Ars has a report on a new study showing that college students are shockingly prone to phishing if the email they receive appears to come from an acquaintance:
To generate a database of relationships, the authors used a publicly-available Perl module to crawl social networking sites, including Friendster, MySpace, Facebook, Orkut, and LinkedIn. They selected Indiana students from this database and picked a target population based on the quality of the personal information that was obtained.
Test subjects received an e-mail with headers spoofed so that it appeared to originate from a member of the subject’s social network. The message body was comprised of the phrase “hey, check this out!” along with a link to a site ostensibly at Indiana University. The link, however, would direct browsers to www.whuffo.com, where they were asked to enter their Indiana username and password. Control subjects were sent the same message originating from a fictitious individual at the university.
The results were striking: apparently, if the friends of a typical college student are jumping off a cliff, the student would too. Even though the spoofed link directed browsers to an unfamiliar .com address, having it sent by a familiar name sent the success rate up from 16 percent in controls to over 70 percent in the experimental group.
Of course, men were far more likely to respond to emails from women than from other men.
Last week, Jerry Ellig and I filed a reply commment (PDF) in the FCC’s ongoing broadband competition proceeding. In it we examined the evidence put forth during the comment period. Today we summarize our findings in an op-ed in TCS Daily:
The Federal Communications Commission recently asked for evidence that broadband Internet companies currently engage in data discrimination that would justify regulation of the Internet. …
… the Commission explicitly asked commenters to “provide specific, verifiable examples with supporting documentation, and [to] limit their comments to those practices that are technically feasible today.” Close to 10,000 comments were submitted to the FCC, yet all but 143 were what the FCC calls “brief text comments,” many of which were form letters generated at the behest of advocacy groups.
Of the 143 more extensive comments, only 66 are longer than two pages, and of these only 20 advocate some form of new regulation. None of these 20 offers any significant empirical evidence to suggest that there currently exists a “market failure” or other systemic problem justifying regulatory intervention in the name of net neutrality.
American consumers are poised to reap a windfall of benefits from a new wave of broadband deployment. But you would never know it by the rhetoric of those who would have us believe that the nation is falling behind, indeed in free fall.
Looming over the horizon are heavy-handed government mandates setting arbitrary standards, speeds and build-out requirements that could favor some technologies over others, raise prices and degrade service. This would be a mistaken road to take — although it would hardly be the first time in history that alarmists have ignored cold, hard facts in pursuit of bad policy.
Adam and I are heading down to North Carolina tomorrow to testify against a bill pending in the state legislature that would require anyone under 18 to have a parent’s permission to join a social networking site such as MySpace. Adam has written extensively about Internet safety. Here’s my take.
At first glance, that might seem like a sensible idea. But, as I keep pointing out to anyone who will listen, it just won’t work. How can a website be sure that someone signing up is really over 18? How can a website be sure that a person giving parental consent is really a parent? Experience and common sense suggest that education and prevention are a far better approach to Internet safety.
Indeed, a study published earlier this year in the Archives of Pediatrics and Adolescent Medicine suggests that a lot of the advice we have been giving young people about Internet safety may be off the mark anyway. The researchers found no evidence that sharing personal information online increases the chances of online victimization, like unwanted sexual solicitation and harassment. Victimization is more likely to result from other online behavior, like talking about sex with people met online and intentionally embarrassing someone else on the Internet.
These findings are in line with earlier research by the University of New Hampshire that examined 2,500 cases where juveniles were victims of sex crimes committed by people they met on the Internet. The study found that these children, almost all teenagers, were not victims of strangers who had lured them into situations where they could be abducted or assaulted. In fact, just the opposite was the case.
On Wednesday this week (7/25; 11:00 a.m.), the Cato Institute will be having a policy forum on the dispute between the United States and the Caribbean island nation of Antigua and Barbuda over U.S. restrictions on Internet gambling.
The U.S. has lost a series of World Trade Organization rulings on its Internet gambling laws, and its intransigence threatens the viability of the WTO. Will the U.S. burn down an institution of free trade to protect American grown-ups from their own entertainment choices?
Register, watch the live webcast, or watch the recorded webcast here.
Mark Blafkin is confused about my analogy between eminent domain and software patents, which probably means I didn’t explain the analogy very clearly. So let me see if I can be more explicit.
The way modern “redevelopment” projects work is that a large developer will go to a city and say “We would like to develop a new shopping mall/office park/apartment complex/whatever in such-and-such a neighborhood. But we’re only willing to do so if you give us control over all development within that neighborhood. We don’t want to worry about some other company building something in the neighborhood that we didn’t plan for.”
The city will then scrutinize the application, go through some legal technicalities such as declaring the neighborhood to be “blighted” (which, with enough ingenuity almost any neighborhood can be), and then sign a contract with the developer that essentially gives the developer a monopoly on development in the area. Any property owners who refuse to go along with the developer’s plans are removed using eminent domain.
Now, a company like Verizon will go to the patent office and say, in effect, “We would like to develop a new VoIP application. But we’re only willing to do so if you give us control over all development of VoIP applications like ours. We don’t want to worry about some other company building a competing product that we didn’t plan for.”
Try as I might, I can’t think of any strong tie between this video and technology policy. (Not very) sorry for deviating from TLF’s raison d’etre. (Hat tip: The Agitator)
So went the headline on Drudge. The article itself says:
Officials initially expressed concern after discovering that Besai’s house is located along a flight path for Newark Liberty International Airport. They later learned that used, inoperable AT-4 tubes are sold to the public through military surplus Web sites and other outlets.
It might as well have been used army boots – but the media had you thinking terrorism and downed planes, didn’t they! Gotcha!
Reporting like this is part of the reason why mass surveillance and national ID cards have currency in today’s political debate.
I’ll wait to see the final proposal, but my initial reaction is that this is not a compromise worth having:
House Democratic officials say they are now working on compromise legislation that could allow hundreds of counties in 20 states to simply add tiny, cash-register-style printers to their touch-screen machines for the 2008 and 2010 elections, while waiting for manufacturers to develop better technology by 2012.
House officials said the compromise would ensure that all voting machines nationwide would have some kind of paper trail in 2008 through which voters could verify that their ballots were properly recorded and that could be used in recounts. Under the plan, New York, which has delayed replacing its old lever machines, would be the only state that would have to change its entire voting system by November 2008.
Adding cheap, easily-jammed printers to voting machines and then making fragile cash-register-style rolls of paper the official voting record is a just a horrible idea. Printers will jam. Those giant paper rolls will be a pain to deal with. Frustrated poll workers will have no choice but to continue the election on machines with broken printers. With a significant number of votes either never printed or stored on damaged paper tape rolls, it will be impossible to conduct a meaningful recount. Which, if the election is close, will mean endless litigation as the courts try to reconcile a legal mandate that the paper record be the official record with the bare fact that many of the votes were never recorded on paper. And then, of course, the failure of those crappy printers will be used as an argument against paper trails altogether.
Also, if the paper tapes aren’t expected to be a permanent solution, how much sense to does it make to force states to purchase them for one election? They might be cheap, but they’re not free. And it’ll be a non-trivial amount of work to install them and train poll workers to use them properly.
My sense is that states can still have a high-quality paper-based voting systems in place by 2008. If nothing else, Congress can allow states that really can’t meet the deadline to petition for a federal waiver. But if it’s really true that we can’t get high-quality, paper-based systems in place by November 2008, I would much rather have Congress leave the rules for 2008 unchanged and put good rules in place for the 2010 election than force states to install some kind of horrible frankenstein voting system for one or two elections.
Tom Lee says I’m missing the point about the iPhone:
But the point Ars is making is that the iPhone actually isn’t being subsidized by the contract fees. Consumers are buying the hardware at full retail price and being locked into a contract. This puts the lie to the carriers’ argument that early termination fees are in place to avoid losses over hardware subsidies — they charge the fees whether there’s a subsidy or not (and only one carrier will prorate this fee).
To paraphrase Yglesias, terms like “full retail price” and “subsidized” are a kind of accounting fiction. What matters is how many dollars come out of your pocket and how many end up in the pockets of AT&T and Apple. The label on the credit card bill, and exactly when the charge is made, just isn’t that important. Consider the following four scenarios:
Scenario 1:
Apple charges $500 for an iPhone
AT&T service costs $60/month
Apple gets $5/month from AT&T for every iPhone customer.
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology. Learn more about TLF →
The Technology Liberation Front is the tech policy blog dedicated to keeping politicians' hands off the 'net and everything else related to technology.