March 2020 Articles

<img src=”//imgs.xkcd.com/comics/scientificbriefing.png” title=”"I actually came in in the middle so I don’t know which topic we’re briefing on; the same slides work for like half of them."” alt=”Scientific Briefing” srcset=”//imgs.xkcd.com/comics/scientificbriefing_2x.png 2x” class=”class=”img-fluid center-block”>

This article provides an investigation of some popular apps that frequently access the pasteboard without user consent. These apps range from popular games and social networking apps, to news apps of major news organizations. We found that many apps quietly read any text found in the pasteboard every time the app is opened. Text left in the pasteboard could be as simple as a shopping list, or could be something more sensitive: passwords, account numbers, etc.

Interesting finds: the New York Times, NPR, and Hotel Tonight all have this behavior.

A 2011 post by Ben Horowitz, linked to recently by Steven Sinofsky.

In peacetime, leaders must maximize and broaden the current opportunity. As a result, peacetime leaders employ techniques to encourage broad-based creativity and contribution across a diverse set of possible objectives. In wartime, by contrast, the company typically has a single bullet in the chamber and must, at all costs, hit the target. The company’s survival in wartime depends upon strict adherence and alignment to the mission.

Great post.

I can’t emphasize enough how often there is a failure to act in a crisis while leaders search for the optimal solution or try to find a nuanced communication strategy. Usually this is about a solution that minimizes all the awful side-effects of acting—how can revenue be preserved, how can employees remain, how can some elements of business as usual remain, and so on. It is a crisis, the solution is painful and trying to find a solution that is less painful than the crisis is futile and time spent doing that is likely to make the crisis worse. The communication of action needs to be blunt and crisp—not for a lack of empathy but as a way to assure accountability for the actions that seem counter to most intuition.

Being stuck at home can be challenging. When I lived on the International Space Station for nearly a year, it wasn’t easy. When I went to sleep, I was at work. When I woke up, I was still at work. Flying in space is probably the only job you absolutely cannot quit.

But I learned some things during my time up there that I’d like to share — because they are about to come in handy again, as we all confine ourselves at home to help stop the spread of the coronavirus. Here are a few tips on living in isolation, from someone who has been there.

I love makerspaces. People can take their ideas and turn them into reality. Kudos to Lennon Rodgers, Jesse Darley, and Brian Ellison for their rapid prototyping.

After putting his kids to bed, Rodgers went to Home Depot and a local craft store and grabbed supplies, including transparent plastic and a couple of foam mannequin heads. Then he made a hasty prototype at the UW maker space by adapting a construction visor and presented it to his wife, an anesthesiologist. “I was really proud of it, but she put it on and said ‘This is way too heavy,’” Rodgers recalls.

The results speak for themselves:

Last Thursday, the hospital approved the prototype. Rodgers posted the design online for others to use and the ad hoc collective began to ramp up production. They have since sent more than than 1,000 face shields to the UW Hospital. Ford has picked up the open source design, and expects to produce more than 75,000 this week at subsidiary Troy Design and Manufacturing in Plymouth, Michigan. The company plans to send the initial run to Detroit area hospitals.

It’s been interesting watching Twitter inform the debate around COVID-19. In many ways, the best information has started circulating on Twitter amongst experts, long before it’s been espoused by recognized authority organizations (WHO, CDC, or major news outlets).

As I have argued from the beginning of this site, the Internet is an amoral force: it is up to us to decide if it is for good for bad. The best way forward is embracing Internet assumptions and using the overwhelming amount of information and free access to anyone to make things better, not try and build a moat around what experts say is right or wrong.

Pathogen Resistance

Zoom

Michael E. Kirkpatrick ·

Zoom, the video conferencing service, seems to have a lot of bad things happening under the hood that are now being exposed and more people use their service.

From Joseph Cox at Motherboard in his article “Zoom iOS App Sends Data to Facebook Even if You Don’t Have a Facebook Account”:

What the company and its privacy policy don’t make clear is that the iOS version of the Zoom app is sending some analytics data to Facebook, even if Zoom users don’t have a Facebook account, according to a Motherboard analysis of the app.

From John Gruber’s Daring Fireball “Regarding Zoom”:

Zoom subsequently removed the Facebook integration code and fast-tracked an update to the App Store. But still. This is a company with a history of playing fast and loose with privacy and security. You may recall last summer, when it came to light that the Mac version of Zoom secretly installed a web server, which remained installed and running even if you deleted the Zoom app from your machine. Shockingly, this enabled a security exploit that allowed hackers to take control of your Mac’s camera — the sort of privacy nightmare scenario that leads folks to tape over their cameras. Zoom called this hidden unremovable-through-normal-means web server a feature, not a bug. The bug was so insidious that Apple had to push a silent MacOS update to remove Zoom’s hidden web servers.

And from Micah Lee and Yael Grauer at The Intercept in “Zoom Meetings Aren’t End-to-end Encrypted, Despite Misleading Marketing

Zoom, the video conferencing service whose use has spiked amid the Covid-19 pandemic, claims to implement end-to-end encryption, widely understood as the most private form of internet communication, protecting conversations from all outside parties. In fact, Zoom is using its own definition of the term, one that lets Zoom itself access unencrypted video and audio from meetings.

…But despite this misleading marketing, the service actually does not support end-to-end encryption for video and audio content, at least as the term is commonly understood. Instead it offers what is usually called transport encryption, explained further below.

I’ve been wondering how much data about me lives on the Internet and how to get it removed. I’ll continue to update this post as I learn more.

Clearview.ai

“Clearview AI is an American technology company that provides facial recognition software, which they claim is marketed primarily for law enforcement agencies. The company has developed technology that can match faces to a database of more than three billion images scraped from the Internet, including social media applications.” - Wikipedia

Clearview.ai Privacy Request Forms

Google

Google’s Ad Settings

People Data Labs

“A dataset of resume, contact, social, and demographic information for over 1.5 Billion unique individuals, delivered to you at the scale you need it.” - PeopleDataLabs.com

Being prepared for emergencies and disasters is easy to disregard. It’s much more practical to focus on the here and now and short term planning than to devote time and resources to potential future scenarios.

Case in point, in 2006 then “Gov. Arnold Schwarzenegger announced the state would invest hundreds of millions of dollars in a powerful set of medical weapons to deploy in the case of large-scale emergencies and natural disasters such as earthquakes, fires and pandemics.”

They were ready to roll whenever disaster struck California: three 200-bed mobile hospitals that could be deployed to the scene of a crisis on flatbed trucks and provide advanced medical care to the injured and sick within 72 hours.

Each hospital would be the size of a football field, with a surgery ward, intensive care unit and X-ray equipment. Medical response teams would also have access to a massive stockpile of emergency supplies: 50 million N95 respirators, 2,400 portable ventilators and kits to set up 21,000 additional patient beds wherever they were needed.