Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

February 9, 2017

Opening Secure Channels for Confidential Tips [Allocating Risk for Leaks]

Filed under: Cybersecurity,Journalism,News,Reporting,Security — Patrick Durusau @ 5:45 pm

Opening Secure Channels for Confidential Tips by Martin Shelton.

From the post:

In Shields Up, security user researcher Martin Shelton writes about security threats and defenses for journalists. Below, his first installment. —eds

To make it easier for tipsters to share sensitive information, a growing number of news organizations are launching resources for confidential tips. While there is some overlap between the communication channels that each news organization supports, it’s not always clear which channels are the most practical for routine use. This short guide will describe some basics around how to think about security on behalf of your sources before thinking about tools and practices. I’ll also describe common communication channels for accepting sensitive tips and tradeoffs when using each channel. When thinking about tradeoffs, consider which channels are right for you.
… (emphasis in original)

Martin does a great job of surveying your current security options but doesn’t address the allocation of risk between leakers and news organizations that I covered in U.S. Leaking Law: You Go To Jail – I Win A Pulitzer and/or the option of leaking access rather than the risk of leaking data/documents, How-To: Leaking In Two Steps.

Here’s the comment I’m posting to his post and I will report back on his response, probably in a separate post:

Martin, great job on covering the security options for tips and their tradeoffs!

I do have a question though about the current model of leaking, which puts all of the risk on the leaker. A leaker undertakes the burden of liberating data and/or documents, takes the risk of copying/removing them and then the risk of getting them securely to a news organization.

All of which requires technical skills that aren’t common.

As an alternative, why shouldn’t leakers leak access to such networks/servers and enable news organizations, who have greater technical resources, to undertake the risks of retrieval of such documents?

I mentioned this to another news person and they quickly pointed out the dangers of the Computer Fraud and Abuse Act (CFAA) for a news organization but the same holds true for the leaker. Who very likely has fewer technical skills than any news organization.

Thinking that news organizations can decide to serve the interests of government (follow the CFAA) or they can decided to serve the public interest. In my view, those are not synonymous.

I am still refining ways that leakers could securely leak access but at present, using standard subscription forms with access information instead of identifying properties, offers both a trustworthy target (the news organization) and a multiplicity of places to leak, which prevents effective monitoring of them. I have written more than once about this topic but two of particular interest: U.S. Leaking Law: You Go To Jail – I Win A Pulitzer, and, How-To: Leaking In Two Steps.

Before anyone protests the “ethics” of breaking laws such as the CFAA, recall governments broke faith with their citizens first. Laws like the CFAA are monuments to that breach of faith. Nothing more.

February 7, 2017

Leakers As Lighthouses In A Sea Of Data

Filed under: Journalism,News,Reporting — Patrick Durusau @ 3:50 pm

I was extolling my How-To: Leaking In Two Steps yesterday when a very practical problem suggested itself.

In sneakernet leaking (hard copy/digital), the leaker has selected/filtered the leaked content prior to delivery to a news organization.

Leaked access puts the burden on reporters to explore to find relevant data. Without some guidance from a leaker, reporters won’t know if a “big story” is in the next directory, file or spreadsheet.

Concern was also voiced that traditional news organizations might run afoul of the Computer Fraud and Abuse Act (CFAA).

Governments enact laws like the CFAA in order to protect their own criminal activity and those of criminals like them.

Think of the last time your local, state or national government did something that would be universally admired and acclaimed but kept it secret.

Coming up empty? Some am I.

Good acts are never kept secret and that is a commentary on acts that are kept secret

I won’t suggest you violate the CFAA, if you are subject to it, but do consider if you are serving the government’s interest in obeying such laws or the public’s.

I’m re-factoring How-To: Leaking In Two Steps to keep the ease of leaking for leakers, preserve their role as lighthouses, and, perhaps even more importantly, to reduce if not eliminate CFAA liability for news organizations.

February 6, 2017

Eight Days in March: [Bias by Omission]

Filed under: Bias,Journalism,News,Reporting — Patrick Durusau @ 9:19 pm

Eight Days in March: How the World Searched for Terror Attacks by Google Trends.

eight-days-in-march-460

Cities that searched for these attacks:

cities-searching-460

See the original for full impact but do you notice a bias by omission?

What about the terrorist bombings by the United States and its allies in Syria and Iraq, that happened every day mentioned in this graphic?

Operation Inherent Resolve reports:

Between Aug. 8, 2014 and Jan. 30, 2017, U.S. and partner-nation aircraft have flown an estimated 136,069 sorties in support of operations in Iraq and Syria.

That’s 906 days or 150 sorties on average per day.

Or for eight days in March, 1200 acts of terrorism in Iraq and Syria.

Readers who are unaware of the crimes against the people of Iraq and Syria won’t notice the bias in this graphic.

Every biased graphic is an opportunity to broaden a reader’s awareness.

Take advantage of them.

February 5, 2017

Learn A Language, 140 Characters At A Time (GIJN)

Filed under: Journalism,News,Reporting — Patrick Durusau @ 5:39 pm

Global Investigative Journalism Network (GIJN) announced two Twitter feeds today:

@gijnArabic

@gijnRu

To complement:

@gijn

@gijnAfrica

@gijnCh

@gijnEs

The GIJN Twitter feed expansion prompted me to think of its feeds as part of a language learning effort.

I doubt you would find classic literature quoted in tweets but that’s rare these days outside of classrooms.

Certainly not common in tweets from political leaders. 😉

From their about page:

The Global Investigative Journalism Network (GIJN) is an international association of nonprofit organizations that support, promote, and produce investigative journalism. GIJN holds conferences, conducts trainings, provides resources and consulting, and encourages the creation of similar nonprofit groups. It was founded in 2003 when more than 300 journalists from around the world gathered for the second Global Investigative Journalism Conference in Copenhagen. Since then it has grown to 145 member organizations in 62 countries.

If you don’t know the Global Investigative Journalism Network (GIJN), pay them a visit. You will like what you find.

February 3, 2017

How-To: Leaking In Two Steps

Filed under: Cybersecurity,Journalism,News,Reporting,Security — Patrick Durusau @ 3:22 pm

In Lowering the Bar for Leakers I proposed this method for leaking login credentials:

  1. Write login credentials (not your own), login URL, on paper
  2. Mail to (news address) – no return address
  3. News Media: Destroys all leaked credentials upon receipt

Easier than the convolutions you will find at: How easy is it to securely leak information to some of America’s top news organizations? This easy or Attention Federal Employees: If You See Something, Leak Something, but we can do better.

A Universal (nearly) and Secure Leaking Point

Can you think of one characteristic shared by almost all websites? Aside from being on the Web?

The ability to create an account for news and updates!

Like this page from the New York Times:

nytimes-account-460

Warning: Leak login credentials to sites using the https protocol only.

Leaking access to a publicly accessible server

Leaking your sysadmin’s, boss’s, co-worker’s credentials, you enter:

nytimes-account-460-leak-1

Leaking access to a server on a restricted network

For servers or resources requiring more than one set of credentials, say on a secure network, again using your sysadmin’s, boss’s, co-worker’s credentials, you enter:

nytimes-account-460-leak-2

Leaking In Two Steps

The leaking of login credentials (not your own) is two steps:

  1. Create account from non-work computer
  2. Enter login credentials as account details

You are protected by:

  1. SSL encryption
  2. Safety in numbers – Study finds that 97% of large companies have had credentials leaked online
  3. Credential duplication is a well-known fact – 17% of passwords are “123456”
  4. Not facing the risks of a sneakernet thief to steal, transport and deliver data in hard copy or digital format

This technique will work with agencies, banks, corporations, courts, governments, legislatures, PACs, anywhere that requires digital login credentials.

I used email and password fields here but that is just an artifact of the New York Times form. Other parts of a form and other separators are certainly possible.

PS: Don’t leak credentials to me because my site doesn’t have SSL (right now) and I’m not in full control of the server.

Personally, if I were to accept leaked credentials, I would store that data on a RAM disk.

February 2, 2017

Data Journalism Manual

Filed under: Journalism,News,Reporting — Patrick Durusau @ 4:57 pm

Data Journalism Manual by ODECA.

There are five data journalism modules:

Plus Labs.

The page footer reads:

This data journalism manual has been adapted for UNDP Istanbul Regional Hub by Eva Constantaras, and in Russian by Anastasia Valeeva, from an original work produced for The World Bank’s Sudan Evidence Base Programme, supported by the United Kingdom Department for International Development and found at https://www.sudandata.org/learning/2

(see Data Journalism Manual for the modules in Russian.)

About ODECA:

Open Data in Europe and Central Asia (ODECA) is a platform to support government representatives, civil society activists, tech activists and citizens that care about and work with open data.

The network covers 18 countries in the region and aims to stimulate innovation, knowledge sharing and learning among practitioners and aficionados of open data regionally and globally.

Our goal is to use the potential of open data to transform societies by empowering citizens and supporting governments to meet the UN Sustainable Development Goals. While we are still exploring all the ways that data will contribute to the SDGs, it is undeniable that it will play an important role in reaching and measuring them.

The network brings in the knowledge and experience of global and regional leaders in open data.
(emphasis in the original)

Enjoy!

U.S. Leaking Law: You Go To Jail – I Win A Pulitzer

Filed under: Journalism,News,Reporting — Patrick Durusau @ 3:44 pm

While researching Challenging Anti-Whistleblowing Provision (Germany) [Republication of „stolen“ Data] in a US context, I encountered: The Legality of Publishing Hacked E-mails by Diana Dellamere.

Published in 2009 and as with all legal issues, consult a lawyer but it summarizes the rule on “illegal” content as:


Bartnicki v. Vopper is the most protective of journalists and sets out the primary “test,” holding that a broadcaster could not be held civilly liable for publishing documents or tapes illegally procured by a third party. The court set out three criteria for legitimate first amendment protection: (1) the media outlet played no role in the illegal interception; (2) media received the information lawfully; (3) the issue was a matter of public concern.

If my title sounds harsh towards the press, remember that the Washington Post won a Pulitzer Prize based on Snowden’s leaks and yet called for him to not be pardoned.

I suspect that first requirement:

(1) the media outlet played no role in the illegal interception;

is part of the reason why the bar for leakers remains high, that is media outlets don’t accept leaked login credentials for the recovery of material of public interest.

Media outlets need to realize the “no role in the illegal interception” condition of Bartnicki v. Vopper is a bargain with the devil. From which both media outlets and the public suffer.

Media outlets suffer because despite the brave rhetoric of “speaking truth to power,” media outlets say in fact:

speaking such truth as breaks through the wall of fear and punishment maintained by power

In honoring the condition of “no role in the illegal interception” media outlets have chosen a side. It isn’t the side of transparency, public interest or government accountability.

If that weren’t bad enough, the public suffers by being deprived of facts that skilled data miners could recover, that lie beyond the skill of leakers who could leak access credentials.

Everyone gets to make choices and certainly media outlets, we could all name a few, can choose to be government toadies.

As far as “legality” is concerned, I call your attention to: Tweeter And The Monkey Man by Traveling Wilburys:

Jan had told him many times, “It was you to me who taught
In Jersey anything’s legal, as long as you don’t get caught”

The law is codified caprice that favors the powerful.

Whether to break it or not asks how much is the truth worth to you really?

February 1, 2017

Challenging Anti-Whistleblowing Provision (Germany) [Republication of „stolen“ Data]

Filed under: Journalism,News,Reporting — Patrick Durusau @ 1:28 pm

GFF and its partners challenge anti-whistleblowing provision on handling „stolen“ data by Nora Markard.

From the post:

With an alliance of civil rights organizations and journalists, GFF is challenging the new Criminal Code provision on handling „stolen“ data. Passed by the grand coalition in 2015, this provision (s. 202d of the Criminal Code) criminalizes handling leaked data without providing for an adequate protection of the press. It thereby threatens an important part of the work of investigative journalists as well as their informants and supporting experts.

The facial challenge brought by GFF and its partners (PDF, in German) claims that the provision violates the freedom of the press and broadcasters, the equality clause, professional freedom and the clarity principle.

The new provision criminalizes handling data which someone else had obtained illegally; the sentence is up to three years in prison or a fine (translation by Sebastian Golla):

(1) Whoever procures for himself or for another, supplies another, disseminates or makes otherwise available data (s. 202a(2)) that is not publicly accessible and that another has acquired through an unlawful act, with the intent of enriching himself or another or of harming another, shall be liable to imprisonment not exceeding three years or a fine.

In the legislator’s intention, the provision addresses the trade in stolen credit card and user data. Due to careless drafting, however, it also covers the procurement, transfer and dissemination of electronic data which were obtained by journalists from whistleblowers.

Working with information such as that revealed to the public by Edward Snowden in violation of US secrecy laws would therefore be illegal under German law.

Governments are secretive creatures by nature and the German government is no exception to that rule.

Nora’s post is heavy on links to news coverage and those opposing this “accidental” sweeping up of whistleblowers.

Whatever the result under the particulars of German law, the better result would be a finding that publication, such as posting to Wikileaks or the dark web, breaks any chain of civil or criminal liability.

Once data has been posted to a public site, any re-publication of that data is protected as free speech.

It is easy enough to distinguish use of credit card data because that is a species of fraud and not an example of free (insert public) speech.

Re-publication creates a “bright-line,” one visible even to enthusiastic prosecutors and encourages leakers to leak for all and not the few.

Several recent leaks come to mind that were dribbled out for the benefit of the few.

January 31, 2017

Writing Good FOIA Requests

Filed under: FOIA,Journalism,News,Reporting — Patrick Durusau @ 7:45 pm

What makes a good FOIA request? We studied 33,000 to find out by By Nicholas Dias, Rashida Kamal and Laurent Bastien.

From the post:

EVERY JOURNALIST HAS IDEAS about what makes a good public records request. But surprisingly few people have actually tried to systematically analyze how requests can be written to improve their chances of success.

To fill this vacuum, we analyzed more than 33,000 Freedom of Information Act requests and identified a few characteristics that were typical of those that were fulfilled.

The requests were made to five federal agencies that publish to FOIAonline.gov: the Environmental Protection Agency, the Department of Commerce, Customs and Border Protection, the Department of the Navy, and the National Archives and Records Administration. All were filed between 2011 and 2016.

We defined success as the receipt of all records requested, as defined by the agency. There was no straightforward relationship between wait time and any of the characteristics we considered, so we factored it out as a measure of success.

For the requests we examined, the full-grant rate across all five agencies was around 23 percent. That’s the same success rate for requests across all federal agencies, according to Max Galka of FOIA Mapper, a project funded by the Knight Foundation that outlines the record systems of federal agencies.

Requesters in our sample typically waited around 142 days, or a little more than four months, to get responses. Less than 39 percent of requests received responses within 28 days, which is the longest amount of time an agency could spend fulfilling a request while still meeting FOIA’s 20-business-day time limit.

That’s a pretty bleak picture. So, how can you improve your chances?
… (emphasis in original)

What? Evidence-based FOIA practices? 😉

After reading this review of FOIA practices, get thee to MuckRock.

MuckRock has advice, tools, community, in short, it is a one-stop FOIA shop.

What FOIA request(s) are you going to file?

January 27, 2017

This Is Easy Leaking?

Filed under: Journalism,News,Reporting — Patrick Durusau @ 3:31 pm

How easy is it to securely leak information to some of America’s top news organizations? This easy by Laura Hazard Owen.

Laura’s “easy” process has six steps that involve you installing software on your computer (detectable), storing files to be leaked on the same computer (detectable), saving your acknowledgement from the recipient of your leak (detectable).

Although she cautions you to not use a work computer for installing Tor, good advice, but in leak investigations, all computers are generally seized.

In Lowering the Bar for Leakers I suggest leakers and news media should follow this protocol for leaks:

  1. Write login credentials (not your own), login URL, on paper
  2. Mail to (news address) – no return address
  3. News Media: Destroys all leaked credentials upon receipt

A leaker’s part reduces to two steps and it reduces their risk from copying/smuggling documents.

Which one do you think is “easier??

To Laura’s credit, she does list ten (10) SecureDrop sites for publishers still following a sneakernet model of leaking.

We live in an insecure and networked environment. Why cling to copy machine and hard copy models of leaking?

The Critical Thinking Skills Cheatsheet [Infographic and Wookbook]

Filed under: Critical Reading,Journalism,News,Reporting — Patrick Durusau @ 2:45 pm

The Critical Thinking Skills Cheatsheet [Infographic] by Lee Watanabe-Crockett.

From the post:

Critical thinking skills truly matter in learning. Why? Because they are life skills we use every day of our lives. Everything from our work to our recreational pursuits, and all that’s in between, employs these unique and valuable abilities. Consciously developing them takes thought-provoking discussion and equally thought-provoking questions to get it going. Begin right here with the Critical Thinking Skills Cheatsheet.

It’s a simple infographic offering questions that work to develop critical thinking on any given topic. Whenever your students discover or talk about new information, encourage them to use these questions for sparking debate and the sharing of opinions and insights among each other. Together they can work at building critical thinking skills in a collaborative and supportive atmosphere.
… (emphasis in original)

The infographic, also available as a color 11 x 17 pdf file, is too large to display here but I can give you the flavor of it:

Who

… benefits from this?
… is this harmful to?
… makes decisions about this?
… is most directly affected?
… have you also heard discuss this?
… would be the best person to consult?
… will be the key people in this?
… deserves recognition for this?

What, Where, When, Why and How have similar expansions.

See also The Critical Thinking Workbook from Global Digital Citizen.

Specific domains may benefit from altered or additional prompts but this a great starting place!

State Legislatures For Bloggers and Reporters (Do You Enable Readers or Troll for Donations?)

Filed under: Journalism,Law,Law - Sources,News,Reporting — Patrick Durusau @ 11:28 am

The Law Librarians of Congress produce a number of remarkable legal resources for use by member of Congress and the general public.

While not new, their State Legislatures Websites was new to me and merits mentioning.

Presented both as a map image and a more traditional table listing, the webpage offers a curated set of links to state legislatures.

If that doesn’t sound important, consider my comparison of nearly linkless reporting in Actionable Reporting – An Example with my expanded account that included links to pending (or expired) legislation, along with links to the authors of news worthy legislation.

Vague, hand-waving reports of some bill somewhere are good for fund raising but they don’t enable your readers to take effective action.

That’s your call, enabling your readers or trolling for donations.

Bookmark State Legislatures Websites or if you need it fairly often, copy the table into a local page of legal resources for quick reference.

You’re the fact-checker now [Wineberg/McGrew Trafficking In Myths]

Filed under: Bias,Critical Reading,Journalism,News — Patrick Durusau @ 11:08 am

You’re the fact-checker now

From the post:

No matter what media stream you depend on for news, you know that news has changed in the past few years. There’s a lot more of it, and it’s getting harder to tell what’s true, what’s biased, and what may be outright deceptive. While the bastions of journalism still employ editors and fact-checkers to screen information for you, if you’re getting your news and assessing information from less venerable sources, it’s up to you to determine what’s credible.

“We are talking about the basic duties of informed citizenship,” says Sam Wineburg, Margaret Jacks Professor of Education.

Wineburg and Sarah McGrew, a doctoral candidate in education, tested the ability of thousands of students ranging from middle school to college to evaluate the reliability of online news. What they found was discouraging: even social media-savvy students at elite universities were woefully unskilled at determining whether or not information came from reliable, unbiased sources.

Winburg and McGrew arrived at the crisis of “biased” news decades, if not centuries too late.

Manufacturing Consent: The Political Economy of the Mass Media by Edward S. Herman and Noam Chomsky, published in 2002, traces the willing complicity of the press in any number of fictions that served the interests of the government and others.

There is a documentary by Mark Achbar and Peter Wintonick about Noam Chomsky and Manufacturing Consent. Total run time is: 2 hours, 40 minutes and 24 seconds. I read the book, did not watch the video. But if you prefer video:

https://www.youtube.com/watch?v=YHa6NflkW3Y

Herman and Chomsky don’t report some of the earlier examples of biased news.

Egyptian accounts of the Battle of Kadesh claim a decisive victory in 1274 or 1273 BCE over the Hittites, accounts long accepted as the literal truth. More recent research treats the Egyptian claims as akin to US claims to winning the war on terrorism.

Winning wars makes good press but no intelligent person takes such claims uncritically.

For the exact details, consider:

The Road to Kadesh: A Historical Interpretation of the Battle Reliefs of King Sety I at Karnak

and, “The Battle of Kadesh: A Debate between the Egyptian and Hittite Perspectives:”

Or as another example of biased reporting, consider the text of You’re the fact-checker now.

From the post:

“Accurate information is an absolutely essential ingredient to civic health,” says Wineburg.

Ok, so what do you make of the lack of evidence for:

…it’s getting harder to tell what’s true, what’s biased, and what may be outright deceptive[?]

I grant there’s a common myth of a time when it was easier to tell “what’s true, what’s biased and what may be outright deceptive.” But the existence of a common myth doesn’t equate to factual truth.

An article exhorting readers to become fact-checkers that is premised on a myth, in Wineburg’s own words, has a “shaky foundation.”

Sources have always been biased and some calculated to deceive, from those that reported total Egyptian victory at Kadesh to more recent examples by Herman and Chomsky.

Careful readers treat all sources as suspect, especially those not considered suspect by others.


Semi-careful readers may object that I have cited no evidence for:

…it’s getting harder to tell what’s true, what’s biased, and what may be outright deceptive.

being a myth.

“Myth” in this context is a rhetorical flourish to describe the lack of evidence presented by Winburg and McGrew for that proposition.

To establish such a claim, the alleged current inability of students to discern between trustworthy and untrustworthy sources requires:

  1. A baseline of what is true, biased, deceptive for time period X.
  2. Test of students (or others) for discernment of truth/bias/deception in reports during period X.
  3. A baseline of what is true, biased, deceptive for time period Y.
  4. Proof the baselines for periods X and Y are in fact comparable.
  5. Proof the tests and their results are comparable for periods X and Y.
  6. Test of students (or others) for discernment of truth/bias/deception in reports during period Y.
  7. Evaluation of the difference (if any) between the results of tests for periods X and Y.

at a minimum. I have only captured the major steps that come to mind. No doubt readers can supply others that I have overlooked.

Absent such research, analysis and proofs, that can be replicated by others, Wineberg and McGrew are trafficking in common prejudice and nothing more.

Such trafficking is useful for funding purposes but it doesn’t advance the discussion of training readers in critical evaluation of sources.

January 26, 2017

Superficial Reporting on Executive Orders and DAPL

Filed under: #DAPL,Journalism,News,Reporting — Patrick Durusau @ 11:00 am

Trump advances controversial oil pipelines with executive action by Athena Jones, Jeremy Diamond and Gregory Krieg, CNN, starts with these breathless paragraphs:

President Donald Trump on Tuesday signed executive actions to advance approval of the Keystone XL and Dakota Access oil pipelines.

The decision to advance the pipelines cast aside efforts by President Barack Obama’s administration to block construction of the two pipelines, while making good on one of Trump’s campaign promises.

The CNN reporters must have read some presidential action other than: Presidential Memorandum Regarding Construction of the Dakota Access Pipeline. CNN links to the memorandum but never quote from it.

Here’s the relevant language from the memorandum:


Sec. 2. Directives. (a) Pipeline Approval Review. The Secretary of the Army shall instruct the Assistant Secretary of the Army for Civil Works and the U.S. Army Corps of Engineers (USACE), including the Commanding General and Chief of Engineers, to take all actions necessary and appropriate to:

(i) review and approve in an expedited manner, to the extent permitted by law and as warranted, and with such conditions as are necessary or appropriate, requests for approvals to construct and operate the DAPL, including easements or rights-of-way to cross Federal areas under section 28 of the Mineral Leasing Act, as amended, 30 U.S.C. 185; permits or approvals under section 404 of the Clean Water Act, 33 U.S.C. 1344; permits or approvals under section 14 of the Rivers and Harbors Act, 33 U.S.C. 408; and such other Federal approvals as may be necessary;

(ii) consider, to the extent permitted by law and as warranted, whether to rescind or modify the memorandum by the Assistant Secretary of the Army for Civil Works dated December 4, 2016 (Proposed Dakota Access Pipeline Crossing at Lake Oahe, North Dakota), and whether to withdraw the Notice of Intent to Prepare an Environmental Impact Statement in Connection with Dakota Access, LLC’s Request for an Easement to Cross Lake Oahe, North Dakota, dated January 18, 2017, and published at 82 Fed. Reg. 5543;

(iii) consider, to the extent permitted by law and as warranted, prior reviews and determinations, including the Environmental Assessment issued in July of 2016 for the DAPL, as satisfying all applicable requirements of the National Environmental Policy Act, as amended, 42 U.S.C. 4321 et seq., and any other provision of law that requires executive agency consultation or review (including the consultation or review required under section 7(a) of the Endangered Species Act of 1973, 16 U.S.C. 1536(a));

(iv) review and grant, to the extent permitted by law and as warranted, requests for waivers of notice periods arising from or related to USACE real estate policies and regulations; and

(v) issue, to the extent permitted by law and as warranted, any approved easements or rights-of-way immediately after notice is provided to the Congress pursuant to section 28(w) of the Mineral Leasing Act, as amended, 30 U.S.C. 185(w).

Do you see a

cast[ing] aside efforts by President Barack Obama’s administration to block construction of the two pipelines

?

That’s the President’s intent but read the discretionary language present:


(i) review and approve in an expedited manner, to the extent permitted by law and as warranted, and with such conditions as are necessary or appropriate, … ;

(ii) consider, to the extent permitted by law and as warranted, whether to rescind or modify the memorandum … ;

(iii) consider, to the extent permitted by law and as warranted, prior reviews and determinations, including the Environmental Assessment issued in July of 2016 for the DAPL, … ;

(iv) review and grant, to the extent permitted by law and as warranted, … ; and

(v) issue, to the extent permitted by law and as warranted, ….

Setting aside Obama administration actions if after,

consider, to the extent permitted by law and as warranted, whether to rescind or modify the memorandum (Sec. 2, (ii))

That’s a long way from “…cast[ing] aside….”

Who Exercises That Discretion?

Three entities are named to exercise discretion over the DAPL permits:

but only the Army Corps of Engineers was named by CNN and then without a link for further details.

Beyond Hand Wringing Over The Executive Order On DAPL

Starting with the U.S. Army Corps of Engineers (USACE), note they maintain a webpage devoted entirely to DAPL and the current status of their review. Helpfully, the USACE includes a phone number for anyone to call about the project, (202) 761-8700.

Assistant Secretary of the Army for Civil Works Jo-Ellen Darcy’s MEMORANDUM FOR Commander, U.S. Army Corps of Engineers, SUBJECT: Proposed Dakota Access Pipeline Crossing at Lake Oahe, North Dakota (undated but appears to be December 2016), gives pointers into the regulatory scheme that will govern the review process.

Organizations opposing DAPL are mentioned, some even quoted, but for further contact, as least per CNN, you are on your own.

Let’s cure that lack:

To be fair, CNN also omitted contact details for supporters of DAPL as well: Sen. Heidi Heitkamp (D, North Dakota) and Sen. Joe Manchin (D, West Virginia).

To become a participant on this important issue, follow the Army Corps of Engineers page, contribute to and/or participate in organizations opposing DAPL, reason with supporters of DAPL, reason with shareholders of banks invested in DAPL, etc. All of which requires basic information to enable your participation.

Conclusion

New reports should enable readers to participate in the important issues of the day.

Even with the Executive Order, the game of review within government is still on. You can participate and/or support other organizations that are participating in that process.

Compare my account to that of CNN.

Which one do you think better enables your participation?

January 25, 2017

Lowering the Bar for Leakers

Filed under: Cybersecurity,Journalism,News,Reporting,Security — Patrick Durusau @ 3:09 pm

Leaking and leakers were in the news in the waning days of the Obama administration. Chelsa Manning, source of the Afghan War Diary, had her 35 year sentence commuted to seven years by President Obama. Edward Snowden, who leaked a wide variety of materials, was discussed as a candidate for a pardon, but none was forthcoming.

The House Intelligence Committee letter urged President Obama to not pardon Snowden. The only truthful statement in the letter, apart from the signatures, appears to be:

America’s intelligence professionals take Mr. Snowden’s disclosures personally.

Why “America’s intelligence professionals” pouting over disclosures of their illegal and ineffectual activities is relevant to pardoning Snowden isn’t clear. In any event, Snowden continues to reside in Russia.

What is clear is that leakers bear the risk of obtaining and leaking material of great public interest. Some of that risk is an artifact of current practices for leaking.

Present Day Leaking Practices

The Intercept has a fair description of current art of leaking:

  • Begin by bringing your personal computer to a Wi-Fi network that isn’t associated with you or your employer, like one at a coffee shop. Download the Tor Browser. (Tor allows you to go online while concealing your IP address from the websites you visit.)
  • You can access our SecureDrop server by going to http://y6xjgkgwj47us5ca.onion/ in the Tor Browser. This is a special kind of URL that only works in Tor. Do NOT type this URL into a non-Tor Browser. It won’t work — and it will leave a record.
  • If that is too complicated, or you don’t wish to engage in back-and-forth communication with us, a perfectly good alternative is to simply send mail to P.O. Box 65679, Washington, D.C., 20035, or to The Intercept, 114 Fifth Avenue, 18th Floor, New York, New York, 10011. Drop it in a mailbox (do not send it from home, work or a post office) with no return address.

Attention Federal Employees: If You See Something, Leak Something

The Intercept never discusses the form, hard copy or digital, of a leak but WikiLeaks:Submissions, reads like a description of a sneakernet.

“Sneakernet” were a primitive and inefficient way to transfer information from one computer to another. With a user carrying a floppy disk from one computer to another, hence “sneakernet.”

Primitive and inefficient qualify as descriptors for leakers obtaining documents in hard copy and/or electronically and transferring them to the news media.

Potential leakers must endanger themselves by copying and smuggling the documents to be leaked, plus do a technical dance to leak them. In a modern networked environment.

In a networked environment is the key.

Leaking in a Networked Environment

No leaking advice is universal and what I am about to describe won’t work, at least not well, for air gapped systems. Leaking by sneakernet remains relevant for some situations.

In a networked environment, consider a potential leaker leaking login credentials? Not necessarily theirs, perhaps the sysadmin credentials written next to the console. Or their office manager’s.

That sort of leaking only requires:

  1. Blank paper with envelope
  2. Addressed to a news media address – no return address
  3. Credentials written on the paper with remote login URL
  4. News media destroys notes after they arrive

The usual cautions, not from your place of business, etc. apply.

Prospective leakers enjoy these advantages from leaking login credentials:

  1. Easy to leak
  2. No copying, physical or digital to attract attention
  3. No smuggling of documents or media past security
  4. No traceability in sea of breaches large and small

The reduction of the technical requirements for leaking, not to mention reducing the risk to the leakers themselves, lowers the bar for leakers and should attract more leaking.

The news media obtains advantages from credential leaking as well:

  1. Enables creation of a library of sources
  2. Enables exploration for other documents
  3. Reduces arbitrary or incomplete nature of leaks
  4. Reduces the opacity reflex, media likely knows the truth already

Credential leaking does alter the risk of leaking from being leaker centric to putting a greater burden on the news media.

Allocation of Risk

The sharing of login credentials maybe a crime under 18 USC 1030 (Computer Fraud & Abuse Act (CFAA)). I say “maybe” a crime because panels of Ninth Circuit Federal Court of Appeals “appear” to have different ideas on password sharing. Ninth Circuit Panel Backs Away From Dangerous Password Sharing Decision—But Creates Even More Confusion About the CFAA

Whether faulty reasoning spreads from the Ninth Circuit or not, it remains clear that avoiding copying, smuggling, etc., as with credential leaking, poses a reduced risk to leakers.

On the other hand, under the provisions of 18 USC 1030 (Computer Fraud & Abuse Act (CFAA)), the risk to any reporter or news media organization that makes use of leaked credentials, the risk is elevated.

Elevated to federal felony level risk.

That may seem like a poor trade for the news media, but consider that the New York Times has stables of internal counsel, not to mention external counsel and financial resources that aren’t available to the average leaker.

Moreover, the New York Times has access to highly competent computer experts who can “leak” data to its reporters via secure means, enabling reporters to truthfully testify as to the origin of leaked materials used in their stories.

Unlike current leaking practices, where the leaker takes all the risks, considerable risks, credential leaking allocates the leak and risk to those best able to accomplish it with a margin of safety.

Along with that reallocation of risk, comes the potential to greatly democratize the practice of leaking.

Democratizing Leaking

How effective are postings like Attention Federal Employees: If You See Something, Leak Something?

The Bureau of Labor Statistics estimates the number of potential leakers by employment category as of December 2016 (my characterization, not theirs):

  • Accounting 1,015,800
  • Financial Activities 8,359,000
  • Government 22,565,000
  • Legal Services 1,131,900
  • Oil and Gas 173,300
  • Real Estate 2,147,400

(Table B-1. Employees on nonfarm payrolls by industry sector and selected industry detail)

Not a complete listing of the categories. I selected those where scandals and/or scandalous materials are most often found.

By my count, 35,392,400 potential leakers.

Compare The Intercept‘s long treatment with on the masthead of Times-with-a-Spine (fictitous newspaper):

Leakers (see A-2)

On page A-2:

If you are going to leak:

  1. Write login credentials (not your own), login URL, on paper
  2. Mail to (news address) – no return address
  3. We destroy all leaked credentials upon receipt

Push an ad with the same content into daily shoppers, free/community newspapers, websites, etc. Perhaps even Amazon ads keyed to people with .gov and .mil email addresses.

How news organizations will use leaked credentials I cannot say. In order to protect leakers, however, any credential leaks should be destroyed upon determination they are credential leaks. (Complete burning with paper of similar origins into a fine ash, sifting and secure burial for starters.)

Happy leaking!

January 21, 2017

Global Muckraking: Investigative Journalism and Global Media – Starts February 8, 2017

Filed under: Journalism,News,Reporting — Patrick Durusau @ 11:49 am

Global Muckraking: Investigative Journalism and Global Media by Anya Schiffrin. (Free Columbia University MOOC)

From the webpage:

About this course

Using examples of investigative and crusading journalism from Asia, Africa, Latin America and Europe, this course will help you understand how raising public awareness can create political and social change.

This course is a fast-paced introduction to global muckraking, past and present, and includes penetrating interviews with historians and investigative journalists.

Join us to discover the vital role that journalism has played in fighting injustice and wrongdoing over the last 100 years and delve into the current trends reshaping investigative reporting in the digital age.

What you’ll learn

  • How journalists can act as government and corporate watchdogs
  • The hard and soft pressures on investigative journalism
  • Stories of prominent reporters uncovering injustice from the late 19th century to today
  • Trends in media innovation

American Exceptionalism is mainstream in US journalism.

Consider the first line of this course description:

Using examples of investigative and crusading journalism from Asia, Africa, Latin America and Europe, ….

What? No mention of the class-based corruption, which is preferred by American policy makers over the “corrupt” quid-pro-quo corruption of other countries?

No mention of quid-pro-quo corruption in the US, which resulted in four of the last seven governors of Illinois going to jail. (As of 2012. It hasn’t been long enough to convict another governor of Illinois. Question of when, not if.)

Journalists in foreign countries deserve all the support they can be given.

At the same time, “injustice and wrongdoing” aren’t limited to “over there.”

Anyone who chooses to look, will see injustice and wrongdoing much closer to home.

That said, a history of investigative and crusading journalism may inspire you to take up the banner.

Enjoy!

Actionable Reporting – An Example

Filed under: Journalism,News,Reporting — Patrick Durusau @ 11:07 am

Republican Lawmakers in Five States Propose Bills to Criminalize Peaceful Protests by Spencer Woodman.

I don’t mind prosy reporting but I should not be forced to recover information that was (or should have been known) to the reporter.

Quick summary of Woodman’s post: Iowa, imagined future law; Michigan, proposal that died last year; Minnesota, two pending bills; North Dakota, one pending bill, Washington, one pending bill. So, three states and not five.

The scattered links aren’t ones to help the reader track the current status of legislation, if it exists. Nor are the authors of these offenses against the common good identified.

Actionable reporting appends links to prose that enable readers to go beyond the text. In this case, links to legislatures, current bill status and authors of the legislation.

Here’s an actionable appendix for Woodmen’s post:

Iowa Legislature

Imagined future bill, “suck it up, buttercup bill,” to be proposed by Representative Bobby Kaufman.

Michigan Legislature

HOUSE BILL No. 4643 – An act to create a commission relative to labor disputes, and to prescribe its powers and duties; to provide for the mediation and arbitration of labor disputes, and the holding of elections thereon; to regulate the conduct of parties to labor disputes and to require the parties to follow certain procedures; to regulate and limit the right to strike and picket; to protect the rights and privileges of employees, including the right to organize and engage in lawful concerted activities; to protect the rights and privileges of employers; to make certain acts unlawful; to make appropriations; and to prescribe means of enforcement and penalties for violations of this act,” by amending section 9f (MCL 423.9f).

Referred to Senate Committee on Commerce – 12/8/2016 (died)

Authors:

Gary Glenn – (primary), Amanda Price, Michael McCready, Joseph Graves.

Unlike the Michigan legislature page, I substituted links to member webpages instead of bills they have sponsored. Interesting data on sponsorship but not helpful for contacting them. BTW, the link for Amanda Price is to her Wikipedia page. Doesn’t have a member page at the legislature.

Minnesota Legislature

Two bills:

  1. A bill for an act relating to public safety; increasing penalties for obstructing a highway; amending Minnesota Statutes 2016, sections 160.2715; 609.74.

    Authors:
    Lohmer; Fenton; Zerwas; Rarick; Miller; Runbeck; Albright; Green; Daudt; Lueck; Uglem; Dettmer; Daniels

  2. A bill for an act relating to public safety; creating the Minnesota Public Safety Personnel Protection Act; increasing penalties for obstructing emergency responders; amending Minnesota Statutes 2016, section 609.50.

    Authors:

    Garofalo; Newberger; Lohmer; Uglem.

North Dakota Legislature

HOUSE BILL NO. 1203 A BILL for an Act to create and enact section 32-03.2-02.2 of the North Dakota Century Code, relating to the liability exemption of a motor vehicle driver; and to amend and reenact section 39-10-33 of the North Dakota Century Code, relating to pedestrians on roadways. PDF text as introduced.

Authors: Representatives Kempenich, Brandenburg, Laning, Oliver, Rohr; Senators Cook, Schaible.

Washington Legislature

SB 5009 – 2017-18 Concerning offenses involving economic disruption.

Authors: Ericksen, Sheldon

Known as Preventing Economic Disruption Act (PEDA) in the 2017 legislative session.


Actionable reporting lowers the bar for readers to act on what they have read.

January 19, 2017

Why I Tweet by Donald Trump

Filed under: Journalism,News,Reporting,Twitter — Patrick Durusau @ 8:02 pm

David Uberti and Pete Vernon in The coming storm for journalism under Trump capture why Donald Trump tweets:


As Trump explained the retention of his personal Twitter handle to the Sunday Times recently: “I thought I’d do less of it, but I’m covered so dishonestly by the press—so dishonestly—that I can put out Twitter…I can go bing bing bing and I just keep going and they put it on and as soon as I tweet it out—this morning on television, Fox: Donald Trump, we have breaking news.

In order for Trump tweets to become news, two things are required:

  1. Trump tweets (quite common)
  2. Media evaluates the tweets to be newsworthy (should be less common)

Reported as newsworthy tweets are unlikely to match the sheer volume of Trump’s tweeting.

You have all read:

trump-on-sat-night-460

Is Trump’s opinion, to which he is entitled, about Saturday Night Live newsworthy?

Trump on television is as trustworthy as the “semi-literate one-legged man” Dickens quoted for the title “Our Mutual Friend” is on English grammar. (Modern American Usage by William Follett, edited by Jacques Barzum. Under the entry for “mutual friend.”)

Other examples abound but suffice it to say the media needs to make its own judgments about newsworthy or not.

Otherwise the natters of another semi-literate become news by default for the next four years.

January 16, 2017

Never Allow Your Self-Worth To Depend Upon A Narcissist

Filed under: Journalism,News,Politics,Reporting — Patrick Durusau @ 5:26 pm

The White House press corps has failed, again, in its relationship with President Trump.

The latest debacle is described in Defiant WH Press Corps “won’t go away” if ejected, says Major Garrett.

From the post:

There have been rumblings about kicking the press out of the White House almost since Donald Trump won the presidency, culminating with a report in Esquire last week that the Trump administration has in fact been giving the idea “serious consideration.”

“If they do so, we’ll still cover him. The White House press corps won’t go away,” CBS News Chief White House Correspondent Major Garrett told CBSN’s Josh Elliott Monday. “You can shove us a block away, two blocks away, a mile away. We will be on top of this White House — as we’ve been on top of every White House.”

Mr. Trump and several on his communications team have had a stormy relationship with the press, both during his presidential campaign and during his transition.

“I would not be surprised if they moved us out. I really do think there is something about the Trump administration and those closest to him who want the symbolism of driving reporters out of the White House, moving the elites out farther away from this president,” Garrett said.

Does the self-worth of the White House press corps depend upon where they are located by a known narcissist?

If so, they are in for a long four years.

That is doubly true for Trump’s denigration of reporters and others.

A fundamental truth to remember for the next four years:

Trump’s comments about you, favorable or unfavorable, are smelly noise. They will dissipate, unless repeated over and over, as though it matters if a narcissist denies or affirms your existence.

It doesn’t.

Password Advice For Leakers

Filed under: Cybersecurity,Journalism — Patrick Durusau @ 11:31 am

What the Most Common Passwords of 2016 List Reveals [Research Study] by Keeper.

As a prospective leaker, if your password is any of the ones listed below, congratulations! (“123456” leads with 17%.)

Your password is in the top 50% of 10 million passwords analyzed by Keeper in 2016.

Extremely plausible evil hackers “discovered” your login and then “cracked” your password.

No longer a “leak,” but a theft and the thief isn’t you. (How’s that for protecting leakers?)

Rank Password
1. 123456
2. 123456789
3. qwerty
4. 12345678
5. 11111
6. 1234567890
7. 1234567
8. password
9. 123123
10. 987654321
11. qwertyuiop
12. mynoob
13. 123321
14. 666666
15. 18atcsk2w
16. 7777777
17. 1q2w3e4r
18. 654321
19. 555555
20. 3rjs1la7qe
21. google
22. 1q2w3e4r5t
23. 123qwe
24. zxcvbnm
25. 1q2w3e

You must follow the leaking instructions at: https://theintercept.com/leak/, but leak only your login, password and network URL.

No guarantees that The Intercept will take the initiative but they aren’t the only game in town.

Highly Effective Gmail Phishing

Filed under: Cybersecurity,Journalism,News,Reporting — Patrick Durusau @ 8:56 am

Wide Impact: Highly Effective Gmail Phishing Technique Being Exploited by Mark Maunder.

From the post:

As you know, at Wordfence we occasionally send out alerts about security issues outside of the WordPress universe that are urgent and have a wide impact on our customers and readers. Unfortunately this is one of those alerts. There is a highly effective phishing technique stealing login credentials that is having a wide impact, even on experienced technical users.

I have written this post to be as easy to read and understand as possible. I deliberately left out technical details and focused on what you need to know to protect yourself against this phishing attack and other attacks like it in the hope of getting the word out, particularly among less technical users. Please share this once you have read it to help create awareness and protect the community.

Mark’s omission of the “technical details” makes this more of an advertisement for phishing with Gmail than a how-to guide.

Still, the observation that even “experienced technical users” are trapped by this technique should encourage journalists in particular to consider adding phishing, voluntary or otherwise to their data gathering toolkit.

As I pointed out yesterday, Phishing As A Public Service – Leak Access, Not Data, enabling leakers to choose to receive phishing emails can result in greater access to documents by reporters at less risk to leakers.

With the daily hype about data breaches, who can blame some mid-level management type for their computer being breached? Oh, it could result in loss of employment, maybe, but greatly reduces the odds of being fingered as a leaker.

Unlike plain brown paper wrappers with Glenn Greenwald‘s address on them. 😉

If phishing sounds a bit exotic, consider listing software/versions with known vulnerabilities that users can install and then visit a website for an innocent registration that captures their details.

Journalism as active information gathering as opposed to consuming leaks and government hand-outs.

January 13, 2017

Calling Bullshit in the Age of Big Data (Syllabus)

Filed under: Critical Reading,Journalism,News,Reporting,Research Methods — Patrick Durusau @ 7:33 pm

Calling Bullshit in the Age of Big Data by Carl T. Bergstrom and Jevin West.

From the about page:

The world is awash in bullshit. Politicians are unconstrained by facts. Science is conducted by press release. So-called higher education often rewards bullshit over analytic thought. Startup culture has elevated bullshit to high art. Advertisers wink conspiratorially and invite us to join them in seeing through all the bullshit, then take advantage of our lowered guard to bombard us with second-order bullshit. The majority of administrative activity, whether in private business or the public sphere, often seems to be little more than a sophisticated exercise in the combinatorial reassembly of bullshit.

We’re sick of it. It’s time to do something, and as educators, one constructive thing we know how to do is to teach people. So, the aim of this course is to help students navigate the bullshit-rich modern environment by identifying bullshit, seeing through it, and combatting it with effective analysis and argument.

What do we mean, exactly, by the term bullshit? As a first approximation, bullshit is language intended to persuade by impressing and overwhelming a reader or listener, with a blatant disregard for truth and logical coherence.

While bullshit may reach its apogee in the political sphere, this isn’t a course on political bullshit. Instead, we will focus on bullshit that comes clad in the trappings of scholarly discourse. Traditionally, such highbrow nonsense has come couched in big words and fancy rhetoric, but more and more we see it presented instead in the guise of big data and fancy algorithms — and these quantitative, statistical, and computational forms of bullshit are those that we will be addressing in the present course.

Of course an advertisement is trying to sell you something, but do you know whether the TED talk you watched last night is also bullshit — and if so, can you explain why? Can you see the problem with the latest New York Times or Washington Post article fawning over some startup’s big data analytics? Can you tell when a clinical trial reported in the New England Journal or JAMA is trustworthy, and when it is just a veiled press release for some big pharma company?

Our aim in this course is to teach you how to think critically about the data and models that constitute evidence in the social and natural sciences.

Learning Objectives

Our learning objectives are straightforward. After taking the course, you should be able to:

  • Remain vigilant for bullshit contaminating your information diet.
  • Recognize said bullshit whenever and wherever you encounter it.
  • Figure out for yourself precisely why a particular bit of bullshit is bullshit.
  • Provide a statistician or fellow scientist with a technical explanation of why a claim is bullshit.
  • Provide your crystals-and-homeopathy aunt or casually racist uncle with an accessible and persuasive explanation of why a claim is bullshit.

We will be astonished if these skills do not turn out to be among the most useful and most broadly applicable of those that you acquire during the course of your college education.

A great syllabus and impressive set of readings, although I must confess my disappointment that Is There a Text in This Class? The Authority of Interpretive Communities and Doing What Comes Naturally: Change, Rhetoric, and the Practice of Theory in Literary and Legal Studies, both by Stanley Fish, weren’t on the list.

Bergstrom and West are right about the usefulness of this “class” but I would use Fish and other literary critics to push your sensitivity to “bullshit” a little further than the readings indicate.

All communication is an attempt to persuade within a social context. If you share a context with a speaker, you are far more likely to recognize and approve of their use of “evidence” to make their case. If you don’t share such a context, say a person claiming a particular interpretation of the Bible due to divine revelation, their case doesn’t sound like it has any evidence at all.

It’s a subtle point but one known in the legal, literary and philosophical communities for a long time. That it’s new to scientists and/or data scientists speaks volumes about the lack of humanities education in science majors.

January 5, 2017

Beall’s List of Predatory Publishers 2017 [Avoiding “fake” scholarship, journalists take note]

Filed under: Journalism,News,Peer Review,Publishing — Patrick Durusau @ 11:42 am

Beall’s List of Predatory Publishers 2017 by Jeffrey Beall.

From the webpage:

Each year at this time I formally announce my updated list of predatory publishers. Because the publisher list is now very large, and because I now publish four, continuously-updated lists, the annual releases do not include the actual lists but instead include statistical and explanatory data about the lists and links to them.

Jeffrey maintains four lists of highly questionable publishers/publications:

Beall’s list should be your first stop when an article arrives from an unrecognized publication.

Not that being published in Nature and/or Science is a guarantee of quality scholarship, but publication on Beall’s list should raise publication stopping red flags.

Such a publication could be true, but bears the burden of proving itself to be so.

January 2, 2017

News Bubble Bursting – World Newspapers and Magazines Online

Filed under: Journalism,News,Reporting — Patrick Durusau @ 9:27 pm

World Newspapers and Magazines Online

Newspaper and magazine listings for one hundred and ninety-nine (199) countries.

At the rate of one country per week, it would take 3.8 years to work your way through this listing.

Considering the depth of government and corporate deception, don’t you owe it to yourself, if not your readers, to sample that deception widely?

In an age of automatic, if not always smooth and correct, translation, do you have a good excuse for doing any less?

Russian Hackers – Repeating History?

Filed under: Journalism,News,Reporting — Patrick Durusau @ 7:35 pm

Maybe there is something to reading accounts of recent history. (A fascination with markup/computer and ANE languages doesn’t lead to much recent reading in “recent” history.)

But I was reading Manufacturing Consent by Edward S. Herman and Noam Chomsky (2002), when I encountered a repetition of the currently popular meme, “Russian hackers hacked the DNC.” (Despite the Podesta emails being obtained due to user carelessness that is hard to characterize as a “hack.”)

History Repeating (Not for the first time)

Set your wayback machine for 1981, another time when Russia (then the USSR) was an “evil empire.” (Or so claimed by people with particular agendas.)

A Turkish facist and member of a violent anti-left party in Turkey, one Mehmet Ali Agca, attempted to assassinate Pope John Paul II in May 1981. After being interrogated for 17 months, Agca “confessed” that he was an agent of the KGB and Bulgarians.

Herman and Chomsky walk through the unraveling of this fantasy of the Reagan era political elites (pages xxvii-xxix), only to conclude:


The New York Times, which had been consistently supportive of the connection in both news and editorials, not only failed to report Weinstein’s negative findings from the search of the Bulgarian files, it also excluded Goodman’s statements on the CIA penetration of the Bulgarian secret services from their excerpts of his testimony. The Times had long maintained that the CIA and the Reagan administration “recoiled from the devastating implication that Bulgarian agents were bound to have acted only on a signal from Moscow.” 58 But Goodman’s and Ford’s testimony show that this was the reverse of the truth, and that CIA heads William Casey and Robert Gates overrode the views of CIA professionals and falsified evidence to support a Soviet linkage. The Times was not alone in following a misleading party line, but it is notable that this paper of record has yet to acknowledge its exceptional gullibility and propaganda service.

Hmmm,

recoiled from the devastating implication that Bulgarian agents were bound to have acted only on a signal from Moscow

Does that sound similar to anything you have read recently or have heard repeated by the out-going US president?

December 11, 2016

Jump forward now to December 11, 2016 and you can read the New York Times reporting:


“This is why I hate the term ‘we speak truth to power,’” said Mark M. Lowenthal, a former senior C.I.A. analyst. “We don’t have truth. We have really good ideas.”

Mr. Lowenthal said that determining the motives of foreign leaders — in this case, what drove President Vladimir V. Putin of Russia to order the hacking — was one of the most important missions for C.I.A. analysts. In 2002, one of the critical failures of American spy agencies was their inability to understand Saddam Hussein’s goals and motives.

A simple search reveals the internet is replete with such trash talking by the CIA, DHS, FBI and an assorted of agencies that rearrange conclusions but offer no facts in support of those conclusions.

A Final Blow as 2016 Closes

With the same credibility I would accord the now discredited NYTimes fable about Russian backing for the attempt on the life of Pope John Paul II, hacking of the Democratic National Committee at the direction of Vladimir Putin, comes this final shot from Russian hackers:

carey-460

Since the Islamic States hasn’t claimed credit, it must be those damned Russian hackers! (Caution: That is “fake news.” Carey may have been sabotaged by someone but it wasn’t Russian hackers.)

A Case For Topic Maps & Subject Identity Anyone?

I haven’t worked out the details but these repeated charades by the US government, among others, offer an opportunity to put subject identity as defined by topic maps to work for true journalists.

The particulars of any particular subject vary but they all have:

  1. Accusations sans evidence by one or more agencies of the US government
  2. Chest-thumping by the New York Times (and others) in both reporting (sic) and editorial columns
  3. Articles/editorials rely on unnamed government sources or financially interested contractors
  4. Months without any evidence but more chest-thumping by US government agencies and their familiars

When all four of those properties are found, you are at least part way to identifying yet another repetition of the attempted assassination of Pope John Paul II fable.

Although, quite honestly, it needs a catchier moniker than that one.

Suggestions?

January 1, 2017

Hoaxy (beta)

Filed under: Journalism,News,Reporting — Patrick Durusau @ 7:44 pm

Hoaxy (beta)

From the faq:

Q: What is Hoaxy?
Hoaxy visualizes the spread of claims and related fact checking online. A claim may be a fake news article, hoax, rumor, conspiracy theory, satire, or even an accurate report. Anyone can use Hoaxy to explore how claims spread across social media. You can select any matching fact-checking articles to observe how those spread as well.
Q: How does it work?
A: We track the social sharing of links to stories published by two types of websites: (1) Independent fact-checking organizations, such as snopes.com, politifact.com, and factcheck.org, that routinely fact check unverified claims. (2) Sources that often publish inaccurate, unverified, or satirical claims according to lists compiled and published by reputable news and fact-checking organizations.
Q: What does the visualization show?
A: Hoaxy visualizes two aspects of the spread of claims and fact checking: temporal trends and diffusion networks. Temporal trends plot the cumulative number of Twitter shares over time. The user can zoom in on any time interval. Diffusion networks display how claims spread from person to person. Each node is a Twitter account and two nodes are connected if a meme (link to a story) is passed between those two accounts via retweets, replies, quotes, or mentions. The color of a connection indicates the type of information: claims and fact checks. Clicking on an edge reveals the tweet(s) and the link to the shared story; clicking on a node reveals claims shared by the corresponding user. The network may be pruned for performance.
Q: Who decides what is true or not?
A: We do not decide what is true or false. Not all claims you can visualize on Hoaxy are false, nor can we track all false stories. We aren’t even saying that the fact checkers are 100% correct all the time. You can use the Hoaxy tool to observe how unverified stories and the fact checking of those stories spread on public social media. We welcome users to click on links to fact-checking sites to see what they’ve found in their research, but it’s up for you to evaluate the evidence about a claim and its rebuttal.

Interesting!

My only difficulty was in thinking of a “false story” that would be of interest to me in my day to day reading.

Who publishes false stories about XQuery or software vulnerabilities?

Ok, conceding that I take all government statements/findings, etc., as false until confirmed by someone I do trust and that vendors fall into the same camp as governments.

Those false stories aside, which rarely see contradiction in public, I don’t know what other false stories to ask about.

Can you help me?

What false stories when using Hoaxy return the best propagation graphs?

Thanks!

December 31, 2016

Guarantees Of Public Access In Trump Administration (A Perfect Data Storm)

Filed under: Government,Journalism,News,Open Access,Open Data,Open Government,Reporting — Patrick Durusau @ 3:57 pm

I read hand wringing over the looming secrecy of the Trump administration on a daily basis.

More truthfully, I skip over daily hand wringing over the looming secrecy of the Trump administration.

For two reasons.

First, as reported in US government subcontractor leaks confidential military personnel data by Charlie Osborne, government data doesn’t require hacking, just a little initiative.

In this particular case, it was rsync without a username or password, that made this data leak possible.

Editors should ask their reporters before funding FOIA suits: “Have you tried rsync?”

Second, the alleged-to-be-Trump-nominees for cabinet and lesser positions, remind me of this character from Dilbert: November 2, 1992:

pointy-end-dilbert-400

Trump appointees may have mastered the pointy end of pencils but their ability to use cyber-security will be as shown.

When you add up the cyber-security incompetence of Trump appointees, complaints from Inspector Generals about agency security, and agencies leaking to protect their positions/turf, you have the conditions for a perfect data storm.

A perfect data storm that may see the US government hemorrhaging data like never before.

PS: You know my preference, post leaks on receipt in their entirety. As for “consequences,” consider those a down payment on what awaits people who betray humanity, their people, colleagues and family. They could have chosen differently and didn’t. What more can one say?

The best of Lower Case 2016 (CJR)

Filed under: Humor,Journalism,News,Reporting — Patrick Durusau @ 2:45 pm

The best of Lower Case 2016

From the post:

IF WE HAD TO PICK ONE CJR tradition in particular that has survived and thrived in the digital age, it’s The Lower Case, our weekly look at unfortunate, cringe-worthy, or ironic headlines.

It turns out headlines can be just as awkward and occasionally inappropriate on digital stories and social-media posts, even though these days we have to catch them before a sneaky editor covers up the evidence (alas, there’s no more paper trail). Luckily, our readers continue to help us out, delivering screenshots of Lower Case offenders to our inbox at editors@cjr.org.

The editors who wrote these headlines probably would prefer a do-over, but they should take heart: All of us can all learn from headlines gone wrong, and hopefully enjoy a chuckle in the process. Here are some highlights from 2016, including classics from the archives:
…(emphasis in original)

A column you defend to friends by saying: “I read other parts of the CJR too!”

😉

Enjoy!

December 23, 2016

2017/18 – When you can’t believe your eyes

Filed under: Artificial Intelligence,Graphics,Journalism,News,Reporting,Visualization — Patrick Durusau @ 9:15 pm

Artificial intelligence is going to make it easier than ever to fake images and video by James Vincent.

From the post:

Smile Vector is a Twitter bot that can make any celebrity smile. It scrapes the web for pictures of faces, and then it morphs their expressions using a deep-learning-powered neural network. Its results aren’t perfect, but they’re created completely automatically, and it’s just a small hint of what’s to come as artificial intelligence opens a new world of image, audio, and video fakery. Imagine a version of Photoshop that can edit an image as easily as you can edit a Word document — will we ever trust our own eyes again?

“I definitely think that this will be a quantum step forward,” Tom White, the creator of Smile Vector, tells The Verge. “Not only in our ability to manipulate images but really their prevalence in our society.” White says he created his bot in order to be “provocative,” and to show people what’s happening with AI in this space. “I don’t think many people outside the machine learning community knew this was even possible,” says White, a lecturer in creative coding at Victoria University School of design. “You can imagine an Instagram-like filter that just says ‘more smile’ or ‘less smile,’ and suddenly that’s in everyone’s pocket and everyone can use it.”

Vincent reviews a number of exciting advances this year and concludes:


AI researchers involved in this fields are already getting a firsthand experience of the coming media environment. “I currently exist in a world of reality vertigo,” says Clune. “People send me real images and I start to wonder if they look fake. And when they send me fake images I assume they’re real because the quality is so good. Increasingly, I think, we won’t know the difference between the real and the fake. It’s up to people to try and educate themselves.”

An image sent to you may appear to be very convincing, but like the general in War Games, you have to ask does it make any sense?

Verification, subject identity in my terminology, requires more than an image. What do we know about the area? Or the people (if any) in the image? Where were they supposed to be today? And many other questions that depend upon the image and its contents.

Unless you are using a subject-identity based technology, where are you going to store that additional information? Or express your concerns about authenticity?

December 22, 2016

Leak Early and Often – New York Times

Filed under: Journalism,News,Reporting — Patrick Durusau @ 11:55 am

Got a confidential news tip?

From the webpage:

Do you have the next big story? Want to share it with The New York Times? We offer several ways to get in touch with and provide materials to our journalists. No communication system is completely secure, but these tools can help protect your anonymity. We’ve outlined each below, but please review any app’s terms and instructions as well. Please do not send feedback, story ideas, pitches or press releases through these channels. For more general correspondence visit our contact page.

The New York Times offers five (5) ways that offer some protection to your anonymity, depending upon your skill and what you leak.

When you leak, request posting of the raw leak within some reasonable period of time.

Government data belongs to the people, not its publisher.

« Newer PostsOlder Posts »

Powered by WordPress