Most of the time, I’m here in Michigan and I’m taking out the garbage every Monday. — Bob Seger
Morning-after blues now set in, feeling the weight of too much beer and cheese, doing the Walk of Shame, reeking of regret. Gotta’ love American excess in all things, including sports.
Take out last night’s garbage, pour yourself an herbal tea or a detox smoothie, and let’s get back at it. Speaking of garbage…
VW expected to make appetizing offer to U.S. passenger diesel owners — BUT…
The German car maker has still not decided whether vehicle owners will be offered cash, car buy-backs, repairs or replacement cars, Kenneth Feinberg told the Frankfurter Allgemeine Sonntagszeitung.
In other words, everything compensation manager Kenneth Feinberg said on behalf of VW for a German media outlet is vaporware. Best to keep in mind Feinberg has previously represented shining examples of corporate ethics like BP after the Deepwater Horizon spill.
Zika, Zika, Zika…
The virus is now driving some people mad — and they’re not even infected. Like Republican presidential candidates who believe persons traveling to the U.S. should be quarantined if they come to the U.S. from Brazil (Christie), or could be quarantined if they have been infected (Carson). Or scientists pushing to kill all the Aedes aegypti mosquitoes, without much thought for what removal of a species of insects will do to the rest of the ecological system which they’ve made home. Viruses are opportunistic; lose one host and they’ll hop to another. Are scientists modeling that next likely host?
Electronic toy maker VTech offers to buy LeapFrog
LeapFrog was popular with my kids 10 years ago; their line of educational toys helped my kids’ grades with spelling test games. But LeapFrog made a strategic error leaving the smaller handheld games for children’s tablets, and is now limping along. VTech has its own problems with technology, like the recent breach of user data, exposing millions of children and their families. Perhaps LeapFrog’s information technology will help shore up VTech’s through this acquisition.
Death from outer space
A bus driver in India may have been the first recorded casualty of a meteorite this weekend. Three others were injured when the meteorite exploded, leaving a small crater and broken windows.
Gong Xi Fa Cai or Gong Hey Fat Choy to you, depending on whether you speak Mandarin or Cantonese, as we enter the Year of the Monkey. Oops, perhaps you shouldn’t take out the trash just yet, especially if it requires sweeping. It’s bad luck to do so on the first new moon of the year — you might sweep your good luck out the door! Oh, your team lost last night? Sweep away. Best wishes for a prosperous new year!
War All The Time — seems appropriate now, and it’s been more than a dozen years since this song was released. Also rather pathetic that MTV censored a reference to suicide in this tune, like a drop of merthiolate on a gaping wound.
Say it isn’t so, girl! Wendy’s investigating possible breaches
On the face it, this doesn’t sound like a corporate-wide cybersecurity event. It may be confined to specific stores. But fast food chain Wendy’s contracted a security firm to look into unauthorized credit card charges made to cards used at their stores. Wendy’s joins Jimmy John’s and Chick-Fil-A in the growing list of compromised fast food chains.
Ransomware infects Israel’s Electric Authority
No outage has been reported as a result of ransomware infection of Israel’s electrical power system via phishing. Computers may have been isolated from the system’s network, though. The full extent of the malware’s impact is difficult to determine from reports available online; some likened this to the cyberattack on a Ukrainian power plant, and others called this a hacking, though neither description appears to fit well.
California struggles with self-driving car regulations
Oh dear Cthulhu…this bit:
Google has concluded that human error is the biggest risk in driving, and the company wants to remove the steering wheel and pedals from cars, giving people minimal ability to take over.
But computers never, ever make mistakes, right? No wonder California is struggling with this…but no. Even though Google’s DeepMind AI mastered GO a decade early, it can’t master California’s highways.
New high-speed wireless internet service launched by former Aereo CEO
Using microwave technology, new gigabit internet service provider Starry will begin in Boston this year once the FCC approves a limited test run in 15 cities. For now, this looks like a solution for urban areas, but it could be an alternative in rural areas where existing telecoms/ISPs fail to provide high-speed internet in spite of federal funds allocated to expand coverage. Imagine using wind turbine towers for Starry microcells to carry gigabit service to rural America.
All right, everybody back to the front, back to the foreverwar.
While looking for Wednesday, I discovered there’s a video short series based on a grownup version of Wednesday Addams character. Cute, though from Wednesday’s POV becoming an adult isn’t all the fun one might expect.
So much for those carefree days when one could leave all the bad news and difficult choices to parental figures. It was all an illusion there were ever any grownups in charge.
Playstation moves to U.S. as Sony melds and migrates interactive entertainment divisions
What’s this really all about? Does this consolidation of Sony Computer Entertainment with Sony Network Entertainment and their move to California as Sony Interactive Entertainment allow better collaboration with Sony Pictures? Or does this allow for easy access by U.S. government entities suspicious of Playstation Network as a potential terrorist communications platform? Or is this a means to secure a leaky business by pulling more of Sony Group inside a single network? Sony explained SIE will “retain and expand PlayStation user engagement, increase Average Revenue Per Paying Users and drive ancillary revenue” — but that sounds like fuzzy vapor to me.
“Bent spear? Oh, THAT bent spear…” Air Force review omits report of damage to nuke
I hope like hell President Obama has already called someone on the carpet and asked for heads to roll. Not reporting a “bent spear” event in a review of U.S. nuclear force isn’t exactly a little boo-boo. A “bent spear” in 2007 spawned a rigorous investigation resulting in a large number of disciplinary actions including resignations and removals from duty.
Zika virus: risk to U.S. mounting
There have been more non-locally transmitted cases of Zika virus here in the U.S. as another Latin American country warns women against pregnancy. Not to worry, it’s not like Ebola, relax, we’ve been told…except that we’ve seen this playbook before, where there were casualties as a pandemic began before either federal or state agencies took effective action. In the case of Zika, we may not see mortalities; casualties may be serious birth defects following a rapid spread with mosquito season. Fortunately President Obama has now asked for more accelerated research into Zika, though we may not see results before Aedes mosquito season hits its stride this year. For more information about this virus, see the CDC’s Zika website.
EU seeks hefty fines in draft law to overhaul auto industry regulations
At fines of €30,000 (£22,600) per vehicle found in violation, the EU might get some results out of proposed regulations governing automotive emissions standards. But the problem hasn’t been the lack of EU standards — it’s the inability to validate and extract compliance when so many member states are willing to turn a blind eye to their constituent manufacturers’ failings in order to preserve employment. Can the EU make these fines stick once new regulations are passed?
By the way, Consumer Reports published a really snappy overview of the VW emissions scandal. Worth a read.
Con Edison’s creaky website leaves online customers exposed
You’d think by now after all of the successful hacks on business and government websites that companies would catch a clue. But no, not in the case of Con Edison. Read the article here so you know what to watch for at other websites; all of ConEd’s site’s links do not open fully encrypted connections. This is a really easy thing to fix, should be the very first thing every single business allowing customers to log in or pay online should check.
Heading out to act like an adult for the next eight hours. Maybe less.
Hope the cull is done because obituaries are not my thing. Hard to type and sniffle copiously at the same time.
GM Opel dealers may be altering emissions control software on Zafira diesel cars
Great, just great. Like GM didn’t have enough on its plate with the ignition switch debacle. A Belgian news outlet reports GM Opel dealers have been changing the software on the 2014 Zafira 1.6l diesel engine passenger vehicles in what looks like a soft recall. This comes on the heels of an EU-mandated recall of Zafira B models due to fires caused by bad electronics repairs. Sorry, I don’t speak Dutch, can’t make out everything in this video report. What little I can see and read doesn’t look good. Wouldn’t be surprised if the EU puts the hurt on GM Opel diesel sales until all are fixed to meet EU emissions regulations. Should also note that a different electronics manufacturer may be involved; images online of ECUs for late model Zafiras appear to be made by Siemens — unlike Volkswagen’s passenger diesel ECUs, which are made by Bosch.
Texas manufacturer swindled out of cash by fraudulent email request, sues cyber insurer
AFGlobal, based in Houston, lost $480,000 in May 2014 after staff wired funds based on orders in emails faked by crooks overseas. The manufacturing company had a cyber insurance policy with a subsidiary of the Chubb Group, and filed a claim against it. The claim was denied and AFGlobal filed suit. This isn’t the first such loss nor the first such lawsuit. Companies need to create and publish policies documenting procedures for authorizing any online payments, including two-step authentication of identities, and review overall spending authorization processes with an eye on audit trails.
Ukrainian officials say Kiev’s main airport hacked
Hackers who attacked Ukrainian power companies in late December are believed to be responsible for the malware launched on Kiev’s airport servers. There are very few details — okay, none, zero details — about the attack and its affect on airport operations. A military spokesman only said “the malware had been detected early in the airport’s system and no damage had been done,” and that the malware’s point of origin was in Russia. Among the details missing are the date the attack was discovered and how it was detected as well as the means of removal.
Hold this thought: FBI still looking for info on cable cuts, with eye to Super Bowl link
Remember the post last summer about the 11 communications cable cuts in the greater San Francisco Bay Area near Silicon Valley? This is a hot issue again, given the impending Super Bowl 50 to be held at Levi’s Stadium in Santa Clara. But reports now mention 15 or 16 cuts, not 11 — have there been more since last summer, or were there more not included in the FBI’s request for information? I’ll do some digging and post about this in the near term.
All right, carry on, and don’t drink all the añejo at once.
Yeah, Mondays start off well as we emerge from the safe warm cocoon of our beds to begin our day. But Monday evenings are a different kettle of fish.
Like this Monday — we’ve enjoyed a weekend’s cozy glow from soft power exercised through diplomacy now that the IAEA kicked off the new Joint Comprehensive Plan of Action (JCPOA). By mid-morning the flying monkey hoard of dissent will saturate media, making a cesspool out of the evening news.
Can hardly wait. Meanwhile…
Un grupo de 66 accionistas de Volkswagen
I admit my command of Spanish is weak, but even at first glance this article didn’t look good for VW. A group of shareholders—again? Let’s translate:
A group of 66 shareholders of Volkswagen (VW) take legal action against the German automaker after the company distorted evidence of greenhouse gas emissions. The complaint will be presented this week, according to the British newspaper Financial Times.
El Pais reports this is the second class-action lawsuit against VW in relation to the emissions controls defeat technology; plaintiffs for this suit are believed to be investment banks. However there were dozens of class action suits in the U.S. as of last fall, including dealerships stuck with rapidly depreciating but unsalable inventory.
A second article in El Pais also noted VW’s Mueller announced additional investment in its Tennessee-based plant after apologizing to the U.S. for the emissions control ‘trick’ (this last word was ‘trucaje‘ in Spanish). VW has now lost marketshare in the EU for the first time in eight years.
USDOT, NHTSA, Automakers agree on Proactive Safety Principles — including improved cybersecurity
Seems rather feel-good in a non-binding sort of way, but USDOT and NHTSA managed to convince automakers to agree to collaborate on vehicle safety and cybersecurity. The agreement announced last week at Detroit’s auto show coordinates with the Obama administration’s proposed $4 billion budget earmark for automated vehicle research and development.
I still can’t see the benefit in individual autonomous cars over public mass transit. My gut says this White House-driven effort at coordination is really aimed at cybersecurity — and surveillance. And no mention of the Three Laws of Robotics, either.
Formic acid fuel cell to power Dutch students’ car
Now this is a great bit of automotive and alternative energy news. Students at Eindhoven University of Technology in the Netherlands are working on automotive fuel cells powered by formic acid instead of hydrogen. Much of the fuel cell technology to date relies on hydrogen, but the problem has been hydrogen generation and storage. This challenge has stymied fuel cell-powered cars for nearly two decades. Formic acid could be handled like gasoline; it is fairly easy to produce from wood pulp and other fibrous plant mass, or by catalysis, and is low in toxicity, though care must still be used in its handling.
Given the potential application beyond vehicles, I’d rather see investment in this line of automotive research.
U.S.-China Economic and Security Review Commission looking into China’s military robots
Since the 1990s there have been a number of organized cyber attacks originating in China which seek out military and industrial content. China’s recently-developed military robots look an awful lot like those developed by QinetiQ. USCESRC is hiring researchers to assess China’s current robotics capabilities, and how much of this capability arose from U.S. sources.
Enjoy your peaceful Monday morning while it lasts.
Let’s move on.
Some U.S. utilities’ still wide open to hacking
Dudes, how many times do you need to be told your cheese is still hanging out in the wind? Some heads should roll at this point. US government’s Industrial Control Systems Cyber Emergency Response Team’s Marty Edwards sounded pretty torqued about this situation at the S4 ICS Security Conference this week. I don’t blame him; if a utility gets hacked, it’s not like your grandmother’s PC getting held ransom. It means the public’s health and safety are at risk. Get on it.
Your cellphone is listening to your TV — and you
Bruce Schneier wrote about the Internet of Things’ expansive monitoring of consumers, citing the example of SilverPush — an application which listens to your television to determine your consumption habits. Bet some folks thought this was an app still in the offing. Nope. In use now, to determine current TV program listings and ratings. Listening-to-your-consumption apps have now been around for years.
Wonder if our pets can hear all this racket inaudible to humans? Will pet food companies embed ads shouting out to our pets?
But you may be able to hide from devices
…depending on whether you are using location-based services, and if you can use the app developed by Binghamton University. A paper on this technology was presented last month at the Institute of Electrical and Electronics Engineers (IEEE) GLOBECOM Conference, Symposium on Communication & Information System Security. The lead researcher explained the purpose of the app:
“With Facebook, Twitter, LinkedIn and others we provide a huge amount of data to the service providers everyday. In particular, we upload personal photos, location information, daily updates, to the Internet without any protection,” Guo said. “There is such a chance for tragedy if that information is used to in a bad way.”
The app isn’t yet available, but when it is, it should prevent personally identifying location-based data from being used by the wrong folks.
VW emissions scandal: Well, this is blunt
I think you can kiss the idea of nuance goodbye, gang.
“Volkswagen made a decision to cheat on emissions tests and then tried to cover it up,” said CARB chair Mary Nichols in a statement.
“They continued and compounded the lie, and when they were caught they tried to deny it. The result is thousands of tons of nitrogen oxide that have harmed the health of Californians.”
The last bits
Nest thermostats froze out consumers after a botched update. (Do you really need internet-mediated temperature controls?)
Phone numbers may become a thing of the past if Facebook has its way. (Um, hell no to the Facebook. Just no.)
Senator Al Franken quizzes Google about data collection and usage on K-12 students. (Hope he checks toy manufacturers like Mattel and VTech, too.)
That’s a wrap, hope your day passes at a comfortable speed.
I debated about posting Jonny Lang’s Lie to Me. Nah, we’re lied to every day, might as well ask for the truth for once, even if it’s ugly. The truth is that nothing’s okay though we wish like hell it were otherwise.
That said, let’s forge on into the fraught and frothing fjords…
‘Nope.’ That’s what California Air Resources Board said
Huh-uh, no way, nada — CARB told Volkswagen in response to VW’s proposed recall plans for emissions standard-cheating 2.0L vehicles sold into California. Because:
Wonder if CARB’s response will be different with regard to VW’s 3.0L vehicles? Shall we take bets?
Fugly, in multiples — cybersec edition
Ebay’s got bugs, and not just at auction.
Need more than tape to fix this problem with cheap web cameras.
Popular antivirus may pose a hacking threat, patch has been issued. Same antivirus manufacturer has a nifty relationship with INTERPOL, too, to share information about cyberthreats. Wonder if they phoned INTERPOL and said, “Cyberthreat. It me!”
(BTW, I love it when spell check helpfully says, “‘Cybersec’ is wrong, don’t you mean ‘cybersex’?”…um, no.)
Big of you, GM. Way to protect your intellectual property and brand at the same time.
The biggest threat to nation’s power grid is S_______
Beady-eyed and focused, slips beneath our radar, gnaws into our electricity transport with annoying frequency, causing hundreds of hours of power outages. Stuxnet? No. Bloody squirrels.
In short, it’s all wonderful this Wednesday. Just wonderful. Pass the Glenmorangie, please.
D-Day for Microsoft’s earlier Internet Explorer versions
In case you didn’t already know this, Microsoft is slowly killing off its Internet Explorer browser brand, beginning with the end of technical support for all but IE 11.
Beginning January 12, 2016, only the most current version of Internet Explorer available for a supported operating system will receive technical supports and security updates. Internet Explorer 11 is the last version of Internet Explorer, and will continue to receive security updates, compatibility fixes, and technical support on Windows 7, Windows 8.1, and Windows 10.
Some organizations are still relying on older IE versions — a dicey proposition if other non-Microsoft browsers aren’t compatible with their systems. Get a move on, people.
OMG! Terrorists may use drones!
Hoocoudanode cheap and readily available drones might be repurposed by terrorists for flying IEDs. The breathlessness. Really. But wait, they can be stopped!
“The best defence against the hostile use of drones is to employ a hierarchy of countermeasures encompassing regulatory countermeasures, passive countermeasures and active countermeasures.”
I don’t know about you, but I picture the sky soon dark with counterterror drones, swarming like the air over a northern Michigan road in mayfly season.
Intel’s Skylake processors run into problems with complex computing, freezing PCs. A BIOS update is being distributed as a fix. But this isn’t the only bug out there. Read this, especially this bit: “…CPUs are now complex enough that they’ve become too complicated to test effectively.”
Hmm. In other words, future shock has moved beyond consumers.
NPR interviewed VW CEO Matthias Mueller
I’m sure Porsche has been wondering what the hell they were thinking, tieing up with Volkswagen. Porsche’s top guy is now tasked with clean up after VW, and he’s struggling. Witness NPR handing Mueller a shovel, and watching as he just keeps digging.
NPR: You said this was a technical problem, but the American people feel this is not a technical problem, this is an ethical problem that’s deep inside the company. How do you change that perception in the U.S.?
Matthias Mueller: Frankly spoken, it was a technical problem. We made a default, we had a … not the right interpretation of the American law. And we had some targets for our technical engineers, and they solved this problem and reached targets with some software solutions which haven’t been compatible to the American law. That is the thing. And the other question you mentioned — it was an ethical problem? I cannot understand why you say that.
NPR: Because Volkswagen, in the U.S., intentionally lied to EPA regulators when they asked them about the problem before it came to light.
Mueller: We didn’t lie. We didn’t understand the question first. And then we worked since 2014 to solve the problem. And we did it together and it was a default of VW that it needed such a long time.
Somebody needs to explain the Law of Holes to Mueller.
Also worth revisiting the definition of crazy today. Carry on.
Volkswagen’s bad news, good news as Detroit’s auto show opens
Bad news first: In news dump zone on Friday afternoon, we heard Volkswagen wasn’t going to release documents pertaining to the emissions control defeat scandal to several U.S. states’ attorneys. VW said it couldn’t due to privacy laws, which sounds dicey; why do corporations have privacy rights? You’d think only U.S. businesses would attempt such excuses.
The good news was held until VW’s CEO Matthias Mueller arrived in U.S. for the soft opening of the North American International Auto Show in Detroit. VW is working on a catalytic converter it believes will resolved the emissions problem for roughly 2/3 of the affected vehicles. I’m guessing this is fix is intended for the oldest vehicles, and that the newest ones are likely to be swapped with a new vehicle, or a sizeable discount on a replacement will be offered. Color me skeptical about the effectiveness of this fix; if this was such an obvious and easy solution, it would already appear on VW’s diesel-powered passenger vehicles. Fuel economy will likely diminish due to increased back pressure — but that’s why I think this fix is for the oldest cars. It would encourage VW loyalists to buy a new one.
Juniper Network shuts the (a?) backdoor
The network equipment company says it’s “dropping” NSA-developed code after the revelation of a backdoor into their network device software. Does anyone believe all covert access by NSA has now been eliminated, though, if Juniper’s source code isn’t open?
Apple’s devices monitoring your emotions soon?
Ridiculously cash-rich Apple snapped up artificial intelligence company Emotient, which makes an application to interpret users’ emotions based on their facial expressions — sentiment analysis, they call it. I call it creepy as hell, especially since smartphone users can’t be absolutely certain their cameras aren’t in use unless they physically cover the apertures.
And yes, I do cover apertures on my devices with low-tack adhesive tape. It’s the first thing I do after opening the box on any new camera-enabled device, even before charging the battery.
That’s enough to get your cart moving. I hope to have a post up later, on the recent power outage in Ukraine.
Here’s what the trash man left behind this morning.
Hackers caused power outage — the first of its kind?
Marcy’s already posted about the electrical power disruption in Ukraine this past week, labeled by some as the first known hacker-caused outage. I find the location of this malware-based outage disturbing due to its location in western Ukraine. Given the level of tensions with Russia along the eastern portion of the country, particularly near Donetsk over the past couple of years, an outage in the west seems counterintuitive if the hackers were motivated by Ukraine-Russian conflict.
And hey, look, the hackers may have used backdoors! Hoocudanode hackers would use backdoors?!
Fortunately, one government is clued in: the Dutch grok the risks inherent in government-mandated backdoors and are willing to support better encryption.
‘Netflix and chill’ in a new Volvo
I’ve never been offered a compelling case for self-driving cars. Every excuse offered — like greater fuel efficiency and reduced traffic jams — only make greater arguments for more and better public transportation.
The latest excuse: watching streaming video while not-driving is Volvo’s rationalization for developing automotive artificial intelligence.
US Govt sues pollution-cheater VW — while GOP Congress seeks bailout for VW
WHAT?! Is this nuts or what? A foreign car company deliberately broke U.S. laws, damaging the environment while lying to consumers and eating into U.S.-made automotive market share. The Environmental Protection Agency filed suit against Volkswagen for its use of illegal emissions control defeat systems. The violation of consumers’ trust has yet to be addressed.
Thank goodness for the GOP-led House, which stands ready to offer a freaking bailout to a lying, cheating foreign carmaker which screwed the American public. Yeah, that’ll fix everything.
Remember conservatives whining about bailing out General Motors during 2008’s financial crisis? All of them really need a job working for VW.
Massive data breach affecting 191 million voters — and nobody wants to own up to the database problem
An infosec researcher disclosed last week a database containing records on 191 million voters was exposed. You probably heard about this already and shrugged, because data breaches happen almost daily now. No big deal, right?
Except that 191 million voters is more than the number of people who cast a vote in 2012 or even 2008 presidential elections. This database must represent more than a couple election cycles of voter data because of its size — and nobody’s responding appropriately to the magnitude of the problem.
Here’s a novel idea: perhaps Congress, instead of bailing out lying, cheating foreign automakers, ought to spend their time investigating violations of voters’ data — those folks that put them in office?
Any member of Congress not concerned about this breach should also avoid bitching about voter fraud, because hypocrisy. Ditto the DNC and the Hillary Clinton campaign.
Whew, there it is, another mark on the 2016 resolution checklist. Have you checked anything off your list yet? Fess up.