The Daily Parker

Chicago mayoral candidate and Fraternal Order of Police endorsee Paul Vallas blames "hackers" for his own choices to use a weak password and not to use multi-factor authentication on his Twitter account:

Mayoral candidate Paul Vallas on Friday blamed unnamed hackers for his Twitter account liking offensive tweets over the past several years as he faced criticism from rival candidates over the social media posts.

The comments came after a Tribune review this week found that Vallas’ Twitter account, @paulvallas, had liked a series of tweets that used racist language, supported controversial police tactics like “stop-and-frisk” or insulted Mayor Lori Lightfoot in personal terms.

Vallas earlier this week disavowed the tweets as “abhorrent” and said his campaign was investigating. But in an interview with CBS-2 Chicago on Friday, Vallas said it was “obvious we got hacked,” and in a statement a campaign spokesperson late Friday said there was “unusual activity on the account as recently as last night.”

“The campaign is working to identify who is responsible for ‘liking’ these tweets,” the statement said. “Because the account pre-dates and was re-purposed for the current campaign, numerous volunteers have had access to the account in recent years, including some who are not currently associated with Paul or the 2023 campaign. The scope of the challenge was reflected in the fact that we have seen unusual activity on the account as recently as last night even after an initial round of curative steps including changing passwords for security purposes. As a result, the campaign is investigating a possible breach of the account as well.”

I'm so tired of people blaming "hackers" for crap like this. If you can't keep your Twitter account secure, either through choosing appropriate security measures or trusting the right people to manage it, how can anyone trust you with a city of 3 million citizens?

Current mayor Lori Lightfoot thinks the real culprit might not be a "hacker" after all: “Every single time he gets caught … he says, ‘What? Oh not me. This time, it was somebody else. Not my fault,’” Lightfoot said. “Well, at some point, you’ve gotta say, ‘Come on, Paul. Come clean. Tell the truth about who you are.’”

I spent way more time than I should have this morning trying to set up an API key for the Associated Press data tools. Their online form to sign up created a general customer-service ticket, which promptly got closed with an instruction to...go to the online sign-up form. They also had a phone number, which turned out to have nothing to do with sales. And I've now sent two emails a week apart to their "digital sales" office, with crickets in response.

The New York Times had an online setup that took about five minutes, and I'm already getting stuff using Postman. Nice.

Meanwhile:

• David French revisits President Carter's "malaise" speech, which he characterizes as the former president's most prophetic.
• Molly White asks, why isn't Sam Bankman-Fried in jail? (Most likely answer: because the US Attorney's Office are enjoying him making all those incriminating statements online.)
• The mountains outside Los Angeles have gotten heavy blizzard conditions in the past day in a once-in-a-generation storm.
• A few thousand kilometers to the east, Venice has had near-record low tides that have left its canals mostly empty for hours twice a day.
• The electrical engineer heading up Virginia's Marymount University has proposed cutting everything she doesn't understand from the curriculum, ironically demonstrating why the humanities are critical for good leadership skills.
• Long-time Winnepeg, Man., resident Michel Durand-Wood sees the disappearance of a neighborhood park's gardener as an excellent symbol of the "growth Ponzi scheme" perpetrated by highway departments across North America.
• On the other hand, bureaucracy and poor planning have helped make Manhattan's 2nd Avenue Subway the most expensive transit project in the world.

Finally, I've got a note on my calendar to check out the Karen's Diner pop-up in Wrigleyville next month. Because who doesn't want to be abused by servers?

Let's start with combat-actor Jill Bearup explaining how the Netflix-ITV-BBC ban on corsets solves entirely the wrong problems:

Meanwhile, in the modern world:

• The National Transportation Safety Board reported that an axle on the 23rd car of the train that derailed in East Palesine, Ohio, had a bearing temperature 140°C over normal—which is 30°C over "critical." The crew were trying to stop the train when the bearing failed. Perhaps if the train had fewer cars, or more crew, or the proper braking system...if only.
• New York Magazine reports on the 20-something scammers who brought down Three Arrows Capital, and the people who should have known better before loaning them over $3 billion.
• Twitter has decided to shut off SMS-based multifactor authentication for most accounts, and most people don't understand that this is exactly the right thing to do. Use an authenticator app, people!
• I completely agree with Helen Lewis that the entire point of Roald Dahl's novels is his nastiness.
• Food manufacturers, including Kraft and Heinz, have started to squawk that the proposed (and I sincerely hope soon-halted) Kroger-Albertsons merger will lower their margins, which is what happens when monopolies are permitted. (Never mind what it will do to consumer prices.)
• I might have to miss the craft beer festival taking place less than 2 km from my house this weekend. Dang.

Finally, I missed an anniversary yesterday. On 22 February 2003, Saturday Night Live aired this bit of Tina Fey's genius:

I spent the morning going over an API for standards and style, which will result in an uncomfortably large commit before I leave the office today. I prefer smaller, more focused commits, but this kind of polishing task makes small code changes all over the place, and touches lots of files.

So while I have my (late) lunch, I'm taking a break to read some news:

• Chicago's El got color-coded route designations 30 years ago today. No more Howard-Dan Ryan line; now it's the Red Line.
• Web hosting service GoDaddy disclosed a years-long compromise that included attackers adding malicious code to their source repositories.
• Via Bruce Schneier, The Intercept explains that photos you crop in Microsoft Office (and other applications) aren't so much cropped as windowed, with tremendous security implications.
• Why are today's college students struggling so much?
• The Environmental Protection Agency has ordered Norfolk Southern Railroad to bear the costs of cleaning up East Palestine, Ohio.
• Archaeologists discovered the remains of a Roman amphitheater in what is now Guildhall, London.

Finally, the Securities and Exchange Commission has fined the Mormon Church $5m for failing to disclose its holdings as required by law. As the Church has some $32 billion in holdings worldwide, that $5m fine will sure sting.

I released 13 stories to production this afternoon, all of them around the app's security and customer onboarding, so all of them things that the non-technical members of the team (read: upper management) can see and understand. That leaves me free to tidy up some of the bits we don't need anymore, which I also enjoy doing.

While I'm running multiple rounds of unit and integration tests, I've got all of this to keep me company:

• US Senator Diane Feinstein (D-CA), who even people who love her wonder if she knows where she is half the time, announced she's finally retiring from the Senate at the end of this Congress.
• Both Paul Krugman and Josh Marshall call bullshit on the GOP's (latest) plans to steal my social security contributions. (Note to the masses: the only way Social Security could be in trouble is if the United States somehow lost its taxing authority.)
• Air India has ordered 220 airplanes from Boeing and 250 from Airbus, including 70 long-haul A350s and 777s.
• Cranky Flier chides United Airlines for publishing a flight schedule they have no intention of flying over the summer.
• In other "fictional schedule" news, the CTA hasn't fixed its own frequency and reliability problems even after six months of trying.
• Rick Steves recommends traveling to Europe's second cities, like Manchester, Lyon, and Hamburg. 
• Timothy Noah draws a straight line from railroad cost-cutting through crew size reductions and the massive derailment in East Palestine, Ohio, last week.
• Corrupt former Chicago police sergeant Ronald Watts, whose misconduct has led prosecutors to throw out more than 200 felony convictions and will probably cost the city half a billion dollars in settlements, blamed his downfall on "anti-police atmosphere" without the self-awareness required to see his part in that.
• Bruce Schneier bemoans the lack of urgency in Washington (and other capitals) to regulate cybersecurity.

Finally, you may not want to know what the CBP beagle squad has found in baggage at O'Hare.

I've got an open research problem that's a bit hard to define, so I'm exploring a few different avenues of it. I hope reading these count:

• Dara Massicot performs an autopsy on Russia's invasion of Ukraine.
• Walter Kirn worries about AIs inadvertently training themselves, and the mushy content that will result.
• Bruce Schneier describes hacking the tax code, which I hope he goes more into in his latest book, currently on my bedside table.
• The Texas DOT seems to be at war with urbanism, which makes a certain sense, but something about their shenanigans in Houston recently seems unusually corrupt.
• The less said about toilet plumes, the better. But please put the lid down before flushing.

Since none of these has anything at all to do with my research project, I should get back to work.

My burn-up chart for the current sprint has a "completed" line that nicely intersects the sprint guideline, so I can take a moment this Monday morning to eat lunch and read some news stories:

• James Fallows has some insight into the near-miss in Austin, Texas, that came uncomfortably close to killing over 100 people. AVWeb has a comment as well.
• Bruce Schneier lays out how adversaries can attack AIs—by corrupting their training data, among other things.
• Alex Shepard argues that the English Premier League has turned itself into the very thing its fans feared.

And closer to home—like, less than a kilometer away—the City of Chicago has made some recommendations to improve a stretch of Clark Street that could be a model for other streets in the city.

It got practically tropical this afternoon, at least compared with yesterday:

Cassie and I took advantage of the no-longer-deadly temperatures right at the top point of that curve to take a 40-minute, 4.3 km walk. Tomorrow should stay as warm, at least until the next cold front comes in and pushes temperatures down to -18°C for a few hours Thursday night.

I'm heading off to pub quiz in a few minutes, so I'll read these stories tomorrow morning:

• London plans to build an elevated rails-to-trails park through Camden, similar to Chicago's 606 Trail and New York's High Line.
• Julia Ioffe outlines how Russia's pariah status has hurt their ability to spy on the West, but says we shouldn't rule out Russian shenanigans as their failed invasion of Ukraine grinds on.
• Via Schneier, a government audit found that people suck at choosing passwords. But we knew that.
• Molly White read all the FTX subpoenas so you don't have to.
• The contractor responsible for bits of the CTA's Brown Line Flyover falling off claims to have fixed it.

OK, off to empty the dog, refill the dog, and scoot over to Sketchbook Skokie for a shellacking. (Our sports person can't make it tonight.)

I have no idea. But today I managed to get a lot of work done, so I'll have to read these later:

• A whopping 78% of voters in Rep. "George Santos" (R-NY) district think he should resign.
• Who should I vote for in the upcoming Chicago Mayoral election?
• National Geographic explains the science behind seasonal depression.
• Via Bruce Schneier, it looks like ransomware payments have declined 40% since 2021.
• Writing for Strong Towns, Michel Durand-Wood compares urban planning to...pizza.
• James Fallows describes what an amateur pilot checkride is like, and why they're required. (And wow do I miss flying.)

Finally, if you live in Chicago and look straight up and slightly north with binoculars tonight, you might see a little green comet that last passed Earth 50,000 years ago.

Accused fraudster Sam Bankman Fried did what every prosecutor hopes a defendant will do: start a blog. Researcher Molly White annotated his first post:

Sam Bankman-Fried has apparently decided to fill his time spent confined to his parents' Palo Alto home with blogging, perhaps in the hopes that he can just blog his way out of the massive criminal and civil penalties he's facing.

Although many of his statements here repeat things he's said elsewhere, I think it is useful to be able to analyze some of the story he's trying to spin all in one place, rather than cobbling his narrative together from multiple sources.

It's remarkable the extent to which SBF outright lies, or at the very least twists his version of events to distort reality in his favor. I don't intend to annotate further posts from him—which I suspect will be many—but instead hope that this will be sufficient to give some idea of just how thoroughly misleading his statements are.

Sample annotation:

If I was going to try to pick out a crypto firm that suffered large losses in an attempt to say "look, it was happening to everyone!", I might not pick the one whose founders have allegedly been in hiding for the last six months.³⁴

And this:

It's clear that SBF's definition of "accurate" differs from most people's. SBF seems to think that if you tell someone that you have $1,000, and then later you say "...in monopoly money", it was still an accurate and defensible statement.

You know, I'm beginning to think 2023 will be the year people lose patience with lying fraudsters.