Facebook Privacy Check-up

The New York Times reported the other day that Facebook is offering a "privacy check-up" to subscribers. Apparently the growth of privacy-friendly services such as SnapChat and WhatsApp has caught the attention of Mr. Zuckerberg. Facebook is acquiring WhatsApp this year, according to the Times article. But Snapchat has a strong privacy policy, where they delete "snaps" from their servers and from users' devices once viewed. Snapchat allows users to more easily control what information the service collects and to control with whom they share information on the site (read the privacy policy).

WhatsApp, a "cross-platform mobile messaging app which allows you to exchange messages without having to pay for SMS," does not fund its service through advertisements that depend on user information. (Read "Why we don't sell ads"). It appears to be free for the first year (at least on the versions I checked), and then 99 cents a year thereafter. WhatsApp's privacy policy is contained in their "legal" or Terms of Service. It appears at the bottom of the page. They make the information clear, easy to understand, and easy to control. They also take some pretty good steps to secure the information users do send them against hacking. The policy includes a warning "in the event of merger, sale or bankruptcy" that the policy may change.

However, the Times article makes it sound as though Zuckerberg is seeing some financial benefit in making it easier for users to control the ways his company/companies collect and use their personal information. Both because European laws regulate this much more closely than the U.S. and because consumer pressure is building for more consumer control in this area, the article makes it sound as though Facebook and Zuckerberg are becoming privacy converts. Time will tell if they stay converted!

The image decorating this blog post is the WhatsApp logo from their home page.

Hiawatha Bray on Computer Security in the Wake of Heartbleed

I keep meaning to post about an excellent column by the Boston Globe technology columnist, Hiawatha Bray on May 1. "After Heartbleed, Change the Locks," is partly a sympathetic note to all of us who are tearing our hair out, or maybe just apathetically groaning, at the news that we must change all of our passwords because of this new security breach!! But it also is a much more useful, step-by-step explanation of different levels of security. In part, Bray discusses why passwords are just NOT doing it for us as security.

But passwords are pretty much what most of us are stuck with. Most of us don't yet have fingerprint or iris scan technology. So,... Bray explains that the best way to deal with passwords is two-factor authentication. Actually, Bray's explanation is not the clearest. What his column does very nicely is scan the current state of security options, and review them. Very nice and handy!

Two-factor authentication typically requires something you know (i.e., a password) PLUS something you own (for instance an ATM card or cell phone. That way, even if a clever hacker figures out or steals your password, it is exceedingly unlikely that they will also have your cell phone or ATM card. (Here is a link to Google's set up two-step authentication link for Android Phones, as an example) and a general Google Two-Step explanation. This Lifehacker post includes a long list of links for a number of social networks and other services that now offer two-factor authentication.

Two-step can work with another combination, as well, such as a printed list of codes. You use each code once, and mark it off each time you use it. Those codes are used in combination with your password, so again, it is a combination of something you KNOW and something you HAVE. So long as you keep the thing you KNOW (password, computer with passwords saved as cookies, or PIN) separate from the thing you HAVE (phone, ATM card, list of codes), this is a very secure way to access online data. So, for instance, don't copy your PIN number on your ATM card!

I previously posted about two-step authentication here before. See....

Library Services I Wish I Had Thought of!

Napping Stations!

The Chronicle of Higher Education breathlessly reports that the University of Michigan has installed napping stations where students are encouraged to nap for half-hour blocks under staff supervision on vinyl cots. They offer small lockers to store belongings, and disinfectant wipes to clean the cots and the pillows have disposable pillow cases.

Much better than the sofas scattered around libraries, unsupervised where students have drooled for generations, and slept with their belongings at risk of looting!

Not only that, but a single student could monopolize the sleep surface for hours!

How wasteful is that?!

Enhanced E-books May Finally be Hitting Their Stride

After several years of floundering with technology that publishers seemed not to really know what to do with, there may be some authors with strong visions of what enhanced e-books (EEBs) could really bring beyond the world of print and the bland digital facsimiles we have seen so far. I was thrilled to read the article in this week's Chronicle of Higher Education's Digital Campus magazine, "What Enhanced E-books Can Do for Scholarly Authors." Biblical scholar Jacob Wright explains in the article how he used the format for his new book, David, King of Israel, and Caleb in Biblical Memory. The book is being issued in traditional print, conventional e-book and enhanced e-book formats.

According to Wright, print and conventional e-books are limited to "...two layers: the main body and a thin stratum of footnotes and endnotes." He uses the eeb format to add multiple narratives that readers can select among, allowing him to address varying audiences with the same publication. Wright compares the design, actually, to that of Daniel Bomberg's 1523 design for Talmud editions, with a running source text at the center, with an array of commentaries surrounding it.

Wright comments that the opportunity thus opens up for academics to appeal in a single publication to scholars in their own discipline, explaining in full detail how they researched and came to their conclusions. But at the same time, they can appeal to non-specialists who may be interested in the topic on a less technical level. For instance, he mentions the ability to include links to maps, video clips, images as well as icons leading specialists to lengthy quotes from sources that would be unpalatable to lay readers. While scholars like footnotes for ease of consultation, publishers prefer endnotes to avoid breaking up the flow of text and intimidating potential readers. Icons or links to references avoid the debate, and please both parties. An author can include as many references, in as much detail as needed for the scholars, without distracting or driving away the non-professional crowd. References appear in a window which can be scrolled. If you go to the online version of the Chronicle article, in particular, you can see some very beautiful illustrations and interesting in-sets from this book, which give you an appreciation for what Wright has added, visually, at least to the text. I have to say, though, that some parts of the illustrations for this article reminded me a bit of Encarta...

The end of the article includes a brief survey and review by Wright of his own efforts to find a program to build an enhanced e-book. He settled on the free app from Apple, iBooks Author. It is a very interesting and exciting article, not least because Wright really opens up the idea of what an enhanced e-book might be.

If you use iBooks Author, be careful of the license - I pulled up an Information Week article from 2012 complaining about the iBook Author license, and warning that Apple claims the sole right to sell any publications created with their free software unless they give a written authorization otherwise. This may have changed since it is apparent that Wright's book is being published by Cambridge University Press. Or the press and author may have negotiated a written agreement with Apple at the beginning of their work. In February, 2012, Apple clarified this to explain that only materials published with the .ibooks suffix are covered by this claim. If you publish as a .text or .pdf file, that EULA clause does not affect you.

Here is an article about enhanced e-books with a handy review of several platforms for creating enhanced e-books. It seems quite apparent that the Apple is by far the best and most robust. The article also is helpful in thinking about the various enhancements that are available and what is and is not a real enhancement. When you look at a Publisher's Weekly article from a year ago about Harper Collins' EEB collection, you can begin to understand why the tradebook EEBs have not been big successes. They added video interviews of an author, and audio excerpts. To me that does not seem like it is reaching the potential of the format at all! It is possible that trade books just are not the right area for enhanced e-books, and that until you get to a scholarly publication with the possibility of becoming a cross-over book of interest to a wider public, there is not a real application. Does anybody remember a year or two ago when they brought out this e-book, Chopsticks? That actually seems to have been fairly successful, though I don't know that it's been duplicated with another successful EEB tradebook. Anybody know?

The image decorating this post is from Wright's book on King David, reproduced from the Chronicle. article.

Senator Warren's Autobiography to be Published

Jill Lepore's review of Senator Elizabeth Warren's new autobiography, A Fighting Chance, in the current issue of the New Yorker, makes for fascinating reading.  Lepore compares Warren's book with Louis Brandeis's Other People's Money and How the Bankers Use It, which was published in 1914.  "Brandeis was concerned with Gilded Age plutocrats' use of people's bank savings to build giant, monopolistic conglomerates answerable not to the people but to shareholders."  The writings of the future Supreme Court Justice, well known for his "ability to enlist data in the service of a legal argument," which came to be known as the "Brandeis brief," were instrumental in the effort to reform antitrust law and regulate the financial industry.  Lepore argues that these reforms "in the middle decades of the [twentieth] century, made possible the growth of the middle class."

Unlike Brandeis, who focused on saving and monopolies, Warren focuses on borrowing and debt.  She is concerned about the collapse of the middle class.  Warren blames the rise in personal bankruptcy on credit card companies that "lured borrowers in with 'teaser rates,'" and on mortgage companies that sold "'mortgage products,' with low down payments, ballooning rates, and prepayment penalties."  After home prices skyrocketed and then plummeted, the middle class was left holding the bag.  Brandeis and Warren share the Progressive distrust of "legislatures and courts that have allowed the nation's social and economic policies to be made by corporations and bankers."

Warren shares some of her compelling personal story with her readers.  One vignette to which I could easily relate occurred in 1978.  Warren was holding her baby son on her hip trying to calm him down, while frying pork chops and keeping one eye on her daughter, who was coloring on the floor.  In the midst of this controlled chaos, she received a call from the University of Houston Law Center about a possible teaching position.  Somehow she made it through the conversation and got the job, the start of her academic career.

Like Brandeis, who worked to abolish child labor and to establish maximum-hour and minimum-wage laws for men and women, Warren is concerned about women, in particular "the unintended economic consequences that arise when women rearing children enter the paid labor force ... earning money has made women who are mothers more economically vulnerable, not less."  The two-income family has been hard hit--with two wage earners and low down payment requirements, middle-class families assumed larger mortgages than they could afford.  If one wage earner loses a job and the family is forced to live on one income, bankruptcy is the almost inevitable result.  The situation is aggravated if the family includes children.

A Fighting Chance will be published next week.  Warren denies that she is planning to challenge Hillary Rodham Clinton for the Democratic presidential nomination, but the publication of her autobiography is fueling the rumor machine.

Internet Security Alert: Heartbleed

OOTJ readers may already have read about Heartbleed, the newest Internet security problem. But just in case you have not heard about this, here is your heads up. The Boston Globe today offered an article by Hiawatha Bray, their wonderful tech columnist, who concludes that "The Heartbleed scare is as bad as it sounds."

Heartbleed is a security glitch at the heart of the security of the Internet, that came about through sloppy coding, in an update of the OSSL software that provides the encryption for about two thirds of Internet sites worldwide. Encryption means the software that scrambles your data as it leaves your computer so it travels safely over the Internet. Only the target network should be able to decrypt the data you sent. So, if you are buying something from an Internet vendor, you send your name, address, credit card number over the web, feeling secure with that https:// in front of the URL. That is what the additional "s" is telling you - that the information is being decrypted between your computer and theirs, for secure transactions.

But a little bit of bad code (OSSL is Open Source, collaboratively coded), in 2012 (!) introduced a serious security lapse in how OSSL has been working. The "secure" data stored at the OSSL-secured servers can be searched and retrieved by hackers. Somebody at Google and at a Finnish security company discovered the problem and announced it this past Monday. A security researcher, for instance, was able to retrieve a name and password from Yahoo mail. Hiawatha Bray did a little checking:

Yahoo says it has fixed the problem on its servers. Meanwhile, other major Internet companies are also offering reassurances. I pinged Amazon.com, Facebook, tax preparation company Intuit Inc., and the Internal Revenue Service. All replied that their computers are not vulnerable to the Heartbleed problem.

He then points out that nobody has reported that their bank accounts have been emptied over the past two years while Heartbleed was laying out there waiting to be exploited. On the other hand, Bray also notes that spy agencies like the NSA or China's Ministry of State Security could have been using Heartbleed as a backdoor for some time and nobody would know. Unlike other hacking access points, Heartbleed leaves no marks!

So, the recommendations of security experts? For at least a few days until the Heartbleed code problem is repaired and replaced at all relevant websites,

1. Do not do any shopping or enter personal information on websites.
2. Wait a few days for Heartbleed to be repaired, then change all your passwords, at least for websites that collect personal information, and
3. Remove all the cookies from your computer, at least the ones for websites that collect personal information.

Image of the bleeding heart flowers is from the Wikimedia Commons, a photo by Pharaoh Hound, who posted it under the the Creative Commons Attribution-ShareAlike 3.0 License. The photo is of the flowers of a pink Bleeding Heart (Dicentra spectabilis)- I couldn't bear to put up the more anatomical bleeding hearts I found out there! Thank you, Pharaoh Hound!

The Laptop Debate Continues

Faculty members in all disciplines have debated for years whether students who use their laptops during class actually benefit.  Some claim that permitting laptops in Internet-enabled classrooms leads to students distracting themselves with Facebook, email, Twitter, etc., rather than focusing on the lecture or discussion.  I once visited an adjunct professor's class, and figured out that around 60% of the students were not using their laptops to take notes or do anything else related to that class.  When I mentioned this to the professor, he was surprised, thinking that all the clicking of keys meant that students were taking copious notes.  This was not the case.  The ease of distraction has led some professors to switch off Internet access altogether during their classes, which has always seemed rather paternalistic to me.  Law students are adults, and should be permitted to make their own decisions, even if the decisions are poor.  The other concern about laptops in the classroom is that students, instead of participating in the class, become scribes who take down every word that is said and do not retain anything they hear. 

When I was a student, I always found that I learned best by taking copious notes by hand.  I even chose my bar review course because it didn't have a lot of printed materials, but required students to attend lectures and take notes.  Something about taking down the information by hand seemed to help me retain it.  It wasn't just taking notes in class that helped me; I also went through my notes after the class and amplified and organized them.  It was the only way I could truly master the material. 

A recent article in the Chronicle of Higher Education presents a study done by two researchers on students' note-taking preferences and supports those who believe that laptops are more hindrance to learning than help.  The researchers found that laptop users took more than twice as many notes as students who wrote longhand, but that "While more notes are beneficial, at least to a point, if the notes are taken indiscriminately or by mindless transcribing content ... the benefit disappears." These findings will be published soon in an article entitled "The Pen Is Mightier Than the Keyboard:  Advantages of Longhand Over Laptop Note-taking," in the journal Psychological Science.  This article is sure to fuel the ongoing debate over laptops in the classroom.

Dropbox terms of service: now requires arbitration

Dear friends: if you use Dropbox, which is a a fabulous free cloud storage service, you may want to pay attention. Today is the first day to opt out of their new term. They are beginning to assume all users agree to a clause that requires they submit all claims to arbitration, unless you opt out during this short (30 day) period.

To opt out, if you already have a subscription, sign in, and select "Privacy" as a link near the bottom left of your home screen, right next to "Help." When you click on "Privacy," it defaults to show you "Privacy Policy," but there are other tabs. Select instead "Terms of Service," the left-most tab. You have to scroll down this page a way, down below "Copyright" and "Termination" and "Limitation of Liability" to find "Resolving Disputes." This is the one you want!

The third paragraph talks about "Opt-out of Agreement to Arbitrate," and gives you a simple hyperlink to click on to do so. You only have to fill in your name as registered with Dropbox to complete the process.

You can read the plain English terms they have there explaining their arbitration agreement. It makes it sound nice and friendly and very attractive. You might note, however, that you are also agreeing that you may not bring any class action, and that if the arbitration fails, you have to bring your suit in San Francisco, California, unless it's a small claims action.

The reason I am opting out of arbitration without a second thought is an article written by my colleagues here at Suffolk about shrink-wrap and click arbitration clauses. These assume you have agreed to binding arbitration to solve disagreements with online service providers, software developers, etc., by unwrapping your package or by subscribing to the service. Dropbox's terms are not too abusive, compared with some of the agreements discussed in my colleagues' article, but it was enough to make me think very hard about agreeing to any sort of forced arbitration clause!

Read:
Rustad, Buckingham, D'Angelo and Durlacher, An Empirical Study of Predispute Mandatory Arbitration Clauses in Social Media Terms of Service Contracts

and for a briefer introduction, see Michael Rustad's blog post at ContractsProf Blog, Michael Rustad on Reforming Wrap Contracts (Nov. 21, 2013).

Virtual Museum Tours!

Google is teaming up with various art museums to create the Google Art Project/Google Cultural Institute. The effort also includes "world wonders" -- world heritage sites of the modern and ancient world. Google comes in with the same technology used to produce Google Streetview, mounted, not on a car, but on a trolley. This came to my attention when the Boston Globe ran a story about one of our local museums, the Isabella Stewart Gardener Museum mounting the first-in-New-England virtual tour of their collection. Boston calls itself the Hub (which means Hub of the Universe), and we in New England know that First in New England means first of importance from the Boston point of view...

That said, there are a few other notable museums and sites that are also in the Google Art Project/Cultural Institute, so you will enjoy visiting the site for more than just the charming collection of the Gardner Museum. Isabella Stewart Gardner was a rebel socialite at the turn of the 20th century in Boston, so you can imagine that she was a strong personality. She was much talked about in her own lifetime and continues to be a big figure in Boston lore. She was also a friend of major artists and intellectuals and a major art collector and patron. Her will lays out a remarkable number of rules for continuing her home and collection as a museum, including maintaining the house and collection as she owned it, and free admission to anybody named Isabella. It really is a fun museum because it's in a charming house, with a sunlit, roofed conservatory garden, and a distinctive collection.

More entertainingly still, two days after the Globe article on the Gardner virtual tour appeared, the retired curator of the fabulous Museum of Bad Art (MOBA), wrote a letter to the Globe. The Museum of Bad Art really is a hoot. I have visited and it's fun and very interesting. Many of the works are so bad that they run around the circle of taste into good. MOBA is housed in two places: the basement of Dedham Community Theater and the basement of Sommerville Movie Theater in Davis Square (the branch I visited). The letter so far only appears in the print version, which makes me sad. I reproduce it here:

Gardner museum follows in footsteps of the greats
Upon Reading the headline "Gardner 1st museum in N.E. to offer virtual walk-through" in Wednesday's Globe, I spit my morning coffee all over the front page.

As any student of art histroy should know, the Museum of Bad Art (MOBA) pioneered the concept of a virtual art gallery nearly 20 years ago with The Virtual Museum of Bad Art CD-ROM. We're certain that our colleagues at the Gardner Museum would be the first to admit that their impressive new virtual museum owes a debt tot he technological trailblazing of MOBA so many years ago.

In the time of Windows 3.1, floppy disks, and AOL dial-up Internet, the MOBA Virtual Museum not only captured the entire MOBA art collec tion but took you behind the scenes to the offices, the gift shop, the rest rooms, and all the other essential facilities of a modern art museum.

Despite its primitive 1995 technology, the Virtual Museum of Bad Art has withstood the test of time. Even today, by anyone's standards MOBA's Virtual Museum is still clearly very bad.

In the words of one reviewer in 1995 -- "a complete waste of plastic." Jerry Reilly Newton.

Somehow I doubt that we'll see the MOBA in Google's project any time soon. So, if you are ever in Boston, try to make time for a visit. It makes a nice evening out together with a movie!

The image is of Isabella Stewart Gardner, a portrait by Zorn Alexander painted in 1894 in Venice, from the Gardner collection. I chose it over the more staid portrait by the better-known John Singer Sargent because I think it better illustrates the zest Mrs. Jack brought to life, and why she shook Boston up.

Happy Pi Day! Get your geek on.

Happy Pi Day, folks! You can listen to the charming Pi Song, which tells some history about Pi, to the tune of Bye, Bye Miss American Pie. There are a number of competing versions and other Pi Day songs out there.

Of course, you can do what we are doing -- make a pie to eat in honor of the infinite number! Sadly, our pie will be quite finite. Even if we keep dividing it, we will just come to crumbs in the end.

So, reach deep for your inner nerd, and enjoy Pi Day! It's not over yet. 3.14159265... or as Indiana legislators once nearly passed into law, 3.2 (1897 House bill 246, thankfully sidelined by a Purdue professor Waldo who was in the state capital and heard the debates). I had heard of other state legislatures messing around with bills defining Pi, but it appears that these stories may be apocryphal.

Pi is weird enough on its own.

The image of multiple, yummy and creatively decorated Pi Day pies, is credited to djwtwo/flickr/CC BY-NC-SA at Science Friday