But Ms. Hargittai and Mr. King, among others, say that the familiar narrative about tech-smart young people is false. Their course grew out of years of research conducted by Ms. Hargittai on the online skills of millennials. The findings paint a picture not of an army of app-building, HTML-typing twenty-somethings, but of a stratified...
Read more →
Research on games and learning have shown us that games can be powerful tools for learning–providing players with the opportunity to learn from and even celebrate failures as part of the natural learning process in a challenging environment. How can universities take advantage of the power of games and game mechanics? It’s not as simple as dropping in badges and leaderboards. Professor Liz Lawley, who teaches in the Rochester Institute of Technology’s School of Interactive Games & Media as well as directing RIT’s Lab for Social Computing, will talk about Just Press Play, a “game layer for undergraduate engagement” that she and her colleagues have designed to enrich the learning environment for undergraduate students. After three years of iterative development and testing, her group will be releasing the software underlying Just Press Play under an open source license at the end of this academic year.
This episode will be broadcast live on Wednesday, April 23, 2014 at 10am CT. Register @ http://nlc.nebraska.gov/scripts/calendar/eventshow.asp?ProgID=13024.
Hi, We are writing to you to notify you that we will be shutting down the Ubuntu One file services, effective 1 June 2014. This email gives information about the closure and what you should expect during the shutdown process. As of today, it will no longer be possible to purchase storage or music from the Ubuntu One...
Read more →
I’ve been putting off this post for a few days to allow for the immediate freak-out to die down and to let some actually good advice to surface. I’m now read to provide the following advice and resources:
What happened?
Basically, for the past two years there’s been a flaw in the security software behind somewhere near 60% of all “secure” Web sites on the Internet. That whole “make sure the site you’re logging into says ‘https://’” advice, well, that was the part that was broken. No one stole your password per se, but this hole could allow someone to get it and the site they got it from would have absolutely no idea that it happened.
For a slightly more technical explanation watch this short video from the Security Now podcast.
Is it serious?
Bruce Schneier, the security guy security guys listen to says “‘Catastrophic’ is the right word. On the scale of 1 to 10, this is an 11.” ‘Nuff said.
Do I need to change my passwords?
Yes. Especially if, and I’m sorry if this language offends you, your passwords are crap. And chances are, your passwords are crap. Test your passwords using https://howsecureismypassword.net/. If your password strength isn’t measured in millenia, your password is crap.
Oh, and if you use the same password for more than one site. You password is crap.
This is not news folks. You’ve heard this before and ignorance is no longer bliss when it comes to this stuff.
Do I need to change them right now?
This is the biggest problem caused by this whole mess: it depends.
Services that ran certain types of servers, or non-problematic versions of the SSL software, were not effected by this problem and therefore don’t have this as a reason to need you to change your password. (Unless you should anyway since your passwords are crap. See above.)
Services that were effected need to fix the problem on their end before changing your password will do any good. Sure, you could go change your password right now, but if they fix the problem tomorrow, you’ll just need to change your password again.
(See Naked Security’s “Heartbleed heartache” – should you REALLY change all your passwords right away? if you’d like further details.)
So, how do you tell?
Well, yesterday I got an e-mail from IFTTT.com telling me that they’d fixed the problem and that I should change my password. Full marks to IFTTT but don’t expect that from everyone.
Mashable has a great page titled The Passwords You Need to Change Right Now where you can look up major services to see if it’s time to change your password. Go there as soon as you’re done reading this unless you’re a LastPass user.
If you use LastPass they have a service that will go through your accounts and let you know which services have the problem, whether they’ve fixed their server or not, and if it’s time to change your password. You can find instructions on how to do this on their page titled “LastPass Now Checks If Your Sites Are Affected by Heartbleed.”
What should I do from this point forward?
Improve your passwords! Seriously folks, we’re not kidding any more. Install LastPass and create a 100% unique and random password for every site you use. Also, if a service uses two-factor authentication and you can do it (i.e. you can receive text messages on any sort of cell phone) turn it on.
If you run a server, or know someone who does, read/send this EFF blog post on Why the Web Needs Perfect Forward Secrecy More Than Ever and do it.
Yes, this is a pain. Yes, things like complex passwords and two-factor authentication, adds some time it’ll take to log into a Web site. But so does locking your door when you leave the house in the morning. That doesn’t mean you’ve wasted the extra five seconds it took just to be a little more secure.
I’ve blogged about Wuala before but in light of the recent news about Dropbox checking for the sharing of copyrighted material, which I agree with some isn’t really that big of a controversy, some may still want a more secure way to store and share in the cloud.
Wuala works just like Dropbox but completely encrypts any content you put into it. Be aware though, that by doign this the program is a bit slower (as it needs to encrypt on upload and decrypt on download,) and, more importantly, if you loose your encryption key, your content goes with it.
Really!? Why is this still happening to me?
Internet activist Samuel Carlisle aka SamTheTechie on what Mozilla and libraries have in common. Here’s someone we should be working with as he gets it.
Speaking of someone we as librarians should be working with, I found that video via the Mozillarian blog which is “an experimental blog exploring the intersection between the Mozilla community and the Library world.” In this video Mozillarian Christine “explains our #mozillarian idea.”
Bill speaks with investigative reporter Julia Angwin, author of the new book ‘Dragnet Nation: A Quest for Privacy, Security and Freedom in a World of Relentless Surveillance,’ about the indiscriminate tracking of our everyday lives — where government and business are stockpiling data about us at an unprecedented pace.
Did you know that Google News has an amazing archive of scanned newspapers from the mid-1800s through the early 2000s? Availability of issues varies significantly from title to title but is completely browseable and searchable. Check it out @ http://news.google.com/newspapers.
User research studies help us improve Google products by allowing us to get feedback directly from our users (that’s you!)
During a study we may present you with and gather your feedback on an existing product, a new feature, or even prototypes. We may also interview you about particular daily habits or ask you to keep a log of certain activity types over a given period of time. Study sessions can happen at a Google office, in your home or business, or online through your computer or mobile device. Afterwards, you’ll receive a token of our appreciation for your cooperation. Sharing your experiences with us helps inform our product planning and moves us closer to our goal of building something you’ll love.
You don’t have to be a Google product user or a tech aficionado to sign up
We value input from people that are unfamiliar with our products or the latest web technology, as well as those who are deeply engaged with them. If you’ve used the Internet in any way before, we want to hear from you!
Getting invited
When you sign up to participate in user studies, we’ll use the information you provide to help us search for suitable participants for user studies. We (or an outside agency working on our behalf in accordance with our privacy policy) will only contact you if we want to invite you to participate in a study or need to clarify information that informs such invitations.
Read all the details & sign up @ Google.com/usability.
