Writing, publishing, geekdom, and errata.

Congress Killed Your Privacy, What Next? - Step Three: Encrypt Everything

No comments
So Congress decided it's okay for ISPs to sell your personal, private information without asking you first.  And you've already taken the first, important steps of getting a VPN and then changing your DNS servers.

You should also encrypt everything.

Encrypting stuff with your browser is actually pretty easy.  First, install HTTPS Everywhere (Firefox, Chrome, Opera, Firefox for Android).  This means that all your web traffic is encrypted back and forth.

You'll also want to look at Privacy Badger and Ghostery (though the latter is owned by a private company) to eliminate silent trackers (and there's more than you think!).

Then you'll want to look at encrypting your e-mail.  This is a little more daunting task, but there's plenty of help out there.   GPG (or PGP, or OpenPGP, it's all essentially the same thing) is what you want.

There's LOTS of very complicated explainers out there.  Here's the simple idea:

I have a public key and a private key.  I can hand out my public key to everyone.  My private key I keep secret.

If you encrypt something with my public key, only my private key can decrypt it.  If I encrypt something with YOUR public key, only YOUR private key can decrypt it.

There's a lot more to it than that, but that's the basics.

Lifehacker has a really good step-by-step for setting up encryption for your email at

There's also services like ProtonMail that try to make it seamless for you, or Keybase that verifies that you're you on social media and the like.  (I'm at; please feel free to friend me there or ask for an invite.)

Finally, as a reminder, if you've got Bash, you can run the Saurian Spider in the background to pollute your web history with random links.

No comments :

Congress Killed Your Privacy, What Next? - Step Two: Change your DNS servers

No comments
So your browsing history and more can now (unless Trump does something unexpected) be sold by your ISP without them needing your consent.

The first thing you should do is find (and use!) a VPN.  Sometimes that isn't feasible, or is beyond your technical prowess.  Fair enough.  Changing your DNS servers, though, is a fairly simple matter.  (If you know what you're doing and want the DNS server addresses, skip to the bottom.)

If you don't know, DNS is pretty much the "address book" of the internet.  Most ISPs modems and routers default to giving you their DNS servers.  To strain the analogy a little bit, that's like your computer or phone calling their operator every time you look up anything online.  Giving them that data literally gives them a record of everywhere you've decided to point your web browser.  Also, it makes it really easy to censor the internet when you control the "address book".

Finally, changing your DNS server might speed up your internet a bit, so yay!

If you're using a VPN, you're probably already using their DNS servers, so you're covered.

If you're mostly worried about speed, you can check out the Namebench tool at

Often, people just talk about Google's public DNS or the OpenDNS system (now owned by Cisco).  There's other offerings that don't log or censor your DNS request. seems to be a good offering as well as Free.DNS's open free, and public offerings.  You might also want to check out the OpenNIC project, which I just learned about while researching this post.

There's guides from Google, the How-To Geek, Lifewire, OpenDNS, or Greycoder to set up your system appropriately; the nice thing is that when you know the numbers to put in, whatever guide makes more sense for you will work.

IMPORTANT:  I have not included IPv6 servers below.  If you're using IPv6 please check to make sure your DNS requests aren't leaking.

IMPORTANT:  If your router or computer has more than two entries for DNS and the provider you choose only has two entries, you have these options:
  1. to fall back to your ISP DNS (DO NOT WANT!)
  2. (a non-usable IP) if you don't want to use any other servers
  3. Another DNS server of your choice (Do not duplicate one of the first two DNS's or it will default to
Google DNS servers:

OpenDNS servers:

DNS Watch Servers

Free DNS servers

OpenNIC servers

No comments :

Congress Killed Your Privacy, What Next? Step 1 - Get and Use a VPN

No comments
So Congress just killed your internet privacy.

What next?

The first - and perhaps most important - step is to learn about and use a VPN.  What's a VPN?  As Lifehacker put it:

The most important thing you need to know about a VPN: It secures your computer’s internet connection to guarantee that all of the data you’re sending and receiving is encrypted and secured from prying eyes.

Not only is this something you should be doing with your home computers, but it is definitely something you should be doing with your smartphone and laptop.  Aside from ISPs snooping on (and selling) your private information, there's plenty of tools to snag information from others who are connected to the same public wifi point.  This has been the case for a while - I wrote about it in 2012 - but it's even more urgent now.  Even if you don't care about your privacy (though I do), you want to make sure that you stay safe on public wifi points.

I personally use Private Internet Access.  I've found the service to be excellent, and like that they not only offer OpenVPN access (and apps for Android and iOS), but also support IPSec/L2TP, PPTP, and SOCKS5.  And the price is right - as low as $3.33 a month.

Yes, those are all affiliate links - but that's because I use the service.  If you don't want to use their app, the support guides are clear and well written for all the operating systems I've used.  They also have sites to test your VPN - regardless of what service you use.  You can see if your DNS is leaking your IP address, if your IPv6 settings are telling everyone where you went, or even if your e-mail tells others where you're connecting from.

Again, getting a VPN service you can trust - and using it - is one of the single most important things you can do to protect your privacy.

Check out the comparisons at PCMag and the roundup of privacy guarantees at Torrentfreak to see what services work best for you.

If you need to know why this is a big deal, check out this post:

No comments :

Scandals, Ethics, and Congresscritters: Why aren't we just impeaching everyone already?

No comments
I happened to catch CNN today just as David Nunes was refusing to recuse himself from the Russia probe.

Three things occurred to me.

1. The business ethics "training" I've had at my day job isn't all that great. But hot damn, it makes pretty clear what a conflict of interest is, and also makes it absolutely clear that a perceived conflict of interest can be as bad or worse than an actual one.  One would hope that a Congressperson leading a committee looking into wrongdoing would have better training in business ethics than me.

2. In eight years, Obama had relatively few scandals - and the ones there were (such as the "Fast & Furious" and "IRS targeting" scandals) were not ethics ones involving the actual administration. 1  While Brietbart claims that there were 18 scandals, they're including stimulus spending as a scandal as a "waste of taxpayer money". At this point, I'm hard pressed to think of a member of Trump's cabinet or inner circle that doesn't have some kind of scandal - or sheer incompetence - attached to them.  And if you're going by Brietbart's standard of "waste of taxpayer money" being a scandal, Trump's weekly golfing trips to his own resort are each and every one a scandal.

3. How long are we going to wait before calling for impeachment? How much evidence do we really need of Trump's collusion with Putin?  How many times are we really going to sit there and be outright lied to when there's literally video evidence of the lies?

Look, I know how it feels when the person you supported doesn't live up to your expectations. As much as I approved of Obama as a president, there were a good number of times that he did things I highly disapproved of.  (Drone strikes, anyone?) The temptation to circle the wagons is high. 
Maybe it's because I grew up at the end of the Cold War, but I'm really having a hard time with understanding how conservatives are okay with these ties to a foreign government - and especially when it's Russia.

It's only been a few months, and every time you turn around there's another person associated with Trump who has connections (and has lied about them - Sen. Sessions, I'm looking at you) with Russia.

Impeach the motherfucker already.

1If you're going to say "Benghazi" at me, there was no evidence of Clinton being culpable or did anything wrong. Others did, but not people in the Cabinet.

No comments :

Right-wingers want to share their views - but not be associated with those who have the same views

No comments
The right-wing attempts to suppress views they don't like isn't just being done by shutting down talk show hosts

It's also being done on college campuses in a stunningly hypocritical fashion.

You've probably heard rumblings about this, but it's hard to actually see examples of how the right-wing wants to control speech.  But this exchange happened online, showing exactly how hypocritical the arguments are, and how they're clumsily trying to use the same tools we've used to protect minorities.

Here's what happened first:  A college student said she's afraid of being stereotyped because she's a Republican in college.

...which already should have you scratching your head. "I'm afraid of being labeled as or associated with other people who have the same views I do when I speak about my views" is a tortured bit of logic.

My pal Patrick Tomlinson pointed out that our LGBT friends are genuinely afraid of being murdered.

And another student (at least, she is according to the "Daily Caller") says that fearing being murdered is a "personal problem".

My Patrick Tomlinson ripped into them at that point

It's arguable that Patrick was rude to these two self-labeled conservatives.

But we're seeing a huge metric ass-ton of hypocrisy here, and in an attempt to make it so these conservatives don't feel judged for... well, doing things like calling fearing murder a "personal problem".

Oh, and to just answer their later claim that one shouldn't feel "threatened by an opposing viewpoint", it's not the viewpoint that's threatening, it's the real-world violence that's on the rise.

Here's a quick factchecking note: Hate crimes are up by a 20% - 50% in the United States.  Source, source, source, source.  You can find more - this was just what was on the front page when I did a web search.

Oh, and then there's also this kind of relevant article:

L.G.B.T. People Are More Likely to Be Targets of Hate Crimes Than Any Other Minority Group 

This would have disappeared into the wilds of Twitter except that the Daily Caller decided to make a stink about it. (If you're not familiar with this "news" site, Ann Coulter is a columnist for them, which probably tells you all you need to know.)

This whole exchange is important, because it shows the kind of argument that conservatives are using to silence others by misusing the protections designed for minority groups.  Luckily, the "logic" here falls apart pretty quickly if you restate it clearly.

So let's summarize this again.

When told that people are genuinely (and legitimately) afraid of being murdered because of certain views, these two self-described conservatives say it's a "personal problem".

And then the students, the Daily Caller, and a bunch of commenters proceed to be super upset that a guy on Twitter called them names.

The hypocrisy is not just that they're ignoring the hate crimes and real world violence to LGBT people (and all sorts of minorities).

They're also ignoring the Bill of Rights.  It guarantees you the right to free speech. You do not have a guarantee that nobody will be upset by what you say.

Perhaps those students - along with the Daily Caller - should go back to their high school civics class.

No comments :

Should I Tell A Woman To Smile? #WhyIsThisStillBeingDone

No comments
I'm surprised this still needs to be explained, but judging from certain events and some of the comments on the Facebook post, it does.

Are you thinking of telling a woman to smile, or that she's prettier when she smiles? I've saved this Google search for your reference.

I mean, literally the entire first page of results for that question is "DON'T DO THAT."

Telling a woman to smile - especially if you tell her to smile because it makes her prettier - is a good way to tell everyone around you that you're a sexist asshat.

You're not a sexist asshat?  


The thing here is where you're dictating to someone else how they're supposed to present for your pleasure. 

If you're actually concerned about their well being, you'd ask if anything was wrong and if they wanted to talk about it.

If you like the women around you being happy, then do some shit that makes them happy and treat them like real people instead of objects.

Yes, I realize that people with good intentions have done this without realizing how much they seemed like a sexist jackass.  Here's what those people should do:



No comments :

And the winner for actually being special snowflakes goes to....

No comments
By Gage Skidmore, CC BY-SA 3.0,
Psychological projection is a psychological theory where people defend against their own impulses or qualities by denying that they have them while saying - usually quite loudly - that other people have those impulses or qualities. 

For decades now, the political right has tried to sell us the idea that being polite (you know, "political correctness") is the same as intolerance. They've tried to peddle the craptastic idea that you have to agree with someone in order to be respectful to them. They've claimed that if you don't spout the SJW line, you'll be pilloried.  (Though that didn't happen to me...)

And now we've had some pretty clear evidence that those claims are little more than psychological projection and what the far-right wing has wanted to do all along.

Take Tomi Lahren.  If you're not a right-wing watcher, you might still remember her from being on the Daily Show back in November

She's back in the news.  Tomi Lahren, when on the View, said:
I'm someone that is for limited government, so I can't sit here and be a hypocrite and say I'm for limited government, but I think that the government should decide what women do with their bodies.  Stay out of my guns, and you can stay out of my body as well.
This is important, because Ms. Lahren's point is completely internally consistent.  She's a small-government conservative (and one I disagree with on a lot of issues), who is following her libertarian ideals.  You'd think this would play well with the "small government" crowd that runs the Blaze network and currently holds political power.

But that's not the case.  Because consistently saying that government shouldn't interfere in aspects of a citizen's life means that other people might choose an abortion. And therefore, even though she didn't actually say "I think abortions are swell", she's being treated as though she has.

Look, the lack of consistency is disappointing, though predictable. I could have told her that "small government" didn't mean "reproductive freedom", just like "small government" has never meant "small military" or "small police" or "small anything that the GOP wants". 

The myth of "small government" is a lie the far right wing has been selling.

More important, though, is the message here for other conservatives and libertarians.  Not just from Beck (so much for finding commonalities, huh?), but from other "conservative" powerhouses.

Because for the longest time, we've been told that the GOP and the right-wing is a "big tent" and welcomes those who want liberty (and specifically, libertarians).  The right has tried to tell you that everyone else can't handle freedom and differences in views and opinions.

But their actions tell us a new message.

The message is this:

There is no more big tent.  There is no more commonality.  The only - only - thing that is acceptable any more is toeing the party line.  On every single point.  Parrot the party line or be silenced.

You tell me - does that sound like America?

No comments :

Brain Weasels: Jargon That Does Double Duty

No comments
There's a lot of jargon out there in relationship-land, but my absolute favorite has to be brain weasels.

The term itself is needed. It describes a specific group of feelings or reactions that aren't always grouped together. By grouping them together in this particular way, it's easier to identify the root causes of the reaction or feeling and address it directly.

Second:  It serves as a kind of safeword.

A safeword is "a word serving as a prearranged and unambiguous signal to end an activity".  The activity here are the negative feelings and reactions.  And by being a prearranged label, it can cut through whatever drama is going on in the moment and invoke that calmer time. It's a way of bringing someone out of their emotional fugue and back to clarity for a moment.

And it does all that without (linguistically) laying blame.  

Brain weasels, linguistically, are their own entities.  By naming them as something other than your sweetie, you've managed to address the problematic behavior without actually blaming the person. This allows the person doing the behavior to address the behavior themselves without having to worry about defending their ego.

No comments :

Sometimes You Can Overcorrect: Objectification Ain't The Answer To Institutional Racism

No comments
So first, let me share this video with you. It's called "Sexual Racism", and was sparked by a question on a Q/A panel:

Someone from the audience asked if having partner preferences for a certain racialized group is a form of discrimination... As if "I will only date Mexicans, is that racist?"

Their answer - in one word - was "Yes".  And I'm conflicted about that.

More after the video.

And that short answer - though it's followed up by explanation - makes me a bit uncomfortable, and not in a "challenge my assumptions" kind of way.

Because I would "Yes, and..." as an answer to that question.

Yes, I agree that racism has influenced who we are and are not attracted to.

I've noticed this in my own life: As a teenager (and overwhelmingly exposed to only white people), this was definitely true. Once I hit the wider world (and especially in the military) and was around people of many different ethnicities, that stopped being the case.

Acknowledging the unspoken social forces that shape our preferences is absolutely required. The institutional racism talked about here is definitely true and persists BECAUSE it is unexamined, or because people with good intent assume that being "deliberately racist" and "being racist" are the same thing.

So I'm in total agreement with those points.

AND... at the same time I've got two things about this video that make me uncomfortable.

First, there's a blurring between individual prejudice (and individual racism) and institutional racism that leaves some really big unanswered questions.

For example, they're largely talking about those who EXCLUDE a racial type. What about those who have a preference for a specific ethnicity? What if that preference is for a racial type that (according to the data cited, which I'm not disputing at all) is typically found "less attractive"? Wouldn't that be a good thing?

Ugh. Just writing that there's some racial types that are found "less attractive" makes me feel unclean.

Anyway, that blurring between the individual and societal also removes all the other elements in attraction, which seems to be a quick route toward further objectification.

Don't get me wrong. This video makes a compelling argument for broadening your horizons, and I completely 100% agree with that. In my own experience, I can look back at who I found "attractive" and see how that's grown, broadened, and shifted.

But that's why I've got a big "and..." attached to my agreement with this video. That shift did not occur due to objectification, but from getting to know different types of people as ... well, people.

My tastes in what qualities or features I found attractive (and - importantly - in what I did or did not find un attractive) followed the shift in who I was exposed to. It was getting to know people of different types, ethnicities, religions, sizes, and [insert quality/descriptor here] first that caused the broadening in whom I found attractive.

And that's why I'm left uncomfortable with some of the video's end exhortations. Sure, don't set racial restrictions on your dating profile. That's cool. But (for example) to "swipe right on Tinder profiles if the person's from a racialized group you'd usually pass up"? That makes me distinctly uncomfortable.

Maybe because it reminds me a little too much of a few guys I've met over the years who were - and yes, this is AMAZINGLY offensive - keeping score of what races of people they'd slept with.

While I appreciate the intent of having people broaden their horizons and not excluding people of color, I am having a hard time seeing someone going out on a date with a person they're not attracted to as anything other than an offensive trainwreck 99% of the time.

I think that's because it brings me back to the point of objectification.

Again, I agree completely with examining and challenging your assumptions. In short, if you think you're not racist and you live in this culture, you're wrong.

That goes double if you say "I'm blind to race".

I've seen the effects of it in my own life, and I agree completely that you've got to expand your circles of what types of people you're exposed to. (I need to work on this again myself.)

I also recognize that any romantic and sexual relationship requires a certain amount of objectification. To quote Dan Savage1:

The historical problem with the objectification of women wasn't that women were treated like objects, ladies, but that women weren't treated like, or allowed to be, anything else... The urge to objectify is universal, and so long as it's fairly and respectfully indulged, it's not offensive, not a problem, and not news.

But if you're going on a date with - or even signaling potential attraction to - someone simply because they're of a different ethnicity? Or worse, forcing yourself to?

I'm not so sure that's a great idea either.

1 Slightly edited because the quote deals with a specific situation, though he's said the same thing elsewhere since.

No comments :

Copy and rename all the covers of the books in your Calibre library easily.

No comments
While you shouldn't judge a book by a cover (well, maybe these), you probably enjoy the covers of many of the books in your Calibre library.  And since they're eBooks, you probably want to see some of those covers more often.

I like using covers them as the "screensaver" on my eReader, and sometimes for backdrops or lock screens on my phone.  But as nice as Calibre is, the way it stores the files makes it vaguely difficult to pull all the covers out and intelligently rename them.  It's not a big deal, but it does take up more time than it should.

My script dollop-of-book-covers aims to fix that.

It's a bash script (*nix, probably OSX) that will search your Calibre library tree, pull out all the covers, and put them in the directory of your choice while renaming them with the author and title of the book.

Oh, and if you have ImageMagick (free, cross-platform), it will resize them to whatever width and height you specify.

You can read more about how to use it and snag the script over on GitHub at

No comments :

My Show-Mashup Idea For Marvel

1 comment
I saw this publicity still from Thor: Ragnarok of Jeff Goldblum's character and... well, here's where I ended up with it.  (Marvel, feel free to steal this.  Really. I want to see this. But it's gonna be headcanon for me.)

After "The Incident" and the revelations of Asgardian technology, a brilliant scientist manages to reverse engineer bits of it... y'know, like what happened in Independence Day when aliens showed up. 

This isn't exactly new territory - Agents of SHIELD has been mucking about with alien tech for its whole run one way or another.

But we're just getting started.

See, our Goldblum-esque scientist doesn't just reverse engineer any old Asgardian tech.  They reverse engineer Bifrost tech.  

One of my favorite bits of Agents of SHIELD lately was when they were offworld. It was cool. It was bringing new realms into the show instead of just being a way to introduce other characters (Yes, I really loved the Ghost Rider in the show, but that's an exception.)  You've probably already figured out where I'm going with this.  Rather than a one-off alien rando teleporter macguffin, I want them to reverse engineer this:

You might think the portal they already had in Season 3 means they've traveled this road already, but with the addition of the Darkhold, this plants the possibility of a portal not just to ONE location, but a gate like the ones from Stargate.

And then, my friends... then things could get really interesting.  You can have whatever kind of shows you want - exploration, sociological, overarching conspiracies... plus the regular AoS stories we're already doing.  Plus the whole "how the hell would Asgard react to this" thing.  

I know, it won't happen.  But still, it'd be cool, wouldn't it?

Or maybe I just miss SG:U.  

1 comment :

Are You Built For Monogamy, Or Should You Trust An Expert Outside of Their Field? (ATTN @drroshiniraj )

No comments
"Mashable Watercooler" posted a video today called "Are You Built For Monogamy?".

The whole thing is crap.

Dr. Roshini Raj (the presenter) is a board certified gastroenterologist. Which does make her an subject matter expert in her field... which is neither evolutionary biology or sociology.

This is evident when the question the video is structured around is a misuse of evolutionary science; after all, we're not built for living in cities, driving cars, or even having glasses. The hygiene hypothesis suggests that we're "built" for having a lot more germs and parasites.

Here's your tapeworm, have a nice day.

There's also a sociological blind spot that leads them straight to one big false dichotomy. Here it is (emphasis mine):
"Brain scan imaging shows that cheating of any kind can activate reward centers in the brain. But that this effect can be more pronounced in certain people. In fact there does seem to be a spectrum of behavior when it comes to monogamy, with some people being more naturally inclined to be faithful to one partner...and some people more prone to have casual encounters."
The only options Mashable finds worth mentioning - despite the casual aside of a "spectrum" - are casual flings and straight-up monogamy.

You know, American society's current "default" options.

It's like they couldn't even consider that someone could have more than one strongly bonded, faithful partner, where everything's done ethically. That's not "cheating" - that's having more than one relationship.

There's a big difference between those two. First, in terms of health alone: STI rates are lower among people who are practicing ethical non-monogamy than "cheaters". In fact, comparisons between similar populations of ethically non-monogamous people and monogamous people showed no statistically significant change in the rate of STI infections.

That doesn't mean everyone does polyamory the same way. Among the polyamorous people I know (and please know the difference between polyamorous and polygamous), there are "players". And everyone they're involved with knows this. There's also groups of varying sizes and arrangements that act more like large extended families - and are very faithful to each other and provide huge amounts of support in childcare, healthcare, and emotional needs.

But maybe using Google was too hard. I dunno.

But it's easy to find out there's alternatives besides "monogamy" and "cheating".

They could have just looked in the freaking dictionary:
polyamory: The fact of having simultaneous close romantic relationships with two or more other individuals, viewed as an alternative to monogamy, esp. in regard to matters of sexual fidelity; the custom or practice of engaging in multiple romantic relationships with the knowledge and consent of all partners concerned.
In real life, people's relationships with each other work all sorts of different ways. Some people are "born poly". Some people are interested in polyamory, and find out it doesn't work well for them.  Far more run into cheating asshats who claim to be polyamorous - the "ethical" part is not optional.  Some people are swingers. Others are asexual but romantic. Some people slide back and forth on the monogamish spectrum. Some people marry their high-school sweetheart and never have another romantic relationship in their life.

I've seen too many people too abused and suffer too much in all kinds of relationships to think that there's a uniform "best" model of relationships.

As long as your relationship(s) are helping you be your happiest and healthiest self, as long as they're allowing you to be the best possible version of yourself that you can be, who cares what you call it, or what you're supposedly "designed" for?

So, a misapplication of science, a lack of fundamental research on the topic the presentation is on, and a huge dichotomy/sociological blind spot.

Mashable calls this series "Love University".

As someone who taught a research methods class, I give them a D-.

And that's only because I'm grading on a curve.

If you are curious about what actual ethical non-monogamy (or polyamory, or whatever label you like), I'd start with Buzzfeed's video "Ask a Polyamorous Person" below. If podcasts are more your thing, PolyWeekly is a good place to start. And for a huge resource, More Than Two cannot be ignored.

No comments :

Stop Talking To Your Wiretap in 2017

No comments
Image of an Amazon Alexa with these words
People in the Sixties: The government will
wiretap your home.  People now: Hey wiretap,
can cats eat pancakes?

I saw this meme going around over the weekend.

I laughed. Then I sighed.

Because it's true.

Here's where it stops being funny or just me being paranoid. Remember, there's already a case in court determining whether or not the recordings generated by the "always on" feature can be used in a murder trial.  This isn't a new problem; we saw this with Samsung's smart TV's a few years ago.

But it wasn't until this meme that I really realized how much we were all looking at the wrong thing.

Samsung's defense was saying that information was only transmitted after the keyword was uttered...  but that's not the case across the board.  Some of the other voice recognition folks store that data anyway, and not on your home system.  For example, Google says that the data's stored, but unless you're logged in, it's kept anonymously and not tied to your account.  For services like Siri and Alexa and Google Now, simple commands might be processed on your device, but more complex answers are sent to a remote server that provides the response.  And Cortana on Windows 10 seems to be still transmitting data - of some kind -  even when disabled.

Which means that device is not only "always on", but is potentially always transmitting. Sure, sure, there's privacy policies. Hell, there's groups like the newly-founded Voice Privacy Industry Group setting up "best practices" for companies.

That's not the real problem.

It's Not Just the Developers and Big Tech

The last round of Wikileaks dumps showed that the CIA not only knew about security holes that could let them listen in on secure communications.  Oh, no, that's not supervillain enough.  The CIA knew about these security holes the day the devices and software got into the public's hands - and usually before the company in question knew about the security problem.  And they never did tell the tech companies what they'd found.

There's a reason why "white-hat" hackers release info about security holes right away.  They want problems can be solved so nobody can exploit them. Not so the CIA.  They wanted to keep listening in, and didn't think of the consequences.

As NYMag points out, this "means if the CIA knew about these exploits, you can bet other foreign and domestic actors did as well."

Yes.  That means Russia.

But "most" of those exploits were patched!

While Google and Apple are quick to reassure everyone that "most" of the CIA exploits are patched now, that doesn't mean they were patched right away.  Remember, the CIA knew about many of these before the tech companies.

And that's when we're talking about devices that get updated frequently. When you've got an older device - or one that's not from the biggest names - you may not see security updates for a long time.

While we're at it, don't forget that Internet Of Things stuff - you know, like Alexa or the single press buy buttons from Amazon. Or your CCTV. Or your printer. Or your router.  Or your modem?

Yes, Alexa (and Google Echo) get OTA updates. But the smaller devices? Heck no.  Have you ever checked to see if there was an update for your router or modem?  And if you did check, was there one?  There have been real exploits that effected routers and modems in the last three years. 

If you're starting to worry, check out for things to start checking and fixing.

But that's still not the real problem.

Spies lie professionally, remember?

Let's remember that - predating Trump - the NSA, FBI, and CIA have twisted the law (or outright lied) about spying on US citizens.  They collected everything from records of most phone calls made in the USA, an unknown (but presumably large) number of e-mails, Facebook posts, and instant messages, "massive" amounts of internet data, and finally, lots of actual phone calls.

How'd they manage that? Turns out that with a global network like the internet, it's not that uncommon for some of your traffic to go outside the country, which makes it legal for them to spy on you. And if they got a bunch of extra data too, well, that was just a big whoopsie.  TERRORISM and all that.

Oh right, new decade.  ISIL and all that.

Anyway, those didn't really require any special exploits like the ones in the last leak. Those made it easier, but the spies didn't really need it.  Because there's still one more giant problem.

The Biggest Problem

Top everything above with a big steaming pile of cooperation from your ISP.  (AT&T gets named a lot, but they weren't the only one that got outed - and that's assuming that we know about all the ones participating.)

That's the same ISP which is currently salivating.  The GOP is giving them the opportunity to sell all your browsing and personal information without bothering to ask you first, so I'm pretty sure that your ISP is ready to roll over anytime they're asked.

And probably some times before they're asked.

Let's be clear.  This is your ISP - the company that has a near-monopoly in your area - keeping track of every site you visit, then both selling it and offering that information up to people spying on you.

Sure, maybe the NSA/CIA/FBI don't have direct access to the servers at Google and Facebook and Amazon.

They don't need to.

Putting Some Locks on the Doors

There are some ways you can keep some degree of privacy. Use a VPN (I use Private Internet Access). Make sure your router and modem are updated. Follow some of the settings in the links above.  Encrypt your web communications using HTTPS Everywhere and limit tracking using Privacy Badger. Learn about encrypting your e-mail, texts, and calls. Make sure you use DNS servers like OpenDNS, Google's, or (or your VPN's if they have one - and they probably should.)  And turn off as many of the "always listening" devices and apps as you can.

In some ways, this is like having a deadbolt on a standard door. A determined attacker (or spy) will get through, no matter what you do.

But that doesn't mean we should go around leaving our doors - virtual or not - unlocked and wide open.

Got nothing to hide?

And please, for those about to say "I have nothing to hide", go read the links at the bottom of the post - and if you still think that way, just send me a copy of every e-mail, text message, and letter you've ever sent.  Add in the GPS data from your phone.  Add in every web page that you've ever visited - even in "incognito mode". 

To paraphrase Cardinal Richelieu, "If one would give me six day's full browser history of even the most honest person and I would find something in it to make them look awful."

No comments :

You Will Know Them By Thier Works: Mr. Rogers' Dream Is More Relevant Than Ever

No comments
You will know them by their works.

There are rumblings to cut the federal contributions to PBS and NPR.

During the course of my life, I've seen how PBS and NPR have had to scramble more and more for corporate funding.

And I watch the video of Mr. Rogers speaking to Sen. Pastore in 1969.

And I watch the video of his speech as he received a Lifetime Achievement Emmy award.

The important thing with that speech is this: He not only thanks those who helped him get there, but he encourages everyone else listening to do the same, right then. Rather than keep the spotlight, he makes his moment not only about the people who helped him get where he is, but about the people who helped everyone get where they are.

You will know them by their works.

I remember the half-hour long commercials cartoons. They still exist - though they're more often on branded cable networks - and still have the thinnest veneer of "educational programming" slapped on top of the sales pitch.

Both PBS and NPR are still doing the good, hard work that puts people - not sales - first. They are still carrying out Mr. Rogers' dream.

You will know them by their works.

You will know them by their desire to cut funding for public broadcasting.

You will know yourself by your support of PBS and NPR.

No comments :

The Saurian Spider - Making It A Little Harder for Your ISP to Sell Your Web History

No comments
In 2016, the FCC ruled that internet service providers had to get your permission before selling your raw browsing data .

While that wasn't hard for them to do, the Trump-led GOP is trying to remove that tiny bit of privacy.

While there's little substitute for tools such as HTTPS Everywhere, a VPN, and setting your DNS to ones other than your ISPs, I worked up a BASH script to pollute your web browsing history.

The idea is simple - by adding in random requests, your actual web browsing history is hidden among the noise and chaff.

I'm calling it the Saurian Spider (because, dinosaurs?), and you can find it at:

The script maintains a list of URLs - creating one at $HOME/.config/saurianspider.conf if needed - and retrieves them randomly at random-ish (1-30 second) intervals. Any new links it finds on those pages, it'll add to the list. It also switches the useragent between Firefox, Chrome, Opera, Opera Mini, Edge, and Internet Exploder semi-randomly as well, thus making it more difficult to filter out these requests from your legit ones.
The URL list is seeded with the current events page at Wikipedia and the "Random" page on Wikipedia; that said, it doesn't ADD links from Wikipedia or Wikimedia, as that could get really obvious, really quickly.

If you want to use your own list of URLs in a different location, the file location should be the first (and only) argument.

Depends upon/uses (most of these are GNU coreutils):
head & tail

No comments :

They want sheep, not Americans: They want to destroy your kid's education

No comments
You will know them by their works.

Do they strive to provide a better education to all people, or do they encourage ignorance?

Do they try to promote opportunity for all citizens, or do they try to remove equal opportunity in education1?

Do they make sure that the children of our nation's farmers, that our nation's children that are most in need, and the children of those who first lived here... or do they pretend that those who live in the countryside, who are First Nations, or who are homeless have nothing different about their situation than a child who lives in an affluent suburb2?

Do they make sure that children get healthy food and don't go to classes hungry, or do they want to get rid of nutritional standards for school meals3?

Do they recognize that children are individuals, and that some need more help than others, or do they want to leave those most in need of help with the fewest resources4?

Do they want to ensure that schools are held to an evidence-based interventions to fix schools with underperforming subgroups, or do they ... well, apparently not care about those children5?

House Bill 610 was introduced by  Rep. Steve King (R-IA-4) and mirrors pretty much every talking point that Betsy DeVos has ever said about the Department she now leads. And if you didn't get it, the bill clearly shows the priorities of DeVos and the administration.

It's obvious why they're doing it.  The right wing has been trying to make education a dirty word for my entire life.

They want people who don't think for themselves. They want people who they can control.

They want sheep, not Americans.

While the bill has only been introduced in the House, a Senate version must take shape and pass through both houses of Congress before it stands a chance of becoming law.

That's what makes calling BOTH your Representative and your Senator about H.R. 610 so important: Without a Senate companion bill, H.R. 610 won't ever see the light of day.

Here's a quick guide on how to find your congresspeople's phone numbers, or you can use 
or find them via Project VoteSmart.

(Helpful hint: Once you've looked it up, put them in a text file on your phone or a specific contact group. We're gonna have to keep calling a lot for a while.)

Here's a script for you to use, snagged almost wholesale from

Tell them that you not only oppose the repeal of the Elementary and Secondary Education Act of 1965 as outlined in H.R. 610's "Choices in Education Act of 2017," but that you believe the national school lunch and breakfast programs should meet basic nutritional standards. See if you can get a firm commitment from them that they will oppose such legislation if it comes before them. If they won't commit or just flat out say no, tell them you'll be calling back every day until they change their mind — and follow through on that promise, too.
And you might as well add this in:

We will know you by your works.

1 House 601, sponsored by the GOP, would do so by eliminating the Elementary and Secondary Education Act of 1965 (ESSA)
2 House 601, sponsored by the GOP, would do so by eliminating ESSA, which covers programs for struggling learners, Rural Education, classes for Native Americans, and Education for the Homeless
3 House 601, sponsored by the GOP, would do so by abolishing the Nutritional Act of 2012 (No Hungry Kids Act)
4 House 601, sponsored by the GOP, would do so by eliminating ESSA, which ensures access to accommodations on assessments, access to general education curricula,
5 House 601, sponsored by the GOP, would do so by eliminating ESSA, which requires local education agencies to provide evidence-based interventions in schools with consistently underperforming subgroups

No comments :

Don't Just Post A Heart. Support Something That Will Actually Help Stop Breast Cancer

No comments
You might have seen a friend or three of yours post a single heart icon into their social media profile (usually on Facebook). You might have done it yourself.
This is supposedly to promote "Breast Cancer Awareness Week".

Let's get this straight: There is no "Breast Cancer Awareness Week" in March. There is a day in March for triple-negative breast CA (3rd March) and International Women's Day (8th March).  There is a whole month for breast cancer; I'm pretty sure you noticed it last October.

Further, let's call this out for what it is:  A way to feel good without doing anything.  This is more inane, useless, and harmful than the clicktivism that pervades so many things. 

Posting a single icon of a heart - more on that symbol at the end - is NOT actually helping anyone.  Not. A. Single. Person.  Oh, it makes you feel like you did something... but at exactly NO effort on your part.

It also lets you feel superior, since it's an inside "code" that you are part of.  Added bonus: The especially Heathers wannabes will feel snarky and superior those who don't post the heart icon. 

So it's useless.  How is it harmful?

After breast cancer awareness became the hip thing for businesses to donate trivial amounts of money to while using cancer as an advertisement, I don't think awareness is the problem. Hell, big funding for research isn't the problem - in 2008 breast cancer funding per death outstripped every other and was still listed among the top-funded in a 2014 study.
But this little, meaningless way of checking off the "I did something about it" box distracts people from what will help women and lower breast cancer rates in the real world:

Inexpensive health care for women.

But instead of posting a heart icon, that might mean standing up for Planned Parenthood.  Because as Dr. Deborah Nucatola, senior director of medical services for Planned Parenthood, said (I'm quoting FactCheck.Org here), 
“Planned Parenthood does help women nationwide get access to mammograms,” as part of the health care services it provides to nearly 3 million persons each year. “Women rely on Planned Parenthood for referrals for and financial help with mammograms and specialized diagnostic follow-up tests (like ultrasounds and biopsies) when indicated by age, history and/or clinical breast exam.” Nucatola said that “for many women,” Planned Parenthood is their only health care provider and “thus the only way they will get a referral for a mammogram.”
Don't care about women who need Planned Parenthood? Fine.
Your fight still isn't done.  Because with the impending repeal of the ACA, it's likely that gender rating is going to come back on the scene.

You don't remember gender rating?  To quote the UPenn Public Policy Initiative:
Gender rating is the practice of charging men and women different rates for identical health services...Research conducted before the implementation of the ACA showed that women on the individual market could pay up to 1.5 times more than men for health insurance...It also showed that gender rating costs U.S. women approximately $1 billion dollars annually.
Yeah, getting rid of that crap that was part of the ACA.  Obamacare.  The thing the current administration is still adamant they're going to get rid of, and still hasn't presented any kind of replacement.

If you don't care about keeping gender rating away from our health care but care about posting a heart to social media or wearing the latest pink-ribbon fashion, you've got your priorities pretty messed up.

Look, I get it.  Cancer is fucking awful.

That's my point.

Instead of posting a contextless heart on social media and feeling good about it, ovary up and fight for something that will actually make a difference in breast cancer detection and prevention.  
Use your social media post to remind those around you that you support inexpensive health care for women.  
Use your social media profile to remind those around you that you oppose discrimination in health care pricing.

Do it in honor of International Women's Day.

Maybe posting something so political seems a little indiscreet or blunt to you.  
But it's too late if you already posted that heart to your wall.

After all, that heart symbol gets its shape from a seed pod that used to be used for birth control and reminded the Romans of nothing so much as...testicles.

No comments :

The Only Thing That Needs To Be Said About A Gay Character In Beauty And The Beast

No comments

If you somehow can accept the Stockholm syndrome of Belle, extreme punishments for a ten or eleven year old boy not talking to creepy strangers, and abuse enabling themes ("my love can change him!") of Beauty and the Beast but have a problem with a secondary character being portrayed as gay...

...then your priorities are seriously out of whack.

No comments :