Shared posts

18 Jan 05:43

Road Trip

by mikecaulfield

I like showing people how to debunk viral photos for a couple reasons. First, it requires small enough action that it can easily become a habit. You don’t need to do a lot of research or have a lot of knowledge.

Second, it shows how technological affordance (in this case Google Chrome’s right-click “Search by Image” function) works to create culture. We need to make you curious about the photos you see. But that’s a whole lot easier if the technology makes checking things two steps instead of eighteen.

Finally, it’s fun.

In any case, the photo of the day:

bikers

So this is part of the whole “Bikers for Trump” meme. Bikers are supposedly coming by the hundreds of thousands to provide “security” for the inauguration.

I’ll leave the larger issues of this fascination with biker-based security aside and ask a simpler question. Is this a picture of bikers headed to the 2017 inauguration?

The answer? No. And it takes about 30 seconds to find out.

First, right-click or Control-Click on the image and select search Google for image:

2017-01-17_8-51-08

The Google search — for reasons known only to Google — will assume that the best name for this image is “Jesus”. Change it to “bikers”

2017-01-17_8-54-21.png

Change the date (using the “tools” button) to end in 2016. If we find that this picture existed in 2016 it’s pretty clear it isn’t people headed to the inauguration in 2017. Let’s look at what we get:

 

2017-01-17_8-59-52

While these are technically the dates that the pages that contain the photo were published (not the publication date of the photo), the results are probably good enough for us to doubt the photo.  We can be done here, in 30 seconds.

If you take about 30 seconds more you can do even better. On the second page of results we find a page from 2009:

2009

We have Google translate that page, and find the image there posted on a Czech forum in 2013. In the process we see that this is a photo that has been used by a number of biker groups, but is still relatively rare, and the earliest posting was from a Czech forum.

So no, this is not a picture of Bikers for Trump.

 

 

 

 

 


18 Jan 05:42

Twitter Favorites: [PortmanDoe] Omg this is totally happening in our near future. https://t.co/eT3JI2Ak9h

Portman Doe @PortmanDoe
Omg this is totally happening in our near future. twitter.com/bestiewurst/st…
18 Jan 05:42

Twitter Favorites: [susanthesquark] By request: my reading list, which I'll keep up-to-date with current readings! https://t.co/kGpcallfKC

Susan Fowler @susanthesquark
By request: my reading list, which I'll keep up-to-date with current readings! susanjfowler.com/reading-list/
18 Jan 05:42

Twitter Favorites: [dbarefoot] Great notes on how to run better meetings: https://t.co/LnU7seN9v4 https://t.co/eLEu1T2Qkj

Darren Barefoot @dbarefoot
Great notes on how to run better meetings: larahogan.me/blog/better-me… pic.twitter.com/eLEu1T2Qkj
18 Jan 05:42

Twitter Favorites: [kaler] Whenever I visit the US I think, “You guys are cool. You’ll make it”. Then I sign a CC receipt and think, “Well all empires eventually fall”

Parveen Kaler @kaler
Whenever I visit the US I think, “You guys are cool. You’ll make it”. Then I sign a CC receipt and think, “Well all empires eventually fall”
18 Jan 05:42

Slideshare Favorites: Calm Technology and the Future of AR


Speech given at AR in Action 2017 at MIT Media Lab on 17 Jan 2017. Miniature electronics and and global supply chains have us on the cusp of a new era of human experience. Early forms of wearable computing focused on augmenting the human ability to compute freely. As pioneer Steve Mann and calm technology pioneer Mark Weiser wanted, “to free the human to not act as a machine”. What does this mean for us as designers and developers, and how can we build interfaces for the next generation of devices?
18 Jan 05:42

Modern Workplace Learning Magazine is launched

files/images/MWLmag-cover-1024x421.png


Jane Hart, Learning in the Modern Workplace, Jan 20, 2017


Another publication in our field. As always, I welcome the new voice and look forward to future news and opinions from another perspective. The magazine "focuses on helping L& D departments do things differently and do different things in order to provide an effective service for today’ s workforce." I've followed the  feed and will pass along articles of interest. Articles so far by Ed Willis and Jane Hart.

[Link] [Comment]
18 Jan 05:42

The Five-Tool Scholar


Rick Hess, Education Next, Jan 20, 2017


I found this an interesting concept. The five tools are: "disciplinary scholarship, policy analysis and popular writing, convening and shepherding collaborations, providing incisive commentary, and speaking in the public square." The list is an attempt to explain Rick Hess's "Edu-Scholar Public Influence Rankings" (probably far more relevant to American readers than, say, me). But it led me to consider what we ought to value in scholarship. In my office, they look for leading edge scholarship, project and program development and management, and client relations and revenue generation (in response I suggested they also look for sainthood). Hess adds a 'public scholar' component that we are missing here. And he includes wading in the education policy cesspool, an activity probably best reserved for the partisans and pundits.

[Link] [Comment]
18 Jan 05:41

Don’t let the experts define science!

files/images/mitsciencefinal1.jpg


Daniel Lemire, Jan 20, 2017


Interesting commentary from Daniel Lemire. "Formal definitions," he writes, "are less useful than you think." Consider science, where we typically say "You start with a hypothesis and then you try to falsify it." If this defines science, then a lot of science isn't science. "A clearly stated hypothesis is often the end result, not the starting point," writes Lemire. This accords with my own experience. A lot of what I do depends on messing around with things and seeing what results, rather than trying top test some preconception. Sure, a hypothesis is a useful tool. But it hardly defines science. "Feynman described science as the belief in the ignorance of experts." Image: MIT Technology Review.

[Link] [Comment]
18 Jan 05:41

Fate Of American Apparel Stores Remains Unclear After Bankruptcy Auction

by Mary Beth Quirk
mkalus shared this story from Consumerist.

Last week, Canada’s Gildan Activewear purchased the American Apparel brand, but not the company’s retail locations, leading to reports that all 110 stores would be shuttered. Yet, what remains of American Apparel won’t confirm those closures — for the moment.

Without a buyer for American’s retail business, the shops are destined to close. However, that wouldn’t happen for at least another three months under a 100-day license with Gildan, an American Apparel spokeswoman told Business Insider. No stores have closed since the nine that were announced in October, she added.

When the liquidation of those stores was approved in December, The Wall Street Journal reported that any other stores not sold in the auction would be liquidated by the same liquidators, Merchant Resources LLC and Gordon Brothers Retail Partners LLC, by April 30, 2017. That would line up with the 100-day license deadline.

For the time being, American Apparel and Gildan both declined to comment further to Business Insider on what will happen after the license expires.

Closing all stores would mean laying off about 2,000 employees. An earlier report this week indicated that layoffs have already started for workers at the company’s Southern California headquarters and nearby factories. Although at one point American Apparel said layoffs at those locations weren’t certain because Gildan was considering buying some manufacturing operations, the Canadian apparel company apparently changed its mind.

There’s some good news for some employees, however, as American Apparel says it secured a separate agreement with a textile manufacturer called Broncs, which plans to save more than 300 jobs eventually.





18 Jan 05:41

Google Maps Could Soon Include Parking Information

by Ashlee Kieler
mkalus shared this story from Consumerist.

When heading to a destination in a popular or busy area, you’re taking a chance on parking — will there be a spot for you? Google Maps is currently testing a new feature intended to alert users to potential parking problems.

Android Police reports that some users of Google Maps’ latest version – currently only in beta – are able to find out how hard it will be to find somewhere to park.

The Maps feature doesn’t seem to provide granular information — like where you’ll find a spot, or if you’ll have to pay for parking. Instead, if you’re heading to an area with limited parking opportunities, you’d see a big “P” in a red circle with a message stating “Parking is usually limited near this destination.” If parking is less problematic in that area, the app will describe availability as “medium” or “easy.”

Beta testers tell Android Police that it looks like the feature currently only appears to apply to larger destinations like airports and shopping centers.

It’s unclear how Google gleans its parking information, and if it is available for the entire country or just high traffic areas.

This isn’t the first time Google has jumped into the parking game. Back in September, Google’s traffic app Waze added a feature to assist drivers in finding where they could park once arriving at their destination.





18 Jan 05:41

Kurze Durchsage von Putin über Trump:Putin said that ...

mkalus shared this story from Fefes Blog.

Kurze Durchsage von Putin über Trump:
Putin said that Trump wasn’t a politician when he visited Moscow in the past and Russian officials weren’t aware that he held any political ambitions. It’s “complete nonsense” to believe that Russian security services “chase after every American billionaire,” he said.
Das ist ja schonmal schön, aber das eigentlich Highlight ist dieser Spruch hier:
Trump is “a grown man, and secondly he’s someone who has been involved with beauty contests for many years and has met the most beautiful women in the world,” Putin said. “I find it hard to believe that he rushed to some hotel to meet girls of loose morals, although ours are undoubtedly the best in the world.”
18 Jan 05:41

Fahrrad-Station in China: Total gerädert

mkalus shared this story from SPIEGEL ONLINE - Schlagzeilen.

Wer durch deutsche Großstädte fährt, sieht sie inzwischen regelmäßig: Fahrräder, die jedermann an etlichen Leihstationen ausleihen kann. Im Berufsverkehr ist das oft praktisch, außerdem soll das Konzept die Umwelt schonen - je mehr Menschen radeln, umso weniger Schadstoffe pusten Autos in die Luft. In China ist der Plan jetzt allerdings, na ja, ziemlich schiefgegangen.

In der südchinesischen Stadt Shenzhen haben Hunderte Nutzer eines solchen Services ein Rad ausgeliehen - und anschließend einfach auf die Straße gelegt. Irgendwann, so berichtet es unter anderem der britische "Guardian", war für die vielen Räder offenbar schlichtweg kein Platz mehr, und etwa 500 Exemplare landeten auf chaotischen Haufen am Straßenrand.

Dabei hatte es zuvor so ausgesehen, als stieße der Leihservice auf enormes Interesse in der Millionenmetropole. Dem Bericht zufolge hatten sich etliche Einwohner die App heruntergeladen, mit der Nutzer die Fahrräder entleihen können. In China boomt die Sharing Economy - warum aber gibt es nun bergeweise lädierte Fahrräder, aber nicht etwa Tausende verwüstete Airbnb-Wohnungen in dem Land?

Bislang gibt es nur dürftige Erklärungsversuche: "Manche Menschen in diesen Tagen haben einfach einen schlechten Charakter", sagte etwa einen Anwohner dem "Southern Metropolis Daily". "Wenn sie es benutzt haben, werfen sie es einfach weg, weil sie ja schon bezahlt haben." Er habe sogar beobachtet, wie einige ihre Fahrräder absichtlich demoliert und dann weggeworfen hätten.

Zhuang Chuangyu, ein Vertreter des Kommunalparlaments, forderte politische Maßnahmen: Die Anforderungen an die Leihradbranche müssten erhöht werden. Letztendlich gehe es darum, die Sicherheit im Straßenverkehr gerade bezogen auf Fahrräder zu erhöhen - denn diese würden etwa auch von Schulkindern genutzt.

18 Jan 05:41

"We are living in a post-fact, post-rationalist, post-deliberative society, in which people believe..."

“We are living in a post-fact, post-rationalist, post-deliberative society, in which people believe what they want to believe, as if they were selecting items from different columns of a take-out menu.”

- Jonathan Kirshner, America, America
18 Jan 05:40

"Americans can have a soft spot for “revolution,” since our war of independence from the British..."

“Americans can have a soft spot for “revolution,” since our war of independence from the British Empire was so nifty. But most revolutions are not. They are usually overtaken by their most extreme elements, spiral beyond the control of the principled, and lead to the collapse of social order and gratuitous and senseless bloodletting. “Reckless audacity came to be understood as the courage of a loyal supporter; prudent hesitation, specious cowardice,” Thucydides described, recounting conditions on the eve of the corpse-strewn Corcyraean Revolution. “In this contest the blunter wits were most successful.” Thucydides, in his commentary regarding the deterioration (and ultimate collapse) of Athenian democracy, hits too close to home: “Men now did just what they pleased, coolly venturing on what they had formerly done only in a corner” — this, more than anything, seems like the hallmark of the emerging Trump regime, replete with norm-trampling transgressions. We are in the hands of an ignorant, amoral, petulant authoritarian who has been handed the keys to the most powerful office on the country, and the world.”

-

Jonathan Kirshner, America, America

Revolutions are ‘usually overtaken by their most extreme elements, spiral beyond the control of the principled, and lead to the collapse of social order and gratuitous and senseless bloodletting’.

18 Jan 05:40

"There are no conditions to which a man may not become accustomed, particularly if he sees that they..."

“There are no conditions to which a man may not become accustomed, particularly if he sees that they are accepted by those about him.”

- Leo Tolstoy, Anna Karenina
18 Jan 05:40

Stop What You're Doing and Read the Comic Advocating for Chelsea Manning

by DJ Pangburn for The Creators Project

All images courtesy the artists

On Tuesday, President Obama largely commuted Chelsea Manning's remaining prison sentence, effectively freeing the whistleblower. In the waning days of the Obama administration, a last chance for clemency before a more hostile administration takes over, artist Heather Dewey-Hagborg and Manning, along with illustrator Shoili Kanungo, released a graphic short story called Suppressed Images, documenting Dewey-Hagborg and Manning’s collaboration on the 2015 artwork Radical Love, a pair of 3D printed portraits, created with Manning's DNA.

Radical Love was commissioned by Paper magazine, who enlisted Dewey-Hagborg to create artwork for an interview the magazine was conducting with Manning. Since photographing the whistleblower is impossible while she is imprisoned, Dewey-Hagborg employed DNA phenotyping, a process by which an artist puts clues about a person’s genetic traits together to create a composite representation. Manning collected her own hair clippings and cheek swab and mailed the DNA samples to Dewey-Hagborg, who created the composites. Because much of DNA phenotyping is based on guesswork or stereotyping based on ancestry and sex, Dewey-Hagborg chose two of the most compelling possible faces, one gender neutral and one feminine, with Manning’s input.

Suppressed Images takes readers behind the scenes of the Radical Love creative process, laying out some details of Manning’s incarceration and communicating Manning’s interest in working with Dewey-Hagborg to reclaim some of the visibility stripped from her while behind bars.

It was Kanungo who contacted Dewey-Hagborg about the collaboration that would become Suppressed Images. “[Kanunugo] saw my artist talk online that I gave as an artist-in-residence at Thoughtworks, who she works for in India,” Dewey-Hagborg tells The Creators Project. “She asked if she could help somehow and I started thinking about a graphic short story.”

“Time was short (this was less than a month ago) and we wanted to get something out before Obama left office,” she adds. “I wrote a first draft based on my letters and communication with Chelsea over the past two years and mailed it to her. She recited her edits over the phone to her support liaison who emailed them to me.”

Dewey-Hagborg then forwarded the edited comic script—which featured Manning’s very own words—to Kanungo, who began illustrating. The artists credits Thoughtworks with being incredibly supportive during the artistic process. And Dewey-Hagborg says that Manning is as hopeful, upbeat, and optimistic as she has always known her to be.

“[She is] such an inspiration,” says Dewey-Hagborg. “I am extremely hopeful after the news of Chelsea making Obama’s ‘shortlist.’ I think Obama will do the humane thing and commute her sentence to time served.”

To read Suppressed Images in its entirety, click here. You can call the White House at (202) 456-1111 to voice your support for Chelsea Manning's release.

Related:

'Watchmen' Creator Alan Moore Talks Movies, Magic, and Comics

Learn How to Craft a Feeling of Isolation in Comics

Puerto Rico’s Superman is a Super-Woman from Brooklyn

18 Jan 05:40

Toronto-based Nanoleaf’s modular Aurora lights will trip you out

by Patrick O'Rourke

I’m a huge fan of smart home products, particularly lights, and especially when they’re a little quirky.

For example, every smart light bulb in my home is a colourful Philips Hue light bulb, controlled by an Amazon Echo I managed to get my hands on courtesy of a friend that lives in the U.S. (here’s hoping the Echo finally comes to Canada soon).

So when Toronto-based Nanoleaf, one of the industry’s premiere smart bulb manufacturers, reached out to MobileSyrup asking if we were interested in checking out its recently release Aurora modular lighting system, I jumped at the opportunity. Unlike traditional smart home light bulb products, Aurora places an emphasis on fun and customization, allowing users to create different lighting setups and designs.

Overall, Aurora offers a unique experience that’s a little on the pricey side, though it does suffer from other drawbacks as well.

Light up your life with colour

With Nano Leaf’s Aurora, you’re able to connect each lighting panel via small linker modules, allowing you to create various shapes with the lights. For example, you can make a triangle, or opt to create a more traditional straight light design, or even something that’s zigzagged and a little more crazy looking.

The lights are simple to disconnect and pop out from one another with ease, though it’s important to note that if the 3M mounting strips used to attach the lights to the wall (they come included with Aurora) aren’t sticking adequately, the lights will fall to the ground. However, if you intend to set the lights in a specific design and leave them in that layout, this won’t be an issue, though that ruins half the fun. If you want to them around, however, Nanoleaf’s decision to opt for stick 3M wall mounts quickly becomes a problem because after a trying out a few layouts, it’s hard to get the lights to continue sticking to the wall.

In total Aurora comes with nine panels, though more can be purchased in sets of three at an additional $69 cost. On the Android and iOS app side of Aurora, you’re able to select individual colour hues for each design, as well as create highly customizable moving patterns.

Whatever setup you’ve selected for the lights is also automatically recognized by the app, making customization a simple process that only requires a few swipes of your finger. Painting Aurora’s various lights multiple colours, and watching those hues appear on the screen, is fascinating, especially the first few times you create your own pattern.

From within the app, users can change colour flows, brightness speed and a variety of other settings. All in, I was actually surprised at how customizable Aurora’s lighting setup is.

If there’s an aspect of the lights you’d like to alter or shift, whether that’s consistent light, or a pattern, there’s likely a way to change it to match the specific design you’ve envisioned.

HomeKit but no Amazon Echo

Setting up Auora with HomeKit is a simple process if your smart home products are controlled within Apple’s ecosystem, which some would argue is the top universal language on the market. Just snap a photo of the HomeKit code located on the back of Aurora’s box and the lights will automatically be added to your HomeKit set up. If you aren’t a user of Apple’s smart home system, however — for example I use Amazon Echo’s to control my smart home –you’ll unfortunately be left out of the universal ecosystem fun.

At one point Nanoleaf had a countdown on their website related to Echo integration, though that timer seems to be gone and Alexa functionality still hasn’t been added to any of the company’s products.

The absent Aurora-Echo compatibility made using the modular lights more difficult for me since I’m used to speaking to Alexa in order to turn on my lights. While taking out my phone and launching Nanoleaf’s Android or iOS App store isn’t difficult, I found myself not playing with the lights as much as I might have if they were integrated directly with the Echo that controls my home.

Of course if you’re a HomeKit user, you can create voice commands for the Nanoleaf via Apple’s smart home app. Still, considering other home products — Philips Hue and Ecobee’s smarthome thermostat line for example — work with the Amazon Echo, this is a disappointing move on Nanoleaf’s part.

What is Aurora good for?

Once the initial novelty wear’s off (I actually spent two hours playing around with Aurora at one point), beyond impressing friends or turning on a crazy pattern when you’re having a party, it’s difficult to find a practical purpose for Nanoleaf’s Aurora. Similar to Philips’ coloured Hue light bulbs, I typically found myself opting for a standard white light when using Aurora, rather than bright colours and complicated patterns. My apartment is dimly lit and doesn’t have pot lighting, so additional lights helped illuminate my living room considerably.

Another downside is the fact that it’s difficult to hide Aurora’s cord. For example, we’re considering using Aurora as a backdrop for some of the video work we do here at MobileSyrup, but the lights’ unsightly cord will always be present. Given the lights’ unique use case, having the option for Aurora to run off batteries would be a welcome feature.

That said, Aurora is a fascinating screen saver for your wall, though its $219 price tag is expensive, even in the pricey smart home space.

18 Jan 05:39

The Canadian government is considering implementing a Netflix sales tax

by Jessica Vomiero

The legislative loophole which allows international streaming services to avoid charging Canadian customers a sales tax may soon be closed.

What’s being dubbed the “Netflix Tax” is currently being considered by the Trudeau government, which would require services like Netflix and Amazon Prime to charge Canadians a sales tax.

While locally-based streaming services like CraveTV and the late Shomi are required to accommodate for these fees, international services are not currently required to do so.

Talk of a so-called ‘Netflix Tax” has been circulating for some time now, though Ottawa has confirmed that the government is considering forcing these groups to tax Canadians.

These discussions were last reported in October of 2016, when the Liberal government committed to refrain from implementing such measures.

At this time, MobileSyrup reported that allegations were made claiming that Canadian telcos are at a disadvantage when producing their own services because they’re required to pay GST taxes on their services while Netflix and other international services do not.

Because they do not have a physical presence in Canada, Netflix and Amazon Prime are not subject to sales taxes.

To try and level the playing field, the CRTC also loosened the regulations on streaming services based in Canada, removing their requirement to contribute to the Canadian content fund, which international services are also not beholden to.

Source: 680News

18 Jan 05:36

The 15% Solution

by Ken Ohrn

262-grayhouseDoes the 15% tax on foreign home buyers in Metro Vancouver look like it will work?

Not according to one real estate specialist: Tina Mak of the Vancouver Chapter of the Asian Real Estate Association of America.  The short article is well worth a read for some nuanced description of the Chinese real estate investor.

Excerpt from WesternInvestor.com:

However, Vancouver is what in the real estate trade we call a “Super Prime City.” Others in this category include Tokyo, Shanghai, Hong Kong, Singapore, London, Paris, Monaco, San Francisco, New York and Los Angeles.  These cities attract high-net-worth people who want to establish a residence. They also are places where they have confidence that their investment is safe and secure. Why else do they continue to flock to these locations? There are several key reasons: the brand of the city; its reputation for safety and rule of law; world-class services and easy access to amenities; quality of life and lifestyle; and, finally, the prospect of capital appreciation.

So, do I believe a 15 per cent tax will stop Asians, and particularly Chinese, from investing in Metro Vancouver? Absolutely not.


18 Jan 05:35

Roku’s new app revamps remote, content discovery process

by Rose Behar

Roku has started rolling out its overhauled TV app today, revealing a new design, content discovery section and digital remote control.

The navigation buttons on the new app have moved to the bottom of the app, reading from left to right: Channels, What’s On, Remote, Photos+ and Settings. The home screen now features a list of channels that have been installed by the user and a button at the top of the app that allows users to toggle directly over to the channel store.

Once a channel is chosen, the app then transitions into a remote, which now resembles its physical counterpart more closely, is easier to use with one hand and features a new channels button at the top that will quickly transport users back to the familiar tiled list.

The new section for content discovery, ‘What’s On,’ provides users with a feed of curated lists and suggestions much like Netflix. It essentially replaces ‘My Feed,’ a tracker for users’ favourite shows and movies, which is now pushed to the bottom of the ‘What’s On’ screen.

Additionally, Photos+ lets users share music, photos or videos from their mobile libraries to Roku, as well as create customized content.

Roku version 4.0.0 is available for free on Google Play and the App Store.

Via: Tech Crunch

18 Jan 05:35

Monitor without risk of remote cyber attacks – Unidirectional security for railways

by News
mkalus shared this story from Global Rail News.

– Advertisement Feature – 

Most major industrial nations are investing heavily in rail. The Canadian Government announced its new infrastructure plan in March 2016, allocating $C 3.4 billion ($US 2.6bn) in federal funding over the next three years to “upgrade and improve public transit systems across Canada”.

In South Africa the state-owned ports and rail company, Transnet, is well into its Market Development Strategy, a seven-year R 300bn ($33.82bn) investment scheme with a clear strategy to “rejuvenate the country’s ports, rail and pipelines infrastructure”.

In Australia, trains carrying iron ore from mine to port can be over a mile long. Expecting its ‘freight task’ to double over the next 20 years, the Australian Government is targeting investment in rail infrastructure to meet this demand.

The UK is investing billions of pounds in HS2, a new high-speed rail line linking London with Birmingham and Manchester. Germany, France and Spain, among others, have also invested in high-speed rail networks. Suffice to say, rail is big business and it’s going to get bigger. It’s the mention of automation and remote control devices, essential elements of a modern efficient system that raises eyebrows in cyber security circles.

Chronology of railway cyber attacks

Cyber attacks on rail systems are no longer a hypothetical threat. In August 2015, Japan Railways Hokkaido was attacked using a remote access Trojan (RAT) to gain access to the rail company’s network in an apparent attempt to steal information on transport security in advance of the opening of the Hokkaido Shinkansen line. In this kind of attack, called spear-phishing, the attacker identifies a number of people who are likely to have the access credentials he or she needs to infiltrate the network, then sends them a fake email (in this case purporting to come from a customer). Specialised malware is activated when an employee opens the email’s attachment; in this case, however, the subsequent attempt to steal files was apparently unsuccessful.

Connectivity concerns

Some people believe that railway control and signaling systems are impenetrable because they are too complicated for anybody to attack. They probably haven’t heard that in 2008, police in Lodz, Poland, suspected a teenage boy of modifying an infra-red TV remote control and using it to operate signaling equipment, turning the city’s tram system into his own personal train set, after an incident in which four vehicles were derailed and 12 people injured.

Trains have systems that control the engine itself and a network supporting Wi-Fi and other passenger services. “People like to see where the train is, and see an estimated time of arrival,” said Andrew Ginter, vice president of Industrial Security at Waterfall Security Solutions. “It’s OK to see selected information from the control system in the passenger area, but we do not want passengers to have the ability to mess with the control system. We want nothing coming back from the passenger to affect the train.” It’s also important for the control centre to keep in touch with maintenance workers on the tracks, without fear of network security breaches.

“We are concerned about connections between control centre and the outside world,” he continued. “Because every connection permits data to flow in and out and consequently permits attacks. Look, but don’t touch. Looking at data is not dangerous. Control is what we want to secure. A unidirectional gateway allows people to watch without touching.”

Ginter has been quoted before saying that all software can be hacked, but he makes no apology for saying it again. “This is absolutely fundamental to the security of critical operational systems and everyone involved in protecting them from malicious attacks needs to understand this as a first principle of protection,” he said. “No-one writes perfect software. There are always weaknesses and vulnerabilities.”

Guidelines and regulations

There is a growing realisation in organisations that regulate critical industries that software systems do not deliver the security they need. The American Public Transportation Association has already indicated that the IT approach to cyber security cannot offer an effective solution. The APTA points out that “In today’s interconnected environment, it is conceivable and possible for someone acting remotely to access and modify a control system”.

The truth is that nobody can write software that someone else can’t hack, and that message is getting through to the authorities. In the UK, where four cyber attacks were recorded on the rail network in 2015/16, the industry is preparing itself to tackle cyber security as it embraces digital rail technology.

The inaugural Rail Cyber Security Summit was held in London in March this year and the UK’s Department for Transport (DfT) subsequently released Rail Cyber Security – Guidance to Industry, which states clearly that signalling networks should be protected with unidirectional gateways and there should be a clear separation between enterprise and operational networks. The DfT is also engaged in an RSSB-led development of a cyber security strategy for the rail industry.

In France, the Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI) is responsible for the country’s digital security strategy. ANSSI classifies networks into three groups. Group 1 includes networks that are not vital to society and are, to put it bluntly, expendable. They use a washing machine manufacturer as an example. If someone hacks into the control system and disables a production line, it’s a bad day for the manufacturer but France will not fall. Customers can buy a machine from somewhere else.

Class 2 networks include sites important to society, like a power plant, a water purification system or a chemical plant, while class 3 is reserved for those where, if the network is compromised, there’s a serious risk that people could die. The example they use is railway switching systems.

While the IT approach is perfectly adequate for class 1 networks, with class 2 networks ANSSI discourages remote access and encourages the use of unidirectional gateways rather than firewalls. On class 3 networks, including railway switching systems, they forbid the use of firewalls to connect any class 3 network to a lower class network. They specifically use the word ‘forbid’, and they forbid remote access too. The only connection that’s allowed between a class 3 network and a lower class network is a unidirectional gateway. Firewalls can be used inside a class 3 network, to separate one part of the network from another for instance, but at the ‘trust boundary’, ANSSI forbids firewalls.

“This is where the industry’s going,” says Ginter. “Increasingly, guidance and regulations are talking about unidirectional gateways. And there are safety critical systems not only in control rooms but actually on the trains, on the moving equipment itself. We need to make sure that nobody can control our assets without authorisation or without physically being there in the control room,” he added. “Control is the issue. This is why people are deploying unidirectional gateways so they can monitor without losing control.”

The only way is out

The Unidirectional Security Gateway is the hallmark of Waterfall Security Solutions, a cyber security specialist that produces hardware-enforced security products to protect industrial control system networks. The Unidirectional Security Gateway is the hardware part of the solution. This is, literally, a physical gateway that allows data to flow out of an industrial control system, but allows nothing back in. In other words, the unit at the network perimeter has a transmitter, but not a receiver. The only way is out. “We claim 100 per cent protection against attacks from external networks,” said Ginter. “While there is no technology that can prevent absolutely all attacks, these silent, online, network-based attacks are the workhorse of cyber sabotage, and are the specific risk that comes with increased network connectivity. Our gateways eliminate that specific threat vector entirely.”

There are perfectly good reasons for networks to be interconnected. The Internet is everywhere. Everyone has a cell phone, so people will naturally want to use the ubiquitous medium we call the Internet to conduct important communications, especially in a system as physically widespread as a rail network that spans an entire continent. “The problem is that if you connect control systems out through firewalls, or even multiple layers of firewalls, those protections let messages out and always allow certain attacks back in,” said Ginter. “This is why the guidance and regulations are starting to talk about unidirectional gateways.

“We represent an evolutionary alternative to firewall technology,” he concluded. “Firewalls are network routers with filtering capabilities. They forward network traffic from one network to another. They try to determine if a message is allowed or not, and if they think it’s allowed they let it through. When they fail to recognise a bad message that gets through, too. Nothing gets past a unidirectional gateway.”


Written by Martin Ashcroft

If you’d like to receive a free copy of the book “SCADA Security: What’s Broken and How to Fix It” by Andrew Ginter, VP Industrial Security at Waterfall, click here.

This feature has been paid for by Waterfall Security Solutions

18 Jan 05:35

I assume the President-elect will want use my username for his official Tumblr account after Friday....

mkalus shared this story from Head Like an Orange.

I assume the President-elect will want use my username for his official Tumblr account after Friday. Any suggestions for a new name for me?

18 Jan 05:35

Evernote’s new iOS app puts speed and ease of use first

by Igor Bonifacic

Evernote today launched the latest iOS release of its popular note-taking app.

Now at version 8.0, the app features a new interface design that emphasizes speed and simplicity. The company reportedly “rebuilt” the app “from the ground up,” according to an Engadget interview with Evernote chief product officer Erik Wrobel.

Taking a page from the company’s own web client, the new app ditches the predominately green design of its most recent iteration for more of a traditional white look.

The most notable user experience change is that it’s now a lot faster to start jotting down text notes. Simply tapping the plus icon located at the bottom centre of the app’s main screen will quickly take users directly into a new text note. Holding down that same button allows one’s to create an audio, photo or reminder note. Flanking the centre plus button are icons that lead to the app’s notes, search, shortcuts and account functionality.

One new feature is a more robust formatting tool that allows users to change the colour of text.

The update comes after the company released — and then quickly stepped back from — a new privacy policy that would have allowed Evernote employees to read almost any note posted to the service. In his interview with Engadget, Evernote Chief Product Officer Erik Wrobel said the company will engage with users earlier to gauge whether a proposed change goes too far. He also indicated the company plans to consult with privacy and security experts in the future, though didn’t offer specifics on that aspect of the company’s future plans.

Evernote has yet to say when the updated interface will come to other devices. Users with both a personal and professional account now have an easier time of switching between the two.

Download the app from the source link below.

Source: iTunes App Store Via: Engadget

18 Jan 05:35

Former pro biker uses Siri to dial 911 after bursting a blood vessel

by Jessica Vomiero

Former pro biker Andrew Cho used Siri to dial 911 after bursting a blood vessel in his C3 and C4 vertebrae.

Over $69,000 has been raised for Cho as of Friday night at 5PM, after friends launched a crowdfunding campaign to help him “adjust to his new reality,” CTV news Vancouver reports. By Sunday morning, the total had reached $82,000.

Cho began feeling dizziness and numbness while out to dinner with his friends on January 6th, but collapsed face down after returning to his apartment early to rest.

Cho was paralyzed from the neck, down, but has regained some mobility on his right side. Friends believe that where Cho fell may have saved his live. His iPhone fell just 10 inches away from his body, making it possible for Cho to instruct Siri to dial 911.

The specifics behind the ruptured blood vessel are unknown to doctors at the moment, but regardless, Cho is in the process of relearning many basic movements

The family states that they’re “overwhelmed” with the outpouring of love and support they’ve received.

Source: CTV News

18 Jan 05:34

st-misanthropez: Dr. Strangelove or: How I Learned to Stop...

18 Jan 05:34

Running X11 apps in an rkt container

rkt is a container runtime I've been using on a few projects recently. I was creating a container for Mozart which uses emacs as an IDE. This requires running an X11 application within the container and have it displayed on the host display.

To get this working I needed to mount my hosts X11 unix domain socket inside the container and provide an Xauthority file that gave the container the rights to connect to the host X server.

The following shell commands use acbuild to create a container that runs xclock as an example of the process:

acbuild begin docker://ubuntu:16.04
acbuild set-name bluishcoder.co.nz/xclock
acbuild run -- apt install --no-install-recommends --yes x11-apps
acbuild run -- rm -rf /var/lib/apt/lists/*
acbuild environment add DISPLAY unix$DISPLAY
acbuild environment add XAUTHORITY /root/.Xauthority
acbuild mount add x11socket /tmp/.X11-unix
acbuild mount add x11auth /root/.Xauthority
acbuild set-exec xclock
acbuild write --overwrite xclock.aci
acbuild end

It uses an Ubuntu Linux image from the Docker hub as a base and installs x11-apps. To reduce disk space it removes cached package files afterwards. A DISPLAY environment variable is set to point to use the same DISPLAY as the host. The XAUTHORITY enviroment variable is set to point to a file in the home directory of the root user in the container.

The mount subcommands expose the x11socket and x11auth endpoints to point to where the X11 unix domain socket and the Xauthority file are expected to be. These will be provided by the rkt invocation to mount host resources in those locations.

The final part of the script sets the executable to be xclock and writes the aci file.

On the host side we need to create an Xauthority file that provides the container access to our X11 server. This file needs to be set so that any hostname can connect to the X11 server as the hostname for the container can change between invocations. To do this the authentication family in the file needs to be set to FamilyWild. I got the steps to do this from this stack overflow post:

xauth nlist :0 | sed -e 's/^..../ffff/' | xauth -f myauthority nmerge -

This will retrieve the Xauthority information for display :0 and modify the first four bytes to be ffff. This sets the authority family to FamilyWild. A new file called myauthority is created with this data. This file will be mapped to the x11auth mount point in the container.

The container can be executed with rkt:

rkt run --insecure-options=image xclock.aci \
        --volume x11socket,kind=host,source=/tmp/.X11-unix \
        --volume x11auth,kind=host,source=./myauthority

The --volume command line arguments map the mount points we defined in the acbuild commands to locations on the host. The running xclock application should now appear on the host X11 display.

18 Jan 05:34

Forderungen an Obama nach Begnadigung für Snowden und Manning (Update: Manning kommt frei)

by Constanze
mkalus shared this story from netzpolitik.org.

barack obama

Foto: CC BY-NC 2.0 | SS&SS.

Bürgerrechtler hatten im September eine Initiative gestartet, um die Begnadigung von Edward Snowden zu erreichen. Nun übergaben sie US-Präsident Barack Obama die Unterschriften von mehr als einer Million Menschen, die einen Straferlass befürworten. Snowden soll in den Vereinigten Staaten wegen Verletzung des Espionage Acts angeklagt werden.

Die ACLU (American Civil Liberties Union) hatte gemeinsam mit Amnesty International und Human Rights Watch zur Unterstützung aufgefordert. Nun konnten die Organisationen gemeinsam in einem Brief an Obama vermelden:

We are hereby delivering signatures from 1,101,252 people across the world who ask that you use your presidential authority to pardon Edward Snowden.

(Hiermit überbringen wir die Unterschriften von 1.101.252 Menschen von überall auf der Welt, die um die präsidiale Befugnis zur Begnadigung Edward Snowdens ersuchen.)

Amnesty International hat parallel auch eine Unterstützungskampagne ins Leben gerufen, die den Geflüchteten in Hongkong helfen soll, die Snowden bei seiner Flucht Beistand geleistet hatten.

Begnadigung für Chelsea Manning?

Chelsea Manning soll unterdessen auf einer sogenannten „short list“ stehen, die Menschen umfasst, die zur Begnadigung in Frage kommen, wie NBC News meldete. Manning sitzt eine 35-jährige Freiheitsstrafe für die Preisgabe von Regierungsgeheimnissen im Zusammenhang mit der Veröffentlichung von Diplomaten-Depeschen des US-amerikanischen Außenministeriums ab.

Update:
Soeben (Dienstagabend) wird auf allen Kanälen gemeldet, dass Chelsea Manning im Mai auf Geheiß von US-Präsident Obama entlassen wird. Auch in den deutschen Medien, wie hier in der FAZ, wird die gute Nachricht bereits weiterverbreitet, dass sie an 17. Mai eine freie Frau sein wird. :}


Unterstütze unsere Recherchen und Berichterstattung für Grundrechte und ein freies Internet durch eine Spende.

18 Jan 05:34

Amnesty-Bericht: Viele EU-Länder unterscheiden sich kaum noch von Überwachungsstaaten

by Markus Reuter
mkalus shared this story from netzpolitik.org.

Viele europäische Länder befinden sich in einem Zustand der sicherheitspolitischen Aufrüstung. (Symbolbild). Foto: CC0 1.0 | Harri Kuakkanen.

Amnesty International hat die Auswirkungen von Anti-Terrorgesetzen auf die Grund- und Freiheitsrechte in 14 EU-Staaten analysiert. John Dalhuisen, Direktor für die Region Europa bei Amnesty International, kommt zu folgendem Fazit:

„Einzeln beleuchtet sind viele Antiterrormaßnahmen besorgniserregend. Betrachtet man sie zusammen, ergibt sich ein verstörendes Bild. Für unsere Gesellschaften lange selbstverständliche Rechte werden nun unkontrolliert massiv eingeschränkt“.

Der 70-seitige Bericht mit dem Titel „Dangerously disproportionate: The ever-expanding national security state in Europe“ betrachtet aus der Vogelperspektive in acht Kapiteln verschiedene Schwerpunkte wie Nostandsgesetze, Überwachung, Meinungsfreiheit oder Bewegungsfreiheit.

Schwellen für Notstandsgesetze gesenkt

In vielen Staaten seien die Schwellen drastisch gesenkt worden, um Not- und Ausnahmezustände zu erklären, in denen Sicherheitsbehörden weitgehende Einschränkungen der Grund- und Menschenrechte ohne ausreichende richterliche Kontrolle erlaubt werden, heißt es in der deutschen Zusammenfassung des Berichtes.

So könnten in Ungarn nach Ausrufen des Notstands nicht nur Versammlungs- und Bewegungsfreiheit stark eingeschränkt werden: Geltende Gesetze können einfach ausgesetzt und neue im Eilverfahren erlassen werden.

In Frankreich sei der Ausnahmezustand inzwischen fünf Mal verlängert worden, wodurch eine Reihe einschränkender Maßnahmen zum Standard wird, darunter Durchsuchungen ohne gerichtliche Genehmigung und das Verbot von Demonstrationen. So wurden die Notstandsgesetze auch als Begründung genutzt, um im Vorfeld der UN-Klimakonferenz Umweltschützer unter Hausarrest zu setzen.

Erweiterung von anlassloser Massenüberwachung

Viele EU-Länder unterschieden sich kaum noch von „Überwachungsstaaten“, indem sie Sicherheitsbehörden und Geheimdiensten weitreichende Befugnisse zur anlasslosen Massenüberwachung ohne die notwendige rechtsstaatliche richterliche Kontrolle einräumen, heißt es im Bericht.

So seien beispielsweise in Großbritannien, Frankreich, Deutschland, Polen, Ungarn, Österreich, Belgien und den Niederlanden Befugnisse zur Massenüberwachung erteilt beziehungsweise erweitert worden, die das anlasslose Abgreifen und den Zugang zu den Daten von Millionen von Menschen erlauben.

Polens neues Antiterrorgesetz räume den Behörden unverhältnismäßig weitreichende Machtbefugnisse ein, darunter diskriminierendes Vorgehen gegen ausländische Staatsangehörige. Es erlaubt die verdeckte Überwachung von ausländischen Staatsangehörigen über einen Zeitraum von drei Monaten, ohne dass eine gerichtliche Kontrolle erfolgt – einschließlich des Abhörens von Gesprächen, der Kontrolle elektronischer Kommunikation und der Überwachung der Telekommunikationsnetze.

In Großbritannien habe der Investigatory Powers Act verheerende Auswirkungen für die Privatsphäre und andere Menschenrechte im Land. An Deutschland kritisiert der Bericht vor allem das neue BND-Gesetz. Hier habe die Bundesregierung keine der Warnungen des UN-Sonderberichterstatters berücksichtigt.

Einschränkung von Versammlungsrecht und Bewegungsfreiheit

Zur Gefahrenabwehr schränkten Behörden zunehmend Rechte wie Bewegungsfreiheit, Versammlungsfreiheit oder Privatsphäre ein. In vielen Fällen werden Menschen mit Ausgangssperren oder Reiseverboten belegt oder müssen eine elektronische Fußfessel tragen. Die Anwendung solcher Kontrollmaßnahmen müsse stets verhältnismäßig und tatsächlich notwendig sein, sie dürfe erst nach einer richterlichen Prüfung und Anordnung erfolgen, fordert Amnesty International.

Besonders stark von diskriminierenden Maßnahmen betroffen seien Menschen muslimischen Glaubens und ausländische Staatsangehörige beziehungsweise Personen, die für solche gehalten werden. Diskriminierendes Handeln seitens der Staatsgewalt scheine vor dem Hintergrund der nationalen Sicherheit zunehmend als „akzeptabel“ angesehen zu werden.


Unterstütze unsere Recherchen und Berichterstattung für Grundrechte und ein freies Internet durch eine Spende.

17 Jan 19:39

Evernote 8.0 Released

by John Voorhees

Evernote unveiled a major update to its namesake app today. The company says it redesigned the app from the ground up with a focus on three functionalities:

  • Faster ways to find notes
  • New notes, now just one tap away
  • Add color and style to your notes

In general, Evernote has taken a cleaner, simpler approach to the app's design. The tab bar along the bottom of the app features a prominent plus button for adding a new note. Pressing and holding that button gives users the option to record audio, capture images, and create reminders. Evernote has also added new ways to format the text of notes with colors and other choices.

Navigation has been improved too. What was the home screen, has been eliminated. Instead, Evernote launches to wherever you left off the last time you used it. Features like notebooks, tags, and reminders are still available but have been tucked away in the UI so they are less prominent, creating a less distracting experience overall.

Although I have not had an opportunity to thoroughly test the update, I am encouraged by Evernote’s renewed focus on note taking. The redesign is a good start, but the company has a long way to go to win back the trust of many users based on feedback we’ve gotten from MacStories readers. For those interested, David Pierce has a great piece on Wired covering Evernote’s recent missteps, where it hopes to take its product, and the ongoing challenges it faces. How Evernote addresses its past missteps and communicates the changes it’s made to users will be just as critical to its future as the redesign released today.


Support MacStories Directly

Club MacStories offers exclusive access to extra MacStories content, delivered every week; it’s also a way to support us directly.

Club MacStories will help you discover the best apps for your devices and get the most out of your iPhone, iPad, and Mac. Plus, it’s made in Italy.

Join Now