[Plura-list] A grifter's border wall is about to fall into the Rio Grande; Hong Kong law threatens people all over the world; 1000+ accidental trigger-phrases for smart speakers

Cory Doctorow doctorow at craphound.com
Thu Jul 2 14:00:29 EDT 2020

Today's links

* A grifter's border wall is about to fall into the Rio Grande: Who knew
the Rio Grande was such a big river?

* Hong Kong law threatens people all over the world: China claims the
right to kidnap anyone, anywhere.

* 1000+ accidental trigger-phrases for smart speakers: You bugged yourself.

* Roller derby's brilliant re-opening plan: A template for global sport.

* Unauthorized seat: BMW drives you straight to the Internet of Shit.

* Don't Believe Proven Liars: The absolute minimum standard of prudence
in merger scrutiny.

* This day in history: 2010, 2015, 2019

* Colophon: Recent publications, upcoming appearances, current writing
projects, current reading


🏂🏿 A grifter's border wall is about to fall into the Rio Grande

Headlines are hard, but every now and again, someone just *nails it*,
like whoever wrote this Propublica hed: "He Built a Privately Funded
Border Wall. It’s Already at Risk of Falling Down if Not Fixed," over a
story by Jeremy Schwartz and Perla Trevizo.


That hed captures so much about the story, but read it all anyway, so
you can learn how Tommy Fisher, a trumpy grifter, conned the USG out of
*billions* to build border walls by going on Fox News to talk up his
incredible, red-tape-cutting prowess.

Fisher's showroom is "the Lamborghini of walls" (now *there's* an
American comparison!) that he privately built on the banks of the Rio
Grande, which won him $1.7B+ in federal wall-building contracts in Arizona.

But Fisher somehow didn't realize that the Rio Grande was a, uh, BIG
river, and that it would quickly erode the footings of his Italian
sportscar of a wall, putting it at risk of being swept into the Gulf of
Mexico (hey, there's some irony for ya!).

Now, say what you will about the US government, it was able to tell that
Fisher was a dangerous grifter from the get-go. Fisher was rejected by
the DHS and Army Corps of Engineers, but he had a canny strategy.

By repeatedly going on Fox News and talking up his skills, he convinced
Trump himself to get him put on the list of qualified bidders.

It was Fisher's imperilled wall that won him Trump's approval, because,
apart from the fact that it is about to be washed away to sea, it was
perfect in every respect.

It was funded by donations from "We Build the Wall," a money-sink for
gullible xenophobes overseen by Tom Tancredo, David Clarke, Kris Kobach
and Steve Bannon.

Its founder, Brian Kolfage, talked up how it could be built better and
cheaper than anything a USG egghead would design: "The best engineers in
the world designed this for floods, not government employees." That's
some powerful Lyle Lanley Monorail vibe right there.

Anyway, now it's going to be washed away. Perhaps it will form a useful
artificial reef? Or maybe it will lodge across the river and provide a
handy footbridge for asylum seekers?


🏂🏿 Hong Kong law threatens people all over the world

A year ago, it seemed the whole world was glued to the incredible
protests out of Hong Kong, which were a masterclass in both street- and
cyber-countermeasures, as Hong Kong people bootstrapped a protest over a
bad law into a popular independence movement.

But Beijing outwaited the protesters. The new "National Security Law"
goes far further than the extradition law that kicked off last year's
#612strike, and it passed on Jun 30.

Incredibly, the text of the law was kept secret from the public *and
Hong Kong's lawmakers* (including Chief Exec Carrie Lam) until moments
before its passage.


The law imposes life sentences for four nebulously defined offenses
("secession, subversion of state power, terrorism and collusion with
foreign entities"), and provides for secret, jury-less trials that
needn't be held in Hong Kong.


The law also mandates "national security education" in Hong Kong
schools, with Beijing-designed curriculum, finally implementing an
unpopular 2012 law that was defeated after public opposition.

It also implements 2016's failed proposal to require HK lawmakers to
swear loyalty oaths to Beijing. It prohibits the mainstream opposition
movements in HK.

The law permits Chinese forces to kidnap anyone, anywhere - whether or
not they are from or reside in HK or are Chinese or HK nationals - to
face punishment.

You may remember that in 2018, Chinese authorities kidnapped dissident
booksellers and brought them to the mainland so that their coerced
apologies for their opposition to the Xi regime could be broadcast
around the world.


Arrests under the new law have already begun, including a 15-year-old
girl arrested for waving a pro-independence flag at a demonstration.



🏂🏿 1000+ accidental trigger-phrases for smart speakers

In "Unacceptable, where is my privacy?" - a forthcoming computer science
paper - a group of researchers from Ruhr University Bochum and the Max
Planck Institute for Security and Privacy identify 1000+ keywords that
can erroneously wake smart speakers.


When that happens the speakers begin to capture sound from around them
and transmit it to the corporations that manufactured them, who both
retain the accidental audio and periodically transmit it to
subcontractors who review and transcribe the audio.


Many accidental wake-words are commonly spoken in radio, TV and
podcasts, and are a part of typical conversations, meaning that anyone
who owns a smart speaker is likely frequently uninentionally triggering it.

For example, saying the world "Election" can wake your Alexa.

While the companies' practices (retaining and retransmitting captured
speech) make this worse, it's bad on its own, and the best fix for it is
to not own any of these devices, period.


CC BY (modified):


🏂🏿 Roller derby's brilliant re-opening plan

Sport leagues all over the world are wrestling (!) with how and when to
reopen. Mostly they're doing a terrible job, with one amazing, shining
exception: roller-derby.

The Women’s Flat Track Derby Association's guidelines, developed by a
group of athlete-experts, are amazing.


As Christie Aschwanden writes in Wired, the plan has won praise from
epidemiologists for "its specific and data-based benchmarks, for its
grounding in science and 'basic infection-control principles.'"


Its obvious superiority has attracted attention from all sorts of sports
leagues, all over the world.

Most importantly is its relationship to local infection conditions,
using local public health guidelines as benchmarks for seven stages of
re-opening for Derby.

Tier 1 ("limited group practices...with no physical contact between
players") is permissible when health authorities lift "stay-at-home
orders or proximity restrictions," permit "public congregations of at
least 50 people" where "public transportation is fully functional."

Beyond that, Tier 1 can only occur when there have been fewer than 5
positive cases per 10,000 people for at least 14 days.

Each tier steps through its own benchmarks, but even more importantly,
new conditions automatically trigger reversion to stricter tiers.

Included in the guidelines are rules for when and how audiences can
return to matches, praised by Emory University epidemiologist Zachary
Binney: "It’s so nice to see a clear, unambiguously right take."

While the guidelines are highly specific and thoughtful, the principles
that guide them are admirably succinct: "See what’s happening, take
small steps, step off whenever something is concerning." -
Biostatistician Mikaela Kosich (derby name: Bubble Wrath).


🏂🏿 Unauthorized seat

In my novella Unauthorized Bread, I explore how "smart" devices can be
turned into rent-extraction services, enabling firms to convert the
property we own into systems that we license, with the terms
renegotiable at any moment.


Under these conditions, companies can realize the age-old monopolist's
dream of controlling their risk by unilaterally imposing restraints on
their competitors, customers and critics.

And since laws like Section 1201 of the DMCA ban tampering with these
enforcement systems, firms can literally make it a crime to displease
their shareholders - it's "Felony Contempt of Business-Model."

For example, a company can define some of the value you get out of your
property (like using ink of your own choosing in your printer) as a
"feature" and charge anything they want for it. They can also cancel
that feature if they decide it's not good for them anymore.

And since laws (like copyright and patent) prohibit third parties from
making interoperable products that can restore the feature - a mod-chip,
a third-party ink cartridge, a plug-in - companies get to decide who can
compete with them and how.

Say you make a mobile phone and you want your customers to throw away
their devices and buy new ones every two years: you can design the phone
so that repairing it requires bypassing a copyright lock.

That makes it a crime for anyone except you to fix that phone, and you
can decline to fix phones that are more than two years old. Anyone who
attempts a competing, unauthorized repair breaks the law.


But remember, this Felony Contempt of Business Model isn't just a
license to dictate how your competitors and customers must act - it also
allows you to muzzle your critics.

Digital systems contain subtle and potentially lethal security defects.
The most reliable way for these defects to be discovered and repaired is
for independent third parties to conduct unauthorized, unconstrained
audits of products we trust with our data and even our lives.

In particular, companies should never - for obvious reasons - get a say
in who can tell the public about defects in their products or how they
can say it. Companies are not neutral custodians of true disclosures
regarding expensive mistakes they made.

When companies uses digital locks to restrict access to code in their
devices, they can use these laws to punish people both for researching
their products and for disclosing what they find.

EFF is suing the US government to end this.


When corporations have the right to control their critics, customers and
competitors, we have no hope for technological self-determination - the
right to decide which technology we use and how we use it.

So of course, corporations love this. It's a way to make money by
bullying your customers, rather than by wooing them with your amazing

Oh hai, BMW.


BMW is reinventing their cars as a "platform" - that is, a device where
they (and they alone) can arbitrarily add or remove features at any
price they choose, subject only to terms of service whose only option is
"I agree" or "I no longer have a car."

Which over-the-air "options" will BMWs have? "Everything from advanced
safety systems like adaptive cruise and automatic high-beams to other,
more discrete options like heated seats."

"Imagine pressing the seat heater button only to be prompted to renew
your subscription, or having to pay extra to get an engine note on your
new M4 that suits your sensibilities. All this is possible -- and
likely. And, frankly, ugly." -Tim Stevens, Cnet

Stevens is right, but this is just the tip of the iceberg. Implicit in
car-as-platform is car-as-monopoly-platform, car-as-company-store. This
only works if BMW's competitors are prohibited from simply unlocking
this functionality.

That is, it only works if BMW - and not you - get to decide which
software runs in your car. This may sound like a safety feature but
having the power to load and unload the code in every BMW guarantees
that governments will order BMW to do so when it suits their needs.

This is the lesson Apple learned when it made a phone that Apple - and
Apple alone - could approve software for. The murderous Chinese
government showed up and said, "Remove any software that makes it
impossible to spy on our people."


If you *can* do it, someone might *make you* do it.


CC BY (modified):


🏂🏿 Don't Believe Proven Liars

One of the commonest ways for competitive market economies to turn into
monopolies is when companies are allowed to merge with major competitors
or acquire new companies that might grow to threaten them.

This leads to "moneyball" markets where companies grow because they have
money, not because they make things we love.

In the pre-Reagan era, it was routine for the DoJ to block mergers on
this basis but in the decades since, the DoJ has moved to a posture of
permitting even the most indefensible mergers to monopoly.


The DoJ's position is that all it needs to do to keep monopolists from
abusing their power is to tie merger permission to good conduct promises
- like Facebook's promise that it would not combine Instagram and
Whatsapp data with its other sources.


This is a poor substitute for simply blocking monopolies.

Which is bad enough, but it gets worse.

Companies routinely lie about what they will and won't do after a merger.

Which is bad enough, but it gets worse.

Even *after* a company has lied in order to get a merger past the DoJ,
the *same* companies are allowed to tell the *same* lies when they're
attempting their next merger.

And their next.

And their next.

As GW Bush said, "Fool me once, shame on — shame on you. Fool me — you
can't get fooled again."

In a new post for EFF Deeplinks, I propose the absolute minimum standard
of prudence in merger scrutiny:

"If a company breaks a promise, and then it makes the same promise when
seeking approval for a merger, we should not believe it."



🏂🏿 This day in history

#10yrsago Riepl's Law: how future media compost the past

#10yrsago Canadian copyright astroturfers own up: front for US labels

#5yrsago Fracketeering: Life in a capitalist sci-fi horror story

#5yrsago Judge hires lawyer to threaten court over jury summons

#5yrsago How the NSA searches the world's intercepted private

#5yrsago Brown fat therapy reverses Type I diabetes in mouse trial

#1yrago Why is the American Medical Association finally weighing to
oppose anti-abortion bills

#1yrago Chinese authorities are secretly installing their anti-Uyghur
surveillance app on the phones of tourists to Xinjiang province

#1yrago Trump defeated: 2020 Census will not contain citizenship

#1yrago "Just don't have a face": what it's like to opt-out of US
airports' "optional" face recognition

#1yrago Using machine learning to pull Krazy Kat comics out of giant
public domain newspaper archives https://joel.franusic.com/krazy_kat/about/

#1yrago Mysterious New Orleans "anti-crime" camera emblazoned with NOPD
logos outside surveillance contractor's house is disavowed by NOPD

#1yrago Podcast: Fake News is an Oracle

#1yrago How Boris Johnson's "model bus hobby" non sequitur manipulated
the public discourse and his search results


🏂🏿 Colophon

Today's top sources: Slashdot (https://slashdot.org/).

Currently writing:

* My next novel, "The Lost Cause," a post-GND novel about truth and
reconciliation. Yesterday's progress: 0 words (32358 total).

Currently reading: Anger Is a Gift by Mark Oshiro

Latest podcast: Someone Comes to Town, Someone Leaves Town (part 08)

Upcoming appearances:

* In Conversation with Hank Green, Jul 10,

Upcoming books: "Poesy the Monster Slayer" (Jul 2020), a picture book
about monsters, bedtime, gender, and kicking ass. Pre-order here:
https://us.macmillan.com/books/9781626723627. Get a personalized, signed
copy here:

"Attack Surface": The third Little Brother book, Oct 20, 2020.

"Little Brother/Homeland": A reissue omnibus edition with a new
introduction by Edward Snowden:
https://us.macmillan.com/books/9781250774583; personalized/signed copies

This work licensed under a Creative Commons Attribution 4.0 license.
That means you can use it any way you like, including commerically,
provided that you attribute it to me, Cory Doctorow, and include a link
to pluralistic.net.


Quotations and images are not included in this license; they are
included either under a limitation or exception to copyright, or on the
basis of a separate license. Please exercise caution.


🏂🏿 How to get Pluralistic:

Blog (no ads, tracking, or data-collection):


Newsletter (no ads, tracking, or data-collection):


Mastodon (no ads, tracking, or data-collection):


Twitter (mass-scale, unrestricted, third-party surveillance and


Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):


*When life gives you SARS, you make sarsaparilla* -Joey "Accordion Guy"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://mail.flarn.com/pipermail/plura-list/attachments/20200702/3686c1d6/attachment.sig>

More information about the Plura-list mailing list