Policy wonk. Torontonian. Photographer. Not necessarily in that order.
digg:
It only took an hour to print our own model of Winterfell. (Accidentally in Lannister red)
If you have access to a 3D printer, here’s the file.
Finally, a good use for 3D printers.
Hmm…this might be the thing that pushes me to actually look at/use the local makerbot
Needy U.S. borrowers are defaulting on almost $1 billion in federal student loans earmarked for the poor, leaving schools such as Yale University and the University of Pennsylvania with little choice except to sue their graduates.
The record defaults on federal Perkins loans may jeopardize the prospects of current students since they are part of a revolving fund that colleges give to students who show extraordinary financial hardship.
Yale, Penn and George Washington University have all sued former students over nonpayment, court records show. While no one tracks the number of lawsuits, students defaulted on $964 million in Perkins loans in the year ended June 2011, 20 percent more than five years earlier, government data show. Unlike most student loans — distributed and collected by the federal government — Perkins loans are administered by colleges, which use repayment money to lend to other poor students.
» via Bloomberg
The default situation is only going to get worse and worse, especially for those that tried to hide from the US recession by staying in school and taking on educational debt.
This is all kinds of badness, and speaks to malware vendors becoming increasingly sophisticated in how they are targeting low hanging fruit (i.e. random users). In essence, the attack involved getting a certificate issued and then using it to create valid digital signatures for .pdf invoice documents. Once individuals opened the invoices the malware associated with the .pdf would burrow into the OS and act as a key logger that targeted banking information.
Unfortunately, I’ve not yet seen a media article discuss the mediocre effectiveness of revoking the certificate used to sign the .pdf. The OCSP protocol is incredibly susceptible to being defeated, especially if malware already resides on the target’s computer or a point in between the target and the revocation server is controlled by the attacker (possible by setting a compromised computer to proxy traffic to a host controlled by the attacker). So, while while the cert has been revoked, this actions does not necessarily stop the malware from functioning, but just reduces the prospective attack surface. Moreover, if browser/operating system CA stores are not updated – again, possible if the attacker already controls the host – then the same attacker can convince the browser or OS to continue trusting an expired certificate.
The totalizers would happily follow Johnson in seeking answers to questions such as “So what does the Internet want?”—as if the Internet were a living thing with its own agenda and its own rights. Cue a recent Al Jazeera column: “The internet is not territory to be conquered, but life to be preserved and allowed to evolve freely. … From understanding the internet as a life form that is in part human, it follows that the internet itself has rights.”13 That is the kind of crazy talk to be avoided. The particularizers would not invoke “the Internet” to embark on a quixotic attempt to re-make democratic politics; but the totalizers, in their quasi-religious belief, would do so gladly.
A good account of the Internet would never need to mention that dreadful word at all. This stringent requirement might uproot most of our Internet thinkers from the plateau of banal and erroneous generalizations where they have resided for the last two decades; after all, it is the very notion of “the Internet” that has allowed them to stay there for so long. Now that Internet-centrism is not just a style of thought but also an excuse for a naïve and damaging political ideology, the costs of letting its corrosive influence go unnoticed have become too high.
Evgeny Morozov, a Review of Future Perfect: The Case for Progress in a Networked Age
I treat the Internet like a fucking asp, like a dangerous reptile – my comfort sole squashed down hard on the snakeneck … Your security is only as trustworthy as the worst person on Earth.
Security advice from ‘Tycho’, “A Teachable Moment”
What the title says, basically. I had missed this.
The warning should be heard by non-EU citizen too, with the Cloud, privacy is fucking dead. And what’s sadder is that 90% of people simply don’t care.
Unless it makes more probable for your significant other to see your transsexual porn browser history…
The EU Report is well worth a full read (available here in .pdf). Things to keep in mind that aren’t all that being well discussed:
The second point is particularly important for non-Europeans. While it’s a lesser spoken about part of the intelligence world, spooks are routinely engaged in industrial espionage on the grounds that such acts assist the nation-state’s finances. This can include the theft of foreign corporations’ information, or (in extreme cases) the deletion of the same information. It seems that FISAAA’s amendments would only permit the former, and not the latter. However, as a result of these amendments corporations should be more wary of outsourcing their document storage to US-based cloud services, content creation to US hosts and online services, or communications systems to (you guessed it!) American firms. Placing such data in the hands of the Americans is rife with potential economic harms and, no matter how much you like Dropbox, Google, or other cloud provider, they’re all likely to turn on you if the NSA comes knocking.
Source: EU citizen warned not to use US cloud services over spying fears
Privacy is not simply an individual right or civil liberty; it is a vital component of the social contract between Canadians and their government. Without privacy, without protective boundaries between government and citizens, trust begins to erode. Good governance requires mutual trust between state and citizen. Otherwise, alienation and a sense of inequality begin to spread, circumstances under which no program for public scrutiny can be tenable or effective in the long term. Where citizen trust hits a low point, in fact, such security measures may be undermined, ignored, circumvented – or in the most egregious cases – passively or actively resisted.
Office of the Privacy Commissioner of Canada, “A Matter of Trust: Integrating Privacy and Public Safety in the 21st Century”
Aaron was part of an army of citizens that believes democracy only works when the citizenry are informed, when we know about our rights—and our obligations. An army that believes we must make justice and knowledge available to all—not just the well born or those that have grabbed the reigns of power—so that we may govern ourselves more wisely.
…
When people try to restrict access to the law, or they try to collect tolls on the road to knowledge, or deny education to those without means, those people are the ones who should face the stern gaze of an outraged public prosecutor.
Carl Malamud, “Aaron’s Army”
Excited Pixels