Weekly output: Senate privacy hearings (x2), a split Internet, Chrome vs. Flash, cord cutting, D.C. tech, Chrome sync, Facebook hack

The last few days of Brett Kavanaugh drama in the Senate really took a hammer to my productivity. Yours too, I’m sure.

9/24/2018: What to expect when Apple, Amazon, and Google get grilled in Congress this week, Yahoo Finance

This was what you saw me talk about the previous Friday on Yahoo Finance’s Midday Movers show. One point I wish I’d made in this post: the absence of customer voices in this hearing.

9/24/2018: China’s Internet, Al Jazeera

I come on at about the 5:30 mark in the linked video to discuss remarks by former Google CEO Eric Schmidt that China’s increasingly-tight control of the Internet inside its borders means we’re now dealing with two Internets.

9/24/2018: Google’s latest Chrome update tightens the locks on Adobe Flash, USA Today

With Chrome now making it harder than ever to run Flash content, I checked in with two Flash holdouts: Intuit’s Mint.com, which requires it to view stock charts, and United Airlines’ “personal device entertainment” inflight service, which demands it to stream most TV shows and movies to a browser.

9/25/2018: Your wireless carrier may stop you from dumping cable TV, Yahoo Finance

I got an advance look at two studies that came out Tuesday: one looking at cord cutters’ motivations, another at how reliably wireless carriers deliver streaming video. The second provided important context to complaints cited in the first, so I wrote up both in this post.

9/26/2018: Are you ready for the spotlight?, DC Startup Week

SilverStrategy founder Tara Silver quizzed me, Technical.ly DC‘s Michelai Graham, and DC Inno’s Kieran McQuilkin about how startups try to get media attention, the state of the D.C.-tech scene, and this region’s odds of landing Amazon’s second headquarters. Update, 10/8: The organizers posted video of our panel to their Facebook page.

9/27/2018: Why now is a good time to reconsider browser-sync options on Google Chrome, USA Today

The latest Chrome release’s barely-documented switch to logging you into the browser if you log into any Google sites both upset some information-security types and gave me an opportunity to write this post, reminding readers that you can add a sync password to stop Google from monitoring and monetizing your Web activity and that Mozilla Firefox’s own Web-activity synchronization comes encrypted end-to-end.

9/27/2018: Tech execs to senators: Regulate us, but not too much, The Parallax

I wrote up Wednesday’s Senate Commerce Committee tech-privacy hearings, noting the questions the senators asked of executives with Amazon, Apple, AT&T, Charter, Google, and Twitter as well as the queries that didn’t come up.

9/29/2018: Facebook hacked, Al Jazeera

I made a second appearance on AJ’s Arabic-language channel (overdubbed live as usual) to talk about the series of bugs that could have let unknown attackers into 50 million Facebook accounts. Unlike my earlier appearance this week, this show doesn’t seem to be online.

Advertisements

Weekly output: whither the small smartphone, medical-device security, Senate privacy hearings

I watched my last Nats game of the year this afternoon and had scant company in the ballpark, thanks to the chilly temperatures, near-constant rain, and yesterday’s elimination of the team from postseason contention. But even in those crummy circumstances, baseball still offers its less-likely rewards: seeing us turn a 5-2-3 double play, then watching Trea Turner break the franchise record for stolen bases.

(Confession: I wasn’t in the stands after the 5th. I believe that staying for all 18 innings of game 2 of the 2014 NLDS gives me a pass to leave the very-occasional game early.)

9/19/2018: With Apple maxing out iPhone sizes, the small smartphone looks even more endangered, USA Today

If you’re a fan of smartphones small enough to allow easy one-handed use–and to fit into what passes for pockets on many women’s clothing–then the big part of Apple’s iPhone news this year was the quiet discontinuation of the compact iPhone SE. Unfortunately, Android vendors appear even more set on ignoring market demand for smaller devices.

9/20/2018: How weak IoT gadgets can sicken a hospital’s network, The Parallax

I wrote an explainer about how badly-configured or insecure-by-default connected devices can allow remote exploitation, then traversal of a hospital’s network. To get a fuller sense of your risks, replace “hospital’s network” with “your home’s network.”

9/21/2018: Midday Movers: Stocks mixed after a day of record highs, Yahoo Finance

Yahoo Finance runs four live video shows each weekday, and I made an appearance on one of them after an editor basically asked what was taking me so long. I had already been planning on attending Yahoo’s All Markets Summit conference Thursday (I hope my livetweeting from it didn’t get too annoying), so this gave me even more reason to head up to NYC for a few days. I come on at the 40-minute mark, when I talk about a post I have coming up that outlines the questions I hope will be asked at Wednesday’s Senate Commerce Committee tech-privacy hearings–plus what I’m afraid we’ll hear instead.

Weekly output: Stasi Museum, new iPhones

For the first time since I-don’t-know-when, I didn’t watch an Apple new-iPhone event live. I had planned on doing that in the air on my way to Austin Wednesday for the Online News Association’s conference, but the plane was a regional jet with Gogo WiFi–and I realized after takeoff that I’d forgotten my Gogo password, didn’t have that password saved in LastPass and could not reset it without, you know, Internet access. Then I further realized that a) since nobody had asked me to opine on Apple’s new hardware as of noon, that probably wasn’t going to happen later on, and b) since my upgrade had cleared on this flight, I could skip creating a new Gogo account for the occasion and instead enjoy a leisurely lunch before napping in a chair in a sky.

9/10/2018: Remember Stasi spying to understand the GDPR, The Parallax

The day I arrived in Berlin for IFA, I set aside a few hours to explore the Stasi Museum, a grim monument to the oppressive surveillance of the German “Democratic” “Republic.” I’d prepared myself for the visit by watching “The Lives of Others,” but it was something else to see the physical relics of East Germany’s campaign to take up residence in the heads of its subjects. Writing this gave me a chance to quote a co-worker from 1993: Shane Green, who was a fellow intern at the Carnegie Endowment for International Peace and went on to work in Berlin and learn about the Stasi’s destruction of privacy before a lot of other Americans.

9/12/2018: Apple’s upcoming iPhones, Al Jazeera

My one bit of punditry–so far!–about Apple’s new phones came late Wednesday morning (or that evening if you watched the Arabic-language channel in in Qatar), an hour and a half before Apple’s event. I did a quick live interview to talk about the prospects of higher prices and a wider array of iPhone models, plus the chances that President Trump would slap a tariff on Chinese-made iPhones.

Weekly output: Michael Chertoff on privacy, TV-streaming rate hikes

I only had four workdays this week, thanks to Monday being spent in the air on my way back from London to D.C. That said, my productivity was not as bad as this scant list would suggest, since I filed three other posts in those four days… and now I can find out how much more work edits on those posts will entail.

7/12/2018: Ex-Homeland Security chief Chertoff wants EU-style data privacy laws, Yahoo Finance

I spent about half an hour on the phone with Michael Chertoff Wednesday afternoon about his views on various privacy and security issues and came away with far more material than I could fit in this post, as well as a renewed appreciation of the time it takes to transcribe quotes from a recording of an interview.

7/15/2018: As cord-cutting prices rise, here’s what you can do to keep costs down, USA Today

No, rate hikes at such live-TV streaming services as DirecTV Now and Sling TV don’t mean that returning to the embrace of cable or satellite TV–both subject to the same inflationary pressures, both also fond of sticking you with monthly fees to return a tuner box–now makes financial sense for a lot more people.

Another part of the world where I need to use a VPN

I spent last week in London with my family–yes, actual vacation-esque time! It was great, except for when I was trying to keep up with news from back home.

My first stay across the Atlantic since the European Union’s General Data Protection Regulation went into force May 25 brought home the unpleasant reality of some U.S. sites’ continued struggles with this privacy law. And instead of experiencing this only briefly in a Virtual Private Network session on my iPad, I got a full-time dose of it.

The biggest problem is sites such as the Chicago Tribune and the Los Angeles Times that have blocked all European access instead of providing the privacy controls required by the GDPR.

That’s not the fault of the GDPR–its provisions were set two years ago–but is the fault of Tronc, the long-mismanaged news firm formerly known as Tribune Publishing. Tronc could afford to pay $15 million to former chairman Michael Ferro after he quit facing charges of sexual abuse but apparently couldn’t afford to hire any GDPR-qualified developers. I hope the LAT can fix that now that Tronc has sold the paper, but it may be a while before I can link to any Tribune stories without annoying European readers.

With my client USA Today, the issue isn’t as bad: It provides EU readers with a stripped-down, ad- and tracking-free version of the site, which you can see at right in the screenshot above. What’s not to like about such a fast, simple version? Well, I can’t see comments on my own columns, and simply searching for stories requires switching to Google… by which I mean, Bing, since right-clicking a Google search result doesn’t let you copy the target address, and clicking through to a Google result will yield an EU-specific USAT address.

The simplest fix for these and other GDPR-compliance glitches was to fire up Private Internet Access on my laptop and connect to one of that VPN service’s U.S. locations–yes, as if I were in China. It seems a violation of the Web’s founding principles to have to teleport my browser to another continent for a task as simple as reading the news, but here we are.

Weekly output: IoT security, Facebook privacy pop-up, L0pht hacker testimony, Tech Night Owl

This edition of my weekly recap features a new client: The Parallax, the security-news site founded in 2015 by former C|Net writer Seth Rosenblatt. At least two friends had suggested earlier that I look into writing there, but that didn’t happen until I spotted Seth at the Google I/O press lounge earlier this month and introduced myself. If you were going to ask about the absence of another client in this post: Yahoo Finance hasn’t forgotten about me, I haven’t forgotten about them, and I’ve got three posts in the works there this coming week. Hint: One involves a hydrogen-fueled car.

5/22/2018: IoT regulation is coming, regardless of what Washington does, The Parallax

I wrote up the panel I moderated at RightsCon two weeks ago–which required me to record the whole thing on my phone and then spend an hour and change transcribing everything. On the upside, having to set aside my phone to capture the audio meant I couldn’t be distracted by the Twitter backchannel during the panel.

5/24/2018: Don’t ignore this alert from Facebook. It’s your chance to quickly curb what it knows, USA Today

I filed a cheat sheet on the privacy-settings pop-up you may have already seen. I got my version of this interruption Friday; mine did not advise me to check the info in my profile, maybe because I don’t have anything there advertising my political or religious leanings.

5/24/2018: 20 years on, L0pht hackers return to D.C. with dire warnings, The Parallax

The lede for this popped into my head not long after arriving at the Rayburn House Office Building for this panel Tuesday afternoon and noticing that the name tags in front of the room featured the hacker handles of the four speakers instead of their given names: Kingpin (Joe Grand), Mudge (Peiter Zatko), Weld Pond (Chris Wysopal), and Space Rogue (Cris Thomas). At one point, Zatko complained about companies that try to win over customers by stapling on “flashy security products” like anti-malware utilities; as the Parallax is sponsored by the anti-malware vendor Avast, I made sure to include that line, and it went into the post intact.

5/26/2018: May 26, 2017 — Rob Pegoraro and Ben Williams, Tech Night Owl

I showed up on Gene Steinberg’s podcast to talk about my at-the-time incomplete iMac drive transplant (by the time he rang me on Skype, I hadn’t finished disassembling the old drive, which is an anxious point at which to have to set aside the work), the weird case of an Amazon Echo capturing and sending a recording of people’s in-home banter, and the European Union’s General Data Protection Regulation.

Weekly output: disinformation, IoT security, do not disturb while driving, GDPR

I wrapped up three weeks in a row of business travel by going to Toronto for Access Now’s RightsCon conference. This was somehow my first trip to Canada’s largest city, and now I’m already looking forward to returning there next year for Collision.

5/16/2018: The Perfect Storm? Misinformation and Extremist Propaganda, RightsCon

I moderated this discussion with Institute for Strategic Dialogue project coordinator Chloe Colliver, Data & Society media-manipulation project lead Joan Donovan, and Graphika research and analysis director Camille François. It all went well, aside from when I thought the panel only ran for an hour and needed the audience to remind me that we actually had a 75-minute timeslot.

5/17/2018: Internet of (Stranger) Things: Privacy threats of the next generation of vulnerable devices, RightsCon

I’ve been quoting security researcher Bruce Schneier for years, and somehow Access saw fit to have me moderate a panel featuring him–as well as Ryerson University expert-in-residence Ann Cavoukian, Access policy manager Amie Stepanovich, and Atlantic Council fellow Beau Woods. The stage for this panel happened to feature a large fern on either side, so I had no choice but to rip off “Between Two Ferns” for my introduction.

Although RightsCon didn’t record video of either panel, a new client asked me to write up our discussion, so I recorded it on my phone; you can listen to that audio after the jump.

5/20/2018: This new smartphone feature should be used by every driver, from teen to seasoned commuter, USA Today

I wrote a cheat sheet for using the “Do Not Disturb while driving” feature Apple added to iOS 11, as well as the Android Auto app that should be in Google’s standard Android bundle but is not. Neither is all that new, but I don’t always get to write the headlines.

5/20/2018: EU to install sweeping changes to online privacy rules, PBS NewsHour

I did this remote interview with NYC-based NewsHour anchor Alison Stewart about the EU’s General Data Protection Regulation from a studio in D.C. before this afternoon’s Nats game. My last appearance on the show came in 2011; I’ll try not to wait so long before a return.

Continue reading