Dilbert was listening on Friday! This
is exactly what we were discussing. The Privacy Foundation had one
of its better Seminars, with insightful and inciting exchanges from
the panel and attendees. Fortunately, dueling is no longer the
preferred method for resolving such discussions...
Forward this to your Security Manager
"A new open source scanning
tool has been released by engineers at independent security
testing firm NSS Labs that can be used to detect Duqu drivers
installed on a system. The tool was developed with the goal
of discovering any additional drivers, and to enable researchers
to learn more about the functionality, capabilities and ultimate
purpose of the Duqu malware."
The problem I have with “reputation”
based systems is that it worked so well and so long for Bernie
Madoff...
"With all the publicity about
breaches of SSL certificate authorities and a hack that exploits a
vulnerability in the supposedly secure protocol, it's time
to consider something else to protect Internet transactions. If
only there were something else to turn to. Protecting SSL and its
updated version TLS is vital because they support most e-commerce
transactions by setting up end-to-end encrypted sessions that are
authenticated, and that requires certificates that are verified by
certificate authorities. One new model for authentication is called
Convergence, and it similar to
one being trialed at Carnegie Mellon University called Perspectives.
Rather than trusted third parties whose trust can't be assured,
SSL/TLS authentication would rely on a reputation system of
verification."
Think of it as an “Inverse Catch 22”
Having a law that every second-class citizen breaks (exhaling
spreads germs and is illegal) means the “True Citizens” can
decide to enforce the law at any time.
Privacy
Victims by the Million: Federal Law Turns Parents and Children into
Liars … and Criminals?
November 5, 2011 by Dissent
Over on Volokh.com, Stewart Baker uses
Danah
Boyd’s new study on under-age kids signing up for Facebook with
their parents collaboration to lambast COPAA. He writes, in part:
Teaching kids to
lie isn’t exactly a government policy to be proud of. But federal
law has another unintended legal consequence in store for those
parents and kids. As Orin
Kerr and I have pointed out, Facebook users who violate the
site’s terms of service also violate the Computer Fraud and Abuse
Act, at least according to the Justice Department. Which would make
every one of those parents and children guilty of a federal
misdemeanor.
By my count,
that’s well over ten million misdemeanors, not to mention ten
million privacy victims.
Now, you might
ask, “Who the hell is the government to take away the decision
whether my kids can join Facebook?” Actually, most parents feel
exactly this way. When the
study asked them who should have the final say about whether or
not their child should be able to use online services, 93% chose the
parents, 3% opted for the company providing the service, 2% chose the
government, and 2% would leave the decision to the child.
So how did we end
up with an online regime that is this intrusive, stupid, and
unpopular?
It wasn’t easy.
It took a lot of lobbying, and the story may help
explain why we have so many stupid privacy rules.
Read more on The
Volokh Conspiracy.
As my Security by Design students
discovered, you have to do some serious investigation to find little
flaws, like “our servers are in North Korea.”
"Dropbox last month launched
its Teams service, targeted at small and mid-sized businesses — but
acknowledges it's
not PCI-, HIPAA- or Sarbanes-Oxley compliant. Company executives
say they also don't provide a highly visible warning largely because
customers in beta tests didn't make it an issue. Should
cloud services focused at businesses provide clear warnings if they
are not compliant with key regulatory requirements, or should
business customers just assume they are not?"
[Since companies are incapable of “A” I would suggest “B”
Bob]
Perhaps a business model that provides
“failsafe” access when companies die?
antdude
points out this article at opensource.com on the "graveyard"
of digital rights management schemes — the death of each of
which has left customers out in the cold. An excerpt:
"There are
more than a few reasons digital rights management (DRM) has been
largely unsuccessful. But the easiest way to explain to a consumer
why DRM doesn't work is to put it in terms he understands: 'What
happens to the music you paid for if that company changes its mind?'
It was one thing when it was a theoretical question. Now it's a
historical one ..."
Perspective: The “If This Then That”
website creates ways to completely overrun your data limits...
Automatically! (My selections from their selections)
10
Great ifttt Recipes To Automate Your Web Life
We’ve already introduced you to ifttt
in a previous
post
… To save you even more time and
effort, I’ve assembled a list of 10 of the best Recipes that are
currently available. With more than 5,000 public Recipes to browse
through, here are the gems (in no particular order):
Receive
An SMS Message Every Time Facebook Makes A Change [Great
for stalkers! Bob]
Arrrrrrrrgh! The case that will not
die! (Some interesting things said about lawyers in the comments)
phands
writes
"SCO has
moved to partially reopen their 10 year old lawsuit against IBM.
Unbelievable! Details
at Groklaw."
From the article, quoting SCO's filing:
"SCO respectfully requests that the Court rule on IBM’s Motion
for Summary Judgment on SCO’s Unfair Competition Claim (SCO’s
Sixth Cause of Action), dated September 25, 2006 (Docket No. 782),
which motion is directed at the Project Monterey Claim, and IBM’s
Motion for Summary Judgment on SCO’s Interference Claims (SCO’s
Seventh, Eighth and Ninth Causes of Action), dated September 25, 2006
(Docket No. 783), which motion is directed at the Tortious
Interference Claims."
This could be useful. Can I build my
own Siri?
Give
Your Computer A Voice With eSpeak [Windows & Linux]
Install eSpeak and you can make your
computer say anything, in a wide variety of
languages.
Looking for a lightweight text
to speech program? Whether you want to listen to your favorite
blog while doing the dishes, or just make your computer say naughty
words to your friends so you can giggle like schoolchildren, eSpeak
is a great tool for the job. It’s “a compact open source
software speech synthesizer for English and other languages”
according to its website. You can use official versions of eSpeak on
Linux and Windows.
… You can save any particular
string of speak to a .WAV file, perfect for dubbing over creepy
footage for anonymous revolutions.
… Ready to install eSpeak? Find
the download here.
No comments:
Post a Comment