#Resist vs. #EffectiveResist

February 27th, 2017

DAPL Could Be Operational In Less Than 2 Weeks

From the post:


“Dakota Access estimates and targets that the pipeline will be complete and ready to flow oil anywhere between the week of March 6, 2017, and April 1, 2017,” company attorney William Scherman said in the documents filed in Washington, D.C., on Tuesday.

Opponents to the Dakota Access Pipeline (DAPL) have two choices, #Resist or #EffectiveResist.

The new moon for February, 2017, was February 26, 2017 (yesterday). (Bookmark that link to discover other new moons in the future.)

Given the reduced visibility on nights with a new moon, you can take up rock sculpting with a thermal lance.

This is a very portable rig, but requires the same eye protection (welding goggles, no substitutes) and protective clothing as other welding activities.

Notice in the next video, which demonstrates professional grade equipment, the heavy protective headgear and clothing. Thermal lances are very dangerous and safety is your first concern.

If you create a bar-b-que pit from large pipe, follow Zippy the Razor‘s advice, “Down the block, Not across the street” to create long cuts the length of your pipe.

Will DAPL be a lesson to investors on the risk of no return from oil pipeline investments? Pending court litigation may play a role in that lesson.

#ProtectTheTruth [Reframing Opposition to Energy Transfer Partners]

February 27th, 2017

#ProtectTheTruth by George Lakoff.

From the post:

Journalists are bravely standing up to Trump’s attacks on the free press, as they should. Yet one way in which they’re expressing their solidarity and resistance shows how little most journalists know about political framing and messaging.

Case in point: Trump has labeled journalists as “enemies.” So, journalists have responded by labeling themselves “#NotTheEnemy.” This hashtag is currently trending on Twitter, which is unfortunate. Adopting this slogan is a big mistake that helps Trump.

Anyone who has read my books or taken my classes at Berkeley will immediately understand why. For those new to political framing and messaging, I’ll explain briefly here.

Quick: Don’t think of an elephant!

Now, what do you see? The bulkiness, the grayness, the trunkiness of an elephant. You can’t block the picture – the frame – from being accessed by your unconscious mind. As a professor in the cognitive and brain sciences, this is the first lesson in framing I have given my students for decades. It’s also the title of my book on the science of framing political debates.

The key lesson: when we negate a frame, we evoke the frame.

I don’t know current characters known to both children and parents, but what if instead of:

#NoDAPL

we said:

#SaveSmokeyTheBear

would that be a better framing?

Or even better:

#SaveBambi

What are some more current memes to swell support to stop the ecocide promised by Energy Transfer Partners?

Introducing Malboxes: …

February 26th, 2017

Introducing Malboxes: a Tool to Build Malware Analysis Virtual Machines

From the post:

Malware analysis is like defusing bombs. The objective is to disassemble and understand a program that was built to do harm or spy on computer users (oops, this is where the bomb analogy fails, but one gets the point). That program is often obfuscated (ie: packed) to make the analysis more complex and sometimes dangerous. This blog post introduces a tool that we have built that creates Windows Virtual Machines (VMs) without any user interaction. Those VMs are preconfigured with malware analysis tools and security settings tailored for malware analysis. We will then explore how to use the tool, its architecture and where we want to take it.

TL;DR

We are announcing the first “official” release of malboxes, a tool meant to help build safe and featureful Windows machines for malware analysis. Accessible to anyone, it even uses trial versions of Windows if one doesn’t have his own license.

How very cool!

Just as your programming improves by studying great code… 😉

Enjoy!

ForWarn: Satellite-Based Change Recognition and Tracking [Looking for Leaks/Spills/Mines]

February 26th, 2017

ForWarn: Satellite-Based Change Recognition and Tracking

From the introduction:

ForWarn is a vegetation change recognition and tracking system that uses high-frequency, moderate resolution satellite data. It provides near real-time change maps for the continental United States that are updated every eight days. These maps show the effects of disturbances such as wildfires, wind storms, insects, diseases, and human-induced disturbances in addition to departures from normal seasonal greenness caused by weather. Using this state of the art tracking system, it is also possible to monitor post-disturbance recovery and the cumulative effects of multiple disturbances over time.

This technology supports a broader cooperative management initiative known as the National Early Warning System (EWS). The EWS network brings together various organizations involved in mapping disturbances, climate stress, aerial and ground monitoring, and predictive efforts to achieve more efficient landscape planning and management across jurisdictions.

ForWarn consists of a set of inter-related products including near real time vegetation change maps, an archive of past change maps, an archive of seasonal vegetation phenology maps, and derived map products from these efforts. For a detailed discussion of these products, or to access these map products in the project’s Assessment Viewer or to explore these data using other GIS services, look through Data Access under the Products header.

  • ForWarn relies on daily eMODIS and MODIS satellite data
  • It tracks change in the Normalized Difference Vegetation Index (NDVI)
  • Coverage extends to all lands of the continental US
  • Products are at 232 meter resolution (13.3 acres or 5.4 hectares)
  • It has NDVI values for 46 periods per year (at 8-day intervals)
  • It uses a 24-day window with 8-day time steps to avoid clouds, etc.
  • The historical NDVI database used for certain baselines dates from 2000 to the present

Not everyone can be blocking pipeline construction and/or making DAPL the most-expensive non-operational (too many holes) pipeline in history.

Watching for leaks, discharges, and other environmental crimes as reflected in the surrounding environment is a valuable contribution as well.

All you need is a computer with an internet connection. Much of the heavy lifting has been done at no cost to you by ForWarn.

It occurs to me that surface mining operations and spoilage from them are likely to produce artifacts larger than 232 meter resolution. Yes?

Enjoy!

Countering Inaccurate/Ineffectual Sierra Club Propaganda

February 26th, 2017

This Sierra Club ad is popular on Facebook:

First problem, it is inaccurate to the point of falsehood.

“…about to start their chainsaws…. …trying to clearcut America’s largest forest, the Tongass National Forest in Alaska…. (emphasis added)”

Makes you think clearcutting is about to start in the Tongass National Forest in Alaska. Yes?

Wrong!

If you go to Forest Management Reports and Accomplishments for the Tongass, you will find Forest Service reports for logging in the Tongass that start in 1908. Cut History 1908 to Present.

The first inaccuracy/lie of the Sierra ad is that logging isn’t already ongoing in the Tongass.

The Sierra ad and its links also fail to mention (in millions of board feet) harvesting from the Tongass:

Calendar Year Board Feet
2016 44,076,800
2010 35,804,970
2000 119,480,750
1990 473,983,320
1980 453,687,320
1970 560,975,120

A drop from 560,975,120 board feet to 44,076,800 board feet looks like the Forestry Service is moving in the right direction.

But you don’t have to take my word for it. Unlike the Sierra Club that wants to excite alarm without giving you the data to decide for yourself, I have included links with the data I cite and data I don’t. Explore the data on your own.

I say the Sierra Club propaganda is “ineffectual” because it leaves you with no clue as to who is logging in Tongass?

Once again the Forestry Service rides to the rescue with Timber Volume Under Contract (sorry, no separate hyperlink from Forest Management Reports and Accomplishments), but look for it on that page and I picked Current Calendar Year Through: (select Jan).

That returns a spreadsheet that lists (among other things), ranger district, unit ID, contract form, purchaser, etc.

A word about MBF. The acronym MBF stands for thousand, as in Roman numberals, M = 1,000. So to read line 4, which starts with Ranger District “Thorne Bay,” read across to “Current Qty Est (MBF)”, the entry “6.00” represents 6,000 board feet. Thus, line 23, starts with “Juneau,” and “Current Qty Est (MBF)”, reads “3,601.00” represents 3,601,000 board feet. And so on. (I would have never guess that meaning without assistance from the forestry service.)

The Sierra Club leaves you with no clue as to who is harvesting the timber?, who is purchasing the timber from the harvesters?, who is using the timber for what products?, etc. The second and third steps removed the Forestry Service can’t provide but the harvesters gives you a starting point for further research.

A starting point for further research enables actions like boycotts of products made from Tongass timber, choosing products NOT made from Tongass timber and a whole host of other actions.

Oh, but none of those require you to be a member of the Sierra Club. My bad, it’s your dues and not the fate of the Tongass that is at issue.

If the Sierra Club wants to empower consumers, it should provide links to evidence about the Tongass that consumers can use to develop more evidence and effective means of reducing the demand for Tongass timber.

BTW, I’m not an anti-environmentalist. All new factory construction should be underground in negative-pressure enclaves where management is required to breath the same air as all workers. No discharges of any kind that don’t match the outside environment prior to its construction.

That would spur far better pollution control than any EPA regulation.

Meet Fenton (my data crunching machine)

February 25th, 2017

Meet Fenton (my data crunching machine) by Alex Staravoitau.

From the post:

As you might be aware, I have been experimenting with AWS as a remote GPU-enabled machine for a while, configuring Jupyter Notebook to use it as a backend. It seemed to work fine, although costs did build over time, and I had to always keep in mind to shut it off, alongside with a couple of other limitations. Long story short, around 3 months ago I decided to build my own machine learning rig.

My idea in a nutshell was to build a machine that would only act as a server, being accessible from anywhere to me, always ready to unleash its computational powers on whichever task I’d be working on. Although this setup did take some time to assess, assemble and configure, it has been working flawlessly ever since, and I am very happy with it.

This is the most crucial part. After serious consideration and leveraging the budget I decided to invest into EVGA GeForce GTX 1080 8GB card backed by Nvidia GTX 1080 GPU. It is really snappy (and expensive), and in this particular case it only takes 15 minutes to run — 3 times faster than a g2.2xlarge AWS machine! If you still feel hesitant, think of it this way: the faster your model runs, the more experiments you can carry out over the same period of time.
… (emphasis in original)

Total for this GPU rig? £1562.26

You now know the fate of your next big advance. 😉

If you are interested in comparing the performance of a Beowulf cluster, see: A Homemade Beowulf Cluster: Part 1, Hardware Assembly and A Homemade Beowulf Cluster: Part 2, Machine Configuration.

Either way, you are going to have enough processing power that your skill and not hardware limits are going to be the limiting factor.

RTM: Stealthy group targeting remote banking system

February 25th, 2017

RTM: Stealthy group targeting remote banking system by Jean-Ian Boutin and Matthieu Faou.

From the post:

Today, we have released a white paper on RTM, a cybercrime group that has been relentlessly targeting businesses in Russia and neighboring countries using small, targeted campaigns. This group, active since at least 2015, is using malware, written in Delphi, to spy on its victims in a variety of ways, such as monitoring keystrokes and smart cards inserted into the system.

It has the ability to upload files from the compromised system to its command and control (C&C) server. It also has a fingerprinting module to find systems on which specialized accounting software is installed. In particular, they are looking for signs of popular accounting software called “1C: Enterprise 8”. This software is used by businesses, among other things, to make bulk transfers via Remote Banking Systems (RBSes).

The post and the white paper, Read The Manual: A Guide to the RTM Banking Trojan focus on the technical aspects of this series of attacks.

It’s an interesting read despite a very poor pie chart at page 5:

If hackers encountered accounts held by Trump family members, do you think that information will be leaked to the media?

That’s one motive to become skilled at hacking banks.

Others will occur to you over time. 😉

9 Powerful Maps: Earthquakes, Elections, and Space Exploration

February 25th, 2017

9 Powerful Maps: Earthquakes, Elections, and Space Exploration by Marisa Krystian.

Nine really great maps with links:

  1. NOAA Science On a Sphere — Earthquakes
  2. The New York Times — Election Results
  3. Pop Chart Lab — Space Exploration
  4. Tomorrow — Electricity Map
  5. NASA — Hottest Year on Record
  6. Radio Garden — Share Music
  7. Facebook — Visualizing Friendships
  8. Transparency International — Corruption
  9. NOAA — Daily Real-Time Satellite Imagery

Two added bonuses:

  1. infogr.am offers a newsletter on visualization techniques
  2. There is an Infogram Ambassadorship program.

I just signed up for the newsletter and am pondering the Ambassadorship program.

If you sign up for the Ambassadorship program, be sure to share your experience and ping me with a link.

Availability Cascades [Activists Take Note, Big Data Project?]

February 25th, 2017

Availability Cascades and Risk Regulation by Timur Kuran and Cass R. Sunstein, Stanford Law Review, Vol. 51, No. 4, 1999, U of Chicago, Public Law Working Paper No. 181, U of Chicago Law & Economics, Olin Working Paper No. 384.

Abstract:

An availability cascade is a self-reinforcing process of collective belief formation by which an expressed perception triggers a chain reaction that gives the perception of increasing plausibility through its rising availability in public discourse. The driving mechanism involves a combination of informational and reputational motives: Individuals endorse the perception partly by learning from the apparent beliefs of others and partly by distorting their public responses in the interest of maintaining social acceptance. Availability entrepreneurs – activists who manipulate the content of public discourse – strive to trigger availability cascades likely to advance their agendas. Their availability campaigns may yield social benefits, but sometimes they bring harm, which suggests a need for safeguards. Focusing on the role of mass pressures in the regulation of risks associated with production, consumption, and the environment, Professor Timur Kuran and Cass R. Sunstein analyze availability cascades and suggest reforms to alleviate their potential hazards. Their proposals include new governmental structures designed to give civil servants better insulation against mass demands for regulatory change and an easily accessible scientific database to reduce people’s dependence on popular (mis)perceptions.

Not recent, 1999, but a useful starting point for the study of availability cascades.

The authors want to insulate civil servants where I want to exploit availability cascades to drive their responses but that’a question of perspective and not practice.

Google Scholar reports 928 citations of Availability Cascades and Risk Regulation, so it has had an impact on the literature.

However, availability cascades are not a recipe science but Networks, Crowds, and Markets: Reasoning About a Highly Connected World by David Easley and Jon Kleinberg, especially chapters 16 and 17, provide a background for developing such insights.

I started to suggest this would make a great big data project but big data projects are limited to where you have, well, big data. Certainly have that with Facebook, Twitter, etc., but that leaves a lot of the world’s population and social activity on the table.

That is to avoid junk results, you would need survey instruments to track any chain reactions outside of the bots that dominate social media.

Very high end advertising, which still misses with alarming regularity, would be a good place to look for tips on availability cascades. They have a profit motive to keep them interested.

R Weekly – Update

February 24th, 2017

R Weekly

A community based aggregation resource on R.

Seventy-two (72) links plus R project updates in R Weekly 2017 Issue 8.

Great way to stay up on R resources and get a sense for the R community.

Enjoy!

PS: The first post of R Weekly that I reviewed had 6 links. R Weekly [Another Word for It post]

White House blocks news organizations from press briefing [Opsec vs. Boromir, Ethics]

February 24th, 2017

White House blocks news organizations from press briefing by Dylan Byers, Sara Murray and Kevin Liptak.

From the post:

CNN and other news outlets were blocked Friday from an off-camera White House press briefing, raising alarm among media organizations and First Amendment watchdogs.

The New York Times, the Los Angeles Times, Politico and BuzzFeed were also excluded from the meeting, which is known as a gaggle and is less formal than the televised Q-and-A session in the White House briefing room. The gaggle was held by White House press secretary Sean Spicer.

In a brief statement defending the move, administration spokeswoman Sarah Sanders said the White House “had the pool there so everyone would be represented and get an update from us today.”

The pool usually includes a representative from one television network and one print outlet. In this case, four of the five major television networks — NBC, ABC, CBS and Fox News — were invited and attended the meeting, while only CNN was blocked.

And while The New York Times was kept out, conservative media organizations Breitbart News, The Washington Times and One America News Network were also allowed in.
… (emphasis in original)

Good opsec counsels silence in the face of such an outrage but as Boromir says in The Fellowship of the Ring:

But always I have let my horn cry at setting forth, and though thereafter we may walk in the shadows, I will not go forth as a thief in the night.” (emphasis added)

I trust this outrage obviates “ethical” concerns over distinctions between leaking, hacking, or other means of obtaining government information?

Fingerprinting Every Browser But Tor

February 24th, 2017

Browser Fingerprinting Tech Works Across Different Browsers for the First Time by Amy Nordrum.

Yinzhi Cao and colleagues have developed browser fingerprint code that identifies 99.24 percent of users across browsers.

Cao’s paper, (Cross-)Browser Fingerprinting via OS and
Hardware Level Features
.

Github: https://github.com/Song-Li/cross_browser.

Demo: http://www.uniquemachine.org

The lead for the story was buried at the end of the post:

The only browser that his method didn’t work on was Tor. (emphasis added)

Your call, you can take care of your own security or be provably insecure.

Advice For Serious Leakers

February 23rd, 2017

[T]he grugq is commenting on the story: A note on our lawsuit against Otto and Uber.

If you are a serious leaker you should be able to use Internet search engines but just in case:

  1. How to create a bootable USB stick on Windows
  2. Create a Bootable Linux Flash Drive in Three Easy Steps
  3. How to Create a Bootable Linux USB Flash Drive, the Easy Way
  4. Making a Kali Bootable USB Drive
  5. Tails Installation Assistant

Everyone has a favorite Linux distribution but Tails (#5) should be your default for leaking and Kali (#4) if you have more serious goals in mind.

BTW, don’t expect any sympathy if these are your facts:


We found that six weeks before his resignation this former employee, Anthony Levandowski, downloaded over 14,000 highly confidential and proprietary design files for Waymo’s various hardware systems, including designs of Waymo’s LiDAR and circuit board. To gain access to Waymo’s design server, Mr. Levandowski searched for and installed specialized software onto his company-issued laptop. Once inside, he downloaded 9.7 GB of Waymo’s highly confidential files and trade secrets, including blueprints, design files and testing documentation. Then he connected an external drive to the laptop. Mr. Levandowski then wiped and reformatted the laptop in an attempt to erase forensic fingerprints.

Wow! That’s incredibly lame.

You shouldn’t commit crimes at all but if you do, don’t embarrass everyone in IT.

AI Assisted Filtering?

February 23rd, 2017

Check Out Alphabet’s New Tool to Weed Out the ‘Toxic’ Abuse of Online Comments by Jeff John Roberts.

From the post:

A research team tied to Google unveiled a new tool on Thursday that could have a profound effect on how we talk to each other online. It’s called “Perspective,” and it provides a way for news websites and blogs to moderate online discussions with the help of artificial intelligence.

The researchers believe it could turn the tide against trolls on the Internet, and reestablish online comment forums—which many view as cesspools of hatred and stupidity—as a place for honest debate about current events.

The Perspective tool was hatched by artificial intelligence experts at Jigsaw, a subsidiary of Google-holding company Alphabet (GOOGL, -0.04%) that is devoted to policy and ideas. The significance of the tool, pictured below, is that it can decide if an online comment is “toxic” without the aid of human moderators. This means websites—many of which have given up on hosting comments altogether—could now have an affordable way to let their readers debate contentious topics of the day in a civil and respectful forum.

“Imagine trying to have a conversation with your friends about the news you read this morning, but every time you said something, someone shouted in your face, called you a nasty name or accused you of some awful crime,” Jigsaw founder and president Jared Cohen said in a blog post. “We think technology can help.”

I’m intrigued by this, at least to the extent that AI assisted filtering is extended to users. Such that a user can determine what comments they do/don’t see.

I avoid all manner of nonsense on the Internet, in part by there being places I simply don’t go. Not worth the effort to filter all the trash.

But at the same time, I don’t prevent other people, who may have differing definitions of “trash,” from consuming as much of it as they desire.

It’s really sad that Twitter continues to ignore the market potential of filters in favor of its mad-cap pursuit of being an Internet censor.

I have even added Ed Ho, said to be the VP of Engineering at Twitter, to one or more of my tweets suggesting ways Twitter could make money on filters. No response, nada.

It’s either “not invented here,” or Twitter staff spend so much time basking in their own righteousness they can’t be bothered with communications from venal creatures. Hard to say.

Jeff reports this is a work in progress and you can see it from yourself: What if technology could help improve conversations online?.

Check out the code at: https://conversationai.github.io/.

Or even Request API Access! (There no separate link, try: http://www.perspectiveapi.com/.)

Perspective can help with your authoring in real time.

Try setting the sensitivity very low and write/edit until it finally objects. 😉

Especially for Fox news comments. I always leave some profanity or ill comment unsaid. Maybe Perspective can help with that.

Google Spanner Inspires CockroachDB To Outrun It

February 23rd, 2017

Google Spanner Inspires CockroachDB To Outrun It by Timothy Prickett Morgan.

From the post:

There is an old joke that in the post-apocalyptic world that comes about because of plague or nuclear war, only two things will be left alive: cockroaches and Keith Richards, the guitarist for the Rolling Stones. As it hails from New York City, you can understand why Cockroach Labs, the upstart software company that is cloning Google’s Spanner distributed relational database, chose that particular bug to epitomize a system that will stay alive no matter what. But, they could have just as easily called it RichardsDB.

When discussing Google’s cloud implementation of Spanner, which launched in beta earlier this week, we promised that we would have a sit down with the people behind the CockroachDB effort, who not coincidentally all hail from the search engine giant and who all worked on key parts of the software infrastructure that sets Google apart. We think that CockroachDB has the potential to shake up the database market, and not just because the people behind it understand deeply what Google did but more importantly because they have come to understand the very different approach that is necessary to commercialize the ideas that are embodied in Spanner and that are being coded into a free and open source CockroachDB.

Cockroach Labs has the potential to be Yahoo’s Hadoop and HDFS to Google’s MapReduce and Google File System, but in a database market that is ripe for change and among enterprise customers who want simplicity from complex systems and they want them to scale instantly, easily, and geographically.

“The backbreaking work is making CockroachDB deployable,” Kimball explains. “In fact, CockroachDB is more deployable than any other distributed database out there. It is an incredibly simple model in that every single node – we call them roach nodes – is symmetric and self-contained with a single binary. There are no external dependencies, so you don’t need Zookeeper running, you don’t need etcd or a distributed or shared file system underneath like Oracle needs with its Real Application Clusters. It is simple as taking one statically linked binary with no dependencies and putting that out on some VM somewhere and pointing it at any other node in a CockroachDB cluster and it joins up and they self organize. So making that work with a single binary was a huge challenge and a big departure from the way Google chose to build Spanner.”

Another big difference is support for SQL, and Kimball had plenty to say about this.

“This is a really interesting point,” he says excitedly. “We have had to build CockroachDB to be deployable as open source in a way that doesn’t need TrueTime and that meets all of the needs of these companies. With open source and there being such a low barrier to try it out and kick the tires, you really need to have a very comprehensive, compatible interface with the outside world. You can’t really cut corners. So we decided to make CockroachDB look like Postgres because it is a better thought out database than MySQL. The nice thing about making it look like Postgres is that all of the applications and languages have drivers for it.”

There are other capabilities built into CockroachDB but being deployable (compared to other distributed databases) and looking like Postgres are keys to a large marketplace share.

The gap between software available to governments/industry and individuals/small groups continues to shrink.

Only you can answer the question of your skill versus theirs.

Influencing Pipeline Investors (False DAPL Flags)

February 23rd, 2017

Standing Rock Becomes Symbolic Battlecry by HechoEnLA.

From the post:

Water Protectors have meticulously defended moral and ethical obligations on behalf of the greater good for years now. Today, we all watched and waited for what would be the symbolic #LastStand and collision between Militarized forces and Peaceful Protectors. Things are ending peacefully as many left the camps in anticipation of the forces that hovered but some remain and sing peacefully in the face of riot gear and weapons. They still remain, they continue to sing, they burn sage, they are women, they are men, their hearts are heavy, but they will continue to pray peacefully.

WE HAVE DEFUNDED $69 Million Dollars from Big Banks: just from the people alone. Seattle Divested over $3 BILLION Dollars from Wells Fargo! University of California Divested $250 Million and Santa Monica is in the process of Divesting as well. There is more that is coming and we are all uniting behind the battle cry #StandingRock #NoDAPL #WaterProtectors there is beauty where there is pain, there is glory in defeat, there can be a better tomorrow when we come together and commit to fight.

… (emphasis in the original)

Speaking of going forward:

  1. Beyond DAPL
  2. Why Invest In Pipelines
  3. Investor Uncertainty
  4. DAPL False Flags


 
 
Beyond DAPL

Defunding is the right note to strike with banks, but DAPL isn’t the only injury investors have planned for the Earth.


Using pipelines for the movement of crude oil, NGLs, refined products, and natural gas greatly benefits the United States economy. Direct capital investments for the construction of new pipelines will average approximately $55 billion between 2014 and 2025, with more being spent between 2016 and 2020. This estimate considers a conservative path of oil and gas production during that time period. If access to off limit areas of production, like the Atlantic, the Eastern Gulf of Mexico, the Pacific, and Alaska, is granted, direct capital investments will increase and average around $65 billion between 2014 and 2025. Regardless of the amount of production, these direct investments will further elicit indirect investments from others in the supply chain, such as steel manufacturing and engineering companies. Wages provided to workers will also be used to purchase consumer goods and contribute even further to the economy. In the end, while the approximate direct investment value may be between $55 and $65 billion, more contributions to the economy are likely providing all the indirect factors that are a part of construction and maintenance of gas and liquid pipelines. (Investing In Pipelines February 23, 2017)

There is a distinction between gas and oil pipelines. Gas pipeline projects that are pending, can be found the Major Pipeline Projects Pending (Onshore) page, which is maintained by the Federal Energy Regulatory Commission.

Can you guess who doesn’t regulate oil pipelines? Yes, the Federal Energy Regulatory Commission (FERC).

Dan Zukowski lists 14 proposed pipeline projects in 14 Pipeline Projects in 24 States … Which Will Be the Next Battleground?, mapped as:

That didn’t scale down very well but as you can see, if DAPL wasn’t close enough for you to take action, a closer opportunity is at hand.


 
 
Why Invest In Pipelines?


There currently are about 40 major interstate pipelines connecting to about 100 minor interstate pipelines operating in a highly regulated environment. As I wrote above, the barriers to entry are quite high if you’re considering building a pipeline any time soon. Most of the grid is in place, with access to building new lines ever more difficult because of urbanization. Oil and gas pipelines are simply great fixed assets that offer excellent long-term prospects for income-oriented investors seeking stable cash flow, upside appreciation and tax benefits from the way they are structured for the capital markets.

Because they are capital-intensive businesses, pipeline operators choose a structure that allows them to aggressively depreciate the huge amounts of money that go into building out and maintaining their lines. In practice, master limited partnerships (MLPs) pay their investors through quarterly required distributions (QRDs), the amount of which is stated in the contract between the limited partners (the investors) and the general partner (the managers).

Because of the stringent provisions on MLPs and the nature of the QRD, the vast majority of MLPs are energy-related businesses, of which pipeline operators tend to earn very stable income from the transport of oil, gasoline or natural gas. Because MLPs are a partnership, they avoid the corporate income tax on both a state and federal basis. Additionally, the limited partner (investor) also may record a prorated share of the MLP’s depreciation on his or her own tax forms to reduce liability. This is the primary benefit of MLPs and allows MLPs to have relatively cheap funding costs.

The tax-free income component to oil-and-gas-pipeline MLPs is very attractive to me at a time when higher income taxes are a reality fueled by a debt-ridden government. My view is that income investors seeking tax-advantaged income will continue to own MLPs and other tax-free investments if the tax code remains as is or becomes even more burdensome. I don’t see any major overhaul in the tax code with next year’s election because neither party in Congress has the will to cut spending. (The Advantages Of Investing In Oil And Gas Pipelines, February 23, 2017)

Altering the tax code to impact investment in pipelines is a theoretical possibility, but not an effective one.

Consult a tax lawyer for the exact details but investors in a pipeline partnership make money two ways:

  1. Pass through of depreciation for the pipeline and its maintenance
  2. Pass through of income from operation of the pipeline

Assuming there is nothing to be done to alter #1 (changing the tax code), altering investor behavior depends solely upon #2.

Altering #2 means no oil or gas flowing through the pipeline.


 
 
Investor Uncertainty

One of the aspects of pipeline that make them attractive to investors, as mentioned above, is stable income. Whatever the prices of oil or gas, it’s not worth anything unless it can be brought to market, hence the constant demand for pipelines.

As I mentioned in Stopping DAPL – One Breach At A Time, a pipeline cannot deliver oil or gas if it has even one breach in it. A breach renders it just pipe in the ground and that doesn’t produce any income.

Breaches in pipelines do occur but as far as reported, only by accident, so investors see no uncertainly to the revenue they expect from pipelines.

What if that were to change?

What if the final 13% of DAPL becomes irrelevant because the completed 1,172 miles of pipe begins to resemble Swiss cheese?


 
 
DAPL False Flags

Because I mentioned thermite recently, someone asked about a video showing its capabilities:

Be forewarned this was created by a 9/11 conspiracy theorist but it is a good illustration of the power of a pound or so of thermite. Properly used, breaching even 1/2″ steel pipe is a matter of seconds.

Getting there:

could take a bit longer.

That plus a #NoDAPL flag:

made me think of a DAPL false flag operation.

Assuming someone is to foolish as to dig up a portion of DAPL and breach it with thermite, then cover it back up with dirt and plant a #noDAPL flag, how would you distinguish that from a freshly dug area, with a #noDAPL flag?

Or any number of freshly dug areas with #noDAPL flags?

Would you not dig on the hopes there wasn’t a breach of the pipe?

Gives the idea of a “false flag operation” more immediate currency. Yes?

PS: Tracking proposed oil pipelines requires monitoring all fifty (50) states. There is no centralized regulation of such pipelines.

Letterlocking [Activist Security]

February 23rd, 2017

Letterlocking The technology of folding & securing an epistolary writing substrate to function as its own envelope.

From the about page:

Letterlocking – Unlocking History

Welcome to letterlocking! You can find essential information about letterlocking and the Unlocking History research team on this page. We will be updating the website regularly in the coming months, including major uploads to the Dictionary of Letterlocking (DoLL) – so please check in periodically, and follow us on social media for all the news.

Unlocking History

Unlocking History is the name for a group of conservation specialists, scholars, publishers, book-artists, imaging specialists, engineers, and scientists who are interested in the historical practice of letterlocking. We want to make sure letters are conserved properly so that they can be studied for the historical secrets they reveal. The material features of letters can speak to us about the past, but in order to hear them we have to learn their language. Unlocking History is dedicated to bringing together all the tools we need to do so – a dictionary, instructional videos, images, and hands-on workshops in libraries, museums, universities, and schools around the world.

Letterlocking and the Dictionary of Letterlocking (DoLL)

Letterlocking refers to the technology of folding and securing an epistolary writing substrate to function as its own envelope – a vital communications technology before the invention of the mass-produced envelope in the 19th century. A full definition of letterlocking can be found in the Dictionary of Letterlocking (DoLL).

Documenting the physical details of well-preserved letters has helped us discern and define different locking formats with multiple levels of built-in security and various authentication devices. DoLL will explain the key differences between these formats – and show you how to make them. With practice, you will be able to examine flattened historical letters in libraries and archives, and make models to show you which letterlocking format the writer or secretary was using. These formats may correlate to the sensitivity of the information contained inside, or contribute to the meaning of the text they carry.

Imaging and Conservation

The study of letterlocking is important for the preservation of documents because it informs conservators about the evidential value of folds, creases, and intentional damage.

View and share images of letterlocking preservation: #PreserveTheFolds.

Letterlocking interests curators and historians but has advantages for modern activists as well.

Those advantages include:

  1. Accessible to nearly anyone
  2. Flummoxes the average FBI agent
  3. Provides visual evidence of tampering
  4. Slower search than digital communications
  5. Supports physical encryption (measurable distances)

Not to mention the use of “antiquated” technology will draw attention to the letters, whether they contain valuable or useless information. Government agents, being risk adverse, will fear some later review will prove the letters had valuable intelligence.

A trap entirely of their own making and one you should exploit whenever possible.

If that captures your interest, continue onto: A Postal Treasure Trove:

In 1926, a seventeenth-century trunk of letters was bequeathed to the Museum voor Communicatie in The Hague, then as now the centre of government, politics, and trade in The Netherlands. The trunk belonged to one of the most active postmaster and post mistress of the day, Simon and Marie de Brienne, a couple at the heart of European communication networks. The chest contains an extraordinary archive: 2600 “locked” letters sent from all over Europe to this axis of communication, none of which were ever delivered. In the seventeenth century, the recipient also paid postal and delivery charges. But if the addressee was deceased, absent, or uninterested, no fees could be collected. Postmasters usually destroyed such “dead letters”, but the Briennes preserved them, hoping that someone would retrieve the letters – and pay the postage. Hence the nickname for the trunk: “the piggy bank” (spaarpotje). The trunk freezes a moment in history, allowing us to glimpse the early modern world as it went about its daily business. The letters are uncensored, unedited, and 600 of them even remain unopened. The archive itself has remained virtually untouched by historians until it was recently rediscovered. Our international and interdisciplinary team of researchers has now begun a process of preservation, digitization, transcription, editing, and identification of letterlocking formats that will reveal its secrets for the first time – even, we hope, those of the unopened letters.

How cool is that? Letters preserved because the post office was hoping to nick the recipient for the postage!

Does that explain pay-in-advance postal systems of today. 😉

Both Letterlocking and A Postal Treasure Trove provide links to other resources on letterlocking.

A YouTube search on letterlocking returns approximately 525 videos.

On Twitter, follow @letterlocking, among others.

Any CS/Math types in the crowd who want to express letterlocking more formally? Thinking of Paper Folding Geometry and the exploration of folding algorithms more generally, such as with protein folding (except in 2 dimensions).

Building an Online Profile:… [Toot Your Own Horn]

February 23rd, 2017

Building an Online Profile: Social Networking and Amplification Tools for Scientists by Antony Williams.

Seventy-seven slides from a February 22, 2017 presentation at NC State University on building an online profile.

Pure gold, whether you are building your profile or one for alternate identity. 😉

I like this slide in particular:

Take the “toot your own horn” advice to heart.

Your posts/work will never be perfect so don’t wait for that before posting.

Any errors you make are likely to go unnoticed until you correct them.

JanusGraph (Linux Foundation Graph Player Rides Into Town)

February 22nd, 2017

JanusGraph

From the homepage:

JanusGraph is a scalable graph database optimized for storing and querying graphs containing hundreds of billions of vertices and edges distributed across a multi-machine cluster.
JanusGraph is a transactional database that can support thousands of concurrent users executing complex graph traversals in real time.

In addition, JanusGraph provides the following features:

You can clone JanusGraph from GitHub.
Read the JanusGraph documentation and join the users or developers mailing lists.

Follow the Getting Started with JanusGraph guide for a step-by-step introduction.

Supported by Google, IBM and Hortonworks, among others.

Three good reasons to pay attention to JanusGraph early and often.

Enjoy!

Interstellar Cybersquatting (Humor)

February 22nd, 2017

The inhabitants of one or more of the planets orbiting Trappist-1:

  1. Are unaware the name of their system is Trappist-1
  2. Are unaware their domain, www.trappist.one, has been registered by an interstellar cybersquatter.

Some days it doesn’t pay to read interstellar news!

Question:

At 25% of the speed of light, that’s approximately 156 years one way or 312 round trip, allowing three years for pleadings to be drafted, so 315 years before litigation over the cybersquatting to begin.

Is anyone looking for particles entangled with particles at Trappist-1?

Might not be able to visit but a conference call perhaps? 😉

AI Podcast: Winning the Cybersecurity Cat and Mouse Game with AI

February 22nd, 2017

AI Podcast: Winning the Cybersecurity Cat and Mouse Game with AI. Brian Caulfield interviews Eli David of Deep Instinct.

From the description:

Cybersecurity is a cat-and-mouse game. And the mouse always has the upper hand. That’s because it’s so easy for new malware to go undetected.

Eli David, an expert in computational intelligence, wants to use AI to change that. He’s CTO of Deep Instinct, a security firm with roots in Israel’s defense industry, that is bringing the GPU-powered deep learning techniques underpinning modern speech and image recognition to the vexing world of cybersecurity.

“It’s exactly like Tom and Jerry, the cat and the mouse, with the difference being that, in this case, Jerry the mouse always has the upper hand,” David said in a conversation on the AI Podcast with host Michael Copeland. He notes that more than 1 million new pieces of malware are created every day.

Interesting take on detection of closely similar malware using deep learning.

Directed in part at detecting smallish modifications that evade current malware detection techniques.

OK, but who is working on using deep learning to discover flaws in software code?

Transparent Government Has Arrived (sorta)

February 21st, 2017

I saw US Cities Exposed: Industries and ICS, source of this graphic, in Violet Blue‘s report Hacking and infosec news: February 21, 2017

Violet’s report has other useful security news but I just had to share the increasing government transparency graphic with you.

The growing insecurity of government computers makes the news organization stance that leakers must hand them documents all the more puzzling.

I don’t know if that is a result of being hand fed all these years, genuine concern over prosecution or both.

Think about it this way, short of a source outing themselves, how is anyone going to know that a journalist enlisted hackers versus having a genuine leaker?

Put that way, perhaps there are loose confederations of hackers breaching government networks right now. (Sorry, didn’t mean to panic any security types.)

😉

Read the rest of the report and Violet’s post as well.

Enjoy!

DAPL – 49 Sheriffs + Bull Connor of the North

February 21st, 2017

Before reporting on a spreadsheet about the 49 sheriffs and Bull Connor of the North, I have to share this urgent plea that arrived just moments ago:

Militarized police have completely surrounded the camp. If you intend to join the camp as a protector, the time is now.

I don’t have any reports on who is surrounding any of the 1,172 odd miles of the DAPL pipeline. Seems to me that turn about would be fair play. Yes?

I have created a spreadsheet that lists all 50 counties and their sheriffs where the DAPL pipeline runs.

The columns are as follows:

A – Name of County

B – Name of Sheriff

C, D, E, F – street address, town, state, zip code

G – Sheriff’s email (if they have one)

H – Phone

I – Fax

J – Link to Wikipedia on county

K – County population

L – County area (in square miles)

M – Population density

N – Geohack URL from Wikipedia that lists numerous map resources for that county (This is especially important for planning purposes.)

(Apologies! I forgot to link to the file: dapl-counties-sheriffs.xls)

Reasoning that you may want to concentrate your monitoring of DAPL for breeches in areas of low population density. While you may stand out, there are fewer people to notice you in such places.

Someone asked me earlier today if DAPL could be breached using explosives, to which any number of government publications, FM 3-34.214 Explosives and Demolitions, Steel Cutting with High-Explosive Charges, and private publications, Cutting Techniques for Facilities Dismantling in Decommissioning Projects, all answer in the affirmative. Cutting Techniques… includes coverage of a number of cutting techniques, including explosives.

If anyone asks you to use explosives to interrupt the DAPL pipeline you should, of course, decline, but if, nevertheless, they persist, give them this advice:

  1. Under no circumstances use explosives (commercial or homemade) so as to endanger law enforcement personnel, members of the public or even yourself. Many law enforcement officers are avid hunter and care as much for the environment as anyone. Don’t make yourself “special” by endangering or harming members of law enforcement or the public.
  2. Always use commercial explosives. Homemade explosives as seen on the Internet are dangerous and a trap for the “independent” minded. Sure, you can waste your time, energy and endanger yourself by attempting to make homemade explosives but why? Yes, there restrictions on the sales of explosives but there are laws against human trafficking as well.

    The Trafficking in Persons Report 2016 — Complete Report (PDF) reports that despite being illegal, human trafficking continues. I’ve seen it reported that 200 to 300 children are trafficked through the Atlanta airport, every month. Somehow I doubt the existence super effective enforcement efforts on explosives.

A longer post is coming but remember that investors, even investors in pipelines, are risk adverse. Should it come to pass that even a passing mention of DAPL creates waves of panic over the potential for entirely lost pipeline investments, the investment environment of and interest in pipeline investments will change.

After all, who wants to invest in 1,172 miles of sporadically broken, virgin pipe that has never carried a drop of oil? Yes?

PS: If you don’t know 1960’s civil rights history, the moniker Bull Connor of the North may escape you. Bull Connor used fire hoses and dogs against children marching for civil rights in Birmingham, Alabama. He, like the Bull Connor of the North, is a stain on the history of law enforcement in the United States.

ESA Affirms Open Access Policy For Images, Videos And Data

February 21st, 2017

ESA Affirms Open Access Policy For Images, Videos And Data

From the post:

ESA today announced it has adopted an Open Access policy for its content such as still images, videos and selected sets of data.

For more than two decades, ESA has been sharing vast amounts of information, imagery and data with scientists, industry, media and the public at large via digital platforms such as the web and social media. ESA’s evolving information management policy increases these opportunities.

In particular, a new Open Access policy for ESA’s information and data will now facilitate broadest use and reuse of the material for the general public, media, the educational sector, partners and anybody else seeking to utilise and build upon it.

“This evolution in opening access to ESA’s images, information and knowledge is an important element of our goal to inform, innovate, interact and inspire in the Space 4.0 landscape,” said Jan Woerner, ESA Director General.

“It logically follows the free and open data policies we have already established and accounts for the increasing interest of the general public, giving more insight to the taxpayers in the member states who fund the Agency.”

A website pointing to sets of content already available under Open Access, a set of Frequently Asked Questions and further background information can be found at http://open.esa.int.

More information on the ESA Digital Agenda for Space is available at http://www.esa.int/digital.

A great trove of images and data for exploration and development of data skills.

Launched on 1 March 2002 on an Ariane-5 rocket from Europe’s spaceport in French Guyana, Envisat was the largest Earth observation spacecraft ever built. The eight-tonne satellite orbited Earth more than 50 000 times over 10 years – twice its planned lifetime. The mission delivered thousands of images and a wealth of data used to study the workings of the Earth system, including insights into factors contributing to climate change. The end of the mission was declared on 9 May 2012, but ten years of Envisat’s archived data continues to be exploited for studying our planet.

With immediate effect, all 476 public Envisat MERIS or ASAR or AATSR images are released under the Creative Commons CC BY-SA 3.0 IGO licence, hence the credit for all images is: ESA, CC BY-SA 3.0 IGO. Follow this link.

The 476 images mentioned in the news release are images prepared over the years for public release.

For addition Envisat data under the Open Access license, see: EO data distributed by ESA.

I registered for an ESA Earth Observation Single User account, quite easy as registration forms go.

I’ll wander about for a bit and report back on the resources I find.

Enjoy!

PS: Not only should you use and credit the ESA as a data source, laudatory comments about the Open Access license may encourage others to do the same.

Red Team Journal [Lessons for Standing Rock?]

February 19th, 2017

Red Team Journal

From the homepage:

Red Team Journal was founded in 1997 to promote the practice of red teaming, alternative analysis, and wargaming. Since its founding, the site has influenced a generation of red teamers to think systematically and creatively about their assumptions, challenges, adversaries, and competitors.

My encounter with Red Team Journal was quite accidental but welcome since despite years of protests, the Dakota Access Pipeline, spanning four states, is nearing completion.

The bravery and dedication of those who have fought a long and lonely fight against that project are to be admired. But continuing with tactics that allowed near completion of an 1,172 mile long pipeline isn’t a winning strategy.

What tactics for stopping the Dakota Access Pipeline occur to you?

The Bakken Pipeline

February 19th, 2017

The Bakken Pipeline > AKA The Dakota Access Pipeline (DAPL) by Nitin Gadia.

This static screen shot doesn’t do the map justice. It covers the entire route and enables you to zoom in at any particular location.

You can read more about the map here.

Githug page (for sources, data collaboration):
https://github.com/nittyjee/bakkenpipelinemap

Reversing HERMES ransomware

February 19th, 2017

From the description:

Recording of the first live stream reverse engineering a new ransomware family. Lots of lessons learned for the next time 🙂

I haven’t made it through the entire video (almost four hours) but it is very impressive!

Speaking of impressive, check out the Emisoft blog for more of same.

Enjoy!

Software Is Politics [Proudhon’s Response]

February 19th, 2017

Software Is Politics by Richard Pope.

From the post:

If you work in software or design in 2016, you also work in politics. The inability of Facebook’s user interface, until recently, to distinguish between real and fake news is the most blatant example. But there are subtler examples all around us, from connected devices that threaten our privacy to ads targeting men for high-paying jobs.

Digital services wield power. They can’t be designed simply for ease of use—the goal at most companies and organizations. Digital services must be understandable, accountable, and trusted. It is now a commercial as well as a moral imperative.

DESIGN IS POLITICAL

Power and politics are not easy topics for many designers to chew on, but they’re foundational to my career. I worked for the U.K.’s Government Digital Service for five years, part of the team that delivered Gov.uk. I set up the labs team at Consumer Focus, the U.K.’s statutory consumer rights organization, building tools to empower consumers. In 2007, I cofounded the Rewired State series of hackdays that aimed to get developers and designers interested in making government better. I’ve also worked at various commercial startups including moo.com and ScraperWiki.

The last piece of work I did in government was on a conceptual framework for the idea of government as a platform. “Government as a platform” is the idea of treating government like a software stack to make it possible to build well-designed services for people. The work involved sketching some ideas out in code, not to try and solve them upfront, but to try and identify where some of the hard design problems were going to be. Things like: What might be required to enable an end-to-end commercial service for buying a house? Or what would it take for local authorities to be able to quickly spin up a new service for providing parking permits?

With this kind of thinking, you rapidly get into questions of power: What should the structure of government be? Should there be a minister responsible for online payment? Secretary of state for open standards? What does it do to people’s understanding of their government?

Which cuts to the heart of the problem in software design today: How do we build stuff that people can understand and trust, and is accountable when things go wrong? How do we design for recourse?
… (emphasis in original)

The flaw in Pope’s desire for applications are “…accountable, understandable, and trusted…” by all, is that it conceals the choosing of sides.

Or as Craig Gurian in Equally free to sleep under the bridge illustrates by quoting Anatole France:

“In its majestic equality, the law forbids rich and poor alike to sleep under bridges, beg in the streets and steal loaves of bread.”

Applications that are “…accountable, understandable, and trusted…” will have silently chosen sides just as the law does now.

Better to admit to and make explicit the choices of who serves and who eats in the design of applications. At least then disparities are not smothered by the pretense of equality.

Or as Proudhon would say:

What is equality before the law without equality of fortunes? A balance with false weights.

Speak not of “…accountable, understandable, and trusted…” applications in the abstract but for and against who?

EFF Urges Trusting Cheaters

February 19th, 2017

Congress Must Protect Americans’ Location Privacy by Kate Tummarello.

From the post:

Your smartphone, navigation system, fitness device, and more know where you are most of the time. Law enforcement should need a warrant to access the information these technologies track.

Lawmakers have a chance to create warrant requirements for the sensitive location information collected by your devices.

It’s already against the law to intercept and transcribe all phone calls but the weight of the evidence shows the US government is doing exactly that.

The periodic EFF calls for legislation by known cheaters leave me puzzled.

Laws, to government agencies, mark “don’t get caught zones” and little more.

Protecting sensitive location information, to be effective, must be demanded by consumers of manufacturers.

No backdoors, no warrants, no snooping, it’s just that simple.

Taking The Pressure Off Standing Rock

February 19th, 2017

Standing Rock is standing firm:

However, their historic betrayers, the Department of Indian Affairs, and more recent betrayers, their own tribal council, are aligned to focus their efforts on the water protectors.

One of the disadvantages Standing Rock faces is government sycophants who favor the pipeline can focus all their efforts at Standing Rock.

Consider this illustration of spreading their efforts over a wider area, say the 1,172 miles of the pipeline:

One or two breaches might be manageable and repairs would make economic sense. What about five major breaches? Or perhaps 10 major breaches? Each one in different sections and not too overlapping in time.

Interest, as you know, runs on loans 24 x 7 and repairs drive up the break even point for any endeavor.

Hemorrhaging cash at multiple locations isn’t sustainable, even for large foreign banks. Eventually, how long is unknown until figures come in for repairs, etc., the entire pipeline will be unprofitable and abandoned.

In the mean time, those points where cash is being lost by the barrel full (sorry), will capture the attention of investors.