Via Bruce Schneier (and other sources), the Australian government suffered one of its worst-ever disclosures of secrets caused by not looking through used furniture:
It begins at a second-hand shop in Canberra, where ex-government furniture is sold off cheaply.
The deals can be even cheaper when the items in question are two heavy filing cabinets to which no-one can find the keys.
They were purchased for small change and sat unopened for some months until the locks were attacked with a drill.
Inside was the trove of documents now known as The Cabinet Files.
The thousands of pages reveal the inner workings of five separate governments and span nearly a decade.
Nearly all the files are classified, some as "top secret" or "AUSTEO", which means they are to be seen by Australian eyes only.
But the ex-government furniture sale was not limited to Australians — anyone could make a purchase.
And had they been inclined, there was nothing stopping them handing the contents to a foreign agent or government.
The found documents ranged from embarrassing (to both major Australian parties) to seriously top secret (troop deployments, police investigations). In response, the Australian government is calling for increased penalties for publishing or even possessing secret documents—but as Schneier points out, in this case that would have made the breech immeasurably worse for Australia:
This illustrates a fundamental misunderstanding of the threat. The Australian Broadcasting Corp gets their funding from the government, and was very restrained in what they published. They waited months before publishing as they coordinated with the Australian government. They allowed the government to secure the files, and then returned them. From the government's perspective, they were the best possible media outlet to receive this information. If the government makes it illegal for the Australian press to publish this sort of material, the next time it will be sent to the BBC, the Guardian, the New York Times, or Wikileaks. And since people no longer read their news from newspapers sold in stores but on the Internet, the result will be just as many people reading the stories with far fewer redactions.
In all, it's a reminder of the security adage that no security system can completely protect against human stupidity.
I got a weird text from T-Mobile a few minutes ago:
T-Mobile Alert: We have identified an industry-wide phone number port out scam and encourage you to add account security. Learn more: t-mo.co/secure
Well, that does not sound good.
And it's not. Apparently thieves have found that American mobile phone providers are unusually helpful when it comes time to steal mobile phone numbers (called "SIM hijacking") or to port those numbers to third-party mobile providers. In both cases, the thieves now have a way to bypass any three-factor authentication (TFA) you may have set up with, for example, your bank.
T-Mobile at least offers a service called "Port Authentication" which lets you set up a 6- to 16-digit PIN that you must have to make any changes to your account—like, for example, getting a new SIM. After getting the text alert, and validating it with trusted online sources, I immediately called 611 and set up port authentication.
There are a couple of other things you should do:
- Lock your phone all the time, with something very hard to subvert, like a strong password. If you must use a convenience feature like iris or fingerprint authentication, make sure the phone still requires a password on reboot.
- Set your phone up so that it doesn't display the contents of texts or IMs when your phone is locked.
- Encrypt your phone, so that even if all your other security is bypassed, you won't be stuck.
Seriously, this all costs you nothing and can save you a fortune.
In all seriousness, self-cloning crayfish are kind of freaky:
In 2003, scientists confirmed that the marbled crayfish were indeed making clones of themselves. They sequenced small bits of DNA from the animals, which bore a striking similarity to a group of crayfish species called Procambarus, native to North America and Central America.
For nearly two decades, marbled crayfish have been multiplying like Tribbles on the legendary “Star Trek” episode. “People would start out with a single animal, and a year later they would have a couple hundred,” said [German biologist Frank] Lyko.
Many owners apparently drove to nearby lakes and dumped their marmorkrebs. And it turned out that the marbled crayfish didn’t need to be pampered to thrive. Marmorkrebs established growing populations in the wild, sometimes walking hundreds of yards to reach new lakes and streams. Feral populations started turning up in the Czech Republic, Hungary, Croatia and Ukraine in Europe, and later in Japan and Madagascar.
Cloning works in the short term, but not for very long. Sex is useful in fighting disease:
If a pathogen evolves a way to attack one clone, its strategy will succeed on every clone. Sexually reproducing species mix their genes together into new combinations, increasing their odds of developing a defense.
The marbled crayfish offers scientists a chance to watch this drama play out practically from the beginning. In its first couple decades, it’s doing extremely well. But sooner or later, the marbled crayfish’s fortunes may well turn.
“Maybe they just survive for 100,000 years,” Dr. Lyko speculated. “That would be a long time for me personally, but in evolution it would just be a blip on the radar.”
One question the Times did not answer: how do they taste?
Over the weekend I made a couple of minor updates to Weather Now, and today I'm going to spend some time taking it off its Azure Web Role and moving it to an Azure Website. That will (a) save me money and (b) make deployments a lot easier.
Meanwhile, a number of articles bubbled up overnight that I'll try to read at lunchtime:
Back to Azure deployment strategies.
Speaker of the House Paul Ryan tweeted early yesterday the great news about the tax breaks ordinary people are experiencing:
Never mind all the Democrats who call the GOP’s tax bill a deficit-busting giveaway to the rich; House Speaker Paul D. Ryan has been enthusiastically promoting it as a middle-class tax windfall.
He’s been coaching other Republican lawmakers to sell the $1.5 trillion tax cut to voters, and telling people on Twitter to check their paychecks for wage hikes. The bill — which was deeply unpopular when it passed along party lines in December — is now breaking even in a new opinion poll.
So Saturday morning, by way of good news, Ryan’s Twitter account shared a story about a secretary taking home a cool $6 a month in tax savings.
Wow. An extra $1.50 a week will make a huge difference to that taxpayer. That might even let her eat cake.
Confronted with the options that these guys are master strategists or they're not even thinking about their next move, Occam's Razor suggests we're dealing with serious stupidity here:
The war between the president and the nation’s law enforcement apparatus is unlike anything America has seen in modern times. With a special counsel investigating whether his campaign collaborated with Russia in 2016 and whether Mr. Trump obstructed justice in 2017, the president has engaged in a scorched-earth assault on the pillars of the criminal justice system in a way that no other occupant of the White House has done.
At the start of his administration, Mr. Trump targeted the intelligence community for his criticism. But in recent months, he has broadened the attacks to include the sprawling federal law enforcement bureaucracy that he oversees, to the point that in December he pronounced the F.B.I.’s reputation “in tatters” and the “worst in history.”
In his telling, that bureaucracy, now run by his own appointees, is a nest of political saboteurs out to undermine him — an accusation that raised fears that he was tearing at the credibility of some of the most important institutions in American life to save himself.
This is insane. Even the Republicans in Congress who are enabling this behavior must know, on some level, it's insane.
In other news, the next presidential term begins in only 1,081 days...
Today I plan to take Parker on a decent walk before it gets cold and starts snowing. I'm also working on a couple of minor updates to Weather Now, including looking into creating an API against which I can write a React/Relay front-end.
Also I have a lot of reading to catch up on, some of which I may write about.
In other words: a quiet Saturday at home.
I am not a parent (apparently). But for my friends who are, there is help:
Aside: how the hell is it already February?
Moving on. Two more articles popped up about Tuesday night's State of the Union speech. First, via Deeply Trivial, Andrea Jones-Rooy at 538 points out that very little of what presidents propose in the SOTU actually gets enacted:
From Lyndon Johnson to Barack Obama, according to [Donna Hoffman and Alison Howard], presidents made an average of 34 proposals in each State of the Union or initial address to a joint session of Congress. The most requests a president made during this period were Bill Clinton’s 87 in 2000. The fewest were just nine by Jimmy Carter in 1980.
About 25 percent of policy announcements were ultimately successful, according to Hoffman and Howard’s definition of success, which is a complete enactment of the president’s recommended policy within a year of the address. They grade 14 percent more as partial successes — times when the president got a portion of the policy he asked for. The average policy agenda success rate increased to 32.7 percent when a president’s party controlled both houses of Congress, which Trump’s does.
Altogether, an average of 60.6 percent of policy proposals mentioned in the State of the Union never materialized, suggesting that any one request from Trump is more likely not to be turned into legislation. The least successful — or, if you prefer, most ambitious — president since Johnson was Gerald Ford, with a 71.4 percent failure rate over his time in office. Johnson was the most successful — or, if you prefer, most realistic — with a 47.1 percent failure rate.
Given a hostile minority and a comical lack of bipartisanship, I don't expect much of the president's program to survive until the election.
Meanwhile, James Fallows—who has written parts of SOTUs in his life—annotates this one.