Monthly Archives: July 2011

Sunday!

Sunday!

Sunday!  damn…… I have been waiting for this day. Ever since I have joined an office for some part time work. I look forward Sundays more eagerly then I used to do earlier. However today is going to be busy as I figured out that I have got a lot of work to do and my current energy level as on 06:28 AM  is very low. Got to have breakfast as soon as possible.

Expecting to see a foreigner who arrived yesterday. Hope we communicate well.

Today I wanted to share a picture of oxford university of the most coveted universities in the world.

oxfordmerton

My day today!

My day today!

Today was a bit hectic for me. Generally morning means

  • firing up my browser and logging into my Google reader account and check for update on my selected websites. Very powerful and handy tools for getting latest updates from selected websites.
  • Getting ready for my part-time job at an yoga institution for some Search
    Engine Optimization work.
  • And reading newspaper of-course. (got a poster today)

Work involves publicizing the website- www.paramyoga.org , which is the official website of a yoga institution imparting training to foreigners.  This is a very simple task if the website has been optimized well. In my case- NOT AT ALL. So trying a bit hard to solve this problem.

Evening is generally for games, mostly cricket but since monsoon is in full bloom our so called cricket stadium is in ruins! Currently figuring out any other activity to do in this time.

After dinner time is a bit tough as every one keep visiting my room for some kind of help and it’s very hard to say no for me to anyone!  trying to learn “HOW TO SAY NO”. Night is very productive as I try to learn something new… I was trying out joomla lessons tonight.

 

Special event: while checking out picasa today I found out a very interesting and lovely picture therefore would like to share it.

   

lovely_face

LOVELY ISN’T IT??

US court charges an activist for downloading academic articles

US court charges an activist for downloading academic articles

Aaron Swartz

Well-known coder and activist Aaron Swartz was arrested Tuesday, charged with violating federal hacking laws for downloading millions of academic from a subscription database service that MIT had given him access to. If convicted, Swartz faces up to 35 years in prison and a $1 million fine.

Swartz, the 24-year-old executive director of Demand Progress, has a history of downloading massive data sets, both to use in research and to release public domain documents from behind paywalls. Swartz, who was aware of the investigation, turned himself in Tuesday.

Disclosure: Swartz is a co-founder of Reddit, which like Wired.com is owned by Condé Nast. He is also a general friend of Wired.com, and has done coding work for Wired.

The grand jury indictment accuses Swartz of evading MIT’s attempts to kick his laptop off the network while downloading more than four million documents from JSTOR, a non-for-profit company that provides searchable, digitized copies of academic journals. The scraping, which took place from September 2010 to January 2011 via a remote guest connection from Harvard’s network to MIT’s, was invasive enough to bring down JSTOR’s servers on several occasions.

The indictment alleges that Swartz intended to distribute the documents on peer-to-peer networks. That did not happen, however, and all the documents have been returned to JSTOR.

JSTOR, the alleged victim in the case, did not refer the case to the feds, according to Heidi McGregor, the company’s vice president of Marketing & Communications, who said the company got the documents, a mixture of both copyrighted and public domain works, back from Swartz and was content with that.

As for whether JSTOR supports the prosecution, McGregor simply said that the company was not commenting on the matter. She noted, however, that JSTOR has a program for academics who want to do big research on the corpus, but usually faculty members ask permission or contact the company after being booted off the network for too much downloading.

“This makes no sense,” said Demand Progress Executive Director David Segalin a statement provided by Swartz to Wired.com before the arrest. “It’s like trying to put someone in jail for allegedly checking too many books out of the library.”

“It’s even more strange because the alleged victim has settled any claims against Aaron, explained they’ve suffered no loss or damage, and asked the government not to prosecute,” Segal said.

JSTOR doesn’t go quite as far in its statement on the prosecution — though there are clear hints that they were not the ones who wanted a prosecution, and that they were subpoenaed to testify at the grand jury hearing by the federal government.

We stopped this downloading activity, and the individual responsible, Mr. Swartz, was identified. We secured from Mr. Swartz the content that was taken, and received confirmation that the content was not and would not be used, copied, transferred, or distributed.

The criminal investigation and today’s indictment of Mr. Swartz has been directed by the United States Attorney’s Office.

But the feds clearly think they have a substantial hacking case on their hands, even though Swartz used guest accounts to access the network and is not accused of finding a security hole to slip through or using stolen credentials, as hacking is typically defined.

In essence, Swartz is accused of felony hacking for violating MIT and JSTOR’s terms of service. That legal theory has had mixed success — a federal court judge dismissed that argument in the Lori Drew cyber-bullying case, but it was later re-used with more success in a case brought against ticket scalpers who used automated means to buy tickets faster from Ticketmaster’s computer system.

“Stealing is stealing whether you use a computer command or a crowbar, and whether you take documents, data or dollars. It is equally harmful to the victim whether you sell what you have stolen or give it away,” said United States Attorney Carmen M. Ortiz in a press release.

The indictment (.pdf) accuses Swartz of repeatedly spoofing the MAC address — an identifier that is usually static — of his computer after MIT blocked his computer based on that number. Swartz also allegedly snuck an Acer laptop bought just for the downloading into a server room at Harvard in order to get a better connection to the MIT network.

Swartz allegedly hid his face from surveillance cameras by holding his bike helmet up to his face and looking through the ventilation holes when going in to swap out an external drive used to store the documents. Swartz also allegedly named his guest account “Gary Host,” with the nickname “Ghost.”

Why would Swartz want to download what is likely gigabytes of information? His history includes a study co-authored with Shireen Barday, which looked through thousands of law review articles looking for law professors who had been paid by industry patrons to write papers. That study was published in 2008 in the Stanford Law Review.

Swartz is no stranger to the feds being interested in his skills at prodigious downloads. In 2008, the federal court system decided to try out allowing free public access to its court record search system PACER at 17 libraries across the country. Swartz went to the 7th U.S. Circuit Court of Appeals library in Chicago and installed a small PERL script he had written. The code cycled sequentially through case numbers, requesting a new document from PACER every three seconds. In this manner, Swartz got nearly 20 million pages of court documents, which his script uploaded to Amazon’s EC2 cloud computing service.

While the documents are in the public record and free to share, PACER normally charges eight cents a page.

The courts reported him to the FBI, which investigated whether the public records were “exfiltrated.” After in-depth background searches, a luckless stakeout and futile attempts to get Swartz to talk, the FBI dropped the case.

The same anti-hacking statute was used to prosecute Lori Drew, who was charged criminally for participating in a MySpace cyberbullying scheme against a 13-year-old Missouri girl who later committed suicide. The case against Drew hinged on the government’s novel argument that violating MySpace’s terms of service was the legal equivalent of computer hacking and a violation of the Computer Fraud and Abuse Act.

A federal judge who presided over the prosecution tossed the guilty verdicts in July 2009, and the government declined to appeal.

 

Originally written by Ryan Singel

wired

As published on wired.com (this article is meant to support the mentioned activist and not to intentionally infringe copyright laws)

Encryption that allows privacy and access to co-exist

Encryption that allows privacy and access to co-exist

This is an award winning research by a stanford scholar- Craig Gentry

If you’ve signed up for a Web-based e-mail service such as Google’s Gmail, or Yahoo! Mail, then you are a user of “cloud computing,” in which the storage and processing resources that data require are distributed among a vast network of servers. You almost certainly have no idea where those servers are, how many are involved, or who is managing them – they may as well be within a cloud – but the convenience of accessing the data on any connected computer or mobile device has won over you and millions of other customers.

The problem is that the cost of managing personal or corporate data this way may be privacy and security. For sensitive data to be protected from cloud operators and third parties, it must be encrypted, but if it is encrypted, then cloud servers can’t do anything with it, such as allow you to search and sort it. The tradeoff between security and utility has seemed intractable until last year when the solution was published in the dissertation of Stanford computer science graduate and IBM researcher Craig Gentry (PHD 2009 CS). Gentry’s working scheme for “fully homomorphic encryption (FHE)” still needs some serious efficiency tuning to be practical, but it has been hailed as a breakthrough, earning him the Best Dissertation Award from the Association for Computing Machinery in May.

“Homomorphic encryption gives you a way out of the dilemma,” Gentry says. “It gives you a way to process data without having access to it.”

“Homomorphic” is a mathematical term meaning that if you do two things to a bit of data – say, encrypt it and process it – the order in which you do them won’t matter. In other words, in FHE, data can be processed after it is encrypted, as well as before. This means that a Gmail user could someday send an encrypted search query to the servers in the cloud, and those severs could carry out that query even though the query and the e-mails are completely inscrutable to them. Only the user who holds secret key can ever decrypt the original data, the query, or the query results.

For another example, imagine how FHE could help the proprietor of an online movie streaming service – call it Hackbuster Video– protect the privacy of customers while still giving them all the features they want. A customer’s request for a new movie would be encrypted, as would the movie itself, meaning that Hackbuster would not know what movie the customer was watching. Despite the privacy, the Hackbuster’s servers could still charge the correct amount, offer playback features such as pause and rewind, and even still make recommendations of similar movies, all without ever being privy to the movies involved.

Gentry’s graduate advisor Dan Boneh, a professor of computer science and electrical engineering, said the work is groundbreaking.

“Craigs construction of the first fully homomorphic encryption solves a key 30-year old problem in cryptography,” Boneh said. “Like climbing Mt. Everest, many have tried to accomplish this feat before and failed. This work will drive research in cryptography for many years to come.”