Errata: Handwriting Style ID, Future Everything, Hersh is Nuts, Baltimore & Racism

The fantastic Social-Engineer.Org podcast had a fantastic recent episode on identifying people by way of their writing style on the internet. (audio at link)

On another security note, The Steptoe Cyberlaw Podcast recently had Bruce Schneier on the program. (audio)

A few great videos from FutureEverything 2015:
Warren Ellis on Haunted Machines
Haunted Machines panel with Ingrid Burrington, Joanne McNeil, Warren Ellis and Tobias Revell
Ellis’ closing talk, Some Bleak Circus.

The Guardian ran a great story on a Department of Energy worker who tried to sell a classified list of email addresses, tried to spear-phish DoE computers, and offered to spill the beans on highly classified projects for $100,000. (article)

Here’s a great Vox takedown of Seymour Hersh’s new book/LRB article about the killing of Osama Bin Laden. (article)

The New York Times on How Racism Doomed Baltimore. (article)

Mother Jones reports: Multimillionaire Carly Fiorina Took 4 Years to Pay Staffers From Her Last Campaign. (article)

Andrew W.K. in the Village Voice on depression – incredible piece of writing, and really important to read even if you don’t experience depression. Someone you love likely does and this may provide some perspective.

“Financial Data Security in the Age of Computer Hackers”

Spent three hours of my life watching a congressional hearing in front of the Financial Services Committee entitled “Protecting Consumers: Financial Data Security in the Age of Computer Hackers.”

I did this because I believe I am a fundamentally bad person and deserve to be punished.

But that aside, there were a few interesting points.

Former governor Tim Pawlenty, representing the Financial Services Roundtable (basically, a mouthpiece of the financial services industry), sat as the primary witness among others; also present were Laura Moy of the Open Technology Institute, retail rep Brian Dodge, payment processing rep Jason Oxman and credit card standards rep Stephen Orfei.

Pawlenty hadn’t finished his first sentence before using the word “cyberwarfare.” He also alluded to or directly referenced hackback doctrine several times.

You can probably guess that my sympathies lay with Moy much more than anyone else. She argued that federal legislation is needed but it shouldn’t preempt the states from adopting higher standards. To his credit, though, Pawlenty approached from a reasonable perspective: that at the very least we need a minimum federal standard on dealing with data breaches. The positions of the other three witnesses seemed a bit more complicated.

Several of them and especially Oxman and later Orfei highlighted point-to-point encryption and public/private information sharing as necessary steps in securing consumer data, which I found almost ironic as law enforcement argues against corporate end-to-end encryption (not the same as point-to-point, but the philosophy matters to me) and as the entire US government has been sending chilling message after chilling message to information security researchers.

Retail guy Brian Dodge felt like the more shameless presence of the day to me, arguing at various times that a (largely defanged) Federal Trade Commission should be the one to handle data breach rules; that Congress shouldn’t legislate on this at all; and that administrative agencies shouldn’t engage in rulemaking because “you can’t regulate your way to security.” Dodge also argued that the encryption retailers have adopted protects against breaches, which is utterly laughable..

Laura Moy argued for the ability of state attorneys general to take a more active role in protecting consumers, including enforcement of protections. She seemed to be the subject of a bit of implicit disrespect here and there. Rep. Poloquin (R-ME) asked a question of the whole panel and made a point of starting at Pawlenty and cutting the answers off before Moy got a chance to respond (this may have been in response to time constraints, but it didn’t seem so). She was also interrupted and talked over by Rep. Capuano (D-MA) while trying to answer his question. But she was an incredibly eloquent advocate for consumers, the only seriously strong consumer advocate of the witnesses.

Representative Garrett (R-NJ) decided to get a little too demonstrative about seventy minutes in by holding up and flipping around his Mastercard and Discover card for long enough that I’m pretty sure you could pull a clear image of the Discover card off a video replay. Rep. Huizenga (R-MI) was cognizant enough to recognize the mistake and joked a few minutes later that by that point Garrett’s card had likely already been compromised several times over.

Rep. Hill (I missed his state, but he was surely R) referenced identity theft in relation to tax returns and implied that it was an IRS issue – it’s not, of course. Those identities were lifted by poor security in private-sector tax preparation services such at TurboTax. Rep. Royce (R-CA) attempted to goad Pawlenty into attributing cyber attacks to Iran and Pawlenty wisely refused and instead referenced North Korea and Russia.

Just in terms of numbers at the end of the hearing I had the following tally on questions asked directly to particular witnesses:

Pawlenty – 16
Dodge – 8
Oxman – 8
Orfei – 3
Moy – 6

Doesn’t count questions asked of the entire panel or spontaneous responses. Guess I shouldn’t be surprised Pawlenty got much more time than anyone else and I do wish Moy had more time to speak.

Same old partisan song and dance, I suppose. But always worth checking in with The Hill.

North Korea Executes Defense Minister via Anti-Aircraft


This is fascinating to me not just by the ghoulish manner in which they carried out the execution (anti-aircraft gun on a firing range) but that one of my favorite podcasts, Arms Control Wonk, just had an episode that dealt in part with open-source intelligence analysts identifying what looked like an execution via anti-aircraft gun.

Don’t think they knew it was the North Korean defense chief…

In any case, if the topic interests you, give the link a click. It’s a great way to keep current with a lot of weapon nonproliferation/foreign policy and related topics.

What Today’s Verizon/AOL Headlines Should Say

“Verizon purchases three major online media sources, plans on restricting content”

So, breaking news alerts go straight to my phone starting at 7AM. This morning I awoke to an alert about Verizon buying America Online for four billion dollars. Thoroughly confused as to why Verizon would saddle itself with the liability of a few million dialup subscribers I turned over and went back to sleep.

After I rose I still found myself confused. Did Verizon need new bodies that badly?

Then Motherboard reminded me that AOL operates three of the biggest tech media sources on the internet: Huffington Post, Engadget and TechCrunch. Just seeing the headline I instantly recalled Verizon’s shameful attempt last year at starting its own “news site” with severe and thorough content restrictions – including a ban on topics involving net neutrality.

Last year’s attempt by Verizon was both transparent and insulting. They counted on the internet not seeing it for what it was. And they absolutely failed. SugarString quickly closed up shop.

This new end-run in order to own tech media filters is just as transparent and just as insulting. Given Verizon’s track record the idea that editorial independence could be preserved is laughable. And while I’ve never read HuffPo much (in fact I have a personal moratorium on HuffPo articles for a few reasons, including intrusive video autoplay and trackers) I’m now going to have to excise Engadget and TechCrunch from my RSS reader. With a rusty spoon. And cauterize the craters they leave to ensure there’s no secondary infection.

You’re not clever, Verizon.

Errata: Horrible Greenlight Game, Creator Economy, AI shenanigans, etc

Moving ‘Errata’ posts to a once-a-week thing, I think.

From gaygamer comes news about an incredibly horrible game allowed to find its way on gaming platform Steam’s “Greenlight” system. (article)

Paul Saffo’s SALT talk on the Creator Economy. (Video and audio at link)

Stephen Colbert has partnered with Share Fair Nation and ScanSource to fund every single teacher grant request in South Carolina. (article)

Motherboard on a new thought experiment: could a superintelligent AI freely manipulate humans interacting with it to its own ends? (article)

Also from Motherboard, a researcher has put together what looks to be a fairly comprehensive record of all arrests related to dark web market activity. (article)

Master combination locks have seemed pretty shoddy security for a long time, but a new exploit allows you to crack many combinations in eight tries or less. (article)

A great episode of the Lawfare podcast in which editor Ben White delivers a talk on “The Future of Violence.” (audio at link)

–This feels like a low-tech companion to the points about technology-centric existential threats that Bill Joy worries about. Going to have to pick up White’s new book, written with Gabriela Blum, ASAP. podcast episode with Deviant Ollam on his physical security shenanigans.

And via twitter, a Macedonian protester using a riot shield as a mirror to reapply her lipstick:


That Old Haruspex

Time was, a man or woman of vision would kill an animal for this.

Back across the Atlantic Ocean and the desert of time gone past, a person of vision would kill an animal for this. Usually livestock; cows, sheep, goats. Sometimes another person. That practitioner would bleed the victim or gut them and seek futures in the way their biological constituents spread across the ground.

The lifeblood crawling over the ground, some soaking in as sacrifice, held in it secrets accessible only through arcanity. It told of the coming harvest, the seasons, politics. Childbirth. War. Coagulated into an abstract reification of what was in the offing. Translated, of course, by a mad person.

We’ve moved into a time when this method of hematomancy is no longer acceptable. For good or ill.

You’ve likely guessed from the dirt under my fingernails and glint in my eye that I gravitate more towards “ill.”

We’ve abandoned divination (in all but that darkest corners) and fly blind as events speed up. Confident in our computer projections and blissfully ignoring the blood seeping across the floor from every circuit board, we proceed. Every phone poll centered around biased wording, every focus group engineered to support a specific result casts a stone to shatter the atemporal mirror set up to guide us.

The universe, having put effort into these systems, is unhappy at our direction.

New methods come into being. Perhaps under a more opaque sky but novelty increases as we go along. Novel divination is no exception.

That old haruspex, you know. That ancient bleeding or gutting to find a glimpse of coming Troubles. It’s alive and well. Sure, psychotics still use the old way from time to time. But we’ve new animals to bleed. Millions of them. More slowly.

Go to any Walmart parking lot. The closer the parking space the more concentrated the magic. Look down and find the oil spots. The pools. The aggregated ghosts of local futures.

Realize the futures are told in the blood of our vehicles, pack animals limping along and lubricating the visual disparity between this world and what it may be.

Political and consumer confidence polls are answered by the antiquated percentage of us who still have home phones. What better predictor than the near-corpses of our most precious, utilitarian possessions and the blood and guts they spit painfully upon arrival at our biggest, most predatory temple of consumption?

Gaze down at the lot, at the spot. Internalize the shape and scope of a single oil stain. Find every edge and turn, every predictive edge manipulated by scarred asphalt or the bounds of days to come. Trace the slowly fading marker that tells of many things, including the possible impending death of that car. Realize just how many spots share the same parking space. How many overlap and perhaps influence each other. Do intersecting spots affect each other or has a darkly blooded future reached back into its own desert to intervene, to teach, to warn?

Shift your perspective wider by comparing one space to another. See the overwhelming plethora of internal offerings left to provide a momentary vision. Glimpses peter out only as the laziness of the driver determines that the distance from the store is more important than the time spent hunting for a place to leave a slick, sad offering.

Our population grows more sedentary and the distribution of cars condenses. Obesity rises; no one wants to walk too far from the car to the store. Terence McKenna often said the future was building up like a logjam in a river. The impending future condenses and so do our visions, our divinations. Our oilspots compounding in concert one over the next.

Each Walmart is covered in once-shining beacons for us to integrate in ritual. Fucking covered. We bleed everywhere and refuse to peer through the window it opens.

If a security guard shows up to ask why you’re wandering about the lot, muttering and looking down, just say you’ve lost your keys.

Or gut him for old time’s sake.