|There are great benefits to connectedness, but we haven't wrapped our minds around the costs.|
||massive investments into secretive projects that are nearly invisible
|| 5:24 am EDT, Jun 23, 2015
Illah Reza Nourbakhsh:
Ideally, the rapid expansion of robots' roles in society would be matched by equally impressive advances in regulation and in tort and liability law, so that societies could deal with the issues of accountability and responsibility that will inevitably crop up in the coming years. But the pace of change in robotics is far outstripping the ability of regulators and lawmakers to keep up, especially as large corporations pour massive investments into secretive robotics projects that are nearly invisible to government regulators.
Once we realize what we can do, we wonder whether we should.
So-called big data is clearly helping decision-making. But many of its products -- ultra-high-speed trading, for example -- are either socially and economically irrelevant or, quite possibly, harmful.
Jennifer Lynch, senior staff attorney at EFF:
Once the nation has a facial recognition database, and once facial recognition capabilities improve to the point that we can identify faces in a crowd, it will become possible for authorities to identify people as they move through society.
G.W. Schulz and Amanda Pike:
Like many cities around the country, Los Angeles is grappling with unease from residents over thousands of networked cameras that can peer into many corners of our lives, often without us being fully aware of it.
Dayton Police Chief Richard Biehl:
I want them to be worried that we're watching.
||the more fraught question
|| 6:57 am EDT, Jun 22, 2015
The report of the Global Commission on Internet Governance pushes what it calls a "social compact" -- an invented term, not the philosophical concept of old. It reflects the frightening prospect that the new age bonds of society are not between citizens and states, but between citizens (likely, in the imagining of its proponents, to be self-employed cheap workers of the "sharing economy" and other fabricated markets) and a nebulous "community" of "stakeholders".
From the Valley's perspective, the "power to share" looks less like an imposition of American values and more like a universal social good. But even if we agree with this proposition ... there is the more fraught question of what all that sharing adds up to.
The brightest and buzziest apps aren't about connecting me to you, but rather about never forcing us to acknowledge that anyone else exists in real life as anything but the help.
What makes the pervading mythologies so frustrating is the smug certainty of Silicon Valley that its contributions to society are more important than every other industry's. It's not that we can't deal with assholes in our national midst (there's no innovating our way out of that); it's that no prior cohort of rich pricks have fooled themselves, and the rest of us, so thoroughly.
|| 6:44 am EDT, Jun 22, 2015
We spent 20 years accumulating a whole slew of bad practices, and we have issues with the underlying technology ... We have to overcome everything that we've accumulated from almost the advent of technology -- this pile of bad practices and configurations ... It just takes time.
Universally what happens is, everybody tears everything down and starts over. This is how technology development works.
The sunset is a necessary first step for a new day to dawn.
|| 6:43 am EDT, Jun 22, 2015
In 2014, 42% of U.S. job candidates underwent some sort of background check, compared with just 25% in 2010. Last year 23% received a skills test, up from 16% five years ago. And 23% received a drug test, up from 13% in 2010.
Immutable, physical facts can be used to identify you, remotely and in secret, without any recourse.
John Paul Titlow:
DuckDuckGo prefers ignorance.
||oh, the pain, the pain ... the pain of it all
||11:16 pm EDT, Jun 20, 2015
The trick to funding a company ... is to keep the founders in a state of financial insecurity so they think their life depends on getting the company off the ground.
Churchix is designed for Church administrators and event managers who want to save the pain of manually tracking their members' attendance to their events.
Outsourcing your security intelligence infrastructure to maximize existing IT resources provides a similar benefit to hiring a lawn service company to keep your estate grounds looking good. Beyond regularly scheduled mowings, the turf experts also troubleshoot issues with moss, grubs and other pests that cause bare spots so you have more time to watch the game.
||seeing is not believing the lie
||11:15 pm EDT, Jun 20, 2015
These podcasts will change the way you look at your phone.
The administration has never advocated that all intrusions be made public.
It is difficult to identify anyone who believes defenders have the advantage in cyberspace.
|| 7:09 am EDT, Jun 19, 2015
You may rarely look at it, but you'll always feel it.
This is our signature, and it means everything.
Researchers have demonstrated that the mere presence of a phone makes people less productive and less trusting ...
If you can't make it happy, at least make it beautiful.
||the world that we created
|| 7:08 am EDT, Jun 19, 2015
Temporal narcissism demands that we must always live in the most crucial, most urgent, most dangerous, yet most opportunity-rich time in human history.
An Unnamed Narrator:
There can be no doubt that the consciousness of the rapid increase of my superstition -- for why should I not so term it? -- served mainly to accelerate the increase itself. Such, I have long known, is the paradoxical law of all sentiments having terror as a basis.
It's sort of exactly the same as it was back in 1998. You know, we're living in the world that we created. This isn't a surprise. You know, we talked about 17 years ago.
||insecure until demonstrated otherwise
|| 9:16 pm EDT, Jun 18, 2015
Everything should be believed insecure until demonstrated otherwise.
George V. Neville-Neil:
I often think that programmers shouldn’t just be given offices instead of cubicles, but padded cells. Think of how much the company would save on medical bills if everyone had a cushioned wall to bang their heads against, instead of those cheap, pressboard desks that crack so easily.
Qualys SSL Report:
SSL Report: blogs.rsa.com (220.127.116.11)
Assessed on: Fri, 19 Jun 2015
Overall Rating: T
This server's certificate is not trusted, see below for details.
Server Key and Certificate #1
Common names: Parallels Panel MISMATCH
Trusted: No NOT TRUSTED
Path #1: Not trusted (path does not chain to a trusted anchor)
Sent by server
Not in trust store Parallels Panel Self-signed
RSA 2048 bits (e 65537) / SHA1withRSA
Weak or insecure signature, but no impact on root certificate
A certificate is invalid if:
It is used before its activation date
It is used after its expiry date
Certificate hostnames don't match the site hostname
It has been revoked
$ curl -vvv "https://blogs.rsa.com"
* About to connect() to blogs.rsa.com port 443 (#0)
* Trying 18.104.22.168...
* Connected to blogs.rsa.com (22.214.171.124) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS alert, Server hello (2):
* SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
* Closing connection #0
$ wget -vd "https://blogs.rsa.com"
Resolving blogs.rsa.com... 126.96.36.199
Caching blogs.rsa.com => 188.8.131.52
Connecting to blogs.rsa.com|184.108.40.206|:443... connected.
Created socket 3.
Releasing 0x0000000001e61fd0 (new refcount 1).
Initiating SSL handshake.
Handshake successful; connected socket 3 to SSL handle 0x0000000001e631d0
subject: /C=US/ST=Virginia/L=Herndon/O=Parallels/OU=Parallels Panel/CN=Parallels Panel/emailAddressfirstname.lastname@example.org
issuer: /C=US/ST=Virginia/L=Herndon/O=Parallels/OU=Parallels Panel/CN=Parallels Panel/emailAddressemail@example.com
ERROR: cannot verify blogs.rsa.com’s certificate, issued by “/C=US/ST=Virginia/L=Herndon/O=Parallels/OU=Parallels Panel/CN=Parallels Panel/emailAddressfirstname.lastname@example.org”:
Self-signed certificate encountered.
ERROR: certificate common name “Parallels Panel” doesn't match requested host name “blogs.rsa.com”.
To connect to blogs.rsa.com insecurely, use ‘--no-check-certificate’.
Closed 3/SSL 0x0000000001e631d0
|| 9:34 pm EDT, Jun 17, 2015
Because of the lack of multifactor authentication ... the attackers would have been able to use [stolen] credentials at will to access systems from within and potentially even from outside the network.
Society needs to relearn the art of public and private disapproval and how to make those who engage in undesirable behavior feel some sense of shame.
You can't even bother to set up two-factor authentication? Fucking Twitter has two-factor authentication, man.
Significantly better forms of network protections may not come for "years and years," said Tony Scott, CIO of OMB.
Interior CIO Sylvia Burns ... [said] that some of the legacy systems ... would require a full rewrite.
Michael S. Schmidt:
[It] would represent the first known case of corporate espionage in which a professional sports team hacked the network of another team.
The intrusion did not appear to be sophisticated, the law enforcement officials said.
She [said] she was "doing her best" to deal with the fallout of the hack, to which Mulvaney responded: "That's what frightens me ... that this is the best of your ability."
Last year, an IG audit recommended that OPM shut down some of its networks because they were so vulnerable. Archuleta declined, saying it would interfere with the agency's mission.
The hackers were already inside her networks ...
A consultant [said] he found the ... administrator ... "in Argentina and his co-worker ... in [China] ... had direct access to every row of data ... they were root.
This internet thing is out of control.
It is disappointing, if not surprising, that [officials] see a need for public debate only when new technologies may impair their ability to monitor us, and not when such technologies enhance their monitoring.
It won't be so easy for the US to express indignant outrage just because it's on the opposite side of the surveillance this time.