Paper By FiftyThree Hack
Let's face it, it is extremely unlikely that any digital experience is going to ever be able to replicate the feel of a pencil or a pen gliding across a piece of paper. The joy that we all feel when using our favourite combinations are unlikely to ever be matched by glass and plastic. But that's not what this product is about.
Paper By FiftyThree Hack
If you're not too steady with your hands, you could try out these UI stencils to help you draw with more fidelity. You can also find ready-made paper device frames with a quick Google search, which are even quicker to use (and there are even free ones). Here's a free iPhone X template, made by Matthew Stephens.
Your first thought might be to lay the paper down flat, and then capture the sketch from above. This often doesn't work because ceiling lights create invasive shadows on the paper, eclipsed by your own body. The trick? Stick 'em up on a whiteboard and capture the sketches face-on. Alternatively, you can sketch mockups straight onto a whiteboard as long as it's not reflecting too much light (this enables you to demonstrate user flows as well). You'll want to minimise window and ceiling light either way, so that reflected light doesn't interfere with the shot (this includes camera flashes, which you'll want to turn off).
Aaaaand...you did it! Your sketched mockups have now been exported to Sympli, where feedback can be requested, and discussion can ensue. It's a bit of a hack, but not one that requires too much trouble. Give it a try, and let us know.
Have you ever tried paper prototyping before? If you have, did you find that it helped you visualize your ideas quickly, and obtain feedback on those ideas? What about digital drawing tools like FiftyThree? A better alternative to paper?
It has always been risky for journalists to offend the powerful, rich and litigious. But until the digital age, American newspapers generally held their own: They rigorously checked facts and employed legal muscle to beat back bullies.
Today they are unprepared to fight, argues a 2016 paper by lawyer and Fortune staff writer Jeff John Roberts. As newspaper budgets have shrunk and some media outlets have moved to clickbait-based business models, in many cases the tenured editors who served as wise counselors and fact-checkers have been sacked. Mistakes are thus more likely.
With this explosive growth, it is no surprise that policymakers are increasingly turning their attention to the cloud. Cloud computing and storage affects (and is affected by) policymakers in numerous areas such as data governance, technological development, geopolitical influence, and antitrust legislation, making the security of the cloud a particularly salient topic for public policy. As the public cloud infrastructure has become more consolidated within the cloud infrastructure market, concerns have risen about potential systemic risks. For example, a 2018 report estimates that a three-to-six day outage of a major CSP would cause economic losses of up to $15 billion.9 However, the debate about cloud security remains vague, and the public policy implications are poorly understood. This paper provides an overview of the different policy dimensions that must be considered so as to inform a more nuanced and robust debate.
This paper is a first step to building that understanding. As a primer for policymakers on the cloud, this study outlines how to conceptualize the cloud and describes the evolution of the cloud market. It then discusses cloud security in detail, using a timeline of past incidents together with in-depth case studies of the most significant incidents that are publicly known. Together, these serve as a foundation for developing a comprehensive framework for mapping the various risks and a severity schema to prioritize them. The paper then briefly outlines additional public policy issues to take into account while considering cloud security. Finally, it sums up and discusses the implications for public policy, while listing promising areas for future security-related research.
An inductive approach based on past security incidents can begin to provide some form of an answer to such questions. The series of incidents over the past five years listed in table 5 and the in-depth case studies in Appendix A reveal that CSPs have experienced disruptions affecting the confidentiality, availability, and integrity of data as well as processes and their reliability. While like much of this paper, these incidents revolve around the major CSPs, there are, of course, many other security issues involving more specialized varieties of cloud services.
The biggest blind spots in the current debate are medium-to-low probability risks. These include structural risks that result from highly complex, tightly coupled systems that could be significantly damaged by accidents or environmental threats, as well as highly sophisticated adversary threats against data confidentiality. The Cloudhopper campaign is a potent example of the potential impact and significance that the compromise of a CSP could have on its customers. As more and more data that is important but perhaps less than critical is located in the cloud, threat actors will have greater incentives to engage in more of these types of campaigns, especially capable government-linked hacking organizations.
The focus of this paper is on the public policy implications of cloud security. There are other important, relevant public policy issues for which extensive treatments are beyond the scope of this paper, namely 1) data governance, 2) the connection of technology industries and geopolitical influence, and 3) antitrust regulation. Some of these issues have direct relevance to the suite of security policy issues this paper discusses, including policy debates about data localization and critical infrastructure, while others like antitrust considerations are indirectly related.
In conclusion, while this paper focuses on security, these other three issues cannot be ignored and are intertwined with each other. For example, questions about the ability of the U.S. intelligence community to access data of CSPs are a major security concern to other countries. And competition between U.S. and Chinese CSPs parallels security concerns about U.S.-China technology competition. Public policy decisionmakers grappling with the implications of migrating to the cloud for security reasons must therefore also bear in mind these other dimensions to make informed, comprehensive, risk-based decisions.
On July 19, 2019, Capital One discovered that a hacker had breached its data on its customers and individuals who had applied for Capital One credit cards.205 This involved the information of approximately 100 million people in the United States, although only a small fraction (less than 1 percent) of people had their Social Security numbers stolen. Capital One said it discovered the breach after an external researcher contacted it through its responsible disclosure program.206 The stolen data was apparently stored on AWS public cloud servers used by Capital One.
5 This paper focuses primarily on the public cloud and its policy implications. However, to help advance a more nuanced understanding of the cloud, this primer also details other cloud deployment models.
Last August, at Defcon, the hacker conference in Las Vegas, a boyish 40-year-old engineer and security researcher named Michael Ossmann stood on the stage of a lecture hall, about to detail a stunning new set of tools designed for spying on a wealth of electronic devices.
As quiet descended over an eager audience of hundreds of hackers, Ossmann stopped and issued a warning. "If you don't want to hear about leaked classified information, you can leave now," he told the crowd.
Six months earlier, the German newspaper had been one of a number of media outlets to publish thousands of classified documents disclosed by Edward Snowden. But this document wasn't like the others.
Five thousand miles away in Colorado, however, Michael Ossmann was delighted. Ossmann had spent much of his career taking apart, designing, and hacking together radio electronics himself, mainly in the hope of trying to find their vulnerabilities and figure out how to protect them from people who might want to interfere with or spy on them.
There are, of course, a few concerns about loosing this kind of spy gear into the public realm. In the cab on my way to the conference to see Ossmann speak, I mentioned Defcon to my taxi driver. "I've never seen so many criminals under one roof," he joked. He was echoing the popular conception of hackers: They're going to rob you, they're going to stalk you; they're the peroxide-haired master villain played by Javier Bardem in that latest Bond movie.
Well before the Snowden revelations, the security community has been debating the merits of "full" disclosure of known vulnerabilities versus "responsible" disclosure. On the NSA Playset's Google Group, I found little discussion about this. But in one post from June, a hardware hacker named Tony DiCola, who was building his own NSA-inspired device designed to spy on keystrokes over WiFi, expressed some hesitation.
At this point, the most visible elements in the transparency debate seem to be those on the far reaches of both sides of the spectrum. On one side, there's Anonymous and WikiLeaks and the rest of the "hacktivist" community, for whom total transparency is a self-evident good that rarely needs further justification. On the other, there are the officials in the intelligence community and others who think it's always unsafe to expose classified information and behavior, even if those classified things might make us unsafe to begin with. What's yet to emerge is a reasonable middle ground that takes into account all the grays of a topic as complex and nuanced as information security.
Many of the hacks in the video above would not require much in terms of investment now that the software is up and running. Rocketbook would not require another Kickstarter to productionize the hacks. I know they plan to make money from selling notebooks, but the ease of turning almost any surface into something the Rocketbook app can capture and classify challenges their long-term business model unless they get into selling the hacks themselves. 350c69d7ab