Reblogged from paidContent:

• 
• 

Privacy is a bit like the weather — everyone talks about it but no one does a damn thing about it. Sure, it’s creepy that these companies track you and munch your personal information. But are you really going to ditch Facebook and every other online convenience of modern life?

That’s why firms like Privacyscore are intriguing. The company wants to empower consumers by showing instant report cards of websites and, now, Facebook apps as well.

Read more… 295 more words

It's a step in the right direction, but there are questions to be raised about how organizations like Privacyscore operate. If they attain the stature and independence and trust-worthiness of some over consumer watchdog groups, that would be great. But if all you want to do is get a sense of how badly you are being tracked and monitored, I think the Collusion extension for Chrome and Firefox is much more powerful and compelling.

Reblogged from TechCrunch:

• 

More dollars were poured into the Beltway from technology companies in the first quarter of 2012. As shown through previous lobbying spends, each quarter, Facebook and Google continue to spend more and more on lobbying efforts in Washington D.C. In the most recent disclosure reports filed in the U.S. Senate’s lobbying database, both of the companies hit all time highs in terms of lobbying dollars.

Read more… 461 more words

With all the Internet-oriented legislation that has been in play lately, this hardly seems surprising.

Reblogged from Academic workflows on Mac:

I use OmniFocus as well and find it incredibly useful, particularly for organizing projects and keeping track of more complex tasks.

About Flashback malware: Apple is developing software that will detect and remove the Flashback malware.

In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions. Apple is working with ISPs worldwide to disable this command and control network. (via Apple Support)

And now… Checking for Mac Flashback infestation? There’s an app for that.

Reports are circulating about the first really significant infection of Macintosh computers in a long time.  The Flashback Trojan has reportedly already infected more than half a million Macs and poses a significant threat to Mac users running out of date versions of Java. An earlier version of Flashback required users to enter an administrator password in order to run, but the new version exploits a critical Java vulnerability to run without a password. ArsTechnica has a good quick overview

Fortunately, avoiding infection is easy. Apple released a security update on April 3 which should remove the danger; if you haven’t already done so, you should use Software Update to make sure that all security updates and Java updates are installed.

Finding out if you are already infected is less easy. It requires checking the background activity of Safari, either by sampling the Safari process through Activity Monitor or running some commands in Terminal.  The security firm F-Secure provides detailed instructions on the latter process:

1. Run the following command in Terminal:
   defaults read /Applications/Safari.app/Contents/Info LSEnvironment
2.  Take note of the value, DYLD_INSERT_LIBRARIES
3. Proceed to step 8 if you got the following error message:
   “The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist”
4.  Otherwise, run the following command in Terminal:
   grep -a -o ‘__ldpath__[ -~]*’ %path_obtained_in_step2%
5. Take note of the value after “__ldpath__”
6. Run the following commands in Terminal (first make sure there is only one entry, from step 2):
   sudo defaults delete /Applications/Safari.app/Contents/Info LSEnvironment
   sudo chmod 644 /Applications/Safari.app/Contents/Info.plist
7. Delete the files obtained in steps 2 and 5
8. Run the following command in Terminal:
   defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
9. Take note of the result. Your system is already clean of this variant if you got an error message similar to the following:
   “The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist”
10.  Otherwise, run the following command in Terminal:
    grep -a -o ‘__ldpath__[ -~]*’ %path_obtained_in_step9%
11. Take note of the value after “__ldpath__”
12. Run the following commands in Terminal:
    defaults delete ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
    launchctl unsetenv DYLD_INSERT_LIBRARIES
13. Finally, delete the files obtained in steps 9 and 11.

Obviously, this is fairly technical and not for the faint of heart. There are numerous discussions on the Apple Support Communities site discussing the trojan, how to detect it and what to do about it, and people there will be willing to help you determine if your system is infected.

And I would expect to see an automated removal program or script emerge in the next day or two.

Update: Or sooner:  Find Out if Your Mac Has the Flashback Trojan — the Fast and Easy Way.

For more…

• Mac Flashback trojan exploits unpatched Java vulnerability, no password needed.
• Mac Flashback Trojan: Find Out If You’re One of the 600,000 Infected.
• Fast-growing Flashback Botnet Includes Over 600,000 Macs, Malware Experts Say | PCWorld Business Center.
• Flashback Trojan: Making Sure Your Mac is Safe | TMO Quick Tip | The Mac Observer.

But in fact if you are running Windows, “turning it on and off again” is actually pretty good advice.

There are some misleading ideas out there about saving power. For instance, unless your toaster, mixer, or food processor has a remote or a little clock in it or a digital display that’s always… displaying, then it almost certainly isn’t using any power just from being plugged in.  So many coffee makers DO have clock/timers these days that this is more likely to be an issue, but again only if it has a clock/timer.

Belkin advertises its Conserve Power Switch with a picture of the switch being used with a toaster and a coffee maker:

Unless that coffee pot has a timer, which it doesn’t seem to, this isn’t going to save you any money. And it’s really unlikely that toaster has a timer or clock or can be turned on by remote, so this kind of seems like deceptive advertising.

Even on a device that does have “vampire” usage, sucking power even when not in use – like an iPod charger, anything with a clock or with one of those big transformer blocks – the energy usage can be quite low.  It might take you anywhere from 6 months to a couple of years of energy savings – assuming you remembered to use the switch every time – to save the cost of that Belkin switch ($6.99 plus tax).

But what about the planet, I hear you ask.  Good question.  But not so easy to answer.  How much energy – and other resources – were used to produce (and market and ship) that Belkin switch?  Without knowing that, there’s no way of calculating how much it would do to really reduce your carbon footprint.  But for anything small like an iPod charger, I’m willing to bet it’s a false economy, money-wise and planet-wise.

However, when it comes to your home entertainment equipment and your computer, it’s a different matter.  These use a lot of power when in standby mode, and most of them are always in standby mode when not in use.  Lawrence Berkeley Labs has produced a handy chart of the energy usage of various products. Some quick calculations based on the cost per kWh from your energy bill can help you figure out how much money you are wasting. Figures drawn from carbon footprint sites can help you estimate how much planet you are wasting.

For instance, if you leave your cable modem on all the time – which you do, right? – you’d be using about 4.3 kWh/month, which at PG&E’s current rates would cost you close to a dollar. So if you turned it off for the 2/3rds of the day (probably) when you are not using it, you might save around 60 cents a month. You’d also save about 2600 grams of carbon emissions – if all your electricity comes from coal-fired generators.  That’s not a huge amount, but it’s not insignificant either.

And that’s just your cable modem.  Add in your printer and monitor and USB charger and speakers and computer and… it starts to add up. Then there’s the entertainment centre, with the TV, xBox, set-top box, Blu-ray, Roku, etc.  That’s really going to add up, especially if you have a cable TV box, as those tend to be notorious energy suckers.

So the short answer:  don’t worry about your toaster. DO WORRY about your computer set-up and your home entertainment set-up.

If you already have all that stuff plugged into power strips or surge protectors, you can use the switch on that to turn everything off at once.  Or you can buy something like Belkin’s Conserve Switch surge protector with remote ($39.99) to do it.

For more…

• Consumer Energy Commission: Choices for the Home – small appliances.
• Ask Mr. Electricity: Myths about Saving Electricity.
• PG&E: Save Energy & Money.
• CoolClimate Carbon Footprint Calculator | CoolClimate Network.
• Individual Emissions – Household Emissions Calculator | Climate Change – Greenhouse Gas Emissions | U.S. EPA.
• Free Carbon Footprint Calculator | The Nature Conservancy.

The crux of it is this: a very small number of PGP keys may not be secure because the random numbers used in the key generation process were not truly random.  It would be possible to replicate the researchers’ process to determine if your key was insecure, but the truth is that there is going to have to be a fix for this, and then everyone will have to create new keys.

Until that happens, take your privacy/encryption with a grain of salt.

Update:  Questions are being raised about the researchers’ findings, and whether they reflect a fundamental problem or some flawed implementations.  Since the research seemed to crack keys generated by different implementations, if their findings are correct then the flaw is widespread, regardless – I think…

Researchers Allege Defect in RSA Public Keys, Findings Questioned.

The sign-up process is somewhat cumbersome and requires a fair amount of info on your business, but you can just waffle on and say anything if you don’t want to give real details.

Scrivener 2.2

Scrivener is a project management and writing tool for writers of all kinds that stays with you from that first unformed idea all the way through to the first – or even final – draft. Outline and structure your ideas; take notes; storyboard your masterpiece using a powerful virtual corkboard; view research while you write; track themes using keywords; dynamically combine multiple scenes into a single text. Scrivener has already been enthusiastically adopted by best-selling novelists and novices alike. Outline… Edit… Storyboard… Write. (via AvaxHome.)

That sounds like a good piece of software. One which my clients or friends might find useful. There’s nothing in what I’ve said that suggests any kind of piracy or copyright infringement.  Nor is there anything like that on the page linked to.  But… it’s probably a pirated piece of software.  Presumably under SOPA access to that site would have been shut down. It’s also possible WordPress would have to monitor its blogs – including mine – to see if we posted LINKS to sites that contained links to files that   might be infringing.  How was that ever going to work?