Shaun O. Harrison, a former Boston English High School dean and Dorchester reverend, was arraigned Thursday after allegedly shooting a student ‘execution-style’ in Roxbury on Tuesday night.
Cutting-edge security technology like Exchange webmail and an SSL VPN, huh?
When Hillary Clinton ditched government email in favor of a secret, personal address, it wasn't just an affront to Obama's vaunted transparency agenda—security experts consulted by Gawker have laid out a litany of potential threats that may have exposed her email conversations to potential interception by hackers and foreign intelligence agencies.
"It is almost certain that at least some of the emails hosted at clintonemails.com were intercepted," independent security expert and developer Nic Cubrilovic told Gawker.
Within the instant classic "ClintonEmail.com" domain, it appears there are three separate servers. The domain's blank landing page is hosted by Confluence Networks, a web firm in the British Virgin Islands, known for monetizing expired domain names and spam.
But the real worry comes from two other public-facing ClintonEmail.com subdomains, which can allow anyone with the right URL to try to sign in.
One is sslvpn.clintonemail.com, which provides a login page that apparently uses an SSL VPN—a protocol that allows your web browser to create an encrypted connection to a local network from any internet connection—to users to access their email. That sounds secure, and under the right circumstances, for regular users, it can be. But there are two huge problems with using it for the Secretary of State's communications with her staff and others.
First: Anyone in the world with that URL can attempt to log in. It's unclear what exactly lies on the other side of this login page, but the fact that you could log into anything tied to the Secretary of State's email is, simply, bad. If the page above is directly connected to Clinton's email server, a login there could be disastrous, according to Robert Hansen, VP of security firm WhiteHat Labs:
It might be the administrative console interface to the Windows machine or a backup. In that case, all mail could have been copied.
What's more troubling is the fact that, at least as of yesterday, the server at sslvpn has an invalid SSL certificate. Digital certificates are used to "sign" the encryption keys that servers and browsers use to establish encrypted communications. (The reason that hackers can't just vacuum the internet traffic between your browser and Google's Gmail servers and read your email is that your browser is encrypting the data to a public encryption key. The reason that you know that you are encrypting to Google's key and not to, say, the People's Liberation Army's, is that the Gmail servers have a digital certificate from a trusted third-party confirming that the key is theirs.)
When you attempt to access sslvpn.clintonemail.com using Google's Chrome browser, this is what you see:
The apparent reason for that message is that the certificate used by Clinton's server is self-signed—verified by the authority that issued it, but not by a trusted third party—and therefore regarded by Google's Chrome browser as prima facie invalid. The government typically uses military-grade certificates and encryption schemes for its internal communications that designed with spying from foreign intelligence agencies in mind. But the ClintonEmail.com setup? "If you're buying jam online," says Hansen, "you're fine." But for anything beyond consumer-grade browsing, it's a shoddy arrangement.
Security researcher Dave Kennedy of TrustedSec agrees: "It was done hastily and not locked down." Mediocre encryption from Clinton's outbox to a recipient (or vice versa) would leave all of her messages open to bulk collection by a foreign government or military. Or, if someone were able to copy the security certificate Clinton used, they could execute what's called a "man in the middle" attack, invisible eavesdropping on data. "It's highly likely that another person could simply extract the certificate and man in the middle any user of the system without any warnings whatsoever," Hansen said.
The invalid certificate would have also likely left Clinton vulnerable to widespread internet bugs like "Heartbleed," which was only discovered last spring, and may have let hackers copy the entire contents of the Clinton servers' memory. Inside that memory? Who knows: "It could very well have been a bunch of garbage," said Hansen, or "it could have been her full emails, passwords, and cookies." Heartbleed existed unnoticed for years. A little social engineering, Hansen said, could give attackers access to Clinton's DNS information, letting them route and reroute data to their own computers without anyone realizing. "It's a fairly small group of people who know how to do that," Hansen noted, but "it's not hard—it's just a lot of steps."
"It was done hastily and not locked down."
We don't know, of course, if the current state of Clinton's servers is representative of the security precautions that were in place while she was using it as Secretary of State. The system could have previously been hardened against attack, and left to get weedy and vulnerable after she left government. We don't know. But that's part of the problem—at the Department of State, there is accountability for the security of email systems. If we learned that State's email servers had been hacked or left needlessly vulnerable, there would be investigations and consequences. With Clinton's off-the-books scheme, there are only questions.
The final address behind ClintonEmail is a mail host, mail.clintonemail.com, which will kick back an error message when visited directly:
But if you plug in a different URL with the same mail server, you're presented with a user-friendly, familiar Outlook webmail login:
This is basically no more secure than the way you'd log into AOL, Facebook, or any other website. There's no evidence that Clinton (or her staffers) used this web interface to check their emails, as opposed to logging in through a smartphone or other email software. But its mere existence is troubling enough: there have been five separate security vulnerabilities identified with Outlook Web Access since ClintonEmail.com was registered in 2009. These security bugs include doozies like "a flaw that may lead to an unauthorized information disclosure" (2010) and "a remote attacker can gain access to arbitrary files" (2014).
But even without exploiting software bugs, Hansen says leaving a public login page for something that's meant to be private is "pretty much the worst thing you can do." Clinton's Outlook form could've been susceptible to a brute force attack—where random combinations of words and characters are tried until one of them works—or an old fashioned denial of service assault. "Even if she had a particularly strong password," Hansen said, a brute force attack will "either work eventually—foreign militaries are very good at trying a lot—or it'll fail and block her from accessing her own email."
If Clinton had been using a government account, Hansen explained, her messages with colleagues would all be held within one relatively tidy system, monitored by the federal government. It's the difference between doing your laundry at home and dropping it off. But with a private account, you're introducing many separate points of failure; every single company in this custom system is a place to pry and attack. "Any joe hacker" could get inside with enough knowledge and time, according to Hansen.
"Pretty much the worst thing you can do."
Cubrilovic echoed Hansen's concern: "When you are a staffer in a government department, internal email never leaves the network that the department has physical control over," he told me. But "with externally hosted email every one of those messages would go out onto the internet," where they're subject to snooping.
Security researcher Kenn White agrees that private internet access stirs up too many dangerous variables while emails bounced from person to person:
I think the bigger security concern here is the complete lack of visibility into who has been administering, backing up, maintaining, and accessing the Secretary's email. If classified documents were exchanged, who viewed them? Were they forwarded? Where multiple devices (ie, mobile phones and tablets) configured to access the account? Was encryption required or optional for remote access?
Cubrilovic agreed that opting out of the government's system is an awful idea for someone with a hacker bullseye on her back: "having a high profile target host their own email is a nightmare for information security staff working for the government," he told me, "since it can undo all of the other work they've done to secure their network." The kind of off-the-shelf email service it appears Clinton used comes with a lot of inherent risk, especially since a pillar of her job is overseas travel:
With your own email hosting you're almost certainly going to be vulnerable to Chinese government style spearphishing attacks—which government departments have enough trouble stopping—but the task would be near impossible for an IT naive self-hosted setup.
While some of these hacking scenarios may sound outlandish or far-fetched, keep in mind that Clinton's emails would have been a prime target for some of the globe's most sophisticated state-sponsored cyberwarriors—the Chinese, the Israelis, the Iranians. The very existence of Clinton's private account was revealed by the hacker Guccifer, an unemployed Romanian taxi driver who managed to gain access to former Clinton aide Sidney Blumenthal's AOL account with relative ease. The Hillary account was reported by Gawker in 2013, and White House spokesman Eric Schultz used that story to argue that the Clinton email story was old news: "This was public years ago," he told Business Insider, linking to the 2013 Gawker story.
Which is another way of saying that foreign intelligence agencies have had two years to work on the target.
Yeah, surprise turned to outrage real quickly this week when I discovered I wasn't allowed to use the new PS4 app.
HBO Go just made its way to Playstation 4except Comcast subscribers can't get it. Customers have been complaining that they cant watch HBO on their PS4, even though they pay for itand theres been no explanation from Comcast.
It appears, however, that Comcast blocking HBO Go on certain devices is a violation of the new net neutrality rules, experts say.
This sort of blocking isn't new. For Comcast subscribers, HBO doesn't work on Playstation 3 and it also doesn't work on the Amazon Fire streaming box. It didn't work on Roku, an internet-connected streaming box, until December, after Roku filed a complaint with the FCC about it. For customers who use other service providers, such as Verizon, Time Warner Cable, and AT&T, HBO Go works fine on Playstation 4, Playstation 3, Roku, and every other streaming device.
Months of complaining on the Comcast forums by customers only warranted a response last month from a Comcast employee, who said that HBO Go streaming availability falls into the category of "business decisions and deal with business terms that have not yet been agreed to between the parties."
Comcast's response makes it hard to pin this on anyone in particular, unless you ask them. And HBO told me it has nothing to do with it. I asked HBO why it's not streaming on Playstation right now:
"Those are questions for Comcast," a spokesperson for the company said. "It is their decision."
Last week, the FCC approved new rules for the internet that prevent service providers, like Comcast, from blocking, slowing down, or charging extra for certain types of information. If Comcast is indeed shaking down Sony or HBO for more money in order to unblock HBO Go on new devices, then it's probably a net neutrality violation under the new rules.
"If, say, the box works, and you have no problem streaming other content, but somehow the HBO Go application doesn't work, absent an additional paymenteither from HBO or the customer, then, yeah, it should be covered by net neutrality rules and be treated as straight up blocking and discrimination," Matt Wood, policy director for Free Press, one of the groups that pushed most strongly for net neutrality rules, told me.
That's most likely what is going on here, Wood said, and HBO confirmed. It doesn't really make business sense for HBO to be preventing Comcast from pushing out its content to subscribers, in whatever form.
"It is HBOs ongoing goal to provide our acclaimed programming to subscribers whenever and wherever they want it," the company added. "The launch of HBO GO on PS4 continues to accomplish that and we are hopeful that all of our distributors will ultimately choose to support the service on the PS4 platform.
But we still don't really know the specifics. Is Comcast asking for money from HBO? From Sony? From both? Roku, in a filing to the FCC, noted that authentication agreements that allow their technology to work with specific service providers are shady and bad for consumers.
"While an ISP can throttle content delivery speeds to effect anti-competitive discrimination, throttling is only the most transparent of a long list of discriminatory actions than an ISP with market power can undertake," the company wrote. "[Others] include control over data caps and authentication to hinder content and platforms that directly compete with the ISP's own or affiliated content."
Comcast, as part of a deal to offer an "internet plus" cable package that includes HBO, has a whole suite of on demand HBO shows, and it wants you to watch them through a Comcast cable box.
"Xfinity customers who subscribe to HBO do have access to the full HBO library via their set to box, or via Xfinity TV Go platforms across devices. We also currently authenticate more than 90 networks across 18 devices," Comcast told me. "There is no shortage in the number of ways for our customers to access their content across the devices and platforms of their choice."
Unless, of course, your choice is to watch HBO that you pay for on a Playstation, with a Comcast connection. That's exactly the kind of decision that net neutrality rules were designed to prevent.
"Comcast can make a superficial statements like, if they can get it through our system, who cares? Well, it's the kind of decision we don't want Comcast making for consumers," Wood said. "Is it exactly the same thing? Or are they making a business decision that cripples someone else's technology?"
"Such living systems can be self-powered through in-taking water, air and food. These hybrid robots utilize the behaviours of insects combined with electronics, and can be used in many applications where conventional robots cannot be efficiently employed. Hybrid insect robots are expected to enable new advances in deployment, search and rescue, and information gathering operations. They will benefit areas such as homeland security, emergency services, construction and mining. The uniqueness of this research is in the integration of robotic systems with a living organism as a platform."
Plants and Animals
Photo credit:
Carlos Sanchez, Mechanical Engineering, Texas A&M University
When disaster strikes, every minute counts—especially when itcomes to rescuing survivors who could be trapped. In an effort to find survivors more quickly, researchers have developed bionic cockroaches that can be controlled to maneuver through rubble and tight spaces better than a robot would be able to. The research, led by Hong Liang of Texas A&M University, was described in a new paper published in the Journal of the Royal Society Interface.
Jesus needs your money because Y2K. This television ad for Jack and Rexella Van Impe's Y2K scare video combines the exploitation of Christ for cash, computer scares, the end is near, and hacker graphics. It's pretty great.
Scientists have discovered a new hormone that appears to regulate sensitivity to insulin and normalize metabolism. When the researchers administered this newly identified molecule into mice fed a high-fat diet, it not only prevented them from becoming obese, but it also promoted a restoration of metabolic balance, which are two of the beneficial effects associated with exercise.
Indian food, with its hodgepodge of ingredients and intoxicating aromas, is coveted around the world. The labor-intensive cuisine and its mix of spices is more often than not a revelation for those who sit down to eat it for the first time. Heavy doses of cardamom, cayenne, tamarind and other flavors can overwhelm an unfamiliar palate. Together, they help form the pillars of what tastes so good to so many people.Read full article >>
Still missing: any goddamn way to play stuff off a LAN.
HBO Go is FINALLY coming to PS4 today, which is wonderful news for those of us sick of having to switch HDMI cables just to watch reruns of Curb Your Enthusiasm.
A great idea, right up until something you didn't intend drops a spore in your freshly-printed agar basket...
Food designer Chloé Rutzerveld's concept for "healthy and sustainable" 3D-printed snacks that sprout little herbs and mushrooms sounds like something we'd very much like to munch. Read the rest
The New York Times today
has a preview of the Department of Justice’s report on Ferguson,
Missouri. The full report will be released tomorrow. Here’s what
the Times knows about the
report:
Police officers in Ferguson, Mo., have routinely violated the
constitutional rights of the city’s black residents, the Justice
Department has concluded in a scathing report that accuses the
officers of using excessive force and making unjustified traffic
stops for years.
The Justice Department, which opened its investigation after a
white Ferguson police officer shot and killed a black teenager last
summer, says the discrimination was fueled in part by racial
stereotypes held by city officials. Investigators say the officials
made racist jokes about blacks on their city email accounts.
The population of Ferguson is 67 percent black. But 85 percent
of all traffic stops from 2012 to 2014 were of blacks, as were 85
percent of all cases of use of force during that timeframe. Blacks
accounted for 90 percent of all citations. Black motorists were
twice as likely to be searched than whites, but were half as likely
to have drugs or guns or other contraband.
One of the
racist jokes referenced dated back to November 2008 and said
that President Barack Obama wouldn’t be president for long because
“what black man holds a steady job for four years?”
The full report has not been released by the Department of
Justice, so we only have this very preliminary information for now.
Completely separate from these findings, the DOJ is still expected
to clear Ferguson Police Officer Darren Wilson of any civil rights
violations for shooting and killing Michael Brown last summer.
Below, Reason TV went to Ferguson to talk to citizens about the
culture of harassment there:
i’m so invested in toronto’s mystery tunnel story. after a month of fruitless investigating and a week-long public appeal from the police, two anonymous guys have admitted to building the whole thing for funsies. that’s it, no big deal. just guys being dudes. they just dug a 30-foot tunnel for personal reasons. case closed. amazing.
god fuckign damn it i had hopes, i had fucking hopes this wasnt going to to fucking happen, you are all fucking fuckernauts, what the fuck is wrong with you aesthetic bloggers?!? this is the glitter coffee shit all over again, fuck all of you, fuck no this is not okay
The Amazon angle is literally the least interesting thing here.
Tina Engler and her friend Christian at Black’s home in West Hollywood.
Photo: Jeff Minton
Jaid Black, the “queen of steam,” isn’t feeling well, so she’s dispatched Christian, a muscular, handsome 40-something, to greet me at the front door of her West Hollywood home. It’s tempting to refer to Christian as a manservant, because a beefcake butler whose modeling bio boasts of a knack for finding G-spots would fit tidily into this story (and he does ask if we need anything), but in fact, he’s an aspiring actor and personal trainer to A-list talent agent Kevin Huvane. He’s also a friend of Black’s who’s willing to fetch the chocolate-caramel creamer for her coffee.
Black, 43, whose real name is Tina Engler, sits outside on this sunny day in November near a half-filled pool with a fountain that recycles murky water, a casualty of the state’s epic drought. An author and the founder of Ellora’s Cave, a digital-first publishing company that specializes in women’s erotic literature, she rises from the table to greet me wearing a Jimi Hendrix tee and black lounge pants, her dirty-blonde hair arranged in cornrows with electric-blue extensions. An orange-and-white tabby extends his regards as well. “Henry,” snaps Engler, as the cat jumps onto the table beside me, “she does not want your butthole in her face.”
Engler is an underappreciated pioneer, a self-proclaimed feminist in furry-cat slippers. To put her crowning achievement demurely, she challenged the book-publishing industry’s denial of women’s appetite for sexually explicit books. She wrote tawdry, lowbrow novels, and published hundreds of others, that freed romance from its lame euphemisms well before Fifty Shades of Grey, and she did so in a digital format long before the Kindle and the iPad allowed e-books to flourish.
To put it less demurely: There were readers out there, lots of them, who didn’t want to read about thick manroots. They wanted hard cocks. So that’s what Ellora’s Cave gave them. Easily and often.
Lately, though, things have gone limp. As recently as 2012, Ellora’s Cave was netting more than $10 million per year, an unfathomable sum to Engler when she started the company in 2000 as a way to self-publish. Most of the money was flowing in through Amazon at a rate as high as $500,000 or $600,000 per month, according to Patty Marks, Engler’s mother, who works as Ellora’s Cave’s CEO. But in 2013, revenue dropped by more than $2 million, a trend that continued in 2014 and seems destined to continue this year.
For this, Engler holds Amazon responsible, claiming that it’s started competing with Ellora’s Cave titles by offering similar works by other authors, many of whom self-publish via Amazon’s Kindle Direct Publishing (KDP), at free or discounted rates—even when customers search specifically for one of her company’s books. Engler’s eyes well up at the first mention of the online-retail behemoth. “Without them, I never could’ve risen to the heights that I did,” she says. “It’s feels like we’re going through a painful divorce.”
Engler lights a Benson & Hedges menthol—the first of many. She informs me of her panic disorder and agoraphobia, which has contributed to a bad case of writer’s block, as she can no longer “separate arousal from anxiety.” A desire to ease that psychological burden is part of the reason why, three years ago, she began splitting her time between California and Akron, Ohio, where Ellora’s Cave is based, and where her mother and Engler’s two daughters, ages 24 and 17, still live. (She met, then married, her husband, David Roy Keen—who is not the girls’ father—while he was in jail for homicide. They’d been pen pals. “There was something lonely about him that I latched on to,” Engler says. Keen is incarcerated in Florida.)
But the West Coast relocation has not been the cathartic experience Engler hoped for. She has recently come under fire from some authors and former editors for bringing a defamation suit against a popular blogger, Jane Litte, who questioned Ellora’s Cave’s business operations—in effect accusing Engler of being a secretive and bullying middleman, not unlike Amazon.
“I’ve fallen out of love with this industry,” says Engler glumly. “People who don’t know it probably think it’s syrupy sweet. I wish.”
Minus the manservant and public feud, Engler’s experience is instructive of the tenuousness of digital-book publishing and how beholden it is to Amazon. Big-name authors like James Patterson and publishers like Hachette have lamented the company’s practices, but smaller entities like Ellora’s Cave are at greater risk of seeing everything they’ve built disappear.
The apple in Ellora’s Cave’s origin story is sort of a cross between the one that tempted Eve and the one that landed on Newton’s head: In 1996, while living in Tampa and working as a reservations agent for Continental Airlines, Engler discovered a book by Johanna Lindsey called Prisoner of My Desire, a historical romance published in 1991. Looking for some escape from a “depressing” life, Engler could not turn the pages fast enough when it came to the story of the “little wench” Rowena and her beloved Lord Warrick. She devoured the rest of Lindsey’s backlist in a month, with one complaint. “A lot of times the characters just shut the bedroom door,” she recalls. “Like, really? Let’s have blow jobs, or something.”
Engler started playing around with her own ideas, including a book about a woman who becomes the sex slave of a barbaric alien. That book, The Empress’ New Clothes, was rejected, along with a few of Engler’s novels, by Harlequin, the imprint long synonymous with the genre, and the romance divisions of New York’s big-five (then, six) publishers. According to Engler, the feedback was uniform: No one wants to read anything so graphic. (Most C-words you can think of appear approximately 30 times each in Empress, and the oral sex that Engler found glaringly absent from earlier bodice-rippers is commonplace and reciprocal.) “I was like, Either I’m a sexual deviant, which is always a possibility, or they’re wrong,” says Engler of publishers’ reluctance to print raunchy material. She sips from a can of Grapeade. “Turned out they were wrong.”
She decided to create a website and digitally release the books herself for $4 or $5 apiece. Engler could accept only PayPal, and in the beginning, she would email customers files individually. She also flooded sites like Amazon, which back then sold the books on CD-ROM, with positive reviews of her own work. Engler estimates that she made $40,000 after the first year, and come 2003, revenue was up to $1 million. Along the way, she hired part-time contract editors as well as her mother, who’d worked in the financial-aid office of several private colleges, to help manage the money.
Cris Anson, a Pennsylvania-based author, discovered Ellora’s when one of its editors visited her writers’ group in 2003. Like Engler, Anson had been turned away from New York publishers for being “too racy.” She has since published 15 titles with Engler, most of which feature BDSM elements, and has met with modest success. “I’ve never made less than a hundred dollars a month, but I’ve made considerably more,” she says.
Ellora’s Cave’s royalties system entitles authors to between 40 and 45 percent of their books’ profits, considerably higher than the industry standard of 25 percent for digital sales and more than double the percentage for print sales at major publishers like Harlequin (now owned by HarperCollins). For a best-selling author like Laurann Dohner, whose popular “New Species” series explores lust amid nefarious scientific experimentation, this could mean revenue in the ballpark of $100,000 per month.
By 2010, the industry was changing radically, although no one quite understood it yet. The e-book market was getting more crowded, and romance led the way—and still does. By some estimates, e-books account for almost half of all romance sales, and data from Nielsen puts those figures well ahead of digital sales for every other genre. Meanwhile, self-publishing platforms like Amazon’s KDP, Apple, and Kobo helped authors do exactly what Engler did: bypass traditional publishing gatekeepers and hope for a hit.
Bella Andre, a Stanford grad and former musician, got her feet wet writing novellas for Ellora’s Cave before turning to self-publishing. “They were the forefront of digital romance,” she says of the company. “I just could never write dirty enough for the audience.” Like Engler, her real success began when she left the New York houses behind. So she started self-publishing, collected 70 percent of every book sold, and now claims to earn “a solid seven figures a year” writing approximately four books annually—a far cry from the $20,000 per year she was making from the big five.
The flip side of Andre’s success—which, though not singular, is rare—is what Engler calls the “unedited slush piles” that self-pubbing has permitted. For every romance writer who prefers the comfort of working with an editor, it appears there’s another who wants to churn out copy and collect some money. That creates a surplus of choice for consumers, and makes it hard for publishers to build brand loyalty. Marks says that initially, such preponderance made little difference to Ellora’s Cave’s bottom line. It wasn’t until late 2013 that she noticed a plummet in sales via Amazon, the company’s biggest distributor. It had been pulling in roughly half a million dollars a month, but suddenly that figure dropped 60 percent. According to Engler, there was no precipitating event, unlike with Hachette Book Group, which last year engaged in a well-publicized dispute with Amazon when the retailer demanded Hachette lower the price of its e-books. Hachette refused, and Amazon delayed deliveries of its books and refused to accept preorders of its titles.
I reached out to Amazon to ask why, if I typed Jaid Black’s name into the search engine, the first two books to pop up would be by different authors and available for free (the same for Laurann Dohner). Amazon declined to comment. Engler said that when she or Marks has made similar inquiries, “we got the corporate Kool-Aid: ‘We’re here for the consumers.’ ” Engler believes Ellora’s is a victim of Amazon’s “Gazelle Project,” a term coined by publishing insiders after CEO Jeff Bezos said that Amazon should “approach these small publishers the way a cheetah would pursue a sickly gazelle” and reduce visibility of books from publishers thatdidn’t adhere to its financial demands, according to Brad Stone’s 2013 book, The Everything Store: Jeff Bezos and the Age of Amazon. But Amazon made no demands on Ellora’s Cave, leaving Engler and Marks to wonder if their downward turn is the result of dealing with a distributor who doesn’t seem to mind if its smaller e-book partners disappear, thus clearing the way for its own publishing efforts.
Then again, it’s not entirely clear whether Amazon’s hyperaggressive approach or Ellora’s Cave’s failure to anticipate marketplace changes is to blame for the latter’s troubles. Amazon has access to sales data, so theoretically it knows which digital-first authors would be worth signing up for KDP, therefore squeezing out other publishers. But self-publishing has been an emerging competitor for some time, and Ellora’s Cave hasn’t seemed to respond nimbly. The company is due to renegotiate its contract with Amazon in May and hopes, obviously, to seek more favorable terms.
In the meantime, Ellora’s is not in a good position to be so sharply undercut on price. In August 2014, the company let go 15 contractors, mainly editors and a few cover artists. Marks sent an email, later leaked, that informed its authors of the downsizing and the drastic drop in Amazon sales, and encouraged them to send readers away from the retail giant and to Ellora’s official site or other third-party vendors instead.
More trouble, of a different type, arrived a month later via the aforementioned blogger, Jane Litte. Dear Author, a romance-industry blog run by a lawyer who writes under the Litt pseudonym, shared emails from authors who hadn’t been paid by Ellora’s Cave for months, some of whom were afraid to speak out for fear that they would never see their money. Litte referred to Marks’s leaked email, though she didn’t mention Amazon’s alleged role in Ellora’s Cave’s troubles, and instead implied a mishandling of revenue and general malfeasance and suggested the company was on its way to bankruptcy. Ellora’s Cave says it was never asked to comment.
A mild panic ensued. Some authors demanded that Ellora’s Cave return the rights to their books, while others took to their own blogs to vent grievances over late royalty payments and backdated checks. Engler responded with a defamation lawsuit. (The case is ongoing.) Not only were these authors afraid that Ellora’s Cave was going to go bankrupt and leave them stranded without income, authors unconnected to the company were whipped into a First Amendment froth over what it would mean if Engler were able to silence—via its defamation lawsuit—the blogger, Litte, who reported on the company’s troubles. The situation escalated as each side accused the other of bullying, and the online climate quickly turned toxic. Someone with the Twitter handle @pubnt, whose bio specifies that they are “not associated with Ellora’s Cave,” has nonetheless been picking fights with and occasionally “doxxing” (posting private information publicly online about) some of the company’s detractors. Engler claims she has no idea who the person is but says Litte has made a lot of enemies.
Litte cannot speak to me due to the pending litigation, but from Ellora’s Cave’s perspective, the Dear Author post contained damaging falsehoods—the company says it’s in no danger of bankruptcy and admits that, while royalty payments have been delayed, it’s still meeting its contractual obligations. It blames any missed payments on faulty accounting software that has made it cumbersome to manage the more than 800 authors who receive checks every month but says the kinks are almost worked out. Ellora’s Cave believes that Litte chummed the waters, resulting in its being bombarded with emails from angry authors worried about the company’s solvency.
The aggrieved authors and former editors tell a different story. They maintain that it was Ellora’s Cave’s lawsuit, filed two weeks later, that galvanized them, especially because it contained language that suggested Ellora’s Cave wanted the names of people who had posted anonymously in the Dear Author comment section. On her blog, Courtney Milan, a successful self-published romance author and former law professor who has never published with Ellora’s Cave, started parsing the legalese for readers and encouraged authors to speak up on Twitter about issues they’ve had with the company. “The point of this suit,” says Milan, “was to prevent people from speaking.”
A few authors I spoke with in early December were in the process of buying back the rights to their books and complained of ongoing communication problems with the company. One longtime former contract editor had been paid “most” of what she was owed when she was let go. But several people said they wouldn’t have publicly discussed their issues had they not felt compelled to stand up for free speech and effectively support Litte’s claims. There’s skepticism as to whether Amazon could be solely responsible for the loss of revenue, or if Ellora’s Cave’s real nemesis is its own mismanagement. “Absolutely not,” insists Engler, “and this will come out in court.”
Engler has taken the situation personally. She feels she helped make a lot of writers good money over the years, which is a point many of her detractors, including Litte, concede, and which is probably why there’s a luxury vehicle parked in the driveway with the license plate RNMKR.
“It’s the culture we live in,” she says. “We love to watch people rise from nothing. And then we love to tear them down.” Engler did not attend the most recent RomantiCon, an annual convention held in Ohio for employees and fans of Ellora’s that features vendors hawking sex products, stripteases by male dancers who double as Ellora’s cover models, and much-needed workshops on feasible sex positions—too often Engler has given edit notes explaining that a woman cannot be bent over a horse unless her partner is very tall or the horse is very short.
She sometimes laughs at the outrageousness of the erotica world, but Engler also says she’s considering leaving day-to-day operations to her mother. It’s unlikely that the Amazon situation will improve, although the retailer has showed signs of being willing to unflex its muscle. Late in December, Macmillan became the latest major publisher, after Hachette and Simon & Schuster, to reach an agreement with Amazon that limited discounts on the price of Macmillan’s e-books—which is no great help to Ellora’s Cave. Still, in a letter to agents, authors, and illustrators, Macmillan CEO John Sargent admitted, “We need broader channels to reach our readers.”
Engler can surely relate. These days when she’s not feeling nostalgic for her pre-publishing years, she spends her time thinking about “new ways to create income for Ellora’s”—she says, taking a pull on her cigarette—“that don’t involve Amazon.”
*This article appears in the February 23, 2015 issue of New York Magazine.
Uber is trying to force GitHub to disclose the IP address of every person that accessed a webpage connected to a database intrusion that exposed sensitive personal data for 50,000 drivers. The court action revealed that a security key unlocking the database was stored on a publicly accessible place, the online equivalent of stashing a house key under a doormat.
"The contents of these internal database files are closely guarded by Uber," the complaint stated. "Accessing them from Uber’s protected computers requires a unique security key that is not intended to be available to anyone other than certain Uber employees, and no one outside of Uber is authorized to access the files. On or around May 12, 2014, from an IP address not associated with an Uber employee and otherwise unknown to Uber, John Doe I used the unique security key to download Uber database files containing confidential and proprietary information from Uber’s protected computers."
Spare a thought for America's underemployed crack dealers, still the most productive in the world.
Data scientist Lance Martin used 12 years of crime data from San Francisco's Police Department to map the city based on incidents involving specific drugs, from hallucinogens and marijuana to crack, meth, and heroin. Read the rest
The New York Times today
has a preview of the Department of Justice’s report on Ferguson,
Missouri. The full report will be released tomorrow. Here’s what
the Times knows about the
report:
