A short video summarizing some of the most important characteristics of students today - how they learn, what they need to learn, their goals, hopes, dreams, what their lives will be like, and what kinds of changes they will experience in their lifetime. Created by Michael Wesch in collaboration with 200 students at Kansas State University.
Wow !
Thursday, March 20, 2008
Monday, March 3, 2008
IBTS and the Missing Laptop - Part III
I e-mailed the IBTS regarding this decrypt-recrypt thing, here's what I got;
from "Corrigan, Arthur"
to Damian Gordon
cc "Bowler, Patrick"
date 3 Mar 2008 08:20
subject Missing laptop
mailed-by ibts.ie
Dear Damian
Thank you for your recent email in relation to the stolen laptop in New York. The reason the information on the laptop was re-encrypted because the IBTS had provided the New York Blood Centre the data on an 256 bit encrypted CD and in order to load this information on to laptop they had to decrypt it and then re-encrypt it again as it was being loaded on to the laptop.
I hope this answers your query.
Regards,
Arthur Corrigan
IT Manager
Irish Blood Transfusion Service
This really didn't make a lot of sense to me, so I sent this;
from Damian Gordon
to "Corrigan, Arthur"
date 3 Mar 2008 16:18
subject Re: Missing laptop
mailed-by gmail.com
Hi,
I'm not trying to be difficult about this but I really don't understand what you mean, in your original email you said "The reason the information on the laptop was re-encrypted because the IBTS had provided the New York Blood Centre the data on an 256 bit encrypted CD and in order to load this information on to laptop they had to decrypt it and then re-encrypt it again as it was being loaded on to the laptop."
I don't get this, why couldn't they upload encrypted data onto the laptop from the CD, that shouldn't be an issue. You can copy encrypted data from a CD to a laptop without having to do this.
My main problem is this, if the CD was decrypted and re-encrypted "on the fly" or whatever, the reality is that as it was being decryped the results of that information had to be stored somewhere, to allow that data to be again re-encrypted, and chances are that it was on the virtual memory of the laptop. So even if there was never a file created on the laptop with the decrypted data, the decryption process had to happen somewhere, and if it was on the virtual memory of the laptop, then it could be possible to restore that data.
I would be very grateful if you could check for me exactly why the data had to be de-crypted and re-encrypted, and is it possible that it occured in the virtual memory of the laptop,
many thanks,
Damian
Looking forward to their response.
from "Corrigan, Arthur"
to Damian Gordon
cc "Bowler, Patrick"
date 3 Mar 2008 08:20
subject Missing laptop
mailed-by ibts.ie
Dear Damian
Thank you for your recent email in relation to the stolen laptop in New York. The reason the information on the laptop was re-encrypted because the IBTS had provided the New York Blood Centre the data on an 256 bit encrypted CD and in order to load this information on to laptop they had to decrypt it and then re-encrypt it again as it was being loaded on to the laptop.
I hope this answers your query.
Regards,
Arthur Corrigan
IT Manager
Irish Blood Transfusion Service
This really didn't make a lot of sense to me, so I sent this;
from Damian Gordon
to "Corrigan, Arthur"
date 3 Mar 2008 16:18
subject Re: Missing laptop
mailed-by gmail.com
Hi,
I'm not trying to be difficult about this but I really don't understand what you mean, in your original email you said "The reason the information on the laptop was re-encrypted because the IBTS had provided the New York Blood Centre the data on an 256 bit encrypted CD and in order to load this information on to laptop they had to decrypt it and then re-encrypt it again as it was being loaded on to the laptop."
I don't get this, why couldn't they upload encrypted data onto the laptop from the CD, that shouldn't be an issue. You can copy encrypted data from a CD to a laptop without having to do this.
My main problem is this, if the CD was decrypted and re-encrypted "on the fly" or whatever, the reality is that as it was being decryped the results of that information had to be stored somewhere, to allow that data to be again re-encrypted, and chances are that it was on the virtual memory of the laptop. So even if there was never a file created on the laptop with the decrypted data, the decryption process had to happen somewhere, and if it was on the virtual memory of the laptop, then it could be possible to restore that data.
I would be very grateful if you could check for me exactly why the data had to be de-crypted and re-encrypted, and is it possible that it occured in the virtual memory of the laptop,
many thanks,
Damian
Looking forward to their response.
Friday, February 29, 2008
IBTS and the Missing Laptop - Part II
Just got a call from the IBTS to clarify the situation for me, here are the highlights;
1. Yes, the IBTS knew that employees of the NYBC would be transporting confidential data around on their laptops and bringing it home because they would have to be working late hours on this project, so the IBTS gave them permission to do this.
2. Regarding the statement in the letter that the data was "encrypted with a 256-bit encryption. Those records were transferred to a laptop and re-encrypted with a 256-bit encryption", the person I spoke to said that he didn't really know what that actually meant, maybe the data was unencrypted at some stage and maybe it wasn't, but was happy to confirm that, yes, the laptop mentioned here was the laptop that was stolen.
3. I queried the statement "To our knowledge there has never been a report of a successful attack against a 256-bit encryption key.", he said that this was what he had been told by the NYBC and they took care of all of the encryption stuff.
1. Yes, the IBTS knew that employees of the NYBC would be transporting confidential data around on their laptops and bringing it home because they would have to be working late hours on this project, so the IBTS gave them permission to do this.
2. Regarding the statement in the letter that the data was "encrypted with a 256-bit encryption. Those records were transferred to a laptop and re-encrypted with a 256-bit encryption", the person I spoke to said that he didn't really know what that actually meant, maybe the data was unencrypted at some stage and maybe it wasn't, but was happy to confirm that, yes, the laptop mentioned here was the laptop that was stolen.
3. I queried the statement "To our knowledge there has never been a report of a successful attack against a 256-bit encryption key.", he said that this was what he had been told by the NYBC and they took care of all of the encryption stuff.
IBTS and the Missing Laptop - Part I
Yipee, it's like winning the lottery, I just got a letter today from the Irish Blood Transfusion Service (IBTS) telling me some great news, my donor records were one of the 171,324 records that were on a laptop that was stolen in New York on 7th February.
I have been dreading this since the news broke on the Irish news over a week ago. In summary, the IBTS 'loaned' this data to the New York Blood Centre (NYBC) because they need a new data extraction tool that it seems no one in Ireland is capable of developing. An employee of the NYBC had a copy of the data on his laptop and lost the laptop when he was mugged outside of his home. I find it very disturbing that anyone was allowed to bring this type of data outside of a secure centre.
According to the letter I recieved the data was "encrypted with a 256-bit encryption. Those records were transfered to a laptop and re-encrypted with a 256-bit encryption", what does this mean? Why did it have to be re-encrypted, does this mean at some point the data was unencrypted? If it was, and this is the same laptop that was stolen, that is bad news.
But it's OK because according to the CEO of the IBTS Andrew Kelly the chances of decrypting this information is "extremely remote", and, "To our knowledge there has never been a report of a successful attack against a 256-bit encryption key." He should read the 2005 paper "Cache Attacks and Countermeasures: the Case of AES" by Dag Arne Osvik, Adi Shamir and Eran Tromer who in one attack managed to obtain an entire 256-bit AES key after 65 milliseconds.
The Data Protection Commissioner undertook an investigation of the entire event and according to their conclusions the IBTS seems to have done everything correctly, well that's alright so.
I have been dreading this since the news broke on the Irish news over a week ago. In summary, the IBTS 'loaned' this data to the New York Blood Centre (NYBC) because they need a new data extraction tool that it seems no one in Ireland is capable of developing. An employee of the NYBC had a copy of the data on his laptop and lost the laptop when he was mugged outside of his home. I find it very disturbing that anyone was allowed to bring this type of data outside of a secure centre.
According to the letter I recieved the data was "encrypted with a 256-bit encryption. Those records were transfered to a laptop and re-encrypted with a 256-bit encryption", what does this mean? Why did it have to be re-encrypted, does this mean at some point the data was unencrypted? If it was, and this is the same laptop that was stolen, that is bad news.
But it's OK because according to the CEO of the IBTS Andrew Kelly the chances of decrypting this information is "extremely remote", and, "To our knowledge there has never been a report of a successful attack against a 256-bit encryption key." He should read the 2005 paper "Cache Attacks and Countermeasures: the Case of AES" by Dag Arne Osvik, Adi Shamir and Eran Tromer who in one attack managed to obtain an entire 256-bit AES key after 65 milliseconds.
The Data Protection Commissioner undertook an investigation of the entire event and according to their conclusions the IBTS seems to have done everything correctly, well that's alright so.
Tuesday, February 5, 2008
The Dangers of Teaching
I have just finished teaching a module on the D.I.T.'s MSc in Applied eLearning, which I really enjoyed doing. I always approach the idea of teaching other teachers or lecturers with a bit of trepidation since I never know what sort of interaction I’m going to get. It is one of the problems of being a lecturer or teacher that in your job you become used of coming into a room and everyone becoming silent and taking notes on everything you say. This can sometimes lead teachers to conclude that even in non-work situations they always have something significant or important to say. Round Table journal comparing Eamon de Valera to a teacher said ”He can lecture but cannot negotiate, and his enthusiasm for abstract propositions prevents him from facing realities”. I definitely feel there are times when this sort of characterization applies to all of us, so it’s always a bit of a worry teaching teachers, will they ruin the flow of the lecture by always trying to score points or will they be open to the process.
I think one of the few things keeping teachers from going totally over-the-top is the students, invariably there will be students who keep you modest either from their knowledge of the subject, or their genuine curiosity, or their remarkable humanity. This brings me back to what I started this posting about, which was teaching the D.I.T. lecturers, I was blessed with a group of colleagues who came to learn and share, there was no one-upmanship or showing off, so to them and to all students who are willing to participate in the process I offer you my sincerest thanks, in the words of Albert Schweitzer;
“Sometimes our light goes out but is blown again into flame by an encounter with another human being. Each of us owes the deepest thanks to those who have rekindled this inner light.”
I think one of the few things keeping teachers from going totally over-the-top is the students, invariably there will be students who keep you modest either from their knowledge of the subject, or their genuine curiosity, or their remarkable humanity. This brings me back to what I started this posting about, which was teaching the D.I.T. lecturers, I was blessed with a group of colleagues who came to learn and share, there was no one-upmanship or showing off, so to them and to all students who are willing to participate in the process I offer you my sincerest thanks, in the words of Albert Schweitzer;
“Sometimes our light goes out but is blown again into flame by an encounter with another human being. Each of us owes the deepest thanks to those who have rekindled this inner light.”
Sunday, January 20, 2008
“Really Achieving Your Childhood Dreams” by Dr. Randy Pausch
Dr. Randy Pausch is a highly respected and honored professor of Computer Science and co-founder of the Entertainment Technology Center at Carnegie Mellon University in Pittsburgh, PA. In September Dr. Pausch gave a lecture titled “Really Achieving Your Childhood Dreams,” which was part of what is called “The Last Lecture” series. The series is designed for top lecturers around the country to impart what they feel are their most important life lessons, as if it were their last. What made Dr. Paush’s lecture special was that it really was his last. A year before his lecture Dr. Paush was diagnosed with terminal pancreatic cancer. But to see Professor Pausch’s humor-filled talk one would never know that he has been told that he only has months to live. The inspirational lecture was given to just 400 students, but it quickly went ‘viral’ on the Internet.
Sunday, December 16, 2007
When Students Attack
I was further reflecting on the nature of lecturing and the madness of going into a room, standing at the front, and having 20-150 people take notes on your random thoughts. It’s a strange business, and can be a very stressful one. Jerry Seinfeld remarked that most of us fear public speaking almost as much or maybe more than death, if we are at a funeral, most of us would prefer to be in the casket rather than delivering the eulogy. While this may be a bit extreme, there is an element of truth to it.
After thousands of years of evolution when we are in stressful situations our bodies are geared to either 'fight or flight', when we have to speak in public, epinephrine (or adrenaline) and norepinephrine (or noradrenaline) goes coursing through our bodies - way more than we need, but we can neither run away or fight, so instead we have to somehow harness all that energy into our performance. This is often difficult to do, I know some lecturers whose hands sweat and their mouth goes dry before a lecture, others get shaking knees and their voices begin to quaver. This is because their hearts are racing and they are preparing for a fight.
In this heightened state there is a natural fear of attack, and that fear will manifest itself in many ways; in terms of the fear of making mistakes in your lecture or losing your place, or that the students won't like you or they won't 'get' what you're trying to say. There is also the fear of physical attack, irrational but always present; at best the attack may be something tame like a pee shooter attack (like in the Marx Brothers film "Horse Feathers"), or at worst it could be a fatal attack as was the case for Cassian of Imola. He was a teacher whose students bound him to a stake and tortured him to death by stabbing him with their pointed iron styli. There are in fact many such historical cases of students killing their teachers, and no doubt somewhere in our collective unconsciousness every lecturer remembers such events just before they are about to begin to speak.
So the next time you are sitting in a lecture, have a bit of sympathy for your poor lecturer, they are fighting thousands of years of evolution to get their point across to you :-)
After thousands of years of evolution when we are in stressful situations our bodies are geared to either 'fight or flight', when we have to speak in public, epinephrine (or adrenaline) and norepinephrine (or noradrenaline) goes coursing through our bodies - way more than we need, but we can neither run away or fight, so instead we have to somehow harness all that energy into our performance. This is often difficult to do, I know some lecturers whose hands sweat and their mouth goes dry before a lecture, others get shaking knees and their voices begin to quaver. This is because their hearts are racing and they are preparing for a fight.
In this heightened state there is a natural fear of attack, and that fear will manifest itself in many ways; in terms of the fear of making mistakes in your lecture or losing your place, or that the students won't like you or they won't 'get' what you're trying to say. There is also the fear of physical attack, irrational but always present; at best the attack may be something tame like a pee shooter attack (like in the Marx Brothers film "Horse Feathers"), or at worst it could be a fatal attack as was the case for Cassian of Imola. He was a teacher whose students bound him to a stake and tortured him to death by stabbing him with their pointed iron styli. There are in fact many such historical cases of students killing their teachers, and no doubt somewhere in our collective unconsciousness every lecturer remembers such events just before they are about to begin to speak.
So the next time you are sitting in a lecture, have a bit of sympathy for your poor lecturer, they are fighting thousands of years of evolution to get their point across to you :-)
Subscribe to:
Posts (Atom)