Saturday, April 13, 2013

“Famous is as famous does” to misquote Forrest Gump
"Two hundred hackers from around the world gathered at a Miami Beach hotel Thursday and Friday for the Infiltrate Security conference, which focuses on systems hacking from the 'offensive' perspective (with slides). In a keynote address, Stephen Watt, who served two years in prison for writing the software used by his friend Alberto Gonzalez to steal millions of credit card numbers from TJX, Hannaford and other retailers, acknowledges he was a 'black hat' but denies that he was directly involved in TJX or any other specific job. Watt says his TCP sniffer logged critical data from a specified range of ports, which was then encrypted and uploaded to a remote server. Brad 'RenderMan' Haines gave a presentation on vulnerabilities of the Air Traffic Control system, including the FAA's 'NextGen' system which apparently carries forward the same weakness of unencrypted, unauthenticated location data passed between airplanes and control towers. Regarding the recent potential exploits publicized by Spanish researcher Hugo Teso, Haines says he pointed out similar to the FAA and its Canadian counterpart a year ago, but received only perfunctory response."


I had never heard of a “database right.” Who says I'm too old to learn new words? (Note that they did not cancel his userid when he left the firm.)
Out-Law.com reports:
A man who sold databases belonging to a former employer on eBay has been found guilty of database rights infringement.
The High Court also found the man who purchased the databases, and the woman who subsequently marketed them for sale to others, guilty of database rights infringement.
The employee, referred to as ‘Mr Wall’ in the High Court’s judgment, admitted to using login details he was given whilst employed by Executive Grapevine International Limited (Grapevine) to access Grapevine’s database after he had left his employment at the firm.
Read more on Out-Law.com


I often think, nothing teaches as good as a bad example. Here's how NOT to do it.
Last summer we followed the odd case of lawyer Charles Carreon, as he went after Matthew Inman, creator of The Oatmeal webcomic, with legal threats. Carreon had been hired by FunnyJunk, a website Inman accused of stealing his comics. Carreon demanded $20,000 in compensation for Inman's "false accusations." Inman declined, and then used the publicity to solicit over $200,000 in donations, which he gave to charity after sending Carreon photographs. Carreon dropped the suit against Inman, but the saga continued. A satirical website was set up about Carreon, which caused him to invoke the legal system again. The article documents the absurdities, which included further legal action and a song. Now, however, Carreon is reaping what he has sown; a judge has ordered him to pay over $46,000 for his role in the legal circus.


Once again, cities have the opportunity to install (and therefore own) the fiber connections to their citizens (and schools and businesses...) If “universal access” is truly desireable, this is how to achieve it. Once in place, cities have a continuous stream of income from the ISPs, cable and other entities renting access on the “last mile” connections.
"A few years ago, when Google was determining which city to launch its pilot Google Fiber program, cities all over the country went all-out trying to persuade the search giant to bring all that fantastical bandwidth to their neck of the woods. And with good reason: Google Fiber offers gigabit Internet speeds and even TV service, all at prices that meet or beat the competition. In fact, the lowest tier of Google Fiber service (5Mbps down, 1Mbps up) is free, once users pay a $300 construction fee. If ISPs were concerned before, they should really start sweating it now. Although Google Fiber looked like it would whip traditional ISPs in every regard, with Time Warner Cable cutting prices and boosting speeds for users in Kansas City in a desperate attempt to keep them, surely other ISPs were hoping the pilot program would flame out. Now that Austin is happening, it's clear that it's only a matter of time before Google rolls out its service in many more cities. Further, this jump from legacy Internet speeds to gigabit-class service is not just about people wanting to download movies faster; it's a sea change in what the Internet is really capable of."


For my Math students.
10 Good Video Sources for Math Students and Teachers
WowMath.org is developed by high school mathematics teacher Bradley Robb. His YouTube channel has more than six hundred videos covering topics in Algebra and Calculus. You can access the videos on a mobile version of WowMath too.
Numberphile is a neat YouTube channel about fun number facts. There are currently thirty-three videos in the Numberphile collection. The videos cover things like 998,001 and its Mysterious Recurring Decimals, Pi and Bouncing Balls, and 1 and Prime Numbers.
Bright Storm is an online tutoring service. On their YouTube channel Bright Storm provides hundreds of videos for Algebra I, Algebra II, Trigonometry, Precalculus, and Calculus. Bright Storm also offers some SAT and ACT prep videos.
Ten Marks is another online tutoring service that offers mathematics tutorial videos on their site as well as on their YouTube channel. Some of the lessons in their playlists include lessons on units of measurement, decimals, fractions, probability, area and perimeter, and factoring.
Math Class With Mr. V features seven playlists made by a mathematics teacher teaching lessons on basic mathematics, geometry, and algebra. In all there are more than 300 video lessons. Like most mathematics tutorials on YouTube, Math Class With Mr. V uses a whiteboard to demonstrate how to solve problems.
The Open University is one of my go-to YouTube channel for all things academic. A quick search on The Open University reveals seven playlists that include lessons in mathematics. The lessons that you will find in these playlists are more theoretical than they are "how to" lessons.
Yay Math! features an excited teacher teaching mathematics lessons to his students. The videos capture just the teacher and his whiteboard with some feedback from students. The videos cover topics in Algebra and Geometry. You can check out the Yay Math! companion website to learn more about Robert Ahdoot, the teacher featured in the videos.
Knowmia is a website and an iPad app for creating, sharing, and viewing video lessons. The website portion of Knowmia is a collection of videos made by teachers for students. There are roughly 10,000 videos in the Knowmia collection right now including lots of instructional math videos. Many of the videos are pulled from YouTube while others are hosted on Knowmia. The videos are arranged by subject and topic. Registered teachers can upload and tag their own videos.
Math Doctor Bob's YouTube channel was suggested by a reader using the Disqus ID Npisenti. Math Doctor Bob offers nearly 700 video lessons on statistics, algebra I and II, calculus, geometry, and much more. The lessons feature Doctor Bob giving the lesson in front of a whiteboard so you see him and don't just hear his lessons.
Patrick JMT [Another YouTube channel Bob]


For my Website students
5 Good Places to Learn to Write HTML
A Beginner's Guide to HTML & CSS is a nice resource developed by Shay Howe whose resume reveals that he works on the user interface for Groupon among other projects. There are currently ten text-based lessons for beginners. Once you've mastered the beginner lessons you can try your hand at the advanced lessons.
Codecademy is a place where anyone can learn how to write code. Codecademy offers lessons in basic HTML and CSS. Codecademy's lessons in basic HTML start with the very basics of explaining what HTML is, what it does, and how to write the basics. There are seven progressively more difficult lessons that students can work through on their own.
Thimble is a free Mozilla product designed to help users learn how to write HTML and CSS. Thimble features a split screen on which you can write code and see how it works at the same time. On the left side of the screen you write your code and on the right side of the screen you instantly see what that code renders.  The latest version of Thimble gives you the option to start from scratch or to modify sample projects. The sample projects include directions for writing code. If you write the code correctly, you will know right away. Likewise, if you don't write the code correctly, you will know right away. Some of the sample projects you can work with include webpages, games, and avatars.
w3Schools has long been my go-to place for quick directions when working in HTML. If I get stuck while working on a project, a quick visit to w3Schools usually reveals the help I need to get past a stumbling block. If you're brand new to writing HTML start with the introductory sections of w3Schools to learn the basics.
YouTube is another of my go-to places for tutorials on writing HTML and many other things. Whether you want an introduction to writing HTML or you just need a quick tutorial to get you past one little obstacle in your code, there's probably a video for you. Here's one very popular video for beginners.


For my Intro to IT students, and my Math students who are already using WolframAlpha.
WolframAlpha Facebook Report
WolframAlpha will provide you with an extremely detailed analysis of your own Facebook data including visualizations, world clouds, graphs, and more.
Here’s how:
  1. Type “Facebook Report” and execute the search.
  2. Allow WolframAlpha to have access to your Facebook account by clicking on “Analyze my Facebook Data” and following the directions.
  3. Wait while the data is analyzed.
Note: Sometimes the report seems to stall after 100% of the data is analyzed. If this happens, simply repeat steps 1-3. The second time, the report seems to load just fine.

Friday, April 12, 2013

Depending on the actor, would this qualify as an “incident short of war?” Is the security of legal files that bad? (Do they have backups for everything?)
Guantanamo legal files mysteriously disappear from PCs
In an institution already cloaked in mystery, puzzling happenings seem to be afoot at Guantanamo Bay prison.
Not only have many legal files suddenly disappeared from the defense team's computers, but also hundreds of thousands their documents have landed on the prosecution's computers, according to Reuters.
… In the incident involving the missing files, lawyers representing suspects housed in Guantanamo say that their confidential files have been disappearing from Pentagon computers since February, according to Reuters. They also say that they have evidence that third parties might have monitored their e-mails.
… In the other incident, about 540,000 defense e-mails landed on prosecutors' computers, according to the Washington Post. Within those e-mails were confidential attorney-client communications. It's unclear if these e-mails had anything to do with the missing files or involved the same cases.
This isn't the first time that classified Guantanamo files have been leaked. In 2011, WikiLeaks released nearly 800 secret dossiers from the U.S. prison in Cuba. In this data dump, sensitive information on Guantanamo detainees was released along with questionable activity carried out by the U.S. military.


Also seems to allow for a living will. (e-living?)
Online social profiles typically do not offer enough customizability to help users prepare for death. Of course, you can trust Google to pick up the gauntlet: the Inactive Account Manager is a brand new Google account feature that can help you keep your data out of the wrong hands when you die.
In summary, the Inactive Account Manager allows you to tell Google what to do with your information after your account has been unused for a certain period of time. With that said, Google really hasn’t beat around the bush while explaining the true purpose of this new feature.
“Not many of us like thinking about death — especially our own. But making plans for what happens after you’re gone is really important for the people you leave behind,” said a Google Public Policy Blog post. “So today, we’re launching a new feature that makes it easy to tell Google what you want done with your digital assets when you die or can no longer use your account.”


Shakespeare said, "The lady doth protest too much, methinks." I say, “Damn! We're doomed!”
April 11, 2013
"Subcommittee Affirms United States’ Commitment to Internet Freedom"
News release: "The Subcommittee on Communications and Technology, chaired by Rep. Greg Walden (R-OR), today advanced legislation to promote a global Internet free from government control. The bill, approved by voice vote, contains the same language that unanimously passed the House and Senate last year, elevating it to official U.S policy rather than merely a sense of the Congress in light of continued international efforts to regulate the Internet. “Governments’ hands-off approach has enabled the Internet to grow at an astonishing pace and become perhaps the most powerful engine of social and economic freedom and job creation the world has ever known. Under the current multi-stakeholder governance model, non-regulatory institutions manage and operate the Internet by developing best practices with public and private sector input," said Chairman Walden. During the proceedings, Chairman Walden also clarified the intent of the legislation and agreed to continue to work with the minority to seek bipartisan consensus. Click here to view Walden’s full remarks. On February 5, 2013, the Subcommittee on Communications and Technology and the Foreign Affairs Subcommittees on Terrorism, Nonproliferation, and Trade and Africa, Global Health, Global Human Rights, and International Organizations held a joint hearing to discuss efforts by some countries to expand international regulation of the Internet. In the 112th Congress, the House and Senate adopted resolutions with overwhelming bipartisan support opposing efforts at the World Conference on International Telecommunications to drag the Internet within the purview of the International Telecommunications Union, a U.N. agency."


Of course he is correct. Nice to see not all judges are infinately patient.
"Faced with an Apple vs. Motorola lawsuit that involves 180 claims and counterclaims across 12 patents, a judge in Florida has thrown up his hands and accused both companies of acting in bad faith. Claiming the parties' were engaged in 'obstreperous and cantankerous conduct', he said that the lawsuit was part of 'a business strategy that appears to have no end.'"
[From the article:
Setting a Markman hearing for Sept. 20, the judge said he expected the two companies will use the time to narrow the case to a manageable scope themselves. "If the parties cannot make this case manageable, the court forewarns them that it intends to stay the litigation while the Markman issues are pending and issue a decision as expeditiously as the parties deserve," he added.


I see this as confirmation of my “Any content + rabid fans = gold” hypothesis...
Rob Thomas on His $5M Veronica Mars Kickstarter and the Future of Fan-Funded Film
Nearly six years after the cancellation of the whip-smart television show about a teenage private eye in a California town deeply divided by class (and murder!), the Kickstarter for the Veronica Mars movie ends later today, after breaking fundraising records and taking in over $5 million on the crowdfunding platform. The tremendous success of the crowd-funding effort, launched a month ago by creator Rob Thomas and actress Kristen Bell, has even inspired talk that this could change the way films get made — particularly for properties with devoted followings willing to put their money where their fandom is.


A question I have been asking for years... Also something for my Intro to IT students.
Does it still make sense to buy music?
… I've been all about ownership. Yet in recent months I've spent very little money on music. Know why? Apps.
You know the ones I mean: Pandora. Rdio. Slacker. Songza. Spotify. For free or cheap I can stream pretty much every song on the planet, discovering new music as I go or just queuing up favorites on-demand.
… Songza streams playlists bases on your chosen mood or activity, and does so without interruption. Oh, sure, you see ad banners within the app, if you bother to look at it, but the music plays on.
… Pandora and Slacker, of course, focus more on specific artists and genres, which is great, and for a few bucks monthly you can dispense with commercials and enjoy more features and higher-quality audio. And for 10 bucks a month, the likes of Rdio and Spotify let you listen to whatever songs and albums you want, on-demand, without limits. … (For more on music services, check out this post.)


For my Statistics and my Intro to IT students. Look at change as a search for a better way...
krygny sends this quote from The Economist:
"The internet browser you are using to read this blog post could help a potential employer decide whether or not you would do well at a job. How might your choice of browser affect your job prospects? When choosing among job applicants, employers may be swayed by a range of factors, knowingly and unknowingly. ... Evolv, a company that monitors recruitment and workplace data, has suggested that there are better ways to identify the right candidate for job. ... Among other things, its analysis found that those applicants who have bothered to install new web browsers on their computers (such as Mozilla's Firefox or Google's Chrome) perform better and stay in their posts for 15% longer, on average."


For my Statistics students. (5 students out of four won't understand...)
The Modern Data Nerd Isn’t as Nerdy as You Think
Data scientists are fast becoming the rock stars of the 21st century. Thanks in part to Nate Silver’s eerily accurate election predictions and Paul DePodesta’s baseball-revolutionizing Moneyball techniques, math nerds have become celebrities. It’s debatable how much their work differs from what statisticians have done for years, but it’s a growing field, and many companies are desperate to hire their own data scientists.
The irony is that many of these math nerds aren’t as math nerdy as you might expect.
Some of the best minds in the field lack the sort of heavy math or science training you might expect. Silver and Paul DePodesta have bachelor’s degrees in economics, but neither has a PhD. Former Facebook data scientist and Cloudera co-founder Jeff Hammerbacher — who helped define the field as it’s practiced today — only has a bachelor’s in mathematics. The top ranked competitor at Kaggle — which runs regular contest for data scientists — doesn’t have a PhD, and many of the site’s other elite competitors don’t either.
… Data scientist John Candido agrees. “An understanding of math is important,” he says, “but equally important is understanding the research. Understanding why you are using a particular type of math is more important than understanding the math itself.”


Social media as a learning tool?
My Social Media Story
Here’s the story about how I came to use social media and why. If you’ve had trouble understanding why on earth people use social media, this might be helpful. I used social media to track my dissertation progress and develop a network of interested colleagues. I used social media to learn how to become a digital game designer. I use social media to stay connected to and learn from a fascinating collection of futurists, math education colleagues, social media experts, and data visualization folks from around the world. This is something I put together for my Social Media MOOC.

Thursday, April 11, 2013

What would be the minimum level of Cyber Attack that warranted a Cyber Reply? Would any level (e.g. shutting down the New York Stock Exchange) merit a conventional military reply?
"An official investigation into a major cyber attack on South Korean banks and broadcasters last month has determined that North Korea's military intelligence agency was responsible. An investigation into access records and the malware used in the attack pointed to the North's military Reconnaissance General Bureau as the source, the Korea Internet and Security Agency (KISA) said on Wednesday. To spread the malware, the attackers went through 49 different places in 10 countries including South Korea, the investigation found. The attacks used malware that can wipe the contents of a computer's hard disk (including Linux machines) and damaged 48,700 machines including PCs, ATMs, and servers."


An Ethical Hacker tool. Or as North Korea might see it, a Target Aquisition tool...
"This is an article about a search engine that is designed to look for devices on the net that are not really intended to be viewed and used by the general public. Devices include pool filters, skating rink cooling system, and other goodies. 'Shodan runs 24/7 and collects information on about 500 million connected devices and services each month. It's stunning what can be found with a simple search on Shodan. Countless traffic lights, security cameras, home automation devices and heating systems are connected to the Internet and easy to spot. Shodan searchers have found control systems for a water park, a gas station, a hotel wine cooler and a crematorium. Cybersecurity researchers have even located command and control systems for nuclear power plants and a particle-accelerating cyclotron by using Shodan. ... A quick search for "default password" reveals countless printers, servers and system control devices that use "admin" as their user name and "1234" as their password. Many more connected systems require no credentials at all — all you need is a Web browser to connect to them.'"


Will we see more reports or will this actually help to stop identity theft?
Joe Mont reports:
The Securities and Exchange Commission on Wednesday adopted rules requiring broker-dealers, mutual funds, investment advisers and other “financial institutions” and “creditors” to adopt programs for detecting and responding to cases of identity theft.
The rules, adopted jointly with the Commodity Futures Trading Commission also apply to the futures commission merchants, retail foreign exchange dealers, commodity trading advisors, commodity pool operators, swap dealers, and major swap participants that agency oversees.
Read more on Compliance Week.
[From the article:
Required programs must have policies and procedures designed to: identify relevant types of identity theft red flags; detect the occurrence of those red flags; respond appropriately; and periodically update the identity theft program.


Why didn't they listen to their auditors or lawyers?
Marino Eccher and Mary Divine report:
Brooke Bass spent her legal career looking out for the best interests of police officers.
They were looking out for her, too, her lawyer says — but in a different way.
In the past eight years, more than 100 entities across Minnesota — nearly all of them law enforcement — accessed Bass’s private driver’s license information more than 700 times, her attorney said.
That would make her the subject of the biggest privacy breach to date in the state’s increasingly broad and increasingly expensive license-data debacle.
Read more on Pioneer Press.
Given how rampant the breaches have been with this database, it will be interesting to see what happens with statutory awards. This could be very costly for the state, but I think it needs to be because they knew they had problems and never really dealt with the access problems effectively or seriously. Maybe if this really costs them, other state agencies and other states will take this issue more seriously.


Questions for e-lawyers?
"As the age of autonomous cars and drone surveillance draws nearer, it's reasonable to expect government to increasingly automate enforcement of traffic laws. We already deal with red light cameras, speed limit cameras, and special lane cameras. But they aren't widespread, and there are a host of problems with them. Now, Ars reports on a group of academics who are attempting to solve the problem of converting simple laws to machine-readable code. They found that when the human filter was removed from the system, results became unreasonable very quickly. For example, if you aren't shy about going 5 mph over the limit, you'll likely break the law dozens of times during an hour of city driving. On the freeway, you might break it continuously for an hour. But it's highly unlikely you'd get more than one ticket for either transgression. Not so with computers (PDF): 'An automated system, however, could maintain a continuous flow of samples based on driving behavior and thus issue tickets accordingly. This level of resolution is not possible in manual law enforcement. In our experiment, the programmers were faced with the choice of how to treat many continuous samples all showing speeding behavior. Should each instance of speeding (e.g. a single sample) be treated as a separate offense, or should all consecutive speeding samples be treated as a single offense? Should the duration of time exceeding the speed limit be considered in the severity of the offense?' One of the academics said, 'When you're talking about automated enforcement, all of the enforcement has to be put in before implementation of the law—you have to be able to predict different circumstances.'"


Anti-social media? They clearly have the “influence people” part down pat, it's the “win friends” bit that needs more work...
Prosecutors in Gothenburg have decided to file criminal charges against two teen girls believed to be behind a “slut-shaming” account on Instagram that caused local teenagers to riot last year.
Speaking with the Svenska Dagbladet (SvD) newspaper, prosecutor Annika Boman said she had decided to charge two girls, aged 15 and 18, with aggravated defamation.
“Charges will likely be formally filed at the end of April, but it may also take longer. New information may emerge in the investigation,” she told the newspaper.
Around 85 people have been interviewed in the investigation, which was launched after a mystery Instagram user took to the popular photo-sharing site to “shame” male and female “teen sluts” in Gothenburg by publishing pictures of them together with information about their sex lives.
A riot ensued in December 2012, as hundreds of high school students assembled outside the Plusgynmasiet high school in an attempt to find the owner of the anonymous Instagram account.
Read more on The Local (Sweden).
[From the article:
Boman explained she must determine how many of those who reported possible defamation crimes will end up being included in the indictment, speculating that "not even half" will make the cut.

(Related)


Toward the perfect e-Dossier?
Facebook Will Peer Into Your Grocery Bag to Sell an Ad
Facebook has announced a new system that lets advertisers target you based on what groceries you buy, what car you drive, and what kind of phone you use. It’s just the latest example of an emerging pattern at the social network – follow the user all over the place to close more ad sales.
The bland name of Facebook’s new “partner categories” belies a bold mission: tying disparate real-world data to Facebook’s online social graph. The system allows Facebook advertisers to target groups of users based on loyalty card usage at grocery stores and elsewhere, based on public records like auto registration, and based on email addresses consumers give out at retail checkout registers. Facebook can access such information because it has partnered with companies that have spent years compiling the databases, including Acxiom, Datalogix, and Epsilon.
There’s no question advertisers like to have “total informational awareness,” as this sort of data hoarding is called in defense circles.


Does every government agency get to write their own rules?
Nathan Freed Wessler of the ACLU writes:
Everyone knows the IRS is our nation’s tax collector, but it is also a law enforcement organization tasked with investigating criminal violations of the tax laws. New documents released to the ACLU under the Freedom of Information Act reveal that the IRS Criminal Tax Division has long taken the position that the IRS can read your emails without a warrant—a practice that one appeals court has said violates the Fourth Amendment (and we think most Americans would agree).
Last year, the ACLU sent a FOIA request to the IRS seeking records regarding whether it gets a warrant before reading people’s email, text messages and other private electronic communications. The IRS has now responded by sending us 247 pages of records describing the policies and practices of its criminal investigative arm when seeking the contents of emails and other electronic communications.
Read more on ACLU.

(Related) “We can, therefore we must”
While the IRS claims it can read your emails without a warrant, Washington police argue that law enforcement can read your text messages without a warrant. From EFF:
The Electronic Frontier Foundation (EFF) urged the Washington State Supreme Court Monday to recognize that text messages are “the 21st Century phone call” and require that law enforcement officers obtain a warrant before reading texts on someone’s phone.
“Text messages are a ubiquitous form of communication, and their context can be as private as any telephone conversation,” said EFF Staff Attorney Hanni Fakhoury. “We use texts to talk to our wives and husbands, our kids, our co-workers, and more. Police should not be able to sift through these personal exchanges on a whim – they must show probable cause and get a warrant before accessing this information.”
In this case, police seized a cell phone during a drug investigation and monitored incoming messages. Officers responded to several texts, setting up meetings that resulted in two arrests, without first getting a warrant. Prosecutors have argued that no warrant was required because there should be no expectation of privacy in text messages, as anyone can pick up someone else’s phone and read what’s stored there. But in two related amicus briefs filed Monday, EFF argues that searching the phone for the texts without a warrant clearly violates the Constitution.
The state argues that just because someone can intercept a communication, you should reasonably expect that communication to be intercepted. That’s a dangerous way to interpret the Fourth Amendment,” said Fakhoury. “The prosecutors’ theory would eviscerate any privacy protections in the digital age. We’re asking the Washington State Supreme Court here to recognize what’s at stake and to require a warrant before allowing officers to read text messages on a cell phone.”
Venkat Balasubramani of FOCAL PLLC in Seattle, Washington, served as EFF’s local counsel in the cases.


There ought to be a law... and here is where you can find it?
April 10, 2013
New Website for State Online Legal Information
Via Emily Feltren, AALL: "The Digital Access to Legal Information Committee (DALIC) has created a new website to host information about the status of online legal materials in every state with respect to authentication, official status, preservation, permanent public access, copyright, and universal citation. The new website brings together information from AALL’s National Inventory of Legal Materials and updates AALL’s Preliminary Analysis of AALL’s State Legal Inventories, 2007 State-by-State Report on Authentication of Online Legal Resources, and 2009-2010 State Summary Updates. State pages will be updated as information changes. DALIC members will monitor the site and periodically check in with AALL’s state working groups to ensure the accuracy of the information."


Now that the court has held it is legal to send broadcast TV over the Internet (at least the way they do it) the networks seem to be going crazy. What revenue are they actually losing?
"In response to Aereo's recent win allowing per-user over-the-air antenna feeds to remote devices, Fox COO Chase Carey said, 'We need to be able to be fairly compensated for our content. This is not an ideal path we look to pursue [...],' that path being a switch to a subscription model. Spanish-language stalwart Univison may join Fox, per CEO Haim Saban. Aereo replied, in part, 'When broadcasters asked Congress for a free license to digitally broadcast on the public's airwaves, they did so with the promise that they would broadcast in the public interest and convenience, and that they would remain free-to-air. Having a television antenna is every American's right.' A switch to a pay-TV subscription model would stymie Aereo but could hurt affiliate stations."

(Related)
CBS joins Fox in considering subscription-only model


Perspective. It used to be that each new Operating System was an improvement over the old.
"IDC says Windows 8 is partly to blame for PC sales suffering the largest percentage drop ever. 'As if that news wasn't' troubling enough, it appears that a pivotal makeover of Microsoft's ubiquitous Windows operating system seems to have done more harm than good since the software was released last October.' According to a ZDNet article, IDC originally expected a drop, but only half the size."


Worth browsing...
April 10, 2013
OCLC - MOOCs and Libraries Event Videos Now Available
Via OCLC: "The "MOOCs and Libraries: Massive Opportunity or Overwhelming Challenge?" event took place 18-19 March at the University of Pennsylvania and was broadcast live online. Hosted by OCLC Research and University of Pennsylvania Libraries, the event featured thoughtful and provocative presentations about how libraries are already getting involved with MOOCs, and engaged attendees in discussions about strategic opportunities and challenges going forward. More than 500 people participated in this event: 125 attended in person and more than 400 attended remotely online." Links to the 11 individual videos and a MOOCs and Libraries video playlist that comprises all of these videos are available at the links below, on the MOOCs and Libraries event page, and on the OCLC Research YouTube Channel. Look to the OCLC Research blog, HangingTogether, for a short series of postings that recap presentation highlights and summarize outcomes from this event."


Indicates there are lots of programs I'm not aware of...
SCIENCE TECHNOLOGY, ENGINEERING, AND MATHEMATICS EDUCATION
In fiscal year 2010, 13 federal agencies invested over $3 billion in 209 programs designed to increase knowledge of science, technology, engineering, and mathematics (STEM) fields and attainment of STEM degrees.
… Eighty - three percent of the programs GAO identified overlapped to some degree with at least 1 other program in that they offered similar services to similar target groups in similar STEM fields to achieve similar objectives.


Is the world ready for “The Collected Wit and Wisdom of Centennial-man?”
NOOK Media, a subsidiary of Barnes & Noble, Inc., announced yesterday the launch of NOOK Press, a new and free self-publishing platform in which authors can write, edit, collaborate, and publish high-quality e-books and distribute them to millions of readers via NOOK Books and Nook e-readers.
… NOOK Press allows independent publishers and authors to use its online services to write, edit and format new and existing manuscripts, collaborate with colleagues, and monitor the sales of their self-published e-books. E-books published through the platform are sold through NOOK Bookstores, and are made available on BN.com, NOOK.co.uk, NOOK devices, and the free NOOK e-reading software for Android, iPad, iPhone, Windows 8, Mac, and PC.

Wednesday, April 10, 2013

The more it looks like a video game, the easier this becomes.
Blood Money, Kill Lists, Favors for Favors: Deep Inside the CIA’s Targeted Killings
Targeted killing — particularly the sort carried out by the U.S. fleet of deadly flying robots — is a transactional business.
That’s a major point of The Way of The Knife, the informative new book by Mark Mazzetti, a national-security correspondent for the New York Times. The U.S. drone campaign in Pakistan kicked off with the 2004 killing of Nek Mohammed, an extremist in the tribal areas who was not a senior al-Qaida figure. Mohammed was someone the Pakistanis wanted dead. The U.S. wanted access to Pakistan’s airspace and, it was once hoped, western tribal territory, where al-Qaida operated. Over the years, the U.S. got the former and (rarely) the latter, giving birth to a quid pro quo that spread to Yemen and beyond.


Self surveillance will become a fad, then all the FBI need do is copy it from our phones...
Now Your iPhone Can Read Fingerprints, Scan Irises and ID Your Face


I'm not sure I'll know it when I see it. Perhaps we can invite this exhibit here?
Associated Press has this interesting report on an art exhibit meant to provoke thought:
Image after image splashes on the wall of the art exhibit — a snapshot of young people laughing and drinking, a picture of an elephant, an exposed belly of a woman barely covering her breasts with one arm. The photos were taken from their computers without their knowledge through a technological glitch.
Over in a corner, visitors can sort through Facebook profile photos from unwitting users through a website that organizes them by gender, country and adjectives such as “sly,” ”smug” or “easy going.” Think online dating site, for people who don’t know they are on it.
The works are part of “The Public Private,” an art exhibit that explores the gray areas of online privacy, surveillance and data collection in the age of Facebook and Google. The pieces shift across the boundaries between what’s public and private, all through the lens of technology. But lines are never clear, if there are any at all, and that can be unsettling.
Read more on KVUE.
If you’re in NYC, the exhibit runs through April 17 at The New School. It’s been running since February, and I wish I had seen coverage of it before now.


So is this a flop or a flip? Speech is protected except when you break into a system to speak?
Lillian Shupe reports:
One or more people who allegedly hacked a hospital computer network may no longer hide their identities behind the anonymity of their computers, according to a ruling from The Appellate Division of the New Jersey State Superior Court.
The court overturned a decision by the lower court to quash a subpoena issued by Warren Hospital. The hospital is seeking the identities of one or more people who spread defamatory messages by allegedly hacking into the hospital’s computer network.
Read more on NJ.com.


The problem with an Operating System that finally reaches “good enough” is that there is no great incentive to upgrade.
Microsoft Gets Ready to Pull the Life Support on Windows XP
Today marks the first day of the last year of Windows XP’s long and storied life.
… According to NetMarketShare, just over 38 percent of PCs connected to the web are still running Windows XP. Given that current XP users have already ignored three OS upgrades, it seems reasonable to assume a significant number of XP diehards still won’t upgrade even now that Microsoft is no longer issuing security updates — all of which adds up to a potentially huge number of vulnerable PCs connected to the web

Tuesday, April 09, 2013

A pot that needs no more cracks...
The Chosun Ilbo reports on a major prosecution in South Korea:
The Seoul Central Prosecutors’ Office on Sunday charged two South Koreans with cooperating with North Korean hackers in China to run illegal websites and steal the personal information of millions of individuals.
Investigators discovered the personal data of 140 million South Koreans on their computers and believe they could have shared the information with North Korea.
Among the data some 1000 were found to be obtained from a North Korean agent and a hacker in 2011.
“The data were obtained by hacking into the websites of department stores, gas stations and online shopping malls as well as from illegal dealers,” a prosecution spokesman said. “If this information was passed on to North Korea, the North has a significant amount of personal information about South Korean individuals.”
Read more on Chosun Ilbo.
For its part, North Korea is having its own problems with hackers. AsiaOne reports:
International hacker activist group Anonymous exposed some 6,000 more alleged members of the North Korean propaganda website Uriminzokkiri on Saturday, calling their action a warning against the Kim Jong-un regime.
An additional 523 e-mail accounts registered with the North Korean website were found to be those provided by South Korean portal sites, other news reports said Sunday.
The information disclosed by the group include the name and ID of the user, as well as their e-mail addresses, phone numbers and dates of birth.
[...]
According to Yonhap News, 523 of the 6,216 e-mail accounts used by members of the website disclosed by Anonymous were those provided by local portal sites.
On Thursday, the group made its first announcement that it had obtained information on about 15,000 members of the website as a result of a hacking attack carried out by a group of about 30, which included South Koreans, and released information on 9,001 registered members of the website.
Including those among the 9,001 e-mail addresses, members of Anonymous revealed on Thursday a total of 2,393 of the 15,217 people who joined the Uriminzokkiri website used e-mail accounts provided by South Korean portal sites.
In addition, 111 e-mail accounts provided by South Korean companies, one Seoul National University and one each of the Chosun Ilbo and Dong-A Ilbo accounts were used to join the website.
Read more on AsiaOne.


Big Teacher? How easily self-deception comes... It should be obvious there are serious flaws if one over-relies on this data.
RougeFemme writes with this story in the New York Times about one disconcerting aspect of the ongoing move to electronic textbooks:
"Teachers at 9 colleges are testing technology from a Silicon Valley start-up that lets them know if you're skipping pages, highlighting text, taking notes — or, of course, not opening the book at all. '"It's Big Brother, sort of, but with a good intent," said Tracy Hurley, the dean of the school of business" at Texas A&M.' 'Major publishers in higher education have already been collecting data from millions of students who use their digital materials. But CourseSmart goes further by individually packaging for each professor information on all the students in a class — a bold effort that is already beginning to affect how teachers present material and how students respond to it, even as critics question how well it measures learning.'"


I think they are severely underestimating the numbers...
April 08, 2013
CRS - Drones in Domestic Surveillance Operations
  • "The prospect of drone use inside the United States raises far-reaching issues concerning the extent of government surveillance authority, the value of privacy in the digital age, and the role of Congress in reconciling these issues. Drones, or unmanned aerial vehicles (UAVs), are aircraft that can fly without an onboard human operator. An unmanned aircraft system (UAS) is the entire system, including the aircraft, digital network, and personnel on the ground. Drones can fly either by remote control or on a predetermined flight path; can be as small as an insect and as large as a traditional jet; can be produced more cheaply than traditional aircraft; and can keep operators out of harm’s way. These unmanned aircraft are most commonly known for their operations overseas in tracking down and killing suspected members of Al Qaeda and related organizations. In addition to these missions abroad, drones are being considered for use in domestic surveillance operations to protect the homeland, assist in crime fighting, disaster relief, immigration control, and environmental monitoring. Although relatively few drones are currently flown over U.S. soil, the Federal Aviation Administration (FAA) predicts that 30,000 drones will fill the nation’s skies in less than 20 years."


I know I disagree with my favorite Ethics Professor, but I would use the data.
Are you free to use data unintentionally disclosed to you in a data breach? Adam Bennett reports that the New Zealand Earthquake Commission (EQC) has gone to court to block the use of data on 98,000 claims erroneously emailed to someone last month:
The Earthquake Commission has taken out a court injunction against the insurance advocate it accidentally sent thousands of claimants’ records to last month to block him from using the information.
A commission (EQC) claims manager caused a massive privacy breach when she last month accidentally sent Brian Staples of Earthquake Services Ltd a spreadsheet containing confidential details about 98,000 claims.
Mr Staples signed a statutory declaration saying he had deleted the information but later told the EQC he would retrieve the information to use as he pursued payment from the commission for quake repairs on behalf of about 10 of his clients.
The EQC responded by laying a complaint with police.
This afternoon it said it had been granted an interim injunction from the High Court at Christchurch “to prevent any further dissemination [So, no new users, but existing users are Okay? Bob] of confidential information by two parties from a spreadsheet sent in error”.
“The injunction has been served on Earthquake Services director Bryan Staples and the blogger known as EQC Truths,” EQC chief executive Ian Simpson said in a statement.
[...]
As someone who has recently criticized heavy-handed techniques following breaches to hapless recipients, this case is somewhat different. I wonder whether the data would have been obtainable under NZ’s freedom of information laws.
But if you’re handed valuable information that affects your clients, wouldn’t you try to use it? And should you be able to use it? If it had been disseminated to the press, wouldn’t they able to publish it, thereby putting it in the public domain?


Sounds like another case of, “We don't bother with security until it's too late”
With all the news about #OpIsrael, it was easy to miss a breach that was reported today involving Kirkwood Community College in Iowa.
On March 13, they were hacked, and the hacker had access to 125,000 records from students who had applied online for credit courses between February 2005 and March 5, 2013. The school is not sure whether any data were downloaded [because they don't log activity on their computers? Bob] at the time of this publication.
In WCF Couriers’ coverage of the breach, vice president of student services Kristie Fisher was quoted:
She said the college believes that its database was adequately protected, but that hacking has become too common.
How can you claim your database was adequately protected when it was just hacked to the tune of 125,000 records?
“Unfortunately, we think we just found ourselves in the middle of something that’s happening all over the world,” she said. “In today’s world, you can’t protect anything 100 percent when it’s online.”
OK, so then knowing that, why did you need to have records going back to February 2005 connected online? Are students who signed up in February 2005 at your two-year community college still signing up for classes 8 years later?
Knowing the risk, did you really need all that data connected?


Where is the line and when did we cross it? Does “stingray” always require provider authorization?
Secrets of FBI Smartphone Surveillance Tool Revealed in Court Fight
A legal fight over the government’s use of a secret surveillance tool has provided new insight into how the controversial tool works and the extent to which Verizon Wireless aided federal agents in using it to track a suspect.
Court documents in a case involving accused identity thief Daniel David Rigmaiden describe how the wireless provider reached out remotely to reprogram an air card the suspect was using in order to make it communicate with the government’s surveillance tool so that he could be located.
… To make sure the air card connected to the FBI’s simulator, Rigmaiden says that Verizon altered his air card’s Preferred Roaming List so that it would accept the FBI’s stingray as a legitimate cell site and not a rogue site, and also changed a data table on the air card designating the priority of cell sites so that the FBI’s fake site was at the top of the list.
Rigmaiden makes the assertions in a 369-page document he filed in support of a motion to suppress evidence gathered through the stingray. Rigmaiden collected information about how the stingray worked from documents obtained from the government, as well as from records obtained through FOIA requests filed by civil liberties groups and from open-source literature.
During a hearing in a U.S. District Court in Arizona on March 28 to discuss the motion, the government did not dispute Rigmaiden’s assertions about Verizon’s activities.


Bold, but is it wise?
Jeff Kosseff writes:
A Michigan appellate court ruled last week that state discovery rules provide adequate safeguards for anonymous online speech. The opinion is a significant deviation from the rulings of other state courts, which have applied a First Amendment balancing test to determine whether to grant discovery requests for the identities of anonymous online speakers.
Read more about the opinion on Covington Inside Privacy.


“We'll take what they give us and make it ours...” New term: apperating system
Move Over, Apple and Google: Apperating Systems Are Taking Over Your Phones
… Facebook Home, in and of itself, isn’t that big of a deal. What it represents, however, is huge. We’re calling Home an apperating system, one of a new breed of software platforms that sit between operating systems and apps. Apperating systems are coming—in a major way.
… More so than Facebook Home, the Kindle Fire already seems to be pushing the limits of the operating system/apperating system relationship. The Fire ejects Google’s digital store, Google’s browser, and Google’s email client from Google’s own operating system, replacing them with Amazon-native alternatives. Unlike with Facebook Home, installing core Google services like the Google Play app store and basic Android apps involves hacking the device and voiding your warranty.


Perspective: I see my job to be ensuring that my Ethical Hackers are never considered “everyday”
"Research suggests there will be a rise in everyday hackers. A simple Google search for 'SQL injection hack' provides 1.74 million results, including videos with explicit instructions on how to exploit SQL injection vulnerabilities. The ready availability of this information makes it possible for less technically skilled hackers to take advantage of this common flaw. Although SQL injection flaws are easy to identify and fix, Veracode found that 32 percent of web applications are still affected by SQL injection vulnerabilities. As a result, as many as 30 percent of breaches in 2013 will be from SQL injection attacks. The research also concluded that the leading cause of security breaches and data loss for organizations is insecure software. The report found that 70 percent of software failed to comply with enterprise security policies on their first submission for security testing."

Monday, April 08, 2013

Another day of “nothing much happening” I have to find more chatty blogs...


Why? Are teachers unable to take attendance accurately? Are any non-school libraries using biometrics? At least, using thumbprints to pay for lunch may be more efficient.
I read almost all the way through this article by Adam Vrankulj before I realized they were talking about the U.K. and not the U.S. The concerns are the same, of course. The following is in reference to the U.K., and I’m not sure what the comparable statistic is for the U.S.:
According to the Department of Education, 30 percent of secondary schools and five percent of primary schools in the country use fingerprinting or facial recognition to record attendance, enable students to borrow library books, pay for lunch of access certain buildings within school systems.
Last year, the Biometrics Institute, an independent international body representing biometrics users, academia and the industry called for caution in widening access to the National Pupil Database (NPD) as proposed by the UK government.
According to the Biometrics Institute, the government’s proposal would allow private sector and other previously excluded groups to access the national database in order to enable research, education planning and other services to be performed.
Whether it’s an issue of adoption, privacy, security or cost, it’s likely biometric systems will increasingly be implemented in schools, and their use in cafeterias is just the tip of the iceberg.
Read more on BiometricUpdate.com.


The wisdom of crowds or fortune cookie quotes? Reading over the shoulder of the common man highlights the most frequent, not the most valuable quotes. But some are amusing...
The most frequently highlighted passages in famous business and management books
A welcome consequence of the digitalization of our lives and media is the creation of streams of data that weren’t previously accessible. One of those is the book passages most highlighted by users of Amazon.com’s Kindle e-reader software.
… The most highlighted passage of all time is from Catching Fire, the second book in the Hunger Games series: ”Because sometimes things happen to people and they’re not equipped to deal with them.”
… Below is a compilation of some from Amazon’s Heavily Highlighted Recently list.

Sunday, April 07, 2013

A most interesting question for my lawyer friends. The Comments are definitely worth reading. (I would hit the roof if I was on the receiving end of this kind of stupidity.)
"I manage a few computers for an independent private medical practice connected to a hospital network. Recently I discovered repeated attempts to access these computers. After adjusting the firewall to drop connections from the attacking computers, I reported the presumed hacker IP to hospital IT. I was told that the activity was conducted by the hospital corporation for security purposes. The activity continues. It has included attempted fuzzing of a web server, buffer overrun attacks, attempts to access a protected database, attempts to get the password file, etc. The doctors want to maintain a relationship with the hospital and are worried that involving law enforcement would destroy the relationship. What would you advise the doctors to do next?"


Is this typical anywhere but Ireland?
Theft / Frape / Bully / Virus
A new survey by ESET Ireland has revealed what terrible things befall the Irish with regards to their computers and smartphones, with one in five having had their laptop, smartphone or tablet stolen and over 50 per cent having had a computer virus infection.


Why hide their ignorance? Let us have a good laugh and perhaps fewer people will take these morons seriously.
Twitter, hate speech, and the costs of keeping quiet
Last month was a bittersweet seventh birthday for Twitter. The Union of Jewish French Students sued the social-media giant for $50 million in a French court in light of anti-Semitic tweets that caried the hashtag #unbonjuif ("a good Jew"). In January, Twitter agreed to delete the tweets, but the student group now wants the identities of the users who sent the anti-Semitic messages so that they can be prosecuted under French law against hate speech. Twitter is resisting. It claims that as an American company protected by the First Amendment, it does not have to aid government efforts to control offensive speech


Interesting that India considers this news, but none of the US news services seemed to. Perhaps if there was a hint that it carried a missile with Kim Jong-un's name on it? I only noticed it because back in my Army days I was on this Air Force base reporting to a Navy Chief...
Japan, US mulling deployment of 'Global Hawk' to increase surveillance of N Korea
Japan and the United States might deploy a high-altitude reconnaissance drone called the 'Global Hawk' at Misawa Air Base in Aomori Prefecture to increase surveillance of North Korea, according to sources.


I'm thinking of making a series of short, supplemental 'courses' for my students. Things like “Dividing Fractions for Fun and Profit”
One of the trends sweeping the Internet of late is online learning. All kinds of websites are coming along where users can come and create courses to share their knowledge with other people. A new website called ProProfs Trainer Maker is looking to be a serious contender in online learning. Users can create professional courses for all kinds of reasons, and one of the main emphasizes is creating training courses for business purposes, but the uses are only limited by your imagination.
Creating courses is very easy with this website. You can create basic courses available to the public for free, and for private business training courses, a small fee is required. Creating a course is as simple as naming it and adding the content you wish to teach others. All of the content is divided into chapters, which makes it easy to organize your thoughts in way that will make sense to anyone taking your course. You can add images, links, videos and all kinds of other useful content to your chapters to help hammer home the message you are trying to deliver.


Tools worth trying?
The 10 Best Web Tools For Flipped Classrooms
… In an effort to provide a quick look at some of the best web tools for flipped classrooms, I thought it would be useful to poll the @Edudemic Twitter followers.
… One thing stood out to me: there were a lot of repeats! Many folks who have tried the flipped classroom model or are currently deploying it have leveraged a lot of the same web tools. Nearly all are free and most are actually tools you’re probably already using.
Wikispaces
Wikispaces is a free and useful web tool designed to give students (or ‘users’ of any kind, really) the ability to share their thoughts, reflect on the work of others, and edit a body of work together.
Poll Everywhere
Poll Everywhere is being used by classrooms, conferences, and with audiences large and small to get instant feedback.
Edmodo
Edmodo may very well be the most-used web tool in education right now. So it’s no surprise that it’s popular among flipped classrooms. In case you haven’t tried it out, Edmodo is a classroom management platform designed to facilitate learning in all directions. By that I mean it lets students ask questions to other students, teacher to student, parent to teacher, etc. You get the idea.
Screencast
Screencast may not seem like a prime example of a flipped classroom tool, but it’s evidently quite popular. I’d say about 25% of all respondents to a few polls done by myself (not scientific, quite informal) recommended Screencast as one web tool to definitely try out. It lets you make your own (duh) screencasts and then gives you the full license to the product you just created.
Celly
Students use Celly to connect with one another at any time, anywhere. They use the text-based social network to pose questions of each other, direct learning, and even create assignments based on where students want to go in their learning next. Amazing stuff!
Dropbox
Dropbox enables students, teachers, and parents to work off the same set of information at the same time. It’s a popular cloud storage service that is free (for basic version) and lets you have a classroom folder that every student can pull and place data in.
YouTube
YouTube is being used to help students learn from people like Sal Khan and other YouTube educators to augment and add to their own learning. Many flipped classrooms use YouTube as a means to have students learn at their own pace, on their own time, and with each other. It’s a collaborative learning process where the teacher acts more like a ‘guide on the side’ rather than a ‘sage on the stage.’
Twitter
One of the most powerful tools in education, Twitter is by far the most popular tools among educators. It dwarfs most of the other web tools that teachers are using (aside from YouTube) and lets anyone build their own personalized learning network or professional learning network (PLN).
Evernote
Evernote is simply a tool that lets you take all your thoughts with you.
Teaching Channel
Teaching Channel is a video showcase—on the Internet and TV—of inspiring and effective teaching practices in America’s schools.


“There are more 'niche players' in heaven and earth, Horatio, than are dreamt of in your philosophy.”
PAC launches to support bearded political candidates