Old Fucking Punk @lwriemen@librem.one

#Glacial #melting in #Antarctica may become irreversible | World news | The Guardian

https://www.theguardian.com/world/2019/jul/09/glacial-melting-in-antarctica-may-become-irreversible

#GlboalWarming #ClimateChange

You Can’t Get Good Help These Days

Can you believe a FORMER BARTENDER has deigned to criticize our brave concentration camp guards?

A New Wave of Environmentalists Want to Give Nature Legal Rights

In the summer of 2014, officials in Toledo, Ohio, announced that the city’s tap water was no longer safe to drink. A toxic algae bloom caused by fertilizer runoff had poisoned Lake Erie, the primary water source for the area’s half-million residents, sickening more than 100 people. Stores emptied of bottled water within hours. For […]

omg these 1941 London military bunker sketches are so very proto-James Bond

https://twitter.com/DrLivGibbs/status/1148486945154224129

Camped Out

Gotta hear both sides: useless centrists AND right-wing nutjobs!

Ocasio-Cortez and Sanders Are Going to Introduce a Climate Emergency Resolution in Congress

On Tuesday, Reps. Earl Blumenauer (D-Ore.), Alexandria Ocasio-Cortez (D-NY) in the House, along with Sen. Bernie Sanders (I-Vt.) in the Senate, will introduce a resolution asserting there is a climate emergency and demanding a wide-reaching mobilization to prepare for the consequences of climate change. They want to “restore the climate for future generations.” “The global […]

The Privacy and Civil Liberties Oversight Board Signals It Will investigate NSA Surveillance, Facial Recognition, and Terror Watchlists

After a long dormant stretch, the Privacy and Civil Liberties Oversight Board (PCLOB) has signaled it’s ready to tackle another big review of government surveillance and overreach. The PCLOB, an independent agency in the executive branch, last published a 2014 report on warrantless surveillance of the Internet by the U.S. intelligence community. While EFF welcomes the PCLOB’s efforts to bring oversight and transparency to the most controversial surveillance programs, we’ve disagreed with some of the Board’s findings, particularly on surveillance under FISA Section 702. So while it’s a good sign that the board is turning its attention to other major issues, its mixed history means it may be a little too soon to get your hopes up.  

 This week, the board, which was created after a recommendation from the 9/11 Commission to look into the violation of civil liberties, released a strategic plan [PDF] that does not shy away from investigating some of the biggest threats to privacy in the U.S. According to the document, they will be looking into the NSA’s collection of phone records, facial recognition and other biometric technologies being used in airport security, the processes that govern terrorist watchlist, what they call “deep dive” investigations into NSA’s XKEYSCORE tool and the CIA’s counterterrorism activity, as well as many other government programs and procedures.

It’s hard to say what the possible results of these inquiries can or will be. The PCLOB has the right to look into classified materials, as well as request written subpoenas from the Attorney General. In the past, however, PCLOB has been incredibly measured in their critique of mass surveillance programs. Their 2014 report, for instance, found that the Section 702 program is sound “at its core,” and provides “considerable value” in the fight against terrorism—despite going on to make ten massive recommendations for what the program must do to avoid infringing on people’s privacy. In other words, while finding serious privacy concerns with a program that vacuums up an untold number of Americans’ phone data, it still approved of its existence.

At the very least, we should expect detailed reports out of these investigations that detail exactly how and why our privacy is being trampled. Despite the fact that any reports likely wouldn’t be out for over a year, these reports could become valuable evidence as Congress considers future legislation, especially provisions like Section 702 that regularly come up for amendment and reauthorization.

Related Cases:  Jewel v. NSA

The Biggest Lie in Trump’s Environmental Speech Today

There were so many lies strung together in President Trump’s environmental speech from the White House on Monday, it’s a challenge to factcheck.  “I’m glad you finally let people know what we’re doing,” Trump said taking the podium from his EPA chief Andrew Wheeler, who was one of the string of speakers appearing Monday in […]

Just the tonic! How an afternoon tipple made from peas could help save the rainforest

Using peas instead of wheat to produce gin significantly reduces the carbon footprint associated with the process. This finding could be utilized in the production of other alcoholic drinks and greener biofuels, and could also help in the fight to save the rainforests.

Pennsylvania Lawmakers Move to Strip Reformist Prosecutor Larry Krasner of Authority

A new Pennsylvania law allows the state attorney general to prosecute some gun crimes in Philadelphia if Krasner takes a pass.

The post Pennsylvania Lawmakers Move to Strip Reformist Prosecutor Larry Krasner of Authority appeared first on The Intercept.

https://quitter.im/attachment/2703777

CBO Says $15 Minimum Wage Would Be Mostly Positive

The Congressional Budget Office has published a new report on the $15 minimum wage.¹ Unusually for the CBO, it was a little hard to dig out all the relevant numbers, which means I had to read the whole thing fairly carefully. That’s very annoying, isn’t it? Anyway, here are the main takeaways: Families below the […]

I'm extremely pleased to launch Run Your Own Social: How to run a small social network site for you friends.

This is a guide book to running a small, tight-knit federated social network server. It comes from my year of experience running Friend Camp. It's focused largely on SOCIAL solutions, though it does touch on the technical.

I've tried to keep it technology-neutral, and it should be a pretty easy read for anyone who's been on the fediverse for a while.

https://runyourown.social/

Announcing “Gotta Catch 'Em All: Understanding How IMSI-Catchers Exploit Cell Networks”

Our phones hold a plethora of important, private information about our personal lives, and it’s not just their contents that matter: the data that our phones exchange with cell towers during basic connection procedures can reveal critical, and private, information. Perhaps you called the suicide prevention hotline from the Golden Gate Bridge; maybe you received a call from the local NRA office while it was having a campaign against gun legislation, and then called your senators and congressional representatives immediately after. The contents of those calls aren’t as secret as you might hope to someone who knows that the calls were made, and when. And just knowing the location a phone was in at a certain time, regardless of whether a call was made, could place someone at a protest—or at the scene of a crime. 

While the field of cell network security has been rapidly advancing, there’s also been a significant rise in the exploitation of cell network security bugs by criminals and law enforcement, who are using them to gain access to that private data. Devices known as Cell-Site Simulators (CSSs, a.k.a. Stingrays or IMSI-catchers) are increasingly being used by law enforcement for both dragnet and targeted surveillance; and several years ago we saw the first crackdowns against criminals using cell site simulators on a mass scale to deliver spam.

Rightly, there’s been a lot of interest in—and confusion about—what CSSs are capable of. From activists worried about being targeted and tracked, to policy makers concerned about the privacy of their constituents, to technologists interested in learning about the security flaws so that they can deliver fixes, there’s a range in knowledge, though all of these groups have a stake in learning more. But the barrier to entry to the field of cell network security has historically been quite high, even if you already have a technical background. While there’s increasingly more highly technical research into the cell network attack techniques that CSSs rely on, very little exists for the average reader.

To help bridge this gap, we’re publishing “Gotta Catch 'Em All: Understanding How IMSI-Catchers Exploit Cell Networks”, an in-depth white paper that explains some of the most relevant cell network attacks from the ground up. The white paper is entirely self-contained, and is meant to make accessible the technical details of the kind of attacks CSSs might rely on. While the contents will be most accessible to technologists, all readers should be able to gain a thorough understanding from it. The paper also addresses many common technical questions that come up when discussing the capabilities of CSSs, such as: what are the different kinds of location tracking attacks, what are the known limits around cell network communication interception, and how does all this actually work?

Given the prevalence of cell phones, these vulnerabilities—and the CSSs that take advantage of them—should not just be a concern for security researchers. We’re all vulnerable. The metadata and data that our phones exchange with cell towers during basic connection procedures is being taken advantage of by third parties to invade our privacy. Demystifying the tech behind these techniques is critical for raising awareness about the issue and finding solutions. We hope you’ll join us.

Logitech keyboards and mice vulnerable to eavesdropping and remote attacks:

https://www.heise.de/ct/artikel/Logitech-keyboards-and-mice-vulnerable-to-extensive-cyber-attacks-4464533.html

Disgraced Trump Fundraiser Elliott Broidy Is Reportedly Being Investigated. Read Our Story on Him.

On Monday morning, the Associated Press reported that disgraced Trump fundraiser Elliott Broidy is being investigated by the US attorney in Brooklyn, New York, for possibly using Broidy’s ties to Donald Trump and the GOP to score big-money business deals with foreign leaders, including officials in Angola and Romania. The AP notes that “prosecutors appear […]

Why aren't more journalism schools teaching digital security?

Gage Skidmore (CC BY SA 2.0)

Many journalism schools have a blind spot. In an environment where newsrooms increasingly defend against targeted hacking and surveillance that could endanger themselvesandtheir sources, digital security knowledge is a key part of the job. Yet most university programs offer students little to no security education.

J-school programs are designed to cultivate many skills, and security is increasingly a key part of a well-rounded education. What, then, are the competing interests and barriers that are getting in the way of a fully developed security education?

Want to help with our research on digital security education at j-schools?Share your thoughts here.

In 2017, Citizen Lab examined coverage of information security education at 32 Canadian and U.S. j-schools, finding only half offer information security training of any kind. Less than a quarter require this training. Of those offering some security education, the majority devote no more than two hours to the topic. At Freedom of the Press Foundation, we have a team of digital security trainers that facilitates workshops in newsrooms and universities alike, but security education cannot scale to reach all practicing and future journalists without baking it into the education system journalists rely on most.

With a variety of threats, and so many devices and applications to secure, one-time workshops are not necessarily enough to instill introductory knowledge necessary to help journalists protect themselves and their sources. In 2014, as fellows at the Columbia Tow Center for Digital Journalism, Carol Waters and Chris Walker conducted a semester of security courses and quizzed students on the basics, finding only about halfpassed a quiz on the material, even after attending as many as six three-hour security workshops supplemented by office hours.

There is some good news. Since 2017, for example, the new Craig Newmark Center for Journalism Ethics and Security at Columbia and University of Southern California’s Annenberg school have started to create programs that focus on journalism security. But we know we have a long way to go.

Of course, journalists come from all walks of life and professional backgrounds, and many reporters do not have a j-school background. But the fact remains that j-schools are one of the few places where we can reliably find aspiring journalists today who have the time and ability to learn digital security techniques in a comprehensive manner.

So we asked some students and professors about their department’s security offerings.

The need for “top down” support from departments and faculty

“We are in an urgent arms race, and we need to continually develop tools and mental frameworks to deal with that,” says Marc Ambinder, an adjunct professor at the University of Southern California Annenberg School for Communication and Journalism. “The more we delay making information security a central premise of journalistic education, the worse off journalists of tomorrow will be tomorrow, regardless of what the legal or technological landscape is.”

As a longtime national security reporter, Ambinder knows firsthand what it’s like to have sources investigated or reprimanded. He wants his students to learn from past real-world risks.

Students at his program are assigned remote reporting assignments, learning the context-specific challenges of reporting. Along the way, they will inevitably encounter security issues, and Ambinder is there to coach them.

“A student’s going down to the border, and the student is in the United States on a visa. And wants to know whether her rights if she crosses the border are different, and what she might want to do in advance of crossing a border with the journalistic work product that she has, in order to prevent the chance that someone might see it, or that she may be detained, or that she may be harassed upon detention. So there’s a mentality that we have to train into students as well, as much as training them on any particular technique.”

He says his school recognizes this. Alongside the USC Annenberg school, Ambinder is helping to craft a broad security program that he hopes will include both dedicated coursework, as well as integrated security modules in existing courses. This is only possible because of buy-in from the department.

Ambinder believes these skills will make USC Annenberg students more competitive candidates for journalistic roles after graduation. “Having looked at the core curricula requirements for many journalism schools in just preparing my own work… There’s very little type of this education that’s out there. One assumption I think being that, well, you’ll learn it when you go out into the field, when you get employed. I also think that unfortunately represents a mentality that might have worked five or six years ago. Now, I think it’s a plus if you can go into a newsroom and tell your editor, I know how to make sure that my communication with my source is fairly sacrosanct.”

Having even one advocate in the department is also one of the first steps to making substantive change.

Charles Berret, assistant professor at the University of British Columbia Graduate School of Journalism joined the department to focus on issues of technology use in journalism, and advocates for security education to be built into coursework. One of the issues frustrating adoption of full security courses, he says, is that departments have several competing priorities for course offerings. “Even if people like the idea, even if there’s a strong argument for it, they still have to create a course code… Just the idea that they have a limited number of spaces in which new courses can be placed, I think is an odd source of bureaucratic anxiety, but a real one, and it can really put the brakes on something even if there is some measure of support.” Berret says one way to address this concern is to further embed security education in existing coursework.

J-school students are taking on a growing roster of skills, nearly all of which now rely on technical skills. On top of narrative writing, this could mean students are taking on courses in documentary, photo, video, and audio journalism. Students are increasingly involved in data analysis and software engineering courses as well.

When trying to develop a well-rounded courseload, department staff are thinking through their priorities. Berret says, “The question is not so much do they want to do it, or not want to do it. Do they have any way to know whether the course is going to be the most valuable addition to the curriculum in the long run?”

Each professor in a department has the power to influence the current body of course offerings, and if they don’t reach consensus about an area of study, they may simply choose to forego or spend less time on it. Few professors are well-placed to advocate for additional security coverage.

Departments that have not determined a strategy to integrate security education deeply into their program are unlikely to hire professors with deep knowledge or experience on this topic. At the same time, j-schools with faculty experienced in security are often the agitators for integrating security education into coursework.

Students and “bottom up” priorities

Yael Grauer worked as an investigative reporter for over a decade, and had worked on security reporting for five years before joining the Arizona State University Cronkite School of Journalism and Mass Communication. The department, like most journalism departments, offers minimal security training, partly because they feel pressure from existing coursework. Grauer suggests many of the students in her cohort won’t pursue reporting on sensitive areas, but security is an overlooked issue at a moment when everyone is talking to sources over electronic, and sometimes insecure, channels.

For students whose journalistic careers are just beginning, Grauer suggests they may not yet know why security knowledge is going to be important in their work. “I’ve been doxxed. I’ve gotten harassed online… So maybe other people haven’t had that experience.”

Grauer says she is concerned about how her journalism program’s lack of coverage affects how its fledgling reporters interact with sources, and how this could affect sources’ livelihoods, because she has written for publications where sources have allegedly leaked information that could put them in jail. For some sources, speaking about their workplace with reporters can introduce the risk of losing their job. In national security or foreign affairs reporting, they might also risk their freedom. “I do worry. What if people here have sources that go to jail?”

Though she’s skeptical that most journalism programs would do so, Grauer feels j-schools should offer introductory courses on foundational security practices.

“I think people are just kind of set in their ways. I do think there should be a one-credit digital security class to just teach people basic stuff. Like password managers, two-factor authentication, how to use a Yubikeys, different messaging apps, how to threat model.”

Building demand for security education

Alongside the growing role of computing in how newsrooms work, we also see the growth of both passive and targeted security threats journalists face each day. Future reporters must be equipped with the knowledge to protect themselves and their sources. J-schools have a meaningful opportunity to influence a generation of journalists and their sources that is safer than the last.

Freedom of the Press Foundation’s digital training team regularly conducts digital security trainings in newsrooms around the country. But a one-day training is often just the beginning, and we want to push journalism programs to think hard about how to integrate security education into their curricula, so that journalists are equipped with the right knowledge before they enter the newsroom. We need both top-down acknowledgment of the issue from department faculty, and bottom-up demand from students to make it happen.

Are you a journalism student or faculty member? If so, we’d love your help conducting research to learn how we can improve security education in journalism programs. Help us learn about your j-school here. And if your program is looking for assistance or consulting to bring regular security education to your school, we’re here to help.

Can we feed 11 billion people while preventing the spread of infectious disease?

A new article describes how the increase in population and the need to feed everyone will give rise to human infectious disease, a situation the authors of the paper consider 'two of the most formidable ecological and public health challenges of the 21st century.'