In this roundup: A short film about a mother’s time travel adventure, the Internet of Stupid Things, and more.
Sometimes when I go exploring for music I find something I like but it’s a complete mystery how it came to be. I can’t tell you much of anything about this artist — only that he’s German, he’s repped by a company in the Netherlands, and his genre is house/electronica. And that’s it, apart from the fact he’s got more tracks you can listen to on SoundCloud. My favorites so far are this faintly retro piece embedded here (on SoundCloud at Only You) and Fade — both make fairly mellow listening. His more popular works are a little more aggressive, like Gunshots and HWAH.
Caught a late summer bug, not firing on all cylinders. Here’s some assorted odds and ends that caught my eye between much-needed naps.
- Infosec firm approached investment firm to play short on buggy medical devices (Bloomberg) — Jeebus. Bloomberg calls this “highly unorthodox,” but it’s just grossly unethical. Why didn’t this bunch of hackers at MedSec go to the FDA and the SEC? This is a shakedown where they get the market to pay them first instead of ensuring patients are protected and shareholders of St. Jude medical device manufacturer’s stock are appropriately informed. I call bullshit here — they’re trying to game the system for profit and don’t give a shit about the patients at risk. You know when the maximum payout would be? When patient deaths occurred and were reported to the media.
- Apple iPhone users, update your devices to iOS 9.3.5 stat: serious malware designed to spy and gain control of iPhone found (Motherboard) — Hey look, a backdoor applied after the fact by a “ghost” government spyware company. The malware has been around since iPhone 5/iOS 7; it could take control of an iPhone and allow a remote jailbreak of the device. Interesting this Israeli spyware firm received a big chunk of cash from U.S. investor(s).
- Apple filed for patent on unauthorized user biometric data collection system (AppleInsider) — If an “unauthorized user” (read: thief) uses an iPhone equipped with this technology, the device could capture a photo and fingerprint of the user for use by law enforcement. Not exactly rocket science to understand how this might be used by law enforcement remotely to assure a particular contact (read: target) is in possession of an iPhone, either. Keep an eye on this stuff.
- India-France submarine construction program hacked (NDTV) — The Indian Navy contracted construction of (6) Scorpene-class submarines from French shipbuilder DCNS. Tens of thousands of pages of information from this classified project were leaked; the source of the documents appears to be DCNS, not India. The French government as well as India is investigating the hack, which is believed to be a casualty in “economic war.”
- Hacking of Ghostbusters’ star Leslie Jones under investigation (Guardian) — Jones’ website and iCloud accounts were breached; initial reports indicated the FBI was investigating the matter, but this report says Homeland Security is handlng the case. Does this mean an overseas attacker has already been identified?
- Taiwanese White hat hacker and open government activist named to digital policy role (HKFP) — Audrey Tang, programmer and consultant for Apple, will shift gears from private to public sector now that she’s been appointed an executive councillor for digital policy by Taiwan. Tang has been part of the Sunflower Student Movement which has demanded greater transparency and accountability on Cross-Strait Service Trade Agreement with China while resisting Chinese reunification.
- Oops! Recent Google Apps outage caused by…Google? (Google Cloud) — Change management boo-boo borked an update; apparently engineers working on an App Engine update didn’t know software updates on routers was in progress while they performed some maintenance. Not good.
- Gyroscope made of tiny atomic chamber could replace GPS navigation (NIST.gov) — A miniature cloud of atoms held in suspension between two states of energy could be used as a highly accurate mini-gyroscope. National Institute of Standards and Technology has been working a mini-gyro for years to provide alternate navigation in case GPS is hacked or jammed.
- Tim Berners-Lee wants to decentralize the internet (Digital Trends) — The internet has centralized into corporate-owned silos of storage and activities like Facebook, Google and eBay. Berners-Lee, who is responsible for the development of browsing hyperlinked documents over a network, wants the internet to be spread out again and your data in your own control.
That’s enough to chew on for now. Hope to check in Friday if I shake off this bug.
All that is gold does not glitter; not all those who wander are lost.
— excerpt, The Lord of the Rings by J. R. R. Tolkien
It’s a lovely summer day here, cool and dry. Perfect to go walkabout, which I will do straight away after this post.
- Spearphishing method used on HRC and DNC revealed by security firm (SecureWorks) — Here’s their report, but read this Twitter thread if you don’t think you can handle the more detailed version. In short, best practice: DON’T CLICK ON SHORTENED LINKS using services like Bitly, which mask the underlying URL.
- Researchers show speakerless computers can be hacked by listening to fans (arXiv.org) — Air-gapping a computer may not be enough if hackers can listen to fan operation to obtain information. I’ll have to check, but this may be the second such study.
- Another massive U.S. voter database breached (Naked Security) — This time 154 million voters’ data exposed, revealing all manner of details. 154M is larger than the number of voters in the 2012 general election, though smaller than the 191M voters’ records breached in December. At least this time the database owner slammed the breach shut once they were notified of the hole by researcher Chris Vickery. Nobody’s fessed up to owning the database involved in the the December breach yet.
- Speaking of Vickery: Terrorism databased leaked (Reddit) — Thomson-Reuters’ database used by governments and banks to identify and monitor terrorism suspects was leaked (left open?) by a third party. Vickery contacted Thomson-Reuters which responded promptly and closed the leak. Maybe some folks need to put Vickery on retainer…
- Different kind of hack: Trump campaign hitting up overseas MPs for cash? Or is he? (Scotsman) — There are reports that Trump’s campaign sent fundraising emails received by elected representatives in the UK and Iceland. Based on what we know now about the spearphishing of HRC and DNC, has anybody thought to do forensics on these emails, especially since government officials are so willing to share them widely? Using these kinds of emails would be a particularly productive method to spearphish government and media at the same time, as well as map relationships. Oh, and sow dissension inside the Trump family, urm, campaign. On the other hand, lack of response from Trump and team suggests it’s all Trump.
Makers making, takers taking
- Apple granted a patent to block photo-taking (9to5Mac) — The technology relies on detecting infrared signals emitted when cameras are used. There’s another use for the technology: content can be triggered to play when infrared signal is detected.
- Government suppressing inventions as military secrets (Bloomberg) — There’s merit to this, preventing development of products which may undermine national security. But like bug bounties, it might be worth paying folks who identify methods to breach security; it’s a lot cheaper than an actual breach, and a bargain compared to research detecting the same.
- Google wants to make its own smartphone (Telegraph-UK) — This is an effort apart from development of the modular Ara device, and an odd move after ditching Motorola. Some tech industry folks say this doesn’t make sense. IMO, there’s one big reason why it’d be worth building a new smartphone from the ground up: security. Google can’t buy an existing manufacturer without a security risk.
- Phonemaker ZTE’s spanking for Iran sanction violations deferred (Reuters) — This seems kind of odd; U.S. Commerce department agreed to a reprieve if ZTE cooperated with the government. But then think about the issue of security in phone manufacturing and it makes some sense.
A-brisket, a Brexit
- EU health commissioner Andriukaitis’ response to Nigel Farage’s insulting remarks (European Commission) — Farage prefaced his speech to European Commissioners yesterday by saying “Most of you have never done a proper day’s work in your life.” Nice way to win friends and influence people, huh? Dr. Vytenis Andriukaitis is kinder than racist wanker Farage deserves.
- Analysis of next couple years post-Brexit (Twitter) — Alex White, Director of Country Analysis at the Economist Intelligence Unit, offers what he says is “a moderate/constructive call” with “Risks definitely to the downside not to the upside.” It’s very ugly, hate to see what a more extreme view would look like. A pity so many Leave voters will never read him.
Follow-up: Facebook effery
Looks like Facebook’s thrown in the towel on users’ privacy altogether, opening personal profiles in a way that precludes anonymous browsing. Makes the flip-flop on users’ location look even more sketchy. (I can’t tell you anymore about this from personal experience because I gave up on Facebook several years ago.)
Happy hump day!
After my Go-Team-Yay-Space post yesterday, it’s time for a Monday morning reality check. Going to Mars will not be a panacea to our ills, as this darkly humorous animated short, Fired on Mars by Nick and Nate, shows. On the other hand, SpaceX’s Elon Musk offers an upside while acknowledging the inherent risk of space travel and colonization: “If you’re going to choose a place to die, then Mars is probably not a bad choice.”
Certainly beats an undiginified extinction by drowning on earth, eh?
We may not be leaving the planet today, but you’d best buckle up anyhow. This week’s going to be a doozy.
Brexit, Brexit, Brexit
Say that in your best Jan Brady voice — Brexit will suck all the oxygen out of this week’s market news. I’m afraid to look at the stock market at all because of it. Euronews has a roundup on the topic (though I warn you, it’s poorly formatted — keep scrolling down the page and increase print size). I’m not posting any other UK-based links here now because it’s quite obvious each media outlet has a position and their coverage reflects it. Most blatantly obvious are those owned by Rupert Murdoch’s Newsgroup, which has prompted some angry murmurs about an Aussie living in the U.S. telling the UK what to do.
Disturbing: Mexico’s federal police fire on teachers’ protest rally
I say disturbing for two reasons: first, that a democratic government’s federal would fire on protesters supporting the CNTE teachers’ union and actively deny it happened is appalling, and second, that its neighbor’s media would ignore that it happened. Teachers and supporters have been rallying in the state of Oaxaca, protesting the government’s education reform plan, characterized by some as neoliberal. It was clear from the outset that the government was in no mood to listen, given the number of riot police in place. The protests followed the detention/disappearance days earlier by police of CNTE union leaders Francisco Manuel Villalobos Ricardez and Ruben Nuñez. Conditions degraded over the course of the day, with federal police firing upon protesters. Early accounts claimed six were killed, of which one may have been a journalist and two teacher trainees. President Enrique Pena Nieto’s government at first denied there was any violence, and then later claimed the Associated Press’ photos of the violence were false. There were enough social media reports documenting the violence on the ground to neutralize the government’s claim — and thank goodness for social media, or the U.S. would have heard very little if anything about this conflict. Not exactly the fiesta of democracy President Nieto promised when he took office in 2012. For more current information about the conflict, follow hashtags #Nochixtlan (district) and #Oaxaca in Twitter; already the death count is disputed as some claim more than eight died after yesterday’s attack by police on protesters.
It’s extremely important to remember the protesters’ anger and frustration are not merely about the ENP government’s reform plan. The 43 young men who disappeared in 2014 and are believed dead were students at a teachers’ college; the federal police have been implicated in the disappearance of these students. To date, the mass disappearance of these students has not been fully accounted for. Imagine the furor if such a mass disappearance were to happen in the U.S.
Cyber, cyber, cyber
LOL sorry, I’m on a Brady Bunch jag. Forgot to remind you last Tuesday was Patch Tuesday — make sure you’ve updated your Win-based systems if you do so manually. Can’t hurt to check all your other non-Win devices, too.
- Adobe Flash zero day patch a higher priority than Microsoft’s monthly patch (TechTarget) — Again, if you manually patch, get to this one ASAP. I’m a manual Adobe patcher myself; I don’t automate patching because I want to know exactly how often Adobe must patch their products. It’s annoyingly often.
- This is your brain on drugs: Too-smart identity thief busted (ABC3340-Birmingham) — Can’t tell if the drugs ate his intelligence, or if they deluded this dude. Read this, it’s like a bad episode of COPS mashed up with Monty Python.
- SmartTVs not so smart, held ransom by Flocker (TrendLabs) — Leap of ransomware to Android smartTVs perfectly exemplifies the danger of connecting things to the internet. Interesting how this one deactivates based on select country locations. Yet another opportunity to sell protection software, too, as you’ll note in the article.
Your recommended long read: Apple’s Differential Privacy
Crytography expert Matthew Green reviews Apple’s announcement this past week regarding development of “differential privacy,” which Apple defined as:
Starting with iOS 10, Apple is using Differential Privacy technology to help discover the usage patterns of a large number of users without compromising individual privacy. To obscure an individual’s identity, Differential Privacy adds mathematical noise to a small sample of the individual’s usage pattern. As more people share the same pattern, general patterns begin to emerge, which can inform and enhance the user experience. In iOS 10, this technology will help improve QuickType and emoji suggestions, Spotlight deep link suggestions and Lookup Hints in Notes.
This is worth your time to read as differential privacy suggests new approaches to meeting the needs of marketers while preserving the privacy of consumers applying algorithmic solutions. Read it now before this stuff gets really convoluted.
Check your safety harness from time to time. Catch you tomorrow!
There are thirteen verb tenses in English. I couldn’t recall the thirteenth one to save my life and now after digging through my old composition texts I still can’t figure out what the thirteenth is.
If I have to guess, it’s probably a special case referring to future action. Why should our language be any more lucid than our vision?
Vision we’ve lost; we don’t elect people of vision any longer because we don’t have any ourselves. We vote for people who promise us bullshit based on illusions of a simple past. We don’t choose people who assure us the road will be hard, but there will be rewards for our efforts.
Ad astra per aspera.
Fifty-five years ago today, John F. Kennedy Jr. spoke to a join session of Congress, asking our nation to go to the moon. I was six months old at the time. This quest framed my childhood; every math and science class shaped in some way by the pursuit, arts and humanities giving voice to the fears and aspirations at the same time.
In contrast I look at my children’s experience. My son, who graduates this year from high school, has not known a single year of K-12 education when we were not at war, when terrorism was a word foreign to his day, when we didn’t worry about paying for health care because we’d already bought perma-warfare. None of this was necessary at this scale, pervading our entire culture. What kind of vision does this create across an entire society?
I will say this: these children also don’t recall a time without the internet. They are deeply skeptical people who understand how easy it is to manipulate information. What vision they have may be biased toward technology, but their vision is high definition, and they can detect bullshit within bits and pixels. They also believe we have left them no choice but to boldly go and build a Plan B as we’ve thoroughly trashed Plan A.
Sic itur ad astra. Sic itur ad futurum.
Still looking at past, present, and future…
- Interview with Prof. Andrew Bacevich (ThisIsHell) — Yes, THAT Bacevich, who looks back at 120 years of U.S. military warfare. Give a listen as he cuts through the fog-of-war-bullshit. And then read his article in Harper’s.
- $1.1M Millennium Technology Prize awarded to Caltech biochemical engineer Frances Arnold (LAT) — Based on her work on directed evolution, Arnold is the first woman to win this prize. It’s worth noting how her career trajectory was shaped by the Reagan administration. What did we lose by not having her working on alternative energy in the 1980s-1990s?
- Blast from the past profile on Elon Musk (Inc.) — If you’ve heard all the buzz about Peter Thiel/Hulk Hogan/Nick Denton/Gawker, you may want to read this piece circa 2007 and note Thiel’s role in shaping Musk’s future.
- Failing to learn from our arts and humanities past hurts us (Chronicle) — Neoliberalism’s tendency to measure everything in discrete terms places too much emphasis on STEM and not enough on arts and humanities including the classics. I always think of this particular argument justifying balance.
- An Inconvenient Anniversary: a decade of climate science’s progress (ScientificAmerican) — Yesterday marked ten years since Al Gore’s An Inconvenient Truth was released. SA looks at our current scientific status compared to 2006.
- Coca Cola halts production in Venezuela due to lack of sugar (Reuters) — Given the dramatic drought in VZ, I’m actually surprised it wasn’t a lack of electricity or water that put the brakes on Coke. Not a positive indicator of our progress since 2006
- Primary school for low-income students funded by Facebook may not open due to lack of water (The Guardian) — A serious water shortage is tying up permits for a squeaky-new school built by Facebook in East Palo Alto. Huh…seems odd a company with access to so much data couldn’t see this coming. Yet another poor indicator of progress since 2006.
- Nice explainer on the invisible part of the internet (Ars Technica) — A bit over the heads in a few places when it touches on modulation and multiplexing and other terms without adequate definition, but still a solid read about the current state of the internet.
- Google+Levi’s interactive jacket (ItsNiceThat) — Because you can’t get to work these days without being jacked into the invisible internet.
- Comparing Apple to BlackBerry, developer Marco Arment frets for Apple’s future (Marco.org) — I can’t help laugh at this bit:
…When the iPhone came out, the BlackBerry continued to do well for a little while. But the iPhone had completely changed the game…
Not only is Arment worrying Apple hasn’t grokked AI as Google has, he’s ignored Android’s ~80% global marketshare in mobile devices. That invisible giant which hadn’t ‘completely changed the game.’
- Ivanpah Solar Power Facility in the Mojave Desert caught fire (WIRED) — IMO, sounds like a design problem; shouldn’t there be a fail-safe on this, a trigger when temps spike at the tower in the wrong place? Anyhow, it looks like Ivanpah has other problems ahead now that photovoltaic power production is cheaper than buggy concentrated solar power systems.
- Women, especially WOC, win a record number of Nebula awards for sci-fi (HuffPo) — Prizes for Novel, Novella, Novelette, Short Story and Young Adult Science Fiction and Fantasy works went to women, which is huge improvement given how many writers and readers are women and women of color. What does the future look like when a greater percentage of humans are represented in fiction? What does a more gender-balanced, less-white future hold for us?
Either I start writing late the night before, or I give up the pretense this is a * morning * roundup. It’s still morning somewhere, I’ll leave this one as is for now. Catch you tomorrow morning — maybe — or early afternoon.
Yesterday I talked about the shift toward mobile computing centered on smartphones, moving from PCs. Behind that transition, out of sight of the public, is the cloud which supports this shift. Content and applications are increasingly stored not on the user’s device but in a server (read: data farm) accessed over the internet.
One manifestation of the shift is the largest technology merger ever — computer manufacturer Dell‘s $70B acquisition of storage company EMC. Dell’s PC sales have been slowly falling over the last handful of years, not unexpected due to the maturity of the market and the shift to mobile devices. Servers have been a large part of Dell’s profits for years, but many opportunities often ended up with competitor EMC when Dell quoted storage. Mobile users need much more remote computing and storage — servers and storage in the cloud — which EMC’s storage area network (SAN) products provide. This made EMC an appetizing fit to augment Dell’s server offerings while offsetting the slowly fading desktop computer sales.
HP, however, split into two companies late last year. One manufactures desktop and other smaller computing devices (HP), the other sells servers and storage products (HP Enterprise Business). One might wonder if HP was preparing to spin off the portion of the business that makes PCs just as its competitor IBM did in 2005 when it spun off its PC division to Chinese manufacturer Lenovo.
Media will say with the EMC acquisition that Dell is positioned for better end-to-end service — but with so much computing now done on smartphones, this is not true. Dell and its competitor HP are only offering up to the smartphone.
Speaking of smartphones…
Suspect ordered to open Apple iPhone with Touch ID
29-year-old Paystar Bkhchadzhyan, a small-time crook charged with identity theft, was ordered by U.S. Magistrate Judge Alicia Rosenberg to swipe an iPhone seized from her boyfriend’s apartment in order to unlock it.
It’s not clear whether the iPhone has been identified as belonging to Bkhchadzhyan based on multiple reports, only that she may have “control over” the device. Nor is it clear — since she has already pleaded no contest to the charge against her — if the iPhone’s contents will be used against her, or against her boyfriend.
It’s also not clear why law enforcement hasn’t used the “gummy bear technique” to open the phone, which would not force Bkhchadzhyan to lift a finger but instead use fingerprints already provided as evidence, bypassing any question of Fifth Amendment violations. Is this simple technique too much effort or too complicated for today’s police force?
DISH TV techs to offer Apple iPhone repair service
Not authorized by Apple, mind you, but DISH TV will offer new service to their customers who use iPhones, including battery and screen replacements. The company anticipates offering the same limited repair services to Android users in the near future. This says something about the transition of content consumption from TV to mobile devices, and the use of mobile devices as TV and content controllers.
LuxLeakers in court this week – Luxembourg’s version of Panama Papers
Antoine Deltour and Raphael Halet, former PricewaterhouseCoopers’ employees, appear in court this week on charges they stole and leaked documents on many of PwC’s corporate clients — Accenture, Burberry, Icap, Ikea, Walt Disney Co., Heinz, JP Morgan, FedEx, Microsoft Corp.’s Skype, PepsiCo Inc., Procter & Gamble, Shire Pharmaceuticals to name a few. The documents outline the tax avoidance/evasion strategies employed by these firms with PwC’s assistance and Luxembourg’s implicit or tacit approval. This case should have as much impact as the Panama Papers as the corporations involved are quite large and the Luxembourg government is implicated.
Australia: Your human rights abuses suck, but we Americans have no room to talk
If you don’t watch Australian politics, you should. Aussies have forced approximate 900 refugees to remain indefinitely on Manus Island of Papua New Guinea and the island country of Nauru, which are little more than rocks in the middle of the ocean with penal colonies masquerading as a refugee ‘welcome centers.’ The conditions have been wretched — and they must be if an outlet like Foreign Policy calls Australia’s practice ‘intolerable cruelty.’ Their captivity is now illegal according to PNG’s court, but the refugees are left without recourse. Two refugees have immolated themselves within the last week out of desperation. But Americans have not demanded Australia take the refugees because it would mean having to take some refugees here, too. Oh, and Gitmo — can’t point to island-based human holding pens without allowing other countries to point to Gitmo. Or our immigration detention and deportation processes.
That last bit — both of the immolated refugees were not offered immediate health care — is so disgusting and disheartening I can’t come up with anything more to write. Hope for a better day tomorrow, see you in the morning.
The Emperor’s Palace was the most splendid in the world, all made of priceless porcelain, but so brittle and delicate that you had to take great care how you touched it. …
— excerpt, The Nightingale from The Yellow Fair Book by Andrew Lang
Last week I’d observed that Apple’s stock value had fallen by ~7% after its financial report was released. The conventional wisdom is that the devaluation was driven by Apple’s first under-performing quarter of iPhone sales, indicating weaker demand for iPhones going forward. Commenter Ian remarked that Apple’s business model is “brittle.” This perspective ignores the meltdown across the entire stock global market caused by China’s currency devaluation, disproportionately impacting China’s consumption habits. It also ignores great untapped or under-served markets across other continents yet to be developed.
But more importantly, this “wisdom” misses a much bigger story, which chip and PC manufacturers have also reflected in their sales. The video above, now already two years old, explains very neatly that we have fully turned a corner on devices: our smartphones are and have been replacing our desktops.
Granted, most folks don’t go through the hassle of purchasing HDMI+USB connectors to attach larger displays along with keyboards. They continue to work on their phones as much as possible, passing content to and from cloud storage when they need to work from a keyboard attached to a PC. But as desktops and their attached monitors age, they are replaced in a way that supports smartphones as our main computing devices — flatscreen monitors, USB keyboards and mice, more powerful small-footprint external storage.
And ever increasing software-as-a-service (SaaS) combined with cloud storage.
Apple’s business model isn’t and hasn’t been just iPhones. Not since the debut of the iPod in October 2001 has Apple’s business model been solely focused on devices and the operating system required to drive them. Heck, not since the debut of iTunes in January 2001 has that been true.
Is there a finite limit to iPhones’ market? Yeah. Same for competing Android-driven devices. But is Apple’s business just iPhones? Not if iTunes — a SaaS application — is an indicator. As of 2014, there were ~66 million iPhones in the U.S., compared to ~800 million iTunes users. And Apple’s current SaaS offerings have exploded over time; the Apple store offers millions of apps created by more than nine million registered developers.
At least nine million registered developers. That number alone should tell you something about the real business model.
iPhones are a delivery mechanism, as are Android-based phones. The video embedded above shows just how powerful Android mobile devices can be, and the shift long underway is not based on Apple’s platform alone. If any business model is brittle right now, it’s desktop computing and any software businesses that rely solely on desktops. How does that change your worldview about the economy and cybersecurity? Did anyone even notice how little news was generated about the FBI accessing the San Bernardino shooter’s PCs? Was that simply because of the locked Apple iOS account, or was it in part because the case mirrored society’s shift to computing and communications on mobile devices?
File under ‘Stupid Michigan Legislators‘: Life sentences for automotive hackers?
Hey. Maybe you jackasses in Michigan’s state senate ought to deal with the permanent poisoning of nearly 8000 children in Flint before doing something really stupid like making one specific kind of hacking a felony worthy of a life sentence. And maybe you ought to do a little more homework on hacking — it’s incredibly stupid to charge a criminal with a life sentence for a crime as simple as entry permitted by wide-open unlocked doors. Are we going to allocate state money to chase hackers who may not even be in this country? Are we going to pony up funds for social media monitoring to catch hackers talking about breaching wide-open cars? Will this law deter citizen white hats who identify automakers’ vulnerabilities? File this mess, too, under ‘Idiotic Wastes of Taxpayers’ Money Along with Bathroom Legislation by Bigots‘. This kind of stuff makes me wonder why any smart people still live in this state.
File this, too, under ‘Stupid Michigan Legislators‘: Lansing Board of Water and Light hit by ransomware
Guess where the first ransomware attack on a U.S. utility happened? Do I need to spell it out how ridiculous it looks for the electric and water utility for the state’s capitol city to be attacked by ransomware while the state’s legislature is worrying about who’s using the right bathroom? Maybe you jackasses in Lansing ought to look at funding assessment and security improvements for ALL the state’s utilities, including both water safety and electricity continuity.
Venezuela changes clocks to reduce electricity consumption
Drought-stricken Venezuela already reduced its work week a month ago to reduce electricity demand. Now the country has bumped its clocks forward by 30 minutes to make more use of cooler early hour during daylight. The country has also instituted rolling blackouts to cutback on electricity. Cue the right-wing pundits claiming socialism has failed — except that socialism has absolutely nothing to do with a lack of rainfall to fill reservoirs.
Coca Cola suing for water as India’s drought deepens
This is a strong piece, worth a read: Whose Water Is It Anyway?
After a long battle, the UN declared in 2010 that clean water was a fundamental right of all citizens. Easier said than done. The essential, alarming question has become, ‘Who does the groundwater belong to?’ Coca Cola is still fighting a case in Kerala where the farmers rebelled against them for using groundwater for their bottling plants. The paddy fields for miles around dried up as water for Coke or the company’s branded bottled water was extracted and transported to richer urban consumers.
Who did that groundwater belong to? Who do our rivers belong to? To the rich and powerful who can afford the resources to draw water in huge quantities for their industries. Or pollute the rivers with effluent from their industries. Or transport water over huge distances at huge expense to turn it into profit in urban areas.
Justus Rosenberg: One of Hannah Arendt’s rescuers
Ed Walker brought this piece to my attention, a profile of 95-year-old Justus Rosenberg featured in this weekend’s New York Times. I love the last two grafs especially; Miriam Davenport characterized Rosenberg as “a nice, intelligent youngster with no family, no money, no influence, no hope, no fascinating past,” yet he was among those who “…were a symbol of sorts, to me, in those days […] Everyone was moving Heaven and earth to save famous men, anti-fascist intellectuals, etc.” Rosenberg was a superhero without a cape.
That’s our week started. See you tomorrow morning!
See you tomorrow morning!
This video came from a random browse for new artists. I don’t know yet if I have an opinion; first minute is rocky, but improves. Think I need to sample some more by this artist. You can find Unknown Mortal Orchestra on SoundCloud.com if you want to sample more without the video — I do like the cover of Sitting on the Dock of the Bay. Verdict still out on the more experimental atmospheric stuff.
Looking for more trouble…
Wow. An issue everybody could love. Do read the Forbes bit as they had the most objections. Caveat: You may have to see John Stossel’s mug if you read the ATR’s opinion.
Next up: Senate, which is waffling thanks to Grassley —
But it was unclear if Senate Judiciary Committee Chairman Chuck Grassley, who holds jurisdiction over the legislation, intends to move it forward during an election year.
The Iowa Republican will review the House bill, consult with stakeholders and his committee “and decide where to go from there,” a spokeswoman told Reuters in an email.
- Apple’s stock tanked yesterday falling 7% in response to a drop in demand for iPhones; Apple suppliers likewise took a hit. Come on, there’s a finite number of smartphone users, and the limit must be reached some time. Shouldn’t have rattled the market so much — not like the market didn’t notice China’s market woes and subsequent retrenchment of purchasing over the last 6 months, too.
- FBI said it wouldn’t disclose the means by which a “grey hat hacker” cracked the San Bernardino shooter’s work-issued iPhone 5c. Wouldn’t, as in couldn’t, since the FBI didn’t acquire intellectual property rights to the method. Hmm.
- coincidentally, FBI notified Apple of a vulnerability in older iPhones and Macs, though an unnamed source said the problem had already been fixed in iOS9 and in Mac OS C El Capitan. Nice of FBI to make an empty gesture validate the problem.
- And because I mentioned it, Apple Crisp. I prefer to use Jonathans and Paula Reds in mine.
- The Gundremmingen nuclear power plant in Bavaria found malware in computers added in 2008, connected to the fuel loading system. Reports say the malware has not posed any threat, though an investigation is under way to determine how the plant was infected. Not many details in German media about this situation — timing and method of discovery aren’t included in news reports.
- A report by Reuters says the malware was identified and includes “W32.Ramnit” and “Conficker” strains. The same report implies the malware may have been injected by devices like USB sticks found in the plant, though the report does not directly attribute the infection to them.
- BONUS: Reuters quoted cybersecurity expert Mikko Hypponen of F-Secure about the nuclear plant’s infection — but Hypponen elaborated on the spread of viruses, saying that
he had recently spoken to a European aircraft maker that said it cleans the cockpits of its planes every week of malware designed for Android phones. The malware spread to the planes only because factory employees were charging their phones with the USB port in the cockpit.
Because the plane runs a different operating system, nothing would befall it. But it would pass the virus on to other devices that plugged into the charger.
Pretty sure Reuters hadn’t counted on that tidbit.
- Give their report on Gundremmingen’s infection, it’s odd that Reuters’ op-ed on the state of nuclear safety post-Chernobyl made zero reference to cybersecurity of nuclear facilities.
- Online gaming community Minecraft “Lifeboat” breach exposed 7 million accounts (NetworkWorld) — Minecraft took its tell notifying users because it says it didn’t want to tip off hackers. Wonder how many of these accounts belonged to minors?
- On the topic of games, feckless Sony leaks like a sieve again, tipping off new game (Forbes) — Jeebus. Sony Group’s entire holding company bleeds out information all the time. This latest leak is about the next version of Call of Duty. Not certain which is more annoying: yet another Sony leak, or that “Infinite Warfare” is the name of the game.
- Open source AI consortium OpenAI shows a bit of its future direction (MIT Technology Review) — Looks like the near term will be dedicated to machine learing.
- Just another pretty face on Cruz’ ticket may bring conflict on H-1B visas (Computerworld) — Seems Cruz wants to limit low-cost H-1B labor, and new VP choice Fiorina is really into offshoring jobs. Commence headbutting. (By the way, I’m being snarky about ‘another pretty face.’ They deserve each other.)
I may have to quit calling these morning roundups given all the scheduling issues I have on my hands right now. At least it’s still morning in Alaska and Hawaii. Catch you here tomorrow!
It’s Friday, when we usually cover a different jazz genre. But we’re playing these sorry cards we’ve been dealt this week and observing the passing of a great artist.
We’ll probably all be sick of seeing this same video, but it is one of the very few of Prince available for embedding with appropriate intellectual property rights preserved. It’s a result of Prince’s tenacious control over his artistic product that we won’t have ready access to his past performances, but this same tenacity taught many artists how to protect their interests.
It’s worth the hour and a quarter to watch the documentary Prince in the 1980s; the enormity of his talent can’t be understood without reactions by professionals to his abilities.
The way his voice slides easily into high registers at 05:44, his guitar playing beginning at 06:53, offer us just the smallest glimpses of his spectacular gifts.
Good night, sweet Prince, may flights of angels sing thee to thy rest.
Great Google-y moogley
- European Community’s Antitrust Commission issued a Statement of Objections regarding perceived breaches of antitrust laws by Google’s Android operating system (European Commission press release) — The EU has a problem with Android’s ~90% market share in some member states. They may have a tough time with their case as the EU did very little to preserve the Nokia Symbian OS when Microsoft bought Nokia phone business. Their point about lack of application interoperability and portability between mobile devices is also weak as they did not make that case with Windows-based applications on personal computers. Further, Google has been aggressive to the point of annoyance in its efforts to segregate Android and Google apps — I can attest to this, having a handful of Android devices which have required irritating application upgrades to facilitate this shift over the last year and a half. This will be an interesting case to watch.
- The second annual Android Security Report was released on Google’s blog this week (Google Blog) — Some interesting numbers in this report, including Google’s revelation that it scans 400 million devices a day. Gee, a figure intelligence agencies must envy.
- Roughly 29% of Android devices can’t be accessed to issue monthly security patches (Naked Security) — Sophos has a bit of an attitude about the back-of-the-envelope number it scratched out, calculating a little more than 400 million Android devices may not be running modern Android versions Google can patch, or may not be accessible to scanning for patching. You’d think a cybersecurity vendor would revel in this opportunity to sell product. Or that an otherwise intelligent and successful security firm would recognize the numbers reflect Android’s continued dominance in the marketplace with more than 1.4 billion active devices. The risk is big, but how much of that risk is due to the success of the devices themselves — still highly usable if aging, with insufficient memory for upgrades? Sounds so familiar (*cough* Windows XP)…
- Google passed a benchmark with mobile version of Chrome browser on more than 1 billion devices (Business Insider) — Here’s another opportunity to screw up interpretation of data: mobile Chrome works on BOTH Android and iOS devices. I know for a fact the latest mobile Chrome will NOT work on some older Android devices.
Under Not-Google: Opera browser now has free built-in VPN
A lesser-known browser with only 2% of current market share, Opera is a nice alternative to Chrome and Firefox. Its new built-in free VPN could help boost its market share by offering additional privacy protection. It’s not clear this new feature will protect users against censorship tools, though — and this could be extremely important since this Norwegian software company may yet be acquired by a Chinese company which placed a bid on the firm a couple of months ago.
Definitely Not-Google: Apple cracker cost FBI more than $1 million
Can’t swing an iPad without hitting a report on FBI director James Comey’s admission at the Aspen Security Forum this week in Londn that cracking the San Bernardino shooter’s work iPhone cost “more than I will make in the remainder of this job, which is 7 years and 4 months,” or more than $1 million dollars. Speaking of exorbitant expenses, why was Comey at this forum in London? Oh, Comey was the headliner for the event? Isn’t that interesting…wonder if that speaking gig came with speaker’s fee?
That’s it for this week’s morning roundups. Hope you have a nice weekend planned ahead of you!
Day after day, day after day,
We stuck, nor breath nor motion;
As idle as a painted ship
Upon a painted ocean.
Water, water, every where,
And all the boards did shrink;
Water, water, every where,
Nor any drop to drink.
— excerpt, The Rime of the Ancient Mariner by Samuel Taylor Coleridge
Felony and misdemeanor charges are expected today in the Flint water crisis. State Attorney General Bill Schuette will put on a media dog-and-pony show, when it is expected that three persons — two engineers with the Michigan Department of Environmental quality and a Flint water department employee — will be charged for Flint’s lead water levels after the cut-over to Flint River water.
Mind you, the descriptions of these persons do not match that of higher level persons who were responsible for
1) making the final decision to cut Flint off from Detroit’s water system and switching to the Flint river;
2) evaluating work performed by consulting firms about the viability of Flint River as a water source, or about reporting on lead levels after the cut-over;
3) ensuring the public knew on a timely basis the water was contaminated once it was already known to government officials;
4) lack of urgency in responding to a dramatic uptick in Legionnaire’s disease, or the blood lead levels in children.
Just for starters. Reading the Flint water crisis timeline (and yes, it needs updating), it’s obvious negligence goes all the way to the top of state government, and into the halls of Congress.
Michigan’s Governor Snyder has elected to perform some weird self-flagellating mea culpa or performance art, by insisting he and his wife will drink filtered Flint city water for a month. It’s a pointless gesture since the toxic lead levels, experienced during the two years immediately after the city’s cut-over to the Flint River, have already fallen after doing permanent damage to roughly eight thousand children in and around Flint.
Flint’s Mayor Karen Weaver said about the governor’s stunt, “[H]e needs to come and stay here for 30 days and live with us and see what it’s like to use bottled or filtered water when you want to cook and when you want to brush your teeth.”
Or get a new mortgage, I would add. The gesture also does nothing for Flint’s property values. Imagine living in Flint, trying to refinance your home to a lower interest rate, telling the bank, “Oh, but the water’s safe enough for the governor!” and the bank telling you, “Nah. Too risky.”
UPDATE — 10:45 AM EDT —
Charges have been filed against City of Flint’s Laboratory & Water Quality Supervisor Mike Glasgow and Michigan Department of Environmental Quality Office of Drinking Water and Management Assistance district director Steven Busch and MI-ODWMA District Engineer Michael Prysby. Mlive.com-Flint reports,
Glasgow is accused of tampering with evidence when he allegedly changed testing results to show there was less lead in city water than there actually was. He is also charged with willful neglect of office.
Prysby and Busch are charged with misconduct in office, conspiracy to tamper with evidence, tampering with evidence, a treatment violation of the Michigan Safe Drinking Water Act and a monitoring violation of the Safe Drinking Water.
None of the individuals charged in the case have been arraigned.
Sure would like to see the evidence on Glasgow, given the email he wrote 14-APR-2014 (see the timeline).
House hearing on encryption yesterday
- Worth the time if you have it to listen to the House Energy and Commerce Oversight and Investigations Subcommittee’s hearing, ‘Deciphering the Debate Over Encryption: Industry and Law Enforcement Perspectives‘ to catch Apple’s general counsel Bruce Sewell and UPenn’s CIS asst. prof. Matt Blaze. Not so much for Indiana State Police Captain Charles Cohen, who was caught up in misinfo/disinfo about Apple’s alleged non-cooperation with the U.S. government. Wish there was a transcript, especially for the part where Sewell was quizzed as to whether Apple would encrypt their cloud.
- Speaking of Cohen and misinfo/disinfo, Apple said it hasn’t released source code to Chinese (Reuters) — This is the spin IN’s Cohen got caught up in. Nope.
Another Congressional hearing of interest: Fed Cybersecurity
In case you missed it, catch the video of today’s House Oversight Subcommittee on Information Technology hearing on Federal Cybersecurity Detecion, Response, and Mitigation. You may have seen Marcy’s tweets on this hearing, at which Juniper Networks was a no-show, and Rep. Ted Lieu (D-CA) was kind of pissed off. Catch Bruce Schneier’s post about Juniper’s vulnerability.
Volkswagen has company: Mitsubishi’s mileage data tweaked to cheat
The Japanese automaker may have to pay back tax rebates offered on vehicles meeting certain fuel efficiency standards. Data from mileage tests on hundreds of thousands of cars was fudged to make the cars look 5-10 percent more efficient.
Speaking of cheating: Volkswagen’s use of code words masked references to emissions controls cheats
The amount of data under review along with the use of code words and phrases like “acoustic software” may delay the completion of the probe’s report. Don’t forget: tomorrow is the second 30-day deadline set for VW to provide a technical solution for owners of its passenger diesel vehicles.
That’s enough. Michigan state AG newser underway now as I update this again at 1:15 p.m. EDT; I may not update here since I addressed known charges above. Catch you on the other side of the hump.