Saturday, June 14, 2014

If this had been done in the US we might have the security tipping point I've been dreaming of... Then again, probably not. (Pay up, or we'll automagically submit 10,000 bogus pizza orders an hour. There's an App for that!)
Jan Willem Aldershoff reports:
Hackers have reportedly stolen data of more than 600,000 Domino’s Pizza customers. A group of hackers demand € 30,000 before next Monday or they will make captured data public. The hacker group goes by the name Rex Mundi and claims to have hacked the websites of Domino’s Pizza in France and Belgium. They’ve announced their hack in a Tweet and disclosed further details in an anonymous text file.
Read more on Myce.
The hack was announced this morning on Twitter:
We hacked the websites of @dominos_pizzafr & Domino’s Belgium, and downloaded 600,000+ customer records. More info: dpaste.de/bXb9
Rex Mundi (@RexMundi_Anon) June 13, 2014
By now, the dpaste.de file has been removed, but Aldershoff reports:
In the statement they write, “We downloaded over 592,000 customer records (including passwords) from French customers and over 58,000 records from Belgian ones. That’s over six hundred thousand records, which include the customers’ full names, addresses, phone numbers, email addresses, passwords and delivery instructions. (Oh, and their favorite pizza topping as well, because why not).”
The group demands €30,000 to not disclose the information and to reinforce the threat they already posted samples of the stolen data. According to the hackers they’ve contacted Domino’s Pizza but the company has not responded to their demands so far. A Belgian newspaper reports the company has contacted all affected customers and argues no credit card information has been compromised.


A mandatory action in modern war.
Iraq Blocks Social Media Amid Militant Drive: Technicians
Iraq's communications ministry has ordered Internet and mobile companies to block social media websites and applications as militants drive towards Baghdad, technicians from two major service providers said Friday.
The technicians said video-sharing site YouTube, social network site Facebook, micro-blogging site Twitter and communications applications WhatsApp and Viber were all affected.


Always fun to see how things have been interpreted.
Dave Maass writes:
A federal judge today ordered the Department of Justice to hand over key opinions by the Foreign Intelligence Surveillance Court (also known as the “FISA court”) so the judge can directly review whether information about mass surveillance was improperly withheld from the public.
The order is another victory in EFF’s Freedom of Information Act lawsuit against the DOJ, which sought to reveal how the government uses Section 215 of the Patriot Act to secretly gather communications records from millions of American citizens. The suit has already forced the government to releasethousands of pages of FISA court opinions, internal executive branch reports, congressional briefings, and other documents concerning Section 215. Documents released as part of the suit have shown the NSA repeatedly misled the FISA court concerning the operation of the bulk call records program, nearly leading the court to terminate the program altogether.
EFF Staff Attorney Mark Rumold argued for further disclosure of records during a June 3 hearing in Oakland. The resulting order, issued today, applies to 66 pages of five still-secret FISA court opinions. While Judge Yvonne Gonzales-Rogers may ultimately decide the documents cannot be released, her order reveals an appreciation of the civil liberties concerns as well as skepticism of the government’s blanket refusal to release any portion of the opinions.
Read more on EFF, and congratulations to Mark Rumold for this great WIN!


Is Google preparing a Doctor App? (Is it harder than self-driving cars?) Once upon a time, long, long ago, only you and your Doctor knew what was happening in your body. Now you have become just another Thing plugged into the Internet of Things. Now everyone everywhere can know everything. (I suppose there are a few crazy people out there who will want to post recordings of their colonoscopy on YouTube for our enjoyment. Please don't.)
Google developing health data service -report
Google Inc is developing a service that will combine information from health apps and personal fitness devices, in another competitive move against Apple Inc and Samsung Electronics Co, Forbes reported.
The new service, to be called Google Fit, will make its debut at the Internet company's developer conference later this month, Forbes said on Thursday, citing anonymous sources.
… Health data could become the next big battleground among tech companies as a new generation of wearable electronic gadgets allow users to measure heart rates, sleep patterns and exercise activities.
Last week Apple announced "Healthkit," which will pull together data such as blood pressure and weight now collected by a growing number of healthcare apps on the iPhone or iPad. In May, Samsung launched a health platform for third-party app developers.

(Related) Does this suggest what Google will do with your health data?
Startup puts your health records onto Google Glass
Drchrono, a Moutain View, California startup has developed an application that let's a doctor register with them and use their Google Glass to record a consultation or surgery with a patient's permission. Videos, photos, and notes are all stored in an electronic medical record (EMR) and stored in the cloud to share with the patient upon request.

(Related)
Could Apple’s HealthKit initiative come under FDA scrutiny?
Last December Apple met with the FDA to get some clarification about what types of health apps and devices would or would not fall under FDA rules and regulations. It’s an interesting question that a lot of device makers are going to have to consider as more and more health-oriented wearables come to market.

(Related) As long as we're talking about Health Records...
Under Section 13402(i) of HITECH, HHS is required to submit to Congress an annual report containing the number and nature of breaches reported, and the actions taken in response to those breaches. Section 13424(2) of the HITECH Act requires the Secretary to make each report available to the public on the HHS website.
HHS had issued one report for 2009-2010, and has now issued its report for the period January 1, 2011 – December 31, 2012:
I haven’t had time to really read through this yet, but at first glance, it appears that while theft continues to be the single largest category of breaches (with hacking being a second prominent category), loss accounted for the largest percentage of individuals affected in 2011 breaches. Additionally, while breach reports from business associates accounted for approximately one fourth of breach reports in 2011 and 2012, they accounted for 64% and 42% of individuals affected in those years.
I’ll likely have more to say once I’ve had time to really go through the report carefully.


For my Computer Forensics students.
Find the Person Behind an Email Address
You have received an email from a person with whom you have never interacted earlier and thus, before you take the conversation forward, you would like to do a bit of research for that person on the Internet. How do you do this without directly asking the other person?


For my students with the appropriate toys.
Read Or Listen: Amazon Integrates Audible In The Kindle Reader Apps
… With a tap you can now seamlessly go from reading to listening without losing your place in the book. The Audible audiobook service has been integrated in the Kindle apps for iOS and Android by piggybacking on the Whispersync for Voice feature.
The Android and iOS apps can be downloaded from the respective stores.


More and more of my students are dropping cable.
Cord Cutters: Watch Live TV Online With NimbleTV – Even Cable!
Want to watch TV, but don’t like the limitations of cable? Look into NimbleTV, which offers a few free live TV stations and paid plans for cable stations.
Recently I introduced you to FilmOn, which lets you watch a variety of over-the-air TV stations free of charge. That service doesn’t ask for permission from providers: it re-broadcasts signals without permission, and as such is subject to frequent lawsuits.
NimbleTV, in contrast, is trying to do online live television legally. You can connect the service with your existing cable stations, or pay for a direct subscription to watch cable TV online.
… If you’re looked into LiveStation, which lets you watch live TV news online, you’ll find a similar lineup of news channels: Bloomberg, Al Jazeera, RT and CSPAN are a few examples. You’ll also find AntennaTV, which mostly airs reruns of black-and-white sitcoms.
… We’ve told you before: you can watch TV online legally, for free.


Quite a nice collection of tips and apps. Something for everyone, even my students.
Adobe PDF Guide – Everything You Wanted to do with PDFs


I find this hysterical.
Announcing Unizin: “Unizin is a strategic move by universities to assert greater control and influence over the digital-learning landscape than would otherwise be possible by any single institution." The four founding institutions are Colorado State University, Indiana University, the University of Florida, and the University of Michigan. Why Unizin?:
As professors and members of the academy, we want to support faculty and universities by ensuring that universities and their faculty stay in control of the content, data, relationships, and reputations that we create. As we look at the rapidly emerging infrastructure that enables digital learning, we want to bias things in the direction of open standards, interoperability, and scale. Unizin is about tipping the table in favor of the academy by collectively owning (buying, developing, and connecting) the essential infrastructure that enables digital learning on our campuses and beyond.
The platform for Unizin will be Instructure Canvas, because ”banding together" to resist outsourcing definitely starts with a shared LMS made by a third party vendor. [Is a proprietary infrastructure the best way to go? I think not. Bob]
… “24 Georgia Middle-Schoolers Suspended For Talking About Dress-Code Insubordination on Facebook” – the principal called their plans a “terrorist threat.”

Friday, June 13, 2014

“Is not really Russian tank. Is one-to-one scale model printed on 3D printer.”
Ukraine accuses Russia of letting rebels bring in tanks


After two days of investigation, what did they find? They don't know where, or when it started – what do they know? Do they have any idea what they are looking for?
P.F. Chang’s confirms credit and debit card breach
… The company says it learned about the security breach on Tuesday from the U.S. Secret Service and began investigating the breach with the agency and a team of forensics experts. It found that credit card and debit cards were exposed, but it doesn’t know yet when it started happening and which stores were affected.
The company didn’t say how many cards were affected.

(Related) It couldn't be this, could it?
Cybercriminals Targeting Cloud-Based PoS Systems via Browser Attacks
… The malware, called POSCLOUD by IntelCrawler, targets cloud-based PoS software commonly used by grocery stores, retailers, and other small businesses, the company wrote in a report released Wednesday.
The full report from IntelCrawler is available online in PDF format.


Another “We have no clue!” beach. If they really have unprotected computers, who should be fired?
Terrence T. McDonald reports:
The Jersey City school district is investigating how a Sherman Avenue charter school obtained personal information about district students, data that parents believe the charter school used to mail the students and their parents registration forms last month.
Schools Superintendent Marcia V. Lyles revealed some details of the investigation at a citywide meeting with parents last night, with attendees telling The Jersey Journal that Lyles said METS Charter School obtained students’ names, addresses, phone numbers, dates of birth and possibly even social security numbers.
METS may have accessed the information via district computers that weren’t safeguarded to keep outsiders from obtaining student data, Lyles said, according to parents who attended the meeting.
“We are currently trying to determine what happened,” district spokeswoman Maryann Dickar told The Jersey Journal in an email. “We have had conversations with METS Charter and we expect resolution early next week.”
Read more on NJ.com


At least this could give Facebook some Privacy feedback – if they bother to look.
Facebook Is Expanding the Way It Tracks You and Your Data
There'a a key nugget buried in this morning's New York Times story about how Facebook is going to give its users the ability to see why certain ads are targeted to them. Starting this week, the Times reports, "the company will tap data it already collects from people’s smartphones and other websites they visit to improve its ad targeting. Users can opt out of such extended tracking, but they will have to visit a special ad industry website and adjust their smartphone settings to do so."
In other words, Facebook is giving users a glimpse of what marketers already know about them, but it is also going to give marketers more information about users—which makes sense, given that Facebook's business model is largely built on the data you provide.


“It's time we stop ignoring this troublesome law and overturn it!” Is wasting money on cases you know you can't win the best strategy these bozos can think of?
Mary Pat Gallagher reports:
The New Jersey Attorney General’s Office is asking county prosecutors statewide for their help in overturning a 32-year-old state Supreme Court precedent that requires a warrant to obtain telephone billing records.
Assistant Attorney General Ronald Susswein wants them to bring test cases where they will likely lose at the trial and Appellate Division levels, in the hope that the issue will eventually percolate up to the high court, according to his June 10 memo, obtained by the New Jersey Law Journal.
Read more on New Jersey Law Journal.

(Related) Here's how dumb is done in Canada.
Justin Ling reports:
OTTAWA — The Harper government’s new cyberbullying legislation includes little-noticed provisions that would allow police to remotely gain entry to computers and track cellphone users’ movements, privacy experts warn.
As a result of the revelations of the vast foreign and domestic surveillance programs run by the U.S. National Security Agency (NSA), the U.S. Congress is at least trying to rein in some of the NSA’s powers. Unfortunately, despite all we know about the Canadian government’s involvement in the NSA’s mass surveillance programs, this country is moving in the opposite direction by making it easier for government officials to gather information about Canadians’ online activities.
Bill C-13, colloquially known as the cyberbullying bill, is currently being studied by a parliamentary committee. The term “cyberbullying,” however, is a bit of a misnomer. In a stunning display of political opportunism, the government has trotted out parents whose children have tragically taken their own lives after being bullied online. But nowhere in the bill do the words “cyber” or “bully” actually appear.
Read more on The National Post.


Other than having strangers parked near the house like those moochers at Starbucks, I'm not sure this is such a bad idea. My Ethical Hackers should be able to “discover” a way past the two hour limit, so I should be able to use my non-techie neighbor's wifi for free.
Comcast to turn your home into WiFi hotspot
Thousands of cable internet customers in Colorado will soon be helping Comcast provide wireless internet to the public - whether they know it or not.
… The company says it's already done so with one million customers and counting.
… Comcast said its free for its cable service customers. [This means you must identify yourself wherever you use their service. Bob]
… 9news spoke with Jefferson Graham, a tech columnist for USA Today. For him, the concept raises more questions than answers over privacy.
"By making so many WiFi signals out there more available, of course it's making it available to hackers, although of course Comcast would say no it's not," Graham said.
It's a fear echoed by University of Denver law professor John Soma. After studying privacy law for more than three decades, Soma says security is rarely certain.
"I'm very confident that at least a middle schooler or high school kid somewhere in the world will be able to [hack into your router]," Soma said.


This Thing could really rat you out. “Your cup has testified that you had three Harvey Wallbangers before you tried to drive home...” (If you have to ask your cup what you are drinking, you should have stopped drinking several drinks ago.)
Vessyl smart cup can tell Coke from Pepsi
… Their cup -- a slim, slightly hefty thermos-looking receptacle -- will not only identify and track what you drink and how much of it, but can do so on the fly as it senses the liquid type and breaks it down to its most vital components as soon as it interacts with the cup's sensor-filled interior. The ultimate utility with Vessyl is not to provide novelty, but to transform how we consume every ounce of liquid throughout the day.
Caffeine and sugar amounts, alongside calorie count and a proprietary metric for hydration called Pryme, are tracked through an app on your phone, and bits of that information are also displayed on a screen embedded within the cup itself. The display glimmers to life only when new liquids are poured in to notify you that, yes, you are drinking coffee -- and here's how much caffeine that particular brew will put into your system. A small pillar of light also tells you how drinking that particular amount of that particular liquid will hurt or help your level of hydration as well.


Interesting.
The ACLU has created a map that tracks “what we know, based on press reports and publicly available documents, about the use of stingray tracking devices by state and local police departments.” Following the map is a list of the federal law enforcement agencies known to use the technology throughout the United States.
Read more on ACLU.


The Fourth Amendment Third-Party Doctrine – CRS
by Sabrina I. Pacifici on June 12, 2014
The Fourth Amendment Third-Party Doctrine, Richard M. Thompson II, Legislative Attorney. June 5, 2014.
“In the 1970s, the Supreme Court handed down Smith v. Maryland and United States v. Miller, two of the most important Fourth Amendment decisions of the 20th century. In these cases, the Court held that people are not entitled to an expectation of privacy in information they voluntarily provide to third parties. This legal proposition, known as the third-party doctrine, permits the government access to, as a matter of Fourth Amendment law, a vast amount of information about individuals, such as the websites they visit; who they have emailed; the phone numbers they dial; and their utility, banking, and education records, just to name a few. Questions have been raised whether this doctrine is still viable in light of the major technological and social changes over the past several decades. Before there were emails, instant messaging, and other forms of electronic communication, it was much easier for the courts to determine if a government investigation constituted a Fourth Amendment “search.” If the police intruded on your person, house, papers, or effects—tangible property interests listed in the text of the Fourth Amendment—that act was considered a search, which had to be “reasonable” under the circumstances. However, with the advent of intangible forms of communication, like the telephone or the Internet, it became much more difficult for judges to determine when certain surveillance practices intruded upon Fourth Amendment rights. With Katz v. United States, the Court supposedly remedied this by declaring that the Fourth Amendment protects not only a person’s tangible things, but additionally, his right to privacy. Katz, however, left unprotected anything a person knowingly exposes to the public. This idea would form the basis of Smith and Miller. In those cases, the Court held that a customer has no reasonable expectation of privacy in the phone numbers he dials (Smith) and in checks and deposit slips he gives to his bank (Miller), as he has exposed them to another and assumed the risk they could be handed over to the government.”


How does this work? The FBI “leaks” your name to several newspapers when you had no involvement and then “clears” you. If he was never involved, how was his name connected to the investigation? The FBI still lives in the Hoover “publicity seeking” culture.
New York Times Walks Back the Phil Mickelson Insider-Trading Story
Even people leaking information to the press about sensitive government investigations make mistakes. The golf pro Phil Mickelson, who was implicated in an insider trading-investigation in articles in the Wall Street Journal and the New York Times on May 30, may not be a target of the investigation.
According to both news organizations, the FBI in New York and the Security and Exchange Commission have for two years been investigating well-timed trades in Clorox (CLX) involving Carl Icahn, Mickelson, and professional gambler Billy Walters. Mickelson was said to have traded Clorox, possibly based on tips about Icahn’s investing activities that were transmitted through Walters, a sometime golf and poker partner and friend to both men. But as the Times reported on Thursday:
Although Mr. Icahn and Mr. Walters remain under investigation over Clorox, the FBI and the Securities and Exchange Commission have found no evidence that Mr. Mickelson traded Clorox shares. The overstated scope of the investigation came from information provided to The Times by other people briefed on the matter who have since acknowledged making a mistake.
… The events highlight the devastating impact of such leaks on everyone involved. For Icahn, Walters, and Mickelson—all of whom deny wrongdoing—the story causes distraction and serious reputational damage, which can have an immediate impact on an athlete’s endorsement deals. For FBI and SEC investigators doing the work of assembling evidence and trying to put cases together, media exposure can shut inquiries down and derail lines of investigation. They can no longer deploy covert methods [Did they say that? I call that statement BS! Bob] such as wiretaps and confidential informants, which have been powerful tools in such cases, and there is potential for evidence to be destroyed.


Why the surprise? Did they think beer was made with the livers of endangered species? It's beer! I imagine Budweiser thought the ingredients were obvious.
Budweiser finally reveals what's in its beer
... A popular blogger known as the "food babe" started a petition asking major brewers to list their ingredients. The petition picked up steam, gathering more than 40,000 signatures in 24 hours.
The company responded surprisingly fast, listing its ingredients on the website tapintoyourbeer.com. It turns out Bud and Bud Light have only five ingredients: water, barley malt, rice, yeast and hops.


Perhaps we could smuggle a few back to the US for my students?
Mozilla to sell '$25' Firefox OS smartphones in India


For my Mac using students.
Scrivener 2 For Mac On Sale Now, 55% Off Until June 15
When it comes to writing on Mac OS X, there’s no comparison — Scrivener is the best app for the job, hands down. And now, it’s available for just $20 (55% discount) from StackSocial.
… We believe it in so much that we’ve published an entire guide to walk you through its main features.


For my “I hate Microsoft” students.
Presentations Evolved: 4 Alternatives To PowerPoint & Keynote Compared
Even though you can create effective PowerPoint presentations with ease and do some cool things with Keynote, these apps are passé (not to mention relatively expensive), and it’s time to try something new.


For my techie students. Online courses and free programming books!
The Best Websites to Learn Coding Online


For all my students...
Complete These Free Courses to Become a Better Researcher
A couple of summers ago Google offered a MOOC about search skills. The content of that course is still available online for anyone to use at his or her own pace.
Power Searching With Google provides six units of study on search strategies. Each unit includes slides, videos, and text. Examples of how each strategy works in practice are provided by Daniel Russell, Google's search anthropologist.
Advanced Power Searching With Google is full of challenges through which you can test your power searching skills. The challenges include helpful videos and texts to consult when you get stuck on a challenge. When you think that you have successfully completed a challenge, you can check your answer before moving to your next challenge.

Thursday, June 12, 2014

Anything that attracts your attention, also attracts the bad guys.
Cybercriminals Ramp Up Activity Ahead of 2014 World Cup
Similar to the Sochi 2014 Olympics and all other major sporting events before it, the FIFA World Cup 2014 in Brazil is being leveraged by cybercriminals and scammers as a means to lure victims for their attacks.
Cybercriminals are relying on the FIFA World Cup to trick users into installing malware on their computers. Trend Micro discovered a campaign targeting customers of a Brazilian ticketing website, where the attackers managed to obtain the personal details of the site’s users and sent them fake raffle emails containing links to the BANLOAD banking Trojan.
Trend Micro’s researchers also stumbled upon a BLADABINDI backdoor disguised as a FIFA World Cup streaming application, and a piece of adware (ADW_INSTALLREX) disguised as a key generator for the FIFA 14 video game.
[etc., etc., etc. Bob]

(Related) More sites should do this!
The 'World Cup Starter Kit' and the Future of Twitter
… Twitter has created "starter kits" for each of the sides playing the Mundial. Each one has about 90 Twitter accounts that help you follow what's happening in real time. If you were a new user and didn't know how to follow soccer on the service, this would instantly put you in the real-time networks that talk about the sport.


And thus the debate continues...
“In short, we hold that cell site location information is within the subscriber’s reasonable expectation of privacy. The obtaining of that data without a warrant is a Fourth Amendment violation.”
– from a Court of Appeals for the Eleventh Circuit decision released today in U.S. v. Davis.


I bet they keep trying...
Another Fair Use Victory for Book Scanning in HathiTrust
by Sabrina I. Pacifici on June 11, 2014
EFF - “Fair use enjoyed a major victory in court today. In Authors Guild v. HathiTrust, the Second Circuit Court of Appeals handed down a decision that strongly underscores a fair use justification for a major book scanning program. For those counting along at home, today’s decision marks another in a serious streak of judicial findings of fair use for mass book digitization, including Authors Guild v. Google, Cambridge University Press v. Becker, and the district court opinion in the HathiTrust case itself. Given that consistent fair use record for book digitization, today’s ruling might not be totally surprising. Still, the text of the opinion is encouraging, and reflects a court that respects the Constitutional purpose of copyright as a tool to promote the progress of science and the useful arts—not a blunt instrument for rightsholders to regulate all downstream uses. HathiTrust was set up by several research universities to operate a digital library containing electronic scans of the universities’ books (Google provided the scans as part of its Google Books project). The Authors Guild took issue with three practices that HathiTrust engages in: a full-text database that returns the book name and page number for matching search results; a service to make text available in formats accessible to print-disabled people; and a long-term archive to preserve books that might become unavailable during the term of their copyright restrictions. With respect to the full-text database, the court found that although a copy of the entire work is made, the purpose of a full-text searchable database is so different from that of the underlying works that the use must be considered transformative. In fact, the court wrote, “the creation of a full‐text searchable database is a quintessentially transformative use”. [Thanks to Gloria Miccioli]


Here's a thing that won't be on the Internet of Things and therefore won't be hackable. (No scenarios like the current “24”) Unfortunately, it won't be controllable remotely either. The programming has to work the first time and every time in every possible situation.
Autonomous Weapons and Human Responsibilities
by Sabrina I. Pacifici on June 11, 2014
Beard, Jack M., Autonomous Weapons and Human Responsibilities (June 9, 2014). 45 Georgetown Journal of International Law 617 (2014). Available for download at SSRN: http://ssrn.com/abstract=2447968
“Although remote-controlled robots flying over the Middle East and Central Asia now dominate reports on new military technologies, robots that are capable of detecting, identifying, and killing enemies on their own are quietly but steadily moving from the theoretical to the practical. The enormous difficulty in assigning responsibilities to humans and states for the actions of these machines grows with their increasing autonomy. These developments implicate serious legal, ethical, and societal concerns. This Article focuses on the accountability of states and underlying human responsibilities for autonomous weapons under International Humanitarian Law or the Law of Armed Conflict. After reviewing the evolution of autonomous weapon systems and diminishing human involvement in these systems along a continuum of autonomy, this Article argues that the elusive search for individual culpability for the actions of autonomous weapons foreshadows fundamental problems in assigning responsibility to states for the actions of these machines. It further argues that the central legal requirement relevant to determining accountability (especially for violation of the most important international legal obligations protecting the civilian population in armed conflicts) is human judgment. Access to effective human judgment already appears to be emerging as the deciding factor in establishing practical restrictions and framing legal concerns with respect to the deployment of the most advanced autonomous weapons.”

(Related) Thinking about your tools...
The Eccentric Genius Whose Time May Have Finally Come (Again)
… Wiener is best known as the inventor of “cybernetics,” a fertile combination of mathematics and engineering that paved the way for modern automation and inspired innovation in a host of other fields. He was also one of the first theorists to identify information as the lingua franca of organisms as well as machines, a shared language capable of crossing the boundaries between them.
Wiener was 69 when he died of a heart attack in 1964. He’s come to mind recently because a conference dedicated to reclaiming his reputation is scheduled in Boston later this month. Sponsored by the Institute of Electrical and Electronics Engineers (IEEE), Norbert Wiener in the 21st Century will feature a series of papers and panels demonstrating not only that Wiener was ahead of his time, but that now his time has finally come. Indeed, engineers who are well grounded in cybernetic theory will tell you technology is just catching up with ideas Wiener proposed more than half a century ago.
… Yet, much sooner and more thoroughly than could have been expected, memory of Wiener and of his contributions faded. Several reasons account for his eclipse. One is that during the height of his career, Wiener refused, for ethical reasons, to accept research contracts from the military or from corporations seeking to exploit his ideas. Since the military and corporations were the main sources of research support, Wiener’s defiance hindered his progress during a period of unprecedented technological advance. Besides nuclear weapons, Wiener was perhaps most worried about the technology he was most directly responsible for developing: automation. Sooner than most, he recognized how businesses could use it at the expense of labor, and how eager they were to do so. "Those who suffer from a power complex," he wrote in 1950, "find the mechanization of man a simple way to realize their ambitions."


Strange things on the Internet of Things, but will this technology prevent riots? If so, it's priceless.
New technology aims to rid World Cup of 'ghost goals'
In 1966, British soccer legend Geoff Hurst booted a right-foot shot against Germany in the World Cup championship game. The ball struck the top crossbar and rifled down near the goal line before spinning out.
Confusion ensued; it was impossible to tell if the ball had crossed the plane.
Eventually, officials awarded the goal, and England secured its first and only World Cup victory.
Try not to remind German fans.
… According to official estimates, FIFA is paying a small German start-up nearly $3.5 million to operate its new goal-line technology in the 2014 World Cup, which kicks off Thursday in Brazil.
The company, called GoalControl, would install 14 cameras in each of the 12 World Cup stadiums that triangulate the motion of the ball with maximum precision: up to 500 images per second.
With that tracking, plus sensors on the goal line, GoalControl can instantly alert a referee when the ball crosses the line. There's no need to consult a replay booth or another official; the referee in charge merely looks at their smartwatch.


Who is doing this? Note to students. I probably will not answer your emails in 15 minutes.
– Reply right away to emails. With relative timestamps in Gmail, you can see how long an email has been sitting in your inbox. Reply while the time is still green. Timestamps turn yellow after 15 minutes and red after an hour. Extensions are available for both Chrome and Firefox.


Could be a good way to nag my students!
– will say anything you type in their own voice. Just type a message to create fun, animated, talking stickers to send to your friends or post on social networks. Talkz also supports huge groups and has Voice, Pictures, Doodles, Video, Location, and Music. Talkz supports user-generated talking stickers, so there’s no end to your creativity.

Wednesday, June 11, 2014

There are many details in a complete Security plan. I've blogged repeatedly about companies not looking at (or even generating) logs. This is another area where today's “cost” overrides future “risks.” Organizations know they should do it, but it takes skills and dollars.
Database Monitoring Critical to Fighting SQL Injection, Few Do it: Survey
SQL injection attacks are far from new, and the consequences of being vulnerable to them are hardly unknown.
However, a survey of 595 IT security experts indicates that many organizations may not be doing enough to address them. According to a survey by the Ponemon Institute, only 33 percent said their organizations were scanning their active databases either continuously or daily. Forty-seven percent said they did it irregularly or not at all. Despite those numbers, continuous monitoring of databases was cited by 65 percent of respondents as the best way to avoid a breach of databases.


Are we seeing a return to KGB days or something new? Possible a “Global Warming War?” Stay tuned.
Cold War-style spy games return to melting Arctic
In early March, a mysterious ship the size of a large passenger ferry left a Romanian wharf, glided through the narrow strait that separates Europe from Asia and plotted a course toward Scandinavia. After a two-year refitting, the $250 million ship will begin its mission: to snoop on Russia's activities in the Arctic.
"There is a demand from our political leadership to describe what is going on in this region," said Norway's military intelligence chief, Lt. Gen. Kjell Grandhagen.
… Summer sea ice reached a record low in 2012 and scientific projections suggest it could disappear completely this century. New areas of open water already have allowed more shipping through the Northern Sea Route north of Russia. The melt is also opening a new energy frontier — the Arctic is believed to hold 13 percent of the world's undiscovered oil and 30 percent of its untapped gas.
The most accessible resources lie within national boundaries and are undisputed. Security analysts say the risk of conflict lies further ahead, if and when the ice melts enough to uncover resources in areas where ownership is unclear. The U.S., Canada, Denmark, Norway and Russia are expected to have overlapping claims.

(Related) Is China taking off the kid gloves?
Alarm in Hong Kong at Chinese white paper affirming Beijing control
Pro-democracy Hong Kongers have reacted angrily to a Chinese government white paper affirming Beijing's "comprehensive jurisdiction" over the territory, released days after more than 100,000 demonstrators gathered in the city calling for greater rights.
The 14,500-word document, which stresses that Hong Kong does not have "full autonomy" and comes under Beijing's oversight, was released amid fierce debate between residents of the former British colony over impending electoral reform and the nature of the "one country, two systems" concept.
… Hong Kong lawmaker Alan Leong, leader of the pro-democracy Civic Party, said he was "completely taken aback" by the document, which had sent a shiver up (his) spine."
"It is a sea-change to our understanding of what 'one country, two systems' should be," he said.
He argued that the notion that judicial decisions made in Hong Kong should take into account the needs of China was a new concept, and one that was "totally repugnant to our understanding of the rule of law as an institution which we hold very dear to our hearts."


I'm shocked, shocked I tell you!
Three Reasons To Believe Facebook Might Be Used to Spy On You


Microsoft, protector of privacy?
Microsoft Protests Order to Disclose Email Stored Abroad
Microsoft is challenging the authority of federal prosecutors to force the giant technology company to hand over a customer’s email stored in a data center in Ireland.
The objection is believed to be the first time a corporation has challenged a domestic search warrant seeking digital information overseas. The case has attracted the concern of privacy groups and major United States technology companies, which are already under pressure from foreign governments worried that the personal data of their citizens is not adequately protected in the data centers of American companies.
Verizon filed a brief on Tuesday, echoing Microsoft’s objections, and more corporations are expected to join. The Electronic Frontier Foundation is working on a brief supporting Microsoft. European officials have expressed alarm.
In a court filing made public on Monday, Microsoft said that if the judicial order to surrender the email stored abroad is upheld, it “would violate international law and treaties, and reduce the privacy protection of everyone on the planet.”
… In his ruling in April, James C. Francis, a magistrate judge in federal court in New York, wrote, “Microsoft’s argument is simple, perhaps deceptively so.”
Microsoft contends that the rules that apply to a search warrant in the physical world should apply online. The standard of proof for a search warrant is “probable cause” and “particularity” — that is, a person’s name and where the person, evidence or information reside.
A subpoena — the less powerful court-ordered investigation tool — requires only that the information is “relevant to an ongoing investigation.” But a subpoena, unlike a search warrant, requires that the person being investigated be informed.
Judge Francis, in his order, wrote that the Electronic Communications Privacy Act, passed in 1986, created an in-between category intended at the time to protect people from indiscriminate data gathering that subpoenas might allow of online communications. The result, he wrote, is “a hybrid: part search warrant and part subpoena,” and applied to information held in Microsoft’s data center overseas.


I guess you can try any argument, but is “We're completely out of control” the best they can do?
ACLU – NSA Says It’s Too Large, Complex to Comply With Court Order
by Sabrina I. Pacifici on June 10, 2014
Patrick C. Toomey, Staff Attorney, ACLU National Security Project
News release:” “In an era of too-big-to-fail banks, we should have known it was coming: An intelligence agency too big to rein in — and brazen enough to say so. In a remarkable legal filing on Friday afternoon, the NSA told a federal court that its spying operations are too massive and technically complex to comply with an order to preserve evidence. The NSA, in other words, now says that it cannot comply with the rules that apply to any other party before a court — the very rules that ensure legal accountability — because it is too big. The filing came in a long-running lawsuit filed by the Electronic Frontier Foundation challenging the NSA’s warrantless collection of Americans’ private data. Recently, the plaintiffs in that case have fought to ensure that the NSA is preserving relevant evidence — a standard obligation in any lawsuit — and not destroying the very data that would show the agency spied on the plaintiffs’ communications. Yet, as in so many other instances, the NSA appears to believe it is exempt from the normal rules.”


Perspective. Is this how we will find lawyers, maids and golf pros?
Amazon Chases Local Services, The New E-Commerce Battleground
Amazon has found a new place to sell and it doesn’t have anything to do with books, DVDs or physical products.
Later this year, the Seattle company will dive into local services, launching a marketplace that will connect regional professionals and businesses to consumers who could need anything from vocal lessons to a kitchen remodel. The company will unveil the new development, which was first reported by Reuters, on a city-by-city basis, similar to what is being done for its grocery delivery service, Amazon Fresh.
… Similar to Amazon, eBay has been testing a new product called eBay Hire, which will place the profiles of service professionals next to associated products that consumers may be shopping for on its website. For example, a person buying golf clubs on eBay may see ads or links referring them to a local golf teacher who’s signed up with the eBay Hire platform.
… Expertise may also keep Amazon from mastering the market, says Zappacosta, who says that selling a professionals’ services are much different than peddling commodities like shoes or electronics.
“You can’t go after a few distributors and get all the titles,” he says, making the comparison to books. “There’s is no wholesaler than you can hook into that gives you access to the market. You have to go professional to professional to find them.”


Perspective. Any way you slice it, that's a lot of data. Is “pay for preferred routing” on existing networks the answer or is it higher overall network speed?
Videos may make up 84 percent of internet traffic by 2018: Cisco
Video consumption of the World Cup alone will generate nearly as much Internet traffic as occurred in all of Australia in 2013, according to a new Cisco Systems Inc report that shows growth in Internet traffic is fueled by video.
The report, which says video is expected to grow to 84 percent of Internet traffic in the United States by 2018 from 78 percent currently, raises questions about whether Internet service providers should prioritize traffic, which has become a controversial issue.
Annual global IP traffic will surpass the zettabyte (1000 exabytes) threshold in 2016. Global IP traffic willreach 1.1zettabytes per year or 91.3 exabytes (one billion gigabytes) per month in 2016. By 2018, global IPtrafficwill reach 1.6 zettabytes per year, or 131.6 exabytes per month.


This raises a lot of questions. Did they test the judges before allowing them to ask questions? The test is for sentience, not humanity.
Computer program tricks judges into thinking it’s human
For the first time, a computer program has officially passed the Turing Test, which measures a machine’s ability to think for itself — at least under the standards set by a competition in Britain.
The achievement, being hailed as a milestone for the field of artificial intelligence, came Saturday in London at a competition organized by the University of Reading involving five computer programs. Each was tasked with persuading at least 30 percent of judges into mistaking it for a human. The winner, a program named Eugene Goostman, tricked 33 percent of the judges into believing it was a 13-year-old, non-native-English-speaking Ukrainian boy.
… The Turing Test was originally proposed by British computer scientist Alan Turing in a paper written in 1950, in which he wrote, “I propose to consider the question, ‘Can machines think?’”
… The winning entrant’s accomplishments suggest that people may soon be able to hold conversations with computers that feel real.
“Siri is just awful. You can’t have a conversation with Siri,” Denning said, referring to the voice assistant for Apple’s iPhone and iPad. “People should be able to expect more. This shows it’s possible.”


An interesting Security/Privacy development.
Lee Hutchinson writes:
Quartz is reporting a change to how iOS 8-equipped devices search out Wi-Fi networks with which to connect. The new mobile operating system, which is on track for a release in the fall, gives iOS 8 devices the ability to identify themselves not with their unique burned-in hardware MAC address but rather with a random, software-supplied address instead.
This is a big deal.
Read more on Ars Technica


For my Android packing students.
SwiftKey, Android's best keyboard, is now free with new theme packs
Since it debuted on Android several years ago, SwiftKey has been one of the best paid apps available on the platform thanks to its gesture-based typing and smart word prediction. Now the app has dropped its $4 price tag and gone completely free to use, but it will still cost if you want to style the keyboard into something more to your liking.


Mostly for my International students. (Us 'mericans know that ain't football!)
Follow the Brazil World Cup From Anywhere With These Six Android Apps
… A staggering 3.2 billion people are expected to watch at least one match, with more than 1 billion expected to tune in to watch the tournament’s final. We’ve already looked at some innovative ways you can follow the tournament yourself, but if you’re one of those 3.2 billion and you also own an Android phone, what apps do you have available to keep abreast of the latest news and scores from the 64-game event?


For my students.
The Ultimate Netflix Guide: Everything You Wanted To Know About Netflix But Were Afraid To Ask


For y students.
Videos and Guides to Copyright & Creative Commons
In my previous post I shared the copyright flowchart created by Silvia Rosenthal Tolisano and Meryl Zeidenberg. I am planning to share that chart along with the following videos and guides in a video creation workshop that I am facilitating on Wednesday morning.


An infographic for ALL my students.
How To Use Punctuation Marks Correctly
… Don’t just depend on spelling and grammar checkers in Word. If you do, you’re probably making dumb grammar mistakes that can otherwise be avoided. By learning the proper use of punctuation marks, you’re not only improving your knowledge, but also causing less confusing for your readers.