Feeds:
Posts
Comments

Archive for the ‘technology’ Category

As Social Critic readers know, there has been no blow-by-blow effort to dissect news of the ongoing Trump-Russia investigation. The reason? Doing so relies too heavily on speculation. Until special counsel Robert S. Mueller III weighs in, the jury remains out. Of course, that hasn’t stopped a bifurcated mainstream media from leaving little doubt in the minds of their respective readers and viewers as to how guilty — or innocent — President Trump is of Russia-collusion allegations. Caught between the competing partisan wings of the American media, one can expect that from time to time key “dots” will fail to connect in the public mind. This is one such time.

The first under-reported development centers around the revelation that FBI Director James Comey, according to the Inspector General Michael E. Horowitz, made use of a Gmail account to transact FBI business. This is relevant not simply in the context of whether or not classified information may have been conveyed over a Gmail account — which Comey denies — but because the Russian “hack” began with phishing emails.

Phishing is not a new phenomena. It occurs when an email user opens an attachment or clicks a link to a website that falsely appears to be legitimate for the purpose of changing a password, address or updating an account. Virtually all email users — particularly those who make use of “freebie” Internet accounts such as Yahoo!, Hotmail and Gmail — are subjected to phishing attempts. Typically these efforts, when successful, lead to the theft of payment information, infection of one’s computer with malware or a ransomware attack in which a criminal entity attempts to gain control of a user’s computer to hold personal data hostage until the victim agrees to pay a fee.

Phishing is nothing new. This method of accessing business and personal data has existed since the 1990s — a reason computer users have been admonished for years to keep their antivirus software up-to-date, not to open unsolicited email attachments or follow outbound links. However, early on in the reporting on the Russian hack, the fact that the meddling was facilitated by the use of a non-secured email account — Gmail in the case of Hillary Clinton’s campaign chairman — was lost, and media began to employ shorthand to convey what occurred: “hack“.

To be clear, it is essential that the Department of Justice continue in their efforts to root out any and all forms of foreign interference in our electoral process. As the Mueller investigation continues, however, a “teachable moment” remains largely overlooked. The degree to which high-level political figures are vulnerable to surveillance at the hands of hostile actors, foreign or domestic, ought to concern all Americans regardless of party affiliation. After all, it’s not just national security that’s on the line when sensitive information falls into the wrong hands. Also at stake is the all-too-real possibility that our elected leaders and high-level government officials may be extorted or blackmailed using data hostile actors obtain.

Despite the knowledge that Gmail accounts are not “locked down” by government cybersecurity measures, former FBI Director James Comey also made use of a Gmail account to transact FBI business. In other under-reported news, we learn that Sec. Clinton’s use of a private email server was also allegedly hacked by a foreign entity. This contradicts the FBI’s repeated assurances that Sec. Clinton, while “careless”, was not compromised while serving as Secretary of State.

For those who have been scratching their heads as to how the FBI characterized Sec. Clinton’s use of a private email server in her official capacity as Secretary of State as “careless” (not a crime) vs. “negligent” (or similar prosecutable offense), we have an answer. No less than FBI Dir. Comey engaged in his own unsafe email practices — practices that may have violated the terms of his own security clearance! — which carry an inherent risk of exposing our most trusted government agencies to criminal, if not foreign, manipulation.

There is no telling how many other top government staffers are carrying on much the same as Sec. Clinton and former FBI Dir. Comey. However, it isn’t a stretch to imagine that crossover between employer-supplied computers, accounts and smartphones and personal devices and accounts — blurring lines between work and personal use — are a widespread practice. (Indeed, the IG report confirms that Sec. Clinton’s top aides were also using the likes of Yahoo! and other non-secured personal email accounts.) Conceivably, because “everybody’s doing it” — high-level officials mixing the use of government-issued accounts and devices and personal accounts and devices “as a matter of convenience”, as Sec. Clinton put it — the FBI has lost its will to prosecute anyone for engaging in an all-too-common security violation. (Potentially, it would cost too many people across too many agencies their security clearances. Worse, it would open up too many individuals to prosecution — in which case it would not follow for the FBI to “single out” Sec. Clinton, particularly in the midst of a presidential campaign.)

The drama of the past two years in many ways lands at the feet of President Trump, who’s controversial rhetoric and off-the-cuff remarks on Twitter are a never-ending source of consternation on any given news day. And yet the broader concern — a concern that transcends the present administration — is how we will protect the integrity of government institutions and the sanctity of the American electoral process going forward.

Responding to this challenge in a way that translates political outrage over Russian interference into constructive reform will require us to return to a topic far more fundamental than the partisan spin that characterizes so much of our political news: legislative reform. Campaign workers and top government officials, elected or non-elected, must be compelled to play by the same security rules rank-and-file government employees must observe every single day as a means not only to safeguard their security clearances but the institutions of government in which they serve.

While media coverage of IG report revelations often amounts to little more than a staking out of the usual partisan corners on the Trump-Russia investigation, the report also serves as a sobering reminder to observe best practices in every aspect of our political process. Recovering from this contentious and bitter period in American politics isn’t going to happen simply because Donald Trump’s time in office ends — be it to term limits, indictment or impeachment. We must come to terms with the fact that intrusion by hostile criminal elements — threats within and without — are an unyielding reality of today’s digitally-dependent society.

Among the WikiLeaks revelations that received little attention in the wake of the Democratic National Convention hack appears an email written by Eric Walker, a deputy communications director. Walker titled an email he sent to other DNC staffers “‘The dumbest thing I’ve ever read’, which linked to a Buzzfeed headline: ‘These Experts Think The DNC And RNC Are Both Horrible At Cybersecurity.'”

The 2016 article critiques the Democratic and Republican National Committees, alike, for giving out USB drives at events. Walker’s flippant response to a legitimate cybersecurity threat? “The thesis: we hand out thumb drives at events, which could infect the reporters/attendees’ computers,” he writes. “So that means that we’re bad at cybersecurity. Okay.”

Never again should American citizens learn that those who work for political causes or government agencies take a cavelier view of the risks they are taking with the fragile public trust. Russians meddling in the election is bad enough — yet it’s only part of the story. What matters in the long term is how many more doors into the very heart of America’s political and national security interests we ourselves leave wide open.

As we approach 25 years into this so-called Digital Revolution, Congress should demand a higher standard of accountability for all campaign staffers and security-clearance holding federal employees who deviate from secured government systems for routine — let alone sensitive — communications.  The federal government is overdue for “zero tolerance” cybersecurity legislation. Absent such reform, we can be sure that foreign interference will remain a fact of life not only during elections — with predictably chaotic, divisive and demoralizing results — but in lesser-appreciated day-to-day government operations. Reinvesting in the integrity of our government institutions and the validity of our electoral process is to recognize the paramount role of cybersecurity for which ignorance of such risks is no longer a valid excuse.

###

 

Advertisements

Read Full Post »

Journalism is in the midst of a slow-motion crisis.

When I was in journalism school, students learned how to write using the “inverted pyramid” approach. The inverted pyramid is a style of writing that dates back to the days when paper real estate — in a print newspaper — was limited. Editors who wished to make room for breaking stories needed the option to lop the bottom of the story off with minimal risk of omitting critical details. The inverted pyramid calls for the most vital aspects of a story to appear at the top. This allows editors more flexibility while recognizing the fact that not all readers make the page jump to continue reading an article that concludes elsewhere. As a result, it was important then — as it is now — to lead with the most relevant details. A properly crafted story lede (introduction) encapsulates the basics: Who?, What?, When?, Where? and Why?.

In the Digital Era print real estate isn’t the limiting factor it once was. But there are indications the digital medium has shortened readers’ attention spans. It is of vital importance, as a result, to impart key facts “up top” — if only because web viewers are likely to skim content and move on.

Something, however, has changed in the way a lot of news organizations craft and promote stories. Call it sloppiness — lax editing — or journalistic “spin”. Some of the most controversial stories to appear in mainstream media are prefaced by misleading headlines on social media — titles that don’t square with a complete read of the content. Misleading headlines on social media posts are far from the only problem, however. Take, as an example, two contradictory narratives: Person/institution “X” and person/institution “Y” disagree over who did what or why. What should a responsible journalist do with this unwieldy story line? The answer is to disclose the ambiguity very early on  — to make clear to readers that a situation is in flux and/or that key aspects of the story are in dispute.

(more…)

Read Full Post »

If one were to jump into a time machine to travel back to 1995 or thereabouts, what would the publishers of newspapers and magazines have to say about the “Internet”? One might assume, at first glance, that the Internet would be a publisher’s dream: unprecedented reach beyond the usual regional scope, access to new readership, more advertising opportunities and expanded market share. But that’s not what happened. Hundreds of publishers, both regional and national, found themselves struggling, instead, to make sense of how to translate the digital venue into an improved bottom line. It didn’t help that this digital medium spawned a paradox: more readers, less circulation; more ad potential, less ad revenue. The very same readership who could be reached at unlimited distance through the Internet now enjoyed a smorgasbord of competing blogs, news and social media outlets from which to gather information. It proved too much, too fast, leaving print media to quibble over an increasingly fragmented market. That the print industry is struggling to remain afloat is widely appreciated now. But what’s only beginning to be appreciated is that much of the economy — bricks-and-mortar retailers, in particular — will face the same paradox: greater sales reach in the face of diminishing returns.

The chopping axe is coming for the traditional retail space now. But are retailers any better prepared than their print news counterparts?

Retail as We Know It — but for How Long? (more…)

Read Full Post »

Older Posts »