Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

April 13, 2017

Tiny Narratives – Upgrade Your Writing

Filed under: Journalism,News,Reporting,Writing — Patrick Durusau @ 4:57 pm

8 steps to upgrade your everyday news stories with ‘tiny narratives’ by Katia Savchuk.

From the post:

BEFORE BETH SCHWARTZAPFEL became a staff writer for The Marshall Project three years ago, she spent a decade as a freelance magazine writer. She got used to spinning 4,000-word narratives for places like Mother Jones and the Boston Review. When she arrived at the nonprofit newsroom, which covers criminal justice, Schwartzapfel found herself tackling an entirely different animal: breaking news and hard-hitting features that put the facts center stage.

Schwartzapfel considered how she could bring her storytelling chops to these new formats. Her answer was what she calls “tiny narratives”: compact anecdotes, sometimes only a few lines long, scattered throughout a fact-driven article. “I think of them as raisins in oatmeal, or the signs people hold on the sidelines of a marathon. They’re little surprises or jolts of pleasure to remind people of what they’re reading and why it matters,” she explained in a session at the Power of Narrative Conference at Boston University in late March.

Those nuggets of humanity can help keep readers on the page at a time when news organizations are scrambling for the public’s attention. But it isn’t easy to do well. Injecting narrative elements into a news or investigative story can bring unnecessary clutter or overwhelm the essential facts.

Here are tips from Schwartzapfel and other speakers at the conference about how to get “tiny narratives” right.
… (emphasis in original)

A series of great tips, but if you want more examples of Schwartzapfel’s writing, try Beth Schwartzapfel, Staff Writer.

I count fifty-five (55) stories.

More than enough for a Hunter Thompson exercise of re-typing great stories:

Posted by Brian John Spencer in Hunter S. Thompson – Typing out the work of the best writers.

Think of Thompson’s approach as developing “muscle and verbal cadence” memory.

I’m much more likely to try that with Schwartzapfel’s stories than with XQuery, but it would be an interesting exercise in both cases.

😉

April 7, 2017

Fact Check now available in Google… [Whose “Facts?”]

Filed under: Bias,Journalism,News,Reporting — Patrick Durusau @ 8:15 pm

Fact Check now available in Google Search and News around the world by Justin Kosslyn and Cong Yu.

From the post:

Google was built to help people find useful information by surfacing the great content that publishers and sites create. This access to high quality information is what drives people to use the web and for contributors to continue to engage and invest in it.

However, with thousands of new articles published online every minute of every day, the amount of content confronting people online can be overwhelming. And unfortunately, not all of it is factual or true, making it hard for people to distinguish fact from fiction. That’s why last October, along with our partners at Jigsaw, we announced that in a few countries we would start enabling publishers to show a “Fact Check” tag in Google News for news stories. This label identifies articles that include information fact checked by news publishers and fact-checking organizations.

After assessing feedback from both users and publishers, we’re making the Fact Check label in Google News available everywhere, and expanding it into Search globally in all languages. For the first time, when you conduct a search on Google that returns an authoritative result containing fact checks for one or more public claims, you will see that information clearly on the search results page. The snippet will display information on the claim, who made the claim, and the fact check of that particular claim.

And the fact checking criteria?


For publishers to be included in this feature, they must be using the Schema.org ClaimReview markup on the specific pages where they fact check public statements (documentation here), or they can use the Share the Facts widget developed by the Duke University Reporters Lab and Jigsaw. Only publishers that are algorithmically determined to be an authoritative source of information will qualify for inclusion. Finally, the content must adhere to the general policies that apply to all structured data markup, the Google News Publisher criteria for fact checks, and the standards for accountability and transparency, readability or proper site representation as articulated in our Google News General Guidelines. If a publisher or fact check claim does not meet these standards or honor these policies, we may, at our discretion, ignore that site’s markup.

An impressive 115 separate organizations are approved fact checkers but most of them, the New York Times for example, publish “facts” from the US State Department, US Department of Defense, members of US Congress, White House, and other dubious sources of information.

Not to mention how many times have you read the New York Times supporting:

  • Palestinian Martyrs
  • State destruction of Afro-American homes as retribution for crimes
  • Supporting armed white encampments in traditionally Afro-American neighborhoods

No?

Do you think perhaps the New York Times has a “point of view?”

We all do you know. Have a point of view.

What I find troubling about “fact checking” by Google is that some points of view, such as that of the NYT, are going to be privileged as “facts,” whereas other points of view will not enjoy such a privilege.

Need I mention that not so long ago the entire Middle East was thrown into disarray, a disarray that continues to this day, because the “facts” as judged by the NTY and others, said that Saddam Hussein possessed weapons of mass destruction?

I have no doubt that a fact checking Google at the time would have said it’s a fact that Saddam Hussein possessed weapons of mass destruction, at least until years after that had been proven to be false. Everybody who was anybody said it was a fact. Must be true.

As a super-Snopes, if I hear a rumor about Pete Rose and the Baseball Hall of Fame, Google fact checking may be useful.

For more subtle questions, consider whose “facts” in evaluating a Google fact check response.

April 4, 2017

Non-Fox News journalists: Investigate Bill O’Reilly & Fox News Reporters

Filed under: Ethics,Journalism,News,Reporting — Patrick Durusau @ 5:57 pm

Fox News journalists: Don’t stay silent amid Bill O’Reilly controversy by Kyle Pope.

From the post:

WHAT DOES IT TELL US WHEN advertisers get ahead of reporters in matters of newsroom ethics? It tells us something is seriously wrong at Fox News, and it’s time for the real journalists at the network (and beyond) to make themselves heard.

On Tuesday, more companies moved to distance themselves from the network and its host, Bill O’Reilly, in response to a April 1 piece in The New York Times detailing sexual harassment allegations against Fox’s top-rated host and cash cow. The alleged behavior ranges the gamut of smut, from unwanted advances to phone calls in which O’Reilly—he of an $18 million-a-year salary from Rupert Murdoch et al—sounds as if he is masturbating.
… (emphasis in original)

Pope’s call for legitimate journalists at Fox to step forward is understandable, but too little too late.

From campus rape at UT Austin to the conviction of former Penn State President Graham Spanier’s conviction for failing to report alleged child abuse, it is always that case that somebody knew what was going on and remained silent.

What did the “legitimate journalists” at Fox News and when?

Will the journalism community toss 0’Reilly to the wolves and give his colleagues a free pass?

That’s seems like an odd sense of ethics for journalists.

Yes?

April 3, 2017

Substituting Their Judgment For Yours

Filed under: Journalism,News,Reporting — Patrick Durusau @ 7:25 pm

Merrill Perlman captures in From cyberattacks to fake news: notable recent changes in AP style my complaint on reference free reporting.

Perlman quotes a recent change in Associated Press (AP) style:

Holding politicians and public figures accountable for their words often requires reporting or research to verify facts that affirm or disprove a statement, or that show a gray area.

Fact-checking also is essential in debunking fabricated stories or parts of stories done as hoaxes, propaganda, jokes or for other reasons, often spread widely on the internet and mistaken as truth by some news consumers.

The term fake news may be used in quotes or as shorthand for the modern phenomenon of deliberate falsehoods or fiction masked as news circulating on the internet.

However, do not label as fake news specific or individual news items that are disputed.

In all cases, the goal of fact-checking is to push back on falsehoods, exaggeration and political spin. Be specific in describing what is false and back up those descriptions with facts.

… (emphasis added)

I would extend the AP’s

Be specific in describing what is false and back up those descriptions with facts.

to:

Be specific in describing what is false, back up those descriptions with facts, with links/references to resources for those facts.

Absent links/references for facts, I see two parties, both wanting to foist their judgment on “facts” onto me.

I appreciate the effort to save me from thinking for myself, but no thanks.

The absence of links/references to third-party resources is proof of intent to usurp the reader’s judgment.

The same reasoning applies to leak publishers who decide what you should or should not be allowed to see.

April 1, 2017

Terrorism and the Media: A Handbook for Journalists

Filed under: Journalism,News,Reporting — Patrick Durusau @ 1:18 pm

Terrorism and the Media: A Handbook for Journalists by Jean-Paul Marthoz, published by United Nations Educational, Scientific and Cultural Organization (UNESCO).

From the Foreword:

It should be clear to everyone why a publication such as this, on the coverage of terrorism and violent extremism in the media, is urgently needed.

Around the world we see various actors staging violence against civilians to foster fear and suspicion of others. We see populations in many countries convinced that terrorism represents the most significant threat to their daily lives. We see political movements that take advantage of tragedy and pit citizens against each other in order to gain greater support. It is critical to reflect on how the media may be inadvertently contributing to this tense climate, and what steps should be taken to address this.

It is important to remember that terrorism is not a new phenomenon. Many countries have suffered for decades from groups, both internal and external and including both State and non-State actors, wielding violence against civilians as political strategy. In many cases, the local population emerged stronger and more resilient, proving that brutality is no match in the long term for the progress of unity and shared values.

In this context, the media are critical in providing verifiable information and informed opinion. During the tense environment of a crisis, with populations on edge and tempers flared, this becomes all the more important. The relationship between terrorism and media is complex and fraught. At its worst, it is a perverse symbiotic relationship – terrorist groups devising spectacles of violence to continue drawing the world’s attention, and the media incentivised to provide wall-to-wall coverage due to huge audience interest.

Of course, this is not to minimise the real human suffering that terrorism causes. Far too many lives have been cut short by it. These acts must always be deplored, and those accountable brought to justice.

It is important to remember that the goal of these violent actors is not to bring terror for terror’s sake. They do not wish to create fear in the minds of men and women simply because of their interests, hatred or ideology. Their real objective is to cleave society down the centre, turning people against each other by provoking repression, discrimination and discord. They aim to simultaneously prove themselves correct in their predictions of widespread persecution and to attract new followers to their violent cause. They seek to create a mood of defeatism in the face of attacks and polarised reactions.

The real risk of terrorism is that fear and suspicion will drive a new wave of nationalism and populism, and that the freedoms we have all worked so hard to achieve will be sacrificed on the altar of retribution. These are not attacks on one nation or people, but attacks on all of us as global citizens. We should be especially critical of any response that plays willfully into the hands of violent actors, and which generates its own victims who become martyrs for further terrorist recruitment.
… (emphasis in original)

If you found yourself nodding in agreement with that excerpt, be aware you have chosen a side without defining it.

That’s not a bad thing, even upon reflection we all choose sides, I’m simply advocating honesty and transparency in those choices.

Marthoz tries to be even handed, “One person’s terrorist is another person’s freedom fighter” (page 17) and “State terrorism generally escapes the notice of those who try to forge a common international definition of terrorism within intergovernmental organizations.” (pages 20-21), but the United States is not listed as a terrorist organization nor named as a state sponsor of terrorism.

Perhaps necessary to achieve publication by UNESCO but that omission is symbolic of the pressure journalists will face in reporting on “terrorism.”

What other name would you give an acts described at Airwars, a site that monitors US-led bombing in Syria and Iraq?

But you won’t find the media, Western media at any rate, denouncing US-led bombing in Syria and Iraq as terrorism nor will they out the pilots who are committing those acts of terrorism.

My suggestion is that you bookmark Airwars and when a non-systematic, indeed random act of terrorism occurs in your country, include in your story the latest terrorist acts by the US and its allies.

To give your account balance.

For example, on November 28, 2016, Abdul Razak Ali Artan injured 11 people with a butcher knife at Ohio State University. You could take any number of stories from Airwars but consider on November 29, 2016, Rawa, Anbar province, Iraq, ten members of a single family were killed in a bombing raid.

I don’t remember seeing the Rawa, Anbar province, Iraq story in Western media. Did you? Why are there no, repeat no reporters from any major news organization providing reports on such events?

Want balance in your coverage? Start funding reporters to provide first hand confirmation of air strikes in Syria and Iraq.

March 29, 2017

4 Billion “Records” Leaked In 2016 – How Do You Define Record?

Filed under: Cybersecurity,Journalism,News,Reporting,Security — Patrick Durusau @ 3:33 pm

The IBM X-Force Treat Intelligence Index 2017 report leaves the impression hackers are cutting through security like a hot knife through butter:

With Internet-shattering distributed-denial-of-service (DDoS) attacks, troves of records leaked through data breaches, and a renewed focus by organized cybercrime on business targets, 2016 was a defining year for security. Indeed, in 2016 more than 4 billion records were leaked, more than the combined total from the two previous years, redefining the meaning of the term “mega breach.” In one case, a single source leaked more than 1.5 billion records.1 (page 3)

The report helpfully defines terms at page 3 and in the glossary (page 29) but never defines “record.”

The 4 billion records “fact” will appear in security blogs, Twitter, business zines, mainstream media, all without asking: “What is a record?”

Here are some things that could be records:

  • account, username, password
  • medical record (1 or more pages)
  • financial record (1 or more pages)
  • CIA document (1 or more pages)
  • Tax records (1 or more pages)
  • Offshore bank data (spreadsheet, 1 or more pages
  • Presentations (PPT, 1 or more pages)
  • Accounting records (1 or more pages)
  • Emails (1 or more pages)
  • Photos, nude or otherwise

IBM’s “…4 billion records were leaked…,” is a marketing statement for IBM security services. Not a statement of fact.

Don’t make your readers dumber by repeating IBM marketing slogans without critical comments.

PS: I haven’t checked the other “facts” claimed in this document. The failure to define “record” was enough to discourage further reading.

March 27, 2017

How Do You Spell Media Bias? M-U-S-L-I-M

Filed under: Bias,Journalism,News,Reporting — Patrick Durusau @ 4:11 pm

Disclosure: I have contempt for news reports that hype acts of terrorism. Even more so when little more than criminal acts by Muslims are bemoaned as existential threats to Western society. Just so you know I’m not in a position to offer a balanced view of Ronald Bailey’s post.

Do Muslims Commit Most U.S. Terrorist Attacks?: Nope. Not even close. by Ronald Bailey.

From the post:

“It’s gotten to a point where it’s not even being reported. In many cases, the very, very dishonest press doesn’t want to report it,” asserted President Donald Trump a month ago. He was referring to a purported media reticence to report on terror attacks in Europe. “They have their reasons, and you understand that,” he added. The implication, I think, is that the politically correct press is concealing terrorists’ backgrounds.

To bolster the president’s claims, the White House then released a list of 78 terror attacks from around the globe that Trump’s minions think were underreported. All of the attackers on the list were Muslim—and all of the attacks had been reported by multiple news outlets.

Some researchers at Georgia State University have an alternate idea: Perhaps the media are overreporting some of the attacks. Political scientist Erin Kearns and her colleagues raise that possibility in a preliminary working paper called “Why Do Some Terrorist Attacks Receive More Media Attention Than Others?

For those five years, the researchers found, Muslims carried out only 11 out of the 89 attacks, yet those attacks received 44 percent of the media coverage. (Meanwhile, 18 attacks actually targeted Muslims in America. The Boston marathon bombing generated 474 news reports, amounting to 20 percent of the media terrorism coverage during the period analyzed. Overall, the authors report, “The average attack with a Muslim perpetrator is covered in 90.8 articles. Attacks with a Muslim, foreign-born perpetrator are covered in 192.8 articles on average. Compare this with other attacks, which received an average of 18.1 articles.”

While the authors rightly question the equality of terrorist reporting, which falsely creates a link between Muslims and terrorism in the United States, I question the appropriateness of a media focus on terrorism at all.

Aside from the obvious lure that fear sells and fear of Muslims sells very well in the United States, the human cost from domestic terrorist attacks, not just those by Muslims, hardly justifies crime blotter coverage.

Consider that in 2014, there were 33,559 deaths due to gun violence and 32 from terrorism.

But as I said, fear sells and fear of Muslims sells very well.

Terrorism or more properly the fear of terrorism has been exploited to distort government priorities and to reduce the rights of all citizens. Media participation/exploitation of that fear is a matter of record.

The question now is whether the media will knowingly continue its documented bigotry or choose another course?

The paper:

Kearns, Erin M. and Betus, Allison and Lemieux, Anthony, Why Do Some Terrorist Attacks Receive More Media Attention Than Others? (March 5, 2017). Available at SSRN: https://ssrn.com/abstract=2928138

March 26, 2017

Transparency can have a prophylactic effect

Filed under: Journalism,News,Reporting,Transparency — Patrick Durusau @ 4:57 pm

Farai Chideya set out to explore:

…who reported the 2016 election, and whether political teams’ race and gender diversity had any impact on newsrooms.

That’s an important question and Chideya certainly has the qualifications and support ( fellow at Harvard’s Shorenstein Center on Media, Politics and Public Policy) to pursue it.

One problem. For reasons best known to themselves, numerous media organizations refuse to provide diversity date. (full stop)


But the most important data point for this project—numbers from newsrooms on their 2016 political team staffing—has been the hardest to collect because very few managers or business-side staff are willing to disclose their data. One company admitted off the record that they were not responding to diversity requests, period. The Wall Street Journal provided the statement that it “declined to provide specific personnel information.” An organization sent numbers for its corporate parent company, whose size is approximately a thousand times the size of the entire news team, let alone the political team. Another news manager promised verbally to cooperate with the inquiry, but upon repeated follow up completely ghosted.

Concealment wasn’t the uniform response as Chideya makes clear but useful responses were so few and far. Enough so to provoke her post.

She captures my sentiments writing:


If we journalists can’t turn as unsparing a gaze on ourselves as we do on others, it speaks poorly for us and the credibility of our profession. If the press lauds itself for demanding transparency from government but cannot achieve transparency in its newsrooms, that is cowardice. If we say we can cover all of America with representatives of only a few types of communities, we may win battles but lose the war to keep news relevant to a broad segment of Americans. This is as strong a business argument as a moral argument.

If you need additional motivation, be aware that Chideya is proceeding in the face of non-cooperation and when her study is published, there will be a list of who has been naughty and nice.

Here’s how to self-report:


Whether or not you are a news organization I’ve already contacted, please email me at Farai_Chideya@hks.harvard.edu

For the purposes of the reporting, I’m looking for a race/gender count of 2016-cycle political staffers—full-time or at least 25-hour-per-week contract workers (but not freelancers paid by the story). People come and go during the election season, but these should be people who spent at least six months covering the election between September 2015 and November 2016.

If you want to add to the data you disclose, you can include separate counts for freelancers; or for staff who worked on politics less than six months of the cycle, but those should be broken out separately.

Want bonus points? Produce an org chart showing how your staff diversity played out across the ranks of reporters and editors. Feel free to annotate for self-reported class background or other metrics if you want, too. But race and gender are the minimum.

We’d like on-the-record numbers and interviews from people who we can use as sources in the report: managers, corporate communications staff, anyone authorized to speak on behalf of the newsroom. Please indicate if you are speaking on the record and in what role.

Because we are not getting this information, in many cases, we also welcome interviews and information on background. That is, if you are a staffer and can provide information, please do, and tell us who you are and that you don’t want to be quoted or cited. We’ll take what you provide to us into account as we do our research, but obviously it can’t be the final word. You could also offer quotes about the topic on the record, and your assessment of staff diversity on background.

As we conclude the report, we will release information on who has provided information, and who it was requested from who did not.

Self-reporting beats being on the naughty list and/or your diversity information extracted by a ham-handed hacker who damages your systems as well.

Who knew? Transparency can have a prophylactic effect.

See Chideya’s full post at: One question that turns courageous journalists into cowards

March 19, 2017

UK Proposes to Treat Journalists As Spies (Your Response Here)

Filed under: Censorship,Free Speech,Journalism,News,Reporting — Patrick Durusau @ 4:33 pm

UK’s proposed Espionage Act will treat journalists like spies by Roy Greenslade.

From the post:

Journalists in Britain are becoming increasingly alarmed by the government’s apparent determination to prevent them from fulfilling their mission to hold power to account. The latest manifestation of this assault on civil liberties is the so-called Espionage Act. If passed by parliament, it could lead to journalists who obtain leaked information, along with the whistle blowers who provide it to them, serving lengthy prison sentences.

In effect, it would equate journalists with spies, and its threat to press freedom could not be more stark. It would not so much chill investigative journalism as freeze it altogether.

The proposal is contained in a consultation paper, “Protection of Official Data,” which was drawn up by the Law Commission. Headed by a senior judge, the commission is ostensibly independent of government. Its function is to review laws and recommend reforms to ensure they are fairer and more modern.

But fairness is hardly evident in the proposed law. Its implications for the press were first highlighted in independent news website The Register by veteran journalist Duncan Campbell, who specializes in investigating the U.K. security services.

Comments on the public consultation document can be registered here.

Greenslade reports criticism of the proposal earned this response from the government:


In response, both Theresa’s May’s government and the Law Commission stressed that it was an early draft of the proposed law change. Then the commission followed up by extending the public consultation period by a further month, setting a deadline of May 3.

Early draft, last draft or the final form from parliament, journalists should treat the proposed Espionage Act as a declaration of war on the press.

Being classified as spies, journalists should start acting as spies. Spies that offer no quarter and who take no prisoners.

Develop allies in other countries who are willing to publish information detrimental to your government.

The government has chosen a side and it’s not yours. What more need be said?

March 14, 2017

Pre-Installed Malware – Espionage Potential

Filed under: Cybersecurity,Journalism,News,Reporting — Patrick Durusau @ 11:03 am

Malware found pre-installed on dozens of different Android devices by David Bisson.

From the post:

Malware in the form of info-stealers, rough ad networks, and even ransomware came pre-installed on more than three dozen different models of Android devices.

Researchers with Check Point spotted the malware on 38 Android devices owned by a telecommunications company and a multinational technology company.

See David’s post for the details but it raises the intriguing opportunity to supply government and corporate offices with equipment with malware pre-installed.

No more general or targeted phishing schemes, difficult attempts to breach physical security and/or to avoid anti-virus or security programs.

The you leak – we print model of the news media makes it unlikely news organizations will want to get their skirts dirty pre-installing malware on hardware.

News organizations consider themselves “ethical” in publishing stolen information but are unwilling to steal it themselves, because stealing is “unethical.”

There’s some nuance in there I am missing, perhaps that being proven to have stolen carries a prison sentence in most places. Odd how ethics correspond to self-interest isn’t it?

If you are interested in the number of opportunities for malware on computers in 2017, check out Computers Sold This Year. It reports as of today over 41 million computers sold this year alone.

News organizations don’t have the skills to create a malware network but if information were treated as having value, separate from the means of its acquisition, a viable market would not be far behind.

March 13, 2017

Less Than Accurate Cybersecurity News Headline – From Phys.org No Less

Filed under: Cybersecurity,Journalism,News,Reporting — Patrick Durusau @ 7:50 pm

Skimming through my Twitter stream I encountered:

That sounds important and it’s from Phys.org.

Who describe themselves in 100 words:

Phys.org™ (formerly Physorg.com) is a leading web-based science, research and technology news service which covers a full range of topics. These include physics, earth science, medicine, nanotechnology, electronics, space, biology, chemistry, computer sciences, engineering, mathematics and other sciences and technologies. Launched in 2004, Phys.org’s readership has grown steadily to include 1.75 million scientists, researchers, and engineers every month. Phys.org publishes approximately 100 quality articles every day, offering some of the most comprehensive coverage of sci-tech developments world-wide. Quancast 2009 includes Phys.org in its list of the Global Top 2,000 Websites. Phys.org community members enjoy access to many personalized features such as social networking, a personal home page set-up, RSS/XML feeds, article comments and ranking, the ability to save favorite articles, a daily newsletter, and other options.

So I bit and visited New technique completely protects internet pictures and videos from cyberattacks, which reads in part:

A Ben-Gurion University of the Negev (BGU) researcher has developed a new technique that could provide virtually 100 percent protection against cyberattacks launched through internet videos or images, which are a growing threat.

“Any downloaded or streamed video or picture is a potential vehicle for a cyberattack,” says Professor Ofer Hadar, chair of BGU’s Department of Communication Systems Engineering. “Hackers like videos and pictures because they bypass the regular data transfer systems of highly secure systems, and there is significant space in which to implant malicious code.”

“Preliminary experimental results show that a method based on a combination of Coucou Project techniques results in virtually 100 percent protection against cyberattacks,” says Prof. Hadar. “We envision that firewall and antivirus companies will be able to utilize Coucou protection applications and techniques in their products.”

The Coucou Project receives funding from the BGU Cyber Security Research Center and the BaseCamp Innovation Center at the Advanced Technologies Park adjacent to BGU, which is interested in developing the protective platform into a commercial enterprise.

Summary: Cyberattackers using internet videos or images are in little danger of being thwarted any time soon.

First, Professor Hadar’s technique would need to be verified by other researchers. (Possibly has been but no publications are cited.)

Second, the technique must not introduce additional cybersecurity weaknesses.

Third, vendors have to adopt and implement the techniques.

Fourth, users must upgrade to new software that incorporates the new techniques.

A more accurate headline reads:

New Technique In Theory Protects Pictures and Videos From Cyberattacks

Yes?

March 2, 2017

Covering Trump: … [LiveStream, 3 March 2017]

Filed under: Journalism,News,Reporting — Patrick Durusau @ 9:02 pm

Covering Trump: What Happens When Journalism, Politics, and Fake News Collide by Shelley Hepworth.

From the post:

AFTER SIX WEEKS OF HIS PRESIDENCY, the media covering Trump’s administration is beginning to get a feel for the challenges that lie ahead. The president has labeled the press “the enemy of the American people” and excluded some news outlets from briefings; the First Amendment feels like it’s under threat; and fake news and “alternative facts” abound. The unorthodox nature of this environment has raised questions: How important are press briefings? What are the ethics of using anonymous sources and leaked data? And how should we respond to a disinformation campaign targeted at the media?

To get a handle on this, the Columbia Journalism Review has partnered with Reuters and The Guardian to bring together some of the best minds in the business for a one-day conference on Friday, March 3, Covering Trump: What Happens When Journalism, Politics, and Fake News Collide. The event includes panel discussions on press coverage in a no-access era, the rise of fake news, investigating Trump’s connections to Russia, and the ethics of reporting on data leaks. There will also be a lunchtime keynote with New Yorker Editor in Chief David Remnick in conversation with Columbia Journalism School Dean Steve Coll.

The conference will be livestreamed on this page from 10:30 am Friday, and we invite viewers to join in the conversation on Twitter using the hashtag #coveringtrump.
… (emphasis in original)

Cadablanca fans will recognize that:

I’m am shocked, shocked to learn [government routinely lies to and about the press]

Still, media resistance to government, belated though it may be, is appreciated.

Catch this discussion live and carry the discussion forward in groups both in and out of the media.

February 24, 2017

White House blocks news organizations from press briefing [Opsec vs. Boromir, Ethics]

Filed under: Censorship,Free Speech,Government,Journalism,News,Reporting — Patrick Durusau @ 4:24 pm

White House blocks news organizations from press briefing by Dylan Byers, Sara Murray and Kevin Liptak.

From the post:

CNN and other news outlets were blocked Friday from an off-camera White House press briefing, raising alarm among media organizations and First Amendment watchdogs.

The New York Times, the Los Angeles Times, Politico and BuzzFeed were also excluded from the meeting, which is known as a gaggle and is less formal than the televised Q-and-A session in the White House briefing room. The gaggle was held by White House press secretary Sean Spicer.

In a brief statement defending the move, administration spokeswoman Sarah Sanders said the White House “had the pool there so everyone would be represented and get an update from us today.”

The pool usually includes a representative from one television network and one print outlet. In this case, four of the five major television networks — NBC, ABC, CBS and Fox News — were invited and attended the meeting, while only CNN was blocked.

And while The New York Times was kept out, conservative media organizations Breitbart News, The Washington Times and One America News Network were also allowed in.
… (emphasis in original)

Good opsec counsels silence in the face of such an outrage but as Boromir says in The Fellowship of the Ring:

But always I have let my horn cry at setting forth, and though thereafter we may walk in the shadows, I will not go forth as a thief in the night.” (emphasis added)

I trust this outrage obviates “ethical” concerns over distinctions between leaking, hacking, or other means of obtaining government information?

February 17, 2017

Congressmen Counsel Potential Leakers!

Filed under: Government,Journalism,News,Politics,Reporting — Patrick Durusau @ 8:39 pm

Federal Employees Guide to Sharing Key Information with the Public.

From the webpage:

On February 16, 2017, Congressman Ted W. Lieu (D | Los Angeles County) and Congressman Don Beyer (D | Virginia) released the following resource guide for federal employees who wish to break the Administration’s communications blackout on federal agencies. The guide explains how to safely and responsibly share information, and encourages employees to “Know Your Rights” and “Know Your Options.” In the “Know Your Rights” section, federal employees can learn about which federal laws apply to them. In the “Know Your Options” section, employees can learn about how to safely disseminate information to agency inspectors general and the press. The resource guide also includes links to an in-depth list of federal whistleblower statutes and information about agency inspectors general. The full press release can be found here.

Links to whistleblower resources, etc. follow.

Here’s a screen shot of the top of their guide:

The links for whistleblowers are great but rely upon the you take all the risk, media reaps all the glory model.

Better than no leaks at all but having news organization step up with cyberexpertise to safely extract data sounds like a better model.

February 13, 2017

How to Listen Better [Not Just For Reporters]

Filed under: Communication,Journalism,News,Reporting — Patrick Durusau @ 9:42 pm

How to Listen Better by Josh Stearns.

From the post:

In my weekly newsletter, The Local Fix, I compiled a list of guides, tools, and examples of how newsrooms can listen more deeply to local communities. I’m sharing it here in case it can be useful to others, and to encourage people to add to the list.

See which of Josh’s resources resonate with you.

These resources are in the context of news/reporting but developing good listening skills is an asset in any field.

Here’s a free tip since you are likely sitting in front of your computer monitor:

If someone comes to talk to you, turn away from your monitor and pay attention to the person speaking.

Seriously, try that for a week and see if your communication with co-workers improves.

PS: Do read posts before you tweet responses to them. As they say, “reading is fundamental.”

February 9, 2017

Opening Secure Channels for Confidential Tips [Allocating Risk for Leaks]

Filed under: Cybersecurity,Journalism,News,Reporting,Security — Patrick Durusau @ 5:45 pm

Opening Secure Channels for Confidential Tips by Martin Shelton.

From the post:

In Shields Up, security user researcher Martin Shelton writes about security threats and defenses for journalists. Below, his first installment. —eds

To make it easier for tipsters to share sensitive information, a growing number of news organizations are launching resources for confidential tips. While there is some overlap between the communication channels that each news organization supports, it’s not always clear which channels are the most practical for routine use. This short guide will describe some basics around how to think about security on behalf of your sources before thinking about tools and practices. I’ll also describe common communication channels for accepting sensitive tips and tradeoffs when using each channel. When thinking about tradeoffs, consider which channels are right for you.
… (emphasis in original)

Martin does a great job of surveying your current security options but doesn’t address the allocation of risk between leakers and news organizations that I covered in U.S. Leaking Law: You Go To Jail – I Win A Pulitzer and/or the option of leaking access rather than the risk of leaking data/documents, How-To: Leaking In Two Steps.

Here’s the comment I’m posting to his post and I will report back on his response, probably in a separate post:

Martin, great job on covering the security options for tips and their tradeoffs!

I do have a question though about the current model of leaking, which puts all of the risk on the leaker. A leaker undertakes the burden of liberating data and/or documents, takes the risk of copying/removing them and then the risk of getting them securely to a news organization.

All of which requires technical skills that aren’t common.

As an alternative, why shouldn’t leakers leak access to such networks/servers and enable news organizations, who have greater technical resources, to undertake the risks of retrieval of such documents?

I mentioned this to another news person and they quickly pointed out the dangers of the Computer Fraud and Abuse Act (CFAA) for a news organization but the same holds true for the leaker. Who very likely has fewer technical skills than any news organization.

Thinking that news organizations can decide to serve the interests of government (follow the CFAA) or they can decided to serve the public interest. In my view, those are not synonymous.

I am still refining ways that leakers could securely leak access but at present, using standard subscription forms with access information instead of identifying properties, offers both a trustworthy target (the news organization) and a multiplicity of places to leak, which prevents effective monitoring of them. I have written more than once about this topic but two of particular interest: U.S. Leaking Law: You Go To Jail – I Win A Pulitzer, and, How-To: Leaking In Two Steps.

Before anyone protests the “ethics” of breaking laws such as the CFAA, recall governments broke faith with their citizens first. Laws like the CFAA are monuments to that breach of faith. Nothing more.

February 7, 2017

Leakers As Lighthouses In A Sea Of Data

Filed under: Journalism,News,Reporting — Patrick Durusau @ 3:50 pm

I was extolling my How-To: Leaking In Two Steps yesterday when a very practical problem suggested itself.

In sneakernet leaking (hard copy/digital), the leaker has selected/filtered the leaked content prior to delivery to a news organization.

Leaked access puts the burden on reporters to explore to find relevant data. Without some guidance from a leaker, reporters won’t know if a “big story” is in the next directory, file or spreadsheet.

Concern was also voiced that traditional news organizations might run afoul of the Computer Fraud and Abuse Act (CFAA).

Governments enact laws like the CFAA in order to protect their own criminal activity and those of criminals like them.

Think of the last time your local, state or national government did something that would be universally admired and acclaimed but kept it secret.

Coming up empty? Some am I.

Good acts are never kept secret and that is a commentary on acts that are kept secret

I won’t suggest you violate the CFAA, if you are subject to it, but do consider if you are serving the government’s interest in obeying such laws or the public’s.

I’m re-factoring How-To: Leaking In Two Steps to keep the ease of leaking for leakers, preserve their role as lighthouses, and, perhaps even more importantly, to reduce if not eliminate CFAA liability for news organizations.

February 6, 2017

Eight Days in March: [Bias by Omission]

Filed under: Bias,Journalism,News,Reporting — Patrick Durusau @ 9:19 pm

Eight Days in March: How the World Searched for Terror Attacks by Google Trends.

eight-days-in-march-460

Cities that searched for these attacks:

cities-searching-460

See the original for full impact but do you notice a bias by omission?

What about the terrorist bombings by the United States and its allies in Syria and Iraq, that happened every day mentioned in this graphic?

Operation Inherent Resolve reports:

Between Aug. 8, 2014 and Jan. 30, 2017, U.S. and partner-nation aircraft have flown an estimated 136,069 sorties in support of operations in Iraq and Syria.

That’s 906 days or 150 sorties on average per day.

Or for eight days in March, 1200 acts of terrorism in Iraq and Syria.

Readers who are unaware of the crimes against the people of Iraq and Syria won’t notice the bias in this graphic.

Every biased graphic is an opportunity to broaden a reader’s awareness.

Take advantage of them.

February 5, 2017

Learn A Language, 140 Characters At A Time (GIJN)

Filed under: Journalism,News,Reporting — Patrick Durusau @ 5:39 pm

Global Investigative Journalism Network (GIJN) announced two Twitter feeds today:

@gijnArabic

@gijnRu

To complement:

@gijn

@gijnAfrica

@gijnCh

@gijnEs

The GIJN Twitter feed expansion prompted me to think of its feeds as part of a language learning effort.

I doubt you would find classic literature quoted in tweets but that’s rare these days outside of classrooms.

Certainly not common in tweets from political leaders. 😉

From their about page:

The Global Investigative Journalism Network (GIJN) is an international association of nonprofit organizations that support, promote, and produce investigative journalism. GIJN holds conferences, conducts trainings, provides resources and consulting, and encourages the creation of similar nonprofit groups. It was founded in 2003 when more than 300 journalists from around the world gathered for the second Global Investigative Journalism Conference in Copenhagen. Since then it has grown to 145 member organizations in 62 countries.

If you don’t know the Global Investigative Journalism Network (GIJN), pay them a visit. You will like what you find.

February 3, 2017

How-To: Leaking In Two Steps

Filed under: Cybersecurity,Journalism,News,Reporting,Security — Patrick Durusau @ 3:22 pm

In Lowering the Bar for Leakers I proposed this method for leaking login credentials:

  1. Write login credentials (not your own), login URL, on paper
  2. Mail to (news address) – no return address
  3. News Media: Destroys all leaked credentials upon receipt

Easier than the convolutions you will find at: How easy is it to securely leak information to some of America’s top news organizations? This easy or Attention Federal Employees: If You See Something, Leak Something, but we can do better.

A Universal (nearly) and Secure Leaking Point

Can you think of one characteristic shared by almost all websites? Aside from being on the Web?

The ability to create an account for news and updates!

Like this page from the New York Times:

nytimes-account-460

Warning: Leak login credentials to sites using the https protocol only.

Leaking access to a publicly accessible server

Leaking your sysadmin’s, boss’s, co-worker’s credentials, you enter:

nytimes-account-460-leak-1

Leaking access to a server on a restricted network

For servers or resources requiring more than one set of credentials, say on a secure network, again using your sysadmin’s, boss’s, co-worker’s credentials, you enter:

nytimes-account-460-leak-2

Leaking In Two Steps

The leaking of login credentials (not your own) is two steps:

  1. Create account from non-work computer
  2. Enter login credentials as account details

You are protected by:

  1. SSL encryption
  2. Safety in numbers – Study finds that 97% of large companies have had credentials leaked online
  3. Credential duplication is a well-known fact – 17% of passwords are “123456”
  4. Not facing the risks of a sneakernet thief to steal, transport and deliver data in hard copy or digital format

This technique will work with agencies, banks, corporations, courts, governments, legislatures, PACs, anywhere that requires digital login credentials.

I used email and password fields here but that is just an artifact of the New York Times form. Other parts of a form and other separators are certainly possible.

PS: Don’t leak credentials to me because my site doesn’t have SSL (right now) and I’m not in full control of the server.

Personally, if I were to accept leaked credentials, I would store that data on a RAM disk.

February 2, 2017

Data Journalism Manual

Filed under: Journalism,News,Reporting — Patrick Durusau @ 4:57 pm

Data Journalism Manual by ODECA.

There are five data journalism modules:

Plus Labs.

The page footer reads:

This data journalism manual has been adapted for UNDP Istanbul Regional Hub by Eva Constantaras, and in Russian by Anastasia Valeeva, from an original work produced for The World Bank’s Sudan Evidence Base Programme, supported by the United Kingdom Department for International Development and found at https://www.sudandata.org/learning/2

(see Data Journalism Manual for the modules in Russian.)

About ODECA:

Open Data in Europe and Central Asia (ODECA) is a platform to support government representatives, civil society activists, tech activists and citizens that care about and work with open data.

The network covers 18 countries in the region and aims to stimulate innovation, knowledge sharing and learning among practitioners and aficionados of open data regionally and globally.

Our goal is to use the potential of open data to transform societies by empowering citizens and supporting governments to meet the UN Sustainable Development Goals. While we are still exploring all the ways that data will contribute to the SDGs, it is undeniable that it will play an important role in reaching and measuring them.

The network brings in the knowledge and experience of global and regional leaders in open data.
(emphasis in the original)

Enjoy!

U.S. Leaking Law: You Go To Jail – I Win A Pulitzer

Filed under: Journalism,News,Reporting — Patrick Durusau @ 3:44 pm

While researching Challenging Anti-Whistleblowing Provision (Germany) [Republication of „stolen“ Data] in a US context, I encountered: The Legality of Publishing Hacked E-mails by Diana Dellamere.

Published in 2009 and as with all legal issues, consult a lawyer but it summarizes the rule on “illegal” content as:


Bartnicki v. Vopper is the most protective of journalists and sets out the primary “test,” holding that a broadcaster could not be held civilly liable for publishing documents or tapes illegally procured by a third party. The court set out three criteria for legitimate first amendment protection: (1) the media outlet played no role in the illegal interception; (2) media received the information lawfully; (3) the issue was a matter of public concern.

If my title sounds harsh towards the press, remember that the Washington Post won a Pulitzer Prize based on Snowden’s leaks and yet called for him to not be pardoned.

I suspect that first requirement:

(1) the media outlet played no role in the illegal interception;

is part of the reason why the bar for leakers remains high, that is media outlets don’t accept leaked login credentials for the recovery of material of public interest.

Media outlets need to realize the “no role in the illegal interception” condition of Bartnicki v. Vopper is a bargain with the devil. From which both media outlets and the public suffer.

Media outlets suffer because despite the brave rhetoric of “speaking truth to power,” media outlets say in fact:

speaking such truth as breaks through the wall of fear and punishment maintained by power

In honoring the condition of “no role in the illegal interception” media outlets have chosen a side. It isn’t the side of transparency, public interest or government accountability.

If that weren’t bad enough, the public suffers by being deprived of facts that skilled data miners could recover, that lie beyond the skill of leakers who could leak access credentials.

Everyone gets to make choices and certainly media outlets, we could all name a few, can choose to be government toadies.

As far as “legality” is concerned, I call your attention to: Tweeter And The Monkey Man by Traveling Wilburys:

Jan had told him many times, “It was you to me who taught
In Jersey anything’s legal, as long as you don’t get caught”

The law is codified caprice that favors the powerful.

Whether to break it or not asks how much is the truth worth to you really?

February 1, 2017

Challenging Anti-Whistleblowing Provision (Germany) [Republication of „stolen“ Data]

Filed under: Journalism,News,Reporting — Patrick Durusau @ 1:28 pm

GFF and its partners challenge anti-whistleblowing provision on handling „stolen“ data by Nora Markard.

From the post:

With an alliance of civil rights organizations and journalists, GFF is challenging the new Criminal Code provision on handling „stolen“ data. Passed by the grand coalition in 2015, this provision (s. 202d of the Criminal Code) criminalizes handling leaked data without providing for an adequate protection of the press. It thereby threatens an important part of the work of investigative journalists as well as their informants and supporting experts.

The facial challenge brought by GFF and its partners (PDF, in German) claims that the provision violates the freedom of the press and broadcasters, the equality clause, professional freedom and the clarity principle.

The new provision criminalizes handling data which someone else had obtained illegally; the sentence is up to three years in prison or a fine (translation by Sebastian Golla):

(1) Whoever procures for himself or for another, supplies another, disseminates or makes otherwise available data (s. 202a(2)) that is not publicly accessible and that another has acquired through an unlawful act, with the intent of enriching himself or another or of harming another, shall be liable to imprisonment not exceeding three years or a fine.

In the legislator’s intention, the provision addresses the trade in stolen credit card and user data. Due to careless drafting, however, it also covers the procurement, transfer and dissemination of electronic data which were obtained by journalists from whistleblowers.

Working with information such as that revealed to the public by Edward Snowden in violation of US secrecy laws would therefore be illegal under German law.

Governments are secretive creatures by nature and the German government is no exception to that rule.

Nora’s post is heavy on links to news coverage and those opposing this “accidental” sweeping up of whistleblowers.

Whatever the result under the particulars of German law, the better result would be a finding that publication, such as posting to Wikileaks or the dark web, breaks any chain of civil or criminal liability.

Once data has been posted to a public site, any re-publication of that data is protected as free speech.

It is easy enough to distinguish use of credit card data because that is a species of fraud and not an example of free (insert public) speech.

Re-publication creates a “bright-line,” one visible even to enthusiastic prosecutors and encourages leakers to leak for all and not the few.

Several recent leaks come to mind that were dribbled out for the benefit of the few.

January 31, 2017

Writing Good FOIA Requests

Filed under: FOIA,Journalism,News,Reporting — Patrick Durusau @ 7:45 pm

What makes a good FOIA request? We studied 33,000 to find out by By Nicholas Dias, Rashida Kamal and Laurent Bastien.

From the post:

EVERY JOURNALIST HAS IDEAS about what makes a good public records request. But surprisingly few people have actually tried to systematically analyze how requests can be written to improve their chances of success.

To fill this vacuum, we analyzed more than 33,000 Freedom of Information Act requests and identified a few characteristics that were typical of those that were fulfilled.

The requests were made to five federal agencies that publish to FOIAonline.gov: the Environmental Protection Agency, the Department of Commerce, Customs and Border Protection, the Department of the Navy, and the National Archives and Records Administration. All were filed between 2011 and 2016.

We defined success as the receipt of all records requested, as defined by the agency. There was no straightforward relationship between wait time and any of the characteristics we considered, so we factored it out as a measure of success.

For the requests we examined, the full-grant rate across all five agencies was around 23 percent. That’s the same success rate for requests across all federal agencies, according to Max Galka of FOIA Mapper, a project funded by the Knight Foundation that outlines the record systems of federal agencies.

Requesters in our sample typically waited around 142 days, or a little more than four months, to get responses. Less than 39 percent of requests received responses within 28 days, which is the longest amount of time an agency could spend fulfilling a request while still meeting FOIA’s 20-business-day time limit.

That’s a pretty bleak picture. So, how can you improve your chances?
… (emphasis in original)

What? Evidence-based FOIA practices? 😉

After reading this review of FOIA practices, get thee to MuckRock.

MuckRock has advice, tools, community, in short, it is a one-stop FOIA shop.

What FOIA request(s) are you going to file?

January 27, 2017

This Is Easy Leaking?

Filed under: Journalism,News,Reporting — Patrick Durusau @ 3:31 pm

How easy is it to securely leak information to some of America’s top news organizations? This easy by Laura Hazard Owen.

Laura’s “easy” process has six steps that involve you installing software on your computer (detectable), storing files to be leaked on the same computer (detectable), saving your acknowledgement from the recipient of your leak (detectable).

Although she cautions you to not use a work computer for installing Tor, good advice, but in leak investigations, all computers are generally seized.

In Lowering the Bar for Leakers I suggest leakers and news media should follow this protocol for leaks:

  1. Write login credentials (not your own), login URL, on paper
  2. Mail to (news address) – no return address
  3. News Media: Destroys all leaked credentials upon receipt

A leaker’s part reduces to two steps and it reduces their risk from copying/smuggling documents.

Which one do you think is “easier??

To Laura’s credit, she does list ten (10) SecureDrop sites for publishers still following a sneakernet model of leaking.

We live in an insecure and networked environment. Why cling to copy machine and hard copy models of leaking?

The Critical Thinking Skills Cheatsheet [Infographic and Wookbook]

Filed under: Critical Reading,Journalism,News,Reporting — Patrick Durusau @ 2:45 pm

The Critical Thinking Skills Cheatsheet [Infographic] by Lee Watanabe-Crockett.

From the post:

Critical thinking skills truly matter in learning. Why? Because they are life skills we use every day of our lives. Everything from our work to our recreational pursuits, and all that’s in between, employs these unique and valuable abilities. Consciously developing them takes thought-provoking discussion and equally thought-provoking questions to get it going. Begin right here with the Critical Thinking Skills Cheatsheet.

It’s a simple infographic offering questions that work to develop critical thinking on any given topic. Whenever your students discover or talk about new information, encourage them to use these questions for sparking debate and the sharing of opinions and insights among each other. Together they can work at building critical thinking skills in a collaborative and supportive atmosphere.
… (emphasis in original)

The infographic, also available as a color 11 x 17 pdf file, is too large to display here but I can give you the flavor of it:

Who

… benefits from this?
… is this harmful to?
… makes decisions about this?
… is most directly affected?
… have you also heard discuss this?
… would be the best person to consult?
… will be the key people in this?
… deserves recognition for this?

What, Where, When, Why and How have similar expansions.

See also The Critical Thinking Workbook from Global Digital Citizen.

Specific domains may benefit from altered or additional prompts but this a great starting place!

State Legislatures For Bloggers and Reporters (Do You Enable Readers or Troll for Donations?)

Filed under: Journalism,Law,Law - Sources,News,Reporting — Patrick Durusau @ 11:28 am

The Law Librarians of Congress produce a number of remarkable legal resources for use by member of Congress and the general public.

While not new, their State Legislatures Websites was new to me and merits mentioning.

Presented both as a map image and a more traditional table listing, the webpage offers a curated set of links to state legislatures.

If that doesn’t sound important, consider my comparison of nearly linkless reporting in Actionable Reporting – An Example with my expanded account that included links to pending (or expired) legislation, along with links to the authors of news worthy legislation.

Vague, hand-waving reports of some bill somewhere are good for fund raising but they don’t enable your readers to take effective action.

That’s your call, enabling your readers or trolling for donations.

Bookmark State Legislatures Websites or if you need it fairly often, copy the table into a local page of legal resources for quick reference.

January 26, 2017

Superficial Reporting on Executive Orders and DAPL

Filed under: #DAPL,Journalism,News,Reporting — Patrick Durusau @ 11:00 am

Trump advances controversial oil pipelines with executive action by Athena Jones, Jeremy Diamond and Gregory Krieg, CNN, starts with these breathless paragraphs:

President Donald Trump on Tuesday signed executive actions to advance approval of the Keystone XL and Dakota Access oil pipelines.

The decision to advance the pipelines cast aside efforts by President Barack Obama’s administration to block construction of the two pipelines, while making good on one of Trump’s campaign promises.

The CNN reporters must have read some presidential action other than: Presidential Memorandum Regarding Construction of the Dakota Access Pipeline. CNN links to the memorandum but never quote from it.

Here’s the relevant language from the memorandum:


Sec. 2. Directives. (a) Pipeline Approval Review. The Secretary of the Army shall instruct the Assistant Secretary of the Army for Civil Works and the U.S. Army Corps of Engineers (USACE), including the Commanding General and Chief of Engineers, to take all actions necessary and appropriate to:

(i) review and approve in an expedited manner, to the extent permitted by law and as warranted, and with such conditions as are necessary or appropriate, requests for approvals to construct and operate the DAPL, including easements or rights-of-way to cross Federal areas under section 28 of the Mineral Leasing Act, as amended, 30 U.S.C. 185; permits or approvals under section 404 of the Clean Water Act, 33 U.S.C. 1344; permits or approvals under section 14 of the Rivers and Harbors Act, 33 U.S.C. 408; and such other Federal approvals as may be necessary;

(ii) consider, to the extent permitted by law and as warranted, whether to rescind or modify the memorandum by the Assistant Secretary of the Army for Civil Works dated December 4, 2016 (Proposed Dakota Access Pipeline Crossing at Lake Oahe, North Dakota), and whether to withdraw the Notice of Intent to Prepare an Environmental Impact Statement in Connection with Dakota Access, LLC’s Request for an Easement to Cross Lake Oahe, North Dakota, dated January 18, 2017, and published at 82 Fed. Reg. 5543;

(iii) consider, to the extent permitted by law and as warranted, prior reviews and determinations, including the Environmental Assessment issued in July of 2016 for the DAPL, as satisfying all applicable requirements of the National Environmental Policy Act, as amended, 42 U.S.C. 4321 et seq., and any other provision of law that requires executive agency consultation or review (including the consultation or review required under section 7(a) of the Endangered Species Act of 1973, 16 U.S.C. 1536(a));

(iv) review and grant, to the extent permitted by law and as warranted, requests for waivers of notice periods arising from or related to USACE real estate policies and regulations; and

(v) issue, to the extent permitted by law and as warranted, any approved easements or rights-of-way immediately after notice is provided to the Congress pursuant to section 28(w) of the Mineral Leasing Act, as amended, 30 U.S.C. 185(w).

Do you see a

cast[ing] aside efforts by President Barack Obama’s administration to block construction of the two pipelines

?

That’s the President’s intent but read the discretionary language present:


(i) review and approve in an expedited manner, to the extent permitted by law and as warranted, and with such conditions as are necessary or appropriate, … ;

(ii) consider, to the extent permitted by law and as warranted, whether to rescind or modify the memorandum … ;

(iii) consider, to the extent permitted by law and as warranted, prior reviews and determinations, including the Environmental Assessment issued in July of 2016 for the DAPL, … ;

(iv) review and grant, to the extent permitted by law and as warranted, … ; and

(v) issue, to the extent permitted by law and as warranted, ….

Setting aside Obama administration actions if after,

consider, to the extent permitted by law and as warranted, whether to rescind or modify the memorandum (Sec. 2, (ii))

That’s a long way from “…cast[ing] aside….”

Who Exercises That Discretion?

Three entities are named to exercise discretion over the DAPL permits:

but only the Army Corps of Engineers was named by CNN and then without a link for further details.

Beyond Hand Wringing Over The Executive Order On DAPL

Starting with the U.S. Army Corps of Engineers (USACE), note they maintain a webpage devoted entirely to DAPL and the current status of their review. Helpfully, the USACE includes a phone number for anyone to call about the project, (202) 761-8700.

Assistant Secretary of the Army for Civil Works Jo-Ellen Darcy’s MEMORANDUM FOR Commander, U.S. Army Corps of Engineers, SUBJECT: Proposed Dakota Access Pipeline Crossing at Lake Oahe, North Dakota (undated but appears to be December 2016), gives pointers into the regulatory scheme that will govern the review process.

Organizations opposing DAPL are mentioned, some even quoted, but for further contact, as least per CNN, you are on your own.

Let’s cure that lack:

To be fair, CNN also omitted contact details for supporters of DAPL as well: Sen. Heidi Heitkamp (D, North Dakota) and Sen. Joe Manchin (D, West Virginia).

To become a participant on this important issue, follow the Army Corps of Engineers page, contribute to and/or participate in organizations opposing DAPL, reason with supporters of DAPL, reason with shareholders of banks invested in DAPL, etc. All of which requires basic information to enable your participation.

Conclusion

New reports should enable readers to participate in the important issues of the day.

Even with the Executive Order, the game of review within government is still on. You can participate and/or support other organizations that are participating in that process.

Compare my account to that of CNN.

Which one do you think better enables your participation?

January 25, 2017

Lowering the Bar for Leakers

Filed under: Cybersecurity,Journalism,News,Reporting,Security — Patrick Durusau @ 3:09 pm

Leaking and leakers were in the news in the waning days of the Obama administration. Chelsa Manning, source of the Afghan War Diary, had her 35 year sentence commuted to seven years by President Obama. Edward Snowden, who leaked a wide variety of materials, was discussed as a candidate for a pardon, but none was forthcoming.

The House Intelligence Committee letter urged President Obama to not pardon Snowden. The only truthful statement in the letter, apart from the signatures, appears to be:

America’s intelligence professionals take Mr. Snowden’s disclosures personally.

Why “America’s intelligence professionals” pouting over disclosures of their illegal and ineffectual activities is relevant to pardoning Snowden isn’t clear. In any event, Snowden continues to reside in Russia.

What is clear is that leakers bear the risk of obtaining and leaking material of great public interest. Some of that risk is an artifact of current practices for leaking.

Present Day Leaking Practices

The Intercept has a fair description of current art of leaking:

  • Begin by bringing your personal computer to a Wi-Fi network that isn’t associated with you or your employer, like one at a coffee shop. Download the Tor Browser. (Tor allows you to go online while concealing your IP address from the websites you visit.)
  • You can access our SecureDrop server by going to http://y6xjgkgwj47us5ca.onion/ in the Tor Browser. This is a special kind of URL that only works in Tor. Do NOT type this URL into a non-Tor Browser. It won’t work — and it will leave a record.
  • If that is too complicated, or you don’t wish to engage in back-and-forth communication with us, a perfectly good alternative is to simply send mail to P.O. Box 65679, Washington, D.C., 20035, or to The Intercept, 114 Fifth Avenue, 18th Floor, New York, New York, 10011. Drop it in a mailbox (do not send it from home, work or a post office) with no return address.

Attention Federal Employees: If You See Something, Leak Something

The Intercept never discusses the form, hard copy or digital, of a leak but WikiLeaks:Submissions, reads like a description of a sneakernet.

“Sneakernet” were a primitive and inefficient way to transfer information from one computer to another. With a user carrying a floppy disk from one computer to another, hence “sneakernet.”

Primitive and inefficient qualify as descriptors for leakers obtaining documents in hard copy and/or electronically and transferring them to the news media.

Potential leakers must endanger themselves by copying and smuggling the documents to be leaked, plus do a technical dance to leak them. In a modern networked environment.

In a networked environment is the key.

Leaking in a Networked Environment

No leaking advice is universal and what I am about to describe won’t work, at least not well, for air gapped systems. Leaking by sneakernet remains relevant for some situations.

In a networked environment, consider a potential leaker leaking login credentials? Not necessarily theirs, perhaps the sysadmin credentials written next to the console. Or their office manager’s.

That sort of leaking only requires:

  1. Blank paper with envelope
  2. Addressed to a news media address – no return address
  3. Credentials written on the paper with remote login URL
  4. News media destroys notes after they arrive

The usual cautions, not from your place of business, etc. apply.

Prospective leakers enjoy these advantages from leaking login credentials:

  1. Easy to leak
  2. No copying, physical or digital to attract attention
  3. No smuggling of documents or media past security
  4. No traceability in sea of breaches large and small

The reduction of the technical requirements for leaking, not to mention reducing the risk to the leakers themselves, lowers the bar for leakers and should attract more leaking.

The news media obtains advantages from credential leaking as well:

  1. Enables creation of a library of sources
  2. Enables exploration for other documents
  3. Reduces arbitrary or incomplete nature of leaks
  4. Reduces the opacity reflex, media likely knows the truth already

Credential leaking does alter the risk of leaking from being leaker centric to putting a greater burden on the news media.

Allocation of Risk

The sharing of login credentials maybe a crime under 18 USC 1030 (Computer Fraud & Abuse Act (CFAA)). I say “maybe” a crime because panels of Ninth Circuit Federal Court of Appeals “appear” to have different ideas on password sharing. Ninth Circuit Panel Backs Away From Dangerous Password Sharing Decision—But Creates Even More Confusion About the CFAA

Whether faulty reasoning spreads from the Ninth Circuit or not, it remains clear that avoiding copying, smuggling, etc., as with credential leaking, poses a reduced risk to leakers.

On the other hand, under the provisions of 18 USC 1030 (Computer Fraud & Abuse Act (CFAA)), the risk to any reporter or news media organization that makes use of leaked credentials, the risk is elevated.

Elevated to federal felony level risk.

That may seem like a poor trade for the news media, but consider that the New York Times has stables of internal counsel, not to mention external counsel and financial resources that aren’t available to the average leaker.

Moreover, the New York Times has access to highly competent computer experts who can “leak” data to its reporters via secure means, enabling reporters to truthfully testify as to the origin of leaked materials used in their stories.

Unlike current leaking practices, where the leaker takes all the risks, considerable risks, credential leaking allocates the leak and risk to those best able to accomplish it with a margin of safety.

Along with that reallocation of risk, comes the potential to greatly democratize the practice of leaking.

Democratizing Leaking

How effective are postings like Attention Federal Employees: If You See Something, Leak Something?

The Bureau of Labor Statistics estimates the number of potential leakers by employment category as of December 2016 (my characterization, not theirs):

  • Accounting 1,015,800
  • Financial Activities 8,359,000
  • Government 22,565,000
  • Legal Services 1,131,900
  • Oil and Gas 173,300
  • Real Estate 2,147,400

(Table B-1. Employees on nonfarm payrolls by industry sector and selected industry detail)

Not a complete listing of the categories. I selected those where scandals and/or scandalous materials are most often found.

By my count, 35,392,400 potential leakers.

Compare The Intercept‘s long treatment with on the masthead of Times-with-a-Spine (fictitous newspaper):

Leakers (see A-2)

On page A-2:

If you are going to leak:

  1. Write login credentials (not your own), login URL, on paper
  2. Mail to (news address) – no return address
  3. We destroy all leaked credentials upon receipt

Push an ad with the same content into daily shoppers, free/community newspapers, websites, etc. Perhaps even Amazon ads keyed to people with .gov and .mil email addresses.

How news organizations will use leaked credentials I cannot say. In order to protect leakers, however, any credential leaks should be destroyed upon determination they are credential leaks. (Complete burning with paper of similar origins into a fine ash, sifting and secure burial for starters.)

Happy leaking!

January 21, 2017

Global Muckraking: Investigative Journalism and Global Media – Starts February 8, 2017

Filed under: Journalism,News,Reporting — Patrick Durusau @ 11:49 am

Global Muckraking: Investigative Journalism and Global Media by Anya Schiffrin. (Free Columbia University MOOC)

From the webpage:

About this course

Using examples of investigative and crusading journalism from Asia, Africa, Latin America and Europe, this course will help you understand how raising public awareness can create political and social change.

This course is a fast-paced introduction to global muckraking, past and present, and includes penetrating interviews with historians and investigative journalists.

Join us to discover the vital role that journalism has played in fighting injustice and wrongdoing over the last 100 years and delve into the current trends reshaping investigative reporting in the digital age.

What you’ll learn

  • How journalists can act as government and corporate watchdogs
  • The hard and soft pressures on investigative journalism
  • Stories of prominent reporters uncovering injustice from the late 19th century to today
  • Trends in media innovation

American Exceptionalism is mainstream in US journalism.

Consider the first line of this course description:

Using examples of investigative and crusading journalism from Asia, Africa, Latin America and Europe, ….

What? No mention of the class-based corruption, which is preferred by American policy makers over the “corrupt” quid-pro-quo corruption of other countries?

No mention of quid-pro-quo corruption in the US, which resulted in four of the last seven governors of Illinois going to jail. (As of 2012. It hasn’t been long enough to convict another governor of Illinois. Question of when, not if.)

Journalists in foreign countries deserve all the support they can be given.

At the same time, “injustice and wrongdoing” aren’t limited to “over there.”

Anyone who chooses to look, will see injustice and wrongdoing much closer to home.

That said, a history of investigative and crusading journalism may inspire you to take up the banner.

Enjoy!

« Newer PostsOlder Posts »

Powered by WordPress