Category: Aside

Heartbleed may lead to more security audits, advanced security services

Post author By Christopher Parsons
Post date April 20, 2014

Chris Parsons, a post-doctoral fellow with the Citizen Lab at the Munk School of Global Affairs, said that there has been an increased call for outside security audits for OpenSSL, the security system affected by Heartbleed.

“Researchers have been grumbling that OpenSSL and other highly-relied upon security libraries need to be subject to more ‘forensic audits’ by professionals to identify and patch flaws before they are exploited in the wild,” he said.

Heartbleed was discovered by ateam of researchers from the Finnish security firm Codenomicon, along with a Google Inc. researcher who was working separately.

Missed this when it went up, but posting because I think it touches on something that is important to track as things move forward: despite experts inside and outside of industry recognizing the need for more audits of critical packages like OpenSSL, will resources actually be devoted to enable such work?

Source: Heartbleed may lead to more security audits, advanced security services

Tags Cyber Security, Heartbleed, Vulnerability

Aside Links

Grand Visions Fizzle in Brazil

Post author By Christopher Parsons
Post date April 14, 2014

The NYT has an incredibly depressing view of the way that Brasil is moving forward; while much of it is shared by the citizens of that country the article is overly one-sided and generally lacks a comprehensive understanding of why some of the cost overruns and setbacks have happened. We read that environmental protections and efforts to work with aboriginal people’s have led to railroads being delayed: why were there such expectations of a smooth and quick development of such railroads in the first place? Perhaps because the ‘frictions’ of such development (i.e. environment and people living on the land) had been cast aside?

What is largely missing throughout the piece is the context: why were certain projects put forward and then abandoned? In the absence of such context we’re left with the impression that the setbacks are the result of poor management and bureaucracy but is this the case, or simply the projection of American values onto specific South American infrastructure decisions?

Tags Brazil, Bureaucracy, Critique

Aside

Heartbleed Warning

Post author By Christopher Parsons
Post date April 10, 2014

A really good example of how services can, and should, warn users about how to respond to the Heartbleed OpenSSL vulnerability.

Tags Heartbleed, Security

Aside Links

Heartbleed bug found in key encryption technology risks exposing private data

Post author By Christopher Parsons
Post date April 9, 2014

Researchers have discovered a serious security flaw known as the “Heartbleed” bug in the software commonly used by thousands of Websites to encrypt and secure sensitive data being transmitted across the Internet

This was an absolute gift to intelligence agencies all over the world. And one that was – and is – being widely exploited in the wild by criminals and other unauthorized third-parties.

Source: Heartbleed bug found in key encryption technology risks exposing private data

Tags Heartbleed, Security, SSL, Surveillance

Aside Links

Air Canada to add Wi-Fi access on North American flights

Post author By Christopher Parsons
Post date April 9, 2014

Soon, there will be no way to escape the boss’ urgent email, even if you’re on a plane, as Air Canada announces deal to bring Wi-Fi to the skies.

Not only will you not be able to evade your boss but, given that Air Canada has partnered with GoGo, you’ll also be subject to unnecessarily broad state interception technologies. Air Canada: fly for the high prices, stay for the corporate-enabled excessive state surveillance!

Tags Air Canada, CALEA, Surveillance, Telecommunications

Aside Links

CSEC dodges questions on relationship with Big Three telecom companies

Post author By Christopher Parsons
Post date April 7, 2014

Canadian spy agency head John Forster fielded questions from MPs, and says organization’s focus is foreign intelligence collection, not domestic

Takeaway from the article? CSEC boss “can’t really disclose” what kinds of access it could have to data flowing through Bell, Rogers and Telus.

Tags Canada, CSE, SIGINT, Surveillance, Telecommunications

Aside

Surveillance Whakery

Post author By Christopher Parsons
Post date March 30, 2014

otakugenx:

More surveilance whakery. Gotta thank the republicans and democrats for taking away our privacy.

The second image is terrific!

Tags Google, NSA, Surveillance, Yahoo!

Aside Links

In-depth with Android Wear, Google’s quantum leap of a smartwatch OS

Post author By Christopher Parsons
Post date March 19, 2014

We take a look at how Android Wear works, and even manage to break some stuff.

This is the most in-depth analysis that I’ve seen of the Android Wear API and functionality. I have doubts that predicating most/many of the ‘active’ uses of the Wearable through voice is going to be a super popular thing: I can’t recall the last time that I saw someone ask Siri a question, or used Google’s voice-based search. I’m sure that some people do engage in such behaviours, but I’ve never once seen it while riding public transit or walking around the cities I’ve visited or lived in. As a result, I’m left wondering: who is actually using voice-based commands to control their devices? And will expanding the kinds of devices that can receive such commands actually lead to mass changes in how people engage with technologies?

Source: In-depth with Android Wear, Google’s quantum leap of a smartwatch OS

Tags Google, Technology, Wearables

Aside Links

How I Left Academia: A Recovering Academic’s Introduction

Post author By Christopher Parsons
Post date March 19, 2014

I can take issue with an awful lot of academia, but was fortunate to have an incredibly supportive dissertation supervisor who did (and continues to do) his best to ensure that I landed either in a good academic, government, non-profit, or corporate position. And there’s never been a stigma attached when I’ve pursued these various options (really: there’s just been support and encouragement!)

But I know that my experiences aren’t common. The series that Karen is running over at her website on leaving academe is useful in just exposing what it’s like to leave an academic ‘life’, and the baggage that is often associated with that choice. Allesandria Polizzi’s pieces, in particular, strike me as explaining to academics and non-academics alike what it’s like to straddle academe and corporate life, and the difficulties that a lot of people face in simply trying to explain themselves to their academic and corporate colleagues.

Source: How I Left Academia: A Recovering Academic’s Introduction – Polizzi 2

Tags Academia, Corporatism

Aside Quotations

2014.3.19

Post author By Christopher Parsons
Post date March 19, 2014

…undercutting this fair-to-strong record on the policy side is Mr. Flaherty’s general approach to the budget process, which could only be more opaque if it were one of Frank Underwood’s schemes on “House of Cards.” As the finance minister has tackled the budget deficit with across-the-board spending cuts, it has been impossible to get reliable information on what was being cut. Compounding the problem has been the use of omnibus budget implementation bills, which have included a host of things not directly related to the budget, such as changes to environmental regulations and policies affecting First Nations.

Not even the parliamentary budget officer, a position created as part of broader “accountability” reforms, could obtain the information needed to see what programs were being affected by the government’s austerity measures. Rather than operating on the basic democratic principles of transparency, Mr. Flaherty attacked the PBO, Kevin Page, as exceeding his proper mandate.

This is a pronounced stain on a legacy that is otherwise up for legitimate debate. Whether the GST or corporate tax cuts were inappropriate or whether one ideologically favours or disapproves of the government’s efforts to reduce the size of government, we should all agree that Canadians deserve to know, with clarity, what the government is doing. While much of the focus on Flaherty has been his ability to return the budget to balance, the climate of obfuscation surrounding his budgets is a significant and lamentable background to everything else he accomplished.
Emmett Macfarlane, “Flaherty’s policy brilliance overshadowed by darker politics”

What will be most damning is if, whenever another party is elected to govern the country, they merely change policy positions without also ending the current practices of omnibus legislation and budgetary obfuscation. Fiscal policies are something that Canadians can legitimately debate the merits of. There should be little to no debate that legislation, regulations, and budgets should be accessible to citizens who just want to understand what these things mean, how they are implemented, and the implications of their implementation. A representative democracy is farcical when citizens and their representatives alike cannot discern the actions of the day’s government; as it stands today, much of Canadian democracy is little more than a bad farce.

Tags Canada, Federalism, Transparency