"privacy" entries

Four short links: 4 November 2015

Four short links: 4 November 2015

Data Dashboard, Feature Flags, Email Replies, and Invisible Bias

  1. re:dash — open source query editor, visualisations, dashboard for data from all sorts of databases (SQL, ElasticSearch, etc.)
  2. Feature-Flag-Driven Development — one of the key pieces of modern development systems.
  3. Gmail Suggesting RepliesIn developing Smart Reply, we adhered to the same rigorous user privacy standards we’ve always held — in other words, no humans reading your email. This means researchers have to get machine learning to work on a data set that they themselves cannot read, which is a little like trying to solve a puzzle while blindfolded — but a challenge makes it more interesting!
  4. The Selective Laziness of ReasoningAmong those participants who accepted the manipulation and thus thought they were evaluating someone else’s argument, more than half (56% and 58%) rejected the arguments that were in fact their own. Moreover, participants were more likely to reject their own arguments for invalid than for valid answers. This demonstrates that people are more critical of other people’s arguments than of their own, without being overly critical: They are better able to tell valid from invalid arguments when the arguments are someone else’s rather than their own.
Comment
Four short links: 29 October 2015

Four short links: 29 October 2015

Cloud Passports, Better Python Notebooks, Slippery Telcos, and Python Data Journalism

  1. Australia Floating the Idea of Cloud PassportsUnder a cloud passport, a traveller’s identity and biometrics data would be stored in a cloud, so passengers would no longer need to carry their passports and risk having them lost or stolen. That sound you hear is Taylor Swift on Security, quoting “Wildest Dreams” into her vodka and Tang: “I can see the end as it begins.” This article is also notable for The idea of cloud passports is the result of a hipster-style-hackathon.
  2. Jupyter — Python Notebooks that allows you to create and share documents that contain live code, equations, visualizations, and explanatory text. Uses include: data cleaning and transformation, numerical simulation, statistical modeling, machine learning, and much more.
  3. Telcos $24B Business In Your DataUnder the radar, Verizon, Sprint, Telefonica, and other carriers have partnered with firms including SAP, IBM, HP, and AirSage to manage, package, and sell various levels of data to marketers and other clients. It’s all part of a push by the world’s largest phone operators to counteract diminishing subscriber growth through new business ventures that tap into the data that showers from consumers’ mobile Web surfing, text messaging, and phone calls. Even if you do pay for it, you’re still the product.
  4. Introducing Agate — a Python data analysis library designed to be useable by non-data-scientists, so leads to readable and predictable code. Target market: data journalists.
Comment
Four short links: 7 October 2015

Four short links: 7 October 2015

Time for Change, Face Recognition, Correct Monitoring, and Surveillance Infrastructure

  1. The Uncertain Future of Emotion AnalyticsA year before the launch of the first mass-produced personal computer, British academic David Collingridge wrote in his book “The Social Control of Technology” that “when change is easy, the need for it cannot be foreseen; when the need for change is apparent, change has become expensive, difficult, and time consuming.”
  2. Automatic Face Recognition (Bruce Schneier) — Without meaningful regulation, we’re moving into a world where governments and corporations will be able to identify people both in real time and backwards in time, remotely and in secret, without consent or recourse.
  3. Really Monitoring Your SystemsIf you are not measuring and showing the maximum value, then you are hiding something. The number one indicator you should never get rid of is the maximum value. That’s not noise — it’s the signal; the rest is noise.
  4. Haunted by Data (Maciej Ceglowski) — You can’t just set up an elaborate surveillance infrastructure and then decide to ignore it. These data pipelines take on an institutional life of their own, and it doesn’t help that people speak of the “data-driven organization” with the same religious fervor as a “Christ-centered life.”
Comment

No, the IoT does not need strong privacy and security to flourish

The Internet of Things will happily march along with lousy privacy and security, and we will be the poorer for it.

Get notified when our free report “Privacy and Security in the Internet of Things,” by Gilad Rosner, becomes available.

padlock-322494_1280“Without addressing privacy and trust, the Internet of Things will not reach its full potential.”

This refrain can be heard at IoT conferences, in opinion pieces in the press and in normative academic literature. If we don’t  “get it right,” then consumers won’t embrace the IoT and all of the wonderful commercial and societal benefits it portends.

This is false.

It’s a nice idea, imagining that concern for privacy and security will curtail or slow technological growth. But don’t believe it: the Internet of Things will develop whether or not privacy and security are addressed. Economic imperative and technology evolution will impel the IoT and its tremendous potential for increased monitoring forward, but citizen concern plays a minor role in operationalizing privacy. Certainly, popular discourse on the subject is important, but developers, designers, policy-makers and manufacturers are the key actors in embedding privacy architectures within new connected devices. Read more…

Comments: 5
Four short links: 25 September 2015

Four short links: 25 September 2015

Predicting Policing, Assaulting Advertising, Compliance Ratings, and $9 Computer

  1. Police Program Aims to Pinpoint Those Most Likely to Commit Crimes (NYT) — John S. Hollywood, a senior operations researcher at the RAND Corporation, said that in the limited number of studies undertaken to measure the efficacy of predictive policing, the improvement in forecasting crimes had been only 5% or 10% better than regular policing methods.
  2. Apple’s Assault on Advertising and Google (Calacanis) — Google wants to be proud of their legacy, and tricking people into clicking ads and selling our profiles to advertisers is an awesome business – but a horrible legacy for Larry and Sergey. Read beside the Bloomberg piece on click fraud and the future isn’t too rosy for advertising. If the ad bubble bursts, how much of the Web will it take with it?
  3. China Is Building The Mother Of All Reputation Systems To Monitor Citizen BehaviorThe document talks about the “construction of credibility” — the ability to give and take away credits — across more than 30 areas of life, from energy saving to advertising.
  4. $9 Computer Hardware (Makezine) — open hardware project, with open source software. The board’s spec is a 1GHz R8 ARM processor with 512MB of RAM, 4GB of NAND storage, and Wi-Fi and Bluetooth built in.
Comment
Four short links: 17 September 2015

Four short links: 17 September 2015

Google's Code, China's Pledge, MD5's Cracks, and Toyota's Robotics Hire

  1. Google’s 2 Billion Lines of Code (Wired) — 85TB, 45,000 changes/day in Google’s DVCS “Piper.” They’re looking at Mercurial.
  2. China Extracting Pledge of Compliance from US Firms (NY Times) — The letter also asks the American companies to ensure their products are “secure and controllable,” a catchphrase that industry groups said could be used to force companies to build so-called back doors — which allow third-party access to systems — provide encryption keys or even hand over source code.
  3. MD5 To Be Considered Harmful Some Day (Adrian Colyer) — walkthrough of Dan Kaminsky’s paper on the growing number of cracks in MD5.
  4. Toyota’s Robot Car Plans (IEEE Spectrum) — Toyota hired the former head of DARPA’s Robotics Challenge. Pratt explained that a U.S. $50 million R&D collaboration with MIT and Stanford is just the beginning of a large and ambitious program whose goal is developing intelligent vehicles that can make roads safer and robot helpers that can improve people’s lives at home.
Comment
Four short links: 11 September 2015

Four short links: 11 September 2015

Wishful CS, Music Big Data, Better Queues, and Data as Liability

  1. Computer Science Courses that Don’t Exist, But Should (James Hague) — CSCI 3300: Classical Software Studies. Discuss and dissect historically significant products, including VisiCalc, AppleWorks, Robot Odyssey, Zork, and MacPaint. Emphases are on user interface and creativity fostered by hardware limitations.
  2. Music Science: How Data and Digital Content Are Changing Music — O’Reilly research report on big data and the music industry. Researchers estimate that it takes five seconds to decide if we don’t like a song, but 25 to conclude that we like it.
  3. The Curse of the First-In First-Out Queue Discipline (PDF) — the research paper behind the “more efficient to serve the last person who joined the queue” newspaper stories going around.
  4. Data is Not an Asset, It Is a Liabilityregardless of the boilerplate in your privacy policy, none of your users have given informed consent to being tracked. Every tracker and beacon script on your website increases the privacy cost they pay for transacting with you, chipping away at the trust in the relationship.
Comment
Four short links: 9 September 2015

Four short links: 9 September 2015

Bricklaying Robots, Photographic Insecurity, Quantum-Resistant Crypto, and Garbage Subtraction

  1. Bricklaying Robot Lays 3x Speed of Humans (MIT TR) — The robot can correct for the differences between theoretical building specifications and what’s actually on site, says Scott Peters, co-founder of Construction Robotics, a company based in Victor, New York, that designed SAM as its debut product. (via Audrey Watters)
  2. When a Photo Ends Your Security (Bruce Schneier) — the TSA’s master key was shown in a Washington Post photo spread, so now it can be recreated from the photo.
  3. Online Security Braces for Quantum Revolution (Nature) — PQCRYPTO, a European consortium of quantum-cryptography researchers in academia and industry, released a preliminary report on 7 September recommending cryptographic techniques that are resistant to quantum computers […] It favoured the McEliece system, which has resisted attacks since 1978, for public-key cryptography.
  4. The New Wave is Garbage Subtracted (Adam Trachtenberg) — Adam found some amazingly prescient writing from Esther Dyson. The new wave is not value-added; it’s garbage-subtracted. The job of the future is PR guy, not journalist. I’m too busy reading, so why should I pay for more things to read? Anything anyone didn’t pay to send to me…I’m not going to read.
Comment: 1
Four short links: 8 September 2015

Four short links: 8 September 2015

Serverless Microservers, Data Privacy, NAS Security, and Mobile Advertising

  1. Microservices Without the Servers (Amazon) — By “serverless,” we mean no explicit infrastructure required, as in: no servers, no deployments onto servers, no installed software of any kind. We’ll use only managed cloud services and a laptop. The diagram below illustrates the high-level components and their connections: a Lambda function as the compute (“backend”) and a mobile app that connects directly to it, plus Amazon API Gateway to provide an HTTP endpoint for a static Amazon S3-hosted website.
  2. Privacy vs Data Science — claims Apple is having trouble recruiting top-class machine learning talent because of the strict privacy-driven limits on data retention (Siri data: 6 months, Maps: 15 minutes). As a consequence, Apple’s smartphones attempt to crunch a great deal of user data locally rather than in the cloud.
  3. NAS Backdoors — firmware in some Seagate NAS drives is very vulnerable. It’s unclear whether these are Seagate-added, or came with third-party bundled software. Coming soon to lightbulbs, doors, thermostats, and all your favorite inanimate objects. (via BetaNews)
  4. Most Consumers Wouldn’t Pay Publishers What It Would Take to Replace Mobile Ad Income — they didn’t talk to this consumer.
Comment
Four short links: 28 August 2015

Four short links: 28 August 2015

Ad Blockers, Self-Evaluation, Blockchain Podcast, and Mobile Fingerprints

  1. 10 Ad Blocking Extensions Tested for Best PerformanceThis test is about the performance of an ad blocker in terms of how quickly it loads a range of ad blocked pages, the maximum amount of memory it uses, and how much stress it puts on the CPU. µBlock Origin wins for Chrome. (via Nelson Minar)
  2. Staff Evaluation of Me (Karl Fisch) — I also tried the Google Form approach. 0 responses, from which I concluded that nobody had any problems with me and DEFINITELY no conclusions could be drawn about my coworkers creating mail filters to mark my messages as spam.
  3. Blockchain (BBC) — episode on the blockchain that does a good job of staying accurate while being comprehensible. (via Sam Kinsley)
  4. Fingerprints On Mobile Devices: Abusing and Leaking (PDF) — We will analyze the mobile fingerprint authentication and authorization frameworks, and discuss several security pitfalls of the current designs, including: Confused Authorization Attack; Unsecure fingerprint data storage; Trusted fingerprint sensors exposed to the untrusted world; Backdoor of pre-embedding fingerprints.
Comment: 1