Tuesday, April 30, 2013

Domain Name Rush Following Boston Bombing

Dear OOTJers,
       I was amazed, fascinated and a good bit appalled to read about the rush on Internet domain names in the wake of the bombing here in Boston.  There was a brief article in the Boston Globe, and I also found a longer article at a blog run by Time magazine. This one includes a screen shot of the various domain names, and details on how much they paid. Apparently, there are "speculators" who buy domain names with the idea of selling to another, at a higher price. The Globe article mentions that some folks are making a living at this -- though both articles stress that domain names linked to current events have a short shelf life in public interest.  Thus, speculators for these names are unlikely to make much or any money.

Both writers mentioned the distaste or poor taste factor that will certainly turn some people off. They note that there are a number of reasons, some charitable, for registering a domain name related to the Boston Bombing. In fact, the Globe article mentions several people who have  bought domain names with the idea of using them for a charity.  But it also mentions others who register domain names with plans to set up fraudulent charities. For now, I recommend sticking with the official One Fund.

Boston strong, and many thanks to all who are sending good wishes and aid for the bombing victims and shell-shocked Boston!

Saturday, April 27, 2013

Living Social Hack and AP Twitter Account Hacked

The website, LivingSocial, a daily deals site, was hacked late yesterday.  The original report came from AllThingsD.com, and includes the text of an e-mail the CEO sent to staff and now the public. No credit card data or merchant financial information was accessed, which must mean that they stored them on a separate server.  The cyberattack affected 50 million users (all users except those in Korea, Thailand, Indonesia and the Phillipines, which use different services with separate servers).  The attackers netted millions of user names, birthdates, e-mail and passwords.

The website now greets users with an announcement of the attack, and recommendation that users change their passwords.  The announcement notes that passwords are coded, and the CEO's e-mail says they have been "hashed and salted."  This mean they use an algorithm to code, or "hash" the passwords. Salting means that each user who uses the same password would have their password "hashed" into a different coded version.  However, those with passwords which are too easy may make it easy for the hackers to guess, since the hashing algorithm is known.  Hackers can use an online dictionary and a computer to try to guess multiple passwords in just a few seconds.  But because multiple passwords set to "password" would each have a different hashed version, the hackers will have to devote considerably more time to cracking passwords.

CNN Money Tech reports that a different cyberattack on the Twitter account of the Associated Press.  The hackers in that case planted a false report that President Obama had been injured in two explosions at the White House.   AP suspended their Twitter account, with an announcement that the report was false. However, the attack shows up security weaknesses with Twitter, which had been discussed for some time by security analysts with concern.  Apparently, unlike Facebook and Dropbox, among other sites which offer the option, Twitter does not yet require a "two-step authentication" process.

A two-step authentication, done properly, requires a combination of two out of three types of information:
1.  Who you are (physical ID for instance, or fingerprint scan or facial recognition now on many laptops)
2. What you have (a gadget that generates a code, or a one-time password provided in a list by the website for users, for instance),
3.  What you know (passwords, mother's maiden name for a security question, for example)

For instance, a good two-step authentication procedure might require not only your password, but also an individually created key, which might be stored only on a user's phone. The user sends the secret key along with their password.  A lower tech alternative to the gadget code is the list of passwords provided separately to users. A user would input one of the codes and mark it off the list.  When a user runs low on the number of provided by the website, they request a new list.  As long as the two items are received within a short time (approximately 30 seconds), the system will accept the combination log-in.  The CNN article notes that Twitter had advertised for engineers to develop a two-step security process, but apparently this has not yet been implemented.

Another hack previously compromised Fox News' Twitter account. In that case, the hacked tweet was that President Obama had been assassinated. The recent fake tweet actually caused a brief downturn in the stockmarket. According to the CNN report,  Twitter's response to these and various other hacks on corporate Twitter accounts has been to urge more care.  What they need is to implement better security.

The decoration for this post is from Wikipedia, which notes it was designed in the late 1990's by Dagmar D'Surreal, as a logo for the PhreakNIC annual conference in Nashville, Tennessee. Many thanks to my son, Joe McKenzie, for technical explanations made easy.

Thursday, April 25, 2013

National Library of Scotland to Hire a Wikipedian

The BBC reports that the National Library of Scotland is planning to hire a Wikipedian, to help move materials from their collection into Wikipedia, and to help their patrons learn how to use the online encyclopedia.  They mention in the report that the British Library hired its "first" Wikipedian in May, 2012.  I wonder if other major libraries have done this?

Tip of the OOTJ hat to my friend and colleague Roy Balleste, for pointing out the article to me.

The Power of Words: "Act of Terror"

When President Obama used the phrase "Act of Terror" to describe the Boston bombing, the business people shuddered.  Those whose windows were blown out, whose stores and restaurants were damaged, who lost a week's worth of food and customers to the area being closed as a crime scene are hoping that their insurance will help them bear the costs.  But since 9/11, insurance policies have contained a careful exclusion for Acts of Terror.  So, politicians and other speakers who use what seems like a simple phrase to describe the despicable acts have sent shivers through the Boylston - Copley Square business community.  The designation will be set, or not, by federal agencies. But for now, the insurance adjustors are trickling in to assess damage and begin the process of setting reimbursement rates.  As affected businesses reopen, they are keeping their fingers crossed that their coverage won't be scotched by what might otherwise seem like the most obvious statement in the world.

The image decorating this blog post was published at Newstimes.com, at http://www.newstimes.com/news/article/Boston-Marathon-finish-line-area-reopens-4459194.php and was there credited to  David L. Ryan of the Associated Press. The caption reads
The sculpture of the painter Copley gets washed down by Donald Ware an employee of Boston Parks and Recreation on Boylston Street on Tuesday, April 23, 2013 in Boston. The area near the Boston Marathon finish line where two bombs killed three people is slowly coming back to life. Authorities have yet to re-open all of Boylston Street, but Boston police on Tuesday morning allowed traffic and pedestrians to cross Boylston on Clarendon Street for the first time since the Patriots' Day bombings.
There were many images in the local press of workers in hazmat suits washing down the area, working to clean away blood and bomb debris before the area could re-open.

Wednesday, April 24, 2013

Recognition: Better Late than Never and Better Little than Nothing

Two New England states have interesting laws that are somewhat related in that they recognize groups that formerly (or currently) had no legal status.  New Hampshire has a bill (SB 187) moving through its legislature that very belatedly frees slaves who had petitioned the state government for emancipation.  A group of slaves who were fighting in the Revolutionary War wrote an eloquent plea to the state legislature requesting that they be freed:
... freedom is an inherent right of the human species not to be surrendered, but by consent, for the sake of social life. ... Here we can read with others, of this knowledge slavery cannot wholly deprive us.  Here we know that we ought to be free agents! Here we feel the dignity of human nature. . . . Here we feel a just equality.
Sad to say, the New Hampshire House voted to table the petition and to revisit it at another time,  saying that
The House is not ripe for a ­determination in this matter: Therefore ordered that the further consideration and determination be postponed till a more convenient opportunity.
The time is apparently ripe now.  The story in the  Boston Globe  mentions that five of the original group were emancipated by their owners, but the others died enslaved.  The Globe article reports that the bill began when local historian Valerie Cunningham discovered the story reported on the front page a 1779 New Hampshire Gazette, and included it in her book, Black Portsmouth.

The other bill that caught my attention was a Connecticut bill, HB 6690, that provides animal advocates in abuse cases. Interesting testimony in an April 5, 2013 hearing on the bill here. The Boston Globe carried a brief article on the matter here. The article discusses, but the hearing has far more detail on the way the bill is tied to studies showing that mass murderers so often begin with cruelty to animals.  It is sometimes difficult reading, but shows how similar bills might progress. The sponsoring representative, Diana Urban, notes what a problem it is to prosecute such cases, and how often the charges are essentially dropped.
The animal rights poster decorating this blog post come from a helpful blog post at The Truth Syndicate. a series of posts listing animal rights laws across the U.S.  The first image is a well-known poster from the abolitionist movement.  According to Wikipedia, it actually comes from a medallion that was designed for the abolition movement in Britain, by Josiah Wedgewood. 

Saturday, April 20, 2013

Life in Boston After the Marathon Bombing

Just an impressionistic little essay here, about how it has been to be living in Boston over the past week or so.  I am hugely grateful and amazed at the number of e-mails I have received from colleagues who wanted to know that I and my family were safe.  Thank you for thinking of us!

My family lives outside Boston itself, in the adjoining town of Milton.  We were quite to the periphery of the action.  However, you might like to know that the NELLCO board meeting that was scheduled for Friday was cancelled because of the lockdown.  I had assumed it was running, and had been puzzling over how to get there with public transit shut down and no taxis.  But that morning, Tracy Thompson e-mailed the folks on the board that the meeting was cancelled, and offering assistance in getting out of Boston.  The handful of out-of-towners who had driven their cars into Boston for a pre-meeting on Thursday went above and beyond, helping the other out-of-towners who were stranded by the shut-down of all public transit.  These kind colleagues often drove our friends all the way home, or at least to a public transit station that was open and operating outside of Boston's ambit.

Universities all across Boston, including my own Suffolk, were closed as part of the governor's lock-down order.  Students were urged to shelter-in-place and stay safe. Businesses throughout Boston were closed, with a few exceptions, such as hospitals, a few gas stations, and very few restaurants.  There are many photos in the newspaper today of empty streets yesterday, that normally would have been bustling.  Thousands of police officers from across Massachusetts and out of state descended onto Cambridge and Watertown for a massive man-hunt, going door-to-door.  I was interested to hear that officials requested Dunkin Donuts to stay open to supply the officers with coffee and hot food (nobody was willing to say, doughnuts!)  A number of restaurants sent donated food to the police as well.

As everybody knows who followed this case on the Internet or TV, the first suspect was killed in a blazing gun battle.  The second suspect, his brother, ran over the first with their car-jacked vehicle in escaping that battle.  In the early hours of April 20, the second suspect was located, hiding in a boat, that had been covered with a tarp for the winter.  This was in a backyard just outside of the zone where the police conducted house-to-house searches.

In the Boston Globe this morning, there is a full page ad from a kitchen cabinet company:
Don't #@$% with Boston!

The ad goes on to state that the company will donate 100% of their profits from any sales today to the Governor's One Fund, set up to provide support to the victims of the Bombing.   I bet they sell a lot of cabinets today! 


Thursday, April 18, 2013

Crowdsourcing the Boston Bombing Investigation

An article in today's Boston Globe explains how the FBI and other criminal investigators are calling on those who were at the Marathon, near the finish line, to share their photos and videos.  Not only that, but because they are getting thousands of images to sift through, they are also asking the public's help in looking at the images. 

Photos and video clips are being uploaded to 4chan's Imgur.com where visitors can scan them looking for suspicious images.  There is then a Reddit newsgroup, Find Boston Bombers forum, is also active in sorting images. The hosts of the Reddit group were aware of concerns that innocent people captured in these photos could be wrongly targeted, or that there could be vigilante justice.  They said that any clues marked by interested members are being forwarded as tips to federal investigators.

On the day of the bombing, early news reports mentioned both the FBI and ATF as turning up for the investigation.  There are, of course, lots of local police and state troopers involved. The Boston Firefighters and Police Unions have together offered a $50,000 award for information leading to an arrest.

The response of the public, in support of Boston and the Marathon has been truly heartwarming. The New York Yankees, Boston's baseball archrival, displayed a banner in unity with Boston and played the Boston theme song Sweet Caroline at the game yesterday.  The organizers of the London Marathon announced that they would not cancel their race, but hold it in tribute to the victims of the Boston Bombing. And the Colbert Report opened and the Daily Show last night with a tribute to the city of Boston. And today, there is an interfaith service at the Boston Cathedral of the Holy Cross. President Obama is scheduled to attend.  The service will be broadcast here at 11 AM Thursday, April 18.

The image decorating this post is courtesy of CBC Canada.

Monday, April 15, 2013

National Library Week - what are you doing about it?

Whoopsy!  I nearly missed National Library Week (again!).  I had long written this off as a public library/school library sort of thing, but I have seen a number of law libraries do interesting and inspiring displays or events around this. 

Does your library do things with National Library Week?  Let us know! 

Tip of the OOTJ hat to Barbara Bintliff who alerted me to the annual celebration by posting a note about how Tarleton Library at UT, Austin is celebrating with a display about all the former library directors.

The ever-fabulous Super Librarian image is courtesy of New Jersey Libraries Association

Sunday, April 14, 2013

Thoughtful Commentary on MOOCs

The Boston Globe Ideas section today has a fascinating interview by Marcella Bombardierri with local middle-age MOOC student Jonathan Haber.  Haber is a Lexington writer and entrepreneur who decided to earn a second BA, a "one year MOOC BA," to go with his 1985 traditional degree in chemistry from Weslyan. Haber says he thinks that folks are having the wrong conversations about MOOCs. The question should not be: Should we give credit for this?  Or even, Will it destroy the university?  He thinks the basic questions are, What are we learning, and Who is learning it?

Haber blogs about his experience at DegreeofFreedom.org.  He is currently working on his sophomore courses for a degree in philosophy.  Haber's first post explains his plan and begins on March 8, 2013. He tells readers  he will complete the freshman year requirements in three weeks. But this is not a fly-by-night educational scam. He took classes from Harvard, Duke, Holy Cross, U. North Caroline, Indiana, Ohio (State, I presume), and  San Jose State for those freshman course requirements.  Haber's blog makes interesting and thoughtful points about the courses and testing he experiences.  He is a very shrewd guinea pig, which is a huge help to those of us who would like more meaningful feedback about MOOCs and online courses than perhaps we get from the articles and statistics available to date.

For instance, in the Globe interview, Haber comments that the MOOCs only ask a few questions, at each module and also at the end of the course.  But he feels that they have been doing a good job of asking the right questions.  He comments on problems of discussion boards in courses with 25,000 student enrolled.  As you might imagine, the range of comments looks a lot like what you get in comments to a newspaper article.  He notes that a number of students are taking the course from overseas, and that English is not their first language, so there is sometimes that barrier to their participation at a sophisticated level.  Haber's series on testing in mid-April is really good to read.

Haber also comments on the problems of having students grade each other's work.  This is not something I had contemplated. When you have a rubric that is simple enough for everybody to follow, it reduces the assignment and grading to a fairly elementary level. It means that a student who wants to "spread their wings" really gets shot down for not following the directions to the letter.

However, the MOOCs answer some major economic challenges facing higher education right now. How do we deliver a minimum-or-better quality education experience to the growing number of people who want or need some level of higher education?  How do we do this at an affordable price point?  Haber's comment to the Globe interviewer is that MOOCs are...
... definitely going to make a big contribution to changing education.  The risk is, everyone is so excited about them now, it iwll be one of those angel/edevel things.... When in fact, they are an interesting work in progress.

The MOOC Hysteria post that decorates this post was originally designed to market EduCKA MOOCs. I found it at cogdogblog.com, a post dated July 17, 2012, and pretty entertaining, about MOOCs and the hysteria that sometimes surrounds the discussion about them.

SCOTUS Decisions in Haiku

Houston, Texas IP attorney Keith Jaasma has an entertaining blog, Supreme Court Haiku, where he creates wonderful haiku poems featuring the decisions, past and present of the Supreme Court of the U.S.  He also has haiku about the Constitution and various justices. However you feel about haiku poetry, the very condensed, three line poems that Japanese poets write, usually about nature, you will certainly enjoy his self-deprecatory, very funny FAQ movie.

Rockin' out lawyer-geek style.  :-)  You can also follow Jaasma on Twitter and Facebook.

Many thanks to my sister, Barrett Hansen, a Texas lawyer, who alerted me to this great site!

Friday, April 12, 2013

Technology to Locate Tax Evaders

I ran across a little Associated Press piece in my local paper about Lithuania using Google Streetview to do searches for people who failed to report upgrades to their property for tax purposes. When I searched for the AP report, I found a piece from Baltic Business  about Estonia following Lithuania's example, published December, 2012. 
T├Ánis Kuuse, head of the information department of the Estonian Tax Authority, said ... "It’s an additional information source that we can use to check on real estate, for instance in case when a person who has declared minimum income is living in a very valuable house." 
Kuuse explained that Google Streetview is only one of a number of tools the Tax Authority uses to catch tax scofflaws. Like Lithuania's tax officials, they use the streetview snapshot as the basis to alert them to go in person to look at the real estate.  They have discovered instances of property owners who sell, and report the land as unimproved, sold for a much lower price.  Then they spot a new building on the Google Streetview, go to inspect and prove that the plot sold for a much higher price. It's sort of an investigative tool that gives the inspectors a probable cause to look further at the case.

Similarly, I found a report here about Irish revenue officials using Google Streetview and Google Earth to locate similarly under-reported property taxes and real estate sales.  The same blog post mentions that New York had used Google Earth to locate in-ground swimming pools that had not been reported. A report in 2010 also told of the Greek government using Google Earth to locate tax evaders.  In a similar vein, the Pappas Group reported in 2010 on efforts by the Oklahoma and federal revenue officials to use social websites like Facebook and Twitter to catch tax evaders.

And TechnoBuffalo repeats much of this, but adds that the IRS seems to be planning to check citizens' e-mails for evidence of tax cheating. And it seems they believe they can do so without a warrant to uncover evidence of tax fraud. 

Just in time to make you shiver for tax day. 

Identity Theft and Scholarly Journals

Wow! Who knew that scholarly journals could be the victims of identity theft?  I was directed by colleague Barbara Bintliff to the March, 2013 issue of the journal Nature, which is discussing the new developments in scientific publishing, "The Future of Publishing."  Most of the issue is discussing the move to digital publishing, open access, and how authors in the new model will have to pay to publish so that readers can read for free.  Oh, brave new world! 

But this article, "Sham Journals Scam Authors," by Declan Butler, discusses how the scammers counterfeited two scholarly European journals so closely that they fooled not only scholars, but also Thomson Reuters, publisher of a journal impact rating service.  Hundreds of scholars paid steep author fees to submit journal articles, thinking they were dealing with the editors of the real journals.  The counterfeit sites include such details as publishing frequency, editorial boards, ISSNs, and titles for authentic journals, and fake impact factors numbers for the journals.  Much of the information was false, including editorial boards naming unaffiliated scholars.

The editors of the real journals are fighting a losing and mind-wrenching battle against these shadowy cyber-criminals who seem to be based in Armenia.  They keep being contacted by the poor authors who sent manuscripts and author fees to the counterfeit sites, and are wondering when they will see their article in print. The editors feel that the sham sites have damaged their journals' excellent reputations. Cybercrime police units are not having much success, apparently, tracking the criminals.

The authentic journals were easy prey since they had no web presence of their own.  Rather too late, these two journals are putting up websites or archiving back issues on home pages of the sponsoring organizations. 

The decoration for identity theft is from The Digerati Life by Millie Kay G., a post dated 9/27/2010, "Identity Theft Solutions Using ID Scores." She gives no credit for the image. 

Wednesday, April 10, 2013

Comparing costs of WestlawNext and Westlaw Classic

Wow! Emily Marcum, at Lightfoot, Franklin, White, LLC in Birmingham, Alabama, has just published a really interesting and useful paper. I am sorry that it must be paid for, since it's behind a paywall at Taylor and Francis. It costs $37 to buy the article.  However, it's a great piece of research.   Good for you, Emily!   She compares the cost to the client of research on both platforms. Here is the abstract which appears for free at the site, and summarizes both her methods and her conclusions:

The cost to the client of Westlaw versus WestlawNext was assessed using two research methodologies. One methodology reflected realworld questions over time across categories. The other methodology had artificially generated questions broken down by category and evenly numbered across platforms. In both experiments, WestlawNext cost the client roughly double the cost of Westlaw Classic. Simplified pricing plans were cheaper for primary law and expert materials but were more expensive for other categories.
Thank you, Emily for doing the work to test out the costs.  I am sure West folks will have comments, and perhaps other folks might have other comments as well. But it is research like this, which is useful to librarians in the field and tests based on real-world research scenarios that I am so glad to see.