Saturday, April 14, 2018

How difficult is it to monitor the elections in every country in which you do business and then understand the culture enough to know when a statement should be challenged. (Did Huey Long really say, “My opponent is a practicing heterosexual!”)
Facebook, Google And Twitter's Other Election Problem Is Their Largest Market: India
… This year, India, the world’s largest democracy, will hold several key state and national elections that will determine if India’s polarizing prime minister, Narendra Modi, gets a second term in early 2019 — and experts worry that US tech companies aren’t doing enough to ensure that their platforms aren’t used to influence or disrupt the democratic process.
A perfect storm of political polarization, digital naïveté, illiteracy, and a lack of meaningful steps from the platforms themselves has left India’s electorate uniquely vulnerable to being manipulated online.
[Consider these words:

Something for my Software Architecture students. AKA: ‘Ready, Fire, Aim’
Implement First, Ask Questions Later (or Not at All)
… As part of a larger study on changes in technology implementation, my team spent two years collecting survey and interview data about the evolving relationship between business and technology. We talked to people in business roles and technology roles at companies across a range of industries. The most significant finding was the rapid death of detailed requirements analysis and modeling. Among survey respondents, 71% believed that technology can be deployed without a specific problem in mind. Just one-third said they have a clearly defined process for the adoption of emerging technology. Perhaps most surprising, half of the respondents described their pilot initiatives — small-scale, low-cost, rapid testing of new technology — as “purely experimental,” with no requirements analysis at all.
We heard a consistent theme. As one business process manager at a Fortune 100 pharmaceutical company put it, “We’ve abandoned the strict ‘requirements-first, technology-second’ adoption process, whatever that really means. Why? Because we want to stay agile and competitive and want to leverage new technologies. Gathering requirements takes forever and hasn’t made our past projects more successful.

These do confuse me. Would Google have to determine if the requester was remorseful?
Google loses landmark 'right to be forgotten' case
A businessman has won his legal action to remove search results about a criminal conviction in a landmark “right to be forgotten” case that could have wide-ranging repercussions.
The ruling was made by Mr Justice Warby in London on Friday. The judge rejected a similar claim brought by a second businessman who was jailed for a more serious offence.
… Explaining his decision, the judge said NT1 continued to mislead the public, whereas NT2 had shown remorse

Since having a backup driver didn’t help Tesla avoid a pedestrian, why bother with one at all?
Exclusive: Waymo applies for no-driver testing in California
… Waymo confirmed Friday that it had submitted an application to the California Department of Motor Vehicles to test cars without a backup driver behind the wheel. So far, only two companies have applied for such permits, and the other company’s identity has not been publicly revealed.
… The DMV confirmed that it has now received applications from two companies for no-driver testing, which became legal in the state on April 2. The department has not identified either company.

Friday, April 13, 2018

It’s amazing how quiet CyberWar is.
U.K. Launched Major Cyberattack on Islamic State: Spy Chief
The head of Britain’s Government Communications Headquarters (GCHQ) revealed this week that the U.K. has launched a major cyberattack on the Islamic State (IS) group, significantly disrupting its operations.
The attack was launched by the GCHQ in collaboration with the U.K. Ministry of Defence. The operation was the “first time the UK has systematically and persistently degraded an adversary’s online efforts as part of a wider military campaign,” GCHQ director Jeremy Fleming told an audience at the Cyber UK conference in Manchester.
According to Fleming, these operations have been aimed at disrupting services or a specific online activity, deter an individual or group, or destroy equipment and networks used by the Islamic State, which is also known as ISIL, ISIS and Daesh.
In 2017 there were times when Daesh found it almost impossible to spread their hate online, to use their normal channels to spread their rhetoric, or trust their publications. Of course, the job is never done – they will continue to evade and reinvent. But this campaign shows how targeted and effective offensive cyber can be,” Fleming said.
… “From a legal point of view, it may be a tricky question, however,” Kolochenko added, “as some of their targets may be European or American citizens, raising complicated issues of the international law.”
The US military's secretive Cyber Command (CYBERCOM) and Europol have also been conducting operations aimed at the Islamic State’s online activities.

So, Apple phones were never really that secure?
iPhone unlocking tool GrayKey sees increased use across all levels of law enforcement
Back in early 2016, Apple famously refused to assist the FBI in unlocking an iPhone 5c belonging to Syed Rizwan Farook, one of the shooters in that year's San Bernardino attack. The FBI later got into the device on their own, setting off an entire round of disputes between the company and federal law enforcement.
Both federal law enforcement and local police departments have begun using GrayKey, a relatively inexpensive encryption bypass tool, and other tools like it, according to an investigative piece published by Motherboard.
Vice found, using public records requests, that the State Department has purchased GrayKey technology, as have the Indiana and Maryland State Police. The Secret Service and Drug Enforcement Agency are planning to, and the Indianapolis and Miami-Dade police departments either have bought the equipment or have sought it.
… The device can unlock an iPhone in a matter of hours for a four-digit passcode, but six-digit passcodes, now the standard, can take as long as three days, according to an analysis by MalwareBytes.

Describing an increasingly significant target for the coming cyberwar?
The Smart Grid: Status and Outlook
CRS report via FAS – The Smart Grid: Status and Outlook. Richard J. Campbell, Specialist in Energy Policy. April 10, 2018. “The electrical grid in the United States comprises all of the power plants generating electricity, together with the transmission and distribution lines and systems that bring power to end-use customers. The “grid” also connects the many publicly and privately owned electric utility and power companies in different states and regions of the United States. However, with changes in federal law, regulatory changes, and the aging of the electric power infrastructure as drivers, the grid is changing from a largely patchwork system built to serve the needs of individual electric utility companies to essentially a national interconnected system, accommodating massive transfers of electrical energy among regions of the United States. The modernization of the grid to accommodate today’s more complex power flows, serve reliability needs, and meet future projected uses is leading to the incorporation of electronic intelligence capabilities for power control purposes and operations monitoring. The “Smart Grid” is the name given to this evolving intelligent electric power network. The U.S. Department of Energy (DOE) describes the Smart Grid as “an intelligent electricity grid—one that uses digital communications technology, information systems, and automation to detect and react to local changes in usage, improve system operating efficiency, and, in turn, reduce operating costs while maintaining high system reliability.”

Why no fine? Have they “agreed” to be treated just like everyone else?
Uber agrees to revised settlement with FTC following revelation of 2016 data breach
Uber has agreed to expand a settlement it reached with the Federal Trade Commission (FTC) last year in light of a massive data breach that the company revealed months after the agreement with regulators to settle previous privacy violations.
Like the previous settlement, which was reached in August, the revised agreement does not include a monetary fine for the breach that compromised information for 57 million people.
Under the terms of the new agreement, Uber has to disclose any future data breaches to the FTC or risk fines.

My Computer Security students will build their own encryption system.
Russian court bans access to Telegram messenger
A Russian court on Friday ordered that access to the Telegram messenger service should be blocked in Russia, Russian news agencies reported, heralding communication disruption for scores of users - including government officials.
The decision came a week after Russia’s state communication watchdog filed a lawsuit to limit access to Telegram messaging app following the company’s refusal to give Russian state security services access to its users messages.

An interesting commentary on a program that might be coming to a neighborhood near me.
Joe Cadillic doesn’t just advocate online. He’s active offline and in his community. After attending a recent public meeting on the use of the Boston police cam-share program, Joe submitted a letter to the editors of the Dorchester Reporter.
And not for nothing, but Joe tells me that after he made his public comments at the community hearing, the police told the attendees at the meeting that they didn’t appreciate Joe discussing it all in front of the public.
I just bet they didn’t appreciate it. You ROCK, Joe!
Here’s Joe’s submitted letter, reproduced with his permission:
BPD’s Community Cam-Share Privacy Concerns
I am a Clam Point resident who recently became aware of the Boston Police Department’s (BPD) new Community Cam-Share program.
Businesses sharing CCTV footage with police after a crime has been committed and police have issued a subpoena, has been going on for years with great success. Sharing video footage of an alleged crime aids law enforcement in arresting criminals and helps keep our neighborhoods safe.
But there are privacy concerns about the new cam-share program that business owners and residents should be aware of.
Police cam-share programs have been popping up across the country under different names like ProjectNola and Project Greenlight. These programs begin with police asking businesses and homeowners to voluntarily link their CCTV cameras to a police department but after a year or two they become mandatory.
A comment made by then District 11 Captain Tim Connolly to the Dorchester Reporter revealed how the police hope to eventually create a city wide surveillance network using community cam-share cameras. (
Connecting every CCTV camera to a city-wide surveillance center run by the Boston Regional Intelligence Center is disconcerting. Especially after it was just revealed that they have been secretly spying on residents social media without City Hall’s knowledge. (
Why does the BPD retain all rights to video footage from a business camera? Why aren’t business owners allowed to release any footage or still images at their own discretion? What precautions are in place to ensure it won’t be deleted or edited? (
With violent crimes in Boston and across the country declining or at all-time lows, the questions residents should be asking is why do we need more surveillance? Boston used to be known as the ‘cradle of liberty’, let’s keep it that way.
Joe Cadillic is a former private investigator, member of the Digital Fourth and a privacy, civil rights blogger. (

Good questions all, but it’s hard not to do better than the Senate.
What Wharton Faculty Would Have Asked Mark Zuckerberg
… Sen. Orrin Hatch (R-Utah), for example, asked Zuckerberg, “How do you sustain a business model in which users don’t pay for your services?” With a straight face, the Facebook CEO said, “Senator, we run ads.” Social media had a field day lampooning members of Congress with cheeky memes and YouTube video clips.

Perspective. Personal Computers are being replaced by several newer technologies. Can you name four or five?
Gartner: Global PC shipments fell 1.4% in Q1 2018, 14th straight quarter of decline
… Gartner and IDC analysts have pointed to a variety of factors as contributing to this past quarter’s decline, including component shortages and a rising bill for materials that translates to higher prices. The only consistent factor every quarter, however, is that the PC simply isn’t as in-demand as it once was.

Something for the toolkit!
NIST’s New Quantum Method Generates Really Random Numbers
“Researchers at the National Institute of Standards and Technology (NIST) have developed a method for generating numbers guaranteed to be random by quantum mechanics. Described in the April 12 issue of (link is external)Nature (link is external), the experimental technique surpasses all previous methods for ensuring the unpredictability of its random numbers and may enhance security and trust in cryptographic systems. The new NIST method generates digital bits (1s and 0s) with photons, or particles of light, using data generated in an improved version of a landmark 2015 NIST physics experiment. That experiment showed conclusively that what Einstein derided as “spooky action at a distance” is real. In the new work, researchers process the spooky output to certify and quantify the randomness available in the data and generate a string of much more random bits. Random numbers are used hundreds of billions of times a day to encrypt data in electronic networks. But these numbers are not certifiably random in an absolute sense. That’s because they are generated by software formulas or physical devices whose supposedly random output could be undermined by factors such as predictable sources of noise. Running statistical tests can help, but no statistical test on the output alone can absolutely guarantee that the output was unpredictable, especially if an adversary has tampered with the device…”

Thursday, April 12, 2018

Better security?
Major web browsers will support web-based fingerprint, facial authentication
“The World Wide Web Consortium (W3C), the entity that maintains the standards used across the internet, said on Monday, April 9, that Google, Microsoft, and Mozilla signed on to support web-based technology for biometric authentication. In other words, Chrome, Edge, and Firefox will soon support signing into online accounts using fingerprint scanners, voice authentication, facial recognition, and so on without additional software. The support for biometric logins stems from the Web Authentication (WebAuthn) standard submitted by the Fast Identity Online (FIDO) Alliance, another consortium focused on security solutions. It defines how browsers can utilize a component built into web pages that can access biometric-based hardware without any additional software or browser plugins installed on the user’s machine. Moreover, WebAuthn supports FIDO’s Client to Authenticator Protocol (CTAP). This specification enables an external device, such as a security key or smartphone, to authenticate an account or service through USB, Bluetooth, or NFC connectivity. Thus, if your desktop or laptop doesn’t include a fingerprint scanner or infrared camera, an external device could work as a substitute...”

Tools for personal Privacy.
Latest update to Privacy Badger brings a new onboarding process and other improvements
The new onboarding process will make Privacy Badger easier to use and understand. These latest changes are just some of the many improvements EFF has made to the project, with more to come! Privacy Badger was created with the objective of protecting users from third-party tracking across the web—all users. To do this, Privacy Badger needed a couple of key features:
  • The ability to catch sneaky trackers without completely breaking your browsing experience when possible.
  • Simple to use and understand.
Privacy Badger uses heuristics, meaning it observes and learns who is tracking you rather than maintaining a manual list of trackers. Even if there is a third-party tracker that is rather unknown, or new, Privacy Badger will see that tracker. If your Privacy Badger sees the tracker three times, it will block that tracker so you don’t have to wait for someone to eventually update that list. It’s also a matter of trust—Privacy Badger blocks by behavior and not by a third-party controlled list that might be sold to advertisers. Second, we try to make Privacy Badger simple and informative. Your Privacy Badger learns on its own and displays a badge showing how many trackers it has seen. If it breaks a website’s functionality, you can quickly disable Privacy Badger on that site…”

Are you keeping score?
Transcript of Zuckerberg’s appearance before House committee

Perspective. If a disease is rare, doctors need a tool like this to ensure they catch it. Doctors already rely on experts for skills like reading x-rays, why not trust machines when diagnosis relies on simple measurements?
AI software that helps doctors diagnose like specialists is approved by FDA
For the first time, the US Food and Drug Administration has approved an artificial intelligence diagnostic device that doesn’t need a specialized doctor to interpret the results. The software program, called IDx-DR, can detect a form of eye disease by looking at photos of the retina.
It works like this: A nurse or doctor uploads photos of the patient’s retina taken with a special retinal camera. The IDx-DR software algorithm first indicates whether the image uploaded is high-quality enough to get a result. Then, it analyzes the images to determine whether the patient does or does not have diabetic retinopathy, a form of eye disease where too much blood sugar damages the blood vessels in the back of the eye. Diabetic retinopathy is the most common vision complication for people with diabetes, but is still fairly rare — there are about 200,00 cases per year.

Gee. It sounded like such a good idea.
Anti-Trafficking Bill May Endanger The Lives of Sex Workers
On Wednesday, President Trump signed House Resolution 1865, commonly known under the acronym FOSTA, or Fight Online Sex Trafficking Act. The bill makes websites liable for what users say and do on their platforms, and gives federal and state prosecutors and attorney generals greater power to prosecute, in criminal and civil court, sites they believe are hosting sex trafficking ads.
Many advocacy groups have come forward to denounce the bill for undermining essential internet freedoms and endangering the lives of consensual sex workers.
On Friday, before the bill had gone into effect, Representative Mimi Walters tweeted that, “Thanks to #FOSTA with my #SESTA Amendment the Department of Justice has seized and affiliated websites that have knowingly facilitated the sale of underage minors for commercial sex.”
Counter to this claim, however, is the indictment that shows Backpage owners and staff have not been charged with trafficking, but rather with money laundering, and violation of the Travel Act for facilitating prostitution.
For many advocates, the distinction between trafficking and consensual sex work is conflated in this bill, creating dangerous situations for those engaged in sexual labor. By taking away relatively affordable advertising platforms for the sex trade that allow participants the time and agency to vet clients, the bill may, in fact, force sex workers to solicit unvetted clients on the streets and rely on pimps for safety.

Better student presentations?
How We Produce Common Craft Videos
You can still register for free and watch the replay!

Because it can’t hurt.

Wednesday, April 11, 2018

System design flaw? Is everything “unlimited” in this system? Should the system balk at transactions over $1 billion?
A major financial accident’: Samsung employee makes $140 billion ‘fat finger’ mistake
Last Friday, a Samsung Securities employee accidentally caused the company to pay out the massive dividend in the form of its own shares to more than 2000 employees who were members of the company stock-ownership scheme, The Wall Street Journal reported.
According to the paper, the dividend was supposed to be 1000 won ($1.21) per share, but the employee mistook the form of measurement, confusing won for shares, leading the company to issue a dividend that was 1000 times the value of each share held by the employees.
The mistake saw the company deposit 2.8 billion shares worth 111.8 trillion won ($140 billion) — more than 30 times the company’s existing issued shares — into employee accounts.
Shortly after receiving them, 16 staff members sold five million shares worth about $241 million. It took Samsung Securities 37 minutes to completely block employees from selling the accidental shares.

I like it! Can’t wait to see what shakes out.
Oooh. Pay attention, EU. Peter Teffer reports:
Companies operating in the EU that are currently hiding serious data breaches similar to those that rocked Facebook last month better disclose those before 25 May, or be prepared to pay serious fines.
On that date, the EU’s new general data protection regulation (GDPR) will come into force. The new EU bill will require that companies that process personal data inform the relevant data protection authority in case of a data breach.
If the compromised personal information is sensitive, companies will need to inform their customers too.
Failure to do so may lead to a fine, which could be up to €10m or two percent of the company’s annual turnover, whichever is higher.
A European Commission official confirmed on Monday (9 April) that data breaches that happened before 25 May, but are kept silent until after that, will also be liable for such a fine.
Read more on EUObserver.

My reading also. Lots of long questions (often improbable scenarios) to ensure each Senator had time on camera, then a simple rephrasing and a short answer from Mark.
Facebook CEO, Mark Zuckerberg comes out unscathed after first day of congressional hearing
… It was an interesting exchange. Senators tried to grill Zuck, but he seemed better prepared than the 44 U.S. Senators that questioned him. For the most part, Zuckerberg came out unharmed from the five hour long testimony.

Top 5 takeaways from day 1 of Mark Zuckerberg’s Senate testimony
Congress has no idea how Facebook works
A few of the Senators questioning Zuckerberg on Tuesday clearly understood the issues at hand. They took time to do their research, they understood how Facebook works, they had a clear grasp of what went wrong in the Cambridge Analytica ordeal, and they asked important questions in an effort to ensure Facebook is taking the proper measures in the aftermath of this scandal. They were the minority.
Most of the questions Zuckerberg had to field from Congress on Tuesday were basic, irrelevant, misguided, or flat-out embarrassing. Truth be told, we were pretty impressed with the Facebook CEO’s ability to figure out what Senators were trying to ask. Of course, some of the grandstanding was so confusing and misguided that Zuckerberg seemed to have no idea what was actually being asked of him. We can’t fault him there — we were often left baffled as well.
Facebook may some day offer a paid version of its service
People like targeted ads
Artificial intelligence is key to Facebook’s future
A big Facebook conspiracy theory was finally debunked
“Yes or no, does Facebook use audio obtained from mobile devices to enrich personal information about users?” Sen. Gary Peters asked.
Zuckerberg’s response left no room for interpretation: “No.”

Keyword searchable transcript of Facebook CEO Mark Zuckerberg Hearing on Data Privacy and Protection
C-SPAN video and keyword searchable text – Facebook CEO Mark Zuckerberg Hearing on Data Privacy and Protection. Mark Zuckerberg, the CEO of Facebook, testified before a joint hearing by the Senate Judiciary & Commerce Committees on access to user’s data, April 12,10, 2018.

Mark Zuckerberg's Net Worth Skyrocketed $3 Billion During His Senate Testimony and Could Rise Again Today

Services my Computer Security students must understand.
E-Discovery Company Catalyst Acquires TotalDiscovery for Legal Holds and Collections
The Denver-based e-discovery technology and services company Catalyst today announced that it has purchased a majority interest in TotalDiscovery, a company that provides a cloud-based legal hold and data collection platform.

Perspective. Here’s a fact, now tell me why.
Over 80% of teenagers prefer iPhone to Android — and that’s great news for Apple
… 82% of teens of teens currently own an iPhone, according to Piper Jaffray's "Teens Survey," which questions thousands of kids across 40 states with an average age of 16.
That's up from 78% in last fall, and it's the highest percentage of teen iPhone ownership Piper's seen in its survey.
iPhone ownership among teens could go even higher — 84% of teens say their next phone will be an iPhone.

Tuesday, April 10, 2018

Preparing my Computer Security students for their future…
Business-Critical Systems Increasingly Hit by Ransomware: Verizon 2018 DBIR
Ransomware has become the most prevalent type of malware and it has increasingly targeted business-critical systems, according to Verizon’s 2018 Data Breach Investigations Report (DBIR).
The 11th edition of the DBIR is based on data provided to Verizon by 67 organizations, and it covers more than 53,000 incidents and over 2,200 breaches across 65 countries.
According to Verizon, ransomware was found in 39% of cases involving malware. Experts believe ransomware has become so prevalent due to the fact that it’s easy to deploy — even for less skilled cybercriminals — and the risks and costs associated with conducting an operation are relatively small for the attacker.
Cybercriminals have increasingly started using ransomware to target mission-critical systems, such as file servers and databases, which causes more damage to the targeted organization compared to only desktop systems getting compromised.
Both an executive summary and the full report are available directly from Verizon in PDF format — no registration is required.

Critical Infrastructure Threat Is Much Worse Than We Thought
Adversaries Most Likely Want to Acquire a “Red Button” Capability That Can be Used to Shut Down the Power Grid
Last October the United States Computer Emergency Readiness Team (US-CERT) published a technical alert on advanced persistent threat (APT) activity targeting energy and other critical infrastructure sectors. Recently, it was updated with new information uncovered since the original report, and there are some interesting revelations this time around.
The boldest revelation is the decisive manner in which the unspecified “threat actors” are explicitly identified. There is no equivocation; what was once believed to be an amorphous “threat actor” has now been identified as the “Russian Government”.

A question for my students: Is the nominal increase in ‘ease of use’ worth the potential cost of reduced security?
You won't have to sign for credit card purchases much longer
For all of the progress the US has made in payment technology, it still clings to the past when it comes to credit card payments. You still have to sign for many in-person purchases, which is downright backwards in an era of chip-based cards and digital tokens. And the financial industry is finally ready to kiss them goodbye. As of later in April, four of the biggest credit card networks (AmEx, Discover, Mastercard and Visa) will no longer require signatures for these credit card transactions. It's up to retailers to decide whether or not to ditch handwritten approvals. As the New York Times noted, though, it's doubtful many retailers will keep up the tradition.

Should the watch have called an ambulance? ...the cops? Sounded an alarm? Tip for evil doers: Always take the watch!
Smart watch data helps Australian police close murder case
Australian police determined time of death in a murder case and other relevant information by carefully analyzing data collected by the victim’s Apple smartwatch.

Lets me discuss ‘standing’ and the future of self-driving cars?
Philip Yannella of Ballard Spahr writes:
Plaintiff lawyers’ continued search for damage theories to assert in claims arising from a data breach – or fear of a breach – received a potential setback this week when Chief Judge Michael Reagan of the United States District Court for the Southern District of Illinois permitted Fiat Chrysler and Harmon International to seek an interlocutory appeal of the court’s earlier ruling in Flynn v. Fiat Chrysler US that class plaintiffs had standing to bring their “car hacking” claims in federal court. The ruling comes just one month before the scheduled start of trial. Fiat Chrysler and Harmon moved for an appeal after the Ninth Circuit ruled in a similar case, Cahen v. Toyota Motor Corp, that plaintiffs did not have standing to pursue diminution in value damages against Toyota based on a fear that the vehicles were susceptible to hacking.
Read more on JDSupra.

More Analytics than Architecture.
Model-Based Structure: Key to Success in a Data-Driven World
… Modeling involves predictive and prescriptive analytics, also known as "advanced analytics," said Doug Henschen, principal analyst at Constellation Research.
"You're creating models to predict out into the future what's likely to happen," he told the E-Commerce Times, "and with business context, how you might react to that prediction to get to a better outcome."
Companies have been adding third-party data such as demographic, psychographic, weather and industry data, to account for outside influences and get to more accurate models, Henschen said.
They've begun using machine learning and deep learning approaches that create models based on the data itself as data stockpiles have grown.

Consider it a playground for geeks.
IBM lures developers with AI and machine learning projects
IBM recently launched a series of projects for developers to access open source code and services to build AI and machine learning applications. The vendor wants to democratize these technologies, so they can be easily accessed and consumed by developers in open source communities and within the enterprises, said Angel Diaz, IBM's vice president of developer advocacy and technology, who oversees the vendor's developer outreach.
IBM has expanded the focus of its Center for Open-Source Data and AI Technologies in San Francisco – formerly the Spark Technology Center – to cover the enterprise AI lifecycle, which examines the gamut of AI and machine learning technologies with an initial focus on deep learning, Diaz said at the IBM Think 2018 conference last month.
… MAX is an open source ecosystem for data scientists and AI developers to share and consume models that use machine learning engines, such as TensorFlow, PyTorch and Caffe2, Diaz said. It also provides a standard approach to classify, annotate, and deploy these models for prediction and inferencing. Developers can customize the models in IBM's new Watson Studio AI application development platform. Additionally, developers can train and deploy MAX models for production workloads that use Watson Studio, such as internet-of-things applications, said Guido Jouret, chief digital officer at ABB.

Turning Social Media From a Problem Into a Solution
… Darwin Ecosystem is one of a new class of companies that is artificial intelligence-centric. In this case, it uses the IBM Watson platform to analyze handwriting to determine personality types and changes in personality.
One of the interesting things it did during the last election was to analyze the candidates. It even created a dynamic graph so you could look at each key personality trait individually.
One of the interesting findings was that, over time, the personality differences between Clinton and Trump seemed to converge, while Sanders remained largely the same.

Perspective. Good bots vs. bad bots?
Bots in the Twittersphere
An estimated two-thirds of tweeted links to popular websites are posted by automated accounts – not human beings

Perspective. Does this ensure that no one will ever catch them?
Amazon spent nearly $23 billion on R&D last year — more than any other U.S. company

Just in case this doesn’t make the news today.
Congress releases Mark Zuckerberg's prepared testimony ahead of Wednesday's hearing

(Related) Look! We’re already doing something! (Since it isn’t costing us anything.)
Facebook Launches New Initiative to Help Scholars Assess Social Media’s Impact on Elections
Today, Facebook is announcing a new initiative to help provide independent, credible research about the role of social media in elections, as well as democracy more generally. It will be funded by the Laura and John Arnold Foundation, Democracy Fund, the William and Flora Hewlett Foundation, the John S. and James L. Knight Foundation, the Charles Koch Foundation, the Omidyar Network, and the Alfred P. Sloan Foundation.
At the heart of this initiative will be a group of scholars who will:
  • Define the research agenda;

For my know-it-all students.

Something for my website builders?
JuxtaposeJS - Create Side-by-Side Comparison Frames
JuxtaposeJS is a free tool for making and hosting side-by-side comparisons of images. The tool was designed to help people see before and after views of a location, a building, a person, or anything else that changes appearance over time. JuxtaposeJS will let you put the images into a slider frame that you can embed into a webpage where viewers can use the slider to reveal more or less of one of the images.
JuxtaposeJS is relatively easy to use. You don't need to register on the site in order to use the tool. Go to the site and click "Make a Juxtapose." That link will direct you to fill in the template with links to the two images that you want to compare (the images must be hosted online and publicly viewable). After adding your images you can add labels and credits where necessary. Click the publish button to get the embed code for your JuxtaposeJS interactive frame.
[I saw this story and knew I had to track down this technique:

Monday, April 09, 2018

Never a good idea. Leave this to the pros.
Cisco Switches in Iran, Russia Hacked in Apparent Pro-US Attack
Cisco devices belonging to organizations in Russia and Iran have been hijacked via their Smart Install feature. The compromised switches had their IOS image rewritten and their configuration changed to display a U.S. flag using ASCII art and the message “Don’t mess with our elections…”
The hackers, calling themselves “JHT,” told Motherboard that they wanted to send a message to government-backed hackers targeting “the United States and other countries.” They claim to have only caused damage to devices in Iran and Russia, while allegedly patching most devices found in countries such as the U.S. and U.K.
Iran’s Communication and Information Technology Ministry stated that the attack had impacted roughly 3,500 switches in the country, but said a vast majority were quickly restored.

Kicking around some scenarios with my Computer Security class.
The Moscow Midterms
The following is a rendering of what a worst-case Election Day scenario could look like, based on FiveThirtyEight’s interviews with voting and cybersecurity experts and state election officials, along with news reports and documents in the public record.

(How) Will Facebook Self-Regulate “Issue Ads” Intended to Affect U.S. Elections? The Details Matter a Lot
Via the NY Times comes news that Facebook will not only support passage of the Honest Ads Act (currently pending in committee where it may stay), but will also self-regulate “issue ads.” The self-regulation is important, because it may be that some government regulation in this area is unconstitutional.
… But Facebook is not a government actor, and it can choose to exclude these ads if paid for by foreign governments, or require disclosure of them. There’s no First Amendment problem with that at all, but it’s not clear exactly how this will work.

Free is good!
Berkeley offers its fastest-growing course – data science – online, for free
Berkeley News: “The fastest-growing course in UC Berkeley’s history — Foundations of Data Science — is being offered free online this spring for the first time through the campus’s online education hub, edX. Data science is becoming important to more and more people because the world is increasingly data-driven — and not just science and tech but the humanities, business and government. “You’ll learn to program when studying data science — but not for the primary purpose of building apps or games,” says Berkeley computer science Professor John DeNero. “Instead, we use programming to understand the world around us.” The course — Data 8X (Foundations of Data Science) — covers everything from testing hypotheses, applying statistical inferences, visualizing distributions and drawing conclusions, all while coding in Python and using real-world data sets. One lesson might take economic data from different countries over the years to track global economic growth. The next might use a data set of cell samples to create a classification algorithm that can diagnose breast cancer. (Learn more from a video on the Berkeley data science website.)

Sunday, April 08, 2018

Not the way to respond to any government’s concerns.
We Had To Stop Facebook”: When Anti-Muslim Violence Goes Viral
When the Sri Lankan government temporarily blocked access to Facebook last month amid a wave of violence against Muslims, it seemed like a radical move against new technology.
But in fact, government officials saw it as a last resort. It came after Facebook ignored years of calls from both the government and civil society groups to control ethno-nationalist accounts that spread hate speech and incited violence before deadly anti-Muslim riots broke out this year, BuzzFeed News has found.
Government officials, researchers, and local NGOs say they have pleaded with Facebook representatives from as far back as 2013 to better enforce the company’s own rules against using the platform to call for violence or to target people for their ethnicity or religious affiliation. They repeatedly raised the issue with Facebook representatives in private meetings, by sharing in-depth research, and in public forums. The company, they say, did next to nothing in response.

No doubt, Congress will be lobbied to extend Copyright again.
A Landslide of Classic Art Is About to Enter the Public Domain
The Great American Novel enters the public domain on January 1, 2019—quite literally. Not the concept, but the book by William Carlos Williams. It will be joined by hundreds of thousands of other books, musical scores, and films first published in the United States during 1923. It’s the first time since 1998 for a mass shift to the public domain of material protected under copyright. It’s also the beginning of a new annual tradition: For several decades from 2019 onward, each New Year’s Day will unleash a full year’s worth of works published 95 years earlier.
This coming January, Charlie Chaplin’s film The Pilgrim and Cecil B. DeMille’s The 10 Commandments will slip the shackles of ownership, allowing any individual or company to release them freely, mash them up with other work, or sell them with no restriction.