Friday, October 29, 2010

The value of being open

The Register reports that the security on the iPhone 4 can easily be bypassed by a particular sequence of key presses. Apparently earlier iPhones suffered from a similar issue.

On a recent earnings call, Steve Jobs amusingly described Apple's iPhone as being more "open" than Google's Android operating system. If the iPhone really were in fact open at all, security problems like this would have more likely been found and fixed before they were widely distributed. End users would have been able to patch their own phones, if they wanted to, using the source code to Android itself. There are how-to articles and online support communities to help. And finally, if iPhone were really an open platform, other companies or enthusiasts could port Adobe Flash or Java to run on it.

The bottom line is you will never be able to fully trust your machine if it is running Apple software. You don't know if it's secure, and without source code you will never know if apps are stealing your data or are making transactions on your account. It's sad to hear Steve Jobs trying to claim the mantle of being "open" when it's so clear he wants to completely control the experience of every one of his customers - to their detriment, with at best an ephemeral benefit in return.

Wednesday, October 27, 2010

Firesheep

There's a new Firefox plugin called Firesheep which helps people hack your social network accounts. Here's some information about what it does and how you can react to it.

What it does

Firesheep configures your network connection to monitor the traffic your neighbors are generating. Looking at their network traffic, the plugin can find any "cookies" transferred between your browser and the social networking site. Once it's grabbed the cookie, it can implant their cookie into your browser, giving you access to their account. Social network sites which are vulnerable include Facebook and Twitter.

When are you vulnerable?

Although the plugin sounds pretty powerful, it's only dangerous in a particular environment - one in which your machine can see the network traffic of your neighbors (and they can see yours). So if you are connected to the network via an open WiFi hot spot, you can see the traffic of other people. If you're at work but they use an old security mechanism called WEP then others can pretty easily see your network traffic; I don't think the current Firesheep plugin handles this case, but it wouldn't be too difficult to add.

Wired networks are pretty safe. Modern switches and routers keep you from seeing the traffic of other machines on the network, even on your local network segment.

What can you do to be safe?

  • Contact your social network vendor and insist they encrypt your entire session (not just the login sequence) via SSL. Google has already configured Gmail to do this by default. And then while you're waiting:
  • Don't connect to your social networking site over public networks. Don't use Twitter or Facebook at a coffee shop, or frankly even on your phone, unless you don't mind someone having access to your account. Make sure your WiFi at home has a WPA2 password configured.
  • Don't let it matter. Make sure no other sites will trust your credentials from your social networking site; this is an issue if you use OpenID at the other sites, and those sites trust your social network identity. You should also make sure you don't mind losing any items or value you might have stored up in a game or other application in your account, email or photographs stored there, etc.

Sunday, October 24, 2010

Driving the Chevy Volt

I test-drove the Chevy Volt today. I've been following the story of this car and its technology on the gm-volt.com web site for about three years now, and am excited to have the opportunity to finally see it in person.

The Volt is an electric car with a gasoline engine. It's not like the gas/electric hybrids currently available; the gas engine exists to charge the battery, not to drive the car. It's more properly known as an Extended Range Electric Vehicle. The battery will drive the car for about 40 miles before the gas engine kicks on into "charge-sustaining mode." The electric engine is still driving the car; at some higher speeds, the rotations from the gas engine help drive the car a bit, but never on its own. With a full tank of gas, the total range of the car should be about 250 miles.

The car itself was pretty nice looking; it had that new-car appeal. Under the hood there are what look like individual modules; the gas engine is in there, as well as a computer system, and containers for various fluids (brake, coolant, wiper, etc.). The back is a hatch-back, with a small open space behind the back seats; I worry a bit that things might fly forward out of there if you stop suddenly. Lifting up the "floor" of the hatch space, you see access panels for the battery terminals, and space for a charger cord. Not until later did I realize I hadn't seen the spare tire; there may be one under the vehicle.

There are four bucket seats in the car; the two seats in back are separated by what I believe is part of the T-shaped battery. The back seats fold down, to allow more cargo space. Someone remarked "that's plenty of room for camping gear!" but I thought "only if you don't take your kids with you." This is not a cargo car; it'll move groceries around, and take you and a friend to the airport, but maybe not more.

Overall, this is a practical electric car to have. It will take you around town on the electric charge, and take you on a longer trip with the gasoline engine as an extender. If you have a family, your second car should have some hauling space, and probably seat at least five. Houston won't likely have any available until next year or so; I just hope the $7500 tax break is still around when I'm ready to buy my Volt.

Wednesday, October 20, 2010

Update - Facebook apps leak your identity to advertisers

In an update to my previous post on the danger of "apps", a researcher has found that Facebook applications leak your identity to advertisers. Any application which displays ads to you while you use it is potentially sending your identity to their advertisers.

Why does this happen? It could be sloppy programming on the part of the application (i.e. Farmville in the article), or it could be the result of the contract between the application provider and their advertisers:

  • Sloppy programming

    Any application which displays ads by asking your browser to fetch the ad directly from the advertiser's system is running the risk that all kinds of information from your browser reaches the advertiser. A more secure way to deliver ads would be for the application to request the ad for you, then display it to you; it could then make you anonymous to the advertiser. However, advertisers may explicitly want to avoid this, which brings us to:
  • Contractual obligations to advertisers

    Advertisers are paying the application either for each ad displayed or when a user "clicks" on the ad. An advertiser would typically want to make sure that the ads actually reach the users; if they're paying for "impressions" then they probably want to count those deliveries themselves. Therefore they're less likely to trust the application developer to count for them; instead, they'll want to identify each ad request by its unique browser/requestor.

    Another consideration is that advertisers (or the ad networks that deliver the ads to the applications on their behalf) may explicitly want access to your browser so they can use cookies to track you. They therefore would not want the application to fetch the ads on your behalf; they would want your browser to make the request directly, so they can fetch and drop tracking information. In theory, this tracking information should allow you to be "semi-anonymous"; however, if it's tied to an explicit Facebook (or other social network) ID, then that anonymity vanishes.

What's the solution? Well, the easiest is: don't use "apps" in social network settings. Other solutions are a bit harder. You could use a Firefox extension to block the information from the advertisers; I don't use any so I can't personally recommend any particular one. You could configure your browser to use an anonymizer - a proxy which strips your personal information and routes your request through several machines so the web site has a harder time identifying you. Or you can run a proxy server on your local machine which modifies incoming pages and outgoing requests. You can even run a combination of all of these, so you don't have to place all your trust in any one solution.

Monday, October 18, 2010

Project proposal - please vote

Please check out and vote for a new proposal at Mozilla's Drumbeat site. It's project which will create an interface which will allow educators to bring together disparate teaching materials online. This should allow teachers to create curricula from content available world-wide; allow authors to contribute more easily to a global educational corpus; and allow researchers and entrepreneurs to use the materials in innovative new ways. I urge you to look through the materials and give it your vote, to help convince Mozilla to fund the proposal.

Full disclosure: I am related to the project author.

Saturday, October 16, 2010

Houston ISD Magnet Program survey - admissions criteria

I wrote earlier about Houston ISD's questionnaire about its magnet programs; in particular about the survey question on funding. Another such question asked about how students should be admitted to magnet programs.

The magnet programs at HISD exist both to cluster students with similar interests, skills, and abilities, and to allow students from under-performing schools to attend programs outside their HISD zone. In a perfect world, every student who wanted to attend a magnet program would; however, there are a limited number of programs, and a limited number of students the programs can admit. Therefore there needs to be some way for a program to admit a fraction of its applicants.

One thing that makes this a little more complicated is that HISD has a parallel program called "Vanguard" which targets a subset of the children who are identified as "gifted and talented." I think the idea is generally sound - it's easier to provide a centralized accelerated academic program in a small number of schools than it is to have a separate such program in each of schools. I'll address each program (Vanguard, magnet) for each grade level (elementary, middle, high school).

Elementary school

  • Vanguard

    HISD uses a battery of tests to determine which students are identified as "gifted and talented"; within that population, a further set of tests determine which students qualify for the "Vanguard" program. I'm not sure the data convince me these second tests are effective - it's not clear that all the students chosen for the programs end up thriving in them, nor is it clear that the students excluded from such programs would not have done better as participants. If the second battery of tests does not effectively differentiate between those populations, then perhaps admission to a Vanguard program at this level should be by lottery from the pool of "gifted and talented" applicants.
  • Magnet

    I believe most magnet programs at this level accept applicants by lottery. This seems pretty fair.

Middle school

  • Vanguard

    At this level HISD has more data about its students, based on grades, test scores, and teacher evaluations. It may have enough information to be able to tell which students would benefit from accelerated Vanguard programs. If so, selection based on these criteria would be appropriate. If the data are not enough to be able to rank students, then perhaps a threshold to apply plus a lottery among the qualified would be better and would allow more students to participate. Some students might not thrive in such an environment and may choose to leave it; programs should actively recruit new students for open spots in 7th and 8th grades to replace them.
  • Magnet

  • The Magnet schools at this level are impressive - foreign language, performing and visual arts, etc. Students are likely to self-select at this point, so it may be that a lottery is reasonable as a selection process. On the other hand, it may be better to use the screening processes that high school programs use, below. Students can further be clustered in the school by aptitude for acceleration, if appropriate.

High school

  • Vanguard

    By high school, the district should have enough data to be able to determine which students will do well in a Vanguard/accelerated program. Students will also self-select at this level, since these programs will typically include an expectation that students take a decent number of IB or AP courses and exams. The pressure to have a high GPA may convince students not to attend unless they're sure they'll succeed. Therefore, at this level the schools should probably have open admissions or a lottery of all candidates who qualify based on grades and test scores.
  • Magnet

    The Magnet schools at this level are really incredible - foreign language, performing and visual arts, science/medical, engineering, even a school with a flight program. If the program has some minimum ability requirements it should test for them (language fluency or aptitude, science/math scores or grades, performing ability, etc.) Like the Vanguard programs above, students will likely self-select at this point, so programs should probably have open admissions or a lottery among all who qualify. The assumption is that anyone applying to such a school will be interested enough to succeed if they have the skills to do so.

Since one of the goals of the magnet program is to allow students to "escape" an under-performing they're zoned to, perhaps at each level some preference should be given to an applicant who is zoned to such a school. There also, frankly, should be more magnet programs!

Friday, October 15, 2010

Houston ISD Magnet Program survey - funding magnet programs

Houston ISD is conducting a survey of parents and teachers about its magnet program, sending out questionnaires and holding town hall meetings around the city. The survey they sent out asks a number of thought-provoking questions; I'm curious to know how they collate and respond to the submissions they receive. I wonder if they will hold a subsequent round of discussions so we can react to each others' responses.

One question asked how you would recommend funding the programs at magnet schools; they give three suggestions: (1) equal funding by school; (2) funding by pupil; (3) differential funding by type of program. They give only a small box for the response, so I thought I'd elaborate on my submission here:

Each paradigm has its merits and demerits.

  • Funding by pupil has the problem that programs with few pupils, especially starting programs, may not have enough baseline funding to hire the personnel necessary to get established.
  • Funding "by program type" implies differential funding - do STEM schools get more than music/arts schools? How about Vanguard/Gifted schools? Do we decide there are a small number of "types" and assign funding amounts to them? How would an innovative new "type" of program get established and funded?
  • Finally, while equal funding per school sounds fair, it can be attacked as providing inordinate funding to schools with small magnet populations. It might also under-fund popular programs with a large number of applicants.

Perhaps a "tiered" system makes sense. Schools with 1 - 100 magnet students would receive some baseline amount; schools with 101 - 200 get more; and perhaps a per-capita allowance for every student over 200. That might be supplemented by service-based funding for things like after-school programs, or grants of initial capital to do things like purchasing art supplies and tools, musical instruments, gymnastics or dance items, etc.

Monday, October 11, 2010

The danger of "apps"

A recent study of a sample of Android apps found that they were "calling home" (sending the phone's current location to a remote web site) on a periodic basis. It was clear that the apps were not telling the user they were doing this; what was not so clear was if the users were adequately notified of this behavior when the applications were installed.

On a related front, Facebook applications can access and store your data and the data of visiting friends. The site gives you some options to suggest which data you want to share and with whom; however, keep in mind that behind the scenes the software must try to interpret your preferences in a way that keeps both you and Facebook's advertisers happy. That's not a tension that is likely to resolve in your favor.

My suggestion would be to delete any applications you don't need from your phones and social networking sites. Eventually, if you really need a phone or device which runs "apps," I'd suggest an Android, because it can be legitimately upgraded (hacked?) to reveal (and perhaps control) such data leaks. And remember, even though your location, demographic, and friend information may seem like innocuous information to be sharing, keep in mind all your data are potentially public.