Tuesday Morning: Garbage in, Garbage out [UPDATE]

/27 Comments/in , /by

Why’d I pick this music video, besides the fact I like the tune? Oh, no reason at all other than it’s trash day again.

Speaking of trash…

Facebook furor just frothy foam?
I didn’t add yesterday’s Gizmodo piece on Facebook’s news curation yesterday or the earlier May 3 piece because I thought the work was sketchy. Why?

  • The entire curation system appears to be contractors — Where is a Facebook employee in this process?

    “…News curators aren’t Facebook employees—they’re contractors. One former team member said they received benefits including limited medical insurance, paid time off after 6 months and transit reimbursement, but were otherwise excluded from the culture and perks of working at Facebook. […] When the curators, hired by companies like BCForward and Pro Unlimited (which are then subcontracted through Accenture to provide workers for Facebook), arrive at work each day, they read through a list of trending topics ranked by Facebook’s algorithm from most popular (or most engaged) to least. The curators then determine the news story the terms are related to.

    The news curation team writes headlines for each of the topics, along with a three-sentence summary of the news story it’s pegged to, and choose an image or Facebook video to attach to the topic. The news curator also chooses the “most substantive post” to summarize the topic, usually from a news website. […] News curators also have the power to “deactivate” (or blacklist) a trending topic—a power that those we spoke to exercised on a daily basis. …” (emphasis mine)

    I see a Facebook-generated algorithm, but no direct employees in the process — only curator-contractors.

  • Sources may have a beef with Facebook — This doesn’t sound like a happy work environment, does it?

    “…Over time, the work became increasingly demanding, and Facebook’s trending news team started to look more and more like the worst stereotypes of a digital media content farm.

    […]

    Burnout was rampant. ‘Most of the original team isn’t there anymore,’ said another former news curator. ‘It was a stop-gap for them. Most of the people were straight out of [journalism school]. At least one of them was fired. Most of them quit or were hired by other news outlets.’ …” (emphasis mine)

    It’s not as if unhappy contractors won’t have newsworthy tips, but what about unhappy Facebook employees? Where are they in either of Gizmodo’s pieces?

  • Details in the reporting reveal bias in the complainant(s) — So far I see one reference to a conservative curator, not multiple conservative curators.

    “Facebook workers routinely suppressed news stories of interest to conservative readers from the social network’s influential “trending” news section, according to a former journalist who worked on the project.

    […]

    Other former curators interviewed by Gizmodo denied consciously suppressing conservative news, and we were unable to determine if left-wing news topics or sources were similarly suppressed. The conservative curator described the omissions as a function of his colleagues’ judgements; there is no evidence that Facebook management mandated or was even aware of any political bias at work. …”

    Note the use of “a” in front of “former journalist” and “the” in front of “conservative curator.” (Note also Gizmodo apparently needs a spell check app.)

  • No named sources confirming the validity of the complaints or other facts in Gizmodo’s reporting — Again, where are Facebook employees? What about feedback from any of the companies supplying contractors; did they not hear complaints from contractors they placed? There aren’t any apparent attempts to contact them to find out, let alone anonymous confirmation from these contract companies. There are updates to the piece yesterday afternoon and this morning, including feedback from Vice President of Search at Facebook, Tom Stocky, which had been posted at Facebook. Something about the lack of direct or detailed feedback to Gizmodo seems off.
  • Though named in the first of two articles, Facebook’s managing editor Benjamin Wagner does not appear to have been asked for comment. The May 3 piece quotes an unnamed Facebook spokesperson:

    When asked about the trending news team and its future, a Facebook spokesperson said, “We don’t comment on rumor or speculation. As with all contractors, the trending review team contractors are fairly compensated and receive appropriate benefits.”

I’m disappointed that other news outlets picked up Gizmodo’s work without doing much analysis or followup. Reuters, for example, even parrots the same phrasing Gizmodo used, referring to the news curators as “Facebook workers” and not contract employees or contractors. Because of this ridiculous unquestioning regurgitation by outlets generally better than this, I felt compelled to write about my concerns.

And then there’s Gizmodo itself, which made a point of tweeting its report was trending on Facebook. Does Gizmodo have a beef with Facebook, too? Has it been curated out of Facebook’s news feed? Are these two pieces really about Facebook’s laundering of Gizmodo?

I don’t know; I can’t tell you because I don’t use Facebook. Not going to start now because of Gizmodo’s sketchy reporting on Facebook, of all things.

Miscellany
Just some odd bits read because today is as themeless as yesterday — lots of garbage out there.

Skepticism: I haz it
As I read coverage about news reporting and social media leading up to the general election, I also keep in the back of my mind this Bloomberg report, How to Hack an Election:

As for Sepúlveda, his insight was to understand that voters trusted what they thought were spontaneous expressions of real people on social media more than they did experts on television and in newspapers. […] On the question of whether the U.S. presidential campaign is being tampered with, he is unequivocal. “I’m 100 percent sure it is,” he says.

Be more skeptical. See you tomorrow morning!

UPDATE — 1:30 P.M. EDT —

@CNBCnow
JUST IN: Senate Commerce Commtitte chair sends letter to Facebook’s Mark Zuckerberg seeking answers on alleged manipulation of trending news

ARE YOU FUCKING KIDDING ME WITH THIS? THE SENATE GOING TO WASTE TAX DOLLARS ON THIS WHEN EVERY. SINGLE. NEWS. OUTLET. USES EDITORIAL JUDGMENT TO DECIDE WHAT TO COVER AS NEWS?

Cripes, Gizmodo’s poorly sourced hit piece says,

“…In other words, Facebook’s news section operates like a traditional newsroom, reflecting the biases of its workers and the institutional imperatives of the corporation. …”

Yet the Senate is going to pursue this bullshit story after Gizmodo relied on ONE conservative curator-contractor — and their story actually says an algorithm is used?

Jeebus. Yet the Senate will ignore Sheldon Adelson’s acquisition of the biggest newspaper in Las Vegas in a possible attempt to denigrate local judges?

I can’t with this.

UPDATE — 3:35 P.M. EDT —
The Guardian reports the senator wasting our tax dollars questioning a First Amendment exercise by Facebook is John Thune. Hey! Guess who’s running for re-election as South Dakota’s senior senator? Why it’s John Thune! Nothing like using your political office as a free press-generating tool to augment your campaign. I hope Facebook’s algorithm suppresses this manufactured non-news crap.

Share this entry

DOJ Confirms One or More Agencies Acted Consistent with John Yoo’s Crummy Opinion

/4 Comments/in , /by

There’s a whiff of panic in DOJ’s response to ACLU’s latest brief in the common commercial services OLC memo, which was submitted last Thursday. They really don’t want to release this memo.

As you recall, this is a memo Ron Wyden has been hinting about forever, stating that it interprets the law other than most people understand it to be. After I wrote about it a bunch of times and pointed out it was apparently closely related to cybersecurity, ACLU finally showed some interest and FOIAed, then sued, for it. In March, DOJ made some silly (but typical) claims about it, including that ACLU had already tried but failed to get the memo as part of their suit for Stellar Wind documents (which got combined with EPIC’s suit for electronic surveillance documents). In response, Ron Wyden wrote a letter to Attorney General Loretta Lynch, noting a lie DOJ made in DOJ’s filings in the case, followed by an amicus brief asking the judge in the case to read the secret appendix to the letter he wrote to Lynch. In it, Wyden complained that DOJ wouldn’t let him read his secret declaration submitted in the case (making it clear they’re being kept secret for strategic reasons more than sources and methods), but asking that the court read his own appendix without saying what was in it.

Which brings us to last week’s response.

DOJ is relying on an opinion the 2nd circuit released last year in ACLU’s Awlaki drone memo case that found that if a significant delay passed between the time an opinion was issued and executive branch officials spoke publicly about it — as passed between the time someone wrote a memo for President Bush’s “close legal advisor” in 2002 about drone killings (potentially of American citizens) and the time Executive branch officials stopped hiding the fact they were planning on drone-killing an American citizen in 2010, then the government can still hide the memo.(I guess we’re not allowed to learn that Kamal Derwish was intentionally, not incidentally, drone-killed in 2002?)

This is, in my understanding, narrower protection for documents withheld under the b5 deliberative privilege exemption than exists in the DC Circuit, especially given that the 2nd circuit forced the government to turn over the Awlaki memos because they had been acknowledged.

In other words, they’re trying to use that 2nd circuit opinion to avoid releasing this memo.

To do that they’re making two key arguments that, in their effort to keep the memo secret, end up revealing a fair amount they’re trying to keep secret. First, they’re arguing (as they did earlier) that the ACLU has already had a shot at getting this memo (in an earlier lawsuit for memos relating to Stellar Wind) and lost.

There’s just one problem with that. As I noted earlier, the ACLU’s suit got joined with EPIC’s, but they asked for different things. ACLU asked for Stellar Wind documents, whereas EPIC asked more broadly for electronic surveillance ones. So when the ACLU argued for it, they were assuming it was Stellar Wind, not something that now appears to (also) relate to cybersecurity.

Indeed, the government suggests the ACLU shouldn’t assume this is a “Terrorist Surveillance Program” document.

7 Plaintiffs conclude that the OLC memorandum at issue here must relate to the Terrorist Surveillance Program and the reauthorization of that program because the attorney who authored the memorandum also authored memoranda on the Terrorist Surveillance Program. Pls.’ Opp. at 10. The fact that two OLC memoranda share an author of course establishes nothing about the documents’ contents, nature, purpose, or effect.

Suggesting (though not stating) the memo is not about TSP is not the same as saying it is not about Stellar Wind or the larger dragnets Bush had going on. But it should mean ACLU gets another shot at it, since they were looking only for SW documents the last time.

Which is interesting given the way DOJ argues, much more extensively, that this memo does not amount to working law. It starts by suggesting Wyden’s filing arguing a “key assertion” in the government’s briefs is wrong.

3 Senator Wyden asks the Court to review a classified attachment to a letter he sent Attorney General Loretta Lynch in support of his claim that a “key assertion” in the Government’s motion papers is “inaccurate.” Amicus Br. at 4. The Government will make the classified attachment available for the Court’s review ex parte and in camera. For the reasons explained in this memorandum, however, the Senator’s claim of inaccuracy is based not on any inaccurate or incomplete facts, but rather on a fundamental misunderstanding of the “working law” doctrine.

In doing so, it reveals (what we already expected but which Wyden, but apparently not DOJ, was discreet enough not to say publicly) that the government did whatever this John Yoo memo said government could do.

But, it argues (relying on both the DC and 2nd circuit opinions on this) that just because the government did the same thing a memo said would be legal (such as, say, drone-killing a US person with no due process), it doesn’t mean they relied on the memo’s advice when they took that action.

The mere fact that an agency “relies” on an OLC legal advice memorandum, by acting in a manner that is consistent with the advice, Pls.’ Opp. at 11, does not make it “working law.” OLC memoranda fundamentally lack the essential ingredient of “working law”: they do not establish agency policy. See New York Times, 806 F.3d at 687; Brennan Center, 697 F.3d at 203; EFF, 739 F.3d at 10. It is the agency, and not OLC (or any other legal adviser), that has the authority to establish agency policy. If OLC advises that a contemplated policy action is lawful, and the agency considers the opinion and elects to take the action, that does not mean that the advice becomes the policy of that agency. It remains legal advice. 5

5 Nor could the fact that any agency elects to engage in conduct consistent with what an OLC opinion has advised is lawful possibly constitute adoption of that legal advice, because taking such action does not show the requisite express adoption of both the reasoning and conclusion of OLC’s legal advice. See Brennan Center, 697 F.3d at 206; Wood, 432 F.3d at 84; La Raza, 411 F.3d at 358.

Effectively, DOJ is saying that John Yoo wrote another stupid memo just weeks before he left, the government took the action described in the stupid memo, but from that the courts should not assume that the government took Yoo’s advice, this time.

One reason they’re suggesting this isn’t TSP (which is not the same as saying it’s not Stellar Wind) is because it would mean the government did not (in 2005, when Bush admitted to a subset of things called TSP) confirm this action in the same way Obama officials danced around hailing that they had killed Anwar al-Awlaki, which led to us getting copies of the memos used to justify killing him.

In short, the government followed Yoo’s advice, just without admitting they were following his shitty logic again.

Share this entry

Monday Morning: Scattered

/18 Comments/in , , , /by

That’s how I feel this morning — my head feels like a bunch of scattered pictures lying on my bedroom floor. Can’t tell how much of this sensation is work hangover from a too-busy weekend, or a result of a themeless news morning.

Often as I browse my feeds I find narratives emerge on their own, bubbling up on their own. Today? Not so much. There are too many topics in flight, too many major stories juggled, too many balls in the air, everything’s a blur.

The biggest stories adrift and muddled are those in which elections are central:

  • U.S. primary season wrap-up and the general election ahead — and I’m not going to touch this topic with a 20-foot pole. Imma’ let better writers and statisticians handle it without me piling on.
  • The Philippines election — the leading candidate is alleged to encourage urban vigilante death squads to reduce crime.
  • Brexit — Britain votes on a referendum next month on whether to exit the EU. Brexit played a role in the election last week of London’s new mayor, Sadiq Khan, who also happens to be London’s first Muslim mayor.
  • Australia’s double-dissolution election — PM Malcolm Turnbull last week announced both the House of Representatives and the Senate would be dissolved and replaced in an election on July 2nd. Turnbull faces replacement depending on which party amasses the most power during the election. There have only been seven double dissolutions since Australia’s federation under its constitution in 1901.

Anyhoo…here’s some miscellaneous flotsam that caught my eye in today’s debris field.

  • Number of unique mobile device users: 5 BILLION (Tomi Ahonen) — Do read this blog post, the numbers are mind-boggling. And intelligence agencies want to map and store ALL of the communications generated by these numbers?
  • Browser company Opera just went after iOS market with VPN offering (PC World) — Opera already announced a free VPN to Windows and Linux users; today it targeted Apple users with a VPN for iOS (do note the limited country availability). Don’t feel left out, Android users, you’ll get a VPN offering from Opera soon.
  • Swarm of earthquakes detected at Mount St. Helens (KOMO) — The eight-week-long swarm has been likened to those in 2013 and 2014 due to fault slippage. An eruption may not be imminent.
  • Jihadi Gang Warfare (@thegruq at Medium) — A really good read about the Islamic militant gang in Brussels and how their amateurishness prevented even greater bloodshed in both Paris and Brussels. Unfortunately a primer on how not to do urban terror.
  • Google isn’t just feeding romance novels to its AI to teach it language (Le Monde) — ZOMG, it’s using them to teach it morals, too! That’s what Le Monde reported that Buzzfeed didn’t.

    Valeurs morales

    Deux chercheurs de Georgia Tech, Mark Riedl et Brent Harrison, vont encore plus loin. Selon eux, la littérature peut inculquer des valeurs morales à des programmes d’intelligence artificielle. « Nous n’avons pas de manuel rassemblant toutes les valeurs d’une culture, mais nous avons des collections d’histoires issues de ces différentes cultures », expliquent-ils dans leur article de recherche publié en février.

    «Les histoires encodent de nombreuses formes de connaissances implicites. Les fables et les contes ont fait passer de génération en génération des valeurs et des exemples de bons comportements. (…) Donner aux intelligences artificielles la capacité de lire et de comprendre des histoires pourrait être la façon la plus efficace de les acculturer afin qu’elles s’intègrent mieux dans les sociétés humaines et contribuent à notre bien-être.»

    Moral values

    Two researchers from Georgia Tech, Mark Riedl and Brent Harrison, go even further. They believe literature can inculcate moral values in artificial intelligence programs. “We have no manual containing all the values of a culture, but we have collections of stories from different cultures,” they explain in their research article published in February.

    “The stories encode many forms of implicit knowledge. Fables and tales were passing generation to generation the values and examples of good behavior. (…) Giving artificial intelligence the ability to read and understand stories may be the most effective way to acculturate them so they can better integrate into human society and contribute to our well-being.”

    Gods help us, I hope they didn’t feed the AI that POS Fifty Shades of freaking Grey. Though I’d rather 90% of romance novels for morals over Lord of the Flies or The Handmaid’s Tale, because romance’s depiction of right and wrong is much more straightforward than in literary fiction, even the very best of it.

That’s quite enough trouble to kick off our week, even if it’s not particularly coherent. Catch you tomorrow morning!

Share this entry

Long-Serving Intelligence Executive: Sure, Government Has Been Thoroughly Pawned But What about Ordinary Citizens?

/2 Comments/in /by

Three months after Obama rolled out a cybersecurity initiative backed by a piece in the WSJ, former Deputy Director of Defense Intelligence David Shedd has decided to critique it (the 3 month delay might have something to do with the fact that, in the interim, Shedd was getting beat up by DOD Inspector General over having created his own private limousine service).

In his op-ed, Shedd questions Obama’s embrace of a public-private partnership. He makes a good point that such government initiatives rely on voluntary participation. He insinuates that Obama ignores the contributions of Apple because of the fight over encryption.

How odd that the president didn’t even mention Apple among the other leading technology firms when it comes to cybersecurity. Apple, America’s (and the world’s) largest and most valuable technology firm, has led the industry in securing its products, a claim the others listed can’t stand by. But of course the president can’t mention Apple as a shining example of American cybersecurity, because his administration is entrenched in a political battle with the company over encryption.

It’s a fair dig. Except that’s the kind of anachronism I wouldn’t expect from a lifetime spook. It is true that Jim Comey was on the war path with Apple since the company made iPhone encryption standard in fall 2014. But things didn’t start ratcheting up until February 16, when DOJ got an All Writs Act to make Apple rewrite their operating system, after Obama wrote the op-ed that didn’t mention Apple.

Shedd then mocks Obama’s efforts to introduce more flexibility in hiring cybersecurity people. Here’s what Obama said:

We’ll do more—including offering scholarships and forgiving student loans—to recruit the best talent from Silicon Valley and across the private sector. We’ll even let them wear jeans to the office. I want this generation of innovators to know that if they really want to have an impact, they can help change how their government interacts with and serves the American people in the 21st century.

Here’s what Shedd (he of the personal limousine service) said:

While this proposal rightly addresses the need to recruit great talent, does the administration really think the ability to wear jeans is going to sway the best and brightest away from the pay in Silicon Valley?

Perhaps we’re all missing the metaphor of “wearing jeans” for smoking pot. But the truth is some people aren’t motivated primarily by personal limousine services; they would like to help the government. One real barrier to hiring talent — people like Ashkan Soltani — is something Shedd has been a very big player in: security clearances.

Which gets me to my real confusion about this piece.

First, even before he talks about how much better the tech industry, at least, is than the government on these issues, Shedd complains that there’s nothing in Obama’s policy for “everyday citizens or industry.”

It’s all well and good to talk about protecting U.S. innovation and giving every American a level of online security. But the president fails to suggest even a single solution that would impact everyday citizens or industry.

Then he lays out how absolutely incompetent the government has been in protecting itself.

[C]onsidering the fact that multiple government agencies, as well as the Justice and Homeland Security departments, have faced significant cyberattacks, this is an odd claim to make.

The most egregious breach took place less than a year ago, when the Office of Personnel Management suffered a huge data breach that continues to impact tens of millions of federal workers and contractors, including those with access to America’s most sensitive secrets. No one was fired over the incident. Is that accountability? In late February, the office’s chief information officer resigned just two days before having to testify before Congress.

The administration’s failed record in cybersecurity extends beyond the breaches on government systems. In a recent score card released by the House Oversight and Government Reform Committee, the majority of federal agencies received subpar, if not failing, grades on their cybersecurity posture.

Among the worst was the Department of Energy, which is charged with protecting our nation’s nuclear technology. Given that the Obama administration had seven years to meet its cybersecurity obligations, why should the American people believe anything will change with a new initiative?

Now, if the government is a cybersecurity sieve, then why is Shedd bitching that there’s nothing in Obama’s policy for “ordinary citizens” or the private industry companies that aren’t getting pawned? Shouldn’t locking down the nation’s nuclear secrets — a point I’ve emphasized — be a higher priority than saving Target from liability when its customers get their credit card data stolen (besides the fact, for customers who can afford an iPhone, as Shedd pointed out, Apple is already doing something)? In a purportedly capitalist society, should the government free private industry of all responsibility for its own security?

Crazier still, Shedd — who worked in Bush’s National Security Council until 2005, then moved to Director of National Intelligence, then in 2010 moved to DIA — is bitching that no one (aside from Katherine Archuleta) got fired for the OPM hack. In several of those positions, Shedd was in a place where he should have been one of the people asking why the security clearance data for 21 million people was readily available to be hacked — though no one in his immediate vicinity thought to ask those questions until 2013 and even then not including the non-intelligence agencies that might be CI problems. He was in a position when he may have — probably should have — reviewed some of the underlying database consolidation of clearance databases, including (at ODNI) identifying them as a counterintelligence threat.

A report published by the Office of the Director of National Intelligence provides some insight: In order to report security clearance volume levels, the National Counterintelligence and Security Center’s Special Security Directorate (SSD) “compiled and processed data from the three primary security clearance record repositories: ODNI’s Scattered Castles (SC); DoD’s Joint Personnel Adjudication System (JPAS); and the Office of Personnel Management’s (OPM) Central Verification System (CVS). To fulfill specific reporting requirements of the FY 2010 IAA, the SSD issued a special data call to the seven IC agencies with delegated authority to conduct investigations or adjudications.” The purpose of the data call was to consolidate security clearance data.

It’s probably not Shedd’s fault personally OPM got hacked, but some of the people who directly worked for him along the way may well bear responsibility.

Moreover, when he bitches about how so little has been accomplished in Obama’s 7 years, it ought to raise questions about why nothing got accomplished in his own decade of service in a position when he might have done something. Perhaps he spent years fighting with Obama (and before him Bush) to do something about the government’s cybersecurity, but if so, that’s what he should be talking about, not that Obama wants to make it easier for hackers to wear jeans to work.

Some of Shedd’s complaints are spot on. Just not coming, as they do, from someone who spent a decade in a position to address cybersecurity himself.

Share this entry

Friday Morning: Gypsy Caravan

/26 Comments/in , /by


TIME, you old gipsy man,
Will you not stay,
Put up your caravan
Just for one day?

— excerpt, Time, You Old Gipsy Man by Ralph Hodgson

If last week’s Friday chamber jazz was most like me, this genre is next to it. Gypsy jazz is what my grandfather always hoped I’d learn to play; I learned to love Django Reinhardt with Stephane Grapelli at his knee. This stuff makes a bad day move along briskly, makes heavy hearts light. I don’t mind the added filip some smart ass added to the embedded video of Hot Club of Dublin featured here — seems fitting for the tune’s mood.

Unfortunately I have to be away from my desk this morning on a mission of mercy. If I’m stuck someplace with decent WiFi I will try to share a few things I’ve been reading. Otherwise use this as an open thread and tell me what you’ve got planned this weekend — hope it’s something fun!

Oops, last minute adders:

Facebook gets smacked by court for storing biometric content (Reuters) — I really dislike Facebook. Just thought I’d tack that on.

Athabasca tar sands south of Fort McMurray threatened by fire (CBC Calgary) — something-something karma-something

A few more adders:

Aussie company touting anti-Zika virus condoms and gel – what? (Sydney Melbourne Herald) — Are you kidding me? Just use a damned condom. Think about it: plain old condoms are recommended as protection against viral STDs like HIV.

Maps showing borders India doesn’t like may earn jail time and fines (QZ-India) — Wondering why this issue has bubbled up again, not that the border with Pakistan has ever been resolved to India’s satisfaction.

Carnegie Mellon team turn human skin into touch tech (The Verge) — Um, this was done back seven years ago by MIT, called “Sixth Sense,” and released as open source a year later. Still wondering why that tech wasn’t commercialized.

Share this entry

Thursday Morning: Burning Bright

/13 Comments/in , /by

Tyger Tyger, burning bright,
In the forests of the night;
What immortal hand or eye,
Could frame thy fearful symmetry?

In what distant deeps or skies.
Burnt the fire of thine eyes?
On what wings dare he aspire?
What the hand, dare seize the fire?

— excerpt, The Tyger by William Blake

Props to Fort McMurray, Alberta, Canada, for evacuating a city under immediate threat of fire without any casualties directly attributable to the blaze. There was one death reported due to a vehicle accident, but it’s not clear the accident was caused by the fire or the evacuation process. I don’t know that an American city could have responded as quickly with the same results, but then Fort McMurray’s folks remember the Slave Lake wildfire five years ago in May 2011. Slave Lake, located roughly 250 miles southwest of Fort McMurray, was similarly forced to evacuate its 7,000 residents after 60 mph winds fanned a forest fire out of control and into the town.

In addition to expanded evacuation south of Fort McMurray, another wildfire in northern Alberta approximately 500 miles northwest of Fort McMurray forced evacuation of the town of High Level last evening. Fortunately, cooler weather will help battling this and Fort McMurray’s blaze; temperatures are expected to be 20 degrees cooler than the 88F degree high reached yesterday in Fort McMurray. There’s no rain in the forecast for nearly a week, though.

If you look at a satellite map of Alberta, you’ll note the areas surrounding these two municipalities actually had quite a bit of forest near them to their west (Fort McMurray is south of the Athabasca tar sands production site by a 30-minute drive). I’d like to know how much of this is boreal forest, which was once aggressively protected by Canada — before Alberta’s Stephen Harper became PM, that is. Despite the efforts of NGOs, expansion of the tar sands escalated dramatically from 2006 on. Now that oil prices have plummeted, production at Athabasca may drop, but too late to prevent damage to a wide swath of forest, not to mention the clearing done to support oil and gas development in northwestern Alberta. With the likelihood of wildfires throughout the rest of the summer running high, let’s hope the current Trudeau administration invests heavily in forest restoration efforts to replace growth lost to both fossil fuel production and to fire.

Reforestation is only a start, thought; additional protections going forward are needed as boreal forest is the largest carbon sink on earth, bigger than rain forests. We Americans don’t pay as much attention to Canadian deforestation because the country’s population is much smaller than Brazil. But Canada’s forests are critically important to reducing CO2, locking it up in trees and preserving it in bogs. We’re Canada’s largest trading partner and its largest consumer of wood products. We should be more aware and more responsible for our role in protecting Canada’s boreal forest.

Bits and pieces

  • Ford sinks cash into software company Pivotal (Detroit Free Press) — One of the many recent investment/partnerships with technology firms to augment vehicles’ features. Ford said it would have difficulty doing what Pivotal does. Let’s hope Pivotal is more conscious of cybersecurity than its automotive partners.
  • Former Apple employees to release new AI bot, VIV next week (Apple Insider) — Description sounds like Siri let out of the iPhone, or Amazon’s Alexa on Echo bot. Whatever it is, stay away from me with this stuff.
  • Nearly 300 million email account credentials floated in criminal underground (Reuters) — A massive collection including tens of millions of accounts on Yahoo, Microsoft, and Gmail email services was offered up in exchange for favorable comments in hacker forums. Something about this scenario sounds fishy, especially since the hacker first asked for 50 rubles (about one dollar) in exchange for all the compromised email accounts’ credentials. Some of the accounts belonged to banking, manufacturing, and retail personnel.
  • Has the revolution begun? Shareholders protest Reckitt Benckiser’s CEO compensation (Bloomberg) — Is this the beginning of a trend?

Your assignment today: check your area for wildfire or bushfire risk, and develop a personal evacuation strategy. Fortunately in my area we have standing water after nearly 24 hours of rain. Out of here, gang.

UPDATE — 2:00 P.M. EDT —
Fire’s still spreading across portions of Fort McMurray. Reporter vince McDermott believes he just lost his home this morning while he was at work. Must be just awful to cover a story affecting your community so dramatically and find yourself experiencing loss, too.

Share this entry

Tuesday Morning: Brittle, Two

/9 Comments/in , /by

Yesterday I talked about the shift toward mobile computing centered on smartphones, moving from PCs. Behind that transition, out of sight of the public, is the cloud which supports this shift. Content and applications are increasingly stored not on the user’s device but in a server (read: data farm) accessed over the internet.

One manifestation of the shift is the largest technology merger ever — computer manufacturer Dell‘s $70B acquisition of storage company EMC. Dell’s PC sales have been slowly falling over the last handful of years, not unexpected due to the maturity of the market and the shift to mobile devices. Servers have been a large part of Dell’s profits for years, but many opportunities often ended up with competitor EMC when Dell quoted storage. Mobile users need much more remote computing and storage — servers and storage in the cloud — which EMC’s storage area network (SAN) products provide. This made EMC an appetizing fit to augment Dell’s server offerings while offsetting the slowly fading desktop computer sales.

With the acquisition, Dell Technology (the new name for the merged companies) now competes more squarely against Hewlett-Packard, which also sells both desktop computers and enterprise storage.

HP, however, split into two companies late last year. One manufactures desktop and other smaller computing devices (HP), the other sells servers and storage products (HP Enterprise Business). One might wonder if HP was preparing to spin off the portion of the business that makes PCs just as its competitor IBM did in 2005 when it spun off its PC division to Chinese manufacturer Lenovo.

Media will say with the EMC acquisition that Dell is positioned for better end-to-end service — but with so much computing now done on smartphones, this is not true. Dell and its competitor HP are only offering up to the smartphone.

Speaking of smartphones…

Suspect ordered to open Apple iPhone with Touch ID
29-year-old Paystar Bkhchadzhyan, a small-time crook charged with identity theft, was ordered by U.S. Magistrate Judge Alicia Rosenberg to swipe an iPhone seized from her boyfriend’s apartment in order to unlock it.

It’s not clear whether the iPhone has been identified as belonging to Bkhchadzhyan based on multiple reports, only that she may have “control over” the device. Nor is it clear — since she has already pleaded no contest to the charge against her — if the iPhone’s contents will be used against her, or against her boyfriend.

It’s also not clear why law enforcement hasn’t used the “gummy bear technique” to open the phone, which would not force Bkhchadzhyan to lift a finger but instead use fingerprints already provided as evidence, bypassing any question of Fifth Amendment violations. Is this simple technique too much effort or too complicated for today’s police force?

DISH TV techs to offer Apple iPhone repair service
Not authorized by Apple, mind you, but DISH TV will offer new service to their customers who use iPhones, including battery and screen replacements. The company anticipates offering the same limited repair services to Android users in the near future. This says something about the transition of content consumption from TV to mobile devices, and the use of mobile devices as TV and content controllers.

LuxLeakers in court this week – Luxembourg’s version of Panama Papers
Antoine Deltour and Raphael Halet, former PricewaterhouseCoopers’ employees, appear in court this week on charges they stole and leaked documents on many of PwC’s corporate clients — Accenture, Burberry, Icap, Ikea, Walt Disney Co., Heinz, JP Morgan, FedEx, Microsoft Corp.’s Skype, PepsiCo Inc., Procter & Gamble, Shire Pharmaceuticals to name a few. The documents outline the tax avoidance/evasion strategies employed by these firms with PwC’s assistance and Luxembourg’s implicit or tacit approval. This case should have as much impact as the Panama Papers as the corporations involved are quite large and the Luxembourg government is implicated.

Australia: Your human rights abuses suck, but we Americans have no room to talk
If you don’t watch Australian politics, you should. Aussies have forced approximate 900 refugees to remain indefinitely on Manus Island of Papua New Guinea and the island country of Nauru, which are little more than rocks in the middle of the ocean with penal colonies masquerading as a refugee ‘welcome centers.’ The conditions have been wretched — and they must be if an outlet like Foreign Policy calls Australia’s practice ‘intolerable cruelty.’ Their captivity is now illegal according to PNG’s court, but the refugees are left without recourse. Two refugees have immolated themselves within the last week out of desperation. But Americans have not demanded Australia take the refugees because it would mean having to take some refugees here, too. Oh, and Gitmo — can’t point to island-based human holding pens without allowing other countries to point to Gitmo. Or our immigration detention and deportation processes.

That last bit — both of the immolated refugees were not offered immediate health care — is so disgusting and disheartening I can’t come up with anything more to write. Hope for a better day tomorrow, see you in the morning.

Share this entry

Monday Morning: Brittle

/17 Comments/in , /by

The Emperor’s Palace was the most splendid in the world, all made of priceless porcelain, but so brittle and delicate that you had to take great care how you touched it. …

— excerpt, The Nightingale from The Yellow Fair Book by Andrew Lang

Last week I’d observed that Apple’s stock value had fallen by ~7% after its financial report was released. The conventional wisdom is that the devaluation was driven by Apple’s first under-performing quarter of iPhone sales, indicating weaker demand for iPhones going forward. Commenter Ian remarked that Apple’s business model is “brittle.” This perspective ignores the meltdown across the entire stock global market caused by China’s currency devaluation, disproportionately impacting China’s consumption habits. It also ignores great untapped or under-served markets across other continents yet to be developed.

But more importantly, this “wisdom” misses a much bigger story, which chip and PC manufacturers have also reflected in their sales. The video above, now already two years old, explains very neatly that we have fully turned a corner on devices: our smartphones are and have been replacing our desktops.

Granted, most folks don’t go through the hassle of purchasing HDMI+USB connectors to attach larger displays along with keyboards. They continue to work on their phones as much as possible, passing content to and from cloud storage when they need to work from a keyboard attached to a PC. But as desktops and their attached monitors age, they are replaced in a way that supports smartphones as our main computing devices — flatscreen monitors, USB keyboards and mice, more powerful small-footprint external storage.

And ever increasing software-as-a-service (SaaS) combined with cloud storage.

Apple’s business model isn’t and hasn’t been just iPhones. Not since the debut of the iPod in October 2001 has Apple’s business model been solely focused on devices and the operating system required to drive them. Heck, not since the debut of iTunes in January 2001 has that been true.

Is there a finite limit to iPhones’ market? Yeah. Same for competing Android-driven devices. But is Apple’s business just iPhones? Not if iTunes — a SaaS application — is an indicator. As of 2014, there were ~66 million iPhones in the U.S., compared to ~800 million iTunes users. And Apple’s current SaaS offerings have exploded over time; the Apple store offers millions of apps created by more than nine million registered developers.

At least nine million registered developers. That number alone should tell you something about the real business model.

iPhones are a delivery mechanism, as are Android-based phones. The video embedded above shows just how powerful Android mobile devices can be, and the shift long underway is not based on Apple’s platform alone. If any business model is brittle right now, it’s desktop computing and any software businesses that rely solely on desktops. How does that change your worldview about the economy and cybersecurity? Did anyone even notice how little news was generated about the FBI accessing the San Bernardino shooter’s PCs? Was that simply because of the locked Apple iOS account, or was it in part because the case mirrored society’s shift to computing and communications on mobile devices?

File under ‘Stupid Michigan Legislators‘: Life sentences for automotive hackers?
Hey. Maybe you jackasses in Michigan’s state senate ought to deal with the permanent poisoning of nearly 8000 children in Flint before doing something really stupid like making one specific kind of hacking a felony worthy of a life sentence. And maybe you ought to do a little more homework on hacking — it’s incredibly stupid to charge a criminal with a life sentence for a crime as simple as entry permitted by wide-open unlocked doors. Are we going to allocate state money to chase hackers who may not even be in this country? Are we going to pony up funds for social media monitoring to catch hackers talking about breaching wide-open cars? Will this law deter citizen white hats who identify automakers’ vulnerabilities? File this mess, too, under ‘Idiotic Wastes of Taxpayers’ Money Along with Bathroom Legislation by Bigots‘. This kind of stuff makes me wonder why any smart people still live in this state.

File this, too, under ‘Stupid Michigan Legislators‘: Lansing Board of Water and Light hit by ransomware
Guess where the first ransomware attack on a U.S. utility happened? Do I need to spell it out how ridiculous it looks for the electric and water utility for the state’s capitol city to be attacked by ransomware while the state’s legislature is worrying about who’s using the right bathroom? Maybe you jackasses in Lansing ought to look at funding assessment and security improvements for ALL the state’s utilities, including both water safety and electricity continuity.

Venezuela changes clocks to reduce electricity consumption
Drought-stricken Venezuela already reduced its work week a month ago to reduce electricity demand. Now the country has bumped its clocks forward by 30 minutes to make more use of cooler early hour during daylight. The country has also instituted rolling blackouts to cutback on electricity. Cue the right-wing pundits claiming socialism has failed — except that socialism has absolutely nothing to do with a lack of rainfall to fill reservoirs.

Coca Cola suing for water as India’s drought deepens
This is a strong piece, worth a read: Whose Water Is It Anyway?

After a long battle, the UN declared in 2010 that clean water was a fundamental right of all citizens. Easier said than done. The essential, alarming question has become, ‘Who does the groundwater belong to?’ Coca Cola is still fighting a case in Kerala where the farmers rebelled against them for using groundwater for their bottling plants. The paddy fields for miles around dried up as water for Coke or the company’s branded bottled water was extracted and transported to richer urban consumers.

Who did that groundwater belong to? Who do our rivers belong to? To the rich and powerful who can afford the resources to draw water in huge quantities for their industries. Or pollute the rivers with effluent from their industries. Or transport water over huge distances at huge expense to turn it into profit in urban areas.

Justus Rosenberg: One of Hannah Arendt’s rescuers
Ed Walker brought this piece to my attention, a profile of 95-year-old Justus Rosenberg featured in this weekend’s New York Times. I love the last two grafs especially; Miriam Davenport characterized Rosenberg as “a nice, intelligent youngster with no family, no money, no influence, no hope, no fascinating past,” yet he was among those who “…were a symbol of sorts, to me, in those days […] Everyone was moving Heaven and earth to save famous men, anti-fascist intellectuals, etc.” Rosenberg was a superhero without a cape.

That’s our week started. See you tomorrow morning!

See you tomorrow morning!

Share this entry

Notorious “FOIA Terrorist” Jason Leopold “Saves” FBI Over $300,000

/8 Comments/in /by

Last week, Jim Comey suggested the FBI paid more for the vulnerability that helped it break into Syen Rizwan Farook’s phone than he will be paid for the 7 years he’ll remain at FBI. The WSJ then did this math.

Speaking at the Aspen Security Forum in London, FBI Director James Comey didn’t cite a precise figure for how much the government paid for the solution to cracking the phone but said it was more than his salary for the seven-plus years remaining in his term at the FBI.

His annual salary is about $180,000 a year, so that comes to $1.26 million or more.

“[We] paid a lot’’ for the hacking tool, Mr. Comey said. “But it was worth it.’’

Over 600 outlets covered that story, claiming — without further confirmation — that FBI paid over $1 million for the hack, with many accounts settling on $1.3 million.

I noted at the time that 1) Jim Comey has a history of telling untruths when convenient and 2) he had an incentive to exaggerate the cost of this exploit, because it would pressure Congress to pass a bill, like the horrible Burr-Feinstein bill, that would force Apple and other providers to help law enforcement crack phones less expensively. I envisioned this kind of exchange at a Congressional hearing:

Credulous Congressperson: Wow. $1M. That’s a lot.

Comey: Yes, you’ll need to triple our budget or help me find a cheaper way.

Lonely sane Congressperson: But, uh, if we kill security won’t that be more expensive?

Comey: Let me tell you abt time I ran up some steps.

I then mused that, because Comey had officially acknowledged paying that kind of figure, it would make it a lot easier to FOIA the exact amount. By the time I tweeted that thought, of course, Jason Leopold had already submitted a FOIA for the amount.

Sure enough, the outcome I figured has already happened: without offering an explanation for the discrepancy, Mark Hosenball reported today that the figure was actually under $1 million, and FBI will be able to use it on other phones.

The FBI paid under $1 million for the technique used to unlock the iPhone used by one of the San Bernardino shooters – a figure smaller than the $1.3 million the agency’s chief initially indicated the hack cost, several U.S. government sources said on Thursday.

The Federal Bureau of Investigation will be able to use the technique to unlock other iPhone 5C models running iOS 9 – the specifications of the shooter’s phone – without additional payment to the contractor who provided it, these people added.

Just one FOIA submission later (and, probably, the calls of a bunch of outraged members of Congress wondering why FBI paid $1.3 million for a hack they claimed, in explaining why they would not submit the hack to the Vulnerabilities Equity Process that might require them to share it with Apple nine months after Apple patched it, they didn’t understand at all), and all of a sudden this hack is at least $300,000 less expensive (and I’m betting a lot more than that).

You see how effective a little aggressive FOIAing is at reining in waste, fraud, and abuse?

A pity it can’t reverse the impact of all those credulous reports repeating Comey’s claim.

Share this entry

Friday Morning [?!]: Chamber of Delights

/10 Comments/in , , /by

It’s Friday. FINALLY. And it’s jazz exploration day, too. Today we sample some chamber jazz, here with Meg Okura and the Pan Asian Chamber Ensemble.

It. Me. That is to say, of all genres, this one feels most like a part of myself. Here’s another chamber jazz favorite — Quarter Chicken Dark from The Goat Rodeo Sessions. And another — Model Trane, the first cut in this linked video by Turtle Island Quartet.

You can see and hear for yourself what makes chamber jazz different from other genres: chamber instruments used in classical music to perform jazz.

Whew, I needed this stuff. Hope you like it, too, though I know it’s not everybody’s cup of tea.

My morning was overbooked, only have time today for a few things that caught my eye.

Encryption and privacy issues

Go To Jail Indefinitely card for suspect who won’t unlock hard drives (Naked Security) — Seems odd this wasn’t the case the USDOJ used to force cracking of password-protected accounts on devices, given the circumstances surrounding a less-than-sympathetic defendant.

Amicus brief by ACLU and EFF for same case (pdf – Ars Technica)

Supreme Court ruling extends reach of FBI’s computer search under Rule 41 (Bloomberg) — Would be nice if the Email Privacy Act, now waiting for Senate approval, addressed this and limited law enforcement’s overreach.

Climate change and its secondary effects

India’s ongoing drought now affects 330 million citizens, thousands have died from heat and dehydration (Oneindia) — 330 million is slightly more people than the entire U.S. population. Imagine what could happen if even one or two percent of these affected fled the country as climate refugees.

Tiger poaching in India dramatically increased over last year (Phys.org) — Have to ask if financial stress caused by drought encouraged illegal killing of tigers, now that more tigers have been poached this year to date compared to all of last year. Are gains in tiger population now threatened by primary and secondary effects of climate change?

Though severe El Nino deepened by climate change causes record drought now, an equally deep La Nina could be ahead (Phys.org) — Which could mean dramatic rains and flooding in areas where plant growth has died off, leaving little protection from water runoff. Are any governments planning ahead even as they deal with drought?

Hope your weekend is pleasant — see you Monday morning!

Share this entry