In a wonderful example of truth validating fiction, the star system imagined as the location of Vulcan, Spock's home world in Star Trek, has a planet orbiting it in real life. From a report: A team of scientists spotted the exoplanet, which is about twice the size of Earth, as part of the Dharma Planet Survey (DPS), led by University of Florida astronomer Jian Ge. It orbits HD 26965, more popularly known as 40 Eridani, a triple star system 16 light years away from the Sun. Made up of a Sun-scale orange dwarf (Eridani A), a white dwarf (Eridani B), and a red dwarf (Eridani C), this system was selected to be "Vulcan's Sun" after Star Trek creator Gene Roddenberry consulted with astronomers Sallie Baliunas, Robert Donahue, and George Nassiopoulos about the best location for the fictional planet. "An intelligent civilization could have evolved over the aeons on a planet circling 40 Eridani," Roddenberry and the astronomers suggested in a 1991 letter to the editor published in Sky & Telescope. The three stars "would gleam brilliantly in the Vulcan sky," they added. The real-life exoplanet, known as HD 26965b, is especially tantalizing because it orbits just within the habitable zone of its star, meaning that it is theoretically possible that liquid water -- the key ingredient for life as we know it -- could exist on its surface.
Read more of this story at Slashdot.
An anonymous reader writes: Thursday the humor magazine Annals of Improbable Research held their 28th annual ceremony recognizing the real (but unusual) scientific research papers "that make people laugh, then think." And winning this year's coveted Literature prize was a paper titled "Life Is Too Short to RTFM: How Users Relate to Documentation and Excess Features in Consumer Products," which concluded that most people really, truly don't read the manual, "and most do not use all the features of the products that they own and use regularly..." "Over-featuring and being forced to consult manuals also appears to cause negative emotional experiences." Another team measured "the frequency, motivation, and effects of shouting and cursing while driving an automobile," which won them the Ig Nobel Peace Prize. Other topics of research included self-colonoscopies, removing kidney stones with roller coasters, and (theoretical) cannibalism. "Acceptance speeches are limited to 60 seconds," reports Ars Technica, "strictly enforced by an eight-year-old girl nicknamed 'Miss Sweetie-Poo,' who will interrupt those who exceed the time limit by repeating, 'Please stop. I'm bored.' Until they stop." You can watch the whole wacky ceremony on YouTube. The awards are presented by actual Nobel Prize laureates -- and at least one past winner of an Ig Nobel Prize later went on to win an actual Nobel Prize.
Read more of this story at Slashdot.
MJ Carlson calls this photo from a 1980s computer science textbook "the most glorious stock photo of all time." She is correct.
In a series of three recent papers, astronomers have identified the final chunks of all the ordinary matter in the universe. From a report: And despite the fact that it took so long to identify it all, researchers spotted it right where they had expected it to be all along: in extensive tendrils of hot gas that span the otherwise empty chasms between galaxies, more properly known as the warm-hot intergalactic medium, or WHIM. Early indications that there might be extensive spans of effectively invisible gas between galaxies came from computer simulations done in 1998. "We wanted to see what was happening to all the gas in the universe," said Jeremiah Ostriker, a cosmologist at Princeton University who constructed one of those simulations along with his colleague Renyue Cen. The two ran simulations of gas movements in the universe acted on by gravity, light, supernova explosions and all the forces that move matter in space. "We concluded that the gas will accumulate in filaments that should be detectable," he said. Except they weren't -- not yet. "It was clear from the early days of cosmological simulations that many of the baryons would be in a hot, diffuse form -- not in galaxies," said Ian McCarthy, an astrophysicist at Liverpool John Moores University. Astronomers expected these hot baryons to conform to a cosmic superstructure, one made of invisible dark matter, that spanned the immense voids between galaxies. The gravitational force of the dark matter would pull gas toward it and heat the gas up to millions of degrees. Unfortunately, hot, diffuse gas is extremely difficult to find. To spot the hidden filaments, two independent teams of researchers searched for precise distortions in the CMB, the afterglow of the Big Bang. As that light from the early universe streams across the cosmos, it can be affected by the regions that it's passing through. In particular, the electrons in hot, ionized gas (such as the WHIM) should interact with photons from the CMB in a way that imparts some additional energy to those photons. The CMB's spectrum should get distorted. Unfortunately the best maps of the CMB (provided by the Planck satellite) showed no such distortions. Either the gas wasn't there, or the effect was too subtle to show up. But the two teams of researchers were determined to make them visible. From increasingly detailed computer simulations of the universe, they knew that gas should stretch between massive galaxies like cobwebs across a windowsill. Planck wasn't able to see the gas between any single pair of galaxies. So the researchers figured out a way to multiply the faint signal by a million.
Read more of this story at Slashdot.
What happens to gadgets when you're done with them? Too often, they explode. From a report: Around the world, garbage trucks and recycling centers are going up in flames. The root of the problem: volatile lithium-ion batteries sealed inside our favorite electronics from Apple, Samsung, Microsoft and more. They're not only dangerous but also difficult to take apart -- making e-waste less profitable, and contributing to a growing recycling crisis. These days, rechargeable lithium-ion batteries are in smartphones, tablets, laptops, ear buds, toys, power tools, scooters, hoverboards and e-cigarettes. For all their benefits at making our devices slim, powerful and easy to recharge, lithium-ion batteries have some big costs. They contain Cobalt, often mined in inhumane circumstances in places like the Congo. And when crushed, punctured, ripped or dropped, lithium-ion batteries can produce what the industry euphemistically calls a "thermal event." It happens because these batteries short circuit when the super-thin separator between their positive and negative parts gets breached. Old devices end up in trouble when we throw them in the trash, stick them in the recycling bin, or even responsibly bring them to an e-waste center. There isn't official data on these fires, but the anecdotal evidence is stark. Since the spring of 2018 alone, batteries have been suspected as the cause of recycling fires in New York, Arizona, Florida, Wisconsin, Indiana, Idaho, Scotland, Australia and New Zealand. In California, a recent survey of waste management facilities found 83 percent had at least one fire over the last two years, of which 40 percent were caused by lithium-ion batteries.
Read more of this story at Slashdot.
Earlier this summer, NASA astronaut Scott Tingle returned to Earth after spending 168 days living and working in low-Earth orbit aboard the International Space Station. During a six-month mission, Tingle and his crewmates completed hundreds of experiments, welcomed four cargo spacecraft delivering several tons of supplies and experiments, and performed spacewalks. To document the happenings aboard NASA’s orbiting laboratory, Tingle kept a journal that provides his real-time reflections about his first spaceflight, including this Captain Log that mentions the five things he will miss about being in space. Starting at 3 p.m. EDT on Sept. 12, you can ask him anything about adjusting to being back on our home planet!
What questions would you ask an astronaut after their first spaceflight?— NASA (@NASA) September 10, 2018
Join @Astro_Maker for a @reddit_AMA on Wednesday, Sept. 12 at 3pm ET as he takes your questions about adjusting to being back on Earth after spending six months living & working on the @Space_Station. pic.twitter.com/L9gLQdcwwW
Thanks for joining today's AMA! I'm signing off, but appreciate all the fun questions!
Around 73,000 years ago, humans used a chunk of pigment to draw a pattern on a rock in a South African cave. The recently discovered fragment of the rock is now considered to be the oldest known drawing in history. From Science News:
The faded pattern consists of six upward-oriented lines crossed at an angle by three slightly curved lines, the researchers report online September 12 in Nature. Microscopic and chemical analyses showed that the lines were composed of a reddish, earthy pigment known as ocher.
The lines end abruptly at the rock’s edges, indicating that a larger and possibly more complex version of the drawing originally appeared on a bigger stone, the researchers say. Tiny pigment particles dotted the rock’s drawing surface, which had been ground smooth. Henshilwood suspects the chunk of rock was part of a large grinding stone on which people scraped pieces of pigment into crayonlike shapes.
Crosshatched designs similar to the drawing have been found engraved on shells at the site, Henshilwood says. So the patterns may have held some sort of meaning for their makers. But it’s hard to know whether the crossed lines represent an abstract idea or a real-life concern.
Yamaha's Motobot is not alone, it seems. Behind closed doors, BMW has also been working on autonomous motorcycle technology for the last couple of years. And yesterday, BMW Motorrad released footage of a self-driving R1200GS negotiating its own way around a test track... Continue Reading Riderless BMW R1200GS eerily makes its way around a test track
In the United States, a secret federal surveillance court approves some of the government’s most enormous, opaque spying programs. It is near-impossible for the public to learn details about these programs, but, as it turns out, even the court has trouble, too.
According to new opinions obtained by EFF last month, the Foreign Intelligence Surveillance Court (FISC) struggled to get full accounts of the government’s misuse of its spying powers for years. After learning about the misuse, the court also struggled to rein it in.
In a trio of opinions, a judge on the FISC raised questions about unauthorized surveillance and potential misuse of a request he had previously granted. In those cases, the secrecy inherent in the proceedings and the government’s obfuscation of its activities made it difficult for the court to grasp the scope of the problems and to prevent them from happening again.
The opinions were part of a larger, heavily redacted set—31 in total—released to EFF in late August as part of a Freedom of Information Act lawsuit we filed in 2016 seeking all significant FISC opinions. The government has released 73 FISC opinions to EFF in response to the suit, though it is continuing to completely withhold another six. We are fighting the government’s secrecy in court and hope to get the last opinions disclosed soon. You can read the newly released opinions here. To read the previous opinions released in the case, click here, here, and here.
Although many of the newly released opinions appear to be decisions approving surveillance and searches of particular individuals, several raise questions about how well equipped FISC judges are to protect individuals’ statutory and constitutional rights when the government is less than candid with the court, underscoring EFF’s concerns with the FISC’s ability to safeguard individual privacy and free expression.
An opinion written by then-FISC Judge Thomas F. Hogan shows that even the judges approving foreign intelligence surveillance on specific targets have difficulty understanding whether the NSA is complying with its orders, much less the Constitution.
The opinion, the date of which is redacted, orders the deletion of materials the NSA collected without court authorization. The opinion recounts how after the court learned that the NSA had exceeded an earlier issued surveillance order—resulting in surveillance it was not authorized to conduct—the government argued that it had not actually engaged in unauthorized surveillance. Instead, the government argued that it had only violated “minimization procedures,” which are restrictions on the use of the material, not the collection of it.
Judge Hogan, who served on the FISC from 2009-16 and was its chief judge from 2014-16, expressed frustration both with the government’s argument and with its lack of candor, as the court believed officials had previously acknowledged that the surveillance was unauthorized. The opinion then describes how the surveillance failed to comply with several provisions of the Foreign Intelligence Surveillance Act (FISA) in collecting the intelligence. Although the redactions make it difficult to know exactly which FISA provisions the government did not comply with, the statue requires the government to identify a specific target for surveillance and has to show some proof that the facilities being surveilled were used by a foreign power or the agent of one.
As a result, the court ruled that the surveillance was unauthorized. It went on to note that the government’s failure to meet FISA’s requirements also inhibited the court’s ability to do its job, writing that “the Court was deprived of an adequate understanding of the facts known to the NSA and, even if the government were correct that acquisition [redacted] was authorized, a clear and express record of that authorization is lacking.”
The opinion goes on to note that the government’s conduct provided additional reasons to rule that the surveillance was unauthorized. It wrote:
Moreover, the government’s failures in this case are not isolated ones. The government has exhibited a chronic tendency to mis-describe the actual scope of NSA acquisitions in its submissions to this Court. These inaccuracies have previously contributed to unauthorized electronic surveillance and other forms of statutory and constitutional deficiency.
In another order, Judge Hogan required the government to answer a series of questions after it appeared that the NSA’s surveillance activities went beyond what the court authorized. The order shows that, though the FISC approved years-long surveillance, government officials knowingly collected information about individuals that the court never approved.
The court expressed concern that the “government has not yet provided a full account of non-compliance in this case.” Although the particular concerns the court had with the government are redacted, the court appeared frustrated by the fact that it had been kept in the dark for so long:
It is troubling that, for many years, NSA failed to disclose the actual scope of its surveillance, with the result that it lacked authorization for some of the surveillance that it conducted. It is at least troubling that, once the NSA and the Department of Justice had finally recognized that unauthorized surveillance was being conducted, they failed to take prompt measures to discontinue the surveillance, or even to obtain prospective authorization for the already-ongoing collection.
As a result, the court ordered the government to respond to several questions: How and why was the surveillance allowed to continue after officials realized it was likely unauthorized? What steps were being taken to prevent something like it from happening again? What steps were officials taking to identify the information the government obtained through the unauthorized surveillance?
The court wrote that it would examine the government’s responses “and determine whether a hearing is required to complete the record on these issues.”
In another order with its date redacted, Judge Hogan describes a case in which the FBI used some ambiguous language in an earlier order to conduct surveillance that the court did not authorize.
Although the specifics of the incident are unclear, it appears as though the FISC had previously authorized surveillance of a particular target and identified certain communications providers—such as those that provide email, phone, or messaging services—in the order that would be surveilled. The FBI later informed the court that it had engaged in “roving electronic surveillance” and targeted other communications providers. The court was concerned that the roving surveillance “may have exceeded the scope of the authorization reflected” in the earlier order.
Typically, FISA requires that the government identify the “facilities or places” used by a target that it will surveil. However, the law contains a provision that allows the government to engage in “roving electronic surveillance,” which is when the court allows the government to direct surveillance at unspecified communications providers or others that may help follow a target who switches services.
To get an order granting it authority to engage in roving electronic surveillance, the government has to show with specific facts that the surveillance target’s actions may thwart its ability to identify the service or facility the target uses to communicate. For example, the target may frequently change phone numbers or email accounts, making it difficult for the government to identify a specific communications provider.
The problem in this particular case, according to the court, was that the FBI didn’t seek authority to engage in roving electronic surveillance. “The Court does not doubt that it could have authorized” roving electronic surveillance, it wrote. “But the government made no similar request in the above-captioned docket.” Moreover, the government never provided facts that established the target may thwart their ability to identify the service provider.
Although the court was concerned with the government’s unauthorized surveillance, it acknowledged that perhaps its order was not clear and that it “sees no indication of bad faith on the part of the agents or attorneys involved.”
The other opinions released to EFF detail a variety of other orders and opinions issued by the court authorizing various forms of surveillance. Because many are heavily redacted, it is difficult to know precisely what the concern. For example:
Obtaining these FISC opinions is extraordinarily important, both for government transparency and for understanding how the nation’s intelligence agencies have gone beyond what even the secret surveillance court has authorized.
Having successfully pried the majority of these opinions away from the government’s multi-layered regime of secrecy, we are all the more hopeful to receive the rest.
You can review the full set of documents here.
Later this month, all of the three major consumer credit bureaus will be required to offer free credit freezes to all Americans and their dependents. Maybe you’ve been holding off freezing your credit file because your home state currently charges a fee for placing or thawing a credit freeze, or because you believe it’s just not worth the hassle. If that accurately describes your views on the matter, this post may well change your mind.
A credit freeze — also known as a “security freeze” — restricts access to your credit file, making it far more difficult for identity thieves to open new accounts in your name.
Currently, many states allow the big three bureaus — Equifax, Experian and TransUnion — to charge a fee for placing or lifting a security freeze. But thanks to a federal law enacted earlier this year, after Sept. 21, 2018 it will be free to freeze and unfreeze your credit file and those of your children or dependents throughout the United States.
KrebsOnSecurity has for many years urged readers to freeze their files with the big three bureaus, as well as with a distant fourth — Innovis — and the NCTUE, an Equifax-operated credit checking clearinghouse relied upon by most of the major mobile phone providers.
There are dozens of private companies that specialize in providing consumer credit reports and scores to specific industries, including real estate brokers, landlords, insurers, debt buyers, employers, banks, casinos and retail stores. A handy PDF produced earlier this year by the Consumer Financial Protection Bureau (CFPB) lists all of the known entities that maintain, sell or share credit data on U.S. citizens.
The CFPB’s document includes links to Web sites for 46 different consumer credit reporting entities, along with information about your legal rights to obtain data in your reports and dispute suspected inaccuracies with the companies as needed. My guess is the vast majority of Americans have never heard of most of these companies.
Via numerous front-end Web sites, each of these mini credit bureaus serve thousands or tens of thousands of people who work in the above mentioned industries and who have the ability to pull credit and other personal data on Americans. In many cases, online access to look up data through these companies is secured by nothing more than a username and password that can be stolen or phished by cybercrooks and abused to pull privileged information on consumers.
In other cases, it’s trivial for anyone to sign up for these services. For example, how do companies that provide background screening and credit report data to landlords decide who can sign up as a landlord? Answer: Anyone can be a landlord (or pretend to be one).
The truly scary part? Access to some of these credit lookup services is supposed to be secured behind a login page, but often isn’t. Consider the service pictured below, which for $44 will let anyone look up the credit score of any American who hasn’t already frozen their credit files with the big three. Worse yet, you don’t even need to have accurate information on a target — such as their Social Security number or current address.
KrebsOnSecurity was made aware of this particular portal by Alex Holden, CEO of Milwaukee, Wisc.-based cybersecurity firm Hold Security LLC [full disclosure: This author is listed as an adviser to Hold Security, however this is and always has been a volunteer role for which I have not been compensated].
Holden’s wife Lisa is a mortgage broker, and as such she has access to a more full-featured version of the above-pictured consumer data lookup service (among others) for the purposes of helping clients determine a range of mortgage rates available. Mrs. Holden said the version of this service that she has access to will return accurate, current and complete credit file information on consumers even if one enters a made-up SSN and old address on an individual who hasn’t yet frozen their credit files with the big three.
“I’ve noticed in the past when I do a hard pull on someone’s credit report and the buyer gave me the wrong SSN or transposed some digits, not only will these services give me their credit report and full account history, it also tells you what their correct SSN is,” Mrs. Holden said.
With Mr. Holden’s permission, I gave the site pictured above an old street address for him plus a made-up SSN, and provided my credit card number to pay for the report. The document generated by that request said TransUnion and Experian were unable to look up his credit score with the information provided. However, Equifax not only provided his current credit score, it helpfully corrected the false data I entered for Holden, providing the last four digits of his real SSN and current address.
“We assume our credit report is keyed off of our SSN or something unique about ourselves,” Mrs. Holden said. “But it’s really keyed off your White Pages information, meaning anyone can get your credit report if they are in the know.”
I was pleased to find that I was unable to pull my own credit score through this exposed online service, although the site still charged me $44. The report produced simply said the consumer in question had requested that access to this information be restricted. But the real reason was simply that I’ve had my credit file frozen for years now.
Many media outlets are publishing stories this week about the one-year anniversary of the breach at Equifax that exposed the personal and financial data on more than 147 million people. But it’s important for everyone to remember that as bad as the Equifax breach was (and it was a total dumpster fire all around), most of the consumer data exposed in the breach has been for sale in the cybercrime underground for many years on a majority of Americans — including access to consumer credit reports. If anything, the Equifax breach may have simply helped ID thieves refresh some of those criminal data stores.
It costs $35 worth of bitcoin through this cybercrime service to pull someone’s credit file from the three major credit bureaus. There are many services just like this one, which almost certainly abuse hacked accounts from various industries that have “legitimate” access to consumer credit reports.
According to the U.S. Federal Trade Commission, when the new law takes effect on September 21, Equifax, Experian and TransUnion must each set up a webpage for requesting fraud alerts and credit freezes.
The law also provides additional ID theft protections to minors. Currently, some state laws allow you to freeze a child’s credit file, while others do not. Starting Sept. 21, no matter where you live you’ll be able to get a free credit freeze for kids under 16 years old.
Identity thieves can and often do target minors, but this type of fraud usually isn’t discovered until the affected individual tries to apply for credit for the first time, at which point it can be a long and expensive road to undo the mess. As such, I would highly recommend that readers who have children or dependents take full advantage of this offering once it’s available for free nationwide.
In addition, the law requires the big three bureaus to offer free electronic credit monitoring services to all active duty military personnel. It also changes the rules for “fraud alerts,” which currently are free but only last for 90 days. With a fraud alert on your credit file, lenders or service providers should not grant credit in your name without first contacting you to obtain your approval — by phone or whatever other method you specify when you apply for the fraud alert.
Under the new law, fraud alerts last for one year, but consumers can renew them each year. Bear in mind, however, that while lenders and service providers are supposed to seek and obtain your approval if you have a fraud alert on your file, they’re not legally required to do this.
A key unanswered question about these changes is whether the new dedicated credit bureau freeze sites will work any more reliably than the current freeze sites operated by the big three bureaus. The Web and social media are littered with consumer complaints — particularly over the past year — about the various freeze sites freezing up and returning endless error messages, or simply discouraging consumers from filing a freeze thanks to insecure Web site components.
It will be interesting to see whether these new freeze sites will try to steer consumers away from freezes and toward other in-house offerings, such as paid credit reports, credit monitoring, or “credit lock” services. All three big bureaus tout their credit lock services as an easier and faster alternative to freezes.
According to a recent post by CreditKarma.com, consumers can use these services to quickly lock or unlock access to credit inquiries, although some bureaus can take up to 48 hours. In contrast, they can take up to five business days to act on a freeze request, although in my experience the automated freeze process via the bureaus’ freeze sites has been more or less instantaneous (assuming the request actually goes through).
TransUnion and Equifax both offer free credit lock services, while Experian’s is free for 30 days and $19.99 for each additional month. However, TransUnion says those who take advantage of their free lock service agree to receive targeted marketing offers. What’s more, TransUnion also pushes consumers who sign up for its free lock service to subscribe to its “premium” lock services for a monthly fee with a perpetual auto-renewal.
Unsurprisingly, the bureaus’ use of the term credit lock has confused many consumers; this was almost certainly by design. But here’s one basic fact consumers should keep in mind about these lock services: Unlike freezes, locks are not governed by any law, meaning that the credit bureaus can change the terms of these arrangements when and if it suits them to do so.
If you’d like to go ahead with freezing your credit files now, this Q&A post from the Equifax breach explains the basics, and includes some other useful tips for staying ahead of identity thieves. Otherwise, check back here later this month for more details on the new free freeze sites.
Bruce Schneier argues that governments must step in now to force companies developing connected gadgets to make security a priority rather than an afterthought. Schneier made these arguments in his new book titled, Click Here to Kill Everybody which is on sale now. Here's an excerpt from his interview with MIT Technology Review: Technology Review: So what do we need to do to make the Internet+ era safer? Schneier: There's no industry that's improved safety or security without governments forcing it to do so. Again and again, companies skimp on security until they are forced to take it seriously. We need government to step up here with a combination of things targeted at firms developing internet-connected devices. They include flexible standards, rigid rules, and tough liability laws whose penalties are big enough to seriously hurt a company's earnings. Technology Review: But won't things like strict liability laws have a chilling effect on innovation? Schneier: Yes, they will chill innovation -- but that's what's needed right now! The point is that innovation in the Internet+ world can kill you. We chill innovation in things like drug development, aircraft design, and nuclear power plants because the cost of getting it wrong is too great. We're past the point where we need to discuss regulation versus no-regulation for connected things; we have to discuss smart regulation versus stupid regulation. Technology Review: There's a fundamental tension here, though, isn't there? Governments also like to exploit vulnerabilities for spying, law enforcement, and other activities. Schneier: Governments are certainly poachers as well as gamekeepers. I think we'll resolve this long-standing tension between offense and defense eventually, but it's going to be a long, hard slog to get there.
Read more of this story at Slashdot.
The reason Pluto lost its planet status is not valid, according to new research from the University of Central Florida in Orlando. From a report: In 2006, the International Astronomical Union, a global group of astronomy experts, established a definition of a planet that required it to "clear" its orbit, or in other words, be the largest gravitational force in its orbit. Since Neptune's gravity influences its neighboring planet Pluto, and Pluto shares its orbit with frozen gases and objects in the Kuiper belt, that meant Pluto was out of planet status. However, in a new study published online Wednesday in the journal Icarus, UCF planetary scientist Philip Metzger, who is with the university's Florida Space Institute, reported that this standard for classifying planets is not supported in the research literature. Metzger, who is lead author on the study, reviewed scientific literature from the past 200 years and found only one publication -- from 1802 -- that used the clearing-orbit requirement to classify planets, and it was based on since-disproven reasoning. He said moons such as Saturn's Titan and Jupiter's Europa have been routinely called planets by planetary scientists since the time of Galileo. "The IAU definition would say that the fundamental object of planetary science, the planet, is supposed to be a defined on the basis of a concept that nobody uses in their research," Metzger said. "And it would leave out the second-most complex, interesting planet in our solar system." "We now have a list of well over 100 recent examples of planetary scientists using the word planet in a way that violates the IAU definition, but they are doing it because it's functionally useful," he said. "It's a sloppy definition," Metzger said of the IAU's definition. "They didn't say what they meant by clearing their orbit. If you take that literally, then there are no planets, because no planet clears its orbit."
Read more of this story at Slashdot.
Stan Rehm writes, "An uncommonly sensible new policy in Los Angeles libraries now allows children with overdue book fees to 'read off' their fines in the library." (more…)
The National Academies Press has released a 156-page report, called "Securing the Vote: Protecting American Democracy," concluding that blockchains are not safe for the U.S. election system. "While the notion of using a blockchain as an immutable ballot box may seem promising, blockchain technology does little to solve the fundamental security issues of elections, and indeed, blockchains introduce additional security vulnerabilities," the report states. "In particular, if malware on a voter's device alters a vote before it ever reaches a blockchain, the immutability of the blockchain fails to provide the desired integrity, and the voter may never know of the alteration." The report goes on to say that "Blockchains do not provide the anonymity often ascribed to them." It continues: "In the particular context of elections, voters need to be authorized as eligible to vote and as not having cast more than one ballot in the particular election. Blockchains do not offer means for providing the necessary authorization. [...] If a blockchain is used, then cast ballots must be encrypted or otherwise anonymized to prevent coercion and vote-selling." The New York Times summarizes the findings: The cautiously worded report calls for conducting all federal, state and local elections on paper ballots by 2020. Its other top recommendation would require nationwide use of a specific form of routine postelection audit to ensure votes have been accurately counted. The panel did not offer a price tag for its recommended overhaul. New York University's Brennan Center has estimated that replacing aging voting machines over the next few years could cost well over $1 billion. The 156-page report [...] bemoans a rickety system compromised by insecure voting equipment and software whose vulnerabilities were exposed more than a decade ago and which are too often managed by officials with little training in cybersecurity. Among its specific recommendations was a mainstay of election reformers: All elections should use human-readable paper ballots by 2020. Such systems are intended to assure voters that their vote was recorded accurately. They also create a lasting record of "voter intent" that can be used for reliable recounts, which may not be possible in systems that record votes electronically. [...] The panel also calls for all states to adopt a type of post-election audit that employs statistical analysis of ballots prior to results certification. Such "risk-limiting" audits are designed to uncover miscounts and vote tampering. Currently only three states mandate them.
Read more of this story at Slashdot.
James Rhodes, a pianist, performed a Bach composition for his Youtube channel, but it didn't stay up -- Youtube's Content ID system pulled it down and accused him of copyright infringement because Sony Music Global had claimed that they owned 47 seconds' worth of his personal performance of a song whose composer has been dead for 300 years. (more…)
The Five Eyes, the intelligence alliance between the U.S., U.K., Canada, Australia, and New Zealand, issued a statement warning they believe "privacy is not absolute" and tech companies must give law enforcement access to encrypted data or face "technological, enforcement, legislative or other measures to achieve lawful access solutions." Slashdot reader Bismillah shares a report: The governments of Australia, United States, United Kingdom, Canada and New Zealand have made the strongest statement yet that they intend to force technology providers to provide lawful access to users' encrypted communications. At the Five Country Ministerial meeting on the Gold Coast last week, security and immigration ministers put forward a range of proposals to combat terrorism and crime, with a particular emphasis on the internet. As part of that, the countries that share intelligence with each other under the Five-Eyes umbrella agreement, intend to "encourage information and communications technology service providers to voluntarily establish lawful access solutions to their products and services." Such solutions will apply to products and services operated in the Five-Eyes countries which could legislate to compel their implementation. "Should governments continue to encounter impediments to lawful access to information necessary to aid the protection of the citizens of our countries, we may pursue technological, enforcement, legislative or other measures to achieve lawful access solutions," the Five-Eyes joint statement on encryption said.
Read more of this story at Slashdot.
The Shining is a brilliant film, and it’s a scary film, and those two things are for the same reason.
On the surface, the world of agile software development is bright, since it is now mainstream. But the reality is troubling, because much of what is done is faux-agile, disregarding agile's values and principles, writes programmer Martin Fowler. The three main challenges we should focus on are: fighting the Agile Industrial Complex and its habit of imposing process upon teams, raising the importance of technical excellence, and organizing our teams around products (rather than projects), he added. An anonymous reader shares his post: Now agile is everywhere, it's popular, but there's been an important shift. It was summed up quite nicely by a colleague of mine who said, "In the old days when we talked about doing agile, there was always this pushback right from the beginning from a client, and that would bring out some important conversations that we would have. Now, they say, 'Oh, yeah, we're doing agile already,' but you go in there and you suddenly find there's some very big differences to what we expect to be doing. As ThoughtWorks, we like to think we're very deeply steeped in agile notions, and yet we're going to a company that says, "Yeah, we're doing agile, it's no problem," and we find a very different world to what we expect. Our challenge at the moment isn't making agile a thing that people want to do, it's dealing with what I call faux-agile: agile that's just the name, but none of the practices and values in place. Ron Jeffries often refers to it as "Dark Agile," or specifically "Dark Scrum." This is actually even worse than just pretending to do agile, it's actively using the name "agile" against the basic principles of what we were trying to do, when we talked about doing this kind of work in the late 90s and at Snowbird. So that's our current battle. It's not about getting agile respectable enough to have a crowd like this come to a conference like this, it's realizing that a lot of what people are doing and calling agile, just isn't. We have to recognize that and fight against it because some people have said, "Oh, we're going to 'post-agile,' we've got to come up with some new word," - but that doesn't help the fundamental problem. It's the values and principles that count and we have to address and keep pushing those forwards and we might as well use the same label, but we've got to let people know what it really stands for.
Read more of this story at Slashdot.
An anonymous reader quotes a report from the BBC: [A new study] identified two areas of the brain that determine whether we are more likely to get on with a task or continually put it off. Researchers used a survey and scans of 264 people's brains to measure how proactive they were. Experts say the study, in Psychological Science, underlines procrastination is more about managing emotions than time. It found that the amygdala -- an almond-shaped structure in the temporal (side) lobe which processes our emotions and controls our motivation -- was larger in procrastinators. In these individuals, there were also poorer connections between the amygdala and a part of the brain called the dorsal anterior cingulate cortex (DACC). The DACC uses information from the amygdala and decides what action the body will take. It helps keep the person on track by blocking out competing emotions and distractions. The researchers suggest that procrastinators are less able to filter out interfering emotions and distractions because the connections between the amygdala and the DACC in their brains are not as good as in proactive individuals.
Read more of this story at Slashdot.
An anonymous reader quotes Motherboard: Less than 24 hours after a software developer revoked access to Lerna, a popular open-source software management program, for any organization that contracted with U.S. immigrations and Customs Enforcement, access has been restored for any organization that wishes to use it and the developer has been removed from the project... The modified version specifically banned 16 organizations, including Microsoft, Palantir, Amazon, Northeastern University, Johns Hopkins University, Dell, Xerox, LinkedIn, and UPS... Although open-source developer Jamie Kyle acknowledged that it's "part of the deal" that anyone "can use open source for evil," he told me he couldn't stand to see the software he helped develop get used by companies contracting with ICE. Kyle's modification of Lerna's license was originally assented to by other lead developers on the project, but the decision polarized the open-source community. Some applauded his principled stand against ICE's human rights violations, while others condemned his violation of the spirit of open-source software. Eric Raymond, the founder of the Open Source Initiative and one of the authors of the standard-bearing Open Source Definition, said Kyle's decision violated the fifth clause of the definition, which prohibits discrimination against people or groups. "Lerna has defected from the open-source community and should be shunned by anyone who values the health of that community," Raymond wrote in a blog post on his website. The core contributor who eventually removed Kyle also apologized for Kyle's licensing change, calling it a "rash decision" (which was also "unenforceable.") Eric Raymond had called the decision "destructive of one of the deep norms that keeps the open source community functional -- keeping politics separated from our work."
Read more of this story at Slashdot.
"Almost 25 years after it was released, Doom 2 has finally given up its last secret..." writes Polygon. An anonymous reader quotes their report: It's secret No. 4 on Map 15 (Industrial Zone). Now, the area in question has been known, seen and accessed by other means (usually a noclip cheat code). Getting to it without a cheat appears to be deliberately impossible, according to Doom co-creator John Romero. Romero tweeted out congratulations to the solution's discoverer, Zero Master. Zero Master figured out that the way to trigger the secret was to be pushed into the secret area by an enemy (in this case, a Pain Elemental). Apparently the secret sector was an area just below the floor of a teleporter -- but entering that teleporter meant players rose up to the level of the teleporter's floor, according to Romero, so "you never enter the sector... you would never get inside the teleporter sector to trigger the secret." One Reddit user notes Zero Master "has the first legit Doom 2 100% save file on earth, after 24 years."
Read more of this story at Slashdot.
An appeals court has upheld a Federal Communications Commission ruling that broadband markets can be competitive even when there is only one Internet provider. From a report: The FCC "rationally chose which evidence to believe among conflicting evidence," the court ruling said. The FCC voted last year to eliminate price caps imposed on some business broadband providers such as AT&T and Verizon. The FCC decision eliminated caps in any given county if 50 percent of potential customers "are within a half mile of a location served by a competitive provider." This is known as the "competitive market test." Because of this, broadband-using businesses might not benefit from price controls even if they have just one choice of ISP.
Read more of this story at Slashdot.
It's been 27 years since Linus Torvalds let a group of people know about his "hobby" OS. OMGUbuntu blog writes: Did you know that Linux, like Queen Elizabeth II, actually has two birthdays? Some FOSS fans consider the first public release of (prototype) code, which dropped on October 5, 1991, as more worthy of being the kernel's true anniversary date. Others, ourselves included, take today, August 25, as the "birth" date of the project. And for good reason. This is the day on which, back in 1991, a young Finnish college student named Linus Torvalds sat at his desk to let the folks on comp.os.minix newsgroup know about the "hobby" OS he was working on. The "hobby OS" that wouldn't, he cautioned, be anything "big" or "professional." Even as Linux continues to have lion's share in the enterprise world, it has only managed to capture a tiny fraction of the consumer space. Further reading: Ask Slashdot: Whatever Happened To the 'Year of Linux on Desktop'? Which Linux-based distro do you use? What changes, if any, would you like to see in it in the next three years?
Read more of this story at Slashdot.
A way for submerged submarines to communicate with planes has been developed by researchers at MIT. From a report: At present, it is difficult for planes to pick up underwater sonar signals because they reflect off the water's surface and rarely break through. The researchers found an extremely high-frequency radar could detect tiny ripples in water, created by an ordinary underwater speaker. This could let lost flight recorders and submarines communicate with planes. Submarines communicate using sonar waves, which travel well underwater but struggle to break through the surface. Planes communicate using radio signals that do not travel well in water. At present, submarines can surface to send messages - but this risks revealing their location. Sometimes, buoys are used to receive sonar signals and translate them into radio signals. "Trying to cross the air-water boundary with wireless signals has been an obstacle," said Fadel Adib, from the MIT Media Lab. The system developed at MIT uses an underwater speaker to aim sonar signals directly at the water's surface, creating tiny ripples only a few micrometres in height. These ripples can be detected by high-frequency radar above the water and decoded back into messages.
Read more of this story at Slashdot.
Watery planets beyond the Solar System may be more common than previously thought, making up 35 percent of exoplanets two to four times the size of the Earth. According to a new study, data from the Kepler Space Telescope and the Gaia mission indicate that many planets are made up of half water by mass as opposed to the 0.02 percent water that the Earth has... Continue Reading Watery exoplanets may be common, but not very friendly
"A new attack named VORACLE can recover HTTP traffic sent via encrypted VPN connections under certain conditions," reports Bleeping Computer, citing research presented last week at the Black Hat and DEF CON security conferences. An anonymous reader writes: The conditions are that the VPN service/client uses the OpenVPN protocol and that the VPN app compresses the HTTP traffic before it encrypts it using TLS. To make matters worse, the OpenVPN protocol compresses all data by default before sending it via the VPN tunnel. At least one VPN provider, TunnelBear, has now updated its client to turn off the compression. [UPDATE: ExpressVPN has since also disabled compression to prevent VORACLE attacks.] HTTPS traffic is safe, and only HTTP data sent via the VPN under these conditions can be recovered. Users can also stay safe by switching to another VPN protocol if their VPN client suppports multiple tunneling technologies. In response to the security researcher's report, the OpenVPN project "has decided to add a more explicit warning in its documentation regarding the dangers of using pre-encryption compression."
Read more of this story at Slashdot.
TIL that there was a rumor that Stephen Hawking would deliberately run over the toes of people he didn’t like. He denied this rumor by stating it was “A Malicious rumor” and “I’ll run over anyone who repeats it”. [Published articles]
Hey, it's HighScalability time:
The amazing Zoomable Universe from 10^27 meters—about 93 billion light-years—down to the subatomic realm, at 10^-35 meters.
Do you like this sort of Stuff? Please lend me your support on Patreon. It would mean a great deal to me. And if you know anyone looking for a simple book that uses lots of pictures and lots of examples to explain the cloud, then please recommend my new book: Explain the Cloud Like I'm 10. They'll love you even more.
Rosinkranz is Icelandic but lives in Berlin now. He made NES.party a year ago while experimenting with WebRTC and WebSockets and he updated his software to support the SNES.
“The reason I made it was simply because I discovered how advanced the RTC implementation in Chrome had become and wanted to do something with it,” he said. “When I discovered that it’s possible to take a video element and stream it over the network I just knew I had to do something cool with this and I came up with the idea of streaming emulators.”
He said it took him six months to build the app and a month to add NES support.
“It’s hard to say how long it took because I basically created my own framework for web applications that need realtime communication between one or more participants,” he said. He is a freelance programmer.
It’s a clever hack that could add a little fun to your otherwise dismal day. Feel like a little Link to the Past? Pop over here and let’s play!
“I keep telling you, they’re not prophecies - they’re science fiction!” Chaplain Kevin le Guin raised his hands in exasperation as the Officers on the bridge looked on.
Captain Xan nodded with solemnity, his dorsal tendrils drifting as though on a half-second delay, “Indeed, the religions of Kanxar history had many different names for their predictions of the future, yet none of them stood the test of time like your proph- your science fiction.”
“But we never created them to predict the future, they were just stories, sometimes they explored futures that we hoped for or feared, but they weren’t prophecies...” he faltered as he caught a glimpse of starlight in the bow window, distorted by the warp bubble.
Science Officer Feldrun took the chance to interject, raising a paw to draw Kevin’s attention, “You speak of possible futures, presumably this is a reflection of the many parallel time streams such as those traversed by your mythical heroes, Doctors Brown and McFly. How do you go about mapping these futures? Does each quantum event create a new branch, or are you able to condense similar futures together?”
“No, no, it’s not like that at all.” Kevin tapped his glass, then took a sip of the freshly materialized water to calm himself, “We don’t have any special perception of time. We’ve just gotten lucky with stories we used to tell each other. There’s nothing more interesting than that.”
Each species on the bridge looked downcast in their own way - tendrils, spines and whiskers lost their excited tension as focus was returned to the instruments. The Captain was the first to break to awkward silence, “So what will the service be tonight, Chaplain? Perhaps a reading from the Hitchhiker's Guide, or might we take a lesson from the voyage of the Galactica?”
“Galactica, I think. You’ll enjoy the next episode, the-” an explosion rocked the bridge, sparks flashed from the panels as the crew were thrown from their stations.
Feldrun was back on her feet in a moment, swatting through information, “We’ve been taken out of warp, there appears to be a ship to starboard sending a message - on screen now, sir.”
It was a metallic cube, covered with geometric patterns and glowing green lights, an expressionless voice spoke, “We are the Blork. Your biological and technological distinctiveness will be added to our own. It is futile to resist.”
“Captain,” Kevin spoke hesitantly, “I think I may have a few ideas.”
More than ever, the Kansas City Public Library is central to the lives of the individuals, families, and communities it serves. From early childhood literacy to outreach for the elderly and disabled. From access to computers and the internet to civic and community engagement. On November 6, we are asking voters to authorize an 8-cent increase in the property tax based operating levy – the first such request in 22 years – to maintain and modernize facilities and sustain and enhance essential services.
The current level of funding, set in 1996, is no longer sufficient to sustain operations at the Library system’s 10 locations and the current level of on-site and online services they provide. Demand in the community is great, as reflected by the more than 4 million visitors to the Library in 2017-18. Levy funds supporting its operations and services have grown by less than 1 percent annually over the past decade, failing to keep pace with residents’ rising needs.
Did You Know?
You can register to vote or update your voter registration at any Kansas City Public Library location! More info here.
Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies won the Distinguished Paper prize at this year's Usenix Security Conference; its authors, researchers at Belgium's Catholic University in Leuven, revealed a host of devastating, never-seen tracking techniques for identifying web-users who were using privacy tools supplied by browser-vendors and third-party tracking-blocking tools. (more…)
Update August 10, 2018: Google has confirmed that it has removed Topple Track from its Trusted Copyright Removal Program membership due to a pattern of problematic notices.
Symphonic Distribution (which runs Topple Track) contacted EFF to apologize for the improper takedown notices. It said that “bugs within the system that resulted in many whitelisted domains receiving these notices unintentionally.” Symphonic Distribution said that it had issued retraction notices and that it was working to resolve the issue. While we appreciate the apology, we are skeptical that its system is fixable, at least via whitelisting domains. Given the sheer volume of errors, the problem appears to be with Topple Track’s search algorithm and lack of quality control, not just with which domains they search.
At EFF, we often write about abuse of the Digital Millennium Copyright Act (DMCA) takedown process. We even have a Hall of Shame collecting some of the worst offenders. EFF is not usually the target of bad takedown notices, however. A company called Topple Track has been sending a slew of abusive takedown notices, including false claims of infringement levelled at news organizations, law professors, musicians, and yes, EFF.
Once we identify pirated content we send out automated DMCA takedown requests to Google to remove the URLs from their search results and/or the website operators. Links and files are processed and removed as soon as possible because of Topple Track’s relationship with Google and file sharing websites that are most commonly involved in the piracy process.
In practice, Topple Track is a poster child for the failure of automated takedown processes.
Topple Track’s recent DMCA takedown notices target so much speech it is difficult to do justice to the scope of expression it has sought to delist. A sample of recent improper notices can be found here, here, here, and here. Each notice asks Google to delist a collection of URLs. Among others, these notices improperly target:
Other targets include an article about the DMCA in the NYU Law Review, an NBC News article about anti-virus scams, a Variety article about the Drake-Pusha T feud, and the lyrics to ‘Happier’ at Ed Sheeran’s official website. It goes on and on. If you search for Topple Track’s DMCA notices at Lumen, you’ll find many more examples.
The DMCA requires that the sender of a takedown notice affirm, under the penalty of perjury, that the sender has a good faith belief that the targeted sites are using the copyrighted material unlawfully. Topple Track’s notices are sent on behalf of a variety of musicians, mostly hip-hop artists and DJs. We can identify no link—let alone a plausible claim of infringement—between the pages mentioned above and the copyrighted works referenced in Topple Track’s takedown notices.
The notice directed at an EFF page alleges infringement of “My New Boy” by an artist going by the name “Luc Sky.” We couldn’t find any information about this work online. Assuming this work exists, it certainly isn’t infringed by an out-of-date case page that has been languishing on our website for more than eight years. Nor is it infringed by Eric Goldman’s blog post (which has more recent news about the EMI v MP3Tunes litigation).
EMI v. MP3Tunes was a case about a now-defunct online storage service called MP3Tunes. The record label EMI sued the platform for copyright infringement based on the alleged actions of some of its users. But none of this has any bearing on Luc Sky. MP3Tunes has been out of business for years.
It is important to remember than even the most ridiculous takedown notices can have real consequences. Many site owners will never even learn that their URL was targeted. For those that do get notice, very few file counternotices. These users may get copyright strikes and thereby risk broader disruptions to their service. Even if counternotices are filed and processed fairly quickly, material is taken down or delisted in the interim. In Professor Goldman’s case, Google also disabled AdSense on the blog post until his counternotice became effective.
We cannot comprehend how Topple Track came to target EFF or Eric Goldman on behalf of Luc Sky. But given the other notices we reviewed, it does not appear to be an isolated error. Topple Track’s customers should also be asking questions. Presumably they are paying for this defective service.
While Topple Track is a particularly bad example, we have seen many other cases of copyright robots run amok. We reached out to Google to ask if Topple Track remains part of its trusted copyright program but did not hear back. At a minimum, it should be removed from any trusted programs until it can prove that it has fixed its problems.
“…I went from being told what to do and having every action monitored to being able to do whatever I wanted, and somewhere along the way my impulse control went to hell.”
Rogue Protocol is the third Murderbot novella by acclaimed author Martha Wells, following directly on from Artificial Condition. The rogue Security Unit (SecUnit) that calls itself Murderbot and answers to no human authority has answered some questions about its past. Now it has decided to answer some questions about GrayCris, the corporation that nearly killed most of its clients in All Systems Red.
Some spoilers follow.
Murderbot claims not to like humans at all, and to want to spend all its time watching entertainment media—its favourite is The Rise and Fall of Sanctuary Moon—but it worries about Dr. Mensah and her team. Information about GrayCris’s nefarious activities might speed up the legal proceedings that are preventing Mensah and company from returning to their homes in PreservationAux, so Murderbot decides to go get that information. Purely so that it can stop worrying, you understand.
(Murderbot is a very anxious sort of construct. People looking at it is distressing for it. And for all its ability with violence, and its claims that it’s very different to humans, really, no seriously—it’s a very human character. Intensely relatable.)
“I needed to have an emotion in private.”
Murderbot arrives at a distant, barely-inhabited station (after spending several days in transit with humans who—since Murderbot was masquerading as a security consultant—kept looking to Murderbot to solve all their problems), near a terraforming project that GrayCris has abandoned for probably nefarious reasons. A salvage company has acquired the rights to that project, and a small team is about to set out for the terraforming platform. The team includes a bot called Miki, who has never been hurt or lied to by a human, and who refers to the humans on the team as its friends. Murderbot finds its cheerfulness annoying and frustrating—and has other more complicated feelings about Miki’s relationship with its humans—but enlists its help in order to get to the terraforming platform.
It turns out that the terraforming platform is a dangerous place. Although Murderbot is really only there to gather information, when the human salvage team runs into danger in the form of deadly combat bots—apparently roaming the abandoned terraforming platform intent on killing anything that comes in range—Murderbot feels compelled to go to their rescue. (Empathy, it appears, is really inconvenient.) Worse is to come: the salvage team’s human security consultants turn out to be there to kill them, not protect them. It’s up to Murderbot—who’d rather not be responsible for it—to save the day.
Wells’ characterisation is pitch-perfect. Murderbot’s voice is darkly—and frequently not-so-darkly—funny, and Murderbot itself is a deeply appealing character. Other characters, as is appropriate for a writer of Wells’ talents, feel like fully formed individuals with lives and goals of their own, despite how little time the reader spends in their company. The pacing is excellent, tension mounting to an explosive conclusion, and like all of Wells’ work, it has atmosphere in spades.
And thematically, it’s about what it means to be human, and the nature of responsibility.
I really enjoyed this instalment of the adventures of Murderbot. I’m looking forward to Exit Strategy, the next novella, and to the recently-announced forthcoming Murderbot novel. The world needs more Murderbot, because Murderbot is delightful.
Liz Bourke is a cranky queer person who reads books. She holds a Ph.D in Classics from Trinity College, Dublin. Her first book, Sleeping With Monsters, a collection of reviews and criticism, was published in 2017 by Aqueduct Press. It was a finalist for the 2018 Locus Awards and is nominated for a Hugo Award in Best Related Work. Find her at her blog, where she’s been known to talk about even more books thanks to her Patreon supporters. Or find her at her Twitter. She supports the work of the Irish Refugee Council, the Transgender Equality Network Ireland, and the Abortion Rights Campaign.
If you have an old Kindle e-reader lying about then you’d best dig it up. This cool hack can turn your dead e-reader into a living clock that scours hundreds of books for exact times and displays the current time in a quote. It updates once a minute.
The project, available on Instrucables, requires a jailbroken Kindle and little else. The app uses quotes collected by the Guardian for an art project and includes writing from Charles Bukowski to Shakespeare.
Creator Jaap Meijers writes:
My girlfriend is a *very* avid reader. As a teacher and scholar of English literature, she reads eighty books per year on average.
On her wishlist was a clock for our living room. I could have bought a wall clock from the store, but where is the fun in that? Instead, I made her a clock that tells the time by quoting time indications from literary works, using an e-reader as display, because it’s so incredibly appropriate :-)
Given that our family is apparently on our fifteenth Kindle in the household it only makes sense to repurpose one of these beasts into something useful. Don’t have a Kindle? You can visit a web-based version here.
The FCC has come clean on the fact that a purported hack of its comment system last year never actually took place, after a report from its inspector general found a lack of evidence supporting the idea. Chairman Ajit Pai blamed the former chief information officer and the Obama administration for providing “inaccurate information about this incident to me, my office, Congress, and the American people.”
The semi-apology and finger-pointing are a disappointing conclusion to the year-long web of obfuscation that the FCC has woven. Since the first moment it was reported that there was a hack of the system, there have been questions about the nature, scale and response to it that the FCC has studiously avoided even under direct Congressional questioning.
It was so galling to everyone looking for answers that the GAO was officially asked to look into it. The letter requesting the office’s help at the time complained that the FCC had “not released any records or documentation that would allow for confirmation that an attack occurred, that it was effectively dealt with, and that the FCC has begun to institute measures to thwart future attacks and ensure the security of its systems.” That investigation is still going on, but one conducted by the FCC’s own OIG resulted in the report Pai cites.
The former CIO, David Bray, was the origin of the theory, but emails obtained by American Oversight in June show that evidence for it and a similar claim from 2014 were worryingly thin. Nevertheless, the FCC has continuously upheld the idea that it was under attack and has never publicly walked it back.
Pai’s statement was issued before the OIG publicized its report, as one does when a report is imminent that essentially says your agency has been clueless at best or deliberately untruthful at worst, and for more than a year. To be clear, the report is still unpublished, though its broader conclusions are clear from Pai’s statement. In it he slathers Bray with the partisan brush and asserts that the report exonerates his office:
I am deeply disappointed that the FCC’s former [CIO], who was hired by the prior Administration and is no longer with the Commission, provided inaccurate information about this incident to me, my office, Congress, and the American people. This is completely unacceptable. I’m also disappointed that some working under the former CIO apparently either disagreed with the information that he was presenting or had questions about it, yet didn’t feel comfortable communicating their concerns to me or my office.
On the other hand, I’m pleased that this report debunks the conspiracy theory that my office or I had any knowledge that the information provided by the former CIO was inaccurate and was allowing that inaccurate information to be disseminated for political purposes.
Although an evaluation of Pai’s “conspiracy theory” idea must wait until the report is public, it’s hard to square this pleasure of the chairman’s with the record. At any time in the last year, especially after Bray had departed, it would have been, if not simple, then at least simpler than maintaining its complex act of knowledgelessness, to say that the CIO had made an error and there was no attack. Nothing like that has come out of the agency.
One must assume the agency had reviewed the data. Bray left a long time ago; why did these subordinates of his fail to speak out afterwards? If the FCC had its doubts, why did it not say so instead of risking withering criticism by avoiding the question for months on end? When and why did Pai or his office develop the idea that the report was inaccurate, if not when it was being disseminated? These aren’t trivial questions.
Some of the FCC’s reticence to speak out may have even been explained as part of the request by the inspector general not to discuss the investigation. That’s an easy out, at least for some of the time! But we haven’t heard that, that I know of at least, and it doesn’t explain the rest of the agency’s silence or misleading statements.
FCC Commissioner Jessica Rosenworcel urged everyone to move on with a quickness:
The Inspector General Report tells us what we knew all along: the FCC’s claim that it was the victim of a DDoS attack during the net neutrality proceeding is bogus. What happened instead is obvious—millions of Americans overwhelmed our online system because they wanted to tell us how important internet openness is to them and how distressed they were to see the FCC roll back their rights. It’s unfortunate that this agency’s energy and resources needed to be spent debunking this implausible claim.
Although it’s true that pushing forward is a good idea, some accountability and an explanation for the last year of mystery would also be welcome.
Because it wasn’t a hack, it seems that the comment-filing system, though recently revamped, needs yet another fresh coat of paint to handle the kind of volume it saw during the net neutrality repeal. Plans for that are underway, Pai wrote. The GAO investigation regarding fraud in the comment system will no doubt affect those plans.
I’ve contacted the FCC and its Office of the Inspector General for more information, including the report itself, which is published at the office’s discretion. I will update this post when I hear back.
One of the featured guests at Gen Con this year was Mercedes Lackey, returning for the second Gen Con in a row after she and her husband Larry Dixon were with Zombie Orpheus Entertainment last year. Unfortunately, Larry Dixon was not able to make it this year after all, due to recovering from a shoulder injury. Mercedes Lackey attended her panels on Thursday; however, Friday morning she had to be hospitalized due to an allergic reaction to paint fumes in her recently renovated hotel room. She had to stay overnight at the hospital, but recovered enough to come back to the convention on Sunday, where I caught up with her for a very brief interview.
Me: This is Chris Meadows here with Mercedes Lackey, who I am very happy to see is all right after she gave us all a scare this weekend.
Mercedes Lackey: It’s alive!
Me: This is the second year in a row you’ve been here with Zombie Orpheus Entertainment. That’s kind of unusual.
M.L.: That’s because my husband Larry Dixon is doing screenwriting for them.
Me: So it’s is continuing for the foreseeable future?
M.L.: Oh yes, he’s definitely on The Gamers screenwriting room. Gamers has been rebooted with the old characters coming back; you can get episode zero called “The Gamers: The Shadow Menace.” You can find it on the Zombie Orpheus website and you can find it on Amazon [Prime Streaming Video].
Me: When I spoke to you last year, you said that your Hunter trilogy was not going to go anywhere because Disney wasn’t interested in continuing it further?
M.L.: This is true. Disney only wanted the trilogy. So, unfortunately, unless I can get them to agree to let me publish independently, that’s probably going be it. Unless suddenly it decides to take flight and become an enomous hit again.
Me: You never know.
M.L.: You never know.
Me: But what else do you have planned for these days.
M.L.: Well, the last book of The Secret World Chronicle is out, Avalanche, and it wraps up all of the plot loose ends and a huge number of reveals. So, that’s out in August. And then in October is The Bartered Brides, which is the next Elemental Masters book. That’s another one with Sherlock Holmes and Nan and Sarah, except Sherlock doesn’t appear in this book because it takes place shortly after the infamous at the Reichenbach Falls. And I’m currently working on another book for Disney, which is called Godmother’s Apprentice—at least it’s called that right now—which is more of a standard fantasy. It’s kind of a Disney Princess for young adults rather than little girls, and I’m outlining the next of the Mags [Valdemar] books. This one is [about] his daughter Abby, who is an artificer.
Me: You already did one thing with godmothers back in your Five Hundred Kingdoms books.
M.L.: Right, this is a little different, this is more classic fairy godmothers.
Me: So, apart from the thing with the hotel, how has the con been for you this year?
M.L.: It’s been lots of fun. I’ve had a great time.
Me: It’s kind of like saying, “Apart from that Mrs. Lincoln…”
Me: But do you think you will be back for the next year?
M.L.: I don’t know. We haven’t planned that far ahead.
Me: We’d certainly like to see you.
M.L.: I do know the next convention we’re doing is in the middle of September, it’s Salt Lake Comic Convention. We haven’t been anywhere near there, ever, so it will be a whole new group of fans.
Me: Well, that’s gonna be pretty neat. Have you any further plans for any self published items?
M.L.: No, at this point I have so many contracts to write out that I literally don’t have any time to write anything to self-publish.
Me: I guess it’s better to have too much work than not enough.
M.L.: Oh yeah, we constantly need need to do the mortgage payments still.
Me: Is there anything else you’d like to say before I close it down?
M.L.: Yes, I really really appreciate all the incredible outpouring of concern when I went down. You really know how wonderful the fan community is when there are seven hundred messages on Larry’s Twitter all asking about it.
Me: Well, I think I can speak for all of us fans when I say that I’m really glad that you’re doing well. And I hope we will see you back again here next year.
M.L.: I hope so, too
If you found this post worth reading and want to kick in a buck or two to the author, click here.
One of the hottest debates about the plot of Star Wars: The Last Jedi is the question of hotshot, insubordinate pilot Poe Dameron. Did Poe do anything wrong? Is the beautiful hotshot pilot guilty of doing material harm to the cause of the Resistance, or did he do what any reasonable hero would have done in his…
In its latest round of shareholder disclosures, Wells Fargo admitted that it "unnecessarily foreclosed" on 400-odd householders (that is, stole their houses) and failed to grant loan modifications to 625 qualified borrowers (this is just the latest revelation about Wells Fargo stealing houses); it's also being investigated for its practice of purchasing low-income housing credits. (via Naked Capitalism)
Not a day goes by without someone throwing the term 'fake news' at some media organization. While misinformation and factually inaccurate reporting is undeniably a major global problem, fake news is quickly morphing into something else entirely, and governments around the world are starting to use the phrase as a way to quash dissenting opinions... Continue Reading Opinion: How fake news is being co-opted by governments around the world to suppress dissent
Astronomers discover a bizarre rogue planet wandering the Milky Way. The free-range planet, which is nearly 13 times the mass of Jupiter and does not orbit a star, also displays stunningly bright auroras that are generated by a magnetic field 4 million times stronger than Earth's. [Published articles]
A study, published Friday in the Journal of Economic Behavior and Organization and funded by the European Research Council, suggests that high speed internet access is causing people to lose up to 25 minutes of sleep per night compared to those without high speed internet. From a report: It's the first study to causally link broadband access to sleep deprivation. The so-called "digitalization of the bedroom," defined by our inability to part with our phones/laptops/televisions before bed, has already been linked to various sleep disorders. [...] As the researchers found, high speed internet access "promotes excessive electronic media use," which has already been shown to have detrimental effects on sleep duration and quality. The effects of high speed internet access were particularly noticeable in younger age demographics.
Read more of this story at Slashdot.