July 17, 2019 / by 


Forbes’ Flawed Report on NPR and Sourcing by Gender

Back when bias in media was naked

Cover, Nugget magazine c. 1963 via Flickr — back when media bias was naked

Today saw a bumper crop of weak content masquerading as journalism. I’m really perturbed about one article in particular.

Forbes—the business magazine led by zillionaire libertarian CEO and editor-in-chief Steve Forbespublished an article noting that NPR’s reporting had a gender bias in its sourcing. The report was written by contributor Michael Howe, whose bio at Forbes characterizes him as the “lead shepherd of the 4th Estate Project.” The 4th Estate Project released several interesting studies, including one last June detailing the media’s overall gender bias in using women as news sources for election coverage. It was a laudable effort in concept to encourage awareness of diversity in media.

The 4th Estate Project continued to follow NPR’s coverage through the election season to watch for gender bias. In a nutshell, the bias noted across other commercial outlets in frequency of quoting males over females also appears in NPR’s coverage. Not a good thing, on the face of it.

But there are problems with this particular report in Forbes and 4th Estate Project:

1)  The magazine has an inherent gender bias of its own, not spelled out clearly by contributor Howe. With the overwhelming majority of medium-to-large corporations in this country lacking female board members and even fewer CEOs, Forbes’ own sourcing for business news is automatically biased by the current structure of this country’s businesses.

[Which begs the question: Is it at all possible that reporting on elections is similarly biased, because there are too few women in government or in politics? 4th Estate Project may have screened out statements by candidates, but did they screen out statements from past office holders, or prospective candidates who were assisting then-prospective candidates?]

2)  Forbes’ editor-in-chief has a known bias as a libertarian conservative (though he once ran for president under the GOP); his ideological bent against taxes may manifest in a bias against NPR as a publicly-funded news outlet. Howe’s piece does not disclose Forbes’ ideology or the possibility that the magazine has a similar bias; he doesn’t appear to question why Forbes magazine would be so interested in coverage of this single outlet’s continued performance up through the November election after the 4th Estate Project’s June 2012 report.

3) NPR is a competitor to Forbes; they may not operate in exactly the same market niche, but they both do reporting on business and politics. In this particular piece by Howe, Forbes questions the diversity of a single competitor, yet we can only assume that Howe and Forbes both believe their readers fully understand this relationship.

4)  There’s nothing under the About Us page at the 4th Estate Project’s website in terms of funding disclosure. It’s not clear if this is a privately-funded, corporate-funded, or public grant-funded project. How can we tell if this entity has an agenda of its own? The widely disseminated graphic based on the June 2012 gender bias report cites major newspapers, media companies, and news shows, but nowhere among them is Forbes magazine listed. Is it at all possible that Forbes is a funder of 4th Estate Project — or at arm’s length, through any related entity? We can’t rule it out based on the dearth of information.

This isn’t a little matter when many races across the country during this last general election hinged on women’s issues. The June 2012 report questioned the credibility of all election reporting based on possible bias; who was funding this report and why?

5)  Lastly, the term “sourcing”—as tackled by 4th Estate Project’s June 2012 report and the article in Forbes magazine—is used in reference to persons quoted in news reports. However  sourcing can mean something much broader. As a former managing editor it meant something different to me; my standard for vetting a news story required at a minimum one source on the record, and an unimpeachable source off the record. An unimpeachable source might have been a woman reluctant to go on record—and I know for a fact this happens frequently. Did 4th Estate Project’s June 2012 report and Howe’s article in Forbes fully explain and differentiate this to readers?

And is it possible the real story that women in the U.S. may not feel safe being publicly quoted?

Unfortunately we can’t tell that from either the 4th Estate Project’s previous work, or from the article in Forbes. Howe doesn’t question whether women quoted more frequently by NPR’s Mara Liasson might have felt more secure talking with another woman than with Ari Shapiro because he’s a man. (No slight to Shapiro who seems like a nice chap, but some women may feel reluctant talking openly to any man, or being quoted and named publicly by a man.)

While we ponder these challenges, Forbes magazine readers continue to think NPR is gender biased, their perceptions poisoned once again about publicly-funded news outlets.

That’s a two-fer for Steve Forbes: knock a taxpayer program and a competitor at the same time. What a bargain.

The Cost of Bullshit: Climate Change, National Security, and Inaction

photo: toolmantim via Flickr

photo: toolmantim via Flickr

While we’re waiting for Congress and the White House to do something productive together for once, let’s recap:

•  The Department of Defense said climate change is a critical strategic concern with regard to its operations and its impact on defense efforts, based on its legislatively-mandated Quadrennial Defense Review (QDR) published two-plus years ago in 2010;

•  The State Department also said climate change is a serious threat to our national security, noted in its inaugural Quadrennial Diplomacy and Development Review (QQDR), also published two-plus years ago in 2010;

•  A who’s who of defense and diplomacy expressed their concerns about climate change and the need for urgent action, as Marcy noted two days ago; apparently whatever action has been taken so far has not impressed these experts as responsive to the threat climate change poses.

Yet if asked, the average American likely could not point to a single action taken by the U.S. government to reduce the impact of climate change.

In other words, all the effort expended and resources spent on drafting the components of the QDR and QQDR are wasted, the words published mere bullshit—more wasted government employees’ time and taxpayer money.

How much has this wordy inaction cost us?

Here’s a more specific opportunity to save taxpayer money:

…Of all military spending, energy accounts for a small proportion, roughly less than 2% of total military expenditures and 2% of total US energy usage–but is 93% of all US government energy consumption.In fact, the US military is the single biggest consumer of energy in the nation, at about 932 trillion BTU in 2009, resulting in 4% of all US carbon emissions.

Oil accounts for 78.5% of all US military energy usage (54% of that is jet fuel); electricity is 11%, direct use of natural gas comes in a bit under electricity. Direct use of coal and other sources of energy are small fractions of total usage. …

[source: TreeHugger.com, 05-MAY-2011]

The amount spent on energy surely hasn’t declined since these numbers were published in 2009.

Yet Congress and the White House have been locking horns over the sequester for some time now, looking for places to cut costs. Doesn’t it seem like any item should be ripe for examination and audit for cost-cutting if the government is the largest consumer?


…The United States is far and away the largest military spender on the planet–but you probably already knew that. How much more? In 2010 the US accounted for 42.8% of all military spending in the world (and has doubled military spending since 2001). The next nearest competitor, China, accounts for 7.3% of global military spending. The UK, France, and Russia each spend roughly 3.7%. Japan, Saudi Arabia, Germany and Italy round out the top ten. All other nations spending 25.3% combined.

In dollar terms, the grand total spent on military offense and defense in 2010 was $1.6 trillion. So based on those calculations, done by a Swedish think tank, the US outspent China by 5.86 times. …

[source: TreeHugger.com, 05-MAY-2011]

If the U.S. is the largest military spender, its energy expenditures must likewise be the largest globally. This means the U.S. military could provide the largest impact globally on climate change by urgently and robustly changing its fossil fuel consumption.

Which begs the question: are we going to stop wasting time and money on reports like the QDR and the QDDR when we’re clearly making no effort to follow the recommendations they contain by responding to climate change and its inherent national security risks?

Or are we going to save some serious money on downsizing our military’s fossil fuel consumption AND make immediate, widespread impact on climate change and national security at the same time?

We really need an answer because this bullshit is costing us a fortune in taxes and lost societal opportunities. (Hurricane Sandy cost the federal government at least $180 million dollars; it’s not yet clear how much February’s blizzard cost in tax dollars. Toronto CAN, however, spent CA$4 million on cleanup and repairs, and it was not the municipality hardest hit by the storm.)

And with each drought and mega-storm, the lack of response is costing us even greater treasure in loss of personal opportunities, homes and lives.

Why So Surprised? CIA, U.S. Military Knew Chinese Hackers Expected Since 1999

Cover, Unrestricted Warfare via Wikimedia

Cover, Unrestricted Warfare via Wikimedia

The breathless reporting about the alleged Chinese hacking at The New York Times is truly annoying because of the shock it displays. The surprise any major government or private corporate entity shows at this point about any network-based security breach that appears to originate from China should be treated as propaganda, or a display of gross ignorance.

In 1999, the CIA’s Foreign Broadcast Information Service published a white paper entitled Unrestricted Warfare, written by the PRC’s Col. Qiao Liang and Col. Wang Xiansui. The publication outlined the methodologies a nation-state could deploy as part of an asymmetric war. Further, the same work outlined the U.S.’s weaknesses at that time were it to confront such asymmetric warfare. It did not focus any other nation-state, just the U.S.*

The colonels acknowledged that the U.S.—at the time of the paper—had considered using a range of tools in response to conflicts:

“…There’s no getting around the opinions of the Americans when it comes to discussing what means and methods will be used to fight future wars. This is not simply because the U.S. is the latest lord of the mountain in the world. It is more because the opinions of the Americans on this question really are superior compared to the prevailing opinions among the military people of other nations. The Americans have summed up the four main forms that warfighting will take in the future as: 1) Information warfare; 2) Precision warfare [see Endnote 8]; 3) Joint operations [see Endnote 9]; and 4) Military operations other than war (MOOTW) [see Endnote 10]. This last sentence is a mouthful. From this sentence alone we can see the highly imaginative, and yet highly practical, approach of the Americans, and we can also gain a sound understanding of the warfare of the future as seen through the eyes of the Americans. Aside from joint operations, which evolved from traditional cooperative operations and coordinated operations, and even Air- Land operations, the other three of the four forms of warfighting can all be considered products of new military thinking. General Gordon R. Sullivan, the former Chief of Staff of the U.S. Army, maintained that information warfare will be the basic form of warfighting in future warfare. For this reason, he set up the best digitized force in the U.S. military, and in the world. Moreover, he proposed the concept of precision warfare, based on the perception that “there will be an overall swing towards information processing and stealthy long-range attacks as the main foundations of future warfare.” For the Americans, the advent of new, high-tech weaponry, such as precision-guided weapons, the Global Positioning System (GPS), C4I systems and stealth airplanes, will possibly allow soldiers to dispense with the nightmare of attrition warfare. …”

The rise of military tools like drones for precision-guided stealth attacks was predicted; quite honestly, the PRC’s current cyber warfare could be a pointed response to Gen. Sullivan’s statement about information warfare.

But in acknowledging the U.S.’s future use of MOOTW, the colonels also offered up the most likely approaches in an asymmetric assault or response: trade war, financial war, new terror war in contrast to traditional terror war, ecological war. Of these, they cited a specific example of new terror war entity and attacks:

“…In contradistinction to masked killers that rely on the indiscriminate slaughter of innocent people to produce terror, the “Falange Armed Forces”[…] group in Italy is a completely different class of high-tech terrorist organization. Its goals are explicit and the means that it employs are extraordinary. It specializes in breaking into the computer networks of banks and news organizations, stealing stored data, deleting programs, and disseminating disinformation. These are classic terrorist operations directed against networks and the media. This type of terrorist operation uses the latest technology in the most current fields of study, and sets itself against humanity as a whole. We might well call this type of operation “new terror war.”…

Note in particular that these Chinese military experts refer to attacks not on military targets, but on banks and the media.

Furthermore, the U.S. military could have predicted the Chinese investment in information warfare, as a paper Operation Allied Force: The View from Beijing, by Dr. James D. Perry (2000) noted. Perry had already absorbed the paper, Unrestricted Warfare:

“…Two senior PLA officers observed that NATO’s “asymmetrical” strikes employed “a number of new combat modes.” Allied Force consisted of “a series of informationalized, digitized, and networked combat operations that surpassed those in the Gulf War.” In their view, networked fighting centers will replace individual fighting platforms in future warfare, and networked military organizations will replace “tree-shaped” military organizations. The United States uses air raids, EW, and information-control operations to maximize the asymmetric advantages of its high technology. Therefore, the PLA should “learn and master” anti-air-raid, anti-electronic-warfare, and anti-information-control operations. …”

Perry also noted contributor Ye Lu of the state-owned Keji Ribao science and technology publication reported:

“…the US goal is to gain mastery of battlefield information and that the information enhancement of US weapons systems is already “an order of magnitude” greater than in the Gulf War. Before initiating combat,

‘reconnaissance satellites, relay satellites, high-altitude reconnaissance aircraft, and low- and medium-altitude pilotless aircraft of all kinds are to be deployed in continuous, uninterrupted, all around, dynamic intelligence reconnaissance against military and civilian targets in Yugoslavian territory . . . while at the same time numerous intelligence organizations and every means of intelligence collection are to be marshaled to conduct repeated position fixing and simulated attack exercises against all military and non-military targets that might be encountered in the battlefield to come.’20

Ye considered that despite all its advantages, the United States did not gain “information supremacy” in Yugoslavia. This he attributed to the expansion of the information domain through radio and computer networks that enable “both aggressors and defenders to attack and counterattack to the best of their abilities.” Ye drew the following conclusions from Allied Force:

  • China should research and develop high-tech precision weapons and should upgrade the information systems associated with existing weapons.
  • China should develop IW equipment and techniques, especially those that can “reliably put constraints on the power of hostile forces.”
  • China needs a “corps of knowledgeable and experienced military information security personnel.”
  • China should create her own software for national defense and should find military applications for civilian high technologies.21 …”

Again, the Chinese not only predicted the emergence of drone usage by the U.S., but spelled out a countervailing response including development of information technology for its national security.

The same report by Ye Lu, cited by Dr. Perry and published in a U.S. Air Force-Air University journal, was itself published by the CIA’s FBIS. Clearly both our military and our intelligence agency have been on notice for over a decade about China’s intentions with regard to cyber warfare.

We were warned; it could not be spelled out any more clearly. Not to mention other sources of intelligence, our government was handed a manual that not only laid out the likely routes of attack, including network-based assaults, but generously a description of the opportunities for improvement the U.S. should address to protect itself against non-traditional attacks, let alone improve the prospects to conduct assaults of their own in a similar fashion.

Granted, the document also suggests a unified structure for the U.S. or other nation-state to respond to all asymmetric attacks. This offering should be avoided for this reason—the unexpected is the element that offers the best chance to defend against non-traditional warfare.

But to have no organized response at all is absurd. In its absence we’re left with a choice of which mask we should adopt in reaction to attacks: the “We’ve got this” fakery, or an open admission of ignorance and failure—or perhaps both.

One more point we should note is the Chinese response by foreign minister’s office spokesman Hong Lei in state-owned Xinhua News to the NYT’s report:

“Groundless criticism is irresponsible and unprofessional, and it will not help to solve the problem,” he said.

The infosecurity company Mandiant employed by NYT and the U.S., which had traced the source of the alleged hacking to a People’s Liberation Army site, took this as an insult to their conduct and went public with their findings.

But was the response really aimed at Mandiant? Or was it aimed at other government and private corporate targets warned clearly more than a decade ago?

* Word analysis of the document published at Cryptome:
“U.S.” appears 220 times; “Europe” appears 22 times; “Russia” appears 31 times, “China” appears 34 times. Occurrences counted in both text’s body and in footnotes.

Monday Mess: Moar Dronz, Gen Killz, (Horse)Meatz, and Clownz

Photo: AR Drone 2.0 being tested near Kuwait Towers (by Cajie via Flickr)

Photo: AR Drone 2.0 being tested near Kuwait Towers (by Cajie via Flickr)

Happy Monday. Insert a picture of that cat here–you know which one. I resemblez it.

•  Good gravy, people. When National Geographic Magazine covers drones, it’s way past time for a national dialog about their use domestically. Crop dusting, my backside; there’s nothing except for the subhead in this article to genuinely suggest the designers, manufacturers, and potential buyers of drones are thinking about non-surveillance, non-policing applications for these unmanned aerial devices.

•  Of course it hasn’t helped our current condition that not one but at least two generations of military were shaped into the “Generation Kill” mold, about which Foreign Affairs learns from retired General Stanley McCrystal.

“People hear most about the targeting cycle, which we called F3EA — “find, fix, finish, exploit, and analyze.” You understand who or what is a target, you locate it, you capture or kill it, you take what intelligence you can from people or equipment or documents, you analyze that, and then you go back and do the cycle again, smarter.”

Color me skeptical, but this doesn’t sound like appropriate training future civilians–those now serving in our military–will use for guiding crop dusting or weather monitoring drones.

•  “Generation Kill” has a shadow identity, as well; the legitimately uniformed forces have dark counterparts in crime, which is likely shaped by the same attitudes as the military and police who chase them. Thwarted in illegal weapons sales, the supply chain arms traffickers use may be put to use in purveying goods of a different kind of kill. The horsemeat contamination scandal in Europe appears to be built upon the infrastructure of criminal arms dealer Viktor Bout. Where once illegal weapons might have been hidden in dog food, now illegal dog food is hidden in, well, our food.

•  Of course, when this all gets too serious and we need to be distracted, somebody offers up a clown since bread and circuses always work to appease the masses. Today’s fool is Gérard Depardieu, savaged for his luxe lifestyle and his exile from his mother country. France’s current “supertax” policy–75 percent assessed against all income above one million euros, intended as a short-term fix to a national budget deficit–ostensibly drove Depardieu into the arms of the ever-execrable Russia. The actor whose work is synonymous with modern French cinema is now reviled as minable, pathetic. What seems incredibly pathetic to me is the strident ignorance of both policy makers and the French; only 3000 countrymen were subject to the tax, and it is too easily escaped. Was the problem really with these 3000 that the budget suffered, or were other structural problems at fault that might not yet be repaired? One can see readily how a similarly simplistic law enacted in the States could have similarly ridiculous and ineffective results. But Depardieu is an easy, large, and slow-moving target, not unlike the French royals who could not outrun the guillotine. Minable, indeed; how readily the populace is distracted by redirection to a clown.

Sunday Buffet: Domestic Drones, Cosmic Clouts, and More

photo: Parrot AR Drone via Amazon.com

photo: Parrot AR Drone via Amazon.com

Here’s an assortment of goodies that crossed my tablet over the last 24 hours or so. Which of these tidbits fires you up?

•  The Verge reported Friday that a new bi-partisan privacy bill sponsored by representatives Ted Poe (R-TX) and Zoe Lofgren (D-CA) targets the use of drones in the US.

“As written, it would ban police from operating unmanned aerial vehicles armed with weapons of any kind, and any drone surveillance operation would require a warrant notifying the target within 10 days, except when the notice would “jeopardize” an investigation. It also requires they make efforts to “minimize” the amount of data collected or shared, to avoid violating privacy unnecessarily. …

…Fears over the use of drones have increased lately as both President Obama and his counterterrorism chief John Brennan refused to answer whether lethal strikes could be used against American citizens on US soil. …”

When drones can be remotely operated by iPhone or Android cellphones and cost less than $300, we’re way past time for this bill. It might not hurt citizens to act locally as Charlottesville, Virginia has, enacting a ban on their use in their municipality. Think a drone couldn’t possibly slip by you to monitor you without permission? This one pictured here is only 22 inches long, comes equipped with a 720p high-def camera on board–imagine it hovering and peering in your bedroom window, or your kid’s room, its video output watched from an iPhone miles away.

•  Friday’s meteorite-asteroid-meteorite triple whammy certainly shook up the globe. What? You didn’t hear about the third one? Apparently when the smaller meteorite passed over California about 7:42 pm PST, the media had already used up its allotment of cosmic-related coverage for the week. Or year. Anyhow, objects hit our planet all the time that we don’t notice or publicize widely; it was the rare confluence of a near-miss asteroid and a larger-than-average meteorite within a 24-hour window that only made us think earth’s pummeling by space debris is unusual. Given that meteorites and asteroids are not all that rare, it seems like we’d do more to be prepared for impacts–especially since we’ve had pretty decent guesstimates about the damage space objects could inflict.

•  Speaking of science, science writer Philip Ball looks at the discovery of the microscope and its dramatic impact on science and religion. Technology that allowed us to look at our world at meta-scale has also had an impact on our perspective; the famous “blue marble” photo* from an Apollo mission is credited with increasing public interest in ecological studies, environmental protection, and space exploration. What technology will encourage us to get our tails in gear on climate change?

•  Finally, this photo-dense piece gives me pause. I was two years old when these were taken; what an incredible year that was. I wish I’d been old enough to remember any of these events, and yet, I’m glad some of them were well behind us by the time I was school-aged. Some of these photos remind me how little things have changed. Just Google “church arson” or “race hate crime” and you’ll see what I mean.

By the way, I’m open to suggestions as to naming these collections of newsy bits and pieces. Leave me your thoughts in comments. Thanks!

* When I first drafted this post, I didn’t know today marked the anniversary of the similarly important “pale blue dot” photo. How time flies.

Enjoy A Valentine’s Day Sampler

Made just for you via cryptogram.com

Made just for you via cryptogram.com

It’s difficult lately for me to sit down and spend time on a blogpost. I manage a handful of minutes here and there to do reading or research. An email may take hours to draft.

But there’s too much juicy stuff floating around deserving more attention. I’m going to gather content as I see it and aggregate it into a post when I have time, rather than let them slip by. Perhaps you can make more of them than I can.

•  MIT Technology Review acknowledges the dawn of a new age in Welcome to the Malware-Industrial Complex. I’m rather surprised at the tone of this piece; it’s not au courant, rather a bit behind the times since the MIC launched more than a handful of years ago. Two important points emerge: 1) Zero-day exploits are being traded like weaponry–think very hard about the source of these exploits and ask yourself why they are tolerated in government computing environments, let alone any other production environment; 2) This new age is the military face of the paradigm shift from the industrial to the information age. Weapons are information; they are no longer separate from the weapons themselves. With this in mind, the last two grafs of this article display the already-anachronistic thinking of the author and his sources.

•  Syracuse University MA/PhD student Seth Long performs a rather fascinating analysis on alleged cop killer Christopher Dorner’s manifesto. But equally fascinating is his earlier analysis on Ted Kaczynski’s Unabomber manifesto. Compare the two assessments, and then ask yourself what any blogger’s online writings might say about them if Long’s analytical process is eventually automated with algorithms. Scary, hmm?

•  Really great long read at Bloomberg Businessweek on the unmasking of a Chinese hacker by a Dell Computers malware expert. This is a snapshot of asymmetric warfare in progress; it’s not as if China has not told us rather candidly (and more than a decade ago) they would engage us in this manner as well as in other non-internet battlefields. Any surprise on the part of U.S. government officials at this point is utterly ridiculous–it’s either feigned or it’s should-get-another-day-job stupidity.

•  I’m so annoyed by this long read in Aeon Magazine–a really great mag, by the way–that I may yet muster the time to write something longer. Author Damien Walter is rather specious in his identification of a new “creator culture” and its necessity to society’s continued success. The problem isn’t that we need to adopt and nurture a new creator culture; it’s that we killed the one we had quite willingly over the last 25-35 years by offshoring production and the subsequent commodification of goods. We allowed corporations and their one-percenter shareholders to tell us that getting our hands dirty through craftsmanship and in manufacturing was bad (mostly bad for their profit margins). We’ve become a culture that doesn’t fix anything; we buy replacements made overseas in third world countries. We’ve lost our can-do spirit along with this shift, and only recently have both the economic crisis and a new hipster-hobbyist ethos encouraged a resurgence of the do-it-yourself handyperson. Unless we’re conscious of our role in killing creativity, nurturing it again through supporting Etsy and Maker Faires is merely temporary relief from the crush of profit-driven consumerism.

•  But perhaps all of this will be moot tomorrow if the cosmos decides to make a bank shot with asteroid 2012 DA14. This “small” asteroid will fly within 17,200 miles of earth tomorrow afternoon. This is awfully bloody close–close enough that scientists say disruption of cellphone and other satellite service is not impossible, but unlikely. That’s a whisker’s breadth, in cosmic scale. Best to check in tomorrow afternoon after 3:00 pm CST to see if we’re still here. See you then.

Hypothetically Speaking: Immigration Reform and the Threat to Citizenship

Photo: Wong Kim Ark, via Wikimedia

Photo: Wong Kim Ark, via Wikimedia

President Obama once again asked for immigration reform in last night’s State of the Union address:

… Our economy is stronger when we harness the talents and ingenuity of striving, hopeful immigrants. And right now, leaders from the business, labor, law enforcement, and faith communities all agree that the time has come to pass comprehensive immigration reform.
Real reform means strong border security, and we can build on the progress my Administration has already made – putting more boots on the southern border than at any time in our history, and reducing illegal crossings to their lowest levels in 40 years.
Real reform means establishing a responsible pathway to earned citizenship – a path that includes passing a background check, paying taxes and a meaningful penalty, learning English, and going to the back of the line behind the folks trying to come here legally.
And real reform means fixing the legal immigration system to cut waiting periods, reduce bureaucracy, and attract the highly-skilled entrepreneurs and engineers that will help create jobs and grow our economy.
In other words, we know what needs to be done. As we speak, bipartisan groups in both chambers are working diligently to draft a bill, and I applaud their efforts. Now let’s get this done. Send me a comprehensive immigration reform bill in the next few months, and I will sign it right away. …

Compare last night’s words to those on immigration reform in last year’s State of the Union address:

… I believe as strongly as ever that we should take on illegal immigration. That’s why my administration has put more boots on the border than ever before. That’s why there are fewer illegal crossings than when I took office. The opponents of action are out of excuses. We should be working on comprehensive immigration reform right now.

But if election-year politics keeps Congress from acting on a comprehensive plan, let’s at least agree to stop expelling responsible young people who want to staff our labs, start new businesses, defend this country. Send me a law that gives them the chance to earn their citizenship. I will sign it right away. …

Right away then, right away now. Don’t hold your breath.

The truth is no real traction on immigration reform has been made over the last year at federal level, even after an election. The far right, however, has been steadily working for the last three years at state level toward the denial of U.S. citizenship to undocumented immigrants, using Arizona SB 1070 as its initial stake in the sand. In theory, SB 1070 is the baseline model legislation from which this nationwide effort start. The long-term implications are far more complicated than they appear.

Here’s a quasi-hypothetical question, a thought experiment about U.S. citizenship by birth. Let’s assume these conditions in this case:

•  Antecedant immigrates from China to Hawaii in 1898, marries a Hawaiian citizen, acquires Hawaiian property–during the same year in which the sovereign nation of Hawaii is annexed without the consent of Hawaiians.

•  Antecedant has multiple children; the youngest is born in early 1930s while Hawaii is still a territory.

•  Youngest child goes to school on mainland while Hawaii is still a territory. Meets and marries a U.S. citizen only months after Hawaii became a state.

•  They have several children while living on the mainland after marriage.

If the far right manages to undermine United States v. Wong Kim Ark–the 1898 decision under which U.S. citizenship by birth was acknowledged–which of the people in the above scenario remain U.S. citizens?

If citizenship by birth can be denied, can they also be retroactively denied both citizenship as well as the right to own property? A number of states enacted Alien Land Laws during the early 1900s barring non-citizens from owning property. Though all but one state’s laws have been repealed, under Florida law non-citizens may yet be barred from ownership. Assuming the anti-immigration cohort undermines U.S. citizenship by birth, were the children of Chinese and Hawaiian citizens naturalized? Or can their naturalization be contested, along with rights to property ownership in Florida? Would states consider revisiting Alien Land Laws to discourage citizenship if Florida’s law remains in place?

By now you’re thinking this is all quite an unlikely set of scenarios. Let me challenge you one more time: what if all the above described my great-grandfather, grandfather, father, my natural siblings, and me? Should I take my family’s citizenship for granted?

Though President Clinton and Congress apologized in 1993 for the overthrow of the sovereign Hawaiian nation, there’s been little acknowledgment of the persistent abuse of Asian Americans rights, and Hawaiian sovereignty has been swept under the rug. If far right anti-immigrant bigots have their way at undermining the 14th Amendment and United States v. Wong Kim Ark, it’s going to take a lot more than an apology to make this mess right.

Unless it is established upfront that anyone currently recognized as a U.S. citizen will continue to maintain that status, the White House should not ask for just any immigration reform bill–especially given the GOP-heavy House of Representatives now in office.

This little exercise hasn’t begun to scratch the surface of the potential challenge. My grandfather appears to have immigrated from Canada as an infant in the early 1900s; his arrival in the states may not have been fully documented. Was he ever a truly naturalized citizen? Is my mother a U.S. citizen?

And what about your own family–when and how did they arrive in the U.S.? Will the zealous overreach of immigration reform question your own citizenship?

What’s your status? Where are your papers?

Let’s hope the threat to the citizenship status of white, English-speaking conservatives like my mother who’ve lived their entire lives in the U.S. gives xenophobic anti-immigration proponents pause.

Yet Another Edition of “You Were Warned”

Dear unnamed power company/ies: Thank you for providing me an opportunity to post one of my favorite videos.


You were warned about the possibility of security threats to your systems. Repeatedly–the video above is just one such warning. What’s it take to get through to you–a clue-by-four alongside the head? A massive, lengthy power outage you can’t resolve for days or weeks, with consumers calling for managements’ heads on pikes? A complete tank of your company’s stock value? The Department of Energy on your doorstep, taking possession of your site as it investigates you?

I love this part at 32:28 into the video where Ralf Langer says,

“…many things we thought about cyberwarfare earlier just were proven wrong. …”

Everything you thought you knew about infosec/cybersecurity needs to be revisited. The assumptions you’ve been using are clearly wrong.

Now get a frigging clue and revisit your security policies. STAT. You can start with checking these:

— No USB or other external media which have not been deeply screened for infection.

— External network connections to production equipment are to be avoided at all costs. Connections between corporate business and the power grid should be closed, dedicated network. Revisiting appropriateness of traditional isolation of production networks might be worthwhile.

— No third-party contractors permitted on site that do not comply completely with power company security policies, including spot inspections. (You do spot inspections, right? Contractors are screened coming in and out of facilities, right?)

What are you doing here, reading this? Get to work. RUN.

Dear U.S. Department of Energy: Um, hello? Did your brains’ functions suffer irreparable damage from exposure to BP’s dispersants?

It’s the only excuse I can think of as to why security measures and subsequent audits of the nation’s power grid for infections and intrusions from network and external devices haven’t removed these threats.

By the way, this 2009 document making suggestions to power companies about security measures is now out of date and needs to be revisited, in light of the Senate Intelligence Committee’s authorization of cyber weapon deployment and subsequent blowback risk, let alone the case of USB devices laden with crimeware.

Dear Fellow Americans: I really hate feeling like Cassandra. I’d love to see the power industry and our government prove me wrong by preventing outages related to security breaches about which they’ve been warned. At the rate they’re going, you’re going to end up on the short end of the stick, without electricity to read my anticipated future post which I expect to entitle, “I told you so.”

You might want to contact your government representatives and ask them what they know about power grid security and if they’ve actually done anything to investigate the safety of power in their district. If their understanding is shaped by the Department of Energy’s latency, they need to be brought up to speed and pronto. Don’t wait until you don’t have the juice to read my next post on this topic.

Fear, Uncertainty, and Doubt: the Real Cyber Attack on the Truth [UPDATE]

[photo: cdrummbks via Flickr]

[UPDATE – see end of article.]

One weaselly senator–with long-identified agendas and a pathetically thin understanding of technology–takes to the microphone. Suddenly, by virtue of wrapping his senatorial lips around a few scary words on topics about which he knows little, we citizens are supposed to quake in fear and plead for salvation.

Screw that noise. This is textbook  “fear, uncertainty, and doubt” — more commonly referred to as FUD in the information technology industry.

Since the 1970s, FUD tactics have used to suppress competition in the computer marketplace, targeting both hardware and software. Roger Irwin explained,

…It is a marketing technique used when a competitor launches a product that is both better than yours and costs less, i.e. your product is no longer competitive. Unable to respond with hard facts, scare-mongering is used via ‘gossip channels’ to cast a shadow of doubt over the competitors offerings and make people think twice before using it.In general it is used by companies with a large market share, and the overall message is ‘Hey, it could be risky going down that road, stick with us and you are with the crowd. Our next soon-to-be-released version will be better than that anyway’. …

FUD has non-technology applications as well; one need only look at product and service brands that encourage doubts about using any product other than their own, in lieu of actually promoting the advantages their product or service might have.

So what’s the FUD about? Senator Joe Lieberman spouted off about cyber attacks in September last year, claiming Iran was behind disruptive efforts targeting U.S. banks.

Right. Uh-huh. Predictable, yes?

But FUD is used in situations where there is competition, one might point out. Yes, exactly; in September 2012, the case for support of unilateral attacks against Iran was up against the news cycle crush, powered by the post-Benghazi fallout and the drive toward the November general election, followed by the terror that was the “fiscal cliff.” That’s a lot of powerful, compelling competition for both attention, votes, and tax dollars, when members of a reliable but lame duck Congress could be mounting up a pre-emptive cyber war without the headwind of public awareness and resistance, or the too-inquisitive pushback from newbies in the next seated Congress.

The pressure was on; our intrepid weaselly senator speedily whipped out some FUD!
The problem, though, is that no respectable consultant in the IT security industry picked up the flaming bag of smelly FUD. Take a gander through Kaspersky or Langner websites and look for panicked reports of DDoS assaults on banking–you won’t find them. RSA’s blog never mentions Iran last year at all; F-Secure makes an oblique comment about nation-state cyberwarfare, implicitly critical of U.S. with regard to its deployment of cyberweapons. Kaspersky mentions Iran exactly once, in relation to the “Ma(h)di incident” last year, and not at all in a forecast of 2013. Langner mentions the difficulty of providing adequate cybersecurity, noting Secretary of Defense Leon Panetta’s October 11 speech–again, no reference to Iran.

Intentionally or otherwise, Panetta furthered the FUD with his speech in a way that the mainstream media easily distorted:

…Let me give you some examples of the kinds of attacks that we have already experienced.

In recent weeks, as many of you know, some large U.S. financial institutions were hit by so-called Distributed Denial of Service attacks.  These attacks delayed or disrupted services on customer websites.  While this kind of tactic isn’t new, the scale and speed with which it happened was unprecedented.

But even more alarming is an attack that happened two months ago when a very sophisticated virus called Shamoon infected computers in the Saudi Arabian State Oil Company Aramco.  Shamoon included a routine called a ‘wiper’, coded to self-execute.  This routine replaced crucial systems files with an image of a burning U.S. flag.  But it also put additional garbage data that overwrote all the real data on the machine.  More than 30,000 computers that it infected were rendered useless and had to be replaced.  It virtually destroyed 30,000 computers.

Then just days after this incident, there was a similar attack on RasGas of Qatar, a major energy company in the region.  All told, the Shamoon virus was probably the most destructive attack that the private sector has seen to date.

Imagine the impact an attack like that would have on your company or your business.

These attacks mark a significant escalation of the cyber threat and they have renewed concerns about still more destructive scenarios that could unfold. …

Notice Panetta never actually says U.S. banks suffered Iranian-based DDoS attacks? He segues over to attacks on Saudi machines that might affect oil production, never mentioning what entity was likely responsible. Panetta mentions Iran exactly once–approximately 2184 words after beginning his 3898 word speech–and 861 words after the excerpt above, quite a distance from the examples he cited.

In contrast, he mentions Russia and China in a sentence directly ahead of the mention of Iran; he notes Russia once, and China three times in the same speech.

How are we supposed to infer from this speech that cyber attacks using DDoS on banks were imminent, if not already underway? Mainstream media solved that problem for us, by repeatedly claiming Panetta said in his speech that Iran was a cyber threat to banks.

It didn’t help that Panetta was preoccupied and didn’t step up to demand corrections about reporting on his speech.

Less-than-happy journalism has been too common on this topic. The September 21 Washington Post article that spawned Lieberman’s FUD refers to “U.S. officials.”

…“I don’t believe these were just hackers who were skilled enough to cause disruption of the Web sites,” said Lieberman in an interview taped for C-SPAN’s “Newsmakers” program. “I think this was done by Iran and the Quds Force, which has its own developing cyberattack capability.” The Quds Force is a special unit of Iran’s Revolutionary Guard Corps, a branch of the military.

Lieberman said he believed the efforts were in response to “the increasingly strong economic sanctions that the United States and our European allies have put on Iranian financial institutions.”

U.S. officials suspect Iran was behind similar cyberattacks on U.S. and other Western businesses here and in the Middle East, some dating as far back as December. A conservative Web site, the Washington Free Beacon, reported that the intelligence arm of the Joint Chiefs of Staff said in an analysis Sept. 14 that the cyberattacks on financial institutions are part of a larger covert war being carried out by Tehran. …

[emphasis mine–R.]

Gee, why not name them? Is this just our favorite weaselly senator again, and a mouse in his pocket? Or perhaps these nameless officials were Senators Lieberman, Collins, Rockefeller, and Feinstein, who sponsored the Cybersecurity Act of 2012, up for a vote less than ten days after the election?

Or are these “U.S. officials” part of another government group airing these suspicions without offering any substantive support? Why is the WaPo quoting the cyber attacks claim made by a tiny, little conservative outlet like the Washington Free Beacon? The outlet stated a secret report by “intelligence arm of the Joint Chiefs of Staff” revealed Iran’s anticipated DDoS assault on U.S. banking. Why would anybody affiliated with J-2 disclose anything at all from a secret report to a puny right-wing rag?

It appears there’ve been a number of folks who are allegedly close to the issue and unauthorized to speak to media who’ve been chattering away. Um, why wasn’t Senator Feinstein puling about intelligence leaks, especially when a bill she’s co-sponsored may be directly affected?

It all smells like old fashioned FUD; there’s a lot of fear being pushed, but nothing to remove uncertainty and doubt. Others have criticized the FUD as well as proliferation through distortion and inaccuracies. Computerworld reports experts are not all in agreement about attacks’ origins; see also this excerpt from Digital Dao’s Sept. 28 post, pushing back at Lieberman and media alike:

Bloomberg: “The initial planning for the assault pre-dated the video controversy, making it less likely that it inspired the attacks, according to (Dmitri) Alperovitch and (Rodney) Joffe, both of whom have been tracking the incidents. A significant amount of planning and preparation went into the attacks, they said. “The ground work was done to infect systems and produce an infrastructure capable of launching an attack when it was needed,” Joffe said.”

CNN: “To get hold of all the servers necessary to launch such huge attacks, the organizers needed to plan for months, Alperovitch said. The servers had to be compromised and linked together into a network called a “botnet.”

FALSE. This attack did not take months to plan for two reasons: 1) This was a crowd-sourced opt-in botnet commonly used in social activism (aka hacktivist) attacks, and 2) No one needs to create a botnet from scratch anymore. You can find them to rent on pretty much any hacker forum world-wide.

While all scaremongering proliferates–without any credible information documenting the claims that a nation-state is behind DDoS attacks on banks–more realistic threats to U.S. banking emerged nearly in tandem with the allegations about Iran’s cyber assault. Note the stories published by information security journalist Brian Krebs, FastCompany, and other IT news outlets about Project Blitzkrieg, a criminal program targeting 30 U.S. banks with the intent to steal money while tying up the banks’ systems with DDoS attacks. How does the public not know that trojans and viruses launched in late summer/early autumn weren’t proof-of-concept efforts in advance of real attacks? Skype in particular experienced a widespread virus spread within its community in late September–oddly enough, just before news reports about Project Blitzkrieg–and reporting to date on Project Blitzkrieg indicates that Skype will be a component of the attack.

There’s more than one issue that could underpin concerted FUD using the mythos of Iranian cyberwarfare, including the conflicts between the U.S. and the E.U. on surveillance, or tensions over the puzzling inadequate response by the U.S. banking system with regard to their persistent laxity on authentication standards compared to EU banks. (The U.S. has used a single factor while the EU has relied on a two-factor standard. While the EU is more secure, both are inadequate according to security expert Bruce Schneier.)

Whatever the truth, whatever drives the FUD, know this:

— The Cybersecurity Act of 2012 died in November, though it may be resurrected under the newly seated Congress, or the White House could choose to implement all desired features through an executive order;

— Don’t let the FUD distort your perceptions. “…Some in (IT) industry say DDoS attacks are pretty common. …” They are. They are not the exclusive domain of cyberwarfare, are far more frequently generated by criminal or hacktivist activity.

— Lastly, practice safe computing and safe banking. 1) Run antivirus and anti-malware applications frequently, using more than one antivirus package; 2) Don’t assume Mac OS and iOS are immune, as criminals go where there’s money, not operating systems; 3) If you bank online, use Linux–see Brian Krebs for an overview.

UPDATE — 8:10 PM EST — Check out this interesting report from ProPublica just today, How a Government Report Spread a Questionable Claim About Iran, by Justin Elliott. Notice anything familiar in this article? Looks like a classic dispersion of FUD and at least one familiar outlet. Huh.

Future Forecast: Shocking?! Not

[photo: adapted from Shock by Jeremy Brooks via Flickr]

In advance of the new year, I’ve been looking at futurism and forecasting over the last several days. Actually, I’ve been looking at futurism for a decade; at one point in time I seriously considered a degree program in Future Studies. There were only two schools in the U.S. that offered such a program, and a third one offered a handful of courses in the subject.

For this reason you can bet most future predictions are not made by folks with degrees in Future Studies. Not only are there few courses and fewer programs in this field, but there are very few jobs for graduates. Many grads will end up in think tanks, assuming they don’t have a dual degree in finance, economics, or business, with which they end up getting a corporate sector job.

As small and obscure as this field is, one might wonder how much practical experience many of these Future Studies experts have with regard to how things work.

Apart from climate and weather forecasts, this means the public is subjected to forecasts and predictions by few true futurists, and likely “sheltered” ones at that.

It’s no surprise, then, that we end up with posts like this one via the World Future Society’s The Futurist magazine: Eight Shocking Quotes from 2012 that will Redefine Our Future.

Are these truly shocking? Hardly; while quotes by Richard Florida and Chris Anderson are noteworthy and truly predictive, the rest are filler.

(Note also that none of the eight SHOCKING! quotes are by women. Apparently estrogen prevents those of us born with double XX chromosomes from saying anything that might sharply detour you from the future as you’ve believed it will be.)

Let’s look at a couple examples, starting with this quote by former Microsoft CEO and progenitor, Bill Gates:

“When you come to the end of the innovations that business and government are willing to invest in, you still find a vast, unexplored space of innovation where the returns can be fantastic. This space is a fertile area for what I call ‘Catalytic Philanthropy.’”

What a crock. The Futurist contributor, Thomas Frey, believes this to be a stop-in-your-tracks remark. This ranks among the finest examples of naivete and the obtuse, combined with hypocrisy that I’ve ever read.

Apparently Frey is either unaware or has forgotten that Bill Gates’ organization led the effort to squash independent innovation that business and government wouldn’t fund, in the form of open source software. See the 1998 Halloween Documents as evidence. It’s utter hypocrisy that Gates makes such a declaration as if he’s never run into innovation in the wild, unfettered by corporate and government reins.

Is Gates right about the returns? Hell yes — that’s why his corporation worked for nearly a decade to beat down the under-funded, coder community-based competition. Just look at the amount of open source Linux-based Android software and applications in the marketplace today, along with the hardware they support. Beaucoup returns based on an open source software. Oh, and philanthropically funded, albeit with self-interest, by Google in the form of Summer of Code projects combined with infrastructure support for open source software projects and organizations.

Philanthropy and future redefining, my ass. This is profit in the present, and Gates once again lives in the past as he did in 1998.

Another doozy of a quote offered up was by Netscape browser’s creator, Marc Andreessen:

“Software is eating the world.”

Where have both Andreessen and Frey been living — under a rock? The very reason cellphones have outsold personal computers for the last handful of years has been software, combined with increasingly cheap, miniaturized hardware, and the increasing reach of network connected to cheap servers and storage. The amount of applications exploded with the release of the first smartphones, particularly the iPhone; the middleware environment kept pace to service the data created by applications. Tablet hardware now takes the place of even more PCs, using many of the same software applications that smartphones use.

It’s not shocking at all that Andreessen, of all people, would believe that “software is eating world” — software is his life’s blood, his raison d’être. (Hello, Netscape?)  His remark is hardly a redefinition of the future, but a description of the present and near-term past.

The flimsiness of these quotes with regard to their impact on our future should give us all pause when presented with predictions and forecasts. Perhaps you can do a better job of forecasting without credentials in future studies, simply by using solid analytical thinking and a careful examination of the past and present.

(Disclosure: I have consulted in competitive intelligence related to open source software–me and my double XX chromosomes.)

Copyright © 2018 emptywheel. All rights reserved.
Originally Posted @ https://www.emptywheel.net/author/rayne/page/46/