Sign in or Join FriendFeed
FriendFeed is the easiest way to share online. Learn more »

Ho John Lee › Comments

Ho John Lee
About the Skein Hash Function Family | The Skein Hash Function Family - http://skein-hash.info/about
skein,hashing,algorithms,crypto,privacy,security, aes, - Ho John Lee
Ho John Lee
Fbootstrapp by Clemens Krack, based on Bootstrap, from Twitter - http://ckrack.github.com/fbootst...
Fbootstrapp is a toolkit designed to kickstart development of facebook iframe apps in both relevant sizes. It includes base CSS and HTML for typography, forms, buttons, tables, grids, navigation, and more, styled in the typical facebook look and feel. - Ho John Lee
Ho John Lee
John Resig - Keeping Passwords in Source Control - http://ejohn.org/blog...
How do you store sensitive configuration options (such as usernames, passwords, etc.) in source control? ...keep an encrypted version of the configuration file in source control and then provide a means through which the user can encrypt and decrypt that data. - Ho John Lee
Ho John Lee
Firebase Blog, The New Firebase Security API - http://blog.firebase.com/post...
security,privacy,authentication,consumer,firebase,internet,identity - Ho John Lee
Ho John Lee
Firebase Blog, The New Firebase Security API - http://blog.firebase.com/post...
security,privacy,authentication,consumer,firebase,internet,identity - Ho John Lee
Ho John Lee
Determining the Age of a Canon Lens - http://www.the-digital-picture.com/Canon-L...
To determine the age Canon lens based on a 10-digit serial number: To age a Canon lens using the 10-digital serial number Canon lenses, we dissect the serial number as: DD C SSSSSSS The DD is the key to the date of manufacture of the lens - the date code. The long, narrow Canon lens date code chart is shown on the right side of this page. Future dates are predictions/expectations. Of particular interest is how the numbering system will behave in 2013/03 when the 99 is incremented. Will the DD value roll over to 00? Increment to 100 - becoming DDD? The third digit in the serial number, C, may be a charge/batch type of number. Canon has been using this number to indicate lenses needing specific service-related updates such as firmware. The remaining digits in the serial number, SSSSSSS, are the uniquely-identifying serial number of the lens. Please take note that, while the overall chart is holding out nicely with the lenses we've checked, it is a work-in-process. In part, - Ho John Lee
Ho John Lee
Determining the Age of a Canon Lens - http://www.the-digital-picture.com/Canon-L...
To determine the age Canon lens based on a 10-digit serial number: To age a Canon lens using the 10-digital serial number Canon lenses, we dissect the serial number as: DD C SSSSSSS The DD is the key to the date of manufacture of the lens - the date code. The long, narrow Canon lens date code chart is shown on the right side of this page. Future dates are predictions/expectations. Of particular interest is how the numbering system will behave in 2013/03 when the 99 is incremented. Will the DD value roll over to 00? Increment to 100 - becoming DDD? The third digit in the serial number, C, may be a charge/batch type of number. Canon has been using this number to indicate lenses needing specific service-related updates such as firmware. The remaining digits in the serial number, SSSSSSS, are the uniquely-identifying serial number of the lens. Please take note that, while the overall chart is holding out nicely with the lenses we've checked, it is a work-in-process. In part, - Ho John Lee
Ho John Lee
Privacy Papers for Policy Makers 2012 | Future of Privacy - http://www.futureofprivacy.org/privacy...
Future of Privacy Forum is pleased to share the third annual “Privacy Papers for Policy Makers,” showcasing leading analytical thinking about current and emerging privacy issues. Leading Privacy Papers: Bringing the Gap Between Privacy and Design Deirdre Mulligan and Jennifer King ‘Going Dark’ Versus a ‘Golden Age for Surveillance’ Peter Swire and Kenesa Ahmad “How Come I’m Allowing Strangers to Go Through My Phone”?: Smart Phones and Privacy Expectations Jennifer King Mobile Payments: Consumer Benefits & New Privacy Concerns Chris Jay Hoofnagle, Jennifer M. Urban, and Su Li Smart, Useful, Scary, Creepy: Perceptions of Online Behavioral Advertising Blase Ur, Pedro G. Leon, Lorrie Faith Cranor, Richard Shay and Yang Wang The ‘Re-Identification’ of Governor William Weld’s Medical Information: A Critical Re-Examination of Health Data Identification Risks and Privacy Protections, Then and Now Daniel Barth-Jones Privacy by Design: A Counterfactual Analysis of Google and Facebook Pri - Ho John Lee
Ho John Lee
Privacy Papers for Policy Makers 2012 | Future of Privacy - http://www.futureofprivacy.org/privacy...
Future of Privacy Forum is pleased to share the third annual “Privacy Papers for Policy Makers,” showcasing leading analytical thinking about current and emerging privacy issues. Leading Privacy Papers: Bringing the Gap Between Privacy and Design Deirdre Mulligan and Jennifer King ‘Going Dark’ Versus a ‘Golden Age for Surveillance’ Peter Swire and Kenesa Ahmad “How Come I’m Allowing Strangers to Go Through My Phone”?: Smart Phones and Privacy Expectations Jennifer King Mobile Payments: Consumer Benefits & New Privacy Concerns Chris Jay Hoofnagle, Jennifer M. Urban, and Su Li Smart, Useful, Scary, Creepy: Perceptions of Online Behavioral Advertising Blase Ur, Pedro G. Leon, Lorrie Faith Cranor, Richard Shay and Yang Wang The ‘Re-Identification’ of Governor William Weld’s Medical Information: A Critical Re-Examination of Health Data Identification Risks and Privacy Protections, Then and Now Daniel Barth-Jones Privacy by Design: A Counterfactual Analysis of Google and Facebook Pri - Ho John Lee
Ho John Lee
How To Strip DRM from Kindle E-Books and Others | Gadget Lab | Wired.com - http://www.wired.com/gadgetl...
You love your Kindle, but you hate the DRM. What do you do? Well, if you like, we’ll tell you how to strip the copy-protection from your e-books, leaving a plain, vanilla e-book file in the format of your choice. This doesn’t just work for Kindle book, either. The method, detailed by Apprentice Alf, will also remove DRM from Mobipocket, Barnes and Noble, Adobe Digital Editions and Fictionwise books, making these stores much more attractive to buyers. - Ho John Lee
Ho John Lee
How To Strip DRM from Kindle E-Books and Others | Gadget Lab | Wired.com - http://www.wired.com/gadgetl...
You love your Kindle, but you hate the DRM. What do you do? Well, if you like, we’ll tell you how to strip the copy-protection from your e-books, leaving a plain, vanilla e-book file in the format of your choice. This doesn’t just work for Kindle book, either. The method, detailed by Apprentice Alf, will also remove DRM from Mobipocket, Barnes and Noble, Adobe Digital Editions and Fictionwise books, making these stores much more attractive to buyers. - Ho John Lee
Ho John Lee
FTC Recommends Best Practices for Companies That Use Facial Recognition Technologies: Companies Using the Technologies Should Design Services with Consumer Privacy in Mind - http://www.ftc.gov/opa...
The Federal Trade Commission today released a staff report "Facing Facts: Best Practices for Common Uses of Facial Recognition Technologies" for the increasing number of companies using facial recognition technologies, to help them protect consumers’ privacy as they use the technologies to create innovative new commercial products and services. Facial recognition technologies have been adopted in a variety of contexts, ranging from online social networks and mobile apps to digital signs, the FTC staff report states. They have a number of potential uses, such as determining an individual’s age range and gender in order to deliver targeted advertising; assessing viewers’ emotions to see if they are engaged in a video game or a movie; or matching faces and identifying anonymous individuals in images. Facial recognition also has raised a variety of privacy concerns because – for example – it holds the prospect of identifying anonymous individuals in public, and because the data collect - Ho John Lee
Ho John Lee
FTC Recommends Best Practices for Companies That Use Facial Recognition Technologies: Companies Using the Technologies Should Design Services with Consumer Privacy in Mind - http://www.ftc.gov/opa...
The Federal Trade Commission today released a staff report "Facing Facts: Best Practices for Common Uses of Facial Recognition Technologies" for the increasing number of companies using facial recognition technologies, to help them protect consumers’ privacy as they use the technologies to create innovative new commercial products and services. Facial recognition technologies have been adopted in a variety of contexts, ranging from online social networks and mobile apps to digital signs, the FTC staff report states. They have a number of potential uses, such as determining an individual’s age range and gender in order to deliver targeted advertising; assessing viewers’ emotions to see if they are engaged in a video game or a movie; or matching faces and identifying anonymous individuals in images. Facial recognition also has raised a variety of privacy concerns because – for example – it holds the prospect of identifying anonymous individuals in public, and because the data collect - Ho John Lee
Ho John Lee
FTC Publishes Facial Recognition Guidelines | TPM Idea Lab - http://idealab.talkingpointsmemo.com/2012...
There are two cases where the FTC believes that companies need to get a consumer’s “affirmative express consent,” that is, an “opt-in,” before using information captured via facial recognition: When identifying anonymous individuals to third parties that wouldn’t otherwise know who they were, and when using any data or imagery captured via facial recognition for purposes outside of what was initially stated by the company. In case companies weren’t already aware, the FTC also points out that what’s okay under U.S. law concerning facial recognition technologies might be illegal in other countries. - Ho John Lee
Ho John Lee
FTC Publishes Facial Recognition Guidelines | TPM Idea Lab - http://idealab.talkingpointsmemo.com/2012...
There are two cases where the FTC believes that companies need to get a consumer’s “affirmative express consent,” that is, an “opt-in,” before using information captured via facial recognition: When identifying anonymous individuals to third parties that wouldn’t otherwise know who they were, and when using any data or imagery captured via facial recognition for purposes outside of what was initially stated by the company. In case companies weren’t already aware, the FTC also points out that what’s okay under U.S. law concerning facial recognition technologies might be illegal in other countries. - Ho John Lee
Ho John Lee
Restoration of defocused and blurred images. Yuzhikov.com - http://yuzhikov.com/article...
Restoration of distorted images is one of the most interesting and important problems of image processing - from the theoretical, as well as from the practical point of view. There are especial cases: blurring due to incorrect focus and blurring due to movement - and these very defects (which each of you knows very well, and which are very difficult to repair) were selected as the subject of this article. As for other image defects (noise, incorrect exposure, distortion), the humanity has learned how to correct them, any good photo editor has that tools. Why is there almost no means for correction of blurring and defocusing (except unsharp mask) - maybe it is impossible to do this at all? In fact, it is possible - development of a respective mathematical theory started approximately 70 years ago, but like other algorithms of image processing, deblurring algorithms became wide-used just recently. So, below is a couple of pictures to demonstrate the WOW-effect: - Ho John Lee
Ho John Lee
Restoration of defocused and blurred images. Yuzhikov.com - http://yuzhikov.com/article...
Restoration of distorted images is one of the most interesting and important problems of image processing - from the theoretical, as well as from the practical point of view. There are especial cases: blurring due to incorrect focus and blurring due to movement - and these very defects (which each of you knows very well, and which are very difficult to repair) were selected as the subject of this article. As for other image defects (noise, incorrect exposure, distortion), the humanity has learned how to correct them, any good photo editor has that tools. Why is there almost no means for correction of blurring and defocusing (except unsharp mask) - maybe it is impossible to do this at all? In fact, it is possible - development of a respective mathematical theory started approximately 70 years ago, but like other algorithms of image processing, deblurring algorithms became wide-used just recently. So, below is a couple of pictures to demonstrate the WOW-effect: - Ho John Lee
Ho John Lee
Deanonymizing Mobility Traces: Using Social Networks as a Side-Channel GraphInfoFlow.CCS2012.pdf - http://www.cs.umd.edu/~mwh...
Mudhakar Srivatsa, IBM T.J. Watson Research Center Mike Hicks, University of Maryland The key idea of our approach is that a user may be identified by those she meets: a contact graph identifying meetings between anonymized users in a set of traces can be structurally correlated with a social network graph, thereby identifying anonymized users. We demonstrate the effectiveness of our approach using three real world datasets: University of St Andrews mobility trace and social network (27 nodes each), SmallBlue contact trace and Facebook social network (125 nodes), and Infocom 2006 bluetooth contact traces and conference attendees’ DBLP social network (78 nodes). Our experiments show that 80% of users are identified precisely, while only 8% are identified incorrectly, with the remainder mapped to a small set of users - Ho John Lee
Ho John Lee
Privacy and Security Fanatic: Deanonymizing You: I know who you are after 1 click online or a mobile call - http://www.networkworld.com/communi...
This week at the Association for Computing Machinery's Computer and Communications Security (ACM CCS) conference in Raleigh, NC, researchers Mudhakar Srivatsa and Mike Hicks are to present "Deanonymizing mobility traces: using social networks as a side-channel" [PDF]. It's interesting how the mobility traces were matched to a contact graph and then social networks were exploited to find friendships via Facebook data and business relationships via LinkedIn. - Ho John Lee
Ho John Lee
Deanonymizing Mobility Traces: Using Social Networks as a Side-Channel GraphInfoFlow.CCS2012.pdf - http://www.cs.umd.edu/~mwh...
Mudhakar Srivatsa, IBM T.J. Watson Research Center Mike Hicks, University of Maryland The key idea of our approach is that a user may be identified by those she meets: a contact graph identifying meetings between anonymized users in a set of traces can be structurally correlated with a social network graph, thereby identifying anonymized users. We demonstrate the effectiveness of our approach using three real world datasets: University of St Andrews mobility trace and social network (27 nodes each), SmallBlue contact trace and Facebook social network (125 nodes), and Infocom 2006 bluetooth contact traces and conference attendees’ DBLP social network (78 nodes). Our experiments show that 80% of users are identified precisely, while only 8% are identified incorrectly, with the remainder mapped to a small set of users - Ho John Lee
Ho John Lee
Privacy and Security Fanatic: Deanonymizing You: I know who you are after 1 click online or a mobile call - http://www.networkworld.com/communi...
This week at the Association for Computing Machinery's Computer and Communications Security (ACM CCS) conference in Raleigh, NC, researchers Mudhakar Srivatsa and Mike Hicks are to present "Deanonymizing mobility traces: using social networks as a side-channel" [PDF]. It's interesting how the mobility traces were matched to a contact graph and then social networks were exploited to find friendships via Facebook data and business relationships via LinkedIn. - Ho John Lee
Ho John Lee
Mike Jones: self-issued » OAuth 2.0 RFCs Completed - http://self-issued.info/?p=870
The OAuth 2.0 Core and Bearer specifications are now RFC 6749 and RFC 6750. This completes the journey to standardize a pair of simple identity specifications that are already in very widespread use for Web, enterprise, cloud, and mobile applications. They make things better by enabling access to resources to be granted without giving the password for the resource to the party being granted access (a pattern that used to be all too common). I believe that the completion of these RFCs will only accelerate the momentum behind the adoption of simple REST/JSON based identity solutions. Some of the related standards that are already well under way and in use include the OAuth Assertion Framework, the OAuth SAML 2.0 Assertion Profile and OAuth JWT Assertion Profile, JSON Web Token (JWT), the JSON Object Signing and Encryption (JOSE) specs – JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Algorithms (JWA), and OpenID Connect. Watch this space for future - Ho John Lee
Ho John Lee
Apple’s New Advertising ID in iOS6 Sets the Standard | Apsalar - http://apsalar.com/blog...
In June, Apple announced the introduction of 2 new IDs in the UIDevice class as part of iOS6 (which will be available in the fall): identifierForAdvertising (IDFA) which is a cross-app/publisher identifier identifierForVendor (IDFV) which is a publisher-specific identifier This is great news for the mobile app advertising industry, as it will significantly impact the industry’s revenue and growth. Some reasons why IDFA is a better alternative to the UDID: Sanctioned by Apple - We have seen the birth of multiple alternatives recently (OpenUDID, ODIN, etc.), but none has really taken off. That’s because the industry is still immature and fragmented and there are so many companies that believe their individual approaches are better. As the platform owner, Apple has the power to make everyone follow and align under one, universal approach. Better than the UDID - According to information currently available, the IDFA is actually better suited for advertising purposes t - Ho John Lee
Ho John Lee
Technical Analysis of the IOS6 Tracking Identifiers and Privacy System » TRUSTe Developer Blog - http://www.truste.com/develop...
The two identifiers are as follows: advertisingIdentifier(aI) Per the documentation, this is a read-only, alphanumeric string unique to each device, used for advertising only. The value is constant for all third parties, but the ID can be deleted “if the user erases the device.” identiferForVendor (idV) Per the documentation, this is a read-only, alphanumeric string that uniquely identifies a device to the app developer. The value is the same for apps that come from the same app developer running on the same device. Comments: These IDs are an improvement over UDID and MAC Address usage, as the ID’s are non-permanent, can be deleted and have two different systems that can be used for Advertising and Analytics. Offering a separate developer-only version also provides some origin control around access to the ID. But, the aI is available to any third party so profiles can be built across different apps. In order to delete these ID’s, - Ho John Lee
Ho John Lee
Apple iOS 6 and Privacy | Center for Democracy & Technology - https://www.cdt.org/blogs...
Apple has incorporated three new identifiers to take the place of the much-maligned and unchangeable UDID: iOS 6 now makes available a vendor-specific identifier, identifierForVendor, that can be used by app developers to recognize a device across their apps; a second identifier for advertising purposes, advertisingIdentifier, that can be used by third-party ad networks to identify a device for advertising purposes; and a third application identifier, UUID, that is a more accessible way for applications to create identifiers specific to that application. These three IDs may sound similar but the details are quite different: The vendor identifier is cleared when the user uninstalls the last app on their phone by a given vendor; the advertising identifier persists until the device is completely reset; the application identifier persists only if the application saves it, and then only until that application is uninstalled. Each of these new identifiers is preferable to the UDID, which c - Ho John Lee
Ho John Lee
CDT Browser Report 2010 - Browser Privacy Features: A Work in Progress | Center for Democracy & Technology - https://www.cdt.org/browser...
In this report, we examine the privacy features1 available in five Web browsers – Chrome 7, Firefox 3.6 and 4.0 beta 6, Internet Explorer 8 and 9 Beta2, Opera 10.6, and Safari 5. In the charts below, we compare the features offered by each browser in five areas: general privacy controls, privacy modes, cookie controls, object controls, and geolocation controls. All of the browsers were tested on Windows 7, except for Safari, which was tested on Mac OS X, where it is predominantly used. We provided a draft of this document to Apple, Google, Microsoft, Mozilla, and Opera several weeks in advance to allow them to verify the accuracy of the claims made in the report about their browser software. Where appropriate, we have revised the report in response to the feedback we received from those companies. Summary: No one browser stands out as the clear privacy leader. All have relative strengths and all have relative weaknesses; depending on how you use the Web (e.g. for location-enabled - Ho John Lee
Ho John Lee
Mike Jones: self-issued » OAuth 2.0 RFCs Completed - http://self-issued.info/?p=870
The OAuth 2.0 Core and Bearer specifications are now RFC 6749 and RFC 6750. This completes the journey to standardize a pair of simple identity specifications that are already in very widespread use for Web, enterprise, cloud, and mobile applications. They make things better by enabling access to resources to be granted without giving the password for the resource to the party being granted access (a pattern that used to be all too common). I believe that the completion of these RFCs will only accelerate the momentum behind the adoption of simple REST/JSON based identity solutions. Some of the related standards that are already well under way and in use include the OAuth Assertion Framework, the OAuth SAML 2.0 Assertion Profile and OAuth JWT Assertion Profile, JSON Web Token (JWT), the JSON Object Signing and Encryption (JOSE) specs – JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Algorithms (JWA), and OpenID Connect. Watch this space for future - Ho John Lee
Ho John Lee
New Firefox Command Line helps you develop faster ✩ Mozilla Hacks – the Web developer blog - https://hacks.mozilla.org/2012...
Here are the current commands that control the developer tools: console – open, clear and close the Web Console dbg and break – many controls for the Debugger and breakpoints edit – open the Style Editor on any of the CSS files loaded in the page inspect – open the Page Inspector for a part of the page resize – control the Responsive Design View tilt – control the 3D page view If I’ve been working on the page, I would likely know some of the IDs and structure used in the page, so I could enter a command like: inspect "#home-news h3" The “inspect” command takes as a parameter a CSS selector that is used to select a node on the page. An easy way to jump into page inspection on any page is to type inspect body, because every page will have only one. After typing inspect "#home-news h3", I’ll see something like th - Ho John Lee
Ho John Lee
Three Questions to Ask About Data Privacy When Managing Big Data | Data Informed - http://data-informed.com/three-q...
Companies that are delving into big data may be putting customer privacy and corporate intellectual property at risk because they haven’t thought through how their data handling practices need to change. - Ho John Lee
Ho John Lee
A Deep Dive into Facebook and Datalogix: What's Actually Getting Shared and How You Can Opt Out | Electronic Frontier Foundation - https://www.eff.org/deeplin...
In order to assess the impact of Facebook advertisements on shopping in the physical world, Datalogix begins by providing Facebook with a (presumably enormous) dataset that includes hashed email addresses, hashed phone numbers, and Datalogix ID numbers for everyone they’re tracking. Using the information Facebook already has about its own users, Facebook then tests various email addresses and phone numbers against this dataset until it has a long list of the Datalogix ID numbers associated with different Facebook users. - Ho John Lee
Other ways to read this feed:Feed readerFacebook