e dot dot dot
a mostly about the Internet blog by

January 2020
Sun Mon Tue Wed Thu Fri Sat
     
 


Ring Throws A Moist Towelette On Its Dumpster Fire With A Couple Of Minimal Security Tweaks

Furnished content.


Things have gotten worse and worse for Amazon's Ring over the past several months. Once just the pusher of a snitch app that allowed city residents to engage in racial profiling from the comfort of their homes, Ring is now synonymous with poor security practices and questionable "partnerships" with hundreds of law enforcement agencies around the nation.Ring owners recently discovered how easily their cameras could be hijacked by assholes with no moral compass and too much time on their hands. Using credentials harvested from security breaches, online forum members took control of people's cameras to entertain a podcast audience who listened along as hijackers verbally abused Ring owners and their children.Ring is now being sued for selling such an easily-compromised product. Ring's response to the original reports of hijackings was to blame customers for not taking their own security more seriously. Ring does recommend two-factor authentication but that's about all it does. It does not inform users when login attempts are made from unrecognized IP addresses or devices, and does not put the system on lockdown after a certain number of failed attempts are made.Yes, users should use strong passwords (and not reuse passwords), but blaming customers for engaging in behavior most customers will engage in is unproductive. Instead of making two-factor authentication a requirement before deployment, Ring has just repeatedly pointed to its prior statements about its "encouragement" of 2FA -- an "encouragement" that is mostly comprised of defensive statements issued in response to another negative news cycle.Since it can't keep blaming its millions of customers for its own failings, Ring is taking a very, very small step in the direction of actually taking its customers' security seriously. [Please hold your tepid applause until the end of the announcement.]

Ring has announced that it is adding a new privacy dashboard to its mobile apps that will let Ring owners manage their connected devices, third-party services, and whether local police partnered with Ring can make requests to access video from the Ring cameras on the account. The company says that other privacy and security settings will be added to the dashboard in the future. This new Control Center will be available in the iOS and Android versions of the Ring app later this month.
It's barely enough to make any one feel whelmed, much less overly so. There are two small additions that put this ahead of what Ring offered prior to the newsworthy camera hijackings. First, the app will allow users to see who's logged in at any given time and logout unrecognized IP addresses or locations from within the app.The second addition finally puts some (baby) teeth into Ring's 2FA recommendation:
[R]ing is continuing to inform its customers of the importance of two-factor authentication on their accounts and will be making it an “opt-out” thing for new account setups, as opposed to the opt-in setup it currently is.
Swell. So that's kind of… fixed. I guess. Now Ring just needs to work on all the other problematic things about itself, like the fact that it's still not going to notify users when new IP addresses, devices, or locations attempt to access their cameras. And it's not going to stop using cop shops as Ring marketing street teams. And for all of its insistence footage is never handed over to cops without the proper paperwork, it still deals from the bottom of the deck by claiming end users own all their footage even as it's handing this footage to law enforcement without the end user's permission or involvement.Ring has a lot to fix if it's ever going to make its way out of the PR pit it's dug for itself. This is something, but it's just barely something. It's not enough. And it says Ring still isn't serious about protecting its customers -- not from law enforcement and not from malicious idiots who've found a new IoT toy to play with.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 11-Jan-2020
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



Professor Removed From Teaching For Sharing A Downfall Parody Video

Furnished content.


If you've been on the internet for basically any length of time, you probably know about the Downfall parody videos, sometimes referred to as the "Hitler Finds Out" videos. These are videos that take a clip from a 2004 German movie about the final days of Hitler, and post over them English subtitles of Hitler getting angry over... just about anything. We wrote about it a decade ago, and while the Downfall parodies have become somewhat less common these days, it's still a bit surprising that anyone might be offended by them.But, alas, in a yet another (more real world) example of how content moderation is impossible to do well, a popular senior lecturer of accounting, Catherine West Lowry, at UMass Amherst was removed from her teaching role after a student complained that she showed a Downfall parody about accounting made by a former student to the class (found via Reason.com).To make the class more fun, Lowry had long offered students extra credit for producing entertaining or "fun" videos about concepts in the accounting class, and someone back in 2009 (at the height of the Downfall parody popularity) made this one about accounting concepts and the class:

On November 12th, Lowry showed that video to the class after some students asked her to share a video:
The point was to engage students in an otherwise dry and difficult subject material, Lowry said. Accounting is really a foreign language for so many of these students. The videos, she added, have proved very successful with bonding with students, and instructors at other colleges across the country have used them in their own classes.Lowry occasionally shows past videos in class as a way of introducing a concept to students, but she hadn't planned to do so on November 12. Still, a few students asked her to show a video at the start of class, she said, and the Downfall clip was relevant to the day's lesson. So I did it, and they clapped and loved it. And that was that, Lowry said.
However, at least one students was offended. While none of the articles specifically describe what was seen as offensive about the video, it is implied heavily that someone took offense to the idea of showing Nazis/Hitler in class (not that the video or movie in any way glorify Nazism or Hitler). And rather than recognize that perhaps someone was overreacting, the Dean decided to yank Lowry out of class, which appears to have upset many of her students:
On November 14, Lowry sent an email to her students apologizing for the incident. I want to apologize to any student who was offended by the Hitler xcredit video on Tuesday. My intent was never to offend or upset anyone. I was unaware of what was going on on campus, Lowry wrote, according to a copy of the email provided by a student. While I've received hundreds of wonderful, thoughtful, creative videos over the past 11 years, this issue, along with an earlier issue this semester, has caused the end of these extra-credit videos.I truly am sorry, she continued, and I have never wanted to offend or hurt any of my students. Your success and happiness is most important to me.Massey, the dean, briefly spoke to the class the next time it met. She announced that another Isenberg professor would take over teaching for the rest of the semester, according to three students The Chronicle spoke with. Some students shouted, Bring back Cat, a reference to Lowry's first name. Eventually, several dozen students walked out in protest.
While some are arguing that this is another example of over-sensitive students, it's not clear that's the case at all (given that it appears many of the students were perfectly fine with this, and it was potentially the administration that overreacted). But, more to the point, it once again highlights the "impossibility" of content moderation, even in real life, rather than just on the internet. A key point that we've made about content moderation is that context matters, and everyone has different context, or may not be fully aware of the cultural context around any particular content.That's likely the case here. The offended student(s) perhaps were completely unaware of the Downfall parody meme, and simply reacted to a professors showing a film depiction of Hitler. Without the wider context -- and adding in the other context of a rise in Neo Nazism -- I can see how someone may have overreacted. The real issue, then, is that the administration failed to be the cooler heads that prevailed, and defaulted to removing the professor from teaching. Also, as the Reason piece notes, since UMass is a public school, there are 1st Amendment implications in punishing her over speech.In the end, it really does seem that the University and, in particular, Dean Anne Massey, should have been able to come up with a much more reasonable approach here. Merely notifying Lowry that at least one student was offended, seems like it would have been more than enough to keep things in perspective. Indeed, Lowry has said as much:
I was shocked when this came out. Had a student expressed concern, she said, I would have been mortified. I would have addressed it. I'm not trying to make some statement here.
But, rather than understand that and understand the context, the University and the Dean went to an extreme position instead.

Permalink | Comments | Email This Story


Read more here

posted at: 12:00am on 11-Jan-2020
path: /Policy | permalink | edit (requires password)

0 comments, click here to add the first



January 2020
Sun Mon Tue Wed Thu Fri Sat
     
 







RSS (site)  RSS (path)

ATOM (site)  ATOM (path)

Categories
 - blog home

 - Announcements  (2)
 - Annoyances  (0)
 - Career_Advice  (1)
 - Domains  (0)
 - Downloads  (4)
 - Ecommerce  (2368)
 - Fitness  (0)
 - Home_and_Garden  (0)
     - Cooking  (0)
     - Tools  (0)
 - Humor  (1)
 - Notices  (0)
 - Observations  (1)
 - Oddities  (2)
 - Online_Marketing  (145)
     - Affiliates  (1)
     - Merchants  (1)
 - Policy  (1679)
 - Programming  (0)
     - Browsers  (1)
     - DHTML  (0)
     - Javascript  (536)
     - PHP  (0)
     - PayPal  (1)
     - Perl  (37)
          - blosxom  (0)
     - Unidata_Universe  (22)
 - Random_Advice  (1)
 - Reading  (0)
     - Books  (0)
     - Ebooks  (1)
     - Magazines  (0)
     - Online_Articles  (4)
 - Resume_or_CV  (1)
 - Reviews  (1)
 - Rhode_Island_USA  (0)
     - Providence  (1)
 - Shop  (0)
 - Sports  (0)
     - Football  (1)
          - Cowboys  (0)
          - Patriots  (0)
     - Futbol  (1)
          - The_Rest  (0)
          - USA  (1)
 - Woodworking  (1)


Archives
 -2020  January  (40)
 -2019  December  (44)
 -2019  November  (52)
 -2019  October  (49)
 -2019  September  (46)
 -2019  August  (52)
 -2019  July  (55)
 -2019  June  (49)
 -2019  May  (49)
 -2019  April  (81)
 -2019  March  (94)
 -2019  February  (91)


My Sites

 - Millennium3Publishing.com

 - SponsorWorks.net

 - ListBug.com

 - TextEx.net

 - FindAdsHere.com

 - VisitLater.com