Data Philanthropy and Individual Rights. Mariarosario Taddeo, 2017.

Taddeo, Mariarosaria. 2017. “Data Philanthropy and Individual Rights.” Minds and Machines 27(1):1–5.

 

In her article Data Philanthropy and Individual Rights, Mariarosario Taddeo argues that data philanthropy could contribute to morally positive social outcomes if operational challenges are overcome....continue


The Internet, Democracy, and the Public Sphere’s Evolution

A free and neutral internet is now a necessary precondition for democracy. To recognize and appreciate the responsibility we’ve entrusted to a continuously evolving global network we look closely at how has fused with with our social, economic, and political institutions. Jürgen Habermas concept of the public sphere gives us the opportunity to untangle why a free and neutral internet is essential component of guaranteeing civil rights, liberties, and a successful democracy. Although the term ...continue


Choosing a Vulnerability Scanner

Originally written for Software Secured and published here. Vulnerability scanning aims to reveal security weaknesses in an application by using automated tools to assess its code, design, and functionality. Design flaws which lead to vulnerabilities like Cross Site Scripting (XSS), SQL Injection, path disclosure, and other vulnerabilities found in the OWASP Top 10. The Vulnerability Landscape Understanding what vulnerabilities exist and identifying those relevant to your application will be the first step in implementing vulnerability ...continue


Application Security Code Review Introduction

Originally written for Software Secured and published here. Security code review is a process which systematically applies a collection of security audit methodologies capable of ensuring that both environments and coding practices contribute to the development of an application resilient to operational and environmental threats. In practice, code reviews can take on numerous forms including lightweight code discussions or more involved processes such as pair programming, over the shoulder programming, and tool assisted practices. More ...continue


Secure Scrum – Integrating Security with Agile

Originally written for Software Secured and published here. Successfully implementing strong application security is one of the most challenging non-functional tasks Scrum teams face.Traditional application security practices which carefully integrate security throughout the Software Development Lifecycle (SDLC) are often at odds with Scrum methodology which favors responsive development cycles that quickly produce working code. To unite the strengths offered by Scrum with the necessity of security, professors from the Munich IT Security Research Group modified ...continue


Secure Application Configuration Basics

Originally written for Software Secured and published here. In June of 2016 it was revealed that a database maintained by a large data brokerage company was hacked exposing 154 million US voter records and personal details like gun ownership, positions on gay marriage, and email addresses were retrieved. Database misconfiguration was the cause, the CouchDB database which stored the information was not configured to require authentication in order to access the voter records it held. ...continue


Seeking Truth Talk @ OWASP Ottawa

In light of mental health events in the United States and Canada I had the opportunity to give a talk on mental health at OWASP Ottawa’s monthly meetup. With 30 minutes I did my best to high structural factors that impact an individual’s well being, discussed factors specific to information security, and then talked about tools that we can use to help navigate the evolving challenges which we all face. I also included a number of ...continue


Glossary & Resources Updates

I’ve started fleshing out the glossary and refining how tool-tips will work throughout the site in addition to linking Wikipedia to the glossary. The plugin will allow me to focus on actual content instead of using my energy to build the supporting structure. However, I do plan on eventually writing custom entries for the glossary. If you have any questions or suggestions as to content that could, don’t hesitate. I have also started adding resources in ...continue


Abstract: In Defense of the Public Sphere

I’ve added an abstract to paper I am currently revising for publication on this site. The abstract for In Defense of the Public Sphere: The Electronic Frontier Foundation Support of Civil Liberties in the Digital Realm has been added to the articles section and the full version should be published in the near future....continue


Hello world!

This website will be the home of articles and resources which bring together sociological concepts and information security.   I will initially describe how Information and Communication Technologies (ICT) and the idea of the Public Sphere as developed by Habermas have become inextricably intertwined. Afterwards, I wish to develop content which supports preserving both access to ICTs and their independence from interference in order to ensure democratic processes are not corrupted.  ...continue


* Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.