Archive for the ‘News’ Category

Data Hoarding Journalists and Information Security

Tuesday, November 14th, 2017

A Study of Technology in Newsrooms

From the post:

We face a global media landscape rife with both uncertainty and excitement. The need to understand this new digital era — and what it means for journalists — has never been more urgent. That’s why we at the International Center for Journalists (ICFJ) launched the first-ever global survey on the adoption of new technologies in news media.

More than 2,700 newsroom managers and journalists, from 130 countries, responded to our survey, which was conducted in 12 languages. Storyful, Google News Lab and SurveyMonkey supported the research. ICFJ worked with Georgetown University’s Communication, Culture, and Technology (CCT) program to administer and analyze the survey, conducted using SurveyMonkey.

One highlight from the report:

Perhaps data hoarding journalists aren’t as secure as they imagine.

Considering they are hoarding stolen data for their own benefit, what would be their complaint if the data was liberated from them?

I’ve heard the “we act in the public interest” argument but unless and until the public can compare the data to their reports, it’s hard to judge such claims.

Notice I said “the public” and not me. There are entire areas of no interest to me or in which I lack the skills to judge the evidence. Interests and skills possessed by other members of the public.

I’m not interested in access to hoarded information until everyone has access to the same information. To exclude anyone from access is to put them at a disadvantage in any ensuing discussion. I’m not willing to go there. Are you?

Human Trafficking Resources (@gijn)

Tuesday, November 14th, 2017

The Global Investigative Journalism Network, @gijn, has created three guide for investigative reporters covering human trafficking:

  1. Human Trafficking Resources: Data.
  2. Human Trafficking Resources: Stories.
  3. Human Trafficking Resources: Best Practices in Reporting.

It’s a tough subject this close to the holidays but the victims of human traffickers don’t enjoy holidays, 365 days out of the year.

What I missed in “Best Practices” was mention of the use of data science to combat human trafficking.

On that score, a starter set of three resources:

Data science can help us fight human trafficking by Renata Konrad and Andrew C. Trapp.

Combating Human Trafficking Using Data Science (Booz Allen whitepaper)

How Data Analytics Is Helping to Fight Human Trafficking by Alex Woodie.

It’s unlikely that human traffickers are more cyber secure than your average corporation or government agency, so there is a role for hackers to breach information systems used by human traffickers.

If you have resources on human trafficking to suggest, contact @gijn.

New Maltese Investigative News Website – Security Suggestions

Friday, November 10th, 2017

Three Experienced Maltese Journalists Open Investigative News Website by Tim Diacono.

From the post:


“The vile execution of journalist Daphne Caruana Galizia is a wakeup call for civic action, to stop the greed and the rot and to assert the power of the pen over the might of criminals who want us to remain silent as they pile up their profits,” the journalists wrote in their first editorial. “It was nothing short of a declaration of war on our serenity and freedom to stand up to be counted.”

“We have come together to create The Shift months ago thinking that there could not have been a better time for a nonpartisan voice with a clear agenda for good governance, which speaks its truth to power respectfully but firmly, keeping a distance from economic and partisan agendas. We never could have anticipated that our country would descend into this nightmare,” they added.

“We have decided to take the plunge now because we also want to contribute to the civic awakening which followed the brutal elimination of a journalist who spoke her truths to power. We do not seek to step in Daphne Caruana Galizia’s shoes and our style and approach is very different. But we promise to honour the best part of her legacy, that of being a thorn in the side… of whoever is in power.”

To the extent The Shift can be “…a thorn in the side… of whoever is in power,” I’m all for it.

On the other hand, the organizers of The Shift should consider working with an umbrella organization that provides basic security.

The Shift organizers should retain their independence but among the more glaring flaws of their current site:

  1. http:// instead of https://
  2. No PGP key for encrypted email
  3. No secure drop box for leaks
  4. No advice on secure contacts
  5. Contact form requires name and email?
  6. … others I’m sure…

The Global Investigative Journalism Network (GIJN) maintains a great list of Digital Security resources.

Even if someone else in your organization is tasked with digital security, have a nodding acquaintance with the GIJN resources and revisit them on a regular basis.

Don’t be a passive consumer of security services.

Passive consumers of security services are also known as “victims.”

Open Ownership Project

Thursday, November 9th, 2017

Open Ownership Project

From about page:

OpenOwnership is driven by a steering group composed of leading transparency NGOs, including Global Witness, Open Contracting Partnership, Web Foundation, Transparency International, the ONE Campaign, and the B Team, as well as OpenCorporates.

OpenOwnership’s central goal is to build an open Global Beneficial Ownership Register, which will serve as an authoritative source of data about who owns companies, for the benefit of all. This data will be global and linked across jurisdictions, industries, and linkable to other datasets too.

Alongside the register, OpenOwnership is developing a universal and open data standard for beneficial ownership, providing a solid conceptual and practical foundation for collecting and publishing beneficial ownership data.

I first visited the Open Ownership Project site following two (of four) posts on verifying beneficial ownership.

What we really mean when we talk about verification (Part 1 of 4) by Zosia Sztykowski and Chris Taggart.

From the post:

This is the first of a series of blog posts in which we will discuss the critical but tricky issue of verification, particularly with respect to beneficial ownership.

‘Verification’ is frequently said to be a critical step in generating high-quality beneficial ownership information. What’s less clear is what is actually meant by verification, and what are the key factors in the process. In fact, verification is not one step, but three:

  1. Ensuring that the person making a statement about beneficial ownership is who they say they are, and that they have the right to make the claim (authentication and authorization);

  2. Ensuring that the data submitted is a legitimate possible value (validation);

  3. Verifying that the statement made is actually true (which we will call truth verification).

Another critical factor is whether these processes are done on individual filings, typically hand-written pieces of paper, or their PDF equivalents, or whole datasets of beneficial ownership data. While verification processes are possible on individual filings, this series will show that that public, digital, structured beneficial ownership data adds an additional layer of verification not possible with traditional filings.

Understanding precisely how verification takes place in the lifecycle of a beneficial ownership datum is an important step in knowing what beneficial ownership data can tell us about the world. Each of the stages above will be covered in more detail in this series, but let’s linger on the final one for a moment.

What we really mean when we talk about verification: Authentication & authorization (Part 2 of 4)

In the first post in this series on the principles of verification, particularly relating to beneficial ownership, we explained why there is no guarantee that any piece of beneficial ownership data is the absolute truth.

The data collected is still valuable, however, providing it is made available publicly as open data, as it exposes lies and half-truths to public scrutiny, raising red flags that indicate potential criminal or unethical activity.

We discussed a three-step process of verification:

  1. Ensuring that the person making a statement about beneficial ownership is who they say they are (authentication), and that they have the right to make the claim (authorization);

  2. Ensuring that the data submitted is a legitimate possible value (validation);

  3. Verifying that the statement made is actually true (which we will call truth verification).

In this blog post, we will discuss the first of these, focusing on how to tell who is actually making the claims, and whether they are authorized to do so.

When authentication and authorization have been done, you can approach the information with more confidence. Without them, you may have little better than anonymous statements. Critically, with them, you can also increase the risks for those who wish to hide their true identities and the nature of their control of companies.

Parts 3 and 4 are forthcoming (as of 9 November 2017).

A beta version of the Beneficial Ownership Data Standard (BODS) was released last April (2017). A general overview appeared in June, 2017: Introducing the Beneficial Ownership Data Standard.

Identity issues are rife in ownership data so when planning your volunteer activity for 2018, keep the Open Ownership project in mind.

The Great Wall of Journalistic Secrecy – Paradise Papers

Wednesday, November 8th, 2017

At time mark 21:20, you learn the International Consortium of Investigative Journalists (ICIJ) is absolutely committed to being The Great Wall of Journalistic Secrecy between you and the Paradise Papers.

Even secrecy-before-effectiveness agencies of the U.S. government, the CIA, the FBI and the NSA, among others, pay more lip service to the idea of transparency than the ICIJ.

The ICIJ claim its secrecy protects the privacy of some while its members profit from violating the privacy of others, sounds more like the current US president than a credible news organization.

What were the conditions under which the ICIJ was entrusted with this leak? How are the interests of the leaker advanced by the ICIJ’s handling of this leak? Those are are only two questions the public will never have answered if the ICIJ has any say in the matter. Numerous others will occur to you.

Perhaps the ICIJ should have some preliminary period of exclusive access to the leaked materials, say 3 years from the first published report based on the leaked materials. But thirty-six months is more than long enough for the public to wait to confirm for itself the claims and stories published by ICIJ members.

If transparency is important for government, it is even more important for watchdogs of government.

Scoop Mainstream Media on “… 6 Russian Government Officials Involved In DNC Hack”

Friday, November 3rd, 2017

You have read US Identifies 6 Russian Government Officials Involved In DNC Hack or similar coverage on Russian “interference” with the 2016 presidential election.

Here’s your opportunity to scoop mainstream media on the identities of the “…6 Russian Government Officials Involved In DNC Hack.”

Resources to use:

Russian Political Directory 2017

The Russian Political Directory is the definitive guide to people in power throughout Russia. All the top decision-makers are included in this one-volume publication, which details hundreds of government ministries, departments, agencies, corporations and their connected bodies. The Directory is a trusted resource for studies and research in all matters of Russian government, politics and civil society activities. Government organization entries contain the names and titles of officials, postal and e-mail addresses, telephone, fax numbers plus an overview of their main activities.

Truly comprehensive in scope, and listing all federal and regional government ministries, departments, agencies, corporations and their connected bodies, this directory provides a uniquely comprehensive view of government activity.

For playing “…guess a possible defendant…,” $200 is a bit pricey but opening to a random page is a more principled approach than you will see from the Justice Department in its search for defendants.

If timeliness isn’t an issue, consider the Directory of Soviet Officials: Republic Organizations:

From the preface:

The Directory of Soviet Officials identifies individuals who hold positions in selected party, government, and public organizations of the USSR. It may be used to find the incumbents of given positions within an organization or the positions of given individuals. For some organizations, it serves as a guide to the internal structure of the organization.

This directory dates from 1987 but since Justice only needs Russian sounding names and not physical defendants, consider it a backup source for possible defendants.

For the absolute latest information, at least those listed, consider The Russian Government. The official site for the Russian government and about as dull as any website you are likely to encounter. Sorry, but that’s true.

Last but be no means least, check out Johnson’s Russia List, which is an enormous collection of resources on Russia. It has a 2001 listing of online databases for Russian personalities. It also has a wealth of Russian names for your defendant lottery list.

When Justice does randomly name some defendants, ask yourself and Justice:

  1. What witness statements or documents link this person to the alleged hacking?
  2. What witness statements or documents prove a direct order from Putin to a particular defendant?
  3. What witness statements or documents establish the DNC “hack?” (It may well have been a leak.)
  4. Can you independently verify the witness statements or documents?

Any evidence that cannot be disclosed because of national security considerations should be automatically excluded from your reporting. If you can’t verify it, then it’s not a fact. Right?

Justice won’t have any direct evidence on anyone they name or on Putin. It’s strains the imagination to think Russian security is that bad, assuming any hack took place at all.

No direct evidence means Justice is posturing for reasons best know to it. Don’t be a patsy of Justice, press for direct evidence, dates, documents, witnesses.

Or just randomly select six defendants and see if your random selection matches that of Justice.

New York Times Goes Dark (As in Dark Web)

Friday, October 27th, 2017

The New York Times is Now Available as a Tor Onion Service by Runa Sandvik.

From the post:

Today we are announcing an experiment in secure communication, and launching an alternative way for people to access our site: we are making the nytimes.com website available as a Tor Onion Service.

The New York Times reports on stories all over the world, and our reporting is read by people around the world. Some readers choose to use Tor to access our journalism because they’re technically blocked from accessing our website; or because they worry about local network monitoring; or because they care about online privacy; or simply because that is the method that they prefer.

The Times is dedicated to delivering quality, independent journalism, and our engineering team is committed to making sure that readers can access our journalism securely. This is why we are exploring ways to improve the experience of readers who use Tor to access our website.

One way we can help is to set up nytimes.com as an Onion Service — making our website accessible via a special, secure and hard-to-block VPN-like “tunnel” through the Tor network. The address for our Onion Service is:

https://www.nytimes3xbfgragh.onion/

This onion address is accessible only through the Tor network, using special software such as the Tor Browser. Such tools assure our readers that our website can be reached without monitors or blocks, and they provide additional guarantees that readers are connected securely to our website.

The New York Times (NYT) “going dark,” benefits the Tor project several ways:

  • Increases the legitimacy of Tor
  • Increases the visibility of Tor
  • Lead to more robust Tor relays
  • More support for Tor development
  • Spreading usage of Tor browsers

Time to press other publishers, Wall Street Journal, the Washington Post, ABC, NBC, CBS, the Daily Beast, The Hill, NPR, the LA Times, USA Today, Newsweek, Reuters, the Guardian, to name only a few, for Tor onion services.

Be forewarned, a login to the NYT destroys whatever anonymity you sought by accessing https://www.nytimes3xbfgragh.onion/.

You may be anonymous to your local government, but the NYT is subject to the whims and caprices of the US government. A login to the NYT site, even using Tor, puts your identity and reading habits at risk.

Gender Discrimination and Pew – The Obvious and Fake News

Thursday, October 19th, 2017

Women are more concerned than men about gender discrimination in tech industry by Kim Parker and Cary Funk.

From the post:

Women in the U.S. are substantially more likely than men to say gender discrimination is a major problem in the technology industry, according to a Pew Research Center survey conducted in July and August.

The survey comes amid public debate about underrepresentation and treatment of women – as well as racial and ethnic minorities – in the industry. Critics of Silicon Valley have cited high-profile cases as evidence that the industry has fostered a hostile workplace culture. For their part, tech companies point to their commitment to increasing workforce diversity, even as some employees claim the industry is increasingly hostile to white males.

Was Pew repeating old news?

Well, Vogue: New Study Finds Gender Discrimination in the Tech Industry Is Still Sky-High (2016), Forbes: The Lack Of Diversity In Tech Is A Cultural Issue (2015), Gender Discrimination and Sexism in the Technology Industry (2014), Women Matter (2013), to cite only a few of the literally thousands of studies and surveys, onto which to stack the repetitive Pew report.

Why waste Pew funds to repeat what was commonly known and demonstrated by published research?

One not very generous explanation is the survey provided an opportunity to repeat “fake news.” You know, news that gets repeated so often that you don’t remember its source but it has credibility because you hear it so often?

“Fake news,” is the correct category for:

…even as some employees claim the industry is increasingly hostile to white males.

Repeating that claim in a Pew publication legitimates the equivalent of cries coming from an asylum.

One quick quote from Forbes, hardly a bastion of forward social thinking dispels the “hostile to white male” fantasy, The Lack Of Diversity In Tech Is A Cultural Issue:


It has been a commonly held belief that the gender gap in tech is primarily a pipeline issue; that there are simply not enough girls studying math and science. Recently updated information indicates an equal number of high school girls and boys participating in STEM electives, and at Stanford and Berkeley, 50% of the introductory computer science students are women. That may be the case, but the U.S. Census Bureau reported last year that twice as many men as women with the same qualifications were working in STEM fields.

A USA Today study discloses that top universities graduate black and Hispanic computer science and computer engineering students at twice the rate that leading technology companies hire them. Although these companies state they don’t have a qualified pool of applicants, the evidence does not support that claim.

When 2/3 of the workers in a field are male, it’s strains the imagination to credit claims of “hostility.”

I have no fact based explanation for the reports of “hostility” to white males.

Speculations abound, perhaps they are so obnoxious that even other males can’t stand them? Perhaps they are using “hostility” as a cover for incompetence? Who knows?

What is known is that money is needed to address sexism in the workplace (not repeating the research of others) and fake news such as “hostile to white males” should not be repeated by reputable sources, like Pew.

Fake News, Facts, and Alternative Facts – Danger of Inaccurate News (Spoiler – Trump)

Wednesday, October 18th, 2017

Why Inaccurate News is a Threat by Josh Pasek.

Pasek’s clip is part of the larger Fake News, Facts, and Alternative Facts.

Pasek uses a couple of examples from the 2016 presidential campaign to conclude:


So what we end up with, then, is an environment where we have an ideal news consumer or even a suboptimal news consumer. And what can happen as they get and interact with inaccurate information, is they come to a point where their views and the way that they start voting, making decisions, etc., can be based on something that’s wrong. And that, in turn, can mean that we elect people who aren’t necessarily the candidates that will best enact what people want. That people end up saying that they’re for a particular thing. When, in fact, if they knew more about it, they’d be against it. And those sorts of biases can be hugely pernicious to a democracy that successfully represents what it is that its people want.

Pasek has decided “inaccurate information” resulted in the election of Donald Trump and that’s his proof of the danger of inaccurate news.

If you remember his earlier comments about inference, his case runs like this:

  • There was inaccurate information reported in the media during the 2016 presidential election.
  • Therefore inaccurate information was responsible for the election of Donald Trump.

I don’t doubt inaccurate information was circulating during the 2016 presidential election but it’s a terrifying leap from the presence of inaccurate information crediting a presidential election to that single cause.

Especially without asking inaccurate information as compared to how much accurate information?, how many voters were influenced?, to what degree were influenced voters influenced?, to which candidate were they influenced?, in which states were they influenced?, what other factors impacted voters?, to what degree did other factors influence voters?, etc.

Without much deeper and complex analysis of voters and their voting behavior, claims that inaccurate information was in circulation, while factually true, are akin to saying the sun rose and set on election day, 2016. True but its impact on the election is far from certain.

Fake News, Facts, and Alternative Facts – Claims vs. Deductions

Wednesday, October 18th, 2017

Auto-grading for the first quiz in Fake News, Facts, and Alternative Facts marked my responses as incorrect for:

On the contrary, in a news report, both:

  • “In a survey of Americans, Democrats were more likely than Republicans to believe that September 11th was a government cover-up.”
  • “Scientists have looked for a potential link between vaccinations and autism an cannot find any evidence across multiple epidemiological studies.”

are claims by the person reporting that information.

You have no doubt heard surveys show a majority of Americans favor gun control. Would your opinion about those reports change if you knew the survey asked: “Do you think convicted murderers should be allowed to own guns?” Prohibiting gun ownership by convicted murderers is a form of gun control.

Knowing the questions asked in a survey, how respondents were selected, the method of conducting the survey and a host of other information is necessary before treating any report of a survey as anything other than a claim. You have no way of knowing if a reporter knew any more about the survey than the statement shown in the test. That’s a claim, not “systematically derived evidence … [that] reflects deductive testing using the scientific method.”

The claim about scientists and a link between vaccinations and autism is even weaker. Notice you are given the reporters conclusion about a report by scientists and not the report per se. You have no way to evaluate the reporters claim by examining the article, what “multiple epidemiological studies” were compared, out of a universe of how many other “epidemiological studies,” in which countries, etc.

I don’t doubt the absence of such a connection but “summarizes deductive evidence that was generated to specifically and rigorously evaluate a particular question. It reflects deductive testing using the scientific method” is an attempt to dress the claim by a reporter in the garb of what may or may not be true for the scientific study.

Reporting a scientific study isn’t the same thing as a scientific study. A scientific study can be evaluated, questioned, etc., all things that a bare report, a “claim” in my view, cannot.

Every report of a scientific study should link or give a standard reference to the scientific study. Reports that don’t, I skip and you should as well.

Thinking Critically About “Fake News, Facts, and Alternative Facts” (Coursera)

Tuesday, October 17th, 2017

Fake News, Facts, and Alternative Facts by Will Potter, Josh Pasek, and Brian Weeks.

From “About this course:”

How can you distinguish credible information from “fake news”? Reliable information is at the heart of what makes an effective democracy, yet many people find it harder to differentiate good journalism from propaganda. Increasingly, inaccurate information is shared on Facebook and echoed by a growing number of explicitly partisan news outlets. This becomes more problematic because people have a tendency to accept agreeable messages over challenging claims, even if the former are less objectively credible. In this teach-out, we examine the processes that generate both accurate and inaccurate news stories, and that lead people to believe those stories. We then provide a series of tools that ordinary citizens can use to tell fact from fiction.

To honor the exhortations “use critical thinking,” here are some critical thoughts on course description for “Fake News, Facts, and Alternative Facts.”

How can you distinguish credible information from “fake news”?

The description starts with black and white, normative classifications, one good, “credible information,” and one bad,“fake news.” Information other than being alive or dead is rarely that clear cut. As Tom Petty recently proved, even being dead can be questionable.

You are being emotionally primed to choose “credible information,” as opposed to evaluating information to determine the degree, if any, it should be trusted or used.

Reliable information is at the heart of what makes an effective democracy,

A remarkable claim, often repeated but I have never seen any empirical evidence for that proposition. In critical thinking terms, you would first have to define “reliable information” and “effective democracy.” Then using those definitions, provide empirical evidence to prove that in the absence of “reliable information” democracy is ineffective and with “reliable information” democracy is effective.

It’s an easy claim to make, but in the context of a critical thinking course, isn’t more required than repeating popular cant?

I’ll grant many theories of democracy are predicated upon “reliable information but then those theories also posit equal treatment of all citizens, another popular fiction.

yet many people find it harder to differentiate good journalism from propaganda.

As opposed to when? What is the baseline for when people could more easily “…differentiate good journalism from propaganda…?” Whenever you hear this claim made, press for the study with evidence to prove this point.

You do realize any claiming such a position considers themselves capable of making those distinctions and you are very likely in the class of people who cannot. In traditional terminology, that’s called having a bias. In favor of their judgment as opposed to yours.

Increasingly, inaccurate information is shared on Facebook and echoed by a growing number of explicitly partisan news outlets.

You know the factual objections by this point, what documentation is there for an increase in “inaccurate information” (is that the same as false information?) over when? When was there less inaccurate information. Moreover, when were there fewer “explicitly partisan news outlets?”

By way of example, consider these statements about Jefferson during the presidential election in 1800:


In the election of 1800, ministers spread rumors that Jefferson held worship services at Monticello where he prayed to the “Goddess of Reason” and sacrificed dogs on an altar. Yale University president Timothy Dwight warned that if he became president, “we may see the Bible cast into a bonfire.” Alexander Hamilton asked the governor of New York to take a “legal and constitutional step” to stop the supposed atheist vice president from becoming head of state. Federalists who opposed him called him a “howling atheist,” a “manifest enemy to the religion of Christ,” a “hardened infidel,” and, for good measure, a “French infidel.” As Smith describes it, insults like these were issued forth from hundreds of pulpits in New England and the mid-Atlantic. When Jefferson won the election, many New England Federalists buried their Bibles in their gardens so the new administration would not confiscate and burn them.

It may just be me but it sounds like there was “inaccurate information” and “explicitly partisan news outlets” available during the presidential election of 1800.

When anyone claims there is more “inaccurate information” or “explicitly partisan news outlets,” ask for percentage evidence against some base period.

Surely if they are devoted to “credible/reliable information,” they would not make such statements in the absence of facts to back them up. Yes?

This becomes more problematic because people have a tendency to accept agreeable messages over challenging claims, even if the former are less objectively credible.

People accepting messages they find agreeable is a statement of how people process information. Thinking Fast, Thinking Slow, Kahneman.

The claim goes off the rails with “…even if the former are less objectively credible.”

Where does “…less objectively credible.” come from? It’s a nice sleight of hand but never fall for anyone claiming an “objective” context. It doesn’t, hasn’t and won’t ever exist.

You can make claims from the context of a community of people, scholars, experts, etc., that is every claim originates in shared values and worldview. (See Stanley Fish if you are interested in the objectivity issue.

As with all such claims, the authors have a criteria for “objectively credible” they want you to use in preference to other criteria, suggested by others.

There’s nothing wrong with advocating a particular criteria for judging information, we can all do no more or less. What I object to is cloaking it in the fiction of being beyond a context, to be “objective.” Let us all put forth our criteria and contend for which one should be preferred on an equal footing.

In this teach-out, we examine the processes that generate both accurate and inaccurate news stories, and that lead people to believe those stories. We then provide a series of tools that ordinary citizens can use to tell fact from fiction.

I can almost buy into “accurate” versus “inaccurate” news stories but then I’m promised “tools” to enable me to “…tell fact from fiction.”

Hmmm, but “Who is this class for:” promises:

This course is aimed at anyone who wants to distinguish credible news from “Fake News” by learning to identify biases and become a critical information consumer.

I don’t read “…learning to identify biases…” as being the same thing as “…tools…to tell fact for fiction.”

The latter sounds more like someone is telling me which is fact and fiction? Not the same as being on my own.

I’m enrolling in the course now and will have more comments along the way.

The crucial point here is that “critical thinking” should be universally applied, especially so to discussions of critical thinking.

Fact-Free Reporting on Kaspersky Lab – Stealing NSA Software Tip

Thursday, October 12th, 2017

I tweeted:

@thegrugq Israelis they hacked Kerspersky, saw Russians there, tell NSA, lots of he, they, we say, few facts.

[T]the grugq‏ @thegrugq responded with the best question on the Kaspersky story:

What would count as a fact here? Kaspersky publicised the hack when it happened. Does that count as a fact?

What counts as a fact is central to my claim that thus far, all we have seen is fact-free reporting on the alleged use of Kaspersky Lab software to obtain NSA tools.

Opinions are reported but not facts you could give to an expert like Bruce Schneier ask for an opinion.

What would I think of as “facts” in this case?

What did Israeli intelligence allegedly see when it hacked into Kaspersky Lab?

Not some of the data, not part of the data, but a record of all the data seen upon which they then concluded the Russians were using it to search for NSA software.

To the automatic objection this was a “secret intelligence operation,” let me point out that without that evidence, the NSA and anyone else further down the chain of distribution of the Israeli opinion, were being manipulated by that opinion in the absence of facts.

Just as the NSA wants to foist its opinion on the public, through unnamed sources, without any evidence for the public to form its own opinion based on facts.

The prevention of contrary opinions or avoiding questioning of an opinion, can only be achieved by blocking access to the alleged evidence that “supports” the opinion.

Without any “facts” to speak of, the Department of Homeland Security, is attempting to govern all federal agencies and their use of Kaspersky security software.

Stating the converse, how do you dispute claims made by unnamed sources that say the Israelis saw the Russians using Kaspersky Lab software to look for NSA software?

The obvious answer is that you can’t. There are no facts to check, no data to examine, and that, in my opinion, is intentional.

PS: If you want to steal NSA software, history says the easiest route is to become an NSA contractor. Much simpler than hacking anti-virus software, then using it to identify likely computers, then hacking identified computers. Plus, you paid vacation every year until you are caught. Who can argue with that?

Online Verification Course (First Draft) [Open To Public – January 2018]

Wednesday, October 11th, 2017

First Draft launches its online verification training course

From the post:

Journalists strive to get the story right, but as we are bombarded by far more information than ever before, the tools and skills crucial to telling the whole story are undergoing a profound change. Understanding who took the photo or video, who created the website and why, enables journalists to meet these challenges. Verification training, up until now, has largely been done on the job and as needed. But today, we’re thrilled to announce the launch of our online verification course.

In this course, we teach you the steps involved in verifying the eyewitness media, fabricated websites, visual memes and manipulated videos that emerge on social media. The course is designed so that anyone can take the course from start to finish online, or educators can take elements and integrate into existing classroom teaching. For newsroom training managers, we hope the you can encourage your staff to take the course online, or you can take individual videos and tutorials and use during brown-bag lunches. We provide relevant and topical examples — from events such as Hurricane Irma and the conflict in Syria — to show how these skills and techniques are put into practice.

The course is open only to First Draft partners until January 2018, so consider that as an incentive for your organization to become a First Draft partner!

I haven’t seen the course material but the video introduction:

and the high quality of all other First Draft materials, sets high expectations for the verification course.

Looking forward to a First Draft course on skepticism for journalists, which uses the recent Wall Street Journal repetition of government slanders about Kerspersky Lab, which is subsequently discovered to be: “we (Israel) broke into the Kerpersky house and while robbing the place saw another burglar (Russia) there and they were looking for NSA software, so we alerted the NSA.” How Israel Caught Russian Hackers Scouring the World for U.S. Secrets

Only an editor suffering from nationalism to the point being a mental disorder would publish such a story without independent verification. Could well all be true but when all the sources are known liars, something more is necessary before reporting it as “fact.”

Busting Fake Tweeters

Tuesday, October 10th, 2017

The ultimate guide to bust fake tweeters: A video toolkit in 10 steps by Henk van Ess.

From the post:

Twitter is full of false information. Even Twitter co-founder Ev Williams recognizes that there is a “junk information epidemic going on,” as “[ad-driven platforms] are benefiting from people generating attention at pretty much any cost.”

This video toolkit is intended to help you debunk dubious tweets. It was first developed in research by the Institute for Strategic Dialogue and the Arena Program at the London School of Economics to detect Russian social media influence during the German elections. It was also the basis for a related BuzzFeed article on a Russian bot farm and tweets about the AfD  — the far-right party that will enter the German parliament for the first time.

This is an excellence resource for teaching users skepticism about Twitter accounts.

For your use in creating a personal cheatsheet (read van Ess for the links):

  1. Find the exact minute of birth
  2. Find the first words
  3. Check the followers
  4. Find Twitter users in Facebook
  5. Find suspicious words in tweets
  6. Searching in big data
  7. Connect a made up Twitter handle to a real social media account
  8. Find a social score
  9. How alive is the bot?
  10. When (and how) is your bot tweeting?

Deciding that a Twitter account maybe a legitimate is only the first step in evaluating tweeted content.

The @WSJ account belongs to the Wall Street Journal, but it doesn’t follow their tweets are accurate or even true. Witness their repetition of government rumors about Kerpersky Lab for example. Not one shred of evidence, but WSJ repeats it.

Be skeptical of all Tweets, not just ones attributed to the “enemy of the day.”

OnionShare – Safely Sharing Email Leaks – 394 Days To Mid-terms

Sunday, October 8th, 2017

FiveThirtyEight concludes Clinton’s leaked emails had some impact on the 2016 presidential election, but can’t say how much. How Much Did WikiLeaks Hurt Hillary Clinton?

Had leaked emails been less boring and non-consequential, “smoking gun” sort of emails, their impact could have been substantial.

The lesson being the impact of campaign/candidate/party emails is impossible to judge until they have been leaked. Even then the impact may be uncertain.

“Leaked emails” presumes someone has leaked the emails, which in light of the 2016 presidential election, is a near certainty for the 2018 congressional mid-term elections.

Should you find yourself in possession of leaked emails, you may want a way to share them with others. My preference for public posting without edits or deletions, but not everyone shares my confidence in the public.

One way to share files securely and anonymously with specific people is OnionShare.

From the wiki page:

What is OnionShare?

OnionShare lets you securely and anonymously share files of any size. It works by starting a web server, making it accessible as a Tor onion service, and generating an unguessable URL to access and download the files. It doesn’t require setting up a server on the internet somewhere or using a third party filesharing service. You host the file on your own computer and use a Tor onion service to make it temporarily accessible over the internet. The other user just needs to use Tor Browser to download the file from you.

How to Use

http://asxmi4q6i7pajg2b.onion/egg-cain. This is the secret URL that can be used to download the file you’re sharing.

Send this URL to the person you’re sending the files to. If the files you’re sending aren’t secret, you can use normal means of sending the URL, like by emailing it, or sending it in a Facebook or Twitter private message. If you’re sending secret files then it’s important to send this URL securely.

The person who is receiving the files doesn’t need OnionShare. All they need is to open the URL you send them in Tor Browser to be able to download the file.
(emphasis in original)

Download OnionShare 1.1. Versions are available for Windows, Mac OS X, with instructions for Ubuntu, Fedora and other flavors of Linux.

Caveat: If you are sending a secret URL to leaked emails or other leaked data, use ordinary mail, no return address, standard envelope from a package of them you discard, on the back of a blank counter deposit slip, with letters from a newspaper, taped in the correct order, sent to the intended recipient. (No licking, it leaves trace DNA.)

Those are the obvious security points about delivering a secret URL. Take that as a starting point.

PS: I would never contact the person chosen for sharing about shared emails. They can be verified separate and apart from you as the source. Every additional contact puts you in increased danger of becoming part of a public story. What they don’t know, they can’t tell.

TruthBuzz: Announcing the winners! [Does Fake/False News Spread Differently?]

Wednesday, October 4th, 2017

TruthBuzz: Announcing the winners! by Oren Levine.

From the post:

Caricatures of politicians, time-lapse videos and an app modeled on a classic video game were among the winners of TruthBuzz, the Viral Fact-Checking Challenge.

Organized by the International Center for Journalists (ICFJ) with support from the Craig Newmark Foundation, the TruthBuzz contest aimed to find new ways to help verified facts reach the widest possible audience. The competition sought creative solutions to take fact-checking beyond long-form explanations and bullet points.

The goal of the contest was to “…make the truth go viral…,” which the winners did with style.

Except no distinction is offered between the spread of fake/false news and “truth.”

Enjoy reading about the winners but then ask yourself:

Could these same techniques be used to spread fake/false news?

My answer is yes.

What’s yours?

PS: My answer to why fake/false news spreads unchecked? There are fewer ad dollars in corrections than headline stories. You?

BuzzFeed News Animates Jewish Folktale

Tuesday, October 3rd, 2017

Zahra Hirji and Lam Thuy Vo team up in Here’s Why Debunking Viral Climate Myths Is Almost Impossible, In One Animated Chart to animate a Jewish folktale, A Pillow Full of Feathers (as retold by Shoshannah Brombacher).

In the folktale, a businessman repeats all the gossip he hears, enjoying the attention it brings. One day his repeating of gossip brings real harm to another. The businessman asks his rabbi what he can do to undo his deed. At the direction of the rabbi, he cuts into a feather pillow, which scatters feathers all over the room, some fly out the window, etc. Now the rabbi commands him to recover every feather that came from the pillow.

The businessman protests it is impossible to recover all the feathers and the rabbi points out the same is true for undoing his gossip. He can’t ever reach everyone who heard his gossip. (Brombacher’s retelling is much better than mine so see his version. Please.)

Hirji and Vo are concerned with a story published on February 4 (2017) and admitted to be false on September 16 (2017). They write:

When a British newspaper published an exposé in February alleging proof that US government scientists had used flawed data to show recent global warming and rushed to publish their research to sway the Paris climate talks, conservative media was lit.

“The latest example of misinformation from the left comes directly from the federal government,” SarahPalin.com said about the article, published in Britain’s Mail on Sunday. It was a “bombshell,” according to the climate skeptic blog Watts Up With That, and “explosive,” according to The Federalist Papers Project. “BUSTED: NOAA Lied About Climate Change Data to Manipulate World Leaders,” blared the website Louder with Crowder.

The story centered on a two-year-old Science study showing that the rise in global temperatures had not recently stalled, as previous data had suggested. The Science paper had repeatedly been attacked by climate skeptics, including House Science Committee chair Lamar Smith (R-Tex.). After the Mail on Sunday’s piece, Smith demanded, for at least the sixth time, that the National Oceanic and Atmospheric Administration turn over its correspondence about the Science data.

Now, some seven months later, the Mail on Sunday has begrudgingly admitted its story was wrong. But will this update change anyone’s minds?

That seems unlikely, based on a BuzzFeed News review of how widely the article was shared across social media compared to early attempts to debunk it.

Hirji and Vo have a great visualization of the rapid spread of Daily Mail story by the Internet. BTW, they reach the same conclusion as the businessman and the rabbi on undoing fake news once it spreads.

Pillow Full of Feathers differs from this account of the spread of a climate myth in the following exchange:


When the nice man with the nasty problem heard from the rabbi how devastated his colleague was, he felt truly sorry. He honestly had not considered it such a big deal to tell this story, because it was true; the rabbi could check it out if he wanted. The rabbi sighed.

True, not true, that really makes no difference! You just cannot tell stories about people. This is all lashon hara, slander, and it’s like murder—you kill a person’s reputation.” He said a lot more, and the man who started the rumor now felt really bad and sorry. “What can I do to make it undone?” he sobbed. “I will do anything you say!”
… (emphasis added)

It’s popular to talk about the spread of false or mis-leading news, but the mechanisms for spreading true and false news are the same.

The emphasis on false or mis-leading news has a hidden assumption that we have correctly identified false or mis-leading news.

That’s certainly not my presumption when I hear the management at Facebook, Twitter, Google or any of the other common suspects discussing false or mis-leading news.

What about you?

Female Journalists Fight Online Harrassment [An Anti-Censorship Response]

Saturday, September 30th, 2017

(Before you tweet, pro or con, I take everything Ricchiari reports as true and harassment of women as an issue that must be addressed.)

Female Journalists Fight Online Harrassment by Sherry Ricchiardi.

From the post:

Online tormentors have called Swedish broadcaster Alexandra Pascalidou a “dirty whore,” a “Greek parasite” (a reference to her ethnic heritage), a “stupid psycho,” “ugly liar” and “biased hater.” They have threatened her with gang rape and sexual torture in hideous detail.

But Pascalidou has chosen to fight back by speaking out publicly, as often as she can, against the online harassment faced by female journalists. In November 2016, she testified before a European commission about the impact of gender-based trolling. “(The perpetrators’) goal is our silence,” she told the commission. “It’s censorship hidden behind the veil of freedom of speech. Their freedom becomes our prison.”

In April 2017, Pascalidou appeared on a panel at the International Journalism Festival in Italy, discussing how to handle sexist attacks online. She described the vitriol and threats as “low-intense, constant warfare.”

“Some say switch it off, it’s just online,” she told The Sydney Morning Herald. “It doesn’t count. But it does count, and it’s having a real impact on our lives. Hate hurts. And it often fuels action IRL (in real life).”

Other media watchdogs have taken notice. International News Safety Institute director Hannah Storm has called online harassment “the scourge of the moment in our profession” and a “major threat to the safety and security of women journalists.”

“When women journalists are the target, online harassment quickly descends into sexualized hate or threats more often than with men,” she added. “Women are more likely to be subjected to graphic sexual and physical violence.”

You will be hard pressed to find a more radical supporter of free speech than myself. I don’t accept the need for censorship of any content, for any reason, by any public or private entity.

Having said that, users should be enabled to robustly filter speech they encounter, so as to avoid harassment, threats, etc. But they are filtering their information streams and not mine. There’s a difference.

Online harassment is consistent with the treatment of women IRL (in real life). Cultural details will vary but the all encompassing abuse described in Woman at point zero by Nawāl Saʻdāwī can be found in any culture.

The big answer is to change the treatment of women in society, which in turn will reduce online harassment. But big answers don’t provide relief to women who are suffering online now. Ricchiardi lists a number of medium answers, the success of which will vary from one newsroom to another.

I have a small answer that isn’t seeking a global, boil-the-ocean answer.

Follow female journalists on Twitter and other social media. Don’t be silent in the face of public harassment.

You can consider one or more of the journalists from Leading women journalists – A public list by Ellie Van Houtte.

Personally I’m looking for local or not-yet-leading female journalists to follow. A different perspective on the news than my usual feed plus an opportunity to be supportive in a hostile environment.

Being supportive requires no censorship and supplies aid where it is needed the most.

Yes?

@niccdias and @cward1e on Mis- and Dis-information [Additional Questions]

Friday, September 29th, 2017

10 questions to ask before covering mis- and dis-information by Nic Dias and Claire Wardle.

From the post:

Can silence be the best response to mis- and dis-information?

First Draft has been asking ourselves this question since the French election, when we had to make difficult decisions about what information to publicly debunk for CrossCheck. We became worried that – in cases where rumours, misleading articles or fabricated visuals were confined to niche communities – addressing the content might actually help to spread it farther.

As Alice Marwick and Rebecca Lewis noted in their 2017 report, Media Manipulation and Disinformation Online, “[F]or manipulators, it doesn’t matter if the media is reporting on a story in order to debunk or dismiss it; the important thing is getting it covered in the first place.” Buzzfeed’s Ryan Broderick seemed to confirm our concerns when, on the weekend of the #MacronLeaks trend, he tweeted that 4channers were celebrating news stories about the leaks as a “form of engagement.”

We have since faced the same challenges in the UK and German elections. Our work convinced us that journalists, fact-checkers and civil society urgently need to discuss when, how and why we report on examples of mis- and dis-information and the automated campaigns often used to promote them. Of particular importance is defining a “tipping point” at which mis- and dis-information becomes beneficial to address. We offer 10 questions below to spark such a discussion.

Before that, though, it’s worth briefly mentioning the other ways that coverage can go wrong. Many research studies examine how corrections can be counterproductive by ingraining falsehoods in memory or making them more familiar. Ultimately, the impact of a correction depends on complex interactions between factors like subject, format and audience ideology.

Reports of disinformation campaigns, amplified through the use of bots and cyborgs, can also be problematic. Experiments suggest that conspiracy-like stories can inspire feelings of powerlessness and lead people to report lower likelihoods to engage politically. Moreover, descriptions of how bots and cyborgs were found give their operators the opportunity to change strategies and better evade detection. In a month awash with revelations about Russia’s involvement in the US election, it’s more important than ever to discuss the implications of reporting on these kinds of activities.

Following the French election, First Draft has switched from the public-facing model of CrossCheck to a model where we primarily distribute our findings via email to newsroom subscribers. Our election teams now focus on stories that are predicted (by NewsWhip’s “Predicted Interactions” algorithm) to be shared widely. We also commissioned research on the effectiveness of the CrossCheck debunks and are awaiting its results to evaluate our methods.

The ten questions (see the post) should provoke useful discussions in newsrooms around the world.

I have three additional questions that round Nic Dias and Claire Wardle‘s list to a baker’s dozen:

  1. How do you define mis- or dis-information?
  2. How do you evaluate information to classify it as mis- or dis-information?
  3. Are your evaluations of specific information as mis- or dis-information public?

Defining dis- or mis-information

The standard definitions (Merriam Webster) for:

disinformation: false information deliberately and often covertly spread (as by the planting of rumors) in order to influence public opinion or obscure the truth

misinformation: incorrect or misleading information

would find nodding agreement from Al Jazeera and the CIA, to the European Union and Recep Tayyip Erdoğan.

However, what is or is not disinformation or misinformation would vary from one of those parties to another.

Before reaching the ten questions of Nic Dias and Claire Wardle, define what you mean by disinformation or misinformation. Hopefully with numerous examples, especially ones that are close to the boundaries of your definitions.

Otherwise, all your readers know is that on the basis of some definition of disinformation/misinformation known only to you, information has been determined to be untrustworthy.

Documenting your process to classify as dis- or mis-information

Assuming you do arrive at a common definition of misinformation or disinformation, what process do you use to classify information according to those definitions? Ask your editor? That seems like a poor choice but no doubt it happens.

Do you consult and abide by an opinion found on Snopes? Or Politifact? Or FactCheck.org? Do all three have to agree for a judgement of misinformation or disinformation? What about other sources?

What sources do you consider definitive on the question of mis- or disinformation? Do you keep that list updated? How did you choose those sources over others?

Documenting your evaluation of information as dis- or mis-information

Having a process for evaluating information is great.

But have you followed that process? If challenged, how would you establish the process was followed for a particular piece of information?

Is your documentation office “lore,” or something more substantial?

An online form that captures the information, its source, the check fact source consulted with date, decision and person making the decision would take only seconds to populate. In addition to documenting the decision, you can build up a record of a source’s reliability.

Conclusion

Vagueness makes discussion and condemnation of mis- or dis-information easy to do and difficult to have a process for evaluating information, a common ground for classifying that information, to say nothing of documenting your decision on specific information.

Don’t be the black box of whim and caprice users experience at Twitter, Facebook and Google. You can do better than that.

571 threats to press freedom in first half of 2017 [Hiding the Perpetrators?]

Tuesday, September 26th, 2017

Mapping Media Freedom verifies 571 threats to press freedom in first half of 2017

First Limit on Coverage

When reading this report, which is excellent coverage of assaults on press freedom, bear in mind the following limitation:

Mapping Media Freedom identifies threats, violations and limitations faced by members of the press throughout European Union member states, candidates for entry and neighbouring countries.

You will not read about US-based and other threats to press freedom that fall outside the purview of Mapping Media Freedom.

From the post:

Index on Censorship’s database tracking violations of press freedom recorded 571 verified threats and limitations to media freedom during the first two quarters of 2017.

During the first six months of the year: three journalists were murdered in Russia; 155 media workers were detained or arrested; 78 journalists were assaulted; 188 incidents of intimidation, which includes psychological abuse, sexual harassment, trolling/cyberbullying and defamation, were documented; 91 criminal charges and civil lawsuits were filed; journalists and media outlets were blocked from reporting 91 times; 55 legal measures were passed that could curtail press freedom; and 43 pieces of content were censored or altered.

“The incidents reported to the Mapping Media Freedom in the first half of 2017 tell us that the task of keeping the public informed is becoming much harder and more dangerous for journalists. Even in countries with a tradition of press freedom journalists have been harassed and targeted by actors from across the political spectrum. Governments and law enforcement must redouble efforts to battle impunity and ensure fair treatment of journalists,” Hannah Machlin, Mapping Media Freedom project manager, said.

This is a study of threats, violations and limitations to media freedom throughout Europe as submitted to Index on Censorship’s Mapping Media Freedom platform. It is made up of two reports, one focusing on Q1 2017 and the other on Q2 2017.

You can obtain the report in PDF format.

Second Limit on Coverage

As I read about incident after incident, following the links, I only see “the prosecutor,” “the police,” “traffic police,” “its publisher,” “the publisher of the channel,” and similar opaque prose.

Surely “the prosecutor” and “the publisher” was known to the person reporting the incident. If that is the case, then why hide the perpetrators? What does that gain for freedom of the press?

Am I missing some unwritten rule that requires members of the press to be perpetual victims?

Exposing the perpetrators to the bright light of public scrutiny, enables local and remote defenders of press freedom to join in defense of the press.

Yes?

Evidence of Government Surveillance in Mexico Continues to Mount [Is This News?]

Monday, September 25th, 2017

Evidence of Government Surveillance in Mexico Continues to Mount by Giovanna Salazar, translated by Omar Ocampo.

From the post:

In early September, further attempts to spy on activists in Mexico were confirmed. The president of Mexicans Against Corruption and Impunity (MCCI), an organization dedicated to investigative journalism, received several SMS messages that were intended to infect his mobile device with malicious software.

According to The New York Times, Claudio X. González Guajardo was threatened with Pegasus, a sophisticated espionage tool or “spyware” sold exclusively to governments that was acquired by the Mexican government in 2014 and 2015, with the alleged intention of combating organized crime. Once installed, Pegasus spyware allows the sender or attacker to access files on the targeted device, such as text messages, emails, passwords, contacts list, calendars, videos and photographs. It even allows the microphone and camera to activate at any time, inadvertently, on the infected device.

Salazar’s careful analysis of the evidence leaves little doubt:

these intrusive technologies are being used to intimidate and silence dissent.

But is this news?

I ask because my starting assumption is that governments buy surveillance technologies to invade the privacy of their citizens. The other reason would be?

You may think some targets merit surveillance, such as drug dealers, corrupt officials, but once you put surveillance tools in the hands of government, all citizens are living in the same goldfish bowl. Whether we are guilty of any crime or not.

The use of surveillance “to intimidate and silence dissent” is as natural to government as corruption.

The saddest part of Salazar’s report is that Pegasus is sold exclusively to governments.

Citizens need a free, open source edition of Pegasus Next Generation with which to spy on governments, businesses, banks, etc.

A way to invite them into the goldfish bowl in which ordinary citizens already live.

The ordinary citizen has no privacy left to lose.

The question is when current spy masters will lose theirs as well?

Behind the First Arab Data Journalists’ Network – Open For Collaborations!

Sunday, September 24th, 2017

Behind the First Arab Data Journalists’ Network

From the post:

When it comes to data journalism in the Middle East, one name stands out. Amr Eleraqi is the data journalist spreading data journalism to the Middle East. In 2012, he launched infotimes.org, the first Arabic website specializing in data journalism in the region. Since then, Eleraqi and his organization have both been nominated for GEN Data Journalism Awards — once in 2015 as an individual, and the second in 2016 for the best data visualization website of the year.

His goal: to introduce Arab journalists to the concept of data visualization as a new tool for storytelling. It worked. As the site grew so did the interest of Arab journalists in the field of data journalism. So he and a team of nine recently launched the first Arab Data Journalists’ Network. Advocacy Assembly spoke with Eleraqi to learn more about the network and how it’s changing the scene for Arab journalists.

The website, Arab Data Journalists’ Network, is available in three languages (Arabic, English, French) and is focused on educational material for Arab journalists in Arabic.

The tweet from @gijn where I saw this says contact @arabdjn or @aeleraqi for collaborations!

Excellent opportunity to expand your news awareness and data journalism contacts.

Leaky Media Paywalls!

Friday, September 22nd, 2017

In paywall age, free content remains king for newspaper sites by Ariel Stulberg.

From the post:

THE MAJORITY OF AMERICA’S largest newspapers continue to employ digital subscription strategies that prioritize traffic, ad revenues, and promotion—despite the ongoing collapse of display ad rates.

Even as they’ve added paying Web subscribers by the hundreds of thousands, daily newspapers have decisively rejected an all-in approach featuring “hard” website paywalls that mimic their print business models. Instead, most are employing either “leaky” paywalls with unlimited “side doors” for non-subscribers or no paywalls at all, according to a CJR analysis of the nation’s 25 most-visited daily newspaper sites.

There was little agreement on a paywall strategy and certainly no consensus solution to the problem of the “ideal” newspaper paywall. The paywalled news sites, 15 in total, diverged widely in the cost of their subscriptions, the number of free articles dispensed, the specific combination of “side door” exceptions employed, and whether they operated via one flagship website or two—one free and one for subscribers.

Despite what seems like widespread optimism about the prospect of digital subscriptions buttressing the industry, a full 10 sites, 40 percent of the outlets we looked at, focused on ad revenue exclusively, eschewing paywalls.

News executives who spoke with CJR expressed confidence in their company’s approach and cited their favorite figures to back it up. But without examining internal data, the best way to gauge whether they were right will be to check back in a few years and see whether each is sticking with their approach. No matter the format, the prospect of news organizations relying on paywalls as primary drivers of revenue still seems remote.
… (emphasis in original)

As you might imagine, Stulberg finds the evidence is mixed on the use of paywalls, non-use of paywalls and leaky paywalls in between. Each approach has some advocates but there’s not enough accessible and representative data to reach any hard conclusions.

Still, the post provides you with a handy list of “leaky paywalls” to enjoy as part of your media experience. Just in time for the weekend as well.

Enjoy!

PS: Drop by the Donate page for the Columbia Journalism Review to support quality writing on journalism.

Self-Censorship and Privilege on the Internet

Thursday, September 14th, 2017

Sloppy U.S. Spies Misused A Covert Network For Personal Shopping — And Other Stories From Internal NSA Documents by Micah Lee, Margot Williams, Talya Cooper.

From the post:

NSA agents successfully targeted “the entire business chain” connecting foreign cafes to the internet, bragged about an “all-out effort” to spy on liberated Iraq, and began systematically trying to break into virtual private networks, according to a set of internal agency news reports dating to the first half of 2005.

British spies, meanwhile, were made to begin providing new details about their informants via a system of “Intelligence Source Descriptors” created in response to intelligence failures in Iraq. Hungary and the Czech Republic pulled closer to the National Security Agency.

And future Intercept backer Pierre Omidyar visited NSA headquarters for an internal conference panel on “human networking” and open-source intelligence.

These stories and more are contained in a batch of 294 articles from SIDtoday, the internal news website of the NSA’s core Signals Intelligence Directorate. The Intercept is publishing the articles in redacted form as part of an ongoing project to release material from the files provided by NSA whistleblower Edward Snowden.

In addition to the aforementioned highlights, summarized in further detail below, the documents show how the NSA greatly expanded a secret eavesdropping partnership with Ethiopia’s draconian security forces in the Horn of Africa, as detailed in an investigation by longtime Intercept contributor Nick Turse. They describe the NSA’s operations at a base in Digby, England, where the agency worked with its British counterpart GCHQ to help direct drones in the Middle East and tap into communications through the Arab Spring uprisings, according to a separate article by Intercept reporter Ryan Gallagher. And they show how the NSA and GCHQ thwarted encryption systems used to protect peer-to-peer file sharing through the apps Kazaa and eDonkey, as explained here by Intercept technologist Micah Lee.

NSA did not comment for this article.

If you are interested in reporting based on redacted versions of twelve year old news (last half of 2005), this is the article for you.

The authors proclaim self-censorship and privilege saying:


The Intercept is publishing the articles in redacted form as part of an ongoing project to release material from the files provided by NSA whistleblower Edward Snowden.

These authors can milk their treasure trove of unredacted SIDreports, giving them an obvious advantage over other journalists.

Not as great an advantage as being white and male but it is a privilege unrelated to merit, one violates any concept of equal access.

Other reporters or members of the public notice connections unseen by the Intercept authors.

We won’t ever know since the Intercept, along with other media outlets, is quick to call foul on the privileges of others while clinging to its own.

PS: The lack of efforts by intelligence agencies to stop the SIDtoday series is silent testimony to its lack of importance. The SIDtoday series is little better than dated office gossip and not a complete (redacted) account of the same.

Meaningful intelligence reporting derails initiatives, operations, exposes criminal excesses with named defendants and holds the intelligence community accountable to the public. Not to be confused with the SIDtoday series and its like.

New Anti-Leak Program (leaked of course)

Wednesday, September 13th, 2017

Trump Administration Launches Broad New Anti-Leak Program by Chris Geidner.

From the post:

The top US national security official has directed government departments and agencies to warn employees across the entire federal government next week about the dangers and consequences of leaking even unclassified information.

The Trump administration has already promised an aggressive crackdown on anyone who leaks classified information. The latest move is a dramatic step that could greatly expand what type of leaks are under scrutiny and who will be scrutinized.

In the memo about leaks that was subsequently obtained by BuzzFeed News, National Security Adviser H.R. McMaster details a request that “every Federal Government department and agency” hold a one-hour training next week on “unauthorized disclosures” — of classified and certain unclassified information.

I’m guessing that since BuzzFeed News got the memo leaked before next week, then this didn’t count as as a leak under the new anti-leak program. Yes?

If “next week” means ending 24 September 2017, then leaks on or after 25 September 2017 count as leaks under the new program.

Journalists should include “leak” in all stories based on leaked information to assist researchers in tracking the rate of leaking under the new anti-leaking program.

Every leak is a step towards transparency and accountability.

Guide to Investigative Web Research (Populating A Topic Map)

Tuesday, September 5th, 2017

Guide to Investigative Web Research

From the webpage:

We’ve just finished working with a partner to create an introductory guide to investigative web research.

As part of our aim to encourage shared, open documentation about the use of technology in social change, we’re publishing it so that other people can use it too.

The guide is designed for researchers, activists and journalists who need to collect online information about people, entities or events and use it for investigative research or advocacy. If you’re tracking corporate ownership, monitoring corruption or mapping political influence, this guide is for you.

Read our guide to investigative web research

It’s designed to be practical and straightforward, pointing you to more detailed resources and giving you the context to decide what tools you might need.

As part of our philosophy of reuse and replication, we publish all our research and guides in the same open format on our Library. The Library aims to help build our collective knowledge of how technology can help activists and organisations. It has guides in Spanish, Portuguese, French, Bahasa and English, is responsive (unlike a PDF), and is designed to let people find and reuse content quickly and easily. Topics range from drones and messaging apps to participatory budgeting – and there are more guides coming soon!

Check out more guides from The Engine Room’s Library

The Library code is available on Github, and all the content is Creative Commons-licensed. We’ll keep you updated whenever new guides are added. If you’d like to chat about investigative web research techniques and how they could help your work, get in touch.

Once you decide to author a topic map, the really hard work comes in populating it with information. At least, if you want information that can be traced to verifiable sources (unlike presidential press releases these days).

The Investigative Web Research guide is a useful starting point, especially if you aren’t a seasoned web user. The more web experience you have, the less useful it will become.

There are a number of links to other resources, which is useful, but collections of links can only take the reader so far.

I had to smile when I read:

A key difference between hacking and web scraping is respect for legitimate legal barriers.

“…[L]egitimate legal barriers” support illegitimate, oppressive, patriarchal and discriminatory regimes, along with more just ones. Consider legal barriers for your own personal safety, but nothing more. Legal barriers are the carriers (in the sense of infection) of privilege in a society. Act accordingly.

GIJN’s Complete Global Guide to Freedom of Information (Attn: Activists/Journalists)

Monday, September 4th, 2017

Unlocking Laws to Set Information Free: GIJN’s New Global Guide by Toby McIntosh.

From the post:

More than 115 countries worldwide have laws that require officials to turn over public records. Of course, even in the countries that have no laws it never hurts to ask. But there’s an advantage to using an access law — variously called freedom of information laws, access to information laws, right to information and right to know laws.

There are many resources for journalists seeking to file records requests in countries with laws governing access to information. To help exploit these legal tools, we’ve lined up GIJN’s Complete Global Guide to Freedom of Information, a resource with three sections:

  • Tips and Tricks: A collection of the best advice on how to use access laws.
  • Inspirational FOI: Ideas of what to ask for and stories about journalists active in using FOI.
  • Global Resources: Country-by-country guidance and links to national resources.

Government information can be obtained by:

  • liberating government information
  • insiders leaking government information
  • “laws governing access to information”

Assuming you place credence in information a government disgorges voluntarily, this is a great resource for activists and journalists around the world.

If you like these resources, be sure to visit/support freedominfo.org.

FCC Supports Malware Distribution!

Thursday, August 31st, 2017

Well, not intentionally.

FCC “apology” shows anything can be posted to agency site using insecure API by Sean Gallagher

Gallagher reports that with an API key (use gmail account) you can post malicious Word documents to the FCC site.

Not formal support for malware distribution but then next best thing.

The FCC has been given notice so this is probably a time limited opportunity.

Don’t despair!

Knowing what to look for, you can begin scanning other government websites for a similar weakness.

Journalist tip: As APIs with this weakness are uncovered, trace them back to the contractors who built them. Then run forward to see who the contractors are afflicting now.

Hacking For Government Transparency

Monday, August 28th, 2017

The 2017 U.S. State and Federal Government Cybersecurity Report by SecurityScorecard lacks details of specific vulnerabilities for identified government units, but paints an encouraging picture for hackers seeking government transparency.

Coverage of the report:


In August 2017, SecurityScorecard leveraged its proprietary platform to analyze and grade the current security postures of 552 local, state, and federal government organizations, each with more than 100 public-facing IP addresses, to determine the strongest and weakest security standards based on security hygiene and security reaction time compared to their peers.

Security Rankings by Industry

Out of eighteen (18) ranked industries, best to worst security, government comes in at a tempting number sixteen (16):

Financial services, with the fifth (5th) best security, is routinely breached, making it curious the government (#16) has any secrets at all.

Why Any Government Has Secrets

Possible reasons any government has secrets:

  • 1. Lack of interest?
  • 2. Lack of effort by the news media?
  • 3. Habituation to press conferences?
  • 4. Habituation to “leaks?”
  • N. Cybersecurity?

You can wait for governments to embarrass themselves (FOIA and its equivalents), wait for leakers to take a risk for your benefit, or, you could take the initiative in obtaining government secrets.

The SecurityScorecard report makes it clear the odds are in your favor. Your call.

58 Newsletters About Journalism

Wednesday, August 23rd, 2017

An incomplete list of newsletters about journalism (Compiled by Joseph Lichterman, Lenfest Institiute for Journalism, joseph@lenfestinstitute.org)

Fifty-eight (58) newsletters as of today.

Some you will recognize, some you won’t.

Anything you see missing?