Thursday, December 01, 2011


Do we (the US) take this seriously enough to make a hotline a reality?
"China should look at establishing a cyber crisis hotline with the United States, according to a Chinese newspaper seen as a window into official thinking. Discussions about a crisis hotline might seem an obvious first step in improving relations. But if it's a sign the Chinese government is beginning to think about how to coordinate a rapid, unified response to cyber emergencies, then it is an extremely important one."

(Related) Perhaps so...
"Deciding when malware becomes a weapon of war that warrants a response in the physical world – for example, a missile – has become a necessary part of the discussion of military doctrine. The Pentagon recently outlined (PDF) its working definition of what constitutes cyber-war and when subsequent military strikes against physical targets may be justified as result. The main issue is attribution of cyber attacks. The Department of Defense is working to develop new ways to trace the physical source of an attack and the capability to identify an attacker using behavior-based algorithms. 'If a country is going to fire a missile at someone, it better be sure it has the right target,' said one expert. A widely held misconception in the U.S. government is our offensive capabilities provide defensive advantage by identifying attacker toolkits and methods in foreign networks prior to them hitting our networks. So when do malware and cyber attacks become a weapon or act of war that warrant a real-world military response?"


Update: Nifty little app. Where does the data end up?
Did Carrier IQ Violate Wiretap Law in Millions of Cases?
November 30, 2011 by Dissent
The Carrier IQ kerfluffle that came to light after a researcher, Trevor Eckhart, revealed some really spooky snooping took a wicked turn. Andy Greenberg reports:
A piece of keystroke-sniffing software called Carrier IQ has been embedded so deeply in millions of Nokia, Android, and RIM devices that it’s tough to spot and nearly impossible to remove, as 25-year old Connecticut systems administrator Trevor Eckhart revealed in a video Tuesday.
That’s not just creepy, says Paul Ohm, a former Justice Department prosecutor and law professor at the University of Colorado Law School. He thinks it’s also likely grounds for a class action lawsuit based on a federal wiretapping law.
Read more on Forbes. David Kravets had reported on this matter yesterday on Threat Level.
The Mountain View, California-based firm is really getting a lot of bad press since Trevor Eckhart published his findings. First they threatened to sue him – until EFF jumped in to defend him and made them see the errors of their way. Now this. Watch the video and be … appalled… offended… furious:
http://www.youtube.com/watch?feature=player_embedded&v=T17XQI_AYNo#! [Tedious and techie, but interesting! Bob]
Somewhat ironically, Carrier IQ’s most recent tweet, on November 21, was “Understanding the experience of the mobile user.” I guess they meant really, really, really, REALLY understanding the experience.
But not everyone agrees with Professor Ohm’s opinion that Carrier IQ could be facing a criminal wiretap charge or massive class action lawsuit. In a post on Pastebin today, security researcher Dan Rosenberg writes, in part:
After reverse engineering CarrierIQ myself, I have seen no evidence that they are collecting anything more than what they’ve publicly claimed: anonymized metrics data. There’s a big difference between “look, it does something when I press a key” and “it’s sending all my keystrokes to the carrier!”.
In response, Professor Ohm tweeted
Wiretap only if one “acquires” content, so maybe a defense, but “anonymized metrics data” may be content.
I guess we’ll have to wait to see if federal prosecutors charge the firm. What’s more certain is that at least some lawyers will rush to file a civil suit.


Small breach, but a good “bad example” You probably get away with this since your students (and certainly the reporters covering the story) don't know enough to ask the tough questions.
http://www.databreaches.net/?p=21917
The College of New Jersey reports vulnerability might have exposed 12,815 student job applicants’ information
November 30, 2011 by admin
David Karas reports:
Officials at The College of New Jersey this week reported an unintentional data breach in the On-Campus Student Employment System, an in-house system designed to store information about students applying for on-campus jobs.
According to a notice sent to students and faculty Monday, a vulnerability in the system was identified Nov. 2 by a student who applied for a position and accidentally viewed the personal information of 12 other students. The student reported the incident, officials said, and the system flaw was repaired within hours.
“Though there is no indication that any of the additional 12,815 records contained in the system were accessed by any unauthorized individual,” the statement read, “the possibility exists that the database could have been accessed through this vulnerability.”
Read more on NJ.com
“No indication… but the possibility exists?” Do they have logs going back far enough or don’t they? The State Police ”has not found any evidence that data had been extracted from the system” (to date) is reassuring, but only if there are sufficient logs and the data weren’t indexed by a search engine.
So for how long did this vulnerability exist? Since 2002, when the system was built, or is this a more recent vulnerability?
And were these records indexed by Google?
There’s more information that we need to know to assess the risk of this incident, including what kinds of information were in the database.
In April 2010, the college also experienced an exposure breach, but that one involved an alumni database.


Lots of data, insufficient analysis? A few conclusions jumped to... Probably correct to sound the alarm. Still, it should have been detected and resolved months earlier...
Exclusive: Comedy of Errors Led to False ‘Water-Pump Hack’ Report
It was the broken water pump heard ’round the world.
Cyberwar watchers took notice this month when a leaked intelligence memo claimed Russian hackers had remotely destroyed a water pump at an Illinois utility. The report spawned dozens of sensational stories characterizing it as the first-ever reported destruction of U.S. infrastructure by a hacker. Some described it as America’s very own Stuxnet attack.
Except, it turns out, it wasn’t. Within a week of the report’s release, DHS bluntly contradicted the memo, saying that it could find no evidence that a hack occurred. In truth, the water pump simply burned out, as pumps are wont to do, and a government-funded intelligence center incorrectly linked the failure to an internet connection from a Russian IP address months earlier.
… Mimlitz says last June, he and his family were on vacation in Russia when someone from Curran Gardner called his cell phone seeking advice on a matter and asked Mimlitz to remotely examine some data-history charts stored on the SCADA computer.
Mimlitz, who didn’t mention to Curran Gardner that he was on vacation in Russia, used his credentials to remotely log in to the system and check the data. He also logged in during a layover in Germany, using his mobile phone.
“I wasn’t manipulating the system or making any changes or turning anything on or off,” Mimlitz told Threat Level.
… On Nov. 8, a water district employee investigating the pump failure called in a contract computer repairman to check it out. The repairman examined the logs on the SCADA system and saw the Russian IP address connecting to the system in June. Mimlitz’s username appeared in the logs next to the IP address.
The water district passed the information to the Environmental Protection Agency,
… But from there, the information made its way to the Illinois Statewide Terrorism and Intelligence Center, a so-called fusion center composed of Illinois State Police and representatives from the FBI, DHS and other government agencies.
Even though Mimlitz’s username was connected to the Russian IP address in the SCADA log, no one from the fusion center bothered to call him to ask if he had logged in to the system from Russia.


Lots more data?
"President Obama this week issued a directive to all federal agencies to upgrade records management processes from paper-based systems that have been around since President Truman's administration [Surely records go back a bit farther than that? Bob] to electronic records systems with Web 2.0 capabilities. Agencies have four months to come up with plans to improve their records keeping. Part of the directive is to have the National Archives and Records Administration store all long-term records and oversee electronic records management efforts in other agencies. Unfortunately, NARA doesn't have a stellar record itself (PDF) in rolling out electronic records projects. Earlier this year, due to cost overruns and project mismanagement, NARA announced it was ending a 10-year effort to create an electronic records archive."


How influential?
Mark Zuckerberg Invents Two New Chief Privacy Officer Roles At Facebook
In a blog post today on Facebook's website, CEO and founder Mark Zuckerberg announced two new roles within the company's executive team: Chief Privacy Officer (Policy) and Chief Privacy Officer (Products).
Erin Egan, who recently joined Facebook from law firm Covington & Burling, will become Chief Privacy Officer (Policy).
Michael Richter, who has been Facebook's Chief Privacy Counsel on the company's legal team, will become Chief Privacy Officer (Products).

(Related)
Facebook's FTC settlement won't change much, if anything
Federal Trade Commission officials spent the day touting a new settlement with Facebook, with FTC Chairman Jon Leibowitz saying the company now will be "obligated" to keep its privacy promises.
But in reality, the agreement is likely to have little, if any, actual impact on Facebook users.
One reason is that Facebook won't have to roll back any changes to its default privacy settings, which have grown more permissive over the last few years.


Since there is no agreement, Dr Cirka doesn't co-own this “online commentary” What does this indicate? Fear that an occasional angry patient might harm his practice? Fear that angry patients aren't that occasional? Apparently he never considered angry potential patients who are also professional writers with privacy concerns.
By Dissent, November 30, 2011
This may be more of a free speech than a privacy issues, but because a provider presented it as a “mutual privacy” issue, I’m posting this eyebrow-raising report by Nate Anderson:
When our own Timothy B. Lee stepped into a Philadelphia dentist’s office earlier this year, he had an unpleasant experience: the dentist required him to sign over control of all copyright in future online commentary related to that dentist. Here’s how Tim described the visit:
When I walked into the offices of Dr. Ken Cirka, I was looking for cleaner teeth, not material for an Ars Technica story. I needed a new dentist, and Yelp says Dr. Cirka is one of the best in the Philadelphia area. The receptionist handed me a clipboard with forms to fill out. After the usual patient information form, there was a “mutual privacy agreement” that asked me to transfer ownership of any public commentary I might write in the future to Dr. Cirka. Surprised and a little outraged by this, I got into a lengthy discussion with Dr. Cirka’s office manager that ended in me refusing to sign and her showing me the door.
Read more on Ars Technica.


Interesting recognition of reality?
"Internet freedom got a boost Wednesday when Italy's highest court ruled that the editors of online publications can't be held legally responsible for defamatory comments posted by their readers. The judges said online publications could not be treated in the same way as traditional print media and could not be expected to exercise preventative editorial control over readers' comments."


Not everyone gets it. Is there any conceivable way to save the printed book industry?
"Sci-fi author Charlie Stross has written a post about how the Big Six book publishing companies have painted themselves into a corner in the rapidly growing ebook industry. Between user-unfriendly DRM and the Amazon juggernaut, they're slowly pushing themselves out of business. Quoting:
'Until 2008, ebooks were a tiny market segment, under 1% and easily overlooked; but in 2009 ebook sales began to rise exponentially, and ebooks now account for over 20% of all fiction sales. In some areas ebooks are up to 40% of the market and rising rapidly. (I am not making that last figure up: I'm speaking from my own sales figures.) And Amazon have got 80% of the ebook retail market. ... the Big Six's pig-headed insistence on DRM on ebooks is handing Amazon a stick with which to beat them harder. DRM on ebooks gives Amazon a great tool for locking ebook customers into the Kindle platform.'"


Have I mentioned this business model before? If there is ONLY a proprietary solution, the more unique the better, reverse engineer it and sell your services to everyone when the rest of the industry catches up.
Google, VMware, and Cisco Throw Money at Puppet
Three giants of the IT game have invested big money in Puppet Labs, an outfit that develops open source software for automatically configuring and managing machines inside the data center.
… Kaines actually built Puppet Labs with Google in mind. Back in 2005, web giants such as Google and Amazon were using software that did automated IT tasks in their data centers, but these tools were completely proprietary. Kaines sought to bring this sort of IT automation to the masses, building an open source platform as well as an for-pay offering designed specifically for enterprises. “Our open source product solves most problems of every enterprise,” he says. “And our commercial product solves every problem of most enterprises.”


Well duh! Who do you think has been training these guys?
SPYFILES: Revelations of a Billion-Dollar Mass Surveillance Industry
December 1, 2011 by Dissent
Today Wikileaks releases nearly 1,100 internal documents, sales brochures and manuals for products sold by the manufacturers of systems for surveillance and the interception of telecommunications.
These new leaks reveal a mass surveillance industry that’s now worth $5 billion a year, with technologies capable of spying on every telephone and Internet network on a national scale. The flagships of this market are called Nokia-Siemens, Qosmos, Nice, Verint, Hacking Team, Bluecoat and Amesys. The documents detailing their interception capabilities will be progressively released online by Wikileaks.
OWNI, who worked in partnership with the Washington Post, The Hindu, L’Espresso, the German channel ARD and The Bureau of Investigative Journalism in this operation which has been dubbed the Spy Files, has attempted to present an overview of this new type of industry, by creating an interactive map and a dedicated site, SpyFiles.org. Andy Mueller-Maguhn, former spokesman for the German Chaos Computer Club (the most influential group of hackers in the world), is also associated with this investigation, to which he has devoted a site, BuggedPlanet.info.
To date, we have documented a total of 133 of these surveillance weapons dealers, including 36 in the United States, 18 in the United Kingdom, 15 in Germany, 11 in Israel and eight in Italy. As with “traditional” arms dealers, most of them are located in rich and democratic countries. 12 of the 26 countries documented are also part of the European Union, which accounts for 62 of these companies.
Read more on OWNI.eu.


Attention Ethical Hackers! Welcome to the University Flight Center! Please do not buzz the Professors or harass the geese.
An anonymous reader sends this excerpt from the Seattle Times:
"Drone aircraft, best known for their role in hunting and destroying terrorist hideouts in Afghanistan and Pakistan, may be coming soon to the skies near you. Police agencies want drones for air support to find runaway criminals. Utility companies expect they can help monitor oil, gas and water pipelines. Farmers believe drones could aid in spraying crops with pesticides. 'It's going to happen,' said Dan Elwell, vice president of civil aviation at the Aerospace Industries Association. 'Now it's about figuring out how to safely assimilate the technology into national airspace.' That's the job of the Federal Aviation Administration, which plans to propose new rules for using small drones in January, a first

Posted by at No comments:

Wednesday, November 30, 2011


The return of Total Information Awareness. Now DHS will be able to FISS on citizens whenever they like. Assuming they are still authorized to purchase commercial data (e.g. data collected by “Behavioral Advertising” like in the next article) they could have quite a bit of detailed information on us...
The Department Of Homeland Security Wants All The Information It Has On You Accessible From One Place
November 30, 2011 by Dissent
Kashmir Hill reports:
Information sharing (or lack thereof) between intelligence agencies has been a sensitive topic in the U.S. After 9/11, there was a push to create fusion centers so that local, state, and federal agencies could share intelligence, allowing the FBI, for example, to see if the local police have anything in their files on a particular individual. Now the Department of Homeland Security wants to create its own internal fusion center so that its many agencies can aggregate the data they have and make it searchable from a central location. The DHS is calling it a “Federated Information Sharing System” and asked its privacy advisory committee to weigh in on the repercussions at a public meeting in D.C. last month.
Read more on Forbes.

(Related) Continuing the sad saga for Carrier IQ
BUSTED! Secret app on millions of phones logs key taps
November 29, 2011 by Dissent
Dan Goodin reports:
An Android app developer has published what he says is conclusive proof that millions of smartphones are secretly monitoring the key presses, geographic locations, and received messages of its users.
In a YouTube video posted on Monday, Trevor Eckhart showed how software from a Silicon Valley company known as Carrier IQ recorded in real time the keys he pressed into a stock EVO handset, which he had reset to factory settings just prior to the demonstration. Using a packet sniffer while his device was in airplane mode, he demonstrated how each numeric tap and every received text message is logged by the software.
Read more on The Register.

(Related) They didn't want to know what the advertising application was doing...
Jp: App sends user GPS data to ad firm in U.S.
November 29, 2011 by Dissent
The Yomiuri Shimbun reports:
A smartphone application that gathers information on the location of its users was downloaded by more than 1.5 million people, and the data was sent to an advertising company in the United States, according to experts.
The application in question is a goldfish catching game that does not require any information about the user’s location to play.
As the GPS data makes it possible to identify a user’s location with a margin of error of several meters, it would be possible to presume the user’s home or office address if such information was accumulated, they said.
An image showing what type of information is collected appears on the screen before installation, but only a small number of users correctly understand the explanations, the experts said.
[...]
According to an analysis by KDDI R&D Labs in Fujimino, Saitama Prefecture, at the request of The Yomiuri Shimbun, the free application released on the Internet last month was designed to send Global Positioning System information from smartphones to a U.S. advertising firm at a rate of about once per minute.
When the application is installed, an image appears on the screen with a message reading “the range of access authority and positional information.” Approval of the reading of positional information is requested but there is no mention of its purpose and whether the information will be transmitted remotely.
… “When we created the application, we built in the programs sent from a U.S. advertising company, with which we had made a contract for ad placement, without confirming their contents,” the president of the app development company said. “We had no idea that private information was being transmitted, because the game’s content has no connection with positional information.”
The U.S. advertising firm insists that information about users’ locations is collected to provide more convenient advertisements and that no problems will arise because information is treated anonymously.
Read more on Daily Yomiuri Online
Brilliant. A little privacy by design wouldn’t have killed the app developer, now would it? And what will they do now that they know?


Local. Not a good day for the former Arapahoe County Sheriff either...
CO: Former police chief accused of ID theft
November 29, 2011 by admin
Associated Press reports:
The former police chief in Platteville is accused of using Social Security numbers from fellow police officers to buy gas for his personal vehicle.
Classy.
Read more on The Gazette.


Quelle surprise , dudes.
Facebook Settles FTC Charges That It Deceived Consumers By Failing To Keep Privacy Promises
November 29, 2011 by Dissent
From their press release:
The social networking service Facebook has agreed to settle Federal Trade Commission charges that it deceived consumers by telling them they could keep their information on Facebook private, and then repeatedly allowing it to be shared and made public. The proposed settlement requires Facebook to take several steps to make sure it lives up to its promises in the future, including giving consumers clear and prominent notice and obtaining consumers’ express consent before their information is shared beyond the privacy settings they have established.
The FTC’s eight-count complaint against Facebook is part of the agency’s ongoing effort to make sure companies live up to the privacy promises they make to American consumers. It charges that the claims that Facebook made were unfair and deceptive, and violated federal law.
“Facebook is obligated to keep the promises about privacy that it makes to its hundreds of millions of users,” said Jon Leibowitz, Chairman of the FTC. “Facebook’s innovation does not have to come at the expense of consumer privacy. The FTC action will ensure it will not.”
The FTC complaint lists a number of instances in which Facebook allegedly made promises that it did not keep:
  • In December 2009, Facebook changed its website so certain information that users may have designated as private – such as their Friends List – was made public. They didn’t warn users that this change was coming, or get their approval in advance.
  • Facebook represented that third-party apps that users’ installed would have access only to user information that they needed to operate. In fact, the apps could access nearly all of users’ personal data – data the apps didn’t need.
  • Facebook told users they could restrict sharing of data to limited audiences – for example with “Friends Only.” In fact, selecting “Friends Only” did not prevent their information from being shared with third-party applications their friends used.
  • Facebook had a “Verified Apps” program & claimed it certified the security of participating apps. It didn’t.
  • Facebook promised users that it would not share their personal information with advertisers. It did.
  • Facebook claimed that when users deactivated or deleted their accounts, their photos and videos would be inaccessible. But Facebook allowed access to the content, even after users had deactivated or deleted their accounts.
  • Facebook claimed that it complied with the U.S.- EU Safe Harbor Framework that governs data transfer between the U.S. and the European Union. It didn’t.
The proposed settlement bars Facebook from making any further deceptive privacy claims, requires that the company get consumers’ approval before it changes the way it shares their data, and requires that it obtain periodic assessments of its privacy practices by independent, third-party auditors for the next 20 years.
Specifically, under the proposed settlement, Facebook is:
  • barred from making misrepresentations about the privacy or security of consumers’ personal information;
  • required to obtain consumers’ affirmative express consent before enacting changes that override their privacy preferences;
  • required to prevent anyone from accessing a user’s material no more than 30 days after the user has deleted his or her account;
  • required to establish and maintain a comprehensive privacy program designed to address privacy risks associated with the development and management of new and existing products and services, and to protect the privacy and confidentiality of consumers’ information; and
  • required, within 180 days, and every two years after that for the next 20 years, to obtain independent, third-party audits certifying that it has a privacy program in place that meets or exceeds the requirements of the FTC order, and to ensure that the privacy of consumers’ information is protected.
The proposed order also contains standard record-keeping provisions to allow the FTC to monitor compliance with its order.
Facebook’s privacy practices were the subject of complaints filed with the FTC by the Electronic Privacy Information Center and a coalition of consumer groups.
… The FTC will publish a description of the consent agreement package in the Federal Register shortly.


“...and the proper response to meeting a Microsoft representative is a full kowtow.”
Microsoft software would detect, score and report obnoxious workplace habits
November 29, 2011 by Dissent
Todd Bishop reports:
Is Microsoft taking inspiration from Dwight Schrute these days?
It almost seems that way based on a newly surfaced patent application from the Redmond company. The filing describes a computer system that would monitor behavior in the workplace with the goal of stopping bad habits such as co-workers cutting each other off during meetings and bosses bugging their direct reports on their lunch breaks — but at no small cost to workplace privacy.
Read more on GeekWire.
[From the article:
[In addition] to an email or voice conversation, other forms of interaction such as gestures, mannerisms, etc. in a video conference may also be analyzed and reported (e.g. nodding one’s head in agreement, shaking one’s head indicating disagreement, hand gestures, and similar ones). Additionally, patterns of communication may also be detected (in addition to distinct phrases or mannerisms).

Posted by at No comments:

Tuesday, November 29, 2011


Are these little “extras” for subscribers(?) anything that concerns management? Perhaps they are viewed as so trivial, so removed from 'journalism' that they are not even monitored?
Globe and Mail online classroom hacked – again and again? Wake up, Globe and Mail!
November 28, 2011 by admin
Well, I posted this to DataLossDB.org the other day, but seem to have forgotten to have posted it here.
Globe and Mail, the Canadian newspaper, had their online classroom site hacked (globeclassroom.ca). The hack was disclosed on Pastebin on November 22, at which time I created an entry for it on DLDB. I then tried to notify Globe and Mail’s online classroom site that over 600 users’ names, e-mail addresses, clear-text passwords, job title, school, and school contact details had been acquired and dumped on the Internet. They did not respond to my courtesy notification, but one paste was removed. Another one, that I had missed, remained.
The removal triggered a response by a hacker, who re-posted the original paste and then pointed me to the the second data dump. I dutifully updated the entry on DLDB.
But now, digging into things a bit more, I see that this same site had been hacked back in July by a hacker who identified himself as part of #AntiSec:
Hi! I’m sepo. For today my target was http://globeclassroom.ca/. It was hacked by a simple SQL Injection. All the data (login email, password, first & second name, adress, school etc.) is dumped to one of my virtual server’s. I was thinking about a deface, but this wasn’t a good idea. Your sec sux! Your data can be stolen! This is a part of #Antisec.
Expect us!
The database reportedly held 4,000 users’ data.
So the site was hacked back in July and again in November. Does Globe and Mail even know? How many hackers have to point out to them that their site is insecure before they get the message? And how would all these users feel if they knew that their passwords were out there with their e-mail addresses?
Hacks like this one have become a common occurrence this year, and it is disturbing that so many sites that have been hacked do not seem to know it and do not check all their e-mail when people do try to notify them.
Maybe if I tweet it?


Attention Ethical Hackers: To really bring this home to judges in the US and Canada, I propose that we create detailed dossiers on each judge. Now, they may find this irritating so we don't want to have it traced back to us. We need an alias. I know this Professor at the Law School...
http://www.pogowasright.org/?p=25942
Judges out of touch on privacy issues, says Ontario privacy czar
November 28, 2011 by Dissent
Vito Pilieci reports:
Canadian judges and politicians have grown too old and out of touch with the reality of today’s digital world to be trusted to make sound policy decisions, according to Ontario’s Privacy Commissioner.
Speaking at the Privacy & Information Security Congress 2011 conference in Ottawa on Monday, Ann Cavoukian expressed her frustration with recent judicial decisions that she believes trivialize Canadian privacy rights.
Read more on Ottawa Citizen

(Related) What say you, your honor? No harm, no foul?
Courts Grapple with Concept of “Harm” in Online Privacy Suits
November 28, 2011 by Dissent
Glenn G. Lammi is clearly not a fan of the type of class action lawsuits we’ve been seeing on a weekly basis:
The fundamental legal principle that only those who have been “harmed” can sue in U.S. courts is being put to the test by the ever-evolving, subjective concept of “privacy” in the equally organic online world.
U.S. Supreme Court rulings on so-called Article III standing reflect that a harm must be 1) concrete, particularized, actual, and imminent; 2) fairly traceable to defendant’s actions; and 3) likely redressed by a favorable decision. If a party fails to meet this test, the court will dismiss the suit for lack of jurisdiction.
Plaintiffs’ lawyers, eager to add online privacy “violations” to their lucrative book of business, have been advancing broad theories of injury through class action lawsuits. Their claims of harm routinely center around either emotional or economic injury. Those efforts so far, with a few exceptions, have met resistance from federal judges.
Read more on Forbes.
I tend to agree with Glenn and think that most of these lawsuits are misplaced. If we want to discourage certain behavior, then we either withhold our business, try to effect change, or punt to the legislature. While the costs of litigation might dissuade businesses from engaging in certain conduct, for monster companies like Facebook, it just becomes part of the cost of doing business. In the meantime, we tend to clog up courts, and the only ones who make any money are the lawyers.


What;s going on here? Does Twitter need tools to break through corporate firewalls? (Send sensitive data out from within?) I know of no reason they would need to shut down their service – does anyone?
Twitter Adds Team Who Created Privacy Tools for Activists, But Was it at the Expense of Activists?
November 28, 2011 by Dissent
Amir Efrati reports:
Twitter on Monday announced the acquisition of a two-person startup called Whisper Systems, whose technology protected people’s mobile-phone calls and text messages from being obtained by third parties such as governments.
The deal terms weren’t disclosed. The acquisition led to speculation about what Twitter, an online-messaging service, might do with Whisper Systems founders Moxie Marlinspike and Stuart Anderson–who are well-known in computer security circles–and the technology they built exclusively for devices running on Google’s Android software.
Whisper Systems created a suite of services for human-rights activists or other privacy-conscious individuals, which were used by activists during the recent “Arab spring” actions. In a blog post, Marlinspike and Anderson said the services they created will “live on” though they had to temporarily shut them down.
Read more on WSJ.
Dan Goodin also covers the acquisition on The Register, and also covers concerns raised by privacy and security research Chris Soghoian:
Twitter’s acquisition of San Francisco-based Whisper Systems came on Monday, the same day Egyptian citizens participated in their nation’s first parliamentary elections since the ouster of Hosni Mubarak, whose repressive regime ruled the country for three decades. That means Egyptian dissidents who relied on Whisper Systems RedPhone to encrypt voice calls made with their Android smartphones abruptly lost the ability to protect calls from government-controlled eavesdroppers at a time they might need it most.
It was only nine months ago that Whisper Systems said it was rushing out an international version of the encryption software to support the historic protests that were then sweeping the African nation’s populace.
The timing is atrocious,” said Chris Sogohian, a privacy researcher with the Open Society Foundations. “Today is Egypt’s first election after it threw out its old regime, and the only encrypted voice communication tool for Android goes dark. This couldn’t have happened at a worse time for people in Egypt.”
I really wish Twitter would be more forthcoming about its timing and its plans. I tend to give them the benefit of doubt, but Chris has raised some pointed criticisms about them – and not just over Whisper Systems. Chris has also publicly challenged Twitter to make HTTPS the default connection. And again, no response from Twitter. The same platform that fought to at least notify its users about a court order to compel production of their records seems to be falling behind its competitors in terms of other privacy protections.
So, Twitter, because I use you and like you, how about you agree to make HTTPS the default connection by Christmas, and you explain how your acquisition of Whisper System and its talented founders are going to benefit human rights activists, privacy, and free speech.

(Related) Does Twitter take this crackdown seriously enough to want a tool that hides their interaction with users in Europe? Technology they could sell to the other big Behavioral Advertising companies? And notice that the EU Commission does not fully understand Facebook.
EU: Facebook faces a crackdown on selling users’ secrets to advertisers (updated)
November 28, 2011 by Dissent
This has the potential to be huge.
Jason Lewis reports:
The European Commission is planning to stop the way the website “eavesdrops” on its users to gather information about their political opinions, sexuality, religious beliefs – and even their whereabouts.
Using sophisticated software, the firm harvests information from people’s activities on the social networking site – whatever their individual privacy settings – and make it available to advertisers.
However, following concerns over the privacy implications of the practice, a new EC Directive, to be introduced in January, will ban such targeted advertising unless users specifically allow it.
Even though most of the information it harvests is stored on computers in the USA, if Facebook fails to comply with the new legislation it could face legal action or a massive fine.
The move threatens to damage Facebook’s plans to float on the Wall Street stock exchange next year, by undermining the way it makes money.
Read more on The Telegraph. Then contrast that to what happened here in the Fourth Circuit when a judge ruled that Twitter users gave up some of their privacy when they signed up for Twitter and accepted their TOS and privacy policy. Of course, everyone other that judge knows that no one really reads those policies, but that judge would probably rule that Facebook users have consented to have their data sold to advertisers – even if they didn’t understand or wade through Facebook’s 4000 word policy.
Will EU do for Americans’ privacy what the American Congress has failed to do and what businesses have failed to do by self-regulation? We’ll have to wait and see.
Update: A report by ReadWriteWeb raises some questions about what will really be proposed in the EU and how it might affect Facebook.


At some point, Big Brother will point to Facebook and say, “You have volunteered to allow everything you complain that I do!”
How to stop Facebook from sharing your location
Facebook is at it again, releasing yet another feature that I never had the opportunity to politely opt out of: location sharing.
When Facebook decided to withdraw efforts from its short-lived check-in service, Places, it quickly implemented a more passive location-sharing feature that doesn't even have a name. It's just there. And it's creepy.
Now, every time you compose a post on a mobile device or desktop computer, you'll see a light gray location in the lower left of the status box.
Facebook sneakily grabs your location via GPS or Wi-Fi router, and attaches it to your post, so your friends can enjoy a more in-depth stalking experience.


“...and we shall name him Little Brother.”
The UK could get a Privacy Commissioner
November 28, 2011 by Dissent
Dave Neal reports:
The United Kingdom could get a dedicated Privacy Commissioner, according to a tabled discussion in the House of Lords.
We learned of the tabled amendment via Privacy International, which pointed followers towards the document on Twitter and told the INQUIRER that such a change is needed in the UK, due to what is a poor data protection situation for UK citizens.
“If successful, the UK could have a real privacy regulator rather than a weak one that merely oversees data protection,” it said.
Read more on The Inquirer.
So let’s get this straight – they’d have a data protection agency AND a privacy commissioner while over on this side of the pond, we have neither?
This is just so depressing. And infuriating.


Fighting certain doom? Granted it is embarrassing. What's true and what's opinion based on hearsay? (I doubt “everyone does it” and “It's not a big deal” are sufficient for acquittal.)
Feds Withholding Evidence Favorable to Bradley Manning, Lawyer Charges
The civilian lawyer for Bradley Manning, the Army private who allegedly leaked tens of thousands of classified U.S. government documents to WikiLeaks, is seeking to question the severity of the leak by requesting the government’s own internal damage assessments that reportedly contradict statements that Manning irreparably damaged national security.
… Published information about the various reports put them at odds with each other, Coombs notes. One assessment conducted by the Defense Intelligence Agency concluded that all of the information allegedly leaked was dated, represented low-level opinions, or was already commonly known due to previous public disclosures, while an official at another government office indicated that the leaks had caused damage to national security.
… “The defense requests any e-mail, report, assessment, directive, or discussion by — to the Department of Defense concerning this case in order to determine the presence of unlawful command influence,” the sentence reads.
At a press conference last week, members of the Bradley Manning Support Network, which has raised money for Manning’s defense, argued that public comments that President Obama made earlier this year suggesting that Manning is guilty constituted illegal command influence on the military court from the nation’s commander in chief.
Obama told an audience in April, “If I was to release stuff, information that I’m not authorized to release, I’m breaking the law.”
“I can’t imagine a juror who wants to have a future in the military … going against the statement of [guilty] made by his or her commander-in-chief,” said Kevin Zeese, a legal advisor to the Bradley Manning Support Network.
… In order to make the case that Manning wasn’t the only soldier to install unauthorized programs on classified networks, Coombs requested forensic images of each computer from the Tactical Sensitive Compartmented Information Facility (T-SCIF) and the Tactical Operations Center (TOC) at Forward Operating Base Hammer in Iraq, where Manning allegedly downloaded the data that was passed to WikiLeaks. Coombs is hoping to prove “it was common for soldiers to add unauthorized computer programs” to government systems, that apparently helped the soldiers do their work.


IT Governance Think this will catch on?
"Thierry Breton, CEO of Atos, Europe's Largest IT Company, wants a 'zero email' policy to be in place in 18 months, arguing that only 10 per cent of the 200 electronic messages his employees receive per day on average turn out to be useful, and that staff spend between 5-20 hours handling emails every week. 'The email is no longer the appropriate (communication) tool,' says Breton. 'The deluge of information will be one of the most important problems a company will have to face (in the future). It is time to think differently.' Instead Breton wants staff at Atos to use chat-type collaborative services inspired by social networking sites like Facebook or Twitter as surveys show that the younger generation have already all but scrapped email, with only 11 per cent of 11 to 19 year-olds using it. For his part Breton hasn't sent a work email in three years. 'If people want to talk to me, they can come and visit me, call or send me a text message. Emails cannot replace the spoken word.'"


Might be interesting to play with...
"Free software activists have released a peer-to-peer search engine to take on Google, Yahoo, Bing and others. The free, distributed search engine, YaCy, takes a new approach to search. Rather than using a central server, its search results come from a network of independent 'peers,' users who have downloaded the YaCy software. The aim is that no single entity gets to decide what gets listed, or in which order results appear. 'Most of what we do on the Internet involves search. It's the vital link between us and the information we're looking for. For such an essential function, we cannot rely on a few large companies and compromise our privacy in the process,' said Michael Christen, YaCy's project leader."


Oh goodie, now I can research why my Mother's ancestors were banished from Ireland.
British Library scans 18th and 19th-Century newspapers
Four million pages of newspapers from the 18th and 19th Centuries have been made available online by the British Library.
… The archive is free to search, but there is a charge for accessing the pages themselves.


What does Anatomy have to do with Health Care? Isn't that all about Billing customers?
Monday, November 28, 2011
Eleven days ago I mentioned a free and open Computer Science 101 course being offered through Stanford University. Today, through Open Culture, I learned that Stanford is offering thirteen other free and open online courses during the spring semester. One of the courses that might be appropriate for high school juniors and seniors interested in pursuing college programs in healthcare is an introductory anatomy course. The course description promises quizzes that students can use for self-assessment and self-pacing through the course.


Toys for my Ethical Hackers
"Although Barnes & Noble receives a lot of credit from the slashdot community for standing up to Microsoft and for allowing the nook to be so easy to root, but perhaps Amazon releasing the source code to the Kindle will help it gain back supporters it lost after remotely removing ebooks."

Posted by at No comments:

Monday, November 28, 2011


Is this the tip of a Breach Iceberg? We don't know who was actually breached, but even “a few” domains could service millions of individuals. Will this vendor disclose the breach, even if no individuals (just corporations) are customers?
101Domain.com Suffers Securty Breach
November 27, 2011 by admin
Michael H. Berkens reports:
101Domain.com has apparently suffered a security breach which “may have resulted in unauthorized access to your personal information and possibly payment information.”
According to Webhosting.info, 101domain.com has around 10,000 domain names under management.
Read more on TheDomains.com. From the notification letter:
We are writing to you as a primary contact on your account with 101domain.com. We need to make you aware of a security breach that may potentially have affected your account.
We were recently informed by one of our vendors that some of its systems, and those of a few of its customers, including 101domain.com, were compromised to varying degrees by a phishing attack. Although there is no direct evidence that your information was stolen and we have received no customer complaints, this attack may have resulted in unauthorized access to your personal information and possibly your payment information.
It sounds like although 101Domain.com’s customers are affected, the breach was not theirs but their vendor’s. Or am I reading this incorrectly?


For my Ethical Hackers: Need a new car for Christmas?
New Siri Hack Will Start Your Car If You Ask Nicely
… Developer Brandon Fiquett is behind this little hack, and boy what a hack it is. Building off the same Siri Proxy server that allowed @plamoni to control a thermostat over WiFi, Fiquett created a plugin that interacts with a PHP script that lives on his own webserver. That PHP script allows Fiquett to send commands to any (registered) car with a Viper SmartStart system, which in this case means his silver Acura TL.


“We're doing it for the cost savings – not because we are otherwise unable to manage our employees.”
CT: Time is money: DCF looks to shed costs by tracking its employees
November 28, 2011 by Dissent
Jacqueline Rabe Thomas reports:
Following the lead of private and nonprofit businesses, the [Connecticut] Department of Children and Families is considering adding GPS devices to its fleet of 800 vehicles to quash misuse of its vehicles.
In her proposal to Gov. Dannel P. Malloy’s budget office, DCF Commissioner Joette Katz estimates these GPS devices will save the state nearly $250,000 in the first year by being able to prove misuse of vehicles, verify overtime hours and save 20 percent on fuel consumption.
Read more on The CT Mirror.


I suspect this will be good for music and musicians. Will RIAA freak? Probably. In the end, it won't matter.
Steven Levy on Facebook, Spotify and the Future of Music
Even if Facebook CEO Mark Zuckerberg hadn’t been introduced to Spotify two years ago, it was probably inevitable that the two companies would hook up. The European music service had already won millions of fans, thanks to a business model that allowed music nuts to stream any song, instantly, for free.
… And that’s why, when former Facebook president and Napster cofounder Sean Parker discovered Spotify in 2009, he made a point of telling Zuckerberg about it.
… Within a day, Zuckerberg had updated his Facebook status: Spotify is so good.
… In September, after two years of speculation following Zuckerberg’s four-word swoon, Facebook announced an ambitious initiative that lets its users quickly and easily share music with one another—in many cases for free.
[Music players on Facebook?
SPOTIFY Customers can stream unlimited music for free—at first. After six months, the monthly limit drops to 10 hours, at which point Spotify hopes users will pony up for a subscription.
MOG The latest version of the streaming music service allots a set amount of music that users can listen to for free. They can earn more free tunes by sharing songs and playlists.
EARBITS This free streaming online radio service isn’t supported by advertising. Instead, it plans to charge artists to promote themselves while listeners check out their music.
IHEARTRADIO With this Clear Channel app, users can tune into broadcasts from 750 radio stations or tailor stations to their own taste for free. No commercials—at least until the end of the year.
TURNTABLE This free service operates as a virtual venue for Djing. Users vie for points by creating crowd-pleasing playlists for other avatars in genre-themed listening rooms.
RHAPSODY The godfather of streaming music charges $10 a month to listen to tunes on one phone or MP3 player. Pay a few bucks more to add additional mobile devices.


Perspective I used technology (the Conestoga wagon) to move here FROM New Jersey, severing contact with most of my relatives.
November 27, 2011
Pew: Why Americans use social media
Why Americans use social media - Social networking sites are appealing as a way to maintain contact with close ties and reconnect with old friends, by Aaron Smith, Senior Research Specialist, 11/14/2011
  • "Two-thirds of online adults (66%) use social media platforms such as Facebook, Twitter, MySpace or LinkedIn. These internet users say that connections with family members and friends (both new and old) are a primary consideration in their adoption of social media tools. Roughly two thirds of social media users say that staying in touch with current friends and family members is a major reason they use these sites, while half say that connecting with old friends they’ve lost touch with is a major reason behind their use of these technologies."


It's a bit tricker than slapping together an eBook...
November 27, 2011
Digitized: Audubon’s Birds of America, accompanied by his Ornithological Biography
"The University of Pittsburgh is fortunate to own one of the rare, complete sets of John James Audubon’s Birds of America. It is considered to be the single most valuable set of volumes in the collections of the University Library System (ULS). Indeed, only 120 complete sets are known to exist. While Audubon was creating Birds of America, he was also working on a companion publication, namely, his Ornithological Biography. Both of these sets were acquired by William M. Darlington in the mid-nineteenth century and later donated, as part of his extensive library, to the University of Pittsburgh. Recognizing that the Darlington Library includes significant historical materials, such as rare books, maps, atlases, illustrations, and manuscripts, the ULS charted an ambitious course to digitize a large portion of Mr. Darlington’s collection, including the Birds of America. We are pleased to present our complete double elephant folio set of Audubon’s Birds of America, accompanied by his Ornithological Biography, through this Web site. Together these sets constitute an unprecedented online combination."


“How to win friends and influence people, socially?” 99% of my readers agree!
Social Proof Is The New Marketing
… What is social proof? Put simply, it’s the positive influence created when someone finds out that others are doing something. It’s also known as informational social influence.
Wikipedia describes social proof as “a psychological phenomenon where people assume the actions of others reflect the correct behavior for a given situation… driven by the assumption that the surrounding people possess more information about the situation.”
Five Types of Social Proof
Expert social proof – Approval from a credible expert, like a magazine or blogger, can have incredible digital influence.
Celebrity social proof – Up to 25% of U.S. TV commercials have used celebrities to great effect, but only a handful of web startups have to date.
User social proof – Direct TV marketers are masters at sharing user success stories. (fascination with this was actually the inspiration for this blog post)
Wisdom of the crowds social proof – Ray Kroc started using social proof in 1955 by hanging an “Over 1 Million Served” sign at the first McDonald’s. Highlighting popularity or large numbers of users implies “a million people can’t be wrong.” [10 Billion flies can't be wrong! Eat garbage! Bob]
Wisdom of your friends social proof – Learning from friends thru the social web is likely the killer app of social proof in terms of 1:1 impact, and the potential to grow virally.


Dilbert illustrates one of the primary rules of statistics/data mining...

Posted by at No comments:

Sunday, November 27, 2011


Interesting concept. The perpetrator of a falsehood has to fix it.
Commentary: Mosley is criticized for suing Google, but walk a mile in his shoes first
November 26, 2011 by Dissent
James Cusick reports in The Independent:
Max Mosley’s legal attempt to force Google in France and Germany to act as a self-appointed censor and remove controversial material ahead of any formal court order, would “fundamentally alter the web”, according to a leading free-speech pressure group.
Mr Mosley, the former head of world motorsport who won a £60,000 privacy action against the News of the World following a libellous story that wrongly alleged a “Nazi-themed” orgy with five prostitutes, is suing the leading internet search company in Germany and France, and is legally active in 20 other jurisdictions. All actions aim to remove any link to the NOTW article and video.
The Index on Censorship claimed the legal action by Mr Mosley showed a fundamental misunderstanding of the role of search engines.
[...]
The criticism comes as no surprise to me. And as someone who does understand the role of search engines, I still find myself in some sympathy with Mr. Mosley on this – even though I never liked him as the head of F1, don’t like him now, and would probably never want to socialize with him.
All that said, let’s review: he was set up to have his privacy invaded. It was invaded and he was defamed. As Cusick notes, there is legal action in 20 other jurisdictions – all trying to get rid of coverage that has already been adjudicated to be defamatory in the U.K. And yet despite his efforts, if you were to Google “Mosley Nazi Orgy” today, look at the first few results:
[…]
Two of the first four results are the older allegations, even though some of them might appear to be recent – and they are from the U.K.
Most of us do not have the means to initiate court action in multiple countries and jurisdictions. For most of us, if something like this happened, we’d be stuck with it.
But why should it be on the victim to have to clean things up?
Discussing what happened in this case is important, and I wouldn’t want to see all discussion of it or references to it disappear from the web – or even from Google’s search engine. Removing all results that contain “Nazi” and “orgy” and “Mosley” would deprive us all of serious discussions of the case in terms of media and defamation law. But why should copies of old – and defamatory – news coverage show up in search engine results uncorrected or without annotation?
Surely, Mr. Mosley could go sue every paper and blog that quoted or reprinted the original defamation and demand that they remove or correct their coverage. Well, at least in theory he could. But why should the victim of a privacy invasion or defamation have to do that?
Perhaps it would have been better had the court ordered News of the World to clean up the mess it caused by ordering them to ensure that all existing copies or derivatives contain a statement that says “This material was found to be untrue and defamatory” at the top of each article. It would be a difficult task, of course. But why should it be on Mosley?
Mosley’s action does not seek to remove all the articles from the web. What it does do is seek to make them not so readily available.
And if it was you, wouldn’t you think that was a reasonable compromise given what you had already endured?
We need defenders of free press and free speech. But we also need privacy advocates who realize that egregious privacy invasions call for us to stand up and say, “Make this right.” Google is not the enemy here, but their service, to the extent it perpetuates a problem, has some responsibility, despite free speech advocates’ insistence that they merely list results of what’s out there.
If Google has already removed hundreds of links, maybe it’s time for it to take a different approach. One alternative would be for Google to add a boilerplate message at the beginning of search results for a particular search string that says “The material in this site may contain material that was subsequently deemed to be untrue and defamatory.”
I’ve often said that I hate the word “balance,” because whenever one tries to balance privacy against something else, privacy loses. In this case, it strikes me that privacy and fairness are being balanced against free speech, and both are losing.
Okay, now go scream at me for my view. But seriously, as much as I defend free speech, I am not willing to sacrifice all privacy and reputation for it.


What's your policy?
10 Social Media Policy & Guidelines Documents
November 26, 2011 17:55
Source: Social Media Conference via Chartered Institute of Personnel Development (UK)
This blog post contains a collection of 10 ‘Social Media’ guidelines documents & policies pulled from around the web. Some are from the UK, some are from further afield, but all are interesting in one way or another!


Thank god we canceled Total Information Awareness. You could also think of this type of systems as a Circumstantial Evidence Generator...
hessian tips a story in BusinessWeek about Palantir, a system designed to aggregate disparate data points gathered by intelligence agencies and weave them into a more useful narrative. The article summarizes it thus: "Depending where you fall on the spectrum between civil liberties absolutism and homeland security lockdown, Palantir’s technology is either creepy or heroic."
"The day Fikri drives to Orlando, he gets a speeding ticket, which triggers an alert in the CIA's Palantir system. An analyst types Fikri's name into a search box and up pops a wealth of information pulled from every database at the government's disposal. There's fingerprint and DNA evidence for Fikri gathered by a CIA operative in Cairo; video of him going to an ATM in Miami; shots of his rental truck's license plate at a tollbooth; phone records; and a map pinpointing his movements across the globe. All this information is then displayed on a clearly designed graphical interface that looks like something Tom Cruise would use in a Mission: Impossible movie."
[From the article:
Using Palantir technology, the FBI can now instantly compile thorough dossiers on U.S. citizens, tying together surveillance video outside a drugstore with credit-card transactions, cell-phone call records, e-mails, airplane travel records, and Web search information.
After Washington and Wall Street, Karp says the company may turn its attention to health care, retail, insurance, and biotech. The thinking is that Palantir’s technology can illuminate health insurance scams just as well as it might be able to trace the origin of a virus outbreak.


“We've never caught a single terrorist so what we're doing is adequate we need billions of dollars to improve our security.” The colors (Sky Blue and Yellow Snow) make us look cool! “Known Travelers” is a codeword for “not a second-class citizen”
PolygamousRanchKid writes with this quote from CNN about the future of airport security:
"Earlier this year, the International Air Transport Association demonstrated its vision for the 'checkpoint of the future' — a series of neon-lit tunnels, each equipped with an array of eye-scanners, x-ray machines, and metal and liquid detectors. ... 'Known Travelers,' (those who have completed background checks with government authorities) for instance, will cruise through the light blue security corridor with little more than an ID check, while those guided through the yellow 'Enhanced' corridor will be subjected to an array of iris scans and sensitive contraband detectors. ... Feeling guilty? Got something to hide? A team of UK-based researchers claim to have developed a thermal lie-detection camera that can automatically spot a burning conscience. ... Professor Byeong-chun Lee, who established his reputation in 2005 as the driving force behind the world's first ever dog clone, has bought a new breed of super-sniffers to South Korea's Incheon Airport. They may look like an ordinary pack of golden Labrador Retrievers, but these dogs are all genetically identical to 'Chase,' a dog whose legendary snout kept him top of Incheon's drug-detection rankings right up until his retirement in 2007."


Interesting. How would these degrees ever be reinstated?
"The WSJ reports that China's Ministry of Education plans to phase out majors producing unemployable graduates. The government will soon start evaluating college majors by their employment rates, downsizing or cutting those studies in which less than 60% of graduates fail for two consecutive years to find work. What if the U.S. government were to adopt China's approach? According to the most recent U.S. census data, among the first majors to go: psychology, U.S. history and military technologies. Lest you computer programmers get too smug, consider this."

(Related) Perhaps California Politician could be canceled? (Unemployable does not equal unelectable, unfortunately)
"[California state leaders] have rallied around a plan to build a 520-mile high-speed rail line from Los Angeles to San Francisco, cutting the trip from a six-hour drive to a train ride of two hours and 38 minutes. And they are doing it in the face of what might seem like insurmountable political and fiscal obstacles. The pro-train constituency has not been derailed by a state report this month that found the cost of the bullet train tripling to $98 billion for a project that would not be finished until 2033, by news that Republicans in Congress are close to eliminating federal high-speed rail financing this year, by opposition from California farmers and landowners upset about tracks tearing through their communities or by questions about how much the state or private businesses will be able to contribute."


Did you ever need to slap together a presentation?
ReelApp: Create & Share Great HTML5 Presentations Online
ReelApp is an online presentation creation website that creates presentations out of PPT, PDF, and Word documents. The site does not require you to register for any accounts. You can simply start uploading your documents; the PowerPoint presentations simply get arranged according to slides whereas the Word and PDF files are treated as images that you can reorder in the presentation.


Free is good!
Bookboon: Download Free eBooks For College Courses
Bookboon is a free to use website that lets you download eBooks. The eBooks are categorized either as textbooks or books for business or travel. You can begin your searches by entering in a keyword and having the results displayed; you can also choose the category of books – textbooks/business/travel – and optionally change the language of the website since it supports multiple languages. Your search results can be filtered through subcategories in the left pane.
To obtain a book, simply click on the title of a search result and you will be taken to the book’s download page. Here you need to fill out your email address after which you will be able to download the book in PDF file format.
Similar tools: DOWNLOAD Open Book, ePubBud and WitGuides.
Also read related articles:


Posted by at No comments:
Subscribe to: Posts (Atom)