Current Berkman People and Projects

Keep track of Berkman-related news and conversations by subscribing to this page using your RSS feed reader. This aggregation of blogs relating to the Berkman Center does not necessarily represent the views of the Berkman Center or Harvard University but is provided as a convenient starting point for those who wish to explore the people and projects in Berkman's orbit. As this is a global exercise, times are in UTC.

The list of blogs being aggregated here can be found at the bottom of this page.

April 01, 2015

Bruce Schneier
The Eighth Movie-Plot Threat Contest

It's April 1, and time for another Movie-Plot Threat Contest. This year, the theme is Crypto Wars II. Strong encryption is evil, because it prevents the police from solving crimes. (No, really -- that's the argument.) FBI Director James Comey is going to be hard to beat with his heartfelt litany of movie-plot threats:

"We're drifting toward a place where a whole lot of people are going to be looking at us with tears in their eyes," Comey argued, "and say 'What do you mean you can't? My daughter is missing. You have her phone. What do you mean you can't tell me who she was texting with before she disappeared?"


"I've heard tech executives say privacy should be the paramount virtue," Comey said. "When I hear that, I close my eyes and say, 'Try to imagine what that world looks like where pedophiles can't be seen, kidnappers can't be seen, drug dealers can't be seen.'"

(More Comey here.)

Come on, Comey. You might be able to scare noobs like Rep. John Carter with that talk, but you're going to have to do better if you want to win this contest. We heard this same sort of stuff out of then-FBI director Louis Freeh in 1996 and 1997.

This is the contest: I want a movie-plot threat that shows the evils of encryption. (For those who don't know, a movie-plot threat is a scary-threat story that would make a great movie, but is much too specific to build security policies around. Contest history here.) We've long heard about the evils of the Four Horsemen of the Internet Apocalypse -- terrorists, drug dealers, kidnappers, and child pornographers. (Or maybe they're terrorists, pedophiles, drug dealers, and money launderers; I can never remember.) Try to be more original than that. And nothing too science fictional; today's technology or presumed technology only.

Entries are limited to 500 words -- I check -- and should be posted in the comments. At the end of the month, I'll choose five or so semifinalists, and we can all vote and pick the winner.

The prize will be signed copies of the 20th Anniversary Edition of the 2nd Edition of Applied Cryptography, and the 15th Anniversary Edition of Secrets and Lies, both being published by Wiley this year in an attempt to ride the Data and Goliath bandwagon.

Good luck.

by Bruce Schneier at April 01, 2015 11:33 AM

Benjamin Mako Hill
More Community Data Science Workshops
Pictures from the CDSW sessions in Spring 2014Pictures from the CDSW sessions in Spring 2014

After two successful rounds in 2014, I’m helping put on another round of the Community Data Science Workshops. Last year, our 40+ volunteer mentorss taught more than 150 absolute beginners the basics of programming in Python, data collection from web APIs, and tools for data analysis and visualization and we’re still in the process of improving our curriculum and scaling up.

Once again, the workshops will be totally free of charge and open to anybody. Once again, they will be possible through the generous participation of a small army of volunteer mentors.

We’ll be meeting for four sessions over three weekends:

  • Setup and Programming Tutorial (April 10 evening)
  • Introduction to Programming (April 11)
  • Importing Data from web APIs (April 25)
  • Data Analysis and Visualization (May 9)

If you’re interested in attending, or interested in volunteering as mentor, you can go to the information and registration page for the current round of workshops and sign up before April 3rd.

by Benjamin Mako Hill at April 01, 2015 02:48 AM

March 31, 2015

Bruce Schneier
Survey of Americans' Privacy Habits Post-Snowden

Pew Research has a new survey on Americans' privacy habits in a post-Snowden world.

The 87% of those who had heard at least something about the programs were asked follow-up questions about their own behaviors and privacy strategies:

34% of those who are aware of the surveillance programs (30% of all adults) have taken at least one step to hide or shield their information from the government. For instance, 17% changed their privacy settings on social media; 15% use social media less often; 15% have avoided certain apps and 13% have uninstalled apps; 14% say they speak more in person instead of communicating online or on the phone; and 13% have avoided using certain terms in online communications.


25% of those who are aware of the surveillance programs (22% of all adults) say they have changed the patterns of their own use of various technological platforms "a great deal" or "somewhat" since the Snowden revelations. For instance, 18% say they have changed the way they use email "a great deal" or "somewhat"; 17% have changed the way they use search engines; 15% say they have changed the way they use social media sites such as Twitter and Facebook; and 15% have changed the way they use their cell phones.

Also interesting are the people who have not changed their behavior because they're afraid that it would lead to more surveillance. From pages 22-23 of the report:

Still, others said they avoid taking more advanced privacy measures because they believe that taking such measures could make them appear suspicious:

"There's no point in inviting scrutiny if it's not necessary."

"I didn't significantly change anything. It's more like trying to avoid anything questionable, so as not to be scrutinized unnecessarily.

"[I] don't want them misunderstanding something and investigating me."

There's also data about how Americans feel about government surveillance:

This survey asked the 87% of respondents who had heard about the surveillance programs: "As you have watched the developments in news stories about government monitoring programs over recent months, would you say that you have become more confident or less confident that the programs are serving the public interest?" Some 61% of them say they have become less confident the surveillance efforts are serving the public interest after they have watched news and other developments in recent months and 37% say they have become more confident the programs serve the public interest. Republicans and those leaning Republican are more likely than Democrats and those leaning Democratic to say they are losing confidence (70% vs. 55%).

Moreover, there is a striking divide among citizens over whether the courts are doing a good job balancing the needs of law enforcement and intelligence agencies with citizens' right to privacy: 48% say courts and judges are balancing those interests, while 49% say they are not.

At the same time, the public generally believes it is acceptable for the government to monitor many others, including foreign citizens, foreign leaders, and American leaders:

  • 82% say it is acceptable to monitor communications of suspected terrorists
  • 60% believe it is acceptable to monitor the communications of American leaders.
  • 60% think it is okay to monitor the communications of foreign leaders
  • 54% say it is acceptable to monitor communications from foreign citizens

Yet, 57% say it is unacceptable for the government to monitor the communications of U.S. citizens. At the same time, majorities support monitoring of those particular individuals who use words like "explosives" and "automatic weapons" in their search engine queries (65% say that) and those who visit anti-American websites (67% say that).


Overall, 52% describe themselves as "very concerned" or "somewhat concerned" about government surveillance of Americans' data and electronic communications, compared with 46% who describe themselves as "not very concerned" or "not at all concerned" about the surveillance.

It's worth reading these results in detail. Overall, these numbers are consistent with a worldwide survey from December. The press is spinning this as "Most Americans' behavior unchanged after Snowden revelations, study finds," but I see something very different. I see a sizable percentage of Americans not only concerned about government surveillance, but actively doing something about it. "Third of Americans shield data from government." Edward Snowden's goal was to start a national dialog about government surveillance, and these surveys show that he has succeeded in doing exactly that.

More news.

by Bruce Schneier at March 31, 2015 07:54 PM

Jeffrey Schnapp
Learning from the Depository

In their celebrated 1972 critique of modernist architecture, LEARNING FROM LAS VEGAS, Robert Venturi and Denise Scott Brown summoned architects, designers, planners, and policy makers to learn from what, at the time, seemed like the most improbable of urban models: the Las Vegas Strip. Of course, learning from Las Vegas meant more than simply scrutinizing the Strip or appreciating it as a work of Pop Art. It meant reappraising the top-down ideology of modern(ist) urban planning, grappling with the ephemeral nature of the built environment, and reinstating the importance of semiotics and symbolism alongside form.

IMG_8874IMG_9104Library after the book - Exit Photo Essay-2 copia 2

This precedent entered my mind in the course of the February premiere of metaLAB’s documentary film (and web doc) COLD STORAGE: an institutional portrait of the Harvard Book Depository that dialogues with Alain Resnais’s playful 1956 portrait of the Bibliothèque Nationale de France, TOUTE LA MÉMOIRE DU MONDE, an archival copy of which was shown right before the first public projection of COLD STORAGE. Perhaps this was because of the setting–an overfilled Piper Auditorium, in the heart of Harvard’s Graduate School of Design. Perhaps it was conditioned by the lively round-table discussion that followed the projection of the two documentaries–a discussion in which the question of library architecture was paramount.

Resnais’s film is of two minds: one overt and the other covert. On the one hand, it celebrates the National Library of France as a sort of universal memory machine and container (much as the institution surely intended); on the other, it hints at the porousness of the container and a certain restlessness as regards the contained. Yes, there are marble lined halls, neoclassical sculptures, the sublime spectacle of the Salle Richelieu, the BNF’s reading room, buzzing with those “book-devouring insects” known as readers: all speak the language of long-term duration, preservation, and memory. But there is also a counter-thread within the film that characterizes the BNF as a fortress to protect humanity against the overflow of books (or, at least, certain books). The BNF is a place where works are imprisoned (perhaps at the expense of their connections to the streets?): works like the comic strips Dick Tracy, Mandrake the Magician, and Terry and the Pirates, which appear at BNF processing stations alongside weighty scholarly tomes and precious manuscripts; books like the imaginary Mars from Chris Marker’s Petite Planète series of travel guidebooks–Marker was on Resnais’s production team–with its chapters on observing Martian sunsets and celebrating Lent on the red planet. All of this to say that TOUTE LA MÉMOIRE DU MONDE is a library film with an edge that pokes holes in the dream of a universal safety vault for the permanent storage of all the world’s information even as it celebrates the grandeur of that very vault.


By contrast with the BNF, the Harvard Depository (HD) offers little in the way of grandeur, monumentality, promises of entry into a universal memory machine (not to mention membership in an exclusive club). As my colleague Eric Howeler aptly put it, HD offers little in the way of architecture. It consists in a set of cinder block modules, the mere shell of a big box store, that can be added to any time as the human record dilates. Though the building envelope is inaccessible to the community of readers that it serves, its books lie a mere email and delivery-van-ride away from their devouring hands (and it serves up not just physical but also digital packets). A literal database architecture where ten million physical artifacts are tightly packed on the basis of size and made accessible by means of a network that links an array of off-site delivery stations to an onsite storage and retrieval system in which human agents are mere cogs in the mind of the machine, it teaches a lesson in extreme modesty. The building container will have a life of 75 years, maybe even one hundred; but, thanks to a rigorous climate control system, the contained will endure for multiple centuries.

So HD can’t possibly hope to answer any of the properly architectural questions regarding what a library could or should be in the 21st century–a few plausible answers can be found on the pages of The Library Beyond the Book. But there’s a modesty to book depositories that aligns well with 20th century critiques–from Charles Soule to Charles Rufus Morey to the modern movement in architecture–of the monumentalism of traditional libraries, particularly as the pursuit of grand architectural effects is associated with a lack of concern for functionality or the actual needs of library patrons.

And there’s a deeper lesson of humility embedded within HD’s ephemeral cinder blocks. Architecture, however modest or grand, is subject to precisely the same cycles of decay and renewal, remembrance and forgetfullness, that collections of documents must confront. Yet the language that library buildings have typically spoken has been one of transcending time through recourse to classicism, monumentalism and/or ideal geometries. To imagine instead a library architecture that foregrounds access and agility, that emphasizes service to the present reconciled with preservation of the past, that facilitates the constant (and constantly varying) activition and animation of knowledge resources rather than mere accumulation and storage, and that embraces an ethos of provisionality even when confronting the overwhelming mass of records that have survived down the present (as Elias Canetti notes in Crowds and Power, the biggest multitude of all is that formed by the dead)… all are enlivening challenges for the design of knowledge and learning spaces enmeshed in the historical present.

COLD STORAGE ends with an image of an exit door accompanied by the following voice-over: “Our collective ark, filled with petabyte upon petabyte of memories, sets sail on the sea of time: humankind’s noblest endeavor… oblivion is the destination.” I take the terminus as a given. But perhaps we can get there in some new and novel ways that enrich the life of the mind, enhance the roles performed both by venerable and relatively new media and knowledge forms, and continue the march towards the democratization of access to information resources that is one of the enduring conquests of the 19th and 20th century public library movement.

by jeffrey at March 31, 2015 06:43 PM

Bruce Schneier
Chinese CA Issuing Fraudulent Certificates

There's a Chinese CA that's issuing fraudulent Google certificates. Yet another example of why the CA model is so broken.

by Bruce Schneier at March 31, 2015 05:42 PM

Center for Research on Computation and Society (Harvard SEAS)
Fellow Reshef Meir Joins the Technion Faculty, Fall 2015
March 31, 2015

CRCS Fellow Reshef Meir accepted a job offer from The Technion – Israel Institute of Technology, beginning in Fall 2015

by kmavon at March 31, 2015 05:06 PM

Privacy in a Network: Videos Available on Youtube
February 26, 2015

Videos from the symposium "Privacy in a Networked World," which the Privacy Tools Project served as the Symposium Planning Committee, may be accessed on the IACS youtube channel. The videos feature all speakers from the symposium, including the conversation between Bruce Schneier and Edward Snowden.

by kmavon at March 31, 2015 05:02 PM

Fellow Jasper Snoek presents Scalable Bayesian Optimization at NYU and Facebook Research
March 31, 2015

Fellow Jasper Snoek presented Scalable Bayesian Optimization at NYU and Facebook Research. To read more on this work, please click here.

by kmavon at March 31, 2015 05:00 PM

Fellow Babis Tsourakakis's paper accepted to ACM Transactions on Knowledge Discovery from Data (TKDD)
March 31, 2015

Fellow Babis Tsourakakis has a paper accepted in the ACM Transactions on Knowledge Discovery from Data (TKDD). The Transactions on Knowledge Discovery from Data (TKDD) is part of the family of journals produced by the ACM. TKDD publishes one volume yearly. Each volume is comprised of four issues, which appear in March, June, September and December.

by kmavon at March 31, 2015 04:55 PM

Fellow Babis Tsourakakis's paper accepted to STOC 2015
February 25, 2015

CRCS Fellow Babis Tsourakakis had a paper accepted in the 47th Symposium of Theory of Computing (STOC 2015), where he will present it in June. The main contribution of the paper is a novel algorithmic framework for large-scale dynamic graphs that is at the same time both space- and time-efficient. This paper is part of a broader project he is conducting on scalable graph mining algorithms.

by kmavon at March 31, 2015 04:52 PM

Fellow Babis Tsourakakis invited to ISMP
March 31, 2015

Babis Tsourakakis received an invitation to give a talk at the International Symposium on Optimization (ISMP). ISMP has invited top academics and industrial users of mathematical optimization to convene in Pittsburgh to discuss recent advances and important challenges from both theory and practice. 

by kmavon at March 31, 2015 04:50 PM

Bruce Schneier
BIOS Hacking

We've learned a lot about the NSA's abilities to hack a computer's BIOS so that the hack survives reinstalling the OS. Now we have a research presentation about it.

From Wired:

The BIOS boots a computer and helps load the operating system. By infecting this core software, which operates below antivirus and other security products and therefore is not usually scanned by them, spies can plant malware that remains live and undetected even if the computer's operating system were wiped and re-installed.


Although most BIOS have protections to prevent unauthorized modifications, the researchers were able to bypass these to reflash the BIOS and implant their malicious code.


Because many BIOS share some of the same code, they were able to uncover vulnerabilities in 80 percent of the PCs they examined, including ones from Dell, Lenovo and HP. The vulnerabilities, which they're calling incursion vulnerabilities, were so easy to find that they wrote a script to automate the process and eventually stopped counting the vulns it uncovered because there were too many.

From ThreatPost:

Kallenberg said an attacker would need to already have remote access to a compromised computer in order to execute the implant and elevate privileges on the machine through the hardware. Their exploit turns down existing protections in place to prevent re-flashing of the firmware, enabling the implant to be inserted and executed.

The devious part of their exploit is that they've found a way to insert their agent into System Management Mode, which is used by firmware and runs separately from the operating system, managing various hardware controls. System Management Mode also has access to memory, which puts supposedly secure operating systems such as Tails in the line of fire of the implant.

From the Register:

"Because almost no one patches their BIOSes, almost every BIOS in the wild is affected by at least one vulnerability, and can be infected," Kopvah says.

"The high amount of code reuse across UEFI BIOSes means that BIOS infection can be automatic and reliable.

"The point is less about how vendors don't fix the problems, and more how the vendors' fixes are going un-applied by users, corporations, and governments."

From Forbes:

Though such "voodoo" hacking will likely remain a tool in the arsenal of intelligence and military agencies, it's getting easier, Kallenberg and Kovah believe. This is in part due to the widespread adoption of UEFI, a framework that makes it easier for the vendors along the manufacturing chain to add modules and tinker with the code. That's proven useful for the good guys, but also made it simpler for researchers to inspect the BIOS, find holes and create tools that find problems, allowing Kallenberg and Kovah to show off exploits across different PCs. In the demo to FORBES, an HP PC was used to carry out an attack on an ASUS machine. Kovah claimed that in tests across different PCs, he was able to find and exploit BIOS vulnerabilities across 80 per cent of machines he had access to and he could find flaws in the remaining 10 per cent.

"There are protections in place that are supposed to prevent you from flashing the BIOS and we've essentially automated a way to find vulnerabilities in this process to allow us to bypass them. It turns out bypassing the protections is pretty easy as well," added Kallenberg.

The NSA has a term for vulnerabilities it think are exclusive to it: NOBUS, for "nobody but us." Turns out that NOBUS is a flawed concept. As I keep saying: "Today's top-secret programs become tomorrow's PhD theses and the next day's hacker tools." By continuing to exploit these vulnerabilities rather than fixing them, the NSA is keeping us all vulnerable.

Two Slashdot threads. Hacker News thread. Reddit thread.

EDITED TO ADD (3/31): Slides from the CanSecWest presentation. The bottom line is that there are some pretty huge BIOS insecurities out there. We as a community and industry need to figure out how to regularly patch our BIOSes.

by Bruce Schneier at March 31, 2015 03:01 PM

Berkman Center front page
Data, Privacy & Navigating the Change from a (Relatively) Unrecorded to a Recorded World


Join us for a talk about "Data, Privacy & Navigating the Change from a (Relatively) Unrecorded to a Recorded World" with Chris Kelly, Harvard Law School Steven and Maureen Klinksy Professor of Practice for Leadership and Progress; Former Chief Privacy Officer of Facebook.


Data, Privacy & Navigating the Change from a (Relatively) Unrecorded to a Recorded World, A talk by Chris Kelly, Steven and Maureen Klinksy Professor of Practice for Leadership and Progress; Former Chief Privacy Officer of Facebook.

Event Date

Mar 31 2015 12:00pm to Mar 31 2015 12:00pm
Thumbnail Image: 

Tuesday, March 31, 2015 at 12:00 pm

Join us for a talk about "Data, Privacy & Navigating the Change from a (Relatively) Unrecorded to a Recorded World" with Chris Kelly, Harvard Law School Steven and Maureen Klinksy Professor of Practice for Leadership and Progress; Former Chief Privacy Officer of Facebook.

About Chris

Chris is a Silicon Valley attorney with a long track record of representing innovative companies and making the Internet a safer place for kids and adults alike. As the first Chief Privacy Officer, General Counsel, and Head of Global Public Policy for Facebook, Chris helped the company grow from its college roots to the ubiquitous communications medium that it is today. Chris’s development of the site’s safety and security policies around real world identity and deployment of a highly-trained staff for rule and law enforcement are credited as critical elements in the company’s success.

Chris left Facebook in 2009 to seek the Democratic nomination for Attorney General of California, garnering 16 percent of the vote in a seven-way race, his first run for statewide office. Since the June 2010 primary, he has become an active angel investor in companies seeking transformational improvements in technology, media, and finance.

As an attorney in private practice before his time at Facebook, Chris represented Netscape in the Microsoft antitrust case and Diamond Multimedia in the groundbreaking suit over the MP3 player that furthered personal use rights over digital content. Chris received his undergraduate degree from Georgetown University, a master’s degree from Yale University, and his law degree from Harvard University. Chris also serves on the Board of Directors for the San Francisco 49ers Academy, an alternative public middle school in East Palo Alto.

by candersen at March 31, 2015 01:47 PM

Bruce Schneier
Australia Outlaws Warrant Canaries

In the US, certain types of warrants can come with gag orders preventing the recipient from disclosing the existence of warrant to anyone else. A warrant canary is basically a legal hack of that prohibition. Instead of saying "I just received a warrant with a gag order," the potential recipient keeps repeating "I have not received any warrants." If the recipient stops saying that, the rest of us are supposed to assume that he has been served one.

Lots of organizations maintain them. Personally, I have never believed this trick would work. It relies on the fact that a prohibition against speaking doesn't prevent someone from not speaking. But courts generally aren't impressed by this sort of thing, and I can easily imagine a secret warrant that includes a prohibition against triggering the warrant canary. And for all I know, there are right now secret legal proceedings on this very issue.

Australia has sidestepped all of this by outlawing warrant canaries entirely:

Section 182A of the new law says that a person commits an offense if he or she discloses or uses information about "the existence or non-existence of such a [journalist information] warrant." The penalty upon conviction is two years imprisonment.

Expect that sort of wording in future US surveillance bills, too.

by Bruce Schneier at March 31, 2015 12:19 PM

metaLAB (at) Harvard
Beautiful Data II — Applications Due Tomorrow, April 1.

Taking place between July 6 – July 16th, 2015, Beautiful Data II represents our second annual workshop supported by the Getty Foundation aimed at addressing challenges and opportunities with art museum open data.

Participants will be introduced to concepts and skills necessary to make use of open collections to develop art-historical storytelling through data visualization, interactive media, enhanced curatorial description and exhibition practice, digital publication, and data-driven, object-oriented teaching.

This second annual offering of Beautiful Data will focus on “difficult collections” poised on the edge of the digital/material divide. We’ll address collections of things that resist ready digitization, or exist as ephemeral and hybrid objects and events. We’ll ponder data as a medium for art with its own curatorial and preservation challenges. And we’ll consider ways of working with new-media artists in the context of materials and mixed-media collections. The workshop will take place at the recently-reopened Harvard Art Museums, in its remarkable new building designed by Renzo Piano, where we’ll have access to reimagined facilities for the study and exhibition of objects of abiding interest. Check out the video above for a preview of the venue.

Intended for art historians, scholars of visual culture, and museum professionals at all career stages, admission is on a competitive basis. All participants will receive a stipend covering housing and travel expenses.

Applications are due by 11:59 p.m. EST on April 1, 2015.

For more information including documentation of last year’s workshop, and to apply, please visit

Please direct questions to:

by Cristoforo Magliozzi at March 31, 2015 10:51 AM

March 30, 2015

Christian Sandvig
Should You Boycott Traditional Journals?

(Or, Should I Stay or Should I Go?)

Is it time to boycott “traditional” scholarly publishing? Perhaps you are an academic researcher, just like me. Perhaps, just like me, you think that there are a lot of exciting developments in scholarly publishing thanks to the Internet. And you want to support them. And you also want people to read your research. But you also still need to be sure that your publication venues are held in high regard.

Or maybe you just receive research funding that is subject to new open access requirements.

Ask me about OPEN ACCESS

Academia is a funny place. We are supposedly self-governing. So if we don’t like how our scholarly communications are organized we should be able to fix this ourselves. If we are dissatisfied with the journal system, we’re going to have to do something about it. The question of whether or not it is now time to eschew closed access journals is something that comes up a fair amount among my peers.

It comes up often enough that a group of us at Michigan decided to write an article on the topic. Here’s the article.  It just came out yesterday (open access, of course):

Carl Lagoze, Paul Edwards, Christian Sandvig, & Jean-Christophe Plantin. (2015). Should I stay or Should I Go? Alternative Infrastructures in Scholarly Publishing. International Journal of Communication 9: 1072-1081.

The article is intended for those who want some help figuring out the answer to the question the article title poses: Should I stay or should I go? It’s meant help you decipher the unstable landscape of scholarly publishing these days. (Note that we restrict our topic to journal publishing.)

Researching it was a lot of fun, and I learned quite a bit about how scholarly communication works.

  • It contains a mention of the first journal. Yes, the first one that we would recognize as a journal in today’s terms. It’s Philosophical Transactions published by the Royal Society of London. It’s on Volume 373.
  • It should teach you about some of the recent goings-on in this area. Do you know what a green repository is? What about an overlay journal? Or the “serials crisis“?
  • It addresses a question I’ve had for a while: What the heck are those arXiv people up to? If it’s so great, why hasn’t it spread to all disciplines?
  • There’s some fun discussion of influential experiments in scholarly publishing. Remember the daring foundation of the Electronic Journal of Communication? Vectors? Were you around way-back-in-the-day when the pioneering, Web-based JCMC looked like this hot mess below? Little did we know that we were actually looking at the future.(*)


(JCMC circa 1995)

(*): Unless we were looking at the Gopher version, then in that case we were not looking at the future.

Ultimately, we adapt a framework from Hirschman that we found to be an aid to our thinking about what is going on today in scholarly communication. Feel free to play this song on a loop as you read it.


(This post has been cross-posted on The Social Media Collective.)

by Christian at March 30, 2015 10:59 PM

Kate Krontiris
Shedding New Light on Civic Life in America

This week, I got to do something I’ve been excited about doing for a long time: share the results of a comprehensive look into what motivates everyday Americans to do things that are civic.  


With colleagues from the Google Civic Innovation portfolio I have been trying to answer a question that has troubled the United States for some time: in one of the world’s most established democracies, why is it that so few Americans are actively engaged on the public issues that touch their lives? How have we become a nation of bystanders, and what can we do to nudge everyday people to take small actions that could radically transform the fabric of civic life?

The qualitative and quantitative research we conducted to answer these questions breaks new ground in a number of respects. It demonstrates that most Americans could be called “Interested Bystanders:” aware of the world around them but not actively voicing opinions or taking civic action.  It provides new insights into how these Interested Bystanders view their role in civic life.  It also pioneers a new quantitative approach to identifying key segments of the population by civic attitudes and behaviors.

I had the pleasure of releasing these findings alongside some of the best research colleagues one could ask for.  Charlotte Krontiris is a writer and researcher with K/N Research and completed all of the ethnographic investigation with me (and yes! she’s my sister).  John Webb leads User Research for the Social Impact portfolio at Google and shepherded the application and publication of the research. Chris Chapman is a Senior Quantitative User Experience Researcher at Google and responsible for the award-winning quantitative methodology.  

Eric Gordon, who has just released an incredible set of case studies into Civic Media, moderated a discussion about what we learned to a live audience at Harvard’s Berkman Center for Internet and Society on Tuesday.  Although a full report of findings is forthcoming in the next few months, our friends Erhardt Graeff, Nate Matias, and Willow Brough live-blogged and visualized the key insights a very comprehensive overview, available here.


I’m very grateful to the Berkman Center for offering me a fellowship this academic year, and for providing a launching pad for the release of such important research.

If you are in New York over the next few months, consider attending the Omidyar Network’s Business of Civic Tech Ignite event, or the Personal Democracy Forum in June, where we will be presenting new and different components of our research and eager for continued feedback.  And stay tuned for some upcoming press about the work!

Civic in the UK

This week also offered the opportunity to share what we have learned with collaborators in the United Kingdom.  

On Wednesday, I spoke about our findings at mySociety’s first research conference, “The Impacts of Civic Technology.”  mySociety has been deploying civic technologies for over a decade in the UK and beyond, and has admirably taken on the task of assessing their own impact.  Wednesday’s meeting was a chance to talk with researchers from across the globe about impact in this space (a notably squishy endeavor), and new directions for assessing whether we are jointly making progress in deepening civic engagement.


I would encourage anybody who is thinking about assessing the value of the intervention they have deployed to solve a civic problem to check out mySociety’s research framework, which I think sensibly elaborates an approach to understanding the individual, digital, and environmental factors that influence a successful intervention pre-, during, and post-transaction.

Digital Services for Government

For the past few months, I have been conducting user research about the experience of applying for an immigrant visa to the United States, on behalf of the U.S. Digital Service.  A new office within the White House, USDS launched as a response to the challenges of, focused on ensuring a 21st century digital approach to high-priority policy issues.  Immigration is one of those issues, and my project has been focused on re-imagining the applicant experience of seeking permanent residence in the United States.  

It was under those auspices that I had the pleasure of spending Thursday with Leisa Reichelt, who leads user research for Government Digital Services, a UK Cabinet office shop responsible for transforming wholesale the delivery of government services to citizens.  GDS has been an important mentor to USDS and while it has a slightly different structure and mandate, it is animated by the same principles.  



On the user research front, I got to learn how our British counterparts are using iterative user testing, contextual discovery, and foundational research to drive important service delivery changes.  They have also developed one of the best user research guidebooks I’ve seen, and regularly provide transparent insight into what they are doing (and why) on their many great blogs.  The visit felt like time-travel to the future of USDS, with lessons about how to seed digital culture, practices, and technology across government institutions with humility and not arrogance; about the value of literally getting a project up on the wall with paper and tape to chart its progress; and about some tricks for assessing whether “impossible” ideas are actually legally impossible or rather require political will to change inherited policies.

The day ended with an awesome visit to Civic Shop, a pop-up space meant to prompt reflection on the many ways we might consider engaging citizens through playful, imaginative, and even consumerist mechanisms.  Developed by Cassie Robinson, the shop occupies a former office of Her Majesty’s Revenue and Customs (yup, the tax collectors - how fitting!).  It is set up like a boutique, inviting visitors to touch and explore different approaches to civic play, curated from across Europe and the US.  I particularly appreciated Pumpipumpe, a project to allow people to apply stickers on their mailboxes with decals of objects that they would be willing to lend to members of the community (ladders, camera tripods, internet, etc).


Reflections on where we go from here

Two weeks ago, I spent time with a collaboratory of civic change makers at Citizen University, organized by Eric Liu to “bring hundreds of Americans from across the country and political spectrum together to teach and practice citizen power.”  I loved the diversity of people and institutions present, and particularly the many invitations to talk frankly about the role of racism in American society today.  Four young organizers from groups working toward police accountability in Ferguson, Missouri took the stage on the opening night, sharing the incredible work they have done over the past year to reinvigorate true dignity and justice in that community.  They were Bukky Gbadegesin and Waylon McDonald of Organization for Black Struggle, St. Louis; Reuben Riggs of St. Louis Students in Solidarity; and Jazmine Cañez of Women of Color for Systemic Change.

I realized that my research focus on the people who are not taking civic action had directed my attention away from recognizing all the many amazing examples of societal change happening right now.  The City of Ferguson, for example, has seen its police leadership dismantled, a set of candidates of color for local office on the upcoming ballot, and a renewal of local problem-solving all in the space of a year.  It came at the dear cost of one young man’s life, but people are persisting in righting that wrong, every day, in cities across the country.

I think if I have learned anything over the past year or so, it is that there is deeply important work to be done to deepen our mutual engagement on the issues that challenge our society.  We are incredibly dispirited by the elected representatives we have chosen to do this on our behalf, and yet we dive into community and social relationships with a fervor just as powerful as the Revolutionaries, the Abolitionists, and the Civil Rights workers.  When we are displeased with local problems that affect our lives and livelihoods, we Americans take action. This kind of work takes time and patience and dedication to pursue.  But we are a nation that, at root, believes deeply that we can always improve the American idea.  Our politics may be stuck, but our civic spirit is alive and well.

March 30, 2015 04:19 PM

Nick Grossman
Financial Planning for the 90%

A few weeks ago as I was walking down Beacon Street in Brookline, I happened upon something amazing: The Society of Grownups.

The Society of Grownups is a self-proclaimed “grad school for adulthood”, the idea is to give people the tools they need to manage their grown up lives.  The primary focus is on financial literacy and counseling, but it also includes other kinds of classes and programs.

This is something I’ve wanted for a long time.  I am dumbfounded that we don’t have more financial / grownup education early in our lives. I graduated high school without as much as a word about earning / saving money, what credit cards mean, etc.  I suppose, like sex ed, financial ed is one of those subjects that people are just supposed to figure out on their own, or maybe learn from their parents.  It’s just that it’s so important — if you think about it it is preposterous that this is not more of a focus at all levels of learning.

Of course, there is no shortage of financial services for people who are well off — and I’d argue that the prevailing mindset is that you need to have money to talk to someone about money.  Which makes sense, in a way, but is also fundamentally wrong, and a contributing factor to why it’s expensive to be poor.

Point is, I’ve been hoping to see services like this crop up. Not only is it an important social issue, but I suspect it can be a really good business in its own right.

The Society of Grownups is one attempt — at the moment, it’s not attempting to be a web-scale effort, but rather is small and personal.  In-person coaching, classes, and community.  Ranging from $20 for a 20 minute session with a financial coach, to $100 for a 90 minute session, to a range of pricing for classes and events.

I signed up for a 20 minute financial coaching session (first one is free), just to get a feel for it.  My coach came in with a big “Don’t Panic” sticker on her notebook — this is one of their slogans.  We talked through our situation, concerns and goals.  It was really helpful and refreshing.  I wish I had done this 15 years ago when I was in college (and every month since).

Another player in this space that I’ve been curious about it LearnVest — they are going with the web-based approach; the yin to TSOG’s yang.  I got a little stuck in the LearnVest onboarding — there’s nothing wrong with it, but it’s just the standard email back-and-forth plus phone calls.  There is something nice about just being able to walk into a place and talk face-to-face.  But I suspect that I’ll like LearnVest as well.  They do direct integration with your bank accounts (a la mint), and use the coaching to help you come up with a strategy and a plan.

Anyway, this is all very encouraging, and I hope both of these efforts and others can get traction.  So much of the country, and the world, is so fucked and adrift in terms of money. And while there are clearly macro forces at play causing much of that, there’s also the potential for everyone to get smarter and better about how they manage on a month-to-month basis, and I hope we see more and more companies finding a business model that serves them.

by Nick Grossman at March 30, 2015 12:55 PM

Bruce Schneier
Brute-Forcing iPhone PINs

This is a clever attack, using a black box that attaches to the iPhone via USB:

As you know, an iPhone keeps a count of how many wrong PINs have been entered, in case you have turned on the Erase Data option on the Settings | Touch ID & Passcode screen.

That's a highly-recommended option, because it wipes your device after 10 passcode mistakes.

Even if you only set a 4-digit PIN, that gives a crook who steals your phone just a 10 in 10,000 chance, or 0.1%, of guessing your unlock code in time.

But this Black Box has a trick up its cable.

Apparently, the device uses a light sensor to work out, from the change in screen intensity, when it has got the right PIN.

In other words, it also knows when it gets the PIN wrong, as it will most of the time, so it can kill the power to your iPhone when that happens.

And the power-down happens quickly enough (it seems you need to open up the iPhone and bypass the battery so you can power the device entirely via the USB cable) that your iPhone doesn't have time to subtract one from the "PIN guesses remaining" counter stored on the device.

Because every set of wrong guesses requires a reboot, the process takes about five days. Still, a very clever attack.

More details.

by Bruce Schneier at March 30, 2015 11:47 AM

March 29, 2015

Preparing for the 3D/VR future

Look in the direction that meerkatMeerkat and periscopeappPeriscope both point.

If you’ve witnessed the output of either, several things become clear about their evolutionary path:

  1. Stereo sound is coming. So is binaural sound, with its you-are-there qualities.
  2. 3D will come too, of course, especially as mobile devices start to include two microphones and two cameras.
  3. The end state of both those developments is VR, or virtual reality. At least on the receiving end.

The production end is a different animal. Or herd of animals, eventually. Expect professional gear from all the usual sources, showing up at CES starting next year and on store shelves shortly thereafter. Walking around like a dork holding a mobile in front of you will look in 2018 like holding a dial-phone handset to your head looks today.

I expect the most handy way to produce 3D and VR streams will be with  glasses like these:


(That’s my placeholder design, which is in the public domain. That’s so it has no IP drag, other than whatever submarine patents already exist, and I am sure there are some.)

Now pause to dig @ctrlzee‘s Fast Company report on Facebook’s 10-year plan to trap us inside The Matrix. How long before Facebook buys Meerkat and builds it into Occulus Rift? Or buys Twitter, just to get Periscope and do the same?

Whatever else happens, the rights clearing question gets very personal. Do you want to be broadcast and/or recorded by others or not? What are the social and device protocols for that? (The VRM dev community has designed one for the glasses above. See the ⊂ ⊃ in the glasses? That’s one. Each corner light is another.)

We should start zero-basing the answers today, while the inevitable is in sight but isn’t here yet. Empathy is the first requirement. (Take the time to dig Dave Winer’s 12-minute podcast on the topic. It matters.) Getting permission is another.

As for the relevance of standing law, almost none of it applies at the technical level. Simply put, all copyright laws were created in times when digital life was unimaginable (e.g. Stature of Anne, ASCAP), barely known (Act of 1976), or highly feared (WIPO, CTEA, DMCA).

How would we write new laws for an age that has barely started? Or why start with laws at all? (Nearly all regulation protects yesterday from last Thursday. And too often its crafted by know-nothings.)

We’ve only been living the networked life since graphical browsers and ISPs arrived in the mid-90’s. Meanwhile we’ve had thousands of years to develop civilization in the physical world. Which means that, relatively speaking, networked life is Eden. It’s brand new here, and we’re all naked. That’s why it’s so easy anybody to see everything about us online.

How will we create the digital equivalents of the privacy technologies we call clothing and shelter? Is the first answer a technical one, a policy one, or both? Which should come first? (In Europe and Australia, policy already has.)

Protecting the need for artists to make money is part of the picture. But it’s not the only part. And laws are only one way to protect artists, or anybody.

Manners come first, and we barely have those yet, if at all. None of the big companies that currently dominate our digital lives have fully thought out how to protect anybody’s privacy. Those that come closest are ones we pay directly, and are financially accountable to us.

Apple, for example, is doing more and more to isolate personal data to spaces the individual controls and the company can’t see. Google and Facebook both seem to regard personal privacy as a bug in online life, rather than a feature of it. (Note that, at least for their most popular services, we pay those two companies nothing. We are mere consumers whose lives are sold to the company’s actual customers, which are advertisers.)

Bottom line: the legal slate is covered in chalk, but the technical one is close to clean. What do we want to write there?

We’ll be talking about this, and many other things, at VRM Day (6 April) and IIW (7-9 April) in the Computer History Museum in downtown Silicon Valley (101 & Shoreline, Mountain View).

by Doc Searls at March 29, 2015 09:06 PM

March 27, 2015

Bruce Schneier
Friday Squid Blogging: Using Squid Proteins for Commercial Camouflage Products

More research.

As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

by Bruce Schneier at March 27, 2015 09:03 PM

Nathaniel Freitas
Here’s my top 10 reasons why Rhinobird eats Meerkat for lunch…

Here’s my top 10 reasons why eats Meerkat for lunch… (not to mention clouds up Periscope too…)

Here’s my top 10 reasons about why Rhinobird eats Meerkat for lunch… (not to mention clouds up Periscope too…)

Read on, or watch the archive of my live reading of this here:
or download the WEBM here:

1) No App For That: You don’t need an app! Just use your Chrome, Firefox or other WebRTC-enabled browser on PC, Mac, Linux or Android (and soon iPhone…)

2) Most Mobile: It works great on Android, which is the mobile platform most of the connected world (China + India) actually uses…

3) Shortest Path to Video: It’s the fastest way to record a video post for your site or blog… just go live, and then seconds later, you have a permalink to a downloadable/embeddedable WebM video you can post anywhere!

4) Open Motion: It uses WebM, one of the only truly free and open video formats:

5) Here’s to Peers!: If you have a lot of people on the same network watching a stream, the live stream quality is really great, since it can connect peer-to-peer between viewers.

6) Run Your Own: Like with WordPress, if you really love, but want your own site and video archive, you can run your own server anywhere you want! (aka its open-source and on github!)

7) ¡se habla español! If you are doing anything with web video and live streaming in any Spanish-speaking context, then the RB team speaks your language… and considering the peer-to-peer video support, maybe RB is the perfect platform for Cubans to connect with eachother!

8) Any Name You Choose: I have it on good word that you can livestream on Rhinobird without even using a valid email address… a nice private disposable way to broadcast live without any sort of real name or permanent identifiers…

9) So Much To Come: Rhinobird is about way more than just watching a single livestream… the Channel functionality and VJ’ing (soon to come) are really brilliant innovations whose time will come once the community scales up.

10) Felipe’s Typewriter: Loyalty still counts for something right? Felipe is one of us, and at the beginning of every successful service there is always a core group of influential people who decide to support something. I’ve chose to support RB, and I hope you do too.

by nathan at March 27, 2015 03:45 PM

Bruce Schneier
Yet Another Computer Side Channel

Researchers have managed to get two computers to communicate using heat and thermal sensors. It's not really viable communication -- the bit rate is eight per hour over fifteen inches -- but it's neat.

by Bruce Schneier at March 27, 2015 12:01 PM

March 26, 2015

David Weinberger
Searching for news media that support

Let’s say you have the weird desire to see if a particular online news site is producing news articles that support the standard. I just posted a tiny little site — even uglier than usual — that lets you search for a particular news media site. It will return the items on that site that have been classified by that site as newsArticles in the standard.

Thanks to a suggestion from Dan Brickley, it’s using a custom search engine from Google. One of the parameters permitted by custom search engines is to only return items that are one of’s types. (I’m sure I’m messing up the standards lingo.) All I’ve done is specify newsArticle as the type, and prepended “site:” to whatever search you’re doing, saving you five keystrokes. You’re welcome!

If you get back a bunch of articles, then presumably the site is supporting I think.

by davidw at March 26, 2015 06:28 PM

Bruce Schneier
New Zealand's XKEYSCORE Use

The Intercept and the New Zealand Herald have reported that New Zealand spied on communications about the World Trade Organization director-general candidates. I'm not sure why this is news; it seems like a perfectly reasonable national intelligence target. More interesting to me is that the Intercept published the XKEYSCORE rules. It's interesting to see how primitive the keyword targeting is, and how broadly it collects e-mails.

The second really important point is that Edward Snowden's name is mentioned nowhere in the stories. Given how scrupulous the Intercept is about identifying him as the source of his NSA documents, I have to conclude that this is from another leaker. For a while, I have believed that there are at least three leakers inside the Five Eyes intelligence community, plus another CIA leaker. What I have called Leaker #2 has previously revealed XKEYSCORE rules. Whether this new disclosure is from Leaker #2 or a new Leaker #5, I have no idea. I hope someone is keeping a list.

by Bruce Schneier at March 26, 2015 02:59 PM

March 25, 2015

Berkman Center front page
Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World


With Berkman Fellow, Bruce Schneier. Moderated by Jonathan Zittrain with special guests, Yochai Benkler, Joe Nye, Sara Watson and Melissa Hathaway.


In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He shows us exactly what we can do to reform our government surveillance programs and shake up surveillance-based business models, while also providing tips for you to protect your privacy every day.

Event Date

Mar 25 2015 6:00pm to Mar 25 2015 6:00pm
Thumbnail Image: 

Wednesday, March 25, 2015

You are under surveillance right now.

Your cell phone provider tracks your location and knows who’s with you. Your online and in-store purchasing patterns are recorded, and reveal if you’re unemployed, sick, or pregnant. Your e-mails and texts expose your intimate and casual friends. Google knows what you’re thinking because it saves your private searches. Facebook can determine your sexual orientation without you ever mentioning it.

The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we’re offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches.

Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making. But have we given up more than we’ve gained? In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He shows us exactly what we can do to reform our government surveillance programs and shake up surveillance-based business models, while also providing tips for you to protect your privacy every day. You’ll never look at your phone, your computer, your credit cards, or even your car in the same way again.

About Bruce

Bruce Schneier is an internationally renowned security technologist, called a "security guru" by The Economist. He is the author of 12 books -- including Liars and Outliers: Enabling the Trust Society Needs to Thrive -- as well as hundreds of articles, essays, and academic papers. His influential newsletter "Crypto-Gram" and his blog "Schneier on Security" are read by over 250,000 people. He has testified before Congress, is a frequent guest on television and radio, has served on several government committees, and is regularly quoted in the press. Schneier is a fellow at the Berkman Center for Internet and Society at Harvard Law School, a program fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the Chief Technology Officer at Resilient Systems, Inc.

About Jonathan

Jonathan Zittrain is the George Bemis Professor of Law at Harvard Law School and the Harvard Kennedy School of Government, Professor of Computer Science at the Harvard School of Engineering and Applied Sciences, Vice Dean for Library and Information Resources at the Harvard Law School Library, and co-founder of the Berkman Center for Internet & Society.  His research interests include battles for control of digital property and content, cryptography, electronic privacy, the roles of intermediaries within Internet architecture, human computing, and the useful and unobtrusive deployment of technology in education.

About Yochai

Yochai Benkler is the Berkman Professor of Entrepreneurial Legal Studies at Harvard, and faculty co-director of the Berkman Center for Internet and Society. Before joining the faculty at Harvard Law School, he was Joseph M. Field '55 Professor of Law at Yale. He writes about the Internet and the emergence of networked economy and society, as well as the organization of infrastructure, such as wireless communications.

About Joe

University Distinguished Service Professor, and former Dean of the Harvard's Kennedy School of Government. He received his bachelor's degree summa cum laude from Princeton University,won a Rhodes Scholarship to Oxford University, and earned a PhD in political science from Harvard. He has served as Assistant Secretary of Defense for International Security Affairs, Chair of the National Intelligence Council, and Deputy Under Secretary of State for Security Assistance, Science and Technology. His most recent books include The Power to Lead, The Future of Power, and Presidential Leadership and the Creation of the American Era. He is a fellow of the American Academy of Arts and Sciences, the British Academy, and the American Academy of Diplomacy. In a recent survey of internatinal relations scholars, he was ranked as the most influential scholar on American foreign policy, and in 2011, Foreign Policy named him one of the top 100 Global Thinkers.

About Sara

Sara M. Watson is a technology critic and a Fellow at the Berkman Center for Internet and Society at Harvard University. Her work addresses how individuals are learning to live with, understand, and interpret data. Sara is interested in the interactions between users, data and algorithms, and the internet platforms that mediate and govern digital experiences. She aims to uncover the ways that corporations, governments, and individuals use data from wearable sensors, the internet of things, and other digitally processed systems. And she examines and influences public discourse on technological change in popular culture. Sara’s writing has appeared in The Atlantic, Al Jazeera America, Wired, Harvard Business Review, and Slate.

About Melissa

Melissa Hathaway, former acting senior director for cyberspace at the National Security Council and former senior advisor to Harvard Kennedy School's Belfer Center for Science and International Affairs cyber security initiative, Project Minerva, a joint effort between the Department of Defense, Massachusetts Institute of Technology, and Harvard University. The project explores a wide range of the issues within cyber security from the contexts of international relations theory and practice.

by candersen at March 25, 2015 10:18 PM

David Weinberger
[shorenstein] Farnaz Fassihi on Reporting from the Middle East

I’m at a Shorenstein lunchtime talk where Farnaz Fassihi is giving a talk titled “Reporting from the Middle East.” Farnaz writes for the Wall Street Journal. Among other achievements (and there are a lot), she is the author of an email in 2004 that was at the time a shockingly frank and dire assessment of how things were going in Iraq.

NOTE: Live-blogging. Getting things wrong. Missing points. Omitting key information. Introducing artificial choppiness. Over-emphasizing small matters. Paraphrasing badly. Not running a spellpchecker. Mangling other people’s ideas and words. You are warned, people.

She was a reporter for the Newark Star-Ledger on 9/11. She insisted that her editor assign her to the Afghan war. “I always wanted to cover wars. I don’t know why.” She thinks that she wanted to make sense of events in her own life, including the revolution in Iran when she was 8. She was sent to Afghanistan, covered the second Intifada, the Iraq invasion, became WSJ’s Beirut bureau chief, covered Arab Spring, etc. She has only recently returned to the US.

“How we approach reporting has significantly changed” since she first went to Afghanistan she says. In part this is because journalists are more at risk than ever. Before 9/11, it would have been fine for her to pack a backpack and a satellite phone, and head off into Afghanistan. Now journalists have security guards, and there are zones into which journalists simply don’t go. “That’s taken some of the serendipity” out of the coverage and has made it harder to cover what’s happening on the ground. You have to rely on sources “and most of them have an agenda.” Also, now it’s visual first and mobile first, “putting even more pressure on journalists to turn things around quickly.” As a result, reporting is less original than before: when all the journalists are covering Syria from Beirut, they’re using the same Youtube feeds, tweets, etc. It makes it harder to make readers care by “putting a human face” on the tragedies and horrors. As a result, readers in the US have grown tired of reading about these events.

On the other hand, “the invasion of Iraq has gotten the US to where it is today.” There’s thus even more of an obligation to have reporters on the ground. E.g., Al Qaeda didn’t have a presence in Iraq until the invasion. “We no longer have an isolated crisis in Syria but an entire region up in arms.” We need journalists in place because, e.g., Yemen is a very tribal society that is difficult to understand. “When I started out, even in Iraq, I’d get in a car with translator, go out and talk to people. Much of my coverage in the past 13 yrs has been to put a human face on war.” She’s written a book about this. “I have a very hard time now replicating that when it comes to Syria or Yemen because I’m not there. It can be extremely frustrating as a reporter. Not just for me but for all my colleagues.”

As the result of not being on the ground, journalists sometimes miss where things are heading. “We all missed the takeover of Mosul.” “I think that was because of our lack of access.”

“In terms of where the Middle East is going, I’m not optimistic at all.” “The same forces seem to be going in cycles.” “I don’t have an answer about the right way out of this, but I do feel there is some level of responsibility that the US has.”


Q: [alex jones] If you were advising the US President about what to do, what would you suggest, if only to have the least worst path?

A: We missed the window when we could have had real influence on the Syrian rebels. We were so traumatized by Iraq that we didn’t want to be blamed for another Arab state’s disintegration. At this point I don’t know what we can do. America’s involvement is always a double-edged sword. If you don’t go in, you get blamed for letting the radicals win. If you do, you get blamed for radicalizing moderates.

Q: [alex] If we do nothing, what happens?

A: Countries in the Middle East will turn into what Afghanistan was before the US invasion: institutional breakdown of Iraq, Syria, Yemen, Libya. The conflict might spread. And that’s a region the US has a lot of interests in in: oil, Israel. And we’ll have to accept that the Islamic Republic will become a major power player. It already is one. If we do nothing, our influence will even further diminish.

Q: [alex] Why aren’t other Arab states as fearful of ISIS as we are?

A: They are.

Q: [alex] Why aren’t they fighting ISIS?

A: Many Saudi and Kuwaiti businessmen have funded ISIS. A lot of private donations. But local countries are fighting in different ways. Iran is fearful and leading the show. Saudi Arabia knows that now it has a very real rival.

Q: [alex] Why do the Saudis allow their citizens to support ISIS?

A: The Saudis are fearful of Shia dominance, and Iran gaining power, as well as of ISIS. After the US invasion we saw a Shia revival which was a real threat to Sunni dominance of the Middle East. These are rivalries that are thousands of years old.

Q: [alex] Why do these Shia and Sunni cultures have such incredible animosity? If you’re a Moslem do you feel a primary identity to Shia or Sunni instead of to Islam?

A: Sectarian identity is very important in the Middle East. And the Shia were oppressed for many many years. It’s a political and social organization as well as religious; it rebuilds the villages that Israel bombs when the government does not. “I don’t think we can necessarily crush” ISIS. With all of the effort in Iraq we were unable to keep Al Qaeda in check. The question is: what are we trying to accomplish? Will aerial bombardment turn it around? I don’t think so.

Q: [alex] So we’re just headed to genocide?

A: We’re already seeing that. 100,000 killed in Syria. Chemical weapons.

Q: [alex] So there’s nothing to be done.

Q: I was with the Yemen Times. How do you maintain your sanity as a reporter in a war zone. And how do your own balance your own agenda?

A: I don’t think we have an agenda. But we are human beings. It depends on the info we’re getting. Sometimes our sources are unbalanced, and that can reflect in the story. I write about Yemen with a Yemeni stringer, and we have a trust relationship. But if I’m talking with a source, I have to be very aware of what their agenda is, which can be hard when you’re on deadline.

A: 9/11 created a new generation of war correspondents. There are maybe 40 of us and we go from zone to zone. We’ve formed intense bonds. Those friendships are the most important thing. But if you spend that much time in the Middle East, you have scars. It’s difficult to continuously put yourself at risk and hear the stories of what people are going through.

Q: Covering ISIS reflects the problems of journalistic cutbacks. How do we cover these issues given the cutbacks and the dangers?

A: Security comes first. I discourage new journalists from going to rebel-controlled territory. But people do. If our paper is not sending staff, we don’t send freelancers. The idea is that no story is worth your life. We try to fill the gap by having more experienced regional reporters who understand the context. So you mainly have seasoned reporters writing the analytic pieces. But the unique and amazing reporting usually comes from freelancers who take those risks.

Q: Charlie Sennott‘s GroundTruth project tries to set up guidelines for coverage. Is it having an effect?

A: Too soon to tell. But no matter how much security you have, if you’re surrounded by militants who are determined to behead you, you can’t really protect yourself. When I went to Afghanistan I didn’t get any training. Now journalists are trained. The more training the better, but nothing can fully protect you.

Q: Talk about Iranian domestic politics?

A: Grand policies in Iran such as nuclear negotiations or its goals in Syria are determined by Ali Khamenei, the Supreme Leader. From everything we can gather, he’s given the green light for a deal. I think the reality of sanctions and falling oil prices is making it very difficult for the Iranian regime to sustain itself. They also know that there’s real dissent in the country. The regime is trying to hold off by the working class. Getting a nuclear deal is essential for that. It seems that for the first time Iran genuinely wants a deal. But just like in the US there are hardliners that don’t. As Pres. Obama said, it’s very odd that those 47 US Senators have such much in common with the Iranian hardliners.

Q: When you were 4 yrs old, I was a guest of the empress of Iran for two weeks. At this Meeting of 100 Leaders, no one anticipated that the change would come from the right. Now my source is Anthony Bourdain. His program on Iran is spectacular and says that the public is nowhere near the leaders.

A: You’d be very surprised if you went to Iran now. It’s become very urban — 70%. 60% of university students are women. Women are big part of the workforce. The Iranian Republic has pushed to modernize rural areas, with healthcare, and modern roles for women. Women are a force of change from within. Iran is also very connected: one of the top users of the Internet. The young generation is very eager to be in touch. It’s probably the most pro-American population in the Middle East. Iranians are not extremists by nature. Change will not occur there the way it’s occurred in Syria. They want change through moderate means.

Q: The bombing in Yemen and Tunisia?

A: Tunisia was the one example of where Arab Spring worked. I don’t want to rush to judgment and say Tunisia is a failed enterprise, but it does make one worry that ISIS is gaining momentum there. The conflicts are no longer localized.

Q: Couldn’t the US help bolster Tunisia. Are we?

A: I don’t know.

Q: It’s ironic that the French Defense Minister lost her job at the beginning of the revolution by suggesting France could help. Tunisia is tiny and unable to defend itself. But back to Iran: the Supreme Leader is apparently ill. Could Pres. Rouhani become the Supreme Leader?

A: He’s lacking the right credentials, although exceptions can be made. But the council that picks the next Leader just appointed a very conservative council head.

Q: Anything positive?

A: Some of the most gratifying moments have been encountering the resilience of human beings in war zones. Even in those circumstances, people still try to find a way to live a dignified life. E.g., a wedding in Baghdad was made enormously difficult because of security. Car bombs were going off but people were dancing. Or the women in Afghanistan. I interviewed a teacher who had been banned because women were not allowed in the workforce. She turned her basement into a classroom for neighborhood girls, staggering their hours so the Taliban wouldn’t notice the stream of children.

Q: In addition to all of the dangers there’s the incredible apparatus of the US military’s PR machine. What’s it like dealing with the US military?

A: If you embed you have to follow guidelines: your PR person stays with you, if you’re in an attack you can’t send photos of injured or dead soldiers, etc. If you violate the rules, you’re kicked off the embed. Because they take you on the embed and protect you, they expect you to write something positive. Sometimes you don’t. And then you and your organization are in the doghouse. They didn’t like what I wrote about the capturing Saddam Hussein and for three months the WSJ couldn’t get an embed.

Q: [me] A few times in my life I’ve seen an about-face in coverage of villified countries. Are we likely to see this with Iran?

A: I think we’re already seeing it. Since Ahmadinejad left, it’s been quite positive coverage.

Q: Why are there no gay people in Iran? (laughter)

A: [audience member] It’s a world leader in sex change operations.

A: I know many gay Iranians.

Q: What is Iran’s real attitude toward Israel?

A: Despite the rhetoric, I don’t think Iran has any plans to eradicate Israel. But they do support the Palestinian cause, and arm Hezbollah and Hamas. So I don’t think those tensions will go away. Netanyahu would like to derail the talks because then Israel loses its puppet enemy.

Q: If there’s no deal?

A: I think Iran will open up their centrifuges and continue with the program.

Q: A Washington Post journalist Jason Rezaian has been jailed in Iran. Why? Also: The former head of Mossad said that Iranians are the most well-educated, brilliant people in the the world.

A: Journalists are arrested all the time in Iran. He mostly wrote features, not investigative reports that would anger the govt. But reports, especially Americans, are always at risk. Sometimes Iran wants a bargaining chip, or a prisoner exchange, or domestic politics. It’s very seldom because the person is a real threat.

by davidw at March 25, 2015 08:28 PM

Sara M. Watson
Reading Dada Data and the Internet of Paternalistic Things on Radio Berkman

Dan Jones, audio production extraordinaire, pulled together some interviews with authors who contributed to the Berkman Center Internet Monitor report this year, including myself. I got a chance to read my speculative fiction piece about the internet of paternalistic things, and I had a great conversation with Dan about some of the inspiration behind the story. Give it a listen—my section starts around 33:00, but the whole podcast is really worth listening to.

by Sara M. Watson at March 25, 2015 06:36 PM

The most important event, ever

IIW XXIIW_XX_logothe 20th IIW — comes at a critical inflection point in the history of VRM. If you’re looking for a point of leverage on the future of customer liberation, independence and empowerment, this is it. Wall Street-sized companies around the world are beginning to grok what Main Street ones have always known: customers aren’t just “targets” to be “acquired,” “managed,” “controlled” and “locked in.” In other words, Cluetrain was right when it said this, in 1999:

if you only have time for one clue this year, this is the one to get…

Now it is finally becoming clear that free customers are more valuable than captive ones: to themselves, to the companies they deal with, and to the marketplace.

But how, exactly? That’s what we’ll be working on at IIW, which runs from April 7 to 9 at the Computer History Museum, in the heart of Silicon Valley: the best venue ever created for a get-stuff-done unconference. Focusing our work is a VRM maturity framework that gives every company, analyst and journalist a list of VRM competencies, and every VRM developer a context in which to show which of those competencies they provide, and how far along they are along the maturity path. This will start paving the paths along which individuals, tool and service providers and corporate systems (e.g. CRM) can finally begin to fit their pieces together. It will also help legitimize VRM as a category. If you have a VRM or related company, now is the time to jump in and participate in the conversation. Literally. Here are some of the VRM topics and technology categories that we’ll be talking about, and placing in context in the VRM maturity framework:

by Doc Searls at March 25, 2015 05:23 PM

John Palfrey
End of Tuition Day: The Importance of Gratitude and of Paying It Forward

Today marks a special day in our academic calendar: it is End of Tuition Day.  From this day forward in the school year, everything is free for every student.

What exactly do I mean by “free”?  And what do I mean for “every” student?

DSC_4097-edit As a need-blind school, we are enormously fortunate that we are able to read every admissions application without regard to whether the student’s family can afford the tuition that our school charges.  This hallmark, in one form or another, dates back to the founding of our school in 1778, when Samuel Phillips and his family and friends decided to open an academy for “Youth from Every Quarter.”  We ensure that no family has to take out loans to send a student to high school.  And we are able to admit the most extraordinary, diverse, nice, talented group of 1,100 students we can find.  And once we are all here, we work very hard to honor everyone equally, regardless of whether one’s family happens to pay the full tuition, a part of the tuition, or none of the tuition.  It is our privilege to have every one of you here, absolutely regardless.

At this point in the year — March 25, this year — something magical happens.  From this point out, we rely not at all on anyone’s tuition.  For everyone, the rest of the school year is free.  The full cost, you see, of educating an Andover student is more than $80,000.  (That doesn’t even count some of the amazing benefits that you can take advantage of, like the Addison and the Peabody museums.)  The full tuition price for a day student is $38,000 and for boarding, $50,000.  So from here on out, every meal: free.  Every class: free.  Every sports practice and game: free.  Every community service trip to a neighboring town: free.

DSC_4108-editWhere does it come from?  Two crucial sources.  One is the school’s endowment, which means all the money contributed to the school in perpetuity over hundreds of years.  We have a very large endowment for a high school, and we rely on income from it to make Andover as special today as we possibly can.  The other source is our Annual Fund.  Each year, our alumni, parents, faculty, and staff contribute about $10 million per year to make “End of Tuition Day” possible.  We are enormously proud of and grateful for this Annual Fund.  It makes an enormous number of great things possible in the lives of our students.

So today, I urge you to join me in giving thanks to all those who have been generous to this school, over so many generations — this year, and in years past.  Just as we look to the future at Andover — your future — we ought to honor and thank those who have gotten us here.  We give thanks for all those who have make philanthropy a big part of their lives — and acknowledge how important they have been to making Andover what it is today.

And soon it will be your turn.  I trust that each of you will be as generous as your forebears have, when the time comes.  The reason we can celebrate End of Tuition Day is because others have given back to their school.  In fact, the Class of 2013 had a 98% participation rate for the senior class gift.  This year, the Class of 2015 is already at a 50% level — the highest ever on record as of this date.  I challenge you all to meet or exceed the participation rate of your preceding class — and make “End of Tuition Day” come earlier and earlier with every passing year.  Thank you!cake

by jgpalfrey at March 25, 2015 02:44 PM

Justin Reich
Two Frames for Learning at Scale
The Learning at Scale project can be about trying to replicate tutorials at scale, or it can be about creating learning experiences where scale is an affordance rather than a detriment.

by Justin Reich at March 25, 2015 01:54 PM

Bruce Schneier
Capabilities of Canada's Communications Security Establishment

There's a new story about the hacking capabilities of Canada's Communications Security Establishment (CSE), based on the Snowden documents.

by Bruce Schneier at March 25, 2015 11:55 AM

Joseph Reagle
Factoids for Wikipedia

As I wrote in the post "Not notable: Dead to Wikipedia," I was disappointed with the quality of my biography on Wikipedia, but (aside from creating an infobox) I abstained from editing it myself; in 2015 it was deleted for lack of notability. In thinking about this, I realized this was related to something I've helped others' with. Years ago, it was not uncommon when speaking about Wikipedia for people to tell me their biography was wrong or lacking and to ask me what could they do? They didn't want to get in trouble. I replied they did have to be careful as this could be seen as a Conflict of Interest. Typically, I'd offer to fix it if they could provide a source for me to cite, even if this meant them creating an ad hoc webpage. Today, I see dealing with articles about yourself is relatively well thought through:

Very obvious errors can be fixed quickly, including by yourself. But beyond that, post suggestions on the article talk page, or place {{adminhelp}} on your user talk page. You may also post an explanation of your concern on the biographies of living persons noticeboard and request that uninvolved editors evaluate the article to make sure it is fairly written and properly sourced. Please bear in mind that Wikipedia is almost entirely operated by volunteers, and impolite behavior, even if entirely understandable, will often be less effective.

My bibliographic tool Thunderdell supports the Wikipedia {{sfn}} format, so it's a trivial thing to export my CV for easy Wikipedia use. On my user page Bio-factoids I've listed facts and sources that could be of use in a biography should it ever be reconstructed.

by Joseph Reagle at March 25, 2015 04:00 AM

March 24, 2015

Zeitfunk Award Ceremony

We have come together today to celebrate the winners of the annual Zeitfunk Awards, bestowed upon the winning-est producers and stations from across These winners made it to the top in each of our 13 categories. Check out all of the winners here.

We want to also give a shout out to Hindenburg Systems who have generously offered each winning producer and station a copy of either Journalist Pro or Broadcaster. Thanks, Hindy!

PRX Remix's Erica Lantz and PRX Community Manager Audrey Mardavich celebrate ZeitfunkPRX Remix’s Erica Lantz and PRX Community Manager Audrey Mardavich celebrate the ‘funk. Image credit: Chris Kalafarski

Our Producers and stations have worked very hard for this honor and we wanted to give them the opportunity to accept their award and say a little something to the audience.

Congrats again to all of our winners! Now, take a listen to the speeches.

Clay Ryder, Most Licensed Debut Producer

A1F_8167 copy

KALW, Most Licensed Station by PRX Remix


Mighty Writers, Most Licensed Debut Group


David Schulman, Most Licensed Producer by PRX Remix

The post Zeitfunk Award Ceremony appeared first on PRX.

by Audrey at March 24, 2015 08:28 PM

Berkman Center front page
Radio Berkman 216: The Internet — A Yearbook


In the latest podcast we tackle the web as we know it in 2014-2015. Hate speech online, freedom of speech online, censorship and surveillance online, and, of course, whether our smart machines are out to destroy us.

Thumbnail Image: 

In Radio Berkman 216 we tackle the web as we know it in 2014-2015. Hate speech online, freedom of speech online, censorship and surveillance online, and, of course, whether our smart machines are out to destroy us.

All of these stories and more are part of this year's Internet Monitor report, a collection of dozens of essays that track how we are changing the web and how the web is changing us.

This episode's guests include:

• Andy Sellars, author of SOPA Lives: Copyright’s Existing Power to Block Websites and 'Break the Internet'
• Susan Benesch, author of Flower Speech: New Responses to Hatred Online
• Nathan Freitas, author of The Great Firewall Welcomes You!
• Sara Watson, author of Dada Data and the Internet of Paternalistic Things
• David Michel Davies, of the Webby Awards on their recent report Understanding the Sky-High Demands of the World’s Most Entitled Consumer

We also mentioned:
• Randall Munroe's XKCD chart Stories of the Past & Future

This episode features Creative Commons Music from:
Chad Crouch
Learning Music Monthly
Timo Timonen

• to the Radio Berkman podcast in iTunes or RSS
• to all Berkman audio in iTunes or RSS

by djones at March 24, 2015 08:10 PM

RB216: The Internet — A Yearbook
Listen:or download | …also in Ogg In Radio Berkman 216 we tackle the web as we know it in 2014-2015. Hate speech online, freedom of speech online, censorship and surveillance online, and, of course, whether our smart machines are out to destroy us. All of these stories and more are part of this year’s Internet […]

by Berkman Center for Internet & Society at Harvard Law School ( at March 24, 2015 08:05 PM

Berkman Center front page
Upcoming Events: Data and Goliath (3/25); Data, Privacy & Navigating the Change from a (Relatively) Unrecorded to a Recorded World (3/31); Love the Processor, Hate the Process (4/2)


A preview of our upcoming events calendar and recently archived digital media

Upcoming Events / Digital Media
March 25, 2015
book launch

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

[Today] Wednesday, March 25, 6:00PM ET, Harvard Law School. Reception to follow.


Join the Berkman Center for a special event celebrating the release of Bruce Schneier's new book, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World.

About the book:

You are under surveillance right now.

Your cell phone provider tracks your location and knows who’s with you. Your online and in-store purchasing patterns are recorded, and reveal if you’re unemployed, sick, or pregnant. Your e-mails and texts expose your intimate and casual friends. Google knows what you’re thinking because it saves your private searches. Facebook can determine your sexual orientation without you ever mentioning it.

The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we’re offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches.

Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making. But have we given up more than we’ve gained? In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He shows us exactly what we can do to reform our government surveillance programs and shake up surveillance-based business models, while also providing tips for you to protect your privacy every day. You’ll never look at your phone, your computer, your credit cards, or even your car in the same way again.

Bruce Schneier is an internationally renowned security technologist, called a "security guru" by The Economist. He is the author of 12 books -- including Liars and Outliers: Enabling the Trust Society Needs to Thrive -- as well as hundreds of articles, essays, and academic papers. RSVP required. more information on our website>

co-sponsored event

Data, Privacy & Navigating the Change from a (Relatively) Unrecorded to a Recorded World

Tuesday, March 31, 12:00pm ET, Harvard Law School. Hosted by the HLS Dean's Office and co-sponsored by the Berkman Center.



Join us for a talk about "Data, Privacy & Navigating the Change from a (Relatively) Unrecorded to a Recorded World" with Chris Kelly, Harvard Law School Steven and Maureen Klinksy Professor of Practice for Leadership and Progress; Former Chief Privacy Officer of Facebook.

Chris Kelly is a Silicon Valley attorney with a long track record of representing innovative companies and making the Internet a safer place for kids and adults alike. As the first Chief Privacy Officer, General Counsel, and Head of Global Public Policy for Facebook, Chris helped the company grow from its college roots to the ubiquitous communications medium that it is today. Chris’s development of the site’s safety and security policies around real world identity and deployment of a highly-trained staff for rule and law enforcement are credited as critical elements in the company’s success. more information on our website>

special event

Love the Processor, Hate the Process: The Temptations of Clever Algorithms and When to Resist Them

Thursday, April 2, 5:00pm ET, Harvard Law School.



On the occasion of his appointment as the George Bemis Professor of International Law at Harvard Law School, Jonathan Zittrain will give a lecture entitled, “Love the Processor, Hate the Process: The Temptations of Clever Algorithms and When to Resist Them.”

Jonathan Zittrain is the George Bemis Professor of International Law at Harvard Law School and the Harvard Kennedy School of Government, Professor of Computer Science at the Harvard School of Engineering and Applied Sciences, Vice Dean for Library and Information Resources at the Harvard Law School Library, and co-founder of the Berkman Center for Internet & Society. more information on our website>

berkman luncheon series

The Black Box Society

Tuesday, April 7, 12:00pm ET, Berkman Center for Internet & Society, 23 Everett St, 2nd Floor. This event will be webcast live.



Does the increasing velocity, variety, and volume of data make regulators' jobs harder or easier? Some say we are entering a "golden age of surveillance," enabling perfect enforcement of laws. But Frank Pasquale's book "The Black Box Society" argues that, at least in areas like privacy, antitrust, and financial regulation, big data can also enable obfuscation, stonewalling, and even fraud. At this talk, Pasquale will discuss the risks and opportunities that arise out of the new information environment.

Frank Pasquale’s research addresses the challenges posed to information law by rapidly changing technology, particularly in the health care, internet, and finance industries. He is a member of the NSF-funded Council for Big Data, Ethics, and Society, and an Affiliate Fellow of Yale Law School’s Information Society Project. He frequently presents on the ethical, legal, and social implications of information technology for attorneys, physicians, and other health professionals. His book The Black Box Society: The Secret Algorithms that Control Money and Information (Harvard University Press, 2015) develops a social theory of reputation, search, and finance. RSVP Required. more information on our website>


Distributed and Digital Disaster Response



The citizen response to 2012's Hurricane Sandy was in many important ways more effective than the response from established disaster response institutions like FEMA. New York-based response efforts like Occupy Sandy leveraged existing community networks and digital tools to find missing people; provide food, shelter, and medical assistance; and offer a hub for volunteers and donors. In this talk Willow Brugh -- Berkman fellow and Professor of Practice at Brown University -- demonstrates examples ranging from Oklahoma to Tanzania where such distributed and digital disaster response have proved successful, and empowered citizens to respond in ways traditional institutions cannot. video/audio on our website>


Other Events of Note

Local, national, international, and online events that may be of interest to the Berkman community:

You are receiving this email because you subscribed to the Berkman Center's Weekly Events Newsletter. Sign up to receive this newsletter if this email was forwarded to you. To manage your subscription preferences, please click here.

Connect & get involved: Jobs, internships, and more iTunes Facebook Twitter Flickr YouTube RSS

See our events calendar if you're curious about future luncheons, discussions, lectures, and conferences not listed in this email. Our events are free and open to the public, unless otherwise noted.


The Berkman Center for Internet & Society at Harvard University was founded to explore cyberspace, share in its study, and help pioneer its development. For more information, visit

Berkman Center for Internet & Society

by ashar at March 24, 2015 07:10 PM

David Weinberger
In praise of Starbucks’ #racetogether

There are a lot of things wrong with how Starbucks implemented its “Race Together” program for which it deserves the mockery it’s been getting. Whether it was intended to stimulate discussions with busy baristas (“So, you want that with nonfat milk and we shouldn’t fill it to the brim. Right? What’s it like being white? Did you say ‘Nicky’ or ‘Mickey’?”) or among customers who in my experience have never struck up a conversation with another customer that was not met by a cold stare or a faked incoming text, it was unlikely to achieve its intended result. (Schultz seems to indicate it was to be a barista-to-customer conversation; see 0:20 in the John Oliver clip linked to “mockery” above.) Likewise, the overwhelming male whiteness of the Starbuck’s leadership team was an embarrassment waiting to happen. The apparent use of only white hands holding cups in the marketing campaign was inconceivably stupid (and yet still better than this).

Yet there’s much that Starbucks deserves praise for more than just its recognition that racial issues permeate our American culture and yet are more often papered over than discussed frankly.

  • They trusted their on-the-line employees to speak for themselves, and inevitably for the corporation as well, rather than relying on a handful of tightly constrained and highly compensated mouthpieces.

  • They have held a series of open forums for their employees at corporate events, encouraging honest conversation.

  • They did not supply talking points for their employees to mouth. That’s pretty awesome. On the other hand, they seem also to have provided no preparation for their baristas, as if anyone can figure out how to open up a productive conversation about race in America. The made-up phrase “racetogether” really isn’t enough to get a conversation going and off to a good start. (Michelle Norris’ Race Card Project might have provided a better way of opening conversations.)

Starbucks got lots wrong. Too bad. But not only was it trying to do something right, it did so in some admirable ways. Starbucks deserves the sarcasm but not just sarcasm.

[Disclosure: No, Starbucks isn’t paying me to say any of this. Plus I hate their coffee. (The fact that I feel the need to put in this disclaimer is evidence of the systemic damage wrought by “native ads” and unscrupulous marketers.)]

by davidw at March 24, 2015 03:50 PM

Bruce Schneier
Reforming the FISA Court

The Brennan Center has a long report on what's wrong with the FISA Court and how to fix it.

At the time of its creation, many lawmakers saw constitutional problems in a court that operated in total secrecy and outside the normal "adversarial" process.... But the majority of Congress was reassured by similarities between FISA Court proceedings and the hearings that take place when the government seeks a search warrant in a criminal investigation. Moreover, the rules governing who could be targeted for "foreign intelligence" purposes were narrow enough to mitigate concerns that the FISA Court process might be used to suppress political dissent in the U.S. -- or to avoid the stricter standards that apply in domestic criminal cases.

In the years since then, however, changes in technology and the law have altered the constitutional calculus. Technological advances have revolutionized communications. People are communicating at a scale unimaginable just a few years ago. International phone calls, once difficult and expensive, are now as simple as flipping a light switch, and the Internet provides countless additional means of international communication. Globalization makes such exchanges as necessary as they are easy. As a result of these changes, the amount of information about Americans that the NSA intercepts, even when targeting foreigners overseas, has exploded.

Instead of increasing safeguards for Americans' privacy as technology advances, the law has evolved in the opposite direction since 9/11.... While surveillance involving Americans previously required individualized court orders, it now happens through massive collection programs...involving no case-by-case judicial review. The pool of permissible targets is no longer limited to foreign powers -- such as foreign governments or terrorist groups -- and their agents. Furthermore, the government may invoke the FISA Court process even if its primary purpose is to gather evidence for a domestic criminal prosecution rather than to thwart foreign threats.

...[T]hese developments...have had a profound effect on the role exercised by the FISA Court. They have caused the court to veer off course, departing from its traditional role of ensuring that the government has sufficient cause to intercept communications or obtain records in particular cases and instead authorizing broad surveillance programs. It is questionable whether the court's new role comports with Article III of the Constitution, which mandates that courts must adjudicate concrete disputes rather than issuing advisory opinions on abstract questions. The constitutional infirmity is compounded by the fact that the court generally hears only from the government, while the people whose communications are intercepted have no meaningful opportunity to challenge the surveillance, even after the fact.

Moreover, under current law, the FISA Court does not provide the check on executive action that the Fourth Amendment demands. Interception of communications generally requires the government to obtain a warrant based on probable cause of criminal activity. Although some courts have held that a traditional warrant is not needed to collect foreign intelligence, they have imposed strict limits on the scope of such surveillance and have emphasized the importance of close judicial scrutiny in policing these limits. The FISA Court's minimal involvement in overseeing programmatic surveillance does not meet these constitutional standards.


Fundamental changes are needed to fix these flaws. Congress should end programmatic surveillance and require the government to obtain judicial approval whenever it seeks to obtain communications or information involving Americans. It should shore up the Article III soundness of the FISA Court by ensuring that the interests of those affected by surveillance are represented in court proceedings, increasing transparency, and facilitating the ability of affected individuals to challenge surveillance programs in regular federal courts. Finally, Congress should address additional Fourth Amendment concerns by narrowing the permissible scope of "foreign intelligence surveillance" and ensuring that it cannot be used as an end-run around the constitutional standards for criminal investigations.

Just Security post -- where I copied the above excerpt. Lawfare post.

by Bruce Schneier at March 24, 2015 02:09 PM

Christian Sandvig
Eco’s “How to Write a Thesis” in 15 Maxims

(or, Thesis Advice, Click-Bait Style)

Italian semiotician and novelist Umberto Eco released How to Write a Thesis in 1977, well before his rise to international intellectual stardom. It has just been released in English for the first time by MIT Press. I’ve just read it.


I was thinking of assigning it in doctoral seminars, but I regret that a great deal of the book involves scholarly practices that are no longer relevant to anyone. For instance: Is it OK to insert an unnecessary footnote in the middle of your text so that your footnote numbering matches up correctly with what you’ve already typed? (Meaning: So you don’t have to re-type the entire manuscript. On a typewriter.)

It turns out that it is not OK to insert unnecessary footnotes.

And there’s a whole bunch of things about index card management, diacritical marks, and library union indices. And some stuff about the laurea.

However, even if I do not find the book relevant to assign as a whole, Eco’s great wit and strong opinions did lead me to compile the best quotes from the book. I present them to you here:

Eco’s 15 Maxims for PhD Students:

From How to Write a Thesis [1977/2015], selected by me. These are slightly paraphrased to make them work in a list. I hope you like them as much as I did.

  1. Academic humility is the knowledge that anyone can teach us something. Practice it.
  2. A thesis is like a chess game that requires a player to plan in advance all the moves he will make to checkmate his opponent.
  3. How long does it take to write a thesis? No longer than three years and no less than six months.
  4. Imagine that you have a week to take a 600-mile car trip. Even if you are on vacation, you will not leave your house and begin driving indiscriminately in a random direction. A provisional table of contents will function as your work plan.
  5. You must write a thesis that you are able to write.
  6. Your thesis exists to prove the hypothesis that you devised at the outset, not to show the breadth of your knowledge.
  7. What you should never do is quote from an indirect source pretending that you have read the original.
  8. Quote the object of your interpretive analysis with reasonable abundance.
  9. Use notes to pay your debts.
  10. You should not become so paranoid that you believe you have been plagiarized every time a professor or another student addresses a topic related to your thesis.
  11. If you read the great scientists or the great critics you will see that, with a few exceptions, they are quite clear and are not ashamed of explaining things well.
  12. You are not Proust. Do not write long sentences.
  13. The language of a thesis is a metalanguage, that is, a language that speaks of other languages. A psychiatrist who describes the mentally ill does not express himself in the manner of his patients.
  14. If you do not feel qualified, do not defend your thesis.
  15. Do not whine and be complex-ridden, because it is annoying.


by Christian at March 24, 2015 01:18 PM

Berkman Center front page
America's Complicated Relationship with Civic Duty: Understanding Everyday Americans at the Core of Civic Innovation


with Berkman Fellow, Kate Krontiris. Kate will be joined by research colleagues John Webb (Google) and Charlotte Krontiris. Eric Gordon will be moderating the discussion.


The research includes a joint qualitative and quantitative study for understanding “Interested Bystanders,” or that portion of the population that is paying attention to the world around them, but not regularly voicing their opinions or taking action.

Parent Event

Berkman Luncheon Series

Event Date

Mar 24 2015 12:00pm to Mar 24 2015 12:00pm
Thumbnail Image: 

Tuesday, March 24, 2015 at 12:00 pm

This talk will explore the results of research conducted over the past year by the Google Civic Innovation team.

The research includes a joint qualitative and quantitative study for understanding “Interested Bystanders,” or that portion of the population that is paying attention to the world around them, but not regularly voicing their opinions or taking action.

As applied research, this work sought to 1) inform the design of civic-related products and services at Google and 2) be of actionable value across the civic technology community more broadly. In reporting what we learned, we also have attempted to share how we learned it, and offer a case study for the use of human-centered research to inform civic interventions.

About Kate

Kate is a researcher, strategist, and facilitator working to transform civic life in America. In pursuit of a society where more people assert greater ownership over the decisions that govern their lives, she uses ethnographic tools to design products, policies, and services that enable a more equitable democratic future. During her fellowship with the Berkman Center, Kate will explore two topics: 21st century girlhood, and Americans' awareness of their government's presence in their lives.

With full research support from Google’s Civic Innovation portfolio, Kate just finished traveling across the United States to ascertain what motivates everyday Americans to take civic actions and what holds them back. The goal of this research is to understand how we have become a nation of interested bystanders, and what can be done to nudge everyday people to take small actions that could radically transform the fabric of civic participation. The findings are being used to inform the design of civic products and services at Google, and will be shared with the civic tech ecosystem publicly, likely later this year.

Kate is best known for her applied research on how citizens use technology. Earlier this year, Kate led a discovery and design process on behalf of Personal Democracy Media to investigate and envision a new center for civic innovation in New York City.  In spring of 2013, she led a first-of-its-kind ethnographic investigation into American elections, assessing the human motivations, technological systems, and institutional landscapes that define elections administration at the most local levels. This year, the non-profit, non-partisan civic startup TurboVote is prototyping with elections officials a series of tools whose specifications flow directly from the findings, in order to effect a wholesale re-visioning of the voter experience by 2016.  Kate also spent time in the U.S. Department of State and at Google Ideas, exploring how technology might be used to improve judicial outcomes.

Prior to her graduate education, Kate built a career in problem-solving justice and mediation. Working with the Center for Court Innovation around New York City, she shepherded a multi-stakeholder task force on prison reentry in Harlem and developed meaningful community service initiatives for the Bronx Criminal Court. She also mediated over 150 conflicts through youth court and conflict resolution programs.

Kate is a graduate of Columbia University. She holds a Masters in Public Policy from Harvard University’s Kennedy School of Government and an MBA from MIT’s Sloan School of Management. She serves as a member of the Harlem Justice Corps Community Advisory Board and is also an alumna of the AmeriCorps National Service Program. || @katekrontiris



by candersen at March 24, 2015 01:11 PM

March 23, 2015

Cyberlaw Clinic - blog
HLS Clinical Registration, 2015-2016

Harvard Law School 1Ls and 2Ls should note that registration for HLS clinics during the 2015-16 academic year takes place on Wednesday April 1st and Thursday April 2nd. Details are available on the HLS Office of Clinical and Pro Bono Programs’ website. In advance of registration, the HLS Clinical Fair will take place on Wednesday, March 25th from 6:00 to 8:oo pm.  The Fair is a great opportunity to meet representatives from all the HLS clinics, and the Cyberlaw Clinic staff will be there to tell you about our work. Our staff also invites any students interested in enrolling in the Cyberlaw Clinic next year to an open house on Friday, March 27th from 3:00 to 5:00 pm in our offices on the garden level of 23 Everett Street.  Clinic staff and students will be around and available to chat about their experiences. We hope to see you there!

by Clinic Staff at March 23, 2015 07:22 PM

Berkman Center front page
Berkman Buzz: March 23, 2015


Protests and social media, YikYak, military robots, and more... in this week's Buzz.

Thumbnail Image: 

The Berkman Buzz is a weekly collection of work, conversations, and news from around the Berkman community.
The Berkman Center is proud to be one of thirteen winners of the Digital Media and Learning Competition's "Trust Challenge," which aims to foster trust in online learning environments. Learn more

After the Protests

Quotation mark

by Zeynep Tufecki

LAST Wednesday, more than 100,000 people showed up in Istanbul for a funeral that turned into a mass demonstration. No formal organization made the call. The news had come from Twitter: Berkin Elvan, 15, had died. He had been hit in the head by a tear-gas canister on his way to buy bread during the Gezi protests last June. During the 269 days he spent in a coma, Berkin's face had become a symbol of civic resistance shared on social media from Facebook to Instagram, and the response, when his family tweeted "we lost our son" and then a funeral date, was spontaneous.

From The New York Times | @zeynep

Yik Yak and Online Anonymity are Good for College Students

Quotation mark

by Reynol Junco

LAST WEEK, THE New York Times published an article about the popular anonymous social app, Yik Yak. Stories introducing a new social media platform used by young people seem to almost always engage moral panics. The Times story certainly followed this model. Their thesis was that allowing young people to post anonymously on Yik Yak leads to the most horrendous instances of harassment and abuse.

Call me crazy, but I am really tired of the anonymity equals evil trope. I'm also tired of claims that popular social technologies are inherently bad based on isolated negative incidents. Do issues of harassment happen on Yik Yak? Yes. Do they occur with a frequency that is disconcerting? Absolutely not.

From Wired | @reyjunco

Whether You're Red or Blue, You Should Love the FCC's Internet Plan

Quotation mark

by Susan Crawford

One day two years ago, while I was doing a public radio call-in show for a station in North Carolina, I heard a Tea Party member say something completely reasonable.

It had been a long day. I'd been in a windowless conference room in midtown Manhattan making calls every half hour to different programs and I was up to Hour Four, so I was a little punchy. I was talking about high speed Internet access and the need for open, cheap, fast fiber access across the country, and a guy called in - let's call him Scott - saying he agreed with me wholeheartedly.

From Backchannel | @scrawford

Binders Full of Election Memes: Participatory Culture Invades the 2012 U.S. Election

From The Civic Media Project, edited by Eric Gordon and Paul Mihailidis


by Erhardt Graeff

Participatory culture handed the 2012 U.S. presidential election season a bumper crop of political memes. These "election memes," largely in the form of image macros, took sound bites from the candidates' debates and speeches and turned them into "digital content units" of political satire "circulated, imitated, and/or transformed via the Internet by many users," to paraphrase Limor Schifman's definition of "internet meme" (2013, 177).

Image macros like the lolcat, feature bold text on top of an image, often a "stock character," and like all Internet memes are "multi-participant creative expressions through which cultural and political identities are communicated and negotiated" (Ibid.). This case study focuses on three popular image macro-based election memes that came out of the 2012 US presidential election cycle: "Fired Big Bird," "Binders Full of Women," and "You Didn't Build That," and argues that sharing such memes is a valid form of political participation in the style of what Tommie Shelby calls "impure dissent" (forthcoming).


Robots, War, and Society


by Camille Francois

Since 2007, the discipline of military robotics has gained sustained and significant attention in the public debate. There is today a growing body of scholarly work devoted to the ethical implications of autonomy, remote warfare, and its compliance with the requirements of international humanitarian law.

Roboticists such as Ronald Arkin have argued that military robotics could yield new forms of conflict, more moral and more observant of international law. "[R] obots not only can be better than soldiers in conducting warfare in certain circumstances, but they can also be more humane in the battlefield than humans," he wrote in a piece describing current research underway to explore the implementation of "ethical governors" in robotic technologies. Other scholars have responded that autonomous lethal weapons will never have the agency and morality needed to comply with the complexities of constraints on the use of force, notably as far as the principles of distinction, proportionality and the need for accountability are concerned.

From Defense Dossier | @camillefrancois

Tunisian Activists Fear Rights Setbacks After Bardo Museum Attack

Quotation mark

by Afef Abrougui

Tunisian activists and bloggers have been expressing concerns over rights setbacks in the aftermath of the deadly attack on the Bardo Museum, in Tunis, on Wednesday. In the attack, claimed by ISIS on 19 March, 20 tourists and a Tunisian police officer lost their lives. The two attackers were killed by police.

Following the attack, statements made by politicians and individuals calling for restrictions on rights and liberties and the use of capital punishment raised eyebrows among human rights activists.

From Global Voices | @globalvoices

More Berkman in the News

Manage subscription preferences

by gweber at March 23, 2015 06:11 PM

Berkman Community Newcomers: Siva Vaidhyanathan


Meet Siva Vaidhyanathan, Berkman faculty associate and Professor of Media Studies at UVA.

Thumbnail Image: 

This post is part of a series featuring interviews with some of the fascinating individuals who joined our community for the 2014-2015 year. Conducted by our 2014 summer interns (affectionately known as "Berkterns"), these snapshots aim to showcase the diverse backgrounds, interests, and accomplishments of our dynamic 2014-2015 community.

Q+A with Siva Vaidhyanathan

Berkman faculty associate and Professor of Media Studies at UVA
Interviewed in summer 2014 by Berktern Rex Troumbley

As a Berkman faculty associate, what’s different about your world? What do you get to do now that you couldn’t before, and what are you planning on doing with that title?

Being a Berkman Faculty Associate lets you get to know all kinds of scholars at different levels. Berkman is the central nervous system for digital media studies, and some of the smartest people working on these issues pass through Berkman. This has been a long time coming. I’ve given talks here but have never had a formal affiliation until now. I just finished being chair of my department and am just spending my time going to presentations listening to what other people are talking about. I haven’t decided what I’ll research next.

Your book, The Googlization of Everything, is a few years old now. A lot has happened since then, not the least of which are the Snowden revelations and a startling amount of government spying facilitated by private corporations. If you were to update your book, what might you say about the Googlization of Everything now? Is it still happening? Do you think your “human knowledge project” (organizing the world’s information and making it universally accessible) is still viable?

Yeah, Snowden would change a lot, especially about how risky data retention has been. We actually learned a lot about how Google operates based on their reaction to the Snowden revelations and we found out a lot of information regarding other states. I’d also add the Right to Be Forgotten to the book. I’d include more about Google’s failure in social media, and how many services they’ve abandoned. I think Google Scholar might be next. It certainly doesn’t make them any money and they have no reason not to abandon it.

Yes, I think the human knowledge project is still possible. The Digital Public Library of America actively coordinates with other digital collection and standardizing services to coordinate search. That’s a start. It’s going to take decades, but it’s most clearly not a technical challenge. If it were worth the payoff, it would be done tomorrow. I think we need to decide whether there is a payoff to sharing knowledge freely and widely or, if we don’t actually believe that, we should stop pretending that’s a value for us.

I’m working at Berkman on Internet Governance this summer. A lot of the early literature on the Internet (or cyberspace) assumed it was ungovernable or beyond the reach of governors, but that’s clearly not so true today, if it ever was. Speculate a little bit. What will the Internet look like in another 20 years? Will it still be around? Who will be the users? What will it mean to be a user? What major factors are driving that Internet?

I think in 20 years there will be no internet, at least not one that resembles ours today. Whatever it is, I don’t think it will be collaborative. We are increasingly being encouraged to process our signals through dedicated services and users of the future will be little more than discrete consumers. What Jonathan Zittrain wrote about is happening. Big companies today are all struggling to become the operating system of our lives, not our computers. The long game is to control and monetize data through objects like smart shoes, glasses, and other devices. In the future only a few companies with be the master OS.

Censorship is also on the rise, even in democratic-republics. We’re seeing places like India, Turkey, and China flirting with censorship. We probably won’t be able to stop this. After Snowden, countries are also working hard to make sure the data of their citizens stay in their countries not only so they can conduct better surveillance, but also because they don’t want their citizen’s data trapped in the U.S. There are also countervailing civil society movements pushing to limit the U.S. and its allies in control of digital networks. Brazil is a good example. Brazil thinks the Internet is linked to its economic future and so took action to limit U.S. power in the Internet.

I hope there will be a rollback on surveillance like what happened in the 1970s following the Church Committee’s review of U.S. surveillance, but a movement against surveillance is not going to grow just because people are more aware of it. It’s going to take some real force and concerted effort by organizations like EPIC and EFF to really transform themselves into political actors. EFF has never figured out how to fire up its troops in an overwhelming fashion. If you look at the SOPA and PIPA protests, there was no central coordination. There were a number of places people got turned onto those, but no one seems to have the list of people who will get out and protest or call their congressman. The Sierra Club is good at that. Whether EFF or another group like it emerges, there is going to need to be a more coordinated effort to push against this future.

I noticed you and Larry Lessig both have email addresses that end with Pobox. What is that about?

I think sometime back in 1996 I was trying to figure out which email I should choose, and Larry suggested it to me. There weren’t a lot of good options at the time, and I knew I would be changing my affiliations over time, so I wanted one I could keep. Pobox had a good spam filter and large storage, for the time. I think Tim Wu uses the same email service. It’s not a secret handshake between us, and I still use Gmail, but for things like listservs.

When I searched for your name on Google with the SafeSearch off, I got 85,300 results but with SafeSearch on, I got 84,500 results. Why do you think Google SafeSearch is filtering out 800 results from a search on your name?

I don’t know why so many are blocked! My guess is that it’s people swearing about me online or saying other things. If I were going to figure out what they were blocking, if I was really ambitious, I would print out the results and line them up to see what’s missing from the filtered one.

by ctian at March 23, 2015 06:10 PM

March 22, 2015

David Weinberger
New definition of “cringeworthy”

The House Judiciary Committee has posted a page with ten gifs to explain to the nation’s youth the folly of President Obama’s immigration actions. (Hat tip to Peter Kaminski.)

by davidw at March 22, 2015 05:54 PM

March 21, 2015

Bruce Schneier
How We Become Habituated to Security Warnings on Computers

New research: "How Polymorphic Warnings Reduce Habituation in the Brain ­- Insights from an fMRI Study."

Abstract: Research on security warnings consistently points to habituation as a key reason why users ignore security warnings. However, because habituation as a mental state is difficult to observe, previous research has examined habituation indirectly by observing its influence on security behaviors. This study addresses this gap by using functional magnetic resonance imaging (fMRI) to open the "black box" of the brain to observe habituation as it develops in response to security warnings. Our results show a dramatic drop in the visual processing centers of the brain after only the second exposure to a warning, with further decreases with subsequent exposures. To combat the problem of habituation, we designed a polymorphic warning that changes its appearance. We show in two separate experiments using fMRI and mouse cursor tracking that our polymorphic warning is substantially more resistant to habituation than conventional warnings. Together, our neurophysiological findings illustrate the considerable influence of human biology on users' habituation to security warnings.


EDITED TO ADD (3/21): News article.

by Bruce Schneier at March 21, 2015 11:22 PM

Friday Squid Blogging: Squid Pen


As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

by Bruce Schneier at March 21, 2015 07:24 PM

Joseph Reagle
Insights on privilege

I appreciate any feedback folks are kind enough to leave on a new draft: Saying it so doesn't make it so: Insights on privilege from geekdom's meritocracy melee

ABSTRACT: Peggy McIntosh famously characterized privilege as an unearned “invisible knapsack” of special provisions. Although this is a powerful metaphor, it is a challenging critique to make, especially for geek feminists. After providing brief cultural histories of geek feminism, meritocracy and privilege, I claim that geek discourse shows that these comparative notions are inherently difficult and this is exacerbated for geeks because of an element of their identity and culture. Just as the debate about “fake geek girls” revealed that geekdom’s boundaries are defined and policed relative to the mainstream, especially the movement of attention, I argue that geek identity is similarly informed by a relative sense of inferiority and superiority, which leads to a naive notion of meritocracy. First, geeks question how they could be privileged given what “they have themselves had to endure in life.” Second, as seen in idiosyncratic presentations (e.g., dress), they presume they are beyond mainstream conventions and biases when in fact such biases are still present. Hence, meritocracy is much like the otherwise commendable values of openness and freedom because a naive understanding impairs those values’ actual enactment. I conclude by noting that meritocracy is often conceived of in a comparative historical sense as well and that this, too, is problematic.

by Joseph Reagle at March 21, 2015 04:00 AM

March 20, 2015

Bruce Schneier
New Paper on Digital Intelligence

David Omand -- GCHQ director from 1996-1997, and the UK's security and intelligence coordinator from 2000-2005 -- has just published a new paper: "Understanding Digital Intelligence and the Norms That Might Govern It."

Executive Summary: This paper describes the nature of digital intelligence and provides context for the material published as a result of the actions of National Security Agency (NSA) contractor Edward Snowden. Digital intelligence is presented as enabled by the opportunities of global communications and private sector innovation and as growing in response to changing demands from government and law enforcement, in part mediated through legal, parliamentary and executive regulation. A common set of organizational and ethical norms based on human rights considerations are suggested to govern such modern intelligence activity (both domestic and external) using a three-layer model of security activity on the Internet: securing the use of the Internet for everyday economic and social life; the activity of law enforcement -- both nationally and through international agreements -- attempting to manage criminal threats exploiting the Internet; and the work of secret intelligence and security agencies using the Internet to gain information on their targets, including in support of law enforcement.

I don't agree with a lot of it, but it's worth reading.

My favorite Omand quote is this, defending the close partnership between the NSA and GCHQ in 2013: "We have the brains. They have the money. It's a collaboration that's worked very well."

by Bruce Schneier at March 20, 2015 06:51 PM

Threats to Information Integrity

Every year, the Director of National Intelligence publishes an unclassified "Worldwide Threat Assessment." This year's report was published two weeks ago. "Cyber" is the first threat listed, and includes most of what you'd expect from a report like this.

More interesting is this comment about information integrity:

Most of the public discussion regarding cyber threats has focused on the confidentiality and availability of information; cyber espionage undermines confidentiality, whereas denial-of-service operations and data-deletion attacks undermine availability. In the future, however, we might also see more cyber operations that will change or manipulate electronic information in order to compromise its integrity (i.e. accuracy and reliability) instead of deleting it or disrupting access to it. Decisionmaking by senior government officials (civilian and military), corporate executives, investors, or others will be impaired if they cannot trust the information they are receiving.

This speaks directly to the need for strong cryptography to protect the integrity of information.

by Bruce Schneier at March 20, 2015 04:45 PM

Center for Research on Computation and Society (Harvard SEAS)
Computer Science Postdoc Professional Development Q&A


Pierce Hall, room 209

Postdoc Professional Development Panel
Monday, March 23rd
11:30AM - 1:00PM
Pierce 209

Computer Science Postdoc Professional Development Q&A

CRCS faculty members have received reports from both current and past postdocs that computer science fellows would appreciate help in transitioning from their postdoc position to the next career move.

by kmavon at March 20, 2015 03:34 PM

Bruce Schneier
Cisco Shipping Equipment to Fake Addresses to Foil NSA Interception

Last May, we learned that the NSA intercepts equipment being shipped around the world and installs eavesdropping implants. There were photos of NSA employees opening up a Cisco box. Cisco's CEO John Chambers personally complained to President Obama about this practice, which is not exactly a selling point for Cisco equipment abroad. Der Spiegel published the more complete document, along with a broader story, in January of this year:

In one recent case, after several months a beacon implanted through supply-chain interdiction called back to the NSA covert infrastructure. The call back provided us access to further exploit the device and survey the network. Upon initiating the survey, SIGINT analysis from TAO/Requirements & Targeting determined that the implanted device was providing even greater access than we had hoped: We knew the devices were bound for the Syrian Telecommunications Establishment (STE) to be used as part of their internet backbone, but what we did not know was that STE's GSM (cellular) network was also using this backbone. Since the STE GSM network had never before been exploited, this new access represented a real coup.

Now Cisco is taking matters into its own hands, offering to ship equipment to fake addresses in an effort to avoid NSA interception.

I don't think we have even begun to understand the long-term damage the NSA has done to the US tech industry.

Slashdot thread.

by Bruce Schneier at March 20, 2015 11:56 AM

Joseph Reagle
Not notable: Dead to Wikipedia

After roughly four years, my Wikipedia biography is no more; it now redirects to a page for my book about Wikipedia. In reflecting upon this, it seems to me that when it comes to notability, the biography and subject are often conflated. According to Wikipedia's Notability criteria, I believe I am notable, even if the Wikipedia article didn't reflect it well. Yet, Wikipedians speak of deleting a biography because "the subject is not notable" instead of saying "the article doesn't show the subject to be notable." Hence, an implicit criteria for notability is if Wikipedians will bother to marshal an effort, which, in a way, is a proxy for notability itself. The other interesting thing is that the deletion was rather swift. A few years back, the biography had been decorated with the "may not be notable" tag for about nine months until a Wikipedian removed it with the comment: "Remove insult-the-subject tag."

In any case, the article had much room for improvement; in fact, for the past couple of years I've asked students to find problems with it, especially with respect to Wikipedia's Verifiability policy. Fortunately, I can still send students to a version of the biography since the edit history for the article survives.

What I am a little disappointed about is that Google no longer shows the cool sidebar with information from the Wikipedia infobox -- adding the infobox was the only time I felt it appropriate to edit my own page. But who knows, maybe one day the article will be resurrected.

by Joseph Reagle at March 20, 2015 04:00 AM

March 19, 2015

Bruce Schneier
More Data and Goliath News

Right now, the book is #6 on the New York Times best-seller list in hardcover nonfiction, and #13 in combined print and e-book nonfiction. This is the March 22 list, and covers sales from the first week of March. The March 29 list -- covering sales from the second week of March -- is not yet on the Internet. On that list, I'm #11 on the hardcover nonfiction list, and not at all on the combined print and e-book nonfiction list.

Marc Rotenberg of EPIC tells me that Vance Packard's The Naked Society made it to #7 on the list during the week of July 12, 1964, and -- by that measure -- Data and Goliath is the most popular privacy book of all time. I'm not sure I can claim that honor yet, but it's a nice thought. And two weeks on the New York Times best-seller list is super fantastic.

For those curious to know what sorts of raw numbers translate into those rankings, this is what I know. Nielsen Bookscan tracks retail sales across the US, and captures about 80% of the book market. It reports that my book sold 4,706 copies during the first week of March, and 2,339 copies in the second week. Taking that 80% figure, that means I sold 6,000 copies the first week and 3,000 the second.

My publisher tells me that Amazon sold 650 hardcovers and 600 e-books during the first week, and 400 hardcovers and 500 e-books during the second week. The hardcover sales ranking was 865, 949, 611, 686, 657, 602, 595 during the first week, and 398, 511, 693, 867, 341, 357, 343 during the second. The book's rankings during those first few days don't match sales, because Amazon records a sale for the rankings when a person orders a book, but only counts the sale when it actually ships it. So all of my preorders sold on that first day, even though they were calculated in the rankings during the days and weeks before publication date.

There are few new book reviews. There's one from the Dealbook blog at the New York Times that treats the book very seriously, but doesn't agree with my conclusions. (A rebuttal to that review is here.) A review from the Wall Street Journal was even less kind. This review from InfoWorld is much more positive.

All of this, and more, is on the book's website.

There are several book-related videos online. The first is the talk I gave at the Harvard Bookstore on March 4th. The second and third are interviews of me on Democracy Now. I also did a more general Q&A with Gizmodo.

Note to readers. The book is 80,000 words long, which is a normal length for a book like this. But the book's size is much larger, because it contains a lot of references. They're not numbered, but if they were, there would be over 1,000 numbers. I counted all the links, and there are 1,622 individual citations. That's a lot of text. This means that if you're reading the book on paper, the narrative ends on page 238, even though the book continues to page 364. If you're reading it on the Kindle, you'll finish the book when the Kindle says you're only 44% of the way through. The difference between pages and percentages is because the references are set in smaller type than the body. I warn you of this now, so you know what to expect. It always annoys me that the Kindle calculates percent done from the end of the file, not the end of the book.

And if you've read the book, please post a review on the book's Amazon page or on Goodreads. Reviews are important on those sites, and I need more of them.

by Bruce Schneier at March 19, 2015 07:35 PM

Justin Reich
Teach to One in The New York Times
The New York Times investigates the possibilities of, and problems with, blended learning.

by Justin Reich at March 19, 2015 04:32 PM

Bruce Schneier
Understanding the Organizational Failures of Terrorist Organizations

New research: Max Abrahms and Philip B.K. Potter, "Explaining Terrorism: Leadership Deficits and Militant Group Tactics," International Organizations.

Abstract: Certain types of militant groups -- those suffering from leadership deficits -- are more likely to attack civilians. Their leadership deficits exacerbate the principal-agent problem between leaders and foot soldiers, who have stronger incentives to harm civilians. We establish the validity of this proposition with a tripartite research strategy that balances generalizability and identification. First, we demonstrate in a sample of militant organizations operating in the Middle East and North Africa that those lacking centralized leadership are prone to targeting civilians. Second, we show that when the leaderships of militant groups are degraded from drone strikes in the Afghanistan-Pakistan tribal regions, the selectivity of organizational violence plummets. Third, we elucidate the mechanism with a detailed case study of the al-Aqsa Martyrs Brigade, a Palestinian group that turned to terrorism during the Second Intifada because pressure on the leadership allowed low-level members to act on their preexisting incentives to attack civilians. These findings indicate that a lack of principal control is an important, underappreciated cause of militant group violence against civilians.

I have previously blogged Max Abrahms's work here, here, and here.

by Bruce Schneier at March 19, 2015 02:12 PM

Feeds In This Planet