2018 National Assessment of Educational Progress (NAEP) in technology and engineering

2018 K12 NAEP Technology and Engineering Literacy (TEL)

https://twitter.com/naep_nces

Do U.S. students have the & skills and knowledge they need to succeed in the 21st century? Find out in the newly released NAEP Technology and Engineering Literacy Report Card.

Students who are literate in technology and engineering can use, understand, and evaluate technology. They can understand the technological principles and strategies that are needed to develop solutions and achieve goals. This includes students being able to use various technologies to communicate and collaborate.

Technology and engineering skills are an integral part of students’ everyday lives and will be critically important as they continue their educations and enter the workforce. Since technology is also integrated into other subjects, students require strong skills in this area to excel in all aspects of their coursework.

About the assessment
The computer-based assessment, administered to eighth grade public school students nationwide, asks students to complete collaborative, multimedia tasks and solve practical problems based in real-world contexts. It focuses on three major areas:

Technology & Society
Students’ understanding of the effects of technology on society and the natural world, which equips them to grapple with related ethical questions.

Design & Systems
Students’ understanding of engineering design processes, including basic aspects of managing everyday technology such as maintenance and troubleshooting.

Information & Communication Technology
Students’ ability to use technologies for accessing, creating, and communicating information, as well as facilitating creative expression.

ARTS https://www.nationsreportcard.gov/arts_2016/

Report Card 

Achievement Gaps Dashboard

State Profiles

State Performance Compared to the Nation: Data Table
Mathematics, Grade 4
Difference in average scale scores, percentage at or above Basic, percentage at or above Proficient, between all jurisdictions and National public, for All students [TOTAL], 2017

https://www.nagb.gov/naep-results/mathematics/2017-naep-reading-and-math-report.html

latest results

Educational CyberPlayGround, Inc. @NetHappenings 4-26-19

Hacker Finds He Can Remotely Kill Car Engines After Breaking Into GPS Tracking Apps By Lorenzo Franceschi-Bicchierai https://motherboard.vice.com/en_us/article/zmpx4x/hacker-monitor-cars-kill-engine-gps-tracking-apps

“I can absolutely make a big traffic problem all over the world,” the hacker said.
A hacker broke into thousands of accounts belonging to users of two GPS tracker apps, giving him the ability to monitor the locations of tens of thousands of vehicles and even turn off the engines for some of them while they were in motion, Motherboard has learned.
The hacker, who goes by the name L&M, told Motherboard he hacked into more than 7,000 iTrack accounts and more than 20,000 ProTrack accounts, two apps that companies use to monitor and manage fleets of vehicles through GPS tracking devices. The hacker was able to track vehicles in a handful of countries around the world, including South Africa, Morocco, India, and the Philippines. On some cars, the software has the capability of remotely turning off the engines of vehicles that are stopped or are traveling 12 miles per hour or slower, according to the manufacturer of certain GPS tracking devices.
By reverse engineering ProTrack and iTrack’s Android apps, L&M said he realized that all customers are given a default password of 123456 when they sign up. At that point, the hacker said he brute-forced “millions of usernames” via the apps’ API. Then, he said he wrote a script to attempt to login using those usernames and the default password. </>

Who would tap into the IFE to commandeer a plane?
https://www.wired.com/2015/05/feds-say-banned-researcher-commandeered-plane/
and
https://www.washingtonpost.com/news/morning-mix/wp/2015/05/18/hacker-chris-roberts-told-fbi-he-took-control-of-united-plane-fbi-claims/

World Wide 
No one trusts evil bankers
No one trusts Wall Street
No one trusts the riches families in the world  to protect the environment
No one trusts technology monopolies to protect democracy
No one trust Politicians from either side
No one trusts the supreme court
No one trusts government that leaves people on the streets with no access to shelter, food, hygiene, etc., which is clearly inhumane.
No one trusts Wealthy people doing GoFundMe’s to stop shelters from being built.
No one trusts a country where $117,400 a year is considered low-income in San Francisco, where the median sale price of a two-bedroom is $1.3 million
No one trusts governance by  antitrust laws will protect democracy

‘The Next Backlash Is Going to Be Against Technology’
https://foreignpolicy.com/2019/04/25/the-next-backlash-is-going-to-be-against-technology-dani-rodrik-trade-interview/

Flash Crash Fears Haunt Traders Ahead of 10-Day Japan Break
https://www.bloomberg.com/news/articles/2019-04-25/margin-traders-in-japan-pile-into-yen-longs-as-golden-week-nears

Toward an Information Operations Kill Chain By Bruce Schneier
https://www.lawfareblog.com/toward-information-operations-kill-chain

Easier Than Robbing A Bank:’ City of Chicago Almost Lost More Than $1 Million In Phishing Scam
The City of Chicago’s Department of Aviation thought it was paying an approved vendor more than $1 million for services earlier this year.
But your tax dollars didn’t reach them. The money almost went to what appeared to be a phishing scam that police are now investigating as a business email compromise.
While the city recovered the money, the incident almost cost taxpayers seven figures and raises red flags about the integrity of Chicago’s cyber-security system.
https://chicago.cbslocal.com/2019/04/18/chicago-department-of-aviation-phishing-scam/

Why Won’t @Jack Twitter Treat White Supremacy Like ISIS? Because It Would Mean Banning Some Republican Politicians Too by Joseph Cox and Jason Koebler
A Twitter employee who works on machine learning believes that a proactive, algorithmic solution to white supremacy would also catch Republican politicians.
At a Twitter all-hands meeting on March 22, an employee asked a blunt question: Twitter has largely eradicated Islamic State propaganda off its platform. Why can’t it do the same for white supremacist content?
https://motherboard.vice.com/en_us/article/a3xgq5/why-wont-twitter-treat-white-supremacy-like-isis-because-it-would-mean-banning-some-republican-politicians-too

Fort Bragg cut power for thousands to test ‘real-world reactions’ to a cyber-attack By Mark Price
The Charlotte Observer
April 25, 2019
Fort Bragg in North Carolina says the Army base had a “blackout” for more than 12 hours overnight Wednesday as part of a cyber-attack military exercise that came as a complete surprise to its tens of thousands of residents.
The fort, which the Army says is the world’s largest military base, says it cut off the electricity “to identify shortcomings in our infrastructure, operations and security.”
“Fort Bragg has to train for any possible threats to the installation in order to remain mission capable,” said a post on Fort Bragg’s Facebook page just after 11 a.m.
“This exercise was not announced in order to replicate likely real-world reactions by everyone directly associated with the installation. In today’s world, cyber-attacks are very likely. This exercise is exactly what we needed to do to identify our vulnerabilities and work to improve our security and deployment posture.”
https://www.charlotteobserver.com/news/local/article229662514.html

 

The Perfect Storm For All the Internet

In 1994 the Internet was allowed to become commercialized. From the perfect ivory tower of and Hippie Culture of love, honesty, and making the world a better place they powers allowed commercial activity for the first time.

Ooops the grandfathers of the internet, who along with others knew full well what “Smart thinkers” were capable of  ie: the bomb…… they let the little thing called security get away from them… so yeah the net will N E V E R be secure PERIOD!

AND since the same people don’t think regulation is of much use because (any excuse you want)  …. you know they’ve only NOW come to say out loud that those liars and thieves who were supposed to “do no evil” and would be sure to “police themselves” might in fact act like the criminals  celebrated by wall street

Imagine all those original fathers of the internet with all their IQ points,  educations, national experience and  those awards!

WHAT did they actually do to all of us? Please remind me. . . . .

2019 THE PERFECT STORM

 

Lost faith in Facebook and Instagram after data leakages, breaches and too much noise? Here’s a guide to breaking up with the social network and its photo-sharing app for good.

N.Y. Attorney General to Probe Facebook’s Collection of User Email Addresses: NYT

https://www.thedailybeast.com/new-york-attorney-general-to-probe-facebook-collection-of-users-email-contacts-nyt

 

 

THE FOUR WOMEN WHO ARE SAVING DEMOCRACY #Antitrust #Law #Fail

Lina Kahn, Dina Srinivasa, Shoshana Zuboff, Carole Cadwalla

THE FOUR WOMEN WHO ARE SAVING DEMOCRACY

#Antitrust #Law #Fail Kills Our Democracy

Antitrust law is failing to secure our freedom, our markets, our right to self-determination, our competition, and our fundamental rights.

Lina Kahn  Amazon’s Antitrust Paradox, which showed how Ronald Reagan’s antitrust policies, inspired by ideological extremists at the University of Chicago’s economics department, had created a space for abusive monopolists who could crush innovation, workers’ rights, and competition without ever falling afoul of orthodox antitrust law.

The Antitrust Case Against Facebook ~ Dina Srinivasan

Can Antitrust Law Rein in Facebook’s Data-Mining Profit Machine? ~ Dina Srinivasan

The Antitrust Case Against Facebook: a turning point in the debate over Big Tech and monopoly ~  CORY DOCTOROW

Shoshana Zuboff’s Surveillance Capitalism machine learning creates devastating behavior modification tools that allow tech companies to manipulate us so thoroughly that we’re in danger of losing our free will.

Srinivasan shows how Facebook came to dominate our online discourse through activities that would have been prohibited under pre-Reagan theories of antitrust, and how, prior to these monopolistic tactics, Facebook was not able to conduct surveillance on its users, having to contend with multiple, bruising PR disasters and user revolts when it tried to do so.

Moreover, Facebook’s monopoly has enabled a series of moves that worsened its impact on our democracy and our markets: once Facebook became the dominant means by which people learned about the news, media companies were forced to use Facebook to promote their work, and to put Facebook tracking beacons (AKA “Like buttons”) on every article, giving Facebook the power to build ever widening dossiers on 2.3 billion users.

And since Facebook also became the dominant means by which users discovered many kinds of products, merchants also put Like buttons and engaged in other surveillant integrations with Facebook, allowing Facebook to monopolize intelligence about ad performance — that is, when an click on a Facebook ad yielded up a sale, Facebook often knew about it — and this allowed the company to charge more for ads, and to tighten its grip over the ad marketplace.

Handmaidens to Authoritarism,  #Mercer, #Zuckerberg, #Sandberg, #Page, #Brinn, #Dorsey

https://cyberplayground.org/2019/04/22/mercer-zuckerberg-sandberg-page-brinn-dorsey-handmaidens-to-authoritarism/

How Facebook Broke Democracy

THEY INVITED THE FOX INTO THE HEN HOUSE

THEY ALL HER SPEAK AT THE TED TALK

In an unmissable talk, journalist Carole Cadwalla  digs into one of the most perplexing events in recent times: the UK’s super-close 2016 vote to leave the European Union.

Esteemed Reporter Pulitzer finalist Carole #Cadwalla

My TED talk: how I took on the tech titans in their lair

Mercer, Zuckerberg, Sandberg, Page, Brinn, Dorsey Handmaidens to Authoritarism

FIND A #JOB: Cybersecurity talent gaps exist across the country.

Resources for High School Students Interested in Cyber Security

Summer Camps are a great introduction to cyber security.
Online Courses are the next step to growing knowledge and experience, while at the same time learn more about a potential career path.

Hackathons are the playground for testing how far you’ve come.

Many internship programs available to exact academic paths/interest. Generally speaking, cyber security degree seeking students may pursue positions at the CIA in STEM, Clandestine, Analysis, or Enterprise and Support Roles.

Must apply senior year in high school. Rigorous application process includes polygraph, mental health evaluation, financial need, background checks, high academic marks, abstinence from drugs, and more. Successful applicants will be provided a salary as well as have tuition covered up to a certain price. Successful applicants will work at the CIA in summers and continue to work for the CIA after graduation.

Meet the Terabytches: Fergus students prep for cyber security competition
‘We’re like the biggest collective knowledge in a girls’ team,’ Emily Younghans says

MOST Inexpensive Colleges With the Highest Graduation Rate

NEED A #JOB: https://www.cyberseek.org/heatmap.html

TOP CYBERSECURITY JOB TITLES
  • Cyber Security Engineer
  • Cyber Security Analyst
  • Network Engineer / Architect
  • Cyber Security Manager / Administrator
  • Systems Engineer
  • Software Developer / Engineer
  • Systems Administrator
  • Vulnerability Analyst / Penetration Tester
  • Cyber Security Consultant

11 federal agencies help start Cybersecurity Talent Initiative

11 federal agencies help start Cybersecurity Talent Initiative

Why Mar-a-Lago is a counterintelligence nightmare

Imagine that the White House, instead of a fortress, were an opulent country club.

If you pony up a US$200,000 nonrefundable initiation fee, you can have the run of the place.

Wander the halls. Drop in any time on the West Wing, the Oval Office, the Situation Room.

Chat freely with the US President’s family and advisers, listen in on national security conversations with foreign leaders, even snap a selfie with POTUS himself.

Take it all in – actually, feel free to record it if you like.

Welcome to the Mar-a-Lago club, known in US President Donald Trump’s circles as the winter White House, in Palm Beach, Florida.

https://www.nzherald.co.nz/world/news/article.cfm?c_id=2&objectid=12221320

A proposed “sovereign internet” law currently working its way through Russia’s government.

Russia wants to cut itself off from the global internet. Here’s what that really means.

The plan is going to be tricky to pull off, both technically and politically, but the Kremlin has set its sights on self-sufficiency.
By Charlotte Jee
Mar 21 2019
<https://www.technologyreview.com/s/613138/russia-wants-to-cut-itself-off-from-the-global-internet-heres-what-that-really-means/>

In the next two weeks, Russia is planning to attempt something no other country has tried before. It’s going to test whether it can disconnect from the rest of the world electronically while keeping the internet running for its citizens. This means it will have to reroute all its data internally, rather than relying on servers abroad.

The test is key to a proposed “sovereign internet” law currently working its way through Russia’s government. It looks likely to be eventually voted through and signed into law by President Vladimir Putin, though it has stalled in parliament for now.

Pulling an iron curtain down over the internet is a simple idea, but don’t be fooled: it’s a fiendishly difficult technical challenge to get right. It is also going to be very expensive. The project’s initial cost has been set at $38 million by Russia’s financial watchdog, but it’s likely to require far more funding than that. One of the authors of the plan has said it’ll be more like $304 million, Bloomberg reports, but even that figure, industry experts say, won’t be enough to get the system up and running, let alone maintain it.

Not only that, but it has already proved deeply unpopular with the general public. An estimated 15,000 people took to the streets in Moscow earlier this month to protest the law, one of the biggest demonstrations in years.

Operation disconnect

So how will Russia actually disconnect itself from the global internet? “It is unclear what the ‘disconnect test’ might entail,” says Andrew Sullivan, president and CEO of the Internet Society. All we know is that if it passes, the new law will require the nation’s internet service providers (ISPs) to use only exchange points inside the country that are approved by Russia’s telecoms regulator, Roskomnadzor.

Operating hours Mon-Thu 8:30-17:30 Fri 8:30-16:15

+7 (495) 987-68-00

These exchange points are where internet service providers connect with each other. It’s where their cabling meets at physical locations to exchange traffic. These locations are overseen by organizations known as internet exchange providers (IXPs). Russia’s largest IXP is in Moscow, connecting cities in Russia’s east but also Riga in neighboring Latvia.

MSK-IX, as this exchange point is known, is one of the world’s largest. It connects over 500 different ISPs and handles over 140 gigabits of throughput during peak hours on weekdays. There are six other internet exchange points in Russia, spanning most of its 11 time zones. Many ISPs also use exchanges that are physically located in neighboring countries or that are owned by foreign companies. These would now be off limits. Once this stage is completed, it would provide Russia with a literal, physical “on/off switch” to decide whether its internet is shielded from the outside world or kept open.

What’s in a name?

As well as rerouting its ISPs, Russia will also have to unplug from the global domain name system (DNS) so traffic cannot be rerouted through any exchange points that are not inside Russia.

The DNS is basically a phone book for the internet: when you type, for example, “google.com” into your browser, your computer uses the DNS to translate this domain name into an IP address, which identifies the correct server on the internet to send the request. If one server won’t respond to a request, another will step in. Traffic behaves rather like water—it will seek any gap it can to flow through.

“The creators of the DNS wanted to create a system able to work even when bits of it stopped working, regardless of whether the decision to break parts of it was deliberate or accidental,” says Brad Karp, a computer scientist at University College London. This in-built resilience in the underlying structure of the internet will make Russia’s plan even harder to carry out.

The actual mechanics of the DNS are operated by a wide variety of organizations, but a majority of the “root servers,” which are its foundational layer, are run by groups in the US. Russia sees this as a strategic weakness and wants to create its own alternative, setting up an entire new network of its own root servers.

“An alternate DNS can be used to create an alternate reality for the majority of Russian internet users,” says Ameet Naik, an expert on internet monitoring for the software company ThousandEyes. “Whoever controls this directory controls the internet.” Thus, if Russia can create its own DNS, it will have at least a semblance of control over the internet within its borders.

This won’t be easy, says Sullivan. It will involve configuring tens of thousands of systems, and it will be difficult, if not impossible, to identify all the different access points citizens use to get online (their laptops, smartphones, iPads, and so on). Some of them will be using servers abroad, such as Google’s Public DNS, which Russia simply won’t be able to replicate—so the connection will fail when a Russian user tries to access them.

[snip]

Could someone really destroy the whole Internet?  YES

The Internet is more than just a technology. It is a domain similar to the domains of land, air, sea and space, but with its own distinct challenges.

WHO CONTROLS THE INTERNET?

The whole internet is controlled by seven actual, physical keys. – The key issue with internet governance is always trust, which is ridiculous.

WHO MANAGES THE INTERNET’S ADDRESS BOOK?
BY VINT CERF Vint Cerf summarizes the transition of ICANN.

THE NET IS A WORLD OF ENDS. The Internet is a “network of networks” of computers. It was born on Oct. 29, 1969, when a UCLA student programmer sent a message from his computer to one at Stanford.

Amazon (sub)Prime? allows any third party to supply inventory into commingled stock. By Izabella Kaminska

Amazon (sub)Prime?

By Izabella Kaminska
Mar 20 2019
<https://ftalphaville.ft.com/2019/03/20/1553085361000/Amazon–sub-Prime-/>

The following is the first in a two-part post about Amazon’s dependence on an obscure process known as commingling, which has become essential to underpinning its instant fulfilment services, especially its Prime offering.

If you work in finance, the concept of commingling and its cost benefits will be instantly recognizable. But so will its risks.

And it’s these sorts of risks that are now creeping into the entire Amazon system due to the online retailer’s open-ended fulfillment structure, which allows any third party to supply inventory into commingled stock.

Not only is commingling becoming a means by which a huge number of sub-par or counterfeited goods are entering the Amazon network, it’s arguably the reason why Amazon is being forced to take increasingly extreme steps to take control of its suppliers.

As it does so, it turns itself back into a conventional vertically-integrated retailer like Tesco or Walmart, losing much of the scaling, and cost advantages, associated with its “Fulfilled by Amazon” model (FBA). This also forces an ever greater “unapproved” seller network to deal in the increasingly cut-throat dynamics of its wider marketplace offering. 

The consequences of all this, as we will explain, are glaring.

Unless you make your money from selling stuff on Amazon, chances are you won’t have heard of an FNSKU. The acronym stands for Fulfilment Network Stock Keeping Unit and represents a location identifier for products sitting in Amazon warehouses. This, to all intents and purposes, equates to an Amazon barcode. 

If you’re a seller on Amazon’s marketplace who has chosen to be fulfilled by Amazon’s warehouse system (a scenario which sees Amazon dispatching the seller’s products on their behalf from its warehouses) you will always need an FNSKU.

Apart from the times you don’t.

At such times all you need is a manufacturer code. And it’s these instances, sellers tell FT Alphaville, that are introducing a counterfeiting vulnerability into the Amazon system.

Not using an FNSKU is appealing for sellers. It means products sourced from manufacturers do not have to be relabelled, ensuring they can be sent into Amazon’s network directly, saving time and money. Sellers who have chosen to be fulfilled by Amazon otherwise add an additional logistical layer into their operations if they have to relabel the goods independently. 

Using manufacture bar codes also means products are more likely to qualify for Amazon Prime classification, pushing them higher up the search rankings.

Sellers tell FT Alphaville that, as it stands, the Amazon system seems to structurally incentivise the use of manufacturer codes over FNSKUs as a result. Indeed, Amazon itself promotes the fact that the process speeds up delivery in its own literature:

If multiple sellers have inventory with the same manufacturer barcode, Amazon may fulfil orders using products with that barcode when those products are closest to the customer.

This happens regardless of which seller actually receives a customer’s order. We use this process to facilitate faster delivery.

COMMINGLING

But there is an important downside. Not using FNSKUs turns sellers’ products into cold, hard commodities which are treated as fungible with equivalent products sent into the system. This happens because of a process called commingling.

How does commingling work and why is it important to the Amazon Prime model?

If you have ever wondered how it is possible for Amazon Prime to guarantee 24, or 48, hour delivery for a hugely diverse range of products, the answer is commingling.

In its simplest and idealised form, commingling allows sellers to share inventory to the mutual benefit of all, especially with respect to speed of dispatch.

The larger the geographic area, the more effective commingling becomes. In the US, for example, a seller who supplies an Amazon warehouse in Florida can — thanks to commingling — fullfil a customer living in Minnesota as easily as customers in their home state.

To explain, consider that the time it might ordinarily take to deliver to a Minnesotan from Florida is bound by the physical limitations of travel. In other words, there’s no way a parcel can arrive more quickly than via a plane. That’s its effective speed of light limit.

However, if the buyer’s parcel can be dispatched from an equivalent commingled stock just around the corner, this theoretical speed of light limit can be broken.

<SNIP>

<If you label your commingle units by printing labels from your inventory page, and ship them with labels where you said to commingle, Amazon will likely delay your items being received and provide a warning to you about shipping items with labels when you said you want to commingle your inventory.>

<There are some inherent risks involved with using the stickerless commingled inventory option.  The main risk is the loss of control of the item that the end customer receives.  In addition to this there is the risk that there are counterfeit products that were sent in by other sellers, or sellers that are trying to pass off items as new that should be listed as used.  The problems arise when one of these counterfeit items or less than new items are sent to a customer that orders from you.>

<august 12, 2017
I ordered the top-rated eclipse glasses on Amazon a few months ago and they were counterfeit. If you put them on during daytime you can see indirect sunlight and even my kitchen light. They were shipped from China despite having “Made in the USA” markings and all the proper ISO certification fine print. I haven’t received any communication from Amazon, so people who haven’t heard from them should not assume their glasses are safe (contrary to Amazon’s statement). I contacted Amazon support and they were quick to initiate a refund. For some reason Amazon rejected my review warning that items from third party sellers may be counterfeit and explaining how to tell.
Here are a couple photos of the counterfeits>

Social media, infowar, cyber and human security and ethics

google

 

 

 

 

From last year’s , but still cogent. With , and .

How hackers pulled off a $20 million bank heist

https://arstechnica.com/information-technology/2019/03/how-hackers-pulled-of-a-20-million-bank-heist/

By Lily Hay Newman
Wired.com
3/17/2019

In January 2018 a group of hackers, now thought to be working for the North Korean state-sponsored group Lazarus, attempted to steal $110 million from the Mexican commercial bank Bancomext. That effort failed. But just a few months later, a smaller yet still elaborate series of attacks allowed hackers to siphon off 300 to 400 million pesos, or roughly $15 to $20 million from Mexican banks. Here’s how they did it.

At the RSA security conference in San Francisco last Friday, penetration tester and security advisor Josu Loza, who was an incident responder in the wake of the April attacks, presented findings on how hackers executed the heists both digitally and on the ground around Mexico. The hackers’ affiliation remains publicly unknown. Loza emphasizes that while the attacks likely required extensive expertise and planning over months, or even years, they were enabled by sloppy and insecure network architecture within the Mexican financial system, and security oversights in SPEI, Mexico’s domestic money transfer platform run by central bank Banco de México, also known as Banxico.