Skip to main content

Home/ Future of the Web/ Group items matching "journal" in title, tags, annotations or url

Group items matching
in title, tags, annotations or url

Sort By: Relevance | Date Filter: All | Bookmarks | Topics Simple Middle
Gonzalo San Gil, PhD.

Push, Pull, Fork: GitHub for Academics | Tools | HYBRID PEDAGOGY - 0 views

www.hybridpedagogy.com/...GitHub_for_Academics.html

github academics fork share teach learn push pull code

shared by Gonzalo San Gil, PhD. on 09 Dec 13 - No Cached
  • Gonzalo San Gil, PhD. on 09 Dec 13
     
    "May 26, 2013 | Filed in: Tools by Kris Shaffer Follow @krisshaffer In his article, "Open-source Scholarship", Kris Shaffer argues that the open-source software model has lessons to offer the academic community. Here, Kris demonstrates how a scholar can put open-source philosophy into practice using a specific tool developed by and for the community: GitHub."
Paul Merrell

This project aims to make '404 not found' pages a thing of the past - 0 views

www.dailydot.com/...404-no-more-project

HTML mset-attribute link rot

shared by Paul Merrell on 23 Apr 14 - No Cached
  • The Internet is always changing. Sites are rising and falling, content is deleted, and bad URLs can lead to '404 Not Found' errors that are as helpful as a brick wall. A new project proposes an do away with dead 404 errors by implementing new HTML code that will help access prior versions of hyperlinked content. With any luck, that means that you’ll never have to run into a dead link again. The “404-No-More” project is backed by a formidable coalition including members from organizations like the Harvard Library Innovation Lab, Los Alamos National Laboratory, Old Dominion University, and the Berkman Center for Internet & Society. Part of the Knight News Challenge, which seeks to strengthen the Internet for free expression and innovation through a variety of initiatives, 404-No-More recently reached the semifinal stage. The project aims to cure so-called link rot, the process by which hyperlinks become useless overtime because they point to addresses that are no longer available. If implemented, websites such as Wikipedia and other reference documents would be vastly improved. The new feature would also give Web authors a way provide links that contain both archived copies of content and specific dates of reference, the sort of information that diligent readers have to hunt down on a website like Archive.org.
  • While it may sound trivial, link rot can actually have real ramifications. Nearly 50 percent of the hyperlinks in Supreme Court decisions no longer work, a 2013 study revealed. Losing footnotes and citations in landmark legal decisions can mean losing crucial information and context about the laws that govern us. The same study found that 70 percent of URLs within the Harvard Law Review and similar journals didn’t link to the originally cited information, considered a serious loss surrounding the discussion of our laws. The project’s proponents have come up with more potential uses as well. Activists fighting censorship will have an easier time combatting government takedowns, for instance. journalists will be much more capable of researching dynamic Web pages. “If every hyperlink was annotated with a publication date, you could automatically view an archived version of the content as the author intended for you to see it,” the project’s authors explain. The ephemeral nature of the Web could no longer be used as a weapon. Roger Macdonald, a director at the Internet Archive, called the 404-No-More project “an important contribution to preservation of knowledge.”
  • The new feature would come in the form of introducing the mset attribute to the <a> element in HTML, which would allow users of the code to specify multiple dates and copies of content as an external resource. For instance, if both the date of reference and the location of a copy of targeted content is known by an author, the new code would like like this: The 404-No-More project’s goals are numerous, but the ultimate goal is to have mset become a new HTML standard for hyperlinks. “An HTML standard that incorporates archives for hyperlinks will loop in these efforts and make the Web better for everyone,” project leaders wrote, “activists, journalists, and regular ol’ everyday web users.”
Paul Merrell

Republicans seek fast-track repeal of net neutrality | Ars Technica - 0 views

arstechnica.com/...track-repeal-of-net-neutrality

net-neutrality legislation fast-track

shared by Paul Merrell on 26 Apr 15 - No Cached
  • Republicans in Congress yesterday unveiled a new plan to fast track repeal of the Federal Communications Commission's net neutrality rules. Introduced by Rep. Doug Collins (R-Ga.) and 14 Republican co-sponsors, the "Resolution of Disapproval" would use Congress' fast track powers under the Congressional Review Act to cancel the FCC's new rules.
  • Saying the resolution "would require only a simple Senate majority to pass under special procedural rules of the Congressional Review Act," Collins' announcement called it "the quickest way to stop heavy-handed agency regulations that would slow Internet speeds, increase consumer prices and hamper infrastructure development, especially in his Northeast Georgia district." Republicans can use this method to bypass Democratic opposition in the Senate by requiring just a simple majority rather than 60 votes to overcome a filibuster, but "it would still face an almost certain veto from President Obama," National Journal wrote. "Other attempts to fast-track repeals of regulations in the past have largely been unsuccessful." This isn't the only Republican effort to overturn the FCC's net neutrality rules. Another, titled the "Internet Freedom Act," would wipe out the new net neutrality regime. Other Republican proposals would enforce some form of net neutrality rules while limiting the FCC's power to regulate broadband.
  • The FCC's rules also face lawsuits from industry consortiums that represent broadband providers. USTelecom filed suit yesterday just after the publication of the rules in the Federal Register. Today, the CTIA Wireless Association, National Cable & Telecommunications Association (NCTA), and American Cable Association (ACA) all filed lawsuits to overturn the FCC's Open Internet Order. The CTIA and NCTA are the most prominent trade groups representing the cable and wireless industries. The ACA, which represents smaller providers, said it supports net neutrality rules but opposes the FCC's decision to reclassify broadband as a common carrier service. However, a previous court decision ruled that the FCC could not impose the rules without reclassifying broadband.
Paul Merrell

Protocols of the Hackers of Zion? « LobeLog - 0 views

www.lobelog.com/otocols-of-the-hackers-of-zion

surveillance state Israel cyber-spying Iran-negotiations

shared by Paul Merrell on 12 Jun 15 - No Cached
  • When Israeli Prime Minister Benjamin Netanyahu met with Google chairman Eric Schmidt on Tuesday afternoon, he boasted about Israel’s “robust hi-tech and cyber industries.” According to The Jerusalem Post, “Netanyahu also noted that ‘Israel was making great efforts to diversify the markets with which it is trading in the technological field.'” Just how diversified and developed Israeli hi-tech innovation has become was revealed the very next morning, when the Russian cyber-security firm Kaspersky Labs, which claims more than 400 million users internationally, announced that sophisticated spyware with the hallmarks of Israeli origin (although no country was explicitly identified) had targeted three European hotels that had been venues for negotiations over Iran’s nuclear program.
  • Wednesday’s Wall Street Journal, one of the first news sources to break the story, reported that Kaspersky itself had been hacked by malware whose code was remarkably similar to that of a virus attributed to Israel. Code-named “Duqu” because it used the letters DQ in the names of the files it created, the malware had first been detected in 2011. On Thursday, Symantec, another cyber-security firm, announced it too had discovered Duqu 2 on its global network, striking undisclosed telecommunication sites in Europe, North Africa, Hong Kong, and  Southeast Asia. It said that Duqu 2 is much more difficult to detect that its predecessor because it lives exclusively in the memory of the computers it infects, rather than writing files to a drive or disk. The original Duqu shared coding with — and was written on the same platform as — Stuxnet, the computer worm  that partially disabled enrichment centrifuges in Iranian nuclear power plants, according to a 2012 report in The New York Times. Intelligence and military experts said that Stuxnet was first tested at Dimona, a nuclear-reactor complex in the Negev desert that houses Israel’s own clandestine nuclear weapons program. While Stuxnet is widely believed to have been a joint Israeli-U.S. operation, Israel seems to have developed and implemented Duqu on its own.
  • Coding of the spyware that targeted two Swiss hotels and one in Vienna—both sites where talks were held between the P5+1 and Iran—so closely resembled that of Duqu that Kaspersky has dubbed it “Duqu 2.” A Kaspersky report contends that the new and improved Duqu would have been almost impossible to create without access to the original Duqu code. Duqu 2’s one hundred “modules” enabled the cyber attackers to commandeer infected computers, compress video feeds  (including those from hotel surveillance cameras), monitor and disrupt telephone service and Wi-Fi, and steal electronic files. The hackers’ penetration of computers used by the front desk would have allowed them to determine the room numbers of negotiators and delegation members. Duqu 2 also gave the hackers the ability to operate two-way microphones in the hotels’ elevators and control their alarm systems.
Paul Merrell

Germany's top prosecutor fired over treason probe - Yahoo News - 0 views

news.yahoo.com/g-treason-probe-130208720.html

surveillance state Germany journalism treason litigation chief-prosecutor-fired

shared by Paul Merrell on 05 Aug 15 - No Cached
  • A treason investigation against two German journalists claimed its first casualty Tuesday — the country's top prosecutor who ordered the probe.
  • Justice Minister Heiko Maas announced he was seeking the dismissal of Harald Range hours after the chief federal prosecutor accused the government of interfering in his investigation.Maas said he made the decision in consultation with Chancellor Angela Merkel's office, indicating that the sacking was approved at the highest level.The Justice Ministry had questioned Range's decision to open the investigation against two journalists from the website Netzpolitik.org who had reported that Germany's domestic spy agency plans to expand surveillance of online communication.The treason probe was widely criticized and regarded as an embarrassment to the government. Senior officials stressed in recent days that Germany is committed to protecting press freedom.
Paul Merrell

IETF Journal - 3 views

www.isoc.org/...ietfjournal

IPv6 market penetration

shared by Paul Merrell on 02 Jul 10 - Cached
  • Paul Merrell on 02 Jul 10
     
    Article discusses evidence that IPv6 adoption is accelerating and is poised to snowball. 
Gary Edwards

Bill de hÓra: Plugin pros and cons - 0 views

www.dehora.net/...plugin-pros-and-cons

browsers firefox java

shared by Gary Edwards on 12 Jul 08 - Cached
  • Gary Edwards on 12 Jul 08
     
    excellent overview of plug-in architectures
Gary Edwards

AJAX World RIA Conference News - AJAX & RIA with Server-Side JavaScript @ WEB 2.0 JOURNAL - 0 views

www.web2journal.com/...582542.htm

ajax javascript ria

shared by Gary Edwards on 11 Jun 08 - Cached
  • Server-side JavaScript (SSJS) is growing in popularity fast since developers realize it can drastically simplify Web app creation by letting you use using the same technology stack on both the client and the server.
  • Gary Edwards on 11 Jun 08
     
    Server side and client side JavaScript
  • anonymous on 27 Sep 13
     
    Visit News www.killdo.de.gg. How to make the 1000 visitor from PR9 backlinks. Buy cheap service www.fiverr.com/radjaseotea/making-best-super-backlink-143445
Paul Merrell

Google Web Toolkit: Finally Java Has Been Put into JavaScript! @ XML JOURNAL - 0 views

xml.sys-con.com/586447.htm

google web toolkit java javafx javascript

shared by Paul Merrell on 10 Jun 08 - Cached
  • For many years, Java and web developers alike have had to explain to the unwitting that JavaScript had absolutely nothing to do with Java. It was one of the great marketing gaffes of the mid-90s. They were no more alike than chalk and cheese. But in the last six months, I've had to lay down my placard and walk away from the picket line with a smile on my face and a skip in my step. Finally Java has been put into JavaScript.
  • anonymous on 27 Sep 13
     
    Visit News www.killdo.de.gg. How to make the 1000 visitor from PR9 backlinks. Buy cheap service www.fiverr.com/radjaseotea/making-best-super-backlink-143445
Paul Merrell

ZoooS Previews "OpenOffice.org 3.0 in a Browser" | Software Journal - 0 views

stuff.techwhack.com/4729-zooos

cartel dead end technology ooo zoos

shared by Paul Merrell on 06 Sep 08 - Cached
  • ZoooS LLC today previewed ZoooS Office, a web-based office suite that puts OpenOffice.org 3.0 in a browser, targeting enterprise, SMB, and individual users alike with a blend of software-as-a-service (SaaS) and desktop advantages.
  • Other key ZoooS Office implementations will include Mozilla XULRunner; Firefox, Opera, Safari as well as the new Google Chrome web browser; social networking sites such as Facebook, MySpace, and Second Life; and Nintendo Wii and Sony PlayStation. Regardless of implementation, ZoooS applications run entirely on the client machine, performing all file operations locally to reduce network traffic, improve application performance, and support offline access.
  • Public availability of ZoooS Office is scheduled for the fourth quarter of 2008. Initially, ZoooS will deliver the Mozilla XULRunner version, a Firefox plug-in, an Opera widget, and an intranet server. ZoooS will follow up with a Vista gadget and Internet Explorer support in the first half of 2009. For more information on ZoooS, please visit www.zooos.com.
  • Paul Merrell on 06 Sep 08
     
    Yet another wrapper around OpenOffice.org, this time the 3.0 version still in beta. $99.90 per seat for 10 users, Lots of Javascript to give a web collaboration capability. Perhaps most notable so far: [i] a sniff that there's a fair amount of money behind this one; and [ii] an article by Eric Lai says they approached the OOo Project but were rebuffed because they compete with desktop OOo. Support for different browsers planned. an XULRunner plug-in the works. Several mashups mentioned. Claims 80 percent of OOo features available, which is another way of saying that 20 per cent of the features are not supported. Claim that oSays code will be released under GPL. Apparently that's just their custom stuff because OOo 3.0 beta is LGPL. Building a business atop a code base controlled by a malevolent branch of Sun Microsystems seems less than wise. More at zooos.com. Preliminary impression: Like OOo itself, dead end technology that sucks mind and market share from software that supports truly open standards. The world needs to figure out that the OpenDocument format is roughly as open as OOXML. Open standards are fully specified so anyone can implement them.
Gonzalo San Gil, PhD.

Anatomically distinct dopamine release during anticipation and experience of peak emotion to music : Nature Neuroscience : Nature Publishing Group - 2 views

www.nature.com/...nn.2726.html

Music stimulus emotion control industry governments Internet Internet censorship

shared by Gonzalo San Gil, PhD. on 21 Jan 11 - No Cached
  • Gonzalo San Gil, PhD. on 21 Jan 11
     
    [Music, an abstract stimulus, can arouse feelings of euphoria and craving, similar to tangible rewards that involve the striatal dopaminergic system. ...] *Is The Eagerness of The Industry, The Governments and the artists themselves to Control The Music Flow thru internet an Attempt to Control Human Emotions...?
Paul Merrell

Rapid - Press Releases - EUROPA - 0 views

europa.eu/...pressReleasesAction.do

intel antitrust DG Competition

shared by Paul Merrell on 13 May 09 - Cached
  • Did the Commission co-operate with the United States on this case? The Commission and the United States Federal Trade Commission have kept each other regularly and closely informed on the state of play of their respective Intel investigations. These discussions have been held in a co-operative and friendly atmosphere, and have been substantively fruitful in terms of sharing experiences on issues of common interest.
  • Where does the money go? Once final judgment has been delivered in any appeals before the Court of First Instance (CFI) and the Court of Justice, the money goes into the EU’s central budget, thus reducing the contributions that Member States pay to the EU. Does Intel have to pay the fine if it appeals to the European Court of First Instance (CFI)? Yes. In case of appeals to the CFI, it is normal practice that the fine is paid into a blocked bank account pending the final outcome of the appeals process. Any fine that is provisionally paid will produce interest based on the interest rate applied by the European Central Bank to its main refinancing operations. In exceptional circumstances, companies may be allowed to cover the amount of the fine by a bank guarantee at a higher interest rate. What percentage of Intel's turnover does the fine represent? The fine represents 4.15 % of Intel's turnover in 2008. This is less than half the allowable maximum, which is 10% of a company's annual turnover.
  • How long is the Decision? The Decision is 542 pages long. When is the Decision going to be published? The Decision in English (the official language version of the Decision) will be made available as soon as possible on DG Competition’s website (once relevant business secrets have been taken out). French and German translations will also be made available on DG Competition’s website in due course. A summary of the Decision will be published in the EU's Official Journal L series in all languages (once the translations are available).
  • Paul Merrell on 13 May 09
Paul Merrell

NSA contractors use LinkedIn profiles to cash in on national security | Al Jazeera America - 0 views

america.aljazeera.com/...tractors-linkedinprofiles.html

surveillance state NSA NSA-methods spying-on-spies

shared by Paul Merrell on 30 May 14 - No Cached
  • NSA spies need jobs, too. And that is why many covert programs could be hiding in plain sight. Job websites such as LinkedIn and Indeed.com contain hundreds of profiles that reference classified NSA efforts, posted by everyone from career government employees to low-level IT workers who served in Iraq or Afghanistan. They offer a rare glimpse into the intelligence community's projects and how they operate. Now some researchers are using the same kinds of big-data tools employed by the NSA to scrape public LinkedIn profiles for classified programs. But the presence of so much classified information in public view raises serious concerns about security — and about the intelligence industry as a whole. “I’ve spent the past couple of years searching LinkedIn profiles for NSA programs,” said Christopher Soghoian, the principal technologist with the American Civil Liberties Union’s Speech, Privacy and Technology Project.
  • On Aug. 3, The Wall Street Journal published a story about the FBI’s growing use of hacking to monitor suspects, based on information Soghoian provided. The next day, Soghoian spoke at the Defcon hacking conference about how he uncovered the existence of the FBI’s hacking team, known as the Remote Operations Unit (ROU), using the LinkedIn profiles of two employees at James Bimen Associates, with which the FBI contracts for hacking operations. “Had it not been for the sloppy actions of a few contractors updating their LinkedIn profiles, we would have never known about this,” Soghoian said in his Defcon talk. Those two contractors were not the only ones being sloppy.
  • And there are many more. A quick search of Indeed.com using three code names unlikely to return false positives — Dishfire, XKeyscore and Pinwale — turned up 323 résumés. The same search on LinkedIn turned up 48 profiles mentioning Dishfire, 18 mentioning XKeyscore and 74 mentioning Pinwale. Almost all these people appear to work in the intelligence industry. Network-mapping the data Fabio Pietrosanti of the Hermes Center for Transparency and Digital Human Rights noticed all the code names on LinkedIn last December. While sitting with M.C. McGrath at the Chaos Communication Congress in Hamburg, Germany, Pietrosanti began searching the website for classified program names — and getting serious results. McGrath was already developing Transparency Toolkit, a Web application for investigative research, and knew he could improve on Pietrosanti’s off-the-cuff methods.
  • ...2 more annotations...
  • “I was, like, huh, maybe there’s more we can do with this — actually get a list of all these profiles that have these results and use that to analyze the structure of which companies are helping with which programs, which people are helping with which programs, try to figure out in what capacity, and learn more about things that we might not know about,” McGrath said. He set up a computer program called a scraper to search LinkedIn for public profiles that mention known NSA programs, contractors or jargon — such as SIGINT, the agency’s term for “signals intelligence” gleaned from intercepted communications. Once the scraper found the name of an NSA program, it searched nearby for other words in all caps. That allowed McGrath to find the names of unknown programs, too. Once McGrath had the raw data — thousands of profiles in all, with 70 to 80 different program names — he created a network graph that showed the relationships between specific government agencies, contractors and intelligence programs. Of course, the data are limited to what people are posting on their LinkedIn profiles. Still, the network graph gives a sense of which contractors work on several NSA programs, which ones work on just one or two, and even which programs military units in Iraq and Afghanistan are using. And that is just the beginning.
  • Click on the image to view an interactive network illustration of the relationships between specific national security surveillance programs in red, and government organizations or private contractors in blue.
  • Paul Merrell on 30 May 14
     
    What a giggle, public spying on NSA and its contractors using Big Data. The interactive network graph with its sidebar display of relevant data derived from LinkedIn profiles is just too delightful. 
Paul Merrell

Verification Handbook: homepage - 0 views

verificationhandbook.com

journalism digital-content-verification

shared by Paul Merrell on 24 Mar 14 - No Cached
  • A definitive guide to verifying digital content for emergency coverage Authored by leading journalists from the BBC, Storyful, ABC, Digital First Media and other verification experts, the Verification Handbook is a groundbreaking new resource for journalists and aid providers. It provides the tools, techniques and step-by-step guidelines for how to deal with user-generated content (UGC) during emergencies.
Paul Merrell

ExposeFacts - For Whistleblowers, Journalism and Democracy - 0 views

exposefacts.org

transparency whistle-blowers resources Wikileaks Tail

shared by Paul Merrell on 06 Jun 14 - No Cached
  • Launched by the Institute for Public Accuracy in June 2014, ExposeFacts.org represents a new approach for encouraging whistleblowers to disclose information that citizens need to make truly informed decisions in a democracy. From the outset, our message is clear: “Whistleblowers Welcome at ExposeFacts.org.” ExposeFacts aims to shed light on concealed activities that are relevant to human rights, corporate malfeasance, the environment, civil liberties and war. At a time when key provisions of the First, Fourth and Fifth Amendments are under assault, we are standing up for a free press, privacy, transparency and due process as we seek to reveal official information—whether governmental or corporate—that the public has a right to know. While no software can provide an ironclad guarantee of confidentiality, ExposeFacts—assisted by the Freedom of the Press Foundation and its “SecureDrop” whistleblower submission system—is utilizing the latest technology on behalf of anonymity for anyone submitting materials via the ExposeFacts.org website. As journalists we are committed to the goal of protecting the identity of every source who wishes to remain anonymous.
  • The seasoned editorial board of ExposeFacts will be assessing all the submitted material and, when deemed appropriate, will arrange for journalistic release of information. In exercising its judgment, the editorial board is able to call on the expertise of the ExposeFacts advisory board, which includes more than 40 journalists, whistleblowers, former U.S. government officials and others with wide-ranging expertise. We are proud that Pentagon Papers whistleblower Daniel Ellsberg was the first person to become a member of the ExposeFacts advisory board. The icon below links to a SecureDrop implementation for ExposeFacts overseen by the Freedom of the Press Foundation and is only accessible using the Tor browser. As the Freedom of the Press Foundation notes, no one can guarantee 100 percent security, but this provides a “significantly more secure environment for sources to get information than exists through normal digital channels, but there are always risks.” ExposeFacts follows all guidelines as recommended by Freedom of the Press Foundation, and whistleblowers should too; the SecureDrop onion URL should only be accessed with the Tor browser — and, for added security, be running the Tails operating system. Whistleblowers should not log-in to SecureDrop from a home or office Internet connection, but rather from public wifi, preferably one you do not frequent. Whistleblowers should keep to a minimum interacting with whistleblowing-related websites unless they are using such secure software.
  • Paul Merrell on 06 Jun 14
     
    A new resource site for whistle-blowers. somewhat in the tradition of Wikileaks, but designed for encrypted communications between whistleblowers and journalists.  This one has an impressive board of advisors that includes several names I know and tend to trust, among them former whistle-blowers Daniel Ellsberg, Ray McGovern, Thomas Drake, William Binney, and Ann Wright. Leaked records can only be dropped from a web browser running the Tor anonymizer software and uses the SecureDrop system originally developed by Aaron Schwartz. They strongly recommend using the Tails secure operating system that can be installed to a thumb drive and leaves no tracks on the host machine. https://tails.boum.org/index.en.html Curious, I downloaded Tails and installed it to a virtual machine. It's a heavily customized version of Debian. It has a very nice Gnome desktop and blocks any attempt to connect to an external network by means other than installed software that demands encrypted communications. For example, web sites can only be viewed via the Tor anonymizing proxy network. It does take longer for web pages to load because they are moving over a chain of proxies, but even so it's faster than pages loaded in the dial-up modem days, even for web pages that are loaded with graphics, javascript, and other cruft. E.g., about 2 seconds for New York Times pages. All cookies are treated by default as session cookies so disappear when you close the page or the browser. I love my Linux Mint desktop, but I am thinking hard about switching that box to Tails. I've been looking for methods to send a lot more encrypted stuff down the pipe for NSA to store. Tails looks to make that not only easy, but unavoidable. From what I've gathered so far, if you want to install more software on Tails, it takes about an hour to create a customized version and then update your Tails installation from a new ISO file. Tails has a wonderful odor of having been designed for secure computing. Current
Paul Merrell

Leaked docs show spyware used to snoop on US computers | Ars Technica - 0 views

arstechnica.com/...-used-to-snoop-on-us-computers

surveillance state Gamma-Group FinFisher zero-day-exploits Vupen-Security MSOffice MSIE Acrobat

shared by Paul Merrell on 10 Aug 14 - No Cached
  • Software created by the controversial UK-based Gamma Group International was used to spy on computers that appear to be located in the United States, the UK, Germany, Russia, Iran, and Bahrain, according to a leaked trove of documents analyzed by ProPublica. It's not clear whether the surveillance was conducted by governments or private entities. Customer e-mail addresses in the collection appeared to belong to a German surveillance company, an independent consultant in Dubai, the Bosnian and Hungarian Intelligence services, a Dutch law enforcement officer, and the Qatari government.
  • The leaked files—which were posted online by hackers—are the latest in a series of revelations about how state actors including repressive regimes have used Gamma's software to spy on dissidents, journalists, and activist groups. The documents, leaked last Saturday, could not be readily verified, but experts told ProPublica they believed them to be genuine. "I think it's highly unlikely that it's a fake," said Morgan Marquis-Bore, a security researcher who while at The Citizen Lab at the University of Toronto had analyzed Gamma Group's software and who authored an article about the leak on Thursday. The documents confirm many details that have already been reported about Gamma, such as that its tools were used to spy on Bahraini activists. Some documents in the trove contain metadata tied to e-mail addresses of several Gamma employees. Bill Marczak, another Gamma Group expert at the Citizen Lab, said that several dates in the documents correspond to publicly known events—such as the day that a particular Bahraini activist was hacked.
  • The leaked files contain more than 40 gigabytes of confidential technical material, including software code, internal memos, strategy reports, and user guides on how to use Gamma Group software suite called FinFisher. FinFisher enables customers to monitor secure Web traffic, Skype calls, webcams, and personal files. It is installed as malware on targets' computers and cell phones. A price list included in the trove lists a license of the software at almost $4 million. The documents reveal that Gamma uses technology from a French company called Vupen Security that sells so-called computer "exploits." Exploits include techniques called "zero days" for "popular software like Microsoft Office, Internet Explorer, Adobe Acrobat Reader, and many more." Zero days are exploits that have not yet been detected by the software maker and therefore are not blocked.
  • ...2 more annotations...
  • Many of Gamma's product brochures have previously been published by the Wall Street Journal and Wikileaks, but the latest trove shows how the products are getting more sophisticated. In one document, engineers at Gamma tested a product called FinSpy, which inserts malware onto a user's machine, and found that it could not be blocked by most antivirus software. Documents also reveal that Gamma had been working to bypass encryption tools including a mobile phone encryption app, Silent Circle, and were able to bypass the protection given by hard-drive encryption products TrueCrypt and Microsoft's Bitlocker.
  • The documents also describe a "country-wide" surveillance product called FinFly ISP which promises customers the ability to intercept Internet traffic and masquerade as ordinary websites in order to install malware on a target's computer. The most recent date-stamp found in the documents is August 2, coincidung with the first tweet by a parody Twitter account, @GammaGroupPR, which first announced the hack and may be run by the hacker or hackers responsible for the leak. On Reddit, a user called PhineasFisher claimed responsibility for the leak. "Two years ago their software was found being widely used by governments in the middle east, especially Bahrain, to hack and spy on the computers and phones of journalists and dissidents," the user wrote. The name on the @GammaGroupPR Twitter account is also "Phineas Fisher." GammaGroup, the surveillance company whose documents were released, is no stranger to the spotlight. The security firm F-Secure first reported the purchase of FinFisher software by the Egyptian State Security agency in 2011. In 2012, Bloomberg News and The Citizen Lab showed how the company's malware was used to target activists in Bahrain. In 2013, the software company Mozilla sent a cease-and-desist letter to the company after a report by The Citizen Lab showed that a spyware-infected version of the Firefox browser manufactured by Gamma was being used to spy on Malaysian activists.
Paul Merrell

European Lawmakers Demand Answers on Phone Key Theft - The Intercept - 0 views

firstlook.org/...gemalto-heist-shocks-europe

surveillance state Gemalto SIM-card-keys

shared by Paul Merrell on 24 Feb 15 - No Cached
  • European officials are demanding answers and investigations into a joint U.S. and U.K. hack of the world’s largest manufacturer of mobile SIM cards, following a report published by The Intercept Thursday. The report, based on leaked documents provided by NSA whistleblower Edward Snowden, revealed the U.S. spy agency and its British counterpart Government Communications Headquarters, GCHQ, hacked the Franco-Dutch digital security giant Gemalto in a sophisticated heist of encrypted cell-phone keys. The European Parliament’s chief negotiator on the European Union’s data protection law, Jan Philipp Albrecht, said the hack was “obviously based on some illegal activities.” “Member states like the U.K. are frankly not respecting the [law of the] Netherlands and partner states,” Albrecht told the Wall Street Journal. Sophie in ’t Veld, an EU parliamentarian with D66, the Netherlands’ largest opposition party, added, “Year after year we have heard about cowboy practices of secret services, but governments did nothing and kept quiet […] In fact, those very same governments push for ever-more surveillance capabilities, while it remains unclear how effective these practices are.”
  • “If the average IT whizzkid breaks into a company system, he’ll end up behind bars,” In ’t Veld added in a tweet Friday. The EU itself is barred from undertaking such investigations, leaving individual countries responsible for looking into cases that impact their national security matters. “We even get letters from the U.K. government saying we shouldn’t deal with these issues because it’s their own issue of national security,” Albrecht said. Still, lawmakers in the Netherlands are seeking investigations. Gerard Schouw, a Dutch member of parliament, also with the D66 party, has called on Ronald Plasterk, the Dutch minister of the interior, to answer questions before parliament. On Tuesday, the Dutch parliament will debate Schouw’s request. Additionally, European legal experts tell The Intercept, public prosecutors in EU member states that are both party to the Cybercrime Convention, which prohibits computer hacking, and home to Gemalto subsidiaries could pursue investigations into the breach of the company’s systems.
  • According to secret documents from 2010 and 2011, a joint NSA-GCHQ unit penetrated Gemalto’s internal networks and infiltrated the private communications of its employees in order to steal encryption keys, embedded on tiny SIM cards, which are used to protect the privacy of cellphone communications across the world. Gemalto produces some 2 billion SIM cards a year. The company’s clients include AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers. “[We] believe we have their entire network,” GCHQ boasted in a leaked slide, referring to the Gemalto heist.
  • ...4 more annotations...
  • While Gemalto was indeed another casualty in Western governments’ sweeping effort to gather as much global intelligence advantage as possible, the leaked documents make clear that the company was specifically targeted. According to the materials published Thursday, GCHQ used a specific codename — DAPINO GAMMA — to refer to the operations against Gemalto. The spies also actively penetrated the email and social media accounts of Gemalto employees across the world in an effort to steal the company’s encryption keys. Evidence of the Gemalto breach rattled the digital security community. “Almost everyone in the world carries cell phones and this is an unprecedented mass attack on the privacy of citizens worldwide,” said Greg Nojeim, senior counsel at the Center for Democracy & Technology, a non-profit that advocates for digital privacy and free online expression. “While there is certainly value in targeted surveillance of cell phone communications, this coordinated subversion of the trusted technical security infrastructure of cell phones means the US and British governments now have easy access to our mobile communications.”
  • For Gemalto, evidence that their vaunted security systems and the privacy of customers had been compromised by the world’s top spy agencies made an immediate financial impact. The company’s shares took a dive on the Paris bourse Friday, falling $500 million. In the U.S., Gemalto’s shares fell as much 10 percent Friday morning. They had recovered somewhat — down 4 percent — by the close of trading on the Euronext stock exchange. Analysts at Dutch financial services company Rabobank speculated in a research note that Gemalto could be forced to recall “a large number” of SIM cards. The French daily L’Express noted today that Gemalto board member Alex Mandl was a founding trustee of the CIA-funded venture capital firm In-Q-Tel. Mandl resigned from In-Q-Tel’s board in 2002, when he was appointed CEO of Gemplus, which later merged with another company to become Gemalto. But the CIA connection still dogged Mandl, with the French press regularly insinuating that American spies could infiltrate the company. In 2003, a group of French lawmakers tried unsuccessfully to create a commission to investigate Gemplus’s ties to the CIA and its implications for the security of SIM cards. Mandl, an Austrian-American businessman who was once a top executive at AT&T, has denied that he had any relationship with the CIA beyond In-Q-Tel. In 2002, he said he did not even have a security clearance.
  • AT&T, T-Mobile and Verizon could not be reached for comment Friday. Sprint declined to comment. Vodafone, the world’s second largest telecom provider by subscribers and a customer of Gemalto, said in a statement, “[W]e have no further details of these allegations which are industrywide in nature and are not focused on any one mobile operator. We will support industry bodies and Gemalto in their investigations.” Deutsche Telekom AG, a German company, said it has changed encryption algorithms in its Gemalto SIM cards. “We currently have no knowledge that this additional protection mechanism has been compromised,” the company said in a statement. “However, we cannot rule out this completely.”
  • Update: Asked about the SIM card heist, White House press secretary Josh Earnest said he did not expect the news would hurt relations with the tech industry: “It’s hard for me to imagine that there are a lot of technology executives that are out there that are in a position of saying that they hope that people who wish harm to this country will be able to use their technology to do so. So, I do think in fact that there are opportunities for the private sector and the federal government to coordinate and to cooperate on these efforts, both to keep the country safe, but also to protect our civil liberties.”
  • Paul Merrell on 24 Feb 15
     
    Watch for massive class action product defect litigation to be filed against the phone companies.and mobile device manufacturers.  In most U.S. jurisdictions, proof that the vendors/manufacturers  knew of the product defect is not required, only proof of the defect. Also, this is a golden opportunity for anyone who wants to get out of a pricey cellphone contract, since providing a compromised cellphone is a material breach of warranty, whether explicit or implied..   
Gonzalo San Gil, PhD.

Siege Your Servers! | Linux Journal - 0 views

www.linuxjournal.com/...siege-your-servers

set up setup web server web sever linux open source free software

shared by Gonzalo San Gil, PhD. on 07 Jul 14 - No Cached
  • Gonzalo San Gil, PhD. on 07 Jul 14
     
    # ! (#FreeSoftware) #Security for these#troubled #times... "May 12, 2014 By Shawn Powers in Tech Tips Web Development Setting up Web servers is fairly simple. In fact, it's so simple that once the server is set up, we often don't think about it anymore. It wasn't until I had a very large Web site rollout fail miserably that I started to research a method for load-testing servers before releasing a Web site to production."
  • Gonzalo San Gil, PhD. on 07 Jul 14
     
    "May 12, 2014 By Shawn Powers in Tech Tips Web Development Setting up Web servers is fairly simple. In fact, it's so simple that once the server is set up, we often don't think about it anymore. It wasn't until I had a very large Web site rollout fail miserably that I started to research a method for load-testing servers before releasing a Web site to production."
Gonzalo San Gil, PhD.

Editorial: Wikipedia fails as an encyclopedia, to science's detriment | Ars Technica UK [# ! Note] - 0 views

arstechnica.co.uk/...clopedia-to-sciences-detriment

arstechnica criticism Wikipedia fail encyclopedia as science reference jealous about people-led social knowledge

shared by Gonzalo San Gil, PhD. on 02 Jan 16 - No Cached
    • Gonzalo San Gil, PhD.
      Gonzalo San Gil, PhD. on 02 Jan 16
       
      # ! Still many detractors of the social-driven knowledge, with perhaps a certain number of inaccuracies, in favor of the more biased multinational publishers' facts statements... (Special Report Internet encyclopaedias go head to head - Jim Giles http://www.nature.com/nature/journal/v438/n7070/full/438900a.html)
  • Gonzalo San Gil, PhD. on 02 Jan 16
     
    "by John Timmer (US) - Dec 29, 2015 4:35pm CET Ever look up an obscure scientific topic? Who is that information meant for?"
  • Gonzalo San Gil, PhD. on 02 Jan 16
     
    " by John Timmer (US) - Dec 29, 2015 4:35pm CET"
« First ‹ Previous 41 - 60 of 71 Next ›
Showing 20 items per page