Archive for January, 2017

Writing Good FOIA Requests

Tuesday, January 31st, 2017

What makes a good FOIA request? We studied 33,000 to find out by By Nicholas Dias, Rashida Kamal and Laurent Bastien.

From the post:

EVERY JOURNALIST HAS IDEAS about what makes a good public records request. But surprisingly few people have actually tried to systematically analyze how requests can be written to improve their chances of success.

To fill this vacuum, we analyzed more than 33,000 Freedom of Information Act requests and identified a few characteristics that were typical of those that were fulfilled.

The requests were made to five federal agencies that publish to FOIAonline.gov: the Environmental Protection Agency, the Department of Commerce, Customs and Border Protection, the Department of the Navy, and the National Archives and Records Administration. All were filed between 2011 and 2016.

We defined success as the receipt of all records requested, as defined by the agency. There was no straightforward relationship between wait time and any of the characteristics we considered, so we factored it out as a measure of success.

For the requests we examined, the full-grant rate across all five agencies was around 23 percent. That’s the same success rate for requests across all federal agencies, according to Max Galka of FOIA Mapper, a project funded by the Knight Foundation that outlines the record systems of federal agencies.

Requesters in our sample typically waited around 142 days, or a little more than four months, to get responses. Less than 39 percent of requests received responses within 28 days, which is the longest amount of time an agency could spend fulfilling a request while still meeting FOIA’s 20-business-day time limit.

That’s a pretty bleak picture. So, how can you improve your chances?
… (emphasis in original)

What? Evidence-based FOIA practices? 😉

After reading this review of FOIA practices, get thee to MuckRock.

MuckRock has advice, tools, community, in short, it is a one-stop FOIA shop.

What FOIA request(s) are you going to file?

Twitter Activist Security

Tuesday, January 31st, 2017

Twitter Activist Security by the grugq.

From the post:

Many people are starting to get politically active in ways they fear might have negative repercussions for their job, career or life. It is important to realise that these fears are real, but that public overt resistance is critical for political legitimacy. This guide hopes to help reduce the personal risks to individuals while empowering their ability to act safely.

I am not an activist, and I almost certainly don’t live in your country. These guidelines are generic with the hope that they will be useful for a larger number of people.

The basic principles of operational security are actually very simple, they’re what we call the three Cs:

  • Cover
  • Concealment
  • Compartmentation

There is more to serious counterintelligence, of course, but keep these three concepts in mind. The two most important concerns will be compartmentation and concealment. In practice this means that you need to separate your resistance Twitter account from your personal life completely.

I won’t quote the details because any omission could be the one that trips you up.

It’s not a short read but if you want to be safe, read Twitter Activist Security at least once a month and see how you stack up against the advice.

The precautions are good ones but I would be asking what “political activism” requires a Twitter account?

Unless you are using the account to stream coded messages, the purpose of such an account is unclear to me.

Not to mention that every account associated with another identity is an opportunity to make a mistake and break cover.

DigitalGlobe – Open Data Program [What About Government Disasters?]

Tuesday, January 31st, 2017

Open Data Program

From the post:

DigitalGlobe is committed to helping everyone See A Better World™ by providing accurate high-resolution satellite imagery to support disaster recovery in the wake of large-scale natural disasters.

We release open imagery for select sudden onset major crisis events, including pre-event imagery, post-event imagery and a crowdsourced damage assessment.

When crises occur, DigitalGlobe is committed to supporting the humanitarian community by providing critical and actionable information to assist response efforts. Associated imagery and crowdsourcing layers are released into the public domain under a Creative Commons 4.0 license, allowing for rapid use and easy integration with existing humanitarian response technologies.

Kudos to DigitalGlobe but what about government disasters?

Governments have spy satellites, image analysis corps and military trained to use multi-faceted data flow.

What of public releases for areas of conflict, Chechnya, West Bank/Gaza/Israel, etc.? To reduce the advantages of government?

That creates demand by government for the same product, plus DigitalGlobe advantages.

“It’s an ill wind that blows no good.”

Executive Orders (Bulk Data From Federal Register)

Tuesday, January 31st, 2017

Executive Orders

From the webpage:

The President of the United States manages the operations of the Executive branch of Government through Executive orders. After the President signs an Executive order, the White House sends it to the Office of the Federal Register (OFR). The OFR numbers each order consecutively as part of a series, and publishes it in the daily Federal Register shortly after receipt.

Executive orders issued since 1994 are available as a single bulk download and as a bulk download by President, or you can browse by President and year from the list below. More details about our APIs and other developer tools can be found on our developer pages.

Don’t ignore the developer pages.

Whether friend or foe of the current regime in Washington, the FederalRegister.gov API enables access to all the regulatory material published in the Federal Register. Use it.

It should be especially useful in light of Presidential Executive Order on Reducing Regulation and Controlling Regulatory Costs, which provides in part:


Sec. 2. Regulatory Cap for Fiscal Year 2017. (a) Unless prohibited by law, whenever an executive department or agency (agency) publicly proposes for notice and comment or otherwise promulgates a new regulation, it shall identify at least two existing regulations to be repealed.

Disclaimer: Any resemblance to an executive order is purely coincidental:

Repulsion On A Galactic Scale (Really Big Data/Visualization)

Tuesday, January 31st, 2017

Newly discovered intergalactic void repels Milky Way by Rol Gal.

From the post:

For decades, astronomers have known that our Milky Way galaxy—along with our companion galaxy, Andromeda—is moving through space at about 1.4 million miles per hour with respect to the expanding universe. Scientists generally assumed that dense regions of the universe, populated with an excess of galaxies, are pulling us in the same way that gravity made Newton’s apple fall toward earth.

In a groundbreaking study published in Nature Astronomy, a team of researchers, including Brent Tully from the University of Hawaiʻi Institute for Astronomy, reports the discovery of a previously unknown, nearly empty region in our extragalactic neighborhood. Largely devoid of galaxies, this void exerts a repelling force, pushing our Local Group of galaxies through space.

Astronomers initially attributed the Milky Way’s motion to the Great Attractor, a region of a half-dozen rich clusters of galaxies 150 million light-years away. Soon after, attention was drawn to a much larger structure called the Shapley Concentration, located 600 million light-years away, in the same direction as the Great Attractor. However, there has been ongoing debate about the relative importance of these two attractors and whether they suffice to explain our motion.

The work appears in the January 30 issue of Nature Astronomy and can be found online here.

Additional images, video, and links to previous related productions can be found at http://irfu.cea.fr/dipolerepeller.

If you are looking for processing/visualization of data on a galactic scale, this work by Yehuda Hoffman, Daniel Pomarède, R. Brent Tully & Hélène M. Courtois, hits the spot!

It is also a reminder that when you look up from your social media device, there is a universe waiting to be explored.

Tracking DAPL Enablers – Barclays Bank PLC

Monday, January 30th, 2017

Continuing my list of co-conspirators financing in part the DAPL pipeline project. Number 3: Barclays Bank PLC.

Emily Fuller gives these contacts for Barclays:

Barclays

Chairman John McFarlane
john.mcfarlane@barclays.com
CEO Jes Staley

Corporate Office:
Barclays Bank PLC
1 Churchill Place
London E14 5HP, United Kingdom
44-20-7116-1000

U.S. Office:
Barclays
745 7th Avenue
New York, NY 10019
212-526-7000

Press Office:
212-526-7000
CorporateCommunicationsAmericas@barclays.com

Starting with Bloomberg’s Company Overview of Barclays Bank PLC, I think we can generate a few more contact points:

Mr. James E. Staley, Chief Executive Officer, Director, Chief Executive Officer of Barclays Plc and Director of Barclays Plc

Mr. Tushar Morzaria, Group Finance Director and Executive Director

Mr. Jonathan Moulds, Group Chief Operating Officer

Ms. Maria D. C. D. N. C. Ramos C.A.I.B, B.Com (Hons), M.Sc., Chief Executive of Barclays Africa

Mr. Ashok V. Vaswani, Chief Executive Officer of Personal and Corporate Banking

I don’t have enough time left today to extract the people and photos from the Our People section of the Barclays site.

I will fix that tomorrow and that will bump the Barclays list into the dozens.

Just an observation for now, but this is the third entity financing Energy Transfer Equity that has no mention of it on its website.

Is it the case that Energy Transfer Equity is too small to register on their corporate dashboards?

If that is the case, then pestering banks directly maybe fun but pestering their customers, who are even more unaware of their banks commercial lending activities, maybe more effective.

Thoughts?

Defeating New York Surveillance (with knitting)

Monday, January 30th, 2017

In Proposal to Reduce Privacy in New York City I pointed out pending plans to add surveillance cameras at seven tunnels and bridges in and out of the city.

I was describing the need to defeat the cameras for personal identity and my wife, a librarian and knitter, said what I was looking for a balaclava. She also said knitting sites, such as Ravelry are full of patterns, etc.

Imagine the chagrin of surveillance camera operators when they encounter:

balaclava-reg-460

Just add sun glasses and you’re set! Total identity concealment!

Don’t get too creative, as a balaclava like this one:

balaclava3-460

is distinctive enough to be recognized a second time and/or found in your apartment or car.

Lastly, there are some people who don’t “get” the idea of a balaclava being for concealment, such as Andrew Salomone, who has preserved his identity with:

balaclava-id-460

Andrew does beautiful work but I’m not inviting him to any op-sec meetings. 😉

Support your local librarians and/or knitters!

Geometry of Redistricting: Summer School (Apply Febuary 15 – March 31, 2017)

Monday, January 30th, 2017

Geometry of Redistricting: Summer School

From the webpage:

A 5-day summer school will be offered at Tufts University from August 7-11, 2017, with the principal purpose of training mathematicians to be expert witnesses for court cases on redistricting and gerrymandering.

Topics covered in the summer school will include:

  • the legal history of the Voting Rights Act and its subsequent renewals, extensions, and clarifications;
  • an explanation of “traditional districting principles,” especially compactness;
  • a course in metric geometry and mathematical ideas for perimeter-free compactness;
  • basic rudiments of GIS and the technical side of how shapefiles work;
  • training on being an expert witness;
  • ideas for incorporating voting and civil rights into mathematics teaching.

Some of the sessions in the summer school will be open to the public, and others will be limited to official participants. Partial funding for participants’ expenses will be available. The summer school is aimed at, but not limited to, people with doctoral training in mathematics. Preference will be given to those who can stay for the full week.

An application form will be posted on this website, and applications will be accepted from February 15 – March 31. Please contact gerrymandr@gmail.com to be added to the mailing list.

If you don’t have doctoral training in mathematics, consider the resources at: Gerrymandering and the shape of fairness, which self-describes as:

This site is devoted to the Metric Geometry and Gerrymandering Group run by Moon Duchin on understanding apportionment, districting, and gerrymandering as problems at the intersection of law, civil rights, and mathematics (particularly metric geometry).

Do you need a reminder the mid-term congressional elections in 2018 aren’t far away?

Enjoy!

Up-Translation and Up-Transformation … [Balisage Rocks!]

Sunday, January 29th, 2017

Up-Translation and Up-Transformation: Tasks, Challenges, and Solutions (a Balisage pre-conference symposium)

When & Where:

Monday July 31, 2017
CAMBRiA Hotel, Rockville, MD USA

Chair: Evan Owens, Cenveo

You need more details than that?

Ok, from the webpage:

Increasing the granularity and/or specificity of markup is an important task in many different content and information workflows. Markup transformations might involve tasks such as high-level structuring, detailed component structuring, or enhancing information by matching or linking to external vocabularies or data. Enhancing markup presents numerous secondary challenges including lack of structure of the inputs or inconsistency of input data down to the level of spelling, punctuation, and vocabulary. Source data for up-translation may be XML, word processing documents, plain text, scanned & OCRed text, or databases; transformation goals may be content suitable for page makeup, search, or repurposing, in XML, JSON, or any other markup language.

The range of approaches to up-transformation is as varied as the variety of specifics of the input and required outputs. Solutions may combine automated processing with human review or could be 100% software implementations. With the potential for requirements to evolve over time, tools may have to be actively maintained and enhanced.

The presentations in this pre-conference symposium will include goals, challenges, solutions, and workflows for significant XML enhancements, including approaches, tools, and techniques that may potentially be used for a variety of other tasks. The symposium will be of value not only to those facing up-translation and transformation but also to general XML practitioners seeking to get the most out of their data.

If I didn’t know better, up-translation and up-transformation sound suspiciously like conferred properties of topic maps fame.

Well, modulo that conferred properties could be predicated on explicit subject identity and not hidden in the personal knowledge of the author.

There are two categories of up-translation and up-transformation:

  1. Ones that preserve jobs like spaghetti Cobol code, and
  2. Ones that support easy long term maintenance.

While writing your paper for the pre-conference, which category fits yours the best?

Tracking DAPL Enablers – Bank of America Rogues Gallery

Sunday, January 29th, 2017

Continuing my list of co-conspirators financing in part the DAPL pipeline project. Number 2: Bank of America.

I was inspired to find more contacts by Emily Fuller’s How to Contact the 17 Banks Funding the Dakota Access Pipeline, which listed for Bank of America:

Bank of America

President, CEO, and Chairman Brian Moynihan

brian.t.moynihan@bankofamerica.com

Executive Relations, Office of the CEO:
Matthew Task
813-805-4873

Corporate Office:
100 N Tryon Street
Charlotte, NC 28255

(emphasis in original)

Bank of American maintains a rogues gallery of people to contact about its business and lending practices. Complete with photos should you happen to recognize one of them while shopping or in a crosswalk.

From Governance:

Biography Photo Brian Moynihan, Chairman of the Board and Chief Executive Officer, Bank of America Corporation
Biography Photo Jack O. Bovender, Jr., Lead Independent Director, Bank of America Corporation; Former Chairman and Chief Executive Officer, HCA, Inc.
Biography Photo Sharon L. Allen Former Chairman, Deloitte LLP
Biography Photo Susan S. Bies Former Member, Board of Governors of the Federal Reserve System
Biography Photo Frank P. Bramble, Sr. Former Executive Officer, MBNA Corporation
Biography Photo Pierre J. P. de Weck Former Chairman and Global Head of Private Wealth Management, Deutsche Bank AG
Biography Photo Arnold W. Donald President and Chief Executive Officer, Carnival Corporation & plc
Biography Photo Linda P. Hudson Chairman and CEO, The Cardea Group, and former President and CEO, BAE Systems Inc.
Biography Photo Monica C. Lozano Former Chairman, US Hispanic Media Inc.
Biography Photo Thomas J. May Chairman, Eversource Energy
Biography Photo Lionel L. Nowell, III Former Senior Vice President and Treasurer of PepsiCo, Inc.
Biography Photo Michael D. White Former Chairman, President and Chief Executive Officer of DIRECTV
Biography Photo Thomas D. Woods Former Vice Chairman and SEVP, Canadian Imperial Bank of Commerce
Biography Photo R. David Yost Former Chief Executive Officer, AmerisourceBergen Corporation

In addition, the governance page notes:

Persons seeking to communicate with the Board of Directors, any director, non-management members of the Board as a group or any committee of the Board should send a letter to the Corporate Secretary at Bank of America Corporation, 214 N. Tryon St., NC1-027-20-05, Charlotte, NC 28255. The letter should indicate to whom the communication is intended. The Corporate Secretary or the secretary of the designated committee may sort or summarize the communications as appropriate. Communications that are commercial solicitations, customer complaints, incoherent or obscene will not be communicated to the Board or any director or committee of the Board.

Bank of America Executive:

From executive biographies:

Dean Athanasia Dean Athanasia, President of Preferred and Small Business Banking and Co-head of Consumer Banking, Bank of America
Cathy Bessant Catherine P. Bessant, Chief Operations and Technology Officer, Bank of America
Sheri Bronstein Sheri B. Bronstein, Global Human Resources Executive, Bank of America
Paul Donofrio Paul Donofrio, Chief Financial Officer, Bank of America
Anne Finucane Anne M. Finucane, Vice Chairman, Bank of America
Geoffrey Greener Geoffrey S. Greener, Chief Risk Officer, Bank of America
Christine Katziff Christine P. Katziff, Corporate General Auditor, Bank of America
Terry Laughlin Terry Laughlin, Vice Chairman and Head of Global Wealth and Investment Management, Bank of America
David Leitch David G. Leitch, Global General Counsel, Bank of America
Gary Lynch Gary G. Lynch, Vice Chairman, Bank of America
Tom Montag Thomas K. Montag, Chief Operating Officer, Bank of America
Thong Nguyen Thong M. Nguyen, President of Retail Banking and Co-head of Consumer Banking, Bank of America
Andrea Smith Andrea B. Smith, Chief Administrative Officer, Bank of America
Bruce Thompson Bruce R. Thompson, Vice Chairman, Bank of America

Searching the Bank of America website, I could find no mention of DAPL or Energy Transfer Equity, etc.

I have a dawning suspicion that the information wasn’t being hidden but that such crimes are so commonplace as to be unremarkable in the Bank of American worldview. More on that in a separate post.

Proposal to Reduce Privacy in New York City

Sunday, January 29th, 2017

Memo: New York Called For Face Recognition Cameras At Bridges, Tunnels by Kevin Collier.

From the post:

The state of New York has privately asked surveillance companies to pitch a vast camera system that would scan and identify people who drive in and out of New York City, according to a December memo obtained by Vocativ.

The call for private companies to submit plans is part of Governor Andrew Cuomo’s major infrastructure package, which he introduced in October. Though much of the related proposals would be indisputably welcome to most New Yorkers — renovating airports and improving public transportation — a little-noticed detail included installing cameras to “test emerging facial recognition software and equipment.”

The proposed system would be massive, the memo reads:

The Authority is interested in implementing a Facial Detection System, in a free-flow highway environment, where vehicle movement is unimpeded at highway speeds as well as bumper-to-bumper traffic, and license plate images are taken and matched to occupants of the vehicles (via license plate number) with Facial Detection and Recognition methods from a gantry-based or road-side monitoring location.

All seven of the MTA’s bridges and both its tunnels are named in the proposal.

NYCbridgesTunnels-460

Proposals only at this point but take this as fair warning.

Follow both Kevin Collier and Vocativ as plans by the State of New York to eliminate privacy for its citizens develop.

Counter-measures

One counter measure to license plate readers is marketed under the name PhotoMaskCover.

PhotoMaskCover-460

Caution: I have never used the PhotoMaskCover product and have no relationship with its manufacturer. It claims to work. Evaluate as you would any other product from an unknown vendor.

For the facial recognition cameras, I was reminded that a hoodie and sunglasses are an easy and non-suspicious way to avoid such cameras.

For known MTA facial recognition cameras, wear a deep cowl that casts a complete shadow on your facial features. (Assuming you can drive safely with the loss of peripheral vision.)

As the number of deep cowls increase in MTA images, authorities will obsess more and more over the “unidentifieds,” spending their resources less and less effectively.

Defeating surveillance increases everyone’s freedom.

Tracking DAPL Enablers – ABN Amro Capital USA LLC.

Saturday, January 28th, 2017

The Energy Trasfer Equity SEC 8-K filing lists the following co-conspirators who are financing, in part, the DAPL pipeline project:

  • ABN Amro Capital USA LLC.
  • Bank of America, N.A.
  • Barclays Bank PLC
  • The Bank of Tokyo Mitsubishi UFJ, Ltd.
  • BNP Paribas
  • Citibank, N.A.
  • Compass Bank
  • Credit Agricole Corporate and Investment Bank
  • Credit Suisse AG, Cayman Islands Branch
  • Deutsche Bank AG New York Branch
  • DNB Bank ASA, Grand Cayman Branch
  • Goldman Sachs Bank USA
  • HSBC Bank USA, National Association
  • ING Capital LLC
  • Intesa Sanpaolo S.P.A., New York Branch
  • JPMorgan Chase Bank, N.A.
  • Mizuho Bank, Ltd.
  • Morgan Stanley Senior Funding, Inc.
  • Natixis, New York Branch
  • PNC Bank, National Association
  • Royal Bank of Canada
  • The Royal Bank of Scotland PLC
  • Sumitomo Mitsui Banking Corporation
  • SunTrust Bank
  • UBS AG, Stamford Branch
  • Wells Fargo Bank, N.A.

How to Contact the 17 Banks Funding the Dakota Access Pipeline by Emily Fuller provides valuable contact information but much more can be had.

Starting from the top with ABN Amro Capital USA LLC., Bloomberg says (as of 28 January 2017):

ABN Amro Capital USA LLC offers commercial banking services. The company was incorporated in 2009 and is based in New York, New York. ABN Amro Capital USA LLC operates as a subsidiary of ABN AMRO Group N.V.

100 Park Avenue
Floor 17
New York, NY 10017
United States

Founded in 2009

Phone: 212-649-5100
Fax: 917-284-6697

Key Executives For ABN Amro Capital USA LLC

ABN Amro Capital USA LLC does not have any Key Executives recorded.

Turning to ABN AMRO Group N.V., Bloomberg reports in part:

ABN AMRO Group N.V.

January 28, 2017 1:42 PM ETBanks
Company Overview of ABN AMRO Group N.V.
Snapshot

Company Overview

ABN AMRO Group N.V. provides banking products and services for retail, private, and corporate banking customers in the Netherlands and internationally. […] ABN AMRO Group N.V. was incorporated in 2009 and is headquartered in Amsterdam, the Netherlands.

Gustav Mahlerlaan 10
Amsterdam, 1082 PP
Netherlands

Founded in 2009
21,809 Employees

Phone: 31 09 000 024
www.abnamro.com

People:

Key Executives For ABN AMRO Group N.V.

Mr. Kees C. van Dijkhuizen
Chairman of the Managing Board and Chief Executive Officer
(…)

Mr. Johan van Hall
Vice Chairman of the Managing Board and Chief Operating Officer
(…)

Mr. Wietze Reehoorn
Chief Risk Officer and Member of the Managing Board
(…)

Ms. Caroline E. Princen
Executive Officer
(…)

Mr. Chris F. H. H. Vogelzang
Member of the Managing Board
(…)

In addition to the identity of the chief officers of this miscreant, we now know of some 21,089 (as of 2015) employees who may be more environmentally conscious than their masters. Enabling poisoning of water along a 1,172-mile-long pipeline is no small thing.

The ABN AMRO Annual Report 2015 lists the managing board as:

  • Gerrit Zalm (chair)
  • Johan van Hall (vice-chair)
  • Kees van Dijkhuizen
  • Caroline Princen
  • Wietze Reehoorn
  • Chris Vogelzang
  • Joop Wijn

(at page 119)

Member of the supervisory board as:

  • Rik van Slingelandt (chair)
  • Hans de Haan
  • Bert Meerstadt
  • Annemieke Roobeek
  • Rik van Slingelandt
  • Steven ten Have
  • Olga Zoutendijk

(at page 281)

A presentation from May of 2016 reports the election of the following to the supervisory board:

A.C. Dorland

Ms F.J. Leeflang

J.S.T. Tiemstra

A presentation from August of 2016 reports Olga Zoutendijk is Chairman of the Supervisory Board and the appointment of: Mr. Jurgen Stegmann to the supervisory board.

The present composition of either board isn’t entirely clear from records on the company website but current member or no, the individuals listed no doubt have useful information/insight to share about the company.

For general contact purposes, the company website offers:

If you have questions about ABN AMRO Group’s financials, business activities, capital, funding, credit ratings or related issues, please contact our Investor Relations team.

E-mail investorrelations@nl.abnamro.com

Phone: +31 20 628 22 82

Dies Donker

Head of Investor Relations

+31 (0)20 383 05 17

Ruud Jaegers

Deputy Head of Investor Relations

+31 (0)20 383 58 36

Niels Farragher

Investor Relations

+31 (0)20 343 49 82

Anton Groenevelt

Investor Relations

+31 (0)20 628 25 86

Annedien Heilbron

Investor Relations

+31 (0)20 383 72 44

Jan-Willem Stokhuyzen

Investor Relations Analyst

+31 (0)20 343 94 88

Geeta Ramkhelawan

Secretary

+31 (0)20 383 32 35

Suggestions improving upon this starting point:

First, the company website claims a presence in Asia, Australia, Europe, North American and South American so you should have little difficulty finding one or more of those 21,089 employees (as of 2015) who can impact ABN Amro’s participation in this environmental outrage.

Second, I have kept copies of the various corporate documents should the links to resumes fall prey to link rot or other mishaps. Those may be useful in identifying specific individuals.

Third, this surface examination of ABN Amro and those of the other listed enablers to follow, are a prelude to exploring the recursive question: Who owns the enablers?

This Is Easy Leaking?

Friday, January 27th, 2017

How easy is it to securely leak information to some of America’s top news organizations? This easy by Laura Hazard Owen.

Laura’s “easy” process has six steps that involve you installing software on your computer (detectable), storing files to be leaked on the same computer (detectable), saving your acknowledgement from the recipient of your leak (detectable).

Although she cautions you to not use a work computer for installing Tor, good advice, but in leak investigations, all computers are generally seized.

In Lowering the Bar for Leakers I suggest leakers and news media should follow this protocol for leaks:

  1. Write login credentials (not your own), login URL, on paper
  2. Mail to (news address) – no return address
  3. News Media: Destroys all leaked credentials upon receipt

A leaker’s part reduces to two steps and it reduces their risk from copying/smuggling documents.

Which one do you think is “easier??

To Laura’s credit, she does list ten (10) SecureDrop sites for publishers still following a sneakernet model of leaking.

We live in an insecure and networked environment. Why cling to copy machine and hard copy models of leaking?

The Critical Thinking Skills Cheatsheet [Infographic and Wookbook]

Friday, January 27th, 2017

The Critical Thinking Skills Cheatsheet [Infographic] by Lee Watanabe-Crockett.

From the post:

Critical thinking skills truly matter in learning. Why? Because they are life skills we use every day of our lives. Everything from our work to our recreational pursuits, and all that’s in between, employs these unique and valuable abilities. Consciously developing them takes thought-provoking discussion and equally thought-provoking questions to get it going. Begin right here with the Critical Thinking Skills Cheatsheet.

It’s a simple infographic offering questions that work to develop critical thinking on any given topic. Whenever your students discover or talk about new information, encourage them to use these questions for sparking debate and the sharing of opinions and insights among each other. Together they can work at building critical thinking skills in a collaborative and supportive atmosphere.
… (emphasis in original)

The infographic, also available as a color 11 x 17 pdf file, is too large to display here but I can give you the flavor of it:

Who

… benefits from this?
… is this harmful to?
… makes decisions about this?
… is most directly affected?
… have you also heard discuss this?
… would be the best person to consult?
… will be the key people in this?
… deserves recognition for this?

What, Where, When, Why and How have similar expansions.

See also The Critical Thinking Workbook from Global Digital Citizen.

Specific domains may benefit from altered or additional prompts but this a great starting place!

State Legislatures For Bloggers and Reporters (Do You Enable Readers or Troll for Donations?)

Friday, January 27th, 2017

The Law Librarians of Congress produce a number of remarkable legal resources for use by member of Congress and the general public.

While not new, their State Legislatures Websites was new to me and merits mentioning.

Presented both as a map image and a more traditional table listing, the webpage offers a curated set of links to state legislatures.

If that doesn’t sound important, consider my comparison of nearly linkless reporting in Actionable Reporting – An Example with my expanded account that included links to pending (or expired) legislation, along with links to the authors of news worthy legislation.

Vague, hand-waving reports of some bill somewhere are good for fund raising but they don’t enable your readers to take effective action.

That’s your call, enabling your readers or trolling for donations.

Bookmark State Legislatures Websites or if you need it fairly often, copy the table into a local page of legal resources for quick reference.

You’re the fact-checker now [Wineberg/McGrew Trafficking In Myths]

Friday, January 27th, 2017

You’re the fact-checker now

From the post:

No matter what media stream you depend on for news, you know that news has changed in the past few years. There’s a lot more of it, and it’s getting harder to tell what’s true, what’s biased, and what may be outright deceptive. While the bastions of journalism still employ editors and fact-checkers to screen information for you, if you’re getting your news and assessing information from less venerable sources, it’s up to you to determine what’s credible.

“We are talking about the basic duties of informed citizenship,” says Sam Wineburg, Margaret Jacks Professor of Education.

Wineburg and Sarah McGrew, a doctoral candidate in education, tested the ability of thousands of students ranging from middle school to college to evaluate the reliability of online news. What they found was discouraging: even social media-savvy students at elite universities were woefully unskilled at determining whether or not information came from reliable, unbiased sources.

Winburg and McGrew arrived at the crisis of “biased” news decades, if not centuries too late.

Manufacturing Consent: The Political Economy of the Mass Media by Edward S. Herman and Noam Chomsky, published in 2002, traces the willing complicity of the press in any number of fictions that served the interests of the government and others.

There is a documentary by Mark Achbar and Peter Wintonick about Noam Chomsky and Manufacturing Consent. Total run time is: 2 hours, 40 minutes and 24 seconds. I read the book, did not watch the video. But if you prefer video:

Herman and Chomsky don’t report some of the earlier examples of biased news.

Egyptian accounts of the Battle of Kadesh claim a decisive victory in 1274 or 1273 BCE over the Hittites, accounts long accepted as the literal truth. More recent research treats the Egyptian claims as akin to US claims to winning the war on terrorism.

Winning wars makes good press but no intelligent person takes such claims uncritically.

For the exact details, consider:

The Road to Kadesh: A Historical Interpretation of the Battle Reliefs of King Sety I at Karnak

and, “The Battle of Kadesh: A Debate between the Egyptian and Hittite Perspectives:”

Or as another example of biased reporting, consider the text of You’re the fact-checker now.

From the post:

“Accurate information is an absolutely essential ingredient to civic health,” says Wineburg.

Ok, so what do you make of the lack of evidence for:

…it’s getting harder to tell what’s true, what’s biased, and what may be outright deceptive[?]

I grant there’s a common myth of a time when it was easier to tell “what’s true, what’s biased and what may be outright deceptive.” But the existence of a common myth doesn’t equate to factual truth.

An article exhorting readers to become fact-checkers that is premised on a myth, in Wineburg’s own words, has a “shaky foundation.”

Sources have always been biased and some calculated to deceive, from those that reported total Egyptian victory at Kadesh to more recent examples by Herman and Chomsky.

Careful readers treat all sources as suspect, especially those not considered suspect by others.


Semi-careful readers may object that I have cited no evidence for:

…it’s getting harder to tell what’s true, what’s biased, and what may be outright deceptive.

being a myth.

“Myth” in this context is a rhetorical flourish to describe the lack of evidence presented by Winburg and McGrew for that proposition.

To establish such a claim, the alleged current inability of students to discern between trustworthy and untrustworthy sources requires:

  1. A baseline of what is true, biased, deceptive for time period X.
  2. Test of students (or others) for discernment of truth/bias/deception in reports during period X.
  3. A baseline of what is true, biased, deceptive for time period Y.
  4. Proof the baselines for periods X and Y are in fact comparable.
  5. Proof the tests and their results are comparable for periods X and Y.
  6. Test of students (or others) for discernment of truth/bias/deception in reports during period Y.
  7. Evaluation of the difference (if any) between the results of tests for periods X and Y.

at a minimum. I have only captured the major steps that come to mind. No doubt readers can supply others that I have overlooked.

Absent such research, analysis and proofs, that can be replicated by others, Wineberg and McGrew are trafficking in common prejudice and nothing more.

Such trafficking is useful for funding purposes but it doesn’t advance the discussion of training readers in critical evaluation of sources.

Contacting Bank Owners – Funding DAPL

Thursday, January 26th, 2017

Yesterday I posted a useful list of banks funding DAPL, Contacting the 17 Banks Funding the Dakota Access Pipeline, created by Emily Fuller.

Emily points out some banks are dodging public comment on their investments.

Banks are toadies for their owners and if you can persuade their owners, the banks will dance another tune.

Discovering the owners of banks, human owners, isn’t a straight forward task.

Tables adapted from MorningStar provide a starting place, show the ownership of Wells Fargo (#1 on Emily’s list) by institutions and funds, as:

Institutions

Name Shares Held % Total
Shares Held
Berkshire Hathaway Inc 479,704,270 9.55
Vanguard Group Inc 293,529,151 5.84
BlackRock Fund Advisors 159,579,472 3.18
State Street Corp 144,304,075 2.87
Fidelity Management and Research Company 114,390,616 2.28
Wellington Management Company LLP 105,287,458 2.10
Columbia Insurance Company 74,533,819 1.46
Capital World Investors 87,714,669 1.75
J.P. Morgan Investment Management Inc 71,187,640 1.42
National Fire & Marine Insurance Co 55,776,330 1.10
Dodge & Cox 67,255,750 1.34
Northern Trust Investments N A 60,080,126 1.20
State Street Global Advisors (Aus) Ltd 50,252,360 1.00
State Farm Mutual Automobile Ins Co 55,039,014 1.10
MFS Investment Management KK 49,919,843 0.99
Geode Capital Management, LLC 39,689,832 0.79
Government Pension Fund of Norway – Global 38,048,678 0.72
Barrow Hanley Mewhinney & Strauss LLC 37,011,768 0.74
T. Rowe Price Associates, Inc. 31,739,499 0.63
TIAA-CREF Investment Management LLC 27,710,384 0.55

Funds

Name Shares Held % Total
Shares Held
Vanguard Total Stock Mkt Idx 95,774,705 1.91
Vanguard 500 Index Inv 66,073,771 1.32
SPDR® S&P 500 ETF 50,880,290 1.01
Vanguard Institutional Index I 49,389,580 0.98
Fidelity® Contrafund® 48,971,538 0.98
Dodge & Cox Stock 43,253,341 0.86
Financial Select Sector SPDR® ETF 34,990,492 0.69
Vanguard Wellington™ Inv 34,242,007 0.68
VA CollegeAmerica WA Mutual 529B 26,217,100 0.52
MFS Value A 25,832,081 0.51
Fidelity Spartan® 500 Index Inv 25,067,450 0.50
VA CollegeAmerica Amercn Bal 529E 23,103,000 0.46
VA CollegeAmerica Inc Fund of Amer 529E 21,980,915 0.44
Vanguard Value Index Inv 21,264,834 0.42
Franklin Income A 20,000,000 0.40
CREF Stock R1 20,598,209 0.41
Vanguard Windsor™ II Inv 20,343,696 0.40
iShares Russell 1000 Value 14,316,510 0.28
Vanguard High Dividend Yield ETF 13,351,361 0.27
Parnassus Core Equity Investor 13,218,831 0.26

If these ownership tables look like, appear to be, the sort of relationship information that can be captured by a graph, topic map, etc., you are right in one!

Moreover, the ownership information of other funding banks, such as SunTrust Banks Inc., shows a number of institutions and funds in common.

Meaning that if we pierce the corporate veil and get the names of people, as officers, board of directors, shareholders, etc. those will be valid for one or more of the other funding banks for DAPL as well.

A graph of human owners for a bank, will intersect and overlay other ownership graphs for other banks, enabling activists to focus on persuading the most influential human owners.

Discussion of identifiers for the owners you see listed in this post coming tomorrow!

PS: Consider this a continuation of: Refining The Dakota Access Pipeline Target List. I got distracted by a number of things. Sorry!

Twistance – “Rogue” Twitter Accounts – US Federal Science Agencies

Thursday, January 26th, 2017

Alice Stollmeyer has put together Twistance:

Twitter + resistance = #Twistance. “Rogue” Twitter accounts from US federal science agencies.

As of 26 January 2017, 44 members and 5,133 subscribers.

A long overdue step towards free speech for government employees and voters making decisions on what is known inside the federal government.

Caution:

A claim to be an “alternative” account may or may not be true. As with the official accounts, evaluate factual claims for yourself. Use good security practices when communicating with unknown accounts. (Some of the account names are very close in spelling but are separate accounts.)

  • Alt Hi Volcanoes NP The Unofficial “Resistance” team of Hawaii Volcanoes National Park. Not taxpayer funded.
  • Alt HHS Unofficial and unaffiliated resistance account by concerned scientists for humanity.
  • The Alt NPS and EPA Real news regarding the NPS, EPA, climate science and environmentalism
  • Alt Science Raising awareness of climate change and other threats posed by science denial. Not affiliated with the US gov. #Resist
  • Alternative CDC Unofficial unaffiliated resistance account by concerned scientists for humanity.
  • Alternative HeHo A parody account for the Herbert Hoover National Historic Site
  • Alternative NIH Unofficial group of science advocates. Stand up for science, rights, equality, social justice, & ultimately, for the health of humanity.
  • Alternative NOAA The Unofficial “Resistance” team of the NOAA. Account not tax payer subsidized. We study the oceans, and the atmosphere to understand our planet. #MASA
  • AltBadlandsNatPark You’ll never shut us down, Drumpf!
  • Alt-Badlands NPS Bigly fake #badlandsnationalpark. ‘Sad!’ – Donald J Trump. #badlands #climate #science #datarefuge #resist #resistance
  • AltEPA He can take our official Twitter but he’ll never take our FREEDOM. UNOFFICIALLY resisting.
  • altEPA The Unofficial “Resistance” team of U.S. Environmental Protection Agency. Not taxpayer subsidised! Environmental conditions may vary from alternative facts.
  • AltFDA Uncensored FDA
  • AltGlacierNPS The unofficial Twitter site for Glacier National Park of Science Fact.
  • AltHot Springs NP The Resistance Account of America’s First Resort and Preserve. Account Run By Friends of HSNP.
  • AltLassenVolcanicNP The Unofficial “Resistance” team. Within peaceful mountain forests you will find hissing fumaroles and boiling mud pots and people ready to fight for science.
  • AltMountRainierNPS Unofficial “Resistance” Team from the Mount Rainier National Park Service. Protecting what’s important..
  • AltNASA The unofficial #resist team of the National Aeronautics and Space Administration.
  • AltOlympicNPS Unofficial resistance team of the Olympic National Park. protecting what’s important and fighting fascism with science.
  • AltRockyNPS Unofficial account that is being held for people associated with RMNP. DM if you might be interested in it.
  • AltUSARC USARC’s main duties are to develop an integrated national Arctic research policy and to assist in establishing an Arctic research plan to implement it.
  • AltUSDA Resisting the censorship of facts and science. Truth wins in the end.
  • AltUSForestService The unofficial, and unsanctioned, “Resistance” team for the U.S. Forest Service. Not an official Forest Service account, not publicly funded, citizen run.
  • AltUSFWS The Alt U.S. Fish Wildlife Service (AltUSFWS) is dedicated to the conservation, protection and enhancement of fish, wildlife and plants and their habitats
  • AltUSFWSRefuge The Alt U.S. Fish Wildlife Service (AltUSFWSRefuge) is dedicated to the conservation, protection and enhancement of fish, wildlife and plants and their habitats
  • ALTUSNatParkSer The Unofficial team of U.S. National Park Service. Not taxpayer subsidised! Come for rugged scenery, fossil beds, 89 million acres of landscape
  • AltUSNatParkService The Unofficial #Resistance team of U.S. National Park Service. Not taxpayer subsidised! Come for rugged scenery, facts & 89 million acres of landscape #climate
  • AltNWS The Unofficial Resistance team of U.S. National Weather Service. Not taxpayer subsidized! Come for non-partisan science-based weather, water, and climate info.
  • AltYellowstoneNatPar We are a group of employees and scientists in Yellowstone national park. We are here to continue providing the public with important information
  • AltYosemiteNPS “Unofficial” Resistance Team. Reporting facts & protecting what’s important!
  • Angry National Park Preserving the ecological and historical integrity of National Parks while also making them available and accessible for public use and enjoyment dammit all.
  • BadHombreLands NPS Unofficial feed of Badlands NP. Protecting rugged scenery, fossil beds, 244,000 acres of mixed-grass prairie & wildlife from two-bit cheetoh-hued despots.
  • BadlandsNPSFans Shmofficial fake feed of South Dakota’s Badlands National Park (Great Again™ Edition) Account not run by park employees, current or former, so leave them alone.
  • GlacierNPS The alternative Twitter site for Glacier National Park.
  • March for Science Planning a March for Science. Date TBD. We’ll let you know when official merchandise is out to cover march costs.
  • NOAA (uncensored)
  • Resistance_NASA We are a #Resist sect of the National Aeronautics and Space Administration.
  • Rogue NASA The unofficial “Resistance” team of NASA. Not an official NASA account. Not managed by gov’t employees. Come for the facts, stay for the snark.
  • NatlParksUnderground We post the information Donald Trump censors #FindYourPark #NPS100
  • NWS Podunk We’re the third wheel of forecast offices. We still use WSR-57. Winner of Biggest Polygon at the county fair. Not an actual NWS office…but we should be.
  • Rogue NOAA Research on our climate, oceans, and marine resources should be subject to peer [not political] review. *Not an official NOAA account*
  • Stuff EPA Would Say We post info that Donald Trump censors. We report what the U.S. Environmental Protection Agency would say. Chime in w/ #StuffEPAWouldSay
  • U.S. EPA – Ungagged Ungagged news, links, tips, and conversation that the U.S. Environmental Protection Agency is unable to tell you. Not directly affiliated with @EPA.
  • U.S. Science Service Uncensored & unofficial tweets re: the science happening at the @EPA, @USDA, @NatParkService, @NASA, @NOAA etc. #ClimateChangeIsReal #DefendScience

Superficial Reporting on Executive Orders and DAPL

Thursday, January 26th, 2017

Trump advances controversial oil pipelines with executive action by Athena Jones, Jeremy Diamond and Gregory Krieg, CNN, starts with these breathless paragraphs:

President Donald Trump on Tuesday signed executive actions to advance approval of the Keystone XL and Dakota Access oil pipelines.

The decision to advance the pipelines cast aside efforts by President Barack Obama’s administration to block construction of the two pipelines, while making good on one of Trump’s campaign promises.

The CNN reporters must have read some presidential action other than: Presidential Memorandum Regarding Construction of the Dakota Access Pipeline. CNN links to the memorandum but never quote from it.

Here’s the relevant language from the memorandum:


Sec. 2. Directives. (a) Pipeline Approval Review. The Secretary of the Army shall instruct the Assistant Secretary of the Army for Civil Works and the U.S. Army Corps of Engineers (USACE), including the Commanding General and Chief of Engineers, to take all actions necessary and appropriate to:

(i) review and approve in an expedited manner, to the extent permitted by law and as warranted, and with such conditions as are necessary or appropriate, requests for approvals to construct and operate the DAPL, including easements or rights-of-way to cross Federal areas under section 28 of the Mineral Leasing Act, as amended, 30 U.S.C. 185; permits or approvals under section 404 of the Clean Water Act, 33 U.S.C. 1344; permits or approvals under section 14 of the Rivers and Harbors Act, 33 U.S.C. 408; and such other Federal approvals as may be necessary;

(ii) consider, to the extent permitted by law and as warranted, whether to rescind or modify the memorandum by the Assistant Secretary of the Army for Civil Works dated December 4, 2016 (Proposed Dakota Access Pipeline Crossing at Lake Oahe, North Dakota), and whether to withdraw the Notice of Intent to Prepare an Environmental Impact Statement in Connection with Dakota Access, LLC’s Request for an Easement to Cross Lake Oahe, North Dakota, dated January 18, 2017, and published at 82 Fed. Reg. 5543;

(iii) consider, to the extent permitted by law and as warranted, prior reviews and determinations, including the Environmental Assessment issued in July of 2016 for the DAPL, as satisfying all applicable requirements of the National Environmental Policy Act, as amended, 42 U.S.C. 4321 et seq., and any other provision of law that requires executive agency consultation or review (including the consultation or review required under section 7(a) of the Endangered Species Act of 1973, 16 U.S.C. 1536(a));

(iv) review and grant, to the extent permitted by law and as warranted, requests for waivers of notice periods arising from or related to USACE real estate policies and regulations; and

(v) issue, to the extent permitted by law and as warranted, any approved easements or rights-of-way immediately after notice is provided to the Congress pursuant to section 28(w) of the Mineral Leasing Act, as amended, 30 U.S.C. 185(w).

Do you see a

cast[ing] aside efforts by President Barack Obama’s administration to block construction of the two pipelines

?

That’s the President’s intent but read the discretionary language present:


(i) review and approve in an expedited manner, to the extent permitted by law and as warranted, and with such conditions as are necessary or appropriate, … ;

(ii) consider, to the extent permitted by law and as warranted, whether to rescind or modify the memorandum … ;

(iii) consider, to the extent permitted by law and as warranted, prior reviews and determinations, including the Environmental Assessment issued in July of 2016 for the DAPL, … ;

(iv) review and grant, to the extent permitted by law and as warranted, … ; and

(v) issue, to the extent permitted by law and as warranted, ….

Setting aside Obama administration actions if after,

consider, to the extent permitted by law and as warranted, whether to rescind or modify the memorandum (Sec. 2, (ii))

That’s a long way from “…cast[ing] aside….”

Who Exercises That Discretion?

Three entities are named to exercise discretion over the DAPL permits:

but only the Army Corps of Engineers was named by CNN and then without a link for further details.

Beyond Hand Wringing Over The Executive Order On DAPL

Starting with the U.S. Army Corps of Engineers (USACE), note they maintain a webpage devoted entirely to DAPL and the current status of their review. Helpfully, the USACE includes a phone number for anyone to call about the project, (202) 761-8700.

Assistant Secretary of the Army for Civil Works Jo-Ellen Darcy’s MEMORANDUM FOR Commander, U.S. Army Corps of Engineers, SUBJECT: Proposed Dakota Access Pipeline Crossing at Lake Oahe, North Dakota (undated but appears to be December 2016), gives pointers into the regulatory scheme that will govern the review process.

Organizations opposing DAPL are mentioned, some even quoted, but for further contact, as least per CNN, you are on your own.

Let’s cure that lack:

To be fair, CNN also omitted contact details for supporters of DAPL as well: Sen. Heidi Heitkamp (D, North Dakota) and Sen. Joe Manchin (D, West Virginia).

To become a participant on this important issue, follow the Army Corps of Engineers page, contribute to and/or participate in organizations opposing DAPL, reason with supporters of DAPL, reason with shareholders of banks invested in DAPL, etc. All of which requires basic information to enable your participation.

Conclusion

New reports should enable readers to participate in the important issues of the day.

Even with the Executive Order, the game of review within government is still on. You can participate and/or support other organizations that are participating in that process.

Compare my account to that of CNN.

Which one do you think better enables your participation?

Contacting the 17 Banks Funding the Dakota Access Pipeline [Leaking Anyone?]

Wednesday, January 25th, 2017

How to Contact the 17 Banks Funding the Dakota Access Pipeline by Emily Fuller.

A great article on contacting the banks funding the Dakota Access Pipeline, last updated November 30, 2016, which has this note:

The following bank information has been updated periodically, most recently Nov. 30, 2016. Some banks have disconnected phones and disabled email addresses since the start of the campaign. Contact us with adjustments.
(emphasis in original)

Isn’t that interesting? Banks apparently don’t appreciate public input into their decision making processes.

Management and shareholder lists are naturals for leaking from those 17 banks.

Yes?

Where would you advertise to alert potential leakers such lists are of interest?

Lowering the Bar for Leakers

Wednesday, January 25th, 2017

Leaking and leakers were in the news in the waning days of the Obama administration. Chelsa Manning, source of the Afghan War Diary, had her 35 year sentence commuted to seven years by President Obama. Edward Snowden, who leaked a wide variety of materials, was discussed as a candidate for a pardon, but none was forthcoming.

The House Intelligence Committee letter urged President Obama to not pardon Snowden. The only truthful statement in the letter, apart from the signatures, appears to be:

America’s intelligence professionals take Mr. Snowden’s disclosures personally.

Why “America’s intelligence professionals” pouting over disclosures of their illegal and ineffectual activities is relevant to pardoning Snowden isn’t clear. In any event, Snowden continues to reside in Russia.

What is clear is that leakers bear the risk of obtaining and leaking material of great public interest. Some of that risk is an artifact of current practices for leaking.

Present Day Leaking Practices

The Intercept has a fair description of current art of leaking:

  • Begin by bringing your personal computer to a Wi-Fi network that isn’t associated with you or your employer, like one at a coffee shop. Download the Tor Browser. (Tor allows you to go online while concealing your IP address from the websites you visit.)
  • You can access our SecureDrop server by going to http://y6xjgkgwj47us5ca.onion/ in the Tor Browser. This is a special kind of URL that only works in Tor. Do NOT type this URL into a non-Tor Browser. It won’t work — and it will leave a record.
  • If that is too complicated, or you don’t wish to engage in back-and-forth communication with us, a perfectly good alternative is to simply send mail to P.O. Box 65679, Washington, D.C., 20035, or to The Intercept, 114 Fifth Avenue, 18th Floor, New York, New York, 10011. Drop it in a mailbox (do not send it from home, work or a post office) with no return address.

Attention Federal Employees: If You See Something, Leak Something

The Intercept never discusses the form, hard copy or digital, of a leak but WikiLeaks:Submissions, reads like a description of a sneakernet.

“Sneakernet” were a primitive and inefficient way to transfer information from one computer to another. With a user carrying a floppy disk from one computer to another, hence “sneakernet.”

Primitive and inefficient qualify as descriptors for leakers obtaining documents in hard copy and/or electronically and transferring them to the news media.

Potential leakers must endanger themselves by copying and smuggling the documents to be leaked, plus do a technical dance to leak them. In a modern networked environment.

In a networked environment is the key.

Leaking in a Networked Environment

No leaking advice is universal and what I am about to describe won’t work, at least not well, for air gapped systems. Leaking by sneakernet remains relevant for some situations.

In a networked environment, consider a potential leaker leaking login credentials? Not necessarily theirs, perhaps the sysadmin credentials written next to the console. Or their office manager’s.

That sort of leaking only requires:

  1. Blank paper with envelope
  2. Addressed to a news media address – no return address
  3. Credentials written on the paper with remote login URL
  4. News media destroys notes after they arrive

The usual cautions, not from your place of business, etc. apply.

Prospective leakers enjoy these advantages from leaking login credentials:

  1. Easy to leak
  2. No copying, physical or digital to attract attention
  3. No smuggling of documents or media past security
  4. No traceability in sea of breaches large and small

The reduction of the technical requirements for leaking, not to mention reducing the risk to the leakers themselves, lowers the bar for leakers and should attract more leaking.

The news media obtains advantages from credential leaking as well:

  1. Enables creation of a library of sources
  2. Enables exploration for other documents
  3. Reduces arbitrary or incomplete nature of leaks
  4. Reduces the opacity reflex, media likely knows the truth already

Credential leaking does alter the risk of leaking from being leaker centric to putting a greater burden on the news media.

Allocation of Risk

The sharing of login credentials maybe a crime under 18 USC 1030 (Computer Fraud & Abuse Act (CFAA)). I say “maybe” a crime because panels of Ninth Circuit Federal Court of Appeals “appear” to have different ideas on password sharing. Ninth Circuit Panel Backs Away From Dangerous Password Sharing Decision—But Creates Even More Confusion About the CFAA

Whether faulty reasoning spreads from the Ninth Circuit or not, it remains clear that avoiding copying, smuggling, etc., as with credential leaking, poses a reduced risk to leakers.

On the other hand, under the provisions of 18 USC 1030 (Computer Fraud & Abuse Act (CFAA)), the risk to any reporter or news media organization that makes use of leaked credentials, the risk is elevated.

Elevated to federal felony level risk.

That may seem like a poor trade for the news media, but consider that the New York Times has stables of internal counsel, not to mention external counsel and financial resources that aren’t available to the average leaker.

Moreover, the New York Times has access to highly competent computer experts who can “leak” data to its reporters via secure means, enabling reporters to truthfully testify as to the origin of leaked materials used in their stories.

Unlike current leaking practices, where the leaker takes all the risks, considerable risks, credential leaking allocates the leak and risk to those best able to accomplish it with a margin of safety.

Along with that reallocation of risk, comes the potential to greatly democratize the practice of leaking.

Democratizing Leaking

How effective are postings like Attention Federal Employees: If You See Something, Leak Something?

The Bureau of Labor Statistics estimates the number of potential leakers by employment category as of December 2016 (my characterization, not theirs):

  • Accounting 1,015,800
  • Financial Activities 8,359,000
  • Government 22,565,000
  • Legal Services 1,131,900
  • Oil and Gas 173,300
  • Real Estate 2,147,400

(Table B-1. Employees on nonfarm payrolls by industry sector and selected industry detail)

Not a complete listing of the categories. I selected those where scandals and/or scandalous materials are most often found.

By my count, 35,392,400 potential leakers.

Compare The Intercept‘s long treatment with on the masthead of Times-with-a-Spine (fictitous newspaper):

Leakers (see A-2)

On page A-2:

If you are going to leak:

  1. Write login credentials (not your own), login URL, on paper
  2. Mail to (news address) – no return address
  3. We destroy all leaked credentials upon receipt

Push an ad with the same content into daily shoppers, free/community newspapers, websites, etc. Perhaps even Amazon ads keyed to people with .gov and .mil email addresses.

How news organizations will use leaked credentials I cannot say. In order to protect leakers, however, any credential leaks should be destroyed upon determination they are credential leaks. (Complete burning with paper of similar origins into a fine ash, sifting and secure burial for starters.)

Happy leaking!

A Data Driven Exploration of Kung Fu Films

Tuesday, January 24th, 2017

A Data Driven Exploration of Kung Fu Films by Jim Vallandingham.

From the post:

Recently, I’ve been a bit caught up in old Kung Fu movies. Shorting any technical explorations, I have instead been diving head-first into any and all Netflix accessible martial arts masterpieces from the 70’s and 80’s.

While I’ve definitely been enjoying the films, I realized recently that I had little context for the movies I was watching. I wondered if some films, like our latest favorite, Executioners from Shaolin, could be enjoyed even more, with better understanding of the context in which these films exist in the Kung Fu universe.

So, I began a data driven quest for truth and understanding (or at least a semi-interesting dataset to explore) of all Shaw Brothers Kung Fu movies ever made!

If you’re not familiar with the genre, here is a three-minute final fight collage from YouTube:

When I saw the title, I was hopeful that Jim had captured the choreography of the movies for comparison.

No such luck! 😉

That would be an extremely difficult and labor intensive task.

Just in case you are curious, there is a Dance Notation Bureau with extensive resources should you decide to capture one or more Kung Fu films in notation.

Or try Notation Reloaded: eXtensible Dance Scripting Notation by Matthew Gough.

A search using “xml dance notation” produces a number of interesting resources.

XQuery Update 3.0 – WG Notes

Tuesday, January 24th, 2017

A tweet by Jonathan Robie points out:

XQuery Update Facility 3.0

and

XQuery Update Facility 3.0 Requirements and Use Cases

have been issued as working group notes.

It’s not clear to me why anyone continues to think of data as mutable.

Mutable data was an artifact of limited storage and processing.

Neither of which obtains in a modern computing environment. (Yes, there are edge cases, the Large Hadron Collider for example.)

Still, if your interested, read on!

BaseX 8.6 Is Out!

Tuesday, January 24th, 2017

Email from Christian Grün arrived today with great news!

BaseX 8.6 is out! The new version of our XML database system and XQuery 3.1 processor includes countless improvements and optimizations. Many of them have been triggered by your valuable feedback, many others are the result of BaseX used in productive and commercial environments.

The most prominent new features are:

LOCKING

  • jobs without database access will never be locked
  • read transactions are now favored (adjustable via FAIRLOCK)

RESTXQ

  • file monitoring was improved (adjustable via PARSERESTXQ)
  • authentication was reintroduced (no passwords anymore in web.xml)
  • id session attributes will show up in log data

DBA

  • always accessible, even if job queue is full
  • pagination of table results

INDEXING

  • path index improved: distinct values storage for numeric types

XQUERY

  • aligned with latest version of XQuery 3.1
  • updated functions: map:find, map:merge, fn:sort, array:sort, …
  • enhancements in User, Process, Jobs, REST and Database Module

CSV DATA

  • improved import/export compatibility with Excel data

Visit http://basex.org to find the latest release, and check out http://docs.basex.org/ to get more information. As always, we are looking forward to your feedback. Enjoy!

If one or more of your colleagues goes missing this week, suspect BaseX 8.6 and the new W3C drafts for XQuery are responsible.

😉

XQuery/XSLT Proposals – Comments by 28 February 2017

Tuesday, January 24th, 2017

Proposed Recommendations Published for XQuery WG and XSLT WG.

From the webpage:

The XML Query Working Group and XSLT Working Group have published a Proposed Recommendation for four documents:

  • XQuery and XPath Data Model 3.1: This document defines the XQuery and XPath Data Model 3.1, which is the data model of XML Path Language (XPath) 3.1, XSL Transformations (XSLT) Version 3.0, and XQuery 3.1: An XML Query Language. The XQuery and XPath Data Model 3.1 (henceforth “data model”) serves two purposes. First, it defines the information contained in the input to an XSLT or XQuery processor. Second, it defines all permissible values of expressions in the XSLT, XQuery, and XPath languages.
  • XPath and XQuery Functions and Operators 3.1: The purpose of this document is to catalog the functions and operators required for XPath 3.1, XQuery 3.1, and XSLT 3.0. It defines constructor functions, operators, and functions on the datatypes defined in XML Schema Part 2: Datatypes Second Edition and the datatypes defined in XQuery and XPath Data Model (XDM) 3.1. It also defines functions and operators on nodes and node sequences as defined in the XQuery and XPath Data Model (XDM) 3.1.
  • XML Path Language (XPath) 3.1: XPath 3.1 is an expression language that allows the processing of values conforming to the data model defined in XQuery and XPath Data Model (XDM) 3.1. The name of the language derives from its most distinctive feature, the path expression, which provides a means of hierarchic addressing of the nodes in an XML tree. As well as modeling the tree structure of XML, the data model also includes atomic values, function items, and sequences.
  • XSLT and XQuery Serialization 3.1: This document defines serialization of an instance of the data model as defined in XQuery and XPath Data Model (XDM) 3.1 into a sequence of octets. Serialization is designed to be a component that can be used by other specifications such as XSL Transformations (XSLT) Version 3.0 or XQuery 3.1: An XML Query Language.

Comments are welcome through 28 February 2017.

Get your red pen out!

Unlike political flame wars on social media, comments on these proposed recommendatons could make a useful difference.

Enjoy!

Global Muckraking: Investigative Journalism and Global Media – Starts February 8, 2017

Saturday, January 21st, 2017

Global Muckraking: Investigative Journalism and Global Media by Anya Schiffrin. (Free Columbia University MOOC)

From the webpage:

About this course

Using examples of investigative and crusading journalism from Asia, Africa, Latin America and Europe, this course will help you understand how raising public awareness can create political and social change.

This course is a fast-paced introduction to global muckraking, past and present, and includes penetrating interviews with historians and investigative journalists.

Join us to discover the vital role that journalism has played in fighting injustice and wrongdoing over the last 100 years and delve into the current trends reshaping investigative reporting in the digital age.

What you’ll learn

  • How journalists can act as government and corporate watchdogs
  • The hard and soft pressures on investigative journalism
  • Stories of prominent reporters uncovering injustice from the late 19th century to today
  • Trends in media innovation

American Exceptionalism is mainstream in US journalism.

Consider the first line of this course description:

Using examples of investigative and crusading journalism from Asia, Africa, Latin America and Europe, ….

What? No mention of the class-based corruption, which is preferred by American policy makers over the “corrupt” quid-pro-quo corruption of other countries?

No mention of quid-pro-quo corruption in the US, which resulted in four of the last seven governors of Illinois going to jail. (As of 2012. It hasn’t been long enough to convict another governor of Illinois. Question of when, not if.)

Journalists in foreign countries deserve all the support they can be given.

At the same time, “injustice and wrongdoing” aren’t limited to “over there.”

Anyone who chooses to look, will see injustice and wrongdoing much closer to home.

That said, a history of investigative and crusading journalism may inspire you to take up the banner.

Enjoy!

Actionable Reporting – An Example

Saturday, January 21st, 2017

Republican Lawmakers in Five States Propose Bills to Criminalize Peaceful Protests by Spencer Woodman.

I don’t mind prosy reporting but I should not be forced to recover information that was (or should have been known) to the reporter.

Quick summary of Woodman’s post: Iowa, imagined future law; Michigan, proposal that died last year; Minnesota, two pending bills; North Dakota, one pending bill, Washington, one pending bill. So, three states and not five.

The scattered links aren’t ones to help the reader track the current status of legislation, if it exists. Nor are the authors of these offenses against the common good identified.

Actionable reporting appends links to prose that enable readers to go beyond the text. In this case, links to legislatures, current bill status and authors of the legislation.

Here’s an actionable appendix for Woodmen’s post:

Iowa Legislature

Imagined future bill, “suck it up, buttercup bill,” to be proposed by Representative Bobby Kaufman.

Michigan Legislature

HOUSE BILL No. 4643 – An act to create a commission relative to labor disputes, and to prescribe its powers and duties; to provide for the mediation and arbitration of labor disputes, and the holding of elections thereon; to regulate the conduct of parties to labor disputes and to require the parties to follow certain procedures; to regulate and limit the right to strike and picket; to protect the rights and privileges of employees, including the right to organize and engage in lawful concerted activities; to protect the rights and privileges of employers; to make certain acts unlawful; to make appropriations; and to prescribe means of enforcement and penalties for violations of this act,” by amending section 9f (MCL 423.9f).

Referred to Senate Committee on Commerce – 12/8/2016 (died)

Authors:

Gary Glenn – (primary), Amanda Price, Michael McCready, Joseph Graves.

Unlike the Michigan legislature page, I substituted links to member webpages instead of bills they have sponsored. Interesting data on sponsorship but not helpful for contacting them. BTW, the link for Amanda Price is to her Wikipedia page. Doesn’t have a member page at the legislature.

Minnesota Legislature

Two bills:

  1. A bill for an act relating to public safety; increasing penalties for obstructing a highway; amending Minnesota Statutes 2016, sections 160.2715; 609.74.

    Authors:
    Lohmer; Fenton; Zerwas; Rarick; Miller; Runbeck; Albright; Green; Daudt; Lueck; Uglem; Dettmer; Daniels

  2. A bill for an act relating to public safety; creating the Minnesota Public Safety Personnel Protection Act; increasing penalties for obstructing emergency responders; amending Minnesota Statutes 2016, section 609.50.

    Authors:

    Garofalo; Newberger; Lohmer; Uglem.

North Dakota Legislature

HOUSE BILL NO. 1203 A BILL for an Act to create and enact section 32-03.2-02.2 of the North Dakota Century Code, relating to the liability exemption of a motor vehicle driver; and to amend and reenact section 39-10-33 of the North Dakota Century Code, relating to pedestrians on roadways. PDF text as introduced.

Authors: Representatives Kempenich, Brandenburg, Laning, Oliver, Rohr; Senators Cook, Schaible.

Washington Legislature

SB 5009 – 2017-18 Concerning offenses involving economic disruption.

Authors: Ericksen, Sheldon

Known as Preventing Economic Disruption Act (PEDA) in the 2017 legislative session.


Actionable reporting lowers the bar for readers to act on what they have read.

Trump Inauguration Police Tactics/Blockades – 10:30 AM EST

Friday, January 20th, 2017

Unicorn Riot is live streaming protests, including checkpoint blockades, from Washington, D.C.

An interesting variation on the police formation I detailed in Defeating Police Formations – Parallel Distributed Protesting, the police are breaching the blockade single file to create a path for people who want to attend the inauguration.

An odd reverse of the “surge and arrest” tactic to “surge and enable passage.”

The inauguration is still two hours out.

Join Unicorn Riot, Democracy Now! or one of the other live streams covering protests.

Personally I have no interest in the “official” ceremonies and will be skipping those.

PS: A tweet as of 35 minutes ago reports (unconfirmed) that 6 of 12 inauguration entrances have been completely shut down and traffic at others slowed to a “trickle.”

Why I Tweet by Donald Trump

Thursday, January 19th, 2017

David Uberti and Pete Vernon in The coming storm for journalism under Trump capture why Donald Trump tweets:


As Trump explained the retention of his personal Twitter handle to the Sunday Times recently: “I thought I’d do less of it, but I’m covered so dishonestly by the press—so dishonestly—that I can put out Twitter…I can go bing bing bing and I just keep going and they put it on and as soon as I tweet it out—this morning on television, Fox: Donald Trump, we have breaking news.

In order for Trump tweets to become news, two things are required:

  1. Trump tweets (quite common)
  2. Media evaluates the tweets to be newsworthy (should be less common)

Reported as newsworthy tweets are unlikely to match the sheer volume of Trump’s tweeting.

You have all read:

trump-on-sat-night-460

Is Trump’s opinion, to which he is entitled, about Saturday Night Live newsworthy?

Trump on television is as trustworthy as the “semi-literate one-legged man” Dickens quoted for the title “Our Mutual Friend” is on English grammar. (Modern American Usage by William Follett, edited by Jacques Barzum. Under the entry for “mutual friend.”)

Other examples abound but suffice it to say the media needs to make its own judgments about newsworthy or not.

Otherwise the natters of another semi-literate become news by default for the next four years.

ScriptSource [Fonts but so much more]

Thursday, January 19th, 2017

ScriptSource

From the about page:

ScriptSource is a dynamic, collaborative reference to the writing systems of the world, with detailed information on scripts, characters, languages – and the remaining needs for supporting them in the computing realm. It is sponsored, developed and maintained by SIL International. It currently contains only a skeleton of information, and so depends on your participation in order to grow and assist others.

The need for information on Writing Systems

In today’s expanding global community, designers, linguists and computer professionals are called upon more frequently to support the myriad writing systems around the world. A key to this development is consistent, trustworthy, complete and organised information on the alphabets and scripts used to write the world’s languages. The development of Writing System Implementations (WSIs) depends on the availability of this information, so a lack of it can hinder the cultural, economic and intellectual development of communities that communicate in minority languages and scripts.

ssctypes

The information needed varies widely, and can include:

  • Design information and guidelines – both for alphabets and for specific letters/glyphs
  • Linguistic information – how the script is used for specific languages
  • Encoding details – particularly Unicode, including new Unicode proposals
  • Script behaviour – how letters change shape and position in context
  • Keyboarding conventions – including information on data entry tools
  • Testing tools and sample texts – so developers can test their software, fonts, keyboards

Some of this information is available, but is scattered around among a variety of web sites that have different purposes and structures, and often lies undocumented in the minds of individual script experts, or hidden in library books.

This information is also often segregated by audience. A font designer may be frustrated to find that available resources on a script address the spoken/written language relationship, but not the background and visual rules of the letterforms. A linguist may find information on encoding the script – such as the information in The Unicode Standard – but not important details of which languages use which symbols. An application developer may find a long writeup on the development and use of the script, but nothing to tell them what script behaviours are required.

There are also relatively few opportunities for experts from these fields to cooperate and work together. What interaction does exist often happens at conferences, on various mailing lists and forums, and through personal email. There are few experts who have the time to participate in these exchanges, and those that do may be frustrated to find that the same questions keep coming up again and again. Until now, there has been no place where this knowledge can be captured, organised and maintained.

The purpose of ScriptSource

ScriptSource exists to provide this information and bridge the gap between the designer, developer, linguist and user. It seeks to document the writing systems of the world and help those wanting to implement them on computers and other devices.

The initial content is relatively sparse, but includes basic information on all scripts in the ISO 15924 standard. It will grow dynamically through public submissions, expert content development and live linkages with other web sites. Rather than being just another web site about writing systems, ScriptSource provides a single hub of information where both old and new content can be found.

A truly remarkable resource on writing systems by SIL International.

You can think of ScriptSource as a way to locate fonts, but you may be drawn into complexities others rarely see!

Enjoy!