post

Dept of Homeland Security Setting Up Database to Track Journalists, Bloggers & ‘Media Influencers’


The Department of Homeland Security (DHS) is doing something unprecedented for a tactical government bureau: they just released a draft request for companies to bid on their “Media Monitoring Services.” This request from DHS seeks a firm that could build them a searchable database that has the ability to monitor up to 290,000 global news sources:

Services shall enable [the DHS’s National Protection and Program’s Directorate] to monitor traditional news sources as well as social media, identify any and all media coverage related to the Department of Homeland Security or a particular event. Services shall provide media comparison tools, design and rebranding tools, communication tools, and the ability to identify top media influencers.

They’re claiming “standard practice” but DHS is NOT an intelligence service and global monitoring is what the National Security Agency performs as does the Central Intelligence Agency. WTF is DHS going to do with this sort of database? Why do they need “media influencers” and “bloggers”? The request specifically requests:

24/7 Access to a password protected, media influencer database, including journalists, editors, correspondents, social media influencers, bloggers etc.

Most troubling was their intent to have this database indicate what the coverage “sentiment” is:

[The database shall have the] ability to analyze the media coverage in terms of content, volume, sentiment, geographical spread, top publications, media channels, reach, AVE, top posters, influencers, languages, momentum, circulation.

Why am I concerned and bringing forth a story like this one? Because our Department of Homeland Security potentially has an enormous tactical advantage set forth in the Constitution that could allow them to subvert our protections under that very Constitution and our Bill of Rights. Don’t believe me or think I’m paranoid? Then read this about our Constitution and the 100-mile border zone that DHS could essentially do whatever they damn well please within, like searching our “sentiments” when within a border zone and restricting our movements if we’re deemed a threat to homeland security.

To say the shit-hit-the-fan after this release is an understatement. Here is a Google search that has articles from Forbes, Bloomberg, CBS News, CNN, Chicago Sun-Times, and a host of others. Here is a Twitter search to allow you to read thousands of tweets questioning why in the world DHS needs such a database.

Many of we “bloggers” also leapt on this story as it is clearly easier for DHS to level suspicions at us. It’s also significantly easier to intimidate an individual than it is an institution filled with journalists like CBS News or CNN.

That said, other government agencies, like the FBI, have adopted secret rules to spy on journalists who publish classified information and hunt down their anonymous sources.

While all the articles I read were questioning the ‘why’ behind having this database, DHS’ spokesperson, Tyler Q. Houlton, had this to say in response to their sh*t hitting media’s fan:

My gut tells me that the “why” behind this database is that DHS wants to have a searchable one so they can perform quick lookups for those crossing our borders, being stopped at checkpoints, and potentially for those of us who happen to be within 100 miles of any border.

I’d argue that questioning is healthy and an imperative in a democracy, and having the DHS spokesmodel suggest otherwise is disingenuous.

Read the bid yourself below or download it here:

RNBO-18-00041_SOW_-_Draft (1)
post

Is Geek Squad ‘Inadvertently’ Stumbling Across Images? They Say ‘Yep’. I call ‘Bullshit’.

Photo courtesy Electronic Frontier Foundation

Though I’ve been following this story at the Electronic Frontier Foundation’s website (see Geek Squad’s Relationship with FBI Is Cozier Than We Thought) it was today’s Ars Technica article that really got my blood boiling (see Best Buy defends practice of informing FBI about child porn it finds).

“In a statement sent to Ars on Tuesday, Best Buy wrote that it continues to “discover what appears to be child pornography on customers’ computers nearly 100 times a year. Our employees do not search for this material; they inadvertently discover it when attempting to confirm we have recovered lost customer data.”

Inadvertently? Bullshit.

While I’m the last guy to defend anyone who has child porn they’ve gathered and stored on their computer or device the big issue is this: Best Buy **must be** using forensic tools to actively search the entire hard drive — including cached images — and then Geek Squad humans ARE ACTIVELY VIEWING every .jpg, .png, or raw image on the computer or device and getting paid to do it!

Otherwise, how else could they possibly determine something is “child porn” without looking at it?

On my main computer (and external hard drives) I have nearly 50,000 images I’ve taken, scanned, or my family has taken and I’m storing them in a central location (and, before you ask, there is NO porn…child or otherwise). If you were a Geek Squad worker, there is no way you could be recovering one of my hard drives and have a clue what those images are, unless you looked at them OR had a forensic tool that enabled you to find every image on a computer or device so you could skim through them.

That EFF article had this to say about Geek Squad using forensic tools (my emphasis):

But some evidence in the case appears to show Geek Squad employees did make an affirmative effort to identify illegal material. For example, the image found on Rettenmaier’s hard drive was in an unallocated space, which typically requires forensic software to find. Other evidence showed that Geek Squad employees were financially rewarded for finding child pornography. Such a bounty would likely encourage Geek Squad employees to actively sweep for suspicious content.

Even if a computer owner inadvertently ends up on a website that has such images — by following some link and then takes their computer in for Geek Squad service — those images are in the browser cache so that person could be instantly branded a child porn lover or pedophile and turned over to the FBI. Unless you are smart enough to use FileVault on the Mac or TrueCrypt for Linux or PC and encrypt your drives (like I do), they can see anything-and-everything once recovered.

What if a rogue Geek Squad person looked at your important documents? Maybe copying down account or social security numbers, poking through email text files, or otherwise digging through all your digital files when your computer or device was in there for repair? 

Remember: Defending against illegal searches and seizures means forcing law enforcement to abide by the Constitution and get a warrant. Not pay-off or otherwise coerce a company’s employees to do the FBI’s illegal forensic for them.

Especially when everyone knows that if an illegal search and seizure is labeled an investigation in to “child porn” or “terrorism” then the stupid usually rollover and let law enforcement do whatever they want unless you, like I do, find this practice and Best Buy collusion an illegal search and seizure (especially since the FBI paid them to do it) and get mad about it and take some action.

For more see these:
post

What the Film ‘Jeremiah Johnson’ Meant to Me

When I was in high school in the early 1970s, Robert Redford’s film Jeremiah Johnson came out. Even as a teen I would oftentimes prefer living (or just being) in the wilderness than surrounded by human-made stuff, and the movie seemed to connect directly to my soul.

The movie’s meaning to me became clearer as I would watch it over-and-over-and-over again as the years have gone by. After the DVD came out in 1997 (and the BluRay in 2012 which I also own) my watching increased, especially as I traveled more, my jobs grew increasingly stressful, and I would constantly find ways to physically, mentally and spiritually escape to wilderness.

The plot is about this man, played by Robert Redford, who is a Mexican War veteran named Jeremiah Johnson. It starts out with him taking up the life of a mountain man, supporting himself in the Rocky Mountains as a trapper, and all the things that happen to him on this adventure.

But that plot description doesn’t do justice to the impact it made on me since it transported me to the mountain wilderness. It also doesn’t really zero-in on the essence of the film itself, though later on the director, Sydney Pollack, said this in a video interview:

“It’s a picture that was made as much in the editing room as it was in the shooting,” said Pollack. “It was a film where you used to watch dailies and everybody would fall asleep, except Bob and I, because all you had were these big shots of a guy walking his horse through the snow. You didn’t see strong narrative line. It’s a picture made out of rhythms and moods and wonderful performances.

THAT is the essence of the film: “a picture made out of rhythms and moods and wonderful performances” and why it connected with me. I could smell and sense the places depicted in this film and the movie filled me with a sense of peace (though native people’s struggles against the encroaching Europeans have always filled me with sadness about the injustice, and this movie depicted that well too).

The connection was so strong that in 2013, on one of my many road trips to experience places and take photos, I sidetracked to go up to Robert Redford’s Sundance resort in Utah. I’d hoped to find some of the filming locations in the nearby park, but the ranger told me that they were never publicized in order to keep people from disturbing the areas. Still, it was a place I wanted to be since the quiet, peace and serenity of this resort was evident from the moment I began walking the grounds.

So thank you Robert Redford for making this film. You, and Minnesota’s own Sigurd Olson (see Listening Point and Listening Point Part 2) are what allowed me to maintain my inner sanity during a 10-15 year span of time when I was internally struggling to “be” in wilderness while living in the hustle-and-bustle of a human-made world.

Check out the movie’s trailer:


Download a large version of the movie poster here.

post

One Word Describes the Trump Administration: Uncertainty

Image of Trump by DonkeyHotey under a CC-by-2.0 License 

There is an old adage used by investors, strategists and market watchers that “markets hate uncertainty” and the Donald Trump presidency is all about throwing grenades in to everything and creating that uncertainty. As I read, talk with senior leaders, venture capitalists and even small business owners like myself, everyone is unsure what to do next when it comes to healthcare insurance, investments, and more.

In my view Trump’s creation of uncertainty is negatively impacting markets, innovation, investment (both domestic and foreign) and is only going to get worse as his presidency continues.

Here are a few examples that have come up from the beginning of April until today:

That last bullet point is about uncertainty in healthcare, especially after the House passed the repeal of Obamacare, and how insurers, hospital and clinic systems, physicians, business leaders, and so many others are just not sure what to do next. They see how horrifically bad the GOP direction would be if passed by the Senate — and how it leaves out millions of our fellow Americans — and are on-hold until Trump and the GOP figure out what to do themselves.

Virtually everything under Trump is uncertain and his administration’s falsehoods (i.e., lies) about even small details means that any initiatives or policies Trump and his minions put forth are treated with uncertainty.

Uncertainty is my reason #2,445 why Trump is the worst thing that has ever happened to America.

post

Steve’s Security Tips For Keeping Your Stuff Private

While discussing cyber security and online safety with clients, family and friends, I’ve had several of them ask me for guidance on how to secure their communications and web activities. While a thorough examination of all the detail surrounding privacy, security, and good online habits could be the length of a book, let me give you some of the basics along with a few links to learn more.

There are several reasons you should care about whether your online, digital communications and web surfing are private:

a) Tracking: Ever wonder how Facebook knows you just shopped for Corningware at Amazon and suddenly the ads on Facebook are displaying other bakeware companies? Would you be surprised to know that nearly all websites you visit set a little digital file called a “cookie”—a file that can prove to be very beneficial most times—but that some cookies are set by third party companies that do nothing but track ALL of your website visits (and much more) everywhere? 

b) Are You Naked on Public Wifi? If you ever connect to a public Wifi hotspot, you should know that it is trivial for a Wifi hotspot to be spoofed and you might have already inadvertently connected to it! There are also packet-sniffers that can view any unencrypted traffic going back and forth between your laptop or device and the Wifi router and some blackhat hacker can view it.

Want to see how incredibly trivial it is to create a man-in-the-middle attack and spoof a Wifi hotspot? Then read this article which should scare the beejesus out of you (it did me). It’s called Maybe It’s Better If You Don’t Read This Story on Public WiFi and its tagline is this:

We took a hacker to a café and, in 20 minutes, he knew where everyone else was born, what schools they attended, and the last five things they googled.

If after you have read that article you are still logging on to public Wifi hotspots without using a VPN, please comment below and give me your argument as to why you think it’s OK to get online with public Wifi and no VPN. I’ve yet to hear a single, valid reason why someone shouldn’t connect securely.

c) Government Surveillance: You’ve undoubtedly heard about Edward Snowden who revealed the vacuum mass surveillance apparatus in place by the National Security Agency and that they’re are scooping up ALL metadata about who called whom; what websites you visit and searches you perform; what texts you send; who your Facebook/Twitter and other friends are; what photos you post; and much more.

As a preview to what might very well happen here in the U.S. under a Trump administration, a new law just passed in the United Kingdom and it will give you a taste of what is probably coming to America…and soon…and why we all need to be more diligent about our privacy and security. The UK Now Wields Unprecedented Surveillance Powers — Here’s What It Means spells out what we could expect in the US in the near future:

The UK is about to become one of the world’s foremost surveillance states, allowing its police and intelligence agencies to spy on its own people to a degree that is unprecedented for a democracy. The UN’s privacy chief has called the situation “worse than scary.” Edward Snowden says it’s simply “the most extreme surveillance in the history of western democracy.”

The legislation in question is called the Investigatory Powers Bill. It’s been cleared by politicians and granted royal assent on November 29th — officially becoming law. The bill will legalize the UK’s global surveillance program, which scoops up communications data from around the world, but it will also introduce new domestic powers, including a government database that stores the web history of every citizen in the country. UK spies will be empowered to hack individuals, internet infrastructure, and even whole towns — if the government deems it necessary.

It is also probable that both the UK and the US will take steps to ban end-to-end encryption (one reason I use more and more services outside the US) and/or legally force companies to insert backdoors in their software so law enforcement can get in to the computer or device you own, especially without having to secure one of those pesky search warrants. It’s actually a lot more ominous than that, but writing much more about it is beyond the scope of this post.

Are you scared now?

You should be. I am, and I stay abreast of all of this every, single day. Read on for some specific tips and tricks to stay safe online.

Edvard Munch’s painting The Scream…and a few scared internet users

[Read more…]

post

Steve’s 2016 Road Trip

bee-flowerJust completed another “Steve’s Road Trip” for 2016. Though I’d originally intended to head out to Rocky Mountain National Park this year, my time is limited so, once again, I headed up to the north shore of Lake Superior with my new Nikon D500 camera (which I’m in love with, by the way).

These are a handful of “keeper” photos from the several hundred I took as I experimented with the HUGE number of camera settings! The place I stay at is about three hours away so is even perfect for a weekend getaway.

Click the photo below to view the trip Flickr album or click here:

https://www.flickr.com/photos/borsch/albums/72157671994235846

post

John Oliver on Encryption

John Oliver’s show Last Week Tonight talks about the Apple/FBI controversy and that strong encryption poses problems for law enforcement, but is weakening it worth the risks it presents? It’s…complicated.

post

Seriously Minneapolis StarTribune? “U.S. security at stake as Apple defies order”

Click for an update - 4:04pm
iphone-in-handTo say I was stunned reading this editorial in this morning’s Minneapolis StarTribune is an understatement. I rarely get fired up enough to write a letter to the editor, but this time I felt compelled since they got this so wrong and I’m embarrassed for them that they published this editorial.

I just sent them my rebuttal and I reprint it below with the StarTribune’s paragraphs in italics and green. Also, since the StarTribune apparently did little-to-no research, I’ve provided them with helpful links.

Curiously the StarTribune changed the linkbait-like editorial title in the online version by toning it down, perhaps realizing that characterizing it as “Apple defies order” is wrong: National security is at stake in Apple’s faceoff with feds.

U.S. security at stake as Apple defies order

Apple Inc., the world’s largest info-tech company, now stands in defiance of a federal court order, saying it will fight attempts to force it to help the FBI crack the iPhone of a San Bernardino terrorist involved in a major attack on U.S. soil that left 14 dead and 22 injured. Apple says the government is overreaching and would be setting a dangerous precedent.

The company is wrong on both counts, but the world of encrypted information is a complex one. It is worthwhile to proceed carefully, because this could prove to be a critical showdown in the growing clash between privacy and national security.

Your editorial, “U.S. security at stake as Apple defies order” was one of the most stunningly naive positions I’ve read yet when it comes to the controversy over Apple’s stand on weakening the encryption of one, single iPhone. A weakening that would instantly open a Pandora’s box of cyber threat problems of which you are obviously clueless and seemingly dismissed out-of-hand.

First, it should be noted that the government negotiated for two months with Apple executives. When those talks fell apart, Justice Department officials turned to a federal judge, who ordered the company to create a way to bypass the security feature on the phone. The FBI had obtained a warrant to search the phone and, not incidentally, the consent of the employer that had issued the phone to Syed Rizwah Farook.

First off, it should be noted that the FBI permitted San Bernardino officials to change the password on the terrorist’s iCloud account (rebutted by FBI, now blaming official) and only then, obviously realizing their mistake, requested Apple’s help. Had they not done so Apple has stated publicly it would have been possible to obtain the shooter’s iCloud backup data. Since this mistake was made, the FBI then negotiated with Apple to recover what they could. Discovering that doing so was not possible, and subsequently failing in convincing Apple to create software to weaken iOS (the operating system that controls the iPhone and iPad) so they could break into the device without having it ‘wiped’ by its ten password attempt limit, the FBI then obtained a court order hoping to force Apple to create a method to do so.

Apple has complied with what Justice officials characterize as “a significant number” of government requests in the past, including unlocking individual phones. Apple CEO Tim Cook has become increasingly concerned about customer privacy, particularly after 2013 revelations by whistleblower Edward Snowden about massive government surveillance operations. The company has continued to tighten its security systems and decided to no longer maintain a way into individual phones. Farook’s iPhone 5c was among those with a 10-tries-and-wipe feature that essentially turns it into a brick if too many false passwords are entered. Newer operating systems employ ever-more-sophisticated security features.

The government’s authority to get private information, such as texts, photos and other stored data, through a warrant is not at issue. The key here is whether the government can compel a private company to create a means of access that the company contends will weaken its premier product.

Cook maintains that creating a “master key” to disable security on Farook’s phone ultimately would jeopardize every iPhone. With more than 100 million in use across the country, that is no small threat. There are, however, technology experts who say Apple could create a bypass — allowing for what’s called a brute force hack — without affecting other phones.

With respect to your position on Apple’s creating this sort of “bypass” for this single iPhone, all while acknowledging this is not a “small threat” for the 100 million iPhones already in existence, you then opined, “There are, however, technology experts who say Apple could create a bypass” “without affecting other phones.” This is your supposed justification for minimizing the threat of putting in a backdoor (or what you euphemistically characterize as a “bypass”) for those 100 million+ iPhones already in existence? Who are these so-called “experts” anyway?  [Read more…]

post

Seeking Meaning: Why Baby Boomers Refuse to Retire

boomers

As baby boomers my wife and I approach our “third half” of life (i.e., retirement) with both excitement and trepidation. We’re excited we’ve saved and invested so we can travel, be in a warm climate and out of Minnesota winters, and focus on those things we love best like family, friends, reading, learning, and above all, having experiences. But at the same time we’re nervous about being bored and not having a purpose and we certainly don’t want to essentially hang around until we die.

Turns out baby boomers like us are seeking meaning and are increasingly turning away from a life of leisure and instead moving toward ones filled with activity and purpose. Fast Company had this article about it today that is one of the best ones I’ve yet read about the “new” retirement and what it’s like:

How will all these aging boomers thrive in the 21st century? According to many experts on aging, it’s increasingly by staying in the workforce, at the very least on a part-time basis. As noted by Gallup in their “Many Baby Boomers Reluctant to Retire” report, “Nearly half of boomers still working say they don’t expect to retire until they are 66 or older, including one in 10 who predict they will never retire.”

So it’s not about needing money. It’s about what value we’ll bring to the world in our third half and the meaning that will instill in both of us.

Read more at Fast Company….

post

You May Never Be Able To Grab The Carrot

dangling-carrotIf you are enticed to become “a stakeholder” in a company or startup by having the stock options or warrants carrot dangled in front of you as an incentive, my own “stock options and warrants” tales of woe are a flip-side you need to hear. Especially since you’ll hear A LOT of the “You’re gonna GET RICH” from those trying to hire you or colleagues naive enough to think stock values go up automatically.

TALE #1: STOCK OPTIONS
In December of 1999 I accepted a job at Vignette, at the time the fastest growing software company in history. With the initial shares I received, and the ones I’d be granted and earn-out over four years, I began to consider the realistic possibility that I’d enjoy an options gain of $5-6M over that four year vesting period.

You know about the “dotcom” crash in March of 2000, right? I sure do because Vignette never recovered and the stock (and my initial options) tanked. Though subsequent option grants were adjusted downward, those ended up in value too. It’s been said that “you can make a lot of money on the way up and the way down” if you hang in there with a downtrending company and I did, but that money was NOT made on stock options. When I left in 2003 with thousands of fully vested shares…they all were so far ‘underwater’ that all were worthless.

Vignette_Logo_1000x288Don’t think “Oh poor Stevie…he missed out on being rich” since I’ve done all right over the years and have a wonderful family, friends, my health and (hopefully, if the economy holds) a solid retirement portfolio. Plus, my Vignette experience was a remarkably good one. I worked with lots of great people, met and hung out with a handful of executive-level customers, most of whom I’m still in touch with to this day. Went on club trips (my wife and I took our kids with us to Maui to the Four Seasons) and learned a lot playing the enterprise game at that level.

Sure would have been nice to make millions though, heh? Yes, but after a stint running strategic alliances at Lawson Software (now part of Infor), I ended up going off on my own to perform management consulting and had an opportunity with startups and young companies that gained me tens of thousands of stock warrants…ones that would surely make me rich. Or so I hoped.  [Read more…]

 

Why Do I (and why you should) Use SiteGround?

READ THIS PAGE to learn how I finally found "the one" web hosting company which
I can now absolutely endorse and use. Or learn more at SiteGround directly and sign up: