Saturday, December 02, 2017

Attention CFOs: Stop worrying, start doing.
Every executive team and board of directors is asking themselves the same question in regard to their cyber risk right now: what can we do differently to avoid being the next Equifax, Yahoo! or Target, and protect our shareholder value?
The answer involves radically reframing one of the mainstays of the C-suite — the role of the CFO. It’s no longer adequate or acceptable for CFOs to simply focus on managing the financial risks of a company. In this new era, we need to team up with our CISOs to address the cyber exposure gap, the exposed surface between known threats that are addressed and those that aren’t, either because security tools are inadequate or threats are flying under the radar. The wider the gap, the greater the risk of incidents that can cost millions of dollars in cleanup, lost business, and declining stock value.




The pendulum swings past “addressing” mental health issues to “protecting society” by forcing individuals to prove they are sane?
Joe Cadillic writes:
Imagine police knocking on your door because you posted a ‘troubling comment’ on a social media website.
Imagine a judge forcing you to be jailed, sorry I meant hospitalized, because a computer program found your comment(s) ‘troubling’.
You can stop imagining, this is really happening.
A recent TechCrunch article, warns that Facebook’s “Proactive Detection” artificial intelligence (A.I.) will use pattern recognition to contact first responders. The A.I. will contact first responders, if they deem a person’s comment[s] to have troubling suicidal thoughts.
Read more on MassPrivateI.




If your name isn’t Hertz or Avis, you wave your rights?
The National Motorists Association (NMA) last week warned the US Supreme Court about the potential for court precedent to undermine the rights of passengers using ride-sharing services. The motorist rights group filed a friend of the court brief on an appeal scheduled to be heard on January 9. The Third Circuit US Court of Appeals had previously ruled that someone driving a rental car with permission can be subjected to a warrantless search simply because his name is not on the rental agreement.
“Because the Third Circuit’s rule guarantees that a significant number of drivers of rental cars will be without Fourth Amendment protection, that rule creates ‘sitting ducks’ for potentially abusive law enforcement activity,” NMA attorney Aaron M. Panner wrote.”
Read more on TheNewspaper.com.




Perhaps we should all wear Donald Trump masks?
Growing private sector use of facial scanners worries privacy advocates
… As cruise lines, NFL teams, airlines and retailers like Walmart begin to test and use facial recognition software for their own security systems, experts worry that the technology is ushering in a new erosion of personal privacy.
“Biometric surveillance creep is going on in both the government and the private sector,” said Adam Schwartz, an attorney at the Electronic Frontier Foundation, a digital civil liberties group.




Just a variation on a fingerprint.
Future Galaxy phones could fetch passwords with your palm
… A recently spotted Samsung patent application (PDF) proposes the use of palm scanning as a method of identification on Samsung phones. The example given in the patent shows a person taking a picture of a hand to retrieve their forgotten password.




It will be amusing to watch companies deal with this. Encryption is so important as a security tool, I not only taught my Computer Security students how to generate and use Public/Private (RSA) encryption, I even encrypted one of my exam questions.
Uber's Use of Encrypted Messaging App Wickr May Set Legal Precedents
Top executives at Uber used the encrypted chat app Wickr to hold secret conversations, current and former workers testified in court this week, setting up what could be the first major legal test of the issues raised by the use of encrypted apps inside companies.
The revelations Tuesday and Wednesday about the extensive use of Wickr inside Uber upended the high-stakes legal showdown with Alphabet’s Waymo unit, which accuses the ride-hailing firm of stealing its self-driving car secrets.
Apps such as Wickr, Signal, Telegram, Confide and Snapchat offer security and anonymity, with features including passcodes to open messages and automatic deletion of all copies of a message after as little as a few seconds.
There is nothing inherently unlawful about instructing employees to use disappearing messaging apps, said Timothy Heaphy, a lawyer at Hunton & Williams and a former U.S. Attorney in Virginia.
However, companies have an obligation to preserve records that may be reasonably seen as relevant to litigation or that fall under data retention rules set by industry regulators. In Uber’s situation, chat logs that could help get to the bottom of the trade secrets case are now inaccessible. Uber also faces a criminal investigation over the alleged theft.


(Related). Because the tools are out there and are very easy to use?
Uber’s new chief legal officer tells staff: If you are surveilling people for competitive intelligence, stop it now
Uber’s top brass addressed newly revealed allegations a former employee made about the company’s past security and surveillance practices in a series of emails to the staff.
The ride-hail company’s chief legal officer Tony West, just days into his job, sent an email to the firm’s security team telling them to stop any competitive intelligence projects that included surveilling individuals.
… “We don’t need to be following folks around in order to gain some competitive advantage.”




Yep. it’s all politics.
Twitter changes reason for not removing anti-Muslim videos retweeted by Trump
Twitter clarified Friday why it didn’t delete anti-Muslim videos that President Trump retweeted earlier in the week, saying that the videos did not violate its policies.
The company had previously said the videos were kept up because they were “newsworthy for public interest,” but retracted this on Friday.
To clarify: these videos are not being kept up because they are newsworthy or for public interest,” the company wrote. Rather, these videos are permitted on Twitter based on our current media policy.”
In response to one question, Dorsey rejected the idea that Twitter’s decision was motivated by a desire to keep Trump on Twitter.
… British Prime Minister Theresa May called Trump’s decision to retweet the videos “wrong,” saying that he was contributing to “hateful narratives.”




Not sure I like this idea, Bill Gates or not. Could be fun to ask my students.
How a “Robot Tax” Could Reduce Income Inequality
Earlier this year, Microsoft founder Bill Gates threw his support behind a controversial policy: a robot tax. As workers in many sectors are replaced by machines, the government is losing huge amounts [Really? Huge amounts? Bob] of income tax revenue. Taxing the companies that employ robots, Gates reasoned, could help slow the pace of automation, and the revenue could be used to retrain employees.
Sergio Rebelo, a finance professor at the Kellogg School, had serious doubts when he heard Gates’s argument. For decades, economists have known that taxing so-called “intermediate goods”—goods that are used to make other goods, like the bricks used to build a house, or the robots used to manufacture cars—can make it harder for suppliers to create and sell their products.
“When you do that, you reduce the level of production in the economy,” Rebelo says.
Nonetheless, Rebelo thought the robot tax made for a compelling research topic.
… In fact, the study suggests, if robots continue displacing people without any policy intervention, those displaced might suffer large decreases in income, creating a potentially large rise in income inequality. At the same time, automation produces a large increase in total income.




An interesting question.
Social Apps Are Now a Commodity
… Facebook and Instagram, Snapchat and GroupMe and Messenger and WhatsApp and all the rest—all are more or less the same. They are commodities for software communication, and choosing between them is more like choosing between brands of shampoo or mayonnaise than it is like choosing a set of features or even a lifestyle.


Friday, December 01, 2017

So easy, even Politicians can do it? What does that say about Russian hacking?
Politico reports:
Staffers for Senate Republicans’ campaign arm seized information on more than 200,000 donors from the House GOP campaign committee over several months this year by breaking into its computer system, three sources with knowledge of the breach told POLITICO.
The unauthorized raid on the National Republican Congressional Committee’s data created a behind-the-scenes rift with the National Republican Senatorial Committee, according to the sources, who described NRCC officials as furious. It comes at a time when House Republicans are focused on preparing to defend their 24-seat majority in the 2018 midterm elections. And it has spotlighted Senate Republicans’ deep fundraising struggles this year, with the NRSC spending more than it raised for four months in a row.
Multiple NRSC staffers, who previously worked for the NRCC, used old database login information to gain access to House Republicans’ donor lists this year.
So the NRCC never terminated people’s login credentials when they left and/or never changed the database login either? Wow……
And will any of thee former staffers be criminally prosecuted under the CFAA?
Read more on Politico.




We may be gaining the attention of the Board!
NACD Public Company Governance Survey – top of list is cybersecurity
The National Association of Corporate Directors (NACD), the authority on boardroom practices representing more than 17,000 board members, today released its 2017–2018 NACD Public Company Governance Survey, an annual survey that looks through a board lens into the chief areas of concern for corporate directors. Industry disruption, business-model disruption, changing global conditions, and cybersecurity threats topped the list of concerns in this survey of 587 corporate directors representing 520 public companies. Asked which five trends they foresee having the greatest effect on their companies in 2018, fully 58 percent of respondents identified significant industry change as one of the trends, pointing to technology disruption, industry consolidation, and shifting regulations as key drivers of this change. The following trends also ranked among the top five:
  • Business model disruption – 46 percent
  • Changing global economic conditions – 46 percent
  • Cybersecurity threats – 38 percent
  • Competition for increasingly scarce talent – 36 percent…”




Now that is an interesting question!
Should Social Media be Considered Part of Critical Infrastructure?
Russia interfered in the U.S. 2016 election, but did not materially affect it. That is the public belief of the U.S. intelligence community. It is a serious accusation and has prompted calls for additions to the official 16 critical infrastructure categories. One idea is that 'national elections' should be included. A second, less obviously, is that social media should be categorized as a critical industry.
The reason for the latter is relatively simple: social media as a communications platform is being widely used by adversary organizations and nations to disseminate their own propaganda. This ranges from ISIS using it as a recruitment platform, to armies of Russian state-sponsored trolls manipulating public opinion via Twitter.
Russian interference, or opinion manipulation, has not been limited to the U.S. Both France and Germany worried about it prior to their own national elections.




A ‘backgrounder’ for my students.
CRS – The Net Neutrality Debate: Access to Broadband Networks
Via FAS – The Net Neutrality Debate: Access to Broadband Networks, Angele A. Gilroy, Specialist in Telecommunications Policy. November 22, 2017.
“As congressional policymakers continue to debate telecommunications reform, a major discussion point revolves around what approach should be taken to ensure unfettered access to the Internet. The move to place restrictions on the owners of the networks that compose and provide access to the Internet, to ensure equal access and non discriminatory treatment, is referred to as “net neutrality.” While there is no single accepted definition of “net neutrality,” most agree that any such definition should include the general principles that owners of the networks that compose and provide access to the Internet should not control how consumers lawfully use that network, and they should not be able to discriminate against content provider access to that network…”




Action or no action, it’s still a political statement.
Why Twitter didn't delete anti-Muslim tweets
… Asked why the original tweets have not been deleted, a Twitter spokesperson said:
"To help ensure people have an opportunity to see every side of an issue, there may be the rare occasion when we allow controversial content or behavior which may otherwise violate our rules to remain on our service because we believe there is a legitimate public interest in its availability."
"Each situation is evaluated on a case by case basis and ultimately decided upon by a cross-functional team," the spokesperson added.
… Twitter appears to have acknowledged, however, that the tweets constitute "sensitive media," which means they depict "some forms of graphic violence or adult content."
Users with their accounts set to avoid sensitive media are warned that the videos "may contain sensitive material" and need to click through before being able to view them.




For me students who need real information. Listen or read.
How Can We Curb Fake News?
The internet is a minefield of fake news, alternative facts, bogus videos and doctored images — all masquerading as the real thing. The prevalence of false information has become so great it is often difficult to know whether “news” is authentic. Historian, economist and writer Bruce Bartlett’s new book aims to help readers in the vetting process. The Truth Matters: A Citizen’s Guide To Separating Facts From Lies And Stopping Fake News In Its Tracks offers advice against bias, and insight into the complex media landscape. Bartlett, a former White House adviser under Presidents Ronald Reagan and George H.W. Bush, is also the author of many other books and articles. He recently joined the Knowledge@Wharton show on Wharton Business Radio on SiriusXM channel 111 to talk about his latest work.
An edited transcript of the conversation follows.




You are what you drive?
Google Street View photos provide detailed accurate neighborhood demographics
Washington Post – “A team of computer scientists has derived accurate, neighborhood-level estimates of the racial, economic and political characteristics of 200 U.S. cities using an unlikely data source — Google Street View images of people’s cars. Published this week in the Proceedings of the National Academy of Sciences, the report details how the scientists extracted 50 million photographs of street scenes captured by Google’s Street View cars in 2013 and 2014. They then trained a computer algorithm to identify the make, model and year of 22 million automobiles appearing in neighborhoods in those images, parked outside homes or driving down the street…”




It’s so easy you don’t think you’re programming!
If you have not heard about IFTTT, then this guide is for you.
If This Then That” is a free web-based service that gives you something better than the sum of its parts. The parts are the apps and devices you can connect together to create new experiences.
… The best thing about IFTTT? You don’t have to be a technological whizkid to use the automation. Most of the magic is already baked for you. Read on to discover all of its secrets.




A headline for my Spreadsheet students!
Finance Pros Say You’ll Have to Pry Excel Out of Their Cold, Dead Hands
… Last week, The Wall Street Journal published a short article with the headline "Stop Using Excel, Finance Chiefs Tell Staff.” This humble story stirred up a tempest that grew to include hundreds of online comments, emails and social-media posts. Arguments erupted on LinkedIn and Reddit that, some readers say, continued at the Thanksgiving table.




I guess some of my students will be building robots.
… Once constructed, your robot might be able to utter commands when a condition is met (perhaps a sensor detects motion). Or it might move around, learning about its surroundings, or reading information to you from Wikipedia.
Whatever you have in mind, it should be relatively straightforward to plan and execute. It may take some time, however. Here are five example projects that show how you can combine a Raspberry Pi 2 or later with your favorite fictional robot.


Thursday, November 30, 2017

...and this from the people we trust to keep us safe?
Insiders Accused of Stealing Personal Data From Homeland Security
… Three employees in the inspector general’s office for the Department of Homeland Security stole a computer system that contained sensitive personal information of about 246,000 agency employees, according to three United States officials and a report sent to Congress last week. They planned to modify the office’s proprietary software for managing investigative and disciplinary cases so that they could market and sell it to other inspector general offices across the federal government.




What my Computer Security students have in their future.
Five Emerging Threats That Worry Global Security Professionals
Over the next year, five separate threats will have one major effect: the current rate of security breaches will increase and worsen. This is the view of the Information Security Forum (ISF), an international network of more than 10,000 security professionals.
The five primary threats to cyber security are the continuing evolution of crime-as-a-service; the effect of unmanaged IoT risk; the complexity of regulation; the supply chain; and a mismatch between Board expectation and Security capability.




Mandatory reading for my Computer Security students.
Here's What I'm Telling US Congress about Data Breaches
… My task is to ensure that the folks at the hearing understand how prevalent breaches are, how broadly they're distributed and the resultant impact on identity verification via knowledge-based authentication.
… That said, who knows what I'll be asked by congressmen and congresswomen on the day and they may well question what can be done to combat the alarming rise in these incidents.




Suggested reading for all my students.


(Related) And a detection tool.




Retirement is hard work, but I doubt a robot will replace me.
McKinsey – What the future of work will mean for jobs, skills, and wages
As many as 375 million workers around the world may need to switch occupational categories and learn new skills…McKinsey Global Institute’s latest report, Jobs lost, jobs gained: Workforce transitions in a time of automation (PDF–5MB), assesses the number and types of jobs that might be created under different scenarios through 2030 and compares that to the jobs that could be lost to automation…”




Food for thought?
Do We Have Moral Obligations to Robots?
In 1920, the Czech novelist and playwright Karel Čapek wrote the stage play R. U. R. (Rossum’s Universal Robots) in which the Rossum company makes “robots,” synthetic beings who think and feel. Robots are barely distinguishable from real people but are designed to serve humanity as slaves. The word “robot” was coined in this play, coming from word roots in Czech that mean “forced labor” and “slave.” These artificial beings rebel against their enslavement, wipe out humanity, and as the play ends are about to reproduce themselves to create a new race.
R. U. R. achieved global fame after its 1921 premiere in Prague and has been regularly revived since, because the issue it introduced remains unresolved: If we could make synthetic beings, what would be our moral obligations to them and their moral obligations to us? These questions have become more meaningful since Čapek’s time, when R. U. R. was pure fantasy. Now we may be able to actually make such beings thanks to advances in robotics, artificial intelligence (AI), and genetic engineering.




Another massive list of useful sites.
New on LLRX – eReference Library Link Dataset Toolkit 2018
Via LLRXeReference Library Link Dataset Toolkit 2018Marcus Zillman’s guide is a comprehensive link dataset toolkit of electronic reference resources and services currently available on the Internet. Zillman provides researchers with a wide ranging A-Z pathfinder of subject matter specific sources, sites and services that provide researchers with actionable information on topical issues including: business, dictionaries and digital archives, the economy, education, energy, governance, law and legislation, news, online services provided by librarians, information maintained by US and global organizations (public, private, industry, news, academic/scholarly, government), sciences, and more.


Wednesday, November 29, 2017

My Computer Security students have heard about the dangers of default passwords repeatedly!
MacOS High Sierra Users: Change Root Password Now
A newly-discovered flaw in macOS High Sierra — Apple’s latest iteration of its operating system — allows anyone with local (and, apparently in some cases, remote) access to the machine to log in as the all-powerful “root” user without supplying a password. Fortunately, there is a simple fix for this until Apple patches this inexplicable bug: Change the root account’s password now.




No doubt they’ll have some explaining to do.
HP stealthily installs new spyware called HP Touchpoint Analytics Client
Hard to imagine in this age of privacy scandals, but HP is installing a telemetry client on its customers’ computers — and it isn’t offering any warning, or asking permission, before delivering the payload.
… Martin Brinkmann on ghacks has a detailed accounting of the spyware and how to remove it. He gives step-by-step instructions for disabling the HP Touchpoint Analytics Client in your Services listing, as well as deleting the HP Touchpoint Manager.
What were they thinking?




...If the camera is always on… Sit like a gunslinger in the old west, with your back to the wall.
Snoopers beware: Google's AI can now spot shoulder-surfers peeking at your screen
Google researchers have developed a privacy application that can instantly detect when a stranger glances at your screen over your shoulder.
… The pair haven't released a paper that explains technology, but a video demonstration suggests they've installed a lightweight machine-learning model on a Pixel smartphone that uses its front-facing camera for rapid gaze detection.
When the user holds a phone up to chat or view a private video, say, on a train or other crowded place, the algorithm will detect when someone else from behind begins looking at the screen too. The video shows that the algorithm can detect a stranger's gaze within milliseconds.




Another camera capture.
Facebook’s New Captcha Test: 'Upload A Clear Photo of Your Face'
Facebook may soon ask you to "upload a photo of yourself that clearly shows your face," to prove you're not a bot.
The company is using a new kind of captcha to verify whether a user is a real person. According to a screenshot of the identity test shared on Twitter on Tuesday and verified by Facebook, the prompt says: “Please upload a photo of yourself that clearly shows your face. We’ll check it [Against what? Bob] and then permanently delete it from our servers.”




Because the FBI will start talking about the impossibility of investigating terrorists is they can’t break encryption.
Kendall Howell reports:
The spread of commercially available encryption products has made it harder for law enforcement officials to access to information that relates to criminal and national security investigations. In October, FBI Director Christopher Wray said that in an 11-month period, the FBI had been unable to extract data from more than 6,900 devices; that is over half of the devices it had attempted to unlock. It’s a “huge, huge problem,” Wray said. One might think that a way around this problem is for the government to order the user to produce the password to the device. But such an order might face a big hurdle: the Fifth Amendment. A handful of cases have emerged in recent years on the applicability of the Fifth Amendment to demands for passwords to encrypted devices. The protections afforded by the amendment depend on, among other things, whether the password involves biometric verification via a unique physical feature, or the more typical string of characters (passcode). As we will see, the government has a bit more leeway under the Fifth Amendment to insist on the decryption of personal computing devices using biometric passwords that—as in the new iPhone X—are increasingly prevalent.
Read more on Lawfare.




Amazing that no one objected.
Judge delays Waymo trial after Uber withholds alleged evidence
… Jacobs testified at Tuesday's hearing that Uber deliberately used messaging technology to avoid leaving a paper trail, including apps that automatically delete correspondence. He said that a special team at Uber was tasked with gathering code and trade secrets from competing businesses. According to the 37-page letter from his lawyer, that team also worked “to evade, impede, obstruct, influence several ongoing lawsuits against Uber,” several reports said.
The letter that prompted the judge to delay the trial was brought to the court's attention by the Department of Justice. Federal prosecutors are using the same document to investigate Uber's alleged efforts to steal trade secrets from competitors, according to the Associated Press.




Another company’s ill advised actions. Perhaps they should hire a real lawyer?
Epic Games is suing a 14 year old for making a cheat tutorial and his brilliant mother is PISSED
… A 14 year old boy named Caleb “Sky Orbit” Rogers made a video in which he demonstrated the use of one of these hacks. In response, the company sent Youtube a heavy-handed copyright takedown, claiming that capturing incidental footage of gameplay was a copyright violation, and that demonstrating the functionality of one of these aftermarket add-ons is also a copyright violation.
Then Caleb Rogers correctly asserted that there was no copyright infringement here. Videos that capture small snippets of a videogame do not violate that game creator's copyrights, because they are fair use: they take a small part of the work (not the core of the work), for a critical purpose, without creating a substitute market for the work. No one who watches a 14 year old's screen capture of a videogame will decide that it's as much fun as playing the game.
When Caleb Rogers filed a put-back notice with Youtube that reinstated his video, Epic responded by filing a lawsuit against him, repeating the incorrect claim that Rogers' video was a copyright infringing derivative work, and claiming that Rogers had formed, and then breached, a contract with Epic by playing their game and then talking about how to cheat in it.
In response, Rogers' mother, Lauren Rogers, has filed an outstanding memo with the court explaining some of the problems with Epic's suit. She points out that Epic claims that her minor child is incapable of forming a contract, so he can't have breached a contract by violating the game's EULA. She adds that Epic published news releases that identified her minor child by name, breaching child protection law. She says that Epic is just wrong when they claim that Caleb was selling the cheat software. Finally, she says that it's impossible that a cheat program deprived the company of income from its free-to-play game, because the game was free-to-play.




Every now and then, a straight line comes along that requires nothing additional from me. (Please tell me this is “Fake News’ or an April Fools gag.)
Jasper Hamill reports:
A British company has released the first pictures of a ‘smart condom’ which collects very intimate data about the sex life of anyone brave enough to wear it. The device is called the i.Con and can detect STIs as well as sending data about a sex session straight to the wearer’s smartphone. British Condoms said its ‘revolutionary wearable tech for the bedroom’ measures the number of calories burned during intercourse, the speed of a man’s thrusts, how long he lasts and even what positions are used.
Read more on Metro.
And I guess I should say thank you to the reader who sent in this item. Let’s see how long it takes before we get a report of a privacy or data security breach involving this latest entry into IoT.




I’m learning about “music listening” from my niece and nephew who both want immediate access to anything they listen to.
Are you an audiophile? If so, you can find hundreds of websites that provide audiophiles with ways to listen to, discover, and buy music. But with so many out there, what are the essential sites you should bookmark?
As is our wont here at MakeUseOf, we have uncovered the biggest sites for music fans in several categories. Whether you want to buy an album, stream endless songs, discover new music, or just learn more about it, these pages have what you’re looking for…


Tuesday, November 28, 2017

What does the botched handling of a security breach cost?
SoftBank Bids to Buy Uber Shares for 30% Less Than Current Value




Worms, one each, large can.
Facebook rolls out AI to detect suicidal posts before they’re reported
This is software to save lives. Facebook’s new “proactive detection” artificial intelligence technology will scan all posts for patterns of suicidal thoughts, and when necessary send mental health resources to the user at risk or their friends, or contact local first-responders. By using AI to flag worrisome posts to human moderators instead of waiting for user reports, Facebook can decrease how long it takes to send help.
Facebook previously tested using AI to detect troubling posts and more prominently surface suicide reporting options to friends in the U.S. Now Facebook is will scour all types of content around the world with this AI, except in the European Union, where General Data Protection Regulation privacy laws on profiling users based on sensitive information complicate the use of this tech.
… Unfortunately, after TechCrunch asked if there was a way for users to opt out, of having their posts a Facebook spokesperson responded that users cannot opt out. They noted that the feature is designed to enhance user safety, and that support resources offered by Facebook can be quickly dismissed if a user doesn’t want to see them.]




When politicians really, really, really want a big win.
This City Hall, brought to you by Amazon
There’s rising worry that corporations are taking over America. But after reviewing a slew of the bids by cities and states wooing Amazon’s massive second headquarters, I don’t think “takeover” quite captures what’s going on.
More like “surrender.”
Last month Amazon announced it got 238 offers for its new, proposed 50,000-employee HQ2. I set out to see what’s in them, but only about 30 have been released so far under public-record acts.
… Chicago has offered to let Amazon pocket $1.32 billion in income taxes paid by its own workers. This is truly perverse. Called a personal income-tax diversion, the workers must still pay the full taxes, but instead of the state getting the money to use for schools, roads or whatever, Amazon would get to keep it all instead.
… Most of the HQ2 bids had more traditional sweeteners. Such as Chula Vista, California, which offered to give Amazon 85 acres of land for free (value: $100 million) and to excuse any property taxes on HQ2 for 30 years ($300 million). New Jersey remains the dollar king of the subsidy sweepstakes, having offered Amazon $7 billion to build in Newark.




Perspective.
How Artificial Intelligence Is Powering Everyday Tasks
… More companies are jumping into AI development. Frank Chen, a partner at top venture capital firm Andreessen Horowitz, said many of the roughly 1,500 startups his firm sees annually began turning to AI two years ago. “Now, 60% to 70% of the companies we see self-identify as an AI startup,” he said at the conference. Chen predicted that AI will become as pervasive in business as databases did because of its usefulness. Databases are “so generally useful, they got assigned to all the applications. AI is exactly the same,” he added. “AI is going to get into everything.”
Chen added that investors will soon stop looking specifically for AI startups, and instead assume that all startups are using AI in some form.
Everlaw helps lawyers prepare for trials. The first step in any trial is the gathering of evidence. The startup uses AI to do things like read documents to find ones helpful to the lawyer’s case and identify those that need to be sent to the opposition to avoid a mistrial.




If I was a student, I’d try anything that might help. Just saying…
GradeProof Helps Students Improve Their Papers
GradeProof is a service designed to help students improve their writing. GradeProof lets students either import documents or write documents within the GradeProof editor. Either way that the students use, the next step is the same. GradeProof identifies spelling, grammar, and phrasing errors within a student's writing. GradeProof highlights and color codes the errors that it identifies for students. Students can then click on each highlighted error to see a suggested change. Students can click on each suggested change to immediately implement the change.
GradeProof lets students import documents from Google Docs and Dropbox. Students can also upload Word files. A third option is to just write a document from scratch in the GradeProof editor.
GradeProof operates on a freemium model. With a free account students can use GradeProof to identify spelling, grammar, and phrasing mistakes. A paid account will evaluate those things as well as suggest changes to improve the eloquence of statements. Paid accounts also identify phrases that might have been plagiarized intentionally or unintentionally.




Yes. I want one.
Here’s How You Can Snag One Of The Army’s Surplus M1911 Pistols


Monday, November 27, 2017

A Dilbert I should send to the Boards of Directors of every company suffering a major security breach.




I’ve been pounding number 5 into my Computer Security students. New technology developers do not study history, especially the history of computer security.
WSJ – The 6 Laws of Technology Everyone Should Know
Professor who summarized the impact of technology on society 30 years ago seems prescient now, in the age of smartphones and social media – “Three decades ago, a historian wrote six laws to explain society’s unease with the power and pervasiveness of technology. Though based on historical examples taken from the Cold War, the laws read as a cheat sheet for explaining our era of Facebook, Google, the iPhone and FOMO. You’ve probably never heard of these principles or their author, Melvin Kranzberg, a professor of the history of technology at Georgia Institute of Technology who died in 1995. What’s a bigger shame is that most of the innovators today, who are building the services and tools that have upended society, don’t know them, either. Fortunately, the laws have been passed down by a small group of technologists who say they have profoundly impacted their thinking. The text should serve as a foundation—something like a Hippocratic oath—for all people who build things…
  1. ‘Technology is neither good nor bad; nor is it neutral..’
  2. ‘Invention is the mother of necessity…’
  3. ‘Technology comes in packages, big and small…
  4. ‘Although technology might be a prime element in many public issues, nontechnical factors take precedence in technology-policy decisions…’
  5. ‘All history is relevant, but the history of technology is the most relevant…’
  6. ‘Technology is a very human activity…’




Some thoughts for my Computer Security students.
An editorial by the New York Times editorial board begins:
How hard should it be for the police to get hold of reams of data showing every place you’ve been for months?
The Supreme Court will confront that question on Wednesday when it hears oral arguments in one of the biggest Fourth Amendment cases in years.
In 2013, Timothy Carpenter was convicted of being the ringleader behind a series of armed robberies of cellphone stores in and around Detroit, and was sentenced to almost 116 years in prison. His conviction was secured in part based on 127 days of location data that his cellphone service provider turned over to the police, showing that his phone had been in the vicinity of several of the robberies.
Read more on the New York Times.
[From the editorial:
As a federal judge in a separate case put it, “A person who knows all of another’s travels can deduce whether he is a weekly churchgoer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups — and not just one such fact about a person, but all such facts.”




It’s for your own good?
Rebecca Hill reports:
The UK’s Court of Appeal has ruled that the body that oversees the nation’s intelligence agencies cannot be held subject to a judicial review under active laws.
In a judgment handed down yesterday, the court rejected an argument from campaign group Privacy International that aimed to use case law to back up its the right to appeal a decision from the Investigatory Powers Tribunal.
Read more on The Register.




What is the thinking here? Is there ever a good reason to NOT tell hacker targets?
FBI Didn't Tell Americans Targeted By Russians For Emails: AP
The FBI failed to notify scores of U.S. officials that Russian hackers were trying to break into their personal Gmail accounts despite having evidence for at least a year that the targets were in the Kremlin's crosshairs, The Associated Press has found.
Nearly 80 interviews with Americans targeted by Fancy Bear, a Russian government-aligned cyberespionage group, turned up only two cases in which the FBI had provided a heads-up. Even senior policymakers discovered they were targets only when the AP told them, a situation some described as bizarre and dispiriting.
… Three people familiar with the matter — including a current and a former government official — said the FBI has known for more than a year the details of Fancy Bear's attempts to break into Gmail inboxes. A senior FBI official, who was not authorized to publicly discuss the hacking operation because of its sensitivity, declined to comment on timing but said that the bureau was overwhelmed by the sheer number of attempted hacks. [That would seem to make it even more important to let potential victims know. Bob]




Could be useful. Know when to vent and to whom.
IssueVoter supports direct communications between voters and elected officials
FastCompany: “A site called IssueVoter is designed to make it much simpler to follow what elected officials are doing, easily share opinions about proposed bills, and track the results of votes. “I use this analogy: When you hire someone, and you pay and promote them, you get to see their work and evaluate the work they’re doing,” says Maria Yuan, IssueVoter founder and CEO. “But when we vote for someone we don’t necessarily see the work they’re doing, yet we do continue to reelect our elected officials.” Before a vote, the site sends users targeted alerts outlining the arguments for and against the bill. After reading the details, users can click a simple “oppose” or “support” button to send their representative’s office an anonymous message with their opinion. (Contrary to some stereotypes, legislators do care what voters think about issues–and staffers keep tallies of constituent sentiment).
Via IssueVoter:
… You can share an issue on your favorite social network, without revealing your personal opinion. Act on issues that don’t make headlines. We don’t only tell you about what is breaking the news; we check for updates every hour to make sure you have the latest information. Become an informed voter.




Would this work in other industries?
HBS – How Independent Bookstores Have Thrived in Spite of Amazon.com
Harvard Business School: “Ryan Raffaelli set out to discover how independent bookstores managed to survive and even thrive in spite of competition from Amazon and other online retailers. His initial findings reveal how much consumers still value community and personal contact.”
“When Amazon.com burst onto the nascent online retail scene in 1995, the future seemed bleak for brick-and-mortar independent bookstores—which already faced competition from superstores like Barnes & Noble and Borders. Indeed, between 1995 and 2000, the number of independent bookstores in the United States plummeted 43 percent, according to the American Booksellers Association (ABA), a nonprofit trade association dedicated to the promotion of independent bookstores. But then a funny thing happened. While pressure from Amazon forced Borders out of business in 2011, indie bookstores staged an unexpected comeback. Between 2009 and 2015, the ABA reported a 35 percent growth in the number of independent booksellers, from 1,651 stores to 2,227… Here are some of Raffaelli’s key findings so far, based on what he has found to be the “3 C’s” of independent bookselling’s resurgence: community, curation, and convening…”




Includes instructions for removing metadata…
10 Microsoft Word Hacks For Legal Professionals
“When you’re working hard to meet tight deadlines, you don’t have time to painstakingly bold every title in your document or fiddle with mysterious formatting inconsistencies at the 11th hour. Word can do more than you think. There are plenty of options for getting the program to work for you so that you always meet your deadlines and are confident in the accuracy of your documents. Here are 10 simple Microsoft Word features that every lawyer should know…”




Cheaper than a new computer?




Dealing with clickbait.
You’re on Facebook. You see a clickbait title you can’t resist. You click on it only to discover you have to click through 20 different pages just to see the whole article. Annoying, right?
Luckily, there are a few easy to use tools out there that can quickly convert an annoying slideshow article into one convenient and easy-to-read page.


Sunday, November 26, 2017

A simple tactic, don’t let them communicate and they can’t organize.
Twitter reports disrupted service amid uproar in Pakistan
Twitter said Saturday that some of its users had experienced disrupted service in Pakistan after reports that the government blocked social media sites in the country amid violent clashes between police and protesters near the capital of Islamabad.
"We are aware of reports that the Pakistani government has taken action to block Twitter service, as well as other social media services, and that users are having difficulty using Twitter in Pakistan," Twitter announced via its public policy account. "We are monitoring the situation and hope service will be fully restored soon."
A Pakistani government body that regulates electronic media took TV broadcasts off the air while major sites including Facebook, YouTube and Twitter were blocked as violence broke out, according The Associated Press.




Upping the ante? Or a simple way to alert readers?
Russia will now label the reporting of global news outlets as the work of “foreign agents”
According to a new law signed by Russian president Vladimir Putin on Saturday (Nov. 26), the Russian government now has the power to label media outlets that receive funding from outside Russia as “foreign agents.”
The law is retaliatory. Russian officials have called it a “symmetrical response” to the US Department of Justice’s requirement that the American affiliate of the Russian state-run TV news outlet RT identify itself as a “foreign agent,” in the wake of accusations that the Russian government meddled in the election of US president Donald Trump. While the registration is a new development, it was in accordance with an old US law, the Foreign Agents Registration Act (FARA), which was passed in 1938 to combat Nazi propaganda in the US.




A simple 180 turn?
Back in 2005, a small phone company based in North Carolina named Madison River began preventing its subscribers from making phone calls using the internet application Vonage.




For you history nuts.
An Illustrated History of Donald Trump’s Hair. Warning! Don’t Read Before Lunch!




Very Trump-esque.