Tuesday, August 29, 2017

You should probably keep your public facing website and you back-office applications separate, as in “not linked.”  Just saying… 
WHEC reports:
Major League Lacrosse is investigating a massive data leak that exposed every individual player’s personal information.
According to an email the league sent to all players Monday evening — that was in turn sent to News10NBC by a player — a link on one of their website pages mistakenly re-directed browsers to a spreadsheet.  The spreadsheet contained every player in the league’s names, phone numbers, email and mailing addresses, Social Security numbers and more.
Read more on WHEC.  That “more” in the personal info sentence was defined in the email sent to players as:
full name, address, telephone number, email address, Social Security number, citizenship, date of birth, height, weight, position, college, graduation year, team, and non-MLL occupation.
According to the MLL, they have 230 players in 9 teams.


I think they got something wrong.  None of this is new.  Granted, some was not used by personal devices, but the technology has been around for years. 
Spying on the Smart Home: Privacy Attacks and Defenses on Encrypted IoT Traffic
by on
“The growing market for smart home IoT devices promises new conveniences for consumers while presenting new challenges for preserving privacy within the home.  Many smart home devices have always-on sensors that capture users’ offline activities in their living spaces and transmit information about these activities on the Internet.  In this paper, we demonstrate that an ISP or other network observer can infer privacy sensitive in-home activities by analyzing Internet traffic from smart homes containing commercially-available IoT devices even when the devices use encryption.  We evaluate several strategies for mitigating the privacy risks associated with smart home device traffic, including blocking, tunneling, and rate-shaping.  Our experiments show that traffic shaping can effectively and practically mitigate many privacy risks associated with smart home IoT devices.  We find that 40KB/s extra bandwidth usage is enough to protect user activities from a passive network adversary.  This bandwidth cost is well within the Internet speed limits and data caps for many smart homes.”


Interesting.  You can keep on spreading Russian propaganda but we don’t want you to profit from it?  Was that ever their primary objective?  Would kicking them off Facebook be a better solution? 
Facebook says Pages that regularly share false news won’t be able to buy ads
The company has already been working with outside fact-checkers like Snopes and the AP to flag inaccurate news stories.  (These aren’t supposed to be stories that are disputed for reasons of opinion or partisanship, but rather outright hoaxes and lies.)  It also says that when a story is marked as disputed, the link can no longer be promoted through Facebook ads.
The next step, which the company is announcing today, involves stopping Pages that regularly share these stories from buying any Facebook ads at all, regardless of whether or not the ad includes a disputed link.


Because we are more intellectual or because we are more technical?
Intellectual Property in the New Technological Age: 2017 – Chapters 1 and 2
by on
Menell, Peter S. and Lemley, Mark A. and Merges, Robert P., Intellectual Property in the New Technological Age: 2017 – Chapters 1 and 2 (July 18, 2017). Intellectual Property in the New Technological Age 2017: Vol. II Copyrights, Trademarks and State IP Protections; ISBN-13: 978-1945555077; UC Berkeley Public Law Research Paper; Stanford Public Law Working Paper. Available at SSRN: https://ssrn.com/abstract=2999038
“Rapid advances in digital and life sciences technology continue to spur the evolution of intellectual property law.  As professors and practitioners in this field know all too well, Congress and the courts continue to develop intellectual property law and jurisprudence at a rapid pace.  For that reason, we have significantly augmented and revised Intellectual Property in the New Technological Age…”


Cheaper access to research means better student papers?
New studies continue to predict troubled waters ahead for paywall journals
by on
Phys.org – “Two independent studies looking at two aspects of paywalls versus free access to research papers suggest that trouble may lie ahead for traditional journals that continue to expect payment for access to peer-reviewed research papers.  In the first study, a small team of researchers from the U.S. and Germany looked at the number of freely available papers on the internet using a web extension called Unpaywall—users enter information and the extension lists sources online for free.  In the second study, a team with members from Canada, the U.S. and Germany looked at the popularity of a website known as Sci-Hub that collects and freely distributes research papers.  Both groups have written papers describing their studies and results and have uploaded them to the PeerJ Preprints server.  Free access to research papers is a hot topic in the research community, perhaps indicating coming changes to the status quo…”
[Get the extension for Firefox: http://unpaywall.org/  ]


Will this inspire my students?  
Uber's New CEO May Get at Least $200 Million to Exit Expedia
   Dara Khosrowshahi, who spent 12 years at the helm of Expedia Inc., held unvested stock options in that company worth $184.4 million as of Friday’s close in New York, according to data compiled by Bloomberg.  Companies typically grant replacement awards to executives who must forfeit unvested equity when they leave before their employment terms have expired.
The ride-hailing company will likely also grant Khosrowshahi additional compensation, such as an annual salary and stock awards that vest over several years to ensure he remains on the job for the forseeable future.  That could push his total price tag north of $200 million.


Something for my students to fiddle with.
Glitch is a playground for coders of all kinds.  Through it, you can make your own app or remix any of the existing projects on the site.  You can be creative without the fear of breaking anything — and there are veteran coders who are standing by to help you do it.
It’s an open and free collaborative coding site that’s basically a miniature programming school.
Glitch gives you all the tools to instantly create, remix, edit, and host an app, bot, or site.  You can invite collaborators who can simultaneously edit the code with you.  Right now, the programming sandbox only supports Node.js.


I have to admit, none of these seem appealing, but maybe someone will like them.


Let’s see how many of my students already know about this.
Amazon Offers Students Music Unlimited for $4.99/Month
To coincide with everyone going back to school, Amazon is offering students a Music Unlimited subscription for just $4.99/month.  That's a saving of $60 per year for non-Prime members.  But it gets even better if you are a Prime Student member.  Amazon is offering you six months access for just $6.  After that, it reverts to the $4.99/month price as long as you remain a student.
In order to take advantage of this student offer, Amazon requires customers first validate their status as a student.  For that, Amazon uses third-party service SheerID, which apparently happens without interruption to the customer.

(Related).  Take a look at what SheerID claims to be able to verify. 
SheerID
   Our most popular products are military verification, college student verification, and teacher verification.

No comments: