Thursday: Creep

/6 Comments/in , , /by

Covers are often treated like poor relations in hand-me-downs. It’s not the performer’s own work, how can they possibly do the original justice?

Yeah…and then this. I think it’s an example of an exceptional cover. It’s one of my favorites. There are a number of other fine covers of this same piece — some are sweet, some have better production values, and some are very close to Radiohead’s original recording. But this one has something extra. Carrie Manolakos, a Broadway performer known for her role as Elphaba in Wicked, takes a breath at 2:19 and watch out. Her second album will release next month if you enjoy her work.

In Sickness and Health
Here, read these two stories and compare them:

Leaving you with the actual heds on these articles. How isn’t this simple extortion? You know, like, “Nice national health care system you’ve got there. It’d be a shame if anything happened to it.”

Cry me a river about corporate losses. Last I checked Aetna’s been paying out dividends regularly, which means they still have beaucoup cash.

If only we’d had a debate about offering single payer health care for everyone back in 2009 so we could say Fuck You to these vampiric corporate blackmailers.

Still in Shadow
A timeline of articles, analysis, commentary on the hacking of NSA malware staging servers by Shadow Brokers — no window dressing, just links:

15-AUG-2016 8:48 AM — https://twitter.com/mikko/status/765168232454037504 (Mikko Hypponen–Kaspersky tweeting discovery of Shadow Brokers’ auction of Equation Group code)

16-AUG-2016 7:22 AM — http://cybersecpolitics.blogspot.com/2016/08/why-eqgrp-leak-is-russia.html (Info sec expert Dave Aitel’s assessment on hackers responsible)

16-AUG-2016 7:40 AM — https://twitter.com/Snowden/status/765513662597623808 (Edward Snowden’s tweet thread [NB: don’t be an idiot and click on any other links in that thread])

16-AUG-2016 7:22 PM — https://securelist.com/blog/incidents/75812/the-equation-giveaway/ (time zone unclear)

16-AUG-2016 ?:?? — http://xorcat.net/2016/08/16/equationgroup-tool-leak-extrabacon-demo/

17-AUG-2016 8:05 AM EST — https://motherboard.vice.com/read/what-we-know-about-the-exploits-dumped-in-nsa-linked-shadow-brokers-hack

17-AUG-2016 ?:?? — https://www.cs.uic.edu/~s/musings/equation-group/ (University of Illinois’ Stephen Checkoway’s initial impressions)

17-AUG-2016 7:23 PM EST — https://www.washingtonpost.com/world/national-security/nsas-use-of-software-flaws-to-hack-foreign-targets-posed-risks-to-cybersecurity/2016/08/17/657d837a-6487-11e6-96c0-37533479f3f5_story.html

18-AUG-2016 6:59 AM EST — https://twitter.com/RidT/status/766228082160242688 (Thomas Rid suggests Shadow Brokers’ auction may be “retaliation” — note at this embedded tweet the use of “retaliation” and the embedded, highlighted image in which the words “Panama Papers” appear in red. Make of that what you will.[1])

18-AUG-2016 2:35 PM EST — https://motherboard.vice.com/read/the-shadow-brokers-nsa-leakers-linguistic-analysis (Two linguists suggest Shadow Brokers’ primary language is English distorted to mimic Russian ESL)

You know what this reminds me of? Sony Pictures’ email hacking. Back and forth with Russia-did-it-maybe-not-probably, not unlike the blame game pointing to North Korea in Sony’s case. And the linguistic analysis then suggesting something doesn’t quite fit.

[Today's front pages from USA Today, The New York Times, Wall Street Journal, Los Angeles Times, shared here under Fair Use.]

[Today’s front pages from USA Today, The New York Times, Wall Street Journal, Los Angeles Times, shared here under Fair Use.]

American Refugees
I read in one of my timelines today a complaint by a journalist about Louisiana flooding news coverage. Wish I’d captured the thread at the time; they were put out that the public was unhappy about the media’s reporting — or lack thereof. They noted all the links to articles, videos, photos being shared in social media, noting this content came from journalists.

Except there really is a problem. The embedded image here is the front page of each of the four largest newspapers in the U.S. based on circulation, total combined circulation roughly six million readers. NONE OF THEM have a story on the front page about the flooding in Louisiana, though three of them covered the California Blue Cut Fire. Naturally, one would expect the Los Angeles Times to cover a fire in their own backyard, and they do have a nice photo-dense piece online. But nothing on the front page about flooding.

The Livingston Parish, Louisiana sheriff noted more than 100,000 parish residents had lost everything in the flood. There are only 137,000 total residents in that parish.

Between the +80,000 Blue Cut Fire evacuees and more than 100,000 left temporarily homeless in Louisiana, the U.S. now has more than a couple hundred thousand climate change refugees for which we are utterly unprepared. The weather forecast this week is not good for the Gulf Coast as unusually warm Gulf water continues to pump moisture into the atmosphere. We are so not ready.

Longread: The last really big American flood
Seven Scribes’ Vann R. Newkirk II looks at the last time a long bout of flooding inundated low-lying areas in the south, setting in motion the Great Migration. This is the history lesson we’ve forgotten. We need to prepare for even worse because like the Blue Cut Fire in California and Hurricane Sandy in New Jersey and New York, disaster won’t be confined to a place too easily written off the front page.

One more day. Hope to make it through.
_________
[1] Edited for clarity. Kind of.

Share this entry

Tuesday: One String

/23 Comments/in , , /by

There aren’t enough words to describe this genius who can do so much with a lone string. Brushy One String is the stagename of Andrew Chin, son of Jamaican musician Freddie McKay. McKay died in 1986 in his late 30s, leaving behind a body of work representative of the rocksteady (ex: Rock-a-Bye Woman) and reggae genres. While Brushy inherited his father’s musical talent, he’s parlayed into an interesting Rhythm-and-Blues-meets-Roots-Reggae crossover. Check out his website when you have a chance.

Wheels

  • Volkswagen and USDOJ talking about criminal investigation (Deutsche Welle) — Up in the air yet whether DOJ goes with deferred prosecution or asks for a guilty plea from the lawmaker for criminal activity related to the promotion and sale of its so-called “Clean Diesel” passenger vehicles during the last decade. Criminal fines are estimated at $1.2 billion. VW claims to be cooperating, but the company’s failure to disclose the additional cheat software in the 3.0L engines suggests some problems understanding what “good faith” means.
  • Volkswagen’s Australian manager believes diesel fix “imminent” (CarsGuide) — And “Under Australian law, we don’t believe there’s anything on our car which is illegal.” Uh-huh. Hence the fix for 80,000 1.6L and 2.0L passenger diesels. It’s true that Australia is not as strict about NOX as the U.S., but VW’s passenger diesels didn’t meet EU or AUS limits on other pollutants.
  • Ford expects to offer self-driving car without steering wheel within five years (Detroit News) — Well, then. Better hope regulations don’t require a steering wheel, huh? Ford has also invested $75M in LiDAR-maker Velodyne; Chinese search engine company Baidu has likewise made a $75M investment. LiDAR is expected to provide navigational assistance for these self-driving vehicles.

Way Up There

Words

  • Univision’s bid wins Gawker Media (Recode) — Of the two known bidders — Ziff-Davis and Univision — the latter’s $135M bid won bankrupt Gawker Media and its brands. Gawker’s lineup joins The Onion and The Root, purchased by Univision, and Fusion which Univision originally created jointly with Disney and now owns outright. Founder Nick Denton seems pleased with this outcome as his brands and workers continue without disruption; billionaire Pete Thiel gets partial revenge on Denton for outing him by forcing the bankruptcy and sale. Univision’s editorial policy will be less personal in its coverage — probably a good thing. Let’s check back in a year.
  • ‘Not a good fit’ says Barnes & Noble as CEO shown the door (GalleyCat) — Whoa. You don’t see such blunt statements about CEOs, especially one with less than a year under their belt. The company’s stock has been up though retail sales continued to struggle in competition against Amazon. Feels like there’s more to this story. In the mean time, Ron Boire is out the door and executive chairman Leonard Riggio will delay his retirement until a new CEO is found. Hope the next one can salvage NOOK tablet platform because I can’t stand Amazon’s Kindle.
  • Turkish court closes pro-Kurdish newspaper Ozgur Gundem (Business Standard) — Claiming the paper was a propaganda outlet for Kurdistan Workers’ Party (PKK), labeled a terrorist organist organization by Turkey, EU, and the US. The court said the closure was not related to the government’s post-coup purge of media believed to be sympathetic to Gülen movement. An appeal is possible.

I-Spy: Cyber Edition
You’ve probably heard about the alleged hacking of a NSA server and the subsequent attempt to auction contents from that server. Edward Snowden offered his perspective on the situation — I’ve Storify’d the tweet thread for your reading ease.

The disclosure and attempted auction were likely done by Russia for political reasons given the timing. Hacking and accessing the contents of the server should be expected — it’s ordinary spying, same as the U.S. does. But the revelation is a new tack; Snowden suggests it’s a warning to the U.S. about potential future disclosures. Read the thread for yourself.

I don’t think this hacking and disclosure happened in a vacuum. There’s a much bigger game to puzzle out — add the meeting between Russia and Saudi Arabia to “achieve oil market stability” as well as Russia’s express interest in Saudi Arabia’s plans to build as many as 16 nuclear reactors. Factor in a change in relationship between Iran and Russia now that Russia has deployed long-range bombers from Iran for the first time against ISIS. Russia, Saudi Arabia and Iran have some of the largest proven oil reserves in the world, all three in the top 10 and in Saudi’s case, influence over OPEC. Is Russia preparing for asymmetric economic pressure?

Late adder: #BlueCutFire in San Bernadino County, CA is very bad, now 82,000 ordered to evacuate.

That’s it for now, still Tuesday in the next time zone. Let’s see if I can make it over the hump earlier tomorrow.

Share this entry

Monday: Skate Away

/2 Comments/in , , /by

Monday means it’s movie day, and I think this charming little documentary fills the bill. Valley Of A Thousand Hills from Jess Colquhoun looks at Zulu youth participating in a skate camp and the impact on their lives. They’re quite optimistic in spite of limited resources and opportunities. The film left the feeling they’re on the verge of a breakthrough — like these kids could really change global culture if they wanted to. They appear more self-aware and energized than most adults I run into of late.

Wrath of Gods kind of weather

Might be time to brush off that copy of J. G. Ballard’s The Drowned World and ponder a post-apocalyptic future under water. We’ve likely passed the 1.5C degree global warming threshold without any sense of urgency to act on climate change which fuels this wave of flooding.

Sigh-ber

  • Hotels across ten states breached (Reuters) — Hey, now you philanderers have an excuse for that bizarre charge to your room at the Starwood, Marriott, Hyatt, or InterContinental hotel for strawberries, whip cream, and a leather flogger during your last business trip. “It’s just a hacker, honey, that’s all, really…” HEI Hotels & Resorts, the operator of the affected hotels, found the malware in its systems handling payment card data. The malware had been present in the system for roughly 18 months while 20,000 transactions were exposed.
  • Google ‘secretly’ developing a new OS (TechnoBuffalo) — A well-known Linux blogger wrote Google references “Pink + Purple == Fuschia (a new Operating System)” in its Git repository. The two colors are believed to refer to Magenta and LK kernels which Google is using to build a wholly new operating system. Magenta does not have a Wikipedia entry at the time of this post but Googlesource has a brief explainer for Magenta and LK. The two kernels serve different purposes but combined they may be able to operate any device whether small Internet of Things single purpose devices or multi-purpose devices like personal computers. This may be the direction Google has chosen to go rather than fully merge its Chrome OS with Android. The new operating system could also resolve some annoying problems with antitrust regulators if Android is cut loose and managed by an open source consortium, perhaps one established by and aligned with the Open Handset Alliance.
  • Banking malware attacks Android users browsing sites using Google AdSense (SecureList) — The thieves pay for a listing on AdSense, put their malicious ad in the system, and it downloads to an Android device whenever the user reads a website featuring the contaminated ad. Yuck. Use your antivirus app regularly on your Android devices as this nasty thing may pick up your financial information.

Longread: Manners matter?
At Aeon.com, Professor Eleanor Dickey of University of Reading-UK discusses the ‘magic word’ and its use in early democratic society, and its decline with the rise of a hierarchical system in the fourth century BCE. Are we a more or less democratic society based on our current level of societal manners?

Catch you tomorrow if the creek doesn’t rise!

Share this entry

Friday: The Immoral Minority

/10 Comments/in , , /by

While philosopher Slavoj Žižek isn’t everybody’s cup of quirky tea, he’s got a valid point in this video.

The right-wing has abandoned its claim to be the Moral Majority.

Don’t mistake this as a validation of the Democratic Party here in the U.S.; they are only earning a majority in terms of politics, and in no small part by being the “Not GOP” party. With its leadership cozying up to war criminals, climate denialists and fossil fuel-based polluters, and general denigrators both of human rights and the public commons, they are not the Moral Majority by default.

But an unorganized left in this country rejects the right-wing’s ethical decay implicitly underpinning the Republican Party. The left rejects those values which undermine democracy — misogyny, racism and marginalization of other minorities, the ongoing subversion of individuals’ rights to promote the interests of corporations.

A true Moral Majority won’t support a social contract undermining democracy by limiting life, liberty, and happiness’ pursuit to a narrow few. It’s well past time for the broader left to coalesce into an organized entity based upon the belief that all humans are created equal and deserving a more perfect union.

Zapped by Zika

  • “ZIKA VIRUS | Days since White House funding request: 186 | Funding response from Congress: $0 | Zika cases in US and territories: 8,580” (Tweet, Dan Diamond/Politico)
  • Peter robbed to pay Paul: DHHS pulls money from other projects to fund Zika vaccine research (Reuters) — Lacking new dedicated funding from Congress, U.S. Department of Health and Human Services squeezed out $81 million and spread it into Zika vaccine research, with $34 million of that to the National Institutes of Health and $47 million to the Biomedical Advanced Research and Development Authority (BARDA). The white House had asked for $1.9 billion last fall for Zika, but that amount was pared down by 42%; Republicans then objected to any of the remaining portion going to Planned Parenthood, putting Democrats in a bind. Access to birth control is critically important to preventing Zika’s spread; access to abortion could prevent the birth of severely deformed infants who will live short, utterly miserable, and expensive lives.
  • Arthrogryposis — congenital joint defects — associated with Zika during pregnancy (The BMJ) — Dislocated and or misshaped knees, ankles, elbows, hips appeared in children born with other neurological defects found in Zika-infected fetuses. Further research is necessary to prove both the virus is causal and learn the mechanism by which the virus inflicts this damage in utero. The patients had been tested for other known causes of arthrogryposis — toxoplasmosis, cytomegalovirus, rubella, syphilis, and HIV. All were negative.
  • First infant death due to Zika reported in Texas (KHOU) — The infant’s mother traveled to El Salvador during pregnancy where it is believed she contracted the virus.
  • Zika virus case confirmed in Monroe County, Michigan (Detroit Free Press) — But the method of infection is not clear (what?!). County health and state officials are working toward mosquito surveillance.

Wheels and steals

  • Millions of vehicles made from 1995 on vulnerable to keyless-remote hacking (USENIX) — Researchers at University of Birmingham and Kasper & Oswald GmbH presented a paper at the USENIX 2016 conference, showing more than 20 years’ worth of VW Group vehicles are hackable using inexpensive Arduino-based RF transceiver technology. Alfa Romeo, Chevrolet, Peugeot, Lancia, Opel, Renault, Ford and other makes relying on the Hitag2 access security method are similarly at risk. Researchers also looked at after-market keyless entry remotes for these and other vehicles; the cars for which these worked were also vulnerable. All vehicles tested appear to be those made for the European market, but the research noted the radio frequency differences — 315 MHz band in North America and the 433 MHz or 868 MHz band in Europe — used in remotes. The paper’s research team notified VW in November 2015 of their results; NXP Semiconductor, a manufacturer of Hitag2 remote technology, was also notified. NXP had already informed customers of the vulnerability in 2012 and has already improved device security.
  • Volkswagen suppressed news about keyless remote insecurity since 2013 (Bloomberg) — The same researchers from University of Birmingham and Kasper & Oswald GmbH had originally approached NXP Semiconductor and VW with their work in 2012 and 2013, respectively. VW sued and blocked release of their work; the paper was released this past week at USENIX only “after lengthy negotiations” and the removal of a single sentence which car thieves could use to easily crack the keyless remotes. A number of suspicious automobile thefts over the years may have relied on hacking remotes; will insurance companies look into these thefts and demand recovery from VW?
  • DOE grants Ford $6M for fuel cell research (Detroit Free Press) — Existing fuel cell technology has been too expensive for successful commercialization; the grant will be used to develop cheaper technology competitive with battery and internal combustion engines.

Longread: Geopolitics
FiveBooks.com interviewed former state department official and senior fellow at the Council on Foreign Relations, Jennifer M. Harris, about geopolitics. She discusses the topic and offers five book recommendations about the same. Harris is the co-author of recently released War by Other Means: Geoeconomics and Statecraft. Given her work as U.S. National Intelligence Council staff followed by work on economics under then-Secretary of State Hillary Clinton, this interview might offer a preview to future statecraft.

Friday Jazz
It’s still Friday somewhere according to my clock. Try French performer Zaz, stage name for Isabelle Geffroy. If you like this ditty, preview more of her work on her channel on SoundCloud.

It’s been a hectic week here; next week doesn’t look any better, but I’ll aim to be here on Monday. Have a relaxing weekend!

Share this entry

Tuesday: En Garde

/18 Comments/in , , /by

Looks like it’s going to be a thing this week, covering women in sports. This is a marvelous example of covering a female competitor, this short film profiling U.S. Women’s Individual Foil fencer Nzingha Prescod — it’s about her and her approach to her sport, period. Does she sound like somebody who doesn’t care about the results of competition, like she’d rather have narrative surrounding it?

Her next match is tomorrow at 8:10 a.m.; I wish I could catch it live online.

[Journalism 101 fail again -- who are these competitors and what country do they play for? Which sport is this?]

[Journalism 101 fail again — who are these competitors and what country do they play for? Which sport is this?]

Another example of crappy coverage comes from BBC — can’t imagine why the UK became so white nationalist, can you? Let’s not note the countries or the individual competitors, let’s point out their attire and hint at religious and political positions at the same time. What garbage.

If you’re not already familiar with ‘male gaze‘, it’s time for a primer on this concept first theorized 41 years ago by Laura Mulvey. I don’t know if I can even call it purely feminist theory any longer though it arose because of feminism’s emergence. The way content is constructed can be political, and the way we view it can also be political; if content can be constructed for the male gaze, it can also be constructed to perform for political ideology. What we see in the BBC’s photo is both a political and sexist statement — the bikini-clad woman preferred over the fully-clothed woman whose attire has been mislabeled (it’s not a burka), the lack of identity in either case. These women are figures to be looked at for visual enjoyment and not in a manner which satisfies women but a male gaze with a particular ideological slant.

The problem with NBC’s constructed Olympic coverage is that the corporation believes it has created a ‘female gaze’ product — but women don’t feel immersed in the sports they are watching, continually disrupted by the inauthenticity of the content they are viewing. It feels forced, like we are supposed to care about the content presented apart from the actual sports on the screen based on a third (and likely straight male) party’s expectations of the female audience, but the mediation and curation process interfere with our autonomy in viewing. We feel a jarring disconnect from a state of attentive viewing into a state of critical viewing — we’re left unsatisfied.

I don’t think men are feeling any better about the content they are seeing because it fails to serve their gaze in a manner which they have always expected from the male-led sports and entertainment industries.

It’s so damned easy to fix, too.

The one entity finding a silver lining in NBC’s coverage of the Olympics? Netflix, which blames flat subscriber growth on the games’ broadcast. Hard to argue with this based on anecdotal evidence; everybody who ordinarily binges on Netflix programming and shares the experience in social media during cooler months is now complaining about NBC’s programming.

Wheels

  • Not one but THREE illegal emissions control software programs in VW’s 3.0L vehicles (Reuters) — U.S. isn’t saying how they found them but the existence of multiple programs hints at the reason for the lack of a “fix” for 3.0L passenger diesels under the terms of the proposed settlement. Volkswagen has admitted to emissions controls defeat in its 2.0L and 3.0L passenger diesel vehicles it marketed as “clean diesel” here in the U.S., but it has not been forthcoming about the emissions cheat methodology. If I had to guess, I’d say every one of the 3.0L vehicles will be bought back — because even after all this time, VW having known the cheats were discovered in 2014, the company still does not have a true fix for the 3.0L engine.
  • GM now testing self-driving Bolt in AZ (The Detroit News) — This is the second city in which GM has tested the Bolt; first tests were in San Francisco, which seems to me more challenging than Scottsdale.
  • Court case against GM starts this week (Bloomberg) — Judge will have their hands full trying to keep the case focused on whether ignition switch at fault or not given the driver’s youth and alleged reckless driving.

Wings

  • Delta’s massive outage yesterday still causing scheduling problems (Bloomberg) — System failure still attributed to power outage though interestingly Georgia Power said it was a Delta problem. No mention anywhere of other possible causes for the outage — so far.
  • Southwest’s July outage revealed enterprise problems (Bloomberg) — The crash of a single router caused massive problems which Southwest is still digging out of weeks later. Why is this airline lacking adequate failover? Why is this airline so focused on stock price now to detriment of instructure, in spite of fuel costs having fallen so much since June 2014?
  • Teen security research awarded one million flyer miles by United Airlines (ZDNet) — Olivier Beg reported 20 undisclosed bugs to the airline. The largest single reward he received was 250K miles, meaning the worst single bug he found was medium in severity. Certainly cheaper to offer Beg the equivalent of 20 roundtrips to the U.S. than pay for the costs related to a major bug-related outage.

Words

One for the road
Looks like the FBI hasn’t found an app for that yet — remote surveillance on smartphones, that is. Isn’t that interesting?

Off to cook dinner before the nightly Olympic debacle begins. Wonder what fresh hell the taped delayed coverage will bring?

Share this entry

The Just Right Fear Industry, in 18,000 Words

/5 Comments/in , , , /by

Steven Brill thinks we’re not worried enough about bioterrorism and dirty bombs. He makes that argument even while acknowledging that a dirty bomb attack launched in Washington DC would result in just 50 additional cancer deaths. And curiously, his extensive discussion about germ threats (inspired by a Scooter Libby report, no less!) doesn’t mention that the Russian military is currently struggling to contain an anthrax attack launched by a thawing reindeer.

That’s the problem with Brill’s opus: anthrax attacks only matter if they’re launched by Islamic extremist reindeers, not reindeers weaponized by climate change. (And if you were wondering, although he discusses it at length, Brill doesn’t mention that the 2001 anthrax attack, which was done with anthrax derived from a US lab, has never been solved.)

He makes a similar error when he spends 18 paragraphs focusing on what he (or his editors) dub “cyberterrorism” only to focus on OPM as proof the threat exists and includes this paragraph from Jim Comey admitting terrorists don’t yet have the capabilities to hurt us our Chinese and Russian adversaries do.

For his part, the FBI’s Comey worries more about a cyberterror onslaught directed at the private sector than one directed at the government. “These savages,” he says, “have so far only figured out how to use the internet to proselytize, not to wreak physical damage. What happens when they figure out how to use it to break into a chemical plant, or a blood bank and change the blood types? We know they are trying. And they don’t have to come here to do it.”

Biothreats and hacking are a threat. But it would be sheer idiocy to approach the problem, at this point, as primarily one of terrorism when climate change and nation-state adversaries clearly present a more urgent threat.

But it’s not just Brill who adopts some weird categorization. The article is perhaps most interesting for the really telling things he gets Comey to say, as when he suggests FBI drops investigations when they hear a “wing nut” making bomb threats in a restaurant.

“Think about it from our perspective,” Comey said when I asked about this. “Suppose someone is overheard in a restaurant saying that he wants to blow something up. And someone tells us about it. What should we do? Don’t we need to find out if he was serious? Or was he drunk? The way to do that is to have someone engage him in an undercover way, not show up with a badge and say, ‘What are your thoughts in regard to terrorism?’ ”

“Plenty of times it’s a wing nut or some drunk, and we drop it,” he continued.

I actually think the FBI, as an institution, is better than this. But to have the FBI Director suggest his bureau wouldn’t follow up if someone making bomb threats was deemed a radical but would if they were deemed a Muslim is really telling.

Which gets to the core of the piece. Over the course of the 18,000+ words, Brill admits — and quotes both President Obama and Comey admitting — that what makes terrorism different from the equally lethal attacks by other mentally unstable or “wing nut” types is the fear such attacks elicit.

President Obama described the difference to me this way: “If the perpetrator is a young white male, for instance—as in Tucson, Aurora, and Newtown—it’s widely seen as yet another tragic example of an angry or disturbed person who decided to lash out against his classmates, co-workers, or community. And even as the nation is shaken and mourns, these kinds of shootings don’t typically generate widespread fear. I’d point out that when the shooter or victims are African American, it is often dismissed with a shrug of indifference—as if such violence is somehow endemic to certain communities. In contrast, when the perpetrators are Muslim and seem influenced by terrorist ideologies—as at Fort Hood, the Boston Marathon bombing, San Bernardino, and Orlando—the outrage and fear is much more palpable. And yet, the fact is that Americans are far more likely to be injured or killed by gun violence than a terrorist attack.”

The FBI’s Comey agrees. “That the shooter in San Bernardino said he was doing it in the name of isil changed everything,” he told me. “It generates anxiety that another shooting incident, where the shooter isn’t a terrorist, doesn’t. That may be irrational, but it’s real.”

Nevertheless, all three — even Brill, in a piece where he takes Obama to task for not publicizing his change in dirty bomb response, refers to “deranged people and terrorists” obtaining assault weapons as if they are mutually exclusive categories — seem utterly unaware that part of the solution needs to be to stop capitulating to this fear. Stop treating terrorism as the unique, greatest threat when you know it isn’t. Channel the money being spent on providing tanks to local police departments to replacing lead pipes instead (an idea Brill floats but never endorses). Start treating threats to our infrastructure — both physical and digital — including those caused by weaponized reindeer as the threat they are.

And for chrissakes, don’t waste 18,000 words on a piece that at once scolds for fearmongering even while perpetuating that fear.

Share this entry

Friday: Little Fly

/12 Comments/in , , /by

Friday jazz comes to us from vocalist and bassist Esperanza Spalding, one of my personal favorites. She’s the first jazz musician to ever win the Grammy Award for Best New Artist, awarded only a handful of months after this featured performance from 2010.

My favorite tune of the three she performs here is Apple Blossom — it never fails to make me sniffle. Spalding plays more than just the double bass; sample her more progressive work on electric bass here. Want something a bit more traditional? Try her upbeat bluesy rendition of On the Sunny Side of the Street. Or maybe a little pop rock slice with her tribute to Stevie Wonder, Overjoyed.

Wheels and steals
Volkswagen:

  • Whiny op-ed complains about poor, poor Volkswagen (WSJ) — Aw, poor fraudulent enterprise lied and ripped off the American public for a decade while other automakers in the U.S. complied with emissions laws. Murdoch-NewsCorp outlet Wall Street Journal wants us to take pity on the bastards who did not care one whit they were literally poisoning U.S. citizens while lying to customers and dealers, let alone poisoning and lying to tens of millions of customers abroad. Look, they broke U.S. laws for nearly ten years. They made interest and capital gains on the money they gained from their illegal efforts. They can make the customers they defrauded whole and they can do something to fix the damage they wreaked on our environment. And they should be punished for breaking laws on top of reparations. Anything less is a neoliberal blowjob to a company which cannot compete fairly inside the U.S.
  • VW passenger diesel owners need additional protections (Reuters) — The current settlement offered by VW in federal court does not provide a secondary level of protection to consumers says the consumer advocacy journal, needed if the proposed fix to the emissions cheating diesel vehicles does not work. These vehicle owners should be able to opt for buy-back. The amount offered also undervalues retail prices on alternative replacement vehicles, Consumer Reports said in its submission during the public comment period which ended today.

    Consumer Reports said it generally supported the settlement, but urged “regulators to wield robust oversight of Volkswagen to ensure that the company implements its recall, investment, and mitigation programs appropriately” and it called on “federal and state officials to assess tough civil penalties and any appropriate criminal penalties against the company in order to hold it fully accountable.”

  • South Korea halts sales of 80 VW vehicle models (NBCNews) — This is what the U.S. could have done to VW given the scale of fraud, emissions cheating, and the lack of actual “clean diesel” passenger technology available to remedy both 2.0L and 3.0L engine vehicles. The 80 models now banned for non-compliance with emissions and noise pollution laws as well as document forgery include VW, Audi and Bentley vehicles. VW has also been slapped with $16.06 million fine, which is extremely light considering VW broke not only emissions laws while fraudulently misrepresenting the vehicles’ attributes.
  • West Virginia’s suit against VW amended (Hastings Tribune) — WVa Attorney General expanded the suit to include VW parent group as well as Audi and Porsche brands. Bosch, the manufacturer of VW’s electronic control units which were programmed to defeat emissions controls, is included in the lawsuit.
  • Fewer Americans buying VW vehicles (Business Insider) — No surprise, given the emissions controls cheating scandal, the pricey labels, iffy reliability, and a product lineup that doesn’t match the U.S.’ market demand. It may be a long time before VW digs itself out of its hole here.

NOT Volkswagen:

  • Two Houston thieves hack Jeep and Dodge cars (Phys.org) — Hacking pirated computer software used by auto technicians and dealers, two men tweaked Fiat Chrylser model vehicles’ security codes so their key worked. The thieves were picked up driving a stolen Jeep Grand Cherokee after police focused on an area where a high number of vehicle thefts occured.
  • White hat hackers proved Chrysler’s anti-hack update breachable (The Register) — Last year Charlie Miller and Chris Valasek showed Fiat Chrysler’s wireless feature could be hacked remotely to take control of a car. At Black Hat 2016 this week the same duo showed how they could defeat Fiat Chrysler’s firmware update which the automaker pushed to patch the vulnerability. But in terms of ease and speed, the two thieves in Houston might actually have a faster approach to taking control of a vehicle.
  • 28-year-old cracks up his brother’s car while playing Pokémon GO (The Guardian) — Dude. Really? You’re lucky to be alive or that you didn’t kill someone else. This is the kind of generational stupid old-man-yelling-at-clouds Clint Eastwood should take a poke at instead of doubling down on his closeted racism.
  • Self-driving feature in Tesla X may have saved its driver (CNBC) — Driver suffered a pulmonary embolism while on the road; the vehicle took him to the hospital. Article says the driver “was able to steer the car the last few meters” suggesting he was conscious and in control if limited in capacity. No further details were included to describe how the vehicle switched from its original route to the hospital.

Because opening ceremonies begin tonight at the Rio Olympics, I’ll leave you here. Catch you Monday — have a safe and restful weekend!

Share this entry

Tear Up Texas, Tear Up Another Encryption Claim

/in /by

Both the Intercept and the Daily Beast have reported on this eye-popping exchange from the criminal complaint charging Erick Hendricks with conspiracy to provide material support for terrorism, showing an undercover FBI employee advising one of the future Garland gunmen to “tear up Texas” in the days before the attack.

[Allegedly] Elton Simpson: Did u see that link I posted? About texas? Prob not.

UCE: [states he doesn’t have Simpson’s Twitter handle]

Simpson: [posts link to Draw Prophet Mohammed Contest

UCE: Tear up Texas.

Simpson: Bro, u don’t have to say that… U know what happened in Paris… I think … Yes or no …?

UCE: Right

Simpson: So that goes without saying … No need to be direct.

[snip]

UCE-1 subsequently traveled to Garland, Texas and was present on or about May 3, 2015, at the event.

[snip]

UCE-1 claimed to have been the “eyes” of Hendricks, to have seen Simpson and Soofi be killed, and stated that “Cops almost shot me.”

In other words, FBI had an officer onsite, scoping out the event, who was in communication with both Elton Simpson and Hendricks, the latter of whom may have been inciting a disruption (the evidence doesn’t clearly support he ordered the attack, though it is certainly possible; the complaint accuses hid of conspiring with someone DB IDed as Amir Said Abdul Rahman al-Ghazi, a cooperating witness, not the Garland shooters). Indeed, the undercover officer encouraged the attack with his “Tear up Texas.”

This raises big questions about the attack itself. But it also raises questions about a claim Jim Comey made in December 2015, when arguing about the dangers of encryption.

That morning, before one of those terrorists left and tried to commit mass murder, he exchanged 109 messages with an overseas terrorist. We have no idea what he said, because those messages were encrypted.

That’s interesting because the affidavit provides extensive details, based in part on Amir Said Abdul Rahman Al-Ghazi’s admissions to law enforcement, and based in part on one of Simpson’s phones obtained by the FBI, how Hendricks would coach people to move back and forth from Twitter to three other “secret” (presumably encrypted) messaging apps, as well as either Tor or a VPN. Certainly, the FBI has Simpson’s side of “secret” conversations. There’s no mention of the other Garland shooter, Nadir Soofi, but the affidavit at least appears to suggest Hendricks was playing a key broker role. So any communications with him would presumably be partly mirrored in what the Garland shooters said. Certainly, the FBI has a great deal of metadata that has been useful in filling in the network its 4 informants and 1 undercover officer haven’t already filled in.

That doesn’t mean the FBI was then or has since been able to crack these 109 encrypted messages.

But the claim sounds a lot less alarming when you say, “We weren’t able to decrypt 109 social media messages though we were watching other messages in real time and had an FBI officer present at the attack.”

Share this entry

Thursday: Move

/10 Comments/in , , , /by

Need something easy on the nerves today, something mellow, and yet something that won’t let a listener off too lightly. Guess for today that’s John Legend’s Tiny Desk Concert.

I promised reindeer tales today, haven’t forgotten.

From Anthrax to Zombies

  • First outbreak in 75 years forces evacuation of reindeer herders (The Siberian Times) — The last outbreak in the Siberian tundra was in 1941; news of this outbreak broke across mainstream media this past week, with some outlets referring to it as a “zombie” infection since it came back from dormancy, likely rising from a long-dead human or animal corpse.
  • Infected reindeer corpses to be collected and destroyed (The Barent Observer) — A lot of odd details about anthrax and its history pop up as the outbreak evolves. Like the mortality rate for skin anthrax (24%) and the alleged leak of anthrax from a Soviet bio-warfare lab in 1979. Reindeer deaths were blamed initially on unusually warm weather (~30C); the same unusually warm weather may have encouraged the release of long-dormant anthrax from the tundra.
  • Siberian outbreak may have started five weeks earlier (The Siberian Times) — Russia’s Federal Service for Veterinary and Phytosanitary Surveillance senior official is angry about the slow response to the first diagnosis; the affected region does not have strong veterinary service, and it took a herder four days’ walk across the tundra to inform authorities about an infection due to a lack of communications technology. The situation must be serious as the Health Minister Veronika Skvortsova has now been vaccinated against anthrax. Reports as of yesterday indicate 90 people have been hospitalized, 23 of which have been diagnosed with anthrax, and one child died. The form most appear infected with is intestinal; its mortality rate is a little over 50%. Infection is blamed on anthrax-contaminated meat; shipment of meat from the area is now banned. Russian bio-warfare troops have established a clean camp for the evacuated herder families until the reindeer corpses have been disposed of and inoculations distributed across the area’s population.
  • Important: keep in mind this Siberian outbreak may be unusual for its location, but not across the globe. In the last quarter there have been small anthrax outbreaks in Indonesia, Kazakhstan, Kenya, Bangladesh, and Bulgaria. Just search under Google News for “anthrax” stories over the last year.
  • Coincidentally, anthrax drug maker filed and received FDA’s ‘orphan status’ (GlobeNewsWire) — There have been so few orders for anthrax prophylaxis vaccine BioThrax that specialty biopharmaceutical company Emergent BioSolutions requested ‘orphan status’ from the FDA, granted to special therapies for rare conditions affecting less than 200,000 persons in the U.S. The status was awarded mid-June.
  • Investor sues anthrax drug maker for misleading expectations (Washington Business Journal) — Suit filed against the company and executives claims Emergent BioSolutions mislead investors into thinking the company would sell as many doses of BioThrax to the U.S. government during the next five years as the preceding five years. On the face of it, investor appears to expect Emergent BioSolutions to predict both actual vaccine demand in advance along with government funding (hello, GOP-led Congress?) and other new competitors in the same marketspace. Seems a bit much to me, like the investor feels entitled to profits without risk. Maybe they’ll get lucky and climate change will increase likelihood of anthrax infections — cha-ching.
  • Another coincidence: Last Friday marked 8 years since anthrax researcher Bruce Ivin’s death (Tulsa World) — And this coming Saturday marks six years since the FBI released its report on the anthrax attacks it blamed on Ivins.

Cybernia

  • Facebook let police shut down feed from negotiations resulting in another civilian-death-by-cop (The Mary Sue) –Yeah, we wouldn’t want to let the public see the police use deadly force against an African American mother and her five-year-old child instead of talking and waiting them out of the situation as they do so many white men in armed confrontations. And now police blame Instagram for her death. Since when does using Instagram come with an automatic death warrant?
  • Can GPS location signals be spoofed? Yep. (IEEE) — It’s possible the U.S. Navy patrol boats caught in Iran’s waters may have relied on spoofed GPS; we don’t know yet as the “misnavigating” incident is still under investigation. This article does a nice job explaining GPS spoofing, but it leaves us with a mystery. GPS signals are generated in civilian and military formats, the first is unencrypted and the second encrypted. If the “misnavigated” patrol boats captured by Iran in January were sent spoofed GPS location data, does this mean U.S. military encryption was broken? The piece also ask about reliability of GPS given spoofing when it comes to self-driving, self-navigating cars. Oh hell no.
  • Security firm F-Secure releases paper on trojan targeting entities involved in South China Sea dispute (F-Secure) — The Remote Access Trojan (RAT) has been called NanHaiShu, which means South China Sea Rat. The RAT, containing a VBA macro that executes an embedded JScript file, was spread via email messages using industry-specific terms. The targets were deliberately selected for spearfishing as the senders knew the users did not lock down Microsoft Office’s default security setting to prevent macro execution. The malware had been in the wild for about two years, but its activity synced with events related to the South China Sea dispute.

Tomorrow’s Friday, which means jazz. Guess I’d better start poking around in my files for something good. Catch you later!

Share this entry

Tuesday: Allez Vous F

/18 Comments/in , , /by

J’adore Stromae. I’m not in the hip hop demographic, but Stromae — whose real name is Paul Van Haver — pulls me in. This multi-talented artist born to a Rwandan father and a Belgian mother pulls together multiple genres of music laced with compelling au courant lyrics presented with stunning visual effects — how could I not love him?

This particular song, Papatouai, has a strong psychic undertow. This song asks where Papa is; the lyrics and video suggest an emotionally or physically distant father. Van Haver’s own father was killed in the Rwandan genocide when he was not yet ten years old. Is this song about his own father, or about inaccessible fathers in general? The use of older African jazz rhythms emphasizes retrospection suggesting a look backward rather than forward for the missing father figure(s). More than a third of a billion views for this video say something important about its themes.

Much of Stromae’s work is strongly political, but it conveys the difficulty of youth who are multi-racial/multi-ethnic unsatisfied with the binaries and economic injustices forced on them by oldsters. A favorite among kids I know is AVF (Allez Vous Faire):

“Allez vous faire!”
Toujours les mêmes discours, toujours les mêmes airs,
Hollande, Belgique, France austère.
Gauches, ou libéraux, avant-centres ou centristes,
Ça m’est égal, tous aussi démagos que des artistes.

Go fuck yourselves!
Always the same words, always the same airs.
Holland, Belgium, France, austere.
Right or Left? Moderate or Extremist?
They’re all the same to me – the demagogues and the artists.

Remarquable et pertinent, non? I’m also crazy about Tous Les Mêmes, a trans- and cis-feminist song with a marvelous old school Latin beat simmering with frustration. But there’s not much I don’t like by Stromae; I can’t name a song I wouldn’t listen to again and again.

If you’re ready for more Stromae, try his concert recorded in Montreal this past winter. So good.

Expedition to the Cyber Pass

  • UK wireless firm O2 customer data breached and sold (BBC) — O2 customers who were gamers at XSplit had their O2 account data stolen. The approach used, credential stuffing, relies on users who employ the same password at multiple sites. Wonder how Verizon’s recent hiring of O2’s CEO Ronan Dunne will play out during the integration of Yahoo into Verizon’s corporate fold, given Verizon’s data breach? Will Dunne insist on mandatory 2FA policy and insure Verizon and Yahoo accounts can’t use the same passwords?
  • Speaking of Yahoo: 200 million credentials for sale (Motherboard) — Yahoo’s Tumblr had already been involved in a massive breach, now there’s Yahoo accounts available on the dark web. Given the Verizon breach already mentioned, it’s just a matter of time before these accounts are cross-matched for criminal use.
  • Oracle’s not-so-good-very-bad-too-many 276 vulnerabilities patched (Threatpost) — Whew. Two. Hundred. Seventy. Six. That’s a lot of risk. Good they’re all patched, but wow, how did Oracle end up with so many to begin with? Some of them are in products once owned by Sun Microsystems, including Java. Maybe Oracle ought to rethink Java’s licensing and work with the software community to develop a better approach to patching Java?
  • F-35 ready, says USAF — kind of (Bloomberg) — Massively expensive combat jet now up for ‘limited combat use’, except…

    The initial aircraft won’t have all the electronic combat, data fusion, weapons capacity or automated maintenance and diagnostics capabilities until the most advanced version of its complex software is fielded by 2018.

    Uh, what the hell did we spend a gazillion-plus bucks on if we don’t have aircraft with competitive working electronics?

Light load today, busy here between getting youngest ready for college and primary day in Michigan. YES, YOU, MICHIGANDER, GO VOTE IN THE PRIMARY! Polls close at 8:00 p.m. EDT, you still have time — check your party for write-in candidates. You can check your registration, precinct, ballot at this MI-SOS link.

The rest of you: check your own state’s primary date and registration deadlines. Scoot!

Share this entry