don’t think that when push comes to shove that we’re going to concede, as a society, that any time we’re in public we’re fair game to be surveyed or photographed, particularly over long distances. Say you’re being targeted in public….what if I have a drone and it’s dedicated to you, and I only monitor you, in public, for over the period of a year. Have I violated any expectation of privacy?… Well, at that point, it’s harassment. Right now, the law, as configured, does not really protect against that.
So the drones are going to force us to answer some difficult questions about [what] “public” means and when we should be protected, even when in public.
Read more on Aljazeera.

Government designed and built. There is no reason for these to constantly fail except poor management.
Web Site Problems May Imperil Finances of Insurance Market
From the start, signs of trouble at health portal: Many deadlines missed – NYT, by Robert Pear, Sharon LaFraniere and Ian Austen:
“For the past 12 days, a system costing more than $400 million and billed as a one-stop click-and-go hub for citizens seeking health insurance has thwarted the efforts of millions to simply log in. The growing national outcry has deeply embarrassed the White House, which has refused to say how many people have enrolled through the federal exchange. Even some supporters … worry that the flaws in the system, if not quickly fixed, could threaten the fiscal health of the insurance initiative, which depends on throngs of customers to spread the risk and keep prices low… Interviews with two dozen contractors , current and former government officials, insurance executives and consumer advocates, as well as an examination of confidential administration documents, point to a series of missteps – financial, technical and managerial – that led to the troubles. Politics made things worse. [Duh! Bob] To avoid giving ammunition to Republicans opposed to the project, the administration put off issuing several major rules until after last November’s elections. The Republican-controlled House blocked funds. More than 30 states refused to set up their own exchanges, requiring the federal government to vastly expand its project in unexpected ways…”

Just like NASCAR: “Treasuries, start your printers!” We've already given up backing currencies with gold or other tangible assets, why not disconnect them from taxation (and reality) while we're at it? Just because Alaska can do it (on a smaller basis) does not mean everyone can afford it.
Switzerland to vote on plan giving every adult in the country a $2,800 check every month
Rather than savage cuts, Switzerland considers “Star Trek” economics, by Josh Eidelson. ”By gathering over 100,000 signatures – which they delivered last Friday along with 8 million 5-cent coins representing the country’s population – activists have secured a vote by Switzerland’s parliament on an audacious proposal: providing a basic monthly income of about $2,800 U.S. dollars to each adult in the country. (A date for the vote hasn’t yet been set.) Such basic income proposals, which have drawn increased attention since the 2008 financial crash, offer a night-and-day contrast to the current U.S. debate over what to cut and by how much. Salon called up John Schmitt, a senior economist at the progressive Center for Economic and Policy Research, to discuss the economics and politics of having the government send everyone in the country a monthly check.”

It's like shopping everywhere with a King Soopers credit card....
– When you log in and pay with Amazon, you can use the information stored in your Amazon account to login and pay conveniently on thousands of sites other than It’s the fast, easy, safe way to buy whether online or on your phone. When you pay with Amazon, you take the protection of Amazon with you. However, this service is currently only for the US.

One possible future for education? So far, only on your iProducts?
– What if you were able to learn something before you got bored and gave up? With our unique format of online micro-courses you can complete a micro-course in just one hour or less. Learn just what you need or are interested in right now. Expand any lesson as a separate micro-course. Request a new micro-course and get it in a few days.

Useful when you remember the Math has it's own language, that bears no relationship to everyday English. I add stuff like this to my class handouts.
Five Mathematics Glossaries for Kids
A glossary of mathematics terms can be a helpful aid to students who struggle with the vocabulary of mathematics. When I was a middle school and high school student the vocabulary of math often tripped me up and having a glossary of terms often helped me be able to complete my homework assignments. Here are five mathematics glossaries that students can access online.

Animated Math Lessons for Kids
Math Live is a neat mathematics website hosted by Learn Alberta. Math Live presents students with animated stories that teach mathematics lessons. In all there are twenty-three lessons for elementary school and middle school students. The lessons are divided into four categories; Number, Patterns and Relations, Shape and Space, Statistics and Probability. Each animated lesson is accompanied by a mathematics worksheet that students complete either while watching the lesson or after viewing the lesson. Each lesson is divided into sections and students can advance or rewind as needed.
Math Live does a nice good job of providing students with some real world examples of the uses of mathematics.