IT Security Professional
3466 stories
·
71 followers

Stanford Seeks the 'Elimination of Harmful Language' Like 'American,' 'Stupid,' and…'Karen'

2 Comments and 3 Shares
Stanford University

Stanford University's IT department created a list of offensive terms and phrases accompanied by alternative recommendations. Until recently, the list was publicly available, but the university's website has made it password-protected after significant criticism.

"The Elimination of Harmful Language Initiative (EHLI) is a multi-phase, multi-year project to address harmful language in IT at Stanford," notes the list. "The goal of (EHLI) is to eliminate many forms of harmful language, including racist, violent, and biased (e.g., disability bias, ethnic bias, ethnic slurs, gender bias, implicit bias, sexual bias) language in Stanford websites and code."

The list, which was recently discovered—and ruthlessly mocked—by The Wall Street Journal will feel familiar to anyone who has ever encountered universities' microaggression reporting protocols. It includes somewhat outdated expressions with problematic racial origins that hardly anyone remembers, like "low man on the totem pole" and "long time no see." It also features many words and phrases that are inoffensive but could possibly be perceived as racial or gendered if you squinted at them long enough: "white paper," "webmaster," etc. The term "American" is disfavored on technical grounds, since not all Americans are denizens of the U.S.

Then there are a bunch of expressions to which the IT department objects because they are too vivid, including "beating a dead horse" and "take a stab at it." I would say that being against these terms is stupid or crazy, but both "stupid" and "crazy" are on the list as well.

The list also includes at least a few terms that were themselves preferred over supposedly more offensive options until very recently. A good example is "survivor," which used to appear as an acceptable substitute for "victim" but is apparently out of fashion: The IT department now prefers "person who has been impacted by." This is a good example of how attempts to make language more politically correct almost always involve making it more cumbersome.

But the list's runaway winner for most baffling inclusion is: "Karen," a term that only recently entered the cultural lexicon. Instead of saying "Karen," the IT department would like people to say "demanding or entitled White woman." (The latter strikes these ears as significantly more derisive, but I am not a Stanford guy, er, person.)

The Wall Street Journal story went viral—as entries in this category tend to—and was widely covered in conservative media. As always, one must note that neither Stanford nor other campuses are forcing students to stop saying these words. It is true, however, that dozens of schools have set up tip lines that explicitly permit students to report each other—and their teachers—for using harmful language. Unsurprisingly, Stanford is among them.

The post Stanford Seeks the 'Elimination of Harmful Language' Like 'American,' 'Stupid,' and…'Karen' appeared first on Reason.com.



Read the whole story
josephwebster
46 days ago
reply
What a bunch of Karens. Oh wait...
Denver, CO, USA
christophersw
48 days ago
reply
Baltimore, MD
Share this story
Delete
1 public comment
freeAgent
48 days ago
reply
Dear God, what is happening?
Los Angeles, CA

As Long as We’re on the Subject of CAPTCHAs

1 Comment and 6 Shares

There are these.

Read the whole story
josephwebster
51 days ago
reply
Damn...
Denver, CO, USA
christophersw
53 days ago
reply
Baltimore, MD
Share this story
Delete

Breaking: Police are terrible at their jobs.

jwz
1 Comment and 3 Shares
Denver police in SWAT gear raided Johnson's Montbello home looking for a stolen cellphone that had pinged in the area.

Johnson, in her bathrobe, opened her door when an officer on a bullhorn told anyone inside to come out. Officers carrying rifles stood on her lawn next to an armored tactical vehicle. One officer held the leash of a German shepherd K9.

Once inside her home, Johnson said, they smashed a door to her garage with a battering ram, broke apart a ceiling panel, broke the head off of a beloved collectible doll and left the house in disarray. [...]

The search warrant followed a report of a truck stolen from a Denver hotel. The owner of the truck said there were five handguns, a rifle, two drones, $4,000 in cash and an iPhone in the vehicle when it was stolen [...]

The following day the truck owner told Staab that he used the Apple "Find My iPhone" app [...] The truck owner rented a car and drove by Johnson's house and told Staab that he didn't see his truck but it could be in the garage. [...]

The search warrant never should have been approved, according to Johnson's lawsuit. Staab never tried to corroborate the truck owner's findings and never conducted an independent investigation before filing the request, the lawsuit states. The "Find My iPhone" app gives an approximate location and is not meant to be a law enforcement tool. [...]

"The screenshot offered no basis to believe McDaniel's iPhone was likely to be inside Ms. Johnson's house, rather than on any of several neighbors' properties, or discarded on a nearby street by a passing driver," the lawsuit states. [...]

The police department did not pay Johnson anything to repair the damage to her home, said Greg Brunson, Johnson's son. The family and their friends sent numerous emails to the department in the months after the incident asking for an apology but never received one, he said. [...]

The investigation into the stolen truck remains open and nobody has been arrested, Denver police spokesman Doug Schepman said.

Previously, previously, previously, previously, previously, previously, previously.

Read the whole story
josephwebster
64 days ago
reply
Yeah they have all that swell military surplus gear they're dying to use at every opportunity.
Denver, CO, USA
JayM
67 days ago
reply
Atlanta, GA
Share this story
Delete

LEGO Super Mario Level with 14 Motors

2 Comments and 3 Shares

This in-motion Super Mario LEGO build from Brandon Jones is absolutely epic! Check out this video interview from Beyond the Brick to learn more about the build and see it in action.

Beyond the Brick’s Joshua Hanlon talks with Brandon Jones about his LEGO Mario level displayed at BrickCon 2022.

Read the whole story
josephwebster
85 days ago
reply
Mario + Lego FTW!
Denver, CO, USA
JayM
87 days ago
reply
Neat
Atlanta, GA
Share this story
Delete

DeFi Platform Qubit Finance Begs Hacker To Return $80 Million In Stolen Funds

3 Comments
Qubit Finance took to Twitter last night to beg hackers to return more than $80 million in stolen cryptocurrency this week. ZDNet reports: On Thursday, the DeFi platform said their protocol was exploited by a hacker who eventually stole 206,809 binance coins from Qubit's QBridge protocol, worth more than $80 million according to PeckShield. An hour after the first message, the company explained that they were tracking the exploiter and monitoring the stolen cryptocurrency. They noted that they contacted the hacker and offered them the maximum bug bounty in exchange for a return of the funds, something a number of other hacked DeFi platforms have tried to middling success. They shared multiple messages on Twitter that they purportedly sent to the hacker offering a bug bounty of $250,000 and begging for a return of the stolen funds. "We propose you negotiate directly with us before taking any further action. The exploit and loss of funds have a profound effect on thousands of real people. If the maximum bounty offer is not what you are looking for, we are open to have a conversation. Let's figure out a situation," the Qubit Finance Team wrote. The company later explained in a blog post that their Qubit protocol "was subject to an exploit to our QBridge deposit function." [...] Blockchain security company CertiK released a detailed explanation of how the attack occurred and has been tracking the stolen funds as the hackers move them to different accounts. "For the non-technical readers, essentially what the attacker did is take advantage of a logical error in Qubit Finance's code that allowed them to input malicious data and withdraw tokens on Binance Smart Chain when none were deposited on Ethereum," CertiK explained.

Read more of this story at Slashdot.

Read the whole story
josephwebster
373 days ago
reply
Apparently there's more than ones born every minute.
Denver, CO, USA
christophersw
375 days ago
reply
Thank goodness these deposits were FDIC backed … oh… wait…
Baltimore, MD
dreadhead
371 days ago
Who needs regulations!
Share this story
Delete
1 public comment
ReadLots
373 days ago
reply
If this happens a few more thousand times, people might begin to suspect the crypto scene of not being a utopian vision of technological paradise. Maybe.

Norton 360 Now Comes With a Cryptominer – Krebs on Security

1 Comment

Norton 360, one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. Norton’s parent firm says the cloud-based service that activates the program and allows customers to profit from the scheme — in which the company keeps 15 percent of any currencies mined — is “opt-in,” meaning users have to agree to enable it. But many Norton users complain the mining program is difficult to remove, and reactions from longtime customers have ranged from unease and disbelief to, “Dude, where’s my crypto?”

Norton 360 is owned by Tempe, Ariz.-based NortonLifeLock Inc. In 2017, the identity theft protection company LifeLock was acquired by Symantec Corp., which was renamed to NortonLifeLock in 2019 (LifeLock is now included in the Norton 360 service).

According to the FAQ posted on its site, “Norton Crypto” will mine Ethereum (ETH) cryptocurrency while the customer’s computer is idle. The FAQ also says Norton Crypto will only run on systems that meet certain hardware and software requirements (such as an NVIDIA graphics card with at least 6 GB of memory).

“Norton creates a secure digital Ethereum wallet for each user,” the FAQ reads. “The key to the wallet is encrypted and stored securely in the cloud. Only you have access to the wallet.”

NortonLifeLock began offering the mining service in July 2021, and early news coverage of the program did not immediately receive widespread attention. That changed on Jan. 4, when Boing Boing co-editor Cory Doctorow tweeted that NortonCrypto would run by default for Norton 360 users.

NortonLifeLock says Norton Crypto is an opt-in feature only and is not enabled without user permission.

“If users have turned on Norton Crypto but no longer wish to use the feature, it can be disabled by temporarily shutting off ‘tamper protection’ (which allows users to modify the Norton installation) and deleting NCrypt.exe from your computer,” NortonLifeLock said in a written statement. However, many users have reported difficulty removing the mining program.

From reading user posts on the Norton Crypto community forum, it seems some longtime Norton customers were horrified at the prospect of their antivirus product installing coin-mining software, regardless of whether the mining service was turned off by default.

“How on Earth could anyone at Norton think that adding crypto mining within a security product would be a good thing?,” reads a Dec. 28 thread titled “Absolutely furious.”

“Norton should be DETECTING and killing off crypto mining hijacking, not installing their own,” the post reads. “The product people need firing. What’s the next ‘bright idea’? Norton Botnet? ‘ And I was just about to re-install Norton 360 too, but this has literally has caused me to no longer trust Norton and their direction.”

It’s an open question whether Norton Crypto users can expect to see much profit from participating in this scheme, at least in the short run. Mining cryptocurrencies basically involves using your computer’s spare resources to help validate financial transactions of other crypto users. Crypto mining causes one’s computer to draw more power, which can increase one’s overall electricity costs.

“Norton is pretty much amplifying energy consumption worldwide, costing their customers more in electricity use than the customer makes on the mining, yet allowing Norton to make a ton of profit,” tweeted security researcher Chris Vickery. “It’s disgusting, gross, and brand-suicide.”

Then there’s the matter of getting paid. Norton Crypto lets users withdraw their earnings to an account at cryptocurrency platform CoinBase, but as Norton Crypto’s FAQ rightly points out, there are coin mining fees as well as transaction costs to transfer Ethereum.

“The coin mining fee is currently 15% of the crypto allocated to the miner,” the FAQ explains. “Transfers of cryptocurrencies may result in transaction fees (also known as “gas” fees) paid to the users of the cryptocurrency blockchain network who process the transaction. In addition, if you choose to exchange crypto for another currency, you may be required to pay fees to an exchange facilitating the transaction. Transaction fees fluctuate due to cryptocurrency market conditions and other factors. These fees are not set by Norton.”

Which might explain why so many Norton Crypto users have taken to the community’s online forum to complain they were having trouble withdrawing their earnings. Those gas fees are the same regardless of the amount of crypto being moved, so the system simply blocks withdrawals if the amount requested can’t cover the transfer fees.

Norton Crypto. Image: Bleeping Computer.

I guess what bothers me most about Norton Crypto is that it will be introducing millions of perhaps less savvy Internet users to the world of cryptocurrency, which comes with its own set of unique security and privacy challenges that require users to “level up” their personal security practices in fairly significant ways.

Several of my elder family members and closest friends are longtime Norton users who renew their subscription year after year (despite my reminding them that it’s way cheaper just to purchase it again each year as a new user). None of them are particularly interested in or experts at securing their computers and digital lives, and the thought of them opening CoinBase accounts and navigating that space is terrifying.

Big Yellow is not the only brand that’s cashing in on investor fervor over cryptocurrencies and hoping to appeal to a broader (or maybe just older) audience: The venerable electronics retailer RadioShack, which relaunched in 2020 as an online-focused brand, now says it plans to chart a future as a cryptocurrency exchange.

“RadioShack’s argument is basically that as a very old brand, it’s primed to sell old CEOs on cryptocurrency,” writes Adi Robertson for The Verge.

“Too many [cryptocurrency companies] focused on speculation and not enough on making the ‘old-school’ customer feel comfortable,” the company’s website states, claiming that the average “decision-making” corporate CEO is 68 years old. “The older generation simply doesn’t trust the new-fangled ideas of the Bitcoin youth.”

Read the whole story
josephwebster
389 days ago
reply
Remove Norton from any system you have. Burn it and bury it.
Denver, CO, USA
jogi
382 days ago
+1
Share this story
Delete
Next Page of Stories