The Opposite of Truth

If there is a betrayal of that trust [in public organizations], there is a crime. The opposite of truth is not just a lie, the opposite of truth is chaos.

The chaos that is in danger of bringing down the institutions we depend on, to deliver justice.

The final words of fictional character, Dr Nikki Alexander (Emilia Fox), in the finale of Season 22 of the BBC Series Silent Witness. Writers Virginia Gilbert and Michael Crompton have come up with one of those most memorable of TV moments. This is right up there with ACN ‘News Night’ anchor Will McAvoys speech of why America is not the greatest country in the world, written by Aaron Sorkin.

Trump, #BREXIT, et al. All seem to be creating chaos, by undermining the institutions, through the opposite of truth.

State of the Union: Whither Afghanistan?

Tonight the President will address the nation in his second state of the nation. It’s unclear if he’ll say anything about Afghanistan, he’d be wise not to. Equally, given the President is prone to tackling sacred cows, maybe he should.

President Trump sent more troops and in his words America would stay until the “war is won”.  While not as notorious as Vietnam, Afghanistan is Americas longest war, all Presidents from Roosevelt are complicit. America had been involved  in/with Afghanistan from 1946 until the late 1970’s, as the Americans left, the Soviets arrived.

We are now negotiating with the Taliban, essentially the same deal to end the American involvement in Afghanistan, that Donald Rumsfeld turned down in 2001. Since then there has been 17-years of bloody war, costing America more than a trillion dollars, and taken the lives of more than 4,000 Americans.

Afghanistan is a country that is at the center of the world, almost exactly 10,000 miles from either coast of America. Long before the War on Terror, long before the Russians invaded Afghanistan, the Americans were there. Buoyed by their success in WWII and in an effort to counter the Soviet Union threats of expansion, in 1946 American Engineers, their wives and families started to arrive in Helmand province in unprecedented numbers, they lived in a campus that became known as “Little America“.

M-K Completes Dam Projects in AfghanistanThey worked for the worlds biggest construction company at the time, Morrison Knutson. The King of Afghanistan had bought them in to replicate what had been done in Nevada, roads, dams, canals and even a new model city. The Kings plan had been to harness the power of the giant Helmand River and turn Afghanistan into a modern society like the west. Thats when everything started to go wrong.

In an era that is long forgotten and projects that were ultimately doomed to fail, it was the first, and possibly the best example of “too big to fail”. It did, we are still paying that price today, even before the Russians invaded, America had sunk $80-million into Afghanistan.

It’s the forever war, will President Trump actually succeed, no.

REFERENCE MATERIAL

The New York Times “The Daily” covered Afghanistan yesterday(Feb 4th), disappointingly they never included anything about the whole “Little America” project. It is still one of the best summaries of what happened since the Russians invaded.

BBC NEWS has a great infographic style documentary on Helmands Golden Age from 2014 by Monica Whitlock. It is a good read and contains many pictures from Morrison Knutson engineer Glenn Fosters films. It also includes many clips of his color films, sadly they are geo-locked and not available in the US. You can though find much of the same material on Youtube. As an accompanying piece, Monica Whitlock also recorded an episode of the BBC World Service “The Documentary Podcast“, also from 2014. In an episode called “Damming Afghanistan: Lost Stories from Helmand” you can download and hear it here.

NPR has a 2012 interview with author Rajiv Chandrasekaran about his then new book, Little America – The War Within the War for Afghanistan. Entitled “A Cautionary Tale About Transforming Afghanistan”, by Greg Myre, it is online here and can be downloaded here. It includes an amazing slideshow.

The US Agency for International Development, bureaus for Program and Policy Coordination, Bureau for the Near East, have a great detail report on Afghanistan, it can be read here, in its original 1983 form.

America and Syria – the backstory

President Trump has decided, unilaterally apparently, to pull all America troops out of Syria, both surprising his Chiefs of Staff and allies.

The American story with Syria is intertwined with almost everything the west has done in the Middle East since the end of the 2nd World War.  American was the prime enabler of the Assad family rise to to power, and as everything post war seemed to be, all about fighting the rise of Communism and installing “democracy”.

Syria gained its independence in 1946 and in 1948 engaged in the Arab-Israeli war. Later in 1949, the Americans were party, or if you believe many, responsible via the emergent CIA, for the coup d’état that replaced the Syrian democracy with Husni al-Za’im, who was executed later the same year.

The Syrian story since the 2nd World War is complicated, wars, Hamas, Iran, Hezbollah. Assad senior played key roles in much of the 1980’s terrorism, before the US and especially the UK decided that their actual target in the Middle East was Gaddafi, and that they needed Assad’s Syria as an ally their upcoming war.

So, you can be surprised by President Trump’s actions, you can blame it on his trying to appease Russian leader Putin, or you can just believe that this is yet another of President Trump’s rollbacks of President Obama’s actions. Whatever you do though, don’t think American involvement in Syria is just about the defeat of ISIS.

serveimageA great read is Wilfords 2013 America’s Great Game. You can purchase the book from Amazon, you can read a book review on the Boston Globe, or this review, “Playing Both Sides” on the New York Times. better still, you can watch/listen to Wilford, here on C-Span.

Look & See – Rural America

I’ve written a number of harsh posts about those living in rural America, mostly based off the perception that is pushed by the Republican party, that is, rural Americans don’t understand, and resent urban Americans. That rural Americans are the god-fearing, backbone of America and urban and city dwellers are welfare dependents, and worse still, socialists. Certainly, the Republican party continue to push this agenda today, dividing sub-urban and rural communities from the cities.

As shown here, rural Americans claiming benefits has sky rocketed between ’96 and 2015; increasingly, the programs getting cut, adversely hit rural America harder, as rural Americans are smaller in total number; medical coverage may not “be a right” according to the Republican party, it should be a “choice”, try maintaining a community without easy access to modern healthcare; schools are also a right, without them, not only are local taxes higher, more subsidy is needed to get kids to schools outside the city. School Choice won’t save rural schools without a massive rethink.

However, rural Americans, and farmers especially, deserve another perspective. They’ve largely been screwed by the “agricultural industrial machine”. Sure, many farmers have sold out and reaped substantial profits, more though are barely getting by. There is a lot to be said about a community completely upended over the last 30-years.

Laura Dunn, Two Birds Film (Austin TX) has produced a beautifully filmed, subtle, but brilliantly edited, and panoramic, poignant portrait of the changing landscapes and shifting values of rural America in the era of industrial agriculture, as seen through the eye of American novelist, poet, and activist, Wendell Berry.

Berry represents, if not the best known defender of rural, natural America, then certainly the most eloquent. His contributions to Lauras’ other major work, The Unforseen, were the first I’d heard of him. Certainly, this profile certainly made me think again. You can watch the trailer on youtube(below) or the complete film on Netflix.

Legislating hacking/data exposure responses

I don’t know enough about the European Union General Data Protection Regulation (GDPR) but at least on basic reading it seems inadequate in meaningful individual action requirements and legislation that benefits the actual user/person whose information has been exposed.

I’ve been signed up for haveibeenpwned an excellent website by Troy Hunt. You enter your email, and it tells you what breaches your personal information has been found in.

I was going to say “if any”. But of course your data will be there, especially after breaches like the River City Media (RCM) “spammer gate” where 1.4 billion peoples’ email accounts, full names, IP addresses, and often physical address, were exposed. Suffice to say, my two primary email addresses have been exposed in more than 20-breaches.

haveibeenpwned was a great start. CapitalOne, at least among my financial providers, has stepped up the game significantly. Their creditwise arm has incorporated Credit & Identity Alerts in to the app and website. Numerous times recently I’ve received alerts, and while initially the alerts didn’t contain enough information to take action, the most recent alerts have had all the detail I needed.

Creditwise Email
Email alert from Creditwise
Creditwise Alert
via website or app

Among the websites my data has been exposed this year include:

  • linkedin.com
  • kickstarter.com
  • ticketfly.com
  • bitly.com
  • myspace.com
  • last.fm
  • zomato.com

Some of these websites did individually send emails disclosing the breach. Of these, only ticketfly had any form of financial data that might have been breached. I have all my emails from them going back to 2012. Not a single word about a data breach or other exposure of my personal data.

The same is true for more sites than not. No notification. When you login to the site to at the very least, change your password to a new unique one, they more often than not also give you no indication. For many of them it’s also nearly impossible to find out how to delete your account. In the case of ticketfly, I submitted a trouble ticket asking how to delete my account but retain tickets for future events, so far nothing but a generic ‘we’ll get back to you’ response.

It’s time for legislation about what websites/businesses are required to do when they find a data breach. They must be held accountable, and not just through financial penalties that mostly just go into government coffers.

I’d like to see at a minimum:

  1. Mandatory requirement to notify by email, and if the business has a real mail address, by mail.
  2. A default opt-out and deletion period. At discovery, if data breached includes significant personal and/or financial data, the account must be deactivated. After notification, if the business has not heard from the user whose data is breached within 14-days, and the account is not already deactivated, it should be deactivated.
  3. Recovery of a deactivated account should NOT depend on any data exposed in the breach.
  4. When the user whose data is breached logs-in to their account following notification or during account recovery, they must be presented with clear information on what data was exposed. Two, they must be given a simple option at this point to permanently delete their account.
  5. If the user opts to delete their account, any consequences of the deletion must be made obvious at that time. For example, in the case of ticketfly, where I’ve already paid for tickets to future events, those tickets must still be available to me, even after my account is deleted.

In the era of “big data” and “everything online” the only way these businesses/websites will really put privacy and security first is not fines. It’s the actual loss of the customer/user and their data. These companies are often over valued, and paying government fines is just moving magic money from one bucket to another. It has a short term impact on their profitability, their quarterly results, not much else.

Privacy: Europe vs the USA

On a day when the likelihood is you’ve been bombarded with GDPR emails from companies you’ve done business with, or just whose websites you’ve registered with, there is no better comparison of the difference between how the European Commision and the USA are dealing with our privacy.

While the new General Data Protection Regulation comes into force tomorrow (May 25th), which isn’t as many think, a reaction to the Facebook privacy scandal, the regulation which took seven years of negotiation, and will force changes in a braod range of industries, including, but not limited to technology, advertising, medicine and banking.

Here in America, we learned this month that a company called LocationSmart is buying the real time cell phone location data obtained from the country’s largest cell giants, including AT&T, Verizon, T-Mobile, and Sprint.

We only learned, because Securus, a prison technology company, who use the data from LocationSmart, had their website tested by a researcher who was able to access the cell phone location of anyone, without consent. Apparently, while the explicit selling of cell phone location data to the Government is banned/illegal, selling it otherwise is not. We don’t even know who they are selling it to, or what it is used for.

Big business is just about making a buck. In the same way as Facebook mostly didn’t care who got your data, and what they did with it, provided facebook got their money, that made it OK. The same has been true for decades for the cable and telephone, cell phone companies.

Europe vs Facebook

The questions that Zuckerberg never answered, including this:

How will you be remembered: As one the three big internet giants along with Steve Jobs and Bill Gates who have enriched our world, or as the genius who created a digital monster that is destroying our democracy and society?

https://gizmodo.com/mark-zuckerberg-played-parliament-for-fools-and-theyre-1826227452

There is no British history without the history of empire

Off the back of the British government “Winrush” scandal, The right honorable, David Lammy MP, made the following speech. It exposes the myth of immigration for many, many millions of people.

The same is true for the racial divide here in the USA. They had no choice, they didn’t want to go somewhere, they are all here, because “we” were all there. While it’s not an identical situation here in America, as much of the current immigration furore is about immigrants in the last 5o-years.

The same is essentially true for the USA and Europe since 9/11, “we” went “there”, and often disrupted their governments, bombed their countries, killed their family, friends and destroyed their homes.

The Facebook scramble to rewrite history

As Facebook scramble to try to head off prohibitive legislation in the UK, Europe and the USA, it’s trying to reinvent it’s history and mission.  I’m no Facebook historian, developer, professional watcher but it’s worth remembering some of it’s actual history, bugs, screw-ups and the often terrible defaults it implemented with new features.

I’d long imagined that Mark Zuckerberg was the embodiment of Zeke Hawkins character in the 1993 movie, Sliver. One of the things Hawkins said in the movies about his surveillance was the Google-esq:

We’ll do only good things.

All of the recent disclosures about access to Facebook data isn’t about hacking or other malicious activity, it is about poor design decisions; defaults in privacy that were good for Facebook but not for the user; and ultimately necessary for Facebook’s’ business model. They were not, as Facebook and Zuckerberg oft refer to them as data breaches.

As the voiceover says at the end of the Sliver trailer:

The view from the outside is nothing…. compared to the view…. inside.

My history with Facebook goes back to when it was “thefacebook”. I’d been a regular speaker and panelist at the Silicon Valley World Internet Center between 1998 and 2003 when I gave my last session on Open Source. The center was housed at Stanford University. Over my time there, I made contacts with many professional and personal contacts.

I started using livejournal as an emerging platform for “blogging” and tracking news for my then key triathlon interests in January 2004.  That April, through one of the contacts I’d made at the World Internet Center, I was offered a userid to take a look at “thefacebook”. I didn’t spend much time on it, it was fascile, juvenille and voyeristic. I wasn’t surprised to hear that in 2003, the Harvard University administration had charged Zuckerberg with breach of security, violating copyrights, and violating individual privacy.

That set the path that Facebook has followed since then, their design decisions, their defaults, everything has been aimed at making your information publicly available, searchable and collectable. As I texted a few days ago, none of this need happened if Facebook actually cared about privacy. Each and every time they implemented a new feature, they did so by setting the user privacy to the least private allowed.

While Facebook claimed they were not selling data, which was probably legally true, but they were always selling access to the data. If privacy was really central to Facebooks management of data, then they would have made the defaults very different than they did.

All those infuriating apps and quizzes that your “friends” were playing Farmville, Candy Crush, etc. let alone the apps that wanted to know actual personal information, like where you’d travelled to etc. For a while in 2007 there was even a class at Stanford known as the “Facebook class” where students, many of whom went on to make hundreds of thousands of US Dollars, were instructed on how to make Facebook apps.

As early as 2010, many of us were imploring people not to give companies like OK Cupid and apps like Lover of the Day access to your data, it was only ever going to end badly for someone.

Lover of the Day was installed nearly a million times. If every user that installed it had at least one hundred “friends” on Facebook,  that meant through a single app, four hundred million facebook users data could have been exposed and scraped. Even if “Lover of the Day” hadn’t overtly exploited this, it was totally naive rather than malicious.

By the end of 2010, there were hundreds of website scams that were, as far as I can see, just there to harvest your data, and that of your friends. There were numerous websites set up to track these, of which Facecrooks, was and still is one of the best.

When I got my Facebook data, before #DELETEFACEBOOK, I spent an hour searching through the data and my timeline to find interesting posts, pleas that I’d made to my friends about the lax controls, bad defaults and bad app choices they were making.In 2010 alone, I posted the following on my wall.

January 10th: “Well get used to it, the Facebook founder says your privacy is a relic of the past, everything should be public!”

March 2010: “So, not paying attention to the FB Privacy issue? Well last night the dumb ass’s made a change which made everyone’s email address public for about 30-mins even if you said not to or your settings… “

May 2010: “So yesterday Facebook blew their privacy yet again revealing private friend to friend conversations, allowing one friend to see outstanding friend requests of other friends…”

May 2011: When discussing the Symantec revelation that Facebook was leaking information to Third parties, I ended the post with – friends don’t give their friends personal information to strangers, don’t do the same on facebook!

By 2011, music streaming startup, Spotify, was known to be aggressively using and promoting their business through facebook by exploiting the weak/lax Facebook privacy. If anything, the US Government Federal Trade Commision hearings lead to facebook changes that were in marketing speak “more transparent” but reality, more opaque. They made it easier to stop sharing, but harder to know what was being shared.

In 2015, the scraping of user data was still rampant, I found a number of examples of warnings, mostly in so called “Big company” giveaways.

March 2015: Friends don’t invite friends invite to the SW Airlines ticket give away. It’s scam, they are harvesting Facebook id’s, friends lists and email addresses and who knows what else!

It was followed by a long bullet list of ways you could tell if the giveaway was a scam. My post ended in

If don’t doesn’t have at least two of those it’s a scam… It’s not harmless, it’s like showing up at an orgy and not using a condom.

When Zuckerberg and Facebook try to rewrite history claiming these were a breach of trust, or they didn’t sell data, or they acted as soon as they were notified, I don’t know what the hell they are talking about. They knew, they just didn’t care until the politicians got hurt, and now the optics look really bad.

Next. What should be done.

Zuckerberg/Facebook called to UK Parliament

Of course as a US Citizen, Zuckerberg can’t be compelled to attend. There can be so many serious consequences to not attending that Rubert Murdoch and other News International Executives attended when they were called.