The Daily Parker

Politics, Weather, Photography, and the Dog

Slash and burn for sanity

Even though I'm president of a medium-sized non-profit organization who understands the importance of keeping in touch with constituents, I have run out of patience. For the last couple of weeks, I have mercilessly unsubscribed from every mailing list that sent me more than two emails a week. I might wind up missing a couple of them, but my dog, some of them just would not shut up.

The worst offender was my undergraduate university. In the last week, until I finally unsubscribed from them just now, they've sent me about 20 emails asking for money. "Last chance!" "Really last chance!" "Our matching fund expires in two hours!" "Our matching fund expires in 30 minutes!" "Our matching fund expired just now but send us a couple of bucks anyway!"

Actually, that's not true: the worst offender—even post-election—is my political party, because I've given to so many campaigns over the years. Listen, swing-state Senator: I gave you $100 in 2018, you won, stop bothering me. I'm not giving you more money until 2024. And I'm annoyed you've sent me about 825 emails on behalf of every other member of the Democratic Party in your state.

STFU. Just, STFU.

My organization decided not to send a Giving Tuesday email this year, and we've limited email blasts to two on behalf of partner organizations promoting actual performances and one for ourselves promoting Messiah (tickets still available!). Even then, our unsubscribe rate hit record levels this week. Maybe there's a correlation?

I know fist-hand how difficult non-profit organizations have it this year. But please, guys, stop with the emails. Just. Stop.

</rant>

If I have your computer, I own your computer

Via Bruce SchneierArs Technica describes in painful detail how computer repair people snoop and steal people's data all the time:

If you’ve ever worried about the privacy of your sensitive data when seeking a computer or phone repair, a new study suggests you have good reason. It found that privacy violations occurred at least 50 percent of the time, not surprisingly with female customers bearing the brunt.

Researchers at University of Guelph in Ontario, Canada, recovered logs from laptops after receiving overnight repairs from 12 commercial shops. The logs showed that technicians from six of the locations had accessed personal data and that two of those shops also copied data onto a personal device. Devices belonging to females were more likely to be snooped on, and that snooping tended to seek more sensitive data, including both sexually revealing and non-sexual pictures, documents, and financial information.

The amount of snooping may actually have been higher than recorded in the study, which was conducted from October to December 2021. In all, the researchers took the laptops to 16 shops in the greater Ontario region. Logs on devices from two of those visits weren’t recoverable. Two of the repairs were performed on the spot and in the customer's presence, so the technician had no opportunity to surreptitiously view personal data.

In three cases, Windows Quick Access or Recently Accessed Files had been deleted in what the researchers suspect was an attempt by the snooping technician to cover their tracks. As noted earlier, two of the visits resulted in the logs the researchers relied on being unrecoverable. In one, the researcher explained they had installed antivirus software and performed a disk cleanup to “remove multiple viruses on the device.” The researchers received no explanation in the other case.

In all, the findings from the study were:

 Privacy policies and the practice of communicating protocols and controls to protect customers’ data do not exist across service providers of all sizes.
 Service providers largely (10/11) require “all access” to the device, even when it is unnecessary.
 Technicians often snoop on customers’ data (6/16) and sometimes copy those to external devices (2/16).
 Technicians who violate privacy often do so carefully to not generate evidence (1/6) or remove such evidence (3/6).
 A significant proportion of broken devices (26/79, 33 percent) are not repaired due to privacy concerns. For the devices that get repaired, device owners are concerned about threats to their privacy but do not use the proper controls to protect their data.

The results likely confirm what many more experienced computer users already know: that their data is vulnerable to snooping or copying any time they surrender their device to an untrusted or unknown individual, particularly when the individual has their login password. But for a much larger percentage of people wanting to recover crucial data on a broken device, the findings are likely a wake-up call with few, if any, good solutions.

Another way to look at it: do you trust your locksmith?

Probably the last warm day of the year

Cassie and I took a 33-minute walk at lunchtime and we'll take another half-hour or so before dinner as the temperature grazes 14°C this afternoon. Tomorrow and each day following will cool off a bit until Wednesday, the first official day of winter, which will return to normal.

Meanwhile...

Finally, Amazon's ads really have gotten to the point where it's "a tacky strip mall filled with neon signs pointing you in all the wrong directions."

And in just a few hours, I will tuck into this:

I may run out of mason jars though...

FTX was not a "tech company"

Josh Barro explains the FTX collapse in simple terms:

[T]his is not a technology story, because FTX was not a technology company. Sure, FTX’s business relied on technology, but so do most businesses. FTX has an app; so does Fidelity, and so does Chipotle, and that doesn’t make them tech companies. FTX was a brokerage, and there were two things that set them apart from a regular brokerage. One is that they dealt principally in nonsense financial products with no underlying economic value, and the other is that the owners either lost or stole the customers’ money and then lied about their resulting insolvency.

Because cryptocurrency assets have no fundamental economic value — unlike stocks and bonds, they do not reflect a claim on the cash flows of some business creating real value in the economy — there can be no such thing as fundamentals-based investing in them. When people invest in crypto, they out themselves as marks for scammers who might believe any nonsense about what something is worth. And therefore it’s the least surprising thing in the world that someone would open up a crypto exchange, offer implausible interest rate terms in order to hoover up billions in customer deposits from the gullible masses, and then misappropriate the proceeds.

He also provides some rules of thumb for dealing with cryptocurrencies, the first being, "any crypto-related business is a scam." Quite so.

Stories to roll your eyes to

I mean, why? Just why?

  • The XPOTUS, as predicted, announced his run for the 2024 election, despite looking like a total loser in the 2022 election. But narcissists gonna narcise.
  • The Illinois Worker Rights Amendment passed, and will now become part of the state constitution. I think this will have a bunch of unintended consequences not beneficial to workers, so I voted against it. We're stuck with it now.
  • Boomer Kathleen Parker spends her column today tut-tutting Boomers for not understanding Millennial jobs, picking "influencer" as just one example. I'm an X-er who completely understands "influencer" (i.e., children monetizing their own narcissism) and "change manager" (i.e., operations flunky) just fine, and suggests that the problem lies not with the Boomer parents but with the Boomer executives. (Longer post, maybe?)
  • Pushwoosh, a Russian software company that writes spyware has pretended to be an American company, for reasons left as an exercise to the reader. About 8,000 apps use their stuff. As Bruce Schneier has said, supply-chain security is "an insurmountably hard problem."
  • Bloomberg laments that "the wrong Americans are buying electric cars."
  • Julia Ioffe cautions that Ukraine's re-taking of Kherson could lead to dangerous overreach as the war goes on—and a difficult diplomatic situation for the US.

Finally, the Missouri Department of Transportation proudly announced the 50th anniversary of their engineers killing downtown Kansas City, and the Internet let them have it.

How is it 5:30?

I've had two parallel tasks today, one of them involving feeding 72 people on Saturday. The other one involved finishing a major feature for work. Both seem successful right now but need testing with real users.

Meanwhile, outside my little world:

  • The XPOTUS seems to have backed himself into a corner by lying about "declassifying" things psychically, after the Special Master that he asked for called bullshit. Greg Sargent has thoughts.
  • Pro Publica reported on Colorado's halfway-house system that sends more people back to prison than it rehabilitates.
  • The Navy has begun its court-martial of Seaman Recruit Ryan Mays, accused of lighting the fire that destroyed the USS Bonhomme Richard in 2020.

Finally, Ian Bogost (and I) laments the disappearance of the manual transmission.

Happy Friday, with its 7pm sunset

It happens every September in the mid-latitudes: one day you've got over 13 hours of daylight and sunsets around 7:30, and two weeks later you wake up in twilight and the sun sets before dinnertime. In fact, Chicago loses 50 minutes of evening daylight and an hour-twenty overall from the 1st to the 30th. We get it all back in March, though. Can't wait.

Speaking of waiting:

Finally, Fareed Zakaria visited Kyiv, Ukraine, to learn the secret of the country's success against Russia.

Process crimes vs intentional crimes

Writing as a guest of James Fallows, former defense official Jan Lodal outlines how subparagraph (d) of the Espionage Act should be a slam-dunk in prosecuting the XPOTUS:

This paragraph makes a straightforward action a crime: namely, failing to return classified documents if properly directed to give them back. No proof of the level of classification, or the intentions of the document holder, or the content of the documents, is required. Just a simple question, did he or she give them back or not.

This section of the Espionage Act does not require that prosecutors access or cite individual documents to prove the crime. It requires only that there were any classified documents in the boxes that Trump did not return. On that there is no doubt. It was settled by the release of the Department of Justice (DoJ) Affidavit authorizing the Mar-A-Lago document seizure.

Trump’s violation of this Subparagraph (d) of the Espionage Act could not be clearer. Unlike all other crimes being considered for prosecution, Subsection (d) requires no probing of intent or consequence. It defines as criminal a clear process violation—“failing to return” classified documents when properly asked to do so.

Given our politics and our jury system, keeping the legal actions against Trump simple is better for now. Prosecution for other offenses after getting an initial conviction will then be more likely to succeed. DOJ should take this path to reduce the risk that obfuscation and assertions of inapplicable rights and privileges by a former president could override the fragile rule of law in our constitutional democracy.

Having watched the DOJ build its case, and knowing that Attorney General Merrick Garland takes things slowly and deliberately, I expect to see this charge sooner rather than later. But I also suspect that the DOJ wants to build the most comprehensive case it can. We'll see.

But her emails!

The Washington Post Fact Checker digs deep into the allegations of mishandling classified material against former Secretary of State Hillary Clinton and finds, nah, she good:

The Justice Department investigation of classified documents found at former president Donald Trump’s Mar-a-Lago Club has brought inevitable comparisons to the controversy over Hillary Clinton’s private email server that she used while secretary of state. The FBI investigation into her emails arguably tipped the close 2016 presidential election to Trump.

During the contest between Trump and Clinton, we wrote 16 fact checks on the email issue, frequently awarding Pinocchios to Clinton for legalistic parsing. But in light of the Trump investigation, Clinton is trying to draw a distinction between Trump’s current travails and the probe that targeted her.

As shown in an FBI photo of some of the documents seized from Trump, many have clear markings indicating they contained highly sensitive classified information. Clinton, in her tweet, suggests none of her emails were marked classified. That’s technically correct. Whether those emails contained classified information was a major focus of the investigation, but a review of the recent investigations, including new information obtained by the Fact Checker, shows Clinton has good reason for making a distinction with Trump.

In other words, [two] State Department probes under Trump knocked Clinton for maintaining a private server for State Department communications — but did not hold her responsible for mishandling classified information.

Of course, all the Benghazi and email server hearings that Clinton had to endure had nothing at all to do with their subject matters, because the current Republican Party doesn't care at all about substance. Everything they do is performance, for political points. And they've been at that so long, in fact, that many Republicans can't fathom that the probe of the XPOTUS's mishandling of classified material has nothing to do with political points and everything to do with the damage that he did to national security.

God save our gracious King

With the death of Queen Elizabeth II, the British National Anthem has changed back to "God Save the King" for the third time in 185 years. In other news:

By the way, the UK has a vacancy for the post of Prince of Wales, in case anyone would care to apply. I think we can bet on nepotism, though.