Bruce Schneier presents a very cogent and convincing argument that "security awareness training" is a waste of money -- specifically, because the benefits of "security" are intangible, while the benefits of getting your work done are apparent.
To those who think that training users in security is a good idea, I want to ask: "Have you ever met an actual user?" They're not experts, and we can't expect them to become experts. The threats change constantly, the likelihood of failure is low, and there is enough complexity that it's hard for people to understand how to connect their behavior to eventual outcomes. So they turn to folk remedies that, while simple, don't really address the threats.
Even if we could invent an effective computer security training program, there's one last problem. HIV prevention training works because affecting what the average person does is valuable. Even if only half the population practices safe sex, those actions dramatically reduce the spread of HIV. But computer security is often only as strong as the weakest link. If four-fifths of company employees learn to choose better passwords, or not to click on dodgy links, one-fifth still get it wrong and the bad guys still get in. As long as we build systems that are vulnerable to the worst case, raising the average case won't make them more secure.
The whole concept of security awareness training demonstrates how the computer industry has failed. We should be designing systems that won't let users choose lousy passwords and don't care what links a user clicks on. We should be designing systems that conform to their folk beliefs of security, rather than forcing them to learn new ones. Microsoft has a great rule about system messages that require the user to make a decision. They should be NEAT: necessary, explained, actionable, and tested. That's how we should be designing security interfaces. And we should be spending money on security training for developers. These are people who can be taught expertise in a fast-changing environment, and this is a situation where raising the average behavior increases the security of the overall system.
New Zealand artist Bruce Mahalski has put a new sculpture of an AK47 assembled from animal bones up for sale, with a starting bid of NZD3500. It's quite a beautiful piece of work.
The latest bone gun by New Zealand bone artist – Mahalski – is a life-size AK47 machine gun(330mm x 940mm) featuring found animal bones from rabbit, stoat, ferret, sheep, hawk, pheasant, wallaby, snapper, snake, blackbird, tarakihi, hedgehog, broad-billed prion , shear water, thrush, seal ,cat and possum (plus part of a skull from the extinct moa ). The gun is made entirely of bones mounted on an invisible wooden frame and is displayed standing upright on two rods on a piece of recycled matai timber (1130mm x 2000mm). You can see more pictures at - www.mahalski.org
The band Ghost Beach won a promo deal with American Eagle, and spent the money on a prominent billboard in Times Square asking people to tweet their feelings about piracy. Piracy is winning:
Piracy is progress, piracy is freedom, piracy is harmless, piracy is inevitable, piracy is robbery, piracy is evil, piracy is selfish, or is it a fad?
The statements above are displayed on one of the world’s most prominent billboards in Times Square, New York. The billboard displays both positive and negative views on piracy and encourages the public to add their views via Twitter. Thus far the for-piracy side outnumbers the against-piracy side 20 to 1...
“Rather than just put up another advertisement, we decided to open a discussion up with our peers about how they felt about music distribution on the internet and the future of the industry,” the band tells TorrentFreak.
“Piracy Is Progress” Billboard on Times Square Divides Artists [Torrentfreak/Ernesto]
Here's Death and Taxes's collection of 18 obsolete words that would be handy (or at least funny) to use today, compiled by Carmel Lobello from a book called The Word Museum and a blog called Obsolete Word of the Day. Some of my favorites:
Snoutfair: A person with a handsome countenance — “The Word Museum: The Most Remarkable English Words Ever Forgotten” by Jeffrey Kacirk
Groak: To silently watch someone while they are eating, hoping to be invited to join them – www.ObsoleteWord.Blogspot.com
Spermologer: A picker-up of trivia, of current news, a gossip monger, what we would today call a columnist — “The Word Museum: The Most Remarkable English Words Ever Forgotten” by Jeffrey Kacirk
Jirble: To pour out (a liquid) with an unsteady hand: as, he jirbles out a dram — www.Wordnik.com
This undated bodybuilding ad is a spectacular example of the form -- the busy, unbridled, exuberant machismo, the fonts, the repetition. I think the world would be a better place if all printed literature took this form.
Today, I was lucky enough to get another one of rogue archivist Carl Malamud's boxes of awesome. It's a copy of the municipal codes of DC, which are laws that you're required to follow, but aren't allowed to see without paying. As with the last time I got one of these packages, it's because Carl has scanned and OCR'ed and cleaned up these codes, and has now published them for all to see. Here's the unboxing pics.
PROCLAMATION OF DIGITIZATION
“No Codification Without Promulgation”
WHEREAS, the District of Columbia has published the OFFICIAL CODE, containing the laws, general and permanent in their nature, relating to or in force in the District of Columbia; and
WHEREAS, the OFFICIAL CODE is only available for purchase for $803.00, plus tax and shipping, from the designated official publisher, the West Group, a wholly owned subsidiary of the Thomson Reuters Corporation, a foreign corporation; and
WHEREAS, the OFFICIAL CODE contains a prominent notice that the material is “COPYRIGHT 2001 by the District of Columbia” and “All Rights Are Reserved”; and
WHEREAS, in a nation governed by the rule of law and founded on the principles of freedom of expression, due process, and equal protection, people must have the right to freely read, know, and speak the laws by which we as a people choose to govern ourselves; and
WHEREAS, the Supreme Court of the United States has unequivocally ruled that the law cannot be subject to copyright in Wheaton v. Peters (33 U.S. 591, 1834), when the Court unanimously held that “no reporter has or can have any copyright in the written opinions delivered” by the Court; and
WHEREAS, the Supreme Court of the United States has repeatedly reaffirmed this principle, stating for example in Banks v. Manchester (128 U.S. 244, 1888) that “the authentic exposition and interpretation of the law, which, binding every citizen, is free for publication to all, whether it is a declaration of unwritten law, or an interpretation of a constitution or a statute”; and
WHEREAS, the United States Copyright Office has unequivocally stated “Edicts of government, such as judicial opinions, administrative rulings, legislative enactments, public ordinances, and similar official legal documents are not copyrightable for reasons of public policy. This applies to such works whether they are Federal, State, or local as well as to those of foreign governments.”
THEREFORE, it is hereby proclaimed by this notice that any assertion of copyright by the District of Columbia or other parties on the District of Columbia Code is declared to be NULL AND VOID as a matter of law and public policy as it is the right of every person to read, know, and speak the laws that bind them.
By the People and For the People on March 25, 2013
Holy. Blistering. Crap.
There was a dinner inside the Disneyland Haunted Mansion. And I didn't get to go.
I literally squealed with delight. It was the most amazing table setting I’ve ever seen. Fresh flowers, gorgeous vases, elegant table ware, goblets to drink from — it was very overwhelming.
From what I could tell, the table was basically a replica of the table in the Haunted Mansion ballroom. Even the plates, goblets & tablecloth looked the same!
To distract us while the cast members were dressing the table up for dessert, we were all told that we were going to take a ride on the Haunted Mansion. Because we were not done with our dining experience, we were going to ride the Doom Buggies round trip and exit the attraction where we entered. Already cool, right???
Well, at this time, we were also informed that our special dinner guests had to leave for a photo opp and they’d be back in a bit to join us for dessert. BUT, tricky Disney… They actually planted our guests IN the ride and the photo opp was for us! Seriously hysterical. So, as we rode around in our Doom Buggies, each person had a special spot to wave to us. AND yep, we were allowed to take photos, with flash!
Dining in Disneyland: Marc Davis Centennial Dinner INSIDE the Haunted Mansion (Thanks, Thomas Valley!)
Here's a bit of audio of Frank Zappa reading some of the dirty parts of William S Burroughs's Naked Lunch, taken from a rare double LP called "The Nova Convention."
The occasion of this reading was the Nova Convention in 1978, three days and nights of readings, panel discussions, film screenings, and performances that, The New York Times wrote at the time, “sought to grapple with some of the implications of the writing” of Burroughs. In addition to Burroughs and Zappa, the convention featured such notable countercultural names as Terry Southern, Patti Smith, Philip Glass, Brion Gysin, John Cage, Timothy Leary, and Robert Anton Wilson. A good bit of the happening (including the audio above) was recorded for posterity and released as a double-LP by Giorno Poetry Systems.
Science Hack Day is a fantastically inspiring and creative 48-hour event where scientists, designers, artists, and developers get together to make and do science and science-related projects. You and your friends should start one! Chief instigator Ariel "Space Hack" Waldman created a guide to organize a Science Hack Day and now, she's announced the 2013 Science Hack Day Ambassador Program. Thanks to a grant from the Gordon and Betty Moore Foundation, five people who want to organize a Science Hack Day in their cities will be flown to Science Hack Day in San Francisco on September 28-29 to see how it's done. Applications are accepted until May 1.
I’m no neat freak, but nothing looks more disgusting than a stove caked with splattered grease, melted cheese and old marinara sauce. And while I don’t think I’m exactly sloppy, my wife would argue that I don’t do a good job of cleaning up after myself. And so, without fail, our “easy to clean” glass cooktop is a perennial mess.
It’s not that I haven’t tried to keep it clean. The Windex/409 combo that I tend to use on every other surface in the house at least removes the loose stuff from the cooktop, but at best it’s only passable. Even if I did manage to get the thing really clean, every solution I’ve tried leaves some form of unsightly haze on the surface, which prevents it from ever looking truly clean.
So the other day when I was shopping for appliance parts for an unrelated kitchen catastrophe, I was pleased to discover Cerama Bryte on the store shelf. Wary of the descriptive yet unfortunate name, the friendly sales associate assured me that products like this tend to work well. So I bought it, used it and loved it.
Read the rest
Marijke Visser from the ALA Office for Information Technology Policy writes with this provocative question:
What could a library do with a gigabit broadband connection? What kinds of services could they do that they can’t without that big of a connection? Thinking way away from the typical services libraries offer now, what are some really big ideas that would need that much connectivity? These services could happen outside the library walls, in relationship to other community organizations and/or government agencies… How would a library hooked up to a gig benefit its community?
Some of America's worst copyright laws were passed through a profoundly undemocratic process called "policy laundering." This is what happens when an administration can't get Congress to pass a bad copyright law, so the US Trade Representative instead signs the US up to international treaties requiring America to pass the unpopular law. The 1998 Digital Millennium Copyright Act is one of the policy-laundered laws that has done enormous harm to the country.
Now the USTR is busy again, signing America up to treaties that undermine attempts by Congress to make phone unlocking and jailbreaking legal. America's official representative is going to other countries and telling them, "If you want to do business with America, you must ban jailbreaking and phone unlocking, and in return, we promise to keep those activities on the banned list, too."
In other words, America's trade reps are cramming a massively unpopular, harmful policy down the throats of its trading partners, while simultaneously locking America into the same policy, undermining Congress at the same time.
The Electronic Frontier Foundation wants you to take action on this. Maira Sutton and Parker Higgins have written a good article explaining policy laundering in depth.
U.S. wireless carriers claim that unlocking your phone to change carriers is illegal under Section 1201 of the DMCA, which prohibits the removal of digital rights management (DRM) technology. Section 1201 of the DMCA also set up a triennial rulemaking procedure, whereby the public can ask for exceptions to the rule that you cannot remove DRM from your devices. Phone unlocking was not approved in the last round of DMCA rulemaking, raising the specter of lawsuits against phone owners.
In light of public outrage over this, several members of Congress have introduced legislation to legalize phone unlocking. Already, opponents are saying that an effective narrow fix—a permanent phone-unlocking exemption from Section 1201—may violate the Korea-US trade agreement. Regardless of whether such a claim is true, such chatter can be enough to slow down the pace of change, and make any political reformers of the DMCA more cautious than they might otherwise be.
Big Content interest groups like the Motion Picture Association of America, Recording Industry Association of America, and International Federation of the Phonographic Industry—just to name a few—continue to have a strong influence on US trade negotiators. They are lobbying hard for our government to promote international policies to strengthen their control over how and when the public can interact and experience their creative products.
Ken Layne, writes that the authorities have denied the rewards promised to those who helped them find cop-killer Christopher Dorner. [The Awl]
Three brave heroes who survived their encounters with Dorner have since claimed the reward, but the stingy governments and groups who offered the money now refuse to pay because Dorner somehow didn't survive an army of cops roasting and demolishing the mountain cabin he holed up inside for his last stand.
After the LAPD's gung-ho public rampage in search of Dorner, a final insult to the people they ostensibly serve seems entirely appropriate. Update: Commenter Ethan points out, though, that the LAPD itself is planning to honor reward offers: "It's the city of Riverside that withdrew the reward. Irvine is still planning to pay it out as is LA. The LAPD Deputy Chief said it would be disingenuous to deny the reward because Dorner was killed."
The latest piece from mad assemblage sculptor Roger Wood is this delightful ray-gun: "Another mental health break from clocks with this Steampunk ray gun and charging stand."
The Pyramids of Giza close to tourists at 4:00 pm. Recently, a group of Russians managed to hide out at the site after closing time and scramble up the Great Pyramid of Cheops in the fading light. Naturally, they took photos. (Because if there is one thing the Internet has taught me about Russians, it's that they like to climb to dangerous heights and then take photos.)
These shots are kind of fabulous, not just for the thrill of "yeah, somebody broke the rules!", but because of the perspective you get from on high that isn't visible in the many ground-level shots I've seen. From on top of the Pyramid, you can see how the stone is pockmarked and carved — it really looks like something humans cut out of the Earth. You can also see the graffiti left by generations of tourists in multiple languages; English, Arabic, French, and more. And you can see the edge of the modern city, shimmering just at the horizon. I don't think I'd previously had such a profound sense of how closely modern Egyptians lived and worked to the Great Pyramid, before. What a fascinating view!
Thanks to Steve Silberman for the link!
Photographer Göran Strand created this stunning time-lapse video made from photographs of the aurora borealis as seen from Östersund, Sweden on March 17, 2013. The video consists of 2,464 images taken over four hours. The extreme intensity of the aurora borealis display resulted from a huge solar storm spurred by two solar flares that erupted on March 6.
Castle View School in Canvey Island, Essex, England, briefly banned triangular flapjacks (not pancakes; the English call granola-bar-like food "flapjacks") after a student sustained an injury when another student threw a cornersome flapjack at him. The school authorities required that all flapjacks must be served in rectangular portions, to increase the safety of food-fights.
The ban did not stand very long. Public mockery seems to have killed it.
According to one report, in 2011 British MP and Education Secretary Michael Gove was prevented from taking flapjacks into a cabinet meeting, after officials cited similar safety concerns. That is the only report of that alleged incident, however—although Gove was (and is) the Education Secretary, there does not appear to be any other evidence that he was ever frisked for flapjacks or that even the British government has actually classified them as a security risk.
On Thursday (3/28) at 3pm ET, Boing Boing pal and White House innovation advisor Tom Kalil is hosting a Google Hangout to talk about the maker movement! Tom has been instrumental in helping President Obama and the administration understand the value of maker culture in sci/tech education. Joining Tom in the Hangout will be folks like MAKE founder Dale Dougherty, Super Awesome Maker Show's Super Awesome Sylvia, and Ford future tech lead Venkatesh Prasad. "White House Hangout: The Maker Movement"
(Above, President Obama checks out a soccer-playing robot built by Blue Bell, PA high school students. Photo by Pete Souza.)
We've gathered fresh video for you to surf and enjoy on the Boing Boing video page. The latest finds for your viewing pleasure include:
• Your WiFi-enabled camera might be spying on you.
• Cody R Wilson's 3D-printed guns: the VICE documentary
• Troll comments on YouTube video by sending comment via postal mail.
• Calculating product placement in hip hop songs: CDZA's $56 million musical shopping spree.
• Rap Quotes: site-specific street art with official-looking signs bearing hip hop lyrics.
• Telekinesis' latest video has a romantic ghost in the machine.
• Winny Puhh: through YouTube, bizarro Estonian punk band finds new global fame.
• A fisherman opened the uterus of an adult bull shark and found a two-headed shark pup inside.
A Gulf of Mexico fisherman opened the uterus of an adult bull shark and found a two-headed shark pup inside. According to Michigan State University researchers, this is the first two-headed bull shark confirmed by scientists. ""Given the timing of the shark's discovery with the Deepwater Horizon oil spill, I could see how some people may want to jump to conclusions," Michael Wagner, MSU assistant professor of fisheries and wildlife, wrote in a report in the Journal of Fish Biology. "Making that leap is unwarranted. We simply have no evidence to support that cause or any other." (EurekAlert!)
The highly theatrical Estonian punk/metal/WTF band Winny Puhh have been around since 1993 or so, but online audiences around the world are discovering them by way of this video: the band performing their song “Meiecundimees üks Korsakov läks eile Lätti” on Eesti Laul 2013, the semifinals for the Estonian slot in Eurovision Song Contest 2013.