Warm, like the Philippines, the home of the Manila sound. It’s Friday once again and today’s jazz genre is the precursor to Pinoy rock (like Freddie Aguilar’s Anak) and Pinoy hip hop (like Andrew E’s Binibirocha).

The Manila sound emerged under Ferdinand Marcos’ regime; wish I knew more about this body of work to identify songs which pushed the envelope politically. You can still hear the ghost-like impact more than 300 years of Spanish colonialism in some riffs, shaped by other Asian and American influences.

Think I’ll try a mix mix cocktail later today with a little more contemporary Filipino jazz.

Coincidentally, “mix mix” is an apt description for this morning’s post. A lot of smallish, unrelated items in my inbox today…

The canary that didn’t chirp
Reddit may have received a National Security Letter, based on the disappearance of a notice in transparency reporting which up to now indicated no NSLs had been received. Was an NSL sent to Reddit in response to an online discussion last year with Edward Snowden, Laura Poitras, and Glenn Greenwald? Or did some other content trigger a possible NSL?

Department of Homeland Security’s Cyber Security Division wants to fix open source software
“Hello, we’re from the government. We’re here to help you.” Uh-huh. Color me skeptical about this initiative intended to reduce vulnerabilities in open source software. when the government finds a way to insert itself into technology, it’s an opportunity for co-option and compromise. Can you say ‘backdoor’?

Fixing a problem with business iPhones may create a new one
A key reason the USDOJ went after Apple to crack the passcode on the San Bernardino shooter’s iPhone: poor or missing mobile device management software. Had the iPhone’s owner and issuer San Bernardino County installed an MDM app that could override the assigned user’s passcode, the FBI would have had immediate access to the iPhone’s contents. Employers are likely moving toward more and better MDM to prevent a future costly #AppleVsFBI situation. However, the new SideStepper malware is spreading and taking advantage of MDM’s ability to push software to enterprise-owned iPhones without the users’ approval.

FCC’s very busy Thursday

• FCC approved a $9.25 monthly subsidy for Lifeline-eligible low-income folks to use on high-speed internet service. Now if only high-speed internet was less than $10/month, or available across the U.S. to all low-income citizens…there are still wide swaths of the U.S. where high-speed internet is simply a pipe dream, let alone adequate competition to keep prices within reach of the subsidy.
• The subsidy’s approval came amid a lot of political scrambling and maneuvering due to conservatives’ resistance on spending (what a surprise, right?), though the investment should increase the number of users able to access state and federal programs online, reducing costs to operate them over the long run.
• The FCC also voted to proceed with rulemaking on the handling of users’ personal information over ISPs. Privacy is currently regulated on telecommunications by the FCC, but not on ISPs. Implementing rules on ISPs substantially similar to telecoms may protect consumers’ privacy, which is otherwise wide open. It would also force more equitable competition between ISPs and telecoms on consumer communications services. Perhaps this makes it easier to understand why NBC and MSNBC — both owned by cable ISP company Comcast — have been completely in the tank for Donald Trump? (Might even explain why Trump was such an ass to Univision’s Jorge Ramos, as Comcast owns competitor Telemundo.)

Today in literacy

• Participating in a book club could land you in prison in Angola (QZ) — There’s either more to this story, or Angola is incredibly repressive and ripe for trouble.
• Fairy tales, now with more firearms (NPR) — The idiots at NRA think there’s not enough violence in fairy tales, so they’ve rewritten them with weapons added. Distorting the Constitution isn’t enough; why not distort children’s fiction, too?
• Lawful Hacking: using Existing Vulnerabilities for Wiretapping on the Internet (Northwestern Journal of Technology and Intellectual Property) — Not a book, but a worthwhile read for infosec literacy.

Public Service Announcement: Backup/Alternate Site
You may have noticed the site’s connectivity going up and down; there’s some tinkering going on under the hood. If the site should go down for long, you can find our more recent content at this alternate site (bookmark for emergency use). If the site needs to stay down for longer periods of time for repairs or redesign, we’ll redirect traffic there. Comments left at the other site will not be ported back to this page, however, and the alternate location is not intended to replace this one though you may find you like the alternate site’s mobile version better.

That’s a wrap, I’m off to find some calamondins, or an approximation for a mix mix cocktail. Have a good weekend!

Still on spring break around here. If I was legit on a road trip some place warm right now, you’d find me lounging in the sun, sipping fruity cocktails at all hours, listening to some cheesy exotica like this Arthur Lyman piece I’ve shared here.

Though horribly appropriative and colonialist, it’s hard not to like exotica for its in-your-face corniness. I think my favorite remains Martin Denny’s Quiet Village. It brings back memories from the early 1960s, when life was pretty simple.

Let’s have a mai tai for breakfast and get on with our day.

Urgent: Increasing number of hospitals held ransom
Last month it was just one hospital — Hollywood Presbyterian Medical Center paid out bitcoin ransom.

Last week it was three — two Prime Healthcare Management hospitals in California and a Methodist Hospital in Kentucky held hostage.

Now, an entire chain of hospitals has been attacked by ransomware, this time affecting the servers of 10 related facilities in Maryland and Washington DC. The FBI is involved in the case. Is this simple extortion or terrorism? The patients diverted from the facilities to other hospitals’ emergency rooms probably don’t care which it is — this latest attack interfered with getting care as quickly as possible. Let’s hope none of the diverted patients, or those already admitted into the MedStar Union Memorial Hospital chain, have been directly injured by ransomware’s impact on the system.

The MedStar cases spawns many questions:

• Was any patient’s physical health care negatively affected by the ransomware attack?
• Given the risks to human health, why aren’t hospitals better prepared against ransomware?
• Have hospitals across the country treated ransomware as a potential HIPAA violation?
• Was MedStar targeted because of its proximity to Washington DC?
• Was Hollywood Presbyterian Medical Center targeted because its owner, CHA Medical Center, is South Korean?
• Were any patients being treated at MedStar also affected by the OPM data breach, or other health insurance data breaches?
• How much will ransomware affect U.S. healthcare costs this year and next?

Bet you can think of a couple more questions, too, maybe more than a couple after reading this:

Hospitals are considered critical infrastructure, but unless patient data is impacted there is no requirement to disclose such hackings even if operations are disrupted.

Computer security of the hospital industry is generally regarded as poor, and the federal Health and Human Services Department regularly publishes a list of health care providers that have been hacked with patient information stolen. The agency said Monday it was aware of the MedStar incident.

Apple iPhone cases emerge
After the San Bernardino #AppleVsFBI case, more law enforcement investigations relying on iPhones are surfacing in the media.

• L.A. police crack open iPhone with fingerprints obtained under warrant (Forbes);
• FBI will assist county prosecutor in Arkansas with iPhone belonging to alleged teen killer (Los Angeles Times); the method may be the same hack used on the San Bernardino phone, which was supposed to be a one-off (Network World);
• ACLU found 63 other cases in which FBI used All Writs Act to obtain iPhone/Android smartphone data from Apple and Google (The Register).

Stupid stuff

• In spite of screwing up not once but twice by releasing its racist, obnoxious Tay AI chatbot, Microsoft tripled down on a future full of chatbots you can build yourself with their tools. (Ars Technica) — Ugh. The stupid…
• UK’s Ministry of Defense awarded funding to Massive Analytics for work on “Artificial precognition and decision-making support for persistent surveillance-based tactical support” (Gov.UK) — OMG Precog in warfare. Human-free drone attacks. What could go wrong?
• Rich white guys queue up outside Tesla dealerships for days waiting to pre-order the new Tesla 3 (Vancity Buzz) — Vancouver, Sydney, probably other places I’m too arsed to bother with, because rich white guys.

That’s quite enough. Back to pretending I’m lying under a cerulean sky, baking my tuchis, cold drink in hand.

In the Spring a livelier iris changes on the burnish’d dove;
In the Spring a young man’s fancy lightly turns to thoughts of love.

— excerpt, Locksley Hall by Alfred, Lord Tennyson

Welcome to spring break. And by break, I mean schedules are broken around here. Nothing like waiting up until the wee hours for a young man whose fancy not-so-lightly turned to love, because spring.

~yawn~

While the teenager lies abed yet, mom here will caffeinate and scratch out a post. It may be early afternoon by the time I get over this spring-induced sleep deprivation and hit the publish button.

Apple blossoms — iPhones and iPads, that is
Not much blooming on the #AppleVsFBI front, where Apple now seeks information about the FBI’s method for breaking into the San Bernardino shooter’s iPhone 5C. The chances are slim to none that the FBI will tell Apple anything. Hackday offers a snappy postmortem about this case with an appropriate amount of skepticism.

I wonder what Apple’s disclosure will look like about this entire situation in its next mandatory filing with the SEC? Will iPhone 5C users upgrade to ditch the undisclosed vulnerability?

What if any effect will the iPhone 5C case have on other criminal cases where iPhones are involved — like the drug case Brooklyn? Apple asked for a delay in that case, to assess its position after the iPhone 5C case. We’ll have to wait until April 11 for the next move in this unfolding crypto-chess match.

In the meantime, spring also means baseball, where new business blossoms for Apple. Major League Baseball has now signed with Apple for iPads in the dugout. Did the snafu with Microsoft’s Surface tablets during the NFL’s AFC championship game persuade the MLB to go with Apple?

Volkswagen coasting
It’s downhill all the way for VW, which missed last week its court-imposed 30-day deadline to offer a technical solution on its emissions standards cheating “clean diesel” passenger vehicles. If there was such a thing as “clean diesel,” VW would have met the deadline; as I said before, there’s no such thing as “clean diesel” technology. The judge allowed a 30-day extension to April 24, but my money is on another missed deadline. Too bad there’s not a diesel engine equivalent of Cellebrite, willing to offer a quick fix to VW or the court, huh?

Of note: former FBI director Robert Mueller has been named “special master” on this case by Judge Charles Breyer; Mueller has been meeting with all the parties involved. What the heck is a “special master”? We may not have a ready answer, but at least there’s a special website set up for this case, In re: Volkswagen “Clean Diesel” MDL.

The cherry on top of this merde sundae is the Federal Trade Commission’s lawsuit filed yesterday against VW for false advertising promoting its “clean diesel” passenger cars.

With no bottom yet in sight, some are wondering if VW will simply exit the U.S. market.

Automotive odd lot

• Jury says GM’s ignition switch was bad, but not at fault in a 2014 accident in New Orleans (Reuters) — Keep an eye on media representation of this case. Headline on this one focused on the switch, not the jury’s decision.
• Car-to-car communications will be road tested soon (MIT Technology Review) — This technology might have prevented Google’s self-driving car from getting crunched by a bus recently.
• Dude demonstrates his hack of Alexa + Raspberry Pi + OBDLink to remote start his car (Gizmodo) — What. even.

Did Tennyson write anything about spring spawning naps? Because I feel like I need one. Hope we’re back in the groove soon. See you in the morning.

I would post this video every week if I could get away with it. It’s a favorite in my household where three of us play string instruments. I’ve blown out speakers cranking these guys up as far as I can (shhh…don’t tell the dude in charge of speaker maintenance here).

You’ll note this post is pushed down the page as Marcy’s last two posts about #AppleVsFBI (here and here) have been picked up by several news outlets. Let’s let new readers have the rail for a bit.

NC and GA state legislatures wreaking bigoted havoc
Regressive bills allowing open practice of anti-LGBT bigotry have been working their way through states’ legislatures in the wake of Burwell v. Hobby Lobby Stores, Inc. Indiana and Arizona are two examples where bills using a template based on the federal Religious Freedom Restoration Act (RFRA) have been passed. Arizona’s governor Jan Brewer made an unusually rational move and vetoed the bill. Indiana did not, and many organizations protested until an amendment was passed modifying SB 101‘s worst component.

Georgia’s legislature passed their own spin on RFRA, The Free Exercise Protection Act; the bill is now in the hands of Gov. Nathan Deal, who has until the first week of May to sign it into law. The state has an emerging film and TV production industry, home to popular shows like AMC’s The Walking Dead. Disney and its subsidiary Marvel yesterday announced they would yank production out of Georgia if Gov. Deal signed the bill. AMC followed suit and announced it too would pull out of Georgia. Other corporations with business interests in GA, like The Dow Chemical Company, are also unhappy. How many more companies will it take before Deal wises up and vetoes the bill or demands amendment?

Sadly, North Carolina’s GOP-led legislature rushed through a bill yesterday with a slightly different spin — like a proof-of-concept for the rest of the states where RFRA bills have been unable to gain traction while avoiding the potential for boycotting leveraged against the governor. Anti-transgender fear-mongering was used to force HB2-Public Facilities Privacy & Security Act through while avoiding “religious freedom” as a promotional feature. It was signed into law yesterday by NC’s jackass governor, Pat McCrory, who tweeted,

Ordinance defied common sense, allowing men to use women’s bathroom/locker room for instance. That’s why I signed bipartisan bill to stop it.

I signed bipartisan legislation to stop the breach of basic privacy and etiquette, ensure privacy in bathrooms and locker rooms.

Except that HB2 not only overturns local ordinances protecting LGBT persons, it prevents transpersons from using the facilities appropriate to their transgender, and it allows businesses to post notices they will not serve groups. Welcome back, Jim Fucking Crow.

The bill was not truly bipartisan, either. Although 14 idiotic state house Democrats voted for the bill, the entire Democratic state senate caucus walked out in protest rather than vote on the bill at all. Methinks NC Dem Party discipline needs a little work, and state house members need a little less bigotry.

Speaking of which, DNC was typically ineffectual, offering a bunch of jargon instead of straight talk about NC’s discrimination. Are there any groups at all the DNC under its current leadership will really extend any effort except for corporations?

The speed at which the bill passed through NC’s legislature during an “emergency” session — because making sure the body parts align with the identity on the bathroom door is an emergency! — may have prevented the state’s largest employers from responding appropriately. Let’s see if NC’s largest employers, including University of North Carolina, Time Warner Cable, Duke Energy, Bank of America, Wells Fargo, Merrill Lynch, and the many sci-tech companies of Research Triangle, will wise up and demand an end to the ignorance and bigotry of Public Facilities Privacy & Security Act.

Finished digging out here after a late season snow storm, now serving up a hot dish brunch casserole made with a mess of oddments.

• Diebold buys German competitor Wincor Nixdorf (Bloomberg) — wonder how this industry shakes out as mobile payment systems become more popular and more widely accepted.
• Speaking of mobile payment systems: Apple Pay expected to expand to apps and websites before Christmas shopping season (FastCompany) — expected to take a bite out of PayPal’s market share, but if transactions are conducted online, this could eat into other payment processing systems. Need the importance of encryption be pointed out yet again, too?
• Apple’s new, smaller iPhone SE available for pre-orders today (BusinessInsider) — also iPad Pro. Already hearing strong interest from a lot of women about the smaller phone; they’ve been unhappy with the increasing size of iPhones.
• Nielsen TV ratings data will begin tracking streaming equipment brands (FastCompany) — their data will be based on 40,000 households, though. Apparently sales of streaming equipment like Apple TV, Chromecast, Roku aren’t granular enough for firms acquiring content consumption data. Wonder how long before Nielsen itself is replaced by network sniffing?
• Related? Funny how Iran is the focus of the first, but not mentioned in the second:
  • USDOJ charging Iranian hackers for alleged cyber attacks on banks and Wall street (Bloomberg); and
  • U.S. military wants additional cybersecurity for nuclear and other WMDs (Bloomberg)
• AI-written novel survives first round in Japanese literature contest (DigitalTrends) — and you thought it was just the news that was generated by robots.

That’s a wrap, catch you tomorrow morning!

Let’s have a brunch-time salute to Belgium, which produced this fine young artist Loic Nottet. Too bad there’s not much well-produced content in YouTube yet by this youngster. He has incredible upper range reach with great potential because of the power behind his voice. Hope to hear more by him soon; he’s a sweet antidote to bitter wickedness.

All in the family
Hope you’ve read Marcy’s piece already this morning on the relevance of nuclear family units to terrorism. In addition to suicide bombers El Bakraoui brothers Marcy mentioned, it’s worth examining the other links between the November 13 attacks in Paris and the attacks in Belgium yesterday. Note the familial relationships and their first-degree network:

Brahim Abdelslam — older brother of Salah, blew himself up in Paris during the November 15 attacks. (Dead)
Salah Abdelslam — captured last Friday March 18, has admitted he ‘had planned to target Brussels.’ His location was flagged by an unusual number of pizzas delivered to an apartment where power and water had been shut off. (In custody)

Abaid Aberkan — characterized as a relation of the Abdelslams, carried Brahim’s casket at the funeral last week. (NOT a terror suspect Edit: Le Monde indicates Aberkan was arrested during Friday’s raid, but name spelled ‘Abid.’) (In custody)
Aberkan’s mother — renter/owner of Molenbeek apartment in which Salah was hiding when captured last week. (NOT a terror suspect)

Mohamed Belkaid — killed in a raid last Tuesday at an apartment in Forest district; Salah fled the apartment. (Dead)

Mohamed Abrini — A childhood friend and neighbor of Salah, his younger brother Suleymane died fighting in an Islamist militia under the direction of Abdelhamid Abaaoud. Abaaoud, the leader of the Paris attacks, died on November 18 during a police raid. Abrini had traveled with both of the Abdelslam brothers the week before the attacks in Paris. He is now on the run and sought in relation to yesterday’s attack. (Suspect)

Najim Laachraoui — traveled with Salah and Belkaid last September, under the name Soufiane Kayal. His DNA was found in three different locations: on explosives in Paris, and at two other hide-outs used by attackers. He is now sought in relation to yesterday’s attack. (Suspect)

Though we’ll hear arguments for increased internet surveillance, it’s easy to see that traditional police work could identify a terrorist network of family and friends in the same way members of an organized crime syndicate centered around a family are revealed. (Sources for the above: The Guardian and The Australian)

Other stuff going on…

• ‘Flash Crash’ trader to be extradited to the U.S., rule British judges (France24)
• Sextortionist Michael Ford, who ran a criminal enterprise from his work computer while employed at U.S. embassy, sentenced to four years and nine months in prison (Ars Technica) — BoingBoing notes the hypocrisy of a government demanding backdoors while failing to note such a massive misuse of its own network.
• Another hospital held hostage by ransomware, this time in Kentucky (Krebs on Security) — STOP OPENING LINKS IN EMAIL at work, for starters. Isolating email systems from all other networked operations would be better.
• 24 car models by 19 automakers vulnerable to keyless entry hack (WIRED–mind the ad-block hate) — Mostly foreign models affected due to the radio frequency used.

Better luck tomorrow, gang. See you in the morning.

Whatever I was going to write today has been beaten into submission by current events.

Woke up to news about alleged terror attacks in Belgium — social media was a mess, a deluge of information with little organization. Best I can tell from French language news outlets including Le Monde, the first attack was at 8:00 a.m. local time at the Zaventem Airport just outside Brussels. The second attack occurred at the metro station Maelbeek at 9:11 a.m. Both attacks appeared use bombs, unlike the Paris attack this past year — two at the airport, one at the metro. Reports indicate 15 deaths and 55 seriously injured so far.

A third explosion reported in the city at a different location in the city of Brussels has been attributed to the controlled detonation of a suspicious package after the second attack.

In the time gap between the two attacks, one might suppose many law enforcement and military would have gone to the airport to respond to the first attack. Was there synchronization by planned schedule, or was there coordination by communication?

However, communications may have been difficult as telecom networks were quickly flooded. How soon were the telecom networks overloaded? Or were the networks throttled for observation? We may not ever know.

It’s worth reexamining what Marcy wrote about the communications found after Paris attack (here and here). It may be relevant if the same practices were used by the attackers in Brussels.

Important to note that Paris terror attack suspect Salah Abdeslam was arrested March 18 in a raid in Brussels. He is believed to have transported several of the attackers to the Stade de France just before the November 13 attack. Abdeslam may have been one of several suspects who fled from another earlier raid during which another suspect was killed.

Still working on the order issued late yesterday vacating today’s planned hearing on #AppleVsFBI. The order is here.

UPDATE — 9:30 a.m. EST — Marcy will be posting in a bit about the #AppleVsFBI hearing that wasn’t.

Another interesting story that broke in France today: French Supreme Court affirmed a previous lower court decision which ruled legal the wiretapping of former president Nicolas Sarkozy. Sarkozy has been under investigation for various forms of influence peddling since 2010, including receipt of campaign funds from Libya’s Muammar Gaddafi in 2007.

UPDATE — 1:00 p.m. EST/5:00 p.m. London/6:00 p.m. Brussels, Paris —

Now into the post-emergency recovery stage — all manner of political functionaries and talking heads have offered their two bits on this morning’s attacks. Three days of mourning have been declared in Belgium. Pictures of the alleged bombers at the airport taken by security video camera have now been published. The airport attackers detonated their weapons in the pre-security check-in area. 34 deaths have now been reported as a result of the attacks for which ISIS has now claimed responsibility. Across the Channel, the UK remains on alert for multiple attacks after last week’s raid in Brussels; UK travelers have been discouraged from traveling to Brussels.

Timeline (via Agence France-Presse)

22 mars Peu après 09h00/22 March Shortly after 9:00 a.m.
Explosion dans la station de métro Maelbeek.
Explosion in the Maelbeek metro station.

22 mars 08h00/22 March 8:00 a.m.
Deux explosions a l’aeroport. Possible kamikaze.
Two explosions at the airport. Possible suicide bomber.

21 mars/21 March
[Suspect] Najim Laachraoui, dont l’ADN a été retrouvé sur des explosifs, identifié et activement recherché.
Najim Laachraoui, whose DNA was found on explosives, identified and actively sought.

18 mars/18 March
Salah Abdeslam arête à Molenbeek.
Abdeslam Salah arrested in Molenbeek.

15 mars/15 March
Fusillade, quartier Forest – Mohammed Belkaid, lié aux auteurs de attentats de Paris du 13 novembre est tué. Empreintes de Salah Abdeslam retrouvées.
Shooting, Forest district – Mohamed Belkaid, linked to Paris attack planners of November 13, killed. Footprints of Salah Abdeslam found.

When you need a break this hectic Monday morning, take five minutes and watch ANA from Factory Fifteen. I’m intrigued by the props and set — how much is CGI, and how much is actual production line? What company allowed this production company access to their equipment?

Though snappy and visually engaging, the story’s not realistic — yet. But much of the equipment on the production line is very close to that used in manufacturing today. And just as depicted in this short film, the weakest link is the human.

Worth keeping in mind this week as we plow deeper into the conflict at the intersection of humans and devices. Speaking of which…

Apple-heavy week ahead

• Hearing in California tomorrow in front of Judge Sheri Pym over the San Bernardino’s shooter’s iPhone. Be sure to read Marcy’s take on the hearing and witnesses.
• WLTX of Columbia SC posted a timeline of #AppleVsFBI events — unfortunately, it starts on February 16 with Judge Pym’s order to Apple.
• NYT reported last week that Apple employees may quit if Apple is ordered to cooperate and write security-undermining code. But is this a deliverable in itself? The article offered an incredible amount of detail about Apple’s operations; if employees quit, any entities observing the technology company will know even more. Has this shakedown been designed to yield information about Apple’s operations, while risking corporate and personal security?
• Apple will release information about new products today at a media event. The buzz may be less about the new products than the hearing tomorrow.
• An iPhone 6 bursting into flames during a flight to Hawaii didn’t help Apple. One might wonder why this particular phone flamed out so spectacularly as it’s a relatively new device.

HEADS UP TECH USERS

• Kindle users: Amazon is forcing a mandatory update across all its older Kindle reader devices. Deadline: TOMORROW MARCH 22 — after that date, users will have to manually update devices and download books via PC and not over the internet.
• Tweetdeck users: Owner Twitter will kill the Windows app on April 15th. After that time, Windows-based users will need to use a browser. Can’t blame Twitter–it’s ridiculously expensive to write and service so many apps when the same devices usually have a browser.
• Android users: 1) Protect your privacy and security by checking these settings; 2) Check this setting, stat, to prevent unauthorized access.
• Nexus users: Make sure you have the latest patch issued last week. All other Android users should nag their equipment makers for their version of the same patch.

Before the machines complete their occupation of our world…

• Nice read on law emerging with the rise of robots. Too bad none of them really incorporate Asimov’s Three Laws of Robotics. (The Atlantic)
• Want to bet the overlords will argue workers should be paid less because they don’t have to work as hard wearing an exoskeleton — like these at Panasonic? (By the way, DARPA, that’s yet another commercially-developed exoskeleton near release; where’s yours/ours?) (Mashable)
• Artificial intelligence already pitted against humans by those bloody banksters. Watch this video and ask yourself if this guy from Global Capital Acquisitions realizes there are humans at the nodes of the investment network whose lives are affected by his blah-blah-blah-babbling about artificial intelligence. STG he could be a machine himself. (Bloomberg)
• Myths about AI busted – another solid read. Combined with the preceding Bloomberg bankster video it reinforces AI threat awareness. (Gizmodo)

After watching that video at Bloomberg, I think we’re a lot closer to ANA than we realized. Watch your backs — Monday is certainly gaining on you, if robots aren’t.

Congratulations! You made it to another Friday! The end of the week means jazz here, until I run out of genres. This Friday I’m not covering a genre, though. I’m pointing you to one of the most surprising and utterly awesome gifts jazz lovers and historians could get.

1,000 hours of free jazz, ready to download.

Holy mackerel! I almost fainted when @OpenCulture tweeted last week about David W. Niven’s collection shared with the public at Archive.org. Just as amazing is Niven’s commentary, providing context we would never otherwise have about each piece.

I’ll embed some Louis Armstrong at the bottom of this post to get your weekend started. Mark this collection as one of my favorite things ever.

Malware discovered, targeting non-jailbroken Apple iOS devices in China
This is the second China-specific malware that researchers at Palo Alto Networks have found this year. Gee, why China?

UK’s Labour Party wankers want ‘Snoopers’ Charter’ because Snowden
Just the wankers, mind you, though it’s hard to tell which MPs were the wankers as Labour and SNP sat on their hands during the vote for the Investigatory Powers Bill (IPB), not wanting to appear obstructive. Fondly called the ‘Snoopers’ Charter,’ the bill replaces Regulation of Investigatory Powers Act (RIPA) and passed in the House of Commons on its second reading. The bill allows the UK government to amass all Internet Connection Records (ICRs) for a year’s time, including telecommunications connections. Restrictions on which government entities have access to these records and for what purpose is muddy at best, and the cost of collecting and storing these records will be borne by the network service providers who in turn will need to raise their rates. Sane people understand the IPB as passed is atrocious. The bill would not have passed the second reading at all had all of Labour and the SNP voted against it, but a number of wankers argue Edward Snowden is reason enough to dragnet the entire UK’s internet activity — which makes no sense whatsoever, based on the bill’s current formulation. The ‘Snoopers’ Charter’ now enters the Committee Stage, where it’s hoped somebody catches a cluestick and puts the brakes on this current iteration of government panopticon.

U.S. National Highway Traffic Safety Administration and FBI warn about automobile hacking
Hmm. A little late to the party after at least four different vulnerabilities were revealed over the last year, but better late than never. Rather annoying the public needs to be on guard against automakers’ naiveté/stupidity/hubris.

Google’s parent Alphabet selling its robot division Boston Dynamics
Remember the creepy four-legged robot ‘Big Dog’? It and its developer are up for grabs. Google (before it became Alphabet) bought Boston Dynamics in 2013, but now finds the firm doesn’t fit its strategy. Worth noting differences in reaction to the news:

• Why Google Is Selling Off Some of the Coolest Robots Ever Built (MIT Review)
• Robot maker Boston Dynamics put up for sale by Google, reports say (The Guardian)

The tone of the MIT Review piece — technology’s coolness is sufficient rationale for its creation and existence — offers interesting insight, explaining how awful technology ends up commercialized in spite of its lack of fitness.

Let’s call it a week and get on with our weekend. Have a good one!

Today’s House Oversight Committee hearing into the Flint Water Crisis was a joke. It was partisan — more so than the previous two hearings — because Republicans finally clued in that a Republican state governor’s crisis doesn’t make them look good if they don’t kick up a stink and draw fire away from their role in the mess.

And yes, Congress’ GOP members are directly responsible for what happened in Flint, because they are also responsible for neutering the Environmental Protection Agency. Congress is the one entity which failed to take any responsibility for what happened in Flint — and what happened in Flint had already happened in Washington DC. Congress ensured that the EPA would be subordinate to the states, relying on states to act with inadequate recourse to step in and intervene. See Primacy Enforcement Responsibility for Public Water Systems (pdf) and note the obligations the states have to ensure safe drinking water under these laws:

• Safe Drinking Water Act, 1974, as amended in 1986 and 1996
• Primacy Regulations 40 CFR Part 142, Subpart B, 1976, as amended in 1986
• Revisions to Primacy Requirements (1998), 63 FR 23362 codified at 40 CFR Part 142

These are Congress’ purview; as part of the Executive Branch, the EPA does not make law. Only Congress does.

Equally annoying today is the tendency by the Republican representatives to go easy on Michigan’s Governor Snyder, who tried to make it sound like he was doing everything he could to fix Flint and be open and transparent. You know this is bull hockey if you’ve looked at batches of emails released to date.

You know it’s also nonsense if you look at documents produced by the Snyder administration, intended to assist the public with understanding what happened.

One example is a timeline of the Flint water crisis laid out in a two-page presentation, with bubbles containing descriptions of events. A bubble marking March 12, 2015, appears in the upper right of the first page, denoting the submission of a report by Veolia Water. The firm had been hired by Flint’s emergency manager as water quality consultant to review and evaluate the water treatment process and distribution system.

Veolia completed and submitted their report to the city on March 12, but the report does not actually say what the state’s timeline document says. Veolia wrote,

“Although a review of water quality records for the time period under our study indicates compliance with State and Federal water quality regulations, Veolia, as an operator and manager of comparable utilities, recommends a variety of actions to address improvements in water quality and related aesthetics including: operational changes and improvements; changes in water treatment processes, procedures and chemical dosing; adjustments in how current technologies are being used; increased maintenance and capital program activities; increased training; and, an enhanced customer communications program.”

Veolia relied on what previous water quality records said; they did not actually conduct tests themselves, or audit how the previous records and reports were prepared.

But the timeline published by the governor’s office reads,

“Flint water consultant Veolia, issues report that water meets state and federal standards. Does not report specifically on lead.”

The second sentence is correct, the first a misrepresentation. That’s not what Veolia’s report said.

The second sentence may be factually correct, but the company was not hired by Flint’s emergency manager to evaluate lead levels specifically, based on the supporting documentation accompanying the resolution authorizing the contract with Veolia.

If one entry on the timeline prepared by the state is this iffy, what about the rest of the timeline?

If this timeline is this iffy, what about everything else generated by officials from the governor’s office on down?

Happy St. Patrick’s Day to those of you who observe this opportunity to drink beer (tinted green or otherwise) and eat boiled dinner and wear green! We’ll know the hardcore among you tomorrow by your hangovers.

Folks overseas don’t understand how St. Patrick’s Day blew up to the same proportions as other holidays like Halloween, blaming it on American commercialization. But the holiday as observed in the U.S., like Halloween, has roots in immigration. Four to five million Irish immigrated to the U.S.; their descendants here are nearly 40 million today, roughly seven times the number of actual Irish in Ireland now. With this many Irish-Americans, even a tepid observation of St. Patrick’s Day here would be visible abroad.

In addition to all things green, we’ll be watching this week’s second #FlintWaterCrisis hearing. Representatives Chaffetz and Cummings can go all shouty on Michigan’s OneLawyeredUpNerd Governor Rick Snyder and EPA’s Gina McCarthy though I have my doubts anything new will emerge. (And you’ll see me get really angry if Rep. SlackerForMichigan Tim Walberg shows up to merely make face on camera. Useless helicoptering.)

Unlike Tuesday, I hope like hell somebody brings up Legionnaire’s cases and deaths in Flint after the cut-over of Flint’s water to Flint River. Thousands of children may have been permanently poisoned by lead, but people sickened and died because of this complete failure of government-as-a-business.

I can’t stress this enough: There were fatalities in Flint because of the water.

Hearing details – set a reminder now:

Thursday 17-MAR — 9:00 AM — Gov. Snyder (R-MI) & EPA Head McCarthy: House Hearing on Flint, MI Water Crisis (est 3 hours, on C-SPAN3)   Link to House Oversight Committee calendar entry

You can find my timeline on Flint’s water here — as noted Tuesday, it’s a work in progress and still needs more entries.

Moving on…

Apple leaves Amazon for Google’s cloud service
Wait, what?! File under ‘Wow, I didn’t know!’ because I really though Apple housed all its cloud services under its own roof. I mean, I’ve written about data farms before, pointed to a new Apple location. I didn’t know Apple had outsourced some of its iCloud to Amazon.

Which makes Senator Ron Wyden’s remarks about asking the NSA with regard to the San Bernardino shooter’s iPhone even more interesting.

No wonder Apple is moving to Google, considering Amazon’s relationship with certain government agencies as a cloud service provider. Some of Apple’s data will remain with Amazon for now; we might wonder if this is content like iTunes versus users’ data. Keep your eyes open for future Apple cloud migrations.

US Navy sailors’ electronic devices combed for data by Iran
Gee, encrypted devices and communications sure are handy when members of the military are taken into custody by other countries. Too bad the Navy’s devices weren’t as secure as desired when Iran’s navy detained an American vessel in January this year. To be fair, we don’t know what all was obtained, if any of the data was usable. But if the devices were fully encrypted, Iran probably wouldn’t have said anything.

American Express’ customers’ data breached — in 2013
Looks like a select number of AmEx customers will receive a data breach notice with this explanation:

We became aware that a third party service provider engaged by numerous merchants experienced unauthorized access to its system. Account information of some of our Card Members, including some of your account information, may have been involved. It is important to note that American Express owned or controlled systems were not compromised by this incident, and we are providing this notice to you as a precautionary measure.

The breach happened on December 7, 2013, well into the Christmas shopping season, but we’re just finding out now? “Third party service” means “not our fault” — which may explain why AmEx shareholders (NASDAQ:AXP) haven’t been notified of a potential risk to stock value as yet. Who/what was the third party service? Where’s their notification to public and shareholders?

I need to brew some coffee and limber up before the hearing on Flint, track down my foam footballs and baseballs to throw at the TV while Gov. Snyder goes on about how sorry he is and how he’s going to fix Flint’s water crisis. Oh, and find an emesis basin. See you here tomorrow morning!