The Daily Parker

Politics, Weather, Photography, and the Dog

Wikipedia joins SOPA protest; Twitter boss scoffs

The largest encyclopedia ever assembled will go offline tomorrow to protest against the Stop Online Piracy Act, currently working its way through Congress's collective bowels. From Wikipedia's public statement:

[T]he Wikimedia Foundation is asked to allocate resources and assist the community in blacking out the project globally for 24 hours starting at 05:00 UTC on January 18, 2012, or at another time as determined by the Wikimedia Foundation. This should be carried out while respecting technical limitations of the underlying software, and should specifically prevent editing wherever possible. Provisions for emergency access to the site should be included in the blackout software. In order to assist our readers and the community at large to educate themselves about SOPA and PIPA, these articles and those closely related to them will remain accessible for reading purposes if possible. Wikipedians are urged to work with WMF staff to develop effective messaging for the "blackout screens" that directs readers to suitable online resources. Sister projects, such as the German and Italian Wikipedias and Wikimedia Commons, have indicated an intention to support the same principles with banners on those sites, and the support of other projects is welcome and appreciated.

Twitter CEO Dick Costolo is unimpressed: " 'That's just silly. Closing a global business in reaction to single-issue national politics is foolish,' Costolo [said]."

For what it's worth, my U.S. Senators are split: Senator Mark Kirk (R-IL) claims to be opposed to it, while Senator Dick Durbin (D-IL) is a co-sponsor of the Senate's version. Neither has any material on his website about it. I have written to Senator Durbin and to Representative Mike Quigley (D-IL) for comment.

SOPA would be unconstitutional

Via Sullivan, a constitutional analysis of the Stop Online Piracy Act:

To begin with, the bills represent an unprecedented, legally sanctioned assault on the Internet’s critical technical infrastructure. Based upon nothing more than an application by a federal prosecutor alleging that a foreign website is “dedicated to infringing activities,” Protect IP authorizes courts to order all U.S. Internet service providers, domain name registries, domain name registrars, and operators of domain name servers—a category that includes hundreds of thousands of small and medium-sized businesses, colleges, universities, nonprofit organizations, and the like—to take steps to prevent the offending site’s domain name from translating to the correct Internet protocol address.

This not only violates basic principles of due process by depriving persons of property without a fair hearing and a reasonable opportunity to be heard, it also constitutes an unconstitutional abridgement of the freedom of speech protected by the First Amendment. The Supreme Court has made it abundantly clear that governmental action suppressing speech, if taken prior to an adversary proceeding and subsequent judicial determination that the speech in question is unlawful, is a presumptively unconstitutional “prior restraint.” In other words, it is the “most serious and the least tolerable infringement on First Amendment rights,” permissible only in the narrowest range of circumstances. The Constitution requires a court “to make a final determination” that the material in question is unlawful “after an adversary hearing before the material is completely removed from circulation.”

(Emphasis in quoted blog post; references removed.)

I've already written to my representative in Congress; have you written to yours?

Bruce Schneier gives another interview

Given my activities yesterday (i.e., going through airport security), I found the latest interview with Bruce Schneier timely and once again correct:

As we came by the checkpoint line, Schneier described one of these aspects: the ease with which people can pass through airport security with fake boarding passes. First, scan an old boarding pass, he said—more loudly than necessary, it seemed to me. Alter it with Photoshop, then print the result with a laser printer. In his hand was an example, complete with the little squiggle the T.S.A. agent had drawn on it to indicate that it had been checked. “Feeling safer?” he asked.

To a large number of security analysts, [the billions we've spent on security theater] makes no sense. The vast cost is not worth the infinitesimal benefit. Not only has the actual threat from terror been exaggerated, they say, but the great bulk of the post-9/11 measures to contain it are little more than what Schneier mocks as “security theater”: actions that accomplish nothing but are designed to make the government look like it is on the job. In fact, the continuing expenditure on security may actually have made the United States less safe.

Yes. We spend money on high-tech, whiz-bang solutions to human-intelligence problems. The attack on 9/11 can't happen again in the U.S., not because of full-body scanners at airports, but because of reinforced cockpit doors and vigilant passengers. Should we let just anyone board a transport airplane without a security check[1]? No, of course not; but we should make the checks effective, rather than flamboyant.

Security, however, tends to ratchet up, because no one wants to be the guy who relaxed security right before an attack. And we know an attack will happen someday; nihilists are not easily dissuaded from their crimes. Still, one can hope.

My 15 minutes, your download speeds

A little housekeeping: if the blog seems slow today, thank this entry, which has got over 70,000 page views yesterday through 19:00 CDT and continues to get hit today. (Usual site traffic is about 4,000 page views per day, total.)

So, there's nothing wrong with either the blog or with your carrier. It's just a lot more traffic than my servers usually get.

About this blog (v. 4.1.6)

I'm David Braverman, this is my blog, and Parker is my 5-year-old mutt. I last updated this About... page in February, but some things have changed. In the interest of enlightened laziness I'm starting with the most powerful keystroke combination in the universe: Ctrl-C, Ctrl-V.

Twice. Thus, the "point one" in the title.

The Daily Parker is about:

  • Parker, my dog, whom I adopted on 1 September 2006.
  • Politics. I'm a moderate-lefty by international standards, which makes me a radical left-winger in today's United States.
  • Photography. I took tens of thousands of photos as a kid, then drifted away from making art until a few months ago when I got the first digital camera I've ever had that rivals a film camera. That got me reading more, practicing more, and throwing more photos on the blog. In my initial burst of enthusiasm I posted a photo every day. I've pulled back from that a bit—it takes about 30 minutes to prep and post one of those puppies—but I'm still shooting and still learning.
  • The weather. I've operated a weather website for more than ten years. That site deals with raw data and objective observations. Many weather posts also touch politics, given the political implications of addressing climate change, though happily we no longer have to do so under a president beholden to the oil industry.
  • Chicago, the greatest city in North America, and the other ones I visit whenever I can.

I've deprecated the Software category, but only because I don't post much about it here. That said, I write a lot of software. I work for 10th Magnitude, a startup software consultancy in Chicago, I've got about 20 years experience writing the stuff, and I continue to own a micro-sized software company. (I have an online resume, if you're curious.) I see a lot of code, and since I often get called in to projects in crisis, I see a lot of bad code, some of which may appear here.

I strive to write about these and other things with fluency and concision. "Fast, good, cheap: pick two" applies to writing as much as to any other creative process (cf: software). I hope to find an appropriate balance between the three, as streams of consciousness and literacy have always struggled against each other since the first blog twenty years ago.

If you like what you see here, you'll probably also like Andrew Sullivan, James Fallows, Josh Marshall, and Bruce Schneier. Even if you don't like my politics, you probably agree that everyone ought to read Strunk and White, and you probably have an opinion about the Oxford comma—punctuation de rigeur in my opinion.

Another, non-trivial point. Facebook reads the blog's RSS feed, so many people reading this may think I'm just posting notes on Facebook. Facebook's lawyers would like you to believe this, too. Now, I've reconnected with tons of old friends and classmates through Facebook, I play Scrabble on Facebook, and I eagerly read every advertisement that appears next to its relevant content. But Facebook's terms of use assert ownership of everything that appears on their site, regardless of prior claims, which contravenes four centuries of law.

Everything that shows up on my Facebook profile gets published on The Daily Paker first, and I own the copyrights to all of it (unless otherwise disclosed). I publish the blog's text under a Creative Commons attribution-nonderivative-noncommercial license; republication is usually OK for non-commercial purposes, as long as you don't change what I write and you attribute it to me. My photos, however, are published under strict copyright, with no republication license, even if I upload them to other public websites. If you want to republish one of my photos, just let me know and we'll work something out.

Anyway, thanks for reading, and I hope you continue to enjoy The Daily Parker.

Significant data disclosure at Stanford Hospital

I don't have all the details, but it looks like an employee at one of the hospital's vendors did something really stupid:

A medical privacy breach led to the public posting on a commercial Web site of data for 20,000 emergency room patients at Stanford Hospital in Palo Alto, Calif., including names and diagnosis codes, the hospital has confirmed. The information stayed online for nearly a year.

Since discovering the breach last month, the hospital has been investigating how a detailed spreadsheet made its way from one of its vendors, a billing contractor identified as Multi-Specialty Collection Services, to a Web site called Student of Fortune, which allows students to solicit paid assistance with their schoolwork.

Gary Migdol, a spokesman for Stanford Hospital and Clinics, said the spreadsheet first appeared on the site on Sept. 9, 2010, as an attachment to a question about how to convert the data into a bar graph.

One can easily see how this happened: someone on the billing contractor's staff was taking a class of some kind and decided to use real, live, HIPAA-protected data for a project. My law-school Wills instructor, Jerry Leitner, would explain this by the "omnibus explanation," the thing that explains nearly every human endeavor that ends badly: stupidity.

The article mentions Stanford got fined $250,000 from the breach. I wonder if they'll be able to get a contribution award from the contractor?

Costs and benefits of anti-terror spending

Gulliver this afternoon examines whether we might want to examine them:

A new academic paper [PDF] from John Mueller (of The Ohio State University) and Mark Stewart (of the University of Newcastle in Australia) attempts to determine whether the return on investment justified those huge expenditures. ... [T]he findings in this paper are truly remarkable. By 2008, according to the authors, America's spending on counterterrorism outpaced all anti-crime spending by some $15 billion. Messrs Mueller and Stewart do not even include things like the wars in Iraq and Afghanistan (which they call "certainly terrorism-determined") in their trillion-plus tally.

"[A] most common misjudgment has been to embrace extreme events as harbingers presaging a dire departure from historical patterns. In the months and then years after 9/11, as noted at the outset, it was almost universally assumed that the terrorist event was a harbinger rather than an aberration. There were similar reactions to Timothy McVeigh’s 1995 truck bomb attack in Oklahoma City as concerns about a repetition soared. And in 1996, shortly after the terrorist group Aum Shinrikyo set off deadly gas in a Tokyo subway station, one of terrorism studies' top gurus, Walter Laqueur, assured the world that some terrorist groups 'almost certainly' will use weapons of mass destruction 'in the foreseeable future.' Presumably any future foreseeable in 1996 is now history, and Laqueur’s near 'certainty' has yet to occur."

The paper also found that anti-terror spending has outpaced anti-crime spending by some $15 bn, despite crime costing society significantly more. The paper doesn't go into the politics of why this might be so, but I'll hazard a guess that cutting crime benefits more people a little while spending on anti-terror measures benefits a few people quite a bit. Lowering the likelihood that my car will suffer $300 in damage from a break-in has less immediacy than a $30m contract for a new security gadget would were I in that line of business.

Who authenticates the authentication?

Via Bruce Schneier, the author of How the End Begins describes how no one can ever be absolutely certain an order to destroy civilization is authentic:

Can the president start a nuclear war on his own authority—his own whim or will—alone? The way Brigadier Gen. Jack D. Ripper did in Dr. Strangelove? What if a president went off his meds, as we'd say today, and decided to pull a Ripper himself? Or what if a Ripper-type madman succeeded in sending a falsely authenticated launch order? You're about to kill 10 million people, after all.

Anyway, back down there in your launch capsule you might allow yourself to wonder: "This launch order, is this for real or for Nixon's indigestion?"

If you were asking yourself that question, you wouldn't be the only one. James Schlesinger, secretary of defense at that time, No. 2 in the nuclear chain of command, was reported to be so concerned about Nixon's behavior that he sent word down the chain of command that if anyone received any "unusual orders" from the president they should double-check with him before carrying them out.

So there you are, having just received the order to launch nuclear genocide. Should you suppress any doubts, twist your launch key in the slot simultaneously with your fellow crewman and send death hurtling toward millions of civilians halfway around the world? Without asking questions? That's what you're trained to do, not ask questions. Trainees who asked questions were supposed to be weeded out by the Air Force's "psychiatric consideration of human reliability" requirement. I've read this absurd Strangelovian document, which defined sane and reliable as being willing to kill 10 or 20 million people with the twist of a wrist, no questions asked.

Oh, yeah, I'll sleep well tonight.

Friday miscellany

In no particular order:

  • Today is the 100th anniversary of the deadly Triangle Shirtwaist factory fire in New York, in which 146 workers died. If you want to know why we have unions in the U.S., read the story. This is the world to which the radical right are happy to return us.
  • I have to hand it to Citibank and their crack team of fraud preventatives. Last week I bought a plane ticket from Chicago to London for about $700. A few hours later I attempted to put down a £100 deposit on a hotel room in London. Citibank declined the smaller charge, because it was an international purchase without card-in-hand, as they say. Note I bought the airline ticket online also.
    A 10-minute phone call to them, followed by an apologetic phone call to the hotel, and it went through fine. This morning, I bought a £58 round trip rail ticket from London to York on a day within both the air ticket and hotel reservation (both of which Citibank knows about), and their computer called me within seconds to warn me of yet more fraud. Fifteen minutes later they have finally—finally!—acknowledged that I might be in the UK for a couple of days, and possibly will be using my credit card to make reservations ahead of the trip. Note to people outside the US: They're not trying to protect me; they're trying to protect themselves. In the US, card holders have a $50 liability limit for fraudulent transactions; the bank's liability is essentially limitless. But still, guys?
  • Microsoft's Raymond Chen has a funny anecdote about the Seattle Symphony Orchestra's front office getting confused between Paul Cézanne and Camille Saint-Saëns, complete with a handy chart to tell the difference.

That is all.

148 years too late

Via Bruce Schneier, a retired CIA codebreaker recently decoded a message sent to Confederate Lt. Gen. John Pemberton in July 1863:

The encrypted, 6-line message was dated July 4, 1863, the date of Pemberton's surrender to Union forces led by Ulysses S. Grant, ending the Siege of Vicksburg in what historians say was a turning point midway into the Civil War.

The message is from a Confederate commander on the west side of the Mississippi River across from Pemberton.

"He's saying, 'I can't help you. I have no troops, I have no supplies, I have no way to get over there,'" Museum of the Confederacy collections manager Catherine M. Wright said of the author of the dispiriting message. "It was just another punctuation mark to just how desperate and dire everything was."

That day, 4 July 1863, the Union not only captured Vicksburg but also prevailed at Gettysburg. Historians generally agree the two victories effectively ended any possibility of the Confederacy winning the war, though they would continue to fight for another 20 months.

The full text of the message to Pemberton reads:

"Gen'l Pemberton:

You can expect no help from this side of the river. Let Gen'l Johnston know, if possible, when you can attack the same point on the enemy's lines. Inform me also and I will endeavor to make a diversion. I have sent some caps (explosive devices). I subjoin a despatch from General Johnston."

The last line, Wright said, seems to suggest a separate delivery to Pemberton would be the code to break the message.

The news story has more details about how they found the message, and how they broke the code.