James Butler's Blog

Rootkit of All Evil?

November 16, 2011 05:11

Ohhhh ... I was sooo hoping that the Android ecosystem would be driven by enlightened self-interest instead of by the money- and data-grubbing tradition. This 11/14/2011 article from XDA-Developers exposes a disturbing piece of software installed with Android that puts the lie to my naive little hope. Not surprisingly, this piece of tech is also found in most major mobile device operating systems, too.

 (More)

Circular Logic

July 13, 2011 08:12

I don't have much comment on the following link, except to duplicate the link text as written by Hacker News:

IBM Patent Trolling Patent Application

Turns out that IBM is trying (2007) to patent the practice of enforcing patents (exploiting assets). Imagine that.

I'm speechless as to the lengths companies go to to scrape a buck off the pavement.

Google Apps SNAFU

November 17, 2010 07:56

At my day job, we have used Google's AdWords program exhaustively ever since it was rolled out (and before that we were charter GoTo/Overture members). While there have been numerous issues related to Google programming, over the years, I had to write about the latest SNAFU which involved a serious security breach.

Was it an ethical lapse? Maybe. Let's see ...

 (More)

HTML5 Data Storage No-No

September 09, 2010 08:27

recent article from ARSTechnica calls attention to a company called Ringleader Digital and its practice of using Apple devices' internal database storage system to hold tracking identifiers.

This practice not only evades normal user tracking identifier management (cookie management), it also prevents complete removal of the tracking identifiers because RingleaderDigital can't keep their hands off your database.

It is the position of this blog entry that RingleaderDigital's practice (and any other company that engages in opt-OUT practices) is completely unethical, and I will try to make an argument for outlawing opt-OUT schemes.

 (More)

Apple's Watchful Eye

August 24, 2010 08:34

How much information about you does the maker of your cell phone need?

This is the big question in my mind after reading about Apple's newly-exposed patent application.

The broad strokes of what Apple wants to be able to do to iUsers from a remote location include:

  • Take a picture without any indication that it has happened ... no flash, no click, no notice. Where will the camera be aimed when such a photo is snapped? Will it be trained on the inside of a drawer ... or maybe on the contents of your bathtub?
  • Record the user's voice, with or without an active phone call. That "top secret" meeting? No iPhones allowed, just like Elmo.
  • Create and store for use a "signature" of the owner's heartbeat. Your heartbeat. As a security device. Next up? Pheremones.
  • To determine if the device has been hacked, they want to watch for "a sudden increase in memory usage". Like if you download a bunch of movies from Netflix or something ... keep your eyes peeled for the cops at the door, because Apple thinks your device is being hacked. Oh, yeah ... they'll also check to see if the device is "jailbroken", so watch out for that, too. You could wake up with a "brick".
  • Monitor and store for use Internet and telephony activity "packets". After all of their screaming about Google's Street View, this is pretty surprising.
  • Take a photograph of the device's surrounding location, again, without notice to the owner. Great. More of your life stored without notice to you on Apple servers somewhere ... and probably offered for sale to hundreds of marketing firms.

 (More)

G and V and Thee

August 09, 2010 10:13

In a move that brought my eyebrows up, Google and Verizon today released the details of what they had been meeting about behind closed doors. Here's a link to Google's Public Policy blog entry containing an overview and a link to the Verizon-Google Legislative Framework Proposal that was the result of their meetings.

Their Framework will be pilloried, and praised. I am here to praise it, mostly. I'm excited that they have published these suggestions, and I very much look forward to reading all of the discussions about it that are sure to follow. 

 (More)

Behind Closed Doors

August 06, 2010 04:57

Google and Verizon are the latest victims of the news that they have been in "closed door" discussions about things Internet. According to themthey are not talking about issues that might affect "net neutrality". According to those who pushed the news out to the media, they are talking about issues that might affect "net neutrality".

So what's the big deal? Should companies like Google and Verizon be allowed to have "closed door" discussions about anything?

Why not?

 (More)

Why Not Get A Court Order?

July 29, 2010 08:40

Today news came out that "the Obama Administration" wants to modify the Electronic Communications Privacy Act to exclude even more types of data from oversight. According to the article referenced above, the addition of the phrase "electronic communication transactional records" would be added to the list of items available without a court order.

Traditionally, National Security Letters (NSLs) have been used by the FBI to collect information from phone companies and Internet Service Providers (ISPs) when someone is a suspect in a criminal investigation. Since 9/11/2001, criminality is no longer the standard, as the Feds are increasingly using their powers to uncover data deemed relevant to a terrorism or intelligence investigation.

The new language begs the question ... What's the rush?

 (More)

The Sherrod Charade

July 21, 2010 10:42

The supposed outing, then demand for resignation, then resignation, then rehiring of Agriculture employee Shirley Sherrod over the past several days is an example of how unethical behavior from a blogger can have a big impact on our world.

I won't link to the blog, because I don't want to be a part of popularizing Andrew Breitbart's free speech, and because you could easily find it yourself, if you really wanted to.

I will link to a summary of the story with video, visitor comments and whatnot on MSNBC.com, though.

Please do look up the blog in question, so you can form your own impression of the work you find there. In the meantime, here's my take on this.

 (More)

Who's Scooping Who?

July 03, 2010 02:19

In an interview piece about U.S. General Stanley McChrystal in Rolling Stone magazine it was revealed that the good General had a less-than-stellar opinion of some of his superiors. I suppose it is a good thing that this perspective was brought to light, and disciplinary action taken, but that is not the focus of this post.

Before Rolling Stone had a chance to get the print version into the hands of eager readers, and prior to their posting the article on their own website, the news was broken by several unrelated web news entities, including Gawker.com and NYTimes.com.

Without knowing any of the circumstances that contributed to the decisions by these and other news resources to publish the Rolling Stone story, it concerns me that, in the rush to publish the info, Gawker and the New York Times and the rest may have crossed an ethical, and possibly a legal line.

 (More)

Public Is Not Private

June 17, 2010 08:17

In a ruling, today, the U.S. Supreme Court decided that, in most situations, government workers have no expectation of privacy with regard to communications made using their government-issued communications devices.

At issue was a case involving an Ontario, CA police department employee and his department-issued pager. During an investigation into whether the excessive minutes expended by its employees' communications each month were the result of hidden, unpaid work-related expenses (work-related communications) or not, the department discovered that most of the communicating the employee was doing during work hours was, in fact, not work-related. The employee sued the police department for violating his Fourth Amendment right to privacy and initially lost. That decision was overturned by the Ninth Circuit when the case was appealed. And now the Supreme Court has overturned that appellate court's decision, reinstating the original court's findings against the employee.

The majority decision reads, in part: "[Government's] warrantless review of [Employee's] pager transcript was reasonable under the O'Connor plurality's approach because it was motivated by a legitimate work-related purpose, and because it was not excessive in scope. See 480 U. S., at 726."

Essentially: If it's work-related, and he is pretty explicit about what he's looking for, your boss can inspect your government-issued cell phone any time he wants.

 (More)

Bottom Line Manners

June 14, 2010 10:16

I happen to agree with Emily Post, who stated that, "Manners are a sensitive awareness of the feelings of others."

Without manners there can be no etiquette, for what is etiquette if not the codification of the entire universe of manners?

The endeavor's bottom line is directly affected by the emotional feelings the site visitors experience during their interaction with the website. If those who are developing the project do not aggressively research and plan around that simple fact, they are doomed to fail.

It goes against everything being taught in modern urban American society, today, but it is critical that the evolution of the Internet regain its appreciation of humanity, and pull back from its current dark emotional spiral. With cynicism ramping up and distrust of nearly every mechanism of public governance at all-time highs, it is more important than ever to reach out to the people who choose to spend time with you.

Buck the trend! Make some friends!

GGL: Wifi Data Capture Criminal?

June 12, 2010 05:00

Was Google's Street View wifi data capturing activity criminal?

Maybe ... it depends on how much data they captured.

As most of you already know, I Am Not A Lawyer, so don't take this to the bank.

But from what I know of this situation, Google would have needed to collect enough of the broadcast wifi packet "payload" to be able to make some sense of it in order to compromise the communication thread that those packets were part of. Without knowing what the CONTENT of the communication was, Google would not be criminally liable for intercepting and recording the packet data ... nothing "private" was compromised.

 (More)

GGL: Street View WiFi Data Capture

June 12, 2010 04:24

[JPEG] DailyMail.co.uk

When Google's "Street View" roaming image/data collection vehicles collected more than simple location and machine information, it put itself directly in harm's way.

Google maintains fleets of vehicles outfitted with 360° cameras that capture images for use with the Google Maps "Street View" feature. They also employ GPS equipment to tie the images to the positioning data. And like other companies that provide a mapping service, they also collected information about wifi activity to be tied in with the positioning data for use with other services.

The ethical problem is ... they also collected bits of the data that was being broadcast by the "open" wifi providers that they discovered.

 (More)

Apple: Bad, AT&T: Stupid

June 10, 2010 13:09

From Gawker.com (paragraph sequence is mine):

"According to the data we were given by the web security group that exploited vulnerabilities on the AT&T network, we believe 114,000 user accounts have been compromised, although it's possible that confidential information about every iPad 3G owner in the U.S. has been exposed.

"Goatse Security obtained its data through a script on AT&T's website, accessible to anyone on the internet. When provided with an ICC-ID as part of an HTTP request, the script would return the associated email address, in what was apparently intended to be an AJAX-style response within a Web application. The security researchers were able to guess a large swath of ICC IDs by looking at known iPad 3G ICC IDs, some of which are shown in pictures posted by gadget enthusiasts to Flickr and other internet sites, and which can also be obtained through friendly associates who own iPads and are willing to share their information, available within the iPad "Settings" application.

"Although the security vulnerability was confined to AT&T servers, Apple bears responsibility for ensuring the privacy of its users, who must provide the company with their email addresses to activate their iPads. This is particularly the case given that U.S. iPad 3G customers have no choice in mobile carriers — AT&T has an exclusive lock, at least for now. Given the lock-in and the tight coupling of the iPad with AT&T's cellular data network, Apple has a pronounced responsibility to patrol the network vendors it chooses to align and share customer data with."

And I agree.

It may have been a bad script on AT&T's website that provided entry, but it was Apple's business decisions that put the data at unnecessary risk.

 (More)

1 2  Next»
 
Accessible and Valid XHTML 1.0 Strict and CSS
Powered by LifeType - Design by BalearWeb