Tuesday, October 02, 2012

It could be worse, and I think that's their point...
ProjectWestWind: TeamGhostShell hacks and dumps 120,000 records from 100 U.S. and non-U.S. universities
October 1, 2012 by admin
Over on Softpedia, Eduard Kovacs alerts us all to a paste from a group of hackers who call themselves TeamGhostShell. In a paste today on Pastebin, they introduce “ProjectWestWind,” exposing the hacks and vulnerabilities in universities around the world. I’m deleting their rationale and links to data dumps, but here’s a bit of their project description:
Our targets for this release have been the top 100 universities around the world. After carefully filtering the ones that we’ve already leaked before and the ones where Anonymous has in major operations, we have eventually got together a new fresh list. The majority of them should be here. Also, some of us decided to go ahead and add vulnerable links to the other ones anyway, which you can find at the bottom, at “Other Universities”.
side note* We tried to keep the leaked information to a minimum, so just around 120.000+ accounts and records are here, leaving in their servers hundreds of thousands more. (When we got there, we found out that a lot of them have malware injected. No surprise there since some have credit card information stored.)
The following is a list of universities for which data were dumped. The number in parentheses indicates the number of servers the hackers accessed and downloaded data from): [Removed all but the local Univ. Bob]
  • University of Colorado (three servers)
The preceding list does not include their link of vulnerable sites.
So…. what will the U.S. Education Department think about the security of universities that amass tremendous amounts of personally identifiable information on students? What will it do, if anything? I have contacted them and left a message asking for a statement about these breaches and will update this blog entry if/when I get a response.


“Gosh, we had no clue! Do you think we should inplement some security?”
Ca: Criminals hack into high school computer system to access FBI, CIA
October 1, 2012 by admin
Hackers have been using a Bay Area school district’s computer system to try hack into top secret government agencies.
Like all school districts, the San Mateo Union High School District is heavily computerized with general public access and password only access to many of its files, but the district discovered a security breach [Clearly, the district did not discover a breach. The Navy told them they had one... Bob] after receiving a strange communication.
“It seems like a very strange communication because the United States Naval Intelligence contacted us and said that one of our servers had been compromised,” said Kirk Back, the district’s superintendent.
Read more on KTVU.com


I'm concerned that no bank managers caught this... What does that say about their control over operations?
October 01, 2012
CFPB orders American Express to pay $85 million refund to consumers harmed by illegal credit card practices
News release: "The Consumer Financial Protection Bureau (CFPB) today announced an enforcement action with orders requiring three American Express subsidiaries to refund an estimated $85 million to approximately 250,000 customers for illegal card practices. This action is the result of a multi-part federal investigation which found that at every stage of the consumer experience, from marketing to enrollment to payment to debt collection, American Express violated consumer protection laws... The Federal Deposit Insurance Corporation (FDIC) together with the Utah Department of Financial Institutions discovered the illegal activities during a routine examination [and so should any competent manager! Bob] of an American Express subsidiary, the American Express Centurion Bank. The FDIC transferred portions of the investigation to the CFPB when the Bureau opened its doors last year and together the agencies pursued the matter. The CFPB later concluded that many of the same violations that occurred at American Express Centurion Bank also took place at American Express Travel Related Services Company, Inc. and American Express Bank, FSB."


“At least, that's how it looks to us...”
Not From the Onion: Army Says ‘Social Network’ Use Is a Sign of Radicalism
These are some warning signs that that you have turned into a terrorist who will soon kill your co-workers, according to the U.S. military. You’ve recently changed your “choices in entertainment.” You have “peculiar discussions.” You “complain about bias,” you’re “socially withdrawn” and you’re frustrated with “mainstream ideologies.” Your “Risk Factors for Radicalization” include “Social Networks” and “Youth.”
These are some other signs that one of your co-workers has become a terrorist, according to the U.S. military. He “shows a sudden shift from radical to ‘normal’ behavior to conceal radical behavior.” He “inquires about weapons of mass effects.” He “stores or collects mass weapons or hazardous materials.”
That was the assessment of a terrorism advisory organization inside the U.S. Army called the Asymmetric Warfare Group in 2011, acquired by Danger Room. Its concern about the warning signs of internal radicalization reflects how urgent the Army considers that threat after Maj. Nidal Malik Hasan shot and killed 13 people at Ford Hood in 2009. But its “indicators” of radicalization are vague enough to include both benign behaviors that lots of people safely exhibit and, on the other end of the spectrum, signs that someone is so obviously a terrorist they shouldn’t need to be pointed out. It’s hard to tell if the group is being politically correct or euphemistic.
[Interesting chart here Bob]


Those who cannot remember the past are condemned to repeat it.” George Santayana
Article: The Curious History of Fourth Amendment Searches – Orin Kerr
October 1, 2012 by Dissent
More food for thought from Orin Kerr. Here’s the abstract of his new paper, The Curious History of Fourth Amendment Searches:
In United States v. Jones, 132 S.Ct. 945 (2012), the Supreme Court restored the trespass test of Fourth Amendment law: Any government conduct that is a trespass onto persons, houses, papers, or effects is a Fourth Amendment ‘search.’ According to the Court, the trespass test had controlled the search inquiry before the reasonable expectation of privacy test was introduced in Katz v. United States, 389 U.S. 347 (1967). Although Katz had rejected the trespass test, Jones restored it. This essay examines the history of the Fourth Amendment search doctrine and reaches the surprising conclusion that the trespass test never existed. Pre-Katz decisions did not adopt a trespass test, and instead grappled with many of the same questions that the Court has focused on when applying the reasonable expectation of privacy test. The idea that trespass controlled before Katz turns out to be a myth of the Katz Court: Katz mischaracterized Fourth Amendment history to justify a break from prior precedent. Jones thus restores a test that never actually existed. The essay concludes by considering both the doctrinal and theoretical implications of the surprising history of the Fourth Amendment search doctrine.


Not so much a problem with IP protections, but with the mechanics of administering the law?
Ars Technica reports on Judge Posner's weblog, and in particular a recent post on the excessive strength of U.S. copyright and patent law:
"The problem of excessive patent protection is at present best illustrated by the software industry. This is a progressive, dynamic industry rife with invention. But the conditions that make patent protection essential in the pharmaceutical industry are absent. Nowadays most software innovation is incremental, created by teams of software engineers at modest cost, and also ephemeral—most software inventions are quickly superseded. ... The most serious problem with copyright law is the length of copyright protection, which for most works is now from the creation of the work to 70 years after the author’s death. Apart from the fact that the present value of income received so far in the future is negligible, obtaining copyright licenses on very old works is difficult because not only is the author in all likelihood dead, but his heirs or other owners of the copyright may be difficult or even impossible to identify or find. The copyright term should be shorter."
Reader jedirock pointed to a related article on how the patent situation got so out of hand in the first place.

(Related)
"PersonalWeb's software patent suit against Github and others threatens the freedom of the Web. In order to make sure that the Web can remain a free and accessible space for everyone, we need to rid ourselves of all the patents that threaten its viability. We need to end software patents."


This should start the Second Amendment crowd buzzing, but isn't it a First Amendment question? (This is old news in Science Fiction circles) Possible the every law school with have a Gun Printing club?
3-D Printer Company Seizes Machine From Desktop Gunsmith
Cody Wilson planned in the coming weeks to make and test a 3-D printed pistol. Now those plans have been put on hold as desktop-manufacturing company Stratasys pulled the lease [He should have purchased it outright. Bob] on a printer rented out for Wiki Weapon, the internet project lead by Wilson and dedicated to sharing open-source blueprints for 3-D printed guns. Stratasys even sent a team to seize the printer from Wilson’s home.
“They came for it straight up,” Cody Wilson, director of Defense Distributed, the online collective that oversees the Wiki project, tells Danger Room. “I didn’t even have it out of the box.” Wilson, who is a second-year law student at the University of Texas at Austin, had leased the printer earlier in September after his group raised $20,000 online. As well as using the funds to build a pistol, the Wiki Weapon project aimed to eventually provide a platform for anyone to share 3-D weapons schematics online. Eventually, the group hoped, anyone could download the open source blueprints and build weapons at home.
Until Stratasys pulled the lease, the Wiki Weapon project intended to make a fully 3-D printed pistol for the first time, though it would likely be capable of only firing a single shot until the barrel melted. Still, that would go further than the partly plastic AR-15 rifle produced by blogger and gunsmith Michael Guslick. Also known as “Have Blue,” Guslick became an online sensation after he made a working rifle by printing a lower receiver and combining it with off-the-shelf metal parts.


Perspective
A new survey has been published by Pew looking at the adult US population who owns a smartphone or tablet. According to the survey, half of all adults in the US currently have a mobile web connection through a smartphone or tablet. That number is up significantly from a similar study conducted by the Pew Research Center last year.

(Related)
October 01, 2012
UVic Law Student Technology Survey 2012
Rich McCue: "In addition to the technology questions we’ve been asking UVic Law students over the past ten years, we decided for the first year to ask more detailed questions about student use of tablets and e-readers for academic use, along with questions about their usage of “cloud” services for file storage and collaboration. This survey was completed by 126 incoming and transferring law students, which is a strong 90% plus response rate." Some of the survey results summarized as follows:
  • "89% of incoming law students own “Smart Phones” that can browse the internet (up from 84% last year and 50% two years ago), with 48% of the total being iPhones, 29% Android and 11% Blackberry (Blackberry usage down from 27% last year).
  • 31% of students own tablet devices or ebook readers, up from 19% last year.
  • When it comes to reading school related documents, students report reading those documents in bound books 46% of the time, on laptops 35% of the time, on laser printed pages 16% of the time, and on tablet devices 3% of the time.
  • 99% of students own laptops. 49% of laptops are Mac’s, and 48% Windows.
  • The students’ average typing speed is 49 wpm.
  • 68% of all students bring their laptops to school most days.
  • 75% of students use laptops to take class notes, 63% use pen and paper, 6% use tablets and 3% use their cell phones.
  • 53% of students use Gmail as their primary email account, 7% use UVic email and 20% Hotmail..."


For my students?
Do you know how the online services you choose use your data? Do they claim a broad copyright to it, remove your rights to a class-action lawsuit in the USA, or share your information with other companies? Or are they a well-behaved service that respects your rights? The answer to this is in each website’s terms of service – unfortunately, no one has the time to read those. A new service reads websites’ terms of service for you, summarizing what you need to know in a quick, bullet-point list.
… We’ve covered some of the more ridiculous things that can be found in EULAs and terms of services before – one company even offered $1,000 in the middle of their EULA to the first person that contacted them about the offer. It took four months for someone to notice – that’s how few people read EULAs.
Terms of Service; Didn’t Read is an innovative, smart solution to this problem. They read the terms of service for popular websites for you, condensing the terms into an easily understood bullet-point list. If that isn’t enough, they rate websites according to their terms of service, so you can see at a glance if the website respects your rights or tramples on them.
Terms of Service; Didn’t Read also offers browser extensions for Firefox, Chrome, and Safari. You can see information about a website’s terms of service right from your browser, without navigating to any other pages.
… You may also be interested in EULAlyzer, a free Windows program that automatically scans end-user license agreements for programs you install and alerts you to certain phrases in them.


A topic I'm interested in too...
Announcing EDBP.com, a New Website of Best Practices For Attorneys


Handy tools. I use this to demonstrate software the school doen't have (and blocks me from installing)
Portable applications are no secret – they have grown in popularity as their benefits continually become more well known. PortableApps.com should be given a lot of credit for this. Sure there are several portable application suites available, but PortableApps.com has contributed a great amount to how portable applications are being used.
… Now if you are still sitting on the fence wondering whether you should use portable applications, let alone PortableApps.com, I highly encourage you to check out 3 Ways The Portable Apps Platform Will Make Your Life Easier by Jessica. I can almost guarantee that you’ll be eager to use it after reading her article.


I'm teaching Statistics again this Quarter, so this will likely be a handout...
"A recent paper published in PNAS describes statistical techniques for clearly displaying the presence of two types of electoral fraud (PDF) — 'incremental fraud' (stuffing of ballot boxes containing genuine votes with ballots for the winning party) and 'extreme fraud' (reporting completely contrived numbers, typically 100% turnout for a vote-counting region, with 100% voting for the winning party). While the techniques would require skill with statistical software to apply in real time, the graphs produced in the paper provide tools for the interested non-statistician to monitor an election 'live.' Examples are discussed with both 'normal' elections, fraud by the techniques mentioned, and cases of genuine voter inhomogeneity. Other types of fraud, such as gerrymandering and inhibiting the registration of minority voters, are not considered."


For my Math students
Eight Alternatives to Buying Scientific Calculators


A 20 minute TED video worth watching...
Amy Cuddy: Your body language shapes who you are
Body language affects how others see us, but it may also change how we see ourselves. Social psychologist Amy Cuddy shows how “power posing” -- standing in a posture of confidence, even when we don’t feel confident -- can affect testosterone and cortisol levels in the brain, and might even have an impact on our chances for success.
Amy Cuddy’s research on body language reveals that we can change other people’s perceptions — and even our own body chemistry — simply by changing body positions.

No comments: