Saturday, November 15, 2014

Boot up: unfair big data, 10 security laws, Siri as a friend, Whisper investigated

A burst of 10 links for you to chew over, as picked by the Technology team

Moritz Hardt on the limits of "big data":

Ironically, Gilian Tett is well known for reporting on the failure of such things as "multi-variable equations" in the wake of the financial crisis, but she is perplexingly quick to accept that multi-variable equations are neutral and therefore fair, because the "computer experts" (whatever that means) at the police station asserted them to be so.

My goal is not to belabor this one example. Instead I'd like to refute the claim that "machine learning is fair by default". I don't mean to suggest that machine learning is inevitably unfair, but rather that there are powerful forces that can render decision making that depends on learning algorithms unfair. Any claim of fair decision making that does not address the technical issues that I'm about to discuss should strike you as dubious.

Here at the Microsoft Security Response Center, we investigate thousands of security reports every year. In some cases, we find that a report describes a bona fide security vulnerability resulting from a flaw in one of our products; when this happens, we develop a patch as quickly as possible to correct the error. (See "A Tour of the Microsoft Security Response Center"). In other cases, the reported problems simply result from a mistake someone made in using the product. But many fall in between. They discuss real security problems, but the problems don't result from product flaws. Over the years, we've developed a list of issues like these, that we call the 10 Immutable Laws of Security.

Not new, but no less true.

Judith Newman:

I asked [William] Mark [vp for information and computing sciences at SRI, which began Siri] if he knew whether any of the people who worked on Siri's language development at Apple were on the spectrum. "Well, of course, I don't know for certain," he said, thoughtfully. "But, when you think about it, you've just described half of Silicon Valley."

Of all the worries the parent of an autistic child has, the uppermost is: Will he find love? Or even companionship? Somewhere along the line, I am learning that what gives my guy happiness is not necessarily the same as what gives me happiness. Right now, at his age, a time when humans can be a little overwhelming even for the average teenager, Siri makes Gus happy. She is his sidekick. Last night, as he was going to bed, there was this matter-of-fact exchange:

Gus: "Siri, will you marry me?"

Photo

Siri: "I'm not the marrying kind."

Gus: "I mean, not now. I'm a kid. I mean when I'm grown up."

Siri: "My end user agreement does not include marriage."

Gus: "Oh, OK."

It's both heartwarming and intriguing.

Uservoice is a service where people can vote for wanted features. (It was used by the UK government for Show Me A Better Way, its call for suggestions of how people would use UK government open data if it were available.) Ranking very high on Sunday: Iranian users wanting a calendar; Iranian users wanting access to the Windows Store. And some other non-Iranian requests, notably around "Aero Glass".

Mike Masnick:

of course, CAFC [Court of Appeals for the Federal Court, which ruled that APIs are copyrightable] is not the final stop in the line (even if some patent trolls wish it were). As was fully expected, Google has now asked the Supreme Court to hear an appeal on the case. Google's petition is a good read highlighting the "disarray" in the various different circuits about whether or not copyright law applies to APIs. The law itself (Section 102(b)) is pretty explicit: "In no case does copyright protection for an original work of authorship extend to any idea, procedure, process, system, method of operation, concept, principle, or discovery, regardless of the form in which it is described, explained, illustrated, or embodied in such work." Many of us clearly think that APIs fit under this as a system or method of operation. But, others disagree.

These are the embers of Oracle's lawsuit against Google claiming that Android infringed both patent and copyright. The patent side fizzled; now Oracle needs a result on API copyrightability. If it gets it, the case would come back to life.

Microsoft has withdrawn an update released this past Tuesday due to user reports of system reboots after installation.

The update released as described in Microsoft Security Advisory 2949927 added SHA-2 hash algorithm signing and verification for Windows 7 and Windows Server 2008 R2. It was one of three proactive security feature updates released on Tuesday in addition to the eight patches of Windows and Office.

Marco Arment owns a Mac Pro, but is already wondering about getting a "5K iMac":

Waiting for an external Apple 5K display for Mac Pros or other Macs?

If I had to guess, you'll have a long wait, and they won't work with any Mac sold to date.

Panel yields may be tight for a while, and external displays are a low priority for Apple. The original 27" iMac's groundbreaking LCD panel wasn't available in an external display from Apple for almost a year after its release. But that's not the biggest problem.

Pushing this many pixels requires more bandwidth than DisplayPort 1.2 offers, which is what Thunderbolt 2 ports use for outputting video signals. (I wrote about this a few times.) Doing it right will require waiting until DisplayPort 1.3 in Thunderbolt 3 on Broadwell's successor, Skylake, which isn't supposed to come out for at least another year — and Intel is even worse at estimating ship dates than I am, so it's likely to be longer.

Dell is about to offer a 5K display - at the same price as the iMac.

Bob Lefsetz is a highly respected voice in the music industry:

Streaming won. Hell, it won in movies/TV first. We're never going back to ownership. We're never going back to windows. Can't we all at least start on the same page?

As for labels getting an ownership interest in streaming services, that does not mean Spotify, et al, pay out any less in royalties. And I could explain economics to you but the truth is you signed that deal and whoever told you nothing changes is an idiot you should never pay attention to again.

Your enemy is obscurity. Any way to reach people is to be applauded. Nowhere is it written that recorded music should generate as much revenue as it did in the past, nowhere is it written that you should be able to spend hundreds of thousands of dollars making an album, nowhere is it written that you're entitled to make music at all!

Conclusions:

Anonymous users have good reason to be concerned about their anonymity when using the Whisper application. While they may not have provided their name, the application has generated a unique identifier that can potentially be used to track them throughout the life of the application. When associated with unfiltered or overlapped global positioning data, their identities could be at risk.

Zdziarski is an iOS forensics expert and security researcher.

For the past few months, Google has been rumored to be working on a new initiative known as Android Silver. The program would aim to make Android software seem more consistent across smartphones from different manufacturers.

This would mean Android phone makers wouldn't be able to customize the software on their phones as much as they do today, and Google's Android partners don't seem to be on board with that idea. 

Android Silver has reportedly been "shelved," Re/code's Ina Fried reports, mainly because device makers didn't want to use such a restricted version of Android on their new phones. They also didn't want to scale back their own branding and share it with another company, according to Fried.

Android OEMs don't want to give up the chance of differentiation - which is what gives them brand loyalty, and profits.

You can follow Guardian Technology's linkbucket on Pinboard

To suggest a link, either add it below or tag it with @gdntech on the free Delicious service.


View the original article here

No comments:

Post a Comment