Current Berkman People and Projects

Keep track of Berkman-related news and conversations by subscribing to this page using your RSS feed reader. This aggregation of blogs relating to the Berkman Center does not necessarily represent the views of the Berkman Center or Harvard University but is provided as a convenient starting point for those who wish to explore the people and projects in Berkman's orbit. As this is a global exercise, times are in UTC.

The list of blogs being aggregated here can be found at the bottom of this page.

April 25, 2014

Bruce Schneier
Metaphors of Surveillance

There's a new study looking at the metaphors we use to describe surveillance.

Over 62 days between December and February, we combed through 133 articles by 105 different authors and over 60 news outlets. We found that 91 percent of the articles contained metaphors about surveillance. There is rich thematic diversity in the types of metaphors that are used, but there is also a failure of imagination in using literature to describe surveillance.

Over 9 percent of the articles in our study contained metaphors related to the act of collection; 8 percent to literature (more on that later); about 6 percent to nautical themes; and more than 3 percent to authoritarian regimes.

On the one hand, journalists and bloggers have been extremely creative in attempting to describe government surveillance, for example, by using a variety of metaphors related to the act of collection: sweep, harvest, gather, scoop, glean, pluck, trap. These also include nautical metaphors, such as trawling, tentacles, harbor, net, and inundation. These metaphors seem to fit with data and information flows.

The only literature metaphor used is the book 1984.

This is sad. I agree with Daniel Solove that Kafka's The Trial is a much better literary metaphor. This article suggests some other literary metaphors, most notably Philip K. Dick. And this one suggests the Eye of Sauron.

by Bruce Schneier at April 25, 2014 06:47 AM

Dan Geer on Heartbleed and Software Monocultures

Good essay:

To repeat, Heartbleed is a common mode failure. We would not know about it were it not open source (Good). That it is open source has been shown to be no talisman against error (Sad). Because errors are statistical while exploitation is not, either errors must be stamped out (which can only result in dampening the rate of innovation and rewarding corporate bigness) or that which is relied upon must be field upgradable (Real Politik). If the device is field upgradable, then it pays to regularly exercise that upgradability both to keep in fighting trim and to make the opponent suffer from the rapidity with which you change his target.

The whole thing is worth reading.

by Bruce Schneier at April 25, 2014 06:27 AM

Tails

Nice article on the Tails stateless operating system. I use it. Initially I would boot my regular computer with Tails on a USB stick, but I went out and bought a remaindered computer from Best Buy for $250 and now use that.

by Bruce Schneier at April 25, 2014 06:19 AM

Friday Squid Blogging: Squid Jigging

Good news from Malaysia:

The Terengganu International Squid Jigging Festival (TISJF) will be continued and become an annual event as one of the state's main tourism products, said Menteri Besar Datuk Seri Ahmad Said.

He said TISJF will become a signature event intended to enhance the branding of Terengganu as a leading tourism destination in the region.

"Beside introducing squid jigging as a leisure activity, the event also highlights the state's beautiful beaches, lakes and islands and also our arts, culture and heritage," he said.

I assume that Malaysian squid jigging is the same as American squid jigging. But I don't really know.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

by Bruce Schneier at April 25, 2014 05:11 AM

The Security of Various Programming Languages

Interesting research on the security of code written in different programming languages. We don't know whether the security is a result of inherent properties of the language, or the relative skill of the typical programmers of that language.

The report.

by Bruce Schneier at April 25, 2014 03:39 AM

Conversnitch

Surveillance is getting cheaper and easier:

Two artists have revealed Conversnitch, a device they built for less than $100 that resembles a lightbulb or lamp and surreptitiously listens in on nearby conversations and posts snippets of transcribed audio to Twitter. Kyle McDonald and Brian House say they hope to raise questions about the nature of public and private spaces in an era when anything can be broadcast by ubiquitous, Internet-connected listening devices.

This is meant as an art project to raise awareness, but the technology is getting cheaper all the time.

The surveillance gadget they unveiled Wednesday is constructed from little more than a Raspberry Pi miniature computer, a microphone, an LED and a plastic flower pot. It screws into and draws power from any standard bulb socket. Then it uploads captured audio via the nearest open Wi-Fi network to Amazon's Mechanical Turk crowdsourcing platform, which McDonald and House pay small fees to transcribe the audio and post lines of conversation to Conversnitch's Twitter account.

Consumer spy devices are now affordable by the masses. For $54, you can buy a camera hidden in a smoke detector. For $80, you can buy one hidden in an alarm clock. There are many more options.

by Bruce Schneier at April 25, 2014 02:51 AM

Info on Russian Bulk Surveillance

Good information:

Russian law gives Russia’s security service, the FSB, the authority to use SORM (“System for Operative Investigative Activities”) to collect, analyze and store all data that transmitted or received on Russian networks, including calls, email, website visits and credit card transactions. SORM has been in use since 1990 and collects both metadata and content. SORM-1 collects mobile and landline telephone calls. SORM-2 collects internet traffic. SORM-3 collects from all media (including Wi-Fi and social networks) and stores data for three years. Russian law requires all internet service providers to install an FSB monitoring device (called “Punkt Upravlenia”) on their networks that allows the direct collection of traffic without the knowledge or cooperation of the service provider. The providers must pay for the device and the cost of installation.

Collection requires a court order, but these are secret and not shown to the service provider. According to the data published by Russia’s Supreme Court, almost 540,000 intercepts of phone and internet traffic were authorized in 2012. While the FSB is the principle agency responsible for communications surveillance, seven other Russian security agencies can have access to SORM data on demand. SORM is routinely used against political opponents and human rights activists to monitor them and to collect information to use against them in “dirty tricks” campaigns. Russian courts have upheld the FSB’s authority to surveil political opponents even if they have committed no crime. Russia used SORM during the Olympics to monitor athletes, coaches, journalists, spectators, and the Olympic Committee, publicly explaining this was necessary to protect against terrorism. The system was an improved version of SORM that can combine video surveillance with communications intercepts.

EDITED TO ADD (4/23): This article from World Policy Journal is excellent.

by Bruce Schneier at April 25, 2014 01:29 AM

Is Google Too Big to Trust?

Interesting essay about how Google's lack of transparency is hurting their trust:

The reality is that Google's business is and has always been about mining as much data as possible to be able to present information to users. After all, it can't display what it doesn't know. Google Search has always been an ad-supported service, so it needs a way to sell those users to advertisers -- that's how the industry works. Its Google Now voice-based service is simply a form of Google Search, so it too serves advertisers' needs.

In the digital world, advertisers want to know more than the 100,000 people who might be interested in buying a new car. They now want to know who those people are, so they can reach out to them with custom messages that are more likely to be effective. They may not know you personally, but they know your digital persona -- basically, you. Google needs to know about you to satisfy its advertisers' demands.

Once you understand that, you understand why Google does what it does. That's simply its business. Nothing is free, so if you won't pay cash, you'll have to pay with personal information. That business model has been around for decades; Google didn't invent that business model, but Google did figure out how to make it work globally, pervasively, appealingly, and nearly instantaneously.

I don't blame Google for doing that, but I blame it for being nontransparent. Putting unmarked sponsored ads in the "regular" search results section is misleading, because people have been trained by Google to see that section of the search results as neutral. They are in fact not. Once you know that, you never quite trust Google search results again. (Yes, Bing's results are similarly tainted. But Microsoft never promised to do no evil, and most people use Google.)

by Bruce Schneier at April 25, 2014 01:05 AM

April 24, 2014

PRX
Foghorns and Your ABCs: Second Ear, Round One
Photo by Annie McEwen

Photo by Annie McEwen

We had so many great submissions to Second Ear—our monthly mini-workshop—we couldn’t pick just one. So we’re kicking it off with two producers. Congratulations, Annie McEwen and Claire Navarro!

Annie’s been working on “an experiment in heartbreak” with non-narrated meditation and metaphor. Claire hosts her own podcast about research at Washington University in St. Louis. They’ve got two different approaches to very different topics.

After listening on repeat and scribbling notes, we workshopped with both of them today. Annie and Claire are heading back to the studio for clipping and cutting and lots of re-writing. We’ll see what they come up with in two weeks.

You can track #SecondEar on Twitter to follow along. What would you like to hear in Draft 2?

 

The post Foghorns and Your ABCs: Second Ear, Round One appeared first on Public Radio Exchange.

by Erika Lantz at April 24, 2014 07:42 PM

Nick Grossman
"there seems to be a rule that, if you’re to become FCC Commissioner, you can’t take a..."
“there seems to be a rule that, if you’re to become FCC Commissioner, you can’t take a solid stand, but instead have to take a weak middle ground position and pretend it’s a strong stand.”

-

Weasel Language In Proposal For FCC’s New ‘Open Internet’ Rules Actually Opens The Door To An End To Net Neutrality | Techdirt

Masnick at his best

April 24, 2014 05:29 PM

Dan Gillmor - Guardian
The FCC is about to axe-murder net neutrality. Don't get mad get even | Dan Gillmor

The former cable and wireless industry lobbyist Tom Wheeler is re-writing rules in favor of the telecom giants not you, me or the internet. Here's what you can do to stop him

In January, a federal appeals court rejected regulations designed to assure some measure of fairness in the way America's internet service providers (ISPs) handle information traveling through their networks. The problem, according to the court, was not so much that the Federal Communications Commission (FCC) couldn't insist on what is called "network neutrality" the idea that customers, rather than ISPs, should decide priorities for information they get online. No, the issue was that the FCC had tried to impose broadband rules under the wrong regulatory framework. And the court all but invited the FCC to fix its own mistake and rewrite its own updated rules.

The FCC's new chairman, the former cable and wireless industry lobbyist Tom Wheeler, said he would comply, rather than appeal. "Preserving the Internet as an open platform for innovation and expression while providing certainty and predictability in the marketplace is an important responsibility of this agency," he said in a February statement.

Continue reading...

by Dan Gillmor at April 24, 2014 04:34 PM

Bruce Schneier
Overreacting to Risk

This is a crazy overreaction:

A 19-year-old man was caught on camera urinating in a reservoir that holds Portland's drinking water Wednesday, according to city officials.

Now the city must drain 38 million gallons of water from Reservoir 5 at Mount Tabor Park in southeast Portland.

I understand the natural human disgust reaction, but do these people actually think that their normal drinking water is any more pure? That a single human is that much worse than all the normal birds and other animals? A few ounces distributed amongst 38 million gallons is negligible.

Another story.

by Bruce Schneier at April 24, 2014 02:05 PM

Harry Lewis
Book Club online chat
Sorry for the late notice, but at 10:20am today (April 24) Ellen Condliffe Lagemann and I will be chatting about our book "What is College For?" on the site of the Chronicle of Higher Ed Book Club.

Added later: I understand that the video will be posted later on that site.

by Harry Lewis (noreply@blogger.com) at April 24, 2014 01:43 PM

David Weinberger
Tell the FCC that selling fast lanes to big corporations is NOT what we mean by Net Neutrality

Pardon my brevity (I’m traveling), but if you care about preserving the Internet as a place where innovation isn’t squashed by the inertia of the incumbents, then let FCC Chairman Tom Wheeler know that his proposed “Net Neutrality” policy is a non-starter. [Ars Technica] [WaPo] [Mashable] [NY Times] [Wheeler's response, via Verge]

Here are the email addresses of the four commissioners + Wheeler who are eagerly awaiting your opinion. Public response matters.


Scott Bradner, one of the shapers of the Internet, wrote to a mailing list today:

It seems to me that the value of “fast lanes” only comes when there is enough congestion to mean that the normal lane is not useful -

Maybe the ISPs will have an incentive to ensure that the normal service sucks.

Good point.

by davidw at April 24, 2014 01:21 PM

Shane Greenstein
The Fault Lines Along Fast Lanes

highwayUntil recently, a fast lane from a broadband ISP was a remote possibility in the US. ISPs had to give data equal treatment, regardless of the source, and could not offer faster delivery for a higher price while giving slower service as a default.

Although fast lanes were allowed by regulators a few years ago in the wireless networks, the carriers hesitated to offer them. In December 2013, AT&T Wireless broke with the norm and announced just such a program. FCC regulations forbidding fast lanes at landline broadband ISPs had also prevented them, but a January 2014 US appeals courts struck down those regulations.

Is that a good or bad trend? The answer depends on who’s talking. Critics of government regulation despise the rules forbidding fast lanes, whereas net neutrality supporters view the presence of fast lanes as a nightmare come to life.

Legal and political aspects of this topic typically get most of the attention, as do the implications for the variety of speech online. Most reporters find these aspects interesting, and understand them. However, the economics of fast lanes receives less attention. That is a surprise, because the economics is not very difficult, and it’s worth understanding. It illuminates the fault lines between many different points of view.

Mirrors and servers

The public Internet has evolved considerably since the days when the design for packet networks presumed that the message did not have to arrive at an inbox immediately. Users today prefer and expect speedier services. That goes for more than just IP telephony and video chat, where users notice the smallest delay. It also holds true for video, such as YouTube and many online games. Many providers believe it also affects the bottom line—namely, that users switch services if they do not get fast delivery of data.

Long before fast lanes became a real possibility, many participants in the Internet made investments aimed at reducing delays. For example, for some time now, Akamai has sold a well-known approach to improving speed. Their service also defines the first fault line, so this is a good place to start the discussion. Opponents to net neutrality ask why Akamai can operate a business to speed up data delivery but a carrier cannot.

Akamai’s service supports servers inside ISPs, closer to households. Any seriously large Internet content firm must buy these services, and it is considered a cost of doing business online. Many ISPs like working with Akamai, because their customers experience better service without much investment from the ISP.

That is not the only method for speeding up data. For example, Google has bypassed Akamai’s charges in many locations by building its own data network to ISPs. Netflix has recently sought to do the same, though it is not quite done (because it has not successfully negotiated a presence with every US ISP). Any gathering of more than three Internet engineers will generate discussion of even more potential solutions in the cloud. Amazon built a content delivery network with enormous geographic range. Microsoft has similar investments and aspirations, as does IBM. The list goes on.

That leads to the deeper question. The last few years have witnessed robust experimentation among distinct approaches to functional improvement, and these might be either complements to, or substitutes for, each other. Accordingly, carriers have had two roles. They act as a firm whose users benefit from faster delivery, and they act as a supplier that could choose to cooperate—or refuse to cooperate—with solutions offered by others.

When a carrier had no investments in fast lanes, it had every reason to cooperate with solutions offered by others. Will that change if the carrier has its own fast lane?

The answer defines a fault line between points of view. Some observers label this a possibility that might never arise. They want a regulatory response only when a problem emerges, and otherwise they anticipate that a regulator will err. Net neutrality supporters think regulators have an obligation to protect the Internet. Advocates worry that introducing fast lanes messes with a system that already works well. They do not trust carriers to cooperate with solutions that might substitute for a fast lane business or threaten an investment in some way.

Competition and monopoly

The next fault line has to do with the role of money. Defenders of fast lanes expect them to become a cost of doing business for content firms, and forecast that fast lanes will be profitable and generate more investment. Opponents have the same forecast about profitability, but a different interpretation. They worry that fast lanes will lead to an Internet where only rich firms can deliver their content effectively.

This concern tends to get plenty of press, and a few rhetorical questions illuminate the fault line. Will the default speeds offered by ISPs be good enough for startups or for small specialty websites? One side believes that the defaults will be good enough, whereas the other believes that fast lanes will lead ISPs to neglect investing in their slow services.

One’s point of view about the state of competition for ISPs has a big role in interpreting the role of money. Some believe a competitive ISP market would melt away most problems. Others argue that belief about competitive ISP markets is a fantasy and masks many dangers.

The belief in competition is not a belief in magic, so it is worth examining. Rather, this side views competition as a painful process. In competitive markets, customers substitute into alternatives if they do not like what a supplier does. Suppliers hesitate to do things that make their users angry. In other words, ISPs would compete for customers by offering better fast lanes. In this view, users would get angry if they perceived that carriers were slowing down content from firms they cared about, and angry users would find another carrier.

Where is the fault line? Recognize the two key factors that make ideal competitive markets operate well—namely, transparency and the availability of many user options.

Just about everybody is in favor of transparency, but not necessarily more of it if rules require it. Those with faith in competitive processes tend to see the merits in nothing more than a few light-handed requirements, such as programs to facilitate measuring the speed of different ISPs. The other side asks for much more, such as the publication of all fast lane contracts (more on that later).

As for the second concern about options, consider the key open question: Do users have many options available to them, or do they face de facto monopoly ISP markets? Once again, there are different beliefs about the preponderance of competition and monopoly found throughout locales of the US. Those who presume that competition is inadequate lack sympathy for leaving ISPs alone (versus those who presume it is adequate).

That also leads to different interpretation about how lucrative fast lanes will be. Supporters of fast lanes say that ISPs should charge whatever the market will bear, and competition will discipline pricing. Opponents say that the monopolies emerged from granting public franchises and use of public rights of way, and characterize high prices as misuse of utility franchises.

A classic debate about government merger policy also arises. Net neutrality supporters argue that fast lanes give ISPs artificial incentives to consolidate in order to increase their bargaining leverage with content providers, thus concentrating economic power in ISPs. Net neutrality opponents do not see anything wrong with large ISPs. In a competitive market, size is irrelevant.

Mixed incentives

The foregoing leads into the last fault line in discussions about fast lanes—namely, views about mixed incentives at carriers. A mixed incentive arises when a carrier distributes a service that substitutes for one available on the public Internet.

Many broadband ISPs have a thriving broadband service and provide video on demand, and make a pretty good margin on both services. Will most cable firms want to sell a fast lane service to Netflix at a low price? If the carrier did not make money on video on demand, then a carrier’s price for a fast lane for Netflix would be lower, and the same goes for entrepreneurial firms offering video services. That also begins to suggest the intuition behind the concern that cable firms will tilt their other actions against online video to protect their existing businesses.

Mixed incentives also come up in discussions about scrutinizing carrier contracting practices. To put this fault line in perspective, consider a hypothetical scenario: What would happen after a carrier sells a fast lane to, say, ESPN? Can anyone else expect the same terms, even Netflix? Yet again, one side argues that competition will solve these issues, and the other sees a need for regulatory intervention to make terms of fast lane contracts public.

A mixed incentive also can emerge when a carrier has an economic incentive to protect its partner’s business in which it gets a cut. In other words, is it okay if ESPN gets a better deal than Fox Sports because an ISP made a deal with the local team who competes with something done by Fox Sports? The same fault line as just mentioned: should competition solve this question, or should governments intervene to publish fast lane contracts? Should ISPs be required to give the same terms to all takers?

To summarize, the fault lines between perspectives hinge crucially on several beliefs about the economics. Forecasts depend on whether the observer sees a preponderance of competitive or monopoly markets for ISP services. They also depend on whether transparency resolves potential problems.

 

Copyright held by IEEE. To view the original, see here.

mouseonmouse


Filed under: Broadband, Considering topical questions, Essays, Internet economics and communications policy

by Shane Greenstein at April 24, 2014 01:38 AM

April 23, 2014

Bruce Schneier
Book Title

I previously posted that I am writing a book on security and power. Here are some title suggestions:

  • Permanent Record: The Hidden Battles to Capture Your Data and Control Your World

  • Hunt and Gather: The Hidden Battles to Capture Your Data and Control Your World

  • They Already Know: The Hidden Battles to Capture Your Data and Control Your World

  • We Already Know: The Hidden Battles to Capture Your Data and Control Your World

  • Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World

  • All About You: The Hidden Battles to Capture Your Data and Control Your World

  • Tracked: The Hidden Battles to Capture Your Data and Control Your World

  • Tracking You: The Forces that Capture Your Data and Control Your World

  • Data: The New Currency of Power

My absolute favorite is Data and Goliath, but there's a problem. Malcolm Gladwell recently published a book with the title of David and Goliath. Normally I wouldn't care, but I published my Liars and Outliers soon after Gladwell published Outliers. Both similarities are coincidences, but aping him twice feels like a bit much.

Anyway, comments on the above titles -- and suggestions for new ones -- are appreciated.

The book is still scheduled for February publication. I hope to have a first draft done by the end of June, and a final manuscript by the end of October. If anyone is willing to read and comment on a draft manuscript between those two months, please let me know in e-mail.

by Bruce Schneier at April 23, 2014 05:05 PM

Justin Reich
The Ed-Tech Startup Bonanza and Fed Policy
The EdTech start-up boom is more a result of Federal Reserve monetary policy than changing conditions in schools or learners' lives.

by Justin Reich at April 23, 2014 02:51 PM

John Palfrey
Master Class with Chris Hughes, Phillips Academy ’02 on Hannah Arendt’s “Responsibility and Judgment”

We have the great privilege today of Chris Hughes‘ visit to Andover.  Chris graduated from Phillips Academy in 2002.  He returns today to teach a master-class with me, to give the All School Meeting address, and to meet with various groups on campus.  The master class takes as its starting point a text: Hannah Arendt’s lecture entitled “Personal Responsibility Under Dictatorship,” published in the book “Responsibility and Judgment.”  In this lecture, delivered in 1964, Arendt responded to criticism of things she previously wrote about the trial of the Nazi leader Eichmann.  The students in the room today come from two classes, one in our Religion and Philosophy department (taught by Tom Hodgson) and one on bioethics (team-taught by Vincent Avery and Christine Marshall-Walker).

Chris starts the class by asking a student to read aloud a section from near the end of Arendt’s lecture: “The total moral collapse of respectable society during the Hitler regime may teach us that under such circumstances those who cherish values and hold fast to moral norms and standards are not reliable: we now know that moral norms and standards can be changed overnight, and that all that then will be left is the mere habit of holding fast to something.”  Chris asks the group if norms can be changed as quickly as table manners.

The class also focuses for most of the discussion on the role of non-participants in societies.  Arendt says that “the nonparticipants; called irresponsible by the majority, were the only ones who dared judge by themselves.”  Does opting-out of a society enable you to preserve your values?  What does it mean, in fact, to “opt out” of a society?  The class debates whether it is different to opt out of Nazi Germany; America during the McCarthy era; Apartheid South Africa (was Albie Sachs right that only a few hundred whites took any personal risk in resisting the Apartheid regime?); and today, in the “consumerist” society prevalent in most countries in Western Europe and North America, for instance.

Chris stresses the difficulty of total opting out: it is almost impossible not to be ensconced in a body politic.  It is extremely hard not to pay some taxes to support a system; to be, at a minimum, a bystander to important events in the lives of others; to have a voice in the society, whether in public or in private.

We explored the distinction between non-participation and non-obedience.  The students are not sold on the extent to which Arendt praises the non-participants, seeing non-obedience — more actively opposing a system — as essential to positive change.  The text splices the difference between “supporting” a regime and “obeying” it.  The exposure of this tension, which comes in at the end of the essay, may be the most important point.

One of our core jobs as teachers at Phillips Academy, as stated in our school’s constitution from 1778, is to help develop not just the minds but also the morals of the students in our care.  Conversations, such as the one led by Chris today and others led by our faculty on every day on campus, are essential aspects of this kind of an education.


by jgpalfrey at April 23, 2014 02:24 PM

April 22, 2014

Berkman Center front page
Upcoming Events: Cyberscholars (4/28); Living with Data (4/29); Smartphones, digital news & the world’s biggest election (5/6)
Berkman Events Newsletter Template
cyberscholars

Cyberscholar Working Group at MIT

Monday, April 28, 6:00pm ET, MIT Center for Civic Media

The Cyberscholar Working Group is a forum for fellows and affiliates of MIT, Yale Law School Information Society Project, Columbia University, and the Berkman Center for Internet & Society at Harvard University to discuss their ongoing research.. Each session is focused on the peer review and discussion of current projects submitted by a presenter. Meeting alternatively at Harvard, MIT, Yale, the working group aims to expand the shared knowledge of young scholars by bringing together these preeminent centers of thought on issues confronting the information age. Discussion sessions are designed to facilitate advancements in the individual research of presenters and in turn encourage exposure among the participants to the multi-disciplinary features of the issues addressed by their own work. This month's presentations include: "IANA Transfer: To fear or not to fear", Pranesh Prakash, Postdoctoral Associate in Law and Access to Knowledge Fellow for the Information Society Project. More TBA.

more information on our website>

berkman luncheon series

Living with Data: Stories that Make Data More Personal

Tuesday, April 29, 12:30pm ET, Berkman Center for Internet & Society, 23 Everett St, 2nd Floor. This event will be webcast live.

berkman

We are becoming data. Between our mobile phones, browser history, wearable sensors, and connected devices in our homes, there's more data about us than ever before. So how are we learning to live with all this data? Inspired by her ethnographic interview work with members of the quantified self community, Sara hopes to make these larger systemic shifts more relateable and concrete with personal narratives. This talk will share some examples of how we find clues, investigate, and reverse engineer what's going on with our data, and call for more stories to help personalize our evolving relationship to data and the algorithms that govern it.

Sara M. Watson is a Fellow at the Berkman Center for Internet and Society at Harvard University. Her work addresses how individuals are learning to live with their personal data, in particular as more technologies like wearable sensors and the Internet of Things tie our bodies and our physical environment to data. RSVP Required. more information on our website>

berkman luncheon series

Cheap smartphones, digital news and the world’s biggest election

Tuesday, May 6, 12:30pm ET, Berkman Center for Internet & Society, 23 Everett St, 2nd Floor. This event will be webcast live.

berkman

On June 1, 2014 the world’s biggest democracy, India, will have a new government, after an enormous, complex election taking place over several weeks. This is probably the country’s first proper ‘digital’ election, with Internet-based campaigning and journalism coming to the fore. Those who are connected will see a very different election to those that have gone before

However, we have to remember that even at the most optimistic estimates, no more than a sixth of Indians have access to the Internet. That’s a billion people who are being left behind. But smartphones are getting cheaper and mobile internet connections are becoming more easily available. The new Internet users will demand content that won’t be in English, that doesn’t necessarily demand high levels of literacy and works well on basic devices with erratic connections.

Hasit, a Nieman-Berkman Fellow at Harvard and Senior Producer for BBC News in London, is researching models for digital news designed for this type of user and will speak about his findings.

Hasit Shah is a senior producer at BBC News in London. He is a 2014 Nieman-Berkman Fellow in Journalism Innovation at Harvard and he will study the rapid growth and development of digital media in India and its impact on journalism, society, popular culture, political discourse, the economy and public policy. RSVP Required. more information on our website>

book launch

The Social Machine

Tuesday, May 20, 6:00pm ET, Harvard Law School. Free and Open to the Public.

berkman

Online, interface designs fashion people's appearance, shape their communication and influence their behavior. Can we see another’s face or do we know each other only by name? Do our words disappear forever once they leave the screen or are they permanently archived, amassing a history of our views and reactions? Are we aware of how public or private our surroundings are?

In “The Social Machine”, Judith Donath addresses topics such visualizing conversations and networks; portraying identity with data and history; delineating public and private space, and bringing the online world's open sociability into the face to face world. “The Social Machine” is a manifesto for balancing legibility, social responsibility and innovation -- and a manual for designing radically new environments for social interaction.

Judith Donath synthesizes knowledge from urban design, evolutionary biology and cognitive science to design innovative interfaces for on-line communities and virtual identities. A Harvard Berkman Faculty Fellow and formerly director of the MIT Media Lab's Sociable Media Group, she is known internationally for her writing on identity, interface design, and social communication. RSVP Required. more information on our website>

video/audio

Intelligence Gathering and the Unowned Internet

berkman

The long-term viability of an unowned, open Internet remains in question. Any analysis of where the Internet is headed as a protocol and a platform must take into account the activities of both public and private entities that see the Internet as a source of intelligence -- and a field of contention. Yochai Benkler, Bruce Schneier, and Jonathan Zittrain of the Berkman Center are joined by John DeLong and Anne Neuberger of the National Security Agency in a conversation moderated by Berkman Faculty Director Terry Fisher on the future of an open internet in the face of challenges to privacy in an unsecure world. This talk was co-sponsored by: the Berkman Center for Internet & Society, the Harvard Law School American Civil Liberties Union, Harvard Civil Rights-Civil Liberties Law Review, National Security Journal, and National Security and Law Association. video/audio on our website>

Other Events of Note

Local, national, international, and online events that may be of interest to the Berkman community:

You are receiving this email because you subscribed to the Berkman Center's Weekly Events Newsletter. Sign up to receive this newsletter if this email was forwarded to you. To manage your subscription preferences, please click here.

Connect & get involved: Jobs, internships, and more iTunes Facebook Twitter Flickr YouTube RSS

See our events calendar if you're curious about future luncheons, discussions, lectures, and conferences not listed in this email. Our events are free and open to the public, unless otherwise noted.

by ashar at April 22, 2014 09:48 PM

MediaBerkman
Elisa Kreisinger on Fair Use(r): Art and Copyright Online [AUDIO]
With the democratization of content creation came the democratization of the overzealous copyright claim. Do private agreements between copyright holders and hosting platforms such as YouTube’s Content ID system compromise artist’s fair use rights? In this open discussion Elisa Kreisinger — Brooklyn-based video artist and artist-in-residence at Public Knowledge — invites artists, users, and lawyers [...]

by Berkman Center for Internet & Society at Harvard Law School (djones@cyber.law.harvard.edu) at April 22, 2014 07:31 PM

PRX
PRX’s STEM Story Project 2.0

sciencethings_shutterstock

It’s baaack! PRX is excited to announce version 2.0 of our STEM Story Project!

In partnership with the Alfred P. Sloan Foundation, PRX will be holding another open call for radio stories inspired by STEM topics: Science, Technology, Engineering and Math. We have a pool of $58,000 to distribute among multiple projects.

Last year, PRX funded 16 open call stories about STEM, with topics spanning forensics, poison, human echolocation, DIY spacesuits, and more. They aired on national shows and stations throughout the country.

Our prime directive (as Spock would say) is to:

• Unleash highly creative, STEM-based original stories and productions
• Educate and excite listeners about STEM topics and issues
• Tell stories and explain STEM issues in new ways

Have an idea for a story? The proposal guidelines and application will be here later this week.

Applications will open May 5, 2014. The DEADLINE for applications is May 27, 2014 at 11:59PM ET.

Join us on April 30 at 2 p.m. ET for the STEM Story Project webinar to answer questions – register here.

If you can’t make or wait for the webinar, email your questions to stem@prx.org. But read the application and guidelines first when they come out later this week!

Follow #PRXSTEM on Twitter for all the latest.

Thank you!

John Barth
Genevieve Sponsler
Lily Bui

The PRX STEM Story Project Team

The post PRX’s STEM Story Project 2.0 appeared first on Public Radio Exchange.

by Lily Bui at April 22, 2014 06:22 PM

Dan Gillmor - Guardian
If Aereo wins at the supreme court and broadcasters pull TV off the air, so be it | Dan Gillmor

Sure, the streaming service and companies like Airbnb and Uber skirt the law, but that's better than the old-school cartel hoarding a public service

Plus: Aereo squares off with broadcasters at US supreme court

Explainer: why the Aereo case could change how we watch TV

In the endless war of incumbents versus insurgents, Tuesday's oral arguments at the US supreme court America's broadcast TV networks against a video-streaming startup called Aereo will ultimately be one small battle. But they remained a useful, if complex, illustration of the way a supposedly free-market economy has become so beholden to the needs, and whims, of entrenched interests.

And American Broadcasting Companies v Aereo reminds us how innovators in all sorts of arenas so often skirt the edges of legality indeed, how they regularly skip right over laws and regulations that are designed to protect the business of incumbency as much as, if not more than, to serve the public interest.

For those who are new to the Aereo case, it's all about broadcast-network panic over a service that bypasses telecom control over how and where viewers watch programming. "Free TV" broadcast over
airwaves lets you set up an antenna to collect the signal; you're allowed to then stream it from a device in your home to your laptop or other device. In giant clusters, Aereo sets up a tiny antenna for each customer, who can then stream it elsewhere in the same way.

Continue reading...

by Dan Gillmor at April 22, 2014 05:44 PM

Center for Research on Computation and Society (Harvard SEAS)
Heiko Mantel: New CRCS Visiting Scholar
Heiko Mantel: New CRCS Visiting Scholar
April 16, 2014

CRCS welcomes its newest Visiting Scholar, Heiko Mantel, who is visiting from the Technische Universität Darmstadt.

Heiko joined the faculty of the Computer Science Department at the TU Darmstadt in April 2007.

by wojcik at April 22, 2014 02:43 PM

Willow Brugh
Mutual Aid and The Crowd

Months ago, one of my friends at the Naval Defense University sent me an article from Scientific American on how social media is making crowds less predictable. It hit a nerve with me, my response being that “social media makes crowds more predictable to themselves.” The article talks about uprisings in various countries, popular choice, and collective action. It also cites this argument, shoehorning collective action into hierarchical framework, indicative of its missing the point.

Matthew Salganik, Peter Dodds, and Duncan Watts conducted large-scale experiments to investigate the effect of the strength of social influence on collective action. People were given a list of previously unknown songs from unknown bands. They listened to the songs and downloaded them if they wanted to. In the independent condition, people did not see other people’s choices. In the social influence condition, people saw how many times each song had been downloaded by others. The collective outcome in the social influence condition was more unequal. That is, popular choices were much more popular under social influence.

Crowds are only less predictable to the outside. They are becoming more predictable to themselves. Not talking about ranking, not talking about decision, simply speaking to awareness and therefore paths to action. This, to me, is related to the core disconnection in disaster response between official response’s view on social media/The Crowd as a resource to be tapped for situational awareness, and the mutual aid of The Crowd as self-organization. Formal organizations tend to think of The Crowd as an input function to their workflows. Their concerns therefore revolve around verifiability, bad actors, and predictability. A manifestation of this are the self-mapped roads in remote places via Open Street Map being grumbled over for not fitting into the data hierarchies of official responders. That is not the point of the maps being built.

These are identity politics on the scale of a community. These are people using a tool to their own ends, to support themselves, to gain better understanding of their world, not as a resource to be tapped. It is a group of people talking to itself. If institutions exist to serve collective purpose, their role here is to provide institutional knowledge (with awareness and self-reflection of bias), guiding frameworks (possibly), and response at scale (upon request). In this way, we can benefit from history and iterative learnings while escaping paternalistic ends.

Which brings us to responsible data practices. If data must be collected on a group of people, either ambiently  through things like the Firehose or directly provided, the output should be useful to those people. This is the difference that makes ethical digital response seeking the integration of multiple datasets to have better situational awareness, and what the NSA does. For instance, if you’re collecting information on homeless shelters and the movements of homeless individuals, the information should be able to be used by those folk to self-organize. Else we’re just recreating the systems we’ve been trying to get away from. We’re even making them more robust with new technologies, the biases hidden away in algorithms.

As a crowd comes to know itself better, the intelligence can becomes an embedded, rather than external, component. We start to see many eyes on the bugs of society.

by bl00 at April 22, 2014 01:58 PM

Berkman Center front page
Fair Use(r): Art and Copyright online

April 22, 2014 at 12:30pm ET
Berkman Center for Internet & Society, 23 Everett St, 2nd Floor

With the democratization of content creation came the democratization of the overzealous copyright claim. Do private agreements between copyright holders and hosting platforms such as YouTube’s Content ID system compromise artist's fair use rights? This open discussion invites artists, users and lawyers to share their copyright experiences with hosting platforms and debate the future of distributing digital arts works online.

About Elisa

Pop Culture Pirate is the digital home of Elisa Kreisinger, a Brooklyn-based video artist remixing pop culture. Her latest work includes mashing up Mad Men into feminists and The Real Housewives into lesbians. Elisa’s 2012 US Copyright Office testimony helped win crucial exemptions to the Digital Millennium Copyright Act, decriminalizing DVD ripping for artistic statements. She is a contributor to The Book of Jezebel and the forthcoming The Routledge Companion to Remix Studies. She is currently an artist-in-residence at Public Knowledge and Eyebeam Art and Technology Center. Elisa speaks around the world on the power of remix and remaking pop culture.

Links

by ashar at April 22, 2014 12:53 PM

April 21, 2014

Bruce Schneier
GoGo Wireless Adds Surveillance Capabilities for Government

The important piece of this story is not that GoGo complies with the law, but that it goes above and beyond what is required by law. It has voluntarily decided to violate your privacy and turn your data over to the government.

by Bruce Schneier at April 21, 2014 03:42 AM

April 20, 2014

David Weinberger
Minor Beatles

This video was over at the NY Times Crossword blog (where I discovered that I’d missed the really clever part of the theme):

I know I’m old, children, but keep in mind that that’s a minor Beatles song. And yet there is so much right about it. More or less perfect. And not nearly the best of what they gave us.

by davidw at April 20, 2014 09:00 PM

Ethan Zuckerman
Water monitoring in China, and the changing role of citizenship

This January, a few hundred employees of Alibaba, the massive online retailer and digital payments company, participated in an interesting experiment. Like many Chinese, they traveled home to celebrate the Lunar New Year. While at home, they used inexpensive water testing kits to sample water in their villages and uploaded their findings via smartphone to an environmental mapping website, Danger Maps. Employees measured water quality in 420 locations across 28 provinces, testing open bodies of water as well as sources of drinking water.

The experiment was a trial run for a much more ambitious rollout, announced this week. Jack Ma, Alibaba’s billionaire founder, announced that water testing kits would be sold through Taobao for between 65-80 yuan ($10-13) and invited the public to join his employees in becoming water quality monitors. Yang Fangyi, one of the managers of the Alibaba Foundation, explained that by mapping areas of poor water quality, the Foundation can work with local environmental authorities and NGOs to work on cleanup plans.

watermap
Test results posted to water.epmap.org

Environmental degradation is one of the most serious problems facing China. A report from the Chinese Academy for Environmental Planning suggests that China lost 3.5% of the nation’s GDP in environmental damages in 2010. Air pollution contributed to 1.2 million deaths in 2010, and journalists have compared Beijing’s air quality (unfavorably) to that in airport smoking lounges and industrial London on the most polluted days of the mid-20th century. Maintaining and improving air and water quality while continuing to rapidly industrialize are huge challenges for the country. Environmental issues are also an area where the Chinese government has been comparatively open about discussing problems and seeking international cooperation; Premier Li Keqiang addressed environmental problems in his address to the National People’s Congress last month, and US organizations that work with China report that it’s far easier to cooperate on environmental issues than on more sensitive issues like human rights or worker safety.

textkitpackaging

testkitcontents
The kit, and its contents

The little blue kit, manufactured by Greenovation Hub, may test China’s openness around environmental advocacy. Inside are tests for ph, Phosphates, Ammonia, Chemical Oxygen Demand (used to indirectly measure organic contaminants in water), and for five heavy metals, including cadmium and zinc. It’s more home chemistry lab than slick, sophisticated sensors – you’ll be dipping litmus paper into a stream and measuring the color that results, then entering the data into your phone if you participate in the project.

It’s unclear how many of Alibaba’s 500 million customers will purchase water quality kits and start uploading data to Danger Maps. Even if only a few participate, the implications could be very interesting. Land use issues are a major civic flashpoint in China. If farmers are able to document damage to the local watershed from a new factory, for instance, it might change the dialog, bringing nascent environmental watchdog organizations and government departments into the debate over land use.

Groups like Public Lab in the US and Safecast in Japan have been using crowdsourcing models to document environmental issues, monitoring water quality and radiation levels. Their work raises questions of whether we want citizens to be cooperative sensors, or citizen scientists. The latter is a high bar to cross – we need citizens not only to collect data but to formulate and test hypotheses. What we gain in exposing participants to the scientific process, we may lose in terms of data quality and believability. Safecast has traded accessibility for accuracy – their bGeigie geiger counter is pretty expensive in kit form, but is a lab-quality instrument, which allows Safecast to use the data collected to engage the Japanese government in dialog about post-Fukushima reconstruction. On the other hand, using a Safecast counter, it’s easy to feel like your job is simply that of a data collector, not someone figuring out the complex puzzle of when towns and villages will be safe to inhabit. (Safecast describes itself as a global sensor network, acknowledging that it’s strength is data collection, not the broader issue of citizen science.)

There’s a balance between accessible sensors, high-quality data and the ability for users to formulate and test hypotheses that crowdsensing projects need to wrestle with going forward – based on some of the results thus far, it seems like the Greenovation kit favors access over accuracy. (I suspect there’s not really that much standing water in China at ph10, despite reports on the map.) But it’s possible that communities affected by industrial pollution might purchase multiple sensors, organize testing plans and oversampling to improve accuracy. They might also look for sources of industrial runoff and test hypotheses about how industrial development is affecting their community. Consider a project from CMU called CATTFish. It’s a water monitor that sits in your toilet tank and measures temperature and conductivity to sense possible changes in groundwater quality. It’s designed for communities concerned about pollution from hydrofracking – with high quality, regularly updated data from multiple homes, a community could have an early warning system for detecting potential ill-effects from oil extraction. (h/t to Heather Craig, who introduced me to the project.)

I think there’s another subtle change we should watch for as well. Environmental crowdsensing is a form of monitorial citizenship, an idea we’ve been discussing a lot lately at Center for Civic Media. John Keane uses the term to describe the non-governmental and civic organizations that act as watchdogs, keeping governments honest and, sometimes, in check. Inspired in part by David Ronfeldt’s work on tribes, institutions, markets and networks, we’ve been looking at ways networked individuals can have similar monitorial power. The work we’re starting with Promise Tracker begins with asking citizens to monitor issues in their communities using mobile phones and will likely expand to asking citizens to use sensors to monitor water and air quality.

In our experiments with Promise Tracker in São Paulo and Belo Horizonte, using mobile phones to document community problems and governmental and community responses to them, we quickly learned that many people don’t just want to collect data – they want to use data to tell stories and to advocate for change. Will citizens become sensors or scientists? Participants or activists? This may also have a lot to do with whether Greenovation Hub wants to build a business model or a movement, and whether a powerful, visible figure like Jack Ma is willing to have Alibaba become the nexus of an emerging environmental movement. That might be more potent and less dangerous than having individual groups organize to address water quality issues on a small scale and face potential backlash from local authorities.

I’m interested in monitorial citizenship because I see monitoring powerful institutions – commercial, governmental and otherwise – as something one can do every day as a citizen. Elections come around every few years and get all the attention, but it’s possible that the real power of citizenship comes from the monitoring that takes place between the elections. In a Chinese context, where power doesn’t come through electoral mechanisms, monitorial citizenship may have even more power – it may be a more genuine, authentic, believable path to political power than others available to most Chinese citizens.

by Ethan at April 20, 2014 08:15 PM

David Weinberger
[2b2k] In defense of the library Long Tail

Two percent of Harvard’s library collection circulates every year. A high percentage of the works that are checked out are the same as the books that were checked out last year. This fact can cause reflexive tsk-tsking among librarians. But — with some heavy qualifications to come — this is at it should be. The existence of a Long Tail is not a sign of failure or waste. To see this, consider what it would be like if there were no Long Tail.

Harvard’s 73 libraries have 16 million items [source]. There are 21,000 students and 2,400 faculty [source]. If we guess that half of the library items are available for check-out, which seems conservative, that would mean that 160,000 different items are checked out every year. If there were no Long Tail, then no book would be checked out more than any other. In that case, it would take the Harvard community an even fifty years before anyone would have read the same book as anyone else. And a university community in which across two generations no one has read the same book as anyone else is not a university community.

I know my assumptions are off. For example, I’m not counting books that are read in the library and not checked out. But my point remains: we want our libraries to have nice long tails. Library long tails are where culture is preserved and discovery occurs.

And, having said that, it is perfectly reasonable to work to lower the difference between the Fat Head and the Long Tail, and it is always desirable to help people to find the treasures in the Long Tail. Which means this post is arguing against a straw man: no one actually wants to get rid of the Long Tail. But I prefer to put it that this post argues against a reflex of thought I find within myself and have encountered in others. The Long Tail is a requirement for the development of culture and ideas, and at the same time, we should always help users to bring riches out of the Long Tail

by davidw at April 20, 2014 01:44 PM

Bruce Schneier
Auditing TrueCrypt

Recently, Matthew Green has been leading an independent project to audit TrueCrypt. Phase I, a source code audit by iSEC Partners, is complete. Next up is Phase II, formal cryptanalysis.

Quick summary: I'm still using it.

by Bruce Schneier at April 20, 2014 11:16 AM

April 19, 2014

ProjectVRM
Market intelligence that flows both ways

This post is about creating a whole new customer-company relationship system, based in what Jon Udell and Phil Windley call The Internet of My Things. This system opens up a boundless frontier of market intelligence that flows both ways: from companies to customers, and from customers to companies. It obsoletes customer service as we know it today, and brings the best of truly personal (rather than “personalized”) customer service into the Internet Age. The examples I use are of products that have problems; but this post is not about those products or the companies that made them — although I would love for those companies to participate in the paradigm shift that is about to take place.


A couple years ago I bought a pair of moccasins at a shopping mall kiosk in Massachusetts. The brand was LAMO and the name was Mens Moc: Here’s one:

I like them a lot. They’re very comfortable and warm on winter mornings. In fact I still wear them, even though they are falling apart. Here is how they look now: You can see that the leather, laces and stitching are all fine. So is the wool lining. The problem is the sole. It has dried up and cracked into pieces. Every time I wear it, chunks fall off. In fact, I first thought about writing this when a piece of a heel with a LAMO logo on it looked up at me from under my desk. But I’m wearing them now, and I’ll probably keep wearing them after the soles come off completely. I would like to help LAMO learn from my experience. As of today, here are the four main choices for that:

  1. Do nothing (that’s the default)
  2. Send them an email
  3. Go on some website and talk about it. (A perfect Leighton cartoon in the March 17 New Yorker shows a couple registering at a hotel while the person behind the counter says, “If there’s anything we can do to make your stay more pleasant, just rant about it on the Internet.” So that’s a less used but common default.) 
  4. Get “social” by tweeting to @LAMOfootwear or whatever they’ve got on Facebook. (I avoid Facebook and haven’t checked.) For wisdom on “social” relations between brands and (presumed) fans, see Bob Hoffman‘s recent talk.

But we can improve on that, by giving these moccasins their own little virtual cloud, where LAMO and I can share intelligence about whatever we like — starting (on my side) with reports on my own experience. Phil Windley calls these clouds picos, for persistent compute objects. They have their own operating system (CloudOS), and don’t need intelligence on board. Just scan a QR code, and you’ll get to the pico. Here’s the code on one of my LAMO moccasins:

Go ahead and scan the code with your phone. Or take the short cut and click on it. You’ll get to a page that says it’s my moccasin.

But if I scan it, I can see whatever notes I’ve taken. Or whatever LAMO has put in there, with my permission. Also whatever programming has been done on it. Such as this logic: IF this is scanned, THEN send LAMO a note that Doc has a new entry in our common journal. Likewise, LAMO can send me a note saying that there is new information in the same journal. Maybe that information is a note telling me that the company has changed sole manufacturers, and that the newest Mens Mocs will be far more durable. Or maybe they’ll send a discount on a new pair. The correct answer for what goes in the common journal (a term I just made up — we’re in tabula rasa-ville here) is: whatever.

And that’s the key to the future of customer service, customer relationship management (CRM), call centersloyalty programs, continuous improvement and other business ideals. Go to those links (all to Wikipedia), and you’ll find most of them have “issues.” The reason they have issues is simple: the customer is not involved with any of them. They are industries talking to themselves. This is an old problem and it can only be fixed on the customer’s side. Before the Internet, solving things from the customer’s side — by making the customer the point of integration for their own data, and the decider about what gets done with that data — was impossible. After the Internet, it’s very possible, if we get our heads out of business as usual and put them back in our own lives. This will be good for business as well.

For example, last summer I had meetings with two call center companies, and reviewed this scenario:

  1. A customer scans the QR code on her cable modem
  2. This triggers a message to the call center saying “this customer has scanned the QR code on her cable modem”
  3. The call center checks to see if there is an outage in the customer’s area, and — if there is — how soon it will be fixed
  4. The call center sends a message back saying there’s an outage and that it will be fixed within X hours

In both cases they said “We want that!” Because they really do want to be fully useful. And — get this — they are programmable. Unfortunately, in too many cases they are programmed to avoid customers, or to treat them as templates rather than as individual human beings who might actually be able to provide useful information. This is old-fashioned mass-marketing thinking at work, and it sucks for everybody. It’s especially bad at delivering (literal) on-the-ground market intelligence from customers to companies.

Call centers would rather be sources of real solutions rather than just customer avoidance machines for companies and anger sinks for unhappy customers. The solution I’m talking about here takes care of that. And much more.

Now let’s go back to shoes.

I’m not a hugely brand-loyal kind of guy. I use Canon cameras because I liked the 5D‘s user interface more than the competing Nikon, and Canon’s lens prices were lower. Not because Canon photos were better. (I still prefer Nikon color, low-light performance and hand grip.) I use Apple computers because they’re easy to get fixed and I can drop into a Unix command line when I need to. I drive a Volkswagen Passat because I got mine at a good price from a friend moving out of the country. And I buy Rockport shoes because, on the whole, they’re pretty good.

Used to be they were great. That was in the ’70s and early ’80s when Saul and Bruce Katz, the founders, were still in charge. That legacy is still there, under Reebok ownership; but it’s clear that the company is much more on the mass marketing operation than it was back in the early days. Still, in my experience, they’re better than the competition. That’s why I buy their shoes. Rockports are the only shoes I’ve ever loved. And I’ve had many.

Here is a photo I just took of wear-and-tear on two pairs of Rockport casual shoes I often wear:

Shots 1 and 2 are shoes I bought in June 2012, and are no longer sold, near as I can tell. (Wish they were.) Shots 3 and 4 are Off The Coast 2 Eye, which I bought in late 2013, but didn’t start wearing a lot until early this year. I bought both at the Rockport store in Burlington Mall, near Boston. I like that store too.

The first pair has developed a hole in the heel and eyelet grommets for the laces around the side of the shoe. The hole isn’t a big deal, except that it lets in water. The loose eyelets are only a bother when I cross my feet sitting down: they bite into the other ankle. The separating outer sole of the second pair is a bigger concern, because these shoes are still essentially new, and look new except for this one flaw. A design issue is the leather laces, which need to be double-knotted to keep from coming undone, and even the double-knots come undone as well. That’s a quibble, but perhaps useful for Rockport to know.

I’d like to share these experiences privately with Rockport, and for that process to be easy. Same with my experiences with LAMO moccasins.

It could be private if Rockport and LAMO footwear came with QR codes for every pair’s pico — it’s own cloud. Customers would buy the cloud along with the shoe. And then they would have their own shared journal and message space, as well as a programmable system for creating and improving the whole customer-company relationship. They could also get social about their dialogs in their own ways, rather than only in today’s Facebook and Twitter, which are the least private and personal places imaginable.

This kind of intelligence exchange can only become a standard way for companies and customers to learn from each other if the code for picos is open source. If Rockport or LAMO try to “own the customer” by locking him or her into a closed company-controlled system — the current default for customer service — the Internet of Things will be the Compuserve + AOL + Prodigy of things. Those “online services” were as close as we could get to the Internet before the Internet itself — an open source system at its base — came along. Even sending emails from one of those services to the other was nearly impossible. Customers were captive inside silos.

One big thing that made the Internet succeed was substitutability of services. Cars, banks, and countless other product categories you can name are large and vital because open and well understood standards and practices at their base have made substitutability possible. Phil Windley says we can’t have a true Internet of Things without it, and I agree.

Far as I know, the only code ready to begin scaffolding picos is Phil’s CloudOS and KRL. But for these — or anything like them — to catch on, we’re going to need a lot more developers thinking outside the silos that comprise the entirety of Internet of Things work going on now. This post is an appeal to those developers.

By the way, Phil believes that cars are the best vertical to start out with. I think he’s right. But shoes are in front of me right now, so I’m using them as an example. And the example works for everything. Literally.

by Doc Searls at April 19, 2014 04:29 PM

Berkman Center front page
Berkman Buzz: April 19, 2014

The Berkman Buzz is selected weekly from the posts of Berkman Center people and projects.
To subscribe, click here.

The Berkman Center is seeking a Communications Manager to help increase the visibility, accessibility, understanding, and reach of our work and activities. More information and application directions are here!

"euandi," a voting advice application for the 2014 European Parliament elections, launches

Quote

euandi, a new Voting Advice Application (VAA) helps citizens make informed choices in their 2014 European Parliament (EP) vote.

Available in 24 languages, euandi invites users to react to 28 policy statements covering a wide range of contemporary policy issues and political values in European politics, as well as two policy statements specific to the user’s national political context.

Developed by the European University Institute in Florence, Italy, euandi provides voters with a clear view of the European electoral campaign and their individual positions within it.

From the Berkman Center, ""euandi", a path-breaking Voting Advice Application for the 2014 European Parliament elections"

Quotation mark

Many strange and wonderful things come from @civicMIT. @ThePeoplesBot may well be the strangest: thepeoplesbot.com
>—Ethan Zuckerman (@EthanZ)

Dan Gillmor warns against data collection by web companies

Quote

As security expert Bruce Schneier (a friend) has archly observed, "Surveillance is the business model of the internet." I don't expect this to change unless and until external realities force a change – and I'm not holding my breath.

Instead, the depressing news just seems to be getting worse. Google confirmed this week what many people had assumed: even if you're not a Gmail user, your email to someone who does use their services will be scanned by the all-seeing search and the advertising company's increasingly smart machines.

From Dan Gillmor's post for The Guardian, "As we sweat government surveillance, companies like Google collect our data"
About Dan | @dangillmor

John Palfrey wishes the DPLA a happy first birthday

Quotation mark

Led by executive director Dan Cohen and a very impressive team that is now eight strong, the DPLA has grown to include more than 7,000,000 objects (more than triple what we started with). These images, texts, books, and more come from all 50 states in the country. The number of partners grows every month, with nearly a third of all states boasting on-ramps to the DPLA (which we call “service hubs”) and thousands of major institutions participating in digitizing and sharing materials online. The pace of growth is terrific: demand to join the DPLA as a content provider far outstrips our ability to bring the materials in, which bodes well for future growth. Usage through the website and especially the open API continues to grow, with more than 1,000,000 people who have used the site directly and close to 10,000,000 API calls. Over time, those numbers should grow markedly, too.

From John Palfrey's blog post, "Happy 1st Birthday, DPLA!"
About John | @jpalfrey

DMLP: Some federal courts now posting audio recordings online

Quotation mark

While the propriety of video and photography equipment in federal courts is subject of ongoing debate and testing, a number of federal bankruptcy courts and three federal district courts make audio recordings of their proceedings available to the public for a nominal fee.

From Eric P. Robinson's blog post for the Digital Media Law Project, "Hear Ye, Hear Ye! Some Federal Courts Post Audio Recordings Online"
About DMLP | @dmlpberkman

Quotation mark

BONUS @dpla birthday present: @anarchivist implemented Twitter cards. Links to DPLA items now auto-include thumbnails http://dp.la/item/5ff0e56c0e78969594734ed2fd02bd13Dan Cohen (@dancohen)

Bad News & Worse News for Russian Internet Users

Quotation mark

First, the bad news: the most popular website in Russia, Yandex.ru, will no longer rank Russian bloggers or categorize the most popular news topics discussed online. That service, which for the last ten years Yandex featured on the splash page of its blogs search engine, is now kaput. In an announcement published today, April 18, 2014, Yandex explained that the traditional blog is in decline, as Internet users flee to social networks like Facebook and Vkontakte, where popularity rankings can be difficult to calculate.

Now, the worse news: Yandex’s decision to euthanize its rating system for bloggers was also a response to legislation now making its way through the Russian parliament, where Duma deputies today passed the second reading of a draft law that would impose mass media regulations on bloggers with daily audiences in excess of three thousand visitors. Under this law, various kinds of self-expression would become illegal, and any website with enough traffic lands on a government registry.

From Kevin Rothrock's post for Global Voices Bridge, "Bad News & Worse News for Russian Internet Users"
About Global Voices Online | @globalvoices

This Buzz was compiled by Rebekah Heacock.

To manage your subscription preferences, please click here.

by rheacock at April 19, 2014 12:40 PM

Amanda Palmer
‘THE DRESDEN DOLLS’ debut double vinyl aka RECORD STORE DAY ACCIDENTAL MAGIC!!

WELL HOLY FUCK.
after years and years of asking, the answer has come as if by accidental magic.
THE DRESDEN DOLLS self-titled LP is going to available ON VINYL!!! TODAY!!!!
it’s for RECORD STORE DAY, LIMITED to 3,000 copies, and RED (with black swirls)!!!!!!

there’s a video at HERE, where you can see how PRETTY IT IS in (sort of 3D) at around the 6:45 minute mark! LOOK!!!!
…it’s being released through RHINO, who somehow wound up having rights to it through the magical prism-prison of roadrunner getting swallowed up by a larger company and rhino (nice guys!) putting in a bid to release it.

i literally JUST FOUND OUT ABOUT THIS last night!!!
THAT IS HOW STRANGE THE WORLD IS!!! if it hadn’t been for the fine people of twitter alerting me, this may have passed without notice. THANK YOU GUYS.

so?

GO BUY IT!!!!
SKATEBOARD TO YOR LOCAL RECORD STORE AND CELEBRATE THE FACT THAT YOU CAN NOW PLAY “COIN-OPERATED BOY” BACKWARDS and find out, FINALLY, that the song is actually saying “SATAN SATAN SATAN SATAN SATAN”.
and when you do, LET US KNOW…SHOW US!!!
take pictures, videos…get creative and SHARE THAT SHIT.
it’s awesome to have it out there on wax after all these years, and it’s made awesomer knowing they’re finding ways to good homes.

all 3,000 copies have been sprinkled all over the country and every store will only have a few copies AT MOST…i’m actually wondering if i’ll ever get to see one in person.

if anybody out there is able to pick up a few (extras) for me and mine – and i’m serious – get in touch, leave a comment. i’d love 5 or 10 copies. i loved making that record, right here in new york…more than ten years ago.

a walk down memory lane, with me?

our first music video (the one that trent reznor saw before asking us out on tour with NIN) – “girl anachronism”…

mr. michael pope’s second video with us, for “SATAN SATAN SATAN SATAN SATAN” “coin-operated boy”…

the whole dern album for streamy, via bandcamp (or spotify or beats):
The Dresden Dolls by The Dresden Dolls

now, back to ZE VINYL…
it’s a double gatefold LP, broken up like so…

so
this whole thing is going to be an adventure, for all of us…
like i said, if you’re lucky enough to score one, SHOW US! tag your stuffs with #RSDdolls and #RSD2014…i’m @amandapalmer and brian is @brianviglione/@violentfemmes and we is the @DresdenDolls (or the dolls/me/brian on facebook)…we’ll be looking!!

all the record store day info is HERE
click on “participating stores” to see WHERE YOU CAN GO BUY IT!!! and SEND SIGNALS BACK TO HOME BASE! I CAN’T WAIT!!!

xxx
a

by admin at April 19, 2014 12:06 PM

April 18, 2014

Berkman Center front page
Berkman Center announces leadership transition

The Berkman Center for Internet & Society has announced a significant leadership transition as Professor William (Terry) Fisher steps down after 12 years as Chair of the Board of Directors and Professor Jonathan Zittrain, the co-founder of the Berkman Center and Vice Dean for Library and Information Resources at Harvard Law School, assumes the role.  The change will be effective as of July 1, 2014.

Said Harvard University Provost Alan M. Garber: "Under Terry Fisher's extraordinary leadership, the Berkman Center has become known as the home of some of the most penetrating thinking about how we interact with cyberspace and how it can be developed to serve society better.  We are indebted to him for nurturing and helping to shape this unique resource for Harvard and the world. Jonathan Zittrain is a most worthy successor. Long a pillar of the Berkman community, he has the intellect, breadth of interests, creativity, and dedication to ensure that the center will remain vital - indeed, indispensable - at a time when the Internet is woven into more and more aspects of our lives."

Said HLS Dean Martha Minow: “Terry Fisher’s stellar leadership has ensured the Berkman Center’s vibrant collaborations across disciplines, sectors, and geographies, while also providing an unerring commitment to combining creativity with a focus on the opportunities and challenges afforded by cyberspace and the communities and communication it enables.  I join with the Provost and Directors in delight that Jonathan Zittrain will take up the role of chair. As one of the co-founders of the Center and as a fount of superb ideas, Jonathan brings deep knowledge and innovative spirit to this extraordinary effort."

Urs Gasser, the Berkman Center’s Executive Director and a Professor of Practice at HLS, said, “The Berkman Center team is deeply grateful for all that Terry Fisher has contributed to the Center and the community during his extraordinary tenure, and wishes him a truly well deserved and restful sabbatical in 2014-2015. Recognized as a visionary here at Berkman and around the world, Jonathan Zittrain will continue to inspire and delight the community and help deepen our national and international network of partners across all sectors.” He noted that Zittrain’s faculty appointments with the Harvard School of Engineering and Applied Sciences and the Harvard John F. Kennedy School of Government will further strengthen the Center’s collaborations across Campus.

Terry Fisher has led the Berkman Center since 2002, helping to shape it during a period of maturation and expansion.  Under his guidance, the Center has grown from a small research unit at Harvard Law School into a University-wide Center and a world-renowned community of scholars and activists, engaged in rigorous research and socially responsible innovation.  He navigated the Center through the lean times of the fiscal crisis and oversaw the successful incubation of numerous projects and initiatives that have changed the landscape of academic inquiry pertaining to information technology.

Zittrain’s transition to the position of Faculty Chair represents both momentum and re-commitment to the ethos and spirit in which he co-founded the Berkman Center with Charlie Nesson in 1997.  Professor Zittrain’s commitment to and passion for the development of innovative research and teaching programs will continue to infuse the Center’s direction and activities, building on the strong foundation and programs that flourished under Terry Fisher’s leadership, said Dean Minow.

As the Berkman Center’s principal governing body, the Board of Directors shapes the Berkman Center’s overall vision and makes significant financial, research, academic, personnel, governance, and other overarching strategic decisions. Terry Fisher remains a member of the Board, joined by Professors Yochai Benkler, Susan Crawford, John Deighton, Charles Nesson, Felix Oberholzer-Gee, John Palfrey, Jeffrey Schnapp, Stuart Shieber, and Mark Wu. Board member Urs Gasser continues as Executive Director, leading implementation of the vision and objectives set forth by the Board.

Links

by ashar at April 18, 2014 07:22 PM

Peter Suber
References should connect readers to full texts, and therefore favor OA editions. A nice argument from...
References should connect readers to full texts, and therefore favor OA editions.

A nice argument from Patrick Dunleavy: "What is the essential purpose of academic referencing? ...A completely out of date answer dominates current practice  — namely...[directing readers] to the same precise sources and pages that you yourself used in constructing an argument or a case....Referencing should instead be about directly connecting readers to the full text of your sources, ideally in a one-stop way....In other words, modern referencing is not about pointing to some source details for books that cost a small fortune and are buried away in some library where the reader is not present; still less about pointing to source details for an article in a pay-wall journal to which readers do not have access....With open access spreading now we can all do better, far better, if we follow one dominant principle. Referencing should connect readers as far as possible to open access sources, and scholars should in all cases and in every possible way treat the open access versions of texts as the primary source...."

#oa #openaccess #references   #citations  

April 18, 2014 04:40 PM

Dan Gillmor - Guardian
As we sweat government surveillance, companies like Google collect our data | Dan Gillmor

Unless we demand changes, Big Tech will continue to profit off our personal information with our benighted permission

As security expert Bruce Schneier (a friend) has archly observed, "Surveillance is the business model of the internet." I don't expect this to change unless and until external realities force a change and I'm not holding my breath.

Instead, the depressing news just seems to be getting worse. Google confirmed this week what many people had assumed: even if you're not a Gmail user, your email to someone who does use their services will be scanned by the all-seeing search and the advertising company's increasingly smart machines. The company updated their terms of service to read:

Our automated systems analyze your content (including e-mails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.

The universal ID today in the world is your Facebook log-in. This industry-wide challenge of mobile tracking has sort of quietly been solved, without a lot of fanfare.

If the new plan succeeds, then, one day large swaths of Facebook may not look like Facebook and may not even bear the name Facebook. It will be everywhere, but you may not know it.

The system was kind of kept confidential from everybody in the public. A lot of people do have a problem with the eye in the sky, the Big Brother, so in order to mitigate any of those kinds of complaints, we basically kept it pretty hush-hush.

Continue reading...

by Dan Gillmor at April 18, 2014 04:31 PM

Bruce Schneier
Police Disabling Their Own Voice Recorders

This is not a surprise:

The Los Angeles Police Commission is investigating how half of the recording antennas in the Southeast Division went missing, seemingly as a way to evade new self-monitoring procedures that the Los Angeles Police Department imposed last year.

The antennas, which are mounted onto individual patrol cars, receive recorded audio captured from an officer’s belt-worn transmitter. The transmitter is designed to capture an officer’s voice and transmit the recording to the car itself for storage. The voice recorders are part of a video camera system that is mounted in a front-facing camera on the patrol car. Both elements are activated any time the car’s emergency lights and sirens are turned on, but they can also be activated manually.

According to the Los Angeles Times, an LAPD investigation determined that around half of the 80 patrol cars in one South LA division were missing antennas as of last summer, and an additional 10 antennas were unaccounted for.

Surveillance of power is one of the most important ways to ensure that power does not abuse its status. But, of course, power does not like to be watched.

by Bruce Schneier at April 18, 2014 03:46 AM

Peter Suber
Rejecting demands for openness used for harassment and intimidation. From the +Chronicle of Higher ...
Rejecting demands for openness used for harassment and intimidation.

From the +Chronicle of Higher Education:  "The Virginia Supreme Court on Thursday rejected a conservative group’s attempt to obtain the records of [+Michael Mann,] a climate scientist and former professor at the University of Virginia...The case focused on whether the state’s open-records law exempted a range of documents deemed by the university to be proprietary....Justice Donald W. Lemons wrote that...'[the law protects universities from] harm to university-wide research efforts, damage to faculty recruitment and retention, undermining of faculty expectations of privacy and confidentiality, and impairment of free thought and expression.'..."
http://chronicle.com/blogs/ticker/virginia-supreme-court-rules-for-uva-and-climate-scientist-in-records-suit/76171

I applaud this decision. It may look like a defeat for openness, but it's merely a defeat for harassment and intimidation. It's entirely compatible with politically neutral calls for open access to research. For more, see my 2010 article on politically selective calls for open access, which discussed the first stirrings of this case.
http://nrs.harvard.edu/urn-3:HUL.InstRepos:4738862

#oa #openaccess #climate

April 18, 2014 02:17 AM

April 17, 2014

Bruce Schneier
Heartbleed

Heartbleed is a catastrophic bug in OpenSSL:

"The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop communications, steal data directly from the services and users and to impersonate services and users.

Basically, an attacker can grab 64K of memory from a server. The attack leaves no trace, and can be done multiple times to grab a different random 64K of memory. This means that anything in memory -- SSL private keys, user keys, anything -- is vulnerable. And you have to assume that it is all compromised. All of it.

"Catastrophic" is the right word. On the scale of 1 to 10, this is an 11.

Half a million sites are vulnerable, including my own. Test your vulnerability here.

The bug has been patched. After you patch your systems, you have to get a new public/private key pair, update your SSL certificate, and then change every password that could potentially be affected.

At this point, the probability is close to one that every target has had its private keys extracted by multiple intelligence agencies. The real question is whether or not someone deliberately inserted this bug into OpenSSL, and has had two years of unfettered access to everything. My guess is accident, but I have no proof.

This article is worth reading. Hacker News thread is filled with commentary. XKCD cartoon.

EDITED TO ADD (4/9): Has anyone looked at all the low-margin non-upgradable embedded systems that use OpenSSL? An upgrade path that involves the trash, a visit to Best Buy, and a credit card isn't going to be fun for anyone.

EDITED TO ADD (4/10): I'm hearing that the CAs are completely clogged, trying to reissue so many new certificates. And I'm not sure we have anything close to the infrastructure necessary to revoke half a million certificates.

Possible evidence that Heartbleed was exploited last year.

EDITED TO ADD (4/10): I wonder if there is going to be some backlash from the mainstream press and the public. If nothing really bad happens -- if this turns out to be something like the Y2K bug -- then we are going to face criticisms of crying wolf.

EDITED TO ADD (4/11): Brian Krebs and Ed Felten on how to protect yourself from Heartbleed.

by Bruce Schneier at April 17, 2014 11:22 PM

John Palfrey
Happy 1st Birthday, DPLA!

The Digital Public Library of America is one year old!  We launched in April, 2013 after a few years of planning and barnstorming the country for ideas, inspiration, and volunteers. While we postponed the launch celebration due to the tragic Marathon bombing that same week just outside the Boston Public Library, the site — at http://dp.la — went live, on time and on budget. (I wrote about the launch on this blog here.)  The first year has been a lot of hard work and a ton of fun.

The progress report for year one, posted officially here, is excellent. Led by executive director Dan Cohen and a very impressive team that is now eight strong, the DPLA has grown to include more than 7,000,000 objects (more than triple what we started with).  These images, texts, books, and more come from all 50 states in the country.  The number of partners grows every month, with nearly a third of all states boasting on-ramps to the DPLA (which we call “service hubs”) and thousands of major institutions participating in digitizing and sharing materials online. The pace of growth is terrific: demand to join the DPLA as a content provider far outstrips our ability to bring the materials in, which bodes well for future growth. Usage through the website and especially the open API continues to grow, with more than 1,000,000 people who have used the site directly and close to 10,000,000 API calls. Over time, those numbers should grow markedly, too. Mike Kelley of Publishers Weekly did a great round-up piece on the first year results.  The team has a fitting and wonderful new home at the Boston Public Library, one of the effort’s early and sustaining partners.

In recent months, two additional major funders have joined the coalition by making promising new grants. Announced at the DPLAFest in the fall, the Gates Foundation has made a grant to enable the DPLA to work directly with public librarians around the country on professional development and usage of the DPLA as an innovative platform. The Mellon Foundation has made a new grant this past month to support the study of sustainability models for this ambitious, nation-sized initiative. The core funders, led by the Sloan Foundation and including the IMLS, the NEH, Knight Foundation (disclosure: I am its board chair), the Soros Foundation, Arcadia Fund, and others have been consistently helpful and have made the effort into a true public-private partnership to support libraries and innovation for the digital era. Key partners, such as the Hathi Trust, Internet Archive, and the National Archives among many others, continue to be essential parts of the puzzle.  The New York Public Library has been an amazing partner of late, doubling down by adding in its entire digital collections to the DPLA’s mix.

As the DPLA’s board chair, I have on my mind a few additional challenges when it comes to year two. As with any start-up, the maintenance of momentum is essential. In the lead up to the launch, when the idea was still completely new and fresh, the DPLA attracted the involvement of more than 1,000 people through various outreach mechanisms. Now that the DPLA is into a building and doing mode, the trick will be to ensure that the same inclusive spirit drives us forward. The new Community Reps program is off to a highly promising start. The meetings all continue to be open and volunteers of all sorts most welcome. The DPLA community needs to keep growing in order to thrive, even as we have to have heads-down to keep up with the interest in participating — a great problem to have.

A second topic is the growth of the eBooks question. The DPLA includes more than a million books, but there are many more that could be included. As the growth of eBook adoption grows, and as the importance to libraries, publishers, and readers grows, the DPLA is working on its strategy for being a part of a positive future in this respect. There are many possible roles to play; despite the amount on our plate already, and the desire to get to 50 state hubs and other pre-existing goals, an answer to this question will be important in this coming year and beyond.

Finally, I remain struck by the importance of making the DPLA a national-scale enterprise, and also part of an international effort, to support libraries and their users as we transition to a digital era. I am delighted at the continued private support for this national effort, mostly from a growing group of major foundations, whose leaders, including Doron Weber at Sloan Foundation, see the importance of this work and have committed to it financially.

What puzzles me is why, even after a successful launch and proof of the demand for this service, the public-sector support for DPLA is limited to a few (essential and wonderful) federal institutions.  Our stalwart partners include the National Archives, the Smithsonian, IMLS, and the NEH, who have been there since the inception of this idea.  Today, the GPO has joined the effort officially, which is huge and positive news.

Now, I am not so naive as to imagine that the Congress would all of a sudden recognize the need for America to have a digital library system and decide to fund its scaling up, as great as that might be. But for all the Washington talk of the “importance of public-private partnerships”, I would have imagined that more government entities with unique content and funders would be jumping up to join with the private sector in this public-spirited enterprise. In my cynical moments, I have a sense that “public-private partnership” means a suggestion by government that the private sector ought to go and do those things that the public sector is not getting done. Perhaps in year two and beyond the public side will grow more than it has in year one. It is never too late to join this particular party.

My primary sensation at the end of year one for the DPLA is of deep gratitude for the partnership and friendship of those who have joined together, as volunteers in the public interest, to get this important endeavor and to the crack staff who are devoting their professional life to getting it off the ground.  Dan Cohen and his team on the ground are doing amazing work to build the DPLA for a sustainable, exciting future.


by jgpalfrey at April 17, 2014 07:46 PM

Bruce Schneier
More on Heartbleed

This is an update to my earlier post.

Cloudflare is reporting that it's very difficult, if not practically impossible, to steal SSL private keys with this attack.

Here's the good news: after extensive testing on our software stack, we have been unable to successfully use Heartbleed on a vulnerable server to retrieve any private key data. Note that is not the same as saying it is impossible to use Heartbleed to get private keys. We do not yet feel comfortable saying that. However, if it is possible, it is at a minimum very hard. And, we have reason to believe based on the data structures used by OpenSSL and the modified version of NGINX that we use, that it may in fact be impossible.

The reasoning is complicated, and I suggest people read the post. What I have heard from people who actually ran the attack against a various servers is that what you get is a huge variety of cruft, ranging from indecipherable binary to useless log messages to peoples' passwords. The variability is huge.

This xkcd comic is a very good explanation of how the vulnerability works. And this post by Dan Kaminsky is worth reading.

I have a lot to say about the human aspects of this: auditing of open-source code, how the responsible disclosure process worked in this case, the ease with which anyone could weaponize this with just a few lines of script, how we explain vulnerabilities to the public -- and the role that impressive logo played in the process -- and our certificate issuance and revocation process. This may be a massive computer vulnerability, but all of the interesting aspects of it are human.

EDITED TO ADD (4/12): We have one example of someone successfully retrieving an SSL private key using Heartbleed. So it's possible, but it seems to be much harder than we originally thought.

And we have a story where two anonymous sources have claimed that the NSA has been exploiting Heartbleed for two years.

EDITED TO ADD (4/12): Hijacking user sessions with Heartbleed. And a nice essay on the marketing and communications around the vulnerability

EDITED TO ADD (4/13): The US intelligence community has denied prior knowledge of Heatbleed. The statement is word-game free:

NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private sector cybersecurity report. Reports that say otherwise are wrong.

The statement also says:

Unless there is a clear national security or law enforcement need, this process is biased toward responsibly disclosing such vulnerabilities.

Since when is "law enforcement need" included in that decision process? This national security exception to law and process is extending much too far into normal police work.

Another point. According to the original Bloomberg article:

http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html

Certainly a plausible statement. But if those millions didn't discover something obvious like Heartbleed, shouldn't we investigate them for incompetence?

Finally -- not related to the NSA -- this is good information on which sites are still vulnerable, including historical data.

by Bruce Schneier at April 17, 2014 07:11 PM

Willow Brugh
Co-Ops and Digital Response as Mutual Aid

Brain mashings. So good. Actual blog entry alongside this to come, over on the GWOBlog. In the meantime, if you wonder what I’ve been doing and thinking about:

by bl00 at April 17, 2014 06:34 PM

Sara M. Watson
Berkman Talk—Living with Data: Stories that Make Data More Personal

My Berkman lunch talk is coming up soon! Join in person if you can make it. The talk will also be webcast live and archived on the website shortly after. 

Living with Data: Stories that Make Data More Personal
with Berkman Fellow, Sara Watson

April 29, 2014 at 12:30pm ET
Berkman Center for Internet & Society, 23 Everett St, 2nd Floor
RSVP required for those attending in person via the form below
This event will be webcast live (on this page) at 12:30pm ET.

We are becoming data. Between our mobile phones, browser history, wearable sensors, and connected devices in our homes, there’s more data about us than ever before. So how are we learning to live with all this data

Inspired by her ethnographic interview work with members of the quantified self community, Sara hopes to make these larger systemic shifts more relatable and concrete with personal narratives. This talk will share some examples of how we find clues, investigate, and reverse engineer what’s going on with our data, and call for more stories to help personalize our evolving relationship to data and the algorithms that govern it.

April 17, 2014 06:32 PM

Citizen Media Law Project
Hear Ye, Hear Ye! Some Federal Courts Post Audio Recordings Online

While the propriety of video and photography equipment in federal courts is subject of ongoing debate and testing, a number of federal bankruptcy courts and three federal district courts make audio recordings of their proceedings available to the public for a nominal fee.

In his article for The New York Times "Room for Debate" feature on whether courts should eliminate human court reporters (spurred by the chaos caused by the recent resignation of a drug-addicted court reporter in New York), U.S. District Court Judge Richard G. Kopf casually mentions that proceedings in his court in Lincoln, Nebraska, are routinely audio recorded. The recordings are posted to the court's public online PACER database the same day.

PACER, short for Public Access to Court Electronic Records, is the federal courts' online case docket access system. Access to PACER requires registration, and fees are charged for accessing materials in the database.

On his blog -- a federal judge with a blog! -- Kopf explained last year that his court had been recording its proceedings "for a long time now," i.e., since 2007.

After an initial one-year test of audio recording technology in 12 federal district and bankruptcy courts, the U.S. Judicial Conference approved digital audio recordings as a method of taking the official record of court proceedings in September 1999. Compact discs of the recordings were made available to the public from the courts' clerk's offices, for a $26 fee.

In 2007 and 2008, five federal courts -- three trial courts and three bankruptcy courts -- began a pilot project of offering the audio recordings on PACER. The success of the program led to its expansion in 2009 to two additional bankruptcy courts and the U.S. Court of Federal Claims (which offers the recordings for selected cases through its website: example). In 2010, the program was opened to all federal courts, and the cost to access the recordings was raised from 8 cents to $2.40. This led 22 additional bankruptcy courts to implement the program.

Now, a total of 32 trial and bankruptcy courts offer audio recordings online.

In addition to the Court of Federal Claims, the trial courts include three federal district courts: the U.S. district courts in Nebraska -- Kopf's court -- the Eastern District of Pennsylvania, and the Southern District of Alabama (although it appears to have posted only one audio file).

The remaining 28 courts offering the recordings on PACER are federal bankruptcy courts : the U.S. bankruptcy courts for the Northern District of Alabama; District of Alaska, Northern District of California, District of Connecticut, Middle District of Florida, District of Hawaii, Central District of Illinois, Southern District of Indiana, District of Maine, Eastern District of Michigan, District of Minnesota, Eastern District of Missouri, Eastern District of North Carolina, Middle District of North Carolina, District of Nebraska, District of New Mexico, District of Nevada, District of New Jersey, Southern District of New York, District of Puerto Rico, District of Rhode Island, District of Utah, District of Vermont, Eastern District of Washington, Northern District of West Virginia, Southern District of West Virginia, Eastern District of Wisconsin, and the District of Wyoming.

The PACER system also offers an instructional video -- featuring a talking gavel -- on how to access the audio files in the PACER system.

At the appellate level, most of the federal Courts of Appeals offer audio recordings of their oral arguments on their websites, outside of PACER (1st; 3rd; 4th; 5th; 6th; 7th; 8th; 9th; D.C.; Fed.). Even the U.S. Supreme Court -- which has stubbornly resisted audio-visual coverage, despite pressure and a recent breach of this protocol -- posts audio of arguments to its website at the end of each week (while releasing transcripts of all cases and audio of a few prominent cases on the same day they are argued).

It's interesting that while the number of bankruptcy courts offering recordings has continued to grow, the number of federal trial courts offering the recordings has not increased significantly beyond the three that were in the program at its inception. Of course, trial courts are more likely than bankruptcy courts to have proceedings of interest to the press and the general public.

The audio recordings in the federal trial and bankruptcy courts are part of a larger debate over the merits of human court reporters. But as a court access issue, the easy and inexpensive availability of audio recordings of court proceedings is an important development, which hopefully more courts will embrace.

Eric P. Robinson is co-director of the Program in Press, Law and Democracy at the Manship School of Mass Communication at Louisiana State University. He has taught media law and ethics at the CUNY Graduate School of Journalism, Baruch College, and the University of Nevada, Reno, where he was also Deputy Director of the Donald W. Reynolds Center for Courts and Media. He has also been a  staff attorney at the Media Law Resource Center and a legal fellow at the Reporters Committee for Freedom of the Press. In addition to his posts here, he maintains his own blog at bloglawonline.com.

(Image courtesy of Flickr user Derek K. Miller pursuant to a Creative Commons CC BY-NC 2.0 license.)

by Eric P. Robinson at April 17, 2014 05:48 PM

Berkman Center front page
"euandi", a path-breaking Voting Advice Application for the 2014 European Parliament elections

euandi, a new Voting Advice Application (VAA) helps citizens make informed choices in their 2014 European Parliament (EP) vote.

Available in 24 languages, euandi invites users to react to 28 policy statements covering a wide range of contemporary policy issues and political values in European politics, as well as two policy statements specific to the user’s national political context.

Developed by the European University Institute in Florence, Italy, euandi provides voters with a clear view of the European electoral campaign and their individual positions within it.

Not only does the tool help people identify which political parties represent their views, but it also provides an innovative platform for community building, where people from all over Europe can connect with each other based on their political views.

In addition, euandi will also be one of the largest public opinion measurement tools ever built. With the aim of attracting over 10 million users across Europe, it will result into the largest academic set of data available on public opinion in Europe.

The tool’s strong scientific background and its innovative social features make it interesting not only to the general public, but also to academics, experts and policy makers.

Please contact the euandi team for more detailed information (euandi@eui.eu) and consult the euandi website at: http://www.euandi.eu

= =  =

The euandi project is led by Professor Alexander H. Trechsel at the European University Institute (and current Faculty Fellow at the Berkman Center), in close cooperation with the Berkman Center for Internet and Society at Harvard University, directed by Professor Urs Gasser.

An International Advisory Board consisting of more than 40 of the world’s leading political scientists in Europe and the United States, are overseeing the project. 28 country teams including over 120 highly trained and knowledgeable social scientists at the doctoral or post-doctoral level are responsible for researching and coding the political parties featured in the tool.

euandi aims to become the largest public opinion measurement tool built in Europe. Long after the 2014 elections, euandi will continue to attract scholars analyzing group formation, political mobilization and partisan adaptation. It is our hope that the tool will be implemented prior other electoral contests, such as the 2016 US presidential elections.

Links


Developed by:
In collaboration with:
In cooperation with:

by ashar at April 17, 2014 04:00 PM

April 16, 2014

Bruce Schneier
Schneier Speaking Schedule: April–May

Here's my upcoming speaking schedule for April and May:

Information about all my speaking engagements can be found here.

by Bruce Schneier at April 16, 2014 10:29 PM

Peter Suber
Thank you Matilda Amissah-Arthur. The Second Lady of Nigeria, Matilda Amissah-Arthur, highlighted #...
Thank you Matilda Amissah-Arthur.

The Second Lady of Nigeria, Matilda Amissah-Arthur, highlighted #OA yesterday at an international workshop for librarians. "Mrs Amissah-Arthur said...the services [of a library] had evolved from the days of closed stacks, through shelf browsing, card catalogues and OPACs to open access and institutional repositories...."

http://graphic.com.gh/news/general-news/21353-second-lady-urges-librarians-to-sharpen-skills.html

#oa #openaccess 

April 16, 2014 08:41 PM

Reshared post from Office for Scholarly Communication, Harvard Library:
And thank you readers and downloaders of Harvard authors!#oa #openaccess 

Original Post from Office for Scholarly Communication, Harvard Library:

The OSC celebrates the milestone of having surpassed 3 million downloads from DASH! 

April 16, 2014 07:48 PM

Berkman Center front page
Upcoming Events: Copyright Reforms in Brazil and the US (4/21); Fair Use(r): Art and Copyright online? (4/22); Living with Data
Berkman Events Newsletter Template
co-hosted event

Copyright Reforms in Brazil and the United States

Monday, April 21, 12:00pm ET, Harvard Law School, Hauser 102. Co-sponsored by the HLS Brazilian Studies Association, the Harvard Journal of Law and Technology, and the Berkman Center for Internet & Society.

berkman

Join Professor William Fisher and Pedro Paranagua, senior legal advisor for the Brazilian government on Intellectual Property, for a comparative perspective on major features of current bills advancing copyright reforms in Brazil and the U.S.



more information on our website>

berkman luncheon series

Fair Use(r): Art and Copyright online?

Tuesday, April 22, 12:30pm ET, Berkman Center for Internet & Society, 23 Everett St, 2nd Floor. This event will be webcast live.

berkman

With the democratization of content creation came the democratization of the overzealous copyright claim. Do private agreements between copyright holders and hosting platforms such as YouTube’s Content ID system compromise artist's fair use rights? This open discussion invites artists, users and lawyers to share their copyright experiences with hosting platforms and debate the future of distributing digital arts works online.

Pop Culture Pirate is the digital home of Elisa Kreisinger, a Brooklyn-based video artist remixing pop culture. Her latest work includes mashing up Mad Men into feminists and The Real Housewives into lesbians. Elisa’s 2012 US Copyright Office testimony helped win crucial exemptions to the Digital Millennium Copyright Act, decriminalizing DVD ripping for artistic statements. RSVP Required. more information on our website>

berkman luncheon series

Living with Data: Stories that Make Data More Personal

Tuesday, April 29, 12:30pm ET, Berkman Center for Internet & Society, 23 Everett St, 2nd Floor. This event will be webcast live.

berkman

We are becoming data. Between our mobile phones, browser history, wearable sensors, and connected devices in our homes, there's more data about us than ever before. So how are we learning to live with all this data? Inspired by her ethnographic interview work with members of the quantified self community, Sara hopes to make these larger systemic shifts more relateable and concrete with personal narratives. This talk will share some examples of how we find clues, investigate, and reverse engineer what's going on with our data, and call for more stories to help personalize our evolving relationship to data and the algorithms that govern it.

Sara M. Watson is a Fellow at the Berkman Center for Internet and Society at Harvard University. Her work addresses how individuals are learning to live with their personal data, in particular as more technologies like wearable sensors and the Internet of Things tie our bodies and our physical environment to data. RSVP Required. more information on our website>

video/audio

Intelligence Gathering and the Unowned Internet

berkman

The long-term viability of an unowned, open Internet remains in question. Any analysis of where the Internet is headed as a protocol and a platform must take into account the activities of both public and private entities that see the Internet as a source of intelligence -- and a field of contention. Yochai Benkler, Bruce Schneier, and Jonathan Zittrain of the Berkman Center are joined by John DeLong and Anne Neuberger of the National Security Agency in a conversation moderated by Berkman Faculty Director Terry Fisher on the future of an open internet in the face of challenges to privacy in an unsecure world. This talk was co-sponsored by: the Berkman Center for Internet & Society, the Harvard Law School American Civil Liberties Union, Harvard Civil Rights-Civil Liberties Law Review, National Security Journal, and National Security and Law Association. video/audio on our website>

Other Events of Note

Local, national, international, and online events that may be of interest to the Berkman community:

You are receiving this email because you subscribed to the Berkman Center's Weekly Events Newsletter. Sign up to receive this newsletter if this email was forwarded to you. To manage your subscription preferences, please click here.

Connect & get involved: Jobs, internships, and more iTunes Facebook Twitter Flickr YouTube RSS

See our events calendar if you're curious about future luncheons, discussions, lectures, and conferences not listed in this email. Our events are free and open to the public, unless otherwise noted.

by ashar at April 16, 2014 03:13 PM

Justin Reich
Nudging, Priming, and Motivating in Blended Learning
The first in a three post series on challenges and opportunities with blended learning: a emerging series of online interventions to boost motivation and engagement based on ideas from social psychology and behavioral economics.

by Justin Reich at April 16, 2014 02:57 PM

Berkman Center front page
Harvard’s Berkman Center to launch global research and action network focused on youth-oriented hate speech online

Cambridge, MA – Leveraging its national and global networks, the Berkman Center for Internet & Society at Harvard University is pleased to announce an effort to form a first-of-its-kind thematic network of experts, educators, practitioners, and ambassadors that will facilitate, promote, and strengthen collaboration to counter youth-oriented hate speech online.

The initiative builds upon the “Viral Peace” project, which was inspired by the outcomes of a meeting at the Berkman Center in 2008, piloted at the U.S. Department of State in 2011, and now hosted at Berkman. The project seeks to fight hate speech online by enhancing the capabilities of youth, community leaders, social media influencers, and civic activists around the world to stand up to hate and violence online. To form the thematic network, the Berkman Center — with participation from Harvard’s Institute of Politics Spring 2014 Resident Fellows Class — will work with partners such as former Special Representative to Muslim Communities at the U.S. Department of State and current IOP Fellow Farah Pandith, former Commissioner of the Boston Police Department and current IOP Fellow Ed Davis, tech entrepreneur Shahed Amanullah, the London-based Institute for Strategic Dialogue (ISD), and other “Viral Peace” collaborators, among others.

“Hate speech, in the broad sense of the term, affects youth the world over,” said Berkman Center Executive Director and Harvard Law School Professor of Practice Urs Gasser. “It’s a multi-faceted problem with many dimensions, and is closely tied to offline discrimination and violence targeting many demographic groups. We’re privileged to have the opportunity to build on years of work in promoting youth empowerment, analyzing critical speech issues online, and bringing many kinds of voices, perspectives, and areas of expertise together around the same table to collaborate.”

With the Berkman Center serving as the coordinator and research partner, the thematic network will aim to (1) deepen our understanding of youth-oriented hate speech online, (2) develop a set of curricula and learning modules that empower youth to appropriately respond to hate speech online (prevention and intervention mechanisms), (3) field-test these teaching and learning materials on the ground, and (4) to create a network of collaborators worldwide that will include universities, institutions, and communities in every state in the U.S. and in countries on each continent.

The international, collaborative, and open thematic network will benefit from ISD’s groundbreaking work on countering extremist propaganda online, including its Against Violent Extremism (AVE) network of former-extremists and survivors of extremism-turned-advocates, run in partnership with Google Ideas and the GenNext Foundation.

 “From the bomb attacks in Boston one year ago to Anders Breivik’s massacre in Norway, we are all too regularly reminded of the ways in which extremists and terrorists are now using the Internet and social media — to radicalize, recruit, fundraise and even to organize attacks,” said Sasha Havlicek, ISD’s co-founding Director. “Too little has been done to date to effectively challenge the hate propaganda that not only undermines cohesion but puts lives at risk. Only an innovative partnership between academe, practitioners, the tech sector and those most able to legitimately push back and undermine extremist narratives, can take on this growing challenge. We are delighted, therefore, to be partnering in this important endeavor.”

The Berkman-led initiative was acknowledged by Lisa Monaco, Assistant to the President for Homeland Security and Counterterrorism at The White House, who gave a major speech at the JFK Jr. Forum yesterday.

Organizations or individuals interested in collaboration are invited to submit a statement of interest to youthandmedia@cyber.law.harvard.edu. Additional information can be found at http://cyber.law.harvard.edu/research/viralpeace.

About the Berkman Center


The Berkman Center for Internet & Society at Harvard University is a research program founded to explore cyberspace, share in its study, and help pioneer its development. Founded in 1997, through a generous gift from Jack N. and Lillian R. Berkman, the Center is home to an ever-growing community of faculty, fellows, staff, and affiliates working on projects that span the broad range of intersections between cyberspace, technology, and society. More information can be found at http://cyber.law.harvard.edu.

About the Institute for Strategic Dialogue

ISD is a London-based think and action tank with global reach. Combining research and policy entrepreneurship with transformative cross-border networks of policy makers, business leaders, community activists and practitioners, ISD works to deliver real-life solutions to counter extremism and prevent communal and international conflict. ISD’s Counter-Extremism Programme has become a recognised knowledge hub for understanding and providing effective responses to violent and non-violent extremism. It works to implement tangible solutions in partnership with practitioners and the private sector; improves understanding of what works by providing platforms for sharing good practice and lessons learned; and is spearheading efforts to push back on extremist propaganda and organisation online. More information can be found at http://www.strategicdialogue.org. See http://www.strategicdialogue.org/programmes/counter-extremism/against-vi... for information about the Against Violent Extremism Network.

About Harvard University’s Institute of Politics

Harvard University’s Institute of Politics (IOP), located at the John F. Kennedy School of Government, was established in 1966 as a memorial to President Kennedy. Over the course of an academic semester, IOP Resident Fellows interact with students, participate in the intellectual life of the Harvard community and lead weekly study groups on a wide variety of issue areas. The Fellows program is central to the Institute’s dual commitment to encourage student interest in public life and to increase interaction between the academic and political communities.

by ashar at April 16, 2014 01:45 PM

April 15, 2014

MediaBerkman
Primavera De Filippi on Ethereum: Freenet or Skynet?
Ethereum is a contract validating and enforcing system based on a distributed public ledger such as the one implemented by the Bitcoin cryptocurrency. The system allows for the management of complex distributed autonomous organizations, which raises questions about legality. Could this new platform promote the establishment of an entirely decentralized society, or will its disruptive [...]

by djones at April 15, 2014 08:26 PM

Feeds In This Planet