Categories
Technology

Zuck’s “data” dodge: it’s important.

Watching some of the highlights of Marc Zuckerberg’s testimony before Congress, I see lots of Senators asking him yes or no questions such as, “do you believe FaceBook users have a right to download or delete their data.” Zuckerberg’s response was an unequivocal “yes, Senator” in all cases. But when asked questions about allowing users to decide how data accrued on them could be used or corrected, Zuck began to backpedal and attempt to slip back into tech speak.

It’s really important to understand why he pulls short when asked about deleting or correcting erroneous data. One reason is that all the questions asked to that point were about the “user’s data,” which Zuck can very quickly and easily answer in ways that make the Senators happy.

Because those answers were already beaten out of FaceBook a decade ago. Then, the question was about copyright: FaceBook originally claimed copyright ownership over your photos and posts, a notion which was received with howls of condemnation at the time. The result was a change in FaceBook policy which carved out for itself a limited license for that kind of data.

All of which is to say no: FaceBook does not own your “data,” nor does it hold unlimited copyright to it. Yes, you already have a legal right to all of that information, including your posts, comments, likes, photos, uploads and the whole kit-and-caboodle.

But companies like Cambridge Analytica (and Coca-Cola. and Pepsi. and Sony) are really after is the metadata that is created by the pattern your data creates. The fact that you “like” Roseanne is a lot less important than the fact that you watch more FaceBook videos at 3pm than other times of day. You are available to be advertised too and influenced at those times.

Holding on to actual data about any one individual is a waste of server space, even if you think you might want an archive for some reason. What matters is the ability to observe behavior in real time. That’s why “meme” images with sloganesque sayings on them are so important: you can send one out that’s intended to seem racist and watch what happens.

How long does the average person look at that image? The average Republican? The average 4-year degree holder? The average cop? Does the length of time they look at an image correlate to likes and comments? Does it even need to?

None of this data is “yours.” It wouldn’t exist in digital form without FaceBook providing a platform and third-party businesses aggregating it into actionable insights. Which is why “correcting” data about you is so important and so difficult for Zuck to agree to: that would require that companies open up their data operations to allow you to see their assumptions of you.

Doing so would most likely be an infuriating experience for the end user and a nightmare for businesses. Which isn’t to say that they shouldn’t allow us to see what their assumptions are. But that’s what I think the line he’s going to try to skirt will be.

Categories
Crime Technology

Body Cameras in Rochester. 5 questions yet to be answered.

Now that the City of Rochester has accepted a vendor for the body-worn cameras (BWC) City police officers will be wearing, they should now be fully-ensconced in the process of writing up policy documents for their full-time use. This is according to the City of Rochester’s timeline of events here. The City offers many “model policies” as envisioned by the ACLU and the International Association of Chiefs of Police, as well as actual policy docs from similarly-sized cities in the US.

But while we wait for the formal policy document to be announced, I’m left with 5 big questions about what I’m seeing.

#5. Who are the RPD’s policy-writing partners?

The timeline notes that throughout the months of January, February and March, “RPD is working with its partners, to include the Rochester Police Locust Club” to develop a policy document for BWC use in the field. The RPD and the Locust Club – cops and more cops – we know about. Who else? How will the concerns of the public, ably voiced in community input sessions, be represented in policy meetings?

#4. What makes video “evidentiary?”

Standard in the model policies is the clause that video should be kept only if the information contained in it is considered “evidentiary” to an ongoing investigation or trial. This makes sense. But the question is how “evidentiary” is defined, and in relation to what?

If a BWC is used in a traffic stop on East Ave while there is a simultaneous investigation of underage drinking on the same street? Does evidence get stockpiled in the name of the second investigation, at the expense of the people involved in the first?

#3. Under what circumstances can “non-evidentiary” video be reexamined?

The public comments make clear that local residents are OK with keeping video on file that is currently being used in an investigation or trial. They even seem to be OK with allowing non-evidentiary video to be kept on hand. The ACLU recommends allowing non-evidentiary video files to be kept up to 6 months. But why allow the video to remain at all, if there’s no immediate reason to find the video evidentiary? The obvious answer would be to reinvestigate the video in the event that some other crime might be solved with it.

By whose authority is that video reopened? Is a warrant required to reopen the archived video? Some other benchmark? In fact,

#2. Does a subject of a BWC video get notified of the video’s status?

We can guess that the answer to this is, ‘no.’ But that raises more questions. Are we all supposed to just believe that local police have disposed of video? Or can we be informed in keeping with our right to privacy? If there is a reason to keep a tape of a resident beyond the retention policy, that certainly seems like something they should be made aware of, yet doing so just as obviously could endanger important police investigations.

#1. Can policy ever match reality?

We invest a lot of faith in our institutions: it’s a cornerstone of a functional democracy. The effectiveness of local police is no less critically based on faith and trust – even if that trust is tested on a moment-by-moment basis. But a casual read of even the most conservative model policy on body worn cameras reads like a buffet of civil rights violation.

You don’t have to fear the “dirty cop,” the “rogue,” the “out of control sargeant” nor any other made-for-TV cop bad guy to understand that the models seem like a problem. A liberal reading of even the ACLU’s model policy could lead to perpetual video records of Rochester, one side to the other. Unless Rochester’s policy ends up being a lot more conservative than the models, how well or poorly body cameras are implemented is going to come down to trust.

And it’s trust that the body cameras are supposed to improve. A tall order.

Categories
Technology

Facebook’s “Emotion Detector”: why doesn’t Cornell U take some of the heat?

By now, the story is everywhere: Facebook chose to edit it’s user’s timelines to experiment with whether predominantly good or predominantly bad news stories would affect their emotions. Not surprisingly, your friends’ funk spreads to you, even over the “innernets.”

But what’s got people really up in arms is that Facebook manipulated users’ feeds without telling them and for the express purpose of scientific experiment. That should upset people, for a lot of reasons. Not the least is: while it may be true that you’ve given your consent to have your data studied and manipulated for reasons other than you might intend, you didn’t give your consent to have your personal emotional state altered, which in this case is exactly what they did.

What is strange to me in all of this is that Facebook was not alone, yet they alone seem to be taking the blame. When first I heard of the story, more than two weeks ago, I heard it directly from the media arm of one of the universities that took part in the study, Cornell UniversityUniversity of California, San Francisco (UCSF) also took part in the Big Data study:

“People who had positive content experimentally reduced on their Facebook news feed, for one week, used more negative words in their status updates,” reports Jeff Hancock, professor of communication at Cornell’s College of Agriculture and Life Sciences and co-director of its Social Media Lab. “When news feed negativity was reduced, the opposite pattern occurred: Significantly more positive words were used in peoples’ status updates.”

The experiment is the first to suggest that emotions expressed via online social networks influence the moods of others, the researchers report in “Experimental Evidence of Massive-Scale Emotional Contagion through Social Networks,” published online June 2 in PNAS (Proceedings of the National Academy of Science) Social Science.

Facebook certainly has a lot to answer for. But this should also serve as a warning to would-be Big Data experimenters that Big Data affects little people. If the results of an experiment are spread out over several hundred thousand unwilling participants, that does not mean that the experiment is consequence free, nor should it be.

Update: someone much more familiar with scientific ethics standards and IRB’s (Institutional Review Boards) than I seems to be echoing my concerns. A key passage:

.. But while much of the uproar about Facebook’s inappropriate manipulation of human subjects has been  (appropriately!) directed at Kramer and his co-authors, missing from the commentary I’ve found on the Web thus far is any mention of the role of the (academic?) reviewers who read the manuscript and ultimately recommended it for publication by the National Academy of Sciences..  (Note: Forbes reports that researchers at Cornell passed on reviewing the final paper, although Cornell researchers did help design the study.)

Thanks go to reader @chelseamdo for the find.

Later Update: The Ithaca Voice finds reason to believe, based on a Mashable article, that the Cornell University study may have also received US Army backing. The Army undeniably funded another study by the same boffin, also concerned with shaping dialog on social. But Cornell denies that the Facebook study in question was funded in any way by any outside contributor.

While Professor Hancock, like many researchers, has conducted work funded by the federal government during his career, at no time did Professor Hancock or his postdoctoral associate Jamie Guillory request or receive outside funding to support their work on this PNAS paper. Initial wording in an article and press releases generated by Cornell University that indicated outside funding sources was an unfortunate error missed during the editorial review process. That error was corrected as soon as it was brought to our attention.

Categories
SECURITY Technology

WTF is #Heartbleed? And should I hoard gold?

There doesn’t seem to be a tech, a hacker or a tech-savvy food service employee out there who isn’t sounding the alarm about a threat called Heartbleed. I’ve been doing a lot of liveblogging of my discoveries re: various institutions and companies and their preparations for Heartbleed. But I’ve not yet had the opportunity to sit down and summarize what we know about the threat so my audience can understand it.

First and foremost, Heartbleed is not a virus, malware or spyware. It’s not a “bug” in the sense that we discuss various threats these days. Running McAfee on your system will not help. Instead, Heartbleed is a vulnerability in the fabric of what allows for confidential communications over the Internet. In other words, those websites you access with https:// in the address, rather than http:// When exploited, Heartbleed has the power to render visible the information that was supposed to be confidential, including usernames and passwords, confidential data and worst of all, the keys a given service uses to make all future communications secure.

Well, damn. That certainly sounds bad. And it is: Heartbleed attacks a form of communication that is nearly ubiquitous on the modern Internet where security is a concern.

But before you go to all the trouble of refreshing the potpourri and washing the doilies in the bomb shelter, let’s talk about what it can and cannot do, and how you can protect yourself without going broke on duct tape.

The Whole Internet is Not Busted

When a security vulnerability like this comes around, often people find themselves trapped between blase attitudes and hair-on-fire panic of their friends and neighbors. But to be clear: only websites that you browse using https:// are affected, and not all of them, either.

An example of an https:// website.
An example of an https:// website.

Any site you browse using http:// is the same as it ever was. What makes the difference between the https sites that are and are not affected? Well, let’s talk about that.

How Heartbleed works

The heart of the problem is something called Secure Sockets Layers (SSL), which creates encrypted “tunnels” of information between you and the service you are connecting too. When communicating through these tunnels, all information is scrambled in a way that is unreadable to a would-be snoop. Examples of SSL tunnels would include https sites, SSH shells, FTPS and the ubiquitous VPS connections many employees have to their employers’ systems.

Heartbleed is a vulnerability in one common Open Source implementation of SSL, called OpenSSL. In this implementation, there is a means for completely unauthenticated users – complete strangers on the Internet – to be able to read the information held on the memory of servers that deliver SSH content. Worse than simply seeing the actual confidential data you meant to hide, this new vulnerability provides the “keys to the kingdom,” allowing an attacker to see the username and password of a legitimate user and also the keys by which the server provides secure content. That means any further connections to that server using those keys will be compromised.

So, yeah. Its pretty damned serious, indeed. And because use of OpenSSL is so ubiquitous, the potential harm to the online community is pretty vast and staggering.

There’s Good News, Too

But there are many more sites that do not use the OpenSSL system to encrypt their data, and as of the time of this writing, those SSL systems remain unaffected by Heartbleed. In particular, your bank, PayPal and anyone dealing with PCI-compliant eCommerce (which should be just about everyone doing eCommerce, we hope) are all unaffected by Heartbleed.

There are many more encryption algorithms that are not related to OpenSSL and do not require any kind of patching or security fixes. And the fix for OpenSSL is also freely available; most credible services are already locking down their SSL connections. Therefore, even a site that is currently using OpenSSL isn’t any less secure by nature than any other.

What is the Solution?

Because the fix for OpenSSL’s Heartbleed bug, server admins are busily patching their systems and where necessary, reissuing keys for affected systems. And you can bet that OpenSSL’s next build will come with the patch already implemented.

However, once a server has been patched, the next step is to reissue keys and have users encrypt their passwords with those new keys. That’s why you may have gotten emails from stuff you do online recommending you reset your password.

Should I Just Start Resetting Passwords, Then?

No. First of all, while it’s always recommended that you update passwords on a regular basis and I’ve even given you a handy guide to creating secure ones, doing so en masse promises to create confusion. There’s no sense making the situation worse by forgetting new passwords or creating a bunch of duplicates.

But secondly and much more important in this case, resetting your password will only be effective after the SSL keys are regenerated. So if Company X is affected by Heartbleed – and hasn’t yet secured their servers – resetting your password changes nothing. And after they’ve secured their servers, they’re just going to ask you to change your password again, because that’s exactly what is required.

Your best bet if you’re concerned about your security online is ask, ask, ask. Find out if your bank or social network is affected by Heartbleed by asking them. Check your list of sites you frequent and find out what you should do about them.

Categories
Technology

Oh. So you’re “carpooling?” Xerox just wants to be sure…

As gaga as a lot of people are for urban planning and easing traffic congestion on our nation’s highways, I’m pretty sure most of those so affected are less pleased to usher in another of Big Brother’s snooping machines. Yet here we are, in 2014, with Xerox out selling our nation’s highway administrators on what you might call a “Carpool Nanny.”

Yes, somewhere along the way, The Document Imaging Company has become the Traffic Violation Documenting Company. A few years ago, Xerox announced plans to put cameras on school buses. Now, they’re excited to get cameras on highways to monitor the carpooling lane:

Unlike competing solutions, the Vehicle Passenger Detection System identifies the number of occupants in a vehicle with better than 95 percent accuracy at speeds ranging from stop-and-go to 100 mph.

Using patented video analytics and geometric algorithms the roadside detection unit can distinguish between empty and occupied seats. When a violation is detected, the information can be reported to the relevant enforcement agency in real time so an officer can visually confirm the information and potentially issue a citation.

Generous of them to include an actual officer of the law. Or a fig leaf, because who thinks carpool tickets wouldn’t become as ubiquitously automated as red light tickets?

Either way, the “patented video analytics and geometric algorithms” will no doubt come in handy when law enforcement needs to identify an individual in the car, somewhere down the line. The Xerox carpool camera makes snooping inside your vehicle commonplace and soon, a hum-drum old story. A camera is a camera.

Categories
Technology

Five good reasons to stay (legitimately) anonymous on the Internet

With dreary regularity, we hear news reports of outrage and shock over anonymous people on the Internet doing something we object to as a society. Recently, the big flap was over anonymous commenters on YouTube spewing racist screeds over a Cheerios commercial featuring a mixed-race family.

It will come as a shock to no one who regularly visits YouTube that the comments section is and has always been a cesspool. A cesspool, by the way, not at all unlike the comment sections of most media websites. Regardless of this, when it happens to a cereal box, we apparently need to comment on it in mainstream media.

The reaction of many has been to take out their frustrations on anonymous commenters. As the theory goes, the anonymous would not be free to spit out vitriol if their names were attached to their online identities. Never minding, of course, that Mohammed Hussein of Iraq is as anonymous to Tom Belknap of Rochester, NY as is FuzzyBunnyFeet2012. Really: what is in a name in a community of millions of online users stretched over an entire globe?

But before we consider “real names” to be a foregone solution to the problem, let’s first consider the benefits of anonymity online. Here are five perfectly good, legitimate reasons to keep your identity a secret online.

5. Don’t waterboard me, bro!

So. You’ve got questions about terrorism. Whom shall you ask?

While many of us have bland English names and white skin, for the majority of the planet, asking these questions with our names  public and avatars personalized might raise suspicions on the Internet that we’d rather not colour the responses.

Yes, you’ll get hateful and predictable accusations. But even well-meaning people may temper their answers to avoid offending a culture you might not even belong to.

I honestly might never have thought of this one had I not searched Quora for questions about anonymity. One of the first questions came up was exactly this. “Is it normal to want to ask questions about terrorism anonymously?”

4. Don’t hate me because I’m beautiful

In line with the next most obvious biases you might want to avoid in cyberspace, gender and sexuality biases are always a concern. You might either wish not to let the general public know your sex or sexuality, or you just don’t want your name attached to a question.

I mean sure: you’re proud of your duck-face avatar with the cleavage hanging out. But that doesn’t mean you need to show off all the time, right?

3. Social agreement

Depending on the circumstances and your point of view, this can be both a positive and a negative of social anonymity. A study done at the University of Amsterdam and published to the Sage Journals shows that anonymous groups take on the agreed upon traits of the group much more readily than groups of named individuals.

It’s all a part of what is known as the Social Identity of Deindividualized Effects (SIDE). The study found that when groups were anonymous, users conformed to the agreed-upon behavior, even if they were introduced into the system much later.

The result is a double-edged sword: on one hand, groups formed around civil discussion are likely to remain that way. Medical help sites tend to be this way. But comment sections like YouTube can get nasty if the agreed-upon behavior is generally nasty. Nevertheless the potential for more productive collaboration – like that in Open Source community projects like WordPress or others – does not just exist: it is well-documented.

2. Your creative selves

The old-school Internet users know, even if our modern community tends to forget: you can be whatever you’d like to be on the Internet. Does that seem fake? Artificial? Vain?

Of course! And nobody needs to know but you. Go ahead and create an account, play a role. Creativity with identity isn’t a bad thing, in fact, it was super-popular in the Renaissance. Of course, so was medical blood-letting. It’s not a perfect example…

1. The Internet is forever.

Regardless of which of these reasons you might chose to keep your identity private, one thing I’m sure we must all know by now is: the Internet is forever. Whatever question you ask or opinion you share, there it is, more or less forever.

It’s worth stopping a moment when you chose to express yourself and wonder whether this is really a thought you’ll be OK with surfacing twenty or thirty years in the future, because the potential is there. God help me if the unfettered praise of my 12-yo self for Rick Springfield were still on the Internet. I’d never get a job.

So, before we get to cavalier in our desire to remove the trolls from our midst, remember that you sometimes have to defend what is wrong in order to defend what is right.

Categories
Politics Technology

PRISM: it’s not “just meta data”

Briefly, I wanted to touch on the President’s comments about the PRISM program that the FBI and NSA are using to monitor traffic on telephone and Internet networks. I am increasingly disappointed by President Obama’s cavalier attitude toward the program and the public’s objections to it. But in particular, I am disappointed in the way that he and others obfuscate around an important point.

Obama Dismisses ‘Hype’ Over NSA Reports: ‘Nobody Is Listening To Your Telephone Calls’

“When it comes to telephone calls, nobody is listening to your telephone calls. That’s not what this program’s about,” Obama said.

It’s just “meta data,” he and others want you to think. What’s really important about your phone calls is what you said, right? And nobody’s listening to that.

But keep in mind: if you’re not plotting a terrorist attack, the content of your phone conversations is probably completely banal horseshit in the first place. Not even really important enough, in most cases, for you to remember. It is not the valuable part.

Who you call and when – to say nothing of what you uploaded to YouTube, when you tweeted, etc – is far more important most of the time than what you said. That may be different for terrorists, but remember: the government says it’s not listening.

Categories
SECURITY Technology

Wait. How many requests does our government make for our Google data?

Google has released its latest Transparency Report for 2012 and the big story in most of the media is that 88% of the time, Google complies with government subpoenas. We’re all supposed to suck in our collective breath that Google would be so cavalier with our personal data:

In its latest “Transparency Report,” Google revealed that it received 21,389 requests for information about 33,634 users in the second half of 2012, with 8,438 of those requests coming from the U.S. government. Google handed over the data 88 percent of the time, based mostly on just a subpoena, which does not require the approval of a judge.

Wait. Aren’t we burying the lede, here? Let’s have a look at the actual numbers. Here is the chart for requests by country, and once again we see that the United States is peerless in its requests for private data. Only India comes within one quarter of that number, and with only 66% of requests honored, it really makes you wonder what they’re requesting:

Requests by country, sorted by request number. No one touches us. U-S-A! U-S-A! U-S-A! U-S-A!

This follows the same pattern we’ve seen from our government in the past. As I noted then, the trouble with all these numbers is that the represent a company’s interpretation of law and of privacy. But considering that Google complied with 88% of the US requests, as opposed to 66% of India’s and 0% of Turkey’s requests, it seems very clear that there is some judgement happening at Google. They don’t appear to simply be turning over private data without discretion, in fact, the 88% compliance number strikes me as proof that the orders coming from the United States were filed in compliance with the law.

One can argue that the law is flawed. I certainly would. But that is not Google’s issue, nor really is there any other company providing its users with such – well, transparent – information about their compliance with subpoenas. The real question is: why are so many requests coming from a nominally free society?

Categories
Journalism Technology

Your local social journo, their bosses, and you.

By now, most of you may be aware that Channel 13 was recently bought by the Sinclair Broadcast Group. Sinclair is one of the juggernauts of media consolidation, from their own “About” page:

Sinclair owns and operates, programs or provides sales services to 87 television stations in 47 markets. Sinclair’s television group reaches approximately 27.1% of US television households and includes FOX, ABC, MyTV, CW, CBS, NBC, MTN and Azteca affiliates.

What you may not know is that, because of the change in ownership at WHAM, new policy changes regarding social media are going to potentially have a big impact on your relationship with the social media journalists, of which 13WHAM’s media team are among the best in our market. Because it is apparently the policy of Sinclair Broadcast to take ownership of social media accounts of on-air talent. This means that a social media account of your local broadcast journalist would now include full administrative rights given to the company: Lois Lane’s boss is now looking over her shoulder, whether you know it or not.

You may already have noticed that a few of the on-air talents at 13WHAM have already changed their Twitter accounts, adding new ones that are marked as 13WHAM. Rachel Barnhart, Evan Dawson and Norma Holland have all done this, more may follow suit. They’re doing this because the company is asking for separate accounts, rather than attempting to take ownership of these journalists’ personal accounts.

Romenesko broke the story of Rachel Barnhart posting the news to her extremely large and active social media following:

Barnhart points out in the comments on her post: “The big benefit for stations is owning a reporter’s relationship with followers. The reporter can’t take the following with her if she leaves for a competitor or anywhere else.” She adds: “I don’t consider this a muzzle, as I can continue to use my own accounts, primarily as I have been. I just have to maintain additional work-only accounts.”

This precedent has many in local media both concerned for their own privacy and worried about the long-term effects this type of corporate control may have on free speech and the ability of a social media journalist to establish trust with their audiences. Calling it “silly and misguided,” journalists point out that the need for corporate control misses the point of social media entirely and as Rachel eludes to above, basically takes ownership of a professional’s ability to practice their profession.

Both legally and ethically, the corporate take-over presents a bit of a problem. Because it is already well established that your boss cannot ask for nor assume administrative access to your social network account profiles. They’re not allowed to ask for your password in pre-hire and they certainly cannot establish any level of ownership after hiring you. Journalists are many things, but they are employees of the companies they work for. The insistence on creating separate profiles is, to put it mildly, too cute by half.

There is absolutely no distinction to be made between owning one account and having administrative rights to the other. Because a social network account is a profile. It is a means of direct access to any person, but especially a journalist. Journalists at 13WHAM will be “encouraged” to use their corporate owned Twitter accounts when doing live tweeting or other “business” related to the news. Sooner rather than later, the audience will see the WHAM account as the authoritative one.

But beyond your local social journo and their boss, the title of this post did mention you, did it not? Oh, yes. It does. The reason is that, beyond merely 13WHAM, Sinclair also owns Fox 31 and rochesterhomepage.net, and presumably all the social media accounts you’ve been following related to Fox. And they’ve owned the local Fox affiliate for a long time. That means that all those things about you that Facebook already knows are also the purview of Sinclair Broadcasting Group already, if you’ve done any interacting with their Facebook presence. This would include:

  • Your comments on those posts and tweets.
  • Your posts to their Wall
  • Oh, yes. This absolutely does include the stuff you or they deleted in those times when you might have gotten a little carried away.
  • Semi-private messages such as DMs on Twitter.

Your privacy is a part of this. And any time you make contact with any of 13WHAM’s on-air personalities through their official accounts (and for those who haven’t already changed their accounts, who knows??) are now within a quick glance from any Program Director with the curiosity to look.

And if none of this strikes you as a problem because you have “nothing to hide,” what about those who do? Local media rarely works with Deep Throat and those that might would probably not opt for the barely-safe social media accounts they have. But people with tips about their companies? Victims of violence or scams who want someone to know but didn’t want to go public?

We can tut-tut about privacy all we like – who would use a social media account to pass private information? – but in this modern era, I am personally aware of many stories broken via first leads over social media accounts. And if those same leads could not trust to whom they spoke, would they be as willing?

Categories
Technology

TrendLabs report shows phishing scams blossomed this holiday season.

Tis the season, after all. The season of giving. The season of sharing. The season of buying with PayPal. The season to hurriedly check one’s email and click on links without thinking.

Or so it would seem according to anti-virus software maker TrendMicro. According to their research, phishing, black hole exploits and electronic pilfering of all kinds spiked during the 2012 Christmas season. And color me shocked! PayPal gets the hands-down biggest number of exploits. Including mobile:

Mobile users, unfortunately, are not exempted from this swath of online threats. [click for link] is an example of a spoofed PayPal for Mobile site that users should be wary of. Because mobile users will typically not see the whole URL, users may readily think that they visited the legitimate website.

It is easy to blame PayPal for the persistent problem of bank security online and it is certainly true that they’ve had their lackadaisical response to security issues in the past. But at this point, PayPal represents one of only a handful of high-profile payment gateways that can be used to dupe users.

Categories
Politics Technology

Are your social networks pushing secret ballots aside?

One of the cornerstones of the Internet as a cultural phenomenon is, in my estimation, political speech. That’s not just because I’m very political, though I obviously am. Rather the dawning of the wider acceptance of the Internet as a communication and entertainment medium goes hand-in-hand with the rise of news websites, political blogs, Net Roots Nation, online petitions and a host of other outlets that either are inherently political or else lend themselves to political action. We’ve even heard calls for online voting – just dispense with the meat-based world of civics, altogether.

But we’re so accoustomed to speaking our minds on the Internet, perhaps it is worth considering just what online voting might eventually take away from us. Pew Internet Research has released a report suggesting that the mere existence of the blabbermouth Social Networking set is taking away some of the anonymity of the secret ballot.

According to the report, 30% of us have been asked to vote for one candidate or the other and 20% have done the asking. Overall, 22% of us have told our social networks for whom we planned on voting. And if we’re being honest, most of us have social networks made up of a lot of people we don’t even know.

When I first voted, I was sternly admonished by a former girlfriend’s father to never tell anyone – including people who agreed with my selection – for whom I voted. Ever. But these days, people put Obama or Romney pictures up as their Timeline photos. We post someecards with snark about our opponents. There are even tools designed specifically to mute your politically-active friends and relations, should the need arise.

Vexingly, the report does not break the numbers down by social networks, which I think might also be illuminating. Regardless of the demographic break down, it is clear that our social network world is considerably more free with voter information than our time-honoured, traditional model.

But perhaps our behavior says as much about the culture and political climate around us as it says about anything? Perhaps social networking serves in this case as a metric, rather than a cause? The reason a secret ballot was so important in decades past was that there was a genuine threat of reprisal for voting “incorrectly.” Not simply a few nastygrams from your crazy aunt, but actual thugs from Boss Tweed’s organization to help you see the error of your ways. I don’t think that’s much of a threat in the United States, these days. The Black Panthers, of course, being the obvious exception.

The threat of reprisal remains genuine in other parts of the world. So the question then becomes: do people in other, less-secure democracies have the same libertine view of social “voting’ that we do?

Categories
Rochester Technology

Big Brother is bussing you: Xerox installs traffic cameras on Md school busses

There’s been a bit of… discussion… surrounding the use of red light cameras in Rochester. Do they actually discourage running red lights? Well, revenues from the cameras have been reported higher than expected, so perhaps not. But do they contribute to a general culture of better safety? Other reports say yes, they do.

But now it appears that Xerox Corporation has made a move in Maryland to widen the debate still further: do traffic cameras on busses stop people from blowing past them while kids are getting on the bus? The Frederick County, Md school district will be installing cameras, networking and software created by Xerox to monitor kids as they get on and off the bus, while at the same time, checking for drivers who illegally pass the bus while stopped. Xerox characterizes the need for its CrossSafe™ software with the following quote:

“Xerox understands our sense of urgency to address this very serious concern to student safety,” said Frederick County Sheriff Chuck Jenkins. “Violators will now face serious penalties and be held accountable for their disregard for the safety of children traveling on buses. CrossSafe™ is a turnkey solution that will help make bus routes safer and ease the minds of parents.”

“Urgency” is an interesting word. A quick Google News search turned up absolutely no mentions in local Maryland news of this program. Thumbing through the school’s news archives – as far back as mid-terms last year – turns up no discussion of this program. I can’t even find any reports of accidents in the area involving school busses.

Where is the urgency?

To be clear: blowing past a stopped school bus while they’re picking up school children is dumb, dumb, dumb. And potentially fatal. But potential is a shitty benchmark for public policy, especially policy that continues to contribute to our Nanny State culture where you’re not allowed to do anything without being filmed. And lord knows that as a liberal, I just love spending other people’s tax dollars, but seriously? Could they have hired another music teacher with the cash they’ve ported to Rochester (hugs ‘n kisses)? Maybe spent that money on actual problems?