Monthly Archives: July 2019

Students in the wealthiest districts are obtaining disability accommodations at much higher rates, report finds

Source: The Week: Most Recent Home Page Posts

Article note: I could easily see this. You build tools that can be used to give an advantage, and those with the means to do so will use them in technically-inside-the-rules for advantage, whether it's prescription stimulants as performance drugs, sleazy financial deals, or disability accommodations. At the university level there is a visible mix of "reasonable accommodations allowing students to succeed" and "taking advantage," it's sometimes egregious enough to be easy to call, but we can't.

Disability accommodations for schoolwork and testing are not distributed equally across the socioeconomic spectrum, The New York Times reports.

More students than ever in the United States are reportedly securing disability diagnoses, which often allow them to receive extra time for class work and tests, including standardized tests like the ACT and SAT which have bearing on college acceptance. The Times reports that in the country's wealthiest school districts students are obtaining 504 plans — a federal disability designation — at higher rates.

For example, while analyzing Department of Education data, the Times found that in the top 1 percent of wealthiest districts, 5.8 percent of students held a 504 plan, which is twice the national average. In some communities, like Weston, Connecticut, where the average annual income is $220,000, the rate was as high as 18 percent. Meanwhile, in the Cleveland Metropolitan School district, less than 1 percent of students had obtained a 504 plan. Further, a larger percentage of white students held a 504 plan than any other race.

1. New investigation from @jugalpatelNYT and me: In the top 1 percent of richest school districts, teens are 2x as likely to hold a disability plan that qualifies them for extended time on SAT/ACT and schoolwork. In some places, it's 7x the national rate.

— Dana Goldstein (@DanaGoldstein) July 30, 2019

The data does not include private schools, but in some areas, private school students reportedly are even more likely to qualify for accommodations.

The Times reports that while cases of outright fraud are rare, the system is vulnerable to abuse, in part because private mental health practitioners can operate with limited oversight. But speculation about gaming the system aside, the Times reports that the disparity more broadly represents unequal access to resources.

3. It starts in early childhood, when some parents are more able than others to have children evaluated for speech and motor-skill delays. By high school, some have spent tens of thousands on repeated psychological evaluations, which are rarely fully covered by insurance.

— Dana Goldstein (@DanaGoldstein) July 30, 2019

Posted in News | Leave a comment

A Big Blue landmark restaurant is gone as more changes come to campus-area corridor

Source: -- Fayette County

Article note: On one hand, watching UK's expanded privatized food offerings kill the local restaurant scene is sad. On the other hand, food poisoning Arbys needed to go.

Another University of Kentucky landmark apparently is gone: The Arby’s at 507 South Limestone apparently has closed. The building, distinctive from other Arby’s because it had blue trim instead of … Click to Continue »

Posted in News | Leave a comment

200 million devices—some mission-critical—vulnerable to remote takeover

Source: Ars Technica

Article note: VXWorks is one of those invisibly-everywhere things, from electrical appliances to Mars rovers. It's generally pretty trustworthy, but this is ...low hanging. It would likely be difficult to get something generally-wormable because of platform diversity due to customization, but it would be easy to do a lot of damage by worming something prolific and connected (like the many modems that run it) or attacking something life-critical (think medical devices).
A repairman with

Enlarge (credit: Lisa Brewster / Flickr)

About 200 million Internet-connected devices—some that may be controlling elevators, medical equipment, and other mission-critical systems—are vulnerable to attacks that give attackers complete control, researchers warned on Monday.

In all, researchers with security firm Armis identified 11 vulnerabilities in various versions of VxWorks, a slimmed-down operating system that runs on more than 2 billion devices worldwide (this section of Wikipedia's article on the OS lists some of its more notable uses). Billed collectively as Urgent 11, the vulnerabilities consist of six remote code flaws and five less-severe issues that allow things like information leaks and denial-of-service attacks. None of the vulnerabilities affects the most recent version of VxWorks—which was released last week—or any of the certified versions of the OS, including VxWorks 653 or VxWorks Cert Edition.

High stakes

For the 200 million devices Armis estimated are running a version that’s susceptible to a serious attack, however, the stakes may be high. Because many of the vulnerabilities reside in the networking stack known as IPnet, they can often be exploited by little more than boobytrapped packets sent from the Internet. Depending on the vulnerability, exploits may also be able to penetrate firewalls and other types of network defenses. The most dire scenarios are attacks that chain together multiple exploits that trigger the remote takeover of multiple devices.

Read 6 remaining paragraphs | Comments

Posted in News | Leave a comment

GitHub Starts Blocking Developers In Countries Facing US Trade Sanctions

Source: Slashdot

Article note: We let a single large commercial entity effectively MITM all of open source, and now it is being used by powerful entities to assert control. *shocked Pikachu*

After a developer based in the Crimea region of Ukraine was blocked from GitHub this week, the Microsoft-owned software development platform said it has started restricting accounts in countries facing U.S. trade sanctions. GitHub lists Crimea, Cuba, Iran, North Korea, and Syris as countries facing U.S. sanctions. ZDNet reports: As the developer reports, his website, which is hosted on GitHub, now returns a 404 error. He also can't create new private GitHub repositories or access them. While his website could easily be moved to another hosting provider, the block does pose a challenge for his work on GameHub, which has an established audience on GitHub. GitHub does offer developers an appeal form to dispute restrictions but [the developer] told ZDNet that, at this point, there's nothing to gain by appealing the restriction. "It is just pointless. My account is flagged as restricted and, in order to unflag it, I have to provide a proof that I don't live in Crimea. I am in fact a Russian citizen with Crimean registration, I am physically in Crimea, and I am living in Crimea my entire life," he said. "For individual users, who are not otherwise restricted by U.S. economic sanctions, GitHub currently offers limited restricted services to users in these countries and territories. This includes limited access to GitHub public repository services for personal communications only," it says. GitHub notes on its page about U.S. trade controls that its paid-for on-premise software -- aimed to enterprise users -- may be an option for users in those circumstances. "Users are responsible for ensuring that the content they develop and share on complies with the U.S. export control laws, including the EAR (Export Administration Regulations) and the U.S. International Traffic in Arms Regulations (ITAR)," GitHub says. "The cloud-hosted service offering available at has not been designed to host data subject to the ITAR and does not currently offer the ability to restrict repository access by country. If you are looking to collaborate on ITAR- or other export-controlled data, we recommend you consider GitHub Enterprise Server, GitHub's on-premises offering."

Share on Google+

Read more of this story at Slashdot.

Posted in News | Leave a comment

Tech firms “can and must” put backdoors in encryption, AG Barr says

Source: Ars Technica

Article note: William Barr, once again, doesn't like facts. There is no such thing is a MITM/Back-door which can't be abused by anyone who figures out how it works and/or gains access to the escrow. The math for such a thing has not been invented, and may not even be possible.
Graffiti urging people to use Signal, a highly encrypted messaging app, is spray-painted on a wall during a protest on February 1, 2017 in Berkeley, California.

Enlarge / Graffiti urging people to use Signal, a highly encrypted messaging app, is spray-painted on a wall during a protest on February 1, 2017 in Berkeley, California. (credit: Elijah Nouvelage | Getty Images)

US Attorney General William Barr today launched a new front in the feds' ongoing fight against consumer encryption, railing against the common security practice and lamenting the "victims" in its wake.

"The deployment of warrant-proof encryption is already imposing huge costs on society," Barr claimed in remarks at a cybersecurity conference held at Fordham University Tuesday morning. Barr added that encryption "seriously degrades" law enforcement's ability to "detect and prevent a crime before it occurs," as well as making eventual investigation and prosecution of crime more difficult.

The existence of encryption means "converting the Internet and communications into a law-free zone" that criminals will happily take advantage of to do more crimes, Barr added, likening it to a neighborhood that local cops have abandoned.

Read 14 remaining paragraphs | Comments

Posted in News | Leave a comment

Server Updated

The server that hosts this page was updated from Debian Jessie (8) through Stretch (9) and onto Buster (10) over the course of a few hours today. It involved surprisingly little suffering and should not affect functionality, please let me know if you find anything left in a broken state.

I didn’t realize how long it had been since I did any manual maintenance here, apt unattended upgrades, certbot, and a few scripts for user-installed package upgrades and backup had done such a good job maintaining things just visibly enough to know it was being taken care of that I’d let it get past-due. Most of my other individually-installed boxes are Arch rolling-release machines that require a few minutes of attention every month or two, so they don’t have the periodic major breaking maintenance issue to the same degree.

Now I can let it take care of itself again until 2022 or thereabouts.
A few notes that may be useful to others under the fold.
Continue reading

Posted in Computers, DIY, General, Meta | Leave a comment

Complete run of MAKE magazine on

Source: Boing Boing

Article note: Cool. At least the main content will remain accessible regardless of what happens with the ongoing collapse of Make.

I was part of the team that launched MAKE: (a technology project magazine) and served as its editor-in-chief for 12 wonderful years. I just found out that has a searchable archive of all past MAKE: issues. Enjoy! Read the rest

Posted in News | Leave a comment

Education publisher Pearson to phase out print textbooks

Source: Hacker News

Article note: That is some heinous rent-seeking shit. Rental-only, no retention for reference, no retention for historical study knowledge undermining, no resale, with the additional detail that most online course materials are (in my experience) janky garbage. RMS' "apocalyptic prophet" status continues to firm up.
Posted in News | Leave a comment

Author discusses his new book on teaching undergraduates

Source: Inside Higher Ed (news)

Article note: Just this little interview has several things that I don't hear said often enough and emphatically agree with. "Halfassing teaching makes everyone, yourself included, miserable" and "Undergraduate TAs who excelled in a course several semesters ago will be better at both the material and student interaction than most graduate TAs."

Professors teach; most them teach undergraduates. This is their path to self-redemption, according to The Happy Professor: How to Teach Undergraduates and Feel Good About It (Rowman & Littlefield). Bill Coplin, the author, is director and professor in the policy studies program at Syracuse University. He responded to queries about his new book.

Q: You talk about priorities in a career. What if you are at a university where a faculty member can't make teaching undergraduates a priority?

A: This is a major cause of unhappiness. If you are asked to teach undergraduates and want to be happy, give the job enough priority to help students prepare for careers and become effective citizens along with your content. Follow the strategies and tactics in the book. Research for your career can still be No. 1 if it puts food on the table, but in that case, undergraduate teaching has to be No. 2 if you want to find peace in teaching undergraduates. Once you are a tenured full professor, the priorities should reverse if you include graduate teaching. I choose to make teaching my top priority at a research university because I didn’t feel good treating paying customers [as] less than they should be. That choice has been extremely rewarding and hence, the happy professor.

Q: Assuming you are a professor where you can focus on teaching, how can you use the skills continua you outline?

A: You can do many things, but first you must focus on the important skills for careers and citizenship that your course will help students practice. Then list the skills in your syllabus and on your course evaluations. Always mention in class the skills that are being practiced and how they will help in careers and effective citizenship. For example, if you are having students conduct or think about surveys, mention that surveys are used in all professional careers, whether business, nonprofit or government, and also note that citizens need to understand the principles of survey design when making judgments about government policies and politicians.

Q: You advocate for “andragogy, not pedagogy.” What does that mean?

A: “Andragogy” is a term developed many years ago and championed by Malcolm Knowles in the 1960s. It means teaching adults, while “peda” means children. I advocate treating undergraduates as if they were adults even though many are not far along on the children-adult continuum. Treating undergraduates as children being told what to do and what to learn breeds distrust. Distrust breeds late and poorly written papers and zoning out in class. The question “why do I have to learn this?” needs to be answered with something other than “it’s good for you.” Teachers should check out Knowles’s writing to see the many and powerful differences between viewing your student as a child and not an adult.

Q: How can a faculty members become more experimental in the classroom?

A: I wrote the book so faculty can try out things that worked for me, many of which are small and don’t take a lot of time or effort. The most powerful thing they can do is to treat students or former students as advisers in some capacity. They will make suggestions on what the teacher is now doing, and after a while the teacher will come up with ideas and ask for their advice.

Q: Your advice on teaching assistants may surprise faculty members. What is their positive role?

A: I found that graduate teaching assistants did not know the content of my course since they had not taken it. Teachers will not know the abilities and knowledge base of their graduate students. They will know it for their undergraduates. Undergraduate TAs who took the course know what students need. They will help teachers avoid the tendency to teach over the heads of the majority of their students. They make it easy in a big class to make the class have a small-group feel to it. They can be used for mundane things like taking attendance or grading multichoice tests. They can help in writing and evaluating the tests. They will recruit new students. They will serve as junior partners. Just as importantly, the undergraduate TAs will learn to take responsibility, how difficult teaching is and many other things for career and citizenship. Teachers need more help as the technology becomes a larger part of education in both designing course work and coaching students on how to navigate software.

Books and Publishing
Editorial Tags: 
Is this diversity newsletter?: 
Newsletter Order: 
Disable left side advertisement?: 
Is this Career Advice newsletter?: 
Magazine treatment: 
Trending text: 
Teaching Undergrads
Trending order: 
Display Promo Box: 
Posted in News | Leave a comment

Interoperability: Fix the internet, not the tech companies

Source: Boing Boing

Article note: The idea that you must not make regulation that enshrines current incumbents gets lost in too many of these discussions, this does a good job pitching how you solve problems so they _stay solved_ instead of simply creating avenues for regulatory capture.

Everyone in the tech world claims to love interoperability—the technical ability to plug one product or service into another product or service—but interoperability covers a lot of territory, and depending on what's meant by interoperability, it can do a lot, a little, or nothing at all to protect users, innovation and fairness.

Let's start with a taxonomy of interoperability:

Indifferent Interoperability

This is the most common form of interoperability. Company A makes a product and Company B makes a thing that works with that product, but doesn't talk to Company A about it. Company A doesn't know or care to know about Company B's add-on.

Think of a car's cigarette lighter: these started in the 1920s as aftermarket accessories that car owners could have installed at a garage; over time they became popular enough that they came standard in every car. Eventually, third-party companies began to manufacture DC power adapters that plugged into the lighter receptacle, drawing power from the car engine's alternator. This became widespread enough that it was eventually standardized as ANSI/SAE J563.

Standardization paved the way for a variety of innovative new products that could be made by third-party manufacturers who did not have to coordinate with (or seek permission from) automotive companies before bringing them to market. These are now ubiquitous, and you can find fishbowls full of USB chargers that fit your car-lighter receptacle at most gas stations for $0.50-$1.00. Some cars now come with standard USB ports (though for complicated reasons, these tend not to be very good chargers), but your auto manufacturer doesn't care if you buy one of those $0.50 chargers and use it with your phone. It's your car, it's your car-lighter, it's your business.

Cooperative Interoperability

Sometimes, companies are eager to have others create add-ons for their products and services. One of the easiest ways to do this is to adopt a standard: a car manufacturer that installs an ANSI/SAE J563-compliant car-lighter receptacle in its cars enables its customers to use any compatible accessory with their cars; any phone manufacturer that installs a 3.5mm headphone jack allows anyone who buys that phone to plug in anything that has a matching plug, even exotic devices like Stripe's card-readers, which convert your credit-card number to a set of tones that are played into a vendor's phone's headphone jack, to be recognized and re-encoded as numbers by Stripe's app.

Digital standards also allow for a high degree of interoperability: a phone vendor or car-maker who installs a Bluetooth chip in your device lets you connect any Bluetooth accessory with it—provided that they support that device, or at least that they make no steps to prevent that device from being connected.

This is where things get tricky: manufacturers and service providers who adopt digital standards can use computer programs to discriminate against accessories, even those that comply with the standard. This can be extremely beneficial to customers: you might get a Bluetooth "firewall" that warns you when you're connecting to a Bluetooth device that's known to have security defects, or that appears on a blacklist of malicious devices that siphon away your data and send it to identity thieves.

But as with all technological questions, the relevant question isn't merely "What does this technology do?" It's "Who does this technology do it to and who does it do it for?"

Because the same tool that lets a manufacturer help you discriminate against Bluetooth accessories that harm your well-being allows the manufacturer to discriminate against devices that harm its well-being (say, a rival's lower-cost headphones or keyboard) even if these accessories enhance your well-being.

In the digital era, cooperative interoperability is always subject to corporate boundaries. Even if a manufacturer is bound by law to adhere to a certain standard—say, to provide a certain electronic interface, or to allow access via a software interface like an API—those interfaces are still subject to limits that can be embodied in software.

A digitally enabled car-lighter receptacle could be made to support only a limited range of applications—charging via USB but not USB-C or Lightning, or only charging phones but not tablets—and software could be written to enforce those limits. Even a very permissive "smart lighter-receptacle" that accepted every known device as of today could be designed to reject any devices invented later on, unless the manufacturer chose to permit their use. A manufacturer of such a device could truthfully claim to support "every device you can currently plug into your car lighter," but still maintain a pocket veto over future devices as a hedge against new developments that it decides are bad for the manufacturer and its interests.

What's more, connected devices and services can adjust the degree of interoperability their digital interfaces permit from moment to moment, without notice or appeal, meaning that the browser plugin or social media tool you rely on might just stop working.

Which brings us to...

Adversarial Interoperability

Sometimes an add-on comes along that connects to a product whose manufacturer is outright hostile to it: third-party ink for your inkjet printer, or an unauthorized app for your iPhone, or a homebrew game for your console, or a DVR that lets you record anything available through your cable package, and that lets you store your recordings indefinitely.

Many products actually have countermeasures to resist this kind of interoperability: checks to ensure that you're not buying car parts from third parties, or fixing your own tractor.

When a manufacturer builds a new product that plugs into an existing one despite the latter's manufacturer's hostility, that's called "adversarial interoperability" and it has been around for about as long as the tech industry itself, from the mainframe days to the PC revolution to the operating system wars to the browser wars.

But as technology markets have grown more concentrated and less competitive, what was once business-as-usual has become almost unthinkable, not to mention legally dangerous, thanks to abuses of cybersecurity law, copyright law, and patent law.

Taking adversarial interoperability off the table breaks the tech cycle in which a new company enters the market, rudely shoulders aside its rivals, grows to dominance, and is dethroned in turn by a new upstart. Instead, today's tech giants show every sign of establishing a permanent, dominant position over the internet.

"Punishing" Big Tech by Granting It Perpetual Dominance

As states grapple with the worst aspects of the Internet—harassment, identity theft, authoritarian and racist organizing, disinformation—there is a real temptation to "solve" these problems by making Big Tech companies legally responsible for their users' conduct. This is a cure that's worse than the disease: the big platforms can't subject every user's every post to human review, so they use filters, with catastrophic results. At the same time, these filters are so expensive to operate that they make it impossible for would-be competitors to enter the market. YouTube has its $100 million Content ID copyright filter now, but if it had been forced to find an extra $100,000,000 to get started in 2005, it would have died a-borning.

But assigning these expensive, state-like duties to tech companies also has the perverse effect of making it much harder to spark competition through careful regulation or break-ups. Once we decide that providing a forum for online activity is something that only giant companies with enough money to pay for filters can do, we also commit to keeping the big companies big enough to perform those duties.

Interoperability to the Rescue?

It's possible to create regulation that enhances competition. For example, we could introduce laws that force companies to follow interoperability standards and oversee the companies to make sure that they're not sneakily limiting their rivals behind the scenes. This is already a feature of good telecommunications laws, and there's lots to like about it.

But a mandate to let users take their data from one company to another—or to send messages from one service to another—should be the opener, not the end-game. Any kind of interoperability mandate has the risk of becoming the ceiling on innovation, not the floor.

For example, as countries around the world broke up their national phone company monopolies, they made rules forcing them to allow new companies to use their lines, connect to their users and share their facilities, and this enabled competition in things like long distance service.

But these interoperability rules were not the last word: the telcos weren't just barred from discriminating against competitors who wanted to use their long-haul lines; thanks to earlier precedent, they were also not able to control who could make devices that plugged into those lines. This allowed companies to make modems that could connect to phone lines. As the Internet crept (and then raced) into Americans' households, the carriers had ample incentive to control how their customers made use of the net, especially as messaging and voice-over-IP eroded the massive profits from long-distance and SMS tariffs. But they couldn't, and that helplessness to steer the market let new companies and their customers create a networked revolution.

The communications revolution owes at least as much to the ability of third parties to do things that the carriers hated—but couldn't prevent—as it does to the rules that forced them to interconnect with their rivals.

Fix the Internet, Not the Tech Companies

The problems of Big Tech are undeniable: using the dominant services can be terrible, and now that they've broken the cycle of dominance and dethroning, the Big Tech companies have fortified their summits such that others dare not besiege them.

Today, much of the emphasis is on making Big Tech better by charging the companies to filter and monitor their users.

The biggest Internet companies need more legal limits on their use and handling of personal data. That’s why we support smart, thorough new Internet privacy laws. But laws that require filtering and monitoring user content make the Internet worse: more hostile to new market entrants (who can't afford the costs of compliance) and worse for Internet users' technological self-determination.

If we're worried that shadowy influence brokers are using Facebook to launch sneaky persuasion campaigns, we can either force Facebook to make it harder for anyone to access your data without Facebook's explicit approval (this assumes that you trust Facebook to be the guardian of your best interests)—or we can bar Facebook from using technical and legal countermeasures to shut out new companies, co-ops, and projects that offer to let you talk to your Facebook friends without using Facebook's tools, so you can configure your access to minimize Facebook's surveillance and maximize your own freedom.

The second way is the better way. Instead of enshrining Google, Facebook, Amazon, Apple, and Microsoft as the Internet’s permanent overlords and then striving to make them as benign as possible, we can fix the Internet by making Big Tech less central to its future.

It's possible that people will connect tools to their Big Tech accounts that do ill-advised things they come to regret. That's kind of the point, really. After all, people can plug weird things into their car's lighter receptacles, but the world is a better place when you get to decide how to use that useful, versatile ANSI/SAE J56-compliant plug—not GM or Toyota.

(Crossposted from EFF Deeplinks)

Posted in News | Leave a comment