Author Archives: Frank Patrizio

European Countries Not Putting up with Google’s Privacy Policies

This article expresses that the six largest European markets (France, Spain, Italy, the United Kingdom, the Netherlands, and Germany) have announced to take joint legal action against Google over their privacy policies. This action was taken after Google’s decision last year to consolidate more than seventy privacy policy into a single one, and after they decided to change their terms of service agreement. Google did not comply with EU data protection authorities’ recommendations, and did not follow up after a meeting with representatives of the six nations, leading to an investigation on Google by these nations. This could lead to fines for Google and/or possibly the banning of Google services in these countries until changes are made.

 

I think this article really goes to show that people aren’t going to tolerate Google’s abuse of information gathering. I also think it is good that these countries are calling attention to these abuses, as I don’t think many average users of Google services know how much data they are giving away. Although Google may be fined by these countries, I don’t think they will impact Google so much. From what I understand, the fines that could be imposed would barely be able to put a dent in Google’s economic infrastructure. I think the greatest impact that these nations could have on Google will stem from the public awareness that they are raising and the possible bans that could be put in place. I think if they go through with the ban in those markets, we could very well see a much more “tame” Google in terms of the user’s privacy. I think it is good that these countries are doing this because Google needs to be brought back down to Earth before they go overboard and severely damage the privacy of every individual.

WordPress Has Become a Big Target for Hackers

This article describes how WordPress has become a huge target for massive brute force attacks, due to many WordPress users not using strong credentials.  Recently, sites using WordPress have been subjected to attacks by botnets of massive proportions. This is due to many administrators just making their username “admin” and using a simple password such as “123456”, therefore making it easy for a botnet to log into many administrator accounts by using a brute force method of attack on many websites. Solutions to this problem are simple: all WordPress users have to do is change their username and password, if they are simple/not strong, and implement a form of two-factor authentication. The problem with this though, is that many people overlook the importance of internet security and just assume “oh, well that would never happen to me.”

 

I think this article shows that it is vital that it is made aware that basic security is very important and should not be disregarded. I believe that many people hosting these websites have little knowledge of internet security and need to be informed of its importance before they are hijacked and end up unknowingly contributing to a botnet that could adversely affect many people. This is a simple problem that requires a simple solution, but a solution cannot be formed if people do not know of the problem in the first place. Hopefully the blog’s administrator account credentials are not “admin” and “123456”…

I Do Not Like Richard Stallman

I attended Richard Stallman’s guest lecture the other night, and I can honestly say that I definitely do not care for him as a person and I think his movement is far too radical, to the point that I think it can be considered an extremest movement.

I think what Richard Stallman is shooting for is a worthwhile goal, but his way of trying to get there is ridiculous. He cannot truly expect that I am going to quit using cellphones and delete my Facebook because they may invade my privacy a little and can be used to track me. In fact, I promote that. I hope they can use these technologies to track down the coward who blew up the finish line at the Boston Marathon. Without these technologies, it is possible that this shithead may get away with it. Once again, I promote free software, but I do not promote Richard Stallman’s way of getting there.

I also felt that everytime someone asked him a question or exclaimed a criticism he took it as an attack on his movement and in turn, behaved like an asshole. I think he had a very condescending tone toward all of us and behaved very unprofessionally. It’s like he felt so highly of himself and we were all just a bunch of idiots who needed to see that his way of doing things is the only way of doing things; in his eyes we have to change completely and he/his movement are perfect and there is no room for improvement.  In a way, I see him as a bit of a hypocrite. In the same way that Apple ropes in their users, Richard Stallman is trying to rope us into his. If we don’t see things his way we are “unethical” or “evil.” I think he bullies people into his movement with name-calling like that.

Also, here is a video of Stallman eating something off of his foot. It’s gross/funny, but when regular people see this I think it definitely turns them off to his movement and furthers the notion that he is a wacko. Free Software deserves a more professional and appealing leader  —

Skip to 1:52 for the foot-crud feast

^^If you are a Stallmanite I cannot recommend that you watch this video as it was recorded and released in a non-free format. For the rest of you, enjoy the show.

Doctors Fool Biometric Scanner to Clock in Colleagues

This article on CNET reports that five doctors in a Brazilian hospital are being prosecuted for using fake silicon fingers to clock their colleagues in with their biometric scanner. It is reported that up to 300 hospital employees, due to this biometric fooling trick, may never come to work. One of the doctors being prosecuted claims that this forced on her as a condition of keeping her job by the head of the ER, who had a daughter that “worked” at the hospital.

 

I think we all can instantly see a truck load of ethical problems with this exploit. It’s one thing to fool the clock at your workplace, but at a hospital? Seriously? The importance of hospital employees being at work is far greater than probably any other profession, so this adds a far deeper level of ethical conflict to this situation. I find it extremely unsettling that DOCTORS were doing this. You think that they should have been smarter than to pull something like this, or if what they claim about the “condition of keeping their job” was true that they would have had the moral compass to go to the authorities on it. I can’t imagine that the demand for doctors in Brazil is low so why they think that they would not have been able to get a job is beyond me. I also can’t imagine how many people’s health/lives were affected by this abuse. Importantly, I think this shows that even biometric scanners can be unreliable and have a need to be improved if they are going to be used in applications such as a timekeeper.

 

Very simply, from a utilitarian point of view, this action is morally wrong. There is no other way to put it. The happiness of the hospital employees getting to skip work does not outweigh the countless number of patients that were negatively affected by their absence.

Facebook withdraws support of CISPA

I found this article on CNET and believe it ties in very nicely with our class discussions about privacy. The Cyber Intelligence Sharing and Protection Act (CISPA) is a proposed law in the USA which would allow the government to “investigate cyber threats and ensure the security of networks against cyberattack” by allowing the government to have access to Internet traffic information from many U.S. companies. The bill would overrule all existing federal and state laws by saying “notwithstanding any other provision of law.” Opponents of the bill say that the bill will “waive every single privacy law ever enacted in the name of cybersecurity” and U.S. Representative Ron Paul has even gone so far as to call the bill “Big Brother writ large.” The bill is supported by many telecommunications and information technology companies such as AT&T, IBM, INTEL, Oracle Corporation, Symantec, and Verizon. Facebook supported the bill until very recently when they withdrew support to promote consumer privacy.

 

I find this bill to be offensive and very much so an invasion of individual privacy. I am supportive of Facebook withdrawing from the bill as I believe it is detrimental to the quality of privacy for American citizens,  although I question Facebook’s motive for withdrawing as they did not withdraw until they went under the heat of a petition created to convince Mark Zuckerberg otherwise. I think it is very possible that Mark Zuckerberg may still support the petition, but is afraid to admit it due to consumer backlash and Facebook’s privacy issues in the past.

 

I think that if you look at the bill from a utilitarian point of view, it results in decreased happiness for all involved. Although some may argue that the decrease in cybercrime may increase happiness for all involved, I do not believe that the bill would be that effective in preventing or stopping crime and would mostly serve to annoy and scare many U.S. citizens.  I believe the bill would be used to prosecute people committing less threatening cybercrimes (downloading illegal music, movies, etc.) much, much more than it would ever have the potential to stop greater cybercrimes (overseas hacking, child abduction, etc.).

I am interested to hear what the rest of you think about this. Also, If you do think this bill would be effective, I encourage you to convince me otherwise.

The State of Cybersecurity in the U.S. Military

TechNewsWorld recently posted an article in which it states that US cybersecurity has shaky foundations and it is not reliable that our “critical information technology systems will work under attack from a sophisticated opponent with good resources.” The Office of Management and Budget (OMB) has just released its 2011 fiscal year report on the implementation if the Federal Information Security Management Act (FISMA) in which it makes the claim that our U.S. Military has major cybersecurity gaps. OMB reports that controlled incidents of attack in 2011 were only detected 49 percent of the time compared to 70 percent in 2010, a staggering decrease. They also report that only 58 percent of the agencies surveyed used email validation technology, compared to 46 percent the in 2010.

 

This article makes me shudder to think how much more vulnerable the cybersecurity of the U.S. government has become since the span of this report (it only covers through 2011 so I am assuming they release these reports a year late). We spend absurd amounts of money on the defense department, so why is it that we are so digitally compromised? Shouldn’t every government agency be using email validation technology? What are the downfalls of using the technology as this report shows that only a little over half of the agencies are using it?  Maybe you guys can answer some of these questions as I am not the most informed in this subject, but this article has definitely made me start to worry what countries like China and North Korea could do if they attempted to penetrate our defenses over the web.

DMCA Has Pushed Its Limits

Recently CNET posted an article exclaiming that Congress may be looking into “defang”-ing DMCA law after a recent incident in which it has angered many members of the American public. According to the article, Congress declared that unlocking your cellphone to use it on another network other than the one you bought it from is illegal. This brought forth incredible opposition from many citizens, so much that a petition was created, got 100,000 signatures, and was received.  The White house is now obliged to respond as 100,000 signatures is the threshold to get the White House to review a petition. CNET believes that this may be the final straw with the DMCA as it goes to show how ridiculous some of the sections of the law are.

 

I personally find it outrageous that it is now illegal to unlock your phone. It is like buying a new car, and being told that if you drive your car with any brand of tire other than Goodyear, you are committing a felony. You own the car. You should have the right to do with it or modify it however you please. It’s one thing to say that the car manufacturer may void your warranty if you use parts not approved for use with your car, but it is outrageous that the government could consider you a felon and fine or jail you because you decided that you like Michelin tires better than Goodyear.

 

That is just my two cents. Let me know what you guys think.