The Daily Parker

Politics, Weather, Photography, and the Dog

Making progress at work, slacking on the blog

Clearly, I have to get my priorities in order. I've spent the afternoon in the zone with my real job, so I have neglected to real all of this:

Finally, because only one guy writes about half of the songs on top-40 radio, modulations have all but disappeared from popular songs.

If I have your computer, I own your computer

Via Bruce SchneierArs Technica describes in painful detail how computer repair people snoop and steal people's data all the time:

If you’ve ever worried about the privacy of your sensitive data when seeking a computer or phone repair, a new study suggests you have good reason. It found that privacy violations occurred at least 50 percent of the time, not surprisingly with female customers bearing the brunt.

Researchers at University of Guelph in Ontario, Canada, recovered logs from laptops after receiving overnight repairs from 12 commercial shops. The logs showed that technicians from six of the locations had accessed personal data and that two of those shops also copied data onto a personal device. Devices belonging to females were more likely to be snooped on, and that snooping tended to seek more sensitive data, including both sexually revealing and non-sexual pictures, documents, and financial information.

The amount of snooping may actually have been higher than recorded in the study, which was conducted from October to December 2021. In all, the researchers took the laptops to 16 shops in the greater Ontario region. Logs on devices from two of those visits weren’t recoverable. Two of the repairs were performed on the spot and in the customer's presence, so the technician had no opportunity to surreptitiously view personal data.

In three cases, Windows Quick Access or Recently Accessed Files had been deleted in what the researchers suspect was an attempt by the snooping technician to cover their tracks. As noted earlier, two of the visits resulted in the logs the researchers relied on being unrecoverable. In one, the researcher explained they had installed antivirus software and performed a disk cleanup to “remove multiple viruses on the device.” The researchers received no explanation in the other case.

In all, the findings from the study were:

 Privacy policies and the practice of communicating protocols and controls to protect customers’ data do not exist across service providers of all sizes.
 Service providers largely (10/11) require “all access” to the device, even when it is unnecessary.
 Technicians often snoop on customers’ data (6/16) and sometimes copy those to external devices (2/16).
 Technicians who violate privacy often do so carefully to not generate evidence (1/6) or remove such evidence (3/6).
 A significant proportion of broken devices (26/79, 33 percent) are not repaired due to privacy concerns. For the devices that get repaired, device owners are concerned about threats to their privacy but do not use the proper controls to protect their data.

The results likely confirm what many more experienced computer users already know: that their data is vulnerable to snooping or copying any time they surrender their device to an untrusted or unknown individual, particularly when the individual has their login password. But for a much larger percentage of people wanting to recover crucial data on a broken device, the findings are likely a wake-up call with few, if any, good solutions.

Another way to look at it: do you trust your locksmith?

Probably the last warm day of the year

Cassie and I took a 33-minute walk at lunchtime and we'll take another half-hour or so before dinner as the temperature grazes 14°C this afternoon. Tomorrow and each day following will cool off a bit until Wednesday, the first official day of winter, which will return to normal.

Meanwhile...

Finally, Amazon's ads really have gotten to the point where it's "a tacky strip mall filled with neon signs pointing you in all the wrong directions."

And in just a few hours, I will tuck into this:

I may run out of mason jars though...

FTX was not a "tech company"

Josh Barro explains the FTX collapse in simple terms:

[T]his is not a technology story, because FTX was not a technology company. Sure, FTX’s business relied on technology, but so do most businesses. FTX has an app; so does Fidelity, and so does Chipotle, and that doesn’t make them tech companies. FTX was a brokerage, and there were two things that set them apart from a regular brokerage. One is that they dealt principally in nonsense financial products with no underlying economic value, and the other is that the owners either lost or stole the customers’ money and then lied about their resulting insolvency.

Because cryptocurrency assets have no fundamental economic value — unlike stocks and bonds, they do not reflect a claim on the cash flows of some business creating real value in the economy — there can be no such thing as fundamentals-based investing in them. When people invest in crypto, they out themselves as marks for scammers who might believe any nonsense about what something is worth. And therefore it’s the least surprising thing in the world that someone would open up a crypto exchange, offer implausible interest rate terms in order to hoover up billions in customer deposits from the gullible masses, and then misappropriate the proceeds.

He also provides some rules of thumb for dealing with cryptocurrencies, the first being, "any crypto-related business is a scam." Quite so.

Scary deployment today

I'm just finishing up a very large push to our dev/test environment, with 38 commits (including 2 commits fixing unrelated bugs) going back to last Tuesday. I do not like large pushes like this, because they tend to be exciting. So, to mitigate that, I'm running all 546 unit tests locally before the CI service does the same. This happens when you change the basic architecture of an entire feature set. (And I just marked 6 tests with "Ignore: broken by story X, to be rewritten in story Y." Not the best solution but story Y won't work if I don't push this code up.)

So while I'm waiting for all these unit tests to run, I've queued all this up:

Finally, one of Chicago's last vinyl record stores, Dave's in Lincoln Park, will close at the end of this month. The building's owner wants to tear it down, no doubt to build more condos, so Dave has decided to "go out in a blaze of glory."

All right...all my tests passed locally. Here we go...

Between a demo and a 5-point feature

I'm running all 538 unit tests in my real job's application right now after updating all the NuGet packages. This is why I like automated testing: if one of the updated packages broke anything, tests will fail, and I can fix the affected code. (So far they've all passed.)

This comes after a major demo this morning, and a new feature that will consume the rest of the sprint, which ends next Monday. Oh, and I have two opera rehearsals this week. Plus I have to vote tomorrow, which could take 15 minutes or two hours.

So it's not likely I'll have time to read all of these:

Regardless, I'm setting an alarm for just past 4am to see the total lunar eclipse tonight. NOAA predicts 17% sky cover, so I should get a good view of it. Unless I go back to sleep.

Consequences

Man-shaped bag of feces Alex Jones may be "done saying I'm sorry," but a Connecticut jury suggests he should have tried just one more time:

The conspiracy theorist Alex Jones must pay $965 million to the families of eight Sandy Hook shooting victims and an FBI agent who responded to the attack for the suffering he caused them by spreading lies on his platforms about the 2012 massacre, a Connecticut jury found on Wednesday.

Jones had already been found liable by a judge after refusing to hand over critical evidence before the trial began, and this six-member jury was only asked to decide how much Jones should pay.

During closing arguments, Christopher Mattei, a lawyer for the families and agent, suggested that Jones should be ordered to pay at least $550 million, saying that the host's Sandy Hook content got an estimated 550 million views from 2012 to 2018.

“I’ve already said I’m sorry hundreds of times, and I’m done saying I’m sorry,” Jones said. 

A defiant Jones said he believed Sandy Hook was a hoax when he spread his lies. “I legitimately thought it might have been staged and I stand by that. I don’t apologize for it.”

News reports suggest he can afford it—barely. And of course, he'll just make up more vile shit that the MAGA folks will eat, because we're at that point in an historic cycle of stupidity. Maybe this means the cycle could end soon? I hope so.

Anthony's Song

I'm movin' out. A lovely young couple have offered to buy Inner Drive World Headquarters v5.0, and the rest of the place along with it. I've already gotten through the attorney-review period for IDTWHQ v6.0, so this means I'm now more likely than not to move house next month.

Which means I have even less time to read stuff like this:

Finally, American Airlines plans to get rid of its First Class offerings, replacing them with high-tech Business Class and more premium coach seats. I'd better use my miles soon.

How is it 5:30?

I've had two parallel tasks today, one of them involving feeding 72 people on Saturday. The other one involved finishing a major feature for work. Both seem successful right now but need testing with real users.

Meanwhile, outside my little world:

  • The XPOTUS seems to have backed himself into a corner by lying about "declassifying" things psychically, after the Special Master that he asked for called bullshit. Greg Sargent has thoughts.
  • Pro Publica reported on Colorado's halfway-house system that sends more people back to prison than it rehabilitates.
  • The Navy has begun its court-martial of Seaman Recruit Ryan Mays, accused of lighting the fire that destroyed the USS Bonhomme Richard in 2020.

Finally, Ian Bogost (and I) laments the disappearance of the manual transmission.

Process crimes vs intentional crimes

Writing as a guest of James Fallows, former defense official Jan Lodal outlines how subparagraph (d) of the Espionage Act should be a slam-dunk in prosecuting the XPOTUS:

This paragraph makes a straightforward action a crime: namely, failing to return classified documents if properly directed to give them back. No proof of the level of classification, or the intentions of the document holder, or the content of the documents, is required. Just a simple question, did he or she give them back or not.

This section of the Espionage Act does not require that prosecutors access or cite individual documents to prove the crime. It requires only that there were any classified documents in the boxes that Trump did not return. On that there is no doubt. It was settled by the release of the Department of Justice (DoJ) Affidavit authorizing the Mar-A-Lago document seizure.

Trump’s violation of this Subparagraph (d) of the Espionage Act could not be clearer. Unlike all other crimes being considered for prosecution, Subsection (d) requires no probing of intent or consequence. It defines as criminal a clear process violation—“failing to return” classified documents when properly asked to do so.

Given our politics and our jury system, keeping the legal actions against Trump simple is better for now. Prosecution for other offenses after getting an initial conviction will then be more likely to succeed. DOJ should take this path to reduce the risk that obfuscation and assertions of inapplicable rights and privileges by a former president could override the fragile rule of law in our constitutional democracy.

Having watched the DOJ build its case, and knowing that Attorney General Merrick Garland takes things slowly and deliberately, I expect to see this charge sooner rather than later. But I also suspect that the DOJ wants to build the most comprehensive case it can. We'll see.