Thursday, March 16, 2017

Google is going to start flagging "Upsetting-Offensive" content

NEW YORK (AP) — Google is trying to improve the quality of its search results by directing review teams to flag content that might come across as upsetting or offensive.
With the change, content with racial slurs could now get flagged under a new category called "upsetting-offensive." So could content that promotes hate or violence against a specific group of people based on gender, race or other criteria.
They're a non-governmental entity so they can do what they want, but I really doubt that this is going to be applied in anything like a neutral manner.

Seriously who is going to decide?

Example - over the years a number of parents have complained about Tom Sawyer and Huckleberry Finn because of the name of Huck's African-American companion.  Would a search of sites regarding those books and controversies be flagged as offensive?  If so what about "The Handmaids Tale"  I find that offensive because it impugns motives to conservatives that most of us don't share.  It's also just a shitty book and that offends me too.


what about people posting advocating violence against Trump supporters?  Will that be treated as harshly as White Supremacists advocating violence against minorities.

Oh well, I guess I'm not surprised.  I've said a few times it's not going to be the Verizon and AT&Ts that kill the internet by opposing Net Neutrality; it's going to be the Googles and Facebooks thru their actual control of content.

(Note:  Do not take this post as support of Nazi's or White Supremacists. I despise their dumb asses. It is merely a critique of a potential erosion of open speech.)

Wednesday, March 15, 2017

Zeroes by Chuck Wendig

Been a good week for reading.  Finished up re-reading the Wheel of Time series,a year long endeavor that  I was beginning to think I would never finish, and then moved on to Zeroes by Chuck Wendig.

I actually started Zeroes about a year ago and didn't really like it at the time so I set it aside.  After I finished Memory of Light I was looking for something to read besides How to Measure Anything in Cybersecurity Risk and Industrial Network Security (along with the ongoing Electric Power Systems Basics and Lights Out) so I picked it up again.  This time I was a bit more in the mood so I knocked it out this week.

At it's most basic Zeroes is a cyber thriller.  Five hackers / crackers / social engineers / cipherpunks are gatherd up by the government and dumped into a secret NSA facility where they encounter a rogue government program that threatens everyones personal liberty and their lives.  They escape, a battle ensues, they lose, regroup, try again and win.

Standard stuff.

The originality comes from the nature of the villain, it's an AI and how it is defeated.

Overall the story isn't bad.  The characters are a little tropey and flat, none of them are sympathetic in the least except for the Syrian Arab working to bring down the Assad regime.  She is pure of heart, has a plucky spirit and a can do (as well as Anti-American) SJW attitude.  Amazingly she isnt the main protagonist.

The story really starts to fall flat with the actual technology.  I am willing to suspend a lot of disbelief but not to some of the levels that Wendig required in order to accept this story.  I'm sorry remote communication requires some form of electromagnetic transmitter and you cant just reprogram a brain by drill a hole and jamming a wire in there.

(In case you haven't guessed I am trying to avoid too many spoilers)

Still even with that the book isn't horrible.  I'd give it a 3 to 3.5 out of 5.  It's an easy read if you are in the thriller mood. Mostly the pacing is good. I think he tries to hit on a few too many social hot buttons but it wasn't overwhelming.

Friday, March 10, 2017

How to set two factor authentication for about a billion services - What I Am Reading 3/10/2017

Two-Factor Authentication: Who Has It and How to Set It Up - 

Pretty self-explanatory.  Learn it, Live it, Love it.

Ivanka Trump sales boom in February - 

Ivanka Trump's fashion label made headlines last month when Nordstrom (JWN) dropped the line from its stores and President Trump attacked the company on Twitter. Next, more companies dropped the brand, and then Trump adviser Kellyanne Conway violated ethics guidelines by delivering a promotional plug for the brand on Fox News.
All that news coverage meant plenty of free publicity for the Ivanka Trump brand. And recent sales figures show it's paid off.

Short one today - I was trying to do this at lunch and ran out of time


Tuesday, March 07, 2017

What if Donald Trump were a woman

found via Ace

I have been kind of off Ace since he went full Trump but this is interesting:
It was an experiment in, ahem, "re-gendering" the debates. A male actor would play Hillary's role, but renamed "Jonathan Gordon." A female actor would play Trump's role, renamed "Brenda King."
 People were surprised to find that assumptions to be wrong.

From the original write up at

Based on the conversations after the performances, it sounded like audience members had their beliefs rattled in a similar way. What were some themes that emerged from their responses?
We heard a lot of “now I understand how this happened”—meaning how Trump won the election. People got upset. There was a guy two rows in front of me who was literally holding his head in his hands, and the person with him was rubbing his back. The simplicity of Trump’s message became easier for people to hear when it was coming from a woman—that was a theme. One person said, “I’m just so struck by how precise Trump’s technique is.” 
I remember turning to Maria at one point in the rehearsals and saying, "I kind of want to have a beer with her!" The majority of my extended family voted for Trump. In some ways, I developed empathy for people who voted for him by doing this project, which is not what I was expecting. I expected it to make me more angry at them, but it gave me an understanding of what they might have heard or experienced when he spoke.

Back to Ace:

It seems to me that Hillary's gender actually covered up her flaws, such as inauthenticity, scriptedness, recitations of pablum, and fake-smiling, while, when she was played by a male actor, those flaws were suddenly very visible to the people who think of themselves as "gender-woke" but maybe should just think of themselves as gender partisans.
Though I have to also admit: Another effect of the gender reversal is to make Donald Trump's aggressiveness and bluntness sound more reasonable and less grunt-bark.
I  think that is probably true, but I also think that the gender reversal helps reveal why those of us who have been anti-Hillary since she first appeared on the scene are so.  She has always struck me as less intelligent than everyone proclaimed her to be as well as just a slimy human being.

Woe to the CIA - Wikileaks releases a ton of their tools / techniques for compromising everything - What I am reading 3/7/17

This plan expands on recent policy updates, such as the Presidential Policy Directive/PPD-41, to clarify the Federal Government’s roles and responsibilities for preparing for, responding to, and recovering from significant cyber incidents. It describes a national approach to cyber incidents, and explains the important role that the private sector, states, and multiple federal agencies play in incident response and how those activities fit together.

If this was announced earlier I didn't see it.  Or, maybe I did and it was just under a different title, but in any case I will track it down and post it later. 

Access Management and the Automation of Things

Access management seems to be an area that is especially ready for automation but it never seems to quite get there.  Considering how important it is in the overall scheme of security management that's a shame.  This article is just a basic discussion but still worth  look.

Trump's administration will be making it harder to get H-1B visas starting in April -

United States Immigration and Customs Services has announced that, starting in April, it will no longer offer its 15-day “premium processing” program for applicants of H-1B visas.
 This article is not quite accurate.  It is not changing the base process to get the visa's it is eliminating a process that let's some companies skip to the front of the line.  Also what is up with these last 3 paragraphs:

Google, Apple, Amazon, Facebook and many other tech companies condemned Trump’s immigration and refugee ban that was issued by executive order in January, which blocked people from seven primarily Muslim countries from entering the U.S.
Dozens of companies, mostly in technology, signed onto a brief that claimed the ban inflicted“substantial harm on U.S. companies.”
Although that executive order was suspended after review from a panel of federal judges, Trump says his administration is working on a new version of the immigration ban.
 What's being implied is that the Trump administration is using this as a toll to punish these companies for opposing his executive order despite the fact that changes to the H-1B process were being discussed even back during the campaign and that many people have been calling for changes even in the last administration.

WikiLeaks on Tuesday published thousands of documents purportedly taken from the Central Intelligence Agency's Center for Cyber Intelligence, a dramatic release that appears to expose intimate details of America's cyberespionage toolkit.
It was not immediately clear how WikiLeaks obtained the information, which included more than 8,700 documents and files. The CIA tools, if authentic, could undermine the confidence that consumers have in the safety and security of their computers, mobile devices and even smart TVs.
 More from the NY Times

Among other disclosures that, if confirmed, would rock the technology world, the WikiLeaks release said that the C.I.A. and allied intelligence services had managed to bypass encryption on popular phone and messaging services such as Signal, WhatsApp and Telegram. According to the statement from WikiLeaks, government hackers can penetrate Android phones and collect “audio and message traffic before encryption is applied.”
Said it before and I'll say it again.  There is no safe encryption.  If the governement wants to read your mail it will read your mail.

Monday, March 06, 2017

Sunday, March 05, 2017

Glad to have this cleared up

So I know the blog has been pretty quiet lately

Just a lot of stuff going on and that is eating into time for blogging:

1.  Still studying for the CISSP
2.  Finishing up my reread of the entire Wheel of Time series.
3.  Preparing for the SANS ICS 410 class at SANS Orlando.
4.  Catching up on TV clearing out my DVR
4a.  Lost interest in Lucifer - deleted all those episodes
4b.  Watched all 15 hours of the Blacklist this week
4b1. They have gone to the Liz accusing Red of hiding her past / lying to her so she is never going to work with him again well too often.
4c. Caught up on the Expanse - which really is the best sci-fi show on TV right now.
5.  Reading Electric Power Systems Basics and Lights Out.  Never hurts to expand the general knowledge base.

I am also slowly recovering from and Achilles tendon injury so hpefully I will be able to start walking / hiking again soon.

On top of all that I am trying to weed down my twitter feeds and RSS feeds.  Too much info flowing in and it makes it hard to separate out stuff I want to talk about.

Thursday, March 02, 2017