3xpl0its.wmv

This last post of the semester is in response to Brendan’s “Some thoughts on Privacy and Data”. 

The first thing that came to mind when reading his post, was the concept of ‘victim blaming’: “the attempt to escape responsibility by placing the blame for the crime or other abuse at the hands of the victim” as defined by rationalwiki.org.

As Brendan himself says ” might come off as callous regarding some matters where people’s private information has been exposed …in that my initial response toward such breaches of security is generally to say ‘well, if they didn’t want X information to be distributed, why did they put it in vulnerable places in the first place?’  and to be honest, I could not come up with a better example of victim blaming myself. To me personally it is very reminiscent of the “well if you didn’t want to get raped, you shouldn’t have been wearing that” approach that rape victims get blamed with so often. Luckily, he goes on to say “certainly would not condone the theft, misuse, or distribution of anyone’s anything, no matter what the motivations of the thief may be.” which at least recognizes that this misuse is not the victim’s fault (so fortunately we can still stay friends 😉 )

Psychology Today had a very interesting article on victim blaming – which can be found here – that mentions how victim blaming is not only used to divert the blame away from the actual perpetrator, but as a way to explain why bad things happen to good people. I feel like this can also be said for privacy breaches, when good people get hacked and their privacy gets invaded, it’s because they didn’t look hard enough  for safer options, and it’s – in part – their fault.

Now I do agree that our technology definitely isn’t safe, and our online data is full of security holes and bugs. But you can’t blame someone for putting their information (which often is required and not optional) on unsafe technology, all technology is by definition hackable and not secure. As long as there is no better alternative, there’s no point in blaming the victim for what happened. I believe that, rather than saying they should not have put it in a vulnerable place in the first place, we should only blame the ones who actually broke the law to get to this information, and work towards ever more secure technology. We can’t expect every technology user to be well versed in cyber security, now can we? Or expect everyone to hide all of their possibly sensitive data from prying eyes, which is becoming and increasingly more difficult feat? If this is the way we should all handle our data, then I believe we’ll all turn into security obsessed hermits.

I also agree that there’s no point in acting surprised when a security breach does happen (we’re all aware that this can happen at any moment), but reacting with dissapointment and anger seems like the proper reaction to illegal activity of any kind.

 

Silence in the Library

So I’ve been talking with my best friend about the flaws of education. This is a topic that’s become increasingly relevant with my friends and even colleagues, as we all come closer to having to look for a job or something similar.

My best friend linked me to this article by Justin Gray which talks about how university does not prepare students for jobs by teaching them the wrong skills and not giving them enough useful experience.

We however both differed in our opinions of the writer and his proposed solutions. While my friend feels that he’s spreading a good messages, tackling the problems and offering legit solutions, I feel otherwise. I do agree that the lack of experience and the out-of-touch-skils at university need to change, but I don’t feel that he offers any useful solutions. Putting ‘business leaders’ in charge of a curriculum just does not seem like a good idea to me. For one, where are we going to find enough bussiness leaders who want to invest their precious time into making a curriculum? And what will this curriculum look like? I can imagine that these business leaders might just be slightly too preoccupied with ‘usefull skills’ to think about anything with academic or theoretical  value if their only goal is to raise good employees. Speaking of which, will this involvement of business people only be the case for any students they deem fit to be future employees? What about the rest of the fields that have no immediate follow-up career path, do we not deserve to learn useful skills and creativity? And how will these business people decide what skills to teach? Not every company has the same values or holds the same skills in high regard, let alone their way of working might be totally different from each other, so coming up with a comparable curriculum might prove difficult.

All round I think it’s a great idea to prepare students more for what comes after academic life, but a misguided call for more business people in academia does not seem like the right solution to me at all. Especially with the inflated self esteem this writer seems to have had while writing this article (I mean “As successful leaders, we need to make ourselves the solution. We are the teachers our students truly need, the successful practitioners who excel at the positions those students want to obtain. ” Come on , seriously?) , I just don’t feel confident that this is the solution we’re looking for.

Call me old fashioned, but I don’t believe in the interference of private businesses with academia.

“Operation: Annihilate!”

Hey everyone! Long time no crypto!

So after my journey into modulo math – which to be honest was not my favorite part – I had no idea what would be next. So I turned to my cryptography friend for some help, and it suddenly took an unexpected direction!

The next things he asked me to do was first open a three number lock, which surprisingly only took me about half an hour to learn by just pulling on the latch and finding which numbers clicked. Second was to find someone’s real name and adress based on nothing but an alias. The first two challenges here were Mark Peeters (whom most Leuven students will know 😉 ) and Landschip. However it turned out that both of these had put their real names online recently. So then he gave me a more personal challenge, to find out as much as I could of a mutual friend of ours.

Luckily he didn’t leave me without any resources! The process he wanted me to go through is called ‘Doxing’, which wikipedia calls “compiling and releasing a dossier of personal information on someone”. I have three websites to help me with  this challenge, allthough all are very similar they are of great help for a noob like me:

  1. http://www.irongeek.com/i.php?page=security%2Fdoxing-footprinting-cyberstalking
  2. http://thehackershow.webs.com/doxtutorial.htm
  3. https://ctrlaltnarwhal.wordpress.com/2012/10/21/how-to-dox-anyone/

One thing I have noticed online, is how immensely helpful this community is. They all seem very willing to come up with tips or solve each others’ problems (not always through legal ways however!). So one thing I can say to any of you trying to go through the same path that I’m on: Don’t be afraid to ask questions! There will likely be someone out there willing and capable to help you out.

Swan Song

So our last class of Introduction to Digital Humanities has passed. This semester honestly just flew by. I can’t believe we’re already halfway.

Last two classes consisted of presentations by the students, from big data to diversity to forming research questions, we’ve covered pretty much every topic we could think of.

One remark by Bram really stuck with me,  during the introduction to his presentation he said that in DH we tend to let the data determine our research questions instead of making a research question and then looking for data. And it’s true, contrary to anything I learned in psychology, we first look at what data we find interesting and then base our research questions on that.

Why would this be? Is this a wrong way to do research? Well my instincts from my previous years of university say that yes, this is wrong. You can’t just pick and choose data, or make your research question fit the data, that’s just bad science. However, when looking a bit further, the way DH handles data might be an exception to the way I was taught. I believe that the way we handle information comes from the sudden surge in resources at our availiblity. All of a sudden we have so many tools at our disposal, so many resources of great amounts of data, without having thought through what these could be used for. This is not out of a disregard for methods of scientific research, but rather an honest interest in all of the opportunities these fields present us. There’s so many interesting things out there waiting to be researched, so why limit ourselves to one research question? This is not a case of just picking data to suit our needs, but rather picking a subject to suit our interests, while still using data in the right way.

In conclusion, we may pick our sources of data as we see fit, but don’t misuse the data itself. As I’m sure my fellow students will agree, we  do this from a place of enthousiasm and interest, while still trying to do everything right.

Power Hungry

This blogpost will be a bit anecdotal and personal, in response to Kyle’s thoughts about academia in class, and Brendan’s blogpost on the same subject.

When I got enrolled in the bachelor of psychology in 2010, I had no idea I’d end up in this position in my life. I thought I’d finish my bachelor and master in psychology, and depending on what specialization I chose I’d either get to work in HR somewhere as an organizational psychologist, or in a hospital as a clinical psychologist. However, after half a year in my work and organizational psychology masters programme, I was so fed up with the entire culture and general atmosphere, that I decided to just stop that year. I could not feel happy in such a money-greedy environment, where people got reduced to ways to gain profit. I decided that this was not for me, and instead of studying something that would get me a well payed job, I’d find something that genuinely interests me.

Through some serendipity and luck, I stumbled on the Master of Arts in Gender and Diversity. It was completely new at the time and organized by five belgian universities together. People called me crazy for doing something so niche, but even during this year I felt that I would definitely be able to find someplace to work that suited me. After all, gender and diversity are becoming increasingly relevant and are ‘hot topics’ nowadays, and there were increasingly more jobs looking for ‘diversity experts’. Lucky me.

However, I felt like I wasn’t ready to start working quite yet, and I wanted to stay in academia for a while longer. My best friend had convinced me that I’d have been a great engineer student if i hadn’t started psychology, and I’d been trying out some coding on my own during the summer. When I found out there was a master of science in Digital Humanities coming next year, I felt like I couldn’t be more lucky. But I’ve felt this sense of dread slowly creeping up the further this academic year goes. I have no clue what I’d like to do after this point, and I’ve started taking everything into question. Do I want to start applying for jobs? Do I want to start something on my own? Or do I maybe – contrary to what has always been expected of me – continue into academia? Do I want to learn more about computer science, or do I want to take what I already know and apply it? Do I want to continue in gender, or work more broadly?

So many questions to answer, and so many variables at work. For me it’s never been about going into academia, becoming a professor was never something that was expected of me or something to aspire for. Mostly it was finding a good, well paying job. But the longer I study, the more I feel that this won’t be what will make me happy.

The question now is, what will?

Dirty Little Secret

My journey into classic cryptography is officially finished. Starting now, there will be a lot more maths involved. This became glaringly clear when my friend asked me if I knew what modular math was. I told him I’d heard of it (which is true, since every now and then we use the modulo in Python programming), but that’s about it.

As a consequence of my terrible lack of mathematical knowledge, I got sent to the Khan Academy course on modular arithmetic, which, to be honest, is quite dry and long, but luckily not all that difficult and very well explained. I’m working on the first challenge as we speak, and if I can figure this out after a whole two years of not having any math or statistics classes at all, I’m pretty sure everyone will be able to do this.

Cryptography turns out to be quite the complicated journey, but definitely not impossible. And as it happens, AFT Leuven is organising a Cyber Security workshop next monday, who knows, maybe this might be useful as well?

 

 

Paris

Unfortunately, our last class in Introduction to Digital Humanities wasn’t as cheerful and esoteric has it has been for the last few weeks. This class was riddled with grief and disbelief about the terrorist attack in Paris the week before. The minute of silence we shared that midday was a welcome moment of peace.

As we were all touched by such terrible acts so close to our homes, for some of us involving people we know, this subject set the tone for the discussions in class. This is how we started talking. With all of the fuss surrounding privacy and encryption, with governments tapping our phonecalls, reading our e-mails, checking all our internet traffic, how did they not see this attack coming? Is it true that we need more transparency, that governments should be allowed more freedom in our online lives?  What is the balance of privacy vs. safety we want to have?

Personally, I find this a very difficult dilemma. I’ve always been very opposed to the idea of the government having (almost) unrestricted access to all of our communications, especially when it’s without our knowledge or consent. The question then is, of course, is this worth more to me than being kept safe? In the light of recent discovery that the Paris attackers communicated via unencrypted text messages  my answer is a very convinced ‘yes’.

I believe encryption is not what should be focused on in times of threat. Communication on such a scale by terrorists more often than not happens unencrypted, and there are more than enough other weak spots that can be taken advantage of and that don’t involve the public’s private communication. Maybe I’ve read too many dystopian novels, maybe I’ve seen too many totalitarian government movies, but I would rather have my privacy and freedom than guaranteed safety.

 

“Those who surrender freedom for security will not have, nor do they deserve, either one.”

– Benjamin Franklin

Let Go, Let Gov

As promised, here’s an update on the cryptography challenge.

I’m ashamed to admit, I didn’t actually crack it. I had to call in help, and get some tips. Apparently it was a book cypher – one of the most popular and safe forms of classic cyphers –  which I should’ve quite easily figured out but didn’t. Anyhow, my friend gave me an explanation about how book cyphers work, all the pros and cons to make sure I understood. Without the actual book he used it would be impossible to decode anyway, which is why he said that not even the NSA could find out the what the message was.

So I guess we’ll never know what it said!

My next challenge was threefold, one ASCII, one binary and one hexadecimal. Clearly we’re starting to come to some more modern methods of encryption!

All three of these were actually pretty easy, once you know what languages they’re in you can find everything you need to decode it online, be it either the language itself so you can do it by hand, or just a decryption tool. For example, I used this website which had pretty much everything I needed.

Next week I’ll be looking further into the Khan academy course and see if I can find anything else online. Finding stuff to teach myself crypto proves a bit more difficult than I thought, especially given the limited amount of time I have!

 

Until next time,

Carole

Resistance

This monday in class, we spoke about one of my favorite topics: gender and diversity.

As most of you know by now, I have a masters degree in this exact subject. To say that I’m passionate about it, would be an understatement.

Many interesting subjects were discussed: intersectionality, politics of location, postcolonialsm … but the most interesting thing about the conversation I found to be the quote “All outside space is male space” made by our professor.

While I definitely believe this to be true, as did many of my female colleagues when bringing up examples of sexual harassment in public, I would go as far as to say that all public space is male space. This would include the outside (as for example happens in catcalling), but also public places like the gym, bars etc. Any of these public – not private – places cater to the dominant white men. Most of us women know the feeling of getting hit on at a bar while we’re just there to hang out with friends, rejecting men by saying we already have a boyfriend, or feeling very uncomfortable being watched in the gym. How many of us have doubted about what to wear so it wouldn’t give anyone “the wrong idea” ?

This public – private divide is not a new phenomenon, as we all know women’s place has always been in the private sphere of the house and family, while men took up functions in the public sphere, such as business and academia. While this gender divide certainly has diminished – luckily – some ideas and preconceptions still hold.

Fortunately, the women online are not just standing by and letting this happen! We all know of the ‘Hollaback‘ movement, and websites like SASSY show sexism in many places we did not immediately think of or would rather not believe. Things like ‘The Privilege Walk‘ on the other hand shows a more intersectional approach, which Buzzfeed has made beautifully clear in this video.

I’ll end this post with something I’ve always wanted to say to everyone I’ve met: Feminism is not about hating men. Feminism is about exposing injustices, and making you aware of your own privilege. It is not a hate movement, it is a movement for equality and progress. It is not about how you – as a cis man or white middle class person – have personally done wrong, it is about how the system we live in is outdated and wrong. It is not a personal attack on you, but it is a personal cry for justice from many.  Please just listen to our point of view, and educate yourself on the many subjects related to gender and diversity. A little learning never hurt anyone!

Number Crunch

Hello friend!

So remember my friend who’se been so kind as to help me learn cryptography? Well, he’s really outdone himself this time. He gave me a code and then mentioned that without hints, not even the NSA could solve it. So that’s a nice thing to hear before trying to decypher something!

Here’s the text: 15, 2 3,1 3,2 42 2 105 14 3,4 8,3 7,2 77,2 20,2 5 13 21, 1 10,3 15,1 19,4 18,1 9;2 9,1 3,3

He even made up a whole story to go with it!

“So this is the setting. You are an American spy. You know computer science has a double agent running around. After a lot of searching, the double agent was caught. However, he escaped. Before his escape he sent out one message to the Russians. Decipher the message to find out exactly what he knew. This is what your fellow agents told you: The agent loves cryptography and we know he sent the message from inside CS. Also, he sent the message in English. “

Unfortunately, I did not quite know what to do with it from the start. So he helped me out, by telling me to go through this wikipedia page, and find the one that has similar characteristics to the code he gave me.

I’ll be working on that this weekend, I’ll let you how it went!