Internet Curiosities

Get the highly-rated FEZ Vaporizer for over 25% off

Boing Boing -

Take a deep breath. Now exhale. Wouldn’t that whole breathing thing be a lot better with an amazing vape in your hands? How about a vape that’s specifically engineered and designed for dry leaf and crazy easy to both use and clean? You can save 28% right now when you nab this new FEZ Vaporizer that’s all that and way more. It’s about to be your new best friend and never leave your hands. Keep it on the down low, but make it high tech, that’s their motto and it might be yours soon too.

You can plug this baby into your laptop or any USB outlet to fully charge up fast. With one full battery you’ll get over two thousand puffs. That’s quite the lifespan after one plug-in. And speaking of speed, it heats right up in under sixty seconds. All those flavors you love are captured here plus that incredible aroma. The temperature controlled design is made for dry flower consumption with its wide range of heat options to match your preferences.

It’s super easy to clean so you can keep everything ship shape and looking good. Just spray with the alcohol provided and wipe it down with the cute little brush. The alloy polycarbonate is strong but super lightweight so you can tote it anywhere you go, totally discreetly in your pocket or bag. With the long lasting battery life, you’re good to go for a while. Right now you can take 28% off and even get free shipping within the continental US. Check out the link below for more details.

Right now you can get the FEZ Vaporizer for over 25% off in the Boing Boing Store.

Tattoo artist asserts copyright over customers' bodies

Boing Boing -

Solid Oak Sketches has filed copyright registrations in the tattoo designs that decorate the bodies of some of basketball's biggest stars (LeBron James, Kobe Bryant, Kenyon Martin, DeAndre Jordan, Eric Bledsoe, etc), and has sued Take-Two Software, maker of NBA 2K16 and other basketball video games, for reproducing tattoos as part of the likenesses of the players. (more…)

Kickstarting "Knights and Bikes," gorgeous, brilliant game, part Goonies, part Earthbound

Boing Boing -

https://www.youtube.com/watch?v=kNoxKxphYBE

Knights and Bikes is a fictionalised recreation of co-creator Rex Crowle's boyhood in Cornwall, riding around on his bike and pretending to be a medieval knight; Crowle and his partner Moo Yu are a powerhouse pair of game developers, part of the Little Big Planet core team, and they've tapped some fantastic artistic and musical talent to work on the game as well. (more…)

Legal pot industry already bigger than Cheeto industry

Boing Boing -

Americans spent more last year on legal marijuana than they did on Cheetos, Doritos and Funyuns combined. The Denver Post reports that the $5.4 billion total includes medical and recreational sales.

But as they also note, plenty of challenges to the industry remain. First and foremost is the vast and growing disconnect between federal policy, under which marijuana is 100 percent illegal, and laws in the states that have legalized it. Because of federal restrictions, marijuana businesses don't have access to banks. They can't take advantage of the tax breaks other industries enjoy. The threat of raids by overzealous drug cops is present, despite congressional efforts to curtail these actions.

Video emerges of Pittsburgh cop beating up teen

Boing Boing -

Only after assault charges against Pittsburgh police Sgt. Stephen Matakovich were dropped did the public get to see the video of him beating up a teenager.

The off-duty cop, working as a security guard, claimed that 19-year-old Gabriel Despres kept his hands in his pockets after being ordered to remove them and was therefore a "threat."

A judge agreed Monday that Despres was the aggressor and dismissed the charges against Matakovich, reportedly to cheers among police gathered in the courtroom.

But now the FBI plans to review the case after the video of the Nov. 28, 2015 incident outside Heinz Field was posted online.

Though Matakovich also maintained that Despres lunged at and punched him, the video shows otherwise. The grainy footage depicts Matakovich shoving Despres to the ground and launching a series of punches to his head. Despres lifts his arm at one point to shield himself from the blows, but does not appear to retaliate or resist.

It's not Matakovich's first time in the news: in 2003, he was videotaped threatening to beat up a superior officer on the Pittsburgh Police force, but was let off the hook despite protests from his own commander.

Word of the review came a day after a district judge dismissed charges against Sgt. Stephen Matakovich, a 22-year veteran, who had been accused of using unnecessary force in taking down Gabriel Despres, 20, of South Park.… District Justice Robert Ravenstahl’s decision Monday to dismiss charges of simple assault and official oppression against Sgt. Matakovich after a preliminary hearing also has drawn the attention of police watchdog groups.

Security video from Heinz Field shows Sgt. Matakovich using two hands to shove Mr. Despres to the ground and striking him several times after Mr. Despres, who admitted he had been drinking heavily, tried to get into Heinz Field to watch a WPIAL playoff game Nov. 28.

“Is it any wonder why people are hesitant to trust the police?” Elizabeth Pittinger, executive director of the Citizen Police Review Board, said Tuesday.

Cushy plea deal for Maryland Judge who had defendant tortured in court

Boing Boing -

Maryland Judge Robert Nalley pleaded guilty Monday to ordering deputies to shock a defendant with a 50,000-volt charge. Nalley, who presided over Charles County Circuit Court, reportedly agreed to a plea deal whereby he receives a year of probation.

It's not Nalley's first trouble, either: In 2010, he pleaded guilty to tampering with a vehicle after deflating the tires of a cleaning woman's car, to punish her for parking in his space. For that, he was suspended for five days without pay.

CBS News reports that he was charged with violating the victim's rights in the July 2014 stun cuff incident. The maximum sentence is a year in jail and a fine of $100,000.

During jury selection, the defendant, reading from a prepared statement, objected to Nalley's authority to conduct the proceedings. After the man repeatedly ignored Nalley's questions and his commands to stop speaking, Nalley ordered a deputy sheriff to activate a "stun-cuff" the defendant was wearing.

"Do it. Use it," Nalley said.

The defendant stopped speaking when the deputy sheriff approached him and activated the device, which administered an electric shock for about five seconds. The defendant fell to the ground and screamed and Nalley then recessed the proceedings, according to the plea deal's statement of facts.

Ars Technica's David Kravets reports that stun cuffs are the hot new thing.

[Victim/defendant Delvon L.] King eventually agreed to serve two years after withdrawing a motion for a new trial. In that motion, he said he could not adequately represent himself out of fear of being shocked again. The authorities said King was wearing a stun cuff because they said he had fled from an earlier court proceeding.

The authorities are increasingly using stun cuffs, which are about the size of a deck of cards, at detention centers and courthouses. They are made by various companies and cost around $1,900 for a device and transmitter. Some models can shock at 80,000 volts.

The judge was banned from the bench in September 2014. The Sept. 5 decision by the Maryland Court of Appeals came as the result of a request from the Maryland Office of the Public Defender following a report in The Baltimore Examiner Aug. 26, 2014 alleging Nalley told a deputy to use an electronic shock device on defendant Delvon Louis King in the courtroom July 23. … Nalley retired after a 2009 incident when he was found responsible for removing air from the tires of someone who parked in his space at the courthouse in La Plata.

He was reinstated as a 7th Judicial Circuit of Maryland encompassing all three Southern Maryland and Prince George’s County in December of last year [2013].

Vintage PC-compatible fonts

Boing Boing -

The Oldschool PC Font Resource is your one-stop shop for the fonts bundled with classic PC-compatible computers of the 80s and early 90s. It even has little reviews!

AT&T PC6300

The rebadged Olivetti M24, with its enhanced CGA-compatible video, introduced 400-line text and graphics modes for increased resolution. These supported a 8x16 character set, which was similar to the IBM MDA font, but with more of a slab serif style on the uppercase letters, and more consistent metrics for the lowercase and accented Latin characters.

This is the text mode version - in the 640x400 graphics mode, the only difference is a more rounded 'h' (identical to the IBM MDA one). The 8x8 BIOS font, on the other hand, was exactly the same as IBM's.

Here's Why Microsoft Drops a Cloud Data Center Under the Ocean

The Hacker News -

Where tech companies like Facebook and Google prefer to move their data centers to colder countries to reduce their air conditioning bill, Microsoft has come up with an even better home for data centers while cutting high energy costs for cooling them: Under the Sea.
Here's what Microsoft says:
"50% of us live near the coast. Why doesn't our data?"
Building massive data centers underwater might sound crazy, but it is exactly something Microsoft is testing with its first submarine data center, dubbed Leona Philpot.
World's First Underwater Data Center
The testing is part of Microsoft’s plan dubbed Project Natick — an ongoing research project to build and run a data center that is submerged in the ocean, which the company believes, could make data centers faster, cost-effective, environmentally friendly and easier to set up.
Leona Philpot (named after the Halo character from Microsoft's Xbox) was tested last August, when engineers placed an enormous steel capsule a kilometer off the California coast, 30 feet underwater in the Pacific Ocean.
A single datacenter computing rack was placed in an eight-foot-wide steel capsule, which was covered in around 100 sensors to monitor every aspect of the underwater conditions: pressure, humidity, and, most importantly, motion.
The test ran from August to November last year (exactly 105 days) and the engineers said it was more successful than expected.
Why Underwater Data Center?
According to Microsoft, these are the main reasons for experimenting with underwater data centers:
1. Air conditioning cost is one of the biggest pain in running data centers. Traditional data centers are believed to consume up to 3 percent of the world's electricity.
So, placing the data centers in the ocean eliminated the need for cooling and will highly cut energy costs required to cool the heat generated by the racks upon racks of servers that process and store the world's digital lives.
2. Half of the world's population is located within 200 kilometers of the coast, so placing data centers in the sea would reduce latency – the time data takes to travel from its source to customers, which simply means faster delivery of data.
3. Reduce the time to build a data center from 2 Years to 90 Days. Microsoft believes that if it can mass produce the steel capsules, the company could build data centers in just 90 days.
This would make its operations cheaper and much quicker than the time needed to set a data center up on land.
Moreover, the capsules designed by the company would also adopt new, innovative rack designs that do not even need to consider human interaction.
4. Use of Renewable Energy. The project's engineers even believe that in future, underwater data centers might be able to power themselves by renewable energy, as in this case, perhaps underwater turbines or tidal power to generate electricity.
5. Environment-Friendly. Microsoft will also be tackling environmental concerns related to underwater data centers. The company says its current underwater data center prototype emits an "extremely" small amount of heat energy into the surrounding waters.
A Few Limitations:
Data centers on land are open for IT engineers to fix issues and replace servers whenever required, but the company wants its undersea data centers to go without maintenance for years at a time.
Since Microsoft doesn't have a team of Scuba engineers, each Natick data center unit would operate for over 5 years without maintenance and then it would be dragged up to the surface to have its internal parts replaced.
Other obvious risks for submarine data centers could be saltwater that is corrosive and weather that can also be a problem, to name just two potential hurdles.
Future Of The Data Center
The company started working on this idea in 2013, but the development of a physical prototype began in 2014 and August last year with its first ever submarine data server, Leona Philpot.
Since Microsoft's Project Natick has been in its "early days," it is hard to say when underwater data centers can actually adopted. However, Microsoft has plans to design a new version of underwater data centers that's three times larger than Leona Philpot.
It is not just Microsoft; many tech companies are considering new ways of housing data. In 2013, Facebook located one of its latest state-of-the-art data centers in Luleå, the far north of Sweden, to make use of cheap, renewable energy generated by hydroelectric schemes and outside air for cooling.

Wikileak's Julian Assange Could Be Set Free On Friday by United Nation

The Hacker News -

The decision of the United Nations investigation into the Julian Assange case is set to be revealed and could order the release of Wikileaks founder on February 5.
"BREAKING: UN set to announce decision on #Assange's release on Friday,"BREAKING: UN set to announce decision on #Assange's release on Friday," Wikileaks has tweeted.
Assange has been living in the Ecuadorian embassy in London for over 3 years, after being granted political asylum by the Ecuadorian government of the South American country.Assange has been residing in the embassy since 2012 to avoid extradition:
  • First to Sweden where he is facing sexual assault allegations, which he has always denied.
  • Ultimately to the United States where he could face cyber espionage charges for publishing classified US military and diplomat documents via his website Wikileaks.

The leak of publishing secret documents has amounted to the largest information leak in United States history. The US also launched a criminal case against Assange following the leak.
However, Assange filed a complaint against Sweden and the United Kingdom in September 2014 that has been considered by the UN Working Group on Arbitrary Detention.
The decision on the case will be published on Friday, and if the group concludes that Assange is being illegally detained, the UN is expected to call on the UK and Sweden to release him.

Pocket-size gadget can detect counterfeit Viagra

Boing Boing -

The Stratio LinkSquare is small spectrometer that connects to a smartphone. This video shows the reflected light spectrum of three pills - a "fraud" Viagra pill, a generic pill, and the real thing – compared to a genuine Viagra spectrum reference.

Stratio will crowdfund the LinkSquare this year and it will sell for $200.

From MIT Technology Review:

Stratio says it eventually plans to branch out beyond pills to testing other items that can be mislabeled, like food (fish, for instance), and thinks it could be useful for consumers and companies, too.

“We’re hoping people can use this to assuage some of their fears about the things they consume,” says Leslie Grothaus, a Stratio cofounder and its head of business development and communications.

Exclusive: Snowden intelligence docs reveal UK spooks' malware checklist

Boing Boing -

“I’d tell you, but I’d have to kill you.” This is what I shout at the TV (or the Youtube window) whenever I see a surveillance boss explain why none of his methods, or his mission, can be subjected to scrutiny. I write about surveillance, counter surveillance, and civil liberties, and have spent a fair bit of time in company with both the grunts and the generals of the surveillance industry, and I can always tell when one of these moments is coming up, the flinty-eyed look of someone about play Jason Bourne.

The stories we tell ourselves are the secret pivots on which our lives turn. So when Laura Poitras approached me to write a piece for the Astro Noise book -- to accompany her show at the Whitney -- and offered me access to the Snowden archive for the purpose, I jumped at the opportunity.

Fortuitously, the Astro Noise offer coincided perfectly with another offer, from Laurie King and Leslie Klinger. Laurie is a bestselling Holmes writer; Les is the lawyer who won the lawsuit that put Sherlock Holmes in the public domain, firmly and unequivocally. Since their legal victory, they've been putting together unauthorized Sherlock anthologies, and did I want to write one for "Echoes of Holmes," the next one in line?

The two projects coincided perfectly. Holmes, after all, is the master of HUMINT, (human intelligence), the business of following people around, getting information from snitches, dressing up in putty noses and fake beards... Meanwhile, his smarter brother Mycroft is a corpulent, sedentary presence in the stories, the master of SIGINT (signals intelligence), a node through which all the intelligence of the nation flows, waiting to be pieced together by Mycroft and his enormous intellect. The Mycroft-Sherlock dynamic perfectly embodies the fraternal rivalry between SIGINT and HUMINT: Sherlock chases all around town dressed like an old beggar woman or similar ruse, catches his man and hands him over to Scotland Yard, and then reports in to Mycroft, who interrupts him before he can get a word out, arching an eyebrow and saying, "I expect you found that it was the Bohemian stable-hand all along, working for those American Freemasons who were after the Sultan's pearls, was it not?"

In 2014, I watched Jennifer Gibson from the eminent prisoners’ rights group Reprieve talking about her group's project to conduct a census of those killed by US drone strikes in Yemen and Pakistan. The CIA conducts these strikes, using SIGINT to identify mobile phones belonging to likely targets and dispatch killer drones to annihilate anything in their vicinity. As former NSA and CIA director Michael Hayden once confessed: "We kill people based on metadata."

But the CIA does not specialize in SIGINT (that's the NSA's job). For most of its existence, the CIA was known as a HUMINT agency, the masters of disguise and infiltration..

That was the old CIA. The new CIA is just another SIGINT agency. Signals Intelligence isn’t just an intelligence methodology, it’s a great business. SIGINT means huge procurements -- servers, administrators, electricity, data-centers, cooling -- while HUMINT involves sending a lot of your friends into harm's way, potentially never to return.

We are indeed in the “golden age of SIGINT”. Despite security services' claims that terrorists are "going dark" with unbreakable encryption, the spooks have done much to wiretap the whole Internet.

The UK spy agency GCHQ really tipped their hand when they called their flagship surveillance program "Mastering the Internet." Not "Mastering Cybercrime," not "Mastering Our Enemies." Mastering the *Internet* -- the very same Internet that everyone uses, from the UK's allies in the Five Eyes nations to the UK Parliament to Britons themselves. Similarly, a cursory glance at the logo for the NSA’s Special Source Operations -- the fiber-tapping specialists at the NSA -- tells the whole story.

These mass surveillance programs would likely not have withstood public scrutiny. If the NSA’s decision to launch SSO had been attended by a nightly news broadcast featuring that logo, it would have been laughed out of the room. The program depended on the NSA by telling its story to itself, and not to the rest of us. The dotcom boom would have been a very different affair if the major legislative debate of the day had been over whether to allow the surveillance agencies of Western governments to monitor all the fiber cables, and harvest every click and keystroke they can legally lay claim to, parcel it into arbitrary categories like “metadata” and “content” to decide what to retain indefinitely, to and run unaccountable algorithms on that data to ascribe secret guilt.

As a result, the entire surveillance project has been undertaken in secrecy, within the bubble of people who already think that surveillance is the answer to virtually any question. The surveillance industry is a mushroom, grown in dark places, and it has sent out spores into every corner of the Internet, which have sprouted their own surveillance regimes. While this was happening, something important was happening to the Internet: as William Gibson wrote in 2007's "Spook Country, "cyberspace is everting" -- turning inside out. Computers aren’t just the things in our bags in the trunks of our cars. Today, our cars are computers. This is why Volkswagen was able to design a car that sensed when it was undergoing regulatory inspection and changed its behavior to sneak through tests. Our implanted defibrillators are computers, which is why Dick Cheney had the wireless interface turned off on his defibrillator prior to its implantation. Everything is a networked computer.

Those networked devices are an attack surface that is available to the NSA and GCHQ's adversaries -- primarily other governments, as well as non-government actors with political ambitions -- and to garden variety criminals. Blackmailers, voyeurs, identity thieves and antisocial trolls routinely seize control over innocents' computers and attack them in every conceivable way. Like the CIA and its drones, they often don't know who their victims are: they find an exploit, write a script to find as many potential victims as possible, and harvest them.

For those who are high-value targets, this lurking insecurity is even more of a risk -- witness the recent takeover of the personal email accounts of US Director of National Intelligence James Clapper by a group of self-described teenagers who previously took over CIA Director John Brennan's email account.

This is the moment when the security services could shine. We need cyber defense and we need it badly. But for the security services to shine, they'd have to spend all their time patching up the leaky boat of networked security, while their major project for a decade and more has been to discover weaknesses in the network and its end-points and expand them, adding vulnerabilities that they can weaponize against their adversaries -- leaving these vulnerabilities wide open for their adversaries to use in attacking *us*.

The NSA and GCHQ have weaponized flaws in router operating systems, rather than telling the vendors about these flaws, leaving the world’s electronic infrastructure vulnerable to attack by the NSA and GCHQ’s adversaries. Our spies hack core routers and their adversaries' infrastructure, but they have made themselves reliant upon the continuing fragility and insecurity of the architectures common to enemy and ally alike, when they could have been making us all more secure by figuring out how to harden it.

The mission of making it as hard as possible for the enemy to attack us is in irreconcilable tension with the mission of making it as easy as possible for our security services to attack their adversaries.

There isn't a Bad Guy Internet and a Good Guy Internet. There's no Bad Guy Operating System and Good Guy Operating System. When GCHQ discovers something breakable in a computer system that Iranians depend upon, they've also discovered something amiss that Britons rely upon. GCHQ can't keep that gap in Iran's armor intact without leaving an equally large gap open in our own armor.

For my Sherlock story, I wanted to explore what it means to have a security methodology that was all attack, and precious little defense, particularly one that proceeded in secret, without any accountability or even argument from people who thought you were doing it all wrong.

The Documents

Though I reviewed dozens of unpublished documents from the Snowden archive in writing my story, I relied upon three documents, two of which we are releasing today.

First, there's the crux of my Sherlock story, drawn from a March 2010 GCHQ document titled "What's the worst that could happen?" marked "TOP SECRET STRAP 1." This is a kind of checklist for spies who are seeking permission to infect their adversaries' computers or networks with malicious software.

It's a surprising document in many regards. The first thing that caught my eye about it is the quality of the prose. Most of the GCHQ documents I've reviewed read like they were written by management consultants, dry and anodyne in a way that makes even the famously tortured prose of the military seem juicy by comparison. The story the authors of those documents are telling themselves is called something like, “Serious grownups, doing serious work, seriously.”

"What's the worst..." reads like the transcript of a lecture by a fascinating and seasoned mentor, someone who's seen all the pitfalls and wants to help you, their protege, navigate this tricky piece of the intel business without shooting yourself in the foot.

It even tells a kind of story: we have partners who help us with our malware implantation. Are they going to help us with that business in the future if their names get splashed all over the papers? Remember, there are clever people like you working for foreign governments -- they're going to try and catch us out! Imagine what might happen if one of our good friends got blamed for what we did -- or blamed us for it! Let's not forget the exploits themselves: our brilliant researchers quietly beaver away, finding the defects that the best and the brightest programmers at, say, Apple and Microsoft have left behind in their code: if you get caught, the companies will patch the vulnerabilities and we will lose the use of them forever.

On it goes in this vein, for three pages, until the very last point:

“Who will have direct access to the data resulting from the operation and do we have any control over this? Could anyone take action on it without our agreement, eg could we be enabling the US to conduct a detention op which we would not consider permissible?”

That's where the whole thing comes to something of a screeching halt. We're not talking about Tom Clancy net-wars fantasies anymore -- now we're into the realm of something that must haunt every man and woman of good will and integrity who works in the spy agencies: the possibility that a colleague or ally, operating without oversight or consequence, might descend into barbarism based on something you did.

Reading this, I thought of the Canadian officials who incorrectly told US authorities that Maher Arar, a Canadian citizen of Syrian origin was suspected of being connected to Al Qaeda.

Arar was detained by the United States Immigration and Naturalization Service (INS) during a stopover in New York on his way home from a family vacation in Tunis. The Americans, acting on incomplete intelligence from the Canadian Royal Canadian Mounted Police (RCMP), deported Arar to Syria, a country he had not visited since his move to Canada, and which does permit the renunciation of citizenship.

Arar claims he was tortured during his imprisonment which lasted almost a year, and bombarded with questions from his torturers that seemed to originate with the US security services. Finally, the Syrian government decided that Arar was innocent of any terrorist connections and let him go home to Canada. The US authorities refused to participate in the hearings on the Arar affair and the DHS has kept his family on the no-fly list.

Why did Syrian officials let him go? "Why shouldn't we leave him to go? We thought that would be a gesture of good will towards Canada, which is a friendly nation. For Syria, second, we could not substantiate any of the allegations against him," says Moustapha. He added that the Syrian government now considers Arar completely innocent.

Is this what the unnamed author of this good-natured GCHQ document meant by "a detention op which we would not consider permissible?" The Canadian intelligence services apparently told their US counterparts early on that they'd been mistaken about Arar, but when a service operates with impunity, in secret, it gets to steamroller on, without letting facts get in the way, refusing to acknowledge its errors.

The security services are a system with a powerful accelerator and inadequate brakes. They’ve rebranded “terrorism” as an existential risk to civilization (rather than a lurid type of crime). The War on Terror is a lock that opens all doors. As innumerable DEA agents have discovered, the hint that the drug-runner you’re chasing may be funding terror is a talisman that clears away red-tape, checks and balances, and oversight.

The story of terrorism is that it must be stopped at all costs, that there are no limits when it comes to the capture and punishment of terrorists. The story of people under suspicion of terrorism, therefore, is the story of people to whom no mercy is due, and of whom all cunning must be assumed.

Within the security apparatus, identification as a potential terrorist is a life sentence, a “FAIR GAME” sign taped to the back of your shirt, until you successfully negotiate a kafka-esque thicket of secretive procedures and kangaroo courts. What story must the author of this document have been telling themself when they wrote that final clause, thinking of someone telling himself the DIE HARD story, using GCHQ’s data to assign someone fair game status for the rest of their life?

Holmes stories are perfectly suited to this kind of problem. From "A Scandal in Bohemia" to "A Study in Scarlet," to "The Man With the Twisted Lip" Holmes's clients often present at his doorstep wracked with guilt or anxiety about the consequences of their actions. Often as not, Holmes's solution to their problems involves not just unraveling the mystery, but presenting a clever way for the moral question to be resolved as well.

The next document is the "HIMR Data Mining Research Problem Book," a fascinating scholarly paper on the methods by which the massive data-streams from the deep fiber taps can be parsed out into identifiable, individual parcels, combining data from home computers, phones, and work computers.

It was written by researchers from the Heilbronn Institute for Mathematical Research in Bristol, a ”partnership between the UK Government Communications Headquarters and the University of Bristol.” Staff spend half their time working on public research, the other half is given over to secret projects for the government.

The Problem Book is a foundational document in the Snowden archive, written in clear prose that makes few assumptions about the reader’s existing knowledge. It likewise makes few ethical assertions about its work, striking a kind of academic posture in which something is ”good” if it does some task efficiently, regardless of the task. It spells out the boundaries on what is and is not ”metadata” without critical scrutiny, and dryly observes that ”cyber” is a talisman -- reminiscent of ”terrorist” -- that can be used to conjure up operating capital, even when all the other government agencies are having their budgets cut.

The UK government has recognized the critical importance of cyber to our strategic position: in the Comprehensive Spending Review of 2010, it allocated a significant amount of new money to cyber, at a time when almost everything else was cut. Much of this investment will be entrusted to GCHQ, and in return it is imperative for us to use that money for the UK’s advantage.


Some of the problems in this book look at ways of leveraging GCHQ’s passive SIGINT capabilities to give us a cyber edge, but researchers should always be on the look-out for opportunities to advance the cyber agenda.


The story the Problem Book tells is of scholars who’ve been tasked with a chewy problem: sieving usable intelligence out of the firehoses that GCHQ has arogated to itself with its fiber optic taps.

Somewhere in that data, they are told, must be signatures that uniquely identify terrorists. It’s a Big Data problem, and the Problem Book, dating to 2010, is very much a creature of the first rush of Big Data hype.

For the researchers, the problem is that their adversaries are no longer identifiable by their national affiliation. The UK government can’t keep on top of its enemies by identifying the bad countries and then spying on their officials, spies and military. Now the bad guys could be anyone. The nation-state problem was figuring out how to spy on your enemies. The new problem is figuring out which people to spy on.

"It is important to bear in mind that other states (..) are not bound by the same legal framework and ideas of necessity and proportionality that we impose on ourselves. Moreover, there are many other malicious actors in cyberspace, including criminals and hackers (sometimes motivated by ideology, sometimes just doing it for fun, and sometimes tied more or less closely to a nation state). We certainly cannot ignore these non-state actors".

The problem with this is that once you accept this framing, and note the happy coincidence that your paymasters just happen to have found a way to spy on everyone, the conclusion is obvious: just mine all of the data, from everyone to everyone, and use an algorithm to figure out who’s guilty.

The bad guys have a Modus Operandi, as anyone who’s watched a cop show knows. Find the MO, turn it into a data fingerprint, and you can just sort the firehose’s output into ”terrorist-ish” and ”unterrorist-ish.”

Once you accept this premise, then it’s equally obvious that the whole methodology has to be kept from scrutiny. If you’re depending on three ”tells” as indicators of terrorist planning, the terrorists will figure out how to plan their attacks without doing those three things.

This even has a name: Goodhart's law. "When a measure becomes a target, it ceases to be a good measure." Google started out by gauging a web page’s importance by counting the number of links they could find to it. This worked well before they told people what they were doing. Once getting a page ranked by Google became important, unscrupulous people set up dummy sites (“link-farms”) with lots of links pointing at their pages.

The San Bernardino shootings re-opened the discussion on this problem. When small groups of people independently plan atrocities that don’t require complicated or unusual steps to plan and set up, what kind of data massaging will surface them before it’s too late?

Much of the paper deals with supervised machine learning, a significant area of research and dispute today. Machine learning is used in "predictive policing" systems to send cops to neighborhoods where crime is predicted to be ripening, allegedly without bias. In reality, of course, the training data for these systems comes from the human-directed activity of the police before the system was set up. If the police stop-and-frisk all the brown people they find in poor neighborhoods, then that's where they'll find most of the crime. Feed those arrest records to a supervised machine algorithm and ask it where the crime will be and it will send your officers back to the places where they're already focusing their efforts: in other words, "predictive policing" is great at predicting what the police will do, but has dubious utility in predicting crime itself.

The part of the document I was most interested in was the section on reading and making sense of network graphs. They are the kind of thing you’d use in a PowerPoint slide when you want to represent an abstraction like "the Internet". Network graphs tell you a lot about the structures of organizations, about the relative power relationships between them. If the boss usually communicates to their top lieutenants after being contacted by a trusted advisor, then getting to that advisor is a great way to move the whole organization, whether you're a spy or a sales rep.

The ability of data-miners to walk the social and network graphs of their targets, to trace the "information cascades" (that is, to watch who takes orders from whom) and to spot anomalies in the network and zero in on them is an important piece of the debate on "going dark." If spies can look at who talks to whom, and when, and deduce organizational structure and upcoming actions, then the ability to read the content of messages -- which may be masked by cryptography -- is hardly the make-or-break for fighting their adversaries.

This is crucial to the debate on surveillance. In the 1990s, there was a seminal debate over whether to prohibit civilian access to working cryptography, a debate that was won decisively for the side of unfettered access to privacy tools. Today, that debate has been renewed. David Cameron was re-elected to the UK Prime Minister's office after promising to ban strong crypto, and the UK government has just introduced a proposed cryptographic standard designed to be broken by spies.

The rubric for these measures is that spies have lost the ability to listen in on their targets, and with it, their ability to thwart attacks. But as the casebook demonstrates, a spy's-eye view on the Internet affords enormous insight into the activities of whole populations -- including high-value terrorism suspects.

The Problem Book sets up the Mycroftian counterpoint to Sherlock's human intelligence -- human and humane, focused on the particulars of each person in his stories.

Sherlock describes Mycroft as an all-knowing savant:

The conclusions of every department are passed to him, and he is the central exchange, the clearinghouse, which makes out the balance. All other men are specialists, but his specialism is omniscience.

While Sherlock is energized by his intellectual curiosity, his final actions are governed by moral consequences and empathy. Mycroft functions with the moral vacuum of a software: tell him to identify anomalies and he'll do it, regardless of why he's been asked or what happens next. Mycroft is a Big Data algorithm in human form.

The final document I relied upon in the story is one we won't be publishing today: an intercepted transcript of a jihadi chat room This document isn't being released because there were many people in that chat room, having what they thought was an off-the-record conversation with their friends. Though some of them were espousing extreme ideology, mostly they were doing exactly what my friends and I did when I was a teenager: mouthing off, talking about our love lives, telling dirty jokes, talking big.

These kids were funny, rude, silly, and sweet -- they were lovelorn and fighting with their parents. I went to school with kids like these. I was one of them. If you were to judge me and my friends based on our conversations like these, it would be difficult to tell us apart from these children. We all talked a big game, we all fretted about military adventurism, we all cursed the generals who decided that civilian losses are acceptable in the pursuit of their personal goals. I still curse those generals, for whatever it's worth. I read reams of these chat transcripts and I am mystified at their value to national security. These children hold some foolish beliefs, but they're not engaged in anything more sinister than big talk and trash talk.

Most people -- including most people like these kids -- are not terrorists. You can tell, because we're not all dead. An indiscriminate surveillance dragnet will harvest far more big talkers than bad guys. Mass surveillance is a recipe for creating an endless stream of Arars, and each Arar serves as inspiration for more junior jihadis.

In my fiction, I've always tried to link together real world subjects of social and technological interest with storytelling that tries to get into the way that the coming changes will make us feel. Many readers have accused me of prdicting the future because I've written stories about mass surveillance and whistleblowers.

But the truth is that before Snowden, there was Wikileaks and Chelsea Manning, and Bill Binney and Thomas Drake before them, and Mark Klein before them. Mass surveillance has been an open secret since the first GW Bush administration, and informed speculation about where it was going was more a matter of paying attention to the newspaper than peering into a crystal ball.

Writing a Sherlock Holmes story from unpublished leaks was a novel experience, though, one that tied together my activist, journalist and fiction writing practices in a way that was both challenging and invigorating. In some ways, it represented a constraint, because once I had the nitty-gritty details of surveillance to hand, I couldn't make up new ones to suit the story. But it was also tremendous freedom, because the mass surveillance regimes of the NSA and GCHQ are so obviously ill-considered and prone to disastrous error that the story practically writes itself.

I worry about "cybersecurity," I really do. I know that kids can do crazy things. But in the absence of accountability and independent scrutiny, the security services have turned cyberspace into a battleground where they lob weapons at one another over our heads, and we don't get a say in the matter. Long after this round of the war on terror is behind us, we'll still be contending with increasingly small computers woven into our lives in increasingly intimate, life-or-death ways. The the parochial needs of spies and the corporations that supply mustn't trump the need for a resilient electronic nervous system for the twenty first century.

Astro Noise: A Survival Guide for Living Under Total Surveillance, edited by Laura Poitras, features my story "Sherlock Holmes and the Adventure of the Extraordinary Rendition," as well as contributions from Dave Eggers, Ai Weiwei, former Guantanamo Bay detainee Lakhdar Boumediene, Kate Crawford, and Edward Snowden.

The Astro Noise exhibition is on at New York City's Whitney Museum from February 5 to May 1, 2016.

Henrik Moltke contributed research to this story.

Source documents

DV.load("https://www.documentcloud.org/documents/2699620-What-Is-the-Worst-That-Can-Happen-March-2010.js", { width: 600, height: 300, sidebar: false, container: "#DV-viewer-2699620-What-Is-the-Worst-That-Can-Happen-March-2010" }); What-Is-the-Worst-That-Can-Happen-March-2010 (PDF)
What-Is-the-Worst-That-Can-Happen-March-2010 (Text)

DV.load("https://www.documentcloud.org/documents/2699619-Problem-Book-Redacted.js", { width: 600, height: 300, sidebar: false, container: "#DV-viewer-2699619-Problem-Book-Redacted" }); Problem-Book-Redacted (PDF)
Problem-Book-Redacted (Text)

In wake of Trump slump, fans nurse conspiracy theories

Boing Boing -

You knew it would happen: Trump barely beating Rubio for second place in the Iowa Republican Caucus means that something must be up. The Washington Post reports on the conspiracy theories emerging from Cruz's unexpected victory. Top of the list: Microsoft, a major Rubio donor.

theorists pointed to failures of the Microsoft system during the night as evidence that something was funky. Because if Microsoft wanted to turn a 10 into a 20 on behalf of its favored candidate, it would need to shut down the system to do so.

By far the weirdest part of the conspiracy theory, though, is that Rubio still came in third. Rubio was predicted to come in third; Rubio came in third by less than was predicted. The theory appears to be that Microsoft switched votes from Trump to Rubio to make Trump not come in first -- but then why does that help Microsoft if they want Rubio to win? "Momentum," colorful eggs on Twitter reply, willfully ignoring that Rubio had momentum before Microsoft theoretically intervened.

The #MicrosoftRubioFraud hastag is a blast.

What would happen if the whole world went face blind?

Boing Boing -

Hello and welcome to newest addition to the Boing Boing podcast family! Flash Forward is a podcast produced and hosted by me, Rose Eveleth. Every week we really overthink what the future has in store for us. Every episode we tackle one possible (or, not so possible) future scenario — everything from a sudden ice age, to the end of antibiotic effectiveness, to a world in which contact sports are banned due to head injury — and try to work out how that future would really go down.

Today, about two percent of the population has prosopagnosia — a condition that makes them unable to remember faces. But what if we all had it? On this week’s episode, we travel to a future where nobody can recognize one another by face.

Flash Forward: RSS | iTunes | Twitter | Facebook | Web | Patreon

In the episode we discuss what causes face blindness and the tricks that people use to remember their friends. We also go through all the things that would be easier (spying, hiding) and harder (police lineups, cocktail parties) in a world where we were all faceblind.

▹▹ Full show notes

100,000 people stuck in Chinese train station

Boing Boing -

At least 100,000 people became stranded at the Guangzhou Railway Station southern China. They were trying to get a jump on Chinese New Year, which starts next week. The image above is a small portion of a photo that will send a chill down the spine of agoraphobics.

Over 100k passengers trapped in Guangzhou Railway Station on Mon, due to train delays in #SpringFestival travel rush pic.twitter.com/DcajMP3oAq

— People's Daily,China (@PDChina) February 2, 2016

From The Guardian:

Aerial photographs published by one website showed a crush of bodies snaking towards the train station through metal barricades. About 176,000 passengers had been due to pass through the station on Monday alone.

“There are too many people and it is too crowded,” one stranded passenger, who was not named, told state broadcaster CCTV.

Pages

Subscribe to debianHELP aggregator - Internet Curiosities