Category: Links

Categories
Links

Confidentiality in an Era of Patient-Doctor-Cop

From The Canadian Press:

Doctors at Royal Columbian Hospital in New Westminster have complained that local police and RCMP officers are routinely recording conversations without consent between doctors and patients who are considered a suspect in a crime.

“They will be present when we are trying to question the patients and trying to obtain a history of what happened,” said Tony Taylor, an emergency physician who practises at the hospital.

“They have now recently started recording these conversations and often they will do that unannounced, which has a number of implications around confidentiality and consent.”

As far as doctors at Royal Columbian are concerned, the police are getting in the way of patient care.

Patients tend to clam up when police officers are present, Dr. Taylor said. “That makes it difficult to get those kind of history details that are critically important,” he said.

The idea that the police are present, and recording interactions between a doctor and patient, is patently problematic from a procedural fairness perspective. In the past the authorities have lost Charter challenges based on their attempts to exploit Canada’s one-person consent doctrine; I’d be very curious to know the legal basis for their recording persons who may be accused of a crime, in a setting clearly designated as deserving heightened privacy protections, and the extent to which that legal theory holds up under scrutiny.

Categories
Links

A Past Life’s Dream Job

Per Wired:

Woods, a 30-year-old with neatly floppy hair, is dressed tonight in a black button-down shirt and jeans. His DM performances—and being a dungeon master is a kind of performance—are often marked by excitable narration and winkingly melodramatic theatrics; at one point during tonight’s game, he gleefully pounds a hand into a fist, mimicking an arrow’s impact on an opponent.

He’s spent nearly three months preparing for this showdown, even hand-building a few model towers out of scrap wood and dowels. It’s one of the most elaborate adventures he’s crafted in his four-year career as a professional DM at schools and homes in Manhattan and Brooklyn. Sometimes, like tonight, the games are run in his apartment, where the bookshelves reach high with graphic novels and board games, and where the walls are decorated with full-color maps from D&D classics like Greyhawk and Isle of Dread.

But while Woods is one of several DMs-for-hire out there, this isn’t his hobby or a side gig; it’s a living, and a pretty good one at that, with Woods charging anywhere from $250 to $350 for a one-off three-hour session (though he works on a sliding scale). For that price, Woods will not only research and plan out your game but also, if you become a regular, answer your occasional random text queries about wizard spells. “He’s worth the money,” says Kevin Papa, a New York City educator (and occasional DM) who’s been part of this Friday-night game for more than a year. “Being a DM requires a lot of brainshare. I don’t know how Timm absorbs it all.”

When I was in high-school or my undergrad, I can see this as the type of job that I’d have loved. Though I think that the idea of a campaign’s length and narrative being based on sessions clients are willing to pay would create some challenging conditions for planning long-term stories; it’d definitely lend itself to a serialized type of play, where each session was like a mini-TV episode, as opposed to early sessions functioning as the opening scenes of a feature film.

Categories
Aside Links

Covernames Versus Code / Strategy Versus Tactics

From the New York Times:

Mr. Snowden’s cascade of disclosures to journalists and his defiant public stance drew far more media coverage than this new breach. But Mr. Snowden released code words, while the Shadow Brokers have released the actual code; if he shared what might be described as battle plans, they have loosed the weapons themselves. Created at huge expense to American taxpayers, those cyberweapons have now been picked up by hackers from North Korea to Russia and shot back at the United States and its allies.

While the revelation of code facilitates a more immediate kind of repurposing and attack, I think that the Shadow Brokers have tended to reveal tactical information versus the strategic information released by Snowden. Few have done the requisite work to actually pull together the comprehensive narratives that emerge in the Snowden documents and, instead, have focused on specific programs or tools. Those few of us who have comprehensively analyzed his documents, however, now possess insights into strategic thinking, decision making, and resource allocation of the Five Eyes intelligence agencies. The long term value of such information is just as, if not more, valuable than code drops.

Categories
Links

USB-C is a Failure

Marco Arment has a scathing and altogether too accurate accounting of the USB-C standard. Anyone who is dealing with the headaches of managing different USB-C cables, hubs, and chargers is all to well aware of the problems associated with the standard, but Marco’s post is the best summation of all the problems in a single location.

Categories
Links

Apathy is Political

On Sidney Crosby’s visit with the Penguins to the Trump White House:

Apathetic white people who groan when athletes of colour get political, or who suggest as Crosby did that politics and sports do not mix, are in need of a reminder that for most, political activism isn’t a choice or a hobby. People don’t usually consider it fun or interesting to put their jobs on the line to speak out against a bigger power. The marginalized do not go looking for politics. It seeks them out. In this context, it sought them out when the President of the United States openly flirted with a racist ideology that would very much like to destroy them.

Exactly.

Categories
Aside Links

Exploited for Advertising

As part of a long-feature for The Guardian:

The techniques these companies use are not always generic: they can be algorithmically tailored to each person. An internal Facebook report leaked this year, for example, revealed that the company can identify when teens feel “insecure”, “worthless” and “need a confidence boost”. Such granular information, Harris adds, is “a perfect model of what buttons you can push in a particular person”.

Tech companies can exploit such vulnerabilities to keep people hooked; manipulating, for example, when people receive “likes” for their posts, ensuring they arrive when an individual is likely to feel vulnerable, or in need of approval, or maybe just bored. And the very same techniques can be sold to the highest bidder. “There’s no ethics,” he says. A company paying Facebook to use its levers of persuasion could be a car business targeting tailored advertisements to different types of users who want a new vehicle. Or it could be a Moscow-based troll farm seeking to turn voters in a swing county in Wisconsin.

Harris believes that tech companies never deliberately set out to make their products addictive. They were responding to the incentives of an advertising economy, experimenting with techniques that might capture people’s attention, even stumbling across highly effective design by accident.

The problems facing many Internet users today are predicated on how companies’ services are paid: by companies doing everything they can to capture and hold your attention regardless of your own interests. If there were alternate models of financing social media companies, such as paying small monthly or yearly fees, imagine how different online communications would be: communities would likely be smaller, yes, but the developers would be motivated to do whatever they could to support the communities instead of advertisers targeting those communities. Silicon Valley has absorbed many of the best minds for the past decade and a half in order to make advertisements better. Imagine what would be different if all that excitement had been channeled towards less socially destructive outputs.

Categories
Aside Links

The Dangers of Political ‘Marketing’

‘Politics’ by Samuel Thorne (CC BY-NC-ND 2.0) at https://flic.kr/p/kAgBCR

From n+1:

Given that some of the major players involved in Trump’s campaign effort have obsessions with war tactics and strategy, it’s easy to imagine that weaponized targeting may not only be a pre-election phenomenon. Such efforts could be employed as part of an ongoing campaign to weaken any resistance to the Trump Administration and thwart political opposition through ratcheting up in-fighting and splintering. It’s not an overstatement to suggest that the infrastructure of mass consumer surveillance enables new kinds of actors to take up the work of COINTELPRO on a mass scale. Former Cambridge Analytica employees have said the company internally discusses their operations as psychological warfare.

Cambridge Analytica may not be alone in pursuing these types of psychological warfare tactics. In response to the recent revelations of Russian-bought Facebook ads, Senator Mark Warner told the Washington Post that the aim of the ads was “to sow chaos.” Yet, rather than promoting general chaos, some ads may have been specifically designed to fuel infighting among the Trump opposition. Earlier this year, The Intercept showed that TigerSwan, a shady mercenary firm hired by Energy Transfer Partners to combat communities opposing the Dakota Access Pipeline, used knowledge gleaned from surveillance as part of their own strategy to splinter their opponents. A leaked TigerSwan document declared, “Exploitation of ongoing native versus non-native rifts, and tribal rifts between peaceful and violent elements is critical in our effort to delegitimize the anti-DAPL movement.”

What our current digital environment affords are opportunities for efficient, large-scale use of such tactics, which can be refined by data-rich feedback loops. Manipulation campaigns can plug into the commercial surveillance infrastructure and draw on lessons of behavioral science. They can use testing to refine strategies that take account of the personal traits of targets and identify interventions that may be most potent. This might mean identifying marginal participants, let’s say for joining a march or boycott, and zeroing in on interventions to dissuade them from taking action. Even more worrisomely, such targeting could try to push potential allies in different directions. Targets predicted to have more radical inklings could be pushed toward radical tactics and fed stories deriding compromise with liberal allies. Simultaneously, those predicted to have more liberal sympathies may be fed stories that hype fears about radical takeover of the resistance. Such campaigns would likely play off divisions along race, gender, issue-specific priorities, and other lines of identity and affinity.

We’re reaching the pinnacle of what online advertising can do: identify persons of interest, separate specific persons from others to discretely target them, and motivate targets to change their emotional states and act based on those states. It’s bad enough this is done to push products but, now, the same activities are seeping into the political systems and damaging democratic undertakings in the process. Such activity has to be regulated, if not stopped entirely.

Categories
Links

Threat Actors and Act Types

OLYMPUS DIGITAL CAMERA
Hacker by The Preiser Project (CC BY 2.0) at https://flic.kr/p/jrrmeP

The grugq has a useful explainer for the different kinds of threat actors an organization might be mindful for, such as hactivists, criminals, and state actors, and how and why they tend to operate as they do. With regards to state, and private-public, teams:

There is a tendency to want to rank the Services, but this is not especially fruitful. More interesting is the culture of the Services teams, their nature, their agility, the problems that the team are expected to address, whether they have internal capacity or rely on third parties, and so on. More relevant is trying to understand what they exist to accomplish, how capable they are of doing that, how agile they are in term of changing their MO and if and how well they can accomplish other goals.

This is an inherent problem with hybrid public/private teams — information sharing. While the private component will probably have superior skills and breadth and depth of operational experience, their lack of big picture understanding will prevent them from surfacing ideas, making connections, or otherwise providing insight to help advance the operation. Generally, having the people actually doing the work involved in suggesting improvements is a good way to improve. Similarly, having the people with wide access to botnet victims know what sort of data will get them paid will produce a greater volume of potentially interesting data.

While I tend to think that his analysis of nation-states is good, it under-emphasizes how certain states either have their farm leagues ‘train’ on civil society or, alternately, team with semi-skilled private operators who operate similar to criminals. Whether these behaviours are representative of training exercises, of not wasting the good stuff on civil society, of deliberately being evident to instil caution amongst civil society, or of something else, isn’t entirely clear. Regardless, there is arguably a bit more nuance that could be added to round out some of the characteristics of different threat actors.

Categories
Links Writing

The Insanity of ‘Terrorism’ Offences

The Fool by Christopher Parsons, All Rights Reserved

Via The Intercept:

At the end of a quick one-day trial, Judge Emma Arbuthnot at Westminster Magistrates Court ruled that Rabbani had willfully obstructed police when he declined to hand over his passwords. Rabbani avoided a possible three-month jail term and was instead handed a 12-month conditional discharge and told he must pay court costs of £620 ($835). This means a Terrorism Act offense will be recorded on his criminal record. But as long as he does not re-offend within the 12-month period, no further action will be taken against him.

Rabbani had argued his electronic devices should have been protected under the latter category, as they contained confidential information related to his work. The judge said that Rabbani did not make this clear to the officers who initially interrogated him, but did say so later in a prepared statement following his arrest. She described Rabbani as “of good character,” acknowledged he was “trying to protect confidential material on his devices,” and noted that “the importance of passwords and PIN numbers in the 21st century cannot be overstated.” However, she still concluded that his “decision not to provide the information when requested by the examining officers” amounted to “a wilful obstruction of the lawful examination in the circumstances.”

A lawyer was charged and found guilty of a terrorism offence for refusing to decrypt a device containing sensitive client information. A baseline part of the criminal justice system is that what is said between a client and their lawyer is protected speech, but this protection is under threat in the UK: solicitors who do their duty and uphold the oaths to their clients risk serious convictions that may permanently refigure their lives and liberties. This dismantling of baseline aspects of our legal systems to fight ‘terrorism’ are ludicrous and do more harm to our societies than can be inflicted upon us by violent extremists and criminals.

Categories
Links Photography

Facebook’s DNA

Om Malik:

Having followed Facebook for a long time, I know what really plagues the company is that being open and transparent is not part of its DNA. This combination of secrecy, microtargeting and addiction to growth at any cost is the real challenge. The company’s entire strategy is based on targeting, monetizing and advertising.

Common sense ideas such as being humane, understanding its impact on society and civic infrastructure — well that doesn’t bring any dollars into the coffers. Call me cynical, but reactive apologies are nothing but spin.

So very true.