The Daily Parker

On this day in 1767, Charles Mason and Jeremiah Dixon completed their survey of the disputed Maryland-Pennsylvania border, which became even more contentious in 1780 when Pennsylvania aboolished slavery. A group of surveyors started re-surveying the border in 2019; I can't find out whether they finished.

Meanwhile, 255 years later, politics is still mostly local:

• Our professional women's basketball team, the Chicago Sky, won the WNBA championship yesterday.
• Chicago's recently-retired Inspector General has some harsh words for the city's government structure and the current administration.
• Chicago Alderman Jim Gardner got kicked off all of his county committees for general dickishness.
• Farther from my doorstep, President Biden has not spent a single day with approval ratings below his predecessors', thank you very much.
• Missouri Governor Mike Parson (R) not only completely fails to understand how the Web works, but he also can't stand anyone pointing out his administration's incompetence. 
• Novelist Christopher Buckley eulogizes the 500-year history of the "Pope's Airline," Alitalia, which Cranky Flyer has previously called the worst airline ever.
• Barbados will become a true republic next month, at which point Queen Elizabeth II will no longer be head of state for the island nation.

Finally, Chicago has perfectly clear skies for only the third time this month after yesterday and the 4th, getting only 39% of possible sunshine for almost the past three weeks.

Cloudflare explains:

BGP stands for Border Gateway Protocol. It's a mechanism to exchange routing information between autonomous systems (AS) on the Internet. The big routers that make the Internet work have huge, constantly updated lists of the possible routes that can be used to deliver every network packet to their final destinations. Without BGP, the Internet routers wouldn't know what to do, and the Internet wouldn't work.

The Internet is literally a network of networks, and it’s bound together by BGP. BGP allows one network (say Facebook) to advertise its presence to other networks that form the Internet. As we write Facebook is not advertising its presence, ISPs and other networks can’t find Facebook’s network and so it is unavailable.

The individual networks each have an ASN: an Autonomous System Number. An Autonomous System (AS) is an individual network with a unified internal routing policy. An AS can originate prefixes (say that they control a group of IP addresses), as well as transit prefixes (say they know how to reach specific groups of IP addresses).

At 1658 UTC we noticed that Facebook had stopped announcing the routes to their DNS prefixes.

We keep track of all the BGP updates and announcements we see in our global network. At our scale, the data we collect gives us a view of how the Internet is connected and where the traffic is meant to flow from and to everywhere on the planet.

A BGP UPDATE message informs a router of any changes you’ve made to a prefix advertisement or entirely withdraws the prefix. We can clearly see this in the number of updates we received from Facebook when checking our time-series BGP database. Normally this chart is fairly quiet: Facebook doesn’t make a lot of changes to its network minute to minute.

But at around 15:40 UTC we saw a peak of routing changes from Facebook. That’s when the trouble began.

So, someone at Facebook may have applied a router update incorrectly. And as of now, they've corrected the problem.

The United States Supreme Court began their term earlier today, in person for the first time since March 2020. Justice Brett Kavanagh (R) did not attend owing to his positive Covid-19 test last week.

In other news:

• The Post, Guardian, and other news outlets have released their stories on the largest document dump ever, which purports to show how the ultra-rich avoid taxation by stashing their money overseas.
• Indians taking a highly-competitive test to become teachers in the state of Rajasthan paid upwards of $8,000 for Bluetooth-enabled flip-flops in order to cheat.
• Former Facebook employee Frances Haugen will testify before Congress tomorrow on the company's business practices.
• Meanwhile, Facebook and Instagram have apparently gone offline today in what looks like a DNS problem, to the delight of millions of employers.
• Block Club Chicago explains the tax break that makes entire blocks of vacant storefronts way too common in the city.
• September was warmer and drier than normal in Illinois, which pretty much failed to suck.

So how did facebook.com disappear from root DNS, the day after 60 Minutes aired a segment on Haugen?

Just a couple today, but they seem interesting:

• Metra may build a combined Milwaukee District / Union Pacific station in the Fulton Market district that could make commuting into the West Loop a lot easier.
• Greg Bensinger reminds us that maps have inherent, and sometimes deliberate, inaccuracies.
• Finding stolen cryptocurrency is easier than most people think.

And wow, did the Chicago Bears have a bad game yesterday.

So these things happened:

• The FBI withheld REvil decryption keys from victims so not to tip off the criminals.
• Anonymous hackers have doxxed an ISP that provides services to right-wing hate groups.
• Two disbarred lawyers have filed suit against the doctor who admitted to performing an abortion in contravention of Texas law.
• As feared, Chicago-area animal shelters have started to fill up as selfish people return the pets they took home when Covid made them lonely.
• Josh Marshall frames the current squabbles in the Democratic Party as "policy vs. positioning."
• Molly Jong-Fast decries the attention given to the pretty 22-year-old white girl murdered in an area that saw over 700 non-white people go missing over the last 10 years.

And finally, break out the Glühwein: Chicago's Christkindlmarket will return to Daley Plaza and Wrigleyville this winter.

I've just spent the last 45 minutes transferring all my auto-pay accounts to a new credit card after my bank notified me that someone in Berlin tried to use my old card to buy something on a French website. Since this happened just a couple of days after T-Mobile once again lost control of millions of customer records, I assume that's how my card number wound up with a European criminal.

Or maybe it came from one of the companies whose accounts I just had to update? According to C-Net, "T-Mobile says there's no indication any consumer financial data, such as credit card or other payment information, was compromised." Uh huh.

Until companies have to endure real consequences for their own crappy security, this will continue to happen.

I have opened these on my Surface at work, but I'll have to read them at home:

• The City of Chicago has sued Grubhub and Doordash for deceptive practices.
• Sue Halpern asks, "Why is Facebook suddenly afraid of the FTC?"
• Paul Krugman worries that California voters might destroy their own economic success if they remove Governor Gavin Newsom from office next week.
• Josh Marshall fisks Robert Kagan's opinion piece on the history of the Afghanistan war.
• Ezra Klein says, "Let's not pretend that the way we withdrew from Afghanistan was the problem."
• Bruce Schneier links to more details about the massive T-Mobile breach, which today appears to have cost me my main credit card and will go on to cost me many hours of work in the next few days to update automated payment systems.
• Paleontologists have discovered an enormous, four-legged, very carnivorous whale. In the Sahara.

Finally, Empirical Brewery has a new line of beer that supports Tree House Cats at Work. I'll try some and let you know.

Eugene Wesley Roddenberry would have been 100 years old today. Star Trek and NASA have a livestream today to celebrate.

In other news:

• Guardian UK Washington correspondent David Smith highlights White House Press Secretary Jen Psaki's ability to expertly destroy Fox News reporter Peter Doocy.
• T-Mobile has suffered its sixth known data disclosure attack in four years, this time losing control over as many as 40 million customer records.
• New Republic's Scott Stern profiles former Monsanto lawyer Clarence Thomas, whose rulings on the US Supreme Court suggest he still believes he works for Monsanto.
• Charles Blow takes us through our history of using classrooms as proxy battlefields in the culture wars.
• Chicago's favorite piping plovers, Rose and Monty, have decamped for the winter, but their kids will remain at Montrose Beach for a few more weeks.

Finally, sometime today I hope to finish reading Joe Pinsker's interview with author Oliver Burkeman about how not to get sucked into things that waste your time, like the Internet.

Those topics led this afternoon's news roundup:

• The Intergovernmental Panel on Climate Change released its 6th periodic report on the state of the planet, and it's pretty grim. But as Josh Marshall points out, "Worried about life on earth? Don’t be. Life’s resilient and has a many hundreds of millions of years track record robust enough to handle and adapt to anything we throw at it. But the player at the top of the heap is the first to go."
• Charles Blow has almost run out of empathy for people who haven't gotten a Covid-19 jab. Author John Scalzi takes a more nuanced view, at least distinguishing between the people who peddle the lie and those who merely buy it.
• A research group has discovered how they can own your locked-down computer in about 30 minutes with a few tools, but at least they also tell you how to lock it down better.
• Almost half of Amtrak's $66 billion cash infusion will go to making New York City more navigable. I want my HSR to Milwaukee, dammit!
• Sometime last week, a Russian capsule accidentally fired a thruster, sending the International Space Station into a 540-degree roll.

Finally, long-time police reporter Radley Balko exposes the lie that keeps innocent people in jail.

Via Bruce Schneier, researchers have developed software that can bamboozle facial-recognition software up to 60% of the time:

The work suggests that it’s possible to generate such ‘master keys’ for more than 40% of the population using only 9 faces synthesized by the StyleGAN Generative Adversarial Network (GAN), via three leading face recognition systems.

The paper is a collaboration between the Blavatnik School of Computer Science and the school of Electrical Engineering, both at Tel Aviv.

StyleGAN is initially used in this approach under a black box optimization method focusing (unsurprisingly) on high dimensional data, since it’s important to find the broadest and most generalized facial features that will satisfy an authentication system.

This process is then repeated iteratively to encompass identities that were not encoded in the initial pass. In varying test conditions, the researchers found that it was possible to obtain authentication for 40-60% with only nine generated images.

The paper contends that ‘face based authentication is extremely vulnerable, even if there is no information on the target identity’, and the researchers consider their initiative a valid approach to a security incursion methodology for facial recognition systems.

Hey, humans have evolved for 20,000 years or longer to recognize faces, and we make mistakes all the time. Maybe security software just needs more time?