selected quotes from Hal Berghel's Out-of-Band Columns in IEEE Computer
Equifax and the Latest Round of Identity Theft Roulette link
- The Equifax data breach has exposed nearly half of the US adult population to identity theft, but that’s not the real story.
- The Equifax breach reveals just how much companies are willing to irresponsibly gamble with our personal information.
- Equifax has managed to distinguish itself notoriously in many ways, starting with the sloppy oversight of the IT department that delayed patching the software in the first place.
Then Equifax outdid itself by creating an insecure, third-party complaint registration website that bungled the TLS certificate revocation check.
But the icing on the cake was Equifax's requirement that in order to sign up for their free one-year credit monitoring service—necessitated by a data breach resulting from their own incompetence—you had to agree to a forced arbitration clause, forfeiting your rights to sue the company for any harm you might suffer.
- CEO Smith blamed the patch failure on some unnamed individual in IT. He told Congress that “the breach occurred because of both human error
and technology failures,” but failed to mention the most likely culprit: poor corporate leadership, inconsistent managerial oversight, and a corporate culture that underemphasized the importance of computing security and risk management.
- The current wave of bipartisan polit
ical opportunism to discredit Equifax is bothersome—not that the company doesn’t deserve it, mind you, but that the ruling elite withheld their criticism until the data breach provided them with political cover. (Likewise, no one said anything about Bernie Madoff ’s Ponzi scheme until it became politically fashionable to bash him.)
The New Science Wars link
- "Science and scholarship are under attack from all sides. To a large degree the lack of appreciation is due to a fundamental misunderstanding
about the nature of scientific inquiry."
- "There was a time when people who misrepresented
facts would attract public ridicule, but those days seem to be gone forever. Society has apparently developed an
extreme tolerance for deceit, lies, misrepresentations, and sundry forms of flimflam and humbug from politicians, celebrities, commercial media personalities,
talk radio hosts, online provocateurs, groupthink-tank spokespersons, and other hucksters and misinformation mongers."
- "...criticism and misuse of
science and its methods aren’t new.
Over the past century, science has
been under continuous attack from
pacifists, religious fundamentalists,
postmodernist social scientists, and
cultural critics for a variety of inde
pendent reasons. But the phenomenon of politicians posing as scholars
is relatively new, and is as frightening
as having to sit through a Schoenberg
piano concerto with a hangover. "
- "...when a research objective has potential cultural
significance or symbolism, or possible
significance for social and economic
policy, partisan politicians and ideologues come out of the woodwork to
opine—usually ineloquently. "
Science isn't perfect. But although the development of scientific theories
might sometimes be messy, it's never messianic. "
- "Science is in the business of asking and
answering questions that are intellectually respectable. The criterion for respectability is always the favored fruit
of enlightened and prepared minds. "
Net Neutrality Reloaded link
Net neutrality relies on the principle of the dumb pipe wherein network providers provide equal access and pricing to all without regard to the content of the transmissions."
FCC Commissioner Pai offers a faith-based approach to net neutrality that would even make Adam Smith chortle.
It is an embarrassment that the country that invented the Internet has fallen so far behind Europe in protecting privacy rights of citizens"
- "How does net neutrality fit within today’s neoliberal politics? In short, it doesn’t!"
- "It was a mistake to view the 2015 Federal Communications Commission (FCC) pro–net neutrality ruling as definitive"
- "Simply put, treating customers equally is a suboptimal profit tactic for the broadband industry. "
- " How did a seemingly innocuous topic like net neutrality become such a divisive issue in the past decade? Three reasons
come to mind: the Internet community’s naiveté and arrogance, political disdain for privacy and free speech, and corporate interests’
dominant influence over Congress. The
latter two are, of course, intertwined. "
Russian Spearphishing and the 2016 US Presidential Election: Oh What a Tangled Web We Wove link
- "Did Russia engage in the spear-phishing attack and DNC Hack? I wouldn't put it past them. But all of the evidence has been classified by the U.S. intelligence agencies, so we really don't know for sure. "
The NSA claims that one target of the spear-phishing was a voting machine software developer who sells registration system software to hardware vendors of voting machines. Certainly this would be an important hack of voting systems – if voter's names are removed from voting registration records, they will lose their opportunity to vote. (Indeed this is exactly what has been done domestically for years by vote challengers, see below). "
This entire story camouflages the real issues! The important parts of this story remain under-reported, namely (1) the Russian interference in the 2016 U.S. election was far from noteworthy for the U.S. has continuously interfered in foreign elections for a century or more, (2) the effect of Russian interference with U.S. democratic elections pales in comparison to the effects of domestic efforts, and (3) these problems are exacerbated by the U.S.' absurd commitment to outdated and insecure voting policies, procedures and equipment. "
- " That the U.S. is the world leader in global election interference is well-documented, with Russia/former Soviet Union in a distant second place"
- "Our present experience with election interference is not new. It's only that the shoes have changed feet. "
- "The U.S. set the gold standard for interference in foreign elections, and it appears that the proverbial American exceptionalism chicken may have home to roost. "
...with the U.S. intelligence services hiding all relevant information under the protective banner of classified sources and methods (even though for the most part they aren't [BERG1]), the citizenry may never know any more about Russian interference than the controlling elite want to reveal or fabricate. "
There is a certain irony to Donald Trump's campaign rhetoric. If, as he claimed, the 2016 presidential election was rigged, the available evidence seems to suggest that it was rigged and in his favor. "
we do have conclusive evidence of manipulations of the 2016 election – but the documented manipulation had domestic rather than foreign sources. "
Judicial vetting amounts to a training exercise in obfuscation. "
Technologists have been particularly insensitive to the problems of network trolling and very few are seriously involved in its detection and debunking. "
What I'll call the Fake News Phenomenon holds that the effect of disclosing fake news will be directly related to the knowledge and open-mindedness of the recipient and will be wasted on the uninformed and tribalists. "
Whether it's China's 50 Cent Party, Russia's Olgino factory, Radio Free America/Radio Liberty, Radio Marti, or Donald Trump's tweets, it's all a primarily partisan, content-free misinformation sourced to control public opinion. "
Fake news, Internet trolling, alternative facts, and a healthy dose of BS are the weapons of choice for modern political picadors. "
Which Is More Dangerous—the Dark Web or the Deep State? link
- "the deep web and dark web are different by both design and purpose, and just coincidentally share Internet protocols. "
It goes without saying that criminal and deviant behavior are attracted to anonymizing services (and pool halls, crowded subways and phone boothsfor that matter).
Criminals will select technology opportunistically, and their use of it in most cases says nothing about the technology. Anonymizing services are not “bad faith” technologies. "
- "The association of the dark web with snuff films, necrophjilia, pornography, illegal drug sales, terrorism, assassins for hire, etc. is a typical scare tactic used by the centers of political power to delegitimize the service and the spirit of individual sovereignty that inspires it."
- " A “dark web” was a sexy topic, so investigating it was bound to attract press and gain notoriety for the agencies and politicians involved – clearly a plus – and Silk Road had no political clout. That's the formula for making any non-problem a high profile target. "
Silk Road set the stage for using anonymizers with cryptocurrency exchanges for online transactions. It was quickly followed by clones like Silk Road 2, Atlantis, Agora, etc. thereby introducing a new cat-and-mouse game for intelligence and law enforcement agencies to solidify their budgets."
It would be standard practice to use local network traffic analysis to inspect for the presence of traffic outside Tor server ports 9050/tcp (Tor SOCKS proxy) and 9051/tcp (Tor control port) to confirm that there was no anonymity-threatening IP traffic leaks. This is a rookie-level exercise for a seasoned network administrator. "
There is another possibility, however, that is worth considering: was the compromise of the Silk Road server infrastructure the result of parallel construction? "
What concerns me is that the government has a shady past in this regard and its behavior is less than confidence-inspiring. Truth continues to be victimized by the deep state. "
Anonymity threatens authoritarianism and its exercise of control. When big and powerful government types speak of the dark web, they put the emphasis on the dark. When technologists and civil libertarians speak of the dark web, the emphasis is on the free expression. The difference may be explained ideologically. "
recent events have shown that there's some reason to suspect that the dark web is in some ways less dangerous than visible web to democracy: Fake news, <alt>-facts, post-truths, mimetics, public deception, message distortion, rumor propagation, and similar social distortions are byproducts of the visible web! "
the deep state, because of its very invisibility and owing to its power base, is necessarily partisan and fickle as recent national security advisor Michael Flynn found out to his cost."
Alt-Facts and Post Truth in the "Fake News" Era link
- "The names and dates have changed, but the themes—xenophobia, aversion to multiculturalism, censorship, fear mongering, and witch hunts—are re - current ones in the American drama that tend to reinforce our national bipolarity. "
- "Fake news has been so overused as a political weapon that it has become a cliché."
Alt-facts and post-truths are in a slightly different category than fake news since they haven't yet been fully weaponized."
- "Alt-facts and post-truth proclamations are essential components of the pervasive politics of intolerant decree"
- "Alt-Post performatives are extra-logical: they exist beyond the realm of logic in a fantasy world known only to the speaker and his or her tribe. They're not hte product of reason but flights of fancy: they depict a possible world that would be convenient for the speaker (if it existed) because it would suppress any cognitive dissonance that might result from facint facts."
- "...although the [alt-post] narrative is substantially woven from the yarn of BS, there are threads of both truth and lies included in the blend to provide semantic elasticity.
Truth, lies, and BS all contribute differently to the fabric. The BS makes the fabric appealing to the tribe. Lies provide needed reinforcement when the fabric is stretched so thin that it's in danger of tearing. Truth in measured amounts provides sufficient grip to allow the tribe something to hold on to during political storms. All three must be present for alt-post proclamations to achieve the desired effect."
- "The overarching aim in alt-posting, is to get the audience to willingly suspend disbelief long enough to get a meme going."
- "Our challenge is to find online resources that can fill the gap. What's most needed is a fact-based management system for the Internet that overcomes ideological impedance mismatch."
On the Problem of Cyber-Attribution link
- "Attribution is one of those topics that few understand well, but everyone ought to study. It gets at the heart of human cognition—or, perhaps more accurately, what goes wrong with human cognitive processes. "
humans tend to be cognitive misers in that they search for the simplest explanation of events consistent with their disposition, biases, and world view.Nowhere has this been more evident than in the political Rumspringa of the current US president.
the public and media have yet to fully appreciate attribution theory and sibling psychological phenomena—a critical flaw in this era of “fake news.” Is a feature of human nature to bring cognitive biases to a description of, and inferences from, perceptions? Attitudes and judgments have these biases baked into them. Failing to appreciate this simple fact allows all sundry forms of popular nonsense to remain unchallenged. Such is the case with cyberattribution. "
- Attribution theory is relevant to cyberattribution.
It's commonly politically motivated. Anup Ghosh, CEO of Invincea, refers to this activity as a blame game.
Politicians and the power elite find it very convenient to engage in this blame game as they seek to discredit adversaries, avoid responsibility for insecure practices and inept leadership, influence politics and elections, and exploit attribution biases in support of cherished big government programs. In the words of singer-songwriter Bruce Hornsby, “That's just the way it is.” "
- "So whenever a politician, pundit, or executive tries to attribute something to one group or another, our first inclination should always be to look for signs of attribution bias, cognitive bias, cultural bias, cognitive dissonance, and so forth. Our first principle should be cui bono: What agendas are hidden? Whose interests are being represented or defended? What's the motivation behind the statement? Where are the incentives behind the leak or reportage? How many of the claims have been substantiated by independent investigators?"
Lies, Damn Lies, and Fake News link
recognizing an unwelcome phenomenon isn't the same as legitimizing it"
They say “post-truth”—as 2016's word of the year—captures the “ethos, mood or preoccupations of  to have lasting potential as a word of cultural significance.” 1 I emphatically disagree. I don't know what post truth did capture, but it didn't capture that. We need a phrase for the 2016 mood that's a better fit. I propose the term “gaudy facts,” for it emphasizes the garish and tawdry nature of the recent political dialog.
I think our new term best captures the ethos and mood of today's political delusionists. There is no ground truth data in sight, all claims are imaginary and unsupported without pretense of reality, and distortion is reality. This seems to fit our present experience well.
We need to forever banish the association of the word “truth” with “politics”—these two terms just don't play well with one another. "
we can't make light of problems arising from the almost-invisible line between political satire and fractious partisanship. But to claim that one person's satire is another person's conspiracy theory is far too simplistic."
To paraphrase the immortal bard, If anonymizing be the price of free speech, blog on .
fake news characterized by source: disclosed, anonymous, and bogus"
- " Legitimate journalists and scholars adjudge fake news as unworthy, unreliable, and tribalist. However, the people behind these stories regard them as a legitimate exercise of their First Amendment rights (it's unclear to what extent they believe what they post and publish)."
We'll call our proposed solution the Interactive Gaudy-Fact Crap-Detector (IGFCD)."
The Polyanna Delusion link
- "The Pollyanna Delusion holds that scholars tend to underappreciate the potential misuse of their scholarly work by partisan and special interests."
- "Imagine what the internet would look like if key decisions about innovation and design were left to politicians, lawyers, and business executives."
- "It is hard to imagine how a reasonable person could object to the new social contract [proposed in the One Internet report]. It's equally hard to imagine how anyone could impement it."
- "Well-intentioned aspirations become problematic when they feed sophistry."
- "The internet is as successful as it is because the policy makers, politicians, lawyers, business executives, and nontechnical folks were largely isolated from the major decisions."
- The "One Internet" report is just another example of serviceable theraputic rhetoric in service to special interests."
The Dictator's Dilemma link
- "[George] Schultz's principle holds that dicta- tors can't concurrently impose rigid censorship and expect their econ- omies to grow—they must choose between these alter- natives. Shultz's remark seems insightful, but on closer inspection proves to be provocatively without substance."
- " the dictator's dilemma used oversimplification to generate a primitive tribalist support for an ideology. Shultz's goal was to buttress support for anti-Soviet biases and agendas. As it turns out, the Soviet Union was in the final stages of economic implosion before Shultz became secretary of state. The axiom that poor understandings lead to even poorer policies is appropriate here."
- "We really need to get over the temptation to reduce everything to sound bites and catch phrases. It distracts us from issues of importance. Rather than investigating for themselves whether the dictator's dilemma even made sense, an entire generation of political pundits and media experts just accepted it as true. This herd mentality is responsible to a large extent for the global mistakes made by nations. "
- " The dictator's dilemma is a paradigmatic case of how unwise it is to be both overconfident and myopic in framing policy "
The Bogus Science Theorem (and the Junk Science Wager) link
- " Science, and scholarship generally, is characterized by intense and continuous change. It’s no place for wimps."
- "there’s a new generation
of bogus scientists who
emerged from the community of partisan apologists. This
group doesn’t buy into the established scientific rigor, and
its assertions generally aren’t tested through the tried and
true methods of observation and experimentation. In the
popular press, these apologists are sometimes called “deniers” for their gleeful propensity to reject putative facts."
- "This bogosity has its own particular institutional
framework: the modern think tank (the term think is
used loosely and for political rather than semantic effect).
These tanks are usually no more committed to advancing knowledge than graffiti taggers are to
advancing fine art, or advertisers are
to consumer advocacy. Their product
is a combination of polemic and recombinant
babble in service to paying
patrons with parochial agendas."
- "Such tanks exist only because patrons
found academia too uncooperative
to serve as their propaganda delivery
system (although this is changing)."
is a postmodern tournament
sport in which the uninspiring yet unexpired
flotsam and jetsam of partisan
politics record new scores and settle
- "scholarship weaponization dates back
at least to the Stalinist era of the Soviet
important to understand that Stalin’s
Lysenko research programs and the
modern partisan think-tank
are cut from the same ideological
cloth and used toward the same ends."
- "For reasons that must be left for
social scientists to explain, many
modern politicians who would have
are most welcoming of these
- "Some members
of our political class eagerly endorse
what they consider “patriotic science”
(read: consistent with political
opinion) in the same way that Stalin
- "...the counter-narrative
is bogus science’s
most significant contribution -- no evidence is ever adduced in
support of these yarns, but history has
taught us that truth isn’t a prerequisite
for an effective counter-narrative:
propaganda can stand on its own if the
echo is loud and the public compliant.."
what little legitimacy they have from
the claimed objectivity of their host
tanks, and this claim is eagerly reinforced
by sympathetic mass media
- "The final counter-narrative
Pejorative terms like
junk science, bad science, official science,
government science, liberal science,
commie science, and the like are
used to discredit research results that
run counter to the opinions of the established
- "If a counter-narrative
can associate a politically objectionable
scientific conclusion with an easily
remembered negative catchphrase,
the entire counter-narrative
- "Copernicus gave
Ptolemy’s geocentric “spindle of necessity” the
shaft when he came up with a new and improved
version of Aristarchus’s heliocentric model."
- "Copernicus knew that being
burned at the stake left one breathless
to speak truth to power."
- "The phases
of Venus became the geocentrist’s
flytrap: it could be said that the geocentric
system ultimately succumbed
to Venerian disease."
- "Thus cosmology’s evolution forms a
story arc driven by the quest for objective,
confirmable truths. The combination
of a historical narrative of a long
period of study by multiple scholars in
different places, together with an epistemology
that was understood to be
inherently fallible, is the foundation of
legitimate scientific inquiry."
- "Theorem: bogus science will have a
considerable funding advantage over
- "A corollary to this theorem is that
the bogus product will be easier to publish
than legitimate research because,
again, the skids are greased in favor
of sponsored bloviations that bypass
serious review and go directly to subsidized
outlets of the patrons themselves
or their captive think tanks,
foundations, or partners."
- "In the world
of idea promulgation, heavily underwritten
and sponsored propaganda
will always find an easier path to market
than respectable scholarship, in
the same way that advertising has an
advantage over journalism."
- "I’d be remiss without mention of
the related “Junk Science Wager,” which holds that for any significantly
large industry, if there is a scientific
hypothesis in conflict with increasing
corporate profits ..., there will always
be plenty of funds available for
bogus scientists to counter the hypothesis,
usually through the aggressive
use of counter-narratives."
- "Answers to questions such as: “Did
this message pass through peer-reviewed
channels, or is it the product
of a partisan think tank?” should be a
prerequisite before accepting as truth
any media coverage pretending to be
Net Neutrality or Net Neutering link
- "Regarding the recent FCC ruling upholding Net
neutrality, Yogi Berra said it best: “It ain’t over ’til
- "The US Federal Communications Commission (FCC)’
s 2015 ruling on Net neutrality really didn’t
clarify anything:1 although it prohibits ISPs from
preferentially allocating bandwidth, bandwidth
throttling, or differential pricing structures to their customers,
it remains to be seen whether this latest move
from the FCC will ultimately succeed."
- "Net neutrality complicates things
further because it involves both
and supply-side independence
from investor-based providers
and their associated business
- "Net neutrality is opposed by those who favor
corporate prerogatives, and supported by those
who hold an idealistic attachment to principles
like an open Internet or free speech"
is always value-neutral and thus
is no more liberating than a spoon is
- "...technologists fully understand
that the Internet (qua technology)
is no more likely to set people
free than rubbing a lamp will produce
a wish-granting genie."
- 'So the agenda-driven
ideologues continue to pander technopomorphism
at will to manipulate
public opinion. We need to get the
word out: the Google Doctrine is better
named the giggle doctrine—it’s good for
laughs, but that’s about all."
- "Flash forward to the Iranian Twitter
Revolution of 2009. As Morozov documents,
the bogus claims that no bullet
could stand up to billions of bits led to
media hysteria; the illiterati proclaiming
that tweets were game changers,
and Iran would undergo a revolution
as radical as that of 1979. Not so. The
power elite prevailed as it usually
money is behind Net neutering,
not Net neutrality."
- " Secretocracy is an insidious anti-democratic form of government sustained by secrecy. By preventing the electorate from accessing complete information, securocrats and the military–industrial complex feeding on them up satisfy their authoritarian addiction and prevent the electorate from making informed decisions. And so far, computing technology isn't helping us – it's making things worse. "
- " But whether we focus on the secrecy/censorship or secrecy/surveillance dualities, the message is clear: the National Security Act of 1947 opened a can of worms regarding civil liberties and Constitutional protections."
- "The most worrisome problem here is the quasireligious attachment to self-delusion and falsehoods, as the authoritarian-leaning among us attach fealty to opinions that then serve as the foundation of their values: facts are irrelevant to biases and agendas issued therefrom.”
- " The US government's record is well established: anyone who challenges the official government narrative on an important issue is subject to vilification, invasions of privacy, and surveillance from legal and extra-legal sources. Targets include academics, journalists, and elected officials with an independent streak. "
- " A common tactic for sustaining such necessary illusions as are sufficient to justify government overreach is the “elephant bane gambit.” In the hands of ideologues and agenda-followers, elephant bane becomes a perfect ruse. Here's how it works.
Suppose that we want to hang our political hat on the protection of Antarctica from elephants. We deploy the military to scatter elephant bane. We henceforth transform the observation that there are no " elephants in Antarctica into a defense of our program, a justification of the expense, and our sagacity for having come up with the idea in the first place. “Say what you will, since we started using elephant bane not one elephant has been spotted within 500 miles of the Ross Ice Shelf.”
- " EBG and its sibling rhetorical deceptions remain the life blood of the military-industrial complex and its apologists as they attempt to justify all things outrageous. "
- " To make matters worse, the popular press avoided serious investigation into the rationale of our foreign policy due to the demands of our delusional realpolitik. Moynihan, Kennan and others argued at the time that this lack of understanding about the Soviet state was only possible because of a preoccupation with collecting secret information to the exclusion of applying common sense to the realities of Soviet life. "
- " This is how government morality gets twisted. Government decisions based on secrecy are necessarily incomplete and suspect. The public would certainly recognize that resulting public policy would be flawed if they only had relevant data. "
- " The authoritarians and control freaks among us would have us stay focused on that time-tested preppie mantra: “before truth, the right fork.” Good government, it is implied, is not built upon circumspection, sound argument, and press freedom, but upon proper grooming and the correct choice of forks.
- " Perhaps the poster boy for government stealth is past Vice President Dick Cheney, who single-handedly bequeathed the Full Monty of stealth: his own personal security classification. "
- " But even when secrecy fails those who prefer life in the shadows, the government is still left with second-order tactics like withholding documents from the courts and Congress, perjured testimony, blaming the accusers, creating cover stories that would make Hollywood proud, scapegoating, using the resources of government and sympathetic media to vilify, and so forth. "
- " But even when secrecy fails those who prefer life in the shadows, the government is still left with second-order tactics like withholding documents from the courts and Congress, perjured testimony, blaming the accusers, creating cover stories that would make Hollywood proud, scapegoating, using the resources of government and sympathetic media to vilify, and so forth."
- "Secrecy is harmful to any government, but it is especially corrosive to putative democracies because it denies the electorate sufficient information to make informed judgment. It has become the false prophet of the disinformation age. "
Digital Politics 2016 link
- " I first wrote about digital politics 20 years ago. What little has changed has been for the worse. "
- " I held out hope that databases, indexing tools, and search engines might make politicians more accountable—because every congressional vote could be
cross-indexed by topic, theme, political party endorsement, outcome, and elected official.
Voting records would be available on demand in an easy-to-use form, making it possible to expose pork-barrel legislation, logrolling,
paired voting, and patronage appoint - ments for public inspection, thus eliminating the veil of anonymity that politicians had once been able to hide behind. "
I'm no neophyte. I've lived through Vietnam, Watergate, not one but two “October Surprises” (1968 and 1980), the Iran-Contra affair, two Iraq wars, an Afghanistan war, and sundry other US conflicts around the world. But just when I thought nothing could surprise me, the presidential elections of 2000 and 2004 came along. "
In the US, voter disenfranchise - ment has been with us in many forms since the republic's founding. The most direct form of disenfranchisement is voter suppression, either legally or illegally.
has historically been based on gender, race, and ethnicity—a product of the “bigoted populism” of the past. "
- " It's critical to understand that no one is opposed to
ensuring that those who vote are so en - titled. The contention surrounds the consequential effects ID laws have on voting suppression; specifically, voter ID laws tend to impose additional bar
riers that significantly, predictably, and negatively impact some constituencies more than others.
The effects of voter ID laws are subtle because they involve secondary effects: voter ID laws are indirect means to achieve otherwise illegal covert objectives. "
The concept of “one person, one vote” means nothing unless the votes are counted and reported. "
- " Nonpartisan scholarship seems to support two claims: individual vot - ing fraud is a rarity in modern times, and voter ID laws disadvantage identifiable subclasses of the electorate"
- " By focusing on in-person voter impersonation fraud rather than the much broader and more prevalent election fraud, courts fail to deal with the fact that partisan voter suppression is just de facto election fraud."
the most important voter disenfranchisement for last: vote dilution through gerrymandering, ap - portionment, and at-large elections."
What Price Gonzo Ethics link
- " The American Psychology Association (APA) is currently taking a lot of abuse for what appears to be egregious violations of professional ethics. Perhaps this is a good time for all professional societies to look again at their Codes of Ethics. "
- "John Yoo and Robert Delahunty articulated the position that the International Court of Justice's interpretation of the Geneva Convention's is too expansive, and that the mere accusation by the Bush administration that an individual is a terrorist automatically precludes qualification for “elementary considerations of humanity” referenced under common Article 3 of the Geneva Conventions. "
At the time, the CIA and DoD were already using “Counter Resistance Strategies” (a euphemism for torture - that was reverse-engineered from the Navy SERE training manual [RISEN], which was in turn indebted to Nazi Gestapo techniques dating back to the 1930s and 1940s "
- " Administration officials found inadequate protective cover from the still-secret memos. The solution was to attract compliant (read: unquestioning) oversight from credible sources outside the administration and to leverage that faux oversight into a cover story: the APA says that what we do is not torture, and we stand by their opinion. "
- " The APA scandal is a noteworthy example of how Codes of Ethics may be easily subverted if the parent organization can be made compliant to the will of the authoritarian elite. "
- " The APA scandal is a noteworthy example of how Codes of Ethics may be easily subverted if the parent organization can be made compliant to the will of the authoritarian elite. But in this case it eventually backfired as the Hoffman report provided sufficient embarrassment to incentivize the APA to clean house."
- " The ACM Code of Ethics probably did not anticipate a world in which sovereign states could be in a permanent state of digital aggression against its citizens. It is worthwhile asking the question of where the balance is between our responsibilities under NDAs, oaths, clearances, etc. on the one hand, and our moral responsibilities on the other."
Given the complexity of today's internetworked computing infrastructure this must necessarily be shared responsibilities: between those who commission the activity, those who produce the computational artifacts, and those who deploy it. At each stage the question of legality and morality, especially in terms of potential negative externalities, must be addressed. Both “dissipation of responsibility” and “diffusion of responsibility” are relevant to this issue."
The gist of Brenner's claim is that both Helms and Clapper were “honor bound” to lie to Congress because their oath to their agency is of a higher order. This line of argument, no matter how offensive it is, must be taken seriously because of its prevalence among the controlling elite. Of course there is only one oath recognized in the Constitution, and that is to the Constitution and the nation. Any argument that the Constitution is trumped by an agreement you make with your employer is ungrounded in the law, self-serving, and indefensible. "
Lying is a real credibility-strainer. No question about that. Gonzo moralists need to learn to live with it as they practice their own brand of “Milgram Testimony.” "
- " I bring up this issue to illustrate that not only do Codes of Ethics and oaths sometimes work at cross purposes, but so do oaths, rules, NDAs, security clearances, etc. within themselves. If a whistleblower clause in a code is to have any meaning at all, it must work within and help define the limitations of hiding behind legal covers by appeal to oaths, NDAs and the like. If we are to deny this fundamental equipotence, we might just as well strike the clause and include lying under oath in job descriptions. "
The Dystory of "Ahmed's Clock link
- "this story then went viral on social and mass media, ideologues took sides, and some noteworthy sub-cerebral venting was proffered in lieu of any semblance of intelligent discussion. "
- "It is noteworthy that two legitimate scholars weighted in. Evolutionary biologist Richard Dawkins) speculated that the event was a hoax, and cybersecurity expert Bruce Schneier said “We simply have to stop terrorizing ourselves. We just look stupid when we do it.” . Let's hear it for the scholars!"
- "We need a new word for the practice of manufacturing stories to further partisan interests and agendas. I humbly offer this modest addition to our working vocabulary: dystory =df a fabrication unworthy of dissemination that purports to be based on real events while actually based on falsehoods, deceptions, misrepresentations, and misinterpretations to conceal the intent, to mislead, or to manipulate an unwary audience. Unlike tales and fables, dystories are intentional distortions, misstatements and perversions used by ideologues, zealots, and political partisans to create a serviceable narrative that appears to confirm preconceived cognitive biases and distortions. Dystories are usually camouflaged by the thinnest veneers of truth. Dystoria is the lowest form within the genre of storytelling also referred to as epic nonsense. "
- " The Ahmad's clock dystory illustrates the ease with which non-stories can be manufactured into culpatory evidence in support of ideological causes. In this way the ideological compost is mixed into a narrative brew that is at best tangential to an actual event."
- "It is a characteristic of successful dystoria is that it be amplifiable by fear-based media because of its (a) relevance to sensitive social or political issues, (b) non-threatening nature to media interests or controlling elites, and (c) thematically “marketable” because it is simple, evocative, emotive, violent, and/or frightening, (d) is divisive and polarizing, (e) creates at least enough public reaction to draw attention to the media venue and please its patrons, and most important (f) appears to address a worrisome albeit non-existent problem. "
The “sky is falling” ideologues could only use this story if it serves their xenophobic and fear-mongering interests. Toward that end, this “invention” can't be thought of as what it is. It must be thought of as “half-a-bomb.”
- " A very common tactic of ideologically charging an otherwise neutral technology is to simply relabel it. That's how this harmless device fit into the right wing narrative in Ahmed's case when it allegorically transmuted itself into a half-bomb. Wave the magic ideological wand and an alarm clock becomes a detached potential WMD. "
- " Here's a real shocker for Ahmed's clock dystorians: 14-year olds are not above self-promotion, hyperbole, boasting, and drawing attention to themselves! It's all about building a teenage brand. And cannot be expected to read the Texas Penal Code before they come to school"
- "In this way a Micronta alarm clock became weaponized in the minds of ideologues. The segue from “wake-up” to “blow-up” went largely unnoticed because of the mass audience's immense tolerance for deception. "
With a little verbal sleight-of-hand virtually any digital circuit can “look like” a bomb timer to the unfamiliar. So, for that matter, can all analog circuits, mechanical chronometers and watches, toasters, camera movements, hour glasses, record players, electric motors, computers, video games, cd and dvd players, home alarm systems, door bells, cell phones, and virtually everything connected to the Internet given the right blend of deception and persuasion. On this account every engineering and manufacturing facility in the world is a potential “half-bomb” lab, and every smart phone user is a potential terrorist. This nonsense should have been exposed for what it was. "
The eager alarmists had fellow travelers in absurdity. The “this is one more instance of cultural xenophobia” camp is equally to blame for both their technical ignorance and the rush to judgment. Where the fear mongers found a potential WMD in the disemboweled Micronta, the anti-xenophobes gladly found inspiring innovation, creativity and life lessons. This is a case where life imitates fiction – really bad fiction. "
- " Two groups actually had the expertise to contribute something of value to the Ahmed clock dystory, both of which were ignored by mainstream media: developmental psychologists and computer scientists and engineers. "
For their part, computer scientists and engineers would have pointed out the obvious: this is a dismantled digital clock, and interpreting it as a “detached, potential, bomb making component” is a literary, artistic or ideological interpretation and not a scientific one, and not based on fact. Had either of these two groups been given a voice by the mass media the entire absurdity would have been seen as a non-event! In their absence, a non-story degenerated into a culture war "
- " What are the employment qualifications for teachers in Irving, TX? Even if we concede to them a lack of curiosity sufficient to disassemble a digital appliance, a modicum of common sense would have gone a long way. The claim is that the circuit board looked like a timer is more than just a hasty conclusion, it's an assault on common sense. And where were the industrial arts teachers? Or, if necessary, they could have asked the maintenance crew. Any one of them should have been able to sort things out without over reacting. Can it be that not one adult in a position of authority in this school could identify the clock circuit? If that's true, we need to scrap the common core and focus on common sense. "
- " This entire incident was a non-event that was fabricated by ideologues from falsehoods, misrepresentations and ignorance so that a 14-year old would serve as a fulcrum to leverage their political agenda. All involved are blameworthy. And so is the mass media for contributing to the hysteria. Exposing this fraud did not require a Tom Paine or Sam Adams fervor, nor a spine-straightening defense of truth-to-power, but just a modicum of common sense and an unwillingness to participate in rule-by-absurdity. "
Legislating Technology (Badly) link
- "It is characteristic of willfully uninformed politicians to look for quick fixes when common sense dictates otherwise. Nowhere is this more evident than their legislation of technology and innovation."
- "Not all criminals are opposed to kill switches on mobile devices: major crime lords and terrorists could actually benefit from them."
- "The naïve view of kill switch legislation ignores the interests of the hacker, criminal and terrorist communities "
- "From the point of view of software epidemiology, the technology (code) that allows data wiping shares DNA with the technology (code) that would be used to steal the data."
- "...the FBI proposal would overturn best practices like forward secrecy, make the systems more complicated than they need to be, and invite all manner of criminals, terrorists, and nation-state aggressors to find and exploit loopholes. That's top-drawer policy!"
- "...amidst these conflicting motives, bureaucratic hubris, and ideological hyperbole Congress pushes on with their attempt to draft the perfect piece of legislation enabled by the enthusiasm of special interests."
- " ...big-and-powerful government responses may appeal to authoritarians, but they'll be ineffective.
The people who do these things are deranged and need psychological help not a scholarship to crime school. "
- " the possibility of resulting injury would diminish if law enforcement would take a swerve around responding to 911 calls like Normandy invasions."
- " Without any question the primary cause of swatting and other 911 vulnerabilities is an immature approach to infrastructure security, and for that the blame lies squarely with the telecoms, service providers and public service agencies."
- " Big government thinks of solutions to technical problems in terms of retribution after the fact, rather than solving problems at the source. Dwelling on punishment of offenders is misguided, wasteful, and counter-productive."
- " If legislators really want to accomplish something, they would be well-advised to decertify security-anemic 911 systems."
- " The legislative news is not all bad....
states have begun to entertain legislation relating to the interception of cell phone communication like IMSI catching"
- " A second example of legislation that is right-headed deals with mobile-related location privacy"
STEM Crazy (September, 2015) link
- "There’s no evidence to support either
thesis that there’s a STEM crisis
in education or the workforce."
- "The mythical STEM crisis needs to be exposed for what it is—an attempt by special interests to attract federal funding or cheap labor via H-1B visas on the pretense that there’s a national emergency."
- "The question of whether the STEM crisis is another
example of an illogical argument being used to
justify a questionable proposition that serves special interests
is never considered."
- "there’s no empirical evidence to
support the thesis that either there is
a lack of STEM college graduates or a
shortage of candidates with STEM expertise
in the workforce. We need to
wrap our heads around that fact."
- "There’s a close parallel between
the manufactured STEM crisis and
the manufactured Red Scare: both are
rooted in political motivations and
derive support from special interests
seeking to benefit from them."
- "The technology
industry’s scare tactics are less
about growing the skills of the workforce
than they are about improving
its own bottom line."
- "powerful forces—business interests
at work, keeping
the “scare” in the public eye for purposes
of labor arbitraging. Without
this selfish and narrow-minded interest,
it’s hard to otherwise account
for the huge support and vigor behind
the movement to flood the STEM labor
market with H-1B visa holders."
- "lack of evidence
doesn’t diminish the ideological
fervor. So, as we might predict, academic,
government, and business interests
must also weigh in—if not with
scholarship, then with hand waving
- "the argument goes something like
this: 1) there are too few STEM graduates
to satisfy the demands of business;
2) it’s prima facie obvious that we
should support policies that satisfy the
demands of business (the neoliberal
creed); 3) therefore, we need to add
more STEM graduates. But the first premise is false; thus the argument is unsound."
- "It’s incumbent on all scientists
and engineers to get informed about
the motivation behind this so-called
crisis. By some estimates, the federal
government has spent $40 billion thus
far on STEM education programs and
activities without having established
any evidence of need. Federal programs
are essentially zero-sum, so the
operative question here shouldn’t be
whether the $40 billion provided anything
of value, but whether the money
could have been more effectively used
elsewhere for greater public benefit."
- "If one
takes the time to look, scholarship favors
the thesis that the STEM crisis is a
- "Why would an academic organization
spin the facts? The answer can
be found by following the money. By following
the money, we can see that this is just
another example of special interests
attempting wealth redistribution for
the benefit of corporate interests; it’s
short-sighted capitalism at its best."
- "Quality scholarship, as such and
in general, is easily spotted by certain
characteristics: virtually unlimited
curiosity, minimal reliance on intuition,
the quality of its references,
objectivity, the commitment to truth,
and an aversion to polemic. The challenge
for STEM crisis believers is how
to build support for their claims on
the basis of such scholarship, rather
than on polemic and propaganda. Remember
that absence of evidence is
TSA: Mission Creep Meets Waste (August, 2015) link
- "The acronym TSA could just as well stand for “tactics to suppress accountability.” It is an object lesson in the misuse of technology toward ill-defined ends."
- " Mass media seems to regularly feed on the checkered past of the Transportation Security Administration, and for good reason."
After years of bad press, the TSA abandoned the scanners because—hold on to your seats for this one—they didn't work "
- " In just the span of two weeks in early June, 2015 DHS went from imbalanced defense to full-court offense: it silenced the media and Congress by announcing a faux investigation, while aggressively pursuing the whistleblowers who let the public know about the misdeeds thereby sending a very clear signal to TSA agents who might be inclined to talk to reporters or congress."
- " It is axiomatic in government that the way to make an ineffective program work better is to make it larger."
- " DHS didn't start by seeking to justify SPOT as a good idea, and then failed to seriously study whether anything useful resulted. That's what bureaucrats and government contractors call a home run."
- " Faith-based programs like TSA, FEMA, SDI, Fusion Centers, Northcom, etc. must operate without oversight because oversight would expose that they don't work as intended. That is the prime motivation for the over-classification of the programs and the paperwork they generate."
A Farewell to Air Gaps, Part II (July, 2015) link
- "Air Gaps have never been an effective deterrent to a determined state-sponsored aggressor. We haven't learned that lesson, but we have learned a few other things from the Farewell incident and Stuxnet."
- "“Offense-in-Depth” was the reason for Stuxnet's success. Burning five quasi-zero-day injectors would have been considered overkill by all but major state-sponsors."
- " The first lesson learned follows from both the Trans-Siberian Pipeline and Stuxnet examples was that air gaps are relatively useless as a defensive layer to the determined state-sponsored adversary/"
Air gaps stand to cyber-defense as chain link fences stand to physical security – they only discourage nuisance attacks."
It's as if Flame, Duqu and Stuxnet were taken from the Marsh Report playbook, in order, and ten years later. Ironically, the Marsh Report says that cyber warfare “presents significantly new challenges for the intelligence community in identifying and assessing threats to the United States.” (p. 19) Olympic Games clearly shows that a byproduct of this work is “introducing new threats to the United States,” for the Flame and Tilded code bases are at this point in time accessible to every digital miscreant and weaponeer. "
Third, the long-term implication of Stuxnet on industrial controllers is serious and far-reaching. ICs are general purpose, which means that the exploit potential of the Stuxnet family of malware extends to virtually the entire global infrastructure: transportation, energy, water supply, emergency services, etc. At bottom, the collective vulnerability is due to the fact that industrial controllers were manufactured with virtually no concern for security....
Let me emphasize that the problem isn't that these critical infrastructures were built around a weak security model – they were built around no security model. "
- " As things now stand, proper discussion of IC insecurities must necessarily include infrastructure eschatology."
Operation Olympic Games unmistakably and recklessly pushes the world toward cyber-weapons proliferation. Nuclear weapons did the same thing in the 1940s and 1950s. However, the parallel between these two eras quickly breaks down. For one thing, the concept of mutually-assured destruction doesn't apply without attribution – that is, retaliation-in-kind only makes sense if one has the “retaliatee” in mind. "
Contemporaneous to Stuxnet was the burgeoning gray market in cyber-weapons. Due to a robust, clandestine brokerage industry, every cyber-mercenary, terrorist and cyber-criminal in the know - not to mention government contractors and nation states – have access to current cyber-weaponry, including zero-days. This is one of the most intoxicating aspects of the Olympic Games. "
this malware is purchased with the full understanding that they will not be reported to the software vendors who might patch their products to protect the public. Since the value of this malware to the aggressor is directly proportional to its uniqueness, novelty, effectiveness, and stealth, there is little value to nation-states and state-sponsors, not to mention major cyber-criminal gangs, for “used” malware."
- " Perhaps the most important consequence of these activities has nothing to do with the activities themselves but rather the partisan and biased coverage of the stories by the mass media.....
The major story in my view is not the prosecutions or lack thereof, but rather the selective and biased enforcement of laws depending on multiple standards. For a good defense these days, it's not enough to lawyer-up, you also have to lobby-up."
It seems very clear to me that the 1917 Espionage Act is not being used to protect national security but rather to intimidate iconoclasts and contrarians into silence. I'll call this “message prosecution” – the point is to circumvent the Supreme Court's ban on prior restraint (aka “censorship) by sending a clear signal to everyone who might speak out against wrongdoing to “shut up or else.” "
Until such time that a public interest defense is allowed under the 1917 Espionage Act by the courts (don't hold your breath on that one), I recommend that Congress amend the Espionage Act to include a clause faithful to the late Nebraska Sen. George Norris' platform on hypocrisy reduction in government: “This Act specifically exempts any person considered a political crony by the Executive Branch, or any person who leaks classified information on behalf of said Executive Branch for political advantage,” thereby bringing the Act into accordance with actual practice. "
- " I note that absent public policy discussion or Congressional oversight sufficient to deflate any criticism of false dilemma, the claim that Stuxnet was the least objectionable alternative (forget optimal) to anything exposes the claimant to ridicule. The public may never be able to debate, much less discover, the real motives behind Stuxnet. Such is life in the world of dark governments."
A Farewell to Air Gaps, Part I (June, 2015) link
- "One of the most fundamentally misguided ways to protect a networked infrastructure is to introduce an air gap. The US has been mastering the art of crossing them for more than 30 years."
- "The Stuxnet archaeology produced sufficient digital artifacts from which several conclusions can be drawn. First, it actually shares some of the architecture and codebase with the remote-access Trojan and information
stealer, W32.Duqu,and the espionage hack, Flame."
- " Stuxnet's .LNK injector took advantage of a design flaw in IconHandler within the Windows Shell that incorrectly parses .LNK files. IconHandler allowed the execution of the executable linked to the icon instead of just displaying the icon on USB devices."
- " For a politician, the allure of Stuxnet-style cyber-kinetic attacks is that they don't immediately put American lives at risk. As such, Operation Olympic Games can be thought of as a tactical sibling to the current US drone war, the ideological ancestry of which dates back to Eisenhower-era covert CIA operations in the Middle East (Operation Ajax) and Central America (Operation PBSUCCESS)."
...v0.5 used four command-and-control servers to up - date the code, all of which claimed to be from a nonexistent advertising agency, Media Suffix, whose tag line, “Deliver What the Mind Can Dream,” is an apt mantra for what I'll call post - modern, neoconservative, mal ware epistemology. "
- "Not only did Stuxnet set a new standard for hacking into industrial control systems, it upped the ante in the global cyber-arms race."
- "The Trans-Siberian Pipeline hack and Stuxnet attack on Natanz demonstrate that air gaps have been ineffective for well over 30 years. The air gap joins security-through- obscurity as classic examples of faith- based security—a strategy for protec - tion that's based on faith alone. "
What Makes a Good Column (May, 2015) link
- "columns aren’t investigative journalism—though they can serve as its handmaidens by calling attention to key issues in the authoritative works of others."
- "A column should be a vehicle for thoughtful, well-reasoned, and verifiable arguments while serving as a conduit to ground-truth data from scholars, journalists, and other domain experts."
- "Columnists shouldn’t be propagandists.
Propaganda is one of the more brutish and unsophisticated (but nonetheless effective) components of what media scholars like Neil Postman call “media ecology” "
- "With increasing regularity, media outlets in service to special interests seek to keep important issues buried."
- " Interlocking networks of media outlets, think-tanks (in most cases, meme tanks), ideological foundations, tax-exempt groups, front groups, training institutes, pseudo scholars, lobbyists, and political action committees already advance the objectives of special interests. "
- " Columns should keep important issues alive. The mass media miasma already discourages any discussion that might be considered an irritant to the stakeholders.
With increasing regularity, media outlets in service to special interests seek to keep important issues buried."
Columnists shouldn't be polemicists, but they also shouldn't shy away from speaking truth to power. They enable the counter-narrative to flourish and the disinfection of mass media–induced putrefaction. "
orthogonal input is the best source for deflection points on the otherwise basically linear evolution of ideas. Columns can cross this “Wallace line” of truth by breaking through shrouds of anti-science and Lysenkoism..."
- "...demagogues and political hard liners who might be content to be driven by base emotions such as fear, anger, jealousy, revenge, and so on, aren't going to let fact interfere with opinion."
- "Columns should be an abduction engine in the logician's sense of delivering the best explanation of the events of interest."
- "a good column should make the mind smile"
Borderline Executive Disorder (April, 2015) link
- "There's only one kind of research mission these days: that which includes funding for overhead. "
When “spinfluencing” infects the entire leadership team and the media, it's called “spinfluenza.” "
- "It’s time to peek behind the curtain and face the frightful reality that many modern executives are evolutionary dead ends."
- "Previously, a campus administration building's inhabi - tants were scholars drawn from rank and file faculty, each serving as executive pro tem out of a sense of obligation to the institution ( érudit oblige ?). There was no permanent administrative culture in those days. Today, the administration building has become a repository of the flotsam and jetsam of academic life. "
- "Never one to avoid resurrecting dead or dying ideas, I offer you an educa - tional paradigm designed to challenge students to use their heads for more than a hat rack—the “ More Than a Hat Rack” core, or MaTaHaRi core."
- " If all we need is skilled labor, then all we need in an executive is a cus - tomer relationship manager who specializes in connecting clients (read: students) with stakeholders (read: employers) by means of a revenue stream (federally funded student loans that have the added benefit of ensuring permanent indebtedness of the borrower). Scholarship goes to the back of, if not under, the bus."
Dependence on external fund - ing has made the academy a centerpiece of the emerging military– industrial– surveillance–political–media– prison–Wall Street–banking–energy– healthcare– academic–think tank–corporatist– homeland security– complex. "
- "A quick review of history reveals that Bayh- Dole is a mixed bag. It certainly changed academic incentives, but at what cost? "
- "Let's be clear that the fault in such arrangements lies not with the ideologues who seek to proselytize via the academy, but with the university administrators who go along with it. "
In the context of administration, “academic” should be taken in an accounting sense, that is, “associated with entities that qualify as educational institutions under 501(c)(3) of the Internal Revenue Service code.” It's a mistake of the first order to confuse this sense of “academic” with anything resembling scholarship — academic administration is akin to military intelligence in this regard. "
Noirware (March, 2015) link
- "I have drawn an orthogonal distinction between a posteriori
bad ideas (those that, in practice, just didn’t realize
expectations) and a priori bad ideas (those that could or
should have been identified as wearing a cloak of dopey
by a competent knowledge-domain expert before any
work had begun)."
- "Not everything we can do is worth
doing. The use of RFID in security-challenging applications is really
a poster child for this kind of a priori misguided technology."
- "Using RFID for keyless entry and
pass cards are examples of technology
absurdism: technology development
that either ignores, fails to appreciate,
or underrepresents obvious negative
- "It’s incumbent on all of
us to remember that many, if not most,
of the worst technological ideas were
identifiable as such a priori. In the
hands of bad leadership, technological
absurdism drifts toward technology
nihilism that in turn drives subprime
innovation of limited or ephemeral
- "I’ll use the term noirware to
mean any technology that limits or
neutralizes those unadvertised or unintended
uses of a product that are inconsistent
with the user’s expectations
of security and privacy."
fact that cellphones could be used as “roving bugs” or PII repositories by law
enforcement, the surveillance state,
common carriers, cyber-weapon mercenaries,
and hackers is one of those “added features” that vendors, carriers,
government agencies, and nongovernment
organizations (NGOs) try
- "Let’s insist that potential technology abuse
be included in the calculated velocity
of all innovation."
- "Failure porn and the hazardous technologies
discussed above exist within
interrelated dystopic frameworks,
both of which follow from a culture
of unreflective, feckless design; irresponsible
development; and churlish
Cyber Chutzpah: The Sony Hack and the Celebration of Hyperbole (February, 2015) link
- "There’s nothing about the recent Sony hack that withstands close scrutiny. The story began as bunk, took a spin around blather and hooey, and then seems to have come to rest on drivel."
- "This is hyperbole and drama befitting a Mickey Spillane novel—the Sony hack is not in the upper echelon of cyberattacks! It's not even in the second or third tiers. As a matter of fact, apart from the embarrassing executive emails that were leaked, it's not even very interesting."
- "For something to qualify as vicious and malicious, an action must have consequences that are savage, brutish. violent, or fatal. Detestable and spiteful conduct usually won't qualify. Attacks against sovereign nations? Yes. Hacks of corporate computer networks? Not so much. The Sony hack is closer to MafiaBoy, the Google Gmail hack, the Solar Sunrise hack, and Albert Gonzalez's compromise of T.J. Maxx and Heartland Payment Systems than it is to the Siberian and Stuxnet examples. It's just another installment in the never-ending evolution of digital crime."
- “[FBI Director James]Comey now says that the hackers in the attack failed on multiple occasions to use the proxy servers that bounce their Internet connection through an obfuscating com - puter somewhere else in the world, re - vealing IP addresses that tied them to North Koreans.” Really? Are we to believe that hackers with the full financial and military backing of the North Korean government—the same government that has resources enough for a missile program —doesn't have sufficient resources to hire competent hackers who know how to spoof IP addresses and use proxy servers? ....
If this is true, Kim Jong-un is get - ting ripped off by his cybermercenaries."
- "Accusing attribution during an ongoing investigation is like painting falling leaves: the results are sloppy and unlikely to have enduring value."
- "Some of you are old enough to remem - ber the first principle of email propri - ety: don't include things in email that you're not willing to post on your office door. Apparently, some of Sony's ill-mannered executives never embraced this refrain."
- "Someone hacked Sony. At this point, the finger-pointing and narrative is dominated by agendists who seek to create a usable history for themselves and their patrons.... the incomplete and unreliable evidence that's being offered amounts to little more than smoke and mirrors. The Sony hack story has all the substance and veracity of Nessie and Sasquatch sightings."
Hal Berghel: The Paperless Gamble, Out of Band, IEEE Computer, January, 2015 link
- “I envision the ultimate extension of future digital publishing to be an interwoven fabric of thought threads rather than a slowly expanding repository of static documents-cum-metadata—the latter being subsumed under what we now call digital libraries.”
- “ As things stand, content continues to be controlled exclusively by the content provider. The information consumer is passive as far as the creation of the artifact is concerned. Even if information retrieval is nonlinear (as with hyperlinks), the traversal remains prescriptive.”
- “ As great as DLs and online publications are, they don't satisfy our criteria of being information-rich communications vehicles sharable within affinity groups.”
Why Clouds Give Me a Case of the Vapors (November, 2014) link
- "According to Apple, “ ... certain celebrity accounts were compromised by a very targeted attack on user names,passwords, and security questions." I’ve got another
heads-up for you iPhone users — Siri talks about you behind your back. I’m just sayin’."
- "I know that in my personal life I build trusted relationships one tax-avoiding, jurisdiction-shopping multinational corporation at a time. Show me a company that engages in labor arbitraging and offshore production in third-world countries that pay starvation wages, avoids taxes through shadow companies in Ireland (Apple Operations International), and that that reap real profits from the United States only to pay virtual taxes in invisible jurisdictions (what the New York Times calls the ‘Double Irish with a Dutch Sandwich') and I'll show you a company that deserves my full faith and confidence. "
- "The “cloud” became the metaphor for the Internet. “Sump” might have been a better choice."
- "My hunch is that like university athletic programs, cloud services are only economical when the cost of ownership is calculated to exclude negative externalities, moral hazards and off-the-books expenses."
- "...there is considerable overlap between the cloud providers and the NSA company “partners” identified in the Snowden PRISM slides...
The question you have to ask yourself is just how confidence inspiring is this corporate behavior?"
- "...all cloud storage operated by companies based in the U.S. are subject to U.S. laws, specifically including the Patriot Act and its equally Constitutionally-unfriendly descendants. While access to email usually requires a warrant, this may not be the case with cloud storage. You may be well-advised to create a new position in your organization for a ‘cloud lawyer' to interpret Title 18 language for you. And the time to do that is before you consider cloud service. "
- "So there you have it. My cloudtopsy reveals the four humors of clouds: early mortality, lack of constitutional safeguards in the U.S., possible ISP leakage and snooping, and VPNs that we can't trust. Think of these as the toxic biles, phlegms, and bad bloods of modern cloud computing! And as with the medical humorism of old, when data concentration is the rule, any deficiency in any of these humors will produce a bad case of the network computing vapors. I'm confident that Hippocrates would be pleased with my analysis. "
Defending Against Big Dada (October, 2014) link
- “I failed to anticipate that the Web would become a convenient weapon of mass deception. As the toxicity of the Web increased, it became obvious that sophisticated navigation alone won't solve the problem of information overburden, and that defensive browsers were needed. By the mid-1990's the information content of large parts of cyberspace rivaled that of air dancers and lava lamps.”
- “It is difficult to get through a campaign speech, talk show, or political commentary without being assaulted by such sonorous wafts of fallacious reasoning as to offend a refined intellect.”
- “As Neil Postman remarked in his 1969 paper “…there is nothing more important for kids to learn [than] how to identify fake communication.” But here we are a half-century hater and the population as a whole is no better prepared to deal with infopollution. In fact, we computing professionals have unwittingly made infopollution much worse by advancing storage network storage capacity and bandwidth without a corresponding advance in filtering capability. We've turned big data into big dada.”
- “Politicians and mainstream media outlets are active proselytizers – they aggressively put forth and recruit support for political or corporate agendas. Free and open discussion is not the goal. Rather it is to take advantage of what Aldous Huxley referred to as humankind's infinite capacity for distraction from the important issues of life. Failure to appreciate this simple fact has produced a mind-numbing array of sub-cerebral media broadcasts - a phenomenon memorialized in Bruce Springsteen's song 57 Channels (And Nothin' On) . Bruce Springsteen's observation is now off by several orders of magnitude.”
Sticky Wikis (September, 2014) link
- “…not all crowds are worth associating with and ... as a group they can't be relied upon to filter out the crap. Crowds, like landfills, may contain treasures, but the yield rate isn't encouraging.”
- “…the quintessential problem for online repositories is the absence of an adequate vetting process that produces lightweight content. Instead of making a distinction between a jury of domain experts on the one hand and an approval voting system to flag anomalies, Wikipedia combines both into crowdsourcing. Wiki wars (or edit wars) result when mini-crowds become mobs and empirical truth degenerates into opinion and ideology.”
- “Wikipedia remains in my view only reliable when it comes to uncontroversial and incontrovertible facts. I submit that to domain knowledge experts who are actual authorities on a subject, articles are not verifiable and neutral and I suspect in most cases if the topic is narrow enough the authors may be handily identified from the narrative. That is to say, that consensus is not the appropriate litmus test when accuracy is required and is not a good tool for dispute resolution, and no responsibility will ever be attributable to an anonymous source.”
The Future of Digital Money Laundering (August, 2014) link
- “Banks got networked and money laundering went digital. This is as close to cause-and-effect as you can get. In the future, successful money launderers will demonstrate a closer affinity to tax cheats than bank robbers. “
- “Attempts to convert fractional money reserves into physical possessions are invitations to discovery. That's why the smarter mobsters tended to live modestly.”
- “Money laundering in South Florida by the so-called “cocaine cowboys” in the 1980's defined what might be called the “golden era” of money laundering. Carloads of money were passed through counting rooms of participating banks as they skimmed their percentage before depositing it in the local branch of the Federal Reserve. In those days the teller windows were as porous as the Florida coastline, but those days are long gone due to aggressive regulatory enforcement. But they've been replaced by techniques far more insidious such as straw man and anonymous accounts in foreign banks located in uncooperative tax havens.”
- “From the facilitating correspondent bank's perspective, due diligence involves determining sufficient information about “parentage, respectability and integrity” of a candidate bank to make an “innocent owner” defense plausible – it doesn't have to be true under current prosecutorial standards, just plausible. Once again, look where financial incentives lie. correspondent banking is “found money” as far as the facilitator bank is concerned – the revenues from services and fees for correspondent banking amounted to $590 billion in 2010 according to a recent SWIFT whitepaper – that's serious money. Now just how much due diligence may we expect the financial industry to conduct when a $590 billion revenue stream is at stake?”
- “Correspondent accounts, bearer shares, tax havens, and the like are individually and collectively criminogenic. The Justice Department's “faith-based” oversight is by design inadequate to the challenge. Therein lay the golden opportunities for future money launderers.”
- “At its zenith, Silk Road produced a few million dollars in monthly revenue – chump change when compared to the scales discussed above. Dread Pirate Roberts' mistake was in relying on security through obscurity. This tactic didn't keep Silk Road any more secure than proprietary code secured Internet Explorer. Dread Pirate Roberts did for the illegal online marketplace what Cliven Bundy did for the sovereign citizen movement. In effect both functioned as law enforcement intelligence honeypots.”
- “…regulators and law enforcement has already pruned the low-hanging fruit. Future successes will have to emulate the corporate and individual tax cheats who operate with de facto immunity. It seems obvious to me that successful money launderers for the foreseeable future will focus their efforts on jurisdiction shopping for multiple legitimate banks in foreign tax havens with captive directors. There they can create nested correspondent accounts, daisy chained foreign shell companies, and blend in with the white collar crowd that have accounting backgrounds. “
- “…regulators and law enforcement has already pruned the low-hanging fruit. Future successes will have to emulate the corporate and individual tax cheats who operate with de facto immunity. It seems obvious to me that successful money launderers for the foreseeable future will focus their efforts on jurisdiction shopping for multiple legitimate banks in foreign tax havens with captive directors. There they can create nested correspondent accounts, daisy chained foreign shell companies, and blend in with the white collar crowd that have accounting backgrounds. “
- “Major international banks like HSBC, JPMorgan Chase, Bank of America, etc. process trillions of dollars of funds transfers daily, almost all of which are automated and require no human oversight. It is important to understand that these transfers do not require credit, so due diligence will not be conducted for the sake of risk-aversion, but simply for the sake of compliance! But banks are incentivized to engage in AML compliance only to the extent that they avoid the modest fines. Their greatest potential exposures – to criminal prosecution and forfeiture of access to U.S. capital markets - is not at risk as long as governments continue to offer the banking industry perverse incentives.”
Leadership Failures in the National Security Complex (June, 2014) link
- “Current NSA forecast: continued Snowden Flurries with no end in sight. No one blames the hardworking NSA employees. It’s the feckless leadership and the politics that got them there that is responsible for our current difficulties.”
- “With a lack of clear cut objectives, insensitivity to the ambient legal issues, and a preoccupation with communication skills and subservience to authority, the selection process for the intelligence agencies produces a vapidity curve that favors the 5% of the candidates who hold 95% of the worst ideas.”
- “If the past 70 years of national security policy have shown us anything, it's that there's no room in intelligence and security leadership for demagogues and dilettantes.”
Mr. Snowden’s Legacy (April, 2014) link
- “Edward Snowden’s ongoing NSA disclosures seem to have the same effect on neoconservative and big-government politicians that a full moon has on werewolves—it just drives them crazy! “
- “Clapper was just balancing the rhetorical ledger. In the world of real politics, getting caught in a lie is tantamount to a failed tactic, nothing more. In this world, truth, honesty, and integrity are considered quaint notions of a bygone era and destined for the dustbins of history.”
- “With the passage of time, Snowden's harshest critics will be shown to not only be on the wrong side of history, but the wrong side of evolution.”
- “…this George W. Bush appointee to the federal bench denied the 84 year old nun and her 58 and 64 year old co-defendants bail while they awaited sentencing and delivered them to the court for sentencing in leg irons, waist chains and handcuffs. Judge Thapar thereby sent a strong signal to senior citizens everywhere that he is no softy when it comes to non-violent dissent. Martin Luther King, the Dalai Lama, Mahatma Gandhi, and Mother Teresa have a proven track record demonstrating the global menace that religiously-motivated elderly pacifists enjoy Thapar sought to make an example of acts of symbolic civil disobedience. Failure to do so would send out exactly the wrong message to the geriatric peace movement.”
- “The ability to achieve a command rank in the military, and the ability to think through complex problems, are fundamentally different. The former is best suited to a team player who follows orders (‘go along to get along' types) and can make quick decisions, while the latter prefers an individualist who questions everything, usually isn't all that compliant, and is exceedingly circumspect.”
- “Ask yourself how far stubborn determination, hasty decisions and a myopic world view have got us in our foreign entanglements over the past fifty years. Bureaucracies tend to organize themselves around formal structures (like chains of command) not in terms of the capacity to make intelligent decisions.”
- “Just look who's running these government agencies: political retreads and military double-dippers who have built their latter career around mastery of the iron triangle. It's the paradigmatic worst of all worlds - the combination of skill inversion and double dipping combined with a healthy dose of cognitive dissonance running amok within a military-industrial complex fueled by deficit spending.”
- “…a moral compass doesn't read true when caught in the magnetic field of hegemony and unilateralism.”
Reflections on STEM (March, 2014) link
- “Sputnik demonstrated the Russian's clear leadership in missile and satellite technology we were told. That this alleged Russian leadership was bogus was irrelevant. It was used to justify the creation of NASA, close imaginary missile gaps, fuel the military-industrial complex, and change our national educational priorities.”
- “By the time President Kennedy took office, the space race was in full-tilt boogie. To be first in space, he argued, one needs to be first in science and technology. Research became a profit center at major universities, external funding became the researcher's coin of the realm, indirect cost accounting entered the academy through the service entrance, and academic mission creep aggressively drove the academy toward the federal trough. We now realize that the entire process was an over-reaction to an imagined fear combined with missile-envy, unhealthy competiveness, and a misguided sense of national pride – but not without benefit.”
- “And I like an occasional glass of Tang and the taste of Teflon in my fried foods as much as the next person. My dissatisfaction isn't with what we accomplished during the space race, but rather what we lost. In our desire to heighten technical skills and achieve scientific hegemony, we lost sight of the incredible value of a diversified, well-rounded education.”
- “Wouldn't it be great to have an educational system that taught us that truth and opinion have very different epistemological ancestries, and that only one of them bears close scrutiny. Or education that showed us that we can no more get to ground truth data via media events than we can get to mathematical truths by interviewing mathematicians. Or education that explained why stakeholder journalism is not journalism at all but product placement – where the product is an agenda. Or an educational climate that emphasized the criticality of the role of confirming explanatory hypotheses in science to our survival as a species. Or education that shows how to separate marketing efforts from facts. Or the problem with the convergence between government regulators and those regulated – or for that matter the liberal use of gag orders and non-disclosure agreements to suppress public awareness of regulatory reports.”
- “At this moment, the humanities part has been, as we say in the world of computing standards, deprecated to the point where it is the object of ridicule in job placement circles. In computing, a consequence of this diminished capacity is our under-appreciation of the social consequences of our efforts.”
- “These post-modern Lysenkoists are more masters of linguistics and polemics than science. To wit, note that for these days the phrase “sound science” has come to mean “opinion in the context of economic and political realities.”
- “We've got ourselves in the bizarre situation where for some “sound science” doesn't necessarily mean “good science” in the sense of testing hypotheses and confirming predictions but “commercially advantageous and attractive to a particular political base.”
- “Students need to skilled enough to navigate through the mine field of bogus science, sound bites, propaganda “interviews,” stakeholder journalism and image management to get to the truth.”
- “An educational system that spends 20 years teaching students to make widgets will certainly not produce citizens who ask whether widget production is in the best interest of society.”
- “The manipulation of science for political gain, with all of its unsavory consequences, will prove in the long run to be far more disabling to a democracy than failing to match skill sets to job trends.”
- “What is more, industry executives would have us believe that some mysterious force grabbed Adam Smith's invisible hand and suspended the law of supply and demand just in their case. On their account, market forces have been suspended when it comes to labor requirements. The government should be enlisted because Adam Smith dropped the ball on this one. The over-arching question must be whether immigration policy is the appropriate tool to satisfy ephemeral labor needs.”
Computing Technology and Survivable Journalism (May, 2013) link
- "Ironically, the very technology that the media pundits suggest might get journalism out of the hole might actually be making the hole deeper."
- "Since Watergate, journalism has become more dramaturgic, orchestrated, undifferentiated, and uninspired."
time has shown, investigative journalism isn't the ideal instrument of global corporate interests— it's losing out to agenda-based, stakeholder-friendly reporting."
- "While there are some state protections for journalists, the law of the land is still Branzburg v. Hayes, in which the US Supreme Court held that there's no First Amendment privilege that automatically accrues to reporters—either testimonial or to protect their sources.... [this has]
had a chilling effect on journalists who report on controversial topics or challenge established authority."
There's no denying that citizen journalism, blogs, news portals, subscription-push services, and the like can be valuable immediate news sources. But they also can be sources of misinformation, propaganda, bias, and hate-mongering.
The media critic's mantra ignores the enormous value that a large newsroom of dedicated professional journalists adds to a story. Without them as a filter, every online reader would need to hold a black belt in what Howard Rheingold calls the “art of crap detection.”"
Neil Postman compared George Orwell and Aldous Huxley this way: “What Orwell feared were those who would ban books. What Huxley feared was that there would be no reason to ban a book, for there would be no one who wanted to read one.” The modern paradigm of this Orwell-Huxley dystopia isn't limited to places like North Korea and Eritrea, where there's nothing even remotely approaching objective journalism."
- "If objective journalism is to survive, we might need to shift the discussion away from media companies that cater to their marketing departments and are preoccupied with profits and revenues to a discussion of how we need to protect the journalists who make the enterprise viable."