Of course I didn’t see how social media could be an accelerant for bigotry

It took a few years after I first reviewed Windows XP for me to realize the enormous omission from my initial assessment of that operating system: It didn’t even include the word “security.” It feels like I’ve devoted much of my work since to making up for that shortfall.

I’ve had the same unpleasant realization over the past few years about social media. Just as my first look at XP showed no imagination about how an OS designed to run on trusted networks would fare on the open Internet, my early writing about social networks evidenced inadequate foresight about how they might help bigots to bond.

Consider, for instance, the Twitter explainer I wrote for the Post in 2008. I loved writing that almost exclusively as a series of 140-character-compliant paragraphs, and I think as prose it holds up well. But although Twitter was still figuring out the basic mechanics of @ mentions then, the piece reveals no consideration of how Twitter’s architecture might let bigoted trolls recruit like-minded people to scale up a Twitter mention’s compelled attention into a denial-of-service attack.

The evidence was there: A year before, writer Kathy Sierra had endured a hail of death threats for the crime of having two X chromosomes while expressing value judgments about technology. But my attention was elsewhere.

I can file away my naïveté about Windows security on not doing enough background research, but I can’t untangle my lack of imagination about social networks from having used them exclusively as a straight white man with an Italian (read: Catholic) last name. On every social network I’ve used–from Usenet newsgroups to Slashdot to the Post’s comments to Twitter and Facebook–I’ve had the unrequested benefit of not being routinely attacked for my gender, sexuality, race or religion.

But I never quite realized that until writing about Gamergate. I spent the day before that Yahoo Tech post ran locking down every important account and steeling myself for a toxic response online. Then nothing bad happened and nobody tried to destroy my critique by impeaching my identity. I can now confirm that white privilege is a hell of a drug.

Since then, we’ve had another unforeseen development: a president who has bragged about sexual assault, regularly evokes such anti-Semitic memes as “globalists”–a laundered code word for international Jewish financiers–and said neo-Nazis in Charlottesville last August included “very fine people.” Trump’s dog-whistling seems to have encouraged some bigots to crawl out from under their rocks and look for company.

Some have also been inspired to look for ways to kill people they see as “the other.” This bigotry boom has a growing body count–in C-ville last year, where I paid my respects at the memorial to Heather Heyer earlier this month, and today at a synagogue in Pittsburgh’s Squirrel Hill neighborhood. Last week’s pipe-bombing attempts could have added to that toll.

I’m sorry that I was asleep to so much of this before. I think I’m awake now, but I want you to tell me if you see otherwise.

Advertisements

Weekly output: John Brennan on election security, Saudi Arabia’s Twitter operations (x3)

For most of this past week, the conference badge was on the other lanyard: My wife was out of town for work.That brief spell of solo parenting ended with the house miraculously not much messier than before and me needing a nap more than usual.

10/17/2018: Ex-CIA chief’s take on election security: Don’t panic, do stay paranoid, Yahoo Finance

When I filed a first draft of my interview with former CIA director John Brennan two weeks ago, my editor said it read more like two posts and asked if I wouldn’t mind turning it into a pair of stories. This covers the second half of our conversation, folding in some quotes from some subsequent election-security events around D.C.

10/20/2018: Saudi Arabia’s Twitter mole, Al Jazeera

The New York Times reported Saturday that Saudi Arabia’s attempts to suppress dissidents like murdered Washington Post contributor Jamal Khashoggi extended to recruiting a Twitter insider. Several hours later, I told viewers–as overdubbed into Arabic–that this development represented a serious departure from Silicon Valley’s traditional definition of espionage as “an employee takes trade secrets to a competitor.”

10/21/2018: Saudi Twitter operations Al Jazeera

As part of what looks like the same kind of flood-the-zone coverage strategy I usually associate with Apple events, AJ had me on two more times Sunday to talk about this Twitter mole and Riyadh’s other attempts to change the social-media conversation.

Credit-card fraud doesn’t care how much you obsess about security

Once again, I have a credit card cut into pieces and dumped in a trash can, thanks to somebody trying to treat themselves to a spending spree on our account.

This time, the card was a Citi Double Cash MasterCard, and the transaction that got my attention was a $969.90 Lenovo purchase. Neither my wife nor I had any recollection of making that–and neither Citi nor Intuit’s Mint personal-finance app had flagged it as suspicious.

After spotting that in our account, I saw two other, sub-$10 transactions with “OTC Brands” that also didn’t match up with anybody’s memory. A 14-minute call later, Citi had canceled our cards and ordered up replacements–I can already shop online with the new number–and pledged to investigate these three sketchy purchases.

So overall, we got off easy. But the experience has been a useful reminder that sometimes security is entirely out of your hands. There’s nothing we could have done to stop this from happening; at best, Citi’s security would have flagged the Lenovo purchase and asked me to approve or deny it, as it did when an unknown party tried using our card in March of 2016 at a Ukrainian site.

And no, having an EMV chip on this card did not enhance its security for card-not-present transactions. Even if this card had required me to key in a PIN instead of sign for in-person purchases, that also would have likely made no difference online.

Sometimes you just have to hope that the system works–and when it doesn’t, hope that you don’t wait too long for the system to get your money back. Having gotten Equifaxed last year, I can confirm that things could be worse.

Weekly output: smartphone biometric security, Google vs. the headphone jack, Voatz blockchain absentee voting

Once again, Columbus Day–or, if you prefer, Indigenous People’s Day–delivered the unwelcome combination of our kid’s school being closed while both my wife and I still had to work. I joked on Twitter about resolving the argument over what to call this fake holiday and also saving Americans billions in day-care costs by abolishing it outright. But on reflection, the widely-tweeted suggestion that we relegate Columbus Day to a trivia question and promote Election Day to actual, don’t-have-to-work holiday status makes much more sense.

10/8/2018: Unlock your phone with your face or fingerprint? Here’s how to shut that off – quickly, This Morning With Gordon Deal

I talked about the subject of my most recent USA Today column on this business-news radio show.

10/10/2018: With Google’s new devices, music fans once again don’t get jack, Yahoo Finance

I’ve had this post in mind for a while, ever since conversations at events like Mobile World Congress and IFA revealed their lack of interest in shipping USB-C headphones. I expected that Google wouldn’t retreat from last year’s idiotic move to remove the headphone jack from its flagship smartphones, but I didn’t realize they would pull the same stunt with the new Pixel Slate tablet.

10/11/2018: This startup wants to secure absentee voting with a blockchain, Yahoo Finance

Even after spending a couple of weeks talking to various experts, I still have questions about how Voatz has been securing its blockchain-based voting system and whether states have thought long enough about how to ease absentee voting for faraway citizens. That said, many of the other options for absentee voting look even worse, something upon which I hope to write further in the coming weeks.

Updated 10/21/2018 to add a link to the Gordon Deal show.

A different default browser with a different default search

Several weeks ago, I switched my laptop to a setting I’d last maintained in the previous decade: Mozilla Firefox as the default browser.

Firefox took the place of Microsoft’s Edge, which I’d decided to give a shot as part of my reintroduction to Windows before seeing Edge crash too often. In another year, I would have made Google’s Chrome the default instead–but a combination of privacy and security trends led me to return to an old favorite.

Firefox had been my default browser in Windows since February of 2004, when it was an obvious pick over the horrific Internet Explorer 6. But a few years after the 2008 introduction of Chrome, Firefox had stopped keeping up, and I began relying on Chrome in Windows.

I kept Safari as the default on my Macs for its better fit with the operating system–although its memory-hogging habits had me close to also dumping it for Chrome until a recent round of improvements.

Last year, however, Mozilla shipped a faster, more memory-efficient version of Firefox. That browser has since finally caught up with Chrome in supporting “U2F” two-step verification, where you plug in a cryptographically signed USB flash drive to confirm a login. And as I realized when writing a browser-comparison columns for USA Today, Firefox comes close to Safari at protecting your privacy across the Web–especially if you install its Facebook Container extension, which blocks Facebook’s tracking at other sites.

This doesn’t mean I’ve dropped Chrome outright. I almost always keep both browsers open, with much of my Chrome tabs devoted to such Google services as Gmail and Google Docs. (Confession: I only learned while writing this that Google Docs’ offline mode now works in Firefox.) Chrome continues to do some things better than Firefox–for instance, while it doesn’t offer a simplified page-display option like Firefox’s Reader View, it’s been more aggressive at disciplining intrusive ads.

When I set Firefox as the default in Windows, I also switched its default search from Google to the privacy-optimized DuckDuckGo. That’s something I’d done in my iPad’s copy of Safari years ago, then recommended to readers last July in a Yahoo post; it seemed a good time to expand that experiment to a browser I use more often.

Since DuckDuckGo doesn’t match such Google features as the option to limit a search to pages published within a range of dates, I’m still flipping over to Chrome reasonably often for more specialized searches. But even there, I’ve reduced my visibility to Google by setting a sync password to encrypt my browsing history.

All this adds up to considerably less Google in my Web life. I can’t say it’s been bad.

Weekly output: wireless plans, cities meet 5G, GM + Honda, Twitter business models, Hack the Capitol, smartphone biometric locks, Tech Night Owl

This week saw a couple of long-running projects finally go online. It also saw a tweet I sent during a combative onstage appearance by Sen. Lindsey Graham (R.-S.C.) at the Atlantic Festival go slightly viral, as in 1,651 retweets and 2,843 likes. That one tweet doesn’t fairly capture Graham’s discussion–that’s why I posted it as part of a thread that wound up spanning 11 updates–but I fear most of the 185,556 impressions for the tweet in question did not result in my new readers sticking around to read the rest of that thread. Once again, Twitter is where context goes to die; in other news, water is wet.

10/1/2018: The Best Cell Phone Plans, Wirecutter

We posted yet another update to the guide to reflect the addition of tiered “unlimited”-data plans at all four carriers and tried to streamline the text a bit. And by the end of this work, we realized we would need to update the guide yet again in a few months, should changes we’re seeing in usage levels continue showing up in third-party studies.

10/2/2018: Why 5G Internet Is a Policy Minefield for Cities, CityLab

When I started interviewing people for this story, 5G wireless deployment was months away, but now it’s a commercial reality in four U.S. cities. Appropriately enough, I wrapped up work on this piece for this subsidiary of The Atlantic’s parent firm while attending that magazine’s conference in Washington.

10/3/2018: GM’s self-driving-car project will have Honda riding shotgun, Yahoo Finance

This writeup of GM’s Cruise Automation’s deal with Honda to co-develop its second self-driving electric car benefited from a quick interview with Cruise CEO Kyle Vogt I did right after their press call Wednesday morning.

10/3/2018: Twitter business models, Al Jazeera

The Arabic news channel had me to discuss this subject, inspired by the “We can’t believe this website is free” joke tweeted by Twitter’s own Twitter account. Right before I went on the air, I though to ask the interpreter if there was an Arabic term for “freemium”; he told me there was not, so we agreed that I would take a minute to describe that concept so he could translate it correctly.

10/4/2018: Hack the Capitol event reminds lawmakers that IoT security needs help, The Parallax

I wrote about this brief conference in D.C. about the security of industrial control systems from the week before in the light of… wait for it… Congress not acting on a vital tech-policy issue.

10/5/2018: Unlock your phone with your face or fingerprint? Here’s how to shut that off – quickly, USA Today

This how-to walks readers through quickly disabling the facial- or fingerprint-recognition unlock features in iOS and Android. A reader wrote to me afterwards to ask why I didn’t mention just restarting the phone, which will also disable those biometric unlocks; that would not be as quick to do, but I should have included that anyway.

10/6/2018: October 6, 2018 — Rob Pegoraro and Bryan Chaffin, Tech Night Owl

I talked with host Gene Steinberg about the puzzling mismatch between Bloomberg BusinessWeek’s story alleging a long-running Chinese campaign to hide spy chips on server circuit boards with increasingly direct denials by Apple, Amazon and others. There’s also some banter about transit in our roughly hour-long discussion.

It’s been a trying week to keep a politically open mind

For years, one of the non-obvious pleasures of writing about tech policy has been knowing that the good and bad ideas don’t fall along the usual right/left lines.

I might not want to hear Republicans like Rep. Darrell Issa (R.-Calif.) and former Rep. Jason Chaffetz (R.-Utah) say a single word about Benghazi, but they were right on a lot of intellectual-property issues. At the same time, I have not enjoyed seeing Democrats I otherwise find clueful like Sen. Pat Leahy (D.-Vt.) repeat entertainment-industry talking points.

But as the past couple of years and these past few days in particular have reminded me, the GOP looks different these days. When a Supreme Court nominee can snarl about left-wing conspiracies in a way that invites the description “Justice Brett Kavanaugh (R)” as the White House rushes through an investigation of sexual-assault allegations against him, and then all but one Senate Republican approves… well, that didn’t happen under President George W. Bush, as awful as things got then.

As a voter, I find nothing to like about what’s now the party of Trump. I’m struggling to think when I might once again cast a contrarian vote for a Republican for Congress in my deep-blue district–especially since my current representative lacks his predecessor’s history of questionable financial transactions.

But at the same time, it’s not good for my health to turn into a ball of rage, and I don’t want to respond to a bout of tribalism on the Republican side by returning the favor. So I’ve been trying to keep a few thoughts in mind.

One is that coherent political philosophies can deserve respect, but blind loyalty, an unprincipled will to power or rank bigotry do not. I may not agree with your notions on government power or individual responsibility, but if I see you speaking and acting in accordance with them, I can at least try to understand where you’re coming from. If, however, you’ve abandoned past positions because they conflict with fact-starved Trump talking points, why should I take you seriously?

If the logic of your current policy positions boils down to “this will help my team,” the same response applies. And if you spout racist or misogynistic nonsense, crawl back under your rock.
A second is that today’s Republican Party and conservatism aren’t the same thing, as one of this year’s dumber tech-policy debates illustrates. It’s become fashionable to describe (groundless) GOP complaints over social-network bias in terms of unfairness to “conservatives,” but the people doing the whining are solidly in Trump’s corner and back such Trump moves as imposing a hidden tax through massive tariffs and propping up dying resource-extraction industries–neither the stuff of small-c conservatism.

A third is that Democrats left alone can still screw things up. Living in D.C. in the mid 1990s, I had the privilege of helping to pay Marion Barry’s salary with my taxes; I know the risks of unchecked one-party rule. We still need a party that can point out that market forces can solve some problems on their own and that abuse of power isn’t just a sport for big business.

I assume it will take at least one electoral wipeout to break Trump’s spell on the Republican Party and let it try to recover that role–as that bomb-throwing liberal George Will wrote in June. In the interest of not trying to pretend I have no opinion on things I see everyday, I will admit that seeing such a beatdown would not make me sad.