date:20141031

[liberationtech] Show Me Your Dashboard - Digital Methods Winter School 2015 - Univ. of Amsterdam

2014-10-31 Thread Liliana Bounegru

SHOW ME YOUR DASHBOARD
New Media Monitoring and Data Analytics as Critical Practice
Digital Methods Winter School, Data Sprint and Mini-Conference


*12-16 January 2015 | Digital Methods Winter School *
*Digital Methods Initiative | http://www.digitalmethods.net/
http://www.digitalmethods.net/**Media Studies | University of Amsterdam*
*https://wiki.digitalmethods.net/Dmi/WinterSchool2015*
https://wiki.digitalmethods.net/Dmi/WinterSchool2015

The Digital Methods Initiative (DMI), Amsterdam, is pleased to announce its
7th annual Winter School, on New Media Monitoring and Data Analytics as
Critical Practice. The format is that of a data sprint, with hands-on work
on media monitoring with data analytics, and a Mini-conference, where
PhD candidates, motivated scholars and advanced graduate students present
short papers on digital methods and new media related topics, and receive
feedback from the Amsterdam group of DMI researchers and international
participants. Participants need not give a paper at the Mini-conference to
attend the Winter School.

The focus of this year's Winter School is on how online media monitoring is
currently done by non-governmental (NGOs) such as treealerts.org, and it
seeks to identify practices that could fill in the notion of critical data
analytics. For the occasion we have invited academics to present on the
state of the art of online media monitoring by focusing on three areas
where there is both innovation as well as repurposing of techniques
normally associated with marketing, business intelligence and the work of
digital agencies: issue discovery and language placement (who's carrying
the conversation), engagement and public fund-raising (when do images and
other engagement formats ‘work’?) and crisis communication (who is making
the calls when there is a breakdown?). At the Winter School social media
analysts and communications specialists from NGOs will present on the state
of the art of media monitoring, their current analytical needs and what the
Internet can continue to add with respect to new data sources as well as
monitoring techniques. We will also ask each of the organizations to show
us their dashboards.

The first day kicks off with Nathaniel Tkacz from the University of Warwick
who will talk about Dashboards and Data Signals
http://blogs.cim.warwick.ac.uk/dashboard/about-2/, and the desire to
control the data deluge. After the the first day of talks as well as
dashboard show and tell, the data sprint commences, whereupon the
attendees, including analysts, designers and programmers, undertake
empirical projects that address the state of the art in NGO online media
data analysis. We work on projects that seek to meet the current analytical
needs. The week closes with presentations of the outcomes as well as a
festive celebration. During the week there is also an evening of talks and
a debate with Jimmy Wales http://en.wikipedia.org/wiki/Jimmy_Wales,
co-founder of Wikipedia, at the nearby Royal Netherlands Academy of Arts
and Science https://www.knaw.nl/en/.

The theme of the 2015 Winter School furthers the analytical collaboration
between the Digital Methods Initiative and NGO media analysts, including
Soenke Lorenzen of Greenpeace International
http://www.greenpeace.org. Previously
workshop facilitators and collaborators have included representatives
from Human
Rights Watch http://www.hrw.org/, Association for Progressive
Communications https://www.apc.org/, Women on Waves
http://www.womenonwaves.org/, Carbon Trade Watch
http://www.carbontradewatch.org/, Corporate Observatory Europe
http://corporateeurope.org and Fair Phone http://www.fairphone.com/. In
preparation for the sprint we also have developed how-to worksheets on New
Media Monitoring and Tooling that take as their case studies NGO issue
mappings with digital methods. Upon conclusion we aim to compile the Sprint
projects from the Winter School, and combine them with the how-to sheets to
produce an open access publication on NGO media monitoring. All
participants are invited to contribute.
Digital Methods Winter School Data Sprint A data sprint is a workshop
format for intensive, empirical project work, where analysts, programers,
designers and subject matter experts collaborate to output research. This
year's data sprint is devoted to new media monitoring with data analytics,
and particularly its critical practice. Broadly speaking, media monitoring
is understood as the process of reading, watching or listening to the
editorial content of media sources on a continuing basis, and then
identifying, analyzing and saving materials that contain specific themes,
topics, keywords, names, forms or formats. Monitoring the editorial content
of news sources including newspapers, magazines, trade journals, TV shows,
radio programs and specific websites is by far the most common form of
media monitoring, but most organizations increasingly monitor social media
online, and its impact on the diffusion of news in all

[liberationtech] FYI: Making Connections to Facebook more Secure

2014-10-31 Thread Nariman Gharib

It’s important to us at Facebook to provide methods for people to use
our site securely. People connect to Facebook in many different ways,
which is why we have implemented HTTPS across our service, and Perfect
Forward Secrecy, HSTS, and other technologies which help give people
more confidence that they are connected securely to Facebook.

That doesn’t mean we can’t improve yet further.

Consider Tor: Tor challenges some assumptions of Facebook's security
mechanisms - for example its design means that from the perspective of
our systems a person who appears to be connecting from Australia at
one moment may the next appear to be in Sweden or Canada. In other
contexts such behaviour might suggest that a hacked account is being
accessed through a “botnet”, but for Tor this is normal.

Considerations like these have not always been reflected in Facebook's
security infrastructure, which has sometimes led to unnecessary
hurdles for people who connect to Facebook using Tor. To make their
experience more consistent with our goals of accessibility and
security, we have begun an experiment which makes Facebook available
directly over Tor network at the following URL:

https://facebookcorewwwi.onion/

[ NOTE: link will only work in Tor-enabled browsers ]

Facebook Onion Address

Facebook's onion address provides a way to access Facebook through Tor
without losing the cryptographic protections provided by the Tor
cloud.

The idea is that the Facebook onion address connects you to Facebook's
Core WWW Infrastructure - check the URL again, you'll see what we did
there - and it reflects one benefit of accessing Facebook this way:
that it provides end-to-end communication, from your browser directly
into a Facebook datacentre.

We decided to use SSL atop this service due in part to architectural
considerations - for example, we use the Tor daemon as a reverse proxy
into a load balancer and Facebook traffic requires the protection of
SSL over that link. As a result, we have provided an SSL certificate
which cites our onion address; this mechanism removes the Tor
Browser's “SSL Certificate Warning” for that onion address and
increases confidence that this service really is run by Facebook.
Issuing an SSL certificate for a Tor implementation is - in the Tor
world - a novel solution to attribute ownership of an onion address;
other solutions for attribution are ripe for consideration, but we
believe that this one provides an appropriate starting point for such
discussion.

Over time we hope to share some of the lessons that we have learned -
and will learn - about scaling and deploying services via the Facebook
onion address; we have many ideas and are looking forward to improving
this service. A medium-term goal will be to support Facebook's
mobile-friendly website via an onion address, although in the meantime
we expect the service to be of an evolutionary and slightly flaky
nature.

We hope that these and other features will be useful to people who
wish to use Facebook's onion address.

Finally, we would like to extend our thanks to Ms. Runa Sandvik and to
Dr. Steven Murdoch of UCL for their kind assistance and generous
advice in the development of this project.

Alec Muffett is a Software Engineer for Security Infrastructure at
Facebook London.

SOURCE:
https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237

Re: [liberationtech] FYI: Making Connections to Facebook more Secure

2014-10-31 Thread AntiTree

I find the interesting part the fact that they got a CA to sign a .onion
domain certificate. Is that normal?

On Fri, Oct 31, 2014 at 8:39 AM, Nariman Gharib nariman...@gmail.com
wrote:

It's important to us at Facebook to provide methods for people to use
our site securely. People connect to Facebook in many different ways,
which is why we have implemented HTTPS across our service, and Perfect
Forward Secrecy, HSTS, and other technologies which help give people
more confidence that they are connected securely to Facebook.

That doesn't mean we can't improve yet further.

https://facebookcorewwwi.onion/

[ NOTE: link will only work in Tor-enabled browsers ]

Facebook Onion Address

Facebook's onion address provides a way to access Facebook through Tor
without losing the cryptographic protections provided by the Tor
cloud.

We decided to use SSL atop this service due in part to architectural
considerations - for example, we use the Tor daemon as a reverse proxy
into a load balancer and Facebook traffic requires the protection of
SSL over that link. As a result, we have provided an SSL certificate
which cites our onion address; this mechanism removes the Tor
Browser's SSL Certificate Warning for that onion address and
increases confidence that this service really is run by Facebook.
Issuing an SSL certificate for a Tor implementation is - in the Tor
world - a novel solution to attribute ownership of an onion address;
other solutions for attribution are ripe for consideration, but we
believe that this one provides an appropriate starting point for such
discussion.

We hope that these and other features will be useful to people who
wish to use Facebook's onion address.

Finally, we would like to extend our thanks to Ms. Runa Sandvik and to
Dr. Steven Murdoch of UCL for their kind assistance and generous
advice in the development of this project.

Alec Muffett is a Software Engineer for Security Infrastructure at
Facebook London.

SOURCE:
https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237

--
PGP: 0xa53963936999cbb6
--
Liberationtech is public archives are searchable on Google. Violations
of list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech.
Unsubscribe, change to digest, or change password by emailing moderator at
compa...@stanford.edu.
--
Liberationtech is public archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.

Re: [liberationtech] FYI: Making Connections to Facebook more Secure

2014-10-31 Thread hellekin

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 10/31/2014 09:39 AM, Nariman Gharib wrote:
 
 https://facebookcorewwwi.onion/
 
*** That is an experiment.  Tor usage is likely to remain marginal on
Facebook.  But what if it doesn't?  Absorbing the traffic of Facebook
users into the Tor network would likely disrupt the assumptions of
anonymity of all users: obviously Facebook users would not be anonymous,
although their origin would--but it's probably marginal in the way FB
identifies its users.

When AOL put a server on IRC, suddenly the stable population of IRC
Undernet was invaded, like central Chinese by the Han to trump
rebellion: one day you're a solid majority, the next day you're a loud
minority.

Would Facebook account for the increased bandwidth?  Would they give a
billion dollars contribution to TorServers.net or would they rather
setup their own relays?  What happens to my anonymity if a major player
does lift the anonymity of the majority of users?

==
hk
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQJ8BAEBCgBmBQJUU5NGXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ3MDM3QTJCNjlFNkMxQzA1NjI4RDUzOEZE
OEU3QkQ4MDk0MUM4MjkzAAoJENjnvYCUHIKT4hEQAODxUDAdnJBx007Nn108JVe3
E/dRrcIANtpRQmiJKqKGL6d0AiqJUvy54nKJtw8/EV884uHy9V+S8Qy8UXo4azJq
rdogaeJiEieUzX4AFvjEu6Iv8sQVQAqmLWySIZVxD9YBC60H+5sGi3JZ0a01WVh8
FtHYTelqIRkIz1y7/uvwzzxdu/CWBt+B+XYRw2oo04cP59EfVfMvHWYXdWKTg+Ua
FlSqZ94KH+3wVWKwqVxNddMSRDEnMa4U8v8C+Fop0fyJqA0rRmbO+3dRu9VcZDoN
omBlb2KuMUQcowE3jMnA/zp7wMQg5plJ/ySNMM4BfXGWwfMnksEjuEQ0JwEYHO2U
8xzO7+1pmhUMYaMPkVFc1I5AUWmiSkocbXNdBtjej0oQRiT4bRn1kyQN+Qhrc82f
Ol6GCfIHc7AqXYLFeUlx6qM+jzVd9Pzq1C4JsmJ91fMvoaWkt18o76pgX5aYPDDY
04JXZtoWlgVzzshTOSpZ9Mish6cKMX5hw5jCnMSsGlIGEtHG4v8Cl/S5MD8wRSiN
OXhdYXbeZjx4US1o64gdjxpum+AuwTMak74ncNZ0EiQC+yXM0VfoKJok+KrZGtWg
hFTRZ+puncMAwYceQIeW+zZACW9qIfMtqID/He91nrKFW1mTOyb1at6M6VAzkWCF
I04z6fUD5TqS+c8FkNA+
=3h82
-END PGP SIGNATURE-
-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Facebook available as a Tor hidden service

2014-10-31 Thread Steve Weis

Facebook is now available as a Tor hidden service at this .onion address:
https://facebookcorewwwi.onion/

Blog post is here:
https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237
-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] FYI: Making Connections to Facebook more Secure

2014-10-31 Thread AntiTree

Facebook is using a wildcard for SSL. The following are a list of
domains/hosts the cert provides for. Notice the additional onion
addresses

Not Critical
DNS Name: *.facebook.com
DNS Name: facebook.com
DNS Name: *.fb.com
DNS Name: *.fbsbx.com
DNS Name: *.fbcdn.net
DNS Name: *.xx.fbcdn.net
DNS Name: *.xy.fbcdn.net
DNS Name: fb.com
DNS Name: facebookcorewwwi.onion
DNS Name: fbcdn23dssr3jqnq.onion
DNS Name: fbsbx2q4mvcl63pw.onion

I'm still wondering how one verifies ownership of a .onion domain? You
aren't going to look at the WHOIS record and send an email to the
technical contact on file or send an email to postmaster@xxx.onion. Do
large companies like FB have a fast track for getting odd requests?

On Fri, Oct 31, 2014 at 9:05 AM, AntiTree antit...@gmail.com wrote:
I find the interesting part the fact that they got a CA to sign a .onion
domain certificate. Is that normal?

On Fri, Oct 31, 2014 at 8:39 AM, Nariman Gharib nariman...@gmail.com
wrote:

That doesn't mean we can't improve yet further.

https://facebookcorewwwi.onion/

[ NOTE: link will only work in Tor-enabled browsers ]

Facebook Onion Address

Facebook's onion address provides a way to access Facebook through Tor
without losing the cryptographic protections provided by the Tor
cloud.

We decided to use SSL atop this service due in part to architectural
considerations - for example, we use the Tor daemon as a reverse proxy
into a load balancer and Facebook traffic requires the protection of
SSL over that link. As a result, we have provided an SSL certificate
which cites our onion address; this mechanism removes the Tor
Browser's SSL Certificate Warning for that onion address and
increases confidence that this service really is run by Facebook.
Issuing an SSL certificate for a Tor implementation is - in the Tor
world - a novel solution to attribute ownership of an onion address;
other solutions for attribution are ripe for consideration, but we
believe that this one provides an appropriate starting point for such
discussion.

We hope that these and other features will be useful to people who
wish to use Facebook's onion address.

Finally, we would like to extend our thanks to Ms. Runa Sandvik and to
Dr. Steven Murdoch of UCL for their kind assistance and generous
advice in the development of this project.

Alec Muffett is a Software Engineer for Security Infrastructure at
Facebook London.

SOURCE:
https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237

Re: [liberationtech] Facebook available as a Tor hidden service

2014-10-31 Thread Robert W. Gehl

I tried to login (with a fake account I maintain for just such a
purpose). Your account is temporarily locked, it says. I get that; it
appears I'm trying to login from a strange location.

To proceed, I have to ID pictures of friends. Ok, I say. But the page
with friends' photos doesn't load, probably because I have Javascript
off (common practice with the Tor Browser). Fail.

Let's say people take this seriously -- to do so, they will have to use
Javascript, which is a bad move when using Tor.

It seems to me that this would just inculcate bad security habits for
any would-be Dark Web users.

- Rob

On 10/31/2014 08:14 AM, Steve Weis wrote:
 Facebook is now available as a Tor hidden service at this .onion address:
 https://facebookcorewwwi.onion/

 Blog post is here:
 https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237




-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Facebook available as a Tor hidden service

2014-10-31 Thread Jonathan Wilkes

Hi Rob,You do know TBB's defaults regarding scripts, right? If it's a
conundrum with no easy answer for Tor devs, it's a conundrum for Facebook as
well. So please do get on Tor Talk list and criticise TBB for having an
(advised) yet non-default setting for blocking all scripts.

I understand the conundrum, and I agree that there isn't an easy answer, but
that default setting in TBB is batshit insane. It is _the_ source of the
conundrum. If script-blocking were turned on by default Facebook wouldn't even
waste time trying to design a hidden service like this.

-Jonathan

On Friday, October 31, 2014 12:13 PM, Robert W. Gehl li...@robertwgehl.org
wrote:

I tried to login (with a fake account I maintain for just such a purpose).
Your account is temporarily locked, it says. I get that; it appears I'm
trying to login from a strange location.

To proceed, I have to ID pictures of friends. Ok, I say. But the
page with friends' photos doesn't load, probably because I have
Javascript off (common practice with the Tor Browser). Fail.

Let's say people take this seriously -- to do so, they will have
to use Javascript, which is a bad move when using Tor.

It seems to me that this would just inculcate bad security habits
for any would-be Dark Web users.

- Rob

On 10/31/2014 08:14 AM, Steve Weis wrote:

Facebook is now available as a Tor hidden service at this .onion address:
https://facebookcorewwwi.onion/

Blog post is here:

https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237

--
Liberationtech is public archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.--
Liberationtech is public archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.

Re: [liberationtech] Facebook available as a Tor hidden service

2014-10-31 Thread Robert W. Gehl

Hi, Jonathan --

I do know the default, and I did change them to allow for first-party
scripts. I agree that TBB's NoScript defaults are really hard to figure
out (in comparison to NoScript in vanilla Firefox -- which admittedly is
still a complicated setup). However, I assumed that if Facebook wanted
to have a hidden service, they'd account for the fact that at the very
least third-party JS is a no-no (and many Tor users also don't want to
allow any scripts).

From what I could tell, the verification system I went to to confirm my
ID relied on third party scripts (it looked like Google scripts). It was
a system in which I had to identify pictures of friends. No pictures
loaded.

Moreover, the .onion Facebook will probably always say that the account
is locked due to logging in from a strange location, so there will be
that issue.

In the end, I don't get why FB is doing this, other than to look hip.

- Rob

On 10/31/2014 11:40 AM, Jonathan Wilkes wrote:
Hi Rob,
You do know TBB's defaults regarding scripts, right? If it's a
conundrum with no easy answer for Tor devs, it's a conundrum for
Facebook as well. So please do get on Tor Talk list and criticise TBB
for having an (advised) yet non-default setting for blocking all
scripts.

I understand the conundrum, and I agree that there isn't an easy
answer, but that default setting in TBB is batshit insane. It is
_the_ source of the conundrum. If script-blocking were turned on by
default Facebook wouldn't even waste time trying to design a hidden
service like this.

-Jonathan

On Friday, October 31, 2014 12:13 PM, Robert W. Gehl
li...@robertwgehl.org wrote:

I tried to login (with a fake account I maintain for just such a
purpose). Your account is temporarily locked, it says. I get that;
it appears I'm trying to login from a strange location.

To proceed, I have to ID pictures of friends. Ok, I say. But the page
with friends' photos doesn't load, probably because I have Javascript
off (common practice with the Tor Browser). Fail.

Let's say people take this seriously -- to do so, they will have to
use Javascript, which is a bad move when using Tor.

It seems to me that this would just inculcate bad security habits for
any would-be Dark Web users.

- Rob

On 10/31/2014 08:14 AM, Steve Weis wrote:
Facebook is now available as a Tor hidden service at this .onion address:
https://facebookcorewwwi.onion/

Blog post is here:
https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237

Re: [liberationtech] Facebook available as a Tor hidden service

2014-10-31 Thread Robert W. Gehl

Tried again, with scripts globally allowed. No change. The images that I
am supposed to identify do not load.

- Rob

On 10/31/2014 11:46 AM, Robert W. Gehl wrote:
Hi, Jonathan --

I do know the default, and I did change them to allow for first-party
scripts. I agree that TBB's NoScript defaults are really hard to
figure out (in comparison to NoScript in vanilla Firefox -- which
admittedly is still a complicated setup). However, I assumed that if
Facebook wanted to have a hidden service, they'd account for the fact
that at the very least third-party JS is a no-no (and many Tor users
also don't want to allow any scripts).

From what I could tell, the verification system I went to to confirm
my ID relied on third party scripts (it looked like Google scripts).
It was a system in which I had to identify pictures of friends. No
pictures loaded.

Moreover, the .onion Facebook will probably always say that the
account is locked due to logging in from a strange location, so
there will be that issue.

In the end, I don't get why FB is doing this, other than to look hip.

- Rob

On 10/31/2014 11:40 AM, Jonathan Wilkes wrote:
Hi Rob,
You do know TBB's defaults regarding scripts, right? If it's a
conundrum with no easy answer for Tor devs, it's a conundrum for
Facebook as well. So please do get on Tor Talk list and criticise
TBB for having an (advised) yet non-default setting for blocking
all scripts.

I understand the conundrum, and I agree that there isn't an easy
answer, but that default setting in TBB is batshit insane. It is
_the_ source of the conundrum. If script-blocking were turned on by
default Facebook wouldn't even waste time trying to design a hidden
service like this.

-Jonathan

On Friday, October 31, 2014 12:13 PM, Robert W. Gehl
li...@robertwgehl.org wrote:

I tried to login (with a fake account I maintain for just such a
purpose). Your account is temporarily locked, it says. I get that;
it appears I'm trying to login from a strange location.

To proceed, I have to ID pictures of friends. Ok, I say. But the page
with friends' photos doesn't load, probably because I have Javascript
off (common practice with the Tor Browser). Fail.

Let's say people take this seriously -- to do so, they will have to
use Javascript, which is a bad move when using Tor.

It seems to me that this would just inculcate bad security habits for
any would-be Dark Web users.

- Rob

On 10/31/2014 08:14 AM, Steve Weis wrote:
Facebook is now available as a Tor hidden service at this .onion
address:
https://facebookcorewwwi.onion/

Blog post is here:
https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237

Re: [liberationtech] Facebook available as a Tor hidden service

2014-10-31 Thread Matt Mackall

On Fri, 2014-10-31 at 10:12 -0600, Robert W. Gehl wrote:
 I tried to login (with a fake account I maintain for just such a
 purpose). Your account is temporarily locked, it says. I get that; it
 appears I'm trying to login from a strange location.

I've asked some people connected to the project about this and they want
to remind everyone that the project is evolutionary and slightly
flaky. Also the goal is that we keep the service up and accessible to
people coming from Tor but not that we avoid flagging potentially odd
user behaviour.

Facebook also lets you get past this checkpoint with two-factor
authentication. Most of FB's two-factor methods involve a de-anonymizing
SMS, but in theory Google Authenticator works totally off-line so can be
safely used here. Someone with more familiarity with Authenticator can
confirm.

-- 
Mathematics is the supreme nostalgia of our time.


-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Burkina Faso

2014-10-31 Thread Richard Brooks

Interesting article on events in Burkina Faso and
social media:

http://www.jeuneafrique.com/Article/ARTJAWEB20141031144747/
-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Facebook available as a Tor hidden service

2014-10-31 Thread Jonathan Wilkes

Hi Rob,
 I made a scathing criticism of a poor UI decision in the TBB, and it came 
out the other end of your euphemism carwash as really hard to figure out.

I have a very hard time believing you'd be as gracious in describing some 
aspect of Facebook's UI that (advises) to check some configuration box for 
enhanced security which isn't default behavior.  Furthermore, if users of 
Facebook ended up getting pwned time and again, I also doubt you'd blame the 
set of all users who fail to check that optional box.

So why is it the hidden service ops' responsibility to refrain from using 
javascript as a default design decision when the developers of the overlay 
aren't even willing to do it for TBB?  Those ops are users of the Tor overlay, 
and they are obviously catering to the TBB users who don't disable Javascript.


I don't fault you for implicitly distrusting Facebook, but it's even worse to 
implicitly soften criticism of TBB.  If you truly believe that using javascript 
with Tor is bad, then please imagine that Facebook develops and funds the TBB 
and direct your criticism and patches to TBB accordingly.


-Jonathan



On Friday, October 31, 2014 1:47 PM, Robert W. Gehl li...@robertwgehl.org 
wrote:
 


Hi, Jonathan -- 

I do know the default, and I did change them to allow for
  first-party scripts. I agree that TBB's NoScript defaults are
  really hard to figure out (in comparison to NoScript in vanilla
  Firefox -- which admittedly is still a complicated setup).
  However, I assumed that if Facebook wanted to have a hidden
  service, they'd account for the fact that at the very least
  third-party JS is a no-no (and many Tor users also don't want to
  allow any scripts). 

From what I could tell, the verification system I went to to
  confirm my ID relied on third party scripts (it looked like Google
  scripts). It was a system in which I had to identify pictures of
  friends. No pictures loaded. 

Moreover, the .onion Facebook will probably always say that the
  account is locked due to logging in from a strange location, so
  there will be that issue.

In the end, I don't get why FB is doing this, other than to look
  hip.

- Rob



On 10/31/2014 11:40 AM, Jonathan Wilkes wrote:

Hi Rob,
You do know TBB's defaults regarding scripts, right?  If it's a conundrum with 
no easy answer for Tor devs, it's a conundrum for Facebook as well.  So please 
do get on Tor Talk list and criticise TBB for having an (advised) yet 
non-default setting for blocking all scripts.

I understand the conundrum, and I agree that there isn't an easy
answer, but that default setting in TBB is batshit insane.  It
is _the_ source of the conundrum.  If script-blocking were
turned on by default Facebook wouldn't even waste time trying to
design a hidden service like this.

-Jonathan




On Friday, October 31, 2014 12:13 PM, Robert W. Gehl li...@robertwgehl.org 
wrote:
 


I tried to login (with a fake account I maintain for just such a purpose). 
Your account is temporarily locked, it says. I get that; it appears I'm 
trying to login from a strange location.

To proceed, I have to ID pictures of friends. Ok,
  I say. But the page with friends' photos doesn't
  load, probably because I have Javascript off
  (common practice with the Tor Browser). Fail.

Let's say people take this seriously -- to do so,
  they will have to use Javascript, which is a bad
  move when using Tor.

It seems to me that this would just inculcate bad
  security habits for any would-be Dark Web users.

- Rob

On 10/31/2014 08:14 AM, Steve Weis wrote:

Facebook is now available as a Tor hidden service at this .onion address:
https://facebookcorewwwi.onion/ 


Blog post is here:

https://www.facebook.com/notes/protect-the-graph/making-connections-to-facebook-more-secure/1526085754298237






-- 
Liberationtech is public  archives are searchable
on Google. Violations of list guidelines will get you
moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.






-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Stanford Liberationtech Seminar: Paul Duguid on Info Liberation on Nov6 at 4:30 pm

2014-10-31 Thread Yosem Companys

Information and Liberation

Paul DuGuid, UC Berkeley

November 6, 2014 4:30 PM - 6:00 PM

Wallenberg Hall
450 Serra Mall, Building 160
Stanford, CA 94305-2055

Open to the public. No RSVP required.

For more info, contact Kathleen Barcos kbar...@stanford.edu

ABSTRACT

We are familiar with information technology and with “liberation
technology but perhaps still need to ask ourselves to what extent
information and liberation make natural partners. This primarily
theoretical talk will explore why it is tempting to champion information
and its technologies in the cause of liberation, yet why it may also be
problematic.

SPEAKER BIO

Paul Duguid is an adjunct full professor at the School of Information at
Berkeley. In recent years he has also held visiting positions at Queen
Mary, University of London, Copenhagen Business School, the École
Polytechnique in Paris. In the 1990s, he was a consultant to senior
management at the Xerox Palo Alto Research Center (PARC). While there he
was co-author of The Social Life of Information with John Seely Brown, the
director of PARC. Recent work has focused on the multiple conceptions of
information and confusions they can give rise to.

http://fsi.stanford.edu/events/liberation-technology-seminar-series-tba
-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

Re: [liberationtech] Facebook available as a Tor hidden service

2014-10-31 Thread The Doctor

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 10/31/2014 10:46 AM, Robert W. Gehl wrote:

 In the end, I don't get why FB is doing this, other than to look
 hip.

It may raise the hair on the backs of some of our necks, but
protestors have been known to find one another and organize actions
using Facebook.  Facebook setting up a Tor hidden service would not
facilitate anonymity (perhaps pseudnonymity, if one were to set up a
dedicated FB account) but it would certainly help implement
circumvention of traffic or DNS filtering.

- -- 
The Doctor [412/724/301/703] [ZS]
Developer, Project Byzantium: http://project-byzantium.org/

PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F  DD89 3BD8 FF2B 807B 17C1
WWW: https://drwho.virtadpt.net/

On the Internet, nobody knows you're a bot.

-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJUU/UfAAoJED1np1pUQ8RkxrEP/RF0ZGEaNxXbY0rTdy6/nzXs
nIhmvpGRwZlvDTzjKDhNBqJgJhhRSve1ERMZlQAlq+nCTyFoF0roqAHs38H1UcT6
qoNyNP9i9IXjs8gTav8K3BgkTP4VCDplJ1KPE0gbRxqlVwqwPdyfYIEk7y7yf08i
GnMrKjZUcN+oy0Hslfpg5EEpQZqcsh3woGTpT4rJeSx65/nyDvcyHVkmSbXSMVZj
VuQE9Cj8RLk03m78H8ez2wmNXg00c6oSLkCmvOduPPutxaONYLwMlJL8W/U1LMxO
INPfVHGPnyFAkrCA/r2tIgMM8u7aHwAzshZmx9W8DU+QM+lr6YmSzgbPpPACEpvD
qLcXIqCGdqHo7hTfLT4FXtE7JRz+ve1jd0+EeV4ebhyObO/EuKOk7E+rnuKQQA1B
96B7dlzf2eB3CKSnxNAAUKR4BZG+Obn71UBp517GuvPfhgaqV3V96gW+78A7Dque
/srCnVwSQaBkbt+3qVJkJ0urTmjD+T40QaEr8gbfHPu1W9zoPtQp29BH21Qe20CX
+J9v7gsPo5poUlCX8xugvtCcXvYtodoF6yeBiu8J/dj6e/FO5/YVpyycvzd+/5+k
ITIfGcd2aB0Fj8lc+n1LOxtwlh70+CFr1nEMM0ljk4+SxGQgLleOWjShshokw10h
ivdM6LBrLtgPTOoGliMA
=IjSy
-END PGP SIGNATURE-
-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] Stanford WTO/Liberationtech: Jenna Burrell on Nov 3rd at 12pm

2014-10-31 Thread Yosem Companys

From: Bobbi Thomason bobb...@stanford.edu

Please join us on *Monday, November 3rd* from *12-1:15* for the next WTO
Colloquium in *Spilker 232*.

*Speaker:* Jenna Burrell, University of California at Berkeley, School of
Information

*Title:* On the Importance of Price Information to Farmers and Economists

*Abstract:* The notion that farmers use mobile phones to acquire market
price information has become a kind of shorthand for the potential of this
technology to empower rural, low-income populations in the Global South. In
this talk, I will touch upon some recent projects I've undertake with
collaborators Janaki Srinivasan and Elisa Oreglia that interrogate and
complicate this simple formulation. This work considers the translation of
‘market prices’ from neoclassical economic model, to development policy
truism, to application in technological system building. Yet, the
technological systems that often result, called market information systems
or MIS, frequently fail to gain users or affect prices or profits in the
ways that have been promised. Our ethnographic work among fishers in
Kerala, India, on Lake Victoria in Uganda, and farmers in Northern rural
China surfaces counter-narratives about mobile phones (and market price)
that could explain why.


*Bobbi Thomason* | Stanford University
Center for Work, Technology  Organization
Department of Management Science  Engineering
215.510.4856 | bobb...@stanford.edu
-- 
Liberationtech is public  archives are searchable on Google. Violations of 
list guidelines will get you moderated: 
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, 
change to digest, or change password by emailing moderator at 
compa...@stanford.edu.

[liberationtech] OpenUp Corporate Data while Protecting Privacy - Open Up?

2014-10-31 Thread Yosem Companys

OPENUP CORPORATE DATA WHILE PROTECTING PRIVACY

October 31st, 2014

*Stefaan G. Verhulst* http://thegovlab.org/about/team/stefaan-verhulst/
and *David Sangokoya* http://thegovlab.org/about/team/, The GovLab, New
York University

Consider a few numbers: By the end of 2014, the number of mobile phone
subscriptions
http://www.itu.int/net/pressoffice/press_releases/2014/23.aspx worldwide
is expected to reach 7 billion, nearly equal to the world’s population. More
than 1.82 billion people
http://www.statista.com/statistics/278414/number-of-worldwide-social-network-users/communicate
on some form of social network, and almost 14 billion sensor-laden everyday
objects http://www.emc.com/about/news/press/2014/20140409-01.htm(trucks,
health monitors, GPS devices, refrigerators, etc.) are now connected and
communicating over the Internet, creating a steady stream of real-time,
machine-generated data.

Much of the data generated by these devices is today controlled by
corporations. These companies are in effect “owners” of terabytes of data
and metadata. Companies use this data to aggregate, analyze, and track
individual preferences, provide more targeted consumer experiences, and add
value to the corporate bottom line.

At the same time, even as we witness a rapid “datafication” of the global
economy, access to data is emerging as an increasingly critical issue,
essential to addressing many of our most important social, economic, and
political challenges. While the rise of the Open Data movement has opened
up over a million datasets around the world, much of this openness is
limited to government (and, to a lesser extent, scientific) data. Access to
corporate data remains extremely limited. This is a lost opportunity. If
corporate data—in the form of Web clicks, tweets, online purchases, sensor
data, call data records, etc.—were made available in a de-identified and
aggregated manner, researchers, public interest organizations, and third
parties would gain greater insights on patterns and trends that could help
inform better policies and lead to greater public good (including combatting
Ebola
http://www.economist.com/news/leaders/21627623-mobile-phone-records-are-invaluable-tool-combat-ebola-they-should-be-made-available
).

Corporate data sharing holds tremendous promise. But its potential—and
limitations—are also poorly understood. In what follows, we share early
findings of our efforts to map this emerging open data frontier, along with
a set of reflections on how to safeguard privacy and other citizen and
consumer rights while sharing. Understanding the practice of shared
corporate data—and assessing the associated risks—is an essential step in
increasing access to socially valuable data held by businesses today. This
is a challenge certainly worth exploring during the forthcoming OpenUp
conference http://www.openup2014.org/!

*Understanding and classifying current corporate data sharing practices*

Corporate data sharing remains very much a fledgling field. There has been
little rigorous analysis of different ways or impacts of sharing.
Nonetheless, our initial mapping of the landscape suggests there have been
six main categories of activity—i.e., ways of sharing—to date:

*1. Research partnerships,* in which corporations share data with
universities and other research organizations. Through partnerships with
corporate data providers, several researchers organizations are conducting
experiments using de-identification and aggregated samples of consumer
datasets and other sources of data to analyze social trends. For instance,
Safaricom, one of Kenya’s leading mobile companies, shared a year of
de-identified phone data with Harvard researchers to analyze and map how
migration patterns contributed to the spread of malaria in Kenya
http://www.hsph.harvard.edu/news/press-releases/cell-phone-data-malaria/.

*2. Prizes and challenges,* in which companies make data available to
qualified applicants—including civil hackers, pro bono data scientists and
other expert users—who compete to develop new apps or discover innovative
uses for the data. Last year, Spain’s regional bank BBVA hosted a contest
http://www.centrodeinnovacionbbva.com/innovachallenge/inicio inviting
developers to create applications, services, and content based on anonymous
card transaction data. The first prize went to an application called Qkly
http://www.centrodeinnovacionbbva.com/en/innovachallenge/michele-trevisiol-oscar-marin-and-alejandro-hernandez,
which helps users manage time by estimating what time of day a given site
or destination will be most overcrowded (thus helping users, for example,
avoid lines).

*3. Trusted intermediaries,* where companies share data with a limited
number of known partners for analysis, modeling, and other value chain
activities. For example, companies from the consumer packaged goods,
retail, and over-the-counter health care industries often share data with
firms such as Information Resources, Inc. (IRI), a data

[liberationtech] Show Me Your Dashboard - Digital Methods Winter School 2015 - Univ. of Amsterdam

[liberationtech] FYI: Making Connections to Facebook more Secure

Re: [liberationtech] FYI: Making Connections to Facebook more Secure

Re: [liberationtech] FYI: Making Connections to Facebook more Secure

[liberationtech] Facebook available as a Tor hidden service

Re: [liberationtech] FYI: Making Connections to Facebook more Secure

Re: [liberationtech] Facebook available as a Tor hidden service

Re: [liberationtech] Facebook available as a Tor hidden service

Re: [liberationtech] Facebook available as a Tor hidden service

Re: [liberationtech] Facebook available as a Tor hidden service

Re: [liberationtech] Facebook available as a Tor hidden service

[liberationtech] Burkina Faso

Re: [liberationtech] Facebook available as a Tor hidden service

[liberationtech] Stanford Liberationtech Seminar: Paul Duguid on Info Liberation on Nov6 at 4:30 pm

Re: [liberationtech] Facebook available as a Tor hidden service

[liberationtech] Stanford WTO/Liberationtech: Jenna Burrell on Nov 3rd at 12pm

[liberationtech] OpenUp Corporate Data while Protecting Privacy - Open Up?

17 matches

Site Navigation

Mail list logo

Footer information