Now that I'm more than two weeks past my second Pfizer jab, I'm heading to O'Hare tomorrow for the first time since January 2020. I remember back in September 2018 when I finally broke my longest-ever drought from flying of 221 days. Tomorrow will mark 481 days grounded.
But that's tomorrow. Today, I'm interested in the following:
And finally, Chicago's endangered piping plovers Monty and Rose have laid three eggs. We should see baby piping plovers in about four weeks.
A supporter of the XPOTUS has organized, with the help of the Arizona State Senate, a private hand-recount of Maricopa County's ballots. Apparently they're looking for bamboo fibers? Yeah, it's just as crazy as it sounds:
On the floor of Veterans Memorial Coliseum, where Sir Charles Barkley once dunked basketballs and Hulk Hogan wrestled King Kong Bundy, 46 tables are arrayed in neat rows, each with a Lazy Susan in the middle.
Seated at the tables are several dozen people, mostly Republicans, who spend hours watching ballots spin by, photographing them or inspecting them closely. They are counting them and checking to see if there is any sign they were flown in surreptitiously from South Korea. A few weeks ago they were holding them up to ultraviolet lights, looking for a watermark rumored to be a sign of fraud.
The 2.1 million ballots were already counted by Maricopa County election officials in November, validated in a partial hand recount and certified by Gov. Doug Ducey. Two extra audits confirmed no issues. No evidence of fraud sufficient to invalidate Joe Biden’s narrow victory in Arizona and Maricopa County has been found.
Still, counters are being paid $15 an hour to scrutinize each ballot, examining folds and taking close-up photos looking for machine-marked ballots and bamboo fibers in the paper. The reason appears to be to test a conspiracy theory that a plane from South Korea delivered counterfeit ballots to the Phoenix airport shortly after the election.
When the recount started, the ballots were viewed under ultraviolet light to check for watermarks. A theory popular with QAnon followers has it that Trump secretly watermarked mail ballots to catch cheating.
Meanwhile, our named adversary, Russia, continues to disrupt our economy with impunity because people don't know how to do security.
Spring has gone on spring break this week, so while I find the weather pleasant and enjoyable, it still feels like mid-March. That makes it more palatable to remain indoors for lunch and catch up on these stories:
And finally, via Bruce Schneier, Australia has proposed starting cyber-security training in Kindergartens.
We have gloomy, misty weather today, keeping us mostly inside. Cassie has let me know how bored she is, so in the next few minutes we'll brave the spitting fog and see if anyone else has made it to the dog park.
All right, off to the damp dog park.
Happy 51st Earth Day! In honor of that, today's first story has nothing to do with Earth:
Finally, it looks like I'll have some really cool news to share about my own software in just a couple of weeks. Stay tuned!
The United States Postal Service has a surveillance program that tracks social media posts for law enforcement, and no one can say why:
The details of the surveillance effort, known as iCOP, or Internet Covert Operations Program, have not previously been made public. The work involves having analysts trawl through social media sites to look for what the document describes as “inflammatory” postings and then sharing that information across government agencies.
“Analysts with the United States Postal Inspection Service (USPIS) Internet Covert Operations Program (iCOP) monitored significant activity regarding planned protests occurring internationally and domestically on March 20, 2021,” says the March 16 government bulletin, marked as “law enforcement sensitive” and distributed through the Department of Homeland Security’s fusion centers. “Locations and times have been identified for these protests, which are being distributed online across multiple social media platforms, to include right-wing leaning Parler and Telegram accounts.”
When contacted by Yahoo News, civil liberties experts expressed alarm at the post office’s surveillance program. “It’s a mystery,” said University of Chicago law professor Geoffrey Stone, whom President Barack Obama appointed to review the National Security Agency’s bulk data collection in the wake of the Edward Snowden leaks. “I don’t understand why the government would go to the Postal Service for examining the internet for security issues.”
I mean, scraping social media takes only a modicum of technical skills. In the last year I've written software that can scan Twitter and run detailed sentiment analysis on keyword-based searches. But I'm not a government agency with arrest powers. Or, you know, a constitutional mandate to deliver the mail.
Today's end-of-workweek stories:
Finally, today is the 157th anniversary of the surrender of the traitors and the end of the white rebellion in America. (Sounds different these days, doesn't it?)
Microsoft Azure and Office 365 suffered an outage yesterday that affected just about everything in their cloud:
Microsoft Corp. was hit by a massive cloud outage today that took most of its internet services offline.
Microsoft’s Azure cloud services, as well as Teams, Office 365, OneDrive, Skype, Xbox Live and Bing were all inaccessible due to the outage. Even the Azure Status page was reportedly taken offline.
The first reports of the outage emerged from users on Twitter, and were confirmed by the website DownDetector which showed that reports began flooding in at around 5 p.m. ET. It says it received thousands of notices from Xbox Live, Teams and Office users.
Microsoft 365’s Twitter status account posted another update at 6.35 p.m. ET saying that traffic was being rerouted to resilient DNS capabilities and that it was already “seeing an improvement in service availability.”
Today, Microsoft reported as a preliminary root cause "We are continuing to investigate the underlying cause for the DNS outage but we have observed that Microsoft DNS servers saw a spike in DNS traffic." In other words, it looks like they suffered a distributed denial-of-service (DDOS) attack on their internal name servers. The final analysis will come out next Thursday.
This outage was like the familiar "collective amnesia" trope in sci-fi where suddenly none of the characters recognizes any of the others, though they retain their normal personalities and abilities. (See, e.g., Dollhouse and Buffy. Joss Whedon lurves this trope.) For example, The Daily Parker was still running, but no one could get to it because the mapping from www.thedailparker.com to the Microsoft App Service hosting it has to go through Microsoft's internal name servers.
I wonder if this was a DDOS attack from inside the house?
Even though my life for the past week has revolved around a happy, energetic ball of fur, the rest of the world has continued as if Cassie doesn't matter:
And if you still haven't seen our spring concert, you still can. Don't miss it!
I'm shaking my head at email service provider Postmark, who four weeks ago announced they would be phasing out support for TLS 1.0 (a network security protocol). I understood this when they announced it in February, 60 days ahead of their cutover to TLS 1.2, but didn't think it applied to anything of mine. This morning they sent a more focused email saying, "you're getting this email because we can see that this applies to you." Panic ensues.
Why panic? Because almost everything I've developed in the last 12 years depends on Postmark for email messaging, and the way they worded their notice, it seemed like all of those apps will fail on April 20th. And the only documentation they supplied relevant to me (and anyone else in the Microsoft universe) was a set of instructions on how to test TLS 1.2 support, not whether this would be a breaking change.
I immediately contacted their support group and said, as nicely as I can, "WTF dudes?" To which they replied, "oh yeah, bummer, dude." So I sent a lengthier reply just now and started digging into their source code. It turns out they're using an out-of-the-box Microsoft component that should transparently switch from TLS 1.0 to TLS 1.2 if asked to do so. I believe, therefore, the affected applications will be fine. In fact, fixing the problem may only require a simple, non-invasive change to Microsoft Azure settings for the affected applications. But I don't know that for sure. And I'm hoping their actual development team will respond with "yeah, no probs, dude, you're cool."
My other headache is literal, from staring at too many screens. So I'll do something else in a moment.