SymmetricalDataSecurity: September 2021

Thursday, September 30, 2021

DNS Record Types

Every DNS record has a type. This type defines what the content of the record means. For example, a DNS record of type MX contains the location of a mail exchange server. All the record types are strictly defined in so-called RFCs (request for comments). Since the beginning of the domain name system, a lot of new record types have been added. Some record types have also been declared obsolete, because they have been replaced by a newer record type.

All DNS record types. By NsLookup.io. Licenced under CC By 4.0

There are many different types of DNS record in existence. Most of them are used only occasionally. Only a couple record types are used very frequently.

These are the most commonly used DNS record types:

A — IPv4 address
AAAA — IPv6 address
CNAME — Canonical name
MX — Mail exchange
NS — Name server
TXT — Human-readable text

These are all the DNS record types that are currently in use:

A — IPv4 address
AAAA — IPv6 address
AFSDB — AFS database location
APL — Address prefix list
AXFR — Authoritative zone transfer
CAA — Certification authority authorization
CDNSKEY — Child copy of a DNSKEY
CDS — Child copy of DS
CERT — Cryptographic certificate
CNAME — Canonical name
CSYNC — Child-to-parent synchronization
DHCID — DHCP identifier
DLV — DNSSEC lookaside validation
DNAME — Delegation name
DNSKEY — Cryptographic key for DNSSEC
DS — Delegation signer
EUI48 — MAC address (EUI-48)
EUI64 — Mac address (EUI-64)
HINFO — Host information
HIP — Host identification protocol
HTTPS — HTTPS binding
IPSECKEY — Cryptographic key for IPsec
IXFR — Incremental zone transfer
KEY — Cryptographic key for DNSSEC (obsoleted by DNSKEY)
KX — Key exchange
LOC — Geographical location
MX — Mail exchange
NAPTR — naming authority pointer
NS — Name server
NSEC3 — Next secure (version 3)
NSEC3PARAM — Parameter for NSEC3
NSEC — Next secure (obsoleted by NSEC3)
NXT — DNSSEC key (obsoleted by NSEC)
OPENPGPKEY — Public key for OpenPGP
OPT — EDNS option
PTR — Canonical name pointer
RP — Responsible person
RRSIG — Resource record signature for DNSSEC
SIG — Resource record signature for DNSSEC (obsoleted by RRSIG)
SMIMEA — S/MIME association
SOA — Start of authority
SSHFP — Public key fingerprint for SSH
SVCB — Service binding
SVR — Service locator
TA — Trust authorities for DNSSEC
TKEY — Transaction key
TLSA — Certificate association for TLS
TSIG — Transaction signature
TXT — Human-readable text
URI — Uniform resource identifier
ZONEMD — Message digest for DNS zones

from Hacker News https://ift.tt/2Y7VqYP

Reverse-engineering an unusual IBM modem board from 1965

The vintage IBM circuit board below has a large metal block on it that caught my attention, so I investigated it in detail. It turns out that the board is part of a modem, and the large metal box is a transformer. This blog post summarizes what I learned about this board, along with a bit of history on modems.

The IBM modem board, type

HGB

This board is a Standardized Modular System (SMS) card, but a very unusual one. In the late 1950s, IBM introduced the Standardized Modular System card, small circuit boards that held a simple circuit, and used these boards to build computers and peripherals into the mid-1960s. The idea was to design a small number of standardized boards that implemented logic functions and other basic circuits. The number of different board designs spiraled out of control, however, with thousands of different types of SMS cards. (I've made an SMS card database describing over 1400 different cards.)

This is a typical SMS card, implementing a triple AND gate.

Most SMS cards look like the one above, so the card with the metal block struck me as very unusual. Although some SMS cards are double-width "twin cards", I'd never seen one with a large metal block sandwiched between two boards, so it got my curiosity.

One suggestion was that the metal box was a temperature-compensated crystal oven (TCXO). A TCXO is often used when a high-precision frequency source is required. The frequency of a quartz crystal varies with temperature, so by putting the crystal in a temperature-controlled module (like the one below), the frequency remains stable.

However, measurements of the module by Curious Marc and Eric Schlaepfer (TubeTimeUS) determined that the metal box was a large transformer (1:1 ratio, about 8 mH inductance). The photo below shows the four connections to the windings, while the external metal wires grounded the case. The transformer is heavy—the board weighs almost exactly one pound—so it's probably filled with oil.

The transformer on the modem board.

The board shows its age through its germanium transistors, which were used before silicon transistors became popular. Most of the transistors are PNP, apparently because it was easier to produce PNP germanium transistors than NPN. (Silicon transistors are the opposite with NPN transistors much more common than PNP, largely because the electrons in NPN transistors move more easily than the holes in PNP transistors, giving better performance to NPN transistors.)

Closeup of the Texas Instruments transistors. Most of the transistors on the board were PNP type 033.

I found a document1 that gave the board's part number as a transmitter board for an IBM modem, transmitting data across phone lines. The large transformer would have been used to connect the modem to the phone lines while maintaining the necessary isolation. The modem used frequency-shift keying (FSK), using one frequency for a 1 bit and a second frequency for a 0 bit. I reverse-engineered the board by closely studying it, and discovered that the board generates these two frequencies, controlled by a data input line. This confirmed that the board was a modem transmitter board.

The photo below shows the underside of the board, with the traces that connect the components. The board is single-sided, with traces only on the underside, so traces tend to wander around a lot, using jumper wires on the other side to cross over other traces. (It took me a while to realize that the transformer's case was just wired to ground, since the trace wanders all over the board before reaching the ground connection.) At the bottom of the board are the two gold-plated 16-pin connectors that plug into the system's backplane. The connector on the left provides power, while the connector on the right has the signals.

The underside of the printed circuit board for the modem card.

The result of my reverse-engineering is the schematic below. (Click for a larger version.) The circuit seems complicated for a board that just generates a varying frequency, but it took a lot of parts to do anything back then. At the left of the schematic are the board's two inputs: a binary data signal, and an enable signal that turns the oscillator on. Next are the oscillator that produces the signal, and a 13 millisecond delay (both discussed below). The output from the oscillator goes through a filter that makes it somewhat more sine-like. The signal is then amplified to drive the transformer, as well as to produce a direct output.

Reverse-engineered schematic of the IBM modem board. (Click this image, or any other, for a larger version.)

The oscillator

The oscilloscope trace below shows the output that I measured from the board after powering it up. The blue line shows the data input, while the cyan waveform above shows the frequency output. You can see that the output frequency is different for a "1" input and a "0" input, encoding the data. (The height also changes, but I think that's just a side-effect of the circuit.)

Oscilloscope trace showing how the frequency of the output signal varies with the input data.

The modem is supposed to generate frequencies of 1020 Hertz for a "mark" (1) and 2200 Hertz for a "space" (0). However, I measured frequencies of 893 and 1920, about 13% too low. This seems like reasonable accuracy for components that are 55 years old. (I don't know what the expected accuracy was at the time. There aren't any adjustments, so the frequencies probably weren't critical. Also, since the two frequencies differ by more than a factor of two, there's a large margin.)

The modem operated at up to 600 baud. This corresponded to 100 characters per second for 6-bit characters, or 75 characters per second for 8-bit characters. The oscilloscope trace below shows the signal changing at 600 baud. At this rate, one bit is represented by only 1.7 cycles of the slower frequency, so the receiver doesn't have a lot of information to distinguish a 0 or a 1 bit. Also note that the waveform is somewhat distorted, not a clean sine wave.

The output signal when fed bits at 600 baud (i.e. a 300 Hertz square wave).

The heart of this board is the frequency-shift keying oscillator that generates the variable output frequency.2 The input data bit selects one of two control voltages to the oscillator, controlling its output frequency.

The oscillator is a fairly common transistor-pair circuit. The diagram below illustrates how it works. (It uses PNP transistors and runs on -12 volts, so ground is the higher voltage, which may be a bit confusing.) Suppose transistor T1 is on and T2 is off. Capacitor C2 will discharge through resistor R2, as shown. When its voltage reaches about -0.6 volts, T2 will turn on. This will pull the right side of C1 up to ground; it was previously at -12 volts because of R4. This causes the left side of C1 to jump up to about +12 volts, turning off T1.

The process then repeats on the other side, with C1 discharging through R1 until T1 turns off and T2 turns on. The result is that the circuit oscillates. The discharge rate is controlled by the values of R1 and R2, and the control voltage; a lower voltage will cause the capacitors to discharge faster and thus faster oscillations.

Oscilloscope traces of the oscillator, showing the alternating decay cycles.

The traces above show the action of the oscillator, producing the cyan output signal. The yellow curve shows the voltage on the left side of C2, the pink trace shows the voltage on the left side of C1, and the blue trace shows the voltage on the right side of C2. The pink and blue traces show the alternating discharge cycles for the capacitors; the faster discharge yields a higher output frequency.

Schematic of the oscillator at the heart of the board.

The output of the oscillator is essentially a square wave, so it goes through some resistor-capacitor filtering stages that shape it to better approximate a sine wave. The top line (yellow) shows the output of the oscillator, and the lines below show the signal as it progresses through the filter. The result is still fairly distorted, but much smoother than the original square wave.

The square wave signal and the results after filtering.

Delay circuit

Another interesting circuit takes the enable signal and outputs this signal delayed by 13 milliseconds. When I reverse-engineered this circuit (below), I figured it was just buffering the signal but it appeared overly complex for that. I measured its behavior and discovered that it implements a delay.

Reverse-engineered schematic showing the 13ms delay circuit on the modem board.

The circuit contains several buffers, but the heart of it is a resistor-capacitor delay. When the enable line is activated, the capacitor is pulled to -12V slowly through the resistors, creating the delay. The photo below shows the delay capacitor and associated resistors.

The diode (striped glass cylinder), resistors (brown striped components), and capacitor (larger metal cylinder) create the delay.

The oscilloscope trace shows the operation of the delay circuit. When the (inverted) enable line (blue) goes low, the signal output (cyan) immediately turns on. However, the enable outputs (yellow and pink) are delayed by about 13 milliseconds.

Oscilloscope trace of the delay circuit.

I don't know the reason behind this delay circuit. Maybe it gives the oscillator time to settle after being enabled? Maybe the modem protocol uses 13 milliseconds of signal to indicate the start of a new message?

Some background on Teleprocessing

If you used computers in the 1990s, you probably used a dial-up modem like the one below to call a provider such as AOL through your phone line. The name "modem" is short for MOdulator-DEModulator, since it modulates the analog signal to encode the digital bits, as well as demodulating the received signal back to digital. In this way, the modem provided the connection between your computer's digital signals and the analog frequencies transmitted by phone lines.

The history of modems goes back much further, though. IBM introduced what they called "Teleprocessing" in the early 1940s, converting punch-card data to paper tape and sending it over telegraph lines for the U.S. Army.1 In the early 1950s, a device called Data Transceiver removed the intermediate paper tape, connecting directly to a telephone line. With the introduction of the IBM System/360 mainframe in 1964, Teleprocessing became widespread, used for many applications such as remote data entry and remote queries. Banking and airline reservations made heavy use of Teleprocessing. Timesharing systems allowed users to access a mainframe computer over remote terminals, kind of like cloud computing. Even the Olympics used Teleprocessing, transmitting data between widely-separated sites and a central computer that computed scores.

Back then, modems were large cabinets. The board that I examined could be used in an IBM 1026 Transmission Control Unit (below).3 This low cost unit was designed to "make a modest start toward satisfying your data communication requirements ... until it is time to step up to more powerful transmission control units". It could connect a computer such as the IBM 1401 to a single communications line.

Larger installations could use the IBM 1448 Transmission Control Unit (below). This refrigerator-sized cabinet was 5 feet high and could support up to 40 communications links.

Nowadays, people often use a cable modem or DSL modem to connect to the Internet. Fortunately technology has greatly improved and these modems aren't the large cabinets of the 1960s. Speeds have also greatly improved; a modern 180 Mbps network connection is 300,000 times faster than the 600 baud modem board that I examined. At that rate, a web page that now loads in a second would have taken almost 3 months!

Conclusion

This may seem like an overly detailed analysis of a random circuit board. But I was curious about the board due to its unusual transformer. I also figured it would be interesting to reverse-engineer the board to see how IBM built analog circuits back in the 1960s. Hopefully you've enjoyed this look at a vintage modem board.

Side view of the modem SMS card. The transformer is the metal box at the left.

I announce my latest blog posts on Twitter, so follow me at kenshirriff. I also have an RSS feed. Thanks to Nick Bletsch for sending me the board. I discussed this board on a couple of Twitter threads and got a bunch of interesting comments.

Notes and references

from Hacker News https://ift.tt/2YcNcOQ

Where Do Type Systems Come From?

Every time I want to quickly understand something about an advanced type system or programming language concept I get lost when I see something like this on Wikipedia:

Linear type systems are the internal language of closed symmetric monoidal categories, much in the same way that simply typed lambda calculus is the language of Cartesian closed categories. More precisely, one may construct functors between the category of linear type systems and the category of closed symmetric monoidal categories.

Why there’s so much research around types if perfectly applying them to programming languages is impractical? It turns out mathematicians are the ones behind the development of most of the work related to type systems – type theory. One might think they do this to support programming languages. After all, it’s part of the job of mathematicians to formalize what other disciplines developed with a more practical mindset. Infinitesimal calculus was greatly advanced by Isaac Newton to solve immediate problems in physics for example. But the development and study of type theory pre-dates programming languages! What problems were mathematicians trying to solve when they developed type theory, a curious programmer might ask.

The development of a theory of types started with Bertrand Russell in the beginning of the 20th century in Appendix B of The Principles of Mathematics (1903). It was developed as part of the effort to to describe new foundations for mathematics from which all mathematical truths could in principle be proven using symbolic logic.

In short, type theory was developed to be an alternative to set theory as the foundation of mathematical proofs in symbolic logic due to its ability to solve some contradictions stemming from naive set theory. Later, type theory referred to a whole class of formal systems. There are many type theories.

In part I of his Mathematical Logic as Based on the Theory of Types paper published in 1908, Russell lists many of such contradictions and finds a commonality in them.

In all the above contradictions (which are merely selections from an indefinite number) there is a common characteristic, which we may describe as self-reference or reflexiveness.

The simplest form of this kind of contradiction is the person who says “I am lying;” if she is lying, she is speaking the truth and if she is speaking the truth, she is lying. Russell rewrites “I am lying” many times to find the root cause of the contradiction.

“I am lying” becomes “There is a proposition which I am affirming and which is false”. All propositions that say “there is so-and-so” may be regarded as saying that the negation of “so-and-so” is not always true. We can now rewrite “I am lying” to “It is not true of all propositions that either I am not affirming them or they are true” in other words “It is not true for all propositions p that if I affirm p, p is true.” The “I am lying” paradox results, according to Russell, from regarding that as a proposition. This makes it evident that the notion of “all propositions” is illegitimate; for otherwise, there must be propositions (such as the above) which are about all propositions, and yet can not, without contradiction, be included among the propositions they are about. Whatever we suppose to be “all propositions,” statements about them generate new propositions which must lie outside “all propositions” to avoid a contradiction. Regarding “all propositions” as a meaningless phrase will avoid us many contradictions. Similarly, in set theory, we should not consider “the set of all sets” to be a legitimate set.

In part IV, Russell proposes the hierarchy of types

A type is defined as the range of significance of a propositional function, i.e., as the collection of arguments for which the said function has values. Whenever an apparent variable occurs in a proposition, the range of values of the apparent variable is a type, the type being fixed by the function of which “all values” are concerned. The division of objects into types is necessitated by the reflexive fallacies which otherwise arise.

That’s the equivalent of writing type annotations for programming functions. And the goal is avoiding bugs instead of logical contradictions.

It’s called hierarchy of types because it separates propositions into orders:

A proposition containing no apparent variable we will call an elementary proposition. […] The terms of elementary propositions we will call individuals; these form the first or lowest type.

[…]

Elementary propositions together with such as contain only individuals as apparent variables we will call first-order propositions. These form the second logical type.

[…] We can thus form new propositions in which first-order propositions occur as apparent variables. These we will call second-order propositions; these form the third logical type. Thus, e.g, if Epimenides asserts that “all first-order propositions affirmed by me are false,” he asserts a second-order proposition; he may assert this truly, without asserting truly any first-order proposition, and thus no contradiction arises.

For a programming analogy, let’s try to create a function capable of running all functions

function runFunction(func) {
  return func(1);
}

function addTwo(param) {
  return 2 + param;
}

function multiplyByTwo(param) {
  return 2 * param;
}

function program1() { return runFunction(addTwo); }
function program2() { return runFunction(multiplyByTwo); }
function program3() { return runFunction(runFunction); }

All programs above are syntactically valid. program1 and program2 will finish (they halt). program3 also finishes, but will be due to an error caught by JavaScript interpreter checks.

>> program1()
3
>> program2()
2
>> program3()
TypeError: func is not a function

program3 fails because runFunction can only run first-order functions and runFunction is a second-order function – a function that takes a first-order function as a parameter.

If we redefine runFunction in Typescript as

1
2
3

function runFunction(func: (param: number) => any) {
  return func(1);
}

The type-checker will yell at us about program3

function program3() { return runFunction(runFunction); }
                                         ^
Argument of type '(func: (param: number) => any) => any' is not assignable to parameter of type '(param: number) => any'.
  Types of parameters 'func' and 'param' are incompatible.
    Type 'number' is not assignable to type '(param: number) => any'.
function runFunction(func: (param: number) => any): any

Every programmer knows that type systems can’t prevent all bugs. Similarly, type theory wasn’t enough to describe new foundations for mathematics from which all mathematical truths could in principle be proven using symbolic logic. It wasn’t enough because this goal in its full extent is unattainable.

Even though theoretically, type theories and type systems are not enough to prevent all the problems in logic and programming, they can be improved and refined to prevent an increasingly number of problems in the practice of logic and programming. That means the research for better practical type systems is far from over!

References

Russell, Bertrand, “The Principles of Mathematics”, 1903.

Russell, Bertrand, “Mathematical Logic as Based on the Theory of Types”, 1908, American Journal of Mathematics.

Coquand, Thierry, “Type Theory”, The Stanford Encyclopedia of Philosophy.

Constable, Robert, The Triumph of Types: Principia Mathematica’s Impact on Computer Science,, 2011, Proceedings of 10th Annual Oregon Programming Languages Summer School.

Notes

from Hacker News https://ift.tt/3uwCnTB

I Am Suing UCLA

Recently, I was suspended from my job for refusing to treat my black students as lesser than their non-black peers.

Let me back up: I teach at UCLA’s Anderson School of Management, and I’ve been doing this for 40 years. I’ve taught 15 different courses, in finance, accounting and law. CNBC has had me on; I’ve been quoted in The Wall Street Journal.

My saga — which nearly led to my firing — began on the morning of June 2, 2020, when a non-black student in my class on tax principles and law emailed me to ask that I grade his black classmates with greater “leniency” than others in the class. “We are writing to express our tremendous concern about the impact that this final exam and project will have on the mental and physical health of our Black classmates,” the student wrote. (There was no project in this class, and it was unclear to me who the “we” in this case was. I suspected the student simply used a form letter he found online and neglected to change the subject.) “The unjust murders of Ahmaud Arbery, Breonna Taylor and George Floyd, the life-threatening actions of Amy Cooper and the violent conduct of the [University of California Police Department] have led to fear and anxiety which is further compounded by the disproportionate effect of COVID-19 on the Black community. As we approach finals week, we recognize that these conditions place Black students at an unfair academic disadvantage due to traumatic circumstances out of their control.”

The student then requested that the final be a “no harm” exam — meaning it should be counted only if it boosted one’s grade. “This is not a joint effort to get finals canceled for non-Black students, but rather an ask that you exercise compassion and leniency with Black students in our major.” (As I noted in my legal complaint, the student clarified, in a subsequent conversation with a university investigator, that he “intended that the requested adjustments apply to Black students and not the class generally.”)

To try to make his case, the student drew on UCLA’s “Equity, Diversity, and Inclusion” agenda, which directs professors to grant preferential “equity” to students belonging to “underrepresented groups.”

I wholeheartedly support these principles as most of us understand them. I think all human beings should be treated the same. I welcome — I celebrate — a diversity of opinions and arguments. And, to say the least, I believe in making room for anyone with the grades and gumption to study at one of the nation’s most competitive universities.

But academia has so corrupted these words that they are now hollowed out corpses devoid of their original meaning. Today, “diversity” means ideological homogeneity. And “inclusion” means the exclusion of some from a taxpayer-supported university to favor others deemed more deserving of an educational springboard to prosperity.

I have a law degree, and I’m pretty sure the university’s EDI agenda violates Proposition 209, the California Constitution’s prohibition against race-based preferences in public education. Voters enacted this decades ago and reaffirmed it, last year, at the ballot box. So, I opted to follow the state Constitution and my conscience.

Shocked by the student’s email, which struck me as deeply patronizing and offensive to the same black students he claimed to care so much about, I collected my thoughts and, 20 minutes later, emailed back: “Are there any students that may be of mixed parentage, such as half black half-Asian? What do you suggest I do with respect to them? A full concession or just half? Also, do you have any idea if any students are from Minneapolis? I assume that they are probably especially devastated as well. I am thinking that a white student from there might possibly be even more devastated by this, especially because some might think that they’re racist even if they are not.”

I wrapped up my reply by citing Martin Luther King’s vision of a colorblind world where people are judged solely by the content of their character — making it clear that I had no intention of treating any students differently on the basis of their skin color.

I thought this would do it and we’d move on with the class final and, just as important, summer break. I was naive.

By that evening, students were calling for my job. Soon after, they circulated a petition demanding I be fired; within a day or two, nearly 20,000 had signed — without knowing anything about me or taking into account, as far as I could tell, the implications of non-color-blind grading. I was attacked for being a white man and “woefully racist.” On June 5, three days after I was first emailed, I was suspended amid a growing online campaign directed at me.

It was around that time that I started to receive death threats on voicemail and email. One email, dated June 11, read: “You are a typical bigoted, prejudiced and racist dirty, filthy, crooked, arrogant Jew kike mother f**ker! Too bad Hitler and the Nazis are not around to give you a much needed Zyklon B shower.”About a week after this whole thing first blew up, there were police officers stationed outside my house. (It would take UCLA’s threat manager, Chris Silva, another ten days to check in with me to make sure I was okay.)

Anderson administrators were rattled, and for good reason. But not because of the fact that my life was now being threatened. The problem was Anderson’s reputation. It hadn’t granted an African-American professor tenure in decades. It had but a handful of tenured Latino professors. Black students made up about two percent of the student body. And men outnumbered women roughly two-to-one, leading many students to call Anderson the MANderson School of MANagement.

So, even though a university administrator made it clear the university could not take any action against me — on the grounds that there was no known cause for taking such action — Anderson’s Dean Antonio Bernardo took matters into his own hands. He apparently reasoned that a well-timed publicity stunt might distract attention away from the school’s reputation as an inhospitable place for persons of color — to say nothing of its plummeting rankings in U.S. News and World Report and Bloomberg Businessweek.

Without any deliberation I was aware of, Bernardo suspended and banned me from campus. Then, like a well-choreographed dance, the Anderson administration started attacking my character on social media. As I documented in my legal claim, on June 3, one day after I received the first email, the Anderson School’s Twitter account sent out a message: “Respect and equality for all are core principles at UCLA Anderson. It is deeply disturbing to learn of this email, which we are investigating. We apologize to the students who received it and to all those who have been as upset and offended by it as we are ourselves.” This implied I didn’t believe in equality for all — when that was exactly what I believed and continue to believe. Judson Caskey, who oversees the accounting program at Anderson, was tasked with monitoring my outgoing emails. I had been deemed radioactive.

I was confused and hurt. From the start, my whole point had been that all students, irrespective of skin color, should be treated the same. And now...this?

Fortunately, some rational voices came to my defense. UCLA’s Academic Senate’s Committee on Academic Freedom condemned Anderson’s administration for violating my rights and “chilling” other professors into not voicing unorthodox opinions. The university’s Discrimination Prevention Office declared that there was no there there — that the case did not warrant an investigation. On top of all this, 76,000 concerned individuals from around the world — from across the country and beyond — signed a petition demanding my reinstatement.

Less than three weeks after this whole thing blew up, I was reinstated. But this story is not over.

You see, most of my income comes not from teaching at UCLA but from consulting to law firms and other corporations. Several of those firms dropped me after they got wind that I’d been suspended — the better to put distance between themselves and a “racist.” That cost me the lion’s share of my annual income. The students involved in this escapade may have moved on to other causes. I have not. I’m not sure I ever will.

As a result, I have just filed a lawsuit against the University of California system. No employee should ever cower in fear of his employer’s power to silence legitimate points of view, and no society should tolerate government-sponsored autocrats violating constitutional mandates.

As the Supreme Court ruled in a 1967 case in which a university professor refused to sign an oath stating he was not a communist, professors should never be coerced into an unthinking timidity. “Academic freedom,” Justice William Brennan wrote, “is of transcendent value to all of us.”

My parting thought: This is not just about principle. It’s also about the United States’ ability to compete. Anderson, like elite business schools across the country, is supposed to be training the next generation of innovators. The people who will muster the imagination and fortitude to create life-changing technologies and lead groundbreaking multinationals. If we don’t maintain our standards — if we’re not allowed to push all of our students to do their very best — we will be disarming unilaterally. I refuse to do that, and I’m convinced, this recent episode notwithstanding, that most of my students and colleagues feel the same way.

Gordon Klein teaches financial analysis, law, and public policy at the University of California at Los Angeles.

You can read his complaint against UCLA by clicking “read now” — and subscribe to support our work at the button just below.

from Hacker News https://ift.tt/3usEMPc

Hacker News RSS

Overview

hnrss.org provides custom, realtime RSS feeds for Hacker News.

The following feed types are available:

Stay up-to-date with hnrss development via RSS: https://hnrss.github.io/updates.xml

Feeds

Each feed is valid RSS served over HTTPS.

Firehose Feeds

The “firehose” feeds contain all new posts and comments as they appear on Hacker News:

https://hnrss.org/newest
https://hnrss.org/newcomments

For just the posts that have appeared on the front page:

https://hnrss.org/frontpage

If the firehose feeds are a bit too noisy for you, read below on filtering them with the points and/or comments parameters.

Search Feeds

You can get a feed of new posts and/or comments containing keywords by using the q=KEYWORD parameter. For example:

https://hnrss.org/newest?q=Django
https://hnrss.org/newcomments?q=WordPress

If you want a single search feed but multiple keywords, separate the keywords with " OR ":

https://hnrss.org/newest?q=git+OR+linux

If your query contains reserved characters (especially the plus sign), you'll need to percent-encode those characters:

# This is the percent-encoded form of C++
https://hnrss.org/newest?q=C%2B%2B

Reply Feeds

Keep an eye on replies to your comments:

https://hnrss.org/replies?id=jerf

Use a comment ID to follow replies to a particular comment:

https://hnrss.org/replies?id=17752464

Recent, highly voted comments from across Hacker News:

https://hnrss.org/bestcomments

Some great stuff in here in threads you may not normally have opened. Definitely recommended.

Self Post Feeds

Ask HN, Show HN, and polls are available:

https://hnrss.org/ask
https://hnrss.org/show
https://hnrss.org/polls

Alternative Feeds

Hacker News Classic only counts votes from "early users" (accounts created before February 13, 2008):

https://hnrss.org/classic

Hacker News Best for top vote getters from the past few days:

https://hnrss.org/best

Hacker News Invited and Pool for reposted stories invited back by the mods and given a second chance:

https://hnrss.org/invited
https://hnrss.org/pool

Hacker News Active for posts with the most active, ongoing discussions:

https://hnrss.org/active

Hacker News Launches for "Launch HN" posts from YC affiliated startups:

https://hnrss.org/launches

Job Feeds

Job opportunities from YC funded startups:

https://hnrss.org/jobs

Top level comments in threads created by the whoishiring bot:

# Comments from "Who is hiring?" threads
https://hnrss.org/whoishiring/jobs

# Comments from "Who wants to be hired?" threads
https://hnrss.org/whoishiring/hired

# Comments from "Freelancer? Seeking freelancer?" threads
https://hnrss.org/whoishiring/freelance

# All of the above
https://hnrss.org/whoishiring

If you’re interested in something in particular, you can apply a q=KEYWORD parameter to only return relevant comments. For example, filter the top-level “Who is hiring?” comments to only those containing “React Native”:

https://hnrss.org/whoishiring/jobs?q=React+Native

User Feeds

If you don’t want to miss a post or comment by a given user, you can subscribe to that user’s feed:

https://hnrss.org/submitted?id=USERNAME # posts
https://hnrss.org/threads?id=USERNAME   # comments
https://hnrss.org/user?id=USERNAME      # everything

Favorite Feeds

Supply a username and get a feed of posts that have been "favorited" by that user:

https://hnrss.org/favorites?id=edavis

At the moment this only returns posts, not comments.

Note: This scrapes Hacker News first and then fetches from Algolia. For this reason, please be extra conservative with your refresh schedule. Thanks in advance.

Thread Feeds

A chronological feed of new comments on a particular post can be found at:

https://hnrss.org/item?id=THREAD_ID

You can filter this feed by author by providing the author parameter:

https://hnrss.org/item?id=THREAD_ID&author=USERNAME

With THREAD_ID the numerical ID found in the URL when viewing the comments page and USERNAME being the author's username.

Feed Options

You can modify any feed’s output using URL parameters. Multiple parameters can be applied at the same time by joining them with an ampersand.

Activity Parameters

You can apply a points=N or comments=N parameter to any feed to filter the results so only entries with more than N points or comments are shown:

https://hnrss.org/newest?points=100
https://hnrss.org/ask?comments=25

You can also combine both parameters:

https://hnrss.org/show?points=100&comments=25

Unfortunately, /newcomments does not work with a points=N parameter.

Search Parameter

By default, searches on posts only look at titles. If you want to search against the submitted URLs themselves, use the search_attrs parameter.

Here are some examples:

# Search for posts with "WordPress" in the title only
https://hnrss.org/newest?q=WordPress

# Search for posts with 'WordPress' in the URL only
https://hnrss.org/newest?q=WordPress&search_attrs=url

# Search for posts with 'WordPress' in the title or URL
https://hnrss.org/newest?q=WordPress&search_attrs=title,url

# Don't restrict search attributes at all. This searches for posts
# containing 'WordPress' in all attributes indexed by Algolia. This was
# the behavior of searches prior to June 3, 2015
https://hnrss.org/newest?q=WordPress&search_attrs=default

Link Parameter

By default, the RSS <link> element points to the submitted article’s URL. The <link> element can be changed to point to the Hacker News comment page by appending link=comments to the end of the URL. For example:

https://hnrss.org/newest?link=comments

Description Parameter

You can disable the <description> element entirely by passing the description=0 parameter:

https://hnrss.org/newest?description=0

Count Parameter

By default, feeds return 20 RSS items. This can be increased via the count=N parameter:

https://hnrss.org/newest?count=50

There is a hardcoded limit of 100 entries, so keep that in mind.

Feed Formats

By default, feeds come back as RSS. But if you add “.atom” or “.jsonfeed” to any endpoint you’ll receive the contents in Atom or JSON Feed, respectively.

# The front page as Atom
https://hnrss.org/frontpage.atom

# "Ask HN" with 10 or more comments as JSON Feed
https://hnrss.org/ask.jsonfeed?comments=10

Note: These formats are a lot less battle-tested than the RSS format. If you see any wonkiness or they don’t play nicely with your feed reader, please open an issue with as much information as possible. Thanks!

Support

If hnrss.org has made your job or hobby project easier, and you want to show some gratitude, donations are very much appreciated.

Another way to support hnrss.org is to use this DigitalOcean referral link and receive $10 in credit. Once you’ve spent $25 with DigitalOcean, hnrss.org will receive $25 in credit.

Thanks!

Credits

Thanks to Algolia for providing their REST API. Without it, hnrss.org simply would not exist.

Thanks to Jared Andrews for the PR that created the /whoishiring/ endpoints.

Thanks to Zhiming Wang for adding Python 3 support.

Thanks to Grant Jenks for the idea of adding the Article URL and Points to the description.

Thanks to Chuck Grimmett for being a sounding board when it comes to adding new features to hnrss.org as well as suggesting the /jobs endpoint.

And many, many thanks to all those who have donated in support of the project over the years. You all mean the world to me.

Colophon

hnrss.org is served by nginx on DigitalOcean. HTTPS is provided by Let’s Encrypt. DNS is provided by Namecheap.

As of September 2018, the feeds are generated using the Gin web framework. From May 2014 to August 2018, the feeds were generated using the Flask web framework.

Repositories

A brief primer on the various repositories that make up hnrss.org:

When hnrss.org was created in May 2014, code and documentation lived inside the edavis/hnrss repository.

In April 2017, the documentation was revamped, migrated into Hugo, and was given its own repository at edavis/hnrss-docs. The built assets were copied into the docs/ folder on edavis/hnrss and published at https://edavis.github.io/hnrss/.

In August/September 2018, hnrss.org underwent a rewrite from Flask to Gin. This new code lives at edavis/go-hnrss.

So, as of September 2018, that’s the state of play. The documentation source lives at edavis/hnrss-docs. The Gin source that powers hnrss.org lives at edavis/go-hnrss.

edavis/hnrss contains the Flask code that powered the site from May 2014 to August 2018 as well as the docs/ folder that contains the built HTML copied from edavis/hnrss-docs.

At some point I’d like to simplify all of this and run everything out of one repository, but it’ll do for now.

Update (October 2020): Work has (finally) began on simplifying the above. The hnrss, go-hnrss, and hnrss-docs repos have been moved to a new GitHub organization. The Go code that powers the site has been copied into hnrss/hnrss. The original Python code will be kept in the python branch. The go-hnrss and hnrss-docs repos have been archived. A new repo has been created to house the docs. The new URL for hnrss.org documentation is hnrss.github.io.

This documentation was last updated on May 1, 2021.

from Hacker News https://ift.tt/3epreOf

Why is everything so hard in a large organization?

Comments

from Hacker News https://ift.tt/3kSorAk

New leak of Epik data exposes company’s entire server

Mikael Thalen

Tech

Published Sep 29, 2021 Updated Sep 29, 2021, 4:39 pm CDT

The hacking collective Anonymous has released what it claims to be new data from the controversial web hosting company Epik.

In a press release on Tuesday, the hacktivist group announced what it has dubbed as “The /b/ Sides,” or part two of “Operation EPIK FAIL.”

Anonymous took credit earlier this month for breaching Epik, known for hosting far-right websites such as Gab, Parler, and TheDonald, before releasing an 180GB cache of the domain registrar’s data. The hack affected more than 15 million people and exposed names, physical addresses, passwords, credit card numbers, emails, and more.

Now, the hacktivist collective says it has leaked “several bootable disk images of assorted systems” in a roughly 70GB torrent file.

“[Y]ou didn’t think we completely dominated Epik and merely ran off with some databases and a system folder or two, did you?” the press release states. “We are Anonymous. Flexing as hard as we can is how we do a barrel roll (Press Z or R twice!).”

WhiskeyNeon, a Texas-based hacker and cybersecurity expert who reviewed the file structure of the leak, told the Daily Dot how the disk images represented Epik’s entire server infrastructure.

“Files are one thing, but a virtual machine disk image allows you to boot up the company’s entire server on your own,” he said. “We usually see breaches with database dumps, documents, configuration files, etc. In this case, we are talking about the entire server image, with all the programs and files required to host the application it is serving.”

The data includes API keys and plaintext login credentials for not only Epik’s system but for Coinbase, PayPal, and the company’s Twitter account.

Following the first leak, Epik initially denied it was aware of any breach before later conceding that it was looking into “an alleged security incident.”

Epik CEO Rob Monster, who did not respond to requests for comment from the Daily Dot, would go on to hold a more than four hour long live video conference online to address the initial hack. The meeting would see Monster break out into prayer numerous times, make attempts to vanquish demons, and warn viewers that their hard drives could burst into flames due to “curses” placed on the hacked data.

Monster admitted during the call that an unknown individual had attempted to steal $100,000 after getting ahold of his Coinbase API key.

The leak would uncover everything from right-wing domains targeted with subpoenas and attempts by conservative Ali Alexander to hide his ties to election fraud conspiracy websites in the wake of the Jan. 6 Capitol riot.

The second leak of Epik data comes just days after the Oath Keepers militia, a group who began using Epik’s services in January, was allegedly hacked as well. The paramilitary group’s emails, internal chats and data on members and donors, including those who work for the U.S. government and military, would be exposed as a result.

When listeners pay close attention to stories, their heart rates synchronize

Researchers found that people whose heart rates most closely correlated with others while listening to children’s stories were better at recalling details such as the names of characters. Image credit: Shutterstock/Alhovik

Researchers found, for example, that people whose heart rates most closely correlated with others while listening to children’s stories were better at recalling details such as the names of characters. Image credit: Shutterstock/Alhovik

An international team of researchers has shown that when a group of people hear the same story or watch the same video, their heart rates tend to rise and fall in synch. This correlation of heart rates, described this month in Cell Reports, could one day lead to new tools for measuring attentiveness, both in the classroom and the clinic.

Lucas Parra, a biomedical engineer at City College of New York, New York, and co-senior author on the study, knew from the previous work by his own group and others that people paying attention to the same videos or listening to the same stories show similar brain activity, as measured by electroencephalogram (EEG). Jens Madsen, a postdoctoral fellow in Parra’s lab and cofirst author of the study, convinced him that the heart deserved a look as well. “Brain signals are hard to get,” says Parra. “If the heart can do that, it is even better because you don’t have to set up complicated recording equipment for the brain.”

The pair teamed up with co-senior author Jacobo Sitt of the Paris Brain Institute in France and others in a series of experiments to explore how heart rates increase and decrease across listeners. They began by asking over two dozen volunteers to each listen to 16 one-minute segments of Jules Verne’s “20,000 Leagues Under the Sea.” The heart rates of participants, captured by electrocardiogram (EKG), tended to speed up or slow down at the same points in the story.

The team then showed another set of volunteers a series of five short educational videos on topics ranging from the immune system to how light bulbs work. They then asked volunteers to watch the same videos a second time, but with the added distraction of attempting to count backwards silently in their minds by sevens while viewing. Without the distraction, viewers’ heart rates were correlated much like in the first study. With the added math challenge, attention waned and heart rates fell out of sync.

The researchers also found that people whose heart rates most closely correlated with others while listening to children’s stories were better at recalling details such as the names of characters. “If you are paying attention to the narrative, then your heart rate will fluctuate in a reliable fashion,” explains Parra. “If you stop paying attention, then your heart rate might still fluctuate, but not temporally aligned to the narrative.”

Exactly what caused heart rates to speed or slow with the stories wasn’t clear. When Parra saw the results of the first experiment, he thought that stories might affect breathing, which could affect heart rate. But subsequent experiments ruled out that possibility. For now, Parra’s best guess is that the brain is preparing the heart to always be at the ready. “I think that your heart rate goes up and down because your body needs to act,” Parra says. “That requires understanding what’s happening around us. And so that’s why the heart follows the narrative.”

On one level, the findings are uplifting simply because they demonstrate how stories unite us, says Parra. “It warms your heart to know that you are not alone when you’re listening to a story.”

But the findings do suggest applications. As part of the paper, the team also compared heart rates of healthy participants and patients with disorders of consciousness, such as coma, while listening to a children’s story through headphones. This small pilot study demonstrated that correlations among heart rates could help distinguish healthy participants from patients. Ultimately, the researchers would like to know whether heart rate fluctuations can suggest the potential for recovery. “In a patient that does in fact follow a story with the heart rate fluctuations,” Parra explains, “we would like to know if that is prognostic of their cognitive state in a month or three months from now.”

Neuropsychologist Hennric Jokeit, whose own research demonstrated correlations in heart rates across some viewers of a disaster film, agrees that the current study could spur new applications, from clinical diagnostics to advertising. “I think it’s an open field,” says Jokeit, who’s at the Swiss Epilepsy Centre in Zurich, Switzerland. Experimental psychologist Anne-Marie Brouwer envisions applications in education, such as evaluating how well educational material holds students’ attention. Brouwer, who conducts mental state monitoring research at the Netherlands Organisation for Applied Scientific Research, has shown in her own work that synchronous heart rates indicate attention to a story.

Parra thinks that one day students and others might use smart watches to track their own heart rates and give themselves a nudge whenever the fluctuation patterns indicate that they’re losing focus. His team is now gathering more data by showing participants full length movies. “What about the content pushes [heart rate] up and down?” Parra wonders. “Now perhaps we have enough diversity of material where we can start asking that kind of question.”

from Hacker News https://ift.tt/2XZ2Vk4

These ransomware crooks are complaining they are getting ripped off - by other ransomware crooks

Cyber criminals using a ransomware-as-a-service scheme have been spotted complaining that the group they rent the malware from could be using a hidden backdoor to grab ransom payments for themselves.

REvil is one of the most notorious and most common forms of ransomware around and has been responsible for several major incidents. The group behind REvil lease their ransomware out to other crooks in exchange for a cut of the profits these affiliates make by extorting Bitcoin payments in exchange for the ransomware decryption keys that the victims need.

But it seems that cut isn't enough for those behind REvil: it was recently disclosed that there's a secret backdoor coded into their product, which allows REvil to restore the encrypted files without the involvement of the affiliate.

SEE: A winning strategy for cybersecurity (ZDNet special report)

This could allow REvil to takeover negotiations with victims, hijack the so-called "customer support" chats – and steal the ransom payments for themselves.

Analysis of underground forums by cybersecurity researchers at Flashpoint suggests that the disclosure of the REvil backdoor hasn't gone down well with affiliates.

One forum user claimed to have had suspicions of REvil's tactics, and said their own plans to extort $7 million from a victim was abruptly ended. They believe that one of the REvil authors took over the negotiations using the backdoor and made off with the money.

Another user on the Russian-speaking forum complained they were tired of "lousy partner programs" used by ransomware groups "you cannot trust", but also suggested that the status of REvil as one of the most lucrative ransomware-as-a-service schemes means that wannabe ransomware crooks will still flock to become affiliates. That's particuarly the case now the group is back in action after appearing to go on hiatus earlier in the summer.

For those scammers who think they've been scammed, there's not a lot they can do (and few would have sympathy for them). One forum user suggested any attempt at dealing with this situation would be as useless as trying to arbitrate "against Stalin".

Ransomware remains one of the key cybersecurity issues facing the world today. For victims of ransomware attacks, it ultimately doesn't matter who is on the other end of the keyboard demanding payment for the decryption key – many will just opt to pay the ransom, percieving it as the best way to restore the network.

ZDNet Recommends

The best cloud storage services

Free and cheap personal and small business cloud storage services are everywhere. But, which one is best for you? Let's look at the top cloud storage options.

But even if victims pay the ransom – which isn't recommended because it encourages more ransomware attacks – restoring the network can still be a slow process and it can be weeks or months before services are fully restored.

SEE: A cloud company asked security researchers to look over its systems. Here's what they found

Be it REvil or any other ransomware gang, the best way to avoid the disruption of a ransomware attack is to prevent attacks in the first place.

Some of the key ways organisations can help stop ransomware attacks is to make sure operating systems and software across the network is patched with the latest security updates, so cyber criminals can't easily exploit known vulnerabilities to gain an initial foothold.

Multi-factor authentication should also be applied to all users to provide a barrier to hands-on attackers being able to use stolen usernames and passwords to move around a compromised network.

MORE ON CYBERSECURITY

from Latest Topic for ZDNet in... https://ift.tt/3mdH8xK

Fusion News Ignites Optimism

About this article

Cite this article

Fusion news ignites optimism. Nat. Photon. 15, 713 (2021). https://ift.tt/39ThJ6y

Download citation

Published: 28 September 2021
Issue Date: October 2021
DOI: https://doi.org/10.1038/s41566-021-00890-z

Share this article

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

from Hacker News https://ift.tt/3ijyVHd

The Art of Linear Algebra [pdf]

Comments

from Hacker News https://ift.tt/3kS6rFT

What a crossword AI reveals about humans' way with words

At last week’s American Crossword Puzzle Tournament, held as a virtual event with more than 1,000 participants, one impressive competitor made news. (And, despite my 143rd-place finish, it unfortunately wasn’t me.) For the first time, artificial intelligence managed to outscore the human solvers in the race to fill the grids with speed and accuracy. It was a triumph for Dr. Fill, a crossword-solving automaton that has been vying against carbon-based cruciverbalists for nearly a decade.

For some observers, this may have seemed like just another area of human endeavor where AI now has the upper hand. Reporting on Dr. Fill’s achievement for Slate, Oliver Roeder wrote, “Checkers, backgammon, chess, Go, poker, and other games have witnessed the machines’ invasions, falling one by one to dominant AIs. Now crosswords have joined them.” But a look at how Dr. Fill pulled off this feat reveals much more than merely the latest battle between humans and computers.

When IBM’s Watson supercomputer outplayed Ken Jennings and Brad Rutter on Jeopardy! just a little more than 10 years ago, Jennings responded, “I, for one, welcome our new computer overlords.” But Jennings was a bit premature to throw in the towel on behalf of humanity. Then as now, the latest AI advances show not only the potential for the computational understanding of natural language, but also its limitations. And in the case of Dr. Fill, its performance tells us just as much about the mental arsenal humans bring to bear in the peculiar linguistic challenge of solving a crossword, matching wits with the inventive souls who devise the puzzles. In fact, a closer look at how a piece of software tries to break down a fiendish crossword clue provides fresh insights into what our own brains are doing when we play with language.

Dr. Fill was hatched by Matt Ginsberg, a computer scientist who is also a published crossword constructor. Since 2012, he has been informally entering Dr. Fill in the ACPT, making incremental improvements to the solving software each year. This year, however, Ginsberg joined forces with the Berkeley Natural Language Processing Group, made up of graduate and undergraduate students overseen by UC Berkeley professor Dan Klein.

Klein and his students began working on the project in earnest in February, and later reached out to Ginsberg to see if they could combine their efforts for this year’s tournament. Just two weeks before the ACPT kicked off, they hacked together a hybrid system in which the Berkeley group’s neural-net methods for interpreting clues worked in tandem with Ginsberg’s code for efficiently filling out a crossword grid.

(Spoilers ahead for anyone interested in solving the ACPT puzzles after the fact.)

The new and improved Dr. Fill fills the grid in a flurry of activity (you can see it in action here). But in reality, the program is deeply methodical, analyzing a clue and coming up with an initial ranked list of candidates for the answer, and then narrowing down the possibilities based on factors like how well they fit with other answers. The correct response may be buried deep in the candidate list, but enough context can allow it to percolate to the top.

Dr. Fill is trained on data gleaned from past crosswords that have appeared in various outlets. To solve a puzzle, the program refers to clues and answers it has already “seen.” Like humans, Dr. Fill must rely on what it has learned in the past when faced with a fresh challenge, seeking out connections between new and old experiences. For instance, the second puzzle of the competition, constructed by Wall Street Journal crossword editor Mike Shenk, relied on a theme in which long answers had the letters -ITY added to form new fanciful phrases, such as OPIUM DENS becoming OPIUM DENSITY (clued as “Factor in the potency of a poppy product?”). Dr. Fill was in luck, since despite the unusual phrases, a few of the answers had appeared in a similarly themed crossword published in 2010 in The Los Angeles Times, which Ginsberg included in his database of more than 8 million clues and answers. But the tournament crossword’s clues were sufficiently different that Dr. Fill was still challenged to come up with the correct answers. (OPIUM DENSITY, for instance, was clued in 2010 as “Measure of neighborhood drug traffic?”)

Courtesy of Dan Klein

For all the answers, whether part of the puzzle’s theme or not, the program works through thousands of possibilities to generate candidates that would best match the clues, ranking them by likelihood and checking them against the constraints of the grid, such as how across and down entries interlock. Sometimes the top candidate is the right one: For the clue “imposing groups,” for example, Dr. Fill ranked the correct answer, ARRAYS, as the preferred word. The word “imposing” had never appeared in previous clues for the word, but other synonymous words like “impressive” had, allowing Dr. Fill to infer the semantic connection.

Courtesy of Dan Klein

from Hacker News https://ift.tt/3elIZxx

Israeli Diplomat Pressured UNC to Remove Teacher Who Criticized Israel

This August, Israeli consular officials in the southeast U.S. arranged meetings with a dean at the University of North Carolina at Chapel Hill to discuss a graduate student teaching a course on the Israeli-Palestinian conflict. According to two UNC professors with knowledge of the meetings, who asked for anonymity for fear of retribution, the Israeli official accused the Ph.D. student of antisemitism and said she was unfit to teach the course.

The intervention by an Israeli government official, Consul General to the Southeastern United States Anat Sultan-Dadon, followed a pressure campaign by right-wing pro-Israel websites and an advocacy group to remove the graduate student, Kylie Broderick, from teaching the history department course called “The Conflict over Israel/Palestine.” The websites and pro-Israel advocacy group pointed to postings Broderick had made on Twitter that criticized Israel and Zionism and, without evidence, cited the postings as evidence of antisemitism.

UNC Ph.D. student Kylie Broderick.

Photo: Courtesy of Kylie Broderick

In addition to the intervention by the Israeli government, the school faced pressure from a member of the U.S. House of Representatives, the two UNC professors told The Intercept. The professors said Rep. Kathy Manning, D-N.C., also met with the dean of the College of Arts and Sciences to exert pressure over Broderick’s course.

“It is not a new phenomenon where outside parties have tried to stifle academic freedom on this subject,” Broderick said. “But these people have never seen me teach, never seen my past evaluations which have said that I treat students fairly, and thus have no right to dictate what I say inside the classroom.”

Israel-Palestine has become one of the most politicized areas of academia, with periodic firings of professors, prosecutions of students, and even the maintenance of public blacklists helping impose an atmosphere of fear and self-censorship over the topic. Even by that standard, the intervention of Israeli government officials directly with an American university over the teaching of a course represents a troubling new threat to academic freedom.

“I think that a representative of a foreign government attempting to police an academic class is, in the first place, ridiculous, and an obvious overreaction to what is essentially an issue that started on Twitter,” Broderick said. “I also think it is strange that the Israeli consulate general was granted an audience. If this was a class on Hungary or Australia, would the university have permitted the attempted interference of a foreign government? The fact that this meeting happened at all is clearly a threat to academic freedom.”

“The fact that this meeting happened at all is clearly a threat to academic freedom.”

The controversy started over several tweets sent by Broderick that were highly critical of Israel and U.S. foreign policy, including support for the Boycott, Divestment, and Sanctions movement against Israel. Broderick rejected accusations leveled by Israeli consular officials that her criticisms of Israel on social media constituted antisemitism. “A critique of Israel and the political ideology of Zionism does not constitute bigotry any more than a critique of Iran, which calls itself an Islamic Republic, constitutes an Islamophobic attack,” Broderick said. ”States are not religions, nor are states a people.”

Broderick had expected scrutiny some of her teaching, as Israel is always a hot-button issue in the United States. What she did not was the degree to which the smear campaign against her would balloon, up to and including interventions from officials of two governments.

In a statement to The Intercept, Sultan-Dadon confirmed the meeting with the dean of UNC’s College of Arts and Sciences about Broderick. Though Sultan-Dadon declined to comment on the specifics of the discussion, she doubled down on her view that Broderick was antisemitic and unfit to teach a course on the history of the Israeli-Palestinian conflict.

“Regarding the matter of the course ‘The Conflict over Israel/Palestine’ at UNC Chapel Hill taught by PhD student Ms. Broderick, I do have significant concerns regarding public statements that have been made by Ms. Broderick on this subject matter, some of which are not only heavily biased, but fall clearly under what is defined as antisemitic by the IHRA working definition of antisemitism,” Sultan-Dadon said, referring to the International Holocaust Remembrance Alliance’s heavily contested definition of antisemitism.

The consul general went on: “I think it should be of concern to anyone who stands against antisemitism, and for academic freedom, that an individual who has not only made public antisemitic statements in reference to Israel and the Israeli Palestinian conflict, but also publicly stated that she does not believe there are two sides to this conflict and does not want to teach her students both sides, is the selected teacher for a course on ‘The Conflict over Israel/Palestine.’”

Manning’s congressional office did not respond to a request for comment on the meetings with UNC officials. Manning’s website is short on foreign policy positions but says that support for Israel is a key issue for the U.S. House member.

The dean’s office and UNC declined to comment on the meeting with officials. However, UNC officials appear to be holding firm despite the heavy outside pressure over Broderick’s teaching of the course. An email from the chancellor’s office this August, circulated online by pro-Israel groups, indicated that the course would go forward as planned, and Broderick has since begun teaching without controversy or complaints from students.

The controversy over Broderick’s teaching of the course began this summer, after the pro-Israel website Algemeiner did a story focused on a series of tweets Broderick had made that were highly critical of Israel or deemed by the author, Peter Reitzes, to have been “crass.”

The issue snowballed from there as other activist news websites picked up the issue and began spreading it in their networks — even reaching mainstream news. In August, a local ABC affiliate broadcasted an investigative story by journalist Jonah Kaplan. Kaplan quoted students saying that Broderick’s tweets criticizing Israel were reminiscent of the rhetoric that fomented the Holocaust, describing them as a “new mutation of what anti-Semitism is today.” Another student told Kaplan, regarding Broderick’s tweets, “Just replace Zionist with Jew and it’s pretty obvious it’s anti-Semitic.”

Similar campaigns, accusing critics of Israel of antisemitism despite a lack of direct evidence, have long become commonplace in U.S. academia.

“In a weird way, what is interesting about Broderick’s case is that in all likelihood she is going to be fine, and that is a massive change from what would have happened even a decade ago.”

“Academic courses all over the U.S. have been taught for a long time with a massive bias in favor of Israel, and if people in a classroom or faculty are pro-Israel, they should be allowed to make that argument. But what all this outside pressure on academics is trying to do is prevent the same from happening from the Palestinian perspective,” said Jonathan Brown, a professor of Islamic civilization at Georgetown University. “There are fundamental questions at stake here about academic freedom and whether academics are expected to teach according to donor or even foreign government preferences.”

In many ways, however, the discourse over the conflict is changing, with polls showing growing sympathy for the Palestinian cause and openness to criticism of Israeli government policy among Americans, including among liberal, progressive, and Jewish organizations that also prioritize the fight against domestic antisemitism. The intense pushback, even against graduate students critical of Israel teaching courses on the subject with the Israeli government itself directly involved, is seen by some as a way of trying to maintain a slanted status quo that is now going out of favor.

“When I was in college 20 years ago, if someone said something critical of Israel in class, you could hear a pin drop. It was frightening. Things are very different now,” said Brown. “In a weird way, what is interesting about Broderick’s case is that in all likelihood she is going to be fine, and that is a massive change from what would have happened even a decade ago.”

Correction: September 28, 2021, 2:08 p.m. ET
Due to an editing error, an earlier version of this story misstated North Carolina Rep. Kathy Manning’s political party. She is a Democrat.

from Hacker News https://ift.tt/2XXSs8M

Australia's digital vaccination certificates for travel ready in two to three weeks

Services Australia CEO Rebecca Skinner on Thursday said that Australia's digital vaccination certificates for international travel would be ready in two to three weeks.

Skinner, who appeared before Australia's COVID-19 Select Committee, provided the update when explaining how the upcoming visible digital seal (VDS) would operate.

The VDS is Australia's answer for indicating a person's COVID-19 vaccination status for international travel; it will link a person's vaccination status with new digital vaccination certificates and border declarations.

Skinner said her agency was working to make the VDS accessible to fully vaccinated people through the MedicareExpress Plus app. To access the VDS through the MedicareExpress Plus app, Skinner said users would need to provide additional passport details along with the consent to share their immunisation history with the Australian Passport Office. The data would then be sent to the Passport Office to determine whether the user is eligible to receive a VDS.

The approval process performed by the passport office will be automated, Service Australia Health Programmes general manager Jarrod Howard said, and would entail the Passport Office checking whether the person is fully vaccinated.

Due to the process being automated, Howard said people could re-apply for a VDS "in a matter of seconds" at the airport in the event there is an error with a VDS.

Once approved, Howard said the VDS would be available on the Medicare Express Plus App and allow for verification on third-party apps.

Providing a timeline for when VDS would be ready, Skinner told the committee she expected it to be ready in the next two to three weeks, or before the end of October at the latest.

While noting the digital vaccination certificate for international travel was coming soon, she adamantly refused to call the VDS a vaccine passport as an official passport is still required. Outgoing travellers from Australia will not be allowed to travel abroad without the VDS or another authorised digital vaccination certificate, however, even if they have a passport.

Australia's Trade Minister Dan Tehan earlier this month said the VDS system has already been sent to all of Australia's overseas embassies in order to begin engagement with overseas posts and overseas countries regarding international travel.

The Department of Foreign Affairs and Trade, meanwhile, has already put out a verification app, called the VDS-NC Checker, onto Apple's App Store, which the department hopes will be used at airports to check people onto flights.

International travel for fully vaccinated people living in Australia is currently expected by Christmas, with Tehan confirming that the official date would be when 80% of the country is fully vaccinated.

Digital vaccination certificate for state check-in apps to undergo trial

On the domestic front, fully vaccinated Australians may soon be able to add digital vaccination certificates to state-based check-in apps, Skinner said.

She said there would eventually be an additional feature on the MedicareExpress App that allows users to add their COVID-19 immunisation history to state-based check-in apps.

The process for adding the digital vaccination certificate to state-based check-in apps will be similar to accessing the VDS, except users will not need to provide their passport details.

Consent must first be provided for the data to be added to state-based apps, Skinner said.

The consent provided by users will last for 12 months, with users needing to provide consent again in order for the immunisation information to continue to appear on the state-based apps.

Services Australia envisions this process occurring through a security token being passed to the relevant state authority once consent is provided. The security token will have data showing a person's COVID-19 immunisation history and other information such as an individual health identifier.

That data would be stored in the Australian Immunisation Register (AIR) database, which is maintained by Services Australia on behalf of the Department of Health.

Currently, those fully vaccinated can only add their digital vaccination certificate to Apple Wallet or Google Pay. Those not eligible for Medicare who are fully vaccinated, meanwhile, can call the Australian Immunisation Register for a hard copy, or use the Individual Healthcare Identifiers service through myGov for a digital version.

Trials to implement the COVID-19 digital certificate on state-based apps will start in New South Wales next week. Of Australia's states and territories, only New South Wales has officially signed up to trial the new feature so far, however.

"Our approach has been particularly for high volume venues to reduce friction on both staff in those venues and also friction for customers to leverage the current check-in apps that all of the jurisdictions currently have," Services Australia Deputy CEO of Transformation Projects Charles McHardie said.

When asked why Services Australia was not focusing on introducing the digital vaccination certificate through a national app, like COVIDSafe, McHardie explained that this was due to Australia's public health orders being issued at a state level.

McHardie conceded, however, that incoming travellers could potentially be required to install up to eight different apps to adhere to Australia's various state check-in protocols.

Howard added that check-in apps from certain states and territories -- ACT, Northern Territory, Queensland, and Tasmania -- had interoperability with each other due to these apps using the same background technology.

According to DTA acting-CEO Peter Alexander, who also appeared before the committee, the bungled COVIDSafe app has cost AU$9.1 million as of last week. New South Wales and Victoria have been the only states to use information from the app.

The AU$9.1 million figure is in line with the January update that the COVIDSafe app costs around AU$100,000 per month to run. At the end of January, total spend for the app was AU$6.7 million.

At the time of writing, around 11 million people living in Australia are fully vaccinated. Of those people, 6.3 million have downloaded a digital vaccination certificate.

RELATED COVERAGE

from Latest Topic for ZDNet in... https://ift.tt/3umuFvi