The Daily Parker

Politics, Weather, Photography, and the Dog

In case you didn't have enough to worry about

Via Bruce Schneier, two Harvard undergraduates have demonstrated that the volume of easily-obtainable information from multiple, large-scale data breaches makes targeting people for cybercrime easier than you could have guessed:

The students found a dataset from a breach of credit reporting company Experian, which didn’t get much news coverage when it occurred in 2015. It contained personal information on six million individuals. The dataset was divided by state, so [students Dasha] Metropolitansky and [Kian] Attari decided to focus on Washington D.C. The data included 69 variables—everything from a person’s home address and phone number to their credit score, history of political donations, and even how many children they have.

But this was data from just one leak in isolation. Metropolitansky and Attari wondered if they could identify an individual across all other leaks that have occurred, combining stolen personal information from perhaps hundreds of sources.

There are sites on the dark web that archive data leaks, allowing an individual to enter an email and view all leaks in which the email appears. Attari built a tool that performs this look-up at scale.

“We also showed that a cyber criminal doesn’t have to have a specific victim in mind. They can now search for victims who meet a certain set of criteria,” Metropolitansky said.

For example, in less than 10 seconds she produced a dataset with more than 1,000 people who have high net worth, are married, have children, and also have a username or password on a cheating website. Another query pulled up a list of senior-level politicians, revealing the credit scores, phone numbers, and addresses of three U.S. senators, three U.S. representatives, the mayor of Washington, D.C., and a Cabinet member.

"We're two college students. If someone really wanted to do some damage, I'm sure they could use these same techniques to do something horrible," [Metropolitansky said].

As Schneier points out, "you can be sure that the world's major intelligence organizations have already done all of this."

This is also why we need government regulation or stricter liability laws around data breaches. Experian's sloppiness imperiled six million people, and has probably resulted in crime already. But they have no incentive to fix their issues. In fact, they didn't even reveal the breach for years.

Why transparency matters

Yesterday I bemoaned not only our depression-inducing lack of sunlight (predicted return of the sun: Sunday, maybe), but also Senate Republicans' efforts to hide or ignore information relevant to the impeachment trial now underway.

Another story about how a lack of transparency causes damage has come to light. The Washington Post reports that the Saudi attack on Post owner Jeff Bezos' phone was helped to great extent by Apple's refusal to report security defects:

A security report last week alleged that Bezos, who also owns The Washington Post, received a WhatsApp message laden with code that secretly snatched reams of personal data from his iPhone X. The message allegedly came from Mohammed bin Salman, the crown prince of Saudi Arabia. Security researchers say Bezos probably fell victim to the iPhone’s Achilles’ heel: Its defenses are so difficult to penetrate that once sophisticated attackers are in, they can go largely undetected.

That is in part because Apple employs a secretive approach to finding and fixing security flaws, researchers say, something that has generated debate in the security community.

Security researchers say iPhones and Androids have different approaches to security. They say they generally believe there are more bugs and vulnerabilities in Android. That may be because there are so many different versions, or “forks,” of Android. Google allows its myriad handset makers and others to customize the operating system.

That results in two security philosophies. In Android’s case, the researchers said, the more people who look for bugs, the more secure a system becomes. But Apple’s strategy follows the idea that less visibility into the software means fewer bugs will be discovered in the first place, making the overall operating system more secure. It takes skill, resources or both to find those bugs, which means hackers will typically use them sparingly to protect them from discovery.

Bruce Schneier has argued in favor of transparency for years. This is why. And why I only use Android devices.

Occlusion

In Chicago this week, a persistent temperature inversion has kept us under a layer of stratus clouds that have obscured the sun for the past 5 days. Instead of the normal 42% of possible sunshine we get in January, this year we've only gotten 28%. It's a little depressing.

The only silver lining, so to speak, is that the cloud layer has kept temperatures a lot warmer than normal, especially overnight. So we've gotten temperatures a degree or two above freezing and a degree or two below freezing, which we like tons better than the insanity of this time last year.

In other news of persistent fogginess and concealment, Senate Republicans claim that John Bolton's book has "blindsided" them—even though Bolton's revelations are precisely what the Republicans wanted to avoid hearing in the Trump Impeachment Trial:

What’s morbidly amusing about this is that it’s actually self-incriminating. It’s deeply revealing about the true nature of the GOP coverup.

[T]his will not be a real trial unless we hear from those people, who include Bolton and acting White House chief of staff Mick Mulvaney. It cannot by definition be anything other than an effort to carry through Trump’s own coverup to completion.

What actually blindsided Senate Republicans was that the details of Bolton’s account leaked before they could carry out their preordained vote to acquit. They were blindsided by this terribly inconvenient timing, which upended their coverup.

So: how much will voters actually care about this? I hope just enough to give the Democratic nominee more than 271 electoral votes this fall.

Takei slams the new US Space Force

The Star Trek actor likens the Space Force under President Trump to the Starfleet of the "Mirror, Mirror" universe:

In this terrifying version of reality, violence and cruelty have displaced peace and diplomacy as the hallmarks of governance.

The “evil” version of my own character, Sulu, plots to kill both Capt. Kirk and Mr. Spock so that he can take command of the ship. In classic “Star Trek” style, the script for this episode carried loaded meaning. The writers were issuing a warning: A free and democratic society can flip in the blink of an ion storm, and all that we take for granted about the rule of law, the chain of command and the civilized functions of government can be gone in an instant.

I thought of “Mirror, Mirror” after seeing the Trump administration’s new Space Force logo, which the president tweeted out Friday with a characteristically awkward nod to our “Great Military Leaders” of the “Sixth Branch of our Magnificent Military!” (caps and punctuation his). Within minutes, the logo was lampooned widely for appearing to rip off the logo for Starfleet Command from “Star Trek.” Indeed, with the two logos placed side by side, the resemblance is so remarkable that I had to wonder whether Melania Trump was part of the design committee:

Takei's suggestion for an alternative Space Force logo elicited nervous chuckles from The Daily Parker...

100% agreement with one of my favorites

Author John Scalzi (The Old Man's WarAndroid's Dream, the Interdependency Trilogy) posted this morning a summary of his political beliefs. I agree completely with everything he said:

1. The president is the worst president of my lifetime, who is ignorant, bigoted, incurious, corrupt, has almost certainly engaged in criminal conduct before and after he was in office, is either a complicit or unwitting tool for the Russian government and its goals, never should have been in a position to become president, and now that he is president, should be removed from the office, whether through a Senate trial or simply by losing the popular (again) and electoral vote later this year.

2. Per the previous, the president amply deserved to be impeached by the House of Representatives, and amply deserves to be removed from the office he holds by the Senate. That he will not be removed, and that the vote for removal will not be anywhere near to close, is proof that the current iteration of the Republican party is complicit in the president’s criminality and has become little better than a criminal enterprise in itself.

It's nice to find new reasons to admire someone I already admired.

Unlike Scalzi, I post so often about politics that I doubt any readers have questions for me. That said, later this week, I'll post a list of the media outlets I get my news and opinion from and financially support.

The nihilism machine

Author Nicole Hemmer outlines how the American right wing has prepared itself for the impeachment trial for the past 50 years, and it's to all our detriments:

If you tuned in to Fox News to watch the opening arguments of the impeachment trial on Wednesday night, you were out of luck. Oh, the trial was still technically being broadcast on the network, but it had been reduced to a muted box on the side of the screen, while Sean Hannity assured viewers, “None of this will matter.”

This was the purest representation so far of conservative media’s efforts to minimize not just impeachment but the full array of President Trump’s misconduct. But minimization is only half the strategy to protect Republican control of the White House. The other half is scandalization: an effort to create an air of nonstop scandal around previous Democratic presidents and presidential hopefuls.

The rapid expansion of conservative media in the 1990s and 2000s, and the conservative scandal machine that powered it, transformed American politics. During the Bill Clinton era, new scandal-mongering magazines and websites made up what Hillary Clinton accurately called a “vast right-wing conspiracy.” What followed was a cynical, partisan impeachment that treated the serious constitutional remedy as just another political game. In so doing, Republicans diminished the significance of impeachment, making it less likely the public would take the current impeachment crisis seriously.

To write off Mr. Trump’s wrongdoing as run-of-the-mill politics, then, requires both minimizing what he has done and scandalizing what other politicians do. As an added bonus, the strategy damages Americans’ faith in government and public service, bolstering the Republican Party’s anti-government agenda. As such, it’s a powerful, effective political strategy — and a deeply nihilistic one.

These tactics have also served right-wing governments the world over as well. The Soviet Union and its successor, the Russian Federation, have always tried to portray the west as just as bad as Russia, as just one example.

Remember: the right wants to rule, so that they can enrich themselves at the expense of everyone else. Making people believe "government is the problem" serves this narrative well.

Personal travel "should die:" New Republic

Chuck Thompson understands why we travel, but still thinks we shouldn't:

As evidence piles up about the deleterious impact of global tourism, the travel media charade is starting to feel like the almost comical hypocrisy of Trump surrogates ginning up increasingly contorted justifications on cable news for a worldview that’s becoming more detached from reality by the day.

All motorized transport is a problem—cruise ships generate 21,000 gallons of sewage per day, much of it flushed into the ocean—but the primary offenders are airplanes. According to U.K.-based Earth Changers, another outfit dedicated to “sustainable tourism,” aviation emissions account for 3.2 percent of total global carbon emissions. That figure could rise to 12 percent by 2050.

Short of regulations and fuel taxes on a scale that would restructure the entire global market, people probably aren’t going to stop traveling. More likely, as the world becomes ever more distressed by over-tourism—the 145 million annual overseas trips currently taken by Chinese tourists alone is expected to surpass 400 million by 2030—the travel journalists we rely on for hot tips and insider advice will simply conjure new ways of assuaging our guilt. That may serve the interests of their airline underwriters, but it won’t be doing the planet any favors.

I take no joy in saying so. I like travel as much as you do, and I’m not stopping either. Where’s the line between hypocrite and addict? I suspect we’re all going to find out sooner than we’d like.

And to think, I just got a brand-new passport...

Warm and happy in his own little pile of shit

Dana Milbank puts a hunk of the blame for the impeachment trial on the Chief Justice of the United States himself:

Roberts’s captivity is entirely fitting: He is forced to witness, with his own eyes, the mess he and his colleagues on the Supreme Court have made of the U.S. political system. As representatives of all three branches of government attend this unhappy family reunion, the living consequences of the Roberts Court’s decisions, and their corrosive effect on democracy, are plain to see.

Ten years to the day before Trump’s impeachment trial began, the Supreme Court released its Citizens United decision, plunging the country into the era of super PACs and unlimited, unregulated, secret campaign money from billionaires and foreign interests. Citizens United, and the resulting rise of the super PAC, led directly to this impeachment. The two Rudy Giuliani associates engaged in key abuses — the ouster of the U.S. ambassador to Ukraine, the attempts to force Ukraine’s president to announce investigations into Trump’s political opponents — gained access to Trump by funneling money from a Ukrainian oligarch to the president’s super PAC.

Certainly, the Supreme Court didn’t create all these problems, but its rulings have worsened the pathologies — uncompromising views, mindless partisanship and vitriol — visible in this impeachment trial. And Senate Majority Leader Mitch McConnell (R-Ky.), no doubt recognizing that the Supreme Court’s conservative majority is helping to preserve his party’s Senate majority, has devoted much of his career to extending conservatives’ advantage in the judiciary.

We just have to get through this year. Maybe things will get better in 2021?

It'll take a while to find it again

A bomb snowstorm buried much of Newfoundland this week, breaking all kinds of records in the process:

The historic blizzard that slammed Canada’s easternmost province is headed for Greenland — but it left snow-buried neighborhoods, a slew of power outages and shattered records in its wake.

St. John’s superseded its record for the most snow in 24 hours, recording 762 mm, as the storm hit Newfoundland and Labrador on Friday. A state of emergency continued in the provincial capital and elsewhere through Sunday as most businesses were ordered closed and few beyond emergency vehicles were allowed on the roads. Snow drifts rose 4–5 meters high on some highways, officials said. The Canadian armed forces were called in to help clear the deluge.

The storm was a meteorological “bomb,” having undergone a process of rapid intensification known as bombogenesis. With its central air pressure dropping quickly, the storm drew surrounding air into its center, causing sustained winds in some parts of Newfoundland and Labrador to reach 118 km/h or greater, with higher gusts. The winds combined with the heavy snowfall to create whiteout conditions.

NOAA’s Ocean Prediction Center determined the central air pressure of the storm bottomed out at 954 millibars early Saturday morning, more than a 54-millibar drop in less than 48 hours.

And you thought your winter weather sucked...

Technical debt as Tetris

Jonathan Boccara compares the two:

At the beginning of a Tetris game, you start with an empty game. It’s like the very beginning of a coding project when there is nothing yet.

Then blocks start to fall down. The way you position each block has an impact on the rest of the game. If you place blocks around without much reflexion, letting holes slip in, you’re making life harder for the rest of the game. And if you manage to build a clean, compact structure, then it will be more manageable later in the game.

The analogy with technical debt is that each new fix or development is like a new block coming in, which you need to integrate with the existing code. If you hack it in a quick and dirty way, it’s like leaving holes in the Tetris structure: you’re making life more difficult down the line.

And if you take the time to design a clean solution to integrate the fix or development, it’s like making sure you leave few holes in the Tetris game. This is less easy to achieve but it pays off in the long run.

I haven't thought of it that way before, but I like it.