nav search
Data Centre Software Security DevOps Business Personal Tech Science Emergent Tech Bootnotes
BOFH
Lectures

* Posts by tom dial

2199 posts • joined 16 Jan 2011

No, no, you're all wrong. That's not a Kremlin agent. It's someone with 'inauthentic behavior'

tom dial
Silver badge

To a substantial degree these hearings are political theater in the style of the hearings on drugs in baseball a number of years past. That isn't to say they are entirely pointless, but only that there probably are other things on which the legislators might spend their time.

Most of the angst seems to be about the possibility that US voter might be misled by the fake news we used to call, variously, propaganda or campaign advocacy. The fact it appears the sources for some of it are Russian, Iranian, or possibly other is being used to whip up a panic and divert attention from the underlying facts that it does not differ materially from home grown BS and comprises a tiny part of it.

Under the first amendment, the government is severely limited in its authority to regulate communication. In particular, it generally cannot regulate content, truth, or presentation, and it cannot, within very broad limits, regulate advocacy of public policy or candidates for public office. Private sector actors like Facebook, Twitter, Google, and others including news media, can apply whatever editorial polices they wish, however restrictive they may be, or how distasteful they may be to some.

The cure for these excesses in the private sector is to not use or ignore them. If Google collects too much information, eliminate your Google accounts and use another search engine; if Facebook seems too intrusive, cancel or ignore it, along with Twitter, in which I can discern no socially redeeming value at all.

And finally, recognize that if the foreign propaganda and misinformation from Russia, Iran, or elsewhere truly is a threat to democratic governance, it is doomed anyway, because the voters are too uninformed and unintelligent in some combination to withstand the barrage of homegrown propaganda and misinformation that is a couple of orders of magnitude larger.

2
0
tom dial
Silver badge

Re: Sheryl Sandberg was/is considering a run for President

Cheryl Sandberg worked for about 5 years for the US Treasury Department under Secretary Larry Summers, so she has at least some possibly significant and relevant experience at a fairly high level in the executive branch of the US government. She certainly is better qualified for the presidency by experience and demeanor than the present incumbent.

That does not mean she is well-qualified, however. The average governor of a US state probably is much better qualified than either of them and, indeed, than most of those now being touted as potential 2020 candidates.

1
0

Anon man suing Google wants crim conviction to be forgotten

tom dial
Silver badge

Re: "Court records [..] are data, and opening them up is a massive benefit"

Libraries also "are not designed for returning 'faithful' results," and a thorough search of public library resources would turn up court records as well as news reports of varying degrees of accuracy and completeness as well as varying shades of yellow. Should we, then, grant a right to have things removed from library catalogs, or is Google (and presumably Yahoo, Bing, and so on) a target only because their use of technology makes it possible to do the mechanical part of a search in seconds rather than somewhere between minutes and months?

0
0

US government upends critical spying case with new denial

tom dial
Silver badge

Re: Spying on everybody but your own is Okay ?

There are, in fact, fairly extensive controls, both legal and practical. US citizens, and noncitizens within US jurisdiction, may not be targeted by US agencies without a warrant issued by a judge based on a reasonably substantial claim of probable cause to believe that he (or she) committed a crime or was about to. "Minimizations" to protect US persons - both citizens and non-citizen residents - are described generally in 50 USC 1881, implemented by extensive procedures within the NSA and Department of Justice, and overseen by the Foreign Intelligence Surveillance Court, composed of federal court judges nominated by a US president and confirmed by the US Senate. It is not clear what countries have tighter legal controls on surveillance of citizens and legal residents. In addition, while the NSA and other intelligence and law enforcement agencies have many employees and very large amounts of computing and communication equipment, only a relatively small fraction of those employees are engaged actively in surveillance and the equipment is capable of collecting and storing only a tiny fraction of all possible communication data. Both impose significant limits on the number of people who can be targeted effectively and the amount of data that can be collected, stored, queried, and analyzed.

The case at hand is about boundary issues - the circumstances in which data collected for foreign intelligence can be used for surveillance of US citizens and residents. My sense, possibly incorrect, is that the plaintiff's attorneys, expert though they may be, do not have a very strong case and are likely to lose to the government's lawyers, who also are experts in the matters at issue.

Your English usage, by the way, is entirely adequate, and in fact is better than that of a great many native speakers.

0
0
tom dial
Silver badge

Judge Gleeson's decision, linked in the article, concludes that the section 702 surveillance that captured Hasbajrami's email was lawful and consistent with the fourth amendment, and the evidence obtained from it did not need to be suppressed. He also concluded that the FISA warrants issued under other provisions of the Foreign Intelligence Surveillance Act were lawful.

The decision states fairly clearly that the government disclosed to Hasbaijrami in February 2014 that section 702 collection led to the warrants. It is not at all clear why the his attorneys would be surprised at the government's mention of that in mid-2018. It also contains a fairly lucid discussion of the relevant parts of the law at issue, 50 USC Chapter 36, along with a number of references to earlier decisions that suggest it is unlikely to be found unconstitutional.

It is of some concern that the law generally requires the judge, acting alone, to review the warrant applications and make a determination of their compliance with the law, but that is something the Congress may change if they consider it necessary or desirable.

1
0

Huawei first to preview its 7nm phone SoC – the HiSilicon Kirin 980

tom dial
Silver badge

Sounds like something I would like in a laptop PC if it can handle 16GiB or more of memory.

0
0

Defense Distributed starts selling gun CAD files amid court drama

tom dial
Silver badge

Re: No, this has nothing to do with the US First Amendment, freedom of speech

Unfortunate, misleading wording in the final sentence, which should have ended: "a considerable body of jurisprudence limits quite severely *government control over* what may be published, including plans for such things as nuclear weapons.

1
0
tom dial
Silver badge

Re: No, this has nothing to do with the US First Amendment, freedom of speech

The laws in place, however, restrict transfers. They do not prohibit manufacture of firearms. Anyone who wishes may argue that the restriction on transfer of weapons implicitly includes transfer of information useful in building them. I consider it extremely unlikely that such arguments will be successful despite the fact that the recent injunctions hint that a judge might be willing to buy them.

As for the Constitution: it is worth remembering in this context that the US Constitution limits all laws, whether federal, state, or local ordinances. And that the cities of Washington, DC (a couple of times) and Chicago, IL have been slapped down over second amendment issues, and a considerable body of jurisprudence limits quite severely what may be published, including plans for such things as nuclear weapons.

1
0
tom dial
Silver badge

Judge William Alsup, in Oracle v. Google surely exhibited common sense. It is unfortunate that the judges on the Court of Appeals for the Federal Circuit failed so miserably to do so.

0
0
tom dial
Silver badge

Re: oath.wav

"If he was a Muslim distributing the files would he still have the same rights?"

If he were a *US Person* and a Muslim, then yes, he certainly would have the same rights - as required by the first clause of the same first amendment.

3
0
tom dial
Silver badge

This dispute seems quite a lot like the attempt to prosecute Phillip Zimmerman over PGP in that, first, the cat is well out of the bag (and in this case has been for years), and second, as is much clearer now than in the early 1990s, government attempts to suppress publication on the Internet violate the first amendment just as they would if publication is in a book or magazine.

Moreover, the defendants' claim that the states lack standing seems right, in that the law in question, and their substantive arguments, relate to conduct of foreign affairs, which belongs to the federal government. The probability that the states could have gotten an injunction, whether permanent, temporary, or preliminary, to suppress US distribution of the code in book form is vanishingly small and likely would remain so even if sold with a CD containing the code.

In any case, these 3D printed guns appear to be expensive but inferior substitutes for old fashioned zip guns, for which google returns "about 22,800,000 results (0.50 seconds)" when queried for plans. That, and the fact that making a gun with one's own equipment is both legal and widely possible in the US reveals the controversy to be a combination of political theater and harassment. A sensible judge might reasonably have held back from puffing it up.

11
1

Voting machine maker claims vote machine hack-fests a 'green light' for foreign hackers

tom dial
Silver badge

Re: Most Secure Voting Machine

@Allan George Dyer: Appropriate counting procedures make this misbehavior more difficult, but not necessarily impractical. You describe theory and, as far as I know UK practice, quite accurately. I described reasonably well documented US historical practice, where manual counting, when used, customarily is done by teams of election judges representing at least two political parties. As in the UK, the procedure may be witnessed by independent (i. e., non-official) observers. Skewing the count requires no more than the practical skills of a magician, and has not always been free of corruption.

Voter marked paper ballots clearly are the most transparent and easily understood way to record votes. Vote counting, whether by humans or machines has vulnerabilities. They can be mitigated and rendered less probable, but probably cannot be eliminated entirely and may sometimes affect the outcome of close elections.

2
0
tom dial
Silver badge

Re: Most Secure Voting Machine

Traditional "counting" methods include both completing ballots when the voter skipped an office or voted for fewer candidates than allowed and (probably much more often) invalidating voters' choices (by marking additional boxes or bubbles) when they made "mistakes."

It is convenient if everyone is forced to use the same marking instrument (pencils often are preferred because a voter can correct a misplaced mark rather than enduring the fairly significant hassle of having the election judges cancel and issue a replacement ballot. Use of a variant marker will insure, at most, the security of a single ballot; corrupt ballot counters will simply omit it from their correction activities.

4
1

Don't let Google dox me on Lumen Database, nameless man begs

tom dial
Silver badge

Indeed. The lumendatabase url resolves to an address in a direct allocation to Harvard University, for which all identified contacts have harvard.edu email addresses.

4
0

Net neutrality freaks furious over lack of fury at FCC hearing

tom dial
Silver badge

The government funded a good deal of the technological research and development that led to the Internet. I don't think it actually had much to do with the stringing of wire or deployment of routers and the like that now comprise the Internet communication infrastructure, especially the necessary last few miles that connect houses and businesses to it.

0
0

Google Spectre whizz kicked out of Caesars, blocked from DEF CON over hack 'attack' tweet

tom dial
Silver badge

Re: Twitter should be switched off

I gave this an upvote, but only as to use by government officials* in a context in which the messages might be construed as statements of public policy. There are plenty of other ways to announce public policies and programs, nearly all of them better.

As a matter of personal liberty, individuals generally are free, and arguably should be, to say what they wish and make asses of themselves in the bargain if they are so inclined. Twitter, which as a private entity can set what standards it wishes and censor content as it pleases, rightly or wrongly has chosen to leave the platform quite open, providing them a very convenient vehicle for that.

Corporations, as private entities generally should be able to behave similarly to natural persons within various legal constraints imposed by such things as securities laws and regulations. Both corporations and individuals, of course, often would be wiser than it sometimes appears they are to suppress the urge to tweet.

* and we all can think of at least one government official who violates this without apparent end.

2
0

Funnily enough, no, infosec bods aren't mad keen on W. Virginia's vote-by-phone-app plan

tom dial
Silver badge

Re: Old fashioned

In most US states there are provisions to accommodate issues like address and (minor) name mismatch. Usually these are handled by allowing the voter to submit a provisional ballot, subject to after-election verification. Sometimes provisional votes are counted only if there are enough of them that they might change the outcome (e. g., 100 provisional ballots in an election contest where a losing candidate would win by receiving all of them). The real issue with this is that it could increase congestion at voting locations, doubt about election integrity and result in discouraged voters leaving the queue before casting a ballot.

The second paragraph appears to require setting up an entire bogus voting location complete with imitation officials, flags, ballots, equipment, and so on. The probability that such a thing would go unnoticed for more than an hour after the official start of voting is approximately zero, and notice would be followed quickly by shutdown, arrests, and publicity. It would, of course, have no effect on the increasingly common practice of voting by mail.

3
0
tom dial
Silver badge

Re: Old fashioned

Vote twiddling in its many various forms never has been limited by political party or preference. In the US it typically it has been practiced by those in office upon those interested in replacing them. There have been exceptions, and it may be different in other countries, but I have not seen reports of that and consider it unlikely.

2
0

DEF CON plans to show US election hacking is so easy kids can do it

tom dial
Silver badge

There is no "national democratic infrastructure" for US elections. Anyone who thinks there is, is simply wrong. There is a hodgepodge of 50 state secretaries of state, hundreds of county or other regional boards of election, and probably several dozen commercial vendors of equipment and software used to record and count votes, record voter registrations and maintain voter registration information, and assist in management of election day precinct operations. Some of the software involved might well have been developed by state or local government IT personnel with varying skills operating under management of varying quality. The 51 top-level election officials (assuming the District of Columbia, although not a state, also has one) vary in their management skills and understanding of the IT and other issues involved, may or may not have capable advice from their staffs, and may just possibly be affected by political considerations, since the great majority of them are statewide elected officials.

The time for panic, as well as the time for providing resources to firm up security of this rather messy infrastructure, so called, is long past. At this point, three months before election day, it is too late to make more than minor changes to either the equipment and software or the procedures to be used for the upcoming election. All in all, it is a bit of a mess.

The good news, if any, is that in many places, perhaps most, no more than minor changes are necessary to ensure relatively smooth operation, and there probably is time to make them without a lot of additional public expense. For instance:

Isolate registration data to be used for official purposes from the Internet as much as possible; back it up early and often, not to the cloud; and guard it well. Use printed copies for precinct level voter verification (essentially eliminating the risk that programs used for the purpose are corrupted).

Monitor Internet connected services for unauthorized activity. Solicit, and hopefully obtain, monitoring by the federal government to augment local monitoring.

Insist on hand or courier delivery of firmware/software updates for equipment used in connection with election operations, and on appropriate checksums, manually verified after delivery by election officials representing several political parties.

Control and establish a manual audit trail of all access to equipment and software used in election management and operations. As a minimum requirement, cover access ports with serial numbered seals that cannot be removed without destruction whenever they are not in use, and maintain a manual paper audit record of the serial numbers used for each system, either by or witnessed by several officials not all of whom are of the same political party. Removal and replacement of seals for authorized port access to be similarly witnessed and placement of new seals similarly recorded with each access to a port. Optionally, dispense with such seals and disable ports not required for operation or maintenance by relatively permanent means like filling them with epoxy filler.

Double down on warnings to all election personnel about social engineering (and hope against the available evidence that they pay attention and act appropriately).

None of these is very costly to implement and many of them probably already are used in various places. Collectively, they would go quite a ways toward mitigating the undeniable vulnerabilities of existing election systems. For now, discussion of major changes to election systems, and provision of the necessary funding, should be directed at the election cycle of 2020, which begins in under two years..

6
0

Trump 'not normal' FCC commish reveals amid Sinclair-Tribune mega-media-merger meltdown

tom dial
Silver badge

Without taking a position on any issue, I would observe that presidential pressure on the FCC and other formally independent agencies is neither new nor limited to the current president.

https://obamawhitehouse.archives.gov/node/323681

https://www.reuters.com/article/us-usa-internet-neutrality/obama-pressures-fcc-for-strong-net-neutrality-rules-idUSKCN0IU1I620141110

A broader view is at:

https://fas.org/sgp/crs/misc/presinf.pdf

It is hard to remove politics from what, by their nature, are political decisions.

7
7

Crypto gripes, election security, and mandatory cybersec school: Uncle Sam's cyber task force emits todo list for govt

tom dial
Silver badge

Re: Locking down elections

Lobbying is first amendment protected in the most obvious and fundamental sense. Bribery is not, but an implied accusation of bribery requires at least evidence of the criminal act. It almost always is hard to be sure whether campaign contributions, by far the most common referent in this context, flow to politicians because they already are known to favor the donor's position or, alternatively, because it is thought they will cause the recipient to change position (and vote) on a particular issue. In practice, it likely involves some of each, with the mix depending, among other things, on what the politician believes constituents think about particular issues (which may be distinct from what they actually believe). Including ancient and well-known practices like log rolling and spreading around of government projects further muddies things, to the point where attributing legislative voting behavior on individual votes is generally impractical. The simple model - contributions => election => legislative votes for contributors' benefit - is hard to prove except possibly in rare cases,

The fact is that elected officials stand for election, and often for reelection quite a few times after. Utah's senior senator Orrin Hatch is a fairly extreme example: first elected in 1976, he was reelected in 1982, 1988, 1994, 2000, 2006, and 2012. Given the vanishingly small number of reports of recent vote buying*, and the demonstrably rather weak relation of campaign advertising expenditure to electoral success, other factors probably determine voting behavior in many cases. Those "other factors" include political party attachment, belief about social issues that the usual suspects in campaign contribution discussions mostly don't care much about, and a large number of others, some praiseworthy and others decidedly not.

* "Vote buying" also is generally unenforceable, although traditionally considered effective Even in the old Chicago days when precinct committeemen passed out money (classically, $2, later a meal voucher) to induce voting, they trusted that the recipient's basic honesty and knowledge of the source would bring a vote for the "correct" candidate.

0
0
tom dial
Silver badge

Re: Locking down elections

In the United States, it is fairly clear that lobbying is included in the "right of the people peaceably to assemble, and to petition the Government for a redress of grievances," as it is described in the first amendment. As the cited Wikipedia article noted in passing.

0
4
tom dial
Silver badge

Re: Looming threats facing America's computer networks

The key beneficiaries of voting machines are the machine producers and the news media who get to announce election results in many cases, usually correctly, by the 10 or 11 PM news slot. Facts being what they are, waiting another half day cannot reasonably be judged harmful. Certification of results remains mired in the past and never happens sooner than a week or two after the election in any case, which allows for such things as counting provisional and late arriving absentee ballots and recounts that may be legally required or requested by candidates in close contests.

How about not using voting machines at all?

3
1

No big deal... Kremlin hackers 'jumped air-gapped networks' to pwn US power utilities

tom dial
Silver badge

Re: wtf is an Air GAP

Have another upvote for the Mencken reference. Too many people haven't read Mencken, or don't even know of him and think this sort of thing is new and different when it really is only different and only in detail.

3
0

Google Chrome: HTTPS or bust. Insecure HTTP D-Day is tomorrow, folks

tom dial
Silver badge

Re: Certified authentic malware

"[P]reventing US ISPs from injecting more ads, malware, and trackers." That would seem a good enough thing by itself, although because I run an ad blocker I am not sure how much it is a real problem at present.

2
1

Why Google won't break a sweat about EU ruling

tom dial
Silver badge

Re: Some change is inevitable

I believe the argument is that Apple do not have a monopoly on smart phones or smart phone operating systems or app stores; with around 80% market penetration for the OS, Google arguably does, so different standards apply. Google, like Apple, probably would not be in trouble if they only were doing the bundling and so on for the Pixel phones, which would be a comparable case to Apple.

Google probably should simply drop the behaviors found objectionable, knowing that in the short run it will make little difference or none. My suspicion is that that is equally true going forward for as long as nobody delivers a replacement that is better at a lower cost to device manufacturers and carriers.

3
1

Indictment bombshell: 'Kremlin intel agents' hacked, leaked Hillary's emails same day Trump asked Russia for help

tom dial
Silver badge

Re: I bet the democrats

No, we don't want a bunch of foreigners with motives we should not trust mucking about in our elections whether or not the parties put up decent candidates.

Agreed about Sanders, though; I probably would have voted for him as a Democrat, instead of Gary Johnson or Evan McMullin.

1
1
tom dial
Silver badge

Re: If voting systems are hacked and the count altered, what does a democracy do?

Those considerations are exactly why we ought to revert to systems that are transparent or can be made so after the fact, for which the most efficient solution almost surely is hand marked paper ballots, counted by machine, maybe, for quick results, audited by hand on a sample basis and, if discrepancies are found, recounted in full by multiparty teams.

There still will be issues - hanging chads are a bad memory from the 2000 election, and various techniques are known and were used somewhat commonly for a century or more before voting machines came into use. Ultimately, the questions that come up are decidable, however, and the real constraint is legal requirements for certification of results, for instance before the required date for electoral college action on a president and vice president, or date of inauguration or legislative organization. The latter are not always fixed: Al Franken, for example, was not determined to be the Senator-elect from Minnesota until June 30, 2009, nearly six months after organization of the 111th Congress to which he was elected.

As far as I can tell, the primary beneficiaries of voting machine use are the manufacturers and the TV news media, who can report many or most results on the 10 or 11 PM news election night.

1
1
tom dial
Silver badge

Re: For democracy to work...

Russian cheating can be put in one of two categories: illegal as such, and illegal only because they are not American. What Russian intelligence officers are alleged to have done in Friday's indictment falls under the Computer Fraud and Abuse Act and would be equally illegal if done by Americans. Those activities are illegal as such. Posting targeted ads on Facebook or Google, or tweets from false identities, may conflict with Facebook, Google, or Twitter terms of service, but generally is protected by the First Amendment for US citizens and legal residents and cannot be made illegal for them. The first amendment has exceptions and limitations, however, that may render some of that illegal in general (in violation of campaign finance law, for instance) and some illegal when done by foreigners, including Russians.

That said, all the alleged activities, both those listed in the Mueller's several indictments directed at Russian nationals and those (so far) only the subject of Congressional and media opprobrium, fall well within the American political tradition, in which political campaigning is not covered by a universally established set of rules and is not always gentlemanly.

1
1
tom dial
Silver badge

Re: anonymous coward

Contrary to much opinion, votes count in US elections. The rules may be a bit convoluted (e. g., the electoral college). They may deviate from some ideal (e. g., two senators from each state irrespective of population, or declining to let convicted felons vote, sometimes even by those who served their sentence in full). Most importantly, votes count only if they actually are cast.

Donald Trump was elected president because he channeled and fed back to enough voters (not just eligible-to-voters) what they already believed. Russians may have helped, by their tweets, their Facebook and other ads, and their release of stolen DNC and DCCC emails, some of which doubtless caused extreme embarrassment. In the end, because of the facts that underlie political opinion research, it will be essentially impossible to determine how much, or even in what direction, Russian dirty tricks affected the election outcome. It should be noted that nothing the Russians are alleged to have done is qualitatively different from campaign practices well enough known from years past. Doubters may wish to consider the US elections of 1972 (Nixon, Watergate), or 1800 and 1804 (Thomas Jefferson). There are other examples.

Donald Trump was elected as a Republican, to a large degree by voters who identified as Republicans. GOP "fealty to the cult-leader" is a direct result of that fact and the fact that almost all elected officials become job seekers in inverse relation to the time remaining to the next election. Those elected from districts where 2016 support for Trump was great will be very hesitant to call out Trump unless he does something that clearly and decisively offends constituents. Note that this is true almost as much for Democrats as Republicans. Unless Trump really goes far afield, we are hardly more likely to see strong, unambiguous, anti-Trump statements from the Democrats Heidi Heitkamp (D-SD) or Joe Manchin (D-WV) than from John Hoeven (R-SD) or Shelley Caputo (R-WV).

Free trade and national security and foreign policy considerations notwithstanding, Republican politicians and operatives know that in many areas it will not go well for them to oppose Trump too strenuously despite the fact that the associated policies are generally terrible and lead to nothing good in the long run. They will stand with Trump until election results free them, in many cases by installing Democrats in their place. And not a minute longer.

H. L. Mencken's Baltimore Evening Sun political reports, many available in collections, should be required reading for anyone who hopes to understand US politics. They ring as true now, six decades after his death as when written between 1920 and 1950.

1
1
tom dial
Silver badge

Re: Society Seems To Be Fragmeting or Declining in Standards

In the context of about $1,200 million (about 2/3 of it by the Democrats) the $few million the Russians spent hardly constitutes heavy funding. It was a piss in the ocean, and probably had a comparable effect.

By the time the great leakages hit, nearly everyone who ever had cared had become jaded and probably the only ones who paid it any mind were the newspersons who earn their living by stirring up controversy. The Democrats, except for the small number of Bernicrats who finally went for Jill Stein, gritted their teeth and slogged on. The Republicans, for the most part, simply received another confirmation that Hillary was the devil incarnate, which they already knew well enough anyhow; Those still capable of thought were deciding whether to pinch their noses and vote for Trump or flip and vote for Gary Johnson (or Evan McMullin here in Utah). Voting for Clinton, for nearly all of them, did not exist as an alternative.

I'm all for naming the names and laying criminal charges on the perpetrators, just as if they were home-grown and did the same thing. But the thought that they actually will be tried, or that they will be deterred from doing the same, more or less, in the future, is pretty much rubbish and everybody should recognize that.

5
4
tom dial
Silver badge

Re: Close, but too early to say how close

Useful idiots indeed, starting with Donald Trump Jr., who leaped eagerly at offer by Russians of compromising material about Clinton; George Papadopolous, trying to arrange meetings with Putin and release of DNC emails and bragging about it to the ambassador of an allied country; Carter Page, apparently on the make largely for his own benefit, with no attention to appearances; Michael Flynn, similarly inattentive to appearances and unable to wait until after the inauguration to talk to Russian officials about policy and lying about it to the FBI; and Jared Kushner, arguably the best of the lot, yet too naive to squash the little Donald's meeting and trying to arrange communication with the Russians secure from the US government. They are, and were second, third, and fourth rate political amateurs all, less competent and sophisticated than Chicago aldermen, ward leaders, and precinct captains in the Daley machine of the 1950s and 1960s. A competent political manager would have kept all of them on a short leash or not had them on staff at all.

12
1
tom dial
Silver badge

Re: Gullible?

Confirmation bias: the tendency to believe things that are consistent with what one believes already. Most of the Facebook and Twitter rubbish in what the House Democrats released fit the definition pretty well.

Otherwise pretty much on the mark. Repetition gives the appearance of truth, and origin from a source believed to have been truthful in the past gives the appearance of certain truth.

4
1
tom dial
Silver badge

Re: Shooting the messengers much?

Whether the advertising, whether flyers, mailed, tv/radio, or internet actually has much effect is something about which I suspect many in the advertising business might well be loath to discuss in depth. Advertising volume probably is not a good indicator of effectiveness.

Advertising probably is an effective way to provide notice of new or redesigned products or services, and some of the same effect may exist in politics, especially for first time candidates and lower offices, but long-standing political leanings are quite tightly bound in various ways to who we are and how we perceive ourselves, others, and the world. They are a lot harder to change than preferences for utility items and consumables. That, among other things, is a basis for the reaction to Cambridge Analytica and social media, both to campaigners who used them and the targeted recipient class. I suspect both the optimism of the former and the horror of (some of) the latter greatly exceed the actual effect, especially when one considers that all major candidates use much the same techniques and the net effect likely will be small. In the US 2016 election, the shocked, but very extensive and free media coverage probably benefited Trump more, by several orders of magnitude, than any social media interventions, whether by the campaign or by the Russians, whose effort, while similar, was at least two orders of magnitude smaller.

The alleged Russian hacking of Democratic party and campaign organizations is much more serious, although not new or particularly unusual in US politics except for being done by a foreign government. Hacking directed at government and private sector election management organizations is more serious still, and as far as I know has not been done previously in the same way, or by foreign governments. The indictments issued today, although largely symbolic, are entirely warranted, and probably should be followed up by other actions.

9
2
tom dial
Silver badge

Re: "Did the Russian intervention actually swing the final outcome ?"

The possibility that the Russian dirty tricks affected the election outcome is relevant because some fraction of the unhappy Democrats never will think otherwise, despite the fact that its probability is vanishingly small and impossible to determine anyhow. The claim will continue to be made at least through the lifetime of people born before 1995 or so.

It certainly is worth doing something about it, but indicting Russia-based GRU officers and employees seems a pretty anemic something indeed. Unfortunately, beyond strengthening computer network defenses and educating voters (who constitute a vast sea of deep political ignorance and apathy) and campaign and election phishing targets, nothing else is likely to have much effect. Educating voters is, for the most part, a lost cause, since it would require a significant uncompensated effort on their part and most of them are uninterested or they would have learned much of it in secondary school history and civics classes. Hardening the computers, networks, and users is well known to anyone in IT security to be a hard problem in which a single misstep can bring disaster.

16
2
tom dial
Silver badge

Re: Shooting the messengers much?

Indeed, far more is needed than the shouting and hand-waving on display so far. The Facebook postings published a while back were pretty unpersuasive, targeted as they were to people almost sure to support their messages. That is much like the shock and horror over the Cambridge Analytica stuff that the Republican party organization, by one report, found seriously deficient to what they already had from state public records and other commercial sources.

17
5
tom dial
Silver badge

There is quite a lot of detail in the indictment, suggesting that the FBI, CIA, and NSA all were quite busy on this during the period. That also is consistent with months-old reports that the FBI had informed the DNC of hacking from November or December 2015 and had been pretty much ignored.

I thought two things especially interesting. First, the government claims to know a lot about GRU leased servers in Arizona and Illinois, almost enough to suggest that it was watching the activity; it is to be hoped that they had a warrant if that was the case. Second, the indictment emphasizes again, and in detail, the utter cluelessness of people in the various Democratic Party organizations about IT security given the fact that they were warned well ahead of time.

One other interesting item that may be a hint of things to come is basing money-laundering charges on use of Bitcoin for payment. We might well hope that such will not become the norm. The other charges - CFAA and conspiracy - are about what we might expect for such activities.

In view of the people indicted I do not expect any of this to come to trial, although Russian GRU staff, if caught outside of Russia and convicted could be a useful commodity.

24
2

US drug cops snared crooks with pre-cracked BlackBerry mobes – and that's just the start

tom dial
Silver badge

Before going crazy paranoid over this tidbit, it would be worth knowing more about the Krokos, Wakil, et al trials. It is customary for those in the illegal drug import and wholesale business to employ competent criminal attorneys at trial, and one certainly would expect anyone in that business to know a fair amount about surveillance practice and related warrant requirements, and to question admissibility of such evidence if there was even a remote chance of getting it tossed.

The document to which the article links appears to be an application for continued and new cell surveillance of Krokos, Wakil, and a substantial number of others, containing a description of the probable cause, the scope, and the minimization procedures to be applied to screen out material unrelated to the specific investigation. It includes various references to applicable legal requirements. It is, in effect, an implicit statement that the DEA was playing fair, and of the agency policy.

Such techniques could, and doubtless will, be misused, and not only by police. Those in the business Agent Burkdoll's application described almost certainly have competitors who might be happy to supply their communication equipment. Police also might use compromised "secure" cell phones to lead them to other evidence and never try to offer the product of unwarranted phone surveillance as evidence, much like the DEA circumvented, or tried to, their use of NSA intelligence products in a number of cases. Finally, law enforcement agents sometimes will use techniques normally requiring a warrant completely outside law enforcement bounds; the NSA again provides an example in the form of employees sacked for using government time and facilities to check up on significant others, a kind of activity far from unknown in law enforcement circles as well. Unlawful use of surveillance techniques is nothing new, by either law enforcement or others. This new one is not different, and misuse will be dealt with in due course, as has been done in the past.

4
1

Hope for Hutchins, Navy sinks contractor, there's another Russian hacking scandal, and more

tom dial
Silver badge

Re: US Senate behind cyber büllsh1t

Senator Wyden and, as far as I am aware, Senator Gardner are not neocons. Interestingly, Senator Wyden is one of the chief congressional critics of the NSA; I do wonder who he thinks will proved the information they seek in their letter.

3
1

Tim? Larry? We need to talk about smartphones and privacy

tom dial
Silver badge

Re: Google will have a big get out clause

If I remember correctly, operational location service (for emergency calling) is mandatory in the US and not allowed to be turned off. Removal might not be an option either for Alphabet or for the carriers who in most cases actually control of the phone configuration provided to customers.

Laws can be changed, of course, and it would be possible to legislated restrictions on how the technology is used.

0
1

IBM fired me because I'm not a millennial, says axed cloud sales star in age discrim court row

tom dial
Silver badge

Re: lying scum are still lying

It certainly sounds possible that Langley's termination cause had a significant age component, although we haven't yet seen IBM's response to the lawsuit.

Perhaps the next reorganization-with-redundancies at IBM should be directed at their HR department; if the claims reported here are even remotely sustainable, they have failed miserably in one of their most important functions, ensuring that personnel actions comply with applicable law and can be seen to do so.

4
1

Europe's scheme to build exascale capability on homegrown hardware is ludicrous fantasy

tom dial
Silver badge
Thumb Up

Re: Europeans are dreaming

In addition to which you can measure it ahead of time and the inevitable misses and semifailures along the way can be portrayed, for a while at least, as improvements.

1
1

Rowhammer returns, Spectre fix unfixed, Wireguard makes a new friend, and much more

tom dial
Silver badge

Re: I'm supposed to believe

Before going all panicky it might be worth noting that the "685 million call records [NSA collected] over two years" covers well under 0.02% of all calls made in the US during the period.

5
1

Time to dump dual-stack networks and get on the IPv6 train – with LW4o6

tom dial
Silver badge

Re: "Where does the 4 to 6 interchange take place?"

It really does not matter whether the cable modem supplied is good or bad. The best they (e. g., Comcast, in my case) will recognize costs as much to rent for a couple of years as it does to purchase. That's for one that will do the phone as well; I suspect the case for purchase is even better for just the modem.

0
1

Reality Winner, liberty loser: NSA leaker faces 63 months in the cooler

tom dial
Silver badge

For the parents, maybe. Reality is innocent of that charge.

29
2

Software engineer fired, shut out of office for three weeks by machine

tom dial
Silver badge

Re: California

It does not appear that Mr. Diallo was dismissed, improperly or not, despite the fact that he was prevented for three weeks from performing his contractual duties. The article states that after the problem was resolved he elected to terminate the contract and seek other employment. He fairly clearly is entitled to his normal compensation for any day he tried to go to work, and probably for the entire three week period. He also ought to get a bit more, along with a public (and private) apology.

And the company needs to act to correct the system and as far as possible to ensure that such errors are not repeated, possibly including some actual employment terminations.

3
1
tom dial
Silver badge

Re: incompetence via laziness

No, "correct procedure" was not followed, even if, as is unlikely in any law-compliant organization with even halfway sensible management. Job termination is an administrative decision to be taken by a properly authorized manager. Follow-on action like account and access card cancellation might possibly be scripted, along with other matters like automatic preparation of a final check including things like severance or accrued vacation time pay if applicable.

5
1

In huge privacy win, US Supreme Court rules warrant needed to slurp folks' location data

tom dial
Silver badge

Re: Hypocrisy of dissent

African-Americans must be allowed to own nuclear weapons if, and only if, all other citizens are allowed to do so. The Fourteenth Amendment (and the Second) apply to all state governments and, by general consensus, to the federal government as well.

4
1
tom dial
Silver badge

Re: Hypocrisy of dissent

It is well documented that in the 18th century Americans generally had weapons that were the state of the art of the time, as limited by their means. When repeating rifles and revolvers became generally available in the 19th century, they had those, and when more capable firearms became available, including those with semi-automatic and automatic fire, they also had those until federal law was changed to seriously restrict (but not prohibit) automatic weapons ownership.

9
2
tom dial
Silver badge

Re: Literalist vs Living

Chief Justice Roberts almost surely will appoint FISC judges as he has in the past and as his predecessors did from the establishment of the court in 1978: from the ranks of Article III federal judges who were nominated by a president and confirmed by the Senate. The current FISC judges were appointed federal judges by presidents Ronald Reagan (1), George H. W. Bush (1), William Clinton (2), George W. Bush (5) and Barack Obama (1). We can make of that what we will, but the number may well be in line with the current population of federal judges.

1
1

The Register - Independent news and views for the tech community. Part of Situation Publishing