Tuesday, December 11, 2012

Can anyone send your application a “self-destruct” code? This could be rather important strategically. As infrastructure becomes more complex, it becomes more fragile. And (apparently) not all points of failure are well documented.
Google Accidentally Transmits Self-Destruct Code to Army of Chrome Browsers
Google’s Gmail service went down for about 20 minutes on Monday. That was annoying, but not exactly unprecidented. These sorts of outages happen all the time. What was strange is that the Gmail outage coincided with widespread reports that Google’s Chrome browser was also crashing.
Late Monday, Google engineer Tim Steele confirmed what developers had been suspecting. The crashes were affecting Chrome users who were using another Google web service known as Sync, and that Sync and other Google services — presumably Gmail too — were clobbered Monday when Google misconfigured its load-balancing servers.
… “It’s due to a backend service that sync servers depend on becoming overwhelmed, and sync servers responding to that by telling all clients to throttle all data types,” Steele said. That “throttling” messed up things in the browser, causing it to crash.
This may be a first. Bad webpage coding can often cause a browser to crash, but yesterday’s crash looks like something different: widespread crashing kicked off by a web service designed to help drive your browser.
Think of it as the flip side of cloud computing. Google’s pitch has always been that its servers are easier to use and less error-prone than buggy desktop software. But the Sync problem shows that when Google goes down, it can not only keep you from getting your e-mail — it can knock desktop software such as a browser offline too.

(Related) I imagine the Pentagon watched these with concern that it was the start of “the next Pearl Harbor” and if not, why not?
Facebook Is Down, Mobile Apps Still Working For Some — Second Big Tech Outage Of The Day (Update: It’s Back)
According to our own tests, as well as reports on Twitter, Facebook is down for a vast number of users. It’s the second big outage of the day after Google’s.


If true, what does it say about the average security of government agencies?
GhostShell claims breach of 1.6M accounts at FBI, NASA, and more
Team GhostShell, the hacktivist collective, said today that it has stolen accounts from a large number of government agencies, contractors, and security firms, posting information from 1.6 million accounts online.
Dubbed Project White Fox, the hacking project appears to have affected NASA, the FBI, the Pentagon, and Interpol, among many others. The hackers announced their work in a file posted on Pastebin.
… GhostShell is said to be loosely connected to hacktivist network Anonymous. The Next Web notes that GhostShell previously made headlines in October, when it breached 100 universities and leaked more than 100,000 student records online. It later declared "war" on Russia to protest government repression.


We know WHAT, do we know WHY?
Public Buses Across Country Quietly Adding Microphones to Record Passenger Conversations
… The use of the equipment raises serious questions about eavesdropping without a warrant, particularly since recordings of passengers could be obtained and used by law enforcement agencies.
It also raises questions about security, since the IP audio-video systems can be accessed remotely via a built-in web server (.pdf), and can be combined with GPS data to track the movement of buses and passengers throughout the city.


In the news, but nothing really new.
December 10, 2012
FTC's Latest Kids’ App Report Finds Little Progress in Addressing Privacy Concerns
News release: "The Federal Trade Commission issued a new staff report, Mobile Apps for Kids: Disclosures report Still Not Making the Grade, examining the privacy disclosures and practices of apps offered for children in the Google Play and Apple App stores. The report details the results of the FTC’s second survey of kids’ mobile apps... Staff examined hundreds of apps for children and looked at disclosures and links on each app’s promotion page in the app store, on the app developer’s website, and within the app. According to the report, “most apps failed to provide any information about the data collected through the app, let alone the type of data collected, the purpose of the collection, and who would obtain access to the data. Even more troubling, the results showed that many of the apps shared certain information with third parties – such as device ID, geolocation, or phone number – without disclosing that fact to parents. Further, a number of apps contained interactive features – such as advertising, the ability to make in-app purchases, and links to social media – without disclosing these features to parents prior to download.”


Apparently it is difficult to tell “outrage” from “Jealousy” but since these companies are smart enough to follow the established procedures for minimizing their taxes, what is there to be outraged about? Oh, yeah. “I'm too dumb to do that.” (Beware of any rant including the word “fair”)
"After the ongoing row about companies not paying a fair share of tax in the United Kingdom, and with companies such as Starbucks, Amazon and Google being in the headlines, focus has now turned to Microsoft. Whilst the tax arrangements are strictly legal, there has been outrage on how companies are avoiding paying their fair share of tax generated in the country."
And over here in the U.S., dstates sent in new of Google getting caught doing something similar:
"Bloomberg reports that Google is using Bermuda shell companies to avoid paying billions of dollars in taxes world wide. By routing payments and recording profits in zero tax havens, multinational companies have been avoiding double digit corporate taxes in the US and Europe. Congressional hearings were held in July on the destructive consequences of off shoring profits. Why aren't the US and Europe exerting more diplomatic pressure on these tax havens that are effectively stealing [Even though they get “zero taxes?” Bob] from the US and European treasuries by allowing profits that did not result from activities in Bermuda or the Cayman Islands to be recorded as occurring there?"


This could be generalized for other types of organizations...
FERPA and the Cloud: Why FERPA Desparately Needs Reform
December 10, 2012 by Dissent
Dan Solove writes:
The Family Educational Rights and Privacy Act (FERPA) is in dire need of reform. In so many ways, the statute fails to address the key issues that schools are facing. In this essay, I will address how FERPA’s shortcomings impact a specific issue – cloud computing.
[...]
Selecting a Cloud Provider
FERPA says little about selecting a cloud provider. As I wrote in an earlier essay, there are numerous issues that schools ought to consider when choosing a cloud provider, and many terms that schools should ensure are included in an agreement with a cloud provider.
Read more on SafeGov.


Also searches for courses...
Students search for educational videos to learn about subjects all the time. But educational videos on the same subject can be of a various nature and not take the approach that you were hoping. Here to help is a source of educational videos that lets you search for videos based on the words spoken in them; this source is called Mobento.
Mobento is a free to use online web service that offers its users the ability to stream numerous educational videos.

No comments: