Shared posts

03 Oct 07:31

Adversarial Interoperability

by Cory Doctorow
Stuart.ward.uk

A must read

“Interoperability” is the act of making a new product or service work with an existing product or service: modern civilization depends on the standards and practices that allow you to put any dish into a dishwasher or any USB charger into any car’s cigarette lighter.

But interoperability is just the ante. For a really competitive, innovative, dynamic marketplace, you need adversarial interoperability: that’s when you create a new product or service that plugs into the existing ones without the permission of the companies that make them. Think of third-party printer ink, alternative app stores, or independent repair shops that use compatible parts from rival manufacturers to fix your car or your phone or your tractor.

Adversarial interoperability was once the driver of tech’s dynamic marketplace, where the biggest firms could go from top of the heap to scrap metal in an eyeblink, where tiny startups could topple dominant companies before they even knew what hit them.

But the current crop of Big Tech companies has secured laws, regulations, and court decisions that have dramatically restricted adversarial interoperability. From the flurry of absurd software patents that the US Patent and Trademark Office granted in the dark years between the first software patents and the Alice decision to the growing use of "digital rights management" to create legal obligations to use the products you purchase in ways that benefit shareholders at your expense, Big Tech climbed the adversarial ladder and then pulled it up behind them.

That can and should change. As Big Tech grows ever more concentrated, restoring adversarial interoperability must be a piece of the solution to that concentration: making big companies smaller makes their mistakes less consequential, and it deprives them of the monopoly profits they rely on to lobby for rules that make competing with them even harder.

For months, we have written about the history, theory, and practice of adversarial interoperability. This page rounds up our writing on the subject in one convenient resource that you can send your friends, Members of Congress, teachers, investors, and bosses as we all struggle to figure out how to re-decentralize the Internet and spread decision-making power around to millions of individuals and firms, rather than the executives of a handful of tech giants.

(Crossposted from EFF Deeplinks)

28 Nov 13:10

Propaganda and the Weakening of Trust in Government

by Bruce Schneier
Stuart.ward.uk

what to do when democracy is attacked by the American President.

On November 4, 2016, the hacker "Guccifer 2.0,: a front for Russia's military intelligence service, claimed in a blogpost that the Democrats were likely to use vulnerabilities to hack the presidential elections. On November 9, 2018, President Donald Trump started tweeting about the senatorial elections in Florida and Arizona. Without any evidence whatsoever, he said that Democrats were trying to steal the election through "FRAUD."

Cybersecurity experts would say that posts like Guccifer 2.0's are intended to undermine public confidence in voting: a cyber-attack against the US democratic system. Yet Donald Trump's actions are doing far more damage to democracy. So far, his tweets on the topic have been retweeted over 270,000 times, eroding confidence far more effectively than any foreign influence campaign.

We need new ideas to explain how public statements on the Internet can weaken American democracy. Cybersecurity today is not only about computer systems. It's also about the ways attackers can use computer systems to manipulate and undermine public expectations about democracy. Not only do we need to rethink attacks against democracy; we also need to rethink the attackers as well.

This is one key reason why we wrote a new research paper which uses ideas from computer security to understand the relationship between democracy and information. These ideas help us understand attacks which destabilize confidence in democratic institutions or debate.

Our research implies that insider attacks from within American politics can be more pernicious than attacks from other countries. They are more sophisticated, employ tools that are harder to defend against, and lead to harsh political tradeoffs. The US can threaten charges or impose sanctions when Russian trolling agencies attack its democratic system. But what punishments can it use when the attacker is the US president?

People who think about cybersecurity build on ideas about confrontations between states during the Cold War. Intellectuals such as Thomas Schelling developed deterrence theory, which explained how the US and USSR could maneuver to limit each other's options without ever actually going to war. Deterrence theory, and related concepts about the relative ease of attack and defense, seemed to explain the tradeoffs that the US and rival states faced, as they started to use cyber techniques to probe and compromise each others' information networks.

However, these ideas fail to acknowledge one key differences between the Cold War and today. Nearly all states -- whether democratic or authoritarian -- are entangled on the Internet. This creates both new tensions and new opportunities. The US assumed that the internet would help spread American liberal values, and that this was a good and uncontroversial thing. Illiberal states like Russia and China feared that Internet freedom was a direct threat to their own systems of rule. Opponents of the regime might use social media and online communication to coordinate among themselves, and appeal to the broader public, perhaps toppling their governments, as happened in Tunisia during the Arab Spring.

This led illiberal states to develop new domestic defenses against open information flows. As scholars like Molly Roberts have shown, states like China and Russia discovered how they could "flood" internet discussion with online nonsense and distraction, making it impossible for their opponents to talk to each other, or even to distinguish between truth and falsehood. These flooding techniques stabilized authoritarian regimes, because they demoralized and confused the regime's opponents. Libertarians often argue that the best antidote to bad speech is more speech. What Vladimir Putin discovered was that the best antidote to more speech was bad speech.

Russia saw the Arab Spring and efforts to encourage democracy in its neighborhood as direct threats, and began experimenting with counter-offensive techniques. When a Russia-friendly government in Ukraine collapsed due to popular protests, Russia tried to destabilize new, democratic elections by hacking the system through which the election results would be announced. The clear intention was to discredit the election results by announcing fake voting numbers that would throw public discussion into disarray.

This attack on public confidence in election results was thwarted at the last moment. Even so, it provided the model for a new kind of attack. Hackers don't have to secretly alter people's votes to affect elections. All they need to do is to damage public confidence that the votes were counted fairly. As researchers have argued, "simply put, the attacker might not care who wins; the losing side believing that the election was stolen from them may be equally, if not more, valuable."

These two kinds of attacks -- "flooding" attacks aimed at destabilizing public discourse, and "confidence" attacks aimed at undermining public belief in elections -- were weaponized against the US in 2016. Russian social media trolls, hired by the "Internet Research Agency," flooded online political discussions with rumors and counter-rumors in order to create confusion and political division. Peter Pomerantsev describes how in Russia, "one moment [Putin's media wizard] Surkov would fund civic forums and human rights NGOs, the next he would quietly support nationalist movements that accuse the NGOs of being tools of the West." Similarly, Russian trolls tried to get Black Lives Matter protesters and anti-Black Lives Matter protesters to march at the same time and place, to create conflict and the appearance of chaos. Guccifer 2.0's blog post was surely intended to undermine confidence in the vote, preparing the ground for a wider destabilization campaign after Hillary Clinton won the election. Neither Putin nor anyone else anticipated that Trump would win, ushering in chaos on a vastly greater scale.

We do not know how successful these attacks were. A new book by John Sides, Michael Tesler and Lynn Vavreck suggests that Russian efforts had no measurable long-term consequences. Detailed research on the flow of news articles through social media by Yochai Benker, Robert Farris, and Hal Roberts agrees, showing that Fox News was far more influential in the spread of false news stories than any Russian effort.

However, global adversaries like the Russians aren't the only actors who can use flooding and confidence attacks. US actors can use just the same techniques. Indeed, they can arguably use them better, since they have a better understanding of US politics, more resources, and are far more difficult for the government to counter without raising First Amendment issues.

For example, when the Federal Communication Commission asked for comments on its proposal to get rid of "net neutrality," it was flooded by fake comments supporting the proposal. Nearly every real person who commented was in favor of net neutrality, but their arguments were drowned out by a flood of spurious comments purportedly made by identities stolen from porn sites, by people whose names and email addresses had been harvested without their permission, and, in some cases, from dead people. This was done not just to generate fake support for the FCC's controversial proposal. It was to devalue public comments in general, making the general public's support for net neutrality politically irrelevant. FCC decision making on issues like net neutrality used to be dominated by industry insiders, and many would like to go back to the old regime.

Trump's efforts to undermine confidence in the Florida and Arizona votes work on a much larger scale. There are clear short-term benefits to asserting fraud where no fraud exists. This may sway judges or other public officials to make concessions to the Republicans to preserve their legitimacy. Yet they also destabilize American democracy in the long term. If Republicans are convinced that Democrats win by cheating, they will feel that their own manipulation of the system (by purging voter rolls, making voting more difficult and so on) are legitimate, and very probably cheat even more flagrantly in the future. This will trash collective institutions and leave everyone worse off.

It is notable that some Arizonan Republicans -- including Martha McSally -- have so far stayed firm against pressure from the White House and the Republican National Committee to claim that cheating is happening. They presumably see more long term value from preserving existing institutions than undermining them. Very plausibly, Donald Trump has exactly the opposite incentives. By weakening public confidence in the vote today, he makes it easier to claim fraud and perhaps plunge American politics into chaos if he is defeated in 2020.

If experts who see Russian flooding and confidence measures as cyberattacks on US democracy are right, then these attacks are just as dangerous -- and perhaps more dangerous -- when they are used by domestic actors. The risk is that over time they will destabilize American democracy so that it comes closer to Russia's managed democracy -- where nothing is real any more, and ordinary people feel a mixture of paranoia, helplessness and disgust when they think about politics. Paradoxically, Russian interference is far too ineffectual to get us there -- but domestically mounted attacks by all-American political actors might.

To protect against that possibility, we need to start thinking more systematically about the relationship between democracy and information. Our paper provides one way to do this, highlighting the vulnerabilities of democracy against certain kinds of information attack. More generally, we need to build levees against flooding while shoring up public confidence in voting and other public information systems that are necessary to democracy.

The first may require radical changes in how we regulate social media companies. Modernization of government commenting platforms to make them robust against flooding is only a very minimal first step. Up until very recently, companies like Twitter have won market advantage from bot infestations -- even when it couldn't make a profit, it seemed that user numbers were growing. CEOs like Mark Zuckerberg have begun to worry about democracy, but their worries will likely only go so far. It is difficult to get a man to understand something when his business model depends on not understanding it. Sharp -- and legally enforceable -- limits on automated accounts are a first step. Radical redesign of networks and of trending indicators so that flooding attacks are less effective may be a second.

The second requires general standards for voting at the federal level, and a constitutional guarantee of the right to vote. Technical experts nearly universally favor robust voting systems that would combine paper records with random post-election auditing, to prevent fraud and secure public confidence in voting. Other steps to ensure proper ballot design, and standardize vote counting and reporting will take more time and discussion -- yet the record of other countries show that they are not impossible.

The US is nearly unique among major democracies in the persistent flaws of its election machinery. Yet voting is not the only important form of democratic information. Apparent efforts to deliberately skew the US census against counting undocumented immigrants show the need for a more general audit of the political information systems that we need if democracy is to function properly.

It's easier to respond to Russian hackers through sanctions, counter-attacks and the like than to domestic political attacks that undermine US democracy. To preserve the basic political freedoms of democracy requires recognizing that these freedoms are sometimes going to be abused by politicians such as Donald Trump. The best that we can do is to minimize the possibilities of abuse up to the point where they encroach on basic freedoms and harden the general institutions that secure democratic information against attacks intended to undermine them.

This essay was co-authored with Henry Farrell, and previously appeared on Motherboard, with a terrible headline that I was unable to get changed.

12 Apr 12:47

UK explains how NIS Directive will apply to digital service providers

Stuart.ward.uk

The all the attention on GDPR NIS has gone under the radar

Online marketplaces, online search engines and cloud computing service providers operating in the UK can expect new guidance to be issued to help them comply with the EU's Network and Information Security (NIS) Directive, the UK government has said.
12 Apr 12:46

Design specified for UK's universal service obligation for broadband

The design of the UK's new universal service obligation (USO) for broadband has been specified in law.
06 Dec 12:38

The open web is dead, but do we have to kill the internet too?

by Stacey Higginbotham
Stuart.ward.uk

When a resource is abundant, people innovate on it. But when it is scarce, people innovate around it. Carriers would do well to remember that.

ISPs could prevent the next Waze. That would be terrible.

For many years I covered the the Federal Communications Commission, specifically the years-long fight to get some sort of formal network neutrality regulation passed. Then I started digging into the so-called internet of things a half decade ago as my new passion and I thought my days of covering the FCC were over. But the two are still intertwined.

Three years later, I saw the agency pass rules that would prevent some of the bad behavior that ISPs had tried in the preceding years to kill competitive voice and video services. The network neutrality rules of 2015 stopped carriers from interfering with lawful traffic passing over their networks.

At the time this meant that Comcast couldn’t block BitTorrent traffic and small ISPs in Wisconsin couldn’t block Skype calls. Thanks to the 2015 rules, network neutrality also applied in some measure to wireless networks, which meant that AT&T blocking FaceTime was not cool, nor was Verizon making favorable deals with Skype.

Last week, while the U.S. was focused on Thanksgiving turkey, the current FCC chairman Ajit Pai declared that on Dec. 14 he would bring a repeal of the 2015 network neutrality laws to a vote. With three Republican commissioners, Pai’s plan would likely pass. In the days since, however, we’ve seen one Republican senatordefect from Pai’s camp, a concerted effort by tech firms to galvanize support for network neutrality and Comcast erase its commitment to avoid paid prioritization on its network.

So what’s the fear here? At a minimum, a company like Comcast could prioritize its own services over those from other providers. Darker scenarios involve Comcast charging companies money for fast-lane access to end consumers. From an IoT perspective, this means that Comcast could let packets from its security alarm and camera service go ahead of those of ADT’s or Nest’s.

But the bigger picture is about what we don’t know. It’s always hard in technology to anticipate what’s next. No one saw the Amazon Echo coming until it was here for a few months. Relatively few people were excited about Nokia’s smartphones before the iPhone and its capacitive touch screen arrived in 2007. And when I was testing the first 3G modems from Verizon by streaming internet radio on my laptop while driving in my car, I couldn’t see Waze or Uber coming.

Yet, what these services have in common is they rely on broadband networks that are threatened by the repeal of network neutrality rules. One reason the Nokia smartphones didn’t catch on in the U.S.? The carriers didn’t subsidize them on their networks. (They also didn’t have that touchscreen.) AT&T agreeing to support the iPhone was a big deal. It knew that it would use a lot of data, challenging and showcasing its network.

And when Apple introduced the App Store in 2008 it managed to do what carriers had so far screwed up for years. It finally made on-device apps and services accessible and consumable.

It did this by offering developers an easy way to get their ideas onto a platform with millions of consumers. It also allowed developers to make money in a way that didn’t require dealing with the carriers. With awesome content, Apple’s iPhone stood apart from the competition that rapidly copied its hardware.

Apple’s advantage was its hardware, but it was also the company’s approach to software that would run on its devices. Carriers wanted to control everything, and when they did they slowed innovation. Carriers offered app stores. They had a large, captive customer base. It didn’t help.

The point here is that the carriers had the tools to move beyond their role as the provider of the broadband pipe. But they consistently failed because they didn’t see — or didn’t want to see – what the mobile future needed. Instead of proprietary platforms and deals to get app developers to pay the carriers for space on the device (hello bloatware), people wanted innovation. While every now and then carriers might let someone on the platform that would provide an awesome game or program, that would be the exception rather than the rule.

The flatter playing field provided by the Apple App Store and Google’s Play Store, as well as the huge audience on those platforms, meant that there was a reason and a way to build something a little crazy to see if it worked. We’re neck deep in those crazy ideas today. Many of your favorite apps might never have existed under the old carrier-based app store regime.

What’s astonishing is that as carriers saw themselves falling behind they didn’t learn the lesson. They instead tried to build a new app store and even a failed digital payments system to compete. They did little to woo developers and even tried to block some apps on their network. At a time when wireless carriers had the hottest commodity in the world with mobile data, carriers didn’t focus on what they had, and instead tried to build a new industry in an area where they were ill-suited to compete.

Many operators believe they were stuck with a form of the innovator’s dilemma, where they couldn’t invest in the new without cannibalizing the old, but what they should have done is embrace their role as an essential infrastructure provider and double down on making data delivery as efficient as possible. It’s the same strategy Google, Amazon, Microsoft and Facebook are pursuing with their computing infrastructure. And now Facebook is moving into telecommunications with various open source telecom projects.

So what does this have to do with IoT and network neutrality? Simply this. The ISPs have failed when it comes to innovation in the 21st century. Yes, they have excellent engineers and have put together complex worldwide networks. But when it comes to creating agile businesses that can adapt to the pace of technological change, they have failed. The default is always to try to control the pipe; to turn broadband into a pricey resource available to a few.

As we add more sensors to the world, we have the opportunity to pull in new data streams and use that data to create new applications and services. We don’t even know what those will look like. We’re at the point I was at in 2003 driving around listening to internet radio from my open laptop resting on my passenger seat.

If ISPs have their way, we won’t see the Wazes or the Dark Skys of the next era of technology advancement because the creators won’t build them.

I have two hopes here. One is that Pai’s efforts fail because Republicans in the House pull back from this issue (or Trump offers a scathing tweet in response to an angry Fox News host). The second is that even if Pai succeeds, the engineering talent and massive war chests at Facebook or Apple lead to new networks.

After all, optimization is the key to success at many web companies that measure and manage everything. If reaching their billions of users costs more, and they can find a way to cut those costs, they will get into last-mile networks. Already they are researching new technology such as microwave spectrum and smart antennas to deliver broadband. When a resource is abundant, people innovate on it. But when it is scarce, people innovate around it. Carriers would do well to remember that.

It’s a small hope, and we’ll miss out on plenty while we wait, but it’s the only hope we’ll have if Pai succeeds.

06 Dec 12:24

IPv6 World Leader 2017

by RevK
Stuart.ward.uk

The talk from Facebook was really interesting - IPv6 everywhere internally with just edge devices talking legacy IPv4 for those who are not up to date

I was at the IPv6 UK Council annual meeting yesterday, and (A&A) received an award from the IPv6 forum. The Jim Bound award. Thank you.


It was an interesting day, and quite long, but at the end of the day lots of people bought me pints of cider in the Paternoster pub, thank you.

IPv6 is not new, and it was interesting to hear how different companies have deployed IPv6 and are deploying it. The talk from Facebook was really interesting - IPv6 everywhere internally with just edge devices talking legacy IPv4 for those who are not up to date. They also report that IPv6 access has better performance.

One key point is that IPv4 is somewhat decaying, with more and more problems, especially with things like Carrier Grade NAT. IPv6 rescues you from that and keeps the Internet working.
30 Nov 15:35

9 Robot Animals Built From Nature’s Best-Kept Secrets

by Edd Gent

Millions of years of evolution have allowed animals to develop some elegant and highly efficient solutions to problems like locomotion, flight, and dexterity. As Boston Dynamics unveils its latest mechanical animals, here’s a rundown of nine recent robots that borrow from nature and why.

SpotMini – Boston Dynamics

Starting with BigDog in 2005, the US company has built a whole stable of four-legged robots in recent years. Their first product was designed to be a robotic packhorse for soldiers that borrowed the quadrupedal locomotion of animals to travel over terrain too rough for conventional vehicles.

The US Army ultimately rejected the robot for being too noisy, according to the Guardian, but since then the company has scaled down its design, first to the Spot, then a first edition of the SpotMini that came out last year.

The latter came with a robotic arm where its head should be and was touted as a domestic helper, but a sleeker second edition without the arm was released earlier this month. There’s little detail on what the new robot is designed for, but the more polished design suggests a more consumer-focused purpose.

OctopusGripper – Festo

Festo has released a long line of animal-inspired machines over the years, from a mechanical kangaroo to robotic butterflies. Its latest creation isn’t a full animal—instead it’s a gripper based on an octopus tentacle that can be attached to the end of a robotic arm.

The pneumatically-powered device is made of soft silicone and features two rows of suction cups on its inner edge. By applying compressed air the tentacle can wrap around a wide variety of differently shaped objects, just like its natural counterpart, and a vacuum can be applied to the larger suction cups to grip the object securely. Because it’s soft, it holds promise for robots required to operate safely in collaboration with humans.

CRAM – University of California, Berkeley

Cockroaches are renowned for their hardiness and ability to disappear down cracks that seem far too small for them. Researchers at UC Berkeley decided these capabilities could be useful for search and rescue missions and so set about experimenting on the insects to find out their secrets.

They found the bugs can squeeze into gaps a fifth of their normal standing height by splaying their legs out to the side without significantly slowing themselves down. So they built a palm-sized robot with a jointed plastic shell that could do the same to squeeze into crevices half its normal height.

Snake Robot – Carnegie Mellon University

Search and rescue missions are a common theme for animal-inspired robots, but the snake robot built by CMU researchers is one of the first to be tested in a real disaster.

A team of roboticists from the university helped Mexican Red Cross workers search collapsed buildings for survivors after the 7.1-magnitude earthquake that struck Mexico City in September. The snake design provides a small diameter and the ability to move in almost any direction, which makes the robot ideal for accessing tight spaces, though the team was unable to locate any survivors.

The snake currently features a camera on the front, but researchers told IEEE Spectrum that the experience helped them realize they should also add a microphone to listen for people trapped under the rubble.

Bio-Hybrid Stingray – Harvard University

Taking more than just inspiration from the animal kingdom, a group from Harvard built a robotic stingray out of silicone and rat heart muscle cells.

The robot uses the same synchronized undulations along the edge of its fins to propel itself as a ray does. But while a ray has two sets of muscles to pull the fins up and down, the new device has only one that pulls them down, with a springy gold skeleton that pulls them back up again. The cells are also genetically modified to be activated by flashes of light.

The project’s leader eventually hopes to engineer a human heart, and both his stingray and an earlier jellyfish bio-robot are primarily aimed at better understanding how that organ works.

Bat Bot – Caltech

Most recent advances in drone technology have come from quadcopters, but Caltech engineers think rigid devices with rapidly spinning propellers are probably not ideal for use in close quarters with humans.

That’s why they turned to soft-winged bats for inspiration. That’s no easy feat, though, considering bats use more than 40 joints with each flap of their wings, so the team had to optimize down to nine joints to avoid it becoming too bulky. The simplified bat can’t ascend yet, but its onboard computer and sensors let it autonomously carry out glides, turns, and dives.

Salto – UC Berkeley

While even the most advanced robots tend to plod around, tree-dwelling animals have the ability to spring from branch to branch to clear obstacles and climb quickly. This could prove invaluable for search and rescue robots by allowing them to quickly traverse disordered rubble.

UC Berkeley engineers turned to the Senegal bush baby for inspiration after determining it scored highest in “vertical jumping agility”—a combination of how high and how frequently an animal can jump. They recreated its ability to get into a super-low crouch that stores energy in its tendons to create a robot that could carry out parkour-style double jumps off walls to quickly gain height.

Pleurobot – École Polytechnique Fédérale de Lausanne

Normally robots are masters of air, land, or sea, but the robotic salamander built by researchers at EPFL can both walk and swim.

Its designers used X-ray videos to carefully study how the amphibians move before using this to build a true-to-life robotic version using 3D printed bones, motorized joints, and a synthetic nervous system made up of electronic circuitry.

The robot’s low center of mass and segmented legs make it great at navigating rough terrain without losing balance, and the ability to swim gives added versatility. They also hope it will help paleontologists gain a better understanding of the movements of the first tetrapods to transition from water to land, which salamanders are the best living analog of.

Eelume – Eelume

A snakelike body isn’t only useful on land—eels are living proof it’s an efficient way to travel underwater, too. Norwegian robotics company Eelume has borrowed these principles to build a robot capable of sub-sea inspection, maintenance, and repair.

The modular design allows operators to put together their own favored configuration of joints and payloads such as sensors and tools. And while an early version of the robot used the same method of locomotion as an eel, the latest version undergoing sea trials has added a variety of thrusters for greater speeds and more maneuverability.

Image Credit: Boston Dynamics / YouTube

30 Nov 13:15

Trump Made the Most Flagrant Bigots Proud. They See Him as Their Leader. Why Wouldn’t They?

by Shaun King

I know it’s hard to keep up, but this morning President Donald Trump did something so dangerous, offensive, and problematic that it must be confronted head-on. In my circles, we are wary of playing what we call the “Oppression Olympics,” where one horrible moment of bigotry gets ranked against the next, but I am forced to say that what Trump did this morning is a low moment for a very low presidency.

As he does most mornings, Trump woke up and began his daily tweet-fest. Each tweet could be legitimately critiqued and dissected. This morning, however, there were three very disturbing retweets that we must confront like our lives depend on it — because for some of us, it does. I truly believe that Trump — who, I remind you, is the president of the United States and has over 44 million followers on Twitter alone — has just endangered millions of people.

Trump has just endangered millions of people. The videos Trump promoted are pieces of hateful, anti-Muslim propaganda.

Trump retweeted several videos from a group called Britain First, a far-right, white supremacist group. The videos Trump promoted are pieces of hateful, anti-Muslim propaganda. One of the videos, purporting to be of a young Muslim immigrant assaulting a young Dutch man, appears to be an absolute hoax. There is no indication that the perpetrator of the attack is a Muslim. As my colleague Rob Mackey wrote, Britain First has a long history of distorting videos and releasing misleading information to promote its hateful cause; the group is a purveyor of bigoted hoaxes.

The more you learn about Britain First, the worse it gets. Jayda Fransen, the group’s deputy leader, is a widely known bigot in the U.K. This is not just my opinion: She has been convicted of a hate crime for brutally harassing a young Muslim mother in front of her children. Ten days ago, she was arrested in Belfast in a separate incident and charged with “threatening, abusive or insulting words or behavior.”

On Wednesday, Fransen was thrilled with Trump’s retweets, posting an all-caps message about it: “DONALD TRUMP HIMSELF HAS RETWEETED THESE VIDEOS AND HAS AROUND 44 MILLION FOLLOWERS! GOD BLESS YOU TRUMP! GOD BLESS AMERICA!” she wrote. After thanking Trump, Fransen then went on a tweeting spree, in which she appears to openly accept that the videos were hateful, Islamophobic, and anti-Muslim.

The British reaction gives us an idea of how bad things are. David Lammy, a Labour member of parliament, was outraged. “Trump sharing Britain First,” he tweeted. “Let that sink in. The President of the United States is promoting a fascist, racist, extremist hate group whose leaders have been arrested and convicted. He is no ally or friend of ours.”

Again: The president of the United States is sharing outrageous hate videos from a convicted hate-monger with the world. Maybe your ability to be disturbed ran out a long time ago, but this is beyond the pale. I have spoken this morning with over a dozen of my closest Muslim friends and colleagues. Without fail, each of them was not only deeply offended by what Trump has done, but they also each felt like the president of the United States just mainstreamed hate and violence against them.

Suddenly a convicted hate leader who most of the world had never heard of feels empowered. She has been amplified and given a platform beyond her wildest dreams. She is now literally thanking God for Donald Trump. Now she is being interviewed by CBS and forced into the American mainstream.

Today, Trump made the most flagrant bigots among us proud. They see him as their leader. Why wouldn’t they?

All of this goes right back to square one with Trump. He had long since targeted Muslims and made an entire religion the focus of his ire. During his campaign, he said, “I think Islam hates us” and threatened to ban all Muslims from coming to the U.S. After entering office, Trump attempted to enact a more limited “Muslim ban,” focusing on only a handful of Muslim countries. With the courts striking down the bans over and over again, Trump has been forced to moderate his policies. But his tweets today prove it is unadulterated hate and Islamophobia that drive him.

Just like he did after Trump’s middling remarks about the violence surrounding a far-right rally in Charlottesville, Virginia, this summer, one of America’s leading white supremacists David Duke is again thanking Trump for his actions today. That kind of sums it up. Today, Trump made the most flagrant bigots among us proud. They see him as their leader. Why wouldn’t they?

These hate-mongers are feeling empowered, and so are their followers. Hate crimes are on the rise in the U.S., according to FBI statistics, especially against Muslims. That’s what I mean when I say Trump is putting people in real danger. With Trump promoting the worst anti-Muslim hate, things are steadily getting more and more precarious for our Muslim brothers and sisters in the U.S. and across the world.

I wondered how much worse things could get coming from Donald Trump. Today proves that we’re not even close to rock bottom.

The post Trump Made the Most Flagrant Bigots Proud. They See Him as Their Leader. Why Wouldn’t They? appeared first on The Intercept.

23 Nov 10:50

The Fight for a Free, Fair and Open Internet | Bioneers 2017

by Cory Doctorow

According to journalist, blogger, “creative commons” advocate, Electronic Frontier Foundation Fellow, and award-winning science fiction author Cory Doctorow, the fight for a free, fair and open Internet isn’t the most important fight on the planet, but you can’t win any of the other major battles without it. Although the Net is the nervous system of the 21st century, so far we have misunderstood and mismanaged it and made it susceptible to capture by the powerful and corrupt. Cory will share his strategies to reclaim the global lifeline that should belong to all of us.

Introduction by Joshua Fouts, Bioneers Executive Director.

This speech was given at the 2017 National Bioneers Conference.

08 Nov 10:16

How I lifehacked my way into a corner

by Cory Doctorow

My latest Locus column is “How to Do Everything (Lifehacking Considered Harmful),” the story of how I was present at the birth of “lifehacking” and how, by diligently applying the precept that I should always actively choose how I prioritize my time, I have painted my way into a (generally pleasant) corner that I can’t escape from.


Call it the paradox of mindful choosing: after 14 years of throwing away the things that do the least for me and preserving those things that do the most for me, I’ve pulled all the easy blocks out of my life’s Jenga tower, and I’ve left myself with no moves to make.


The past 14 years have regularly featured junctures where I had to get rid of something I liked doing so I could do something I liked doing more. Some of that was low-hanging fruit (I haven’t watched TV regularly in more than a decade), but after getting rid of the empty calories in my activity diet, I had to start making hard choices.

In retrospect, I observe that the biggest predictor of whether an activity surviving winnowing is whether it paid off in two or more of the aspects of my life and career. If something made me a better blogger – but not a bet­ter novelist and activist – it went. The more parts of my life were implicated in an activity, the more likely I was to keep the activity in my daily round.

Some of these choices were tough. I have all but given up on re-reading books, despite the undeniable pleasure and value to understanding the authors’ craft, which is easier to unpick on subsequent readings. But I have more than 20 linear feet of books I’ve promised to read for blurbs and reviews, and reading those books also teaches me something about the craft, also brings me pleasure, also makes me a better reviewer, and also makes me a better citizen of science fiction, who contributes to the success of worthy new books.

Some social media tools – like Facebook – make for fun (if problematic) socializing, and all social media pays some dividend to authors who are hoping to sell books and activists who are hoping to win support, but Twitter also teaches me to be a better writer by making me think about brevity and sentence structure in very rigorous ways (and from an activist perspective, Twitter is a better choice because it, unlike Facebook, doesn’t want the web to die and be replaced by its walled garden) – so Twitter is in, and Facebook is out.

There are some unexpected outcomes from this process, albeit ones that are obvious in hindsight.

How to Do Everything (Lifehacking Considered Harmful) [Cory Doctorow/Locus]

12 Oct 14:59

The Airport Bomber From Last Week You Never Heard About

by Shaun King

It’s strange how some things really catch on and go viral and others don’t. These days, nothing quite makes a story blow up — no pun intended — like the president’s fixation with it. That’s why it’s so peculiar that what sure looks like an attempted terrorist attack was narrowly thwarted at an American airport this past Friday without so much as a peep from Donald Trump about it. No tweets. No nicknames for the alleged would-be-terrorist. Nothing. You’ll see why in a minute.

This past Friday morning, at 12:39 a.m., security footage from the Asheville Regional Airport in North Carolina showed a man walking through the front doors wearing black clothing and a black cap, while carrying a bag. “Based on a review of the video, the individual walked near the entrance to the terminal, went out of sight momentarily, and was then seen departing the area without the bag,” according to the criminal complaint.

Following the Transportation Security Administration’s protocols, airport security allowed a bomb dog to sniff the bag for explosives and the dog signaled to the team the presence of dangerous materials in the bag. The concourse was then shut down. The street leading to the airport was shut down. And Asheville Regional Airport officials found themselves in a dangerous emergency situation.

What investigators eventually found in the bag was AN/FO (Ammonium Nitrate/Fuel Oil) explosives that, according to the criminal complaint, have been used “in a number of terrorist-related incidents around the world. When AN/FO comes into contact with a flame or other ignition source it explodes violently. Nails or ball bearings are often items added to the device so as to increase the devastation inflicted by the explosion.”

In fact, sharp nails and bullets were found in this improvised explosive device. Whoever built it designed the bomb to cause horrific bodily harm. Before disarming it, authorities discovered that the alarm attached to it was scheduled to go off at 6:00 a.m. that morning just as a fresh round of travelers was scheduled to arrive at the airport.

The man who planted it, it turns out, openly admitted to authorities that he was “preparing to fight a war on U.S. soil” and that this bomb was but one part of that war.

Little Fanfare

I bet you never heard about it. I keep an eye on these types of incidents closely and I didn’t hear about it. Someone who follows me online who happens to live in Asheville sent me the story this morning — shocked that it hadn’t gotten any play at all beyond a few mentions in the local paper and some isolated pickup by a few national outlets.

As soon as I clicked on the article, it all made perfect sense.

The story didn’t go viral and Trump didn’t tweet about it because the bomb was not placed by an immigrant, or a Muslim, or a Mexican. It was placed there by a good ol’ white man, Michael Christopher Estes. Unlike the Las Vegas shooter, Stephen Paddock, whose motive is still hard to discern, Estes wanted to be very clear that his ultimate goal was to accelerate a war on American soil.

Sorry if it sounds like you’ve heard this story before. I’m as tired of writing it as you are reading it, but you know good and well that if Estes was a young Muslim — hell, if he had ever even visited a mosque in the past 25 years — that Trump would be tweeting about him right this very moment to tout how essential a Muslim ban is for American safety.

A Muslim attacker’s mugshot would become a meme across the conservative media. Mainstream American outlets would be covering the heroic bravery of those who thwarted the terrorist plot. We’d all be seeing footage of the perpetrator being walked from the police car to the jail and from the jail to the court room. Out loud, people would talk and tweet about the man’s family and friends and networks — wondering where he was radicalized, and if anyone else feels the way he does.

In this case, though? Crickets. We hear nothing at all — almost exclusively because the man who planted an improvised explosive device, just like ones that have been used to murder and maim people all over the world, was white. His guilt starts and stops with him. His actions aren’t an indictment of his whole faith, political outlook, and race. White people aren’t, thanks to Estes, suddenly labeled terrorists or seen as a threat to American safety in the way that would almost certainly happen had it been anybody other than a white man.

This isn’t me calling for all of those things that happen to Muslims and immigrants every single day to now happen to Estes and white people all over the country. It’s me saying that the fundamentally bigoted double standard by which it is done to virtually everyone except for Michael Christopher Estes and other white men has to stop.

Top photo: A collage shows Michael Christopher Estes and a view of Asheville Regional Airport. (Photos: Google Maps, Buncombe County Detention Center)

The post The Airport Bomber From Last Week You Never Heard About appeared first on The Intercept.

14 Aug 09:57

How to choose a cloud provider

by Jesse Anderson

Practical questions to help you make a decision.

If you look up the phrase “boiling the ocean,” it’s defined as writing a post on choosing a cloud provider—there are so many different facets and use cases, and each variable complicates your choice. The key is to narrow the field to your specific situation and needs. In this article, I share some of the early questions and decisions I use when working with a team to choose a cloud provider.

Simple pass/fails

I recently worked with a large financial organization who was considering a move to the cloud. When I started the engagement, we began with quick pass/fail decisions to see if a cloud move was feasible. These pass/fail choices allowed the team to make an initial go-forward decision before they went too deep down the rabbit hole. The following considerations helped mitigate their risk.

Can we use the cloud?

This might sound like an easy one, but some teams actually forget this step. There may be an outright prohibition on using the cloud at your organization, or the political climate may be so terrible that you decide not to fight that battle.

Will the technologies work for your use case?

Can the cloud technologies do what you need them to do? With small data problems, this isn’t usually an issue: they can handle almost anything. With big data problems, however, capability can be a sticky issue—there are bigger tradeoffs that the technology designers had to make.

I’ve written some in-depth posts covering some of these tradeoffs and comparisons. For example, I compared Amazon Kinesis and Apache Kafka, and Google Cloud Pub/Sub and Apache Kafka. You’ll notice there are subtle differences. In the lens of a use case, these differences can make a requirement of your use case impossible to implement with a technology.

In order to make this initial call, you need to really understand and know your use case. You’ll want to have a general idea of where and what you want to do in the future, and validate those use cases, too.

Compare providers

At the 10,000-foot level, there isn’t a glaring difference at small data scales. At these small data scales, there are fewer distinguishing factors. But at big data scales, the different cloud providers have bigger differences.

Generally, the providers distinguish themselves on:

  • How easy are the managed services to use and operate? For example, how easy is it for me to spin up a database and have it replicate all over the world?
  • Since the services are managed, how good is their uptime and how reliable is the system? In other words, how often does the service go down, and for how long? Some outages are system-wide, but how often do your instances disappear?
  • The cloud providers fight each other on price. What is the total cost of running infrastructure on the cloud provider? Unfortunately, this question can be difficult to answer because working with a single technology can have three or four different costs associated with it. For example, a messaging system could have costs for the message transfer, the storage of the message, and an hourly fee for the managed messaging system.
  • How prevalent are engineers with knowledge of that cloud provider in the marketplace? These days, you can’t throw a stone without hitting someone with some knowledge of Amazon Web Services. That said, the skills are largely similar at an operation level. The skills at a developer level are only somewhat similar.
  • How difficult will it be for you to move between cloud providers and technologies—aka “lock in”? For example, some providers use an open source technology or its API, but have their managed service behind the scenes. Conversely, using a managed service with a proprietary API really couples you to that cloud provider.

Keep your options open

As you’re looking over providers, don’t just look at the big cloud providers. Take the time to investigate niche providers as well. They may be able to provide a level of service that the big providers don’t (although, be warned that some smaller providers don’t provide tech support). Still other niche providers handle the operations of open source technologies that aren’t necessarily managed services.

Ask the right questions

Once you’ve considered the big-picture factors, you’re ready to fine-tune your decision process. Here are the questions I ask teams to consider when choosing a provider:

  • Cost: Is cost a primary factor? Have you created an accurate calculation for your comparisons?
  • Popularity contest: How popular is this cloud provider and do they have enough customers not to go the way of the dodo bird?
  • Availability of people: How difficult will it be to train the existing staff on the provider’s technologies (for both operations and development)? How difficult will it be to hire people who are familiar with the provider?
  • SLAs: What level of SLA does the provider give for the services you’ll be using (remember that some services are ghosted under a main service)? Does management know that during a large-scale outage, you won’t be able to scream loud enough to speed things up?
  • Use case: Does the technology work for your use case? Do you really understand your use case well enough to validate the technologies?
  • Lock-in: Are you comfortable with the potential level of lock-in? Will you write your software to be highly coupled to that service?
  • Company politics: Have you settled the company politics? In other words, have you established who owns what, and who is responsible for each piece?

Once you’ve thought about and answered these questions, you’ll be in a better position to make an accurate comparison of the cloud provider landscape. A little preparation and careful groundwork are the keys to making the right choice.

Continue reading How to choose a cloud provider.

02 Aug 10:29

⁠Btrfs has been deprecated in RHEL

Stuart.ward.uk

What should we move to XFS?

02 Jun 15:24

French President Emmanuel Macron Offers Refuge to American Climate Scientists

by Robert Mackey
Stuart.ward.uk

Inspireing

Updated: June 2, 7:23 a.m. EDT

Just one hour after Donald Trump announced that he was withdrawing the United States from the global climate accord negotiated in Paris — saying that he was “elected to represent the citizens of Pittsburgh, not Paris” — the new French president, Emmanuel Macron, offered refuge in France to American climate scientists.

In a three-minute address to the American people streamed live from the Élysée Palace, Macron offered hope for the future, and a message of solidarity that seemed to echo those once delivered by American presidents to captive nations suffering under the yoke of dictatorship — or aimed at resistance fighters in an occupied country.

“Tonight, I wish to tell the United States, France believes in you — the world believes in you,” Macron said. “I know that you are a great nation. I know your history — our common history.”

“To all scientists, engineers, entrepreneurs, responsible citizens who were disappointed by the decision of the president of the United States, I want to say that they will find in France a second homeland,” he continued. “I call on them: come and work here with us. To work together on concrete solutions for our climate, our environment. I can assure you, France will not give up the fight.”

At the end of his remarks, the French president made it crystal clear that his message was intended as a rebuke of not just his American counterpart’s decision, but his entire worldview.

“I call on you to remain confident,” Macron said, standing in front the of the flags of both France and the European Union. “We will succeed, because we are fully committed, because wherever we live, whoever we are, we all share the same responsibility: Make Our Planet Great Again.”

Macron’s social media team made sure that closing rejoinder to Trump and Trumpism was not missed by those lacking the strength or the stamina to make it to the third minute of his speech.

Trump later responded in a typically sophisticated, mature fashion.

Reuters reports that before his speech, Macron told Trump in a brief phone call on Thursday that the climate deal signed in Paris in 2015 could not be renegotiated. He added that while France would continue to work with the United States on other matters, it would no longer discuss climate issues.

The German Chancellor’s spokesman, Steffen Seibert, shared a joint statement from Angela Merkel, Emmanuel Macron and Paolo Gentiloni, the Italian prime minister, which confirmed that “the Paris Agreement cannot be renegotiated, since it is a vital instrument for our planet, societies and economies.”

Trump, whose beef with climate scientists might actually stem from his deep dismay at no longer being allowed to use aerosol hairspray, finished his own remarks by claiming a second time that he was acting to put the interests of Pittsburgh ahead of those of Paris. With this refrain, he was apparently hoping to con ill-informed voters into believing that the international agreement negotiated in the French capital, in which 195 nations agreed to limit fossil-fuel emissions for the global good, was somehow to the unique benefit of the French people.

The same minute Trump finished speaking, however, the mayor of Pittsburgh, Bill Peduto, reminded him that the city had in fact voted overwhelmingly against him.

Peduto also confirmed that the city’s government would continue to honor its obligations under the Paris framework.

The mayor of Paris, Anne Hidalgo — who was forced to respond recently to Trump’s bizarre claim that “Paris is no longer Paris,” because of the threat of terrorism — quickly seconded the Pittsburgh mayor’s affirmation of the role of local governments.

In his own response to Trump’s decision, Canada’s prime minister, Justin Trudeau, held out hope for working with local governments in American cities and states, while expressing regret at what he called a decision by “the United States federal government.”

“We are all custodians of this world,” Trudeau added, “and that is why Canada will continue to work with the U.S. at the state level, and with other U.S. stakeholders, to address climate change and promote clean growth.”

Subsequent reporting from The Washington Post on what led to Trump’s decision, and his strange focus on France, revealed that the American president has little understanding of how the climate deal works, and was also said to be “irritated and bewildered” that Macron upstaged him with a very firm handshake during their photo-op last week at the U.S. Embassy in Brussels.

Having seen Trump try to assert physical dominance over other world leaders, by pulling them forcefully towards him while shaking hands for the cameras, Macron told a French newspaper that he had come prepared. “My handshake with him, it wasn’t innocent,” Macron said. “We must show that we will not make small concessions, even symbolic ones.”

“Donald Trump, the Turkish president or the Russian president see relationships in terms of a balance of power, Macron added, likening Trump to Recep Tayyip Erdogan and Vladimir Putin. “That doesn’t bother me. I don’t believe in diplomacy by public abuse, but in my bilateral dialogues I won’t let anything pass.”

The post French President Emmanuel Macron Offers Refuge to American Climate Scientists appeared first on The Intercept.

10 May 13:21

Jimmy Carter and Bernie Sanders Explain How Inequality Breeds Authoritarianism

by Zaid Jilani
Stuart.ward.uk

what the 99% protests were all about.

On Monday night, one day after the far-right Marine Le Pen lost France’s presidential election but garnered a record number of votes for her political party, Bernie Sanders and Jimmy Carter sat down together to discuss rising authoritarianism across the globe.

The two spoke at the Carter Center, in a discussion that was streamed online.

Asked by the moderator about the rise of authoritarian politics in the United States and elsewhere, both the Vermont senator and former president agreed on a single root cause: political and economic inequality.

“I think the root of it is something that I haven’t heard discussed much,” Carter replied. “I believe the root of the downturn in human rights preceded 2016, it began earlier than that, and I think the reason was disparity in income which has been translated into the average person, you know good, decent, hard-working middle class people feeling that they are getting cheated by the government and by society and they don’t get the same element of health care, they don’t get the same quality education, they don’t get the same political rights.”

“I agree with everything that President Carter said,” Sanders replied.

“Look, here is the situation. You got all over this country tens of millions of people who are extremely angry and they are disappointed. Now we all know as a result of technology workers are producing more today than they did 20 or 30 years ago. Yet despite that you’re seeing people work not 40 hours a week, they’re working 50 or 60 hours a week. Their wages are actually going down!”

Carter and Sanders’s belief that inequality breeds authoritarianism is backed by evidence from France’s recent election.

A post-election examination of France’s presidential contest by the New York Times found that Le Pen’s support “was strongest in areas with high unemployment and low wages.” A regression analysis by The Economist came to similar conclusions.

Sanders and Carter disagreed on little during the night’s discussion, leading the former president to admit who he supported in the Democratic presidential primary.

“Do y’all see why I voted for him?” Carter joked, as the audience laughed.

Top photo: Former President Jimmy Carter, right, and Sen. Bernie Sanders discuss human rights during the Human Rights Defenders Forum at the Carter Center in Atlanta on Monday, May 8, 2017.

The post Jimmy Carter and Bernie Sanders Explain How Inequality Breeds Authoritarianism appeared first on The Intercept.

18 Apr 08:17

The Now Show 14/04/17

Stuart.ward.uk

Always good.

Steve Punt, Luke Kempner, Pippa Evans, Al Porter, Rich Peppiatt, Vikki Stone & Lucy Porter present the week in news through stand-up and sketches. Produced by Joe Nunnery A BBC Studios Production
02 May 20:27

Amazon Prime Video Now Usable On Linux, Too!

by Martin
Stuart.ward.uk

And they actually say on the requirements page that Linux systems are supported but chrome only

DRM protected content is a hotly debated topic and not without side effects but I have to admit I was somewhat glad when Netflix added support for Chrome and HTML5 playback on Linux back in 2014. At the time I also experimented with Amazon Prime video which was using Flash. Unfortunately this solution was quite unstable and thus unusable. Recently I noticed, however, that Amazon now also supports Chrome and HTML5 video playback on Linux. Over the past weeks I’ve watched a few full length movies and playback is now flawless. Well done, Amazon, thanks! … Just remove that DRM now please…

02 May 19:53

2nd Hand Computing

by Martin

Ever thought about buying a 2nd-hand notebook? Me neither until recently when a friend asked for advice. At first I was quite skeptical but it turns out it’s an interesting option and in the meantime I even bought one for myself.

I was skeptical because in the mobile space where device refresh cycles are somewhere near 18-24 months and the industry is very much in flux. It shows signs of slowing down but smartphones are carried in pockets and so after two years of use, many devices are pretty much worn out physically and need to be replaced anyway.

The story is quite different when it comes to desktop and notebook computers. There has been little ground breaking innovation compared to the mobile space, much of it concentrated on making notebooks thinner and more power efficient. From a software point of view not much has happened either. And thirdly, companies today typically lease notebooks for their employees and replace them with new models typically after 3 years. Most of those notebooks are mainly used on a desk so there is little physical wear when they are returned to the company leasing them out. Together, these things have given rise to a new type of notebook reseller companies in Germany that are refurbishing and selling desktop and notebook PCs who’s leases have expired from brands such as HP, Lenovo and Dell.

3 Year Old Models

The first 2nd-hand notebook I bought was a 3 year old Lenovo T430s for around 400 euros. Yes, you can buy a brand new notebook for the same price these days but those are low end consumer grade devices. The T430s is as high end and business grade as you can get and was sold for around 1200-1500 euros when it was new. The difference shows. Yes, it is not quite as flat and power efficient as up to date models but you get it for one third of the original price.

Still I was a bit skeptical at first but I was very pleasantly surprised when I received the shipment of a 3 year old computer that almost looked like new. Obviously the first thing I did was to replace Windows 7 with Linux. An hour of work and the notebook with a 3rd generation i5 processor, 4 GB of RAM and a 500 GB hard drive was good to go. After three months of daily use, feedback on hardware and software from its new owner was unanimously positive. Even the battery was still ok with around 80% of its original capacity which is enough for 3.5 to 4 hours of autonomy.

Older For Less

Many refurbishers also offer even older computing equipment with first generation i5 processors that are about 4-5 years old. And if money is really an issue a 5-6 year old notebook with a Core 2 Duo processor and 2 GB of RAM can be had for less than 200 euros. That’s a little bit too far on the low end for me but for people with a really tight budget it’s a real option. Ubuntu will run just fine on such a PC as I can tell from personal experience with my 6 year old media PC I use for video playback of Netflix and Amazon Video content. The 2GB RAM is a little bit on the low side these days perhaps, but for a a few extra euros this shortcoming can easily be fixed.

Reselling refurbished PCs on a greater scale is probably not only a German phenomenon but I have to admit I haven’t seen it anywhere else yet. So if you live in another country and have some information to share, please consider leaving a comment!

26 Apr 12:32

Stonewalled by NSA, Members of Congress Ask Really Basic Question Again

by Dan Froomkin
Stuart.ward.uk

If we get a figure and it is less than 99% it will be a lie.

A BIPARTISAN GROUP of lawmakers is none too happy that the executive branch is asking them to reauthorize two key surveillance programs next year without answering the single most important question about them.

The programs, authorized under Section 702 of the Foreign Intelligence Surveillance Act, are called PRISM and Upstream. PRISM collects hundreds of millions of internet communications of “targeted individuals” from providers such as Facebook, Yahoo, and Skype. Upstream takes communications straight from the major U.S. internet backbones run by telecommunications companies such as AT&T and Verizon and harvests data that involves selectors related to foreign targets.

But both programs, though nominally targeted at foreigners overseas, inevitably sweep up massive amounts of data involving innocent Americans.

The question is: How much? The government won’t answer.

Fourteen members of the House Judiciary Committee sent a letter to Director of National Intelligence James R. Clapper on Friday asking for at least a rough estimate.

“In order that we may properly evaluate these programs, we write to ask that you provide us with a public estimate of the number of communications or transactions involving United States persons subject to Section 702 surveillance on an annual basis,” said the letter. Signatories included ranking Democrat John Conyers Jr. and a senior Republican member, James Sensenbrenner.

Sen. Ron Wyden has asked for a number since 2011; the Privacy and Civil Liberties Oversight Board recommended in July 2014 that the government provide several. In October, more than 30 privacy groups asked for an estimate and explained how easy it would be to come up with one.

“House Judiciary Committee members have lent their voices to the growing chorus demanding hard facts about how foreign intelligence surveillance affects Americans,” said Elizabeth Goitein, co-director of the Brennan Center’s Liberty and National Security Program, in a statement. “The NSA will soon be asking Congress to reauthorize the Foreign Intelligence Surveillance Act, and it will repeat its past claims that any collection of Americans’ communications is merely ‘incidental.’”

But, Goitein said, “We still don’t have this basic information.”

Top photo: “Red Bricks” by Grzesiek used under CC BY, modified with NSA logo.

The post Stonewalled by NSA, Members of Congress Ask Really Basic Question Again appeared first on The Intercept.

19 Apr 15:48

The Secrets of X: These 5 Principles Will Help Your Company Make Moonshots Happen

by Peter Diamandis
Stuart.ward.uk

Some great ideas here.

This post explores the inside workings of "X" (formally Google X, Google's R&D factory) through conversations with my friend Astro Teller, chief of moonshots.

If you want to create a successful, hyper-growth company around solving tough problems, you've got to create the right culture, learn to rapidly experiment, and encourage rapid failure in your organization.

X's mission is to invent and launch "moonshot" technologies that could make the world a radically better place…dare I say, help create a world of abundance.

Astro leads a team of world-class engineers, scientists, and creatives developing solutions to dozens (perhaps hundreds) of the world's toughest problems. Some of their public projects include: the self-driving car, the smart contact lens, and Project Loon, just to name a few.

In the next two posts, we'll dive into the strategies Astro uses at X to manage his brilliant team. These strategies come from our recent discussions and Astro's 2016 TED talk, which was released a few days ago: The Unexpected Benefit of Celebrating Failure. They are important for every entrepreneur (and CEO) to consider in today's rapidly changing, exponentially empowered world.

In Part 1 (today's post), we'll talk about the importance of trying to kill ideas early and the value of setting audacious goals.

In Part 2 (next week), we'll talk about how to run high-quality experiments and why they matter.

First—What Is a Moonshot?

At X, Astro and his team look for the intersection of three key factors for the moonshots they take on. Astro explains them as follows:

  1. It’s a Big Problem: “We start with a large problem in the world that if solved could improve the lives of millions or even billions of people.”
  2. The Problem Has a Science-Fiction-Sounding Solution: “Then we propose a radical solution that sounds impossible today, almost like science fiction.”
  3. There is Technological Evidence It Could Work: “Lastly, we look for a technology breakthrough that exists today; this gives us the necessary hope that the solution we’re looking for is possible, even if its final form is five to 10 years away and obscured over the horizon.”

This unique approach to problem solving has generated some extraordinary (and some crazy) ideas at X — but the even harder part is implementing these ideas, and to do so, you have to ascribe to the following principles.

What Are the Principles for Solving 'X'?

The following principles from Astro allow X to build processes and culture around selecting and executing their ideas. This list is by no means exhaustive, but let's dive in.

Principle 1: Ideas Are the Easy Part

A lot of people think "having an idea" is the hardest part of starting a company or solving a problem.

The fact is: the idea is probably the easiest part…The world is awash with ideas, and most ideas aren't that good. (We'll get to this in a second).

The hard part is actually creating the ecosystem and infrastructure to allocate resources (talent, time, money) for rapidly evaluating and testing ideas. How do you create a culture where bad ideas are filtered out and people are continually motivated to keep trying new ideas? If you iterate enough and continuously toss out the weak ideas, you will (hopefully) eventually find a great one.

Principle 2: Try to Kill Your Best Ideas Early

If people, money and time are your most scarce resources, you don't want to waste them on ideas that won't work.

Instead, you want to kill these ideas early. The best way to do so: establish a culture that incentivizes killing ideas.

Astro explains, "The moonshot factory is a messy place. But rather than avoid the mess, pretend it's not there, we've tried to make that our strength. We spend most of our time breaking things and trying to prove that we're wrong." Astro pauses for effect: "That's it…that's the secret." He continues, "Run at all the hardest parts of the problem first. Get excited and cheer,' Hey! How are we going to kill our project today?'"

Here's two effective strategies X employs on a regular basis for killing weak ideas early:

  • Run a “Pre-mortem”: We’ve all heard of post-mortems where you analyze an idea in retrospect to find out why it failed. But what about trying to predict in advance why an idea is likely to fail? X calls this a pre-mortem. At X, teams typically vote to kill their ideas in a pre-mortem. When they do actually kill an idea, they are celebrated and rewarded by the organization.
  • Rapid “Eval-Team”: Before moving forward with a project, X employs a team to analyze the technical feasibility of projects. Given the known laws of physics and X’s available resources, is this solution physically possible? If not, kill it.

The strategy is pretty simple — you need to be constantly trying to come up with reasons your idea won't work, why you can't pull it off, why you don't have the right resources to do it, etc.

The ideas that survive this process (the ideas you literally can't kill) are the good ideas worth pursuing.

Principle 3: Set Quarterly Audacious Goals (Emphasis on "Audacious")

Most companies set quarterly goals in a contentious manner. The manager sets a high bar to stretch the employee, and the employees want to set a lower bar they know they can meet. In the end, both parties settle somewhere in the middle and nobody is happy with the result.

At X, the goal is for each team to set audacious, ridiculously hard quarterly goals.

X has a culture where each team has the objective of impressing the other teams with how audacious they're willing to be (Note: These goals should be just audacious enough that they are still plausible but not impossible).

The result is a culture of bravery and persistence.

Astro notes, "It is frequently the case that not a single person hits their audacious goals, but that's okay…"

He continues, "Create an organization that looks like Willy Wonka's Chocolate Factory and fill it with Peter Pans with PhDs. You need to make them understand and feel good about the fact that they are going to fail most of the time. And they'll love it when you let them go."

Principle 4: Failing Is Not "Wasting" Time and Money

"I often ask my project managers," Astro says, "If you had to rebuild your last project from scratch (let's say you lost all your code), how long would it take you to rebuild it, assuming you had your same team in place, to what it is now?"

"They usually say, 'I don't know…10% of the original time?'"

"There is a name for that other 90% — it's called LEARNING. The job of a great manager, a great entrepreneur, and a great CEO is to try to make that 90% time shorter. Focus on how to make it as short as possible, as efficient as possible."

If a team is working on solving a difficult problem and a manager complains that they are "wasting time and money and not getting anywhere," get rid of the manager.

That so-called wasted time is actually your team learning...

Astro continues with his advice, "It's also extremely important as a manager not to swoop in and kill projects you 'know' are going to fail."

"You have to allow your team to fail and watch the snowball effects of what they learn ripple through your organization. This creates a culture where folks will continue to try to solve problems and won't be afraid of failing."

Principle 5: Perspective Shifting Is More Powerful Than Being Smart

Sometimes shifting your perspective on solving a problem is more powerful than being smart.

This is one of X's mantras, Astro explains: "Take wind energy. It's one of my favorite examples of perspective shifting. There's no way that we're going to build a better standard wind turbine than today's experts in that industry. But we found a way to get our turbines up higher into the sky, and to get access to faster, more consistent winds, and to more energy without needing hundreds of tons of steel to get the turbines there."

He continues, "We haven't yet found a way to kill this project. And the longer it survives that pressure, the more excited we get that this could become a cheaper and more deployable form of wind energy for the world."

When you are faced with a seemingly impossible problem, sometimes you need to shift your perspective, question each assumption and see what crazy ideas may actually be the basis for a fundamental breakthrough.


Image credit: Shutterstock.com

 

06 Apr 15:40

Dr Who Returns to Earth

by Will Sweatman
Stuart.ward.uk

check the date on this one...

While searching for signs of Dalek activity in the vast depths of outer space, the Arecibo Observatory in Puerto Rico stumbled across a most interesting find. They were receiving modulated radio signals emanating from an invisible object about 25 light years away. The signals were all in the VHF band between 41 and 68 MHz. After a applying a little amplification and some wibbly wobbly timey wimey enhancements, it became clear what the signals were – 50 year old terrestrial television broadcasts. The site takes a minute or so to load due to the traffic its getting.

[Dr. Venn], the radio astronomer who discovered the signals, was able to talk NASA into pointing the Hubble Space Telescope in the direction of the now officially named “Bounce Anomaly”, but was unable to see anything. Meanwhile, a BBC team has been working with [Dr. Venn] to recover the 50 year old signals and is attempting to reconstruct entire broadcasts – some of which are the very first Dr. Who episodes.

Thanks to [PWalsh] for the tip.


Filed under: news
31 Mar 15:31

You Don’t Need To Panic About ‘Ubuntu on Windows’

by Scott Bouvier
Stuart.ward.uk

so this is adding a wine like layer to Windows to translate Linux system calls to run Linux ELF binaries on Linux.

keep calm use linux posterUp is now down, down is now left, and Microsoft is no longer evil — but are Linux lovers stuck in the past?

This post, You Don’t Need To Panic About ‘Ubuntu on Windows’, was written by Scott Bouvier and first appeared on OMG! Ubuntu!.

17 Feb 14:59

Report on the IP Bill

by Ross Anderson
Stuart.ward.uk

It is bad but not quite as bad as Ross seems to imply, I think.

This morning at 0930 the Joint Committee on the IP Bill is launching its report. As one of the witnesses who appeared before it, I got an embargoed copy yesterday.

The report s deeply disappointing; even that of the Intelligence and Security Committee (whom we tended to dismiss as government catspaws) is more vigorous. The MPs and peers on the Joint Committee have given the spooks all they wanted, while recommending tweaks and polishes here and there to some of the more obvious hooks and sharp edges.

The committee supports comms data retention, despite acknowledging that multiple courts have found this contrary to EU and human-rights law, and the fact that there are cases in the pipeline. It supports extending retention from big telcos offering a public service to private operators and even coffee shops. It support greatly extending comms data to ICRs; although it does call for more clarity on the definition, it give the Home Office lots of wriggle room by saying that a clear definition is hard if you want to catch all the things that bad people might do in the future. (Presumably a coffee shop served with an ICR order will have no choice but to install a government-approved black box. or just pipe everything to Cheltenham.) It welcomes the government decision to build and operate a request filter – essentially the comms database for which the Home Office has been trying to get parliamentary approval since the days of Jacqui Smith (and which Snowden told us they just built anyway). It comes up with the rather startling justification that this will help privacy as the police may have access to less stuff (though of course the spooks, including our 5eyes partners and others, will have more). It wants end-to-end encrypted stuff to be made available unless it’s “not practicable to do so”, which presumably means that the Home Secretary can order Apple to add her public key quietly to your keyring to get at your Facetime video chats. That has been a key goal of the FBI in Crypto War 2; a Home Office witness openly acknowledged it.

The comparison with the USA is stark. There, all three branches of government realised they’d gone too far after Snowden. President Obama set up the NSA review group, and implemented most of its recommendations by executive order; the judiciary made changes to the procedures of the FISA Court; and Congress failed to renew the data retention provisions in the Patriot Act (aided by the judiciary). Yet here in Britain the response is just to take Henry VIII powers to legalise all the illegal things that GCHQ had been up to, and hope that the European courts won’t strike the law down yet again.

People concerned for freedom and privacy will just have to hope the contrary. The net effect of the minor amendments proposed by the joint committee will be to make it even harder to get any meaningful amendments as the Bill makes its way through Parliament, and we’ll end up having to rely on the European courts to trim it back.

For more, see Scrambling for Safety, a conference we held last month in London on the bill and whose video is now online, and last week’s Cambridge symposium for a more detailed analysis.

27 Jan 17:21

RWMC – Retrieve Windows Credentials With PowerShell

by Darknet
RWMC is a Windows PowerShell script written as a proof of concept to Retrieve Windows Credentials using only PowerShell and CDB command-line options (Windows Debuggers). It allows to retrieve credentials from Windows 2003 to 2012 and Windows 10 (It was tested on 2003, 2008r2, 2012, 2012r2 and Windows 7 – 32 and 64 bits, Windows […] The post...

Read the full post at darknet.org.uk
26 Jan 17:42

How a Small Company in Switzerland Is Fighting a Surveillance Law — And Winning

by Jenna McLaughlin
Stuart.ward.uk

Let this be an example to the UK and their Snoopers Charter

A small email provider and its customers have mobilized to force the Swiss government to put its new invasive surveillance law up for a public vote in a national referendum in June. (See correction below.)

“This law was approved in September, and after the Paris attacks, we assumed privacy was dead at that point,” said Andy Yen, co-founder of ProtonMail, when I spoke with him on the phone. He was referring to the Nachrichtendienstgesetz (NDG), a mouthful of a name for a bill that gave Swiss intelligence authorities more clout to spy on private communications, hack into citizens’ computers, and sweep up their cellphone information.

The climate of fear and terrorism, he said, felt too overwhelming to get people to care about constitutional rights when people first started organizing to fight the NDG law. Governments around the world, not to mention cable news networks, have taken advantage of tragedy to expand their reach under the guise of protecting people, even in classically neutral Switzerland — without much transparency or public debate on whether or not increased surveillance would help solve the problem.

But thanks to the way Swiss law works — if you get together 50,000 signatures within three months of the law passing — you can force a nationwide referendum where every citizen gets a say.

“In Switzerland, and overseas, no one really thought to ask the people,” Yen said. “The public opinion, especially from the young people, has shifted to pro-privacy.”

By gathering its users and teaming up with political groups including the Green and Pirate parties, as well as technological and privacy advocates including Chaos Computer Club Switzerland and Digitale Gesellschaft Switzerland, ProtonMail was able to contribute to the effort to collect over 70,000 signatures before the deadline. (See correction below.)

The new law is the first of two surveillance laws that have been circulating through the Swiss Parliament. The NDG law was fully passed in September, but can’t take full effect until after the referendum vote in June. The NDG would “create a mini NSA in Switzerland,” Yen wrote — allowing Swiss intelligence to spy without getting court approval. It would authorize increased use of “Trojans,” or remote hacking tactics to investigate suspects’ computers, including remotely turning on Webcams and taking photos, as well as hacking abroad to protect Swiss infrastructure. It would legalize IMSI catchers, or Stingrays, which sweep up data about cellphones in the area.

The second law, known as the “BÜPF,” might come up for a vote in the Parliament’s spring session, but may be revised or delayed. The BÜPF would expand the government’s ability to retain data for longer, including communications and metadata, as well as deputize private companies to help spy on their users, or face a fine. “What I have heard from insiders is that they will reduce its scope now that they know we have the numbers to also force a vote on that law,” Yen wrote in an email to The Intercept.

ProtonMail, created by scientists and engineers with know-how in particle physics, software, cryptology, and civil liberties, provides unbreakable end-to-end encryption by default to its users for free — making it easy for ordinary people to protect their communications and preserve their anonymity.

With end-to-end encryption, only the person who sends the message and the person who receives it can access the content; not even the company can see what was written. Encryption protects transactions on the internet, so that criminals can’t read messages, steal credit card information, or impersonate others.

The Swiss surveillance bill does not compel ProtonMail to decrypt its users’ communications, so if the Swiss intelligence service forces it to hand over data, all the intelligence service will get is gobbledygook. But ProtonMail still feels the measure threatens Swiss privacy — something the company hopes to defend, regardless of its bottom line.

There are some strong political currents in Europe, as in the United States, beating strongly against encryption and privacy — which law enforcement says prevents them from accessing evidence with a warrant. Lawmakers, government officials, and law enforcement agencies alike have been pushing for a way to gain access into uncrackable end-to-end encryption. Scientists collectively agree this is a bad idea, and would threaten the security of the internet without actually helping anyone catch bad guys.

As of November, 14 countries had passed new laws bequeathing more power to intelligence agencies to spy. France’s upcoming surveillance law, though it will not mandate backdoors in encryption, will allow law enforcement more surveillance powers, including to spy on phone calls and emails without a judge’s approval and install key logger devices on suspects’ computers to retrieve their passwords. The Chinese government passed a law in December requiring companies to turn over encryption keys, and the Cuban government has the power to approve all encryption technology before it hits the market. In Bahrain, where dissenting political speech is condemned, encryption is outlawed for “criminal intentions.”

The U.K.’s Investigatory Powers Bill, or “Snooper’s Charter,” as many call it, could compel companies to help the government circumvent encryption if it becomes law, according to privacy advocates familiar with the draft legislation.

Other countries’ laws might affect ProtonMail’s business overseas, as well as major American companies offering end-to-end encryption, like Apple.

According to Yen, issues of national security and privacy aren’t usually brought to a vote by the entire country. Nationwide referendums aren’t all that common — they happen maybe five or six times a year, usually when the government wants to build something expensive and people don’t want to pay for it. Forcing a referendum is a lengthy, pricey process, he says.

But now, the Swiss want to be an example for the rest of the world by “pushing to make data a cornerstone of the Swiss economy,” he said. “When you talk about data privacy, all our data goes online — we have to find a way to secure it. At the end of the day this privacy comes as a result of security.”

The same fight is brewing in the U.S., where people might have to be more creative and forceful to make their opinions heard. “ProtonMail went out to get signatures, worked with political parties, the Green party, the Pirate party. In the U.S., maybe with non-mainstream political groups, with the support of young people, and a few of the technology companies — there’s a real chance,” Yen said.

“A couple months ago we thought this referendum was totally impossible. Now here we are.”

Correction: An earlier version of this article overstated the role of ProtonMail and understated the role of the parties whose names were on the referendum committee that formally submitted signatures to the Swiss Parliament. The committee was spearheaded by the Young Socialists Party, and included the Social Party, Green Party, the rights groups Grundrechte.ch and Digitale Gesellschaft, the Group for a Switzerland without an Army (GSoA), the Pirate Party, the media syndicate Syndicom, the Labor Party of Bern and Tessin (PDA), Basler Fankurve, Swiss football supporters, and four others. ProtonMail was supportive of the effort but was not formally included on the referendum committee

Top photo: Swiss citizens bring boxes of signatures to the Swiss Parliament. 

The post How a Small Company in Switzerland Is Fighting a Surveillance Law — And Winning appeared first on The Intercept.

13 Dec 16:20

Amazon Deal of the Day: Amazon Fire TV Gaming Edition + Great Gift Ideas at AMAZING Prices!

by Geeks are Sexy

firetv

We’ve got a lot of stuff for today, so if you’re still looking for that perfect gift for someone, check these deals out, including the all-new Fire TV Gaming Edition (Over 800 games available for now!)

Save $25 on the All-new Fire TV Gaming Edition$139.99 $114.99

Save Up to 73% on Popular TV shows and Movies

Kindle E-Reader – $79.99 $59.99

$25 Applebee’s Gift Card for just $18.75! (25% Off)

40% and more off Giftable Toys

70% or More Off Luggage and Travel Gear

Save BIG on Holiday Lights and Decorations

Miracle-Gro AeroGarden Bounty with Gourmet Herb Seed Pod Kit$319.95 $179.95 (44% Off)

Up to 40% Off Select Graco Car Seats, Strollers and Gear

The post Amazon Deal of the Day: Amazon Fire TV Gaming Edition + Great Gift Ideas at AMAZING Prices! appeared first on Geeks are Sexy Technology News.

06 Nov 15:38

New Zealand Spy Watchdog Investigating Country’s Ties to CIA Torture

by Dan Froomkin

New Zealand’s spy watchdog has launched an inquiry into her country’s links to the CIA’s detention and interrogation program.

Cheryl Gwyn, the inspector general for intelligence and security, said the U.S. Senate Intelligence Committee report released in December 2014 named a number of countries that were involved in the torture and inhumane treatment of detainees — “but the names of those countries have been redacted.”

That wasn’t OK with her.

“I identified a public interest in inquiring into whether New Zealand’s intelligence agencies and personnel knew or were otherwise connected with or risked connection to the activities discussed in the U.S. Senate Report,” she wrote in her annual report released Wednesday.

Gwyn wrote that her inquiry “does not suggest or presuppose that New Zealand agencies or personnel were in any way connected with those activities.” But she said she does intend to find out whether there was such a connection — and “whether there were and/or now are any safeguards in place or other steps taken to address any connection or risk of connection to such activities.”

The New Zealand Herald first reported the investigation. “She’s opened a can of worms here because there was no reason for her to open this inquiry unless she saw something,” the paper quoted a security analyst, Paul Buchanan, telling Radio New Zealand.

Gwyn also announced that she has developed a “formal internal policy for handling protected disclosures, or ‘whistleblowing,'” and is trying to get the country’s intelligence agencies to adopt it.

“The Edward Snowden disclosures demonstrate how critical it is to have a clear path, with appropriate protections, for disclosing information about suspected wrongdoing within an intelligence and security agency,” she said in a statement.

 

The post New Zealand Spy Watchdog Investigating Country’s Ties to CIA Torture appeared first on The Intercept.

30 Dec 19:13

JPMorgan Chase hack due to missing 2-factor authentication on one server

by Peter Bright

JPMorgan Chase was among five banks that were reported to have been hacked earlier this year, and details have emerged on how the hack took place.

When news first broke in August, it was believed that a zero-day Web server exploit was used to break into the bank's network. Now, however, The New York Times is reporting that the entry point was much more mundane: a JPMorgan employee had their credentials stolen.

This shouldn't have been a problem. JPMorgan uses two-factor authentication, meaning that a password alone isn't sufficient to log in to a system. Unfortunately, for an unknown reason one of the bank's servers didn't have this enabled. It allowed logging in with username and password alone, and this weak point in the bank's defenses was sufficient for hackers to break in and access more than 90 other servers on the bank's network.

Read 2 remaining paragraphs | Comments

04 Sep 11:42

Pixels

Stuart.ward.uk

one of the best

25 Jun 11:35

UK secretary of state: "There is no surveillance state"

by Cory Doctorow