Category: blog

The transformation of everything – how technology changes the way we think

Joshua La Macchia on

“The absolute transformation of everything that we ever thought about music will take place within 10 years, and nothing is going to be able to stop it. … I’m fully confident that copyright…will no longer exist in 10 years, and authorship and intellectual property is in for such a bashing.”
David Bowie, 2002.

The effect of the information era in the way that it has on society has ever changed the way that we think of various facets of life, relationships, work and the law. When information is available freely available within society, such as on the internet, it can have effects on how we use other material, including illegal ways such as piracy, as well as using information against someone or an organisation. The effect of online piracy has allowed for society to rethink the way that we deal with intellectual property and copyright. Not only that the effect of the freedom if information has also effected how society has become more responsive to bullying. This essay looks at the implications of online piracy and cyber bullying and its recent effects on society.

The effect of piracy online has been perceived to be quite damaging to the industries that they effect, due to the fact that money that should be given to the developers or artists are instead given to the piracy business. Not only that it changes the perception of society that everything created should be free, in the public domain. In the field of software for example, the economic effect of software piracy can be damaging. (Huygen, A., Helberger, N., Poort, J., Rutten, P., Eijk, N.V., (2009) Ups and Downs; Economic and Cultural Effects of File Sharing on Music, Film and Games) However, the response from the software industry to piracy can be very helpful to understanding the role of Intellectual Property in during the information era.  Many software businesses have turned to creating a new business model and rejecting the old model. Valve, a gaming business, has been successful in the launch of their gaming store and social network, Steam. This has seen to be the one of the major forces within the gaming software industry, with Steam now taking 51% of the gaming market share alone. The reason why it is so successful is due to the fact that the way that market themselves to be pro gamer in the form of proving good quality games, but also providing a cheaper cost to their games (usually due to the fact that they have removed costs from the traditional model) and having sales to bring in more revenue. This also has the effect that software piracy for their games are significantly lower. In this case, software piracy has allowed for the software industry to build on a new business model.

Online Music Piracy, with an early example shown with Napster, has had a different effect on the music industry. The music industry has responded to piracy with using legal action to continue using their business model, instead of embracing a new business model, such as what Valve did. This is in spite that the data that is provided by the industry does not make economic sense, according to Rob Reid, creator of the music streaming service Rhapsody. In a speech given at the 2012 TED conference, Reid shows that the data provided by the music industry regarding the amount of lost revenue and jobs to piracy does not measure to the actual revenue and jobs lost by the music industry. In reality, we do not really know what the effect that online music piracy has had financially, but we can see that it has had a cultural impact on society. In the Netherlands for example, a survey found that file-sharers would pay for a CD at 40% of the average price of a CD. Unfortunately, the way that the internet has been designed, for a file to be infinitely copyable, it can be difficult to keep the current nature of intellectual property and copyright intact. The use of just using the legal system instead of engaging with society has created somewhat of a dissonance between the the internet community, and the music industry.

I believe a better solution to the issue of intellectual property and copyright is for the industries to do two things. The first is to create a new business model to allow for the changes that the information era has made to society. The second understand the reason why copyright and other intellectual property laws were created in the first place. Kirby Ferguson web series ‘Everything is a Remix’ explains in his final episode that the original copyright act was subtitled “An Act for the encouragement of Learning,” however, the role of copyright has not used in this way in society. I believe going back to the original version and meaning of copyright will help with creativity as well as helping with the economics of the music and software industry.

Although the effect of online piracy has been a major issue during the information era, cyber-bullying and gossiping has also been a major issue during the information era. Stories of bosses firing their staff over things said over social networks such as facebook and twitter are becoming more and more common in society. We can also see more damaging effects of cyber-bullying in the psychological abuse that Charlotte Dawson got from twitter ‘trolls’ in the past month, it is easy to see the effect of the problem and disadvantages of using social networking sites. The problem is that when we receive that type of abuse, our instinct is to attack the person hurling the abuse, instead of reporting it. Recent attacks at ‘trolls’ and cyber bullies by the media have been ineffective due to the nature of the attacks, as well as not using more common systems around, such as reporting the abuse. Until such responses, the form of this abuse will still be around in full force.

With recent reactions to the way that we live in todays society, it can be clear that we now living in the information era. This also means that we need to react to issues regarding the information era, such as piracy and cyber bullying. We need to rethink the way that we use intellectual property and copyright, as well as the way that we use online networks. The conclusions to how we deal with these issues will effect the way that we act in todays society.

This was the second of two essay for a University unit about the effect social networks have on society. This essay had us engage with various case studies which are not referenced here.

Being turned upside-down – how technology changes our identity

Joshua La Macchia on

“The world turns upside-down in 10 years, but you turn with it.”
Spider Robinson, 1977.

The devices such as IT systems and social computing systems, that have been released during the Information Era has revolutionary transformed the way we process and consume information, the way that we trade and purchase, and the way that we connect to our fellow human beings. Professor Michael Weach from Kansas State University, says that these devices, or machines, has been transforming our culture, and causes us to reconsider our ideas of our facets of human culture. One of the facets that we need to reconsider is the way that we educate ourselves, and how we educate in the university. As students, the devices of the information era has had a positive and negative effect on the way that we study and relate to one another.

In the past year, my life has changed quite differently with the introduction of a smart phone for Christmas last year and a kindle e-reader for this semester. In fact, my normal routine for each day is now quite different. I will first be wakened up by my alarm on my phone which has also checked and downloaded a small collection of technology, news and religious podcasts for me to go through throughout the day. This allows me to be more aware about recent news developing in the fields that I am studying. While having breakfast, I’m either listening to one of those podcasts, or I am listening to an audiobook that I am going though, and I’ll continue listening to that show or book while commuting to university.
During the lecture and the tutorial, I may have both my computer out to take notes, and an e-reader with the textbook for the unit open. After Lunch, I would have a meeting with some of my university students over a unit project over Skype, instead of meeting in person. This is done due to the fact that we were all across Sydney at the time and that we cannot meet in person. I may send some files via a cloud storage drive, such as Dropbox or Google Drive, for everyone on to share and edit. After a day, I would drive home again listening to the podcasts or audiobooks.

Finally, for an essay, I may read up upon Academic papers via Google Scholar to understand the research done in these areas. Because of the availability of academic materials online, the quality of work done has allowed me to understand areas of, for example, the impact of recent cyber warfare attacks in a more comprehensive way than if I was to only to understand the issue from a selected group of papers.
A lot of these resources that I use to learn about my area of study are available to me for 24 hours a day, 7 days a week, and because of this I can study at any time of the day or night. Not only that, many of the resources are resources that I can use for further study after being a student at university. Albert Harris, from Appalachian State University and Alan Rea from Western Michigan University, also include other advantages in using these resources such as the fact that in a classroom environment, students are more likely to collaborate and compete with one another, and has been shown to increase learning. (Harris, A. L. & Rea, A Web 2.0 and virtual world technologies: A growing impact on IS education. Journal of Information Systems Education, Vol. 20(2), 137-144.) Not only that, but these classes can, and has allowed to be used for other classes across the world.

However, some of the disadvantages with using these resources in a much broader context have become the fact that these computing resources must be available, even to the few who do not have internet access at home. Not only that, but these resources must be secure enough that they cannot be vandalised or sabotaged which is easy to be done with these resources. Finally the temptation to plagiarise is also a disadvantage to this form of learning since it is easier to copy and paste paragraphs into essays and reports which then can degrade the quality of work that is being done within a student’s body of work.

These devices and IT systems has also transformed the way that we relate as human beings. Social Computing has allowed for interactions that would have not been able to have even a few years ago. YouTube, which is a video sharing site, has been also used as another Social Computing service in the form of video-blogging or vlogging. The trained video-blogger may feel more relaxed discussing issues in front of a camera, the vlogger may discuss sometimes the most private issues on a very public forum, online. Due to this, the discussions can get quite personal. There also seems to be longing for authenticity within this culture of vloggers. Jeff Jarvis believes that this is a good thing, as the awareness of the private issues being made public makes it easier for us to understand and, if it requires, do something with that information. (Harris, A. L. & Rea, A Web 2.0 and virtual world technologies: A growing impact on IS education. Journal of Information Systems Education, Vol. 20(2), 137-144.)

The effect of these devices of the Information Era has definitely transformed the way that we connect and understand the way that we connect to other as well as the way that students educate themselves. Overall, this seems to be a positive effect on the survival of humanity.

This was an essay for a uni unit about the effect social networks have on society. References are in the comments below.

Leaking your Information on the Internet?

Joshua La Macchia on

Online Social Networks (OSN) which can be defined as a online network that its primary goal is to have people “stay in touch with contacts,” are currently growing and are on the rise. As is the nature of OSNs, Personal Identifiable Information (PII) needs to be available to the service. PII can be defined as,

“Information which can be used to distinguish or trace an individual’s identity either alone or when combined which other public information that is linkable to a specific individual.” (Krishnamurthy, B. Wills, C. 2010)

Examples of PII could be a users Full Name, Birth Date, Email Address, Location (city or town), Phone Numbers, Photos of themselves, their activities and their interests. This information could be used for illicit uses such as identity theft. Because of this, OSNs need to take a serious look into securing their databases to make sure PII is not leaked in anyway. Unfortunately, most OSNs take that seriously. They leave known vulnerabilities un-patched, and even the users can be tricked into giving their PII. This essay looks into the current Computer Security issues of OSNs and the leakage of PII.

It is often thought that crackers find a small vulnerability in a website to take control of that website. But sometimes all it can take is a feature to turn into a vulnerability for crackers to break the OSN. In late 2009, DeviantART, an OSN targeted to artists, decided to include a ‘de-activation’ feature onto their website. This would allow users to publicly remove their account from the site. This was done for many reasons, such as changing their account name, stop attention ‘whores’ (those users who would say that they were leaving to gain attention, and then to comeback to the OSN the next week) or even to allow for people to quickly remove themselves from the site. The feature worked fine; all you needed to do was to click a button, enter your password, and you’re account was then closed. However, in December 2010, Silverpop Systems Inc., an advertising company that was working closely with DeviantART who shared personal details such as email addresses, and possibly usernames and birth dates, had their database cracked into and collected this PII. Soon after this, some new users of the site actively complained that their old account had been not only compromised, but deactivated and had to start a new account. Some of these users pleaded for their original accounts back, however, due to technical reasons, DeviantART staff could not meet that expectation. On January 5, 2011, the DeviantART staff changed the deactivation feature so that Staff could retrieve the accounts in a certain period before that account was removed from the site. This happened on the same day when two high profile users were almost deactivated by crackers.

The ‘deactivation system’ in this example is considered to be a Featurebility; either a vulnerability that is documented in the official documentation, or a feature that could be treated as a vulnerability in an certain situation, and is usually put in on purpose by the developer. In the presentation, ‘Satan is on my Friends list: Attacking Social Networks,’ researchers Nathan Hamiel and Shawn Moyer showed examples of these Featurebilities such as allowing HTML to be entered into user generated content, which could be used to create a Cross-site Request Forgery; a vulnerability from the 1990’s that allows specific malicious actions to happen when they are requested via HTML and CSS code. They said on these vulnerabilities that if these vulnerabilities are in the documentation of the APIs, then it is the developers fault for them not patching their own work.

Not only is the problem of the Featurebilities that arise because of OSN developers programming, the other problem is the sharing of “Personally identifiable information” (PII) by users of OSNs.  According to Krishnamurthy et.al., in the 12 OSN’s that they studied, most OSNs had some pieces of PII available for anyone to see. Table 1 shows their results to that analysis to show the various availabilities of pieces of PII on those OSN’s. It is quite clear that although those pieces of PII that are widely available are almost considered to be public domain, that information is still quite important. For the information that is considered to be private but given to the OSN could be leaked out via an external application (such as a game) on an OSN, which could then send that information to somewhere outside of that OSN ecosystem. While this is a great way to leak PII to outside the OSN, it might not be the easiest way to gather PII.

Although I have discussed obtaining PII via technical means via OSNs, not all ways of obtaining PII are technical. In fact, it is probably more likely that the use Social Engineering to obtain this private data. Again in the presentation “Satan is on my Friends List,” Hamiel and Moyer showed how (with permission) they had impersonated Marcus Ranum, a well-known security professional in IT who is actively against OSNs, on an OSN for professionals, LinkedIn. Using only information from press releases, biographies and articles by Ranum, they were able to quickly create a profile to impersonate with. After that, to legitimise the profile, they tried to find “link-whores,” those who would actively go out and friend as many people as possible. These people were found via a simple Google search. within 12 hours, this persona had received over 40 connections, including people who work in the IT security industry, and would have heard Ranum speak about his opinion about OSNs. Also they joined various LinkedIn groups. This gave the persona enough creditability to attract other professionals known by Ranum, CSOs, and people who work for ISSA, which they without prompt, gave important PII such as their Phone Number and private email address, and information about upcoming projects they were working on. They even made a connection with his sister. This sharing of PII can happen not only to professionals, it can happen everyday on other OSNs.

On a popular OSN, Facebook, people share their PII in the public domain without them even noticing it. If you are on Facebook, you may notice a event or group occasionally calling for Mobile Phone Numbers, usually by a friend who’s profile has not been cracked into and they are genuinely is asking for their friends phone numbers. The problem is that these events and groups are usually set to it’s most public setting, which could be collected for malicious use. Tom Scott, a software developer, spent a few hours on creating a website application using the Facebook API to collect names and their phone numbers from these groups and events, and displayed them (without the last 4 digits) on his website. It is quite clear that this PII could be easily obtained by the user without the user realising it.

That being said, some researchers and developers are currently working on making OSNs more secure. Diaspora promises to be an OSN that is rid of any Privacy or the leaking of PII on their part, however when it was launched in an Alpha phase in 2010, numorus critics said that it was filled with Security holes and privacy issues. It is currently getting better, however some are still calling out for changes in the OSN backbone, as some of these areas have not been addressed. Some researchers have, however, worked on better ways to make these systems better. Researchers from the University of Illinois have worked on an encryption application to work on Facebook, that will encrypt and decrypt messages over Facebook. This would be good for a OSN such as Diaspora or Facebook. So far, from what I have read, it is not clear if anything like this would be used in OSNs.

As OSNs become more and more mainstream, it is quite clear that a lot of work needs to be done in the area of Security and in making sure that PII does not get leaked. However, as seen in the examples and case studies shown in this essay, it can be concluded that developers of OSNs are not thinking of these issues. Although some researchers are spending time on making OSNs more secure, it needs to be implemented in large OSNs. In reality, OSNs need to be more secure than what they are.

This was written by joshlama.

Links

Satan is on my Friends List (DefCon 16)
The Cross-Site Request Forgery (CSRF/XSRF) FAQ.
Facebook Users’ Phone Numbers Exposed by “Evil” App
Pondering Diaspora’s Security

Other references can be asked in the comments below

YouTube Symphony Orchestra – from an audience member/actor

Joshua La Macchia on

Back on 20th March, I was able to go to the YouTube Symphony Orchestra 2011 Finale Concert, which you can see in average quality above. I really enjoyed my time there, and will remember it quite easily for future memories.

Movement 1: Thoughts before the week.

In Primary School, and in High School, I was a band geek. I liked playing in the concert band, and I loved the jazz band. I played trumpet. I loved playing trumpet, even though having the oral pain of braces. When I reached Uni, I stopped, because although I liked playing, I loved listening to the music.

When I’m on YouTube, I see people not understanding of the role of classical music. One of the reasons of why the YTSO exists is so that those who don’t have the experience of classical music can tune out for a moment from the world, or other genres of music to listen to the world of classical music.

I went to my first day in choir, and I sat down with the basses and sort of looked over my shoulder to see what they were doing. They opened their scores, the conductor gave the downbeat, and, boom, they launched into the Kyrie from the “Requiem” by Mozart. In my entire life I had seen in black and white, and suddenly everything was in shocking Technicolor. The most transformative experience I’ve ever had — in that single moment, hearing dissonance and harmony and people singing, people together, the shared vision. And I felt for the first time in my life that I was part of something bigger than myself.
Eric Whiticare

Movement 2: Tuesday

Movement 3: Sunday

When we talk about media on the internet, there is talk of the primary audience and the secondary audience. The primary audience should be those who originally see the content, and usually its the intended audience seeing it. The secondary audience is anyone else who sees it somewhere else; such as in a news show or something similar.

The problem was that I saw myself as not the primary audience, I saw myself as an actor in the work. The primary audience is the 30mil who were watching it online that night, and were watching the rebroadcast. I didn’t mind being the actor, but I also saw how they were doing things; so the audience could see us, there were lights pointed to the audience. when they were leading up to a segment or a cut, something gave way, such as the lighting or the screen getting ready, or even the cameras moving, or even the visuals that shone on the insides of the sails. It didn’t remove me from the entire experience, but I just noticed it.

Where I sat, you could not see me in the shots, because I was closer to the top than to the stage, but I forgot how every seat in the house is a good seat. As the music was playing, I could see the expressions of each of the players.

I would like to applause each of the people who made this possible; if I can, I would love to travel in time for the next YTSO.

Joshlama.

Crying Fella: a students analysis on DeviantART’s deactivation system

Joshua La Macchia on

Recently on DeviantART (dA), a series of events has happened that has caused a lot of people to lose their accounts from crackers and trolls though their deactivation system. Below is my thoughts on the whole situation.

Background – dA’s Deactivation system.

The system was developed in late 2009 to allow for users (called deviants on the site) to publicly remove themselves from the site. Many positive reasons were said for the implementation of this system, such as;

  • Allowing for deviants to move their account name,
  • Stop “attention whores” – a deviant who constantly looks for ways to get attention, the most common was to release a journal saying that “I’m leaving,” only to return the next week. This drama (or dArama as it is called on dA) has annoyed a lot of deviants in the past.
  • It allowed a quick way to discontinue with the site.

There are many others, and if you know of any, please comment below 🙂

The system removed all their artwork off dA servers, removed their front page, and allowed for that page to become unusable. It was made right from the beginning that this was final; this deviant could not reactivate his account ever again no matter the circumstances. It was also made apparent that there would be no exceptions to the rule. The system was made so that it explained to the deviant what they were doing.

While this didn’t come with great rejoice, it did help a lot of deviants between late 2009 till November 2010; mostly for people to discontinue with the site, but as well as to help change deviants usernames.

December 2010 – when the system failed.

In December 2010, an email was sent to users who were signed up with the sites newsletter, that their hired company, Silverpop Systems, Inc., was breached into and email address lists were copied. In this same weekend, Gauker also had their systems breached and lists of email addresses and passwords were copied. A lot of people were asking for people to change their passwords. At this time, it was not apparent to the Staff for this to happen.

A few days later, some deviants started new accounts proclaiming that their accounts had been compromised and deactivated by a cracker. In response, dA staff, such as chix0r (avatar name), whose role is the Director of Community Operations, to write a journal on this issue. This can be found here. On an official project undertaken by dA, deviant365, to change their passwords.

It was clear that they needed to fix something in the system. At this time dA desired to get work on a grace period to the system (originally 30 days, now 5 days.) that would allow more time for the actual deviants to explain their situation and stop this. This adjustment was implemented on the 6 Jan 2011. However, anyone who had their account compromised before that time will not get their accounts back.

On the 6 Jan, two very famous  deviants, bri-chan and GENZOMAN had their accounts compromised and deactivated. These accounts were saved from the new adjustment to the system. Bri-chan not only got her dA account compromised, but also her livejournal and hotmail account compromised too. The system isn’t perfect as GENZOMAN had lost his watchers in the process, and his email was also compromised.

For peoples information, deviant Fuhrer-Glasses did a journal where he updated who got hacked, the comments etc. this can be found here.

Recommendations to deviantART and to their deviants.

deviantART,

  • Giving back deviants accounts back which were compromised and deactivated before 6 Jan 2011 would be useless as there is no important data is no longer in the servers (data such as the deviant’s messages are still held there, but art files, descriptions and comments, favorites, journals and front page information are no longer stored in deviantART’s servers.) What dA has done since is given to the new deviants their subscriptions back, and sincere apologies.
  • dA needs to drastically rethink various security options. This may mean finding ways to get better passwords out of people, or to rethink the deactivation system. Deviants need to think if they would rather see a crying fella, or a recurring fortnight of a popular deviant to leave dA, only to return the next week.
  • This is a major issue, yes, but is being handled in my view quite well, what they need to do however is speed up this process, so that they can focus on other issues, such as Copyright and Etiquette, Fixing the site (maybe getting the reactor out?)

Deviants,

  • Deviants Need to make sure that they have a copy of all their work on their computer, or on their hard drive. You can download the works you don’t have saved somewhere else.
  • Deviants Need to make sure that their all their passwords are secure, not just on deviantART. I should note that what a lot of deviants including chix0r, have suggested http://howsecureismypassword.net/, which I highly don’t recommend. The site uses an  old algorithm that is rarely used to attack people with. This is better explained here. I would suggest http://www.passwordmeter.com/ which is what I use, or Microsoft Online Safety Password Checker.
  • Deviants can also follow what former senior SparkLum has said, by clicking here.
  • Deviants who do not understand the entire situation need to chill out for a while.

It is important that users in a whole understand how to be secure on the internet. This hopefully, will getting people to learn about how to be safe an secure on the internet as a whole.

Word count: 893 words.

1) Introduction

Joshua La Macchia on

Introduction

Hi people who come from cyberspace!

I’ve had this site since the start of November, really not knowing what to do with it. However, this site will soon be my resting place on the internet. I will be tweeking the site as I learn PHP and CSS, but until I do that, I hope you enjoy.

Quick Navigation

Oh the left will be some other pages such as links and about pages.

On the right will be some stuff that will do with my blog.

The middle will be the blog itself.

I hope you enjoy the site, and what I’ll be putting on when I’m here. but while I’m here, please do subscribe via the RSS (which will be found in the links page) and I hope stuff will happen!

Thanks!

Question
If you know of some good website design sites for total n00bs, plz leave a comment! It’ll be greatly appreciated!