Mark Turner : “Suspicious” event routes traffic for big-name sites through Russia | Ars Technica

December 16, 2017 01:04 AM

Russia briefly hijacked key Internet sites Wednesday through manipulation of BGP, the Internet’s routing tables. In a war, you can bet that the Internet will be one of the first targets. Is Russia testing its plans?

Traffic sent to and from Google, Facebook, Apple, and Microsoft was briefly routed through a previously unknown Russian Internet provider Wednesday under circumstances researchers said was suspicious and intentional.

The unexplained incident involving the Internet’s Border Gateway Protocol is the latest to raise troubling questions about the trust and reliability of communications sent over the global network. BGP routes large-scale amounts of traffic among Internet backbones, ISPs, and other large networks. But despite the sensitivity and amount of data it controls, BGP’s security is often based on trust and word of mouth. Wednesday’s event comes eight months after large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services were briefly routed through a Russian government-controlled telecom, also under suspicious circumstances.

Source: “Suspicious” event routes traffic for big-name sites through Russia | Ars Technica

Mark Turner : Japan coastguard rescuing more North Korean ‘ghost ships’ as sanctions, food shortages drive fishermen into farther waters | South China Morning Post

December 15, 2017 08:23 PM

A severe shortage of food and foreign currency amid harsh international sanctions are contributing to rising numbers of North Korean “ghost ship” fishing vessels washing up in Japanese waters, analysts said.

Dozens of North Korean fishing vessels wash up on Japan’s coast ever year, but last month Japanese coastguards registered 28 cases, the highest monthly number since records began in 2014.

Meanwhile, there have been multiple cases of “ghost ships” found packed full of bodies, with 18 corpses recovered so far this year. During the same period, there has been a record number of North Korean fishermen rescued alive – 42 this year compared to zero in 2016.

Japanese authorities say it is often hard to determine exactly how they died as the boats often drift for months before washing up in Japan.

“Fishermen are desperate to meet annual catch goals, which are elevated to higher levels every year,” said Toshimitsu Shigemura, professor emeritus of Waseda University and North Korea expert.

Source: Japan coastguard rescuing more North Korean ‘ghost ships’ as sanctions, food shortages drive fishermen into farther waters | South China Morning Post

Mark Turner : US F-22s intercept Russian jets over Syria, fire warning flares – CNNPolitics

December 15, 2017 07:41 PM

This is one of the most underreported stories. For over 40 minutes, U.S. fighters escorted Russian fighters who had strayed beyond the agreed-upon demilitarization line. Such encounters could very, very easily end in tragedy. Russia is taunting us.

Two US F-22 stealth fighters intercepted two Russian aircraft Wednesday after the Russian jets crossed the Euphrates River in Syria, flying east of the “de-confliction line” that is supposed to separate Russian and US-led coalition aircraft operating over Syria, two US defense officials told CNN.

The US jets fired warning flares during the intercept of the two Russian Su-25 close air support jets according to the officials after they crossed the de-confliction line multiple times.

One of the officials said a Russian Su-35 fighter jet was also involved and that the aerial encounter lasted “several minutes.”

Source: US F-22s intercept Russian jets over Syria, fire warning flares – CNNPolitics

Mark Turner : AIM taught us how to communicate in real-time online – Houston Chronicle

December 15, 2017 07:36 PM

AOL shut down AOL Instant Messenger (AIM) today. Rest in peace, h0tgrits.

Toward the mid-1990s, America Online (by then going by its nickname, AOL) was the company through which most Americans accessed the Internet. As many as half of the CD-ROMs produced at the time bore the near-ubiquitous AOL logo, offering early computer users the opportunity to surf the Internet for a flat fee – at the time, US$19.99 for unlimited monthly access.

With nearly half of U.S.-based Internet traffic flowing through AOL, the stage was set for a social evolution of sorts that shifted our collective relationship with technology and each other. AOL Instant Messenger, or AIM, was launched in May 1997 as a way for AOL users to chat each other in real time, via text.

The service’s Dec. 15 shutdown was announced, notably, on a new real-time text communication channel, Twitter. That is just one testament to AIM’s lasting effects on how people use technology to connect today.

Source: AIM taught us how to communicate in real-time online – Houston Chronicle

Mark Turner : North Korean TV appears to show early ‘A-bomb photo’ – BBC News

December 15, 2017 06:52 PM

Remarkable. I’ve long suspected that North Korea has always been further along with its nuclear capability than the rest of the world realizes. Could this photograph be proof, or is this another case of NK “accidentally” exposing information to keep us all guessing?

On a related note, I’m fascinated with North Korea.

North Korean TV footage of an arms and munitions industry conference appears to show the country’s former leader Kim Jong-il inspecting one of the country’s first ever atomic bombs.

A 30-minute bulletin showing the 12 December conference in the capital Pyongyang has North Korea watchers agog at the picture’s appearance in the conference hall.

The photograph, never before seen in the West, is visible for only a few seconds as the camera sets the scene for the industry conference, attended by Supreme Leader Kim Jong-un, the son of the late Kim Jong-il. It hangs among others showing North Korea’s “achievements” in arms production, alongside scale models of ballistic missiles.Because of its fleeting appearance from a distance, experts are holding fire on a positive identification of the device as an atomic weapon. But the photograph has notable similarities to recent photographs of Kim Jong-un inspecting the country’s first (claimed) hydrogen bomb.

Source: North Korean TV appears to show early ‘A-bomb photo’ – BBC News

Mark Turner : Here’s what the new Disney/Fox merger looks like – Axios

December 15, 2017 04:33 PM

I’m not too happy about the proposed merger between Disney and 20th Century Fox. Pretty sure we need less media consolidation, not more!

Walt Disney Company announced Thursday that it has agreed to acquire the entertainment assets of 21st Century Fox, including Fox’s movie studio and entertainment television networks, as well as Fox’s international TV assets.

Why it matters: The new mega-media company will have better leverage to compete with tech giants like Netflix for entertainment viewership and more opportunities to expand Disney’s legacy sports brand, ESPN.

Source: Here’s what the new Disney/Fox merger looks like – Axios

Mark Turner : Denver cops warn of phone scam brewing at local bars – The Denver Post

December 12, 2017 03:25 PM

This is a very convincing scam and there’s no reason it couldn’t happen here in Raleigh. Keep up with your phone and do NOT call it and give your unlock code to whomever answers it!

Denver bar patrons are being warned of a popular new scam aimed at collecting financial information from stolen or lost smartphones.

Since May, there have been 37 cases of scammers posing as helpful bar owners who get access to stolen smartphones and then drain financial accounts from the phone’s apps, say Denver Police.

The scam begins when crooks steal smartphones from unsuspecting bar customers. They then wait for the phone’s owner to call the phone the next morning in hopes of getting it back. The crook, who often identifies himself as a helpful bar employee, asks the phone’s owner for their pass code to verify ownership.

The phone’s owner, thinking the crook is only trying to make sure the phone is returned to the rightful owner, gives the crooks the pass code. The scammer now changes all the owner’s passwords and then moves money via the apps the owner uses to reimburse his friends.

“Now, not only is her phone truly gone, but so is her money,” say police.

Source: Denver cops warn of phone scam brewing at local bars – The Denver Post

Mark Turner : Fence is structurally complete!

December 12, 2017 02:08 AM

My fence: it’s critter-proof now!

I nailed on the last few pickets to our new fence yesterday. These took some time because they had to be custom-sawed to fit the odd gaps left when the full pickets didn’t line up. Rather than stop and cut individual boards during my previous fence work days, I chose instead to keep motoring so I got more surface area done. Thus, there were about ten or so odd-shaped pickets to create.

A few hours of measuring, cutting, and nailing on Sunday and I had the fence structurally complete. It is now critter-proof. I put in the last board as the sun was going down and then took out a section of our old fence so that we could enjoy our entire backyard for the first time ever. Hurray!

Now I need to go back and trim down the too-tall posts and 2x4s. I may even cap the posts to better weatherproof them. Then I will take down the old fence and either haul it to the dump or find neighbors who might want to scavenge it for spare pickets. I’ll also have to fill in the holes left by the old fence posts. Still a bit of work to be done but I’m getting there!

Mark Turner : NASA Considers Magnetic Shield to Help Mars Grow an Atmosphere

December 12, 2017 01:39 AM

I first read this story last week and it’s been on my mind ever since. It’s beyond our current capabilities to generate a planet-sized magnetic field but we can possibly block solar wind enough to bring Mars back to life. Utterly fascinating!

The Planetary Science Vision 2050 Workshop is happening right now at NASA headquarters in Washington DC. The workshop is meant to discuss ambitious space projects that could be realized, or at least started, by 2050.One of the most enticing ideas came this morning from Jim Green, NASA’s Planetary Science Division Director. In a talk titled, “A Future Mars Environment for Science and Exploration,” Green discussed launching a “magnetic shield” to a stable orbit between Mars and the sun, called Mars L1, to shield the planet from high-energy solar particles. The shield structure would consist of a large dipole—a closed electric circuit powerful enough to generate an artificial magnetic field.

A magnetic shield to protect Mars

Such a shield could leave Mars in the relatively protected magnetotail of the magnetic field created by the object, allowing the Red Planet to slowly restore its atmosphere. About 90 percent of Mars’s atmosphere was stripped away by solar particles in the lifetime of the planet, which was likely temperate and had surface water about 3.5 billion years ago.

Source: NASA Considers Magnetic Shield to Help Mars Grow an Atmosphere

Jesse Morgan : Fix for Citrix Receiver SSL Error 61 in Chrome on Linux

December 10, 2017 05:27 PM

Found this here, which fortunately fixed my issue with 3 lines:

sudo mv /opt/Citrix/ICAClient/keystore/cacerts /opt/Citrix/ICAClient/keystore/cacerts_old
sudo cp /opt/Citrix/ICAClient/keystore/cacerts_old/* /usr/share/ca-certificates/mozilla/
sudo ln -s /usr/share/ca-certificates/mozilla /opt/Citrix/ICAClient/keystore/cacerts

Jesse Morgan : Xenoblade Chronicles 2 Review

December 10, 2017 03:17 AM

I bought Xenoblade Chronicles 2 as a fluke- I’d heard the first one was good, and there was an article prior to it coming out suggesting that it was the game to play after Breath of the Wild. Well, I’ve put a week or so into it so far and here are the takeaways.

  • The battle system is an over-complicated mess where you don’t actually battle, you just wait for permission to press buttons. It’s completely chaotic and near impossible to follow and you feel like a spectator rather than a participant.
  • Once a battle is done, all damage is healed. There’s no consequences. other than dying and having to “try again”
  • Oh, each of these battles takes an eternity to finish. Walk from point A to point B, and have 30 battles. But if you die half way through, you get to go back to the beginning and do it all over again.
  • The map system sucks, as does the fast travel. You can’t scroll the overlay map to figure out where you need to go, just follow the stupid compass arrow and hope it’s leading you the right way (it’s led me to solid walls already, resulting in me giving up on that side quest. The fast travel screen is just unintuitive, and the map it shows doesn’t correlate with the overlap map in any meaningful way.
  • The voice acting. My god- I was embarrassed when the first mustashe-twirling govenor guy showed up because it sounded like… I don’t know, like a horrible person doing a Scotty from Star Trek impression.

I’m on chapter 3, and at this point it feels like a trudge. to get through the game. I keep hoping it’ll get better, but it isn’t. and to top it off, I bought the digital download like a fool so I can’t even resell it. I just spent 3 hours grinding my way to the next section only to die and start over.

What a disappointment.


Mark Turner : Chronicler of Islamic State ‘killing machine’ goes public

December 09, 2017 07:07 PM

Bloggers can save the world.

For nearly two years, he’d wandered the streets of occupied Mosul, chatting with shopkeepers and Islamic State fighters, visiting friends who worked at the hospital, swapping scraps of information. He grew out his hair and his beard and wore the shortened trousers required by IS. He forced himself to witness the beheadings and deaths by stoning, so he could hear the killers call out the names of the condemned and their supposed crimes.

He wasn’t a spy. He was an undercover historian and blogger. As IS turned the Iraqi city he loved into a fundamentalist bastion, he decided he would show the world how the extremists had distorted its true nature, how they were trying to rewrite the past and forge a brutal Sunni-only future for a city that had once welcomed many faiths.

He knew that if he was caught he too would be killed.

Source: Chronicler of Islamic State ‘killing machine’ goes public

Mark Turner : Was Al Franken’s punishment fair? – The Washington Post

December 08, 2017 01:22 PM

Sen. Al Franken resigned yesterday. A shame, I believe, as his situation is more nuanced than others. Here’s a good commentary on whether his punishment really fits his alleged “crime.”

Franken presents a more difficult case both because of the quality of the evidence against him and the nature of the alleged transgressions. Much of the alleged behavior took place before he joined the Senate, which doesn’t make it acceptable but does make it different. Some of the Senate-era behavior is offensive but less serious; a hand on the butt during a photo op is different from a tongue down the throat. And some is anonymous, albeit corroborated by other witnesses, which should give all of us pause. The final, and perhaps last-straw, allegation involved an unnamed former Democratic political aide who claimed Franken, while a radio host, attempted to forcibly kiss her, announcing, “It’s my right as an entertainer.” Franken said the story was “categorically not true.”

Consider: One of Franken’s colleagues, New Jersey Democrat Bob Menendez, is under federal indictment for allegedly taking bribes in the form of lavish gifts and using the power of his office to help a campaign donor/friend in dealings with the federal government. Menendez’s trial ended with a hung jury last month, after which the Ethics Committee announced it would resume its inquiry into his conduct.

If senators have the patience to let the ethics process proceed in the Menendez case, why not with Franken? What about weighing whether some lesser punishment than what was essentially forced resignation would better fit Franken’s circumstances?

The right policy is zero tolerance. That does not answer the question about what is the right punishment, or what proof there should be before it is meted out.

Source: Was Al Franken’s punishment fair? – The Washington Post

Magnus Hedemark : Team Fujifilm

December 08, 2017 04:01 AM

You’ve heard me sing praise of my aging Ricoh GR. And it’s true: the GR is a fantastic little camera, and holds up pretty well for something that’s almost five years old. But gradually I’m spending more and more time shooting a Fuji X-T2 these days.

This is not going to be a review. This is going to be a chance for me to share some thoughts about how the Fuji is changing my photography, and changing how I look at photography.

The X-T2 will never replace the Ricoh GR. That’s a ludicrous thought. The big benefit to the GR is that it could fit into a pants pocket if I were willing to risk re-introducing dust to the sensor. This has happened before, and it’s a real pain to clean out, so I’d like to avoid having that happen again.

But the X-T2 can replace my DSLR. In this case, a Canon EOS 70D. The bare body is just a little bigger than my Ricoh GR. But it works with a lens family that is often compared to Leica glass. I mean, it’s really really good. Maybe not Leica good. But I’m happy.

What I wasn’t expecting is that this camera is fully replacing the need for film in my life. I was shooting less film since I took up the GR anyway. But at this point, with the X-T2, I’m feeling pretty safe saying I’m done with it. Shooting actual film no longer gives me any advantages like it once did. Everything I ever wanted from it is now offered by this camera and by modern digital workflows.


This scene offered a very challenging exposure. The X-T2 made it easy.

It’s taken me a little while to warm up to this camera. It was so different from everything I’d been used to before, but now we’re starting to really click. One of the reasons why is that I’m slowing down. At the same time, the X-T2 really speeds up the process of composing and exposing and image.

Composing is sped up by the sheer virtue of being mirrorless. I can see in my EVF exactly what my final image will look like, because I’m looking at a live view straight from the sensor.

Exposure is sped up by the latest firmware release. With highlight blinking turned on, I can quickly eyeball a composition and see if I’m blowing out my highlights anywhere. The image above of my wife drinking a bottle of tea being a great example. The meter indicated that the image was properly exposed even while my EVF was showing me large areas with blown out highlights. I sped up my shutter speed accordingly until I exposed well for highlights. What you see above is a straight out of camera jpeg.

And that’s something worth mentioning. I’m very much a RAW shooter. Fuji offers great, rich RAW files. But more and more I find myself being perfectly happy taking a JPEG straight out of camera and publishing it. I’ve got some presets that I’ve been building up and fine-tuning that give me a few key looks that I really like, in both color and black & white. The image above was taken with my Color Portrait preset. Want to try to recreate this preset with your own Fuji? Try this:

  • DR: 400
  • Film Simulation: PRO Neg. Std.
  • Grain Effect: Off
  • White Balance: Auto (I will manually change this often when I’m shooting, but default is AWB)
  • Highlight: 0
  • Shadow: 0
  • Color: -2
  • Sharpness: -3
  • Noise Reduction: -1

Hey, speaking of noise reduction, I should mention low light performance. It’s kind of insane how clever this camera is at dealing with high ISO. I’ll write something up about that and create some image samples to go with it.

I’m taking fewer photos these days, but in part it’s because I’m slowing down. I think I’d learned some bad habits, some real spray and pray type shooting. Being able to see the final image has encouraged me to really take it all in and make adjustments before hitting the shutter release. Oh, and bonus: no more “chimping”.

What about for travel?


This wee duplex in Ardagh Village, County Longford, Ireland was photographed with the Fujifilm X-T2 and Fujinon XF35mmF2 R WR lens.

I would never dream of taking my Canon EOS 70D to Europe on holiday, but I didn’t hesitate to do just that with my Fuji system. I was just starting out, so I didn’t have much glass yet. I brought with me a Rokinon 12mm, Fuji 35mm F2, and Fuji 18-135mm. That last one won’t travel with me again. It’s not a bad lens, per se, but it’s the first and only Fuji lens that I’ve experienced so far that doesn’t wow me. The 35mm and the Rokinon 12mm are, on the other hand, nothing short of fantastic. I wouldn’t hesitate to travel with either one again. Bonus points to Fuji for offering not just a weather sealed body, but an array of really top notch weather sealed lenses. The 35mm F2 being one of them. I’ve since added the Fujinon XF23mmF2 R WR to my lineup and I think it may be stuck to my X-T2 more than anything else now. Coming from the Ricoh (18mm), the 23mm Fuji is only a little longer and offers a very natural feel. In fact, I’m really feeling now like I wish the Ricoh were also 23mm. Bear in mind, 23mm on these APS-C digital cameras is equivalent to about 35mm focal length on a full frame sensor.

Oh, one of the other things I love about the Fuji… or really any mirrorless removable-lens camera: vintage lenses. Fuji and other cameras like it make it super easy to mate vintage camera lenses to new cameras. I’ve got a bit of an old Rokkor lens collection, so it’s good to have them back in use.


Taken with Minolta MD Rokkor-X 45mm f2 on Fuji X-T2. This lens cost me all of $12 on eBay.

What’s next for me?

  • Sell off my Alien Bees. They are fantastic, and did a great job for me when I was shooting Canon. But the Godox system is where it’s at now for Fuji shooters, and I’m getting on board. The money from the Alien Bees will be reinvested into Godox gear.
  • Pick up a Fuji X100F. I need a go-everywhere camera. The X100F is a little on the big side, but I’m determined to figure out how to make this work for me. It’s also got the 23mm focal length that I love, and the same sensor/processor as the X-T2 so it’ll be easier to have a continuity of aesthetic with all of my new work.
  • I’d really like to get a hold of a Metabones Speed Booster for my Minolta lenses, and maybe another for M42 if the first one blows my mind.

Mark Turner : Millions Are Hounded for Debt They Don’t Owe. One Victim Fought Back, With a Vengeance – Bloomberg

December 07, 2017 06:18 PM

I’ve often talked about tracking down these debt collectors but this guy got to the kingpin. Gives me hope!

On the morning a debt collector threatened to rape his wife, Andrew Therrien was working from home, in a house with green shutters on a cul-de-sac in a small Rhode Island town. Tall and stocky, with a buzz cut and a square, friendly face, Therrien was a salesman for a promotions company. He’d always had an easy rapport with people over the phone, and on that day, in February 2015, he was calling food vendors to talk about grocery store giveaways.

Therrien was interrupted midpitch by a call from his wife. She’d gotten a voicemail from an authoritative-sounding man saying Therrien was in some kind of trouble. “I need to verify an address to present you with your formal claim,” the man had said. “Andrew Therrien, you are officially notified.”

A few minutes later, Therrien’s phone buzzed. It was the same guy. He gave his name as Charles Cartwright and said Therrien owed $700 on a payday loan. But Therrien knew he didn’t owe anyone anything. Suspecting a scam, he told Cartwright just what he thought of his scare tactics.Cartwright hung up, then called back, mad. He said he wanted to meet face-to-face to teach Therrien a lesson.

“Come on by, asshole,” Therrien says he replied.

“I will,” Cartwright said, “and I hope your wife is at home.”

That’s when he made the rape threat.

Therrien got so angry he couldn’t think clearly. He wasn’t going to just let someone menace and disrespect his wife like that. He had to know who this Cartwright guy was, and his employer, too. Therrien wanted to make them pay.

Source: Millions Are Hounded for Debt They Don’t Owe. One Victim Fought Back, With a Vengeance – Bloomberg

Magnus Hedemark : 5 best practices for getting started with DevOps

December 05, 2017 01:21 PM

(as originally shared at

Are you ready to implement DevOps, but don’t know where to begin? Try these five best practices.

DevOps often stymies early adopters with its ambiguity, not to mention its depth and breadth. By the time someone buys into the idea of DevOps, their first questions usually are: “How do I get started?” and “How do I measure success?” These five best practices are a great road map to starting your DevOps journey.

1. Measure all the things

You don’t know for sure that your efforts are even making things better unless you can quantify the outcomes. Are my features getting out to customers more rapidly? Are fewer defects escaping to them? Are we responding to and recovering more quickly from failure?

Before you change anything, think about what kinds of outcomes you expect from your DevOps transformation. When you’re further into your DevOps journey, you’ll enjoy a rich array of near-real-time reports on everything about your service. But consider starting with these two metrics:

  • Time to market measures the end-to-end, often customer-facing, business experience. It usually begins when a feature is formally conceived and ends when the customer can consume the feature in production. Time to market is not mainly an engineering team metric; more importantly it shows your business’ complete end-to-end efficiency in bringing valuable new features to market and isolates opportunities for system-wide improvement.
  • Cycle time measures the engineering team process. Once work on a new feature starts, when does it become available in production? This metric is very useful for understanding the efficiency of the engineering team and isolating opportunities for team-level improvement.

2. Get your process off the ground

DevOps success requires an organization to put a regular (and hopefully effective) process in place and relentlessly improve upon it. It doesn’t have to start out being effective, but it must be a regular process. Usually that it’s some flavor of agile methodology like Scrum or Scrumban; sometimes it’s a Lean derivative. Whichever way you go, pick a formal process, start using it, and get the basics right.

Regular inspect-and-adapt behaviors are key to your DevOps success. Make good use of opportunities like the stakeholder demo, team retrospectives, and daily standups to find opportunities to improve your process.

A lot of your DevOps success hinges on people working effectively together. People on a team need to work from a common process that they are empowered to improve upon. They also need regular opportunities to share what they are learning with other stakeholders, both upstream and downstream, in the process.

Good process discipline will help your organization consume the other benefits of DevOps at the great speed that comes as your success builds.

Although it’s common for more development-oriented teams to successfully adopt processes like Scrum, operations-focused teams (or others that are more interrupt-driven) may opt for a process with a more near-term commitment horizon, such as Kanban.

3. Visualize your end-to-end workflow

There is tremendous power in being able to see who’s working on what part of your service at any given time. Visualizing your workflow will help people know what they need to work on next, how much work is in progress, and where the bottlenecks are in the process.

You can’t effectively limit work in process until you can see it and quantify it. Likewise, you can’t effectively eliminate bottlenecks until you can clearly see them.

Visualizing the entire workflow will help people in all parts of the organization understand how their work contributes to the success of the whole. It can catalyze relationship-building across organizational boundaries to help your teams collaborate more effectively towards a shared sense of success.

4. Continuous all the things

DevOps promises a dizzying array of compelling automation. But Rome wasn’t built in a day. One of the first areas you can focus your efforts on is continuous integration (CI). But don’t stop there; you’ll want to follow quickly with continuous delivery (CD) and eventually continuous deployment.

Your CD pipeline is your opportunity to inject all manner of automated quality testing into your process. The moment new code is committed, your CD pipeline should run a battery of tests against the code and the successfully built artifact. The artifact that comes out at the end of this gauntlet is what progresses along your process until eventually it’s seen by customers in production.

Another “continuous” that doesn’t get enough attention is continuous improvement. That’s as simple as setting some time aside each day to ask your colleagues: “What small thing can we do today to get better at how we do our work?” These small, daily changes compound over time into more profound results. You’ll be pleasantly surprised! But it also gets people thinking all the time about how to improve things.

5. Gherkinize

Fostering more effective communication across your organization is crucial to fostering the sort of systems thinking prevalent in successful DevOps journeys. One way to help that along is to use a shared language between the business and the engineers to express the desired acceptance criteria for new features. A good product manager can learn Gherkin in a day and begin using it to express acceptance criteria in an unambiguous, structured form of plain English. Engineers can use this Gherkinized acceptance criteria to write acceptance tests against the criteria, and then develop their feature code until the tests pass. This is a simplification of acceptance test-driven development (ATDD) that can also help kick start your DevOps culture and engineering practice.

Start on your journey

Don’t be discouraged by getting started with your DevOps practice. It’s a journey. And hopefully these five ideas give you solid ways to get started.

Magnus Hedemark : Oops, I did it again

December 04, 2017 02:27 PM

I’ve been an avid photographer for about ten years now. For much of that time, I did photograph models. But about three years ago, I got tired of all the drama it brought to my life and so I took a hiatus from it.

That hiatus was broken on Saturday when I took Candace to the local park for a casual shoot. We used my Fujifilm X-T2 camera and a 50 year old lens, the Minolta MC Rokkor-PG 58mm f1.2. What this lens lacks in clinical sharpness and contrast, it makes up for with gobs of character. This allowed me to get images that really didn’t require much in the way of post processing, which is just how I like it.

Click below to see the full set.

Mark Turner : Mountain Lingo: Where Did “Ma-Maw” and “Pa-Paw” Come From? | Appalachian Magazine

December 04, 2017 02:28 AM

My maternal grandparents were called Me Ma and Pa Pa. I don’t know if this came from their living in Florida or their growing up in Louisiana.

Lately, I have grown fascinated with Appalachian-English, particularly of the words we use and have heard our entire lives, but are completely foreign to any of yu’ns who might be read’n this from some w’ars else’t!

What are the origins of these titles? Not everyone is in agreement (imagine that in 2017 America!); however, it seems that the prevailing theory is that “Mamaw” comes from a Lowland Scot term “Ma Maw”, meaning, “My Mother”.“Ma” was used when addressing one’s own mother, while “Maw” is used when addressing others of one’s own or others mothers.But what about Pa-paw? Where did this word come from?

Source: Mountain Lingo: Where Did “Ma-Maw” and “Pa-Paw” Come From? | Appalachian Magazine

Mark Turner : Skimmer was on Raleigh ATM at State Farmers Market for nearly 3 months | WNCN

December 04, 2017 01:51 AM

When first reading this story, I got the state farmers market confused with the state fairgrounds. I know I’ve used the state fairgrounds ATM this year but I know I’ve not used the farmers market ATM this year.

Raleigh Police arrested a man for credit card theft after investigators say he installed the credit card skimmer in the Farmers Market ATM. Police say he installed it on July 2 and a service technician found it and it was removed on September 24.

Source: Skimmer was on Raleigh ATM at State Farmers Market for nearly 3 months | WNCN

Warren Myers : on entropy, password/passphrase complexity, and if you’ve been part of a data breach (spoiler alert: you have)

November 30, 2017 05:47 PM

I wrote an article on passwords, passphrases, entropy, and data breaches for my employer’s blog:

Tarus Balog : Update on Expensify

November 29, 2017 05:38 PM

I recently posted a rant on how a vendor we use, Expensify, appeared to be exposing confidential data to workers with the Amazon Mechanical Turk service. In response to the general outcry, they posted a detailed explanation on their blog.

It did little to change my mind.

So apparently what happened is that they used to use the Mechanical Turk from 2009 to 2012, so if you we a customer back then your information was disclosed to those third party workers. Then they stopped, supposedly using some other, similar, in-house system.

But, some genius there decided that the best way for certain customers to insure their receipts were truly private was to have them use the Mechanical Turk with their own staff. I covered that in my first post and it is so complex it hardly registers as a solution.

Of course, they decided to test this new “solution” starting the day before the American Thanksgiving holiday. This was done using receipts from “non-paying customers”. While we pay to use the service (not for much longer), if you were trying it out for free your receipts were exposed to Mechanical Turk workers. Heh, if you aren’t paying for the product you are the product. The post goes on to talk about the security of the Mechanical Turk service, which was surprising because they went on and on about how they didn’t use it.

What really angered me was this paragraph:

The company was away with our families and trying hard to be responsive, while also making the most of a rare opportunity to be with our loved ones. Accordingly, this vacuum of information provided by the company was filled with a variety of well-intentioned but inaccurate theories that generated a bunch of compounding, exaggerated fears. As a family-friendly business we try hard to separate work life from home life, and in this case that separation came at a substantial cost.

Well, boo hoo. If you truly cared about your employees you wouldn’t start a major beta test the day before a big holiday. I spent my holiday worrying about my employees’ personal data possibly being exposed through the Expensify service. Thanks for that.

What pisses me off the most is this condescending Silicon Valley speak that their lack of transparency is somehow our fault. That our fears are just “exaggerated”. When Ryan Schaffer posted on Quora that nothing personal is included on receipts, he demonstrated a tremendous lack of understanding about something on which he should be an expert. As they turn this new leaf and try to be more transparent, I noticed he deleted his answer from the Quora question.

Smells like a cover up to me.

Look, I know that being from North Carolina I can’t possibly understand all the nuances of the brain-heavy Valley, but if Expensify truly does have a “patented, award-winning” methodology for scanning receipts, why don’t they just make that available to their customers instead of using the Turk? This long-winded defense of the Turk seems like they are protesting too much. Something doesn’t make sense here.

I’ve told my folks to stop using SmartScan and that we would move away from Expensify at the end of the year. If you use, or are planning to use, Expensify you should deeply consider whether or not this is a company you want to associate with and if they will act in your best interests.

I decided the answer was “no”.

Mark Turner : In Vancouver, 50% of trips are by foot, bike, or transit. This video shows how they did it. – Vox

November 29, 2017 01:28 AM

Vancouver, British Columbia, has aggressive aspirations for sustainability. Its goal is to be entirely powered by clean energy by 2050 — not just electricity, but transportation and heating as well. (I talked to city manager Sadhu Johnston about it in July 2016.)

As part of that effort, the city adopted the goal of 50 percent “sustainable mode share” by 2020 — half of all trips in the city taken by walking, biking, or transit rather than automobile.Fun fact: The city hit that target in 2015, five years early.

The video above, by Clarence Eckerson Jr. of Streetfilms, tells the story of how it happened. As Brent Toderian, a former Vancouver chief planner (who I interviewed at length in June), explains in the film, the city’s success traces all the way back to the 1960s and ’70s, when the extraordinarily prescient citizens of Vancouver rejected a plan to build a network of urban freeways through the city.

Source: In Vancouver, 50% of trips are by foot, bike, or transit. This video shows how they did it. – Vox

Mark Turner : How journalists can avoid a James O’Keefe-style sting – Columbia Journalism Review

November 29, 2017 01:23 AM

Undercover videographer and conservative political activist James O’Keefe made a vow on the eve of President Trump’s inauguration: “I’m going after the media next,” he said. “We have your name. We have your number. We are embedded in your institutions. We are inside the newsrooms, and that is our next target.” O’Keefe later claimed he already has “hundred of hours” of media-related video.

This threat comes as O’Keefe’s prominence in politics has spiked. He’s known for stings that feature secretly obtained footage edited for maximum impact (he’s most famous for an undercover operation that led to the downfall of the now-defunct community organizing group ACORN). O’Keefe, whose work on voter fraud President Trump endorsed just weeks before Election Day, recently told The Washington Post that his latest sting video led the FBI to arrest a man suspected of planning a violent inauguration protest. “It legitimizes what we’re doing,” O’Keefe told the Post. “It’s a new era for us.”

Source: How journalists can avoid a James O’Keefe-style sting – Columbia Journalism Review

Tarus Balog : Dougie Stevenson – The Elvis of Network Management

November 28, 2017 10:43 PM

David messaged me yesterday that Dougie Stevenson had died.

I hadn’t seen Dougie in person in a long time, but I’d kept up with him through the very networks he, in part, helped manage. While I had heard he wasn’t in the best of health, the news of his passing hit me harder than I expected.

I can’t remember the first time I met Dougie. I do remember it was always Dougie, rarely Doug and never Douglas. While most adults might drop such a nickname, it is a reflection on his almost childlike friendliness and good nature that he kept it. I do know that I was working at a company called Strategic Technologies at the time, so this would be the mid-1990s. I was working with tools like HP OpenView, and I’d often run into Dougie at OpenView Forum events. When he decided to take a job at Predictive Systems I followed him, even though it meant commuting to DC four to five days a week.

It was at Predictive that I got to see his genius at work. With his unassuming nature and down-to-earth mannerisms it was easy to miss the mind behind them, but when it came to seriously thinking about the problems of managing networks there were few who could match his penchant for great ideas. I used to refer to him as the “Elvis” of network management.

We were both commuters then. While he had lived in many places, he called Texas home as much as I do North Carolina. We were working on a large project for Qwest near the Ballston metro stop, and after work we’d often visit the nearby Pizzeria Uno. The wait staff loved to see Dougie, and would always laugh when he referred to the cheese quesadillas appetizer as “queasy-dillies”. This was back during the first Internet bubble, around 1999, and while many of us were working hard to make our fortune, Dougie never really cared that much for money. He used to joke it would all go to his ex-wives anyway. I know he had been married but we didn’t talk too much about that aspect of his life. He’d much rather talk about the hotrod pickup truck he was always working on when he had the time. I do remember he once walked away from a small fortune over principles – that was just the kind of person he was.

I can’t remember the last time I saw Dougie, but it could have been in Austin back in 2008. I have this really bad picture I took then:

Dougie and Me

Notice he has on his OpenNMS shirt. He never failed to promote our efforts to create a truly free and open source network management platform whenever he could.

As I’ve gotten older, I wish more for time than money. Between the business and the farm I’m kept so busy that I rarely get to spend as much time with the amazing people I know, and it would have been nice to see Dougie at least once more. In any case, a small part of him lives on in the hearts and minds of those who did know him.

Though it saddens me to say it, Elvis has left the building.

Mark Turner : Fence work progressing

November 28, 2017 01:55 PM

It’s looking more like a fence

One of the things we’ve been meaning to get done is to move our backyard fence to the outer limits of our property lines. For some reason when the fence was first built, the fence was put 8-20 feet inside of our property, leaving the rest our of property essentially abandoned. Miss Ruth had adopted our property on her side of our fence and we never had the heart to “take it back” while she lived here, so when we got new neighbors it seemed time to make the change.

Only I’d never built a fence before.

Enter YouTube. You can learn anything on YouTube.

I found videos showing what needed to be done. Sometimes I borrowed techniques from multiple videos. In August I bought fenceposts, concrete, and gravel and planted new fenceposts along the property line. It was about then that I realized the City of Raleigh now requires permits for fences. Not only that, the permit application requires a fresh survey! D’oh!

Several weeks later, I ordered a survey and purchased a permit. These alone became about 25% of my expenses, which I’m not happy about but hey, it’s legal now.

Now I’ve almost completed the rails that will hold the pickets. I’ve purchased a pneumatic nailer and nails. I have 290 pickets in the driveway, waiting to be nailed up. Overall, it’s starting to look really good. My perception is that the new neighbors aren’t happy about all the walking around I’m doing in their backyard to get the fence built but I do think they’ll be happy with the result.

If I have the whole weekend to work on it, I expect I can get it done by Sunday night. That’s not usually how my weekends work, though, so I’ll do what I can and save the rest for another day if needed.

At the end of the project I’ll have a beautiful fence, I’ll have some new tools and skills, I’ll have saved a ton of money, and I’ll have some pride in doing something for myself. It’s hard to go wrong with this combination.

Tarus Balog : Expensify and Why I Hate the Cloud

November 27, 2017 10:09 PM

Over the weekend I found out that Expensify, a service I use for my company, outsources a feature to Amazon’s Mechanical Turk service. Expensify handles the management of business expenses, which for a company like ours can be problematic as we do a lot of travel when deploying services. The issue is that the feature, the “smart scanning” of receipts, could potentially expose confidential data to third parties. As a user of Expensify, this bothers me.

Expensify touts “SmartScan” as:

As background, SmartScan is the patented, award-winning technology that underpins our “fire and forget” design for expense management. When you get a receipt, rather than stuffing it into your pocket to dread for later, just:

1. Take your phone out of your pocket
2. SmartScan the receipt
3. Put your phone back in your pocket

What they never told us is that if their “patented, award-winning technology” can’t read your receipt, they send it to the Mechanical Turk, which in turn presents it to a human being who will interpret the receipt manually. The thing is, we have no control over who will see that information, which could be confidential. For example, when I post a receipt for an airline ticket, it may include my record locater, ticket number and itinerary, all of which are sensitive.

This apparently never occurred to the folks at Expensify. Take this Quora answer from Ryan Schaffer, listed as Expensify Director of Marketing & Strategy:

Also, its worth mentioning, they don’t see anything that can personally identify you. They see a date, merchant, and amount. Receipts, by their very nature, are intended be thrown away and are explicitly non-sensitive. Anyone looking at a receipt isunable to tell if that receipt is from me, you, your neighbor, or someone on the other side of the world.

Wrong, wrong, wrong. It seems that Mr. Schaffer may limit his business expenses to the occasional coffee at Starbucks, but for the rest of us it is rarely that limited. For someone whose job is to perfect dealing with receipts, his view is pretty myopic.

For examples of what Expensify exposes, take a look at this tweet by Gary Pendergast.

Information Exposed by Expensify Tweet

It is also worth noting that it appears Expensify does its business on the Mechanical Turk as “Fluffy Cloud” instead of Expensify, which strikes me as a little disingenuous.

In a blog post this morning the company addressed this:

As you might imagine, doing this is easier said than done. Given the enormous scale and 24/7 nature of this task, we have agents positioned around the world to hand off this volume from timezone to timezone. Most of the US team is located in Ironwood, MI or Portland, OR (where we have offices and can train in person). Most of the international team is in Nepal or Honduras (where we work with a third-party provider to manage the on-site logistics). But regardless of the location, every single agent is bound by a confidentiality agreement, and subject to severe repercussions if that agreement is broken.

But if this were true, why are random people on Twitter announcing that they can see this data? Are they relying on the Amazon agreement with the people working as part of the Mechanical Turk? That doesn’t instill much confidence in me. But then in the same blog post they double down, and suggest that if you want extra security, you can just set up your own staff as part of the Mechanical Turk:

1. You hire a 24/7 team of human transcription agents.
         o For the fastest processing we suggest staffing three separate shifts — or daytime shifts in three different offices around the world. Otherwise your receipts might lag for many hours before getting processed.

2. They apply to Amazon Mechanical Turk for an account. Be aware that this is a surprisingly involved process, including:
         o The agent must sign up using their actual personal Amazon account. If your account doesn’t have an adequate history of purchases (each of which implies a successful credit card billing transaction and package delivery) or other activity, you will be rejected.
         o The agent must provide their full name, address, and bank account information for reimbursement. Amazon verifies this with a variety of techniques (eg, confirm that your IP is in the country you say you are, verify the bank account is owned by the name and address provided, full criminal background check), and if anything doesn’t add up, you will be rejected.
         o Rejection is final. It requires such an abundance of verifiable documentation (most notably being an active Amazon account with a long history) that you can’t just create a new account and try again.
         o There is no apparent appeals process. Accordingly, I would recommend confirming before hiring that the candidate can pass Amazon Mechanical Turk’s many strict controls because we have no ability to override their judgement.

3. You notify us of the “workerID” of each of your authorized agents.
         o Though you are not obligated to share your staff’s identity with us directly, your staff will still be obligated to follow the Expensify terms of services. Failure to comply with our terms will result in an appropriate response, starting with immediate banning by our automated systems, ranging up to our legal team subpoenaing you (or failing that, Amazon) for the identity of the agent to press charges directly.

4. We will create a “Qualification” for your “Human Intelligence Tasks” (HITs) that ensures only your agents will see your receipts.

5. Your staff will use the Amazon Mechanical Turk interface to discover and process your employee’s receipts.

That’s the solution? This is what passes for security at Expensify? Hire three shifts of employees all using verified personal Amazon accounts and then you can be sure your confidential data is kept confidential?

Wouldn’t it just be easier to create a small webapp that would present receipts to people in a company directly without going through the Mechanical Turk? Heck, why not just bounce it back out to you – it isn’t that great of a chore.

Plus, basically, if you don’t do this Expensify is saying they can’t keep your information secure.

This is what frustrates me the most about “the Cloud”. Everyone is in such a rush to deploy solutions that they just don’t think about security. Hey, it’s only receipts, right? Look what I was able to find out with just a discarded boarding pass – receipts can have much more information. And this is from a company that is supposed to be focused on dealing with expenses.

I demand two things from companies I trust with our information in the cloud: security and transparency. It looks like Expensify has neither.

I will be moving us away from Expensify. If you know of any decent solutions, let me know. Xpenditure looks pretty good, and since they are based in the EU perhaps they understand privacy a little better than they do in San Francisco.

Mark Turner : Meet the Teen Who Discovered the Secret of Social Capital | Psychology Today

November 27, 2017 01:08 PM

Having grown up the perennial New Kid, I appreciate what Natalie is doing.

After two years of hell at school and four separate physical attacks, Natalie Hampton finally escaped the school where no one defended her. Today, she’s a vibrant, happy senior in high school. She has lots of friends, and she looks forward to graduation. Her transformation began on her first day of high school, when, just like before, Natalie didn’t know anyone. This time, however, another student, seeing that she looked lost, befriended her. “It saved my life,” Natalie reveals in her TEDx Teen talk.

All it took was one person. With one friend, she was no longer untouchable. She could make other friends––and she did. For two years, Natalie Hampton ate lunch alone. So after she changed schools, whenever she saw someone eating lunch alone, she would invite them to join her friends at their table. She knew that by saying “sit with us,” she protected other children from becoming untouchable. “Each time, the person’s face would light up, and the look of relief would wash over [it],” she says. “Some of those people have become some of my closest friends.” Natalie was willing to give up her social capital, but she discovered that when a person has friends, spending social capital by befriending those without it lifts people up without bringing anyone down. If “sit with us” became the ethos in middle school, bullying would be a thing of the past.

Source: Meet the Teen Who Discovered the Secret of Social Capital | Psychology Today

Mark Turner : A Survivor’s Defense of Al Franken – StrategyCamp – Medium

November 27, 2017 12:46 PM

As I was saying about Al Franken.

As a survivor and active member in the struggle to protect and progress civil rights in the United States, I have a track-record of confronting both the Democratic and the Republican party for abuses. If Tweeden was a victim of a violent and predatory Al Franken, I would have stood right by her side and called for an investigation of the Senator and his immediate removal from office. I would have gladly lumped his name into a category with Roy Moore and Donald Trump and Roger Ailes and Harvey Weinstein. I would have written an article about how we can’t entrust or bodies to legislators that will assault our women and children and legally enable the predators to get away with similar crimes no matter what side of the aisle we come from.

She is not a victim. She is not an ally. And she is not a survivor. Those words have meaning. Those words hold weight. And she has not earned her right to wear those badges.

Source: A Survivor’s Defense of Al Franken – StrategyCamp – Medium

Mark Turner : Artificially lit surface of Earth at night increasing in radiance and extent | Science Advances

November 27, 2017 02:50 AM

I have long been a proponent of streetlights, thinking that they reduce crime. Lately, I’ve been reconsidering my position, especially once I saw the stunning astrophotography my friend Rowland has been doing.

Dark skies are natural. Artificial street lighting is by definition not natural, and its increasing prevalence has repercussions that we are only beginning to understand.

I am now starting to think that, like air conditioning, electric light is meant for the indoors.

A central aim of the “lighting revolution” (the transition to solid-state lighting technology) is decreased energy consumption. This could be undermined by a rebound effect of increased use in response to lowered cost of light. We use the first-ever calibrated satellite radiometer designed for night lights to show that from 2012 to 2016, Earth’s artificially lit outdoor area grew by 2.2% per year, with a total radiance growth of 1.8% per year. Continuously lit areas brightened at a rate of 2.2% per year. Large differences in national growth rates were observed, with lighting remaining stable or decreasing in only a few countries. These data are not consistent with global scale energy reductions but rather indicate increased light pollution, with corresponding negative consequences for flora, fauna, and human well-being.

Source: Artificially lit surface of Earth at night increasing in radiance and extent | Science Advances

Wikimedia photo by Oleg Volk,

Mark Turner : Zimbabwe: Robert Mugabe to get $10m payoff and immunity for his family | World news | The Guardian

November 27, 2017 02:41 AM

Some coup. Hasn’t Mugabe looted enough money from Zimbabwe?

Robert Mugabe and his wife will receive a “golden handshake” worth many millions of dollars as part of a deal negotiated before the resignation of the ageing autocrat last week. The exact sums to be paid to the former president and his wife Grace are still unclear, though one senior ruling party official with direct knowledge of the agreement said the total would not be less than $10m.

The official said that Mugabe, who has been granted immunity from prosecution and a guarantee that no action will be taken against his family’s extensive business interests, would receive a “cash payment of $5m” immediately, with more paid in coming months.

The 93-year-old’s $150,000 salary will also be paid until his death. The 52-year-old first lady, reviled for her extravagance and greed, will then receive half that amount for the rest of her life.

Mugabe’s 37-year rule left Zimbabwe with a worthless currency, massive debts, an impoverished population and an estimated unemployment rate of more than 80%. Roads are rutted, many rural communities have no electricity, education is basic and healthcare almost non-existent. A life expectancy of 60 is one of the lowest in the world.

Source: Zimbabwe: Robert Mugabe to get $10m payoff and immunity for his family | World news | The Guardian

Mark Turner : Google collects Android users’ locations even when location services are disabled — Quartz

November 21, 2017 05:18 PM

Many people realize that smartphones track their locations. But what if you actively turn off location services, haven’t used any apps, and haven’t even inserted a carrier SIM card?

Even if you take all of those precautions, phones running Android software gather data about your location and send it back to Google when they’re connected to the internet, a Quartz investigation has revealed.

Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers—even when location services are disabled—and sending that data back to Google. The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy.

Source: Google collects Android users’ locations even when location services are disabled — Quartz

Mark Turner : We’re With Stupid – The New York Times

November 21, 2017 03:32 PM

The Trump Presidency isn’t the fault of Hillary, or Bernie, or the Russians. It’s totally the collective fault of America.

Nearly one in three Americans cannot name a single branch of government. When NPR tweeted out sections of the Declaration of Independence last year, many people were outraged. They mistook Thomas Jefferson’s fighting words for anti-Trump propaganda.Fake news is a real thing produced by active disseminators of falsehoods. Trump uses the term to describe anything he doesn’t like, a habit now picked up by political liars everywhere.

But Trump is a symptom; the breakdown in this democracy goes beyond the liar in chief. For that you have to blame all of us: we have allowed the educational system to become negligent in teaching the owner’s manual of citizenship.

Source: We’re With Stupid – The New York Times

Mark Turner : GOP Tax Bill Is The End Of All Economic Sanity In Washington

November 21, 2017 03:30 PM

That liberal rag Forbes takes aim at the proposed GOP tax plan.

No doubt many of you read the above headline and immediately started to tweet that the GOP tax bill can’t be the end of economic sanity in Washington because there never was any to begin with.I have two responses.

First…please do tweet that, and link to this post when you do.

Second…you’re wrong. If it’s enacted, the GOP tax cut now working its way through Congress will be the start of a decades-long economic policy disaster unlike any other that has occurred in American history.

Source: GOP Tax Bill Is The End Of All Economic Sanity In Washington

Mark Turner : The Scary New Evidence on BPA-Free Plastics – Mother Jones

November 21, 2017 03:29 PM


The center shipped Juliette’s plastic cup, along with 17 others purchased from Target, Walmart, and Babies R Us, to CertiChem, a lab in Austin, Texas. More than a quarter—including Juliette’s—came back positive for estrogenic activity. These results mirrored the lab’s findings in its broader National Institutes of Health-funded research on BPA-free plastics. CertiChem and its founder, George Bittner, who is also a professor of neurobiology at the University of Texas-Austin, had recently coauthored a paper in the NIH journal Environmental Health Perspectives. It reported that “almost all” commercially available plastics that were tested leached synthetic estrogens—even when they weren’t exposed to conditions known to unlock potentially harmful chemicals, such as the heat of a microwave, the steam of a dishwasher, or the sun’s ultraviolet rays. According to Bittner’s research, some BPA-free products actually released synthetic estrogens that were more potent than BPA.

Source: The Scary New Evidence on BPA-Free Plastics – Mother Jones

Mark Turner : Argentina missing submarine: Concern grows after two false alarms – BBC News

November 21, 2017 03:27 PM

It doesn’t matter whose flag under which one serves, a sailor is a sailor and the brotherhood of the sea is a bond we all share. I’m hoping and praying these Argentinian sailors are found safe and sound.

Argentina’s navy says it will take advantage of improved weather conditions to further step up its search for a submarine that vanished last Wednesday in the Atlantic Ocean.

Strong winds and high waves have hampered the search for the ARA San Juan and its 44 crew in the past days.

On Monday, navy officials said that noises picked up by two search vessels did not come from the sub, dashing relatives’ hopes for a speedy rescue.It was the second false alarm.

A navy spokesman had earlier confirmed that satellite signals picked up on Saturday did not come from the missing boat.

Source: Argentina missing submarine: Concern grows after two false alarms – BBC News

Mark Turner : Men behaving badly and false equivalence

November 21, 2017 03:22 PM

Worst. Grope. Ever.

John Oliver had a wonderful show recently discussing the logical fallacies employed by Donald Trump whenever he’s challenged on his numerous falsehoods. One thing to watch out for (and not just from Trump) is false equivalence.

This has been the season for bringing misogyny into the open. Beginning with Harvey Weinstein, a parade of dumbshit men like Roy Moore, Lewis C.K., Charlie Rose and others have been exposed for their misogynist, sexist, and degrading behavior towards women.

Overall, I say right on. These men abused the trust of the women who looked up to them. Some, like Moore, crossed a moral line (if not a legal one) in chasing teenage girls. The transgressions all have different shades but overall they consist of a man abusing his power or authority over women and/or girls.

This brings us to the case of Sen. Al Franken (D-MN). Franken has been accused by LeeAnn Tweeden of an unwanted sexual advance, saying Franken aggressively kissed her during a rehearsal of a USO sketch they were both doing:

He repeated that actors really need to rehearse everything and that we must practice the kiss. I said ‘OK’ so he would stop badgering me. We did the line leading up to the kiss and then he came at me, put his hand on the back of my head, mashed his lips against mine and aggressively stuck his tongue in my mouth.

I immediately pushed him away with both of my hands against his chest and told him if he ever did that to me again I wouldn’t be so nice about it the next time.

I walked away. All I could think about was getting to a bathroom as fast as possible to rinse the taste of him out of my mouth.

I felt disgusted and violated.

No photos exist of the kiss in question and Franken remembers it differently.

I hated to think that Franken was a scumbag the likes of Moore and Rose. He’s always seemed like a good, upstanding guy, those Minnesota values still strong in him. Over time, though, I had to conclude that this was something different.

According to Tweeden, she and Franken were rehearsing a kiss that was scripted into their sketch. It was no surprise. It was no unwanted advance. They were both acting. This was something they had agreed to do. You can debate the intensity of the kiss, sure, but it was in the script.

Secondly, Franken held no power of Tweeden. He was not her boss nor was her career hanging in the balance if she refused his kiss (which, as I just pointed out, was part of a sketch). In 2006, Franken was a minor celebrity at best. He was a former SNL writer, a bestselling author, and a radio host on Air America, a struggling liberal talk show network. Though I like his SNL work, no one would mistake Franken for a comedy industry titan, able to make or break careers.

Thirdly, let’s take a look at the photograph Tweeden says shows Franken allegedly groping her. Franken is not even touching Tweeden. He couldn’t touch her if he tried because she’s wearing a flak jacket. Tweeden nevertheless claims he did:

I couldn’t believe it. He groped me, without my consent, while I was asleep.

I felt violated all over again. Embarrassed. Belittled. Humiliated.

How dare anyone grab my breasts like this and think it’s funny?

On this USO tour Tweeden has been shown to be open to grabbing, if not being grabbed herself, as a photo of her on stage shows her helping herself to a big ol’ handful of guitarist butt.

Double standard much?

Was Franken’s photo in bad taste? Possibly. Was there any contact? Not according to the photo. It looks to me like everyone got chummy and now that suddenly has become a problem for Tweeden.

It is a false equivalence to compare Franken’s actions with the likes of pedophile Roy Moore or misogynists like Weinstein, Rose, or Louis C.K. For those who want to wag their finger at liberals for allegedly turning a blind eye to Franken’s actions just because he’s a liberal, too, get real! Franken’s alleged misdeeds have been blown totally out of proportion and don’t compare to the actions of the others.

I’m disgusted with bad behavior of Weinstein, Rose, and Louis C.K., who are all liberals, and will freely say so. Not painting Franken with the same brush, though, has nothing to do with liberals protecting our own and everything to do with weighing the evidence.

Warren Myers : you can make anything online – even grave markers

November 20, 2017 07:23 PM

Knock yourself out.

Mark Turner : Facebook’s ‘People You May Know’ feature can be really creepy. How does it work? – Recode

November 18, 2017 02:18 PM

When Facebook’s Android app apparently accessed my camera without my permission I banned it from my phone. This story might drive me from Facebook altogether.

This upcoming year will see me drastically curtail my Facebook usage. There are so many other things I can be doing than scrolling through cat photos, and also I am not convinced the information I share is always going to be used to my benefit.

Facebook has a pretty clear and straightforward company mission: Connect everybody in the world.

One of the ways it carries out that mission is by recommending new friends for you every time you open the app or website — essentially, the company identifies other people on Facebook that it thinks you already know, and nudges you to connect with them inside Facebook’s walls.

The problem with this feature is that it can be really creepy.

Facebook previously employed user locations to recommend friends, but says it has stopped doing that; Fusion recently wrote about a psychiatrist who claims her mental health patients were being prompted to connect with one another on the service. Not good.

When my colleague Jason Del Rey and I recently experienced a number of oddly timed recommendations, we started to get curious ourselves. How does Facebook generate these eerily coincidental recommendations?

Source: Facebook’s ‘People You May Know’ feature can be really creepy. How does it work? – Recode

Mark Turner : How Facebook Figures Out Everyone You’ve Ever Met

November 18, 2017 02:06 PM

In real life, in the natural course of conversation, it is not uncommon to talk about a person you may know. You meet someone and say, “I’m from Sarasota,” and they say, “Oh, I have a grandparent in Sarasota,” and they tell you where they live and their name, and you may or may not recognize them.

You might assume Facebook’s friend recommendations would work the same way: You tell the social network who you are, and it tells you who you might know in the online world. But Facebook’s machinery operates on a scale far beyond normal human interactions. And the results of its People You May Know algorithm are anything but obvious. In the months I’ve been writing about PYMK, as Facebook calls it, I’ve heard more than a hundred bewildering anecdotes:

  • A man who years ago donated sperm to a couple, secretly, so they could have a child—only to have Facebook recommend the child as a person he should know. He still knows the couple but is not friends with them on Facebook.
  • A social worker whose client called her by her nickname on their second visit, because she’d shown up in his People You May Know, despite their not having exchanged contact information.
  • A woman whose father left her family when she was six years old—and saw his then-mistress suggested to her as a Facebook friend 40 years later.
  • An attorney who wrote: “I deleted Facebook after it recommended as PYMK a man who was defense counsel on one of my cases. We had only communicated through my work email, which is not connected to my Facebook, which convinced me Facebook was scanning my work email.”

Connections like these seem inexplicable if you assume Facebook only knows what you’ve told it about yourself. They’re less mysterious if you know about the other file Facebook keeps on you—one that you can’t see or control.

Source: How Facebook Figures Out Everyone You’ve Ever Met

Mark Turner : New “Quad9” DNS service blocks malicious domains for everyone | Ars Technica

November 18, 2017 02:02 PM

The Global Cyber Alliance (GCA)—an organization founded by law enforcement and research organizations to help reduce cyber-crime—has partnered with IBM and Packet Clearing House to launch a free public Domain Name Service system. That system is intended to block domains associated with botnets, phishing attacks, and other malicious Internet hosts—primarily targeted at organizations that don’t run their own DNS blacklisting and whitelisting services. Called Quad9 (after the Internet Protocol address the service has obtained), the service works like any other public DNS server (such as Google’s), except that it won’t return name resolutions for sites that are identified via threat feeds the service aggregates daily.

“Anyone anywhere can use it,” said Phil Rettinger, GCA’s president and chief operating officer, in an interview with Ars. The service, he says, will be “privacy sensitive,” with no logging of the addresses making DNS requests—”we will keep only [rough] geolocation data,” he said, for the purposes of tracking the spread of requests associated with particular malicious domains. “We’re anonymizing the data, sacrificing on the side of privacy.”

Source: New “Quad9” DNS service blocks malicious domains for everyone | Ars Technica

Mark Turner : 3 Major Reasons Why More Millennials Are Starting Blogs

November 18, 2017 01:54 PM

“… sale of advertising can be a real moneymaker.”

Bwahahahahahaha! #unlikely

Millennials see opportunities through blogging. If they gather a solid following, the sale of advertising can be a real moneymaker, and there are a number of millennial bloggers who have successfully monetized their blogs through a number of techniques.

As an example, consider the recent phenomenon of millennial “mommy blogs.” These are smart, educated women who are now at home with children. Blogging is an outlet for them as well as a quick entryway into making a sizeable income. Many of these women spend a year or two building a following. Then, they move into monetizing their blogs and even developing their own product lines, with a loyal and trusting target audience already at their fingertips. Some of the more successful mommy bloggers have achieved incomes as high as $20,000 a month.

Source: 3 Major Reasons Why More Millennials Are Starting Blogs

Mark Turner : America’s global influence has dwindled under Donald Trump – Endangered

November 18, 2017 01:46 PM

Many people find reassurance in the sober, capable military men who surround him (see article). His chief of staff, his defence secretary and his national security adviser all understand the horrors of war and will stop him from doing anything rash, the argument goes. Optimists even speculate that he might emulate Ronald Reagan, by shaking up the diplomatic establishment, restoring America’s military muscle and projecting such strength abroad that a frightened, overstretched North Korea will crumble like the Soviet Union. Others confidently predict that even if he causes short-term damage to America’s standing in the world, Mr Trump will be voted out in 2020 and things will return to normal.

All this is wishful thinking.

Source: America’s global influence has dwindled under Donald Trump – Endangered

Mark Turner : Paradise Papers: Tax haven secrets of ultra-rich exposed – BBC News

November 18, 2017 01:43 PM

A huge new leak of financial documents has revealed how the powerful and ultra-wealthy, including the Queen’s private estate, secretly invest vast amounts of cash in offshore tax havens.

Donald Trump’s commerce secretary is shown to have a stake in a firm dealing with Russians sanctioned by the US.The leak, dubbed the Paradise Papers, contains 13.4m documents, mostly from one leading firm in offshore finance.BBC Panorama is part of nearly 100 media groups investigating the papers.

As with last year’s Panama Papers leak, the documents were obtained by the German newspaper Süddeutsche Zeitung, which called in the International Consortium of Investigative Journalists (ICIJ) to oversee the investigation. The Guardian is also among the organisations investigating the documents.

Sunday’s revelations form only a small part of a week of disclosures that will expose the tax and financial affairs of some of the hundreds of people and companies named in the data, some with strong UK connections.

Many of the stories focus on how politicians, multinationals, celebrities and high-net-worth individuals use complex structures of trusts, foundations and shell companies to protect their cash from tax officials or hide their dealings behind a veil of secrecy.

Source: Paradise Papers: Tax haven secrets of ultra-rich exposed – BBC News

Mark Turner : Slipping into Southern again

November 17, 2017 03:27 AM

Yesterday morning my Southern accent got noticed again, this time by a fellow Southerner. My dentist’s office is full of good ol’ Southerners and I always love hearing the conversations going on. I was getting my teeth cleaned by a hygienist I don’t ordinarily see and she was making small talk to get to know me.

Halfway through she says, “so, where are you from? I noticed you have an accent.”

If I could’ve smiled with a mouthful of fluoride brush and suction tube, I would’ve! I don’t always remember to speak Southern until I’m around others who are speaking that way, but then I just slip back into it without me even noticing. I suppose if I were around more places where Southern was spoken i would speak it more often, too, but Southern isn’t spoken much in Raleigh anymore.

Warren Myers : what is “plan b” for iot security?

November 16, 2017 04:37 PM

Schneier has a recent article on security concerns for IoT (internet of things) devices – IoT Cybersecurity: What’s Plan B?

We can try to shop our ideals and demand more security, but companies don’t compete on IoT safety — and we security experts aren’t a large enough market force to make a difference.

We need a Plan B, although I’m not sure what that is. Comment if you have any ideas.

There are loads of great comments on the post.

Here’s the start of some of my thoughts:

There are a host of avenues which need to be gone down and addressed regarding device security in general, and IoT security in particular.

Any certification program could be good .. right up until the vendor goes out of business. Or ends the product line. Or ends formal support. Unless we go to a lease model for everything, you’re going to have unsupported/unsupportable devices out there.

We can’t have patches ad infinitum because it’s not practical: every vendor EOLs products (from OSes to firearms to DB servers to cars, etc).

A few things which would be good:

  • safe/secure by default from the vendor – you have to manually de-safe it to use it (like a rifle which only becomes usable/dangerous/operable when you load a cartridge and put the safety off)
  • well-known, highly-publicized support lifecycles (caveating the vendor going out of business)
  • related to the above, notifications from the device as it nears end of support
  • notifications from the device as well as the vendor that updates/patches are available
  • liability regulations – and an associated insurance structure – affecting businesses which choose to offer IoT devices across a few levels:
    1. here it is :: you deal with it || no support, no insurance, whatever risk is there is your problem
    2. patches / updates for 1 year || basic insurance / guarantee of operation through supported period, as long as you’re patched up to date
    3. patches / updates for 3 years ||
    4. patches / updates for 5 years || first-level business offering || insurance against hacks / flaws that have been disclosed for more than 90 days so long as you have patched
    5. patches / updates for 10 years || enterprise / long-term support || “big” insurance coverage (up to a year, so long as you’re yp-to-date) || proactive notifications from the vendor to customers regarding flaws, patches, etc

There are probably other things which need to be considered.

But there’s my start.

Mark Turner : Hallie’s story runs on the front page of the N&O

November 16, 2017 03:08 AM

Hallie was featured on the front page of the N&O, 15 Nov 2017

The story of the new environmental lawsuit that Hallie is participating in (along with two other teens) ran on the front page of the News and Observer today. Pretty cool to see that.

This is at least the second time she’s been featured on the N&O’s front page, if not the third. The first time was when she was still a guest of the WakeMed NICU.

Mark Turner : Rowland, the astrophotographer

November 15, 2017 01:14 AM

Messier 33 galaxy, by Rowland Archer

My friend and former boss Rowland Archer has a hobby of astrophotography. He’s built up quite a collection of stunning photographs that he’s taken from the little observatory he’s build in his backyard outside of Durham. Here’s one of the latest photos he’s shared, of the Milky Way’s nearest neighboring galaxy, Messier 33.

Says Rowland:

This is Messier 33, the Triangulum Galaxy, so named because it is in the constellation Triangulum and was the 33th object discovered by Charles Messier – who was a comet hunter and famously compiled a list of “darn, another fuzzy thing that’s not a comet!” Ironically, his list of stuff to avoid is now one of the most popular list of things to observe! M33 is part of the local group of galaxies – it’s smaller than our Milky Way, and fainter than the Andromeda Galaxy posted earlier this week, but I think it’s a rocking looking galaxy from our view here on Earth – the blue spiral arms, the red knots of color in the arms that are active star forming regions, and the individual stars visible in both. It’s about 3 million light years away from us, and contains “only” about 30 billion stars. But it’s still the third largest member of our local group – our neighborhood of galaxies that are close enough to be bound together by gravity.

Amazing stuff!

Mark Turner : John Oliver on what we’ve learned from a year of Trump presidency

November 14, 2017 10:33 PM

This segment is great stuff.

Mark Turner : Grandma’s house is for sale again

November 14, 2017 04:12 PM

One of the great things about the way real estate is sold on the Internet is being able to get a virtual tour of the homes you knew and loved. I found out that my grandmother’s former home at 937 Oak Avenue in Panama City, FL is now for sale (MLS# 663442). Poking through the photographs it appears the owners (who bought it from Grandma’s estate) didn’t change it as radically as they could’ve. The most drastic changes are the paint colors. Apparently the electrical system has been upgraded. I don’t recall the renovated rear bathroom but that might have been there at the time Grandma lived there. The kitchen hasn’t changed basically at all, which was good to see.

I created a copy of the Zillow page here, as the house is pending sale and the listing won’t be available much longer. I also have photos from that page that I will add to the blog.

I hope I can take another walk (perhaps my last?) through it when we’re down there for Thanksgiving.

Mark Turner : Climate change:NC teens petition NC environment commission to cut fossil fuel and greenhouse gases | News & Observer

November 14, 2017 01:39 AM

News broke today that Hallie is trying again, this time with friends, to get North Carolina’s environment back on track. Go, Hallie!

Hallie Turner was 13 years old when she stood outside a Wake County courtroom telling media crews with cameras trained on her that she planned to continue to fight for action on climate change despite her unsuccessful attempt to sue North Carolina over its environmental rules.

Now 15, Hallie is trying again to get the state Department of Environmental Quality and the state Environmental Management Commission to adopt a rule calling for a sharp reduction in emissions of carbon dioxide and other greenhouse gases over the next three decades. This time, two other North Carolina teens — Emily Liu, 16, of Chapel Hill, and Arya Pontula, a Raleigh 17-year-old, will join Hallie in petitioning the commission.

With the help of Ryke Longest at the Duke Environmental Law and Policy Clinic, and Our Children’s Trust, a Oregon-based nonprofit focused on climate change, the teens hope to persuade the state to adopt a rule ensuring that by 2050 carbon dioxide emissions would be down to zero.

“It would be a future in which you would not be burning fossil fuels to power your homes,” Longest said on Monday, the day before the teens plan to file their petition.

Source: Climate change:NC teens petition NC environment commission to cut fossil fuel and greenhouse gases | News & Observer