16 Feb

ArsTechnica – High Orbits and Slowlorises: understanding the Anonymous attack tools

Most members of Anonymous would prefer to stay, well, anonymous. But as the group has engaged in increasingly high-profile attacks on government and corporate websites, doing so effectively and staying out of harm’s way have become an ever-growing challenge. To protect itself, the group has altered its tactics over the past year to both increase the firepower of its attacks and shield members from the prying eyes of law enforcement.

via ArsTechnica – High Orbits and Slowlorises: understanding the Anonymous attack tools. Fascinating look into both some of the tools Anonymous uses to launch it’s attacks and how it/they attempt to stay anonymous.

11 Dec

O’Reilly Radar – The end of social

Taking this a couple of steps further, the article points out that, to many people, Facebook’s "frictionless" sharing doesn’t enhance sharing; it makes sharing meaningless. Let’s go back to music: It is meaningful if I tell you that I really like the avant-garde music by Olivier Messiaen. It’s also meaningful to confess that I sometimes relax by listening to Pink Floyd. But if this kind of communication is replaced by a constant pipeline of what’s queued up in Spotify, it all becomes meaningless. There’s no "sharing" at all. Frictionless sharing isn’t better sharing; it’s the absence of sharing. There’s something about the friction, the need to work, the one-on-one contact, that makes the sharing real, not just some cyber phenomenon. If you want to tell me what you listen to, I care. But if it’s just a feed in some social application that’s constantly updated without your volition, why do I care? It’s just another form of spam, particularly if I’m also receiving thousands of updates every day from hundreds of other friends.

So, what we’re seeing isn’t the expansion of our social network; it’s the shrinking of what and who we care about. My Facebook feed is full of what friends are listening to, what friends are reading, etc. And frankly, I don’t give a damn. I would care if they told me personally; I’d even care if they used a medium as semi-personal as Twitter. The effort required to tweet tells me that someone thought it was important. And I do care about that. I will care much less if Spotify and Rdio integrate with Twitter. I already don’t care about the blizzard of automated tweets from FourSquare.

Automated sharing is giving Facebook a treasure-trove of data, regardless of whether anyone cares. And Facebook will certainly find ways to monetize that data. But the bigger question is whether, by making sharing the default, we are looking at the end of social networks altogether. If a song is shared on Facebook and nobody listens to it, does it make a sound?

via O’Reilly Radar – The end of social. Interesting point, and hard to argue against. The more we share the less value each piece of information has to the people (but not the systems) that we share to.

27 Oct

DARPA Shredder Challenge

Today’s troops often confiscate the remnants of destroyed documents in war zones, but reconstructing them is a daunting task. DARPA’s Shredder Challenge calls upon computer scientists, puzzle enthusiasts and anyone else who likes solving complex problems to compete for up to $50,000 by piecing together a series of shredded documents.

The goal is to identify and assess potential capabilities that could be used by our warfighters operating in war zones, but might also create vulnerabilities to sensitive information that is protected through our own shredding practices throughout the U.S. national security community.

Do you have the skills to reconstruct shredded documents and solve the puzzle?

Can you form a team to help solve the complex physical and analytical problems associated with document reconstruction?

If so, register today for a chance to win $50,000!

via DARPA Shredder Challenge. Neat challenge, it would be cool to work on this problem but image analysis is so far out of my area of expertise. It’s nice to know also that as it stands a good cross-cut shredder renders your documents virtually useless to either law enforcement or criminals.

27 Sep

NPR – OnStar Hits Reverse: It Won’t Keep Collecting Data From Old Customers

Just days after it received intense criticism from Sen. Charles Schumer (D-NY), some other lawmakers and privacy advocates, General Motors’ OnStar service has agreed that it won’t keep its data connections open to customers who have canceled the service.

via NPR – OnStar Hits Reverse: It Won’t Keep Collecting Data From Old Customers. OnStar however still hasn’t changed it’s mind about selling data it collects from current customers at some point.

27 Sep

Ars Technica – Three Senators condemn OnStar for tracking former customers

Three Senators have raised concerns about an announcement by GM’s OnStar’s subsidiary that it would continue collecting data from customers’ cars even after they cancelled their OnStar service. In a Wednesday letter to the company, Al Franken (D-MN) and Chris Coons (D-DE) warned that "OnStar’s actions appear to violate basic principles of privacy and fairness."

On Sunday, Sen. Chuck Schumer (D-NY) raised objections of his own. He released a letter he has written to the Federal Trade Commission seeking an investigation of OnStar’s privacy practices. Schumer described OnStar’s new policy as "one of the most brazen invasions of privacy in recent memory."

via Ars Technica – Three Senators condemn OnStar for tracking former customers. Glad I don’t own a vehicle with OnStar installed. It’s more than a little sleazy to collect and sell information from former customers.

24 Sep

Scripting News – Facebook is scaring me

What clued me in was an article on ReadWriteWeb that says that just reading an article on their site may create an announcement on Facebook. Something like: "Bull Mancuso just read a tutorial explaining how to kill a member of another crime family." Bull didn’t comment. He didn’t press a Like button. He just visited a web page. And an announcement was made on his behalf to everyone who follows him on Facebook. Not just his friends, because now they have subscribers, who can be total strangers.

Now, I’m not technically naive. I understood before that the Like buttons were extensions of Facebook. They were surely keeping track of all the places I went. And if I went to places that were illegal, they would be reported to government agencies. Bull Mancuso in the example above has more serious things to worry about than his mother finding out that he’s a hitman for the mob. (Both are fictitious characters, and in my little story his mom already knows he’s a hitman.)

There could easily be lawsuits, divorces, maybe even arrests based on what’s made public by Facebook.

via Scripting News – Facebook is scaring me. Count me in the group of people now staying logged out of Facebook by default.

16 Sep

Ars Technica – Newzbin2 builds block-averting measures into its software

Usenet index Newzbin2 claims to have built software that will defeat court-ordered ISP blocking tactics and allow users to access it as normal.

Following complaints from content companies back in July 2011, BT was forced to implement its child-porn blocking software to stop customers from accessing the website, which aggregates links to copyrighted content. At the time there were fears from charities that by using this technology to combat copyright infringement, it would divert more attention to making it easy to circumvent these blocks.

Those fears turn out to have been justified—it took coders less than two months to defeat the ban. Newzbin Client 1.0.0.127 has been released, which evades BT’s Cleanfeed technology by creating an encrypted session between the client and the Newzbin2 site. It also lets the user access the site through the TOR anonymity network, adding an extra layer of encryption.

via Ars Technica – Newzbin2 builds block-averting measures into its software. Every time someone tries to prevent information from being reached on the Internet someone else finds a way around it.

12 Sep

Read Write Web – How’s Mozilla Doing with Do Not Track? Not So Good

Get the picture? Don’t get me wrong – I love the idea behind DNT, but the implementation is wholly ineffective. So much so that Firefox ought to include a big warning in its privacy preferences lest users be lulled into a sense of complacency. Another suggestion for Mozilla and other browser vendors that support DNT? Include a big warning for Web sites that don’t honor DNT settings.

via Read Write Web – How’s Mozilla Doing with Do Not Track? Not So Good. Do Not Track, is a nice idea but not much more than that.

28 Aug

NYTimes.com – Man Accused of Stalking via Twitter Claims Free Speech

They certainly rattled Alyce Zeoli, a Buddhist leader based in Maryland. Using an ever-changing series of pseudonyms, the authorities say, Mr. Cassidy published thousands of Twitter posts about Ms. Zeoli. Some were weird horror-movie descriptions of what would befall her; others were more along these lines: “Do the world a favor and go kill yourself. P.S. Have a nice day.”

Those relentless tweets landed Mr. Cassidy in jail on charges of online stalking and placed him at the center of an unusual federal case that asks the question: Is posting a public message on Twitter akin to speaking from an old-fashioned soapbox, or can it also be regarded as a means of direct personal communication, like a letter or phone call?

via NYTimes.com – Man Accused of Stalking via Twitter Claims Free Speech. It’s an interesting case because while Twitter itself is a public medium, the person is directing their messages to a particular person. The better analogy may be while in the pulpit pointing to a particular person and speaking. At that point are you still creating a public message or is it a message directed at one person?

17 Jul

Identity at Mozilla – How BrowserID differs from OpenID

We launched Mozilla Labs’ online identity experiment, BrowserID, only 24 hours ago, and the feedback has been incredibly useful already. At Mozilla, we believe in empowering individuals to shape their online experience. Our work on a decentralized identity solution for the Web matches that mission well. Also, because we believe that transparent community-based processes promote participation, accountability, and trust, we will be posting technical explanations, points of debate, and roadmaps on this blog.

One important question we immediately received from early adopters is how BrowserID compares to OpenID. Both projects have three important common goals:

(a) make it easier and safer for users to log in to web sites by reducing the number of passwords they have to remember,

(b) make it easier for web sites to add authentication features, and

(c) accomplish all of this in existing modern browsers.

Beyond these similarities, we think Mozilla Labs’ BrowserID project provides a few key advantages over OpenID. Lloyd Hilaiel has written an excellent technical primer on BrowserID, which highlights our key design goals. These have led us to three key differences.

via Identity at Mozilla – How BrowserID differs from OpenID. Some really impressive work from the team at Mozilla, defiantly simpler to get started and using than OpenID and eliminates the which OpenID provider did I use for this site.