And as such, a large part of this movement focuses on kids. How do we teach our kids to code? How can we get them interested in hacking? In building? SparkFun, a Boulder, Colo.-based retailer of various DIY hardware kits, has a solution: a subsidized national tour that will supply hardware and tools for teaching kids how to build electronics and code to schools.

SparkFun wants to visit schools in all 50 states and will offer courses to both students and educators, as well as development kits. The first 50 spots are subsidized and so cost $1,500 for a class, while later spots will cost $2,500. Already 13 of those 50 slots have been claimed even before the program has been publicly announced outside of the SparkFun website, according to Lindsay Levkoff, the director of education at SparkFun.

Teaching middle schoolers Scratch programming.

Levkoff created the SparkFun department of education in 2011 to help bring the maker movement to schools that were interested in adding programs but had no idea how to go about it. After a West Coast and East Coast tour last year, the company decided to make it even bigger with a nationwide effort. As a side benefit, SparkFun is creating potential customers for its store.

“When I designed the department it was almost an altruistic branch and there was no guarantee that we would pay for ourselves,” Levkoff said. “We’re trying to be a nonprofit within SparkFun … but if people want to buy the kits and products then that’s a fantastic by-product.”

SparkFun’s plans are part of a larger effort to create hacking groups like Hacker Scouts for kids and even offer classes or hacker space for the younger set.

And while I’ve been pondering how to start one of those for my own daughter’s school, I’ve also been thinking a lot about the bigger issue here; namely why is this movement gaining ground and how important is it really? Is programming the literacy of the 21st century? Does being able to solder, sew or build a robot make someone more employable or creative than another?

The SparkFun tour is helped along by a drive to push Science Technology Engineering and Math education (STEM) and subsequent government and private grants to schools. As a parent I also am eager for my daughter to engage in building things and playing around with hardware in part because I loved building computers, radios and whatnot with my own dad.

But in some ways, beyond the mechanics of programming and the magic of electricity, I think these projects add a venue for concrete accomplishment that can be lacking in everyday schooling for many kids. And that sense of accomplishment, of completing a concrete task as opposed to learning algebra, might be the real value of these maker-based curricula. After all, there are a fair amount of people who get a lot more satisfaction from creating than from consuming.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• A near-term outlook for big data
• Facebook’s IPO filing: ideas and implications
• When video gets democratized, who wins and who loses?

Here’s an excerpt from the blog post (emphasis Facebook’s):

Last month, Facebook Security discovered that our systems had been targeted in a sophisticated attack. This attack occurred when a handful of employees visited a mobile developer website that was compromised. The compromised website hosted an exploit which then allowed malware to be installed on these employee laptops. The laptops were fully-patched and running up-to-date anti-virus software. As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day.

We have found no evidence that Facebook user data was compromised.

As part of our ongoing investigation, we are working continuously and closely with our own internal engineering teams, with security teams at other companies, and with law enforcement authorities to learn everything we can about the attack, and how to prevent similar incidents in the future.

The blog post went on to say that the malware exploited a previously unknown, or “zero day,” vulnerability in its Java sandbox software to plant itself in multiple employees’ PCs. Facebook’s security team traced the attack to a suspicious domain, and then informed Java overlord Oracle, which then provided a patch on Feb. 1 to fix the vulnerability.

Facebook added that it wasn’t the only company targeted the attack, but it was one of the first to identify it. The social network said it is working closely with law enforcement and the other targeted companies, but so far the hacker group hasn’t been identified.

Note that Facebook didn’t say for certain that no user data was stolen. It only said it found no evidence of data being compromised. Nor did Facebook provide any details on what data the hackers had access to. We’ll update this story as we learn more.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Facebook’s IPO filing: ideas and implications
• Connected world: the consumer technology revolution
• Sector RoadMap: Social customer service in 2013

But what if I wanted to go online and post some thoughts or ideas that wouldn’t be associated with my identity? What if I was secretly a cat person (the horror) and wanted to talk about my love of cats, or had a really embarrassing disease I wanted to talk about with other people? These might not be things I’d tweet about. But maybe I’d head to the new anonymous social network called Social Number, which is trying to give people a voice online without an associated identity.

Internet anonymity has a long and controversial history — it’s a unique feature of the web that has provided additional levels of safety for whistle-blowers and human rights advocates, but it’s also given rise to the internet troll and a host of other despicable behaviors that come from expression without much fear of consequence. And as the New York Times pointed out, it’s nothing new.

Currently, anonymity is most common on internet forums and within comment sections of websites like Gawker, where allowing people to post without their identities has become controversial, as my colleague Mathew Ingram has written about extensively. Mainstream social networks have generally discouraged anonymity. Facebook has pushed to get users to connect with their real names and appear in Facebook search as themselves, with an obvious benefit to the company as it works to advertise against that content and control your digital identity. But for political dissidents or people whose workplaces or families disapprove of their political leanings or sexual orientations, the benefits of real names are less clear.

On Social Number, which launched in December and already has thousands of registered users according to the company, individuals sign up and pick a long number that becomes their identity on the network, which doesn’t rely on names or usernames like other sites. Users can then post about topics and have discussions ranging from reducing your carbon footprint to dealing with a bad boss to atheism. The CEO of the company, who goes by MK and declined to provide his full name citing anonymity concerns, said the anonymity is crucial to the site’s success:

“Taboo discussions are popular. They’re afraid if they go to Facebook and type in their political affiliations it’ll get them in trouble with their boss. Here they can critique anything,” he said. “They can talk about things like substance abuse and don’t have to reveal their identity. Although surprisingly a lot of innocent topics as well, like cooking and Valentine’s Day.”

4chan, the internet message board that’s created many of the most popular memes and internet activist movements, has always thrived on a culture where users can remain anonymous. In fact, 4chan founder Christopher Poole gave a TED talk on the value of anonymity in building an internet culture. But in contrast to 4chan, or sites like Reddit, which can seem like the wild west of the internet built through message boards, Social Number focuses more on questions and answers, like Quora, and individual identities, like Facebook and others.

MK said the organization will protect the anonymity of the site’s users, which now include self-professed members of the hacker group Anonymous, but they will not permit discussion of illegal activity on the site. He said they will block users who discuss illegal or dangerous activity, and cooperate with the authorities when necessary, as described in the company’s extensive privacy policy. Right now, he said a main appeal of the site is that people who don’t feel comfortable using their real name, such as people in countries with more restrictive governments or less freedom of speech. However, you do need to provide an email address to sign up, so it’s not exactly identity-free, even if those emails aren’t published anywhere on the site.

But the strangest part of the site? Users can purchase t-shirts or business cards with their Social Numbers on them, and then host meet-ups or parties where they arrive wearing their t-shirts or handing out cards, in an attempt to create anonymity in real life while talking to new and interesting people. Although obviously wearing a t-shirt with your internet identity would work better for curious college students than political dissidents.

“It’s the next physical version of the virtual world,” he said.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Content monetization: News licensing and syndication still need marketplaces and infrastructure
• Facebook’s IPO filing: ideas and implications
• Frenemy mine: The pros and cons of social partnerships for online media companies

So for $25 anyone can work on a project that uses computers at its heart, and if something breaks, they can just go buy a new one. This makes small Linux computers like the Raspberry Pi and Arduino boards the hardware DIYers’ new LEGO bricks. 

Last month, tens of thousands of makers from around the world came together at Maker Faire. Kids were begging their parents to help them build RC planes, buy them kits with Arduino boards and learning how to solder.

Will the DIY movement produce the next Apple?

Many of the kits these kids were using weren’t made by billion dollar corporations – they were made by cottage industry electronics businesses, hobbyists, and “fantrepreneurs.” Yes, as Chris Anderson says in his new book “Makers”, we are at the start of a hardware revolution – led from the ground up, in your home.

We have come full circle – back to April 1, 1976 when Steve Jobs, Steve Wozniak, and Ronald Wayne started selling the Apple 1 computer kit.

 Today’s kit owes its creation to the Arduino project which pioneered this space. The Arduino board is a small, basic, almost disposable piece of hardware that integrated with a simple development environment. Originally intended for university-student projects, it quickly exploded into mainstream DIY culture – today Radioshack even stocks them.

Raspberry Pi on the other hand is a full Linux computer for basically the same price. And as such it has a vast library of existing building blocks that hackers can call upon. 

Raspberry Pi’s original stated goal is to help kids learn how to program on a computer without fear of breaking it. But at $25 dollars its allure is irresistible to hackers and inventors –  people have been using them for a wider range of ideas – like building a supercomputer out of LEGOs.

Raspberry Pi only went on sale in February, and has also sold hundreds of thousands since then.  Here are a few examples of the explosion of projects the Pi is enabling:

• An open source disaster relief drone;
• A Quadcopter Raspberry Pi;

• A voice controlled robot; and
• An XBMC Media Center for managing streaming media.

The rise of these Arduino and Rasbperry Pi projects is a symptom of a larger change. Because of the many niches, cost of production, and speed of innovation, it isn’t the big companies that make these kits and parts.  It is small one-person hardware companies and hobbyists around the world. 

A few examples are:

• Jason Huggins in Chicago, who makes the Robot that plays Angry Birds;
• 
LogicalZero in Boston which makes GAMBY, an Arduino Retro Gaming Shield; and
• Electronic Laboratory in the UK, which makes MiniStylophone Kits.



The result of this movement will be the innovation that our kids build on top of it. At the Maker Faire, while I waited in line for a hotdog, I overheard two banker types behind me. 

“It is amazing how many people are here,” one said. The other countered with, “What’s great is seeing all of the kids.”

As the internet was for my generation, hardware is for the current generation. The Maker movement proves this, and every day more and more small business pop up selling the kits, parts, and gadgets to support them. I may be a bit biased as I run tindie, a marketplace for people to buy and sell homemade technology, but the success of Arduino & Raspberry Pi only reinforce my bet on the maker trend.

Recently Jay Goldberg wrote, that “hardware is dead” – arguing that the drop in hardware prices is killing margins for the large producers to the point where is impossible to make revenue off commodity technology. It is true – prices are falling quicker than the large companies can innovate. However that price drop has opened an entirely new marketplace for smaller companies to emerge. Hardware isn’t dead – it’s moving back into garages where it started.

Emile Petrone is the CEO of Tindie, a site that sells hardware kits.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Facebook’s IPO filing: ideas and implications
• When video gets democratized, who wins and who loses?
• Survey: How apps can solve photo management

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• NewNet Q4: Platform mania and social commerce shakeout
• Connected world: the consumer technology revolution
• Controversy, courtrooms and the cloud in Q1

Facebook's old Palo Alto headquarters during Hackathon 28

Initial public offering filings typically include a letter to potential investors from the company’s CEO. These missives are generally used to discuss basics like the company’s growth so far and its bright future ahead. In Facebook’s IPO document filed Wednesday, however, Mark Zuckerberg dedicated a significant portion of his letter to something a bit out of the ordinary: Teaching potential investors about “the Hacker Way.”

For one thing, it’s a sign of Zuckerberg’s commitment to maintaining a rigorous engineering culture at Facebook, even as it becomes an increasingly powerful media entity. It’s a statement that at Facebook, technology — and the programmers who push it forward — will always come first. The company’s “hackathons” (one of which GigaOM recently attended) are a key example of this. Hacker Way is also what Facebook named the road inside its new Menlo Park, California headquarters.

But it’s also a powerful statement on a larger scale. Digging into the SEC’s online database of company filings, it looks like the word “hacker” has been used just 6400 times in the past four years. That may seem like a lot, but out of the millions of words that have been filed to the SEC in that amount of time, it’s a pittance. And from the looks of it, practically every time the word “hacker” has been used in regulatory filings, the connotation has been negative: “Data security breaches as the result of hackers,” “The acts of a hacker causing damage or destruction to data” and so on.

For Zuckerberg to use this platform to embrace the word hacker and actively change its definition into something positive comes at an excellent time: Right now, the tech industry is waking up to how important it is to help the government and regulatory bodies understand what it is that they do. Facebook’s IPO could serve as a call for hackers everywhere to get more respect, which would be a great thing for the tech industry as a whole.

Below I’ve excerpted some key parts of Zuckerberg’s treatise on hacking from the IPO filing:

“The word ‘hacker’ has an unfairly negative connotation from being portrayed in the media as people who break into computers. In reality, hacking just means building something quickly or testing the boundaries of what can be done. Like most things, it can be used for good or bad, but the vast majority of hackers I’ve met tend to be idealistic people who want to have a positive impact on the world.”

“The Hacker Way is an approach to building that involves continuous improvement and iteration. Hackers believe that something can always be better, and that nothing is ever complete. They just have to go fix it — often in the face of people who say it’s impossible or are content with the status quo.”

“Hacking is also an inherently hands-on and active discipline. Instead of debating for days whether a new idea is possible or what the best way to build something is, hackers would rather just prototype something and see what works. There’s a hacker mantra that you’ll hear a lot around Facebook offices: ‘Code wins arguments.’”

“Hacker culture is also extremely open and meritocratic. Hackers believe that the best idea and implementation should always win — not the person who is best at lobbying for an idea or the person who manages the most people.”

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Facebook’s IPO filing: ideas and implications
• Survey: How apps can solve photo management
• How publishers must adapt to multiple content discovery options

Reading about the Chinese hackers hitting the U.S. Chamber of Commerce in Washington, D.C. I was struck by the last two paragraphs, which detailed how the hackers accessed the IP address of a thermostat — as well as the overall tone of resignation around preventing such attacks — and I wondered: How will we secure the web of things? Do we need to give up on the idea of perimeter based security on the web? From the Wall Street Journal article:

The Chamber continues to see suspicious activity, they say. A thermostat at a town house the Chamber owns on Capitol Hill at one point was communicating with an Internet address in China, they say, and, in March, a printer used by Chamber executives spontaneously started printing pages with Chinese characters.

“It’s nearly impossible to keep people out. The best thing you can do is have something that tells you when they get in,” said Mr. Chavern, the chief operating officer. “It’s the new normal. I expect this to continue for the foreseeable future. I expect to be surprised again.”

In a way, this might be a healthier attitude than thinking you can build strong enough walls to keep hackers out; after all, those walls aren’t just composed of IT defenses but also rely on educating people on how to behave in the face of social-engineering tricks. As someone who locks her doors at night, and feels like keeping people out as opposed to just hoping that when people get in an alarm goes off, the mindset seems anxiety-producing. But the web, the cloud and the emerging network of connected devices isn’t as easy to defend as a home. There are no defined perimeters or limited access points, which means our IT security, legislation aimed at the web and burgeoning M2M networks need a different approach.

On the IT side, CloudPassage has built a service that’s an interesting approach to securing cloud resources while recognizing the impermanence and porous nature of the medium. It installs software on virtual machines that sends all security and compliance checks out to a separate cloud that then makes sure the traffic follows the rules. IT recognizes that securing thousands of virtual machines that pop up and go offline randomly has to take a different approach.

In government, where the Stop Online Piracy Act takes the Maginot Line approach to protecting IP on the web, alternatives such as the Online Protection & Enforcement of Digital Trade Act (which still has some well-documented issues) leans toward an approach that recognizes willful bad guys and leaves accidental infringers of copyright alone. Again, instead of building a wall that could keep everyone out –even legitimate businesses, activists and journalists — the OPEN approach tries to track bad actors but also offer a recourse to those accused of being a bad actor.

As for hacking thermostats, I’m not sure what type of security needs to protect our connected devices and networks, but it’s a question we should be addressing. After all, we have now seen hacked pacemakers, insulin pumps and thermostats. That’s unlikely to be the end of the list.

Image courtesy of The U.S. Army.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• SOPA, OPEN and the fight for the Internet
• Flash analysis: lessons from Solyndra’s fall
• The fourth quarter of 2012 in cleantech

In a message on its PlayStation blog, Sony’s chief security executive warned that hackers had broken into 93,000 customer accounts that contain information like names and credit-card information. Sony believes hackers did this by trying to log in to its network using information stolen from a third party:

We want to let you know that we have detected attempts … to test a massive set of sign-in IDs and passwords against our network database. These attempts appear to include a large amount of data obtained from one or more compromised lists from other companies, sites or other sources.

The post goes on to say that only 0.1% of customer accounts were compromised by the attack and that Sony was able to lock most of the hacked accounts in a short time. This is the second time in six months that hackers have broken into Sony’s PlayStation network, which consists of millions of video game enthusiasts who supply their credit-card information in order to participate in online game activities.

Sony’s quick warning differs from what took place after the April attack. On that occasion, which resulted in the large scale theft of customers’ email and credit-card information, Sony was blasted for taking up to seven days to disclose that an attack had even taken place and for failing to encrypt credit card data. It is facing a class action suit in the U.S. for failing to warn its customers and is in a fight with its insurer over who should pay for liabilities stemming from “the largest identity theft in history.”

This time, Sony’s clear and timely warning led customers to post dozens of grateful comments like “Thanks for the heads up Sony (NYSE: SNE). Well done. Bravo!” and “Awesome catch. I’m glad to see you guys really stepped up your response time and over all security.” Some of these comments may have been posted by Sony’s own employees, but overall the tone is markedly different than the universal criticism the company faced in April.

The response to Sony’s quick disclosure of the attack seems to vindicate the “come clean quick” approach to customer privacy issues. Of course, not everyone thinks transparency is enough. Other comments on Sony’s site include, “I feel like they are sugar coating and trying to make 93,000 accounts being compromised seem fine and acceptable” and “Come on guys, this is getting old.” A third group of commentators simply fretted that they would not be able to play video games while Sony fixed the problem.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Sector RoadMap: Content personalization in 2013
• Where the next-generation console fits in today’s video game market
• OTT technologies and strategies for broadcasters

Cybersecurity researchers Charlie Miller and Collin Mulliner claim they can bring down your iPhone by sending it just a single “unusual” character, according to Forbes, which first published news of the exploit earlier this week.

A single square character or a series of “invisible” messages can be used to confuse an iPhone, leaving it open to hackers. The exploit affects all models of iPhones, running all versions of the iPhone OS. The only way to protect the phone from attack is to shut it down.

“Someone could pretty quickly take over every iPhone in the world with this,” said Miller. After running the exploit, a hacker has control over any of the iPhone’s features. According to Forbes, this includes “dialing the phone, visiting Web sites, turning on the device’s camera and microphone and, most importantly, sending more text messages to further propagate a mass-gadget hijacking.”

Unlike previous exploits, this one doesn’t require the user to do anything, and can strike at any time. The only prerequisite is that the iPhone is connected to a cellular network. Miller and Mulliner say they informed Apple of the exploit “more than a month” ago, but so far, the company has not issued a patch to close it. Forbes adds that Apple didn’t respond to “repeated calls” seeking comment.

“I’ve given them more time to patch this than I’ve ever given a company to patch a bug,” Miller told Forbes. “As a researcher, I can only show [Apple] the bugs. It’s up to them to fix them.”

Miller is no stranger to exposing security flaws in the iPhone. In 2007, he identified a browser exploit that also gave hackers similar control over a user’s iPhone. Miller and Mulliner are expected to publicize details of the latest flaw today at the Black Hat digital security conference in Nevada.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• Opportunities and challenges for mobile deals
• Facebook’s IPO filing: ideas and implications
• Connected world: the consumer technology revolution