Wednesday, March 13, 2013

Personally, I have no reason to list Canadians, eh?
By now, everyone’s probably heard that a lot of famous people had their details exposed on the Exposed.su web site. By the time the site was taken offline, over 234,000 visitors had viewed personal information on Michelle Obama, Kim Kardashian, Vice-President Joe Biden, FBI Director Robert Mueller, Former First Lady and Secretary of State Hillary Clinton, Attorney General Eric Holder, Chief of Los Angeles Police Department Charlie Beck, Mel Gibson, Ashton Kutcher, Jay Z, Beyonce, Paris Hilton, Britney Spears, former Governor and Vice-Presidential candidate Sarah Palin, Hulk Hogan, Donald Trump, Arnold Schwarzenegger, and former Vice-President Al Gore. TMZ broke the story Monday. Since then, the media has been having a field day.
Names, addresses, Social Security numbers, dates of birth, current and former addresses, and credit reports – it was all there, although credit reports were not included for everyone. At least some of the data appears to be accurate, according to the Associated Press.
But who did it and how? No one knows as yet, but everyone’s running around investigating, but it appears that the credit reports were obtained by individual(s) who had sufficient information to be able to impersonate the famous people and access their credit reports by authenticating as them. Jordan Robertson of Bloomberg News obtained statements from the major credit report brokers – Equifax, TransUnion, and Experian – about how credit reports from their databases wound up compromised.

(Related) Is this how they did it?
The Shockingly Easy Process Behind The Celebrity Credit Report "Hacks"


Cyber crime is growing in Europe?
European governments and businesses should investigate alternative communication channels to e-mail in the longer term after a string of alarming attacks, the EU’s cyber security agency warned today (13 March) in a special alert.
The European Network and Information Security Agency (ENISA) issued the so-called Flash Note in the wake of “recent major cyber-attacks”, calling for Europe’s businesses and governments to take urgent action to combat emerging cyber-attack trends.
Read more on EurActiv

… and shrinking at home? Did the government realize it was over-hyping their message (making themselves appear incompetent) or have they got the budget they wanted? Perhaps there is a different message for Congress and us second-class citizens.
Spy Chief Says Little Danger of Cyber ‘Pearl Harbor’ in Next Two Years
Contrary to much of the fear-mongering that has been spreading through the nation’s capital on cybersecurity matters lately, the director of national intelligence bucked that trend on Tuesday when he told a senate committee that there was little chance of a major cyberattack against critical infrastructure in the next two years.

(Related) Yep. A message for Congress... Apparently someone muttered, “What did we give you all that money for?” So now they have to seem successful...
Spy Chiefs Point to a Much, Much Weaker Al-Qaida
Don’t ever expect the heads of the U.S.’ 16-agency spy apparatus to say it outright. But the testimony they provided Tuesday morning to a Senate panel described al-Qaida, the scourge of the U.S. for 12 years, as a threat that’s on the verge of becoming a spent force, if they’re not already.

(Related) On the other hand...
"For the first time, the United States has mentioned the People's Republic of China in relation to cyber crime, officially acknowledging what has been long suspected by private security experts and the U.S. business community. The Obama Administration seeks to get the Chinese government to acknowledge the problem, to cease any state-sponsored hacker activity, and to start a dialogue on normative behavior on the internet. This announcement follows the recent 60-page report from the American cybersecurity firm Mandiant, who spent two years compiling evidence against the so-called 'Comment Crew.' They traced IP addresses, common behavior, and tools to track the group's activity, which led to a Shanghai neighborhood home to the People's Liberation Army (PLA's) Unit 61398. This tracking came at the behest of the Times, who has experienced some trouble with hacking in the past. The Chinese government rejected the report as 'unprofessional' and 'lacking technical evidence.' This announcement also comes amid a delicate leadership transition in China and numerous new reports on the vulnerability of U.S. business and government networks to attack."


If I look in Janes' “All the World's Drones” I can probably find enough information to create my own using a 3D printer...
Tiny, Suicidal Drone/Missile Mashup Is Part of U.S.’ Afghanistan Arsenal
… Unlike every other drone in military use, the Switchblade only looks like an aircraft once its wings unfold, following a launch from a tube. Once in the air, the Switchblade’s size limits its flight time, but its cameras send a video feed back to a remote operator who could be a dismounted soldier. AeroVironment bills it as a tool for pursuit of an adversary on the move or for close air support-in-a can for troops pinned down by enemy fire. That’s because once a target comes into view, the operator can send the Switchblade on a one-way mission, careening it into an enemy position to detonate. It can also be pre-programmed to hit a set target.


plus ça change, plus c'est la même chose.” France was once great and by keeping everything unchanged they can believe it still is... (Never consider forcing telecoms to move into the digital age...)
"Skype made a name for itself by largely bypassing the infrastucture — and the costs, and the regulations — of the legacy telecommunications industry. But now the French telecom regulator wants to change that, at least in France. At issue is not the service's VoIP offering, but rather the Skype Out service that allows users to dial phones on traditional networks. Regulators say that this service necessitates that Skype face the same regulations as other telecoms."


Yesterday, I had my students de-anonymize some data. Tomorrow we may build a Facebook profile for the perfect job candidate or serial killer, whichever is more amusing.
Study: Facebook Likes Can Be Used to Determine Intelligence, Sexuality
If you like thunderstorms, The Colbert Report or curly fries on Facebook, you’re a genius. If you like Sephora, Harley-Davidson or the country-western band Lady Antebellum, you’re not.
That might go without saying, but the brainiacs at the University of Cambridge Psychometrics Center and Microsoft Research Cambridge have the data to prove it – and a lot of other things about you, too. They analyzed the Likes of 58,466 volunteers and were able to determine with surprisingly high accuracy a range of personal information that some Facebook users may not have made public, including their sexuality, where they worship, how they’ll vote in the next election and what their IQ is.
Simply by delving into volunteers’ Likes, the researchers could determine in 95 percent of cases whether a person was Caucasian or African American and in 88 percent of cases whether the person was heterosexual or homosexual. They could determine whether the person is Christian or Islamic 82 percent of the time.


Do we have good law and a bad narrative or the opposite?
Ask yourself why a European privacy regulator can propagate the preposterous view publicly that the US has “no effective privacy laws.” And lots of people seem to believe that. And why does it matter?
On the global stage, Europe is convincing many countries around the world to implement privacy laws that follow the European model. The facts speak for themselves: in the last year alone, a dozen countries in Latin America and Asia have adopted euro-style privacy laws. Not a single country, anywhere, has followed the US-model.

(Related) ...but let's be careful what we brag about... They can't mean you must mail the customer a bill without the zip-code on the envelope, can they?
Massachusetts’ top court has ruled that consumers whose ZIP codes are retained by retailers in the state can sue for a violation of state privacy law.
The decision issued Monday by the Massachusetts Supreme Judicial Court paves the way for a would-be class action against Michaels Stores, the Patriot Ledger and the National Law Journal report. The court ruled in response to certified questions by a federal judge considering the consumer lawsuit.
Read more on ABA Journal.
[From the ABA article:
The suit claims Michaels used ZIP code information to look up customers' phone numbers and addresses so the retailer could send them marketing materials. [So it can't be zip-code alone Bob] State law bars companies from requesting personal information unless it is needed for shipping or it is required under the credit card agreement, the Patriot Ledger says.


Was there a similar debate over fingerprints or 'mug shots?”
David H. Kaye has an article in the 60 UCLA L. Rev. Disc. 104. Here’s the Abstract:
For nearly a decade, DNA-on-arrest laws eluded scrutiny in the courts. For another five years, they withstood a gathering storm of constitutional challenges. In Maryland v. King , however, Maryland’s highest court reasoned that usually fingerprints provide everything police need to establish the true identity of an individual before trial and that the state’s interest in finding the perpetrators of crimes by trawling databases of DNA profiles is too “generalized” to support “a warrantless, suspicionless search.” The U.S. Supreme Court reacted forcefully. Chief Justice Roberts stayed the Maryland judgment, writing that “given the considered analysis of courts on the other side of the split, there is a fair prospect that this Court will reverse the decision below.” The full Court then granted a writ of certiorari. This essay examines the opinions listed by the Chief Justice and finds their analysis incomplete. I outline the Fourth Amendment questions that a fully considered analysis must answer, identify questionable dicta on the definition of “searches” and “seizures” in the opinions, describe a fundamental disagreement over the analytical framework for evaluating the reasonable warrantless searches or seizures, and criticize a creative compromise in one of the opinions that would allow sample collection without DNA testing before conviction. I conclude that in King , the Supreme Court not only must assess the actual interests implicated by pre-conviction collection and profiling of DNA, but it also should articulate the appropriate framework for evaluating the reasonableness of warrantless searches in general.
Via Concurring Opinions
You can download the full article here (pdf).


Amazon's business model (and a look at e-conomics)
Why Amazon Prime Could Soon Cost You Next to Nothing
Over the past few years, the arithmetic behind Amazon Prime has become one of online shopping’s most familiar math problems: Do I buy enough from Amazon to justify paying $79 per year for unlimited two-day shipping?
But this calculus could soon change. Amazon makes so much money off Prime customers, according to a new report, that the company could drop the fee by dozens of dollars and still come out ahead.
As heavily as it promotes Prime, which also comes with free Netflix-style streaming video and access to the Kindle lending library, Amazon is equally circumspect about how well the program performs. In the heated debate over whether a company with profits as meager as Amazon’s deserves such a high-flying stock, that information gap leads partisans both pro and con to play Prime as a wildcard in support of their claims.
Bullish analysts at Morningstar teamed with Consumer Intelligence Research Partners (CIRP) to dig into what is known about Amazon to come up with some reasonable estimates of the numbers behind Prime. The results are startling.
Amazon started its fiscal 2012 with a little fewer than 7 million Prime members and ended with nearly 10 million, largely thanks to the free Prime promotion that comes with the purchase of the company’s bestselling Kindle Fire. That increase alone represents a huge coup for Amazon, an awesome display of locking in customer loyalty. As the report points out, those millions of people spending $79 each are all incurring a major “switching cost” — in other words, since they’ve shelled out so much to enjoy special privileges for shopping at Amazon, they’re less likely to shop elsewhere.


Do Billionaires use the library? Do they even read?
March 12, 2013
New on LLRX - A national digital library endowment
Via LLRX.com - A national digital library endowment: How America’s billionaires could be modern Carnegies for real - David H. Rothman discusses how e-books, collections of electrons, not atoms, come with special advantages. They eliminate physical-shelving costs and are especially useful for blind people and others with special needs. Digital technology can also help multiply the selection of books for residents of small towns as well as large cities with underfunded neighborhood library branches. This technology can likewise drive down the costs of providing best-sellers and help with popularizing authoritative information on key issues such as health and finance.

Any book published anywhere, anytime...
March 12, 2013
Commentary - Why We Miss the First Sale Doctrine in Digital Libraries
John Palfrey: "Publishers, ebook vendors, and libraries are engaged in a “tug of war” over the lending of electronic books, according to Library Journal’s recent ebook survey. This clash inhibits most libraries from fulfilling their important institutional missions to provide access to knowledge and preserve our cultural heritage. In the best case, this tug of war will be a temporary struggle. The best outcome is not a winner who holds all the rope and another lying on the ground with rope-burned hands. If there must be a winner of any kind, it ought to be the reading public."
[From the article:
In this article, the fourth installment in a series on the initiative to build a Digital Public Library of America, I examine the underlying role of law in the ebook lending debate, explore potential solutions to the problems, and consider how the DPLA can contribute to solutions for those we serve. At the core of this issue is the way the copyright law works–or doesn’t–when it comes to books, libraries, and readers in the United States today and into the future.


Is this just to tweek the DoJ or does he gain some support this way?
Kim Dotcom’s Floating Head Speaks to SXSW via Skype
In one of the more surreal discussions at SXSW, Kim Dotcom, the notorious founder of Megaupload, spoke to an audience via Skype on Monday afternoon, appearing in front of an all-black background and in all-black clothes that gave him the floating-head quality of a Great and Powerful Oz.
… Currently banned from leaving New Zealand and awaiting extradition to the United States over criminal copyright infringement related to Megaupload, the German national sees himself as a target of U.S. political repression rather than an online racketeer, and vowed that regardless of what happens next, “I will never be in a prison in the U.S. I can guarantee you that.”
While it’s impossible to claim Megaupload wasn’t used to transfer copyrighted material from one user to the next, Dotcom said his popular service was much more than an online storage locker for pirates. He noted the company had 220 employees, a potential IPO valuation of over $2 billion, and users in nearly every facet of society from the thousands of accounts registered by the Brazilian government for sending attachments to the 15,000 soldiers he says used Megaupload to send photos and videos to loved ones.
Dotcom added that only 10 percent of Megaupload users were registered in the U.S. and that ”of all the files uploaded to Megaupload, half had never been downloaded, not once. That shows people were using it for storage more than anything else.”


Researching current events in real time?
Twitter search has its limits. For one, you can only search back so far, with Twitter making public search results available only for a limited period of time. That said, there are a few tips and tricks you can use to make sure that you find the most important search results, and you can even bend the Twitter rules, searching a little further back than the social network’s own search engine allows.
… Did you know that you can use Google-like search operators on Twitter to narrow down your searches? There are quite a few advanced search features that you can take advantage of, simply by including certain parameters alongside your keywords.
… See more ways you can take advantage of Twitter search operators here.
Topsy
If you’re using Twitter for social media marketing, using a site like Topsy can provide invaluable information. Topsy allows you to filter your search results based on certain categories. Narrow down the results to display tweets only with photos, with links or with videos. Topsy also makes it easy to narrow down your results by time, showing only those from the past hour, past four hours, past day, past seven days, past 30 days, and all time.
TwitLamp
TwitLamp is a great Twitter search service if you’re interested in narrowing down your search results by a certain type. When you first authorize TwitLamp to access your Twitter account, it will filter your timeline for you based on the following categories – photos, videos, audio, links, text and hashtags. It will tell you how many tweets are included in each category, and will notify you when there are new updates that fit each category.
SnapBird
If you want to bend the Twitter rules a bit, SnapBird lets you search beyond the time limit imposed by Twitter. The bad news is that it won’t allow you to search the pubic timeline. The only way you can use Snapbird is to search your own timeline, or that of another user. That said, it’s still pretty handy, especially if there’s a tweet by someone you spotted and don’t want to scroll through their timeline to find it again.


Another research tool?
The quote in the title is from www.muckrock.com/about/. And that is exactly what MuckRock is all about: Making FOIA (Freedom of Information Act) requests for you (and investigative reporters) so you don't have to deal with the often-daunting paperwork and runarounds you may run into when you try to pry information out of a recalcitrant government agency. In theory, most government information is public. In practice, many local, state and federal government bodies would just as soon never tell you anything. This is why Tim Lord talked with MuckRock co-founder Michael Morisy, and why we're running this interview in the middle of Sunshine Week, which exists "...to educate the public about the importance of open government and the dangers of excessive and unnecessary secrecy."


I'll mention this to my students, but I doubt they will find it attractive given the alternatives.
Microsoft announced this week that it’s expanding its Office 365 University free trial to 3 free months, with 3 further months offered to students who share the offer on Facebook. In addition, students can get 20GB of additional SkyDrive storage. The free trial is available to enrolled full- and part-time university and college students, and faculty and staff in accredited institutions.
… Office 365 University includes access to the latest versions of Microsoft’s cross-platform desktop applications, including Word, Excel, PowerPoint, OneNote, its Web mail and calendar program, Outlook, and its pictures application, Publisher. After the free trial, the suite is available at a discounted student price of $80 for 4 years.
… To qualify for the 3 months of services, students will need to provide their .edu email address on the OfficeForStudents.com site, where they must also register and sign into a Microsoft account. The account will be used to manage your Office installs and benefits available as part of the subscription. With a registered Microsoft account, you can also get the additional 3 months of access by sharing the trial offer on Facebook. In turn, you will get a link to an extra 3 free months of trial access.

No comments: