Archive for the ‘Reporting’ Category

Introduction: The New Face of Censorship

Saturday, May 6th, 2017

Introduction: The New Face of Censorship by Joel Simon.

From the post:

In the days when news was printed on paper, censorship was a crude practice involving government officials with black pens, the seizure of printing presses and raids on newsrooms. The complexity and centralization of broadcasting also made radio and television vulnerable to censorship even when the governments didn’t exercise direct control of the airwaves. After all, frequencies can be withheld; equipment can be confiscated; media owners can be pressured.

New information technologies–the global, interconnected internet; ubiquitous social media platforms; smart phones with cameras–were supposed to make censorship obsolete. Instead, they have just made it more complicated.

Does anyone still believe the utopian mantras that information wants to be free and the internet is impossible to censor or control?

The fact is that while we are awash in information, there are tremendous gaps in our knowledge of the world. The gaps are growing as violent attacks against the media spike, as governments develop new systems of information control, and as the technology that allows information to circulate is co-opted and used to stifle free expression.

The work of Joel Simon and the Committee to Protect Journalists is invaluable. The challenges, dangers and hazards for journalists around the world are constant and unrelenting.

I have no doubt about Simon’s account of suppression of journalists. His essay is a must read for everyone who opposes censorship, at least in its obvious forms.

A more subtle form of censorship is practiced in the United States, self-censorship.

How many stories on this theme have you read in the last couple of weeks? U.S. spy agency abandons controversial surveillance technique

Now, how many of those same stories mentioned that the NSA has a long and storied history of lying to the American public, presidents and congress?

By my count, which wasn’t exhaustive, the total is 0.

Instead of challenging this absurd account, Reuters reports the NSA reports as though it were true and fails to remind the public it is relying on a habitual liar.

Show of hands, how many readers think the Reuters staff forgot that the NSA is a hotbed of liars and cheats?

There is little cause for government censorship of US media outlets. They censor themselves before the government can even ask.

Support the Committee to Protect Journalists and perhaps their support of journalists facing real censorship will shame US media into growing a spine.

What’s Your Best Star Wars Line?

Thursday, May 4th, 2017

Ben Child has gathered the forty (40) best lines from the Star Wars saga in: May the 4th be with you: the 40 best lines from the Star Wars saga.

No spoilers here!

Read Ben’s post and support the Guardian while you are there.

Seriously, do support the Guardian. They’re a bit conservative for my tastes but still worthy of support.

Practical Suggestions For Improving Transparency

Tuesday, May 2nd, 2017

A crowd wail about Presidents Obama, Trump, opacity, lack of transparency, loss of democracy, freedom of the press, the imminent death of civilization, etc., isn’t going to improve transparency.

I have two practical suggestions for improving transparency.

First suggestion: Always re-post, tweet, share stories with links to leaked materials. If the story you read doesn’t have such a link, seek out one that does to re-post, tweet, share.

Some stories of leaks include a URL to the leaked material, like Hacker leaks Orange is the New Black new season after ransom demands ignored by Sean Gallagher, or NSA-leaking Shadow Brokers just dumped its most damaging release yet by Dan Goodin, both of Ars Technica

Some stories of the same leaks do not include a URL to the leaked material,The Netflix ‘Orange is the New Black’ Leak Shows TV Piracy Is So 2012 (which does have the best strategy for fighting piracy I have ever read) or, Shadow Brokers leak trove of NSA hacking tools.

Second suggestion: If you encounter leaked materials, post, tweet and share them as widely as possible. (Translations are always needed.)

Improving transparency requires only internet access and the initiative to do so.

Are you game?

Journalism Is Skepticism as a Service (SaaS)

Saturday, April 22nd, 2017

Image from the Fourth Estate Journalism Association.

I applaud the sentiment and supporting the Fourth Estate is one way to bring it closer to reality.

At the same time, unless and until The New York Times, National Public Radio, and others start reporting US terrorist attacks (bombings) with the same terminology as so-called “terrorists” in their coverage, “Journalism Is Skepticism as a Service (SaaS)” remains an aspiration, not a reality.

Tiny Narratives – Upgrade Your Writing

Thursday, April 13th, 2017

8 steps to upgrade your everyday news stories with ‘tiny narratives’ by Katia Savchuk.

From the post:

BEFORE BETH SCHWARTZAPFEL became a staff writer for The Marshall Project three years ago, she spent a decade as a freelance magazine writer. She got used to spinning 4,000-word narratives for places like Mother Jones and the Boston Review. When she arrived at the nonprofit newsroom, which covers criminal justice, Schwartzapfel found herself tackling an entirely different animal: breaking news and hard-hitting features that put the facts center stage.

Schwartzapfel considered how she could bring her storytelling chops to these new formats. Her answer was what she calls “tiny narratives”: compact anecdotes, sometimes only a few lines long, scattered throughout a fact-driven article. “I think of them as raisins in oatmeal, or the signs people hold on the sidelines of a marathon. They’re little surprises or jolts of pleasure to remind people of what they’re reading and why it matters,” she explained in a session at the Power of Narrative Conference at Boston University in late March.

Those nuggets of humanity can help keep readers on the page at a time when news organizations are scrambling for the public’s attention. But it isn’t easy to do well. Injecting narrative elements into a news or investigative story can bring unnecessary clutter or overwhelm the essential facts.

Here are tips from Schwartzapfel and other speakers at the conference about how to get “tiny narratives” right.
… (emphasis in original)

A series of great tips, but if you want more examples of Schwartzapfel’s writing, try Beth Schwartzapfel, Staff Writer.

I count fifty-five (55) stories.

More than enough for a Hunter Thompson exercise of re-typing great stories:

Posted by Brian John Spencer in Hunter S. Thompson – Typing out the work of the best writers.

Think of Thompson’s approach as developing “muscle and verbal cadence” memory.

I’m much more likely to try that with Schwartzapfel’s stories than with XQuery, but it would be an interesting exercise in both cases.


Fact Check now available in Google… [Whose “Facts?”]

Friday, April 7th, 2017

Fact Check now available in Google Search and News around the world by Justin Kosslyn and Cong Yu.

From the post:

Google was built to help people find useful information by surfacing the great content that publishers and sites create. This access to high quality information is what drives people to use the web and for contributors to continue to engage and invest in it.

However, with thousands of new articles published online every minute of every day, the amount of content confronting people online can be overwhelming. And unfortunately, not all of it is factual or true, making it hard for people to distinguish fact from fiction. That’s why last October, along with our partners at Jigsaw, we announced that in a few countries we would start enabling publishers to show a “Fact Check” tag in Google News for news stories. This label identifies articles that include information fact checked by news publishers and fact-checking organizations.

After assessing feedback from both users and publishers, we’re making the Fact Check label in Google News available everywhere, and expanding it into Search globally in all languages. For the first time, when you conduct a search on Google that returns an authoritative result containing fact checks for one or more public claims, you will see that information clearly on the search results page. The snippet will display information on the claim, who made the claim, and the fact check of that particular claim.

And the fact checking criteria?

For publishers to be included in this feature, they must be using the ClaimReview markup on the specific pages where they fact check public statements (documentation here), or they can use the Share the Facts widget developed by the Duke University Reporters Lab and Jigsaw. Only publishers that are algorithmically determined to be an authoritative source of information will qualify for inclusion. Finally, the content must adhere to the general policies that apply to all structured data markup, the Google News Publisher criteria for fact checks, and the standards for accountability and transparency, readability or proper site representation as articulated in our Google News General Guidelines. If a publisher or fact check claim does not meet these standards or honor these policies, we may, at our discretion, ignore that site’s markup.

An impressive 115 separate organizations are approved fact checkers but most of them, the New York Times for example, publish “facts” from the US State Department, US Department of Defense, members of US Congress, White House, and other dubious sources of information.

Not to mention how many times have you read the New York Times supporting:

  • Palestinian Martyrs
  • State destruction of Afro-American homes as retribution for crimes
  • Supporting armed white encampments in traditionally Afro-American neighborhoods


Do you think perhaps the New York Times has a “point of view?”

We all do you know. Have a point of view.

What I find troubling about “fact checking” by Google is that some points of view, such as that of the NYT, are going to be privileged as “facts,” whereas other points of view will not enjoy such a privilege.

Need I mention that not so long ago the entire Middle East was thrown into disarray, a disarray that continues to this day, because the “facts” as judged by the NTY and others, said that Saddam Hussein possessed weapons of mass destruction?

I have no doubt that a fact checking Google at the time would have said it’s a fact that Saddam Hussein possessed weapons of mass destruction, at least until years after that had been proven to be false. Everybody who was anybody said it was a fact. Must be true.

As a super-Snopes, if I hear a rumor about Pete Rose and the Baseball Hall of Fame, Google fact checking may be useful.

For more subtle questions, consider whose “facts” in evaluating a Google fact check response.

Non-Fox News journalists: Investigate Bill O’Reilly & Fox News Reporters

Tuesday, April 4th, 2017

Fox News journalists: Don’t stay silent amid Bill O’Reilly controversy by Kyle Pope.

From the post:

WHAT DOES IT TELL US WHEN advertisers get ahead of reporters in matters of newsroom ethics? It tells us something is seriously wrong at Fox News, and it’s time for the real journalists at the network (and beyond) to make themselves heard.

On Tuesday, more companies moved to distance themselves from the network and its host, Bill O’Reilly, in response to a April 1 piece in The New York Times detailing sexual harassment allegations against Fox’s top-rated host and cash cow. The alleged behavior ranges the gamut of smut, from unwanted advances to phone calls in which O’Reilly—he of an $18 million-a-year salary from Rupert Murdoch et al—sounds as if he is masturbating.
… (emphasis in original)

Pope’s call for legitimate journalists at Fox to step forward is understandable, but too little too late.

From campus rape at UT Austin to the conviction of former Penn State President Graham Spanier’s conviction for failing to report alleged child abuse, it is always that case that somebody knew what was going on and remained silent.

What did the “legitimate journalists” at Fox News and when?

Will the journalism community toss 0’Reilly to the wolves and give his colleagues a free pass?

That’s seems like an odd sense of ethics for journalists.


Substituting Their Judgment For Yours

Monday, April 3rd, 2017

Merrill Perlman captures in From cyberattacks to fake news: notable recent changes in AP style my complaint on reference free reporting.

Perlman quotes a recent change in Associated Press (AP) style:

Holding politicians and public figures accountable for their words often requires reporting or research to verify facts that affirm or disprove a statement, or that show a gray area.

Fact-checking also is essential in debunking fabricated stories or parts of stories done as hoaxes, propaganda, jokes or for other reasons, often spread widely on the internet and mistaken as truth by some news consumers.

The term fake news may be used in quotes or as shorthand for the modern phenomenon of deliberate falsehoods or fiction masked as news circulating on the internet.

However, do not label as fake news specific or individual news items that are disputed.

In all cases, the goal of fact-checking is to push back on falsehoods, exaggeration and political spin. Be specific in describing what is false and back up those descriptions with facts.

… (emphasis added)

I would extend the AP’s

Be specific in describing what is false and back up those descriptions with facts.


Be specific in describing what is false, back up those descriptions with facts, with links/references to resources for those facts.

Absent links/references for facts, I see two parties, both wanting to foist their judgment on “facts” onto me.

I appreciate the effort to save me from thinking for myself, but no thanks.

The absence of links/references to third-party resources is proof of intent to usurp the reader’s judgment.

The same reasoning applies to leak publishers who decide what you should or should not be allowed to see.

Terrorism and the Media: A Handbook for Journalists

Saturday, April 1st, 2017

Terrorism and the Media: A Handbook for Journalists by Jean-Paul Marthoz, published by United Nations Educational, Scientific and Cultural Organization (UNESCO).

From the Foreword:

It should be clear to everyone why a publication such as this, on the coverage of terrorism and violent extremism in the media, is urgently needed.

Around the world we see various actors staging violence against civilians to foster fear and suspicion of others. We see populations in many countries convinced that terrorism represents the most significant threat to their daily lives. We see political movements that take advantage of tragedy and pit citizens against each other in order to gain greater support. It is critical to reflect on how the media may be inadvertently contributing to this tense climate, and what steps should be taken to address this.

It is important to remember that terrorism is not a new phenomenon. Many countries have suffered for decades from groups, both internal and external and including both State and non-State actors, wielding violence against civilians as political strategy. In many cases, the local population emerged stronger and more resilient, proving that brutality is no match in the long term for the progress of unity and shared values.

In this context, the media are critical in providing verifiable information and informed opinion. During the tense environment of a crisis, with populations on edge and tempers flared, this becomes all the more important. The relationship between terrorism and media is complex and fraught. At its worst, it is a perverse symbiotic relationship – terrorist groups devising spectacles of violence to continue drawing the world’s attention, and the media incentivised to provide wall-to-wall coverage due to huge audience interest.

Of course, this is not to minimise the real human suffering that terrorism causes. Far too many lives have been cut short by it. These acts must always be deplored, and those accountable brought to justice.

It is important to remember that the goal of these violent actors is not to bring terror for terror’s sake. They do not wish to create fear in the minds of men and women simply because of their interests, hatred or ideology. Their real objective is to cleave society down the centre, turning people against each other by provoking repression, discrimination and discord. They aim to simultaneously prove themselves correct in their predictions of widespread persecution and to attract new followers to their violent cause. They seek to create a mood of defeatism in the face of attacks and polarised reactions.

The real risk of terrorism is that fear and suspicion will drive a new wave of nationalism and populism, and that the freedoms we have all worked so hard to achieve will be sacrificed on the altar of retribution. These are not attacks on one nation or people, but attacks on all of us as global citizens. We should be especially critical of any response that plays willfully into the hands of violent actors, and which generates its own victims who become martyrs for further terrorist recruitment.
… (emphasis in original)

If you found yourself nodding in agreement with that excerpt, be aware you have chosen a side without defining it.

That’s not a bad thing, even upon reflection we all choose sides, I’m simply advocating honesty and transparency in those choices.

Marthoz tries to be even handed, “One person’s terrorist is another person’s freedom fighter” (page 17) and “State terrorism generally escapes the notice of those who try to forge a common international definition of terrorism within intergovernmental organizations.” (pages 20-21), but the United States is not listed as a terrorist organization nor named as a state sponsor of terrorism.

Perhaps necessary to achieve publication by UNESCO but that omission is symbolic of the pressure journalists will face in reporting on “terrorism.”

What other name would you give an acts described at Airwars, a site that monitors US-led bombing in Syria and Iraq?

But you won’t find the media, Western media at any rate, denouncing US-led bombing in Syria and Iraq as terrorism nor will they out the pilots who are committing those acts of terrorism.

My suggestion is that you bookmark Airwars and when a non-systematic, indeed random act of terrorism occurs in your country, include in your story the latest terrorist acts by the US and its allies.

To give your account balance.

For example, on November 28, 2016, Abdul Razak Ali Artan injured 11 people with a butcher knife at Ohio State University. You could take any number of stories from Airwars but consider on November 29, 2016, Rawa, Anbar province, Iraq, ten members of a single family were killed in a bombing raid.

I don’t remember seeing the Rawa, Anbar province, Iraq story in Western media. Did you? Why are there no, repeat no reporters from any major news organization providing reports on such events?

Want balance in your coverage? Start funding reporters to provide first hand confirmation of air strikes in Syria and Iraq.

4 Billion “Records” Leaked In 2016 – How Do You Define Record?

Wednesday, March 29th, 2017

The IBM X-Force Treat Intelligence Index 2017 report leaves the impression hackers are cutting through security like a hot knife through butter:

With Internet-shattering distributed-denial-of-service (DDoS) attacks, troves of records leaked through data breaches, and a renewed focus by organized cybercrime on business targets, 2016 was a defining year for security. Indeed, in 2016 more than 4 billion records were leaked, more than the combined total from the two previous years, redefining the meaning of the term “mega breach.” In one case, a single source leaked more than 1.5 billion records.1 (page 3)

The report helpfully defines terms at page 3 and in the glossary (page 29) but never defines “record.”

The 4 billion records “fact” will appear in security blogs, Twitter, business zines, mainstream media, all without asking: “What is a record?”

Here are some things that could be records:

  • account, username, password
  • medical record (1 or more pages)
  • financial record (1 or more pages)
  • CIA document (1 or more pages)
  • Tax records (1 or more pages)
  • Offshore bank data (spreadsheet, 1 or more pages
  • Presentations (PPT, 1 or more pages)
  • Accounting records (1 or more pages)
  • Emails (1 or more pages)
  • Photos, nude or otherwise

IBM’s “…4 billion records were leaked…,” is a marketing statement for IBM security services. Not a statement of fact.

Don’t make your readers dumber by repeating IBM marketing slogans without critical comments.

PS: I haven’t checked the other “facts” claimed in this document. The failure to define “record” was enough to discourage further reading.

How Do You Spell Media Bias? M-U-S-L-I-M

Monday, March 27th, 2017

Disclosure: I have contempt for news reports that hype acts of terrorism. Even more so when little more than criminal acts by Muslims are bemoaned as existential threats to Western society. Just so you know I’m not in a position to offer a balanced view of Ronald Bailey’s post.

Do Muslims Commit Most U.S. Terrorist Attacks?: Nope. Not even close. by Ronald Bailey.

From the post:

“It’s gotten to a point where it’s not even being reported. In many cases, the very, very dishonest press doesn’t want to report it,” asserted President Donald Trump a month ago. He was referring to a purported media reticence to report on terror attacks in Europe. “They have their reasons, and you understand that,” he added. The implication, I think, is that the politically correct press is concealing terrorists’ backgrounds.

To bolster the president’s claims, the White House then released a list of 78 terror attacks from around the globe that Trump’s minions think were underreported. All of the attackers on the list were Muslim—and all of the attacks had been reported by multiple news outlets.

Some researchers at Georgia State University have an alternate idea: Perhaps the media are overreporting some of the attacks. Political scientist Erin Kearns and her colleagues raise that possibility in a preliminary working paper called “Why Do Some Terrorist Attacks Receive More Media Attention Than Others?

For those five years, the researchers found, Muslims carried out only 11 out of the 89 attacks, yet those attacks received 44 percent of the media coverage. (Meanwhile, 18 attacks actually targeted Muslims in America. The Boston marathon bombing generated 474 news reports, amounting to 20 percent of the media terrorism coverage during the period analyzed. Overall, the authors report, “The average attack with a Muslim perpetrator is covered in 90.8 articles. Attacks with a Muslim, foreign-born perpetrator are covered in 192.8 articles on average. Compare this with other attacks, which received an average of 18.1 articles.”

While the authors rightly question the equality of terrorist reporting, which falsely creates a link between Muslims and terrorism in the United States, I question the appropriateness of a media focus on terrorism at all.

Aside from the obvious lure that fear sells and fear of Muslims sells very well in the United States, the human cost from domestic terrorist attacks, not just those by Muslims, hardly justifies crime blotter coverage.

Consider that in 2014, there were 33,559 deaths due to gun violence and 32 from terrorism.

But as I said, fear sells and fear of Muslims sells very well.

Terrorism or more properly the fear of terrorism has been exploited to distort government priorities and to reduce the rights of all citizens. Media participation/exploitation of that fear is a matter of record.

The question now is whether the media will knowingly continue its documented bigotry or choose another course?

The paper:

Kearns, Erin M. and Betus, Allison and Lemieux, Anthony, Why Do Some Terrorist Attacks Receive More Media Attention Than Others? (March 5, 2017). Available at SSRN:

Transparency can have a prophylactic effect

Sunday, March 26th, 2017

Farai Chideya set out to explore:

…who reported the 2016 election, and whether political teams’ race and gender diversity had any impact on newsrooms.

That’s an important question and Chideya certainly has the qualifications and support ( fellow at Harvard’s Shorenstein Center on Media, Politics and Public Policy) to pursue it.

One problem. For reasons best known to themselves, numerous media organizations refuse to provide diversity date. (full stop)

But the most important data point for this project—numbers from newsrooms on their 2016 political team staffing—has been the hardest to collect because very few managers or business-side staff are willing to disclose their data. One company admitted off the record that they were not responding to diversity requests, period. The Wall Street Journal provided the statement that it “declined to provide specific personnel information.” An organization sent numbers for its corporate parent company, whose size is approximately a thousand times the size of the entire news team, let alone the political team. Another news manager promised verbally to cooperate with the inquiry, but upon repeated follow up completely ghosted.

Concealment wasn’t the uniform response as Chideya makes clear but useful responses were so few and far. Enough so to provoke her post.

She captures my sentiments writing:

If we journalists can’t turn as unsparing a gaze on ourselves as we do on others, it speaks poorly for us and the credibility of our profession. If the press lauds itself for demanding transparency from government but cannot achieve transparency in its newsrooms, that is cowardice. If we say we can cover all of America with representatives of only a few types of communities, we may win battles but lose the war to keep news relevant to a broad segment of Americans. This is as strong a business argument as a moral argument.

If you need additional motivation, be aware that Chideya is proceeding in the face of non-cooperation and when her study is published, there will be a list of who has been naughty and nice.

Here’s how to self-report:

Whether or not you are a news organization I’ve already contacted, please email me at

For the purposes of the reporting, I’m looking for a race/gender count of 2016-cycle political staffers—full-time or at least 25-hour-per-week contract workers (but not freelancers paid by the story). People come and go during the election season, but these should be people who spent at least six months covering the election between September 2015 and November 2016.

If you want to add to the data you disclose, you can include separate counts for freelancers; or for staff who worked on politics less than six months of the cycle, but those should be broken out separately.

Want bonus points? Produce an org chart showing how your staff diversity played out across the ranks of reporters and editors. Feel free to annotate for self-reported class background or other metrics if you want, too. But race and gender are the minimum.

We’d like on-the-record numbers and interviews from people who we can use as sources in the report: managers, corporate communications staff, anyone authorized to speak on behalf of the newsroom. Please indicate if you are speaking on the record and in what role.

Because we are not getting this information, in many cases, we also welcome interviews and information on background. That is, if you are a staffer and can provide information, please do, and tell us who you are and that you don’t want to be quoted or cited. We’ll take what you provide to us into account as we do our research, but obviously it can’t be the final word. You could also offer quotes about the topic on the record, and your assessment of staff diversity on background.

As we conclude the report, we will release information on who has provided information, and who it was requested from who did not.

Self-reporting beats being on the naughty list and/or your diversity information extracted by a ham-handed hacker who damages your systems as well.

Who knew? Transparency can have a prophylactic effect.

See Chideya’s full post at: One question that turns courageous journalists into cowards

UK Proposes to Treat Journalists As Spies (Your Response Here)

Sunday, March 19th, 2017

UK’s proposed Espionage Act will treat journalists like spies by Roy Greenslade.

From the post:

Journalists in Britain are becoming increasingly alarmed by the government’s apparent determination to prevent them from fulfilling their mission to hold power to account. The latest manifestation of this assault on civil liberties is the so-called Espionage Act. If passed by parliament, it could lead to journalists who obtain leaked information, along with the whistle blowers who provide it to them, serving lengthy prison sentences.

In effect, it would equate journalists with spies, and its threat to press freedom could not be more stark. It would not so much chill investigative journalism as freeze it altogether.

The proposal is contained in a consultation paper, “Protection of Official Data,” which was drawn up by the Law Commission. Headed by a senior judge, the commission is ostensibly independent of government. Its function is to review laws and recommend reforms to ensure they are fairer and more modern.

But fairness is hardly evident in the proposed law. Its implications for the press were first highlighted in independent news website The Register by veteran journalist Duncan Campbell, who specializes in investigating the U.K. security services.

Comments on the public consultation document can be registered here.

Greenslade reports criticism of the proposal earned this response from the government:

In response, both Theresa’s May’s government and the Law Commission stressed that it was an early draft of the proposed law change. Then the commission followed up by extending the public consultation period by a further month, setting a deadline of May 3.

Early draft, last draft or the final form from parliament, journalists should treat the proposed Espionage Act as a declaration of war on the press.

Being classified as spies, journalists should start acting as spies. Spies that offer no quarter and who take no prisoners.

Develop allies in other countries who are willing to publish information detrimental to your government.

The government has chosen a side and it’s not yours. What more need be said?

Pre-Installed Malware – Espionage Potential

Tuesday, March 14th, 2017

Malware found pre-installed on dozens of different Android devices by David Bisson.

From the post:

Malware in the form of info-stealers, rough ad networks, and even ransomware came pre-installed on more than three dozen different models of Android devices.

Researchers with Check Point spotted the malware on 38 Android devices owned by a telecommunications company and a multinational technology company.

See David’s post for the details but it raises the intriguing opportunity to supply government and corporate offices with equipment with malware pre-installed.

No more general or targeted phishing schemes, difficult attempts to breach physical security and/or to avoid anti-virus or security programs.

The you leak – we print model of the news media makes it unlikely news organizations will want to get their skirts dirty pre-installing malware on hardware.

News organizations consider themselves “ethical” in publishing stolen information but are unwilling to steal it themselves, because stealing is “unethical.”

There’s some nuance in there I am missing, perhaps that being proven to have stolen carries a prison sentence in most places. Odd how ethics correspond to self-interest isn’t it?

If you are interested in the number of opportunities for malware on computers in 2017, check out Computers Sold This Year. It reports as of today over 41 million computers sold this year alone.

News organizations don’t have the skills to create a malware network but if information were treated as having value, separate from the means of its acquisition, a viable market would not be far behind.

Less Than Accurate Cybersecurity News Headline – From No Less

Monday, March 13th, 2017

Skimming through my Twitter stream I encountered:

That sounds important and it’s from

Who describe themselves in 100 words:™ (formerly is a leading web-based science, research and technology news service which covers a full range of topics. These include physics, earth science, medicine, nanotechnology, electronics, space, biology, chemistry, computer sciences, engineering, mathematics and other sciences and technologies. Launched in 2004,’s readership has grown steadily to include 1.75 million scientists, researchers, and engineers every month. publishes approximately 100 quality articles every day, offering some of the most comprehensive coverage of sci-tech developments world-wide. Quancast 2009 includes in its list of the Global Top 2,000 Websites. community members enjoy access to many personalized features such as social networking, a personal home page set-up, RSS/XML feeds, article comments and ranking, the ability to save favorite articles, a daily newsletter, and other options.

So I bit and visited New technique completely protects internet pictures and videos from cyberattacks, which reads in part:

A Ben-Gurion University of the Negev (BGU) researcher has developed a new technique that could provide virtually 100 percent protection against cyberattacks launched through internet videos or images, which are a growing threat.

“Any downloaded or streamed video or picture is a potential vehicle for a cyberattack,” says Professor Ofer Hadar, chair of BGU’s Department of Communication Systems Engineering. “Hackers like videos and pictures because they bypass the regular data transfer systems of highly secure systems, and there is significant space in which to implant malicious code.”

“Preliminary experimental results show that a method based on a combination of Coucou Project techniques results in virtually 100 percent protection against cyberattacks,” says Prof. Hadar. “We envision that firewall and antivirus companies will be able to utilize Coucou protection applications and techniques in their products.”

The Coucou Project receives funding from the BGU Cyber Security Research Center and the BaseCamp Innovation Center at the Advanced Technologies Park adjacent to BGU, which is interested in developing the protective platform into a commercial enterprise.

Summary: Cyberattackers using internet videos or images are in little danger of being thwarted any time soon.

First, Professor Hadar’s technique would need to be verified by other researchers. (Possibly has been but no publications are cited.)

Second, the technique must not introduce additional cybersecurity weaknesses.

Third, vendors have to adopt and implement the techniques.

Fourth, users must upgrade to new software that incorporates the new techniques.

A more accurate headline reads:

New Technique In Theory Protects Pictures and Videos From Cyberattacks


Covering Trump: … [LiveStream, 3 March 2017]

Thursday, March 2nd, 2017

Covering Trump: What Happens When Journalism, Politics, and Fake News Collide by Shelley Hepworth.

From the post:

AFTER SIX WEEKS OF HIS PRESIDENCY, the media covering Trump’s administration is beginning to get a feel for the challenges that lie ahead. The president has labeled the press “the enemy of the American people” and excluded some news outlets from briefings; the First Amendment feels like it’s under threat; and fake news and “alternative facts” abound. The unorthodox nature of this environment has raised questions: How important are press briefings? What are the ethics of using anonymous sources and leaked data? And how should we respond to a disinformation campaign targeted at the media?

To get a handle on this, the Columbia Journalism Review has partnered with Reuters and The Guardian to bring together some of the best minds in the business for a one-day conference on Friday, March 3, Covering Trump: What Happens When Journalism, Politics, and Fake News Collide. The event includes panel discussions on press coverage in a no-access era, the rise of fake news, investigating Trump’s connections to Russia, and the ethics of reporting on data leaks. There will also be a lunchtime keynote with New Yorker Editor in Chief David Remnick in conversation with Columbia Journalism School Dean Steve Coll.

The conference will be livestreamed on this page from 10:30 am Friday, and we invite viewers to join in the conversation on Twitter using the hashtag #coveringtrump.
… (emphasis in original)

Cadablanca fans will recognize that:

I’m am shocked, shocked to learn [government routinely lies to and about the press]

Still, media resistance to government, belated though it may be, is appreciated.

Catch this discussion live and carry the discussion forward in groups both in and out of the media.

White House blocks news organizations from press briefing [Opsec vs. Boromir, Ethics]

Friday, February 24th, 2017

White House blocks news organizations from press briefing by Dylan Byers, Sara Murray and Kevin Liptak.

From the post:

CNN and other news outlets were blocked Friday from an off-camera White House press briefing, raising alarm among media organizations and First Amendment watchdogs.

The New York Times, the Los Angeles Times, Politico and BuzzFeed were also excluded from the meeting, which is known as a gaggle and is less formal than the televised Q-and-A session in the White House briefing room. The gaggle was held by White House press secretary Sean Spicer.

In a brief statement defending the move, administration spokeswoman Sarah Sanders said the White House “had the pool there so everyone would be represented and get an update from us today.”

The pool usually includes a representative from one television network and one print outlet. In this case, four of the five major television networks — NBC, ABC, CBS and Fox News — were invited and attended the meeting, while only CNN was blocked.

And while The New York Times was kept out, conservative media organizations Breitbart News, The Washington Times and One America News Network were also allowed in.
… (emphasis in original)

Good opsec counsels silence in the face of such an outrage but as Boromir says in The Fellowship of the Ring:

But always I have let my horn cry at setting forth, and though thereafter we may walk in the shadows, I will not go forth as a thief in the night.” (emphasis added)

I trust this outrage obviates “ethical” concerns over distinctions between leaking, hacking, or other means of obtaining government information?

Congressmen Counsel Potential Leakers!

Friday, February 17th, 2017

Federal Employees Guide to Sharing Key Information with the Public.

From the webpage:

On February 16, 2017, Congressman Ted W. Lieu (D | Los Angeles County) and Congressman Don Beyer (D | Virginia) released the following resource guide for federal employees who wish to break the Administration’s communications blackout on federal agencies. The guide explains how to safely and responsibly share information, and encourages employees to “Know Your Rights” and “Know Your Options.” In the “Know Your Rights” section, federal employees can learn about which federal laws apply to them. In the “Know Your Options” section, employees can learn about how to safely disseminate information to agency inspectors general and the press. The resource guide also includes links to an in-depth list of federal whistleblower statutes and information about agency inspectors general. The full press release can be found here.

Links to whistleblower resources, etc. follow.

Here’s a screen shot of the top of their guide:

The links for whistleblowers are great but rely upon the you take all the risk, media reaps all the glory model.

Better than no leaks at all but having news organization step up with cyberexpertise to safely extract data sounds like a better model.

How to Listen Better [Not Just For Reporters]

Monday, February 13th, 2017

How to Listen Better by Josh Stearns.

From the post:

In my weekly newsletter, The Local Fix, I compiled a list of guides, tools, and examples of how newsrooms can listen more deeply to local communities. I’m sharing it here in case it can be useful to others, and to encourage people to add to the list.

See which of Josh’s resources resonate with you.

These resources are in the context of news/reporting but developing good listening skills is an asset in any field.

Here’s a free tip since you are likely sitting in front of your computer monitor:

If someone comes to talk to you, turn away from your monitor and pay attention to the person speaking.

Seriously, try that for a week and see if your communication with co-workers improves.

PS: Do read posts before you tweet responses to them. As they say, “reading is fundamental.”

Opening Secure Channels for Confidential Tips [Allocating Risk for Leaks]

Thursday, February 9th, 2017

Opening Secure Channels for Confidential Tips by Martin Shelton.

From the post:

In Shields Up, security user researcher Martin Shelton writes about security threats and defenses for journalists. Below, his first installment. —eds

To make it easier for tipsters to share sensitive information, a growing number of news organizations are launching resources for confidential tips. While there is some overlap between the communication channels that each news organization supports, it’s not always clear which channels are the most practical for routine use. This short guide will describe some basics around how to think about security on behalf of your sources before thinking about tools and practices. I’ll also describe common communication channels for accepting sensitive tips and tradeoffs when using each channel. When thinking about tradeoffs, consider which channels are right for you.
… (emphasis in original)

Martin does a great job of surveying your current security options but doesn’t address the allocation of risk between leakers and news organizations that I covered in U.S. Leaking Law: You Go To Jail – I Win A Pulitzer and/or the option of leaking access rather than the risk of leaking data/documents, How-To: Leaking In Two Steps.

Here’s the comment I’m posting to his post and I will report back on his response, probably in a separate post:

Martin, great job on covering the security options for tips and their tradeoffs!

I do have a question though about the current model of leaking, which puts all of the risk on the leaker. A leaker undertakes the burden of liberating data and/or documents, takes the risk of copying/removing them and then the risk of getting them securely to a news organization.

All of which requires technical skills that aren’t common.

As an alternative, why shouldn’t leakers leak access to such networks/servers and enable news organizations, who have greater technical resources, to undertake the risks of retrieval of such documents?

I mentioned this to another news person and they quickly pointed out the dangers of the Computer Fraud and Abuse Act (CFAA) for a news organization but the same holds true for the leaker. Who very likely has fewer technical skills than any news organization.

Thinking that news organizations can decide to serve the interests of government (follow the CFAA) or they can decided to serve the public interest. In my view, those are not synonymous.

I am still refining ways that leakers could securely leak access but at present, using standard subscription forms with access information instead of identifying properties, offers both a trustworthy target (the news organization) and a multiplicity of places to leak, which prevents effective monitoring of them. I have written more than once about this topic but two of particular interest: U.S. Leaking Law: You Go To Jail – I Win A Pulitzer, and, How-To: Leaking In Two Steps.

Before anyone protests the “ethics” of breaking laws such as the CFAA, recall governments broke faith with their citizens first. Laws like the CFAA are monuments to that breach of faith. Nothing more.

Leakers As Lighthouses In A Sea Of Data

Tuesday, February 7th, 2017

I was extolling my How-To: Leaking In Two Steps yesterday when a very practical problem suggested itself.

In sneakernet leaking (hard copy/digital), the leaker has selected/filtered the leaked content prior to delivery to a news organization.

Leaked access puts the burden on reporters to explore to find relevant data. Without some guidance from a leaker, reporters won’t know if a “big story” is in the next directory, file or spreadsheet.

Concern was also voiced that traditional news organizations might run afoul of the Computer Fraud and Abuse Act (CFAA).

Governments enact laws like the CFAA in order to protect their own criminal activity and those of criminals like them.

Think of the last time your local, state or national government did something that would be universally admired and acclaimed but kept it secret.

Coming up empty? Some am I.

Good acts are never kept secret and that is a commentary on acts that are kept secret

I won’t suggest you violate the CFAA, if you are subject to it, but do consider if you are serving the government’s interest in obeying such laws or the public’s.

I’m re-factoring How-To: Leaking In Two Steps to keep the ease of leaking for leakers, preserve their role as lighthouses, and, perhaps even more importantly, to reduce if not eliminate CFAA liability for news organizations.

Eight Days in March: [Bias by Omission]

Monday, February 6th, 2017

Eight Days in March: How the World Searched for Terror Attacks by Google Trends.


Cities that searched for these attacks:


See the original for full impact but do you notice a bias by omission?

What about the terrorist bombings by the United States and its allies in Syria and Iraq, that happened every day mentioned in this graphic?

Operation Inherent Resolve reports:

Between Aug. 8, 2014 and Jan. 30, 2017, U.S. and partner-nation aircraft have flown an estimated 136,069 sorties in support of operations in Iraq and Syria.

That’s 906 days or 150 sorties on average per day.

Or for eight days in March, 1200 acts of terrorism in Iraq and Syria.

Readers who are unaware of the crimes against the people of Iraq and Syria won’t notice the bias in this graphic.

Every biased graphic is an opportunity to broaden a reader’s awareness.

Take advantage of them.

Learn A Language, 140 Characters At A Time (GIJN)

Sunday, February 5th, 2017

Global Investigative Journalism Network (GIJN) announced two Twitter feeds today:



To complement:





The GIJN Twitter feed expansion prompted me to think of its feeds as part of a language learning effort.

I doubt you would find classic literature quoted in tweets but that’s rare these days outside of classrooms.

Certainly not common in tweets from political leaders. 😉

From their about page:

The Global Investigative Journalism Network (GIJN) is an international association of nonprofit organizations that support, promote, and produce investigative journalism. GIJN holds conferences, conducts trainings, provides resources and consulting, and encourages the creation of similar nonprofit groups. It was founded in 2003 when more than 300 journalists from around the world gathered for the second Global Investigative Journalism Conference in Copenhagen. Since then it has grown to 145 member organizations in 62 countries.

If you don’t know the Global Investigative Journalism Network (GIJN), pay them a visit. You will like what you find.

How-To: Leaking In Two Steps

Friday, February 3rd, 2017

In Lowering the Bar for Leakers I proposed this method for leaking login credentials:

  1. Write login credentials (not your own), login URL, on paper
  2. Mail to (news address) – no return address
  3. News Media: Destroys all leaked credentials upon receipt

Easier than the convolutions you will find at: How easy is it to securely leak information to some of America’s top news organizations? This easy or Attention Federal Employees: If You See Something, Leak Something, but we can do better.

A Universal (nearly) and Secure Leaking Point

Can you think of one characteristic shared by almost all websites? Aside from being on the Web?

The ability to create an account for news and updates!

Like this page from the New York Times:


Warning: Leak login credentials to sites using the https protocol only.

Leaking access to a publicly accessible server

Leaking your sysadmin’s, boss’s, co-worker’s credentials, you enter:


Leaking access to a server on a restricted network

For servers or resources requiring more than one set of credentials, say on a secure network, again using your sysadmin’s, boss’s, co-worker’s credentials, you enter:


Leaking In Two Steps

The leaking of login credentials (not your own) is two steps:

  1. Create account from non-work computer
  2. Enter login credentials as account details

You are protected by:

  1. SSL encryption
  2. Safety in numbers – Study finds that 97% of large companies have had credentials leaked online
  3. Credential duplication is a well-known fact – 17% of passwords are “123456”
  4. Not facing the risks of a sneakernet thief to steal, transport and deliver data in hard copy or digital format

This technique will work with agencies, banks, corporations, courts, governments, legislatures, PACs, anywhere that requires digital login credentials.

I used email and password fields here but that is just an artifact of the New York Times form. Other parts of a form and other separators are certainly possible.

PS: Don’t leak credentials to me because my site doesn’t have SSL (right now) and I’m not in full control of the server.

Personally, if I were to accept leaked credentials, I would store that data on a RAM disk.

Data Journalism Manual

Thursday, February 2nd, 2017

Data Journalism Manual by ODECA.

There are five data journalism modules:

Plus Labs.

The page footer reads:

This data journalism manual has been adapted for UNDP Istanbul Regional Hub by Eva Constantaras, and in Russian by Anastasia Valeeva, from an original work produced for The World Bank’s Sudan Evidence Base Programme, supported by the United Kingdom Department for International Development and found at

(see Data Journalism Manual for the modules in Russian.)

About ODECA:

Open Data in Europe and Central Asia (ODECA) is a platform to support government representatives, civil society activists, tech activists and citizens that care about and work with open data.

The network covers 18 countries in the region and aims to stimulate innovation, knowledge sharing and learning among practitioners and aficionados of open data regionally and globally.

Our goal is to use the potential of open data to transform societies by empowering citizens and supporting governments to meet the UN Sustainable Development Goals. While we are still exploring all the ways that data will contribute to the SDGs, it is undeniable that it will play an important role in reaching and measuring them.

The network brings in the knowledge and experience of global and regional leaders in open data.
(emphasis in the original)


U.S. Leaking Law: You Go To Jail – I Win A Pulitzer

Thursday, February 2nd, 2017

While researching Challenging Anti-Whistleblowing Provision (Germany) [Republication of „stolen“ Data] in a US context, I encountered: The Legality of Publishing Hacked E-mails by Diana Dellamere.

Published in 2009 and as with all legal issues, consult a lawyer but it summarizes the rule on “illegal” content as:

Bartnicki v. Vopper is the most protective of journalists and sets out the primary “test,” holding that a broadcaster could not be held civilly liable for publishing documents or tapes illegally procured by a third party. The court set out three criteria for legitimate first amendment protection: (1) the media outlet played no role in the illegal interception; (2) media received the information lawfully; (3) the issue was a matter of public concern.

If my title sounds harsh towards the press, remember that the Washington Post won a Pulitzer Prize based on Snowden’s leaks and yet called for him to not be pardoned.

I suspect that first requirement:

(1) the media outlet played no role in the illegal interception;

is part of the reason why the bar for leakers remains high, that is media outlets don’t accept leaked login credentials for the recovery of material of public interest.

Media outlets need to realize the “no role in the illegal interception” condition of Bartnicki v. Vopper is a bargain with the devil. From which both media outlets and the public suffer.

Media outlets suffer because despite the brave rhetoric of “speaking truth to power,” media outlets say in fact:

speaking such truth as breaks through the wall of fear and punishment maintained by power

In honoring the condition of “no role in the illegal interception” media outlets have chosen a side. It isn’t the side of transparency, public interest or government accountability.

If that weren’t bad enough, the public suffers by being deprived of facts that skilled data miners could recover, that lie beyond the skill of leakers who could leak access credentials.

Everyone gets to make choices and certainly media outlets, we could all name a few, can choose to be government toadies.

As far as “legality” is concerned, I call your attention to: Tweeter And The Monkey Man by Traveling Wilburys:

Jan had told him many times, “It was you to me who taught
In Jersey anything’s legal, as long as you don’t get caught”

The law is codified caprice that favors the powerful.

Whether to break it or not asks how much is the truth worth to you really?

Challenging Anti-Whistleblowing Provision (Germany) [Republication of „stolen“ Data]

Wednesday, February 1st, 2017

GFF and its partners challenge anti-whistleblowing provision on handling „stolen“ data by Nora Markard.

From the post:

With an alliance of civil rights organizations and journalists, GFF is challenging the new Criminal Code provision on handling „stolen“ data. Passed by the grand coalition in 2015, this provision (s. 202d of the Criminal Code) criminalizes handling leaked data without providing for an adequate protection of the press. It thereby threatens an important part of the work of investigative journalists as well as their informants and supporting experts.

The facial challenge brought by GFF and its partners (PDF, in German) claims that the provision violates the freedom of the press and broadcasters, the equality clause, professional freedom and the clarity principle.

The new provision criminalizes handling data which someone else had obtained illegally; the sentence is up to three years in prison or a fine (translation by Sebastian Golla):

(1) Whoever procures for himself or for another, supplies another, disseminates or makes otherwise available data (s. 202a(2)) that is not publicly accessible and that another has acquired through an unlawful act, with the intent of enriching himself or another or of harming another, shall be liable to imprisonment not exceeding three years or a fine.

In the legislator’s intention, the provision addresses the trade in stolen credit card and user data. Due to careless drafting, however, it also covers the procurement, transfer and dissemination of electronic data which were obtained by journalists from whistleblowers.

Working with information such as that revealed to the public by Edward Snowden in violation of US secrecy laws would therefore be illegal under German law.

Governments are secretive creatures by nature and the German government is no exception to that rule.

Nora’s post is heavy on links to news coverage and those opposing this “accidental” sweeping up of whistleblowers.

Whatever the result under the particulars of German law, the better result would be a finding that publication, such as posting to Wikileaks or the dark web, breaks any chain of civil or criminal liability.

Once data has been posted to a public site, any re-publication of that data is protected as free speech.

It is easy enough to distinguish use of credit card data because that is a species of fraud and not an example of free (insert public) speech.

Re-publication creates a “bright-line,” one visible even to enthusiastic prosecutors and encourages leakers to leak for all and not the few.

Several recent leaks come to mind that were dribbled out for the benefit of the few.

Writing Good FOIA Requests

Tuesday, January 31st, 2017

What makes a good FOIA request? We studied 33,000 to find out by By Nicholas Dias, Rashida Kamal and Laurent Bastien.

From the post:

EVERY JOURNALIST HAS IDEAS about what makes a good public records request. But surprisingly few people have actually tried to systematically analyze how requests can be written to improve their chances of success.

To fill this vacuum, we analyzed more than 33,000 Freedom of Information Act requests and identified a few characteristics that were typical of those that were fulfilled.

The requests were made to five federal agencies that publish to the Environmental Protection Agency, the Department of Commerce, Customs and Border Protection, the Department of the Navy, and the National Archives and Records Administration. All were filed between 2011 and 2016.

We defined success as the receipt of all records requested, as defined by the agency. There was no straightforward relationship between wait time and any of the characteristics we considered, so we factored it out as a measure of success.

For the requests we examined, the full-grant rate across all five agencies was around 23 percent. That’s the same success rate for requests across all federal agencies, according to Max Galka of FOIA Mapper, a project funded by the Knight Foundation that outlines the record systems of federal agencies.

Requesters in our sample typically waited around 142 days, or a little more than four months, to get responses. Less than 39 percent of requests received responses within 28 days, which is the longest amount of time an agency could spend fulfilling a request while still meeting FOIA’s 20-business-day time limit.

That’s a pretty bleak picture. So, how can you improve your chances?
… (emphasis in original)

What? Evidence-based FOIA practices? 😉

After reading this review of FOIA practices, get thee to MuckRock.

MuckRock has advice, tools, community, in short, it is a one-stop FOIA shop.

What FOIA request(s) are you going to file?

This Is Easy Leaking?

Friday, January 27th, 2017

How easy is it to securely leak information to some of America’s top news organizations? This easy by Laura Hazard Owen.

Laura’s “easy” process has six steps that involve you installing software on your computer (detectable), storing files to be leaked on the same computer (detectable), saving your acknowledgement from the recipient of your leak (detectable).

Although she cautions you to not use a work computer for installing Tor, good advice, but in leak investigations, all computers are generally seized.

In Lowering the Bar for Leakers I suggest leakers and news media should follow this protocol for leaks:

  1. Write login credentials (not your own), login URL, on paper
  2. Mail to (news address) – no return address
  3. News Media: Destroys all leaked credentials upon receipt

A leaker’s part reduces to two steps and it reduces their risk from copying/smuggling documents.

Which one do you think is “easier??

To Laura’s credit, she does list ten (10) SecureDrop sites for publishers still following a sneakernet model of leaking.

We live in an insecure and networked environment. Why cling to copy machine and hard copy models of leaking?

The Critical Thinking Skills Cheatsheet [Infographic and Wookbook]

Friday, January 27th, 2017

The Critical Thinking Skills Cheatsheet [Infographic] by Lee Watanabe-Crockett.

From the post:

Critical thinking skills truly matter in learning. Why? Because they are life skills we use every day of our lives. Everything from our work to our recreational pursuits, and all that’s in between, employs these unique and valuable abilities. Consciously developing them takes thought-provoking discussion and equally thought-provoking questions to get it going. Begin right here with the Critical Thinking Skills Cheatsheet.

It’s a simple infographic offering questions that work to develop critical thinking on any given topic. Whenever your students discover or talk about new information, encourage them to use these questions for sparking debate and the sharing of opinions and insights among each other. Together they can work at building critical thinking skills in a collaborative and supportive atmosphere.
… (emphasis in original)

The infographic, also available as a color 11 x 17 pdf file, is too large to display here but I can give you the flavor of it:


… benefits from this?
… is this harmful to?
… makes decisions about this?
… is most directly affected?
… have you also heard discuss this?
… would be the best person to consult?
… will be the key people in this?
… deserves recognition for this?

What, Where, When, Why and How have similar expansions.

See also The Critical Thinking Workbook from Global Digital Citizen.

Specific domains may benefit from altered or additional prompts but this a great starting place!