[liberationtech] MOSSCon in Louisville in May! Submit your proposal this week!

[John List]

You are invited to be a speaker/presenter at MOSSCon.

Preparations are in full swing for the very first Midwest Open Source 
Software Conference (MOSSCon), to be held in Louisville on May 18-19. 
This is an "All Things Open" conference and is in a central, accessible 
location for many. Your help in spreading the word and helping us fill 
out our schedule of presentations and workshops would be appreciated.


This is going to be a great networking event for the whole region! 
Louisville is in such a central location, it can draw from a very wide area.


We have a great venue: the University of Louisville's Student Activities 
Center, with several large halls, a number of smaller meeting rooms, and 
plenty of exhibit space available for groups and businesses to make 
their presence known.


We are working on a broadly based "Open" theme, that can include open 
source hardware, open data, etc., as well as the full gamut of open 
source software.


We already have some super presentations lined up. But there are still 
plenty of pieces that need to come together. Right now we are 
concentrating on filling out our schedule with more presentations and 
workshops. And soliciting sponsors.


If you're involved with Open Source (or open anything) you definitely 
want to be a part of this. I encourage you to consider speaking or doing 
a presentation or workshop on a subject in your area of interest and/or 
expertise.


Check out the conference website at http://mosscon.org/. Click on "Be a 
Speaker" for details on submitting your proposal.


But get to it! The deadline for submitting your preliminary proposal is 
this Friday, March 29!


http://mosscon.org/

Spread the word and submit your proposal!

Thanks,

John Hicks

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Privacy, data protection questions

[Rich Kulawiec]

On Tue, Mar 26, 2013 at 04:24:33PM -0700, Brian Conley wrote:
> I generally read most of your comments on this list as I find
> them insightful, however in this case, I was struck by your
> entirely hostile attitude.

You're misreading exasperation and frustration as anger, and you're
still focused on style rather than substance.  If you think I'm wrong
(and of course I might be) then make the case.  Show me how someone
can keep (let's say) a 1000-phone population in the field secure when
there's an adversary actively trying to make them otherwise.

---rsk
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Report: Congress and Information Overload, What to do? Case studies

[Lorelei Kelly]

hi everyone! Here's a new report from New America that might pique your
interest -- one of the reasons Congress keeps writing such bad laws (CFAA
this week) is because the civic technologists and open source technical
experts are not present or obvious on the support bench, and not in the
formative stages of information gathering.

http://newamerica.net/pressroom/2013/new_report_potential_solutions_for_congress_information_crisis

-- 
*Lorelei Kelly *
*
*
*
*
*check out our 
SmartCongresspitch!
*
*read about Congress' Wicked
Problem
*
look at these cool maps about guns and
powerin
the Atlantic
*
*Open Technology Institute
New America Foundation

Tweeting @loreleikelly

cell: 202-487-7728
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Unique in the Crowd: The privacy bounds of human mobility

[Eugen Leitl]

(full text available on site)

http://www.nature.com/srep/2013/130325/srep01376/full/srep01376.html

Unique in the Crowd: The privacy bounds of human mobility

Yves-Alexandre de Montjoye,  César A. Hidalgo,   Michel Verleysen
& Vincent D. Blondel

Scientific Reports 3, Article number: 1376 doi:10.1038/srep01376

Received 01 October 2012 Accepted 04 February 2013 Published 25 March 2013

We study fifteen months of human mobility data for one and a half million
individuals and find that human mobility traces are highly unique. In fact,
in a dataset where the location of an individual is specified hourly, and
with a spatial resolution equal to that given by the carrier's antennas, four
spatio-temporal points are enough to uniquely identify 95% of the
individuals. We coarsen the data spatially and temporally to find a formula
for the uniqueness of human mobility traces given their resolution and the
available outside information. This formula shows that the uniqueness of
mobility traces decays approximately as the 1/10 power of their resolution.
Hence, even coarse datasets provide little anonymity. These findings
represent fundamental constraints to an individual's privacy and have
important implications for the design of frameworks and institutions
dedicated to protect the privacy of individuals.

Subject terms:

Applied mathematicsComputational scienceStatisticsApplied physics
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Mobile Phone Use Patterns: The New Fingerprint

[Enrique Piraces]

This may be of interest to the list, an interesting study.

-Mobile Phone Use Patterns: The New Fingerprint
Mobile phone use may be a more accurate identifier of individuals than even 
their own fingerprints, according to research published on the web site of the 
scientific journal Nature.

Scientists at MIT and the Université catholique de Louvain in Belgium analyzed 
15 months of mobility data for 1.5 million individuals who the same mobile 
carrier. Their analysis, “Unique in the Crowd: the privacy bounds of human 
mobility” showed that data from just four, randomly chosen “spatio-temporal 
points” (for example, mobile device pings to carrier antennas) was enough to 
uniquely identify 95% of the individuals, based on their pattern of movement. 
Even with just two randomly chosen points, the researchers say they could 
uniquely characterize around half of the 1.5 million mobile phone users. The 
research has profound implications for privacy, suggesting that the use of 
mobile devices makes it impossible to remain anonymous – even without the use 
of tracking software.

More: http://securityledger.com/mobile-phone-use-patterns-the-new-fingerprint


Best,
Enrique Piracés
Human Rights Watch
https://www.hrw.org
https://www.twitter.com/epiraces

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Report: Congress and Information Overload, What to do? Case studies

[Andrés Leopoldo Pacheco Sanfuentes]

Thanks, Lorelei, for that reference! I think it is critical for the
survival of democracy to leverage Innovations in Information Technology to
empower citizens (though, paradoxically, not of the "United" kind though!
:D)

Best Regards | Cordiales Saludos | Grato,

Andrés L. Pacheco Sanfuentes

+1 (817) 271-9619


On Wed, Mar 27, 2013 at 7:52 AM, Lorelei Kelly wrote:

> hi everyone! Here's a new report from New America that might pique your
> interest -- one of the reasons Congress keeps writing such bad laws (CFAA
> this week) is because the civic technologists and open source technical
> experts are not present or obvious on the support bench, and not in the
> formative stages of information gathering.
>
>
> http://newamerica.net/pressroom/2013/new_report_potential_solutions_for_congress_information_crisis
>
> --
> *Lorelei Kelly *
> *
> *
> *
> *
> *check out our 
> SmartCongresspitch!
> *
> *read about Congress' Wicked 
> Problem
> *
> look at these cool maps about guns and 
> powerin
>  the Atlantic
> *
> *Open Technology Institute
> New America Foundation
>
> Tweeting @loreleikelly
>
> cell: 202-487-7728
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] [tt] Neuroimaging 'biomarker' linked to rearrest after incarceration.

[Eugen Leitl]

http://www.nature.com/news/brain-scans-predict-which-criminals-are-more-likely-to-reoffend-1.12672

Brain scans predict which criminals are more likely to reoffend

Neuroimaging 'biomarker' linked to rearrest after incarceration.

Regina Nuzzo

25 March 2013

Activity in a particular region of the cortex could tell whether a convict is
likely to get in trouble again.  DOUG MENUEZ/GETTY

In a twist that evokes the dystopian science fiction of writer Philip K.
Dick, neuroscientists have found a way to predict whether convicted felons
are likely to commit crimes again from looking at their brain scans. Convicts
showing low activity in a brain region associated with decision-making and
action are more likely to be arrested again, and sooner.

Kent Kiehl, a neuroscientist at the non-profit Mind Research Network in
Albuquerque, New Mexico, and his collaborators studied a group of 96 male
prisoners just before their release. The researchers used functional magnetic
resonance imaging (fMRI) to scan the prisoners’ brains during computer tasks
in which subjects had to make quick decisions and inhibit impulsive
reactions.

The scans focused on activity in a section of the anterior cingulate cortex
(ACC), a small region in the front of the brain involved in motor control and
executive functioning. The researchers then followed the ex-convicts for four
years to see how they fared.

Among the subjects of the study, men who had lower ACC activity during the
quick-decision tasks were more likely to be arrested again after getting out
of prison, even after the researchers accounted for other risk factors such
as age, drug and alcohol abuse and psychopathic traits. Men who were in the
lower half of the ACC activity ranking had a 2.6-fold higher rate of rearrest
for all crimes and a 4.3-fold higher rate for nonviolent crimes. The results
are published today in the Proceedings of the National Academy of Sciences1.

There is growing interest in using neuroimaging to predict specific
behaviour, says Tor Wager, a neuroscientist at the University of Colorado in
Boulder. He says that studies such as this one, which tie brain imaging to
concrete clinical outcomes, “provide a new and so far very promising way” to
find patterns of brain activity that have broader implications for society.

But the authors themselves stress that much more work is needed to prove that
the technique is reliable and consistent, and that it is likely to flag only
the truly high-risk felons and leave the low-risk ones alone. “This isn't
ready for prime time,” says Kiehl.

Wager adds that the part of the ACC examined in this study “is one of the
most frequently activated areas in the human brain across all kinds of tasks
and psychological states”. Low ACC activity could have a variety of causes —
impulsivity, caffeine use, vascular health, low motivation or better neural
efficiency — and not all of these are necessarily related to criminal
behaviour.

Crime prediction was the subject of Dick's 1956 short story “The Minority
Report” (adapted for the silver screen by Steven Spielberg in 2002), which
highlighted the thorny ethics of arresting people for crimes they had yet to
commit.

Brain scans are of course a far cry from the clairvoyants featured in that
science-fiction story. But even if the science turns out to be reliable, the
legal and social implications remain to be explored, the authors warn.
Perhaps the most appropriate use for neurobiological markers would be for
helping to make low-stakes decisions, such as which rehabilitation treatment
to assign a prisoner, rather than high-stakes ones such as sentencing or
releasing on parole.

“A treatment of [these clinical neuroimaging studies] that is either too
glibly enthusiastic or over-critical,” Wager says, “will be damaging for this
emerging science in the long run.”

Nature doi:10.1038/nature.2013.12672

References

Aharoni, E. et al. Proc. Natl Acad. Sci. USA
http://dx.doi.org/10.1073/pnas.1219302110 (2013).

Yarkoni, T., Poldrack, R. A., Nichols, T. E., Van Essen, D. C. & Wager, T. D.
Nature Methods 8, 665–670 (2011).
___
tt mailing list
t...@postbiota.org
http://postbiota.org/mailman/listinfo/tt
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Mobile Phone Use Patterns: The New Fingerprint

[Gregory Foster]

Thank you very much for sending this study.

One of the common assertions we are hearing about so-called "historical" 
geolocation data as compared to "realtime" geolocation data is that the 
greater geospatial accuracy of the realtime ping creates an increased 
privacy interest for the targeted individual. One can make the argument 
that the ever-increasing density of cellphone towers and femtocells 
makes historical cell site/radio locations as accurate as realtime 
pings/multilaterations.  But one also has to admit that cell towers out 
in some alleged rural area must cover "hundreds of square miles."


This study provides much needed validation of the intuitive 
understanding we all have that the historical record of our movements 
accumulated over time reveals much more about us than an isolated 
realtime ping.  And that we have a privacy interest in both forms of data.


Again, thanks for sending this.
gf


On 3/27/13 8:24 AM, Enrique Piraces wrote:

This may be of interest to the list, an interesting study.

Mobile Phone Use Patterns: The New Fingerprint
Mobile phone use may be a more accurate identifier of individuals than even 
their own fingerprints, according to research published on the web site of the 
scientific journal Nature.

Scientists at MIT and the Université catholique de Louvain in Belgium analyzed 
15 months of mobility data for 1.5 million individuals who the same mobile 
carrier. Their analysis, “Unique in the Crowd: the privacy bounds of human 
mobility” showed that data from just four, randomly chosen “spatio-temporal 
points” (for example, mobile device pings to carrier antennas) was enough to 
uniquely identify 95% of the individuals, based on their pattern of movement. 
Even with just two randomly chosen points, the researchers say they could 
uniquely characterize around half of the 1.5 million mobile phone users. The 
research has profound implications for privacy, suggesting that the use of 
mobile devices makes it impossible to remain anonymous – even without the use 
of tracking software.

More: http://securityledger.com/mobile-phone-use-patterns-the-new-fingerprint


Best,
Enrique Piracés
Human Rights Watch
https://www.hrw.org
https://www.twitter.com/epiraces


--
Gregory Foster || gfos...@entersection.org
@gregoryfoster <> http://entersection.com/

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] [hackerspaces] Byzantium Linux v0.3a is out!

[Eugen Leitl]

- Forwarded message from The Doctor  -

From: The Doctor 
Date: Wed, 27 Mar 2013 11:32:13 -0400
To: Hackerspaces General Discussion List 
Subject: [hackerspaces] Byzantium Linux v0.3a is out!
Organization: Virtual Adept Networks, Unlimited
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
rv:17.0) Gecko/17.0 Thunderbird/17.0
Reply-To: dr...@virtadpt.net,
Hackerspaces General Discussion List 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

http://project-byzantium.org/announcing-the-release-of-v0-3a-codename-beach-cat/

ANNOUNCING BYZANTIUM LINUX V0.3a (Beach Cat)
Approved for: GENERAL RELEASE, DISTRIBUTION UNLIMITED

NOTE: This is Byzantium Linux for x86-compatible laptops and desktops.
This release is not compatible with the Raspberry Pi.  We just started
work on that port.

Project Byzantium, a working group of HacDC (http://hacdc.org/) is
proud to announce the release of v0.3 alpha of Byzantium Linux, a live
distribution of Linux which makes it fast and easy to construct an
ad-hoc wireless mesh network which can augment or replace the current
telecommunications infrastructure in the event that it is knocked
offline (for example, due to a natural disaster) or rendered
untrustworthy (through widespread surveillance or disconnection by
hostile entities).  Byzantium Linux is designed to run on any x86
computer with at least one 802.11 a/b/g/n wireless interface.
Byzantium can be burned to a CD- or DVD-ROM (the .iso image is around
372 megabytes in size), booted from an external hard drive, or can
even be installed in parallel with an existing operating system
without risk to the user's data and software.  Byzantium Linux will
act as a node of the mesh and will automatically connect to other mesh
nodes and act as an access point for wifi-enabled mobile devices.

This release is unique because it is based upon the work we did in New
York City in the weeks following Hurricane Sandy in late 2012.  We
were asked by FEMA (Federal Emergency Management Agency) to help
restore the telecommunications network in the neighborhood of Red
Hook, and the design requirements were dictated by the needs of the
community as described by leaders and elders.  v0.3a constitutes a
formalization of those requirements rather than the ad-hoc build we
deployed in Red Hook.

THIS IS AN ALPHA RELEASE!  Do NOT expect Byzantium to be perfect.
Some features are not ready yet, others need work.  Things are going
to break in weird ways and we need to know what those ways are so we
can fix them.  Please, for the love of LOLcats, do not deploy
Byzantium in situations where lives are at stake.

FEATURES:
- - Binary compatible with Slackware-CURRENT.  Existing Slackware
packages can be converted with a single command.
- - Automatically configures itself on boot.  There is no longer a need
for a control panel.
- - Can act as a gateway to the Internet if a link is available (via
Ethernet or tethered smartphone).
- - Linux kernel v3.4.4
- - Drivers for dozens of wireless chipsets
- - KDE Trinity r14.0.0 (Development)
- - LXDE (2011 release of all components)
- - Mplayer v4.5.1
- - GCC v4.5.2
- - Perl v5.14
- - Python v2.7.3
- - Firefox v13.0.1
- - X.org

SYSTEM REQUIREMENTS (to use)
- - Minimum of 1GB of RAM (512MB without copy2ram boot option)
- - i586 CPU or better
- - CD- or DVD-ROM drive
- - BIOS must boot removable media
- - At least one (1) 802.11 a/b/g/n interface

SYSTEM REQUIREMENTS (for persistent changes)
- - The above requirements to use Byzantium
- - 2+GB of free space on thumbdrive or harddrive

WHAT WE NEED:
- - Developers.
- - Developers!
- - DEVELOPERS!
- - No more Bill Ballmer impersonations.
- - People running Byzantium to find bugs.
- - People reporting bugs on our Github page
(https://github.com/Byzantium/Byzantium/issues).  We can't fix what we
don't know about!
- - Patches.
- - People booting Byzantium and setting up small meshes (2-5 clients)
to tell us how well it works for you with your hardware.  We have a
hardware compatibility list on our wiki that needs to be expanded.
- - Help translating the user interface.  We especially need people
fluent in dialects of Chinese, Arabic, Farsi, and Urdu.
- - Help us write and translate documentation.

Homepage: http://project-byzantium.org/
Download sites: http://project-byzantium.org/download/

This announcement is published under a Creative Commons By Attribution
/ Noncommercial / Share Alike v3.0 License.
(http://creativecommons.org/licenses/by-nc-sa/3.0/)

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

The future belongs to the brave.

-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlFTEP0ACgkQO9j/K4B7F8Fs4ACdH0Uk9NjQvzMaV+fvuLxDwRwY
bLcAoMSVALO+m12AyK4Zz0SOddn++Ibt
=XdgM
-END PGP SIGNATURE-
___

Re: [liberationtech] Privacy, data protection questions

[Andrew Haeg]

Hi Brian, Rich: Thanks for engaging me (and one another) here. I take no
umbrage at Rich's line of argumentation. In fact, having been a lurker and
occasional poster here for several months now, I am well aware there are
(as Rich put it) "paranoid clueful paranoid diligent (did I mention
paranoid?) geeks" in our midst and expected a passionate response of some
kind. If I were easily put off by criticism, I wouldn't be doing this.

But I will say that while I'm not deeply technical, I'm acutely aware of
what I don't know. Which is why, for now, we're avoiding many of the
pitfalls you point out. Right now, we're building solely for SMS and voice
delivery of simple surveys, and aggregating that data to build profiles of
respondents. Nothing need be installed on the phone.

I will bookmark this thread as we start to think about smartphone apps, but
for all the reasons you raise, it may be a non-starter in places with
nosey, repressive regimes.

The privacy questions I have right now have to do with partitioning the DB
in such a way that a malevolent hacker, or personal info digger, couldn't
crack into our system and in one fell swoop make off with a trove of mobile
#'s + the personal info of the person connected to that number.

Whoever I bring on as CTO/technical co-founder I will expect to shape these
decisions.

I appreciate the feedback.

- Andrew



On Mon, Mar 25, 2013 at 12:57 PM, Brian Conley wrote:

> Rich,
>
> Mostly I'm taking issue with your nonconstructive demeanor. I've not seen
> you take the Guardian Project to task for trying to solve some of the same
> problems. I've not seen you take Tor project or Whisper Systems to task.
> You have essentially shat on someone's head who is taking a risk by being
> open and asking for feedback.
>
> As this is a LIST that numerous people have mentioned is beneficial to
> them as a "place for discussion" one might expect common courtesy to
> prevail. I know that is not the general tendency on the internet, where
> trolls abound.
>
> Perhaps we could all try to be a bit less trollish, and perhaps more
> "gnomish."  I would present Steve Weis' critical, yet cordial response to
> Crypho on another thread as a good example:
>
> "Hi Yiorgis. The "ways of asserting the authenticity of served
> [JavaScript]" always reduce to trusted code executing on the client. You
> need to trust whatever is authenticating the served application. You can't
> get around it.
>
> This approach always ends up with either trusting the service or running
> client-side code. The former is a perfectly fine business model and the
> standard for almost all web apps, but you can't make the claim that "the
> government and our staff cannot access your data". It's simply not true,
> and not just because there might be incidental bugs you're working on
> fixing. It's fundamentally untrue.
>
> I appreciate the challenge you are trying to tackle and understand that
> delivering client-side code across all browsers and platforms is a
> non-starter for an early startup. If it were an easy problem, we wouldn't
> be having this discussion. I wish you luck in solving it."
>
> Regards,
>
> Brian
>
> On Mon, Mar 25, 2013 at 5:52 AM, Rich Kulawiec  wrote:
>
>> On Fri, Mar 22, 2013 at 04:29:38PM -0700, Brian Conley wrote:
>> > Nose to the grindstone Andrew. Use Rich's email to remind you this is
>> hard,
>> > but its still worth doing.
>>
>> I've read this multiple times and I still have no idea how your remarks
>> relate to what I wrote in re the (in)security of smartphones, the
>> resulting pervasive malware epidemic and the subsequent serious
>> architectural problems for application developers, including but not
>> limited to this one.  ("serious architectural problems" == "you're
>> building on enemy territory, this probably won't end well")
>>
>> Neither coffee nor scotch (both applied liberally) have yielded any
>> enlightenment, so I must now ask: Whiskey Tango Foxtrot, Over?
>>
>> ---rsk
>> --
>> Too many emails? Unsubscribe, change to digest, or change password by
>> emailing moderator at compa...@stanford.edu or changing your settings at
>> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>>
>
>
>
> --
>
>
>
> Brian Conley
>
> Director, Small World News
>
> http://smallworldnews.tv
>
> m: 646.285.2046
>
> Skype: brianjoelconley
>
>
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Innovation for Development Reporting Grant Programme announces 2nd deadline for submissions

[Yosem Companys]

http://www.ejc.net/about/press_releases/innovation_for_development_reporting_grant_programme_announces_second/

The European Journalism Centre (EJC) is pleased to announce that it
has received more than 500 applications in the first round of the
Innovation for Development Reporting Grant Programme.

“We are very happy to observe such a high media interest in reporting
global development stories. Regardless of the outcome, we are very
enthusiastic that over the past two months journalists and media
organisations have taken a closer look at and really thought outside
of the box when it comes to stories from the developing world. We hope
that media houses will keep up this trend, as a well-informed public
in the developed world can have a positive impact on policies for the
developing world”, said Wilfried Ruetten, EJC Director.

Over the next three weeks, the EJC will evaluate the entries and
inform all applicants of the status of their application(s). Due to
the large number of submissions, we will however not be able to give
individual feedback to unsuccessful candidates. Shortlisted applicants
will have one month’s time to submit a complete proposal and provide
any necessary supporting documents. The first grants will be announced
at the end of May.

Everyone else whose best global development pitch is still on the
shelf: don’t be discouraged. On the 3rd of April we will be opening
our second call for applications.

In order to give interested candidates sufficient time to prepare
powerful proposals we will run a second, longer round over the coming
five months, as opposed to the remaining two shorter rounds that were
planned initially.

The second round to submit entries will run until midnight (24:00) CET
on 2 September 2013.

The Innovation for Development Reporting Grant Programme (IDR) was
launched in January 2013 by the EJC with support from the Bill &
Melinda Gates Foundation. The project aims to reward quality
journalism and advance a new and distinctive agenda for development
coverage.

A selection of state-of-the-art reporting projects of great impact and
high visibility will be awarded funding in 2013.

The European Journalism Centre (EJC) is a non-profit international
foundation with the remit to improve, strengthen, and underpin
journalism and the news media. This mission has two main aspects: On
the one hand, it is about safeguarding, enhancing, and future-proofing
quality journalism in Europe and on the other hand, it is about
supporting initiatives towards press freedom in emerging and
developing countries. This often includes creating the framework
conditions for independent and self-determined journalism in the first
place. To these ends, the EJC provides thematic training, professional
capacity development, and a wide range of support activities for
journalists.

###

Email: i...@journalismgrants.org
Website: http://journalismgrants.org
Facebook: http://facebook.com/journalism.grants
Twitter: @journagrants
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Update

[Peter Fein]

Just because I accidentally told the whole list a while back and it's
come up several times recently:

I finished with my contract with Access a few weeks ago - thanks to
Brett, Gustaf and the rest of the crew for a wonderful experience.
I'll be returning to my freelance software development business,
ad-hoc activism and coding open source freedom tech in my spare time.

-- 
Peter Fein | wearpants.org | @wearpants

I read email at the start and end of each day. IM if urgent.
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Schneier: Focus on training obscures the failures of security design

[Carol Waters]

At the risk of igniting an inbox-exploding smackdown thread, I think the
following piece by
Schneieris
definitely worth a read and thoughtful discussion; particularly from
the
POV of both trainers and developers.  It was posted last week, but I don't
believe it made it to Libtech -- apologies if it did and I simply missed
it.  (It's also kicked off a pretty healthy thread of comments on
Slashdot
.)

On Security Awareness Training

* The focus on training obscures the failures of security design* By *Bruce
Schneier*
*Dark Reading*

Should companies spend money on security awareness training for their
employees? It’s a contentious topic, with respected experts on
both
 
sides
of
the debate. I personally believe that training users in security is
generally a waste of time and that the money can be spent better elsewhere.
Moreover, I believe that our industry’s focus on training serves to obscure
greater failings in security design.

In order to understand my argument, it’s useful to look at training’s
successes and failures. One area where it doesn’t work very well is health.
We are forever trying to train people to have healthier lifestyles: eat
better, exercise more, whatever. And people are forever ignoring the
lessons. One basic reason is psychological: We just aren’t very good at
trading off immediate gratification for long-term benefit. A healthier you
is an abstract eventually; sitting in front of the television all afternoon
with a McDonald’s Super Monster Meal sounds really good *right now*.

Similarly, computer security is an abstract benefit that gets in the way of
enjoying the Internet. Good practices might protect me from a theoretical
attack at some time in the future, but they’re a bother right now, and I
have more fun things to think about. This is the same trick Facebook uses
to get people to give away their privacy. No one reads through new privacy
policies; it’s much easier to just click “OK” and start chatting with your
friends. In short: Security is never salient.

Another reason health training works poorly is that it’s hard to link
behaviors with benefits. We can train anyone — even laboratory rats — with
a simple reward mechanism: Push the button, get a food pellet. But with
health, the connection is more abstract. If you’re unhealthy, then what
caused it? It might have been something you did or didn’t do years ago. It
might have been one of the dozen things you have been doing and not doing
for months. Or it might have been the genes you were born with. Computer
security is a lot like this, too.

Training laypeople in pharmacology also isn’t very effective. We expect
people to make all sorts of medical decisions at the drugstore, and they’re
not very good at it. Turns out that it’s hard to teach expertise. We can’t
expect every mother to have the knowledge of a doctor, pharmacist, or RN,
and we certainly can’t expect her to become an expert when most of the
advice she’s exposed to comes from manufacturers’ advertising. In computer
security, too, a lot of advice comes from companies with products and
services to sell.

One area of health that *is* a training success is HIV prevention. HIV may
be very complicated, but the rules for preventing it are pretty simple. And
aside from certain sub-Saharan countries, we have taught people a new model
of their health and have dramatically changed their behavior. This is
important: Most lay medical expertise stems from folk models of health.
Similarly, people have folk models of computer
security
(PDF).
Maybe they’re right, and maybe they’re wrong, but they’re how people
organize their thinking. This points to a possible way that computer
security training can succeed. We should stop trying to teach expertise,
pick a few simple metaphors of security, and train people to make decisions
using those metaphors.

On the other hand, we still have trouble teaching people to wash their
hands — even though it’s easy, fairly effective, and simple to explain.
Notice the difference, though. The risks of catching HIV are huge, and the
cause of the security failure is obvious. The risks of not washing your
hands are low, and it’s not easy to tie the resultant disease to a
particular not-washing decision. Computer security is more like hand
washing than HIV.

Another area where training works is driving. We trained, either through
formal courses or one-on-one tutoring, and passed a government test to be
allowed to drive a car. One reason that works is because driving is a
near-term, really cool

[liberationtech] Cryptoparty in Los Altos, California

[Rhona Mahony]

The Los Altos Library is letting us offer a Cryptoparty for the general
public in a big room with sunlight and wifi on Sunday, May 19, 2013,
from 1 pm to 3 pm at 13 South San Antonio Road, Los Altos, California.
http://www.sccl.org/locations/hours-and-locations/los-altos/news
We hope that our team of teenage volunteer teachers will come again,
after their brilliant work at the Cryptoparty on the Stanford University
campus on February 24, 2013.
http://wildbee.org/2013/03/07/cryptoparty-stanford/
We are covering very basic topics: strong passwords, Https Everywhere,
DuckDuckGo and Startpage, ad blockers, Cryptocat, Truecrypt, PGP email
with Thunderbird, and Tor.
http://fluffernutter.info/cryptoparty/guests.html
Come if you like, to teach or learn.
~~Rhona
Rhona Mahony
rmah...@stanford.edu
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Schneier: Focus on training obscures the failures of security design

[Louis Suárez-Potts]

Doesn't this paragraph—below—sort of make intense discussion moot? I mean, if 
passwords are so last century, and if training is focused on getting workers to 
use already obsolete techniques that do nothing to secure against real threats, 
then…. where's the discussion? If the premise is correct, then the conclusion 
follows as Schneier states. I'd use a different analogy, of course. Just as 
duck and cover would probably have been as effective as putting a duck under 
cover (with orange sauce, I hope), so too…

In fact, like duck and cover, training is a spend that defrauds, and what does 
matter is intrinsically good design. And that's as true for security as 
usability as accessibility as interoperability. What's more, good design, the 
sort that defends privacy (and what else is a security breach but an intrusion, 
or invasion of privacy?), also promotes democrac

louis


On 13-03-27, at 19:45 , Carol Waters  wrote:

> On the other hand, password advice from 10 years ago isn’t relevant today 
> (PDF). Can I bank from my browser? Are PDFs safe? Are untrusted networks OK? 
> Is JavaScript good or bad? Are my photos more secure in the cloud or on my 
> own hard drive? The “interface” we use to interact with computers and the 
> Internet changes all the time, along with best practices for computer 
> security. This makes training a lot harder.

--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

[liberationtech] Vote results on "Reply to" Question

[Yosem Companys]

Dear Liberationtech list subscribers,

Thank you for your vote on the following question, "Do you want replies to
Liberationtech list messages directed to reply-to-all or reply-to-poster?"
 Here is the final vote tally:

   - Reply to All:  73%
   - Reply to Poster:  27%

For perspective, the vote tally last time on August 20, 2012, was
strikingly similar:

   - List: 69%
   - Sender: 31%

As a result, the list default option will stay at "reply to all."

Thanks again,

Yosem
One of your moderators
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Satellite phones for Rohingya in Burma

[Heather Marsh]

Would like to express gratitude to all on this list who have offered
assistance offlist, I really appreciate it.

Nothing is ideal, but so far it seems it was a very good idea to go.
Here is an update and we are about to get more regular reporting out
when our guys are in a bit safer situation than they are now.

http://www.vice.com/en_ca/read/the-rohingya-movement-as-seen-by-a-journalist-in-burma


All the best,

Heather Marsh,
@GeorgieBC on Twitter




On 13-03-18 12:21 AM, Griffin Boyce wrote:
> Jacob Appelbaum  wrote:
>>
>> It seems like physical smuggling or geo-caching of the data would be
>> much safer than a sat phone that can be *tracked* and *jammed*
>> simultaneously. At least with geo-caching, one could pass along the
>> coordinates for evidence later and then perhaps at a later date, we will
>> have the evidence stored, found and released.
>>
> 
>   That seems problematic, and the person who passed on the details of
> location still has the risk (perhaps a greater risk) of being identified.
>  Cell phones are extremely problematic too.
> 
> 
>> As far as physical smuggling, I suspect that people would need to
>> swallow the media cards or to sew them into clothing. That would allow
>> the cameras to stay in the area but for the data to trickle out.
>>
> 
>   Do not swallow SD or microSD cards, especially not unprotected.  They're
> very likely to become unusable, to say nothing of potential health effects.
>  There are a million ways to hide a microSD card on one's person.
> 
>   MicroSD cards fit into lockets, inside clothing seams, inside/under
> band-aids , in shoes, taped
> to the bottom of your foot, within bra layers (placement also makes sense
> because of small bits of metal here), in the bottom of a cigarette pack, in
> your mouth, under the lid of a water bottle, inside a flashlight, and any
> number of other items that make sense to have when crossing a border.
> 
>   It's 1cm x 1cm in size, and about 1mm thick. Get creative!  For cameras
> that take SD cards, you can use SD>MicroSD converters and smuggle out the
> tiny cards if you can get across the border.
> 
> ~Griffin Boyce
> 
> 
> 
> --
> Too many emails? Unsubscribe, change to digest, or change password by 
> emailing moderator at compa...@stanford.edu or changing your settings at 
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> 
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Vote results on "Reply to" Question

[Andrés Leopoldo Pacheco Sanfuentes]

The beauty of democracy! :-)
On Mar 27, 2013 10:20 PM, "Yosem Companys"  wrote:

> Dear Liberationtech list subscribers,
>
> Thank you for your vote on the following question, "Do you want replies to
> Liberationtech list messages directed to reply-to-all or reply-to-poster?"
>  Here is the final vote tally:
>
>- Reply to All:  73%
>- Reply to Poster:  27%
>
> For perspective, the vote tally last time on August 20, 2012, was
> strikingly similar:
>
>- List: 69%
>- Sender: 31%
>
>  As a result, the list default option will stay at "reply to all."
>
> Thanks again,
>
> Yosem
> One of your moderators
>
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at compa...@stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech

Re: [liberationtech] Vote results on "Reply to" Question

[Shava Nerad]

On Wed, Mar 27, 2013 at 11:37 PM, Andrés Leopoldo Pacheco Sanfuentes <
alps6...@gmail.com> wrote:

> The beauty of democracy! :-)
>

...for some definitions of "beauty" but all definitions of democracy.

That's my love with all the warts and blemishes! :)

yrs,
-- 

Shava Nerad
shav...@gmail.com
--
Too many emails? Unsubscribe, change to digest, or change password by emailing 
moderator at compa...@stanford.edu or changing your settings at 
https://mailman.stanford.edu/mailman/listinfo/liberationtech