first time i’ve started my day with a phishing email with an old password of mine in the title. LastPass + 2FA is a lifesaver – updated 40+ accts over 12 hours, and now i won’t have to wire Alfredo $8k in bitcoin to prevent the release of my “sex tape”
US Senate votes to let internet providers share your web browsing history without permission (The Verge)

The US Senate has voted to overturn consumer-friendly internet privacy rules that would have prevented internet providers from sharing your web browsing history without permission. The privacy…

I’ve got $40 for the first Gofundme to purchase Senator Todd Young’s browsing history

http://www.theverge.com/2017/3/23/15026666/senate-broadband-privacy-rules-congressional-review-act-fcc-vote

Dear Cheryl1 (my NSA angel),

Hi there. I have been reading (but you knew that) about the latest cycle of ad blocking, and how it will be the end of advertising/journalism/the internet as we know it2. It is fun to remember how pop-up blocking was also the end of internet advertising as we knew it!

Anyways, my favorite piece to come out of all this is a talk transcript by the head of Pinboard.3 I encourage you to read it yourself, but here are some choice pull-quotes.

On ad morals:

The ad networks’ name for this robotic deception is ‘ad fraud’ or ‘click fraud’. (Advertisers like to use moralizing language when their money starts to flow in the wrong direction. Tricking people into watching ads is good; being tricked into showing ads to automated traffic is evil.)

On regulation:

When I flew over to give this talk, I wasn’t worried about my plane falling out of the sky. Eighty years of effective technical regulation (and massive penalties for fraud) have made commercial aviation the safest form of transportation in the world.

On smart refrigerators:

Samsung recently got in hot water with their smart refrigerator. Because it failed to validate SSL certificates, the fridge would leak your Gmail credentials (used by its little calendar) to anyone who asked it. All I wanted was some ice, and instead my email got hacked.

On living in San Francisco:

You wouldn’t hire a gardener whose houseplants were all dead. But we expect that people will trust us to reinvent their world with software even though we can’t make our own city livable.

Seriously, it is ten minutes of reading well spent.

Have a great day,
Craig


  1. The NSA is an equal oportunity employer.
  2. Here is the same guy from that editorial (he is EIC, btw), two months earlier, lamenting the terrible mobile web user experience, which is almost entirely caused by ads and trackers.
  3. My least favorite piece was Marco Arment’s, who, after proclaiming ad blockers the future and creating the most popular one on iOS, probably found out it was blocking ads on his own site.

Dear Ernesto (my NSA angel),

We haven’t chatted (directly) in a while. How are things? Last I heard, you had the director of the FBI complaining about encryption making his job harder. Have you guys found the abominable Snowden1 yet?

Anyways, I am writing you today about the NSA’s Foxboro branch. I did enjoy the shitting the bed in court last week over Ballghazi2, but this lends the internal power struggle some context. But what do I know, I am probably just a “butthurt Colts fan.”

Also, it is hilarious that even after all this comes to light, they are still jamming signals in opposing teams’ headsets. Did you guys give them the tip to use their own game broadcast? I bet your style is more classic-rock-Van-Halen-Not-Van-Haggar signal interference.

Take it sleazy,

Craig


  1. HBO found him. Maybe you should talk to them.  ↩
  2. This is not Deflategate. That is a terrible name. It is Ballghazi.  ↩
Dear Stanley (my NSA angel),

Sorry I haven’t had time to write you in a while. I’ve been busy trying to change all my passwords (well, at least the important ones) because of the Heartbleed bug.1 I hear you guys knew about it for a while now. Where’s the heads up, buddy? I thought we were friends.

It sucks that it only takes one guy missing a couple lines of code to totally undermine security on about half of the internet. I bet you guys wish you were that efficient. So did you have to change your passwords too? Probably not. Whatever proprietary security software you guys use would probably still be secure even if everyone’s password is “guest”.

Anyways, feel free to keep photoshopping your vans out of my photos. Please take it easy on the filters though.

Til next time,

Craig2

image credit: Global Panorama


  1. XKCD has the best explainer of the bug that I have seen: Heartbleed bug 
  2. This mostly has nothing to do with Heartbleed, but I always think of it when I see “IP addresses”. Me and him are gettin’ on the internet. http://i.adultswim.com/adultswim/adultswimtv/tools/swf/viralplayer.swf  
Dear Steven (my NSA angel),

I understand that phone calls are kind of your thing. How does it feel, then, that someone in charge (however half-heartedly) is finally saying, “Hey, maybe we shouldn’t collect all this phone data“?

I’d be a little mad, I guess.1 I just hope that we can all be adults about it and debate the merits2 and shortcomings3 of mass surveillance. Unlike some people, who wear three-corner hats and freak out when they get tread on by Barack Hussein Obamacare and don’t understand the phrase “what goes around comes around.”

And hey, bonus –

Phone companies, for their part, would have to provide “technical assistance” in order to make sure that the government could easily search for and collect information…

You have a built-in scapegoat for when things go tits up4!

Sorry for your (non-)loss,
Craig


  1. I’m sure your behavior algorithms already knew that. You have those, right? Google does, so I’m sure you do by proxy. 
  2. None. 
  3. All. 
  4. I would like to see this British-ish phrase come up more in daily conversation. 
Dear Mike (my NSA angel),

I hear you guys got duped pretty bad by a major US telecom company. I am having trouble picking a favorite part of this situation. Too many to choose from:

  • Telecoms apparently overcharge everyone, even the federal government.
  • The idea of suing those telecoms to get your money back is laughable when you substitute “average consumer” for “federal government.”
  • Sprint’s network was not capable of adequate surveillance, from a technical standpoint. If you are planning something that will get you surveilled and you are smart enough to use a network that is too shitty to tap, you deserve to operate in secret.

Is anyone in the right here? It’s like corruption Inception. I know you can neither confirm or deny any of this1, but come on. We know it was you, Mike.

I’m watching you,
Craig