Tag: FAIL

Yeah, About that

This strangest thing about this moment is almost every Dem is acting as if Obama’s first term was a horrible failure but no one wants to explicitly say that. https://t.co/CuyrgEN6XT

— Jon Walker (@JonWalkerDC) February 2, 2021

So, let’s do a rundown of the 2009-10 Obama years and what happened:

  • Democratic Governors, from 29 to 16.
  • Control of state legislatures, and redistricting, from 59% to 31%. (over 1000 state leg seats)
  • Double digit losses in the Senate.
  • Over 5 dozen loses in the House.

Why would even the most psychopathic Democrat, or Jim Manchin (but I repeat myself) want even a small piece of such a disaster?

The answer is that they don’t which indicates that the Democratic Party establishment (There is no Democratic Party establishment) might actually have a small learning curve.

I never believed that I would be able to write that in a non-ironic way.

Read His Lips

$2000.00 stimulus checks are popular. Their popularity was such, even in Georgia, that it led to the Democrats taking control of the Senate.  (It was a big part of the campaigning for the runoff)

Now, the very serious people are trying to scale back and means test the stimulus to irrelevancy.

It is patently clear that this is bad policy and even worse politics.  It is George H.W. Bush’s no new taxes pledge all over again:

On January 4, Joe Biden made an unequivocal pledge, telling voters that by electing Democrats to Georgia’s senate seats, “you can make an immediate difference in your own lives, the lives of people all across this country because their election will put an end to the block in Washington on that $2,000 stimulus check, that money that will go out the door immediately to people who are in real trouble.”

Now they are counting the $600, so $1400 is the new 2000, saying that it will take months to pass the bill, making overtures to Republicans, etc.

A little more than a decade later, the public option fight should be a harrowing cautionary tale for Biden on both the policy and the politics. He had a front-row seat in watching a bad-faith Republican opposition kill a much-needed initiative, and then use Democrats’ failure to deliver to win at the polls. He of all people should know that this story never ends well.

………

The $2,000 checks initiative does not have to go down the same way the public option went down. The president and congressional Democrats do not have to do what weak-kneed, wimpy Democrats of the past have so often done. They do not have to negotiate against themselves, word-parse their way out of campaign pledges and delude themselves into thinking that Republicans are good-faith legislative partners.

They could instead try to use their election mandate — and the weakened state of the GOP — to demand full survival checks, rather than pretending that bad-faith Republican senators have any standing to make policy arguments.

The “Very Serious People” are going to “reasonable” themselves into losses in 2022 that make the 2010 blood letting look like a walk in the park.

Tweet of the Day

Larry Hogan is still Governor of Maryland, but TBF Covid is blocking Tom’s primary source of information – a humble taxi driver with sharp geopolitical insights. pic.twitter.com/URQgqNx0OV

— Don Moynihan (@donmoyn) January 25, 2021

Just so you know, as New York Times Pulitzer Prize winning reporter and columnist Tom Friedman does not, Larry Hogan is still governor of Maryland, where Friedman lives.

Seriously, Tom “The Mustache of Inanity” Friedman has finally exceeded the capacity for others to mock him.

Maybe he should get a Pulitzer for self-mockery.

Yeah, Me Too


A throw away tweet


My throw away response

I agree with Mike Caulfield statement on Twitter’s take-down and appeals process,  that it is arbitrary, opaque, and the subject has no inkling as to the process.

I would not be writing about this, except that this happened to me.

About a week ago, I got locked out of Twitter for a post I made in June.

Someone posted a sign a McDonald’s which appears to state that they are out of happy meals, though they use the term “Boy Toys.”

The poster suggested that he was sad, because he wanted his “twinks”, a slang term for young, and young appearing, gay men.

My response was that he was being “Homonormative, (a play on the term “Heteronormative”) and that “Wymyn” (An 80s radical feminist spelling for “Woman”) might want their “Boy Toys” as well.

It was pretty anodyne, though every 2 weeks of so, it showed up in someone’s feed, and they would ask, “What the heck is Wymyn?”

When I got the ban, I appealed the decision, which was likely automated, and was probably driven by someone flagging it.  (No accounting for humor, I guess)

That I got a Twitter Timeout™ was actually kind of  a thrill, I have been in a bit of a competition with my son Charlie after Twitter flagged him for suggesting that Meghan McCain do something anatomically dubious with a cactus.

I submitted an appeal, and then nothing happened.

After 4 days of not being able to access twitter, I deleted the tweet.

But just before I deleted the tweet, I came across Mr. Caulfield’s essay, and I agree with his assessment of the appeals process:

So that would be my recommendation to Twitter. Either cancel the appeals process, apply it narrowly to suspensions, or speed it up. At the very least, inform people engaging in it what the average time for resolution is. And while my suspension probably won’t derail national or international efforts against COVID-19, I can’t help but think of all the medical researchers and public policy people out there using Twitter to communicate and collaborate. So as much as Twitter seems to think any deference to academic culture is a thumb on the scale, I really hope they can have someone write up a list of experts more important than me and take a bit more care before they ban them. I assume what I was hit with was based on a programmatic scan, not trolls gaming reporting. But the anti-vaccine trolls are out there and I know they are reporting the heck out of anyone that gets in their way. If Twitter doesn’t make a nominal effort to protect those researchers, there will be much more high-profile (and damaging) bannings to come.

(Incidentally the fact that the report does not actually tell me if I have been banned by a programmatic scan –having 5g and vaccines in the same tweet — or via a report is very bad in terms of both transparency and utility. I actually need to know whether it is a troll report or algorithm. If it’s an algorithm, it’s a lightning strike, and I go on the way I have. If the trolls have found me, that’s a different problem, and one I need to be alerted to.)

When we talk about the size of the online giants, what is frequently ignored is the generally poor quality of user* services. 

Terms and services are poorly written, arbitrarily enforced, and completely lacking in any measurable human involvement.

It would not be at all unreasonable to require that the large online service sites to provide clearer processes, along with the ability to contact an actual human being.

The quality of the services would improve, at least from the end user perspective, and it would make the enormous scale that entities like Facebook, Twitter, and Google have achieved more expensive, which might aid smaller challengers and mitigate against further growth.

*They not customers, the advertisers are the customers, the users are the product.

It Really Sucks to be You

It appears that in addition to being contemptible people, the purveyors of Parler, the now-shuttered right-wing Twitter, were technically incompetent.

Their tech was incompetently managed, and  a security researcher managed to download almost every post in Parler, including deleted posts and extensive metadata.

I’m sure that the FBI will be most interested in this information:

In the wake of the violent insurrection at the U.S. Capitol by scores of President Trump’s supporters, a lone researcher began an effort to catalogue the posts of social media users across Parler, a platform founded to provide conservative users a safe haven for uninhibited “free speech” — but which ultimately devolved into a hotbed of far-right conspiracy theories, unchecked racism, and death threats aimed at prominent politicians.

The researcher, who asked to be referred to by her Twitter handle, @donk_enby, began with the goal of archiving every post from January 6, the day of the Capitol riot; what she called a bevy of “very incriminating” evidence. According to the Atlantic Council’s Digital Forensic Research Lab, among other sources, Parler is one of a several apps used by the insurrections to coordinate their breach of the Capitol, in a plan to overturn the 2020 election results and keep Donald Trump in power.

………

In the wake of the violent insurrection at the U.S. Capitol by scores of President Trump’s supporters, a lone researcher began an effort to catalogue the posts of social media users across Parler, a platform founded to provide conservative users a safe haven for uninhibited “free speech” — but which ultimately devolved into a hotbed of far-right conspiracy theories, unchecked racism, and death threats aimed at prominent politicians.

The researcher, who asked to be referred to by her Twitter handle, @donk_enby, began with the goal of archiving every post from January 6, the day of the Capitol riot; what she called a bevy of “very incriminating” evidence. According to the Atlantic Council’s Digital Forensic Research Lab, among other sources, Parler is one of a several apps used by the insurrections to coordinate their breach of the Capitol, in a plan to overturn the 2020 election results and keep Donald Trump in power.

………

Operating on little sleep, @donk_enby began the work of archiving all of Parler’s posts, ultimately capturing around 99.9 percent of its content. In a tweet early Sunday, @donk_enby said she was crawling some 1.1 million Parler video URLs. “These are the original, unprocessed, raw files as uploaded to Parler with all associated metadata,” she said. Included in this data tranche, now more than 56 terabytes in size, @donk_enby confirmed that the raw video files include GPS metadata pointing to exact locations of where the videos were taken.

………

Hoping to create a lasting public record for future researchers to sift through, @donk_enby began by archiving the posts from that day. The scope of the project quickly broadened, however, as it became increasingly clear that Parler was on borrowed time. Apple and Google announced that Parler would be removed from their app stores because it had failed to properly moderate posts that encouraged violence and crime. The final nail in the coffin came Saturday when Amazon announced it was pulling Parler’s plug.

………

The privacy implications are obvious, but the copious data may also serve as a fertile hunting ground for law enforcement. Federal and local authorities have arrested dozens of suspects in recent days accused of taking part in the Capitol riot, where a Capitol police officer, Brian Sicknick, was fatally wounded after being struck in the head with a fire extinguisher. 

My suggestion to @donk_enby is that if someone comes sniffing around for the archive that she made, don’t without a subpoena.  Providing the information under compulsion indemnifies you, so if someone wants to sue you for someting like “Invasion of Privacy”, you are covered.  (NOte that I am an engineer, not a lawyer, dammit.*

My second piece of advice is that turning your personal information over to an online site is a stupid thing, and doing so to a business that caters to reactionaries is even dumber.

Businesses that cater to conservatives on the basis of politics tend to be scams.  All you have to do is listen to Rush Limbaugh or Sean Hannity, and see how many of the ads are transparent bullshit like fat burning plant extracts, overpriced gold, phony ED cures, Corona Virus Cures, etc.

For them, it’s all about the Benjamins.

*I love it when I get to go all Dr. McCoy!

Michigan brings two charges against former governor for Flint case

Well, I was wrong yesterday when I predicted that former Governor of Michigan Rick Snyder would be charged with obstruction of justice

I was wrong.

Snyder was hit with two counts of “Willful Neglect of Duty,” a misdemeanor.

Here is the statute, § 750.478:

When any duty is or shall be enjoined by law upon any public officer, or upon any person holding any public trust or employment, every willful neglect to perform such duty, where no special provision shall have been made for the punishment of such delinquency, constitutes a misdemeanor punishable by imprisonment for not more than 1 year or a fine of not more than $1,000.00.

This case is just plain weird, with indictments for felonies, a dismissal of those charges, and now this. 

I do not know how this will end, but I expect to be disappointed.

About Fucking Time

Rick Snyder, former governor of Michigan, as well as his senior staff, will be criminally charged over his role in the poisoning of the water in Flint

The specifics of the charges are not known at this time, so my guess is that we are looking at an obstruction of justice and the like:

Former Michigan governor Rick Snyder, his health director and other ex-officials have been told they’re being charged after a new investigation of the Flint water scandal, which devastated the majority Black city with lead-contaminated water and was blamed for a deadly outbreak of Legionnaires’ disease in 2014-15, the Associated Press has learned.

Two people with knowledge of the planned prosecution told the AP on Tuesday that the attorney general’s office has informed defense lawyers about indictments in Flint and told them to expect initial court appearances soon. They spoke to the AP on condition of anonymity because they were not authorized to speak publicly.

The AP could not determine the nature of the charges against Snyder, former health department director Nick Lyon and others who were in the Snyder administration. The attorney general’s office declined to comment on details of the ongoing investigation. Spokeswoman Courtney Covington Watkins said investigators were “working diligently” and “will share more as soon as we’re in a position to do so”.

Snyder’s attorney didn’t return calls seeking comment.

I have no direct knowledge as to the course of the investigations, or the prosecutions, but if Snyder were charged with something like taking bribes over the water pipeline, or some other explicit corruption, I think that other people would have been prosecuted, and have cut deals, before Snyder was charged.

Yeah, Lihop*

So, now we know that there were specific rports from the FBI that right-wings intended to invade the Capitol on January 6.

Yet more evidence that the passivity of law enforcement in the face of a clear threat was more than just incompetence:

A day before rioters stormed Congress, an FBI office in Virginia issued an explicit warning that extremists were preparing to travel to Washington to commit violence and “war,” according to an internal document reviewed by The Washington Post that contradicts a senior official’s declaration the bureau had no intelligence indicating anyone at last week’s demonstrations in support of President Trump planned to do harm.

A situational information report approved for release the day before the U.S. Capitol riot painted a dire portrait of dangerous plans, including individuals sharing a map of the complex’s tunnels, and possible rally points for would-be conspirators to meet in Kentucky, Pennsylvania, Massachusetts and South Carolina and head in groups to Washington.

“As of 5 January 2021, FBI Norfolk received information indicating calls for violence in response to ‘unlawful lockdowns’ to begin on 6 January 2021 in Washington, D.C.,” the document says. “An online thread discussed specific calls for violence to include stating ‘Be ready to fight. Congress needs to hear glass breaking, doors being kicked in, and blood from their BLM and Pantifa slave soldiers being spilled. Get violent. Stop calling this a march, or rally, or a protest. Go there ready for war. We get our President or we die. NOTHING else will achieve this goal.”

………

Yet even with that information in hand, the report’s unidentified author expressed concern that the FBI might be encroaching on free-speech rights.

We can’t do this to Wypipo.


The warning is the starkest evidence yet of the sizable intelligence failure that preceded the mayhem, which claimed the lives of five people, although one law enforcement official, speaking on the condition of anonymity to avoid disciplinary action, said the failure was not one of intelligence but of acting on the intelligence.

………

The head of the FBI’s Washington Field Office, Steven D’Antuono, told reporters on Friday that the agency did not have intelligence suggesting the pro-Trump rally would be anything more than a lawful demonstration. During a news conference Tuesday, held after The Post’s initial publication of this report, he said the alarming Jan. 5 intelligence document was shared “with all our law enforcement partners” through the joint terrorism task force, which includes the U.S. Capitol Police, the U.S. Park Police, D.C. police, and other federal and local agencies.

………

Steven Sund, who resigned as Capitol Police chief, said in an interview Tuesday that he never received nor was made aware of the FBI’s field bulletin, insisting he and others would have taken the warning seriously had it been shared.

“I did not have that information, nor was that information taken into consideration in our security planning,” Sund said.

………

The Jan. 5 FBI report notes that the information represents the view of the FBI’s Norfolk office, is not to be shared outside law enforcement circles, that it is not “finally evaluated intelligence,” and that agencies receiving it “are requested not to take action based on this raw reporting without prior coordination with the FBI.”

Again.  “We can’t do this to Wypipo!”

………

The document notes that one online comment advised, “if Antifa or BLM get violent, leave them dead in the street,” while another said they need “people on standby to provide supplies, including water and medical, to the front lines. The individual also discussed the need to evacuate noncombatants and wounded to medical care.”

On Jan. 6, a large, angry crowd of people who had attended a rally nearby marched to the Capitol, smashing windows and breaking doors to get inside. One woman in the mob was shot and killed by Capitol Police; officials said three others in the crowd had medical emergencies and died. A Capitol Police officer died after suffering injuries.

………

For weeks leading up to the event, FBI officials discounted any suggestion that the activities of Trump supporters upset about the scheduled certification of Biden’s election win could be a security threat on a scale with the racial-justice demonstrations that followed the police killing of George Floyd in Minneapolis in May.

………

Even so, there were warning signs, though none as stark as the one from the FBI’s Norfolk office.

FBI agents had in the weeks before the Trump rally visited suspected far-right extremists, hoping to glean whether they had violent intentions, said a person familiar with the matter who spoke on the condition of anonymity to discuss the law enforcement activity. It was not immediately clear who was visited or if the FBI was specifically tracking anyone who would later be charged criminally. These visits were first reported Sunday by NBC News.

In addition, in the days leading up to the demonstrations, some Capitol Hill staffers were told by supervisors to not come in to work that day, if possible, because it seemed the danger level would be higher than many previous protests, according to a person familiar with the warning who spoke on the condition of anonymity to discuss the matter. Capitol Police did not take the kind of extra precautions, such as frozen zones and hardened barriers, that are typically used for major events near the Capitol.

Again, this looks like deliberate malfeasance.

Law enforcement departed from standard protocols in order to empower the insurrectionists.

………

The FBI recently issued a different memo saying that “armed protests” were being planned “at all 50 state capitols” and in D.C. in the run-up to the inauguration, according to an official familiar with the matter, speaking on the condition of anonymity to discuss a sensitive law enforcement matter.

They knew that there was a risk of violence, and either because of interference from the Trump administration, or because senior elements of the US State Security Apparatus chose to be on the side of insurrection.

I’m more inclined to believe the latter case today than I was yesterday.

*Let It Happen On Purpose.

What Took You So Long?

Months after being invaded by gun toting fascist and white supremacist terrorists, the Michigan legislature has finally decided that maybe allowing any Tom, Dick, and Harry to open carry in the state house is a bad idea:

Michigan banned the open carry of guns inside its Capitol building on Monday, following mob violence last week at the US Capitol and last year’s storming of the Michigan statehouse.

The Michigan ban came as reports detailed FBI warnings about possible violence at state capitols and in Washington in the run-up to the 20 January inauguration of Joe Biden.

………

Security officials are preparing for a large crowd in Washington for the inauguration, and state officials are preparing for protests.

On Monday, ABC News reported a similar FBI bulletin warning of armed protests “at all 50 state capitols” and in Washington, but neither the date of that bulletin nor the evidentiary basis for its advice was given.

………

Security around the Capitol has been stepped up.

Armed men stormed the Michigan capitol in April, protesting social restrictions aimed at curbing the spread of Covid-19. It later emerged that a group had plotted to kidnap and perhaps kill the governor, the Democrat Gretchen Whitmer.

April ……… May ……… June ……… 9 Months?

It too them 9 Fucking Months to realize that it’s a bad thing for the legislature to be threatened by mooks carrying assault rifles?

Seriously? 

I get that Republicans controlled both state houses, but I would figure that they would have a have enough of a self preservation instinct to act sooner.

Today in the Internet of Shit

It turns out that internet connect chastity penis locks with poor security is a very bad idea.

I know what you are thinking, “What, did hackers hold someone’s penis for ransom?”

Why yes, someone was hacking these devices to take command of their joy stick, and they were demanding Bitcoin to unlock the device, and hence the penis.

Thankfully no one was actually wearing the “Chastity Cages” at the time.

Full disclosure:  I did not even know that such a device existed, either with or without internet connectivity, until I read about this today.

My penis is in a long term exclusive engagement with Sharon*, thank you very much:

A hacker took control of people’s internet-connected chastity cages and demanded a ransom to be paid in Bitcoin to unlock it.

“Your cock is mine now,” the hacker told one of the victims, according to a screenshot of the conversation obtained by a security researcher that goes by the name Smelly and is the founder of vx-underground, a website that collects malware samples.

In October of last year, security researchers found that the manufacturer of an Internet of Things chastity cage—a sex toy that users put around their penis to prevent erections that is used in the BDSM community and can be unlocked remotely—had left an API exposed, giving malicious hackers a chance to take control of the devices. That’s exactly what happened, according to a security researcher who obtained screenshots of conversations between the hacker and several victims, and according to victims interviewed by Motherboard.

A victim who asked to be identified only as Robert said that he received a message from a hacker demanding a payment of 0.02 Bitcoin (around $750 today) to unlock the device. He realized his cage was definitely “locked,” and he “could not gain access to it.”

“Fortunately I didn’t have this locked on myself while this happened,” Robert said in an online chat. 

Yes Robert, you were a very fortunate person not to have been wearing when this got locked down.

We could make a movie out of this, Free the Willie.

 *Love of my life, light of the cosmos, she who must be obeyed, my wife.

Good Point

Matt Stoller makes a very good point, that the penetration of “premier” cybersecurity firm SolarWinds by hackers,* was a direct consequence of the private equity looting ethos.

They did not play close attention to security (Passwords from movies, seriously), our-sourced work into Eastern Europe, where the FSB could recruit operatives in a day trip.

Security, you see, is not profitable, even if you are a cyber security firm:

Roughly a month ago, the premier cybersecurity firm FireEye warned authorities that it had been penetrated by Russian hackers, who made off with critical tools it used to secure the facilities of corporations and governments around the world.

The victims are the most important institutional power centers in America, from the FBI to the Department of Treasury to the Department of Commerce, as well as private sector giants Cisco Systems, Intel, Nvidia, accounting giant Deloitte, California hospitals, and thousands of others. As more information comes out about what happened, the situation looks worse and worse. Russians got access to Microsoft’s source code and into the Federal agency overseeing America’s nuclear stockpile. They may have inserted code into the American electrical grid, or acquired sensitive tax information or important technical and political secrets.

………

And that makes this hack quite scary, even if we don’t see the effect right now. Mark Warner, one of the smarter Democratic Senators and the top Democrat on the Intelligence Committee, said “This is looking much, much worse than I first feared,” also noting “The size of it keeps expanding.” Political leaders are considering reprisals against Russia, though it’s likely they will not engage in much retaliation we can see on the surface. It’s the biggest hack since 2016, when an unidentified group stole the National Security Agency’s “crown jewels” spy tools. It is, as Wired put it, a “historic mess.”

……….

The most interesting part of the cybersecurity problem is that it isn’t purely about government capacity at all; private sector corporations maintain critical infrastructure that is in the “battle space.” Private firms like Microsoft are being heavily scrutinized; I had one guest-post from last January on why the firm doesn’t manage its security problems particularly well, and another on how it is using its market power to monopolize the cybersecurity market with subpar products. And yet these companies have no actual public obligations, or at least, nothing formal. They are for-profit entities with little liability for the choices they make that might impose costs onto others.

………

All of which brings me to what I think is the most compelling part of this story. The point of entry for this major hack was not Microsoft, but a private equity-owned IT software firm called SolarWinds. This company’s products are dominant in their niche; 425 out of the Fortune 500 use SolarWinds. As Reuters reported about the last investor call in October, the CEO told analysts that “there was not a database or an IT deployment model out there to which [they] did not provide some level of monitoring or management.” While there is competition in this market, SolarWinds does have market power. IT systems are hard to migrate from, and this lock-in effect means that customers will tolerate price hikes or quality degradation rather than change providers. And it does have a large market share; as the CEO put it, “We manage everyone’s network gear.”

SolarWinds sells a network management package called Orion, and it was through Orion that the Russians invaded these systems, putting malware into updates that the company sent to clients. Now, Russian hackers are extremely sophisticated sleuths, but it didn’t take a genius to hack this company. It’s not just that criminals traded information about how to hack SolarWinds systems; one security researcher alerted the company last year that “anyone could access SolarWinds’ update server by using the password “solarwinds123.’”

Using passwords ripped form the movie Spaceballs is one thing, but it appears that lax security practice at the company was common, systemic, and longstanding. The company puts its engineering in the hands of cheaper Eastern Europe coders, where it’s easier for Russian engineers to penetrate their product development. SolarWinds didn’t bother to hire a senior official to focus on security until 2017, and then only after it was forced to do so by European regulations. Even then, SolarWinds CEO, Kevin Thompson, ignored the risk. As the New York Times noted, one security “adviser at SolarWinds, said he warned management that year that unless it took a more proactive approach to its internal security, a cybersecurity episode would be “catastrophic.” The executive in charge of security quit in frustration. Even after the hack, the company continued screwing up; SolarWinds didn’t even stop offering compromised software for several days after it was discovered.

………

And yet, not every software firm operates like SolarWinds. Most seek to make money, but few do so with such a combination of malevolence, greed, and idiocy. What makes SolarWinds different? The answer is the specific financial model that has invaded the software industry over the last fifteen years, a particularly virulent strain of recklessness typically called private equity.

………

In October, the Wall Street Journal profiled the man who owns SolarWinds, a Puerto Rican-born billionaire named Orlando Bravo of Thoma Bravo partners. Bravo’s PR game is solid; he was photographed beautifully, a slightly greying fit man with a blue shirt and off-white rugged pants in front of modern art, a giant vase and fireplace in the background of what is obviously a fantastically expensive apartment. Though it was mostly a puff piece of a silver fox billionaire, the article did describe Bravo’s business model.

………

As I put it at the time, Bravo’s business model is to buy niche software companies, combine them with competitors, offshore work, cut any cost he can, and raise prices. The investment thesis is clear: power. Software companies have immense pricing power over their customers, which means they can raise prices to locked-in customers, or degrade quality (which is the same thing in terms of the economics of the firm). As Robert Smith, one of his competitors in the software PE game, put it, “Software contracts are better than first-lien debt. You realize a company will not pay the interest payment on their first lien until after they pay their software maintenance or subscription fee. We get paid our money first. Who has the better credit? He can’t run his business without our software.”

………

Did this acquisition spree and corporate strategy work? Well that depends on your point of view; it certainly increased accounting profits. From a different perspective, however, the answer is no. Accounting profits masked that the corporate strategy was shifting risk such that the firm enabled a hack of the FBI and U.S. nuclear facilities. And from the user and employee perspective, the strategy was also problematic. It’s a little hard to tell, but if you look at software feedback comment forums, you’ll find a good number of IT pros dislike SolarWinds, seeing the firm as a financial project based on cobbling together random products from an endless set of acquisitions. (If you are at SolarWinds or another Thoma Bravo company, or use their products, send me a note on your experiences.)

………

It’s not clear to me that Bravo is liable for any of the damage that he caused, but he did make one mistake. Bravo got caught engaging in what very much looks like insider trading surrounding the hack. Here’s the Financial Times on what happened:

Private equity investors sold a $315m stake in SolarWinds to one of their own longstanding financial backers shortly before the US issued an emergency warning over a “nation-state” hack of one of the software company’s products.

The transaction reduced the exposure of Silver Lake and Thoma Bravo to the stricken software company days before its share price fell as vulnerabilities were discovered in a product that is used by multiple federal agencies and almost all Fortune 500 companies.

But the trade could prove embarrassing for Menlo Park-based Silver Lake and its rival Thoma Bravo, which rank among the biggest technology-focused private equity firms in the world.

………

In this case, however, possible insider trading really isn’t the problem. Though I hate the phrase, the real scandal isn’t what’s illegal, it’s what is legal. Bravo degraded the quality of software, which usually just means that people have to deal with stuff that doesn’t work very well, but in this case enabled a weird increase in geopolitical tensions and an espionage victory for a foreign adversary. It’s yet another example of what national security specialist Lucas Kunce notes is the mass transformation of other people’s risk into profit, all to the detriment of American society.

………

There are many ways to see this massive hack. It’s a geopolitical problem, a question of cybersecurity policy, and a legally ambiguous aggressive act by a foreign power. But in some ways it’s not that complex; the problem isn’t that Russians are good at hacking and U.S. defenses are weak, it’s that financiers in America make more money by sabotaging key infrastructure than by building it.

And they are celebrated for it. If Western nations had coherent political systems, the men responsible for this mess would be dragged in front of legislative committees and grilled over the business practices putting all of us at risk. Instead, five days ago, Pitchbook just gave out their Private Equity Awards, and named their “dealmaker of the year.”

Yes, it was Orlando Bravo.

We need to change the laws to hold these guys accountable.

As it currently stands, they borrow money, and then loot the companies, and then retreat behind the bulwark of the bankruptcy courts to avoid any responsibility for what they have done.

*According to “Knowledgeable Sources”, Russia, but no one is willing to go on the record, so YMMV.
Again, no one is willing to go on the record as to whether this was the FSB, or the GRU, or maybe it was the fault of those damn Eskimos.
The line is from Judgement at Nuremberg. It’s a great movie. Spencer Tracy, Marlene Dietrich, Burt Lancaster, Richard Widmark, Maximilian Schell, Judy Garland, Montgomery Clift, and a very young William Shatner. (Widmark says the line about the Eskimos.)

Daym!

South Dakota is trying to deny a speedy trial to a number of criminal defendants arguing that the Corona Virus pandemic should allow them to get a waiver due to extraordinary circumstances.

A federal judge has called bullsh%$ on this, justifying this by the fact that, “South Dakota has done ‘little, if anything’ to curtail COVID-19.” 

Basically, the judge is saying that the government of South Dakota, at the instigation Governor Kristi “Crazy Eyes” Noem, has refused to take even the most basic measure to deal the the situation, and that defendants should not suffer as a result.

Karma is a bitch:

A federal judge says a state court can’t use the COVID-19 pandemic as an excuse to delay a Codington County trial and in the same breath criticized South Dakota’s response to the pandemic, saying it has done “little, if anything,” to mitigate the spread of COVID-19.

U.S. District Judge Charles B. Kornmann ordered that unless the Codington County state court resolves Matthew Kurtenbach’s May 2019 case by January 15, 2021, Kurtenbach will win a federal petition he filed claiming wrongful imprisonment and a violation of his right to a speedy trial.

And in that same adjudication, filed federally in the Northern Division of the District of South Dakota and which can be read in full at the bottom of this story, Kornmann harshly criticized the state and Gov. Kristi Noem’s response to the pandemic and said some state courts could have done more to keep cases moving while protecting parties.

“South Dakota has done little, if anything, to curtail the spread of the virus,” Kornmann wrote in the Dec. 28 decision.

He later said:

“South Dakota cannot ‘take advantage’ of its own failures to follow scientific facts and safeguards in entering blanket denials of the rights of speedy trials.”

………

An excerpt from the filing:

The Governor has steadfastly refused to impose a statewide mask mandate. She has often questioned publicly the scientific fact that mask wearing prevents the virus from spreading. she appeared at a dedication ceremony for a large 3M Company in Aberdeen manufacturing plant expansion — to allow 3M to produce even more N95 respirators needed by front-line healthcare workers — as the only public official not wearing a mask. Her example significantly encourages south Dakotans to not wear masks. South Dakota is now a very dangerous place in which to live due to the spread of COVID-19. Even a casual observer must note the failure of most residents of South Dakota to wear masks and maintain social distancing.

He went on to cite a separate case, Carson v. Simon, in saying: “There is no pandemic exception to the Constitution.” 

I should not feel schadenfreude about this, but I do.

Amazon Ring Hacked to Abuse Homeowners

Given that Amazon’s model for its Ring security cameras is its ability to collect extensive data on its users, and their neighbors.

Their plan is to monetize your data, and to share your data with law enforcement to further additional sales.

This model, where there are hundreds, if not thousands, of individuals and organizations with access to the cameras, it should come as no surprise that their system was hacked, and the hackers used their control of the network to harass people:

Dozens of people who say they were subjected to death threats, racial slurs, and blackmail after their in-home Ring smart cameras were hacked are suing the company over “horrific” invasions of privacy.

A new class action lawsuit, which combines a number of cases filed in recent years, alleges that lax security measures at Ring, which is owned by Amazon, allowed hackers to take over their devices. Ring provides home security in the form of smart cameras that are often installed on doorbells or inside people’s homes.

The suit against Ring builds on previous cases, joining together complaints filed by more than 30 people in 15 families who say their devices were hacked and used to harass them. In response to these attacks, Ring “blamed the victims, and offered inadequate responses and spurious explanations”, the suit alleges. The plaintiffs also claim the company has also failed to adequately update its security measures in the aftermath of such hacks.

………

Ring has not said who is behind the hacks, and victims say they still do not know who accessed their homes through the devices.

Repeatedly, Ring blamed victims for not using sufficiently strong passwords, the suit claims. It says Ring should have required users to establish complicated passwords when setting up the devices and implement two-factor authentication, which adds a second layer of security using a second form of identification, such as a phone number.

However, as the lawsuit alleges, Ring was hacked in 2019 – meaning the stolen credentials from that breach may have been used to get into users’ cameras. That means the hacks that Ring has allegedly blamed on customers may have been caused by Ring itself. A spokesperson said the company did not comment on ongoing litigation.

The lawsuit also cites research from the Electronic Frontier Foundation and others that Ring violates user privacy by using a number of third-party trackers on its app.

My old axiom applies, “If they treat their employees like sh%$, how do you think that they will treat you as a customer?”  

Amazon is a pernicious and corrupt organization, and cannot be trusted with your privacy.

Quote of the Day

After an audit of the algorithm, the resume screening company found that the algorithm found two factors to be most indicative of job performance: their name was Jared, and whether they played high school lacrosse.

Dave Gershgorn on Quartz about how algorithms reinforce bias.

I would argue that this is a feature, and not a bug.

When you look at the “Gig Economy”, and AI “Expert Systems,” the unspoking selling point is that they are, “money laundering for bias.”

This Exceeds My Capability for Mockery

Mike Pence has announced a name for members of the US Space Force, Guardians. (Yes, I am linking to The Guardian for this story, because ……… Guardian) 

Let the mockery begin:

Members of the new US space force will be known as “guardians”, Vice-President Mike Pence announced on Friday, at a ceremony to mark the first birthday of the newest branch of the US armed forces, one of Donald Trump’s signature policy initiatives.

“It is my honour,” Pence said, “on behalf of the president of the United States, to announce that henceforth the men and women of the United States Space Force will be known as guardians.

“Soldiers, sailors, airmen, marines and guardians will be defending our nation for generations to come.”

On Twitter, the space force said: “The opportunity to name a force is a momentous responsibility. Guardians is a name with a long history in space operations, tracing back to the original command motto of Air Force Space Command in 1983, ‘Guardians of the High Frontier.’

………

Nonetheless, Pence’s announcement prompted familiar mirth on social media. As Military.com put it: “Space enthusiasts and military members were quick to point out the name Guardians evokes the Marvel Comics’ Guardians of the Galaxy film franchise, about a motley crew of superheroes in space.”

With the Trump administration on its way out of power, the future of the space force seems uncertain. On Saturday, the president tweeted that the “authorisation and start up of the SPACE FORCE” would be seen as “one of the Trump administration’s great achievements”.

But as the Associated Press put it, delicately: “President-elect Joe Biden has yet to reveal his plans for the space force in the next administration.”

My suggestion for the Biden administration: Shut down the, “Space Force,” and take all the people who are not actually doing real work, generals, middle managers, etc. and muster them out of the service, because if they have been assigned to the service in that capacity, they don’t have productive purpose.

Boeing, AGAIN

Now it appears that Boeing pressured FAA test pilots during the review of the 737 MAX fixes.

Now is not the time for more rigorous regulatory action.

Now is the time for criminal prosecutions, and perp walks for senior Boeing executives:

Senate investigators concluded that Boeing “inappropriately coached” Federal Aviation Administration’s (FAA) pilots for a simulator test last year conducted during the effort to test and recertify the company’s 737 MAX as safe to fly again after two deadly crashes.

The conclusion is contained in a report issued Friday by the Republican majority in the Senate Commerce Committee on an investigation that was launched after the two MAX crashes but that ultimately broadened to unearth numerous safety problems across the FAA.

A whistleblower who served as an FAA aviation safety inspector told Senate investigators that Boeing officials prompted the FAA test pilots before the test, which was designed to test pilot reactions to an emergency, to be ready to respond.

The FAA inspector alleged the Boeing official told the pilots, “Remember, get right on that pickle switch” — meaning an electrical thumb switch on the control column used to pitch up the jet’s nose.

Even with that prompt, one of the pilots took 16 seconds to respond, four times longer than Boeing and the FAA had assumed.

According to the report, the investigators asked to interview that pilot, but a Transportation department lawyer prohibited the pilot from answering questions about the incident.

Senior members of the FAA need to be brought into court in handcuffs as well.

Of Course They Did

The Federal Reserve has allowed banks to start issuing dividends and make stock buybacks again, because, after all, how can our financial system work without the masters of capitalism that we just bailed out (AGAIN!) having their damn stock options vest.

Financial stability is secondary to making sure that Wall Street CEOs get the obscene bonuses:

The Federal Reserve has given America’s most profitable banks the green light to resume share buybacks for the first quarter of next year, even though it found that the country’s biggest lenders could face pandemic-related loan losses of more than $600bn.

The US central bank’s decision to lift a six-month ban on buybacks followed months of public protests by profitable lenders, including Morgan Stanley and JPMorgan Chase, several of whom immediately signalled their intention to restart purchases.

Many analysts and investors expected the Fed to hold firm to its restrictions, as the US continues to suffer record coronavirus cases and deaths and lawmakers struggle to agree stimulus measures to boost the economy through another round of shutdowns.

………

Lael Brainard was the only one of the Fed’s five-person board of governors to vote against freeing banks up to return more to shareholders.

“Today’s action nearly doubles the amount of capital permitted to be paid out relative to last quarter,” she said in a statement. “Prudence would call for more modest payouts to preserve lending to households and borrowers during an exceptionally challenging winter.”

Just a small reminder:  The Federal Reserve does not work for the American people, or even for the benefit of the financial system.  It works for the bankers.

We are going to buy out these rat-f%$#s again sooner rather than later.

Busting the Union Still More Important Than Making Safe Aircraft

Once again, we find that Boeing’s aggressive move of manufacturing to South Carolina has resulted in poorly assembled airliners.

What can I say, the unions won’t rat-f%$# themselves:

Boeing engineers previously determined that when the defects involving skin smoothness and shim size both occur in the same location, the result can be tiny imperfections creating a potential hazard such as a cracking in the fuselage under extreme flying conditions. Boeing in August took the unusual step of voluntarily grounding eight aircraft in airlines’ fleets for immediate repairs.

Those earlier problems prompted the FAA to start reviewing quality-control lapses in Boeing’s 787 production stretching back almost a decade.

Boeing also previously identified a third quality-control lapse affecting the horizontal stabilizer, a movable, winglike panel in the tail.

Boeing moved to South Carolina to ditch their unions in Seattle.

In the process, they ditched a talented workforce, and treated the new workforce like crap, because ……… South Carolina, and so the workforce there is demoralized as well.

MBA thinking does not produce good aircraft.