I[di]oT[s] & ToS[sers]

Posted on 27 May, 2015 by odo

Marc Goodman’s Future Crimes, a book about the frightening vulnerabilities of the internet, privacy violations, and the currency of data (data as a commodity), is an old story with a new digital twist. The book needs competent editing, yet despite its shortcomings, and follies, most of the content can’t be discounted. It’s one more siren alerting us that business as usual is heading the wrong direction. One more warning that complacency is equal in culpability. One more flashing red light indicating an immediate need to put on the brakes.

Goodman recounts for us countless, unendurable real world examples of the power and powerlessness of today’s computer code. The susceptibility of our daily digital activities to fraud is hammered. Showing side by side the good and evil of IT, and sometimes a strange grayness in between, leaves one wanting to run for the hills to become a hermit fool. He projects an image of the internet wildly out of control as the progress of information technology careens towards a terrific, awesome, uncontrollable clash of the data-Titans, with ordinary people getting the butt end of their bludgeons. In blood-curdling narrative after narrative, and frequent reminders and recaps, we are pummeled with fearmongering stories. Goodman also supplies us with his extrapolations into the possibilities yet to be explored by, mostly but not exclusively, foreign criminals. If you can suffer his battering, there are urgent messages to be heeded, the consequences of which are already being felt.

Message : Overexposure. [Anti]social media ostensibly provides us with a valuable service for keeping in touch. Goodman shines a light on its duplicity in the title of chapter two, “You’re not the Customer, You’re the Product.” Everything you post on these sites is public. Those “privacy settings” are superficial restrictions that apply only to other participating products, not to the service providers, nor their customers. But that’s not all! Your information is not secure. It can be broken into by lone pimply faced hackers just for kicks, or by government agencies, corporations, and crime syndicates for various nefarious reasons. (The last three being nearly synonymous.) Google mail is a prime example. Not only do Google computers ‘read’ your email, they collect, store, and analyze every bit in order to leverage its domination; to bolster its information prowess and sell it to other monster corporations. That’s only the tip of the Google-berg.

Facefook is another egregious abuser of your privacy. The subterfuge of its interface and concocted usefulness is bad enough, but its tentacles corkscrew deep into its users, their connections, and their other online activities. They’ve even conducted psychological experiments on their users without user consent. Then, and only after the abuse, they altered the ToS (Terms of Service) to give themselves “your consent” and the “legal permission” to violate you more.

Google and Facefook are not alone in this subterfuge. They are only the top predators in the insatiable collection of data. Dozens of other multinational corporations engage in these manipulative games, all under the guise of “free,” and never with your overt consent. Even if the ToSser agreement allows it, you’re probably not aware that you’ve given up your rights, or more accurately, your rights have been stolen from you. It may be legal to voluntarily give up your rights to be a slave, but it is unconditionally not legal to own a slave. It may be legal to give up your rights by checking “I’ve read and agree to the terms and conditions,” but is it legal to take away those rights? Whenever you’re presented with a “free” app, or “free” service, stop, ask yourself, “How is free possible?” “What am I giving up?” “How much is this going to cost me?” “Is this really beneficial?” “Do I want to be violated?”

Message : Reality warping. Not only is your personal information prone to abuse by the smiley corporations giving you their internet candy; not only is it subject to break-ins and theft, it’s also, and more deviously, subject to alteration, fabrication, and selective filtering. Imagine having your records changed, your credit report damaged, your medical records faked, and the consequences. The reliability of our data, and everything that we access online, is critical. As we depend evermore on a digital life, we need to be able to rely on its accuracy. While we leak parts of our personal lives, scattering it around the internet, storing it in the cloud, and as digital life becomes increasingly insecure, we could find our real lives disrupted in ways we haven’t imagined.

We put trust in friends we’ve never met. We’ve all had connection requests from people we don’t know. Millions, actually hundreds of millions of registered users on the face, the twit, the yelp, etc., are fakes. Yes, you could be friends with one of the over 140 million fraudulent antisocial media entities. We put our trust in online reviews. Fake users are not uncommon or passive. They take active roles when their puppet masters choose. It’s estimated that 25% percent of Yelp reviews are paid. Zoowie! Followers, comments, and “likes,” are readily disseminated by computer programs or paid disinformation workers. Those millions of followers can be bought by virtual zombies whose job is to fabricate an onscreen fantasy. The possible corruption of everything we see on our displays challenges credulity, and prompts paranoia.

Each and every day around the world, display wars are taking place as governments, multinational corporations, criminals, and terrorists battle to shape and control what is seen online. What ensues is a real but covert war on reality, one that is meant to blind us to the truth.

Trending, mass opinion, and popularity can be manufactured in a flash. There’s no way to tell on the surface. In the virtual world everything is equally virtual, virtueless, and viral.

Message : Fraud enabled. A large portion of the book is spent on cybercrime, a multifaceted field. Crime utilizing the internet for the sale of contraban and criminal services; collecting and selling credit card numbers, and identity theft; the development, distribution, and running of crimeware. The last is a particularly insidious group of applications that hijack your computer for fraudulent purposes, running in the background without your knowledge as part of a botnet. In other cases, the malware commandeers your computer, holding it ransom for a fee : cyber-extortion.

The questions are, how rampant is cyber-crime? How much will it accelerate? Is it a minor or major threat? His argument is that it is BIG, and growing as fast as technology. I would caution that, like other businesses, crime is self-limiting. But how far will it go? Why does it seem not as bad as he claims? The big break-ins have hit the news many times—large retail chains and banks infiltrated by hackers who have pilfered millions of credit card numbers. (And another one reported just this morning targeting the IRS.) Well, if this problem were as big as he suggests, we’d be in a heap of trouble. Why haven’t we heard more about this? In large enough quantity, illicit credit card activity could destabilize the entire system. Then, I think about my own experience. I have had suspicious activity on my credit cards on three occasions. Each time quickly assessed, the card suspended even before I was aware, costing me nothing (directly), and with limited cost to the issuer. And a minor incident of identify theft—someone tried to open a credit account at a national hardware retailer using my name and Social Security number—thwarted because the perpetrator, on the other coast, used a local address, thereby raising a red flag. After that incident my credit was on a watch list for a couple of years. One friend has had his credit cards replaced at least four times due to unauthorized activity. A quick survey of other acquaintances confirms that, indeed, this is common. Fortunately, banks have rather good programs in place that monitor suspicious charges, mismatched addresses, and other irregularities that signal alarms, and limit the damage. Nonetheless, the problem is big, and worse, it’s a never ending struggle that costs billions annually.

Message : I[di]oTs are not smart. The Internet of Things (IoT) is underway. Processors are being inserted into the most unlikely products to make them “smart” by connecting them to the internet. Oh, how I need to control my thermostat when away from home. Oh, how I need my refrigerator to tell me the milk is spoiling. Oh, give me a frigging break. Home security systems are being put online. The advantage of this inane “upgrade” is that now security systems can be controlled remotely by anyone with basic computer/internet skills. Not secure. Every new I[di]oT product coming out, or any product labeled “smart,” further adds to the insecurity of the digital world. As more I[di]oT products come online, more of our modern technology is subject to hacking. The implications are that these stupid silicon-chipped and code-controlled things are more vulnerable to catastrophic failure and criminal tampering. Instead of improving the quality of life, I[di]oT enabled products are injecting turmoil to the wired world.

As participants in the inter-netted electroscape, it is impossible not to be exposed. We are being attacked from both sides, the corporate and the criminal. There are techniques to protect ourselves, but no matter how hard a shell we try to put around our electronic lives, there will always be inevitable leaks and exploitable weaknesses, some by design, some by accident. The only full protection is to drop out, disavow, disconnect.

Message : The law is lagging. We can mail a letter and be secure that it will arrive intact and unopened; not so with email. We can go to the library to read without anyone knowing our interests, even if we borrow the book; not so with internet searches and website visits. (Libraries have been under attack to release lending records. To their credit most have refused to comply, but the battle is ongoing.) We can use cash without a trace; not so with plastic. And we can travel by land freely from state to state without being tracked (if we leave our electronic devices at home); not so by air.

Even if the law were to protect our electronic activity, that won’t stop the relentless attacks from those who aim to take over control. This is more than a legal issue. It is a two pronged issue : the law and the computer code. The legal side could be quickly and easily remedied. It’s the starting point for establishing standards of ethics. On the code side, although security stands to be greatly improved, there will always be a way in. For any program to be functional, it can’t be impenetrable. Nevertheless, it is possible, with present capabilities, to greatly improve security.

WordPress sites are under constant attack. This site is barraged by administration login attempts, thousands a month, for the purpose of hijacking the site. There would be hundreds of spam comments, too. To thwart these attacks, registration is required using captcha verification, and IP address lock-out after three wrong password entries. I’ve also permanently blocked over 1200 IP addresses for repeated lock-outs. These are effective tools to keep spammers and hijackers out, but it’s annoying. And I wonder, what is all this fraudulent traffic costing the system? Everyday spam email, spam comments, DDoS, and referrer spam goes out by the millions, all intended to take unfair, unearned, unethical advantage. What’s it going to take to discourage it?

Message : Code is King — Data is Power. As information collection, processing, and data correlation grows ever more pervasive, those without the massive data banks and the knowledge of code will increasingly find their usefulness, bank accounts, and lives shrinking. There wasn’t a chapter in the book that didn’t mention some new tech company, only years old, being sucked up by one of the leviathans, Google, Facefook, Yahoo, Microsoft. This coincides with the continued hoovering up of one corporation after another by a few of the biggest mega-multinational conglomerates. It wasn’t long ago that laws were put in place to break up oversized trusts and monopolies because of the dangers and the abuses engender, but today those laws are being ignored. Here is the single most frightening message from the book, one that is barely mentioned directly, but that emerges inadvertently on every page. The power and wealth held within data and digital technologies are being amassed in ever greater quantities, and controlled by an exceptionally small number of digital elites. The discrepancy between the techno-data haves and have-nots is growing along with the growth of technology. The rise of robotics exacerbates the conditions, widening the gap to the point that even those well educated in any other field besides IT will become redundant.

We have arranged things so that almost no one understands science and technology. This is a prescription for disaster. We might get away with it for a while, but sooner or later this combustible mixture of ignorance and power is going to blow up in our faces.   — Carl Sagan

Future Crimes covers much more than the title indicates. He rambles on about the expected future of technology, some foreseeable, some speculative, some absurd. He repeats, repeats, yet there’s so much he’s trying to cover, and still he leaves the reader wanting, not because the read is so compelling, but because there’s little help offered.

Message : Free is a ripoff. It’s estimated that each antisocial media user generates about $8 in ad revenue—per year. Goodman states, “I’d rather [pay] ten bucks and be left alone.” MIT researcher Ethan Zuckerman calls advertising the web’s original sin, and further declares, “The fallen state of our internet is a direct consequence of choosing advertising as the default model to support online content and services.” I am, without qualification, in agreement. I’d rather pay—pay for search services, email, entertainment, etc.—pay for what I use and be free, completely free, from the unsightly, unethical torment of advertising, tracking, and privacy intrusion. I’d rather pay with dollars than pay with my rights. Paying for commercial-free services negates the incentive to invade privacy through data collection, and removes the distracting sensory pollution of advertising.

He finally offers a few solutions, but only one which you and I can apply. Educate yourself on the basic workings of digital technology. You don’t need to know how to code, just a working knowledge about how the system operates. Number one in this category is passwords—they can’t be words, can’t be short, can’t be easy, and the same one shouldn’t be used everywhere. His other suggestions need to be grappled with by the designers of hardware and the coders of software. 1) Establish two-factor authentication to replace passwords. 2) Fix faulty code. 3) Encrypt everything. Encryption is the fastest, easiest solution that’s being insufficiently applied. The faults in the code are due to the sloppiness inherent in rushing. The hurry, hurry, hurry, faster, faster, faster mantra is not merely flawed, it’s wrong, wrong, wrong. . .  Fast accomplishes one thing exceedingly well : blunders. It’s time to slow down. Computer code, sales, or whatever one does, doesn’t need to be done yesterday; it needs to be done well.

Future Crimes, Marc Goodman, Doubleday, 2015

Read the article “How to Survive Cyberwar,” by Keren Elazari, in the April 2015 issue of Scientific American.
Previous related post [Info-Elitism].

Posted in Book reviews, Discover | Tagged , , , , , , , , , | Leave a comment

Memento Mori

Posted on 13 May, 2015 by odo

Album sales have been in decline since 2009. Total album sales are CD sales combined with album downloads (misnomered as digital sales) and LPs. Despite the continued growth in album downloads, they’re not making up for the drop in CD sales. And don’t even think about LPs. At less than 3% of the market, LP sales would have to increase exponentially just to matter. Last year’s report indicated a 17.7% increase in LP sales—piddlysquat.

It’s a shame, not the demise of the LP or CD, but the demise of the album. The LP made the album a contender. In case you’re not old enough to know, LP stands for Long Play. The 33.3 rpm high fidelity record, along with the microgroove, lengthened listening time to an average of about 20 minutes per side. Before that, the limit was little more than 4 minutes. Generations since have never experienced the earlier time constraints, and don’t realize how revolutionary that was. It opened a new world to the recording industry, and a surge in creative possibilities for artists. It was the gateway to extended works and assembling a series of pieces that would flow one to the next like a concert performance.* The album concept : the concept album. The latter never existed before the LP. Compact discs extended the range to over 60 minutes without flipping, or stacking, or interruption. Although the 45 rpm single allowed the option of buying only the hit or two from the album, there were other attractions for getting the whole album. Most times there were other cuts you wanted not available on 45. Yet the big lures were cover art, inside photos, liner notes, and the concept. Those lures passed on to the CD, except for the draw of album art—the 12cm square of a CD page doesn’t hold a candle to the 12″ square of the LP. But this doesn’t completely explain the loss of interest.

Downloads started as music sharing of mpeg compressed single cuts. The industry got pissed off. They pretended to be upset with copyright piracy and loss of revenue. Loss of revenue? Not really. If you really liked something, you’d still buy the CD to get more of the artist’s music, and more importantly, for the full CD quality sound. Back then, mpeg compression compromised sound quality to keep file size small and download times short. Recording executives really only cared about controlling distribution so they could make more money. They weren’t losing anything. To broker a solution, Apple broke their agreement with the other Apple and got into the music business by legitimizing downloads through iTunes, and in the process, further emphasizing single downloads over albums. Less than a generation later, storage capacity and data transfer speed are high enough that the mpeg compromise is no longer an issue. Full CD quality, and high res for that matter, is quick and easy. Add to the scuffle the convenience of portable digital music players—no media to handle—make your own mix—no limits to single selection—a generation weaned on single downloads—and you have the recipe for doing in the album, and the CD.

Still, I buy the CD because I want liner notes, credits, the names of the other musicians, the loads of information downloads rarely, if ever, offer, and music server apps don’t accommodate. I buy it because I want hard copy. I buy the album because better artists still apply the album concept to their CDs. And I buy it because I would have never heard some of the best cuts had I not gotten the album. Plucking a single cut out of a well conceived album is like chopping out Mona Lisa’s smile. The part and the whole suffer. Admittedly, not all albums are conceptually integrated—many are hasty patchworks. But you see, here’s the flip side of the record. Much of the recording industry is giving up on the concept of the album. Picking out a piece or two, shuffling the order, mixing up the cuts makes no difference when shortsighted producers merely kludge together recording session scraps. If they want to save the album, they need to save the concept.

And here’s an example of each, one album concept, one concept album. Think of the album concept as a concert, many pieces strung together in a fluent sequence, sometimes around a single theme. Think of the concept album as a symphony, many movements joined into a single piece, each section relating to the next like the scenes of a play.

Example one opens with an easy, slow tune. Next, the pace increases with two uptempo numbers. There are never more than three up or down tunes in a row, and a nicely balanced almost 1:1 ratio of up to down tunes. Coming full circle, it ends quietly with the smooth, moderate tempo, title cut. A classic structure, one that gives us an emotional tour of land, sea, and sky appropriate for an album of standards. The theme : the hits of Nat King Cole performed by his daughter, Natalie Cole, recorded 26 years after his death. It’s a solid production, if predictable, honoring the spirit and memory of Nat and his musical era. There were times I could hear in my mind Nat’s distinctive voice as Natalie sang. The kicker of the album is the title cut, Unforgettable, where through the prestidigitation of digital processing, Nat travels in time to sing, once again, with his daughter. An unforgettable closing number. The liner notes are extensive and thorough. Every musician is credited, every soloist named. Biographical tidbits and childhood photos give a glimpse into Natalie’s relationship with her father and family. You don’t get that with a download.

Example two is Jethro Tull’s Thick as a Brick, a setting to music of a longish poem by the invented enfant terrible Gerald Bostock. One cut per side of seamless epic-ocity, except for the necessary break for the LP flip. Might it have been unbroken if produced post CD, or taken itself more seriously? The engaging liner notes are set as a mock newspaper complete with tongue-in-cheek classifieds. This album is a package, each part leaning against the others, each supporting, supplementing, strengthening the various fragments. The music can stand on its own, better than other Jethro Tull releases, yet without the St. Cleve Chronicle, the thorny liner notes, it’s only a truncated version of an entirety, and doesn’t reveal the power of the total package.

Think about what you’re missing with single downloads and liner-less albums and how it feels to be thick as a brick.

* 78s were released in bound albums holding several records, with one song per side, not unlike a photo album.

Posted in Discover, Music reviews | Tagged , , , , , , , , , | Leave a comment