that’s almost right

Lost the remote? Use your face | NetworkWorld.com Community

By using a combination of facial expression recognition software and automated tutoring technology Jacob Whitehill, a computer science Ph.D. student from UC San Diego’s Jacobs School of Engineering, is leading the project that ultimately is part of a larger venture to use automated facial expression recognition to make robots more effective teachers.

The researchers recently conducted a pilot test with 8 people that demonstrated information within the facial expressions people make while watching recorded video lectures can be used to predict a person’s preferred viewing speed of the video and how difficult a person perceives the lecture at each moment in time.

“If I am a student dealing with a robot teacher and I am completely puzzled and yet the robot keeps presenting new material, that’s not going to be very useful to me. If, instead, the robot stops and says, ‘Oh, maybe you’re confused,’ and I say, ‘Yes, thank you for stopping,’ that’s really good,” said Whitehill in a release.

Is there anything people can’t do with a little bit of image processing?

Merchants call credit card industry’s bluff on compliance | The Register

A poll of 65 merchants across Europe by NetIQ revealed that two years after the standard was introduced the majority of firms are still way off being compliant. Worse, the majority (54 per cent) have no timetable for getting up to speed. Only 17 per cent of respondents reckoned that they would be compliant within six to twelve months.

By comparison, 23 per cent of respondents to a similar survey of 300 US organisation said they were already PCI DSS compliant. However more than two in five (44 per cent) of those quizzed had no idea when they would achieve compliance.
…

Seven out of 10 of those quizzed by NetIQ reckoned that the penalties for non-compliance would only occasionally be levied, while 23 per cent said that fines would “almost never” be issued.

But wait, it gets better:

US grocery chain Hannaford warned in March that an information security breach (later blamed on malware) had exposed an estimated 4.2 million credit card records. Hannaford had achieved PCI DSS compliance prior to the breach but the approval process failed to uncover the flaws that led to the breach.

BBC NEWS | Middle East | Dubai plans ‘moving’ skyscraper

The 420-metre (1,378-foot) building’s apartments would spin a full 360 degrees, at voice command, around a central column by means of 79 giant power-generating wind turbines located between each floor.

And I sure hope they’ve done the analysis to prove it’s stable against interesting turn sequences.

Talking Points Memo | Court cuts judgment in Exxon Valdez disaster

The Supreme Court on Wednesday cut the $2.5 billion punitive damages award in the 1989 Exxon Valdez disaster to $500 million.
…

Justice David Souter wrote for the court that punitive damages may not exceed what the company already paid to compensate victims for economic losses, about $500 million compensation.
…

A jury decided Exxon should pay $5 billion in punitive damages. A federal appeals court cut that verdict in half.

2007 profits for Exxon: $40 billion. So that punitive damage bill is a little more than 1 percent of profits. I’m sure it will make the company ever so much more environmentally sensitive.

(And the thing is, I don’t love punitive damages because piling more money on the plaintiff is not necessarily the best way to make them more whole, but the Supremes’ ongoing insistence that the constitution bars courts from socking egregious tortfeasors for much more than provable economic damage to one plaintiff is just pernicious. The last case that went by said that more than 9x regular damages was suspect; now it appears that even-steven could be the rule. That’s not punitive, that’s just a cost of doing business. And to put it in even clearer counterpoint, it means that a company will pay less of a punitive addition to the damage bill for injuring people than for infringing a patent, which is triple damages.)

Researcher: NebuAd forges Google data packets | The Register

“There was an extra 133 bytes of JavaScript code being added to web pages being sent,” Topolski tells us. “It was being sent in a separate packet, and even though it wasn’t coming from Google, it was identified as being from www.google.com.”

That bit of JavaScript code, Topolski continued, instructed the browser to load additional script from the domain a.faireagle.com. FairEagle is a subsidiary of NebuAd, and one of the cookies that turned up on Topolski’s browser was tagged with that same domain.

In his report, Topolski compares this trick to several common hacking techniques, including a browser hijack, a cross-site scripting attack, and a man-in-the-middle attack. “NebuAd exploits normal browser and security behaviors by forging IP packets, allowing their own JavaScript code to be written into source code trusted by the web browser,” he writes. “NebuAd and ISPs together cooperate in this attack against the intentions of the consumers, the designers of their software and the owners of the servers that they visit.”

Google confirms that the extra cookies and the extra packets are not coming from its site. “The sections in [Robb Topolski's] report that talks about Google are accurate,” says company spokesman Michael Kirkland. “We’re obviously aware of this issue and are looking into it.”

Forging packets as coming from a (somewhat) trusted source and using it to load your own code into the browser? If any hacking group were doing it, the feds would be working to roll them up. But gosh, if there’s a contract with an ISP, there’s probably a clause in your terms of service that requires to to let yourself be pwned (unless it’s by someone the ISP doesn’t approve of, in which case you’ll be thrown off their network instead). Oh, and if it turns out there’s no such clause, that would mean your ISP could be engaged in a conspiracy to violate antihacking statutes for profit. Whee.

Bizarre Properties of Glass Revealed | LiveScience

The finding could lead to aircraft that look like Wonder Woman’s plane. Such planes could have wings of glass or something called metallic glass, rather than being totally invisible.

Then the bit about how glass flows (it doesn’t) and about how the crystalline nature of metals brought down the De Havilland Comet (it didn’t, or at least planes built from the same materials don’t fall out of the sky nearly as often when not stupidly designed) and on to some really garbled stuff about three-dimensional Penrose tilings. The underlying discovery might actually be true for some class of materials somewhere, but you sure couldn’t tell from this article.

But only if you make hand gestures while you do it.

Flirty texting could land Scots in jail for 10 years | The Register

The offence will be committed if someone sends an unsolicited text message to someone else which a court finds was designed to give the sender sexual gratification or to humiliate, distress or alarm the receiver.

Causing a person to see or hear an indecent communication is also an offence. It can be committed by reading “a passage in a book or magazine” or by communicating the sounds of actual or simulated sexual activity or by communicating in sign language.

It will be up to prosecutors and courts to decide which communications are serious enough to warrant the heavy jail terms,

I have mixed feeling about this. On the one hand harassment for sexual purposes is just as criminal as harassment for any other purpose. But in a country where judges can go easy on pedophiles who only boff particularly seductive six-year-olds, I don’t feel all that good about the discretion that’s going to be exercised.

BBC NEWS | Africa | Nigeria launches $10bn oil spree

But the real push to spend such a large chunk of money from the nation’s oil coffers came not from the public, but from state governors.

Haggling

Nigeria’s power grid has all but totally collapsed.

Investment and job creation are almost impossible without a reliable electricity supply. The government promised to repair it, and said it needs to spend some of the nation’s savings to do so.

But state governors refused to allow funds to be withdrawn without getting a share.

“It was necessary to carry the state governments along,” a Ministry of Finance spokesman said.

“They have to plug holes in their budgets or deliver programmes they have promised their people.”

But civil society activists say there might be a more sinister outcome - the money might be frittered away or stolen.

I feel sad about this story, because there’s such a strong undercurrent of opinion that Nigeria shouldn’t have a functioning electrical grid, because they broke the one they had, or something. Electricity is, as the article notes, an essential ingredient for economic development. And the country has $18 billion in oil revenues socked away, of which it plans to spend $5 billion for the power grid. But oh, no, this “spree” could result in inflation (even though an enormous chunk of the money will be going to foreign contractors).

And yeah, the other $5 billion for provincial governments: maybe ugh, maybe not. Without a little more detail we have no idea whether the activists are blowing smoke. But the overall impression I get is that the best thing according the the BBC would be for the $18 billion to keep sitting in banks in rich countries, drawing minimal interest, while Nigerians remain desperately poor and without the capital to help themselves.

The tragic story of 1st Sgt. Jeff McKinney - Army News, opinions, editorials, news from Iraq, photos, reports - Army Times

Studies by the Army, the Defense Department, Rand Corp. and others cite the same reasons why troops with mental health issues don’t seek help: fear of being seen as “weak,” inadequate access to care, concern that asking for help can hurt a career, and guilt about letting battle buddies go out on patrol without them.

Among the troubling factors is that, like McKinney, many of those who choose suicide aren’t young first-tour junior troops. Forty-seven percent of soldiers who have killed themselves in theater are older than 30. And half were in paygrades E-5 or above. Experts are concerned that it’s harder to spot signs of potential suicide in such war-hardened veterans.

McKinney’s family believes that if his chain of command had paid closer attention to the symptoms, his death might have been avoided. And they hope that by talking about it now, months after his death, they might help prevent other suicides.

This isn’t people who don’t know what war is about. It’s people who do. Read the whole damn thing. The whole story reeks of people who just didn’t want to see that there was any kind of problem, didn’t even bother to think that going without sleep for days on end is really a bad idea.

DIY Wiretapping: The Ultimate Guide (and How to Fight Back) - IT Security

Did you think wiretapping was just for the FBI and mobsters? It’s actually so easy that we can show you how to install and manage different wiretapping systems yourself.

* Tap in using your own phone: Listen to other people’s calls through your own basic telephone by hooking up your phone to a part of the original line that runs outside the house of your target. By cutting one of the plugs so that the red and green wires are exposed, you can figure out which part to plug into your phone and complete the connection.

PC World - Privacy Crusader Sues Virginia

Betty “BJ” Ostergren, a Virginia-based privacy advocate who has been fighting to stop county and state government offices from posting public records containing Social Security numbers and other personal records on their sites. As part of her campaign to publicize the issue, Ostergren has routinely downloaded documents containing Social Security numbers from county Web sites and reposted them on her own site .

Ostergren and the ACLU had previously said that a recent bill amending Virginia’s Personal Information Act would do nothing to prevent county governments in the state from posting documents without first redacting Social Security numbers and other sensitive days. Rather, she claimed , the measure seems to have been designed specifically to curtail her campaign to publicize and end that practice

BBC NEWS | UK | Magazine | 50 office-speak phrases you love to hate

‘You can’t have your cake and eat it, so you have to step up to the plate and face the music.’ It was in that moment I knew I had to resign before somebody got badly hurt by a pencil.”