Saturday, July 31, 2010

The backroom of Behavioral Advertising? “Hey, someone has to gather the data!” (Article includes a Glossary and video introduction to Cookies)

http://www.pogowasright.org/?p=12481

Sites Feed Personal Details To New Tracking Industry

July 30, 2010 by Dissent

Julia Angwin and Tom McGinty have a must-read story in the Wall Street Journal:

The largest U.S. websites are installing new and intrusive consumer-tracking technologies on the computers of people visiting their sites—in some cases, more than 100 tracking tools at a time—a Wall Street Journal investigation has found.

[...]

n an effort to quantify the reach and sophistication of the tracking industry, the Journal examined the 50 most popular websites in the U.S. to measure the quantity and capabilities of the “cookies,” “beacons” and other trackers installed on a visitor’s computer by each site. Together, the 50 sites account for roughly 40% of U.S. page-views.

The 50 sites installed a total of 3,180 tracking files on a test computer used to conduct the study. Only one site, the encyclopedia Wikipedia.org, installed none. Twelve sites, including IAC/InterActive Corp.’s Dictionary.com, Comcast Corp.’s Comcast.net and Microsoft Corp.’s MSN.com, installed more than 100 tracking tools apiece in the course of the Journal’s test.

Read more in the Wall Street Journal.


(Related) You thought Cookies were bad? This pushes the Publishers Clearinghouse model to the breaking point. Imagine the calls to Brazil's 911: “Someone followed me home from the supermarket and now they're pounding on my door!”

http://www.pogowasright.org/?p=12486

Omo follows customers home with GPS-enabled products

July 30, 2010 by Dissent

Meghan Keane reports:

Privacy advocates may not be happy with brands tracking consumers online, but a Brazilian detergent brand is set to begin tracking customers in the real world. Starting next week, Omo is embedding 50 detergent boxes with GPS devices as part of a new video camera giveaway.

The campaign is sure to get Omo lots of attention, but the amount of privacy concessions necessary to make it all happen could prohibit GPS-enabled products from becoming a widely used marketing strategy.

Read more on Econsultancy.

[From the article:

"Fifty Omo boxes implanted with GPS devices have been scattered around Brazil, and Mr. Figueiredo has teams in 35 Brazilian cities ready to leap into action when a box is activated. The nearest team can reach the shopper's home 'within hours or days,' and if they're really close by, 'they may get to your house as soon as you do,' he said.

"Once there, the teams have portable equipment that lets them go floor by floor in apartment buildings until they find the correct unit, he said."

There are backup plans in place if things do not go smoothly with the unsuspecting customers. If the customer is hesitant to let the marketing team into his/her home, the group can "remotely activate a buzzer in the detergent box so that it starts beeping." And if something goes wrong with the search, or it takes too long, the boxes come equipped with a note explaining the promotion and prize offering (essentially the traditional approach to such things.)


(Related) Coming soon to a cubicle near you!

http://edition.cnn.com/2010/TECH/innovation/07/30/anybots.robots.office/index.html#fbid=_TZvT-Jj4iq

The robot that visits your cubicle

When Trevor Blackwell, CEO of a company called Anybots, wants to know what his employees are up to, he sends a robot to their cubicles.

… The 5-foot-6, 35-pound robot contains a video camera, a still camera and a microphone. From a laptop, Blackwell can see everything the robot sees. He hears what the robot hears. And, when he talks, the robot projects his voice.

Watch the company's demo video, and this will all make more sense

Blackwell says that this is how the office of tomorrow will work. Within a year or so, he says, every office in Silicon Valley, California, will have about one telepresence robot for every 10 employees. [Want to bet? Bob]



Perhaps there is hope for the younger generations...

http://arstechnica.com/web/news/2010/07/students-finally-wake-up-to-facebook-privacy-issues.ars

Students finally wake up to Facebook privacy issues

Students care about Facebook privacy more than the world thinks, and their use of privacy controls has skyrocketed recently, according to two researchers. Eszter Hargittai, Associate Professor of Northwestern University, and Danah Boyd, Research Associate at Harvard’s Berkman Center for Internet & Society published their findings in the online peer-reviewed journal First Monday, noting that young people are very engaged with the privacy settings on Facebook, contrary to the popular belief that their age group is reckless with what they post publicly.

… The one thing the researchers were unsure of was why so many Facebook users started tweaking their privacy controls so much between 2009 and 2010. One theory was that there was an increase in public attention on Facebook privacy just before and during that time



Always a good place to start the debate – with a definition of the “problem” (Lots of links worth following...)

http://www.pogowasright.org/?p=12474

Did we pronounce privacy dead this week?

July 30, 2010 by Dissent

Caroline McCarthy reports:

Does privacy exist anymore? Do we even know what it is? A conversation between digital academics Jeff Jarvis and Danah Boyd on Friday morning at the Supernova conference capped off a week in which many peoples’ perceptions of the tension between public and private data online were shaken (and stirred).

“We have no definition of privacy,” said Boyd, a charismatic Microsoft researcher who says she has spent the past two months working on a data-intensive analysis of news stories pertaining to Facebook’s ongoing privacy controversy. The massive social network has been criticized by bloggers, advocates, and lawmakers for an allegedly cavalier attitude toward the privacy of its user base–but its astonishing growth has continued, and the social network propelled past 500 million members last week. “We don’t know what we’re talking about, the (members of the) press certainly don’t know what they’re talking about, (and) the spokespeople don’t know what they’re talking about.” [Does this speaker know what she is talking about? Bob]

Read more on cnet.



For my Ethical Hackers: How to be a Social Engineer

http://news.slashdot.org/story/10/07/30/2230224/DefCon-Contest-Rattles-FBIs-Nerves?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

DefCon Contest Rattles FBI's Nerves

Posted by Soulskill on Friday July 30, @07:34PM

"A DefCon contest that invites contestants to trick employees at 30 US corporations into revealing not-so-sensitive data has rattled nerves at the FBI. Chris Hadnagy, who is organizing the contest, also noted concerns from the financial industry, which fears hackers will target personal information. The contest will run for three days, with participants attempting to unearth data from an undisclosed list of about 30 US companies. [Is your company on the list? Bob] The contest will take place in a room in the Riviera hotel in Las Vegas furnished with a soundproof booth and a speaker, so an audience can hear the contestants call companies and try to weasel out what data they can get from unwitting employees."

The group organizing the contest has established a strict set of rules to ensure participants don't violate any laws.

Update: 07/31 04:45 GMT by S : PCWorld has coverage of one of the day's more successful attacks.



Geek tools. Speed your boot and secure your flash drive.

http://www.smashingapps.com/2010/07/29/the-5-really-cool-windows-tools-you-might-need.html

The 5 (Really) Cool Windows Tools You Might Need

Soluto

Identifies what applications start at boot time and allows you to remove or delay them.

Smart Defrag

Click on the partition you feel is responding slowly, and perform an analysis to see if any files require defragmentation.

USB Write Protect

If you could somehow temporarily disable the writing permissions on your drive, your flash drive would be more secure. At the same time, you will be unable to accidentally delete or modify the flash drive’s contents.

FontFrenzy

a font manager with some extra font cleaning features. When you load it up, the program shows all fonts installed on your computer.

Bvckup

Bvckup is a program currently in its beta that works with Windows operating systems. The program has a number of interface and functionality features which set it apart from applications that perform the same auto-syncing tasks.



For my spreadsheet students (well, two out of three anyway.)

http://www.makeuseof.com/tag/top-3-websites-download-free-excel-programs/

Top 3 Websites To Download Useful Free Excel Programs

Microsoft Office Templates

On the Microsoft Office website, you’ll find countless pre-built Excel templates. … most of them are clearly intended for business purposes.

Vertex42 Excel Templates / Financial Calculators

Vertex42 is a website dedicated to everything related to Excel – including templates and financial calculators.

A large part of these even work on Open Office as well!

Excel Games

This last website is complementary, and wouldn’t be considered ‘useful’ by all parties. [Would you believe, Excel Tetris? Bob]



Coming soon to Firefox. Keep tabs of your frequently used sites available all the time! (Interesting that a Microsoft ad precedes the video.)

http://download.cnet.com/8301-2007_4-20012241-12.html?part=rss&subj=news&tag=2547-1_3-0-20

How to use App Tabs in Firefox (video)

Friday, July 30, 2010

Asymmetric by policy only, not by capability.

http://news.cnet.com/8301-31921_3-20012121-281.html?part=rss&subj=news&tag=2547-1_3-0-20

U.S. military cyberwar: What's off-limits?

The United States should decide on rules for attacking other nations' networks in advance of an actual cyberwar, which could include an international agreement not to disable banks and electrical grids, the former head of the CIA and National Security Agency said Thursday.

… One option would be for the larger G8 or G20 nations to declare that "cyberpenetration of any (financial) grid is so harmful to the international financial system that this is like chemical weapons: none of us should use them," he said at the Black Hat computer security conference here.

Another option would be for those nations to declare that "outside of actual physical attacks in declared conflicts, denial of service attacks are never allowed and are absolutely forbidden and never excused," and a consensus would "stigmatize their use," said Hayden, who's now a principal at the Chertoff Group. Nations "do not do it and they do not allow it to happen from their sovereign space."



The perils of “Pushed” updates. First, give away really useful Apps that everyone “has to have!” Second, activate Big Brother mode. Third, analyze the data and identify targets. Forth, Boom!

http://mobile.slashdot.org/story/10/07/29/1545238/Android-Data-Stealing-App-Downloaded-By-Millions?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Android Data Stealing App Downloaded By Millions

Posted by CmdrTaco on Thursday July 29, @12:04PM

"A wallpaper utility (that presents purloined copyrighted material) 'quietly collects personal information such as SIM card numbers, text messages, subscriber identification, and voicemail passwords. The data is then sent to www.imnet.us, a site that hails from Shenzen, China.'"

[From the article:

“Even good apps can be modified to turn bad after a lot of people download it,” MaHaffey said. “Users absolutely have to pay attention to what they download. And developers have to be responsible about the data that they collect and how they use it.”

… The app has been downloaded anywhere from 1.1 million to 4.6 million times. The exact number isn’t known because the Android Market doesn’t offer precise data.



Securing you phone.

http://news.cnet.com/8301-27080_3-20012144-245.html?part=rss&subj=news&tag=2547-1_3-0-20

Can your calls be intercepted? This tool can tell

A researcher released software at the Black Hat conference on Thursday designed to let people test whether their calls on mobile phones can be eavesdropped on.

The public availability of the software, dubbed Airprobe, means that anyone with the right hardware can snoop on other peoples' calls, unless the target telecommunications provider has deployed a patch that was standardized about two years ago by the GSMA, the trade association representing GSM (Global System for Mobile Communications) providers, including AT&T and T-Mobile in the United States.

Most telecommunications providers have not patched their systems, cryptography expert Karsten Nohl said.

… Airprobe offers the ability to record and decode GSM calls. When combined with a set of cryptographic tools called Kraken, which were released last week, "even encrypted calls and text messages can be decoded," he said.



A humbling perspective, with an interesting graphic.

http://tech.slashdot.org/story/10/07/29/2345248/2-Chinese-ISPs-Serve-20-of-World-Broadband-Users?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

2 Chinese ISPs Serve 20% of World Broadband Users

Posted by timothy on Thursday July 29, @10:46PM

"If you need a reminder of just how big China is—and just how important the Internet has become there—consider this stat: between them, two Chinese ISPs serve 20 percent of all broadband subscribers in the entire world and both companies continue to grow, even as growth slows significantly in more developed markets. Every other ISP trails dramatically. Japan's NTT comes in third with 17 million subscribers, and all US providers are smaller still. 'The gap between the top two operators and the world's remaining broadband service providers will continue to grow rapidly,' said TeleGeography Research Director Tania Harvey. 'Aside from the two Chinese companies, all of the top ten broadband ISPs operate in mature markets, with high levels of broadband penetration and rapidly slowing subscriber growth.'"



Does this suggest the young are delusional?

http://www.bespacific.com/mt/archives/024831.html

July 29, 2010

Why and How the Millennial Generation Is the Most Pro-Government Generation and What This Means for Our Future

The Generation Gap on Government - Why and How the Millennial Generation Is the Most Pro-Government Generation and What This Means for Our Future, by Guy Molyneux and Ruy Teixeira, with John Whaley July 2010

  • "Young Americans today across the ideological spectrum share a far more favorable view of the federal government than do their elders. Importantly, this so-called Millennial Generation may hold the key to reversing historic declines in public confidence in government—the major finding from a new survey commissioned by the Center for American Progress... Young adults are particularly receptive to a reform agenda that would strip wasteful spending and focus on improvements in the delivery of government services. Millennials will reward politicians who adhere to these principles with their votes, young respondents say."



Confirming my suspicions.

http://www.readwriteweb.com/archives/so-called_digital_natives_not_media_savvy_new_study_shows.php

So-Called "Digital Natives" Not Media Savvy, New Study Shows

A new study coming out of Northwestern University, discovered that college students have a decided lack of Web savvy, especially when it comes to search engines and the ability to determine the credibility of search results. Apparently, the students favor search engine rankings above all other factors. The only thing that matters is that something is the top search result, not that it's legit.

… Another interesting finding from the study involved the use of Wikipedia. Perhaps because of teachers' insistence over the years that the user-generated encyclopedia is not a credible source of information, only a third of the students used Wikipedia to search for answers when given particular tasks. This is a drop from earlier studies (like Raine & Tancer, 2007) which showed Wikipedia use at 46% among students.

Other popular trusted sources included SparkNotes (a study guide site), WedMD, Planned Parenthood, CNN, BBC, Microsoft (specifically Encarta and Office-related resources) and those sites with a .gov or .edu extension. Some students even thought that .org domain name meant a site was inherently trustworthy - they weren't aware that the .org extension can be freely registered just like .com and is not for nonprofit use only, as may have originally been intended.



Info-graphic

http://www.intac.net/the-perils-of-the-internet/

The Perils of the Internet



For my Computer Security (and other) students

http://www.bespacific.com/mt/archives/024827.html

July 29, 2010

National Cyber Security Alliance launches Web portal for 2010 National Cyber Security Awareness Month

News release: "The National Cyber Security Alliance (NCSA), a public-private partnership focused on educating a digital citizenry to stay safe and secure online, today launched its National Cyber Security Awareness Month Web portal with information on events, activities, promotions and educational materials to be used in preparation for the online safety month to be held in October. Anyone – family, employers, consumers, teachers, and students – interested in online safety is encouraged to access the portal, and all materials are free to use."

[From the site:

Free materials to support your awareness efforts and valuable links to other organizations.

Safety tip sheets for a variety of online settings



Tools & Techniques Free app.

http://www.makeuseof.com/dir/anti-theft-mobile-recover-stolen-cell-phone/

Anti Theft For Mobile: Recover Lost/Stolen Cellphone & Protect Your Data

I have come across a number of phone apps that provide great security for iPhones and Android based smartphones. There are 3 basic features these security apps offer: the ability to know where your phone is when lost, the ability to remotely lock your phone and the ability to remotely wipe all of your phone’s data.

Finally a security application containing all these features has been made for Symbian OS, Windows and Android phones; this app is F-Secure Anti Theft for Mobile. [Did I mention, it's free? Bob]

Similar tools: WaveSecure and BuddyWay.



Tools & Techniques I should use this in my website classes, and probably lots of other classes.

http://www.makeuseof.com/dir/bounce-annotate-share-comments-website/

Bounce: Tool For Marking & Annotating Websites

On the site’s homepage, you will see a bar where you need to enter the URL of the site you want to comment on. After entering the URL and submitting it, Bounce captures a screenshot image of it and then opens the image in an editable panel.

From the controls in the panel, you can create a red box anywhere on the image and leave comments within the red box. You can do this as many times as you want, adding as many comments as you want.

Clicking a ‘save’ button in the top right of the editing panel gives you the URL which you can share with people. Visiting the URL will take them to your annotated page.

www.bounceapp.com

Similar tools: A.nnotate, Asterpix, BubblePly, Co-ment, PicBite and MiddleSpot.

Also read related articles:

Top Web Annotation Tools: Annotate+Bookmark+Collaborate

Annotate Web pages you visit with Mystickies

The Commentor- A Visual Online Collaboration & Annotation Tool.

Thursday, July 29, 2010

A challenge for my Ethical Hackers: Improve the efficiency and effectiveness of this code. Provide a simple User Interface so that even non-techies can use it.

http://www.pogowasright.org/?p=12405

100 million Facebook pages leaked on torrent site

July 28, 2010 by Dissent

The 2.8GB torrent was compiled by hacker Ron Bowes of Skull Security, who created a web crawler program that harvested data on users contained in Facebook’s open access directory, which lists all users who haven’t bothered to change their privacy settings to make their pages unavailable to search engines.

Bowes’ directory contains 171 million entries, relating to more than 100 million individual users – more than one in five of Facebook’s recently trumpeted half billion user base.

The file contains user account names and a URL for each user’s profile page, from which details such as addresses, dates of birth or phone numbers can be accessed. Accessing a user’s page from the list will also enable you to click through to friends’ profiles – even if those friends have made themselves non-searchable.

Read more on THINQ.

As of the time of this posting, Skull Security’s site is timing out, probably because the story was slashd0tted. The original post, available in Google’s cache, reads in part:

I wrote a quick Ruby script (which has since become a more involved Nmap Script that I haven’t used for harvesting yet) that I used to download the full directory. I should warn you that it isn’t exactly the most user friendly interface — I wrote it for myself, primarily, I’m only linking to it for reference. I don’t really suggest you try to recreate my spidering. It’s a waste of several hundred gigs of bandwidth.

The results were spectacular. 171 million names (100 million unique).

[...]

But it occurred to me that this is public information that Facebook puts out, I’m assuming for search engines or whatever, and that it wouldn’t be right for me to keep it private. Why waste Facebook’s bandwidth and make everybody scrape it, right?

So, I present you with: a torrent! If you haven’t download it, download it now! And seed it for as long as you can.

This torrent contains:

  • The URL of every searchable Facebook user’s profile

  • The name of every searchable Facebook user, both unique and by count (perfect for post-processing, datamining, etc)

  • Processed lists, including first names with count, last names with count, potential usernames with count, etc

  • The programs I used to generate everything



What? Just because it's free, you thought it wouldn't cost you?

http://www.pogowasright.org/?p=12413

What your phone app doesn’t say: It’s watching

July 28, 2010 by Dissent

Jordan Robertson of the Associated Press reports:

Your smart phone applications are watching you – much more closely than you might like.

Lookout Inc., a mobile-phone security firm, scanned nearly 300,000 free applications for Apple Inc.’s iPhone and phones built around Google Inc.’s Android software. It found that many of them secretly pull sensitive data off users’ phones and ship them off to third parties without notification.

Read more on Forbes.



Because government is better able to determine what's important than a bunch of silly old judges?

http://www.pogowasright.org/?p=12415

White House proposal would ease FBI access to records of Internet activity

July 29, 2010 by Dissent

Ellen Nakashima reports:

The Obama administration is seeking to make it easier for the FBI to compel companies to turn over records of an individual’s Internet activity without a court order if agents deem the information relevant to a terrorism or intelligence investigation.

The administration wants to add just four words — “electronic communication transactional records” — to a list of items that the law says the FBI may demand without a judge’s approval. Government lawyers say this category of information includes the addresses to which an Internet user sends e-mail; the times and dates e-mail was sent and received; and possibly a user’s browser history. It does not include, the lawyers hasten to point out, the “content” of e-mail or other Internet communication.

Read more in the Washington Post.

In related coverage, Pete Yost of the Associated Press reports on the FBI’s defense of its guidelines for domestic surveillance.

Earlier this week, the The American Civil Liberties Union on Tuesday asked FBI field offices in 29 states and Washington, D.C., to turn over records the FBI collected on race and ethnicity in various communities. The agency fears the FBI’s data gathering and mapping practices will invite racial profiling by law enforcement. Nick Divito covers the story on Courthouse News.



Perhaps Google was not (yet) evil? Will the US Attorneys General be as willing to drop their “investigation?”

http://www.pogowasright.org/?p=12424

UK: ICO Statement on Google WiFi data

July 29, 2010 by Dissent

A spokesperson for the Information Commissioner’s Office (ICO) said:

“The ICO has visited Google’s premises to assess samples of the ‘pay-load’ data it inadvertently collected. Whilst Google considered it unlikely that it had collected anything other than fragments of content, we wanted to make our own judgement as to the likelihood that significant personal data had been retained and, if so, the extent of any intrusion. The information we saw does not include meaningful personal details that could be linked to an identifiable person. As we have only seen samples of the records collected in the UK we recognise that other data protection authorities conducting a detailed analysis of all the payload data collected in their jurisdictions may nevertheless find samples of information which can be linked to identifiable individuals. However, on the basis of the samples we saw we are satisfied so far that it is unlikely that Google will have captured significant amounts of personal data. There is also no evidence as yet that the data captured by Google has caused or could cause any individual detriment. Nevertheless it was wrong to collect the information. We will be alerting Privacy International and others who have complained to us of our position. The Information Commissioner is taking a responsible and proportionate approach to this case. However, we remain vigilant and will be reviewing any relevant findings and evidence from our international counterparts’ investigations.”

Source: ICO


(Related) You ain't seen nothing yet! (Interesting picture: Who is that sitting next to Eric Schmidt?)

http://www.wired.com/dangerroom/2010/07/exclusive-google-cia/

Exclusive: Google, CIA Invest in ‘Future’ of Web Monitoring

The investment arms of the CIA and Google are both backing a company that monitors the web in real time — and says it uses that information to predict the future.

The company is called Recorded Future, and it scours tens of thousands of websites, blogs and Twitter accounts to find the relationships between people, organizations, actions and incidents — both present and still-to-come. In a white paper, the company says its temporal analytics engine “goes beyond search” by “looking at the ‘invisible links’ between documents that talk about the same, or related, entities and events.”

America’s spy services have become increasingly interested in mining “open source intelligence” — information that’s publicly available, but often hidden in the daily avalanche of TV shows, newspaper articles, blog posts, online videos and radio reports.

Secret information isn’t always the brass ring in our profession,” then CIA-director General Michael Hayden told a conference in 2008. “In fact, there’s a real satisfaction in solving a problem or answering a tough question with information that someone was dumb enough to leave out in the open.”



For my Ethical Hackers How to get the attention of your students....

http://news.cnet.com/8301-1009_3-20012019-83.html?part=rss&subj=news&tag=2547-1_3-0-20

Security researcher demonstrates ATM hacking

LAS VEGAS--Hacking into an ATM isn't impossible, a security researcher showed Wednesday. With the right software, it's actually pretty easy.

Barnaby Jack, director of security testing at Seattle-based IOActive, hauled two ATMs onto the Black Hat conference stage and demonstrated to a rapt audience the fond daydream of teenage hackers everywhere: pressing a button and having an automated teller machine spew out its cash until a pile of paper lay on the ground.


(Related) Ditto

http://news.cnet.com/8301-27080_3-20012027-245.html?part=rss&subj=news&tag=2547-1_3-0-20

Expert: Critical system flaws a 'ticking time bomb'

"SCADA (supervisory control and data acquisition) systems are a lot less secure than IT (information technology) systems," Jonathan Pollet, founder of Red Tiger Security, said in his session, titled "Electricity for Free? The Dirty Underbelly of SCADA and Smart Meters."

… Recent modernization efforts have brought connectivity to the Internet back to the control environment and use of Windows, opening up new paths for threats, he said. Plus, there are known flaws in smart meters being installed in homes and linked back to critical systems, he added.

"We've had customers download a Windows patch and that patch actually broke the SCADA system," he said.

… Pollet said that during his consulting at utilities and other SCADA sites he has found all sorts of unnecessary software running on computers connected to important systems that can cause security problems, such as BitTorrent clients for peer-to-peer file sharing, chat clients, adult video directory scripts, and even botnet code and malware.

… Meanwhile, many power plant companies are trying to jump through loopholes in the regulations to reduce their "audit footprint," and controls are being bypassed, he said. Critical infrastructure companies are attempting to limit their responsibility and are not prepared to deal with the kinds of online attacks and espionage that keep chief information officers up at night, he said.



Another perspective

http://www.pogowasright.org/?p=12430

Mexico’s New Data Protection Law

July 29, 2010 by Dissent

W. Scott Blackmer writes:

Mexico has joined the ranks of more than 50 countries that have enacted omnibus data privacy laws covering the private sector. The new Federal Law on the Protection of Personal Data Held by Private Parties (Ley federal de protección de datos personales en posesión de los particulares) (the “Law”) was published on July 5, 2010 and took effect on July 6. IAPP has released an unofficial English translation. The Law will have an impact on the many US-based companies that operate or advertise in Mexico, as well as those that use Spanish-language call centers and other support services located in Mexico.

Read more on Information Law Group.



This might explain why red light cameras are so popular... And changing the law just make collecting fines easier.

http://yro.slashdot.org/story/10/07/28/1947231/Tennessee-Town-Releases-Red-Light-Camera-Stats?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Tennessee Town Releases Red Light Camera Stats

Posted by timothy on Wednesday July 28, @04:58PM

SonicSpike links to what he calls "a transparent look at some statistics released by a small town's red-light camera program," writing

"Specifically, in the last fiscal quarter, 7,213 incidents were recorded, 2,673 incidents were rejected by the reviewing officer, and 662 incidents were not processed due to technical issues or lack of information. All in all 3,878 citations were issued between April I — June 30 in a town of 17,000 residents. Interestingly enough there are two nearby cities claiming that individuals 'have no presumption of innocence' when accused by the red light cameras."

Fines for no-harm-no-foul rolling stops bug me, and remind me of Gary Lauder's suggestion to merge stop signs and yield signs.


(Related) Another “interpretation” of the law I find questionable.

http://games.slashdot.org/story/10/07/28/1954247/UK-Courts-Rule-Nintendo-DS-R4-Cards-Illegal?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

UK Courts Rule Nintendo DS R4 Cards Illegal

Posted by Soulskill on Wednesday July 28, @05:40PM

"A UK high court ruled today that R4 cards for the Nintendo DS are illegal, finding two vendors guilty of selling 'game copiers.' The ruling by Justice Floyd is quoted as saying, 'The economic effect on Nintendo of the trade in these devices is substantial as each accused device can store and play copies of many Nintendo DS games [...] The mere fact that the device can be used for a non-infringing purpose is not a defence.' No word in the article as to what law in particular they were found to have broken, nor of the penalty the vendors are facing, but this looks like bad news for all kinds of hardware mod, on any platform, that would enable homebrew users to bypass vendor locks."

Nintendo won a related lawsuit in the Netherlands recently, in addition to the one in Australia earlier this year.



How to reinforce your bias!

http://searchengineland.com/blekko-a-new-search-engine-that-lets-you-spin-the-web-47215

Blekko: New Search Engine Lets You “Spin” The Web

New challenger Blekko is stepping into the fray, opening to limited beta testing today. It offers a compelling way to “slash the web” and put a particular spin on your search results.

… Blekko’s “slashtags” are a unique feature that may draw you in on occasions when you want to see how search results look when they’re skewed to a particular viewpoint.

… What would rank number one for “honey” if you asked bakers versus beekeepers? Blekko can give you the spin from both groups. Want your search results with a liberal slant? You can do that at Blekko, or slash your results the opposite way for a conservative view.

This is all done using slashtags, special keywords that you place after what your searching for, in order to indicate the viewpoint you want used to spin your results.

… This is also known as a vertical search, where instead of searching across the entire “horizontal” spectrum of all web sites, you’re searching “vertically” through just one slice.



Facebook just past 500 million users. Imagine how many users Facebook would have if the users actually liked it!

http://www.bespacific.com/mt/archives/024823.html

July 28, 2010

American Customer Satisfaction Index: Internet news & information; Internet portals & search engines, Internet social media

The American Customer Satisfaction Index (ACSI) Report on E-Business: Internet Portals & Search Engines, News & Information, and Social Media Websites, July 20, 2010. Commentary by Professor Claes Fornell: Google Dips Sharply but Holds Off Bing; FOXNews.com Leads All E-Business Websites; Facebook and MySpace Fail to Satisfy



Interesting tool. Makes you wonder why a home grown system like Glenwood Springs is 8 times faster than Qwest. Of course they've had fiber since 2002. Just another example of my “let the city own it and sell it to everyone” model.

http://www.wired.com/epicenter/2010/07/fastest-best-isps/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top+Stories+2%29%29

What’s the Fastest and Best ISP in Your City? Look It Up Here



For my website students, 'cause I don't want no sub-standard code!

http://www.webmonkey.com/2010/07/w3cs-unicorn-validator-checks-multiple-standards-at-once/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top+Stories+2%29%29

W3C’s Unicorn Validator Checks Multiple Standards at Once

he web’s governing body has launched a new validation tool called Unicorn that checks the quality of your website’s code against multiple web standards at the same time.

You can find the new Unicorn “all-in-one validator” on the Worldwide Web Consortium (W3C) website at validator.w3.org/unicorn/.

The W3C maintains a number of free web-based tools for checking whether your web code is valid, and Unicorn makes several of these tools available under a single interface.



For my Math students. They won't be able to resist the “Easier” button.

http://www.freetech4teachers.com/2010/07/knotebooks-create-multimedia-math.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

Wednesday, July 28, 2010

Knotebooks - Create Multimedia Math & Science Articles

Knotebooks is a neat service that allows users to create, customize, and share lessons composed of videos, images, and texts from all over the Internet.

… Using Knotebooks you can organize information to create a reference article for yourself or to share with others. You can also browse the articles published by others, add them to your account for later reference, and or alter the articles that others have written to suit your needs.

… Creating Knotebooks could be a great way for mathematics and science students to build multimedia reference libraries for themselves and for their classmates.



Annotate your videos.

http://www.freetech4teachers.com/2010/07/video-ant-discuss-and-annotate-videos.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

Wednesday, July 28, 2010

Video ANT - Discuss and Annotate Videos

Video ANT is a free tool developed by Brad Hosack at the University of Minnesota for the purpose of providing a platform on which students and teachers view and annotate videos. Video ANT plays your specified video and while watching you and your students can and marks along a timeline and write comments alongside the video. Annotations are archived and emailed to you when you've completed the annotation process. Video ANT works with YouTube videos as well as with some video files that you can upload to the site. Click here to watch a screencast created by Brad Hosack of Video ANT in action.

Wednesday, July 28, 2010

First new development in a while. Raises all kinds of “Who was in charge” questions.

http://www.philly.com/inquirer/front_page/20100728_Second_suit_over_Lower_Merion_webcam_snooping.html

Second suit over Lower Merion webcam snooping

The letter from Lower Merion school administrators delivered the news three weeks ago [If the school district is just now notifying the students it “spied on,” we can expect more of these. Bob]- her son had been secretly monitored by the webcam on his school-issued laptop. But only when Fatima Hasan saw the evidence did the scope of the spying on her son Jalil become apparent.

There were more than 1,000 images surreptitiously captured by the computer - 469 webcam photographs and 543 screen shots.

… The cases are similar in their broad outlines. The electronic monitoring began after school-issued computers were reported missing. In both cases, the system was simply left on long after the laptops were recovered. Hundreds of photos and screen shots were captured on a predetermined schedule.

The photos from Hasan's computer included shots of him in his bedroom and of other family members and friends

… According to the suit, Hasan forgot his computer in cooking class on Dec. 18, a Friday. A teacher turned it in to the technology department that day. On Dec. 21, Hasan retrieved his computer from the technology office.

At some point that day, school officials activated the security system. The system kept capturing images for nearly two months and was only deactivated after the first lawsuit was filed.

… The district did not respond to the allegations in the suit, but in a statement said "continued litigation is clearly not the right way to proceed." It noted that new policies governing the use of technology had been drafted.

"While the results of that investigation reveal that mistakes were made, there is no evidence that any students were individually targeted," the statement said. [But surveillance was initiated on specific computers (specific students). Perhaps they believe studentsa aren't individuals? Bob]

[Court documents here: http://www.wired.com/images_blogs/threatlevel/2010/07/hasan.pdf



A minor variation on “Because that's where the money is.” And a serious failure of Disclosure?

http://www.databreaches.net/?p=12730

Hackers add new twist to check counterfeiting

July 28, 2010 by admin

Jordan Robertson of the Associated Press reports:

Think of it as one more reason not to write checks.

Hackers believed to be operating out of Russia have figured out a high-tech way to carry out the decidedly low-tech crime of check fraud, a computer security company says — writing at least $9 million in fakes against more than 1,200 legitimate accounts.

But these hackers got the account information in an unusual way: They broke into three websites that specialize in a little-known type of business — archiving check images online.

[...]

Stewart uncovered the scam while investigating malicious software that steals banking passwords. In eavesdropping on one criminal group’s communications, which he was able to do by infecting his own computer with the malicious program the group was using, he noticed they were doing something unexpected: collecting massive amounts of images of checks.

He found a file logging all of their transactions, which revealed that 3,285 checks were written against 1,280 accounts since June 2009. Most checks were written for less than $3,000 to evade banks’ anti-fraud measures. [See? They have lawyers too. Bob] Overall, he saw about 200,000 stolen check images — suggesting the criminals have exploited only a fraction of the accounts on which they have information.

SecureWorks isn’t identifying the hacked sites. [“We want customers to continue to believe they are trustworthy.” Bob]

Read more in the Portland Press Herald.



Incompetent security managers? Inadequate testing?

http://news.cnet.com/8301-27080_3-20011871-245.html?part=rss&subj=news&tag=2547-1_3-0-20

Report: Most data breaches tied to organized crime

Organized criminals were responsible for 85 percent of all stolen data last year and of the unauthorized access incidents, 38 percent of the data breaches took advantage of stolen login credentials, according to the 2010 Verizon Data Breach Investigations report to be released on Wednesday.

While external agents were behind 70 percent of the breaches, nearly 50 percent were caused by insiders and only 11 percent were attributed to business partners, concluded the report, which focused on data breaches that took place in 2009.

… Most of the externally originated breaches came from Eastern Europe, North America, and East Asia, the data shows.

Nearly 50 percent of breaches involved misuse of user privileges, while 40 percent resulted from hacking, 38 percent used malware, 28 percent used social engineering tactics, and about 15 percent were physical attacks.

There was not one single confirmed intrusion that exploited a patchable vulnerability, reflecting that fact that many of the most common hacking methods--SQL injection, stolen credentials, and backdoors--exploit problems that can't be readily patched.

"Attackers really do seem to be not so much concerned with finding software vulnerabilities as much as finding types of misconfigurations that let them in the door," Wade Baker, director of risk intelligence for Verizon Business, told CNET on Tuesday.

[The correct link to the report:

http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf



Are these users in the 5% of users who respond (fall victim) to SPAM? If so, they are even more ignorant that I assumed.

http://it.slashdot.org/story/10/07/27/217210/Rogue-Anti-Virus-Victims-Rarely-Fight-Back?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Rogue Anti-Virus Victims Rarely Fight Back

Posted by kdawson on Tuesday July 27, @07:04PM

"One big reason why rogue anti-virus continues to make major bucks for scam artists: relatively few victims ever ask their credit card company or bank to reverse the charges for the phony security software — even when the victims don't even receive the worthless software they were promised. I recently found several caches of data for affiliates of a rogue anti-virus distribution program, and the data showed that in one set of attacks only 367 out of more than 2,000 scammed disputed the charge. A second rogue anti-virus campaign scammed more than 1,600 people, and yet fewer than 10 percent fought the charges."



A Privacy Infographic...

http://www.wordstream.com/articles/google-privacy-internet-privacy

Do You Know Who's Watching You?


(Related) Do you know who keeps your deleted messages? For my Forensics students.

http://www.pogowasright.org/?p=12374

Rape charges dropped after deleted messages recovered from iPhone

July 28, 2010 by Dissent

There was a case in Australia that may be of interest to readers, as a defendant in a rape case was able to get the charges dismissed after his attorney retained a forensics expert who was able to recover messages the victim/accuser had sent to his iPhone, even though the messages had been deleted:

Apple has sold more than 50 million iPhones since 2007 but few users know how much information they collect. The keyboard logging cache means an expert can retrieve anything typed on it for up to 12 months. Its internal mapping and ”geotags” attached to photos indicate where a user has been.

An iPhone has up to 32 gigabytes of data that can be ”imaged” or decoded with the right equipment, Mr Coulthart said, even if it has been deleted.

Read more of the story by Joel Gibson in the Sydney Morning Herald.



They may not have it figured out, but they are trying...

http://www.hhs.gov/news/press/2010pres/07/20100708c.html

HHS Strengthens Health Information Privacy and Security through New Rules

The proposed rule announced today would strengthen and expand enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security, and Enforcement Rules by:

  • expanding individuals’ rights to access their information and to restrict certain types of disclosures of protected health information to health plans.

  • requiring business associates of HIPAA-covered entities to be under most of the same rules as the covered entities;

  • setting new limitations on the use and disclosure of protected health information for marketing and fundraising; and

  • prohibiting the sale of protected health information without patient authorization.

HHS also launched today a privacy website at http://www.hhs.gov/healthprivacy/index.html to help visitors easily access information about existing HHS privacy efforts and the policies supporting them.



There seems to be a lot of articles related to “Behavioral Advertising” today.

Now you don't even need to “Click!” What relationship do you need with Google? Do you have to be on Google.com, or will it work on any site you visit after the search?

http://tech.slashdot.org/story/10/07/27/1624251/Google-Nabs-Patent-To-Monitor-Your-Cursor-Movement?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Google Nabs Patent To Monitor Your Cursor Movement

Posted by CmdrTaco on Tuesday July 27, @01:14PM

"Google has been awarded a patent for displaying search results based on how you move your mouse cursor on the screen... Google's plans are to monitor the movements of the cursor, such as when a user hovers over a certain ad or link to read a tooltip, and then provide relevant search results, and ads, based on that behaviour. It means that it does not require users to actually click a link to know that they were interested in it, opening a world of opportunity for even more focused ads."

[From the article:

The patent, entitled System and Method for Modulating Search Relevancy Using Pointer Activity Monitoring and numbered 7756887, was filed on February 16 2005, but it was only this month that it was published and released to the public. It is also a continuation of a previous patent filed in December 2004.

To monitor the cursor would require potential invasion of privacy by stepping off the web itself and into the user's browser.


(Related) Facebook has all this personal data users provide, why not exploit it?

http://gigaom.com/2010/07/27/amazon-connects-with-facebook-but-doesnt-kiss-and-tell/

Amazon Connects With Facebook, but Doesn’t Kiss and Tell

Amazon has launched a new feature that connects users to their Facebook profiles, and then makes product suggestions based on their “likes” and other activity on the social network — but the online retailer also stresses that it will not share any of the data it has about its users or their purchasing behavior with Facebook.


(Related) How would you prove the data you have on an individual was collected from sources not flagged as do-not-track?

http://www.pogowasright.org/?p=12382

FTC Considers Do-Not-Track List

July 28, 2010 by Dissent

Wendy Davis reports:

The Federal Trade Commission is considering proposing a do-not-track mechanism that would allow consumers to easily opt out of all behavioral targeting, chairman Jon Leibowitz told lawmakers on Tuesday.

Testifying at a hearing about online privacy, Leibowitz said the FTC is exploring the feasibility of a browser plug-in that would store users’ targeting preferences. He added that either the FTC or a private group could run the system.

Leibowitz said that while Web users on a no-tracking list would still receive online ads, those ads wouldn’t be targeted based on sites that users had visited in the past.

Read more on MediaPost.



Lots of questions: How often does it “ping?” What information is sent to Google? Is it legal to by-pass this as it is a dongle?

http://techcrunch.com/2010/07/27/android-takes-a-new-approach-to-fighting-piracy-with-licensing-service/

Android Takes A New Approach To Fighting Piracy With Licensing Service

Pirates looking to illegally copy Android applications are about to face a new challenge: today, Google’s Android team announced that it is releasing a new application Licensing Service for Android. The service, which is meant to help developers secure their applications from piracy, forces apps to ping Google’s home server at regular intervals to verify that they were legitimately purchased. Fail that check, and the app can lock you out.

According to the Dev Guide, developers are free to decide how they want to deal with an application that is deemed to be pirated (a developer could disable the app entirely, or perhaps they could activate a trial mode prompting the user to purchase the real thing).



How to use Copyrighted works

http://www.bespacific.com/mt/archives/024813.html

July 27, 2010

Rulemaking on Exemptions from Prohibition on Circumvention of Technological Measures that Control Access to Copyrighted Works


(Related) Lawyers don't find humor funny?

http://arstechnica.com/tech-policy/news/2010/07/did-you-hear-the-joke-about-the-comedian-and-copyright-law.ars

Did you hear the joke about the comedian and copyright law?

The notoriously litigious music industry often resorts to the legal system to protect itself from pirates and samplers. But comedians don't. So why hasn't the joke well gone dry?

That's the question asked by a forthcoming book chapter from the University of Chicago Press called "Intellectual Property Norms in Stand-Up Comedy." Written by two professors from the University of Virginia School of Law, the chapter offers a case study in the axiom that more IP rights aren't always better IP rights.



Interesting specs...

http://www.electronista.com/articles/10/07/27/augen.gentouch78.takes.on.apple.through.price/

iPad gets odd rival in $150 Android tablet at Kmart

The online edition of a Kmart flyer has revealed plans for what could be an unusual entry into competition against Apple in the still young tablet market. The Augen Gentouch78 should run Android 2.1 on a seven-inch screen and will keep simple with just 2GB of internal storage and Wi-Fi alone for Internet access. At $150, though, it would cost less than a third the price of an iPad while offering many more features than a similarly priced Nook Wi-Fi.



More things you can do with WolframAlpha

http://www.makeuseof.com/tag/10-search-terms-put-wolfram-alpha-good-everyday/

10 Search Terms To Put Wolfram Alpha To Good Use Everyday



Sort of a MindMap for navigating the Internet? Maybe linked bookmarks would be a better description.

http://www.makeuseof.com/dir/pearltrees-organize-store-online-content/

PearlTrees: Store, Share & Organize Web Content Visually

Pearltrees is a browser addon for Mozilla Firefox. The developers of the addon provide users with a great new way of storing and connecting the web content they want to save.

Basically you can create different map-like structures out of nodes; each node can be connected to one another. These nodes are shortcuts to websites. You can create more than one map and add as many nodes as possible. Nodes can be rearranged as you like.

www.addons.mozilla.org/en-US/firefox/addon/11255

Similar tools: BagTheWeb, DropVine, Shareaholic, Linkli.st, NiceSharing, ShareTabs and MinMu.



This has potential! Watch the video. Look at the “Featured Binders” Make students do all the work?

http://www.killerstartups.com/Web-App-Tools/livebinders-com-store-everything-you-want-online

LiveBinders.com - Store Everything You Want Online

http://livebinders.com/

A site that defines itself as “the knowledge sharing place”, LiveBinders.com will let you create a binder in which you can organize all your resources and access them far more easily than ever before.

These binders can be created for free, and they can contain pretty much anything you like - images, videos, Word documents, PDFs… the choice is entirely yours, and it will depend on which uses you intend to put this application to - personal and professional uses are entirely compatible with the way in which Live Binders has been devised.

Of course, you can actually share the content that you have stored on your binder. In that way, LiveBinders.com stands as a great tool for collaboration.

And note that paid Binders are also going to be implemented soon. The free version of the service is limited to 100 MB per account, and 5 MB per file. These limitations will be automatically lifted the moment that you go for a paid account. Premium services will also come with better overall management features, such as the ability to monitor file uploads.

Tuesday, July 27, 2010

Interesting language. Makes it sound like they have their Computer Security act together! How novel.

http://www.databreaches.net/?p=12695

Hacked investment firm says hack intended as a launch pad

July 26, 2010 by admin

Attorneys for Resnick Investment Advisors in South Carolina have notified the New Hampshire Attorney General’s Office that in June 2010, the investment firm’s network was breached. The breach was discovered on June 22, and the means of attack identified and reported to the FBI.

An investigation into the incident reportedly indicated that the breach did not result in any client files being accessed or downloaded, and the firm notes that its security measures prevent downloading of any files. Based on an investigation by their IT service provider, the firm believes that the motive was not to access, alter, or acquire any client records but to use Resnick’s corporate identity to launch a malicious attack on another entity.

The firm began sending out notifications to its clients last week and offered them free credit monitoring services for a year.



Not sure how to interpret this. It would seem to fly in the face of the “government knows best” assumptions of “true believer” Democrats, but then that's only a label these days.

http://www.databreaches.net/?p=12704

North Carolina To Privatize IT Operations, Jobs

July 27, 2010 by admin

Paul McDougall reports:

Faced with a looming, $3 billion budget deficit, North Carolina is eyeing a major shakeup of its tech operations that could see the state outsource the bulk of its IT work to the private sector while consolidating other operations internally.

The state has launched a search for an outside consulting firm to help guide the reorganization, according to a memo Democratic governor Bev Perdue sent to state cabinet secretaries and agency heads. “The Office of Information Technology Services (ITS) issued a Request for Information to seek input and ideas from the vendor community for improving the delivery of IT in state government,” Perdue said in the memo, dated July 21st.

Read more on InformationWeek.


(Related) Here is (I suspect) one bidder... And come to think of it, didn't they back Obama in the last election?

http://techcrunch.com/2010/07/26/google-city-of-los-angeles-apps-delay-is-overblown/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Google: City Of Los Angeles Apps Delay Is Overblown



Allow me to point out that computer programs do not spontaneously spring into being. You must deliberately program them. You must also deliberately remove them when you determine they are no longer desirable.

http://www.pogowasright.org/?p=12353

Citi plugs privacy hole in iPhone banking app

July 26, 2010 by Dissent

Elinor Mills reports:

Citibank has fixed a flaw in its iPhone app that was inadvertently storing customer account data on the mobile devices, the company said on Monday.

“During a recent review, we discovered that our U.S. Citi Mobile iPhone banking app was accidentally saving information related to customer accounts in a hidden file on their iPhones,” the company said in a statement. “This information may also have been saved on their computer if they had been synchronizing their iPhone with their computer via iTunes.”

Read more on cnet. Spencer E. Ante has more on the background of the problem in the Wall Street Journal.



Wow!. Think of this as taking the Lower Merion School District's “how to spy on our students in their bedrooms” privacy model and expanding it globally under the the banner of “It's for the children” This is also using the Facebook model: First, become popular. Then introduce privacy violations.

http://yro.slashdot.org/story/10/07/27/1244258/Chatroulette-To-Log-IP-Addresses-Take-Screenshots?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Chatroulette To Log IP Addresses, Take Screenshots

Posted by CmdrTaco on Tuesday July 27, @09:44AM

"Chatroulette, the strangely addictive online game in which users are connected via webcam and microphone to random strangers at the click of a button, has had enough of users exposing themselves to the unsuspecting public, among other disgraces. The founder of Chatroulette has announced the company has hired developers to collect IP addresses and take screenshots of those users breaking the rules."



Unlikely to be of any interest to the iPhone users I know long ago ignored their contracts.

http://gigaom.com/2010/07/26/what-the-new-dmca-ruling-on-copyright-actually-says/

What the New DMCA Ruling on Jailbreaking Actually Says

The U.S. Copyright Office today clarified how it plans to enforce the Digital Millennium Copyright Act, making new exemptions for things like jailbreaking iPhones and ripping DVDs.

It might be exciting to think that it’s now legal to jailbreak iPhones for the purpose of installing software not approved by Apple or switching wireless carriers. But “jailbreaking is legal” is not what the ruling said. It simply said that jailbreaking is not a violation of copyright law.



Why I believe research that is public has a better chance of being “honest.” When you have the world world looking at your data and methods, little flaws and assumptions tend to pop out.

http://yro.slashdot.org/story/10/07/26/1857224/Major-Flaws-Found-In-Recent-BitTorrent-Study?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Major Flaws Found In Recent BitTorrent Study

Posted by Soulskill on Monday July 26, @03:51PM

Caledfwlch writes with a followup to news we discussed a couple days ago about a study that found only 0.3% of torrents to be legal. (A further 11% was described as "ambiguous.") TorrentFreak looked more deeply into the study and found a number of flaws, suggesting that the researchers' data may have been pulled from a bogus tracker. Quoting:

"Here's where the researchers make total fools out of themselves. In their answer to the question they refer to a table of the top 10 most seeded torrents. ... the most seeded file was uploaded nearly two years ago (The Incredible Hulk) and has a massive 1,112,628 seeders. The torrent in 10th place is not doing bad either with 277,043 seeds. All false data. We're not sure where these numbers originate from but the best seeded torrent at the moment only has 13,739 seeders; that's 1% of what the study reports. Also, the fact that the release is nearly two years old should have sounded some alarm bells. It appears that the researchers have pulled data from a bogus tracker, and it wouldn't be a big surprise if all the torrents in their top 10 are actually fake."

They also take a cursory look at isoHunt, finding that 1.5% of torrent files come from Jamendo alone, "a site that publishes only Creative Commons licensed music."



This is largely a poor job of reporting obvious security problems. But it raises an old concern. If organizations don't adequately secure their systems, should we continue to hold them blameless when security breaches are detected? Insurance companies set their rates based (partly) on how complete the security is. Should we insist the level of security be published as guide for consumers?

http://it.slashdot.org/story/10/07/26/2224232/How-Cyber-Spies-Infiltrate-Business-Systems?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

How Cyber Spies Infiltrate Business Systems

Posted by kdawson on Monday July 26, @06:52PM

"InfoWorld's Bob Violino reports on the quiet threat to today's business: cyber spies on network systems. According to observers, 75 percent of companies have been infected with undetected, [and 96% of “observers” have undetected brains. By definition, it's undetected until you detect it, but that doesn't mean it exists. If it's undetected, how do you count it? Bob] targeted attacks — ones that typically exploit multiple weaknesses with the ultimate goal of compromising a specific account. Such attacks often begin by correlating publicly available information to access a single system. From there, the entire environment can be gradually traversed enabling attackers to place monitoring software in out-of-the-way systems, such as log servers, where IT often doesn't look for intrusions. ' They collect the data and send it out, such as via FTP, in small amounts over time, so they don't rise over the noise of normal traffic and call attention to themselves,' Violino writes. 'There's probably no way you can completely protect your organization against the increasingly sophisticated attacks by foreign and domestic spies. That's especially true if the attacks are coming from foreign governments, because nations have resources that most companies do not possess.'"


(Related) Social engineering at the corporate level? Give us all your customer information and we give you some graphs back that you can use to justify pretty much anything you want to do.

http://yro.slashdot.org/story/10/07/27/0016216/UK-ISP-TalkTalk-Caught-Monitoring-Its-Customers?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

UK ISP TalkTalk Caught Monitoring Its Customers

Posted by kdawson on Tuesday July 27, @05:21AM

"The UK ISP TalkTalk has been caught using a form of Deep Packet Inspection technology to monitor and record the websites that its customers visit, without getting their explicit consent. The system, which is not yet fully in place, ultimately aims to help block malware websites by comparing the URL that a person visits against a list of good and bad sites. Bad sites will then be restricted. TalkTalk claims that its method is totally anonymous and that the only people with visibility of the URL database itself are Chinese firm Huawei, which will no doubt help everybody to feel a lot better (apply sarc mark here) about potentially having their privacy invaded."



Individuals often mistake their rights as equivalent to real citizens, like the police, rich folks and politicians.

http://yro.slashdot.org/story/10/07/27/0212232/Facing-16-Years-In-Prison-For-Videotaping-Police?from=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Facing 16 Years In Prison For Videotaping Police

Posted by kdawson on Tuesday July 27, @02:26AM

"The ACLU of Maryland is defending Anthony Graber, who faces as much as sixteen years in prison if found guilty of violating state wiretap laws because he recorded video of an officer drawing a gun during a traffic stop. ... Once [the Maryland State Police] learned of the video on YouTube, Graber's parents' house was raided, searched, and four of his computers were confiscated. Graber was arrested, booked, and jailed. Their actions are a calculated method of intimidation. Another person has since been similarly charged under the same statute. The wiretap law being used to charge Anthony Graber is intended to protect private communication between two parties. According to David Rocah, the ACLU attorney handling Mr. Graber's case, 'To charge Graber with violating the law, you would have to conclude that a police officer on a public road, wearing a badge and a uniform, performing his official duty, pulling someone over, somehow has a right to privacy when it comes to the conversation he has with the motorist.'"

Here are a factsheet (PDF) on the case from the ACLU of Maryland, and the video at issue.



An interesting conclusion.... Apparently you can talk about the Emperor's new clothes...

http://www.pogowasright.org/?p=12346

Appeals Court Protects Free Speech for Privacy Advocate

July 26, 2010 by Dissent

From EPIC.org:

Privacy Advocate Betty Ostergren has won in federal appeals court in her challenge to a state law designed to prosecute her for drawing attention to the state’s online publication of SSNs. In Ostergren v. Cuccinelli, the court ruled that the Commonwealth of Virginia may not prosecute Ostergren for publishing the SSNs of state officials available in public land records until the Commonwealth itself stops making these unredacted documents available. EPIC filed a “friend of the court” brief in support of Ostergen, urging the court to hold that the First Amendment protects Ostergren’s speech. For more information, see EPIC Ostergren v. McDonnell, EPIC Social Security Numbers, and EPIC Identity Theft.

Woo hoo! Congratulations, Betty!



Interesting. Does it explain the reluctance of the newspaper industry (or RIAA) to innovate?

http://www.bespacific.com/mt/archives/024800.html

July 26, 2010

The Effect of Market Leadership in Business Process Innovation: The Case(s) of E-Business Adoption

The Effect of Market Leadership in Business Process Innovation: The Case(s) of E-Business Adoption, Kristina Steffenson McElheran, Working Paper 10-104, Harvard Business School

  • "This paper empirically investigates how market leadership influences firm propensity to adopt new business process innovations. Using a unique data set spanning roughly 35,000 plants in 86 U.S. manufacturing industries, I study the adoption of frontier e-business practices during the early diffusion of the commercial internet. Theory predicts that firms with greater market share will be more likely to adopt innovations that build on their existing strengths, while they will resist more radical technological advances. While prior work primarily focuses on product innovation, I extend the logic into the business process setting to find that leaders were far more likely to adopt the incremental innovation of internet based e-buying. However, they were commensurately less likely to adopt the more strategically sensitive and complex practice of e-selling. This pattern is remarkably robust, holding across a wide range of industries and controlling for factors such as productivity and related technological capabilities. The results are explicated by a framework I develop for understanding the drivers of this behavior and making it possible to classify business process innovations as radical or not. While greater market share promotes adoption of all types of business process innovations, this effect is outweighed by additional co-invention and coordination costs whenever a technological advance address strategically sensitive and complex business processes that must also span the firm boundary."


(Related) Why the mud is sticky... A short article.

http://www.economist.com/node/16646290

Media's analogue holdouts

Digitisation and its discontents

Why some media outfits still refuse to go online

Jul 22nd 2010



Interesting application of the “move it into” part of “move it into the Cloud.” This could easily expand into a shared backup (even shared processing) application..

http://techcrunch.com/2010/07/27/zumocast-is-like-cloud-storage-without-the-cloud-or-the-cost/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

ZumoCast Is Like Cloud Storage Without The Cloud, Or The Cost

ZumoCast is a new cloud storage service, sorta, minus the cloud. The application streams files directly from your home desktop computer to another Internet connected device.



This will (eventually) be very interesting. Anything you have a “Top Ten” list of get aggregated with everyone's lists to give you an Average ranking. Value will depend on how cleverly you define your list.

http://techcrunch.com/2010/07/27/listiki-offers-a-smart-way-of-gathering-opinion-through-crowdsourced-lists/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29

Listiki Offers A Smart Way Of Gathering Opinion Through Crowdsourced Lists

Listiki (a portmanteau of the words “list” and “wiki”) lets you crowdsource lists of, well, anything. This could be something as trivial as a list of the ‘top ten horror movies’ or something more self-serving like, I don’t know, ’5 must-read tech bloggers’. Lists can be as short or as long as you like and each item may also include a URL.

But here’s the clever bit: any list can, effectively, be cloned so that you can re-order items to your own taste (via drag ‘n’ drop) or even add, delete and/or replace them. Any changes made are interpreted in real time and ripple through to a ‘master’ list, aggregating the opinions of all contributors but without destroying your own version of the list. You can also, of course, view the original lists of other contributors to that subject. It’s pretty neat.



Mainly for teachers, but normal mortals can use it too.

http://www.freetech4teachers.com/2010/07/learn-it-in-5-tech-how-to-videos-for.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

Monday, July 26, 2010

Learn It in 5 - Tech How-to Videos for Teachers

Learn It In 5 is a relatively new site that features short how-to videos for teachers. The videos are intended to help teachers quickly learn how to use some of the the web tools are essential to being a successful user of classroom technology. The videos cover tools like Skype, Diigo, VoiceThread, and more.



For illustrating differences...

http://www.freetech4teachers.com/2010/07/search-credible-26-search-engines-in.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

Monday, July 26, 2010

Search Credible - 26 Search Engines in One

Search Credible is a search service that allows you to access 26 different search engines from one location. Included in the list of search engines Search Credible searches are Wolfram Alpha, EBSCO, ERIC, and the usual suspects such as Google, Bing, and Yahoo. To use Search Credible just enter your search term(s) then click on the search engine of your choice.



This could be HUGE! I can see developing tools for my Statistics class that are far easier to use than Excel...

http://www.freetech4teachers.com/2010/07/wolfram-alpha-launches-custom-widget.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+freetech4teachers%2FcGEY+%28Free+Technology+for+Teachers%29

Tuesday, July 27, 2010

Wolfram Alpha Launches a Custom Widget Builder

Computational search engine Wolfram Alpha has just launched a new widget building tool. The Wolfram Alpha widget builder will allow anyone to create a computational search widget. Once created the widgets can easily be embedded into Blogger, WordPress, iGoogle, and just about any other website or blog service. Published widgets appear in a gallery that is accessible to anyone that registers with Wolfram Alpha.

Creating a Wolfram Alpha Widget is a fairly straight-forward process. To get started, enter a search phrase such as "distance from Boston to New York in inches." In the second step you define the variables for your widget. This second step is the crucial step that I had to try a few times before I got it right. After completing step two the rest of the process is a simple matter of selecting the output format, widget theme, and writing a description of the widget.



A talk by one of my favorite bloggers. Don't let the word Math fool you, this is about teaching technology.

http://teachingcollegemath.com/2010/07/math-technology-to-engage-delight-and-excite-2/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TeachingCollegeMath+%28Teaching+College+Math%29

Math Technology to Engage, Delight, and Excite

We’re in a recession and so is your department budget. Luckily for you, there are lots of great programs and web resources that you can use to teach math, and most of these are free. Use the resources in this presentation to tackle the technology problems that haunt you and capture the attention of your math classes with interactive demonstrations and relevant web content.

Here is the video, audio, and slides from my keynote talk “Math Technology to Engage, Delight, and Excite” from the MAA-Michigan meeting in May 2010. There is also an iPad/iPod-friendly version here.