Posts

I Did Nazi Crustpunk Bar Fail, Redux [UPDATE-1]

/141 Comments/in , /by

[NB: Check the byline, thanks. Updates to appear at bottom of post. /~Rayne]

Because you people will NOT stop whining about the bird-logoed crustpunk Nazi bar sinking even further below the waterline, I am putting up a dedicated post for that subject.

RULE NUMBER ONE: Nothing but Twitter and social media related comments allowed in this thread.

RULE NUMBER TWO: Do NOT take your comments about Twitter and other social media platforms to other threads.

RULE NUMBER THREE: See the first two rules, and don’t expect this site to have any power to do anything to change the crustpunk Nazi bar or other similarly centralized social media failures like Reddit and that scofflaw Meta (home of Facebook, Instagram, and WhatsApp).

~ ~ ~

UPDATE-1 — 8:30 P.M. ET —

Here’s a rough tick-tock leading to today’s huge uptick in new Mastodon account sign-ups —

Wednesday, May 24 — Ron DeSantis’ live campaign launch via Twitter Spaces was an utter disaster; DeSantis’ supporters try desperately to put a positive spin on it.

Thursday, May 25 — Twitter’s chief engineer resigned.

Friday, May 26 — Apparently Twitter had not paid the software company which provided service for live video feeds used in Twitter Spaces.

Sunday, June 11 — Engadget reports there may be problems ahead for Twitter:

More platform instability could be in Twitter’s near future. In 2018, Twitter signed a $1 billion contract with Google to host some of its services on the company’s Google Cloud servers. Platformer reports Twitter recently refused to pay the search giant ahead of the contract’s June 30th renewal date. Twitter is reportedly rushing to move as many services off of Google’s infrastructure before the contract expires, but the effort is “running behind schedule,” putting some tools, including Smyte, a platform the company acquired in 2018 to bolster its moderation capabilities, in danger of going offline.

Thursday, June 29 — Some folks observe difficult sporadically with accessing Twitter links.

The New York Times reported new Twitter CEO Linda Yaccarino ordered Google to be paid after she spoke with the head of Google’s Cloud division.

Friday, June 30 — Persons attempting to access any Twitter page are unable to do so unless they are a logged-in registered user.

Elon Musk later confirmed access has been deliberately cut off for all outside users, claiming Twitter is being scraped aggressively.

There is a lot of speculation the service is degrading because Twitter didn’t pay Google, but NYT’s report suggested otherwise.

Saturday, July 1 — Twitter users note Twitter is down. Musk also tweets that users will be rate limited on the amount of tweets they can read each day.

Before the widespread outage, observers noted Twitter had been DDoS-ing itself:

Twitter and Mastodon user Sheldon Chang offered more detail:

Sheldon Chang 🇺🇸 @[email protected]
This is hilarious. It appears that Twitter is DDOSing itself.

The Twitter home feed’s been down for most of this morning. Even though nothing loads, the Twitter website never stops trying and trying.

In the first video, notice the error message that I’m being rate limited. Then notice the jiggling scrollbar on the right.

The second video shows why it’s jiggling. Twitter is firing off about 10 requests a second to itself to try and fetch content that never arrives because Elon’s latest genius innovation is to block people from being able to read Twitter without logging in.

This likely created some hellish conditions that the engineers never envisioned and so we get this comedy of errors resulting in the most epic of self-owns, the self-DDOS.

Unbelievable. It’s amateur hour.

#TwitterDown #MastodonMigration #DDOS #TwitterFail #SelfDDOS

Jul 01, 2023, 11:03 · Edited Jul 01, 13:02

You can see the videos he shared at the link above.

Techdirt’s Mike Masnick offered his opinion about the rate limiting:

I don’t have words for this clusterfuck except to say I expected this level of fail and worse to come, even with a new CEO on board. Good luck, Yaccarino. I hope you got a guaranteed payout.

~ ~ ~

Meanwhile, at Mastodon:

Mastodon Users @[email protected]

12,916,975 accounts
+4,614 in the last hour
+34,484 in the last day
+108,119 in the last week

[Graphic alt text: Four time-based charts

Upper blue area: Number of Mastodon users
Upper cyan area: Hourly increases of number of users
Lower orange area: Number of active instances
Lower yellow area: Thousand toots per hour

For current figures please read the text of this post]
Jul 01, 2023, 19:00

~ ~ ~

If there is more news in the next 12-24 hours about Twitter, I will update this post.

Wednesday: Time Travel

/1 Comment/in , , /by

In this roundup: A short film about a mother’s time travel adventure, the Internet of Stupid Things, and more.

Read more

Monday Morning: Feeling Rather Mussorgsky

/6 Comments/in , , /by

It’s not even 7:00 a.m. here as I start to write this post, and the day is already frantic — like Mussorgsky’s Night on Bald Mountain. I don’t expect a placid ending to the first day of this week, either.

Strap in, lock and load.

Volkswagen on a roll — downhill, fast

  • A former employee who worked at the Michigan-based Volkswagen Group of America’s data processing center filed suit for wrongful termination. The employee lost their job after warning against data deletion after the U.S. Department of Justice ordered VW to halt normal data deletion processes to preserve potential evidence. Michigan is an at-will state, meaning employees can be fired for any reason at any time if they do not have a contract. However, employers may not fire workers in retaliation for refusing to do illegal acts or for reporting violations of health and safety code. Not a sketchy situation at all…this case might be an opportunity for discovery.
  • VW cutting jobs back home in Germany, with administrative roles taking the biggest hit. At the same time, VW says it intends to hire more software and technology personnel as it shifts away from traditional automotive technology. Huh — not a move I would expect when VW clearly hasn’t a handle on electronic vehicle technology.
  • Car sales are up 6.3 percent in the EU, but VW-brand car sales are off 4 percent. Ford and GM’s Opel picked up what VW lost in terms of sales.

Asking oranges from Apple

  • USDOJ hint-hints with little subtlety it will demand Apple’s source code. By subtlety, I mean a footnote shaped like a cudgel in its response to #AppleVsFBI:

    The FBI cannot itself modify the software on Farook’s iPhone without access to the source code and Apple’s private electronic signature.

    The government did not seek to compel Apple to turn those over because it believed such a request would be less palatable to Apple. If Apple would prefer that course, however, that may provide an alternative that requires less labour by Apple programmers.

    You can read Marcy’s take on the USDOJ’s Lavabit gambit for more.

  • The mega-sized tech companies who support Apple are now doubling down on encryption. Couldn’t see that coming, huh?
  • Some speculate WhatsApp as a communications technology may be the next focus of law enforcement in wake of #AppleVsFBI.
  • John Oliver does a Deep Dive into #AppleVsFBI — amusing take, but Oliver and his writing team have far too simplistic a take on this case. It’s not just that FBI wants a ‘master key,’ or that the FBI relies on All Writs to make its demand on Apple. It’s about forcing a company to create something entirely new, and something that’s not intrinsically part of its product.

Another energy industry executive dead
Josh Comstock, CEO of C&J Energy Services in Houston, Texas, died unexpectedly on Friday. He passed away in his sleep at age 46. Comstock was a supporter of NHRA drag racing. His company, which provided hydraulic fracturing (fracking) services, lost considerable value over the last year with the sharp drop in oil prices and field development.

Oil dudes are under a lot of stress these days.

And it being a Monday, so are we. Relax when you can, gang. I’m clocking out.

Wednesday Morning: All the Range from Sublime to Silly

/17 Comments/in , , /by

We start with the sublime, welcoming astronaut Scott Kelly back to earth after nearly a year in space — 340 days all told. Wouldn’t you like to know how these first hours and days will feel to Kelly as he regains his earth legs?

And then we have the silly…

Apple’s General Counsel Sewell and FBI Director Comey appeared before House Judiciary Committee
You’d think a Congressional hearing about FBI’s demand to crack open Apple iPhone would be far from silly, but yesterday’s hearing on Apple iPhone encryption…Jim Comey likened the iPhone 5C’s passcode protection to “a guard dog,” told Apple its business model wasn’t public safety, fretted about “warrant-proof spaces” and indulged in a thought exercise by wondering what would happen if Apple engineers were kidnapped and forced to write code.

What. The. Feck.

I think I’ll read about this hearing in French news outlets as it somehow sounds more rational: iPhone verrouillé: le patron du FBI sur le gril face au Congrès américain (iPhone locked: FBI boss grilled by US Congress – Le Monde). Other kickers in Comey’s testimony: an admission that a “mistake was made” (oh, the tell-tale passive voice here) in handling the San Bernardino shooter’s phone, the implication that the NSA couldn’t (wouldn’t?) backdoor the iPhone in question, and that obtaining the code demanded from Apple would set precedent applicable to other cases.

Predictably, Apple’s Bruce Sewell explained that “Building that software tool would not affect just one iPhone. It would weaken the security for all of them.” In other words, FBI’s demand that Apple writes new code to crack the iPhone 5C’s locking mechanism is a direct threat to Apple’s business model, based on secure electronic devices.

Catch the video of the entire hearing on C-SPAN.

Facebook’s Latin American VP arrested after resisting release of WhatsApp data
Here’s another legal precedent, set in another country, where a government made incorrect assumptions about technology. Brazilian law enforcement and courts believed WhatsApp stored data it maintains it doesn’t have, forcing the issue by arresting a Facebook executive though WhatsApp is a separate legal entity in Brazil. Imagine what could happen in Brazil if law enforcement wanted an Apple iPhone 5C unlocked. The executive will be released today, according to recent reports. The underlying case involved the use of WhatsApp messaging by drug traffickers.

USAO-EDNY subpoenaed Citigroup in FIFA bribery, corruption and money laundering allegations
In a financial filing, Citigroup advised it had been subpoenaed by the U.S. Attorney’s office. HSBC advised last week it had been contacted by U.S. law enforcement about its role. No word yet as to whether JPMorgan Chase and Bank of America have been likewise subpoenaed though they were used by FIFA officials. Amazing. We might see banksters perp-walked over a fútbol scandal before we see any prosecuted for events leading to the 2008 financial crisis.

Quick hits

I’m out of here, need to dig out after another winter storm dumped nearly a foot of the fluffy stuff yesterday. I’m open to volunteers, but I don’t expect many snow shovel-armed takers.

Friday Morning: All That Jazz

/38 Comments/in , , , /by

If you have to ask what jazz is, you’ll never know. — Louis Armstrong

It’s Friday. Don’t ask, just play.

If you thought FBI vs Apple was part of a plan to break Silicon Valley on encryption, it was
This will be the big buzz today: a secret “decision memo” reveals the government set out to access encrypted user data while putting on a good front about its relations with software companies. No information available about the source (or timing) of the memo; wouldn’t it be ironic if this secret memo had been hacked from a smartphone user’s data?

The Atlantic looks at the government’s attempt to force Apple to write code for their purposes as conscription. The secret memo bolsters this argument.

Looks like Apple may also claim the government is compelling speech. They’ve pulled out the big guns by hiring lawyers Ted Olson and Theodore Boutrous to work on this case.

Whiny telcos upset with Facebook eating their lunch with WhatsApp messaging
Like they couldn’t have seen this coming? Telcos in parts of the world like Central America and Europe have long charged uncompetitive rates for poor messaging service. Enter Facebook, which snapped up WhatsApp and integrated the messaging app in its social media platform. Facebook members now have a free messaging platform that works almost globally. The telcos are now upset that Facebook has eaten their text messaging profits. ¡Qué lástima! Though I admit I wonder if part if this grousing is really a front for governments who don’t like WhatsApp’s threat to intelligence access via telcos’ messaging services.

Citigroup’s Corbat gets a 27% pay increase
Too Big to Fail pays very well, for a very few. For Citigroup’s CEO Michael Corbat, it pays roughly $16.5 million this past year, up from $13 million the previous year. Corbat’s raise rewards him for Citibank’s improved fortunes, based in part on cutting less profitable businesses — like exiting retail banking in Argentina and Brazil.

Mercedes sued for not-so-clean diesel emissions
In a slightly different situation than with automaker VW, Daimler’s Mercedes is accused of selling diesel powered vehicles that do not meet emissions standards at low temperatures. The lawsuit was filed yesterday in New Jersey by a vehicle owner in Illinois, based on information published in Der Spiegel and the results of a study conducted by independent testing agency TNO for the Dutch Ministry of Infrastructure and the Environment. The problem at the heart of the suit:

“…the device in Mercedes’s diesel models turns off pollution controls at temperatures below 50 degrees Fahrenheit (10 Celsius), allowing the autos to violate emissions standards, according to the complaint.”

Mercedes did not disclose to buyers that its BlueTec technology, a system relying on use of urea-based NOX reduction, emitted NOX levels well above emissions standards at low temperatures. I would not be surprised to see more cases soon against Daimler and its Mercedes brand as BlueTec technology has been used in both passenger vehicles and commercial trucks for most of the last ten years.

On our mind: SKYNET
We haven’t forgotten the issue of U.S. military killing innocents *Oops!* from the sky based on metadata. Worth reading:

A “machine learning algorithm”? Imagine this in self-driving cars, hijacked via backdoors by hackers and governments. The ethics behind this technology must be widely debated in public now, before it moves beyond its already-abused role in drone-based warfare.

Should be an entertaining Friday; watch for government spokespersons to indulge in a lot of fancy-footwork jazz today.

How the Government Uses Location Data from Mobile Apps

/6 Comments/in /by

Screen shot 2015-11-19 at 9.24.26 AMThe other day I looked at an exchange between Ron Wyden and Jim Comey that took place in January 2014, as well as the response FBI gave Wyden afterwards. I want to return to the reason I was originally interested in the exchange: because it reveals that FBI, in addition to obtaining cell location data directly from a phone company or a Stingray, will sometimes get location data from a mobile app provider.

I asked Magistrate Judge Stephen Smith from Houston whether he had seen any such requests — he’s one of a group of magistrates who have pushed for more transparency on these issues. He explained he had had several hybrid pen/trap/2703(d) requests for location and other data targeting WhatsApp accounts. And he had one fugitive probation violation case where the government asked for the location data of those in contact with the fugitive’s Snapchat account, based on the logic that he might be hiding out with one of the people who had interacted with him on Snapchat. The providers would basically be asked to to turn over the cell site location information they had obtained from the users’ phone along with other metadata about those interactions. To be clear, this is not location data the app provider generates, it would be the location data the phone company generates, which the app accesses in the normal course of operation.

The point of getting location data like this is not to evade standards for a particular jurisdiction on CSLI. Smith explained, “The FBI apparently considers CSLI from smart phone apps the same as CSLI from the phone companies, so the same legal authorities apply to both, the only difference being that the ‘target device’ identifier is a WhatsApp/Snapchat account number instead of a phone number.” So in jurisdictions where you can get location data with an order, that’s what it takes, in jurisdictions where you need a probable cause warrant, that’s what it will take. The map above, which ACLU makes a great effort to keep up to date here, shows how jurisdictions differ on the standards for retrospective and prospective location information, which is what (as far as we know) will dictate what it would take to get, say, CSLI data tied to WhatsApp interactions.

Rather than serving as a way to get around legal standards, the reason to get CSLI from the app provider rather than the phone company that originally produces it is to get location data from both sides of a conversation, rather than just the target phone. That is, the app provides valuable context to the location data that you wouldn’t get just from the target’s cell location data.

The fact that the government is getting location data from mobile app providers — and the fact that they comply with the same standard for CSLI obtained from phones in any given jurisdiction — may help to explain a puzzle some have been pondering for the last week or so: why Facebook’s transparency report shows a big spike in wiretap warrants last year.

[T]he latest government requests report from Facebook revealed an unexpected and dramatic rise in real-time interceptions, or wiretaps. In the first six months of 2015, US law enforcement agencies sent Facebook 201 wiretap requests (referred to as “Title III” in the report) for 279 users or accounts. In all of 2014, on the other hand, Facebook only received 9 requests for 16 users or accounts.

Based on my understanding of what is required, this access of location data via WhatsApp should appear in several different categories of Facebook’s transparency report, including 2703(d), trap and trace, emergency request, and search warrant. That may include wiretap warrants, because this is, after all, prospective interception, and not just of the target, but also of the people with whom the target communicates. That may be why Facebook told Motherboard “we are not able to speculate about the types of legal process law enforcement chooses to serve,” because it really would vary from jurisdiction to jurisdiction and possibly even judge to judge.

In any case, we can be sure such requests are happening both on the criminal and the intelligence side, and perhaps most productively under PRISM (which could capture foreign to domestic communications at a much lower standard of review). Which, again, is why any legislation covering location data should cover the act of obtaining location data, whether via the phone company, a Stingray, or a mobile app provider.