As I take a minute from banging away on C# code to savor my BBQ pork on rice from the local Chinese takeout, I have these to read:
And today's fortune cookie says: "Hope for the best, but prepare for the worst in bed."
My inbox does not respect the fact that I had meetings between my debugging sessions all day. So this all piled up:
Finally, conferencing app Zoom will roll out true end-to-end encryption in July.
Last weekend's tsunami continues to ripple:
- Ultra-right-wing US Senator Tom Cotton (R-AR), writing in the New York Times to great opprobrium, recommends sending in the troops.
- Former general and Defense Secretary James Mattis publicly rebuked President Trump in a 3-page letter published in the Atlantic, a move that Josh Marshall supports while adding that the letter also "its own form of militarization of society." Former Joint Chiefs Chair Mike Mullen also criticized the president earlier this week.
- In Washington, law enforcement officers from unknown parts of the government have refused to identify themselves or their agencies to reporters, adding to the chaos.
- Nationwide, last weekend's protests already seem to have caused an increase in Covid-19 cases, with many more expected over the next two weeks.
- Kevin Drum says the Republican Party must not just be defeated in November; it must be routed.
- Radley Balko says the raid that killed Breonna Taylor in Louisville, Ky., was illegal—but there is almost no way to stop the police from doing something like that again.
- Architecture critic Bryan Lee Jr believes "America's cities were designed to oppress."
- In Columbus, Ohio, employees at a local taco chain quit when directed to fill orders for local police.
- In Chicago, local liquor store chain Binny's sustained damage at 11 of its 42 locations, but vows to reopen. Also, yesterday Governor Pritzker approved legislation allowing takeout cocktails from licensed restaurants.
- April 2020 saw the largest number of job losses of any month since 1939, and May will come in second.
- Finally, Bruce Schneier takes Zoom CEO Eric Yuan to task for the firm's latest security misstep.
Just another quiet week in 2020...
The most powerful man in the world threw a hissy fit yesterday when Twitter finally—finally!—slapped a misinformation warning on one of his lies:
President Donald Trump on Wednesday threatened social media companies with new regulation or even shuttering a day after Twitter added fact checks to two of his tweets.
The president can’t unilaterally regulate or close the companies, which would require action by Congress or the Federal Communications Commission. But that didn't stop Trump from angrily issuing a strong warning.
Claiming tech giants “silence conservative voices,” Trump tweeted, “We will strongly regulate, or close them down, before we can ever allow this to happen.”
Trump and his campaign angrily lashed out Tuesday after Twitter added a warning phrase to two Trump tweets that called mail-in ballots “fraudulent” and predicted that “mail boxes will be robbed,” among other things. Under the tweets, there is now a link reading “Get the facts about mail-in ballots” that guides users to a Twitter “moments” page with fact checks and news stories about Trump’s unsubstantiated claims.
Trump replied on Twitter, accusing the platform of “interfering in the 2020 Presidential Election” and insisting that “as president, I will not allow this to happen.” His 2020 campaign manager, Brad Parscale, said Twitter’s “clear political bias” had led the campaign to pull “all our advertising from Twitter months ago.” Twitter has banned all political advertising since last November.
Since the only response that people of any intelligence should give this malarkey is laughter, I present to you the president's own words as lip-synced by comedian Sarah Cooper:
A total failure to imagine a likely risk scenario has lost the State of Washington possibly hundreds of millions of dollars to thieves who defrauded the state unemployment agency:
Employment Security Department Commissioner Suzi LeVine says the names of potentially thousands of Washingtonians, many who remain employed, were used to make fake unemployment claims and defraud the state of hundreds of millions of dollars.
The state was hit especially hard in the early weeks of the coronavirus pandemic, as state and federal benefits ramped up to handle the sharp and staggering number of claims.
Commissioner LeVine says she will make sure victim’s rights are protected, and those where benefits were paid out to the criminals won’t be liable for any sort of repayment.
“I will say this again because it’s really important. We did not have a data breach,” said Levine. “And the information was not stolen from us. It was the utilization of stolen information on our site.”
The identity information most likely came from multiple earlier data breaches, including from credit-reporting agencies. Washington State simply didn't authenticate applications properly before disbursing money:
“These are very sophisticated criminals who have pretty robust collections of information on people, and they are activating and monetizing that information,” [LeVine] said.
No, these are, in fact, really dumb criminals who exploited the eagerness of LeVine's department getting money to claimants before employers returned validation letters. And the fact that LeVine and her department's security folks couldn't see this possibility ahead of time means they may not have the skills to do their jobs in the Internet era.
Charlie Pierce, noting that "[p]eople with firearms forced the civil government of the state of Michigan to shut itself down," wants to know in what sense this isn't terrorism. In other fun weekend stories:
And it's pouring, and will continue to do so for several more hours.
I read the news today, oh boy:
Finally, the USS Nevada, a battleship that survived World War I and Pearl Harbor until the Navy scuttled her in 1948, has been found.
Remember slow news days? Me neither.
And finally, a cute diner in Toronto where I had breakfast last June has moved to delivery service during the lockdown. Too bad they can't deliver to Chicago.
Security guru Bruce Schneier says Zoom has cleaned up its act a lot, judging by recent surveys of video conferencing apps by the NSA and Mozilla:
The company has done a lot of work addressing previous security concerns. It still has a bit to go on end-to-end encryption. Matthew Green looked at this. Zoom does offer end-to-end encryption if 1) everyone is using a Zoom app, and not logging in to the meeting using a webpage, and 2) the meeting is not being recorded in the cloud. That's pretty good, but the real worry is where the encryption keys are generated and stored. According to Citizen Lab, the company generates them.
There is nothing in Zoom's latest announcement about key management. So: while the company has done a really good job improving the security and privacy of their platform, there seems to be just one step remaining to fully encrypt the sessions.
The other thing I want Zoom to do is to make the security options necessary to prevent Zoombombing to be made available to users of the free version of that platform. Forcing users to pay for security isn't a viable option right now.
So, we'll keep using Zoom (mainly because everyone else is). And maybe, in the future, we'll have a serious discussion about security and privacy regulations in the US.
The President of the United States, a man who literally has the power to kill billions of people in an hour, made a suggestion at his press briefing yesterday:
(NBC's report on the incident includes the line "He didn't specify the kind of disinfectant." Also, retired General Wesley Clark actually predicted it would come to this.)
In a statement Friday, White House Press Secretary Kayleigh McEnany noted that Trump had said Americans should consult with their doctors about treatment. U.S. Surgeon General Jerome Adams released a statement reiterating that on Friday morning.
McEnany accused the media of taking Trump’s words out of context.
“President Trump has repeatedly said that Americans should consult with medical doctors regarding coronavirus treatment, a point that he emphasized again during yesterday’s briefing," she said.
Trump’s eyebrow-raising query came immediately after William N. Bryan, the acting undersecretary for science and technology at the Department of Homeland Security, gave a presentation on the potential impact of summer heat and humidity, which also included references to tests that showed the effectiveness of different types of disinfectants. He recounted data from recent tests that showed how bleach, alcohol and sunlight could kill the coronavirus on surfaces.
Well, the video above gives you about 75 full seconds of context, so you can make up your own mind on what he meant.
Fine, whatever. In real news:
Finally, Bill Gates lays out what we'll need to open up the economy again.