Weekly Axis Of Easy #151
This Week’s Quote: “One of the greatest delusions in the world is the hope that the evils in this world are to be cured by legislation” …by ???
The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.
In this issue:
- Canada to deploy voluntary nationwide contact tracing app
- Surveillance-capitalism firm Palantir files to go public
- Gigantic telecom outage was not a DDoS from China
- Google demonetizes The Federalist and Zerohedge
- Google trying to get rid of the URL, again
- Large scale Twitter and Facebook influence campaign linked to China
- China authorities freeze thousands of accounts of Bitcoin traders
- IRS used commercial database of US cellphones to track suspected criminals
- Krebs: Turn on 2FA before a hacker does it for you
- University board chair resigns over “liked” tweets
- Transhumanism: The new religion of the coming technocracy
- AxisOfEasy: Algorithmic Guerrilla Warfare
Last week the Canadian federal government announced that it would soon be releasing a coronavirus contact-tracing app nationwide. Downloading the app would be voluntary and take measures to protect user privacy. The app development was spearheaded by Canadian Digital Service in conjunction with Ontario Digital Service and volunteer developers from Shopify. A security review will be undertaken by Blackberry.
If you recall, back in AxisOfEasy 145 we reported that the federal and provincial privacy commissioners released a joint statement outlining a set of guidelines for governments to follow in order to protect user privacy in contact-tracing apps, what I was interested in knowing was if this app will follow those guidelines. I put an inquiry in to the Canadian Digital Service asking if this is the case, and I also suggested open sourcing the app source code would go a long way toward instilling public trust.
They got back to me in time to update this newsletter:
1) The app will comply with the privacy commissioner guidelines. The app will not disclose user identity, “it will not be shared with any other entity, it will not be stored on the app and will never leave the user’s phone”
2) Open source software is a key principle of the CDS, all software they put out is released as open source code under the MIT License, their Github is here and they’ve begun publishing the COVID-19 tracing code here and here.
Meanwhile Norway has suspended their contact-tracing app initiative and deleted all collected data after their privacy watchdog raised concerns: https://www.thelocal.no/20200615/norway-suspends-virus-tracing-app-after-privacy-concerns
In Germany, uptake of the app is facing headwinds as the number of Germans who say they will install it is falling, down to 42% while the number who say they won’t is rising, now at 46%. https://www.statista.com/chart/22017/share-of-people-who-would-use-a-coronavirus-app-in-germany/
Recall, as reported in AxisOfEasy 142, Australia’s contact tracing app is “voluntary” so long as at least 40% of the population “volunteers”, if not, installation will become mandatory.
(Also recall Jesse Hirsh’s “The Impending Disaster of App Based Contact Tracing” from back in April: https://axisofeasy.com/metaviews/the-impending-disaster-of-app-based-contact-tracing/ )
As far as I am concerned, if the Canadian app follows the privacy commissioner guidelines and installation is truly voluntary, I’m ok with it and I would personally install it. When I hear back from them, we will let you know.
Oh, I almost forgot, Apple’s COVID-19 tracing hooks, which we reported on back in AoE 141 look to be already deployed into iOS 13.5.1. Just open up your settings, go into Privacy -> Health and <tada>, there’s your COVID-19 Exposure Logging setting, probably defaulted to off since there are no apps to dock there (yet).
We’ve covered Palantir a couple times in these pages. They’re the somewhat secretive Big Data surveillance-capitalism shop founded by Peter Thiel who seems to possess boatloads of data points on nearly everybody with a digital footprint.
At the end of the day, surveillance is a business, and business is good. According to Bloomberg, Palantir is getting ready to file an S-1 with the US SEC ahead of a September IPO. It should make for some interesting reading when it comes out and I’ve got my RSS reader all set to pull it down off the SEC website when it does.
Gigantic telecom outage was not a DDoS from China
Last week on June 15, 2020, a bunch of telecoms went down. It started with T-Mobile and then seemed to fall over into Verizon, AT&T and Sprint. The rumours flew with a so-called “Anonymous” Twitter account (remember those guys?) tweeting “The U.S. is currently under a major DDoS attack”.
US Congressman Ted Lieu latched onto that, single, uncorroborated tweet, and ran with it…
…but it all a turned out to be nothingburger. As further details emerged, what really seems to have happened was a fibre failure on the T-Mobile network as some network upgrades didn’t go so well and set off a string of cascading failures. Hate it when that happens.
Google demonetizes The Federalist and Zerohedge
Less than a week after we reported that Twitter reinstated the Zerohedge account, saying it made a mistake in suspending it, Google stepped up to the plate and demonetized them from the Adsense ad network. They also issued a warning to The Federalist. Google’s action is concerned largely with the comments sections on both sites.
ZH made a decision very early in their existence to provide an unmoderated, wide-open comment experience and that seems to have not served them well. They will now be undertaking an initiative to clean it up, which means, there’s going to have to be some kind of content moderation. My personal theory is that most of the worst actors on the site are the work of a handful of actors employing numerous sock puppet accounts.
As of Chrome 85, Google will be rolling out a change to the browser’s location bar to only display the domain name portion of the URL. The company says it’s part of an effort to help users avoid phishing sites, personally I don’t follow the logic. I have an easier time figuring out if link is phishy or not by seeing the entire URL instead of just the domain, which could be a typo-squat or a homoglyph (a homoglyph is a domain impostor that utilizes foreign character sets to present a visually similar domain name).
That said, there will be an “opt-out” feature once this deploys, by right clicking in the Chrome address bar there will be an “always show full URLs option” you can turn on.
Large scale Twitter and Facebook influence campaign linked to China
A report published by the Australian Strategic Policy Institute “analyses a persistent, large-scale influence campaign linked to Chinese state actors on Twitter and Facebook.”
The efforts are targeted at Chinese-speaking outside for China (where Twitter is blocked, btw) in order to shape opinions on such matters as Hong Kong, Coronavirus and Taiwan.
The research looked at over 23,000 twitter accounts and over 300,000 tweets between January 2018 and April 2020, surmising that they were “inauthentic”, in that they operated between normal office hours on Beijing time and most had zero followers.
Twitter deactivated the accounts and the research has detected even more after cross-referencing with similar Facebook accounts.
The report: https://s3-ap-southeast-2.amazonaws.com/ad-aspi/2020-06/Retweeting%20through%20the%20great%20firewall_1.pdf
China authorities freeze thousands of bank accounts of Bitcoin traders
Also in China, it’s been reported that the People’s Bank of China (PBoC) has frozen somewhere north of 4,000 bank accounts of “Over-the-Counter” Bitcoin traders there, in a crackdown on illegal activities including money laundering, telecom fraud, gambling and crypto scams.
Many apparently use the stable coin Tether in conjunction with Bitcoin. The police have been getting up to speed on how to trace funds and analyze blockchain transactions. The accounts are frozen and any found not to be engaging in illicit activities will purportedly be released after an investigation.
In China, multiple court cases have concluded that crypto-currencies are legal, with one case finding that Bitcoin is an asset protected by law and another that “ethereum is legal property with economic value”. In May a civil ruling passed protecting inheritance rights of crypto.
IRS used commercial database of US cellphones to track suspected criminals
Throughout 2017 and 2018, the US Internal Revenue Service’s Criminal Investigation unit (IRS CI), purchased a commercial database with millions of anonymized cellphone location data records and used it to try to track criminal suspects.
The database was purchased from a Virginia company called Venntel Inc., which purchases cellphone location data from marketing companies and then resells it to governments.
The IRS discontinued use of the database after locating exactly zero suspects using the data.
Security researcher Brian Krebs reminds us all to turn on multi-factor authentication wherever we can, especially in our key accounts. The trend with cyber criminals is that when they do successfully penetrate somebody’s account where it isn’t enabled, they turn it on themselves, making it even harder for the true account holder to regain control.
(If you haven’t already turned this on for your easyDNS account, please do log in to the control panel, and do so in your account security settings.)
The Chairman of the University of British Columbia’s Board of Governors has resigned after it was revealed that he had “liked” numerous tweets critical of Black Lives Matters and Antifa on twitter.
Michael Korenberg admitted he didn’t realize that his “liked” tweets were publicly visible, and he also said that he uses the “like” function to merely bookmark tweets to look at later (I do exactly that myself for tweets I may reference or blog about).
Nonetheless, he has resigned his post and issued an apology.
This incident had me thinking more about cancel culture and how it’s gotten so bad that the risk vs. reward for being on Twitter at all is heavily weighted toward not doing it anymore.
There was an old Bob Newhart comedy skit about Sir Walter Raleigh trying to explain cigarettes to the folks back home at the West Indies Trading Co. HQ and it was funny as hell and the implied punchline was “why on earth would anybody actually do this?”
Here’s the Twitter version of that skit:
“So let me get this straight, every mood, every flitting thought, every knee jerk reaction to the most moronic or incendiary thing that sets you off (which is actively targeted at you by the platform’s algos to bring out your worst) gets recorded on a public ledger and is published for all to see, and then years or decades after the fact, flash mobs can data mine it, read their own political ideology into it and then accuse you of thought crimes and destroy your career?
…Where do I sign up?”
I was hesitant about adding this item, it’s an essay in the Wall Street Journal about the prospect of the Coronavirus pandemic kickstarting a global transhumanism initiative to abolish death via technology. The promise of the utopia that would usher in is weighed against the dystopian scenario of it coming in unevenly (read: the rich get to live forever, the poor take their chances in the afterlife).
The reasons I’m hesitant is because a) it’s on the WSJ and thus behind a paywall, and b) it’s such a huge topic, so huge in fact, that my next book is about exactly this. I had started working on The Singularity Has Been #Canceled last spring but put it on the back burner to write Unassailable, which of course, is now out (and free, in fact), so I have been getting back to this.
I’m including it here by summarizing the essay on a standalone post and adding my comments and an intro to my next book.
WSJ article: https://www.wsj.com/articles/looking-forward-to-the-end-of-humanity-11592625661
We called this week’s Axis Of Easy Salon #9, with Jesse Hirsh and Charles Hugh Smith “Algorithmic Guerrilla Warfare”. As we head into a world where rule of law will soon be augmented, if not replaced by algo overlords, what can ordinary people do to protect themselves and their privacy?
That, and much more was what we discussed: