Bruce Schneier presents a very cogent and convincing argument that "security awareness training" is a waste of money -- specifically, because the benefits of "security" are intangible, while the benefits of getting your work done are apparent.
To those who think that training users in security is a good idea, I want to ask: "Have you ever met an actual user?" They're not experts, and we can't expect them to become experts. The threats change constantly, the likelihood of failure is low, and there is enough complexity that it's hard for people to understand how to connect their behavior to eventual outcomes. So they turn to folk remedies that, while simple, don't really address the threats.
Even if we could invent an effective computer security training program, there's one last problem. HIV prevention training works because affecting what the average person does is valuable. Even if only half the population practices safe sex, those actions dramatically reduce the spread of HIV. But computer security is often only as strong as the weakest link. If four-fifths of company employees learn to choose better passwords, or not to click on dodgy links, one-fifth still get it wrong and the bad guys still get in. As long as we build systems that are vulnerable to the worst case, raising the average case won't make them more secure.
The whole concept of security awareness training demonstrates how the computer industry has failed. We should be designing systems that won't let users choose lousy passwords and don't care what links a user clicks on. We should be designing systems that conform to their folk beliefs of security, rather than forcing them to learn new ones. Microsoft has a great rule about system messages that require the user to make a decision. They should be NEAT: necessary, explained, actionable, and tested. That's how we should be designing security interfaces. And we should be spending money on security training for developers. These are people who can be taught expertise in a fast-changing environment, and this is a situation where raising the average behavior increases the security of the overall system.
New Zealand artist Bruce Mahalski has put a new sculpture of an AK47 assembled from animal bones up for sale, with a starting bid of NZD3500. It's quite a beautiful piece of work.
The latest bone gun by New Zealand bone artist – Mahalski – is a life-size AK47 machine gun(330mm x 940mm) featuring found animal bones from rabbit, stoat, ferret, sheep, hawk, pheasant, wallaby, snapper, snake, blackbird, tarakihi, hedgehog, broad-billed prion , shear water, thrush, seal ,cat and possum (plus part of a skull from the extinct moa ). The gun is made entirely of bones mounted on an invisible wooden frame and is displayed standing upright on two rods on a piece of recycled matai timber (1130mm x 2000mm). You can see more pictures at - www.mahalski.org
The band Ghost Beach won a promo deal with American Eagle, and spent the money on a prominent billboard in Times Square asking people to tweet their feelings about piracy. Piracy is winning:
Piracy is progress, piracy is freedom, piracy is harmless, piracy is inevitable, piracy is robbery, piracy is evil, piracy is selfish, or is it a fad?
The statements above are displayed on one of the world’s most prominent billboards in Times Square, New York. The billboard displays both positive and negative views on piracy and encourages the public to add their views via Twitter. Thus far the for-piracy side outnumbers the against-piracy side 20 to 1...
“Rather than just put up another advertisement, we decided to open a discussion up with our peers about how they felt about music distribution on the internet and the future of the industry,” the band tells TorrentFreak.
“Piracy Is Progress” Billboard on Times Square Divides Artists [Torrentfreak/Ernesto]
Here's Death and Taxes's collection of 18 obsolete words that would be handy (or at least funny) to use today, compiled by Carmel Lobello from a book called The Word Museum and a blog called Obsolete Word of the Day. Some of my favorites:
Snoutfair: A person with a handsome countenance — “The Word Museum: The Most Remarkable English Words Ever Forgotten” by Jeffrey Kacirk
Groak: To silently watch someone while they are eating, hoping to be invited to join them – www.ObsoleteWord.Blogspot.com
Spermologer: A picker-up of trivia, of current news, a gossip monger, what we would today call a columnist — “The Word Museum: The Most Remarkable English Words Ever Forgotten” by Jeffrey Kacirk
Jirble: To pour out (a liquid) with an unsteady hand: as, he jirbles out a dram — www.Wordnik.com
This undated bodybuilding ad is a spectacular example of the form -- the busy, unbridled, exuberant machismo, the fonts, the repetition. I think the world would be a better place if all printed literature took this form.
Today, I was lucky enough to get another one of rogue archivist Carl Malamud's boxes of awesome. It's a copy of the municipal codes of DC, which are laws that you're required to follow, but aren't allowed to see without paying. As with the last time I got one of these packages, it's because Carl has scanned and OCR'ed and cleaned up these codes, and has now published them for all to see. Here's the unboxing pics.
PROCLAMATION OF DIGITIZATION
“No Codification Without Promulgation”
WHEREAS, the District of Columbia has published the OFFICIAL CODE, containing the laws, general and permanent in their nature, relating to or in force in the District of Columbia; and
WHEREAS, the OFFICIAL CODE is only available for purchase for $803.00, plus tax and shipping, from the designated official publisher, the West Group, a wholly owned subsidiary of the Thomson Reuters Corporation, a foreign corporation; and
WHEREAS, the OFFICIAL CODE contains a prominent notice that the material is “COPYRIGHT 2001 by the District of Columbia” and “All Rights Are Reserved”; and
WHEREAS, in a nation governed by the rule of law and founded on the principles of freedom of expression, due process, and equal protection, people must have the right to freely read, know, and speak the laws by which we as a people choose to govern ourselves; and
WHEREAS, the Supreme Court of the United States has unequivocally ruled that the law cannot be subject to copyright in Wheaton v. Peters (33 U.S. 591, 1834), when the Court unanimously held that “no reporter has or can have any copyright in the written opinions delivered” by the Court; and
WHEREAS, the Supreme Court of the United States has repeatedly reaffirmed this principle, stating for example in Banks v. Manchester (128 U.S. 244, 1888) that “the authentic exposition and interpretation of the law, which, binding every citizen, is free for publication to all, whether it is a declaration of unwritten law, or an interpretation of a constitution or a statute”; and
WHEREAS, the United States Copyright Office has unequivocally stated “Edicts of government, such as judicial opinions, administrative rulings, legislative enactments, public ordinances, and similar official legal documents are not copyrightable for reasons of public policy. This applies to such works whether they are Federal, State, or local as well as to those of foreign governments.”
THEREFORE, it is hereby proclaimed by this notice that any assertion of copyright by the District of Columbia or other parties on the District of Columbia Code is declared to be NULL AND VOID as a matter of law and public policy as it is the right of every person to read, know, and speak the laws that bind them.
By the People and For the People on March 25, 2013
Holy. Blistering. Crap.
There was a dinner inside the Disneyland Haunted Mansion. And I didn't get to go.
I literally squealed with delight. It was the most amazing table setting I’ve ever seen. Fresh flowers, gorgeous vases, elegant table ware, goblets to drink from — it was very overwhelming.
From what I could tell, the table was basically a replica of the table in the Haunted Mansion ballroom. Even the plates, goblets & tablecloth looked the same!
To distract us while the cast members were dressing the table up for dessert, we were all told that we were going to take a ride on the Haunted Mansion. Because we were not done with our dining experience, we were going to ride the Doom Buggies round trip and exit the attraction where we entered. Already cool, right???
Well, at this time, we were also informed that our special dinner guests had to leave for a photo opp and they’d be back in a bit to join us for dessert. BUT, tricky Disney… They actually planted our guests IN the ride and the photo opp was for us! Seriously hysterical. So, as we rode around in our Doom Buggies, each person had a special spot to wave to us. AND yep, we were allowed to take photos, with flash!
Dining in Disneyland: Marc Davis Centennial Dinner INSIDE the Haunted Mansion (Thanks, Thomas Valley!)
Here's a bit of audio of Frank Zappa reading some of the dirty parts of William S Burroughs's Naked Lunch, taken from a rare double LP called "The Nova Convention."
The occasion of this reading was the Nova Convention in 1978, three days and nights of readings, panel discussions, film screenings, and performances that, The New York Times wrote at the time, “sought to grapple with some of the implications of the writing” of Burroughs. In addition to Burroughs and Zappa, the convention featured such notable countercultural names as Terry Southern, Patti Smith, Philip Glass, Brion Gysin, John Cage, Timothy Leary, and Robert Anton Wilson. A good bit of the happening (including the audio above) was recorded for posterity and released as a double-LP by Giorno Poetry Systems.
Science Hack Day is a fantastically inspiring and creative 48-hour event where scientists, designers, artists, and developers get together to make and do science and science-related projects. You and your friends should start one! Chief instigator Ariel "Space Hack" Waldman created a guide to organize a Science Hack Day and now, she's announced the 2013 Science Hack Day Ambassador Program. Thanks to a grant from the Gordon and Betty Moore Foundation, five people who want to organize a Science Hack Day in their cities will be flown to Science Hack Day in San Francisco on September 28-29 to see how it's done. Applications are accepted until May 1.
I’m no neat freak, but nothing looks more disgusting than a stove caked with splattered grease, melted cheese and old marinara sauce. And while I don’t think I’m exactly sloppy, my wife would argue that I don’t do a good job of cleaning up after myself. And so, without fail, our “easy to clean” glass cooktop is a perennial mess.
It’s not that I haven’t tried to keep it clean. The Windex/409 combo that I tend to use on every other surface in the house at least removes the loose stuff from the cooktop, but at best it’s only passable. Even if I did manage to get the thing really clean, every solution I’ve tried leaves some form of unsightly haze on the surface, which prevents it from ever looking truly clean.
So the other day when I was shopping for appliance parts for an unrelated kitchen catastrophe, I was pleased to discover Cerama Bryte on the store shelf. Wary of the descriptive yet unfortunate name, the friendly sales associate assured me that products like this tend to work well. So I bought it, used it and loved it.
Read the rest
Marijke Visser from the ALA Office for Information Technology Policy writes with this provocative question:
What could a library do with a gigabit broadband connection? What kinds of services could they do that they can’t without that big of a connection? Thinking way away from the typical services libraries offer now, what are some really big ideas that would need that much connectivity? These services could happen outside the library walls, in relationship to other community organizations and/or government agencies… How would a library hooked up to a gig benefit its community?
Some of America's worst copyright laws were passed through a profoundly undemocratic process called "policy laundering." This is what happens when an administration can't get Congress to pass a bad copyright law, so the US Trade Representative instead signs the US up to international treaties requiring America to pass the unpopular law. The 1998 Digital Millennium Copyright Act is one of the policy-laundered laws that has done enormous harm to the country.
Now the USTR is busy again, signing America up to treaties that undermine attempts by Congress to make phone unlocking and jailbreaking legal. America's official representative is going to other countries and telling them, "If you want to do business with America, you must ban jailbreaking and phone unlocking, and in return, we promise to keep those activities on the banned list, too."
In other words, America's trade reps are cramming a massively unpopular, harmful policy down the throats of its trading partners, while simultaneously locking America into the same policy, undermining Congress at the same time.
The Electronic Frontier Foundation wants you to take action on this. Maira Sutton and Parker Higgins have written a good article explaining policy laundering in depth.
U.S. wireless carriers claim that unlocking your phone to change carriers is illegal under Section 1201 of the DMCA, which prohibits the removal of digital rights management (DRM) technology. Section 1201 of the DMCA also set up a triennial rulemaking procedure, whereby the public can ask for exceptions to the rule that you cannot remove DRM from your devices. Phone unlocking was not approved in the last round of DMCA rulemaking, raising the specter of lawsuits against phone owners.
In light of public outrage over this, several members of Congress have introduced legislation to legalize phone unlocking. Already, opponents are saying that an effective narrow fix—a permanent phone-unlocking exemption from Section 1201—may violate the Korea-US trade agreement. Regardless of whether such a claim is true, such chatter can be enough to slow down the pace of change, and make any political reformers of the DMCA more cautious than they might otherwise be.
Big Content interest groups like the Motion Picture Association of America, Recording Industry Association of America, and International Federation of the Phonographic Industry—just to name a few—continue to have a strong influence on US trade negotiators. They are lobbying hard for our government to promote international policies to strengthen their control over how and when the public can interact and experience their creative products.
Ken Layne, writes that the authorities have denied the rewards promised to those who helped them find cop-killer Christopher Dorner. [The Awl]
Three brave heroes who survived their encounters with Dorner have since claimed the reward, but the stingy governments and groups who offered the money now refuse to pay because Dorner somehow didn't survive an army of cops roasting and demolishing the mountain cabin he holed up inside for his last stand.
After the LAPD's gung-ho public rampage in search of Dorner, a final insult to the people they ostensibly serve seems entirely appropriate. Update: Commenter Ethan points out, though, that the LAPD itself is planning to honor reward offers: "It's the city of Riverside that withdrew the reward. Irvine is still planning to pay it out as is LA. The LAPD Deputy Chief said it would be disingenuous to deny the reward because Dorner was killed."