Posts

Tuesday Morning: Brittle, Two

/9 Comments/in , /by

Yesterday I talked about the shift toward mobile computing centered on smartphones, moving from PCs. Behind that transition, out of sight of the public, is the cloud which supports this shift. Content and applications are increasingly stored not on the user’s device but in a server (read: data farm) accessed over the internet.

One manifestation of the shift is the largest technology merger ever — computer manufacturer Dell‘s $70B acquisition of storage company EMC. Dell’s PC sales have been slowly falling over the last handful of years, not unexpected due to the maturity of the market and the shift to mobile devices. Servers have been a large part of Dell’s profits for years, but many opportunities often ended up with competitor EMC when Dell quoted storage. Mobile users need much more remote computing and storage — servers and storage in the cloud — which EMC’s storage area network (SAN) products provide. This made EMC an appetizing fit to augment Dell’s server offerings while offsetting the slowly fading desktop computer sales.

With the acquisition, Dell Technology (the new name for the merged companies) now competes more squarely against Hewlett-Packard, which also sells both desktop computers and enterprise storage.

HP, however, split into two companies late last year. One manufactures desktop and other smaller computing devices (HP), the other sells servers and storage products (HP Enterprise Business). One might wonder if HP was preparing to spin off the portion of the business that makes PCs just as its competitor IBM did in 2005 when it spun off its PC division to Chinese manufacturer Lenovo.

Media will say with the EMC acquisition that Dell is positioned for better end-to-end service — but with so much computing now done on smartphones, this is not true. Dell and its competitor HP are only offering up to the smartphone.

Speaking of smartphones…

Suspect ordered to open Apple iPhone with Touch ID
29-year-old Paystar Bkhchadzhyan, a small-time crook charged with identity theft, was ordered by U.S. Magistrate Judge Alicia Rosenberg to swipe an iPhone seized from her boyfriend’s apartment in order to unlock it.

It’s not clear whether the iPhone has been identified as belonging to Bkhchadzhyan based on multiple reports, only that she may have “control over” the device. Nor is it clear — since she has already pleaded no contest to the charge against her — if the iPhone’s contents will be used against her, or against her boyfriend.

It’s also not clear why law enforcement hasn’t used the “gummy bear technique” to open the phone, which would not force Bkhchadzhyan to lift a finger but instead use fingerprints already provided as evidence, bypassing any question of Fifth Amendment violations. Is this simple technique too much effort or too complicated for today’s police force?

DISH TV techs to offer Apple iPhone repair service
Not authorized by Apple, mind you, but DISH TV will offer new service to their customers who use iPhones, including battery and screen replacements. The company anticipates offering the same limited repair services to Android users in the near future. This says something about the transition of content consumption from TV to mobile devices, and the use of mobile devices as TV and content controllers.

LuxLeakers in court this week – Luxembourg’s version of Panama Papers
Antoine Deltour and Raphael Halet, former PricewaterhouseCoopers’ employees, appear in court this week on charges they stole and leaked documents on many of PwC’s corporate clients — Accenture, Burberry, Icap, Ikea, Walt Disney Co., Heinz, JP Morgan, FedEx, Microsoft Corp.’s Skype, PepsiCo Inc., Procter & Gamble, Shire Pharmaceuticals to name a few. The documents outline the tax avoidance/evasion strategies employed by these firms with PwC’s assistance and Luxembourg’s implicit or tacit approval. This case should have as much impact as the Panama Papers as the corporations involved are quite large and the Luxembourg government is implicated.

Australia: Your human rights abuses suck, but we Americans have no room to talk
If you don’t watch Australian politics, you should. Aussies have forced approximate 900 refugees to remain indefinitely on Manus Island of Papua New Guinea and the island country of Nauru, which are little more than rocks in the middle of the ocean with penal colonies masquerading as a refugee ‘welcome centers.’ The conditions have been wretched — and they must be if an outlet like Foreign Policy calls Australia’s practice ‘intolerable cruelty.’ Their captivity is now illegal according to PNG’s court, but the refugees are left without recourse. Two refugees have immolated themselves within the last week out of desperation. But Americans have not demanded Australia take the refugees because it would mean having to take some refugees here, too. Oh, and Gitmo — can’t point to island-based human holding pens without allowing other countries to point to Gitmo. Or our immigration detention and deportation processes.

That last bit — both of the immolated refugees were not offered immediate health care — is so disgusting and disheartening I can’t come up with anything more to write. Hope for a better day tomorrow, see you in the morning.

Monday Morning: Brittle

/17 Comments/in , /by

The Emperor’s Palace was the most splendid in the world, all made of priceless porcelain, but so brittle and delicate that you had to take great care how you touched it. …

— excerpt, The Nightingale from The Yellow Fair Book by Andrew Lang

Last week I’d observed that Apple’s stock value had fallen by ~7% after its financial report was released. The conventional wisdom is that the devaluation was driven by Apple’s first under-performing quarter of iPhone sales, indicating weaker demand for iPhones going forward. Commenter Ian remarked that Apple’s business model is “brittle.” This perspective ignores the meltdown across the entire stock global market caused by China’s currency devaluation, disproportionately impacting China’s consumption habits. It also ignores great untapped or under-served markets across other continents yet to be developed.

But more importantly, this “wisdom” misses a much bigger story, which chip and PC manufacturers have also reflected in their sales. The video above, now already two years old, explains very neatly that we have fully turned a corner on devices: our smartphones are and have been replacing our desktops.

Granted, most folks don’t go through the hassle of purchasing HDMI+USB connectors to attach larger displays along with keyboards. They continue to work on their phones as much as possible, passing content to and from cloud storage when they need to work from a keyboard attached to a PC. But as desktops and their attached monitors age, they are replaced in a way that supports smartphones as our main computing devices — flatscreen monitors, USB keyboards and mice, more powerful small-footprint external storage.

And ever increasing software-as-a-service (SaaS) combined with cloud storage.

Apple’s business model isn’t and hasn’t been just iPhones. Not since the debut of the iPod in October 2001 has Apple’s business model been solely focused on devices and the operating system required to drive them. Heck, not since the debut of iTunes in January 2001 has that been true.

Is there a finite limit to iPhones’ market? Yeah. Same for competing Android-driven devices. But is Apple’s business just iPhones? Not if iTunes — a SaaS application — is an indicator. As of 2014, there were ~66 million iPhones in the U.S., compared to ~800 million iTunes users. And Apple’s current SaaS offerings have exploded over time; the Apple store offers millions of apps created by more than nine million registered developers.

At least nine million registered developers. That number alone should tell you something about the real business model.

iPhones are a delivery mechanism, as are Android-based phones. The video embedded above shows just how powerful Android mobile devices can be, and the shift long underway is not based on Apple’s platform alone. If any business model is brittle right now, it’s desktop computing and any software businesses that rely solely on desktops. How does that change your worldview about the economy and cybersecurity? Did anyone even notice how little news was generated about the FBI accessing the San Bernardino shooter’s PCs? Was that simply because of the locked Apple iOS account, or was it in part because the case mirrored society’s shift to computing and communications on mobile devices?

File under ‘Stupid Michigan Legislators‘: Life sentences for automotive hackers?
Hey. Maybe you jackasses in Michigan’s state senate ought to deal with the permanent poisoning of nearly 8000 children in Flint before doing something really stupid like making one specific kind of hacking a felony worthy of a life sentence. And maybe you ought to do a little more homework on hacking — it’s incredibly stupid to charge a criminal with a life sentence for a crime as simple as entry permitted by wide-open unlocked doors. Are we going to allocate state money to chase hackers who may not even be in this country? Are we going to pony up funds for social media monitoring to catch hackers talking about breaching wide-open cars? Will this law deter citizen white hats who identify automakers’ vulnerabilities? File this mess, too, under ‘Idiotic Wastes of Taxpayers’ Money Along with Bathroom Legislation by Bigots‘. This kind of stuff makes me wonder why any smart people still live in this state.

File this, too, under ‘Stupid Michigan Legislators‘: Lansing Board of Water and Light hit by ransomware
Guess where the first ransomware attack on a U.S. utility happened? Do I need to spell it out how ridiculous it looks for the electric and water utility for the state’s capitol city to be attacked by ransomware while the state’s legislature is worrying about who’s using the right bathroom? Maybe you jackasses in Lansing ought to look at funding assessment and security improvements for ALL the state’s utilities, including both water safety and electricity continuity.

Venezuela changes clocks to reduce electricity consumption
Drought-stricken Venezuela already reduced its work week a month ago to reduce electricity demand. Now the country has bumped its clocks forward by 30 minutes to make more use of cooler early hour during daylight. The country has also instituted rolling blackouts to cutback on electricity. Cue the right-wing pundits claiming socialism has failed — except that socialism has absolutely nothing to do with a lack of rainfall to fill reservoirs.

Coca Cola suing for water as India’s drought deepens
This is a strong piece, worth a read: Whose Water Is It Anyway?

After a long battle, the UN declared in 2010 that clean water was a fundamental right of all citizens. Easier said than done. The essential, alarming question has become, ‘Who does the groundwater belong to?’ Coca Cola is still fighting a case in Kerala where the farmers rebelled against them for using groundwater for their bottling plants. The paddy fields for miles around dried up as water for Coke or the company’s branded bottled water was extracted and transported to richer urban consumers.

Who did that groundwater belong to? Who do our rivers belong to? To the rich and powerful who can afford the resources to draw water in huge quantities for their industries. Or pollute the rivers with effluent from their industries. Or transport water over huge distances at huge expense to turn it into profit in urban areas.

Justus Rosenberg: One of Hannah Arendt’s rescuers
Ed Walker brought this piece to my attention, a profile of 95-year-old Justus Rosenberg featured in this weekend’s New York Times. I love the last two grafs especially; Miriam Davenport characterized Rosenberg as “a nice, intelligent youngster with no family, no money, no influence, no hope, no fascinating past,” yet he was among those who “…were a symbol of sorts, to me, in those days […] Everyone was moving Heaven and earth to save famous men, anti-fascist intellectuals, etc.” Rosenberg was a superhero without a cape.

That’s our week started. See you tomorrow morning!

See you tomorrow morning!

Friday Morning [?!]: Chamber of Delights

/10 Comments/in , , /by

It’s Friday. FINALLY. And it’s jazz exploration day, too. Today we sample some chamber jazz, here with Meg Okura and the Pan Asian Chamber Ensemble.

It. Me. That is to say, of all genres, this one feels most like a part of myself. Here’s another chamber jazz favorite — Quarter Chicken Dark from The Goat Rodeo Sessions. And another — Model Trane, the first cut in this linked video by Turtle Island Quartet.

You can see and hear for yourself what makes chamber jazz different from other genres: chamber instruments used in classical music to perform jazz.

Whew, I needed this stuff. Hope you like it, too, though I know it’s not everybody’s cup of tea.

My morning was overbooked, only have time today for a few things that caught my eye.

Encryption and privacy issues

Go To Jail Indefinitely card for suspect who won’t unlock hard drives (Naked Security) — Seems odd this wasn’t the case the USDOJ used to force cracking of password-protected accounts on devices, given the circumstances surrounding a less-than-sympathetic defendant.

Amicus brief by ACLU and EFF for same case (pdf – Ars Technica)

Supreme Court ruling extends reach of FBI’s computer search under Rule 41 (Bloomberg) — Would be nice if the Email Privacy Act, now waiting for Senate approval, addressed this and limited law enforcement’s overreach.

Climate change and its secondary effects

India’s ongoing drought now affects 330 million citizens, thousands have died from heat and dehydration (Oneindia) — 330 million is slightly more people than the entire U.S. population. Imagine what could happen if even one or two percent of these affected fled the country as climate refugees.

Tiger poaching in India dramatically increased over last year (Phys.org) — Have to ask if financial stress caused by drought encouraged illegal killing of tigers, now that more tigers have been poached this year to date compared to all of last year. Are gains in tiger population now threatened by primary and secondary effects of climate change?

Though severe El Nino deepened by climate change causes record drought now, an equally deep La Nina could be ahead (Phys.org) — Which could mean dramatic rains and flooding in areas where plant growth has died off, leaving little protection from water runoff. Are any governments planning ahead even as they deal with drought?

Hope your weekend is pleasant — see you Monday morning!

Thursday Morning: Mostly Cloudy with a Chance of Trouble

/13 Comments/in , /by

This video came from a random browse for new artists. I don’t know yet if I have an opinion; first minute is rocky, but improves. Think I need to sample some more by this artist. You can find Unknown Mortal Orchestra on SoundCloud.com if you want to sample more without the video — I do like the cover of Sitting on the Dock of the Bay. Verdict still out on the more experimental atmospheric stuff.

Looking for more trouble…

House passed Email Privacy Act (H.R. 699) 419-0
Sampling of reports: Phys.org | Reuters  |  Forbes

A few opinions: ACLU | EFF  |  Americans for Tax Reform

Wow. An issue everybody could love. Do read the Forbes bit as they had the most objections. Caveat: You may have to see John Stossel’s mug if you read the ATR’s opinion.

Next up: Senate, which is waffling thanks to Grassley

But it was unclear if Senate Judiciary Committee Chairman Chuck Grassley, who holds jurisdiction over the legislation, intends to move it forward during an election year.

The Iowa Republican will review the House bill, consult with stakeholders and his committee “and decide where to go from there,” a spokeswoman told Reuters in an email.

Apple crisp

  • Apple’s stock tanked yesterday falling 7% in response to a drop in demand for iPhones; Apple suppliers likewise took a hit. Come on, there’s a finite number of smartphone users, and the limit must be reached some time. Shouldn’t have rattled the market so much — not like the market didn’t notice China’s market woes and subsequent retrenchment of purchasing over the last 6 months, too.
  • FBI said it wouldn’t disclose the means by which a “grey hat hacker” cracked the San Bernardino shooter’s work-issued iPhone 5c. Wouldn’t, as in couldn’t, since the FBI didn’t acquire intellectual property rights to the method. Hmm.
  • coincidentally, FBI notified Apple of a vulnerability in older iPhones and Macs, though an unnamed source said the problem had already been fixed in iOS9 and in Mac OS C El Capitan. Nice of FBI to make an empty gesture validate the problem.
  • And because I mentioned it, Apple Crisp. I prefer to use Jonathans and Paula Reds in mine.

Malware everywhere

  • The Gundremmingen nuclear power plant in Bavaria found malware in computers added in 2008, connected to the fuel loading system. Reports say the malware has not posed any threat, though an investigation is under way to determine how the plant was infected. Not many details in German media about this situation — timing and method of discovery aren’t included in news reports.
  • A report by Reuters says the malware was identified and includes “W32.Ramnit” and “Conficker” strains. The same report implies the malware may have been injected by devices like USB sticks found in the plant, though the report does not directly attribute the infection to them.
  • BONUS: Reuters quoted cybersecurity expert Mikko Hypponen of F-Secure about the nuclear plant’s infection — but Hypponen elaborated on the spread of viruses, saying that

    he had recently spoken to a European aircraft maker that said it cleans the cockpits of its planes every week of malware designed for Android phones. The malware spread to the planes only because factory employees were charging their phones with the USB port in the cockpit.

    Because the plane runs a different operating system, nothing would befall it. But it would pass the virus on to other devices that plugged into the charger.

    Pretty sure Reuters hadn’t counted on that tidbit.

  • Give their report on Gundremmingen’s infection, it’s odd that Reuters’ op-ed on the state of nuclear safety post-Chernobyl made zero reference to cybersecurity of nuclear facilities.

Miscellania

  • Online gaming community Minecraft “Lifeboat” breach exposed 7 million accounts (NetworkWorld) — Minecraft took its tell notifying users because it says it didn’t want to tip off hackers. Wonder how many of these accounts belonged to minors?
  • On the topic of games, feckless Sony leaks like a sieve again, tipping off new game (Forbes) — Jeebus. Sony Group’s entire holding company bleeds out information all the time. This latest leak is about the next version of Call of Duty. Not certain which is more annoying: yet another Sony leak, or that “Infinite Warfare” is the name of the game.
  • Open source AI consortium OpenAI shows a bit of its future direction (MIT Technology Review) — Looks like the near term will be dedicated to machine learing.
  • Just another pretty face on Cruz’ ticket may bring conflict on H-1B visas (Computerworld) — Seems Cruz wants to limit low-cost H-1B labor, and new VP choice Fiorina is really into offshoring jobs. Commence headbutting. (By the way, I’m being snarky about ‘another pretty face.’ They deserve each other.)

I may have to quit calling these morning roundups given all the scheduling issues I have on my hands right now. At least it’s still morning in Alaska and Hawaii. Catch you here tomorrow!

Wednesday Morning: Lüg mich an, Lügner

/32 Comments/in , , /by

I admit freely my facility with the German language is poor. I hope this post’s headline reads, “Lie to me, Liar.” Which is about as close as I could get to “Lying Liars” because I can’t conjugate the verb ‘to lie.’

~shrug~

It’s not like anybody’s paying me for this, unlike the lying liars at Volkswagen who’ve been paid to deceive the public for a decade. This video presentation featuring Daniel Lange and Felix Domke — a security consultant and an IT consultant, respectively, who reverse engineered VW’s emissions control cheat — is a bit long, but it’s chock full of unpleasant truths revealing the motivations behind VW’s Dieselgate deceptions. The video underpins the cheat outlined in a 2006 VW presentation explaining how to defeat emissions tests.

The one problem I have with this video is the assumption that the fix on each of the affected vehicles will be $600. Nope. That figure is based on how much has been set aside for the entire Dieselgate fix, NOT the actual cost to repair the vehicles.

Because if VW really fixed the vehicles to match the claims they made when they marketed and sold these “clean diesel” passenger cars, it’d cost even more per vehicle. I suspect one of the motivations behind inadequate reserves for a true repair is a reluctance to disclose to competitors how much emissions standards-meeting “clean diesel” really costs.

And of course, avoiding more stringent calculations also prevents an even bigger hit to the company’s stock price, which might affect the pockets of some board members and executives rather disproportionately to the rest of the stock market.

Just how closely that figure per car hews to the agreement with the court this past week will be worth noting, since the video was published in December last year.

But now for the much bigger, even more inconvenient Lügner Lügen: This entire scandal exposes the fraud that is the U.N. Framework Convention on Climate Change Paris agreement.

We know a small nonprofit funded research by a tiny group of academics exposing VW’s emissions controls defeat. We know this set off a cascade of similar analysis, exposing even more cheating by more automobile manufacturers.

But why are we only now finding out from nonprofits and academics about this fraud? Didn’t our elected representatives create laws and the means for monitoring compliance as well as enforcement? Why aren’t governments in the U.S. and the EU catching these frauds within a year of their being foisted on the public?

These questions directly impact the Paris agreement. We’re not starting where emissions standards have been set and where the public believes conditions to be, but at real emissions levels. In other words, we are digging out of  a massive pollution hole.

Our elected officials across the world will avoid funding the dig-out; they’ll continue another layer of lies to prevent removal from office. And we can reasonably expect from them only what they’ve done so far, which Dieselgate has proven to be little.

For that matter, Flint’s water crisis has much in common with Dieselgate, relying on academic research and nonprofit entities to reveal mortal threats to the community. Flint’s crisis showed us government at all levels can be even worse at writing laws, monitoring compliance, and subsequent enforcement.

If the public cannot expect government to do the job it believes it elected them to do over the last several decades, how ever can they expect their government to enact the terms of the Paris agreement? How can we expect third world countries to reduce carbon emissions to save the world from the devastation of climate change while we and our governments continue to ignore corporations’ ongoing deceptions?

No roundup today, gang. I strongly recommend watching the video above. Thanks to BoingBoing for linking to it.

Tuesday Morning: Monitor

/15 Comments/in , , /by

Y me lamento por no estar alla
Y hoy te miento para estar solos tu y yo
Y la distancia le gano al amor
Solo te veo en el monitor

— excerpt, Monitor by Volovan

Sweet little tune, easy to enjoy even if you don’t speak Spanish.

Speaking of monitor…

Flint Water Crisis: Michigan State Police monitoring social media
Creeptastic. MSP is following social media communications related to Flint water crisis, which means they’re watching this blog and contributors’ tweets for any remarks made about Flint. Whatever did they do in the day before social media when the public was unhappy about government malfeasance?

MDEQ personnel told Flint city water employee to omit tests with high lead readings
The charges filed last week against two Michigan Department of Environmental Quality and a Flint city employee were related to the manipulation and falsification of lead level tests. From out here it looks like Mike Glasgow did what the MDEQ told him to do; with the city under the control of the state, it’s not clear how Glasgow could have done anything else but do what the state ordered him to do. Which governmental body had higher authority under emergency management — the city’s water department, or the MDEQ? And what happens when personnel at the MDEQ aren’t on the same page about testing methodology?

MDHHS too worried about Ebola to note Legionnaire’s deaths in 2014-2015?
Michigan’s Department of Health and Human Services director Nick Lyons maintains a “breakdown in internal communication” kept information about the Legionnaire’s disease outbreak from reaching him. He also said MDHHS was focused on Ebola because of its high mortality rate overseas. There were a total of 11 cases of Ebola in the U.S. between 2014 and 2015, none of which were diagnosed or treated in Michigan. Meanwhile, 10 people died of Legionnaire’s due to exposure to contaminated Flint water in that same time frame. Not certain how MDHHS will respond to an imported biological crisis when it can’t respond appropriately to a local one created by the state.

Other miscellaneous monitoring

  • Charter Communications and Time Warner tie-up approved, with caveat (Reuters) — Charter can’t tell content providers like HBO they can’t sell their content over the internet – that’s one of a few exceptions FCC placed on the deal. I think this is just insane; the public isn’t seeing cheaper broadband or cable content in spite of allowing ISPs to optimize economies of scale. Between Charter/TWC and Comcast, they’ll have 70% of all broadband connections in the U.S.
  • Mitsubishi Motors fudged its fuel economy numbers for last 25 years (AP) — This investigation is exactly what should happen across EU, because EU-based manufacturers have done this for just as long or longer. And the EU knows this, turns a blind eye to the tricks automakers use to inflate fuel economy ratings.
  • Goldman Sachs has a brand new gig: internet-based banking (Fortune) — This is the fruit of GS’ acquisition of General Electric’s former financial arm. Hmm.
  • BAE Systems has a nice graphic outlining the SWIFT hack via Bangladesh’s central bank (BAE) — Makes it easy to explain to Grampa how somebody carted off nearly a billion dollars.

Toodledy-doo, Tuesday. See you tomorrow morning!

Monday Morning: Tectonic Shift

/6 Comments/in , /by

Last week after the artist Prince Rogers Nelson died, a segment of the population were mystified by the reaction to his passing. They’d missed impact this artist had had on music which happened concurrent with a paradigm shift in the entertainment industry. Prince rose in sync with music videos in the 1980s when musical artists became more than sound alone.

Music television has since collapsed as anyone who watched MTV and VH-1 since 2000 can tell you. Programming once dedicated to music videos became a mess of unscripted reality programs and oddments, punctuated occasionally by music specials, chasing an audience which increasingly found and consumed music on the internet.

This weekend, though, marked another shift. R&B pop artist Beyoncé released a ‘visual album’ on HBO on Saturday evening entitled ‘Lemonade’. The work was available exclusively through Tidal after its HBO premiere until midnight last night when it was released on Apple iTunes. This is the first music collection released in this manner, using a cable network not previously dedicated to music in tandem with internet streaming and download sales.

I won’t offer any analysis here about the album; you’re not looking if you do not see at least a fraction of the deluge of reaction and think pieces responding to Beyoncé’s latest work. I will say, though, that like Prince’s Purple Rain in 1984, this collection of work will have long-term impact across not only music but the entire entertainment industry.

Let’s launch this week’s roundup…

The Dutch pull a Lavabit-plus
Encrypted communications network Ennetcom was shut down on Friday and its owner arrested. Dutch law enforcement claimed Ennetcom was used by organized crime; its owner is accused of money laundering and illegal weapons possession. The network relied on servers located in Canada, where law enforcement has cooperated with the Netherlands by copying the information on the servers. Unlike the former secure email provider Lavabit in the U.S., it’s not clear there was any advance request for information by way of warrant served on Ennetcom in either the Netherlands or in Canada. Given the mention of illegal weapons, one might wonder if this seizure is related to the recent prosecution of gun smugglers in the UK.

Time for ‘Spring Cleaning’ — get rid of digital dust bunnies
Seems like a surprising source for a nudge on this topic, but the Better Business Bureau is right to encourage cleaning and maintenance. If you read Marcy’s post this morning, you know failing to use adequate passwords and firewalls can be costly. It’s time to go through your electronic devices and make sure you’re using two-factor authentication where possible, freshly reset strong passwords, and on your network equipment as well as your desktop and mobile devices.

Planning for your funeral – on Facebook?
A BBC piece this past week noted that Facebook will eventually have more dead users than live ones. Which brings up an interesting question: how do you want your digital presence handled after you die? Do you have instructions in place? Keep in mind, too, that your social media could be mined to recreate an online personality — your personality. Do you want to live forever in teh toobz?

Investigation into Flint’s water crisis continues
A Michigan legislative panel appointed by Governor Rick Snyder will hear from more state and local officials today in its fifth such meeting to investigate the Flint water crisis. Snyder is conveniently out of the country trying to drum up business in Europe — and conveniently not drinking Flint’s water.

Odds and sods

  • Waiting for word on Yahoo’s final bidders list (Bloomberg) — No word yet on who will remain among the 10 first-round bidders offering between $4-$8 billion.
  • German regulators won’t approve recall and fix of VW’s 2.0-liter diesel-powered Passat (Bloomberg) — And yet the U.S. is going forward with VW’s proposed fix for 2.0l vehicles? Odd, given Germany’s less-stringent approach to automotive emissions compared to U.S. and California in particular.
  • A UK-based inquiry found widespread emissions controls failure (Phys.org) — By widespread, I mean “not a single car among the 37 models involved in the study met an EU lab limit for nitrogen oxide emissions under normal driving conditions.” VW’s emissions controls defeat was just the tip of the iceberg.

There’s your Monday. Have at it!

UPDATE — 5:25 P.M. EDT — Oops, the auto-publish feature failed me today. I wasn’t able to come back and check the egg timer on this post and it got stuck in the queue. Oh well, better luck tomorrow morning!

Friday Morning: This Thing Called Life

/15 Comments/in , /by

It’s Friday, when we usually cover a different jazz genre. But we’re playing these sorry cards we’ve been dealt this week and observing the passing of a great artist.

We’ll probably all be sick of seeing this same video, but it is one of the very few of Prince available for embedding with appropriate intellectual property rights preserved. It’s a result of Prince’s tenacious control over his artistic product that we won’t have ready access to his past performances, but this same tenacity taught many artists how to protect their interests.

It’s worth the hour and a quarter to watch the documentary Prince in the 1980s; the enormity of his talent can’t be understood without reactions by professionals to his abilities.

The way his voice slides easily into high registers at 05:44, his guitar playing beginning at 06:53, offer us just the smallest glimpses of his spectacular gifts.

Good night, sweet Prince, may flights of angels sing thee to thy rest.

Great Google-y moogley

  • European Community’s Antitrust Commission issued a Statement of Objections regarding perceived breaches of antitrust laws by Google’s Android operating system (European Commission press release) — The EU has a problem with Android’s ~90% market share in some member states. They may have a tough time with their case as the EU did very little to preserve the Nokia Symbian OS when Microsoft bought Nokia phone business. Their point about lack of application interoperability and portability between mobile devices is also weak as they did not make that case with Windows-based applications on personal computers. Further, Google has been aggressive to the point of annoyance in its efforts to segregate Android and Google apps — I can attest to this, having a handful of Android devices which have required irritating application upgrades to facilitate this shift over the last year and a half. This will be an interesting case to watch.
  • The second annual Android Security Report was released on Google’s blog this week (Google Blog) — Some interesting numbers in this report, including Google’s revelation that it scans 400 million devices a day. Gee, a figure intelligence agencies must envy.
  • Roughly 29% of Android devices can’t be accessed to issue monthly security patches (Naked Security) — Sophos has a bit of an attitude about the back-of-the-envelope number it scratched out, calculating a little more than 400 million Android devices may not be running modern Android versions Google can patch, or may not be accessible to scanning for patching. You’d think a cybersecurity vendor would revel in this opportunity to sell product. Or that an otherwise intelligent and successful security firm would recognize the numbers reflect Android’s continued dominance in the marketplace with more than 1.4 billion active devices. The risk is big, but how much of that risk is due to the success of the devices themselves — still highly usable if aging, with insufficient memory for upgrades? Sounds so familiar (*cough* Windows XP)…
  • Google passed a benchmark with mobile version of Chrome browser on more than 1 billion devices (Business Insider) — Here’s another opportunity to screw up interpretation of data: mobile Chrome works on BOTH Android and iOS devices. I know for a fact the latest mobile Chrome will NOT work on some older Android devices.

Under Not-Google: Opera browser now has free built-in VPN
A lesser-known browser with only 2% of current market share, Opera is a nice alternative to Chrome and Firefox. Its new built-in free VPN could help boost its market share by offering additional privacy protection. It’s not clear this new feature will protect users against censorship tools, though — and this could be extremely important since this Norwegian software company may yet be acquired by a Chinese company which placed a bid on the firm a couple of months ago.

Definitely Not-Google: Apple cracker cost FBI more than $1 million
Can’t swing an iPad without hitting a report on FBI director James Comey’s admission at the Aspen Security Forum this week in Londn that cracking the San Bernardino shooter’s work iPhone cost “more than I will make in the remainder of this job, which is 7 years and 4 months,” or more than $1 million dollars. Speaking of exorbitant expenses, why was Comey at this forum in London? Oh, Comey was the headliner for the event? Isn’t that interesting…wonder if that speaking gig came with speaker’s fee?

That’s it for this week’s morning roundups. Hope you have a nice weekend planned ahead of you!

Thursday Morning: Come on Now [UPDATE]

/10 Comments/in , /by

Come on now,
who do you,
who do you,
who do you,
who do you think you are,
Ha ha ha bless your soul.
You really think you’re in control.

— excerpt, Crazy by Gnarls Barkley

The kids are all #TBT on Twitter — posting throwback material from their youth, which seems like just yesterday to me. I’ve got socks older than most of the stuff they share. But I have fun with it anyhow, like this Gnarls Barkley song. Perfect to sing at the top of your lungs in the office if you can get away with it.

Speaking of crazy…

Deadline today for Volkswagen
A deadline for a “concrete proposal for getting the polluting vehicles off the road” was due last month on March 24th after U.S. District Judge Charles Breyer gave VW a 30-day period to develop this solution.

That deadline was not met; Judge Breyer offered another 30-day extension as he felt progress was made. Today’s that second deadline, and it’s not clear a technical solution fixing the vehicles will be included in the proposal.

Reports suggest a combination of vehicle buy-backs and financial incentives may be offered along with funding for remediation. But no reports indicate development of true clean diesel technology to replace the emissions control units programmed to defeat emissions testing. Note from LAT’s article:

…The agreement would give some owners the choice of having Volkswagen repair their cars or buy them back, but it does not include plans on how to repair the vehicles, according to the person, who asked not to be identified because the deal hadn’t been made public.
[…]
… But some owners of newer models who get just a software fix may receive little. About 325,000 owners of older cars that require more extensive repairs likely will get more, because the repairs could affect mileage and performance.

In other words, some of the emissions test-defeating software may be replaced with software that actually meets emissions tests, but it may make the vehicles much less fuel efficient.

This is the crazy, right here: Barring a surprise announcement today, there is no commercially-viable clean passenger diesel technology. There never was — not even years after the first so-called clean passenger diesel was sold. That’s the fraud at the heart of Dieselgate.

UPDATE — 4:00 P.M. EDT —
At a hearing this morning in San Francisco, VW agreed on a deal to buy back or repair about 480,000 passenger diesel cars. Details have not yet been released and may not be until June 21st when VW is expected to have finished dotting all I’s and crossing all T’s.

The deal appears to cover 2.0L vehicles, but 85,000 VW-, Audi- and Porsche-brand vehicles with 3.0L engines are still up in the air. This may suggest performance and fuel efficiency are still problems with any emission control unit repairs.

The deal will also include some funds for pollution remediation, but details about remediation efforts are also unavailable.

Here’s Bloomberg’s report on VW, and here’s Reuters.

Guess we’ll save the Google-y bits for tomorrow, leave today for Volkswagen.

Wednesday Morning: Water, Water, Everywhere [UPDATE]

/24 Comments/in , , /by

Day after day, day after day,
We stuck, nor breath nor motion;
As idle as a painted ship
Upon a painted ocean.

Water, water, every where,
And all the boards did shrink;
Water, water, every where,
Nor any drop to drink.

— excerpt, The Rime of the Ancient Mariner by Samuel Taylor Coleridge

Felony and misdemeanor charges are expected today in the Flint water crisis. State Attorney General Bill Schuette will put on a media dog-and-pony show, when it is expected that three persons — two engineers with the Michigan Department of Environmental quality and a Flint water department employee — will be charged for Flint’s lead water levels after the cut-over to Flint River water.

Mind you, the descriptions of these persons do not match that of higher level persons who were responsible for

1) making the final decision to cut Flint off from Detroit’s water system and switching to the Flint river;
2) evaluating work performed by consulting firms about the viability of Flint River as a water source, or about reporting on lead levels after the cut-over;
3) ensuring the public knew on a timely basis the water was contaminated once it was already known to government officials;
4) lack of urgency in responding to a dramatic uptick in Legionnaire’s disease, or the blood lead levels in children.

Just for starters. Reading the Flint water crisis timeline (and yes, it needs updating), it’s obvious negligence goes all the way to the top of state government, and into the halls of Congress.

Michigan’s Governor Snyder has elected to perform some weird self-flagellating mea culpa or performance art, by insisting he and his wife will drink filtered Flint city water for a month. It’s a pointless gesture since the toxic lead levels, experienced during the two years immediately after the city’s cut-over to the Flint River, have already fallen after doing permanent damage to roughly eight thousand children in and around Flint.

Flint’s Mayor Karen Weaver said about the governor’s stunt, “[H]e needs to come and stay here for 30 days and live with us and see what it’s like to use bottled or filtered water when you want to cook and when you want to brush your teeth.”

Or get a new mortgage, I would add. The gesture also does nothing for Flint’s property values. Imagine living in Flint, trying to refinance your home to a lower interest rate, telling the bank, “Oh, but the water’s safe enough for the governor!” and the bank telling you, “Nah. Too risky.”

UPDATE — 10:45 AM EDT —
Charges have been filed against City of Flint’s Laboratory & Water Quality Supervisor Mike Glasgow and Michigan Department of Environmental Quality Office of Drinking Water and Management Assistance district director Steven Busch and MI-ODWMA District Engineer Michael Prysby. Mlive.com-Flint reports,

Glasgow is accused of tampering with evidence when he allegedly changed testing results to show there was less lead in city water than there actually was. He is also charged with willful neglect of office.

Prysby and Busch are charged with misconduct in office, conspiracy to tamper with evidence, tampering with evidence, a treatment violation of the Michigan Safe Drinking Water Act and a monitoring violation of the Safe Drinking Water.

None of the individuals charged in the case have been arraigned.

Sure would like to see the evidence on Glasgow, given the email he wrote 14-APR-2014 (see the timeline).

House hearing on encryption yesterday

  • Worth the time if you have it to listen to the House Energy and Commerce Oversight and Investigations Subcommittee’s hearing, ‘Deciphering the Debate Over Encryption: Industry and Law Enforcement Perspectives‘ to catch Apple’s general counsel Bruce Sewell and UPenn’s CIS asst. prof. Matt Blaze. Not so much for Indiana State Police Captain Charles Cohen, who was caught up in misinfo/disinfo about Apple’s alleged non-cooperation with the U.S. government. Wish there was a transcript, especially for the part where Sewell was quizzed as to whether Apple would encrypt their cloud.
  • Speaking of Cohen and misinfo/disinfo, Apple said it hasn’t released source code to Chinese (Reuters) — This is the spin IN’s Cohen got caught up in. Nope.

Another Congressional hearing of interest: Fed Cybersecurity
In case you missed it, catch the video of today’s House Oversight Subcommittee on Information Technology hearing on Federal Cybersecurity Detecion, Response, and Mitigation. You may have seen Marcy’s tweets on this hearing, at which Juniper Networks was a no-show, and Rep. Ted Lieu (D-CA) was kind of pissed off. Catch Bruce Schneier’s post about Juniper’s vulnerability.

Volkswagen has company: Mitsubishi’s mileage data tweaked to cheat
The Japanese automaker may have to pay back tax rebates offered on vehicles meeting certain fuel efficiency standards. Data from mileage tests on hundreds of thousands of cars was fudged to make the cars look 5-10 percent more efficient.

Speaking of cheating: Volkswagen’s use of code words masked references to emissions controls cheats
The amount of data under review along with the use of code words and phrases like “acoustic software” may delay the completion of the probe’s report. Don’t forget: tomorrow is the second 30-day deadline set for VW to provide a technical solution for owners of its passenger diesel vehicles.

That’s enough. Michigan state AG newser underway now as I update this again at 1:15 p.m. EDT; I may not update here since I addressed known charges above. Catch you on the other side of the hump.