Cars Were Banned on 14th Street. The Apocalypse Did Not Come.
More Teenagers Mistakenly Think “Private” Chat Conversations Will Remain Private
> As you can see, the chat participants–especially 7Up and Lady Gaga–seemingly discuss killing S, his goldfish, and his dog. But in the context of nonsense teen chatter, I don’t think anyone could read this transcript and believe that any of participants actually planned to harm S or any animals.
> An unidentified person tipped off S to the thread’s existence. S asked “Me” about it. Me revealed the thread’s name to S. This got back to S’s mom, who told the principal, who brought the girls into his office, seized their phones, and turned them over to law enforcement. Prosecutors brought charges against 7Up/JP for misdemeanor online threats. A jury convicted 7Up. The appellate court reversed.
This is mostly nonsense, although it’s somewhat interesting to see court opinions wrestle with the conundrum of quoting screenshots.
The pain of tracking down changes in U.S. law
> But this didn’t tell me when the coffee exception was introduced or in what legislation. Most of Title 23 dates from 1958, but the coffee sign exception was added later. When Congress amends a law, they do it by specifying a patch to the existing code. My use of the programmer jargon term “patch” here is not an analogy. The portion of the Federal-Aid Highway Act of 1978 that enacted the “free coffee” exception reads as follows:
> To track this down, I had no choice but to grovel over each of the links to the Statutes at Large, download each scan, and search over each one looking for the coffee provision. I kept written notes so that I wouldn’t mix up the congressional term numbers with the Statutes volume numbers.
California Governor Signs Bill Allowing College Athletes to Earn Money
Final Report on the August 14, 2003 Blackout
> We are pleased to submit the Final Report of the U.S.-Canada Power System Outage Task Force. As directed by you, the Task Force has completed a thorough investigation of the causes of the August 14, 2003 blackout and has recommended actions to minimize the likelihood and scope of similar events in the future.
> The report makes clear that this blackout could have been prevented and that immediate actions must be taken in both the United States and Canada to ensure that our electric system is more reliable. First and foremost, compliance with reliability rules must be made mandatory with substantial penalties for non-compliance.
The Legitimate Vulnerability Market
> Trading of 0-day computer exploits between hackers has been taking place for as long as computer exploits have existed. A black market for these exploits has developed around their illegal use. Recently, a trend has developed toward buying and selling these exploits as a source of legitimate income for security researchers. However, this emerging “0-day market” has some unique aspects that make this particularly difficult to accomplish in a fair manner. These problems, along with possible solutions will be discussed. These issues will be illustrated by following two case studies of attempted sales of 0-day exploits.
> May 6, 2007
Terrible Ninth Circuit 230(c)(2) Ruling Will Make the Internet More Dangerous–Enigma v. Malwarebytes
> The Ninth Circuit has issued a Section 230(c)(2) opinion that creates significant problems for anti-spyware/spam/virus vendors (I’ll call them “anti-threat vendors”). The ruling will paralyze their decision-making, expose them to greater legal threats, and reduce their ability to protect consumers from unwanted software. This ruling makes the Internet less safe. I hope the Ninth Circuit will fix it via further proceedings.
> Nevertheless, the majority’s legal standard creates two obvious and significant problems. First, many spammers, virusmakers, and adware/spyware makers will claim–legitimately or not–to be direct or partial competitors with anti-threat vendors. In those situations, the threat purveyors will naturally claim that the blocking was motivated by anticompetitive animus. In fact, I would expect such anticompetitive animus claims to be routine for blocked entities, not an exception. Indeed, as the dissent noted, Zango claimed (not credibly) its adware was competitive with Kaspersky’s anti-threat software.
I would say it will be the AV companies facing bogus lawsuits who will lose the most, and probably not users, but it’s a bit of a pickle.
Scraping A Public Website Doesn't Violate the CFAA, Ninth Circuit (Mostly) Holds
> This is a major case that will be of interest to a lot of people and a lot of companies. But it’s also pretty complicated and easy to misunderstand. This post will go through it carefully, trying to explain what it says and what it doesn’t say.
How Tax Policy Gave Us White Claw
> Because of this tax quirk, beverage companies have long sought ways to make flavored cocktail-like beverages for the U.S. market by brewing instead of distilling. Zima, Smirnoff Ice, and Mike’s Hard Lemonade are all “malternative” beverages, brewed from grain, like beer. A problem with malternatives has been the need to find ways to mask the beer-like flavor that results from brewing. To that end, these drinks have added sugar and strong citrus flavors, which a lot of consumers like. But they don’t serve as a replacement for a vodka soda.
> The key advancement with White Claw and its competitors in the “spiked seltzer” market is the use of sugar base for fermentation, which leads to a more neutral flavor than you can get by fermenting barley or other grains.
The NSA's regional Cryptologic Centers
> For many years, the US National Security Agency (NSA) was identified with its almost iconic dark-glass cube-shaped headquarters building at Fort Meade in Maryland. Only when Edward Snowden stepped forward in 2013, the public learned that there’s also a large NSA facility in Hawaii - which is actually one of four regional centers spread across the United States.
New York Times lawyer on Palin editorial: ‘It was an honest mistake’
> Sarah Palin has launched countless bogus attacks against what she calls the “lamestream media.” Virtually all of them disintegrate upon articulation, but one of them is lingering: On Aug. 6, the U.S. Court of Appeals for the 2nd Circuit restored a 2017 defamation lawsuit Palin filed against the New York Times over an editorial that falsely depicted the impact of her political action committee on the national discourse.
This is a much longer column than I expected, covering a lot of detail about proving defamation against a public figure.
Comments on Rep. Gosar’s “Stop the Censorship Act,” Another “Conservative” Attack on Section 230
> Now that the text is public, we can finally do a well-informed evaluation.
> This bill is terrible in many ways. Among other problems, it grossly misunderstands Section 230’s mechanics, its desired policy consequences would be horrible, and it is misdrafted to advance those objectives.
> It doesn’t bring me any joy to dunk on a bill like this. Like Sen. Hawley’s bill, it almost certainly was meant as a piece of performative art to “play to the base” rather than as a serious policy proposal. But even as performative art, it highlights how Section 230 is grossly misunderstood by politicians inside DC, and it’s a reminder that modifying Section 230 requires extreme care because even minor changes could have dramatic and very-much-unwanted consequences.
The scramble to secure America’s voting machines
> Paperless voting devices are a gaping weakness in the patchwork U.S. election system, security experts say. But among these 14 states and their counties, efforts to replace these machines are slow and uneven, a POLITICO survey reveals.
Very annoying scroll interaction at the top, but eventually some content appears.
Cisco to pay $8.6 million fine for selling government hackable surveillance technology
> Cisco has agreed to pay $8.6 million to settle a claim it sold video surveillance software it knew was vulnerable to hackers to hospitals, airports, schools, state governments and federal agencies. The tech giant continued to sell the software and didn’t fix the massive security weakness for about four years after a whistleblower first alerted the company about it in 2008, according to a settlement unsealed Wednesday with the Justice Department and 15 states as well as the District.
This is a new wrinkle in the disclosure debate. Refuse to patch, pay out later. But 10 years seems like a very long timeline.
Moxie Marlinspike on encryption bans
> Host Molly Wood spoke with Moxie Marlinspike, founder and CEO of the private chat app Signal Messenger, about what a ban on encryption — or giving law enforcement a back door to messages — might mean. The following is an edited transcript of their conversation.
The Roots of Boeing’s 737 Max Crisis: A Regulator Relaxes Its Oversight
> In the days after the first crash of Boeing’s 737 Max, engineers at the Federal Aviation Administration came to a troubling realization: They didn’t fully understand the automated system that helped send the plane into a nose-dive, killing everyone on board.
> Engineers at the agency scoured their files for information about the system designed to help avoid stalls. They didn’t find much. Regulators had never independently assessed the risks of the dangerous software known as MCAS when they approved the plane in 2017.
> So one way of extending political time horizons and increasing is to age-weight votes. The idea is that younger people would get more heavily weighted votes than older people, very roughly in proportion with life expectancy.
I suspect this has very little chance of becoming reality.
Who Can Pay Venezuela’s Debts?
> Also racing sponsorships, credit ratings, ice-water celebrations and Trump on crypto.
This was a good one.
The New York City passport office
> The New York passport office. Wow. Where to begin?
Why Nasa’s next Moon mission can’t be an Apollo retread
> There is a familiar question asked of politicians, entrepreneurs and innovators: if you were to do it all again, what would you do differently?
> At Nasa headquarters, they’re fielding almost the opposite inquiry. Why don’t you just do it the same? If you managed to put Neil Armstrong and Buzz Aldrin on the Moon five decades ago, why is it so hard to do it now?